Skip to content

Latest commit

 

History

History
98 lines (65 loc) · 6.43 KB

2020-12-18.md

File metadata and controls

98 lines (65 loc) · 6.43 KB
Raw

This Week in Enhancements - 2020-12-18

TWIE will be on hiatus for the rest of 2020. We will return on 8 Jan.

Merged Enhancements

<PR ID>: (activity this week / total activity) summary

There was 1 Merged pull request:

  • 568: (8/8) network: host-port-registry: Add HAProxy ports (Miciah)

Closed Enhancements

<PR ID>: (activity this week / total activity) summary

There were 5 Closed pull requests:

  • 82: (0/0) olm: Fix typos and outdated info on bundle enhancement doc (dinhxuanvu)
  • 198: (0/6) kube-controller-manager: stability: add quota to all namespaces (deads2k)
  • 240: (0/4) etcd: enhancements/etcd/disaster-recovery-with-ceo: add backup proposal (hexfusion)
  • 272: (0/6) kube-apiserver: stability: git event watch and visualization (deads2k)
  • 322: (0/4) containers: Mount another image's filesystem to a container (jwforres)

New Enhancements

<PR ID>: (activity this week / total activity) summary

There were 9 New pull requests:

  • 561: (12/12) network: Initial proposal of "allow-from-router" NetworkPolicy (danwinship)

    Many users want to create NetworkPolicies that say, effectively, "allow traffic from routers". However, the router can run with one of several different "endpoint publishing strategies", which use the cluster network differently, and when using the HostNetwork strategy, the NetworkPolicy-relevant behavior also varies depending on the network plugin in use. This makes it impossible to create an "allow traffic from routers" policy that will work in any cluster. Indeed, in some cases, it is difficult to create such a policy even just for a single cluster, even when you know exactly how the cluster is configured.

  • 562: (40/40) security: Enhancing SCC to Gate Runtime Classes (haircommander)

    Enhance the Openshift SCC with two fields called AllowRuntimeClasses and EnsureRuntimeClasses, which gate users from specifying runtime classes in their Pod requests.

  • 564: (2/2) cluster-logging: Allowing users to specify a delete policy based on amount of storage used within the ES cluster (ewolinetz)

    Currently our index management within OpenShift Elasticsearch is limited to just being time based for rollover and deletion. The goal of this proposal is to introduce and outline extending this to also include amount of storage used. There are a two different ways this can be measured within an ES cluster such as per index and per node -- this proposal will also discuss the differences.

  • 565: (126/126) installer: single-node deployment with bootstrap-in-place (eranco74)

    As we add the new single-node production deployment we need a way to install such cluster without an extra node dependency for bootstrap.

    This enhancement describes the flow for installing Single Node OpenShift using liveCD that perform the bootstrap logic and reboots to become the single node.

  • 566: (20/20) general: Separating provider-specific code in the installer (janoszen)

    This change introduces an internal API in the installer code to move provider-specific code into a separate folder and avoid having large switch-case structures in the installer code.

  • 567: (0/0) machine-api: Added proposal for remediation history (slintes)

    Record and show limited remediation history.

  • 569: (1/1) network: Add workloads localhost ports for recovery-controllers (damemi)

  • 570: (61/61) cluster-logging: Enhancement Proposal: API to Forward Logs to CloudWatch (alanconway)

    [Amazon Cloudwatch][aws-cw] is a hosted monitoring and log storage service. This proposal extends the ClusterLogForwarder API with an output type for Cloudwatch.

  • 571: (0/0) network: Cloud API component for egress IP (alexanderConstantinescu)

    OVN-Kubernetes and openshift-sdn today support the feature egress IP on bare-metal platforms. Going forwards OpenShift will need to support the feature on conventional cloud provider platforms (such as: GCP, AWS, Azure). Cloud providers require additional management of the egress IP address via the cloud provider's cloud API. That is required since the cloud provider will not let the network plugin claim an additional IP on the node, which it does not recognize.

Active Enhancements

<PR ID>: (activity this week / total activity) summary

There were 10 Active pull requests:

  • 555: (58/104) general: Cluster High-availability Mode API (dhellmann)
  • 560: (36/41) general: single-node production deployment approach (dhellmann)
  • 346: (11/35) installer: Installer pre-flight validations (mandre)
  • 477: (10/37) update: enhancements/update/manifest-install-levels: Propose a new enhancement (wking)
  • 400: (7/14) installer: OpenStack AZ Support (iamemilio)
  • 78: (4/69) general: Build OKD on Fedora CoreOS in Prow proposal (LorbusChris)
  • 438: (2/14) ingress: Add ingress fault detection proposal (sgreene570)
  • 357: (2/74) general: Supporting out-of-tree drivers on OpenShift (zvonkok)
  • 554: (2/3) general: conventions: Clarify when workload disruption is allowed (smarterclayton)
  • 522: (2/6) olm: Update OLM managed operator metrics enhancement (awgreene)