Allow selecting which CRDs to install when using aiven-operator-crds chart

[mortenlj]

In our cluster we want to limit which Aiven services are available to our users.
The best way to solve that would be to only install the CRDs for the services we want to allow.

Would you be open for a PR that allows selecting which services are installed with the aiven-operator-crds chart?

[Serpentiel]

hey, @mortenlj! 👋

we'll discuss this with the team and will get back to you with feedback on your idea soon

thanks!

[mortenlj]

After some testing, we've found that in addition to not installing the relevant CRDs, the operator itself would need to either be configurable, or ignore services if the relevant CRD is missing in the cluster.
Currently the operator will exit the controller goroutine (but not the operator istelf) if a CRD is missing.

[byashimov]

That's correct. It is more about configuring the operator itself. But probably there is a better option with RBAC or any other restrictions. Because it might be inventing a wheel here.

[mortenlj]

Our initial approach is to use RBAC to restrict this, but as an additional measure it would be good to not have the CRD at all.
An additional point is that we see performance issues in the API server when the number of CRDs get excessive, so limiting the number of CRDs to the ones that are actually in use would be a benefit.

We will use RBAC rules for now, as this seems to be less of a "quick win" than we initially thought it would be. Feel free to close if you don't like the idea.

[byashimov]

Limiting resource consuming is a good thing. I'll leave this opened. Thanks for the idea.