ADR 0009: Platform Preflight Resource Contract
Status
Accepted
Date
2026-06-08
Context
Carrier CNFs often depend on CPU isolation, NUMA locality, hugepages, NIC capabilities, SR-IOV, AF_XDP/eBPF, CNI behavior, and pod-security exceptions. These assumptions cannot remain tribal knowledge or comments in deployment manifests.
Decision
Production data-plane readiness is an explicit SDK contract:
opc-node-resourcesmodels resource profiles and node capability reports.- CPU manager, topology manager, isolated/reserved CPU sets, NUMA mappings, hugepage pools, NIC capabilities, and data-plane interfaces are validated.
- AF_XDP/eBPF artifacts require digest pinning, signer/evidence identity, program type, attach point, and allowed capability checks.
- Pod-security exceptions must be minimal and evidence-linked.
- Lab/dev fallback paths fail closed in production.
- Operator admission and config-apply paths consume the preflight report.
Consequences
Production manifests must provide explicit resource profiles and node capability evidence. If evidence is absent, stale, or incompatible, the SDK policy blocks rollout instead of silently downgrading to lab behavior.
The Go reference operator projects this contract into CRD fields but does not replace product-specific operator resource management.
Evidence
crates/opc-node-resources/src/lib.rscrates/operator-lifecycle/src/admission.rscrates/operator-lifecycle/src/config_apply.rsoperators/sdk-reference-operator/api/