<PR ID>: (activity this week / total activity) summary
There was 1 Prioritized Merged pull request:
-
645: (4/9) update: eus-upgrades-mvp: Fix MCO constraints examples (sdodson)
This change updated the description of the machine-config-operator's role in enforcing the version skew policy during EUS upgrades in the existing enhancement document.
<PR ID>: (activity this week / total activity) summary
There were 5 Prioritized Active pull requests:
-
628: (50/100) general: automated resource request scaling (dhellmann)
This enhancement describes an approach to allow us to scale the resource requests for the control plane services to reduce consumption for constrained environments. This will be especially useful for single-node production deployments, where the user wants to reserve most of the CPU resources for their own workloads and needs to configure OpenShift to run on a fixed number of CPUs within the host.
One example of this use case is seen in telecommunication service providers implementation of a Radio Access Network (RAN). This use case is discussed in more detail below.
-
643: (48/53) update: Add Reduced Reboots enhancement (sdodson)
This enhancement is intended to reduce host reboots when upgrading across two or more OpenShift minor versions by enabling an N-2 version skew policy between all host components and cluster scoped resources.
-
636: (24/51) kube-apiserver: API Removal Notifications (sanchezl)
Notify customers that an API that will be removed in the next release is in use.
-
593: (8/111) general: Add proposal for hiding container mountpoints from systemd (lack)
The current implementation of Kubelet and CRI-O both use the top-level namespace for all container and Kubelet mountpoints. However, moving these container-specific mountpoints into a private namespace reduced systemd overhead with no difference in functionality.
-
641: (4/29) general: EP: Support for Cluster High-availability mode API (varshaprasad96)
The goal of this enhancement is to describe the support for [cluster high-availability mode API][enhancement_cluster_operators] introduced by OpenShift. The enhancement proposes to introduce necessary helper functions which will enable users to identify if the OpenShift cluster can support high availability deployment mode of their operator or not.
<PR ID>: (activity this week / total activity) summary
There were 7 Other Merged pull requests:
-
438: (23/63) ingress: Add ingress fault detection proposal (sgreene570)
This enhancement enriches the Ingress Operator by granting the operator the ability to automatically detect when ingress-related issues occur within a cluster. This enhancement also gives Cluster Admins the ability to pinpoint which specific part of the cluster Ingress "chain" is at fault when external traffic bound for application pods is unable to reach (or experiences difficulties en-route to) the correct application destination.
-
449: (46/49) ingress: Add Tunable Router Buffer Sizes EP (sgreene570)
This enhancement extends the IngressController API to allow the user to configure the size of the in-memory header buffers for an IngressController. By default, these values are set at fixed values to limit memory use for typical IngressController usage.
-
576: (20/134) cluster-logging: Move ES cert management into Elasticsearch Operator (ewolinetz)
Currently to use the Elasticsearch Operator, one would need to generate secrets in a specific manner which creates a high amount of complexity for use. This proposal seeks to outline a mechanism where the Elasticsearch Operator creates and maintains these certificates and the elasticsearch/kibana secret instead of other operators (e.g. Cluster Logging and Jaeger), and allows an annotation mechanism on secrets for injecting required keys and certificates for mTLS with Elasticsearch.
-
612: (3/4) cluster-logging: Simplify initial cloudwatch proposal based on feedback. (alanconway)
[Amazon CloudWatch][aws-cw] is a hosted monitoring and log storage service. This proposal extends the
ClusterLogForwarderAPI with an output type for CloudWatch. -
640: (28/29) ingress: Ingress: Add GCP Global Access LB Proposal (sgreene570)
This enhancement extends the IngressController API to allow the user to enable the "Global Access" option for Ingress Controllers exposed via an Internal Load Balancer on GCP.
- 653: (3/3) cluster-logging: Adding owners file for cluster-logging subdirectory (ewolinetz)
- 658: (5/5) network: ovn-kubernetes-ipsec: Update EP with small feature enhancements for OCP 4.8 (markdgray)
<PR ID>: (activity this week / total activity) summary
There were 7 Other New pull requests:
-
649: (18/18) general: conventions: update the resources and limits section (dhellmann)
Expand the "Resources and Limits" section of the conventions document with more detail about why we have the conventions we do, where the formula for CPU resource requests came from, and links to the history of work on resource requests.
/cc @smarterclayton @markmc
-
650: (26/26) scheduling: Add ClusterOperator Scheduling (michaelgugino)
-
651: (1/1) cluster-logging: Implement forwarder-label-selector in 2 phases. (alanconway)
Add an input selector to the ClusterLogForwarder (CLF) to collect application logs only from pods identified by labels.
Kubernetes has two ways to identify pods: namespaces and labels. The CLF already has an input selector for namespaces, this enhancement will add a selector for labels.
See also:
-
652: (1/1) node: Enable cgroup v2 support (harche)
cgroup v2 is the next version of the kernel control groups. The support for cgroup v2 has been in development in the container ecosystem from quite some time. But now with entire stack from
runctokubernetesand everything in between supports cgroup v2, it's about time we should enable support for cgroup v2 in OpenShift. -
654: (2/2) dns: ARO private DNS zone resource removal (jim-minter)
This proposal covers removing the Azure private DNS zone resource from the architecture of Azure Red Hat OpenShift clusters.
-
656: (24/24) console: CONSOLE-2355: Update Quick Start proposal with i18n (rebeccaalpert)
OpenShift's Serverless team has proposed an idea to create a "Quick Starts" mechanism which introduces users to various ways of interacting with serverless in the Console. Quick Starts should be a mechanism we can use to vastly improve our customer's initial user experience on a empty cluster or with all various workflows:
The goal of this proposal is to define a lightweight mechanism for OpenShift's Console component, to guide users thought various workflows, and help them understand the steps neccesary to get the desired outcome:
- Install operator
- Deployment of showcase application
- Cluster settings
- Networking
- ...
For Quick Starts we need a mechanism for their creation and publishment.
-
657: (16/16) dns: Add managementState field to the DNS operator (rfredette)
When diagnosing a DNS issue, sometimes it is helpful or even necessary to disable the DNS operator and patch the CoreDNS daemonset. Currently, this requires disabling the cluster version operator (CVO) as well so that the CVO doesn't re-enable the DNS operator.
The DNS operator API should provide a
managementStatefield, which will prevent the DNS operator from overwriting fields in managed deployments and daemonsets when themanagementStatefield set toUnmanaged
<PR ID>: (activity this week / total activity) summary
There were 21 Other Active pull requests:
- 524: (87/369) network: New method for providing configurable self-hosted LB/DNS/VIP for on-prem (yboaron)
- 574: (60/367) installer: First iteration of running the Assisted Installer in end-user clusters. (mhrivnak)
- 366: (43/73) kata-containers: kata containers enhancement proposal (ariel-adam)
- 567: (29/87) machine-api: Added proposal for remediation history (slintes)
- 581: (24/67) network: Add network flows export support proposal (rcarrillocruz)
- 617: (22/111) network: [SDN-1364] Add Network Policy audit logging Enhancement (astoycos)
- 637: (16/185) monitoring: Add: Alerting Standards (michaelgugino)
- 642: (16/40) kubelet: Dynamic node sizing (harche)
- 603: (12/53) network: Initial proposal of allow mtu and overlay port changes (juanluisvaladas)
- 647: (5/6) windows-containers: WINC-544: Enhancement proposal for monitoring Windows Nodes (VaishnaviHire)
- 624: (4/11) update: Add: upgrade-blocker-operator (michaelgugino)
- 549: (4/72) storage: Add proposal for CSI migration (bertinatto)
- 626: (4/33) machine-config: enhancements/machine-config: securing MCS (crawford)
- 635: (3/11) manifestlist: IR-57: API changes for manifest list support (ricardomaraschini)
- 520: (3/13) network: Static IP Addresses from DHCP (cybertron)
- 625: (2/10) cluster-logging: Simplify JSON forwarding proposal (alanconway)
- 357: (2/198) accelerators: Supporting out-of-tree drivers on OpenShift (zvonkok)
- 346: (2/83) installer: Installer pre-flight validations (mandre)
- 492: (1/45) rhcos: add rhcos-inject enhancement (crawford)
- 465: (1/43) insights: Insights operator up to date gathering (martinkunc)
- 564: (1/17) cluster-logging: Allowing users to specify a delete policy based on amount of storage used within the ES cluster (ewolinetz)
<PR ID>: (activity this week / total activity) summary
There were 2 Other Closed pull requests:
- 475: (2/8) general: enhancements/update/update-blocker-lifecycle: Propose a new enhancement (wking)
- 655: (1/1) kube-apiserver: stability: removed api notifications (sanchezl)
<PR ID>: (activity this week / total activity) summary
There was 1 Revived (closed more than 7 days ago, but with new comments) pull request:
- 473: (1/211) network: Enable IPsec support in OVNKubernetes (markdgray)
<PR ID>: (activity this week / total activity) summary
There were 4 Old (labeled as stale, but discussion in last 7 days) pull requests:
- 480: (1/85) etcd: enhancements/etcd: support assisted install (hexfusion)
- 527: (1/73) installer: enhancement/installer: check OpenStack versions (EmilienM)
- 538: (1/6) machine-api: update machine-api-usage-telemetry (elmiko)
- 545: (1/2) network: Add BGP design section (markdgray)
<PR ID>: (activity this week / total activity) summary
There were 4 Other lifecycle/stale pull requests:
- 296: (0/180) network: Add ovs-hardware-offload enhancement (zshi-redhat)
- 411: (0/61) installer: run the Assisted Installer on-premise as opposed to utilizing a cloud service (mhrivnak)
- 415: (0/10) etcd: add backup config controller (hexfusion)
- 531: (0/14) update: enhancements/update/channel-metadata: Distribute channel description strings (wking)
<PR ID>: (activity this week / total activity) summary
There were 46 Idle (no comments for at least 7 days) pull requests:
- 124: (0/75) update: enhancements/update/automatic-updates: Propose a new enhancement (wking)
- 137: (0/286) general: CLI in-cluster management (sallyom)
- 146: (0/213) installer: openstack: Add Baremetal Compute Nodes RFE (pierreprinetti)
- 174: (0/58) builds: first draft of configmap/secret injection via volumes enhancement (bparees)
- 177: (0/38) olm: Library for OLM operator-inspect functionality (shawn-hurley)
- 198: (0/23) kube-controller-manager: stability: add quota to all namespaces (deads2k)
- 201: (0/80) general: bootimages: Downloading and updating bootimages via release image (cgwalters)
- 255: (0/108) monitoring: add restart metrics enhancement (rphillips)
- 265: (0/137) general: Signal cluster deletion (abutcher)
- 292: (0/195) machine-api: Add Managing Control Plane machines proposal (enxebre)
- 302: (0/27) kube-apiserver: [thought-experiment] single-node cluster static pod creation (deads2k)
- 341: (0/80) maintenance: Machine-maintenance operator proposal (dofinn)
- 343: (0/43) authentication: cluster-wide oauth-proxy settings (deads2k)
- 361: (0/109) baremetal: Minimise Baremetal footprint, live-iso bootstrap (hardys)
- 363: (0/201) cvo: Enhancement for adding upgrade preflight checks for operators (LalatenduMohanty)
- 371: (0/15) ingress: Add forwarded-header-policy enhancement (Miciah)
- 400: (0/18) general: OpenStack AZ Support (iamemilio)
- 403: (0/16) authentication: webhook authentication: kubeconfig auth specification, 0-ttl cache (stlaz)
- 406: (0/16) kube-apiserver: Add preliminary data section to network check enhancement. (sanchezl)
- 417: (0/114) installer: Add enhancement: IPI kubevirt provider (ravidbro)
- 426: (0/124) general: enhancements/update/targeted-update-edge-blocking: Propose a new enhancement (wking)
- 427: (0/54) update: enhancements/update/phased-rollouts: Propose a new enhancement (wking)
- 443: (0/94) machine-config: Support a provisioning token for the Machine Config Server (cgwalters)
- 447: (0/30) insights: Insights-gateway (iNecas)
- 462: (0/34) ingress: Add client-tls enhancement (Miciah)
- 463: (0/570) machine-api: Describing steps to support out-of-tree providers (Danil-Grigorev)
- 468: (0/48) machine-api: Add dedicated instances proposal (alexander-demichev)
- 477: (0/41) update: enhancements/update/manifest-install-levels: Propose a new enhancement (wking)
- 483: (0/21) machine-api: Add proposal for API to automatically spread MachineSets across AZs. (dgoodwin)
- 486: (0/71) local-storage: Adds proposal for auto partitioning in LSO (rohan47)
- 489: (0/3) kube-apiserver: p2pnc: update (sanchezl)
- 497: (0/11) cloud-integration: Initial draft of Cloud Credentials Rotation. (dgoodwin)
- 522: (0/13) olm: Update OLM managed operator metrics enhancement (awgreene)
- 525: (0/5) machine-config: Add FCCT support in MC proposal (LorbusChris)
- 547: (0/36) baremetal: Propose BMC-less remediation enhancement (AKA poison pill) (n1r1)
- 551: (0/30) machine-api: Propose to backport the "external remediation template" feature (slintes)
- 554: (0/7) general: conventions: Clarify when workload disruption is allowed (smarterclayton)
- 562: (0/146) security: Enhancing SCC to Gate Runtime Classes (haircommander)
- 566: (0/44) general: Separating provider-specific code in the installer (janoszen)
- 571: (0/186) network: Cloud API component for egress IP (alexanderConstantinescu)
- 575: (0/45) installer: Installer Enhacement Proposal: Manifests from STDIN (oglok)
- 577: (0/146) ingress: describe one-stop-shopping for exposing customized routes (deads2k)
- 590: (0/5) authentication: add 'Allowing URI Scheme in OIDC sub claims' (stlaz)
- 613: (0/2) network: NetworkPolicies for System Namespaces (danwinship)
- 618: (0/14) network: Add more details about host port ownership (danwinship)
- 623: (0/1) storage: Confirm Azure Disk names (huffmanca)