-
Notifications
You must be signed in to change notification settings - Fork 484
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #1523 from dhellmann/twie-2023-12-01
this-week: 2023-12-01
- Loading branch information
Showing
1 changed file
with
140 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,140 @@ | ||
| # This Week in Enhancements - 2023-12-01 | ||
|
|
||
| *Updates since 2023-11-17* | ||
|
|
||
|
|
||
| ## Enhancements | ||
|
|
||
| ### Merged Changes | ||
|
|
||
| *<PR ID>: (activity this week / total activity) summary* | ||
|
|
||
| There were 4 Merged pull requests: | ||
|
|
||
| - [1426](https://github.com/openshift/enhancements/pull/1426): (31/260) monitoring: MON-3193: Proposal to switch from prometheus-adapter to metrics-server for implementing resource metric API (slashpai) ([MON-3153](https://issues.redhat.com/browse/MON-3153)) | ||
|
|
||
| > This proposal suggests replacing the [Prometheus Adapter](https://github.com/kubernetes-sigs/prometheus-adapter) currently used for implementing the resource [metrics API](https://github.com/kubernetes/metrics) in OpenShift with the [Metrics Server](https://github.com/kubernetes-sigs/metrics-server). | ||
| - [1485](https://github.com/openshift/enhancements/pull/1485): (29/138) update: OTA-916: ClusterVersion has option to reach local OSUS instance for signature verification (PratikMahajan) ([OTA-916](https://issues.redhat.com/browse/OTA-916)) | ||
|
|
||
| > CVO currently fetches the upstream urls for signature verification through [cluster-update-keys]. | ||
| > To increase flexibility and improve disconnected cluster user experience, we need to provide a way for the CVO to | ||
| > get the required signatures from custom signature stores or the OSUS running in the disconnected environment. | ||
| - [1518](https://github.com/openshift/enhancements/pull/1518): (3/7) dev-guide: CPSYN-313: document policy for making breaking changes (dhellmann) | ||
|
|
||
| > /cc @deads2k @derekwaynecarr @bparees @sdodson | ||
|
|
||
| #### Merged Pull Requests Modifying Existing Documents | ||
|
|
||
| - [1520](https://github.com/openshift/enhancements/pull/1520): (4/4) dev-guide: Add 9257 port to host port registry (racheljpg) | ||
|
|
||
| ### New Changes | ||
|
|
||
| *<PR ID>: (activity this week / total activity) summary* | ||
|
|
||
| There were 2 New pull requests: | ||
|
|
||
| - [1521](https://github.com/openshift/enhancements/pull/1521): (8/8) network: North-South IPsec support (yuvalk) | ||
|
|
||
| > The OVN Kubernetes network plugin uses [OVN](https://www.ovn.org) to instantiate | ||
| > virtual networks for Kubernetes. These virtual networks use Geneve, a network | ||
| > virtualization overlay encapsulation protocol, to tunnel traffic across the | ||
| > underlay network between Kubernetes Nodes. | ||
| > | ||
| > IPsec is a protocol suite that enables secure network communications between | ||
| > IP endpoints by providing the following services: | ||
| > - Confidentiality | ||
| > - Authentication | ||
| > - Data Integrity | ||
| > | ||
| > OVN tunnel traffic is transported by physical routers and switches. These | ||
| > physical devices could be untrusted (devices in public network) or might be | ||
| > compromised. Enabling IPsec encryption for this tunnel traffic can prevent the | ||
| > traffic data from being monitored and manipulated. | ||
| > | ||
| > The scope of this work is to enable customers to encrypt traffic going in/out of a node. It will not encrypt traffic between cluster nodes (for that we have ovn-kubernetes-ipsec.md). However due the fact that both will use the same mechanims, n-s implementation will also touch the existing e-w. | ||
| - [1522](https://github.com/openshift/enhancements/pull/1522): (3/3) update: OTA-916: enhancements/update/configurable-clusterversion-signature-stores: Tech-preview first (wking) ([OTA-916](https://issues.redhat.com/browse/OTA-916)) | ||
|
|
||
| `jira/valid-reference` | ||
|
|
||
| > CVO currently fetches the upstream urls for signature verification through [cluster-update-keys]. | ||
| > To increase flexibility and improve disconnected cluster user experience, we need to provide a way for the CVO to | ||
| > get the required signatures from custom signature stores or the OSUS running in the disconnected environment. | ||
|
|
||
| ### Active Changes | ||
|
|
||
| *<PR ID>: (activity this week / total activity) summary* | ||
|
|
||
| There were 17 Active pull requests: | ||
|
|
||
| - [1496](https://github.com/openshift/enhancements/pull/1496): (62/152) machine-config: Managing boot images via the MCO (djoshy) ([MCO-589](https://issues.redhat.com/browse/MCO-589)) | ||
| - [1431](https://github.com/openshift/enhancements/pull/1431): (51/206) ingress: OCPSTRAT-139: Ingress operator dashboard (jotak) ([OCPSTRAT-139](https://issues.redhat.com/browse/OCPSTRAT-139)) ([NETOBSERV-1052](https://issues.redhat.com/browse/NETOBSERV-1052)) | ||
| - [1514](https://github.com/openshift/enhancements/pull/1514): (50/52) ingress: NE-761: Support for admin configured CA trust bundle in Ingress Operator (bharath-b-rh) ([RFE-2182](https://issues.redhat.com/browse/RFE-2182)) ([OCPSTRAT-431](https://issues.redhat.com/browse/OCPSTRAT-431)) ([NE-761](https://issues.redhat.com/browse/NE-761)) | ||
| - [1497](https://github.com/openshift/enhancements/pull/1497): (12/25) cluster-logging: LOG-4606: Initial proposal for Azure Monitor Log integration (vparfonov) | ||
| - [1492](https://github.com/openshift/enhancements/pull/1492): (7/39) update: OTA-1029: Add CVO Log level API (Davoska) ([OTA-1029](https://issues.redhat.com/browse/OTA-1029)) | ||
| - [1517](https://github.com/openshift/enhancements/pull/1517): (7/15) oc: OCPSTRAT-784: Simplify and unify adding nodes on day 2 using agent-based installer approach (andfasano) ([OCPSTRAT-784](https://issues.redhat.com/browse/OCPSTRAT-784)) ([AGENT-682](https://issues.redhat.com/browse/AGENT-682)) | ||
| - [1480](https://github.com/openshift/enhancements/pull/1480): (3/36) kube-apiserver: AUTH-387: kube-apiserver: allow unsupported files sync (stlaz) ([AUTH-387](https://issues.redhat.com/browse/AUTH-387)) | ||
| - [1368](https://github.com/openshift/enhancements/pull/1368): (3/55) machine-config: OCPNODE-1525: Support Evented PLEG in Openshift (sairameshv) ([OCPNODE-1525](https://issues.redhat.com/browse/OCPNODE-1525)) | ||
| - [1490](https://github.com/openshift/enhancements/pull/1490): (2/156) machine-config: MCO-811: MachineConfigNode introduction for MCO State Reporting (cdoern) ([MCO-452](https://issues.redhat.com/browse/MCO-452)) | ||
| - [1479](https://github.com/openshift/enhancements/pull/1479): (2/35) cluster-api: Enhancement for installing OpenShift natively via Cluster API (JoelSpeed) | ||
| - [1468](https://github.com/openshift/enhancements/pull/1468): (2/70) installer: CORS-2062: Customer configured DNS for cloud platforms AWS, Azure and GCP (sadasu) ([CORS-1874](https://issues.redhat.com/browse/CORS-1874)) | ||
| - [1465](https://github.com/openshift/enhancements/pull/1465): (2/205) machine-api: OCPCLOUD-1578: Add enhancement for converting Machine API resource to Cluster API (JoelSpeed) ([OCPCLOUD-1578](https://issues.redhat.com/browse/OCPCLOUD-1578)) | ||
| - [1463](https://github.com/openshift/enhancements/pull/1463): (2/72) network: Mutable dual-stack VIPs (mkowalski) ([OCPSTRAT-178](https://issues.redhat.com/browse/OCPSTRAT-178)) ([OPNET-340](https://issues.redhat.com/browse/OPNET-340)) ([OPNET-80](https://issues.redhat.com/browse/OPNET-80)) | ||
| - [1506](https://github.com/openshift/enhancements/pull/1506): (1/133) machine-api: [OSD-15261] CPMS: allow automatic vertical scaling. (bergmannf) ([OSD-15261](https://issues.redhat.com/browse/OSD-15261)) | ||
|
|
||
| #### Active Pull Requests Modifying Existing Documents | ||
|
|
||
| - [1487](https://github.com/openshift/enhancements/pull/1487): (15/59) oc: Implementation details for `--all-images` (dharmit) | ||
| - [1446](https://github.com/openshift/enhancements/pull/1446): (1/288) ingress: NE-1366: Revisions for set-delete-http-headers EP (miheer) ([NE-982](https://issues.redhat.com/browse/NE-982)) ([RFE-464](https://issues.redhat.com/browse/RFE-464)) | ||
| - [1411](https://github.com/openshift/enhancements/pull/1411): (1/31) dev-guide: Add exception to pointer guidance for structs that must be omitted (JoelSpeed) | ||
|
|
||
| ### Closed Changes | ||
|
|
||
| *<PR ID>: (activity this week / total activity) summary* | ||
|
|
||
| There was 1 Closed pull request: | ||
|
|
||
| - [1413](https://github.com/openshift/enhancements/pull/1413): (4/28) single-node: Relocatable single node openshift (eranco74) ([MGMT-14516](https://issues.redhat.com/browse/MGMT-14516)) ([OCPBU-608](https://issues.redhat.com/browse/OCPBU-608)) | ||
|
|
||
| ### Idle (no comments for at least 14 days) Changes | ||
|
|
||
| *<PR ID>: (activity this week / total activity) summary* | ||
|
|
||
| There were 11 Idle (no comments for at least 14 days) pull requests: | ||
|
|
||
| - [1267](https://github.com/openshift/enhancements/pull/1267): (0/224) network: vSphere IPI Support for Static IPs (rvanderp3) ([OCPPLAN-9654](https://issues.redhat.com/browse/OCPPLAN-9654)) | ||
| - [1436](https://github.com/openshift/enhancements/pull/1436): (0/239) dns: NE-1325: External DNS Operator support for Shared VPCs (gcs278) | ||
| - [1440](https://github.com/openshift/enhancements/pull/1440): (0/104) network: OPNET-268: Configure-ovs Alternative (cybertron) | ||
| - [1494](https://github.com/openshift/enhancements/pull/1494): (0/60) observability-ui: add observability ui operator proposal (jgbernalp) ([OU-204](https://issues.redhat.com/browse/OU-204)) | ||
| - [1502](https://github.com/openshift/enhancements/pull/1502): (0/32) security: Create tls-artifacts-registry enhancement (vrutkovs) ([API-1603](https://issues.redhat.com/browse/API-1603)) | ||
| - [1503](https://github.com/openshift/enhancements/pull/1503): (0/21) cluster-logging: Add LokiStack tokenized auth proposal (periklis) ([OCPSTRAT-6](https://issues.redhat.com/browse/OCPSTRAT-6)) ([OCPSTRAT-171 (AWS STS)](https://issues.redhat.com/browse/OCPSTRAT-171 (AWS STS))) ([OCPSTRAT-114 (Azure WIF)](https://issues.redhat.com/browse/OCPSTRAT-114 (Azure WIF))) ([OCPSTRAT-922 (GCP WIF)](https://issues.redhat.com/browse/OCPSTRAT-922 (GCP WIF))) ([LOG-4540 (AWS & Azure)](https://issues.redhat.com/browse/LOG-4540 (AWS & Azure))) ([LOG-4754 (GCP)](https://issues.redhat.com/browse/LOG-4754 (GCP))) | ||
| - [1510](https://github.com/openshift/enhancements/pull/1510): (0/6) installer: OCPSTRAT-736: installer: support AWS Wavelength zones (mtulio) ([OCPSTRAT-736](https://issues.redhat.com/browse/OCPSTRAT-736)) ([SPLAT-1125](https://issues.redhat.com/browse/SPLAT-1125)) ([SPLAT-1218](https://issues.redhat.com/browse/SPLAT-1218)) ([SPLAT-1219](https://issues.redhat.com/browse/SPLAT-1219)) | ||
| - [1513](https://github.com/openshift/enhancements/pull/1513): (0/31) cluster-logging: Added enhancements/cluster-logging/content-filter.md (alanconway) | ||
| - [1515](https://github.com/openshift/enhancements/pull/1515): (0/19) machine-config: on-cluster builds enhancement (cheesesashimi) ([MCO-834](https://issues.redhat.com/browse/MCO-834)) | ||
|
|
||
| #### Idle (no comments for at least 14 days) Pull Requests Modifying Existing Documents | ||
|
|
||
| - [1478](https://github.com/openshift/enhancements/pull/1478): (0/6) network: Networking: update EIP multi NIC proposal (martinkennelly) ([SDN-1123](https://issues.redhat.com/browse/SDN-1123)) | ||
| - [1511](https://github.com/openshift/enhancements/pull/1511): (0/10) guidelines: Add beta features guidelines (soltysh) | ||
|
|
||
| ### With lifecycle/stale or lifecycle/rotten Changes | ||
|
|
||
| *<PR ID>: (activity this week / total activity) summary* | ||
|
|
||
| There were 8 With lifecycle/stale or lifecycle/rotten pull requests: | ||
|
|
||
| - [1298](https://github.com/openshift/enhancements/pull/1298): (1/275) monitoring: Metrics collection profiles (JoaoBraveCoding) | ||
| - [1415](https://github.com/openshift/enhancements/pull/1415): (1/350) ingress: NE-1129: Make ingress operator optional on HyperShift (alebedev87) ([NE-1129](https://issues.redhat.com/browse/NE-1129)) | ||
| - [1456](https://github.com/openshift/enhancements/pull/1456): (2/239) network: DNM| WIP: SDN-4035: IPAM for VMs for OVN Kubernetes secondary networks (maiqueb) ([SDN-4035](https://issues.redhat.com/browse/SDN-4035)) | ||
| - [1457](https://github.com/openshift/enhancements/pull/1457): (2/84) cluster-scope-secret-volumes: Shared Resources via OpenShift Builds Operator (adambkaplan) | ||
| - [1500](https://github.com/openshift/enhancements/pull/1500): (2/4) machine-config: Introduce machineconfiguration status enhancement (cdoern) ([MCO-452](https://issues.redhat.com/browse/MCO-452)) | ||
| - [1509](https://github.com/openshift/enhancements/pull/1509): (1/5) network: SDN-4114: initial iptables-deprecation-alerter proposal (danwinship) ([SDN-4114](https://issues.redhat.com/browse/SDN-4114)) | ||
|
|
||
| #### With lifecycle/stale or lifecycle/rotten Pull Requests Modifying Existing Documents | ||
|
|
||
| - [1499](https://github.com/openshift/enhancements/pull/1499): (1/5) guidelines: Add specific operating at scale section to the enhancement template (jcaamano) | ||
| - [1505](https://github.com/openshift/enhancements/pull/1505): (3/8) ingress: NE-1348: ALBO - update details about the standardized STS flow (alebedev87) ([CFEPLAN-39](https://issues.redhat.com/browse/CFEPLAN-39)) ([NE-1307](https://issues.redhat.com/browse/NE-1307)) |