-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Pid Limiting #757
Comments
/sig node |
/assign @dashpole @dchen1107 |
/kind feature |
Hello @derekwaynecarr, 1.14 enhancement shadow here. Code Freeze is March 7th and all PRs must be merged by then to your issue to make the 1.14 release. What open K/K PRs do you still have that need to merge? Thanks |
Hey @derekwaynecarr. Just a friendly reminder we're looking for a PR against k/website (branch dev-1.14) due by Friday, March 1. It would be great if it's the start of the full documentation, but even a placeholder PR is acceptable. Let me know if you have any questions! |
kubernetes/kubernetes#73651 implements node-to-pid isolation for 1.14. |
kubernetes/website#12932 is a placeholder. |
Above PR is complete and waiting for review/approval. |
kubernetes/website#13006 as well |
Hello @derekwaynecarr, I'm the Enhancement Lead for 1.15. Is this feature going to be graduating alpha/beta/stable stages in 1.15? Please let me know so it can be tracked properly and added to the spreadsheet. /milestone clear |
we are graduating the node to pod pid isolation to beta for 1.15 per the kep. /milestone 1.15 |
@derekwaynecarr: The provided milestone is not valid for this repository. Milestones in this repository: [ Use In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/milestone v1.15 |
/remove-lifecycle stale |
Hi @derekwaynecarr @RobertKrawitz Enhancements Lead here. Are there any plans for this 1.20? Thanks! |
This is going GA for 1.20 kubernetes/kubernetes#94140 |
/milestone v1.20 |
As per #757 (reference) I also recommend documenting the feature. |
Documentation PR already open: kubernetes/website#23929 |
Hey @derekwaynecarr @RobertKrawitz - 1.20 Enhancements Shadow here 👋 Just a friendly reminder that the |
Hi @derekwaynecarr, Since your Enhancement is scheduled to be in 1.20, please keep in mind the important upcoming dates: As a reminder, please link all of your k/k PR as well as docs PR to this issue so we can track them. Regards, |
Is kubernetes/kubernetes#94140 the only k/k pr required to move this to GA? Is all work done? Code freeze is tomorrow. Thanks |
Confirmed with both Derek and Seth that this is completed. 👍 |
Just a quick check that in the process of promoting this feature to GA, was there any change to the API surface area? Particularly swagger.json? We have a process for detecting new GA API operations, but it currently looks primarily at the generated OpenAPI spec. |
@dims Can I get your check-in on this? It doesn't seem to touch the OpenAPI spec, but if looks non-optional: + SupportPodPidsLimit: {Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // remove in 1.21
+ SupportNodePidsLimit:{Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // remove in 1.21 |
There is no end user api change in the promotion. The feature has been on by default via kubelet Config for multiple releases. |
Thanks @derekwaynecarr ! |
@derekwaynecarr I wonder if the pid limit test should have been promoted to conformance as part of the GA process? It seems to be satisfying all requirements. I understand now there is a validation for the APIs to be conformance tested. I also see conformance tests for things like config maps. I wonder whether graduation criteria in general should include promoting a test to conformance whenever possible. On KEP I see the graduation criteria that doesn't say anything about conformance tests:
The only note on desire to increase coverage of conformance tests I found here:
|
Hi @SergeyKanzhelev @derekwaynecarr, 1.21 Enhancement Lead here. |
This is GA'd. I don't see the reason to keep it open. @annajung can you please fix the link to KEP text in this issue description? |
Great, it's been fixed. |
Enhancement Description
Ability to isolate pid resources pod-to-pod and node-to-pod
Primary contact (assignee): @derekwaynecarr
Responsible SIGs: sig-node
Design proposal link (community repo): KEP Pid Limiting #755
Link to e2e and/or unit tests: https://github.com/kubernetes/kubernetes/blob/master/test/e2e_node/pids_test.go
KEP: https://github.com/kubernetes/enhancements/tree/master/keps/sig-node/757-pid-limiting
Reviewer(s) - @dashpole @sjenning
Approver (likely from SIG/area to which enhancement belongs): @dashpole @dchen1107
Enhancement target (which target equals to which milestone):
Documentation PR: pid limiting documentation website#23929
The text was updated successfully, but these errors were encountered: