Open
Description
Enhancement Description
- One-line enhancement description (can be used as a release note): Ensure secure image access with
IfNotPresent
image pull policy - Kubernetes Enhancement Proposal: https://github.com/kubernetes/enhancements/tree/master/keps/sig-node/2535-ensure-secret-pulled-images
- Discussion Link: https://docs.google.com/document/d/1Ne57gvidMEWXR70OxxnRkYquAoMpt56o75oZtg-OeBg/edit#heading=h.4oysqary051o
Kubelet should enforce access to images after they've already been pulled to a node kubernetes#18787 - Primary contact (assignee): @stlaz @mikebrow @haircommander @pacoxu
- Responsible SIGs: Node
- Enhancement target (which target equals to which milestone):
- Alpha release target (x.y): 1.33
- Beta release target (x.y): 1.34
- Stable release target (x.y):
- Alpha
- KEP (
k/enhancements
) update PR(s):- v1.29 #2535:ensure secret pulled images - move kep targets; add persist #3532. (ensure secret pulled images #1608 merged)
- v1.30 kep-2535: not persist on disk and add PullImageSecretRecheckDuration flag to define different behaviors #4431 (update based on sig-node meeting discussion and PR comments)
- v1.31 KEP-2535: retarget alpha in 1.31 and update to readd the disk check #4693
- v1.32 KEP-2535: update the KEP with on-by-default strategy #4789
- v1.33 KEP-2535: bump ensure secret images alpha/latest-milestone to 1.33 #5026
- Code (
k/k
) update PR(s): - Docs (
k/website
) update PR(s):
- KEP (
- Beta
- KEP (
k/enhancements
) update PR(s): KEP-2535: (Ensure Secret Pulled Images): add metrics, bump to beta in 1.34 #5371 - Code (
k/k
) update PR(s): - Docs (
k/website
) update(s):
- KEP (
Please keep this description up to date. This will help the Enhancement Team to track the evolution of the enhancement efficiently.
/sig node
Metadata
Metadata
Assignees
Labels
Type
Projects
Status