Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

kube-apiserver identity #1965

Open
roycaihw opened this issue Sep 2, 2020 · 53 comments
Open

kube-apiserver identity #1965

roycaihw opened this issue Sep 2, 2020 · 53 comments
Assignees
Labels
lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness. sig/api-machinery Categorizes an issue or PR as relevant to SIG API Machinery. stage/beta Denotes an issue tracking an enhancement targeted for Beta status

Comments

@roycaihw
Copy link
Member

roycaihw commented Sep 2, 2020

Enhancement Description

Related PRs:

@k8s-ci-robot k8s-ci-robot added the needs-sig Indicates an issue or PR lacks a `sig/foo` label and requires one. label Sep 2, 2020
@roycaihw
Copy link
Member Author

roycaihw commented Sep 3, 2020

/sig api-machinery

@k8s-ci-robot k8s-ci-robot added sig/api-machinery Categorizes an issue or PR as relevant to SIG API Machinery. and removed needs-sig Indicates an issue or PR lacks a `sig/foo` label and requires one. labels Sep 3, 2020
@kikisdeliveryservice
Copy link
Member

Hi @roycaihw

Enhancements Lead here. Can you confirm that this is intended for alpha in 1.20?

Thanks
Kirsten

@roycaihw
Copy link
Member Author

@kikisdeliveryservice Yes. This feature is intended for alpha in 1.20.

@lavalamp @deads2k Could one of you add this issue to the release 1.20 milestone?

@kikisdeliveryservice
Copy link
Member

thanks for the update

/milestone v1.20

@k8s-ci-robot k8s-ci-robot added this to the v1.20 milestone Sep 14, 2020
@kikisdeliveryservice kikisdeliveryservice added tracked/yes Denotes an enhancement issue is actively being tracked by the Release Team stage/alpha Denotes an issue tracking an enhancement targeted for Alpha status labels Sep 14, 2020
@kikisdeliveryservice
Copy link
Member

kikisdeliveryservice commented Sep 22, 2020

Some KEP updates here:
#1998
#1999

But as a reminder, to be included in a release, by Enhancements Freeze (October 6th) all KEPs:

The KEP must be merged in an implementable state
The KEP must have test plans
The KEP must have graduation criteria.

Also updated description to link directly to merged KEP.

@roycaihw
Copy link
Member Author

@kikisdeliveryservice Thanks for the reminder! Will do.

@kinarashah
Copy link

kinarashah commented Sep 29, 2020

Hi @roycaihw ,

Enhancement shadow for 1.20 release here 👋 . As we're moving closer to the Enhancement Freeze deadline (October 6), just wanted to remind you to update your KEP PR,

We're looking for the KEP PR to have the following before this deadline:

  • should have test plans
  • should have graduation criteria
  • should be merged in implementable state

Thank you!

@roycaihw
Copy link
Member Author

@kinarashah Thanks for the reminder. The KEP is now implementable #1998, and has test plans and graduation criteria.

@kinarashah
Copy link

kinarashah commented Oct 11, 2020

Hi @roycaihw ,

Since your Enhancement is scheduled to be in 1.20, please keep in mind the important upcoming dates:
Friday, Nov 6th: Week 8 - Docs Placeholder PR deadline
Thursday, Nov 12th: Week 9 - Code Freeze

As a reminder, please link all of your k/k PR as well as docs PR to this issue so we can track them.

Thank you!

@reylejano
Copy link
Member

Hello @roycaihw , 1.20 Docs shadow here.

Does this enhancement work planned for 1.20 require any new docs or modification to existing docs?

If so, please follows the steps here to open a PR against the dev-1.20 branch in the k/website repo. This PR can be just a placeholder at this time and must be created before Nov 6th.

Also take a look at Documenting for a release to get yourself familiarize with the docs requirement for the release.

Thank you!

@reylejano
Copy link
Member

Hi @roycaihw

The docs placeholder deadline is almost here. Please make sure to create a placeholder PR against the dev-1.20 branch in the k/website before the deadline

Also, please keep in mind the important upcoming dates:

As a reminder, please link all of your k/k PR as well as docs PR to this issue for the release team to track.

@roycaihw
Copy link
Member Author

roycaihw commented Nov 6, 2020

Hi @reylejano-rxm, I've created the docs placeholder kubernetes/website#24921 and updated the description with links to related PRs. Thanks!

@kikisdeliveryservice
Copy link
Member

Hi @roycaihw

I see that kubernetes/kubernetes#91389 has not yet merged.

Just a reminder that Code Freeze is tomorrow Thursday, November 12th. All PRs must be merged by that date, otherwise an Exception is required.

Thanks,
Kirsten

@roycaihw
Copy link
Member Author

Thanks @kikisdeliveryservice. I think kubernetes/kubernetes#91389 is tracked in the Priority and Fairness feature: #1040 (comment).

The alpha-level functionality for kube-apiserver identity has been implemented. All PRs linked in the description have been merged, except the doc one.

@kikisdeliveryservice
Copy link
Member

Great!! Thanks for clarifying - congrats!

@annajung annajung removed this from the v1.20 milestone Jan 7, 2021
@annajung annajung added tracked/no Denotes an enhancement issue is NOT actively being tracked by the Release Team and removed tracked/yes Denotes an enhancement issue is actively being tracked by the Release Team labels Jan 7, 2021
@fejta-bot
Copy link

Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.

If this issue is safe to close now please do so with /close.

Send feedback to sig-contributor-experience at kubernetes/community.
/lifecycle stale

@k8s-ci-robot k8s-ci-robot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Jun 1, 2021
@fejta-bot
Copy link

Stale issues rot after 30d of inactivity.
Mark the issue as fresh with /remove-lifecycle rotten.
Rotten issues close after an additional 30d of inactivity.

If this issue is safe to close now please do so with /close.

Send feedback to sig-contributor-experience at kubernetes/community.
/lifecycle rotten

@k8s-ci-robot k8s-ci-robot added tracked/yes Denotes an enhancement issue is actively being tracked by the Release Team and removed tracked/no Denotes an enhancement issue is NOT actively being tracked by the Release Team labels Oct 6, 2022
@rhockenbury
Copy link

Hello @enj 👋, 1.26 Enhancements team here.

Just checking in as we approach enhancements freeze TOMORROW on 18:00 PDT on Thursday 6th October 2022.

This enhancement is targeting for stage beta for 1.26 (correct me, if otherwise)

Here's where this enhancement currently stands:

  • KEP readme using the latest template has been merged into the k/enhancements repo.
  • KEP status is marked as implementable for latest-milestone: 1.26
  • KEP readme has a updated detailed test plan section filled out
  • KEP readme has up to date graduation criteria
  • KEP has a production readiness review that has been completed and merged into k/enhancements.

For this KEP, we would just need to get #3589 merged up to meet the requirements.

The status of this enhancement is marked as at risk. Please keep the issue description up-to-date with appropriate stages as well. Thank you!

@rhockenbury rhockenbury added stage/beta Denotes an issue tracking an enhancement targeted for Beta status and removed stage/alpha Denotes an issue tracking an enhancement targeted for Alpha status labels Oct 6, 2022
@rhockenbury rhockenbury moved this to Graduating in 1.26 Enhancements Tracking Oct 6, 2022
@rhockenbury rhockenbury added the lead-opted-in Denotes that an issue has been opted in to a release label Oct 6, 2022
@enj
Copy link
Member

enj commented Oct 6, 2022

/assign

@rhockenbury #3589 is open for review.

@rhockenbury
Copy link

Thanks. Please try to get #3589 merged up before enhancements freeze later today.

@enj
Copy link
Member

enj commented Oct 6, 2022

@rhockenbury #3589 is merged :)

@rhockenbury
Copy link

Great. I have it marked as tracked for v1.26 now.

@cathchu
Copy link

cathchu commented Nov 2, 2022

Hello @andrewsykim and @enj 👋 1.26 Release Docs shadow here!

This enhancement is marked as ‘Needs Docs’ for 1.26 release. Please follow the steps detailed in the documentation to open a PR against dev-1.26 branch in the k/website repo. This PR can be just a placeholder at this time, and must be created by November 9. Also, take a look at Documenting for a release to familiarize yourself with the docs requirement for the release.

Thank you!

@ruheenaansari34
Copy link

Hi @roycaihw 👋,

Checking in once more as we approach the 1.26 code freeze at 17:00 PDT on Tuesday 8th November 2022.

Please ensure the following items are completed:

  • All PRs to the Kubernetes repo that are related to your enhancement are linked in the above issue description (for tracking purposes).
  • All PRs are fully merged by the code freeze deadline.

If you do have k/k PRs open, other than the PRs in the description, please link them to this issue.

As always, we are here to help should questions come up. Thanks!

@lavalamp
Copy link
Member

lavalamp commented Nov 2, 2022

This is now being led by @andrewsykim, fyi

@krol3
Copy link

krol3 commented Nov 15, 2022

Hi @roycaihw , Thank you for the draft doc PR here, Please update to Ready for Review, the deadline it's on Tuesday 15th November 2022. Thank you!

CC @cathchu

@andrewsykim
Copy link
Member

@krol3 I don't think there's a doc PR open for this yet but I'll get to it later today

@andrewsykim
Copy link
Member

I opened a doc PR for the feature gate reference change here; kubernetes/website#37921

I'm not sure yet if we want more detailed documentation for this feature since the main use-cases for it are internal to kubernetes (i.e. StorageVersion API).

@sftim
Copy link
Contributor

sftim commented Dec 5, 2022

If I implement a serverless extension API server (eg using a provider managed API gateway in the cloud, and some serverless compute), what should my aggregated API do in respect of this feature?

@enj
Copy link
Member

enj commented Dec 5, 2022

If I implement a serverless extension API server (eg using a provider managed API gateway in the cloud, and some serverless compute), what should my aggregated API do in respect of this feature?

Aggregated APIs require a Kubernetes service and do not support an external hostname, so you basically always have something on the cluster. Either way, if the extension API server has rest storage, it needs to identify itself somehow, probably based on its current config - i.e. all instances of the same config would have the same identity. Does any such API server exist?

@marosset
Copy link
Contributor

/remove-label lead-opted-in
/remove-label tracked/yes
/label tracked/no
/milestone clear

@k8s-ci-robot k8s-ci-robot added the tracked/no Denotes an enhancement issue is NOT actively being tracked by the Release Team label Dec 14, 2022
@k8s-ci-robot k8s-ci-robot removed this from the v1.26 milestone Dec 14, 2022
@k8s-ci-robot k8s-ci-robot removed lead-opted-in Denotes that an issue has been opted in to a release tracked/yes Denotes an enhancement issue is actively being tracked by the Release Team labels Dec 14, 2022
@Atharva-Shinde Atharva-Shinde removed the tracked/no Denotes an enhancement issue is NOT actively being tracked by the Release Team label May 14, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness. sig/api-machinery Categorizes an issue or PR as relevant to SIG API Machinery. stage/beta Denotes an issue tracking an enhancement targeted for Beta status
Projects
Status: Graduating
Development

No branches or pull requests