There was no newsletter last week, so this update covers changes since 2021-06-11.
<PR ID>: (activity this week / total activity) summary
There were 4 Prioritized Active pull requests:
-
753: (77/136) workload-partitioning: add plan for configuration and enablement ownership (dhellmann)
priority/important-soonThe initial iteration of workload partitioning focused on a short path to a minimum viable implementation. This enhancement describes the loose ends for preparing the feature for GA at a high level, and explains the set of other design documents that need to be written separately during the next iteration.
-
804: (11/28) workload-partitioning: PAO render initial draft (MarSik)
do-not-merge/work-in-progress, priority/important-soonThe Performance addon operator is a day 2 optional operator installed via OLM. However the Workload partitioning feature needs to have some configuration ready at the installation time when PAO is not yet ready. This feature is about adding a
rendermode to PAO that would allow an admin to pre-compute all the Openshift manifests that are needed in a way that prevents any typing mistakes from happening. These generated manifests can then be passed to the installer and later taken over by the PAO reconcile loop. -
802: (6/37) workload-partitioning: WIP Workload partitioning API enhancement (MarSik)
do-not-merge/work-in-progress, priority/important-soonThe overall feature summary is present in the Management workload partitioning feature. This document focuses on how the feature enablement API and its interactions will look like.
- 800: (2/11) updates: capture offline discussion on eus-upgrades-mvp (dhellmann)
<PR ID>: (activity this week / total activity) summary
There were 7 Other Merged pull requests:
-
564: (9/27) cluster-logging: Allowing users to specify a delete policy based on amount of storage used within the ES cluster (ewolinetz)
Currently our index management within OpenShift Elasticsearch is limited to just being time based for rollover and deletion. The goal of this proposal is to introduce and outline extending this to also include amount of storage used. There are a two different ways this can be measured within an ES cluster such as per index and per node -- this proposal will also discuss the differences.
-
642: (5/53) kubelet: Auto Node Sizing (harche)
Nodes should have an automatic sizing calculation mechanism, which could give kubelet an ability to scale values for memory and cpu system reserved based on machine size.
Today the sizing values are passed manually to kubelet using
--kube-reservedand--system-reservedflags. Many cloud providers provide reference values for their customers to help them select optimal values based on the node sizes. e.g. GKE, AKSThis enhancement proposes a mechanism to automatically determine the optimal sizing values for any node size irrespective of the cloud provider.
-
786: (62/315) dns: Add ExternalDNS Operator Enhancement Proposal (sgreene570)
This enhancement proposal is for adding an operator to manage ExternalDNS. ExternalDNS has been chosen for managing external DNS requirements of OpenShift clusters. Initially, the operator will focus on managing external DNS records for OpenShift Routes, in addition to Kubernetes Services. Additionally, a new ExternalDNS operator CRD will be used to initially expose limited ExternalDNS configuration capabilities.
Existing operators will be used to guide the design of the ExternalDNS operator. Tooling will be included to make it easy to build, run, test, etc. the operator for OpenShift, and for vanilla Kubernetes.
- 780: (1/44) cluster-logging: Simplify and clarify JSON forwarding proposal, better examples. (alanconway)
- 792: (3/42) kube-apiserver: kube-apiserver/audit: Add group customRules (sttts)
- 808: (29/29) console: Update the add page customization examples and add hint to use the snippet (jerolimov)
- 809: (39/39) cluster-logging: Updating annotation example due to k8s annotation key restrictions (ewolinetz)
<PR ID>: (activity this week / total activity) summary
There were 4 Other New pull requests:
-
811: (2/2) network: Enhancement proposal for OVN secondary networks (maiqueb)
This enhacement proposal studies and describes how to support OVN as the networking provider for a Multus secondary interface.
-
812: (42/42) node: Add proposal about Node Operator (saschagrunert)
The overall goal of creating this new operator in OpenShift is the encapsulation of CRI-O and kubelet related configurations, metrics and alerts within a single domain and namespace.This provides on one hand a higher flexibility for the Node team, while on the other hand the dependency on external teams gets reduced. In the long-term the Node team would only rely on OpenShift internal APIs to manage the container runtime and kubelet related configurations. Additional deployments for proxying runtime metrics or providing telemetry access are part of this operator, too.
-
813: (3/3) dns: Update ExternalDNS Operator Enhancement (sgreene570)
This enhancement proposal is for adding an operator to manage ExternalDNS. ExternalDNS has been chosen for managing external DNS requirements of OpenShift clusters. Initially, the operator will focus on managing external DNS records for OpenShift Routes, in addition to Kubernetes Services. Additionally, a new ExternalDNS operator CRD will be used to initially expose limited ExternalDNS configuration capabilities.
Existing operators will be used to guide the design of the ExternalDNS operator. Tooling will be included to make it easy to build, run, test, etc. the operator for OpenShift, and for vanilla Kubernetes.
- 810: (2/2) general: tools: update make dependency to build lint image (dhellmann)
<PR ID>: (activity this week / total activity) summary
There were 23 Other Active pull requests:
- 701: (81/139) monitoring: metrics scraping with local authentication and authorization (deads2k)
- 749: (20/175) ingress: NE-310 Enhancement proposal for HSTS route admission plugin (candita)
- 793: (19/113) authentication: describe group syncing for OIDC identity providers (stlaz)
- 773: (11/40) installer: Enhancement proposal for OpenShift IPI on IBM Cloud (jeffnowicki)
- 707: (10/28) installer: Add Enhancement for Installing to Alibaba Cloud (lemondlut)
- 654: (9/20) dns: ARO private DNS zone resource removal (jim-minter)
- 781: (7/67) installer: CORS-1650: RHEL 8 Server Worker/Infra Node Support (mtnbikenc)
- 462: (7/63) ingress: Add client-tls enhancement (Miciah)
- 745: (6/99) security: Security Profiles Operator integration in OpenShift (JAORMX)
- 690: (6/54) api-review: Add repositoryMirrors spec to ImageContentSourcePolicy (QiWang19)
- 747: (6/56) network: Enable Kubernetes NMstate by default for selected platforms (yboaron)
- 371: (5/22) ingress: Add forwarded-header-policy enhancement (Miciah)
- 683: (4/50) insights: Insights Operator pulling and exposing data from the OCM API (tremes)
- 736: (4/104) installer: Add enhancement - IBM Cloud provider for Power Virtual Server platform (jaypoulz)
- 357: (2/241) accelerators: Supporting out-of-tree drivers on OpenShift (zvonkok)
- 475: (2/31) general: enhancements/update/update-blocker-lifecycle: Propose a new enhancement (wking)
- 463: (2/610) machine-api: Describing steps to support out-of-tree providers (Danil-Grigorev)
- 520: (1/15) network: Static IP Addresses from DHCP (cybertron)
- 346: (1/85) installer: Installer pre-flight validations (mandre)
- 146: (1/215) installer: openstack: Add Baremetal Compute Nodes RFE (pierreprinetti)
- 797: (15/18) ingress: custom routes: set up an explicit trust to the oauth-server (stlaz)
- 805: (1/3) general: CONVENTIONS.md: add runlevel documentation (mcoops)
- 538: (1/16) machine-api: update machine-api-usage-telemetry (elmiko)
<PR ID>: (activity this week / total activity) summary
There was 1 Other Closed pull request:
- 691: (1/3) installer: OpenStack root volume AZs (Fedosin)
<PR ID>: (activity this week / total activity) summary
There were 11 Old (labeled as stale, but discussion in last 14 days) pull requests:
- 302: (1/30) kube-apiserver: [thought-experiment] single-node cluster static pod creation (deads2k)
- 492: (1/49) rhcos: add rhcos-inject enhancement (crawford)
- 567: (1/107) machine-api: Added proposal for remediation history (slintes)
- 571: (1/232) network: Cloud API component for egress IP (alexanderConstantinescu)
- 626: (1/39) machine-config: enhancements/machine-config: securing MCS (crawford)
- 661: (1/119) operator-framework-api: New OpenshiftCatalogueValidator (camilamacedo86)
- 673: (1/43) machine-api: short-circuiting-backoff (mshitrit)
- 682: (1/32) alerting: alerting as a feature (dofinn)
- 687: (9/91) storage: Add AWS EFS CSI driver operator (jsafrane)
- 695: (1/26) cluster-version-operator: move CVO upgrades doc to enhancements (deads2k)
- 693: (2/28) general: CONVENTIONS: Add section on limits (smarterclayton)
<PR ID>: (activity this week / total activity) summary
There were 5 Other lifecycle/stale pull requests:
- 562: (0/150) security: Enhancing SCC to Gate Runtime Classes (haircommander)
- 575: (0/75) installer: Installer Enhacement Proposal: Manifests from STDIN (oglok)
- 593: (0/132) general: Add proposal for hiding container mountpoints from systemd (lack)
- 624: (0/20) update: Add: upgrade-blocker-operator (michaelgugino)
- 676: (0/2) kube-apiserver: api compatibility (sanchezl)
<PR ID>: (activity this week / total activity) summary
There were 46 Idle (no comments for at least 14 days) pull requests:
- 124: (0/75) update: enhancements/update/automatic-updates: Propose a new enhancement (wking)
- 137: (0/299) general: CLI in-cluster management (sallyom)
- 201: (0/95) general: bootimages: Downloading and updating bootimages via release image (cgwalters)
- 292: (0/203) machine-api: Add Managing Control Plane machines proposal (enxebre)
- 341: (0/80) maintenance: Machine-maintenance operator proposal (dofinn)
- 343: (0/43) authentication: cluster-wide oauth-proxy settings (deads2k)
- 363: (0/201) cvo: Enhancement for adding upgrade preflight checks for operators (LalatenduMohanty)
- 380: (0/38) kube-apiserver: describe delete protection for resources to avoid client-side delete coordination (deads2k)
- 400: (0/20) installer: OpenStack AZ Support (iamemilio)
- 426: (0/160) general: enhancements/update/targeted-update-edge-blocking: Propose a new enhancement (wking)
- 427: (0/54) update: enhancements/update/phased-rollouts: Propose a new enhancement (wking)
- 460: (0/17) ingress: Add empty-requests-policy enhancement (Miciah)
- 461: (0/9) ingress: Add aws-elb-idle-timeout enhancement (Miciah)
- 468: (0/54) machine-api: Add dedicated instances proposal (alexander-demichev)
- 486: (0/78) local-storage: Adds proposal for auto partitioning in LSO (rohan47)
- 547: (0/38) baremetal: Propose BMC-less remediation enhancement (AKA poison pill) (n1r1)
- 613: (0/18) network: NetworkPolicies for System Namespaces (danwinship)
- 643: (0/65) update: Add Reduced Reboots enhancement (sdodson)
- 652: (0/4) node: Enable cgroup v2 support (harche)
- 660: (0/19) cluster-logging: Flow control API enhancements, first draft. (alanconway)
- 706: (0/136) api-review: apply user defined tags to all resources (gregsheremeta)
- 709: (0/80) installer: Add proposal for credentials management outside the openshift cluster for new platforms (akhil-rane)
- 722: (0/7) multi-arch: Add "Build OKD for ppc64le" proposal (mjturek)
- 725: (0/12) distributed-tracing: distributed tracing (sallyom)
- 730: (0/7) network: mtu: ability to change running cluster's mtu setting (msherif1234)
- 732: (0/141) network: Add Smart NIC OVN offload enhancement (zshi-redhat)
- 737: (0/8) general: enhancements/update/targeted-update-edge-blocking: Client-side platform parameter (wking)
- 738: (0/103) network: Installing OCP on ARM-Based Smart NICs (danwinship)
- 748: (0/4) cluster-logging: New proposal: Forwarder output parameter templates (alanconway)
- 751: (0/50) builds: WIP - Disable Jenkins Pipeline Build Strategy (adambkaplan)
- 758: (0/20) security: Security Context Constraints for CSI Volumes (adambkaplan)
- 771: (0/10) update: add eus MCO enhancement (rphillips)
- 775: (0/9) network: Drop Node Hostname Resolution (cybertron)
- 784: (0/44) installer: Allow installer to include/exclude components based on user select install solution (bparees)
- 787: (0/8) update: Add no drain upgrade filter (michaelgugino)
- 791: (0/19) baremetal: Support RAID and BIOS configuration for baremetal IPI deployments (hs0210)
- 806: (0/1) ingress: Ingress: Add ingress operator and operand logging level API (sgreene570)
- 406: (0/18) kube-apiserver: Add preliminary data section to network check enhancement. (sanchezl)
- 522: (0/40) olm: Update OLM managed operator metrics enhancement (awgreene)
- 618: (0/15) network: Add more details about host port ownership (danwinship)
- 623: (0/3) storage: Confirm Azure Disk names (huffmanca)
- 666: (0/27) kube-apiserver: adding new userequest audit policy (EmilyM1)
- 711: (0/3) olm: add "fail open" risk/mitigation (njhale)
- 742: (0/93) cluster-scope-secret-volumes: Update projected resource CSI driver proposal (adambkaplan)
- 774: (0/6) network: Remove OpenShift-SDN requirement for Bare Metal Load Balancer (markdgray)
- 779: (0/1) general: Update High Availability Conventions (ravisantoshgudimetla)