Updates since 2022-04-01
<PR ID>: (activity this week / total activity) summary
There was 1 Prioritized Active pull request:
-
1067: (22/236) agent-installer: Automated Workflow for Agent-based Installer (dhellmann)
priority/important-soon"Cluster 0" deployments, for the first cluster in an environment, are unique because they occur in situations where there may not be a lot of other infrastructure to support long-running services normally associated with automated provisioning for on-premises use cases. Nevertheless, users and partners want to automate these deployments. The assisted installer GUI provides an excellent user experience for manually deploying clusters. This enhancement covers the automation use case.
<PR ID>: (activity this week / total activity) summary
There were 9 Other Merged pull requests:
-
937: (3/161) monitoring: support configuration of alerting notifications by application owners (simonpasquier)
This document describes a solution that allows OpenShift users to route alert notifications without cluster admin intervention. It complements the existing [user-workload monitoring stack][uwm-docs], enabling a full self-service experience for workload monitoring.
-
943: (5/114) etcd: [OCPCLOUD-1244] Add proposal for etcd protection mechanism during control plane scaling (JoelSpeed)
To enable automation of Control Plane scaling activities, in particular vertical scaling of the Control Plane Machines, we must implement a mechanism that protects etcd quorum and ensures the smoothest possible transition as new etcd members are added and old members removed from the etcd cluster.
-
1034: (10/226) agent-installer: Agent Installer Development Environment (lranjbar)
Create a development environment for the ephemeral agent based installer image in the dev-scripts repository and refactor components as needed for the new project. In addition we will add base case e2e test flows integrated into Openshift CI to get the project started.
-
1056: (11/122) cluster-scope-secret-volumes: BUILD-406: shared resource validating admission EP (gabemontero)
This Enhancement Proposal details improvements to existing validations currently performed, as well as the introduction of new validations to be performed, on artifacts related to the Shared Resource CSI Driver and Operator component introduced as Tech Preview in 4.10. As a quick reminder, the associated API for "Shared Resources", namely SharedSecrets and SharedConfigMaps, are cluster scoped objects whose referenced namespace scoped Secrets and Configmaps are mounted into Pod Spec'able objects via use of the associated Shared Resource CSI Driver.
With the introduction of the Shared Resources API in 4.10, any restrictions around use of the new CRDs or the declaring of Volumes using the new Driver in Pods, was done at the CSI Driver level. That is often not the most efficient location to enforce such restrictions, as the entire Kubelet provisioning path for the Pod must be exercised for the error to be caught. Also, the user does not learn of the error upon creation of the Pod Spec'able object. Instead, the user must inspect Pod status and Events to learn of the problem.
This proposal intends to improve on the usability around error discovery by employing validations called during API object creation and modification.
-
1069: (6/36) dev-guide: Add notes to explain how API fields should be documented in conventions (JoelSpeed)
As an API reviewer, I would like to see thorough documentation added to new API fields so that I can understand the mechanics of the changes we are adding to our API and so that customers can understand how they can and can't use the new fields.
To encourage better documentation on ur APIs, I think we should add some notes to the conventions prompting users with a number of questions to think about when writing their godoc and some examples of how this might look in practice.
This is a first draft of this to gather initial feedback:
- Is this the right location for this kind of content?
- What other questions should users be asked when writing their godoc
- Do we have any other recommendations about godoc that aren't already noted
ToDo:
- Add more examples of where the godoc is used
- Provide example of godoc output for examples to help authors understand what the user might see
- Clarify any language guidance we have for writing these godoc (Eg should we follow product doc styling)
- Confirm we want to split out an official API conventions/style guide
- 919: (5/31) cluster-logging: Multi-Container-Structured-Logging (alanconway)
- 1051: (13/209) api-review: Update enhancement proposal to support update of user-defined AWS tags (TrilokGeer)
- 1080: (63/63) guidelines: enhancements process documentation improvements (dhellmann)
- 1082: (5/5) dev-guide: dev-guide/cluster-version-operator/dev/operators: Link capabilities enhancement (wking)
<PR ID>: (activity this week / total activity) summary
There were 2 Other New pull requests:
-
1084: (2/2) ingress: enhancement/ingress: add max connections tuning (frobware)
Enable administrators to tune the maximum number of simultaneous connections for OpenShift router deployments.
OpenShift router currently hard-codes the maximum number of simultaneous connections that HAProxy can handle to 20000, and it has done so for all OpenShift v4 releases up to and including 4.10. It should be possible for administrators to tune this value based on the capability and sizing of their infrastructure nodes. Increasing the maximum number of simultaneous connections will improve router throughput at the expense of increased memory usage. Equally, decreasing the current value may be of interest for Single Node OpenShift (SNO) deployments. This proposal extends the existing IngressController API to add a tuning option for max connections.
- 1081: (3/3) single-node: Change wording in SNO+Workers Operational Aspects of API Extensions section (omertuc)
<PR ID>: (activity this week / total activity) summary
There were 19 Other Active pull requests:
- 1048: (40/114) network: Dual Stack VIPs for on-prem deployments (cybertron)
- 1037: (39/353) insights: New Insights config API proposal (tremes)
- 1075: (25/84) machine-api: [OCPCLOUD-1436] AWS IMDSv2 support in MAPI and Installer config (lobziik)
- 1057: (14/126) installer: Enhancement for enabling 4-node cluster deployments as a day0 operation (flaper87)
- 1010: (10/81) authentication: add enhancement on PSa autolabeling (stlaz)
- 1008: (5/251) machine-api: [OCPCLOUD-1248] Add initial iteration of ControlPlaneMachineSet operator enhancement (JoelSpeed)
- 1014: (5/364) multi-arch: Heterogeneous architecture clusters (Prashanth684)
- 1071: (4/12) baremetal: Add bootstrap-external-ip (honza)
- 1059: (4/221) baremetal: Converge ZTP and Metal3 flows (dtantsur)
- 1064: (3/45) network: Add enhancement proposal for SDN live migration (pliurh)
- 811: (2/80) network: Enhancement proposal for OVN secondary networks (maiqueb)
- 981: (2/159) general: Added proposal for HyperShift monitoring. (bwplotka)
- 461: (2/32) ingress: Add aws-elb-idle-timeout enhancement (Miciah)
- 918: (1/151) installer: vsphere: add multiple datacenter and clusters (jcpowermac)
- 987: (1/106) dns: Add the DNS-over-TLS enhancement initial draft (brandisher)
- 1077: (18/24) monitoring: Add a priority label to alerts (sradco)
- 1078: (6/10) monitoring: Add operator name and component labels (sradco)
- 1076: (5/6) dev-guide: Add on-prem internal loadbalancer ports to host port registry (cybertron)
- 1046: (2/5) ingress: transition-ingress-from-beta-to-stable status → implemented (Miciah)
<PR ID>: (activity this week / total activity) summary
There was 1 Revived (closed more than 7 days ago, but with new comments) pull request:
- 929: (4/256) api-review: [OCPNODE-747] New CRD ImageDigestMirrorSet and ImageTagMirrorSet to support AllowMirrByTags (QiWang19)
<PR ID>: (activity this week / total activity) summary
There were 14 Idle (no comments for at least 7 days) pull requests:
- 371: (0/39) ingress: Add forwarded-header-policy enhancement (Miciah)
- 745: (0/135) security: Security Profiles Operator integration in OpenShift (JAORMX)
- 1005: (0/107) general: Non-disruptive upgrades in DPU clusters (danwinship)
- 1009: (0/87) general: OpenStack Cloud Provider Config Upgrade (stephenfin)
- 1023: (0/21) ingress: Add route-subdomain enhancement (Miciah)
- 1027: (0/6) general: Enable ProjectRequestLimit on OpenShift 4.x (josefkarasek)
- 1030: (0/100) monitoring: enhancements/monitoring: User-Defined Alerting and Relabeling Rules (bison)
- 1035: (0/134) network: Pods Egress DSCP QoS proposal (oribon)
- 1047: (0/5) authentication: AUTH-125 Cert Manager enhancement document (slaskawi)
- 1066: (0/7) dev-guide: Document the various event files produced by CI (DennisPeriquet)
- 1061: (0/2) dev-guide: Host port registry: Add konnectivity agent (alvaroaleman)
- 1068: (0/4) dev-guide: Add etcd readyz port (hasbro17)
- 1072: (0/9) machine-api: update machine-api-usage-telemetry (elmiko)
- 1073: (0/10) general: Fix links to make relative to page (johnbwork)
<PR ID>: (activity this week / total activity) summary
There were 2 With lifecycle/stale or lifecycle/rotten pull requests:
- 1019: (1/23) node-tuning: Enhancement for improving image pull via shortname security (umohnani8)
- 1054: (1/5) ingress: NE-585 Update enhancement after implementation (candita)