Skip to content

Latest commit

 

History

History
138 lines (93 loc) · 9.39 KB

2022-01-07.md

File metadata and controls

138 lines (93 loc) · 9.39 KB

This Week in Enhancements - 2022-01-07

Updates since 2021-12-17

Other Enhancements

Other Merged Changes

<PR ID>: (activity this week / total activity) summary

There were 4 Other Merged pull requests:

  • 949: (14/81) general: HELM-258: add enhancement for new namespace-scoped helm repo crd (zonggen)

    Right now we support cluster-scoped Helm repository CRD. This requires admin-level permissions when developers want to add a Helm repository in the OpenShift Console. We would like to add the ability to install Helm repository as a custom resource but with scope: namespaced.

Other Merged Pull Requests Modifying Existing Documents

  • 967: (10/28) console: CONSOLE-3005: Provide alias for dynamic plugin's proxy (jhadvig)
  • 993: (4/4) monitoring: MSO: Fix some typos, grammar, formatting (danielm0hr)
  • 997: (4/4) dev-guide: Add CCCMO related port in port registry (lobziik)

Other New Changes

<PR ID>: (activity this week / total activity) summary

There were 4 Other New pull requests:

  • 992: (8/8) authentication: auth: add enhancement for direct kube-apiserver oidc config (stlaz)

    do-not-merge/work-in-progress

    When users authenticate to OpenShift, the authentication goes through the oauth-server which serves as middle-man actor that unifies access to multiple kinds of identity providers, such as LDAP, OIDC providers, providers returning HTTP Basic Authentication challenges, and similar.

    The above differs from vanilla Kubernetes where authentication is dealt directly by the kube-apiserver. This has limitations especially when it comes to being able to login in a uniform manner. On the other hand, kubectl, the binary for accessing Kubernetes APIs, has evolved through the years to simplify the login process to Kubernetes clusters, and communities built useful toolings around the binary.

  • 994: (5/5) authentication: auth: add enhancement about pinning SCCs to pods (stlaz)

    do-not-merge/work-in-progress

    Many of the core workloads often rely on running with a specific Security Context Constraint (SCC). However, it ever so often happens that a customer brings an SCC of their own or a 3rd party product. Since SCCs are a complex construct, such a custom SCC often happens to be misshapen and certain fields may cause workloads to break if they depend on SCC defaulting their security contexts.

  • 995: (24/24) machine-api: Add enhancement for AWS Placement Groups in Machine API (JoelSpeed)

    This enhancement describes the process of integrating AWS Placement Groups into the OpenShift Machine API.

    Placement Groups allow users to define how groups of Machines should be placed within the Availability Zone. For example, they can clustered together within the same network spine, or separated for redundancy.

  • 996: (38/38) single-node: Enhancement for enabling single-node-openshift day2 workers expansion (omertuc)

    This enhancemnet aims to enable adding workers to a single-node cluster by dealing with a "floating ingress" issue encountered "none"-platform single control-plane node clusters which have worker nodes added to them. It does so by adjusting the installer to pin the default IngressController to the master pool when installing single-node "none"-platform clusters.

Other Active Changes

<PR ID>: (activity this week / total activity) summary

There were 13 Other Active pull requests:

  • 989: (115/145) machine-api: [OCPCLOUD-1373] Add AWS EFA Networking enhancement (JoelSpeed)
  • 990: (100/159) windows-containers: Windows Health Management enhancement (sebsoto)
  • 924: (47/214) oc: CLI Manager (deejross)
  • 922: (29/439) installer: Allow installer to include/exclude capabilities based on user selections (bparees)
  • 937: (24/127) monitoring: support configuration of alerting notifications by application owners (simonpasquier)
  • 736: (16/208) installer: Add enhancement - IBM Cloud provider for Power Virtual Server platform (jaypoulz)
  • 980: (10/63) authentication: enhancements/authentication: detect invalid certificates (s-urbaniak)
  • 971: (4/113) insights: Insights Operator pulling and updating pull-secret (transferring uncl… (tremes)
  • 981: (4/103) general: Added proposal for HyperShift monitoring. (bwplotka)
  • 929: (2/176) api-review: [OCPNODE-747] New CRD ImageSourceDigestPolicy and ImageSourceTagPolicy to support AllowMirrByTags (QiWang19)
  • 987: (2/4) dns: Add the DNS-over-TLS enhancement intial draft (brandisher)
  • 918: (2/79) installer: vsphere: add multiple datacenter and clusters (jcpowermac)
  • 811: (2/69) network: Enhancement proposal for OVN secondary networks (maiqueb)

Other Closed Changes

<PR ID>: (activity this week / total activity) summary

There were 4 Other Closed pull requests:

  • 722: (3/23) multi-arch: Add "Build OKD for ppc64le" proposal (mjturek)
  • 725: (3/49) distributed-tracing: Allow/Expose options to enable distributed tracing in components as features are added upstream (sallyom)
  • 912: (2/28) installer: Enhancement proposal for OpenShift IPI on Nutanix AOS with AHV (vnephologist)
  • 972: (1/3) general: Upstream Repository Resync EP (josefkarasek)

Idle (no comments for at least 21 days) Changes

<PR ID>: (activity this week / total activity) summary

There were 11 Idle (no comments for at least 21 days) pull requests:

  • 745: (0/129) security: Security Profiles Operator integration in OpenShift (JAORMX)
  • 931: (0/65) dns: NE-367: Add logLevel and operatorLogLevel APIs for DNS (miheer)
  • 943: (0/29) etcd: [OCPCLOUD-1244] Add proposal for etcd protection mechanism during control plane scaling (JoelSpeed)
  • 952: (0/22) ingress: NE-585 Expose HealthCheck Interval (candita)
  • 955: (0/116) authentication: Enhancement for OAuth2 Authorization Grant Login for oc (arjunrn)
  • 977: (0/15) worker-latency-profile: Add WorkerLatencyProfile enhancement (harche)
  • 986: (0/2) windows-containers: WIP WINC-712: Windows CSI Storage Enablement (alinaryan)

Idle (no comments for at least 21 days) Pull Requests Modifying Existing Documents

  • 964: (0/3) dev-guide: Host port registry: Add metrics ports for OVN-K (martinkennelly)
  • 978: (0/20) general: CONVENTIONS: additional HA considerations regarding storage (jan--f)
  • 985: (0/2) dev-guide: Host port registry: Add host port for SDN controller metrics (martinkennelly)
  • 988: (0/4) general: CONVENTIONS: Update CPU query sum_irate (wking)

Other lifecycle/stale or lifecycle/rotten Changes

<PR ID>: (activity this week / total activity) summary

There were 5 Other lifecycle/stale or lifecycle/rotten pull requests:

  • 343: (5/55) authentication: cluster-wide oauth-proxy settings (deads2k)
  • 812: (2/54) node: Add proposal about Node Operator (saschagrunert)
  • 913: (9/147) machine-api: Add cluster-api integration enhancement (alexander-demichev)
  • 958: (1/95) monitoring: enhancements/monitoring: User-defined alerting rules proposal (bison)

Other lifecycle/stale or lifecycle/rotten Pull Requests Modifying Existing Documents

  • 919: (2/20) cluster-logging: Multi-Container-Structured-Logging (alanconway)