enhancements
enhancements copied to clipboard
kubernetes
Support for Windows privileged containers
Enhancement Description
-
One-line enhancement description (can be used as a release note): Windows privileged container support and host networking support.
-
Kubernetes Enhancement Proposal: 1981-windows-privileged-containers
-
Primary contact (assignee): @marosset
-
Responsible SIGs: sig-windows, sig-node
-
Enhancement target (which target equals to which milestone):
- Alpha release (1.22)
- Beta release (1.23)
- Stable release (target 1.26)
-
[x] Alpha
- [x] KEP (
k/enhancements) update PR(s):- [x] https://github.com/kubernetes/enhancements/pull/2037 Initial KEP PR
- [x] https://github.com/kubernetes/enhancements/pull/2288 KEP updates to reach implementable state
- [x] https://github.com/kubernetes/enhancements/pull/2659 Updating milestones for v1.22 alpha release
- [x] Code (
k/k) update PR(s):- [x] https://github.com/kubernetes/kubernetes/pull/99576
- [x] https://github.com/kubernetes/kubernetes/pull/103434
- [x] Docs (
k/website) update PR(s):- [x] https://github.com/kubernetes/website/pull/28413
- [x] KEP (
-
[x] Beta
- [x] KEP (
k/enhancements) update PR(s):- [x] https://github.com/kubernetes/enhancements/pull/2865
- [x] https://github.com/kubernetes/enhancements/pull/3311
- [x] Code (
k/k) update PR(s):- [x] https://github.com/containerd/containerd/pull/5131
- [x] https://github.com/kubernetes/kubernetes/pull/105465
- [x] https://github.com/kubernetes/kubernetes/pull/105406
- [x] https://github.com/kubernetes/kubernetes/pull/106058
- [x] https://github.com/kubernetes/kubernetes/pull/105201
- [x] https://github.com/kubernetes/kubernetes/pull/105748
- [x] https://github.com/kubernetes/kubernetes/pull/105996
- [x] Docs (
k/website) update PR(s):- [x] https://github.com/kubernetes/website/pull/30391
- [x] KEP (
-
[ ] Stable
- [ ] KEP (
k/enhancements) update PR(s):- [ ] https://github.com/kubernetes/enhancements/pull/3540
- [ ] Code (
k/k) update PR(s): - [ ] Docs (
k/website) update(s):
- [ ] KEP (
@ambguo: You must be a member of the kubernetes/milestone-maintainers GitHub team to set the milestone. If you believe you should be able to issue the /milestone command, please contact your and have them propose you as an additional delegate for this responsibility.
In response to this:
/stage alpha /milestone v1.20
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.
@immuzz: You must be a member of the kubernetes/milestone-maintainers GitHub team to set the milestone. If you believe you should be able to issue the /milestone command, please contact your and have them propose you as an additional delegate for this responsibility.
In response to this:
/stage alpha /milestone v1.20
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.
Hi all,
Enhancements Lead here. Will just update the milestone for you :smile:
Best, Kirsten
Just as a note when you convert your KEP don't forget to also include the kep.yaml
Both templates that you will need can be found here: https://github.com/kubernetes/enhancements/tree/master/keps/NNNN-kep-template
Please also update the description when you make the PR and please link any other PRs so that this enhancement can be tracked to the milestone.
Hope that helps.
Best, Kirsten
Hi @ambguo,
Enhancement shadow for 1.20 release here 👋.
Just wanted to check if you had a chance to convert KEP according to the template posted above (https://github.com/kubernetes/enhancements/tree/master/keps/NNNN-kep-template).
Please note that the Enhancement freeze deadline for KEPs to be included in 1.20 milestone is Tuesday, October 6.
Your proposal looks great 😄, could you please include the following when you make the KEP PR:
- Add test plans
- Update graduation criteria (you've already mentioned those, but if you could update/confirm it for 1.20, that'd be great!)
- Update state to implementable
Thank you!
Thank you @ambguo for actively working on the KEP PR!
Here's the status update based on the freeze requirements:
| Requirement | Status | Comments |
|---|---|---|
| Test Plan | ❗ | missing test plans for alpha |
| Graduation Criteria | ❗ | confirm milestone to 1.20 for alpha here. Beta's set to 1.20+. |
| Implementable State | ❗ | add KEP yaml with state implementable as mentioned here. If you're looking for an example, hopefully this recently merged sig node kep yaml gives you an idea. |
| Merged | ❗ |
Just a friendly reminder that we'd need all of them with ✅ status to be included in 1.20 milestone by Enhancement Freeze deadline Tuesday, October 6.
Ping me anytime on slack (kinarashah) or here if you have any questions 😄.
Thank you!!
@kinarashah: You must be a member of the kubernetes/milestone-maintainers GitHub team to set the milestone. If you believe you should be able to issue the /milestone command, please contact your and have them propose you as an additional delegate for this responsibility.
In response to this:
/milestone v1.21
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.
Spoke with @marosset and @ambguo, this will be tracked alpha for 1.21 milestone and KEP PR would be merged in provisional status for now.
@marosset i thought we are doing privileged containers as alpha for v1.20, not 1.21
@michmike from our discussion on Tuesday, we are looking into ways to address the pod networking issues mentioned. We are still investigating ways to address the challenges, so will not be able to pursue the alpha release in 1.20 since APIs may require changes depending on the solution.
@ambguo can you please update the description on this issue to point to the KEP, rather than the draft in Gdocs?
This pull request adds the required functionality to start Windows privileged containers / Job object containers to hcsshim https://github.com/microsoft/hcsshim/pull/903
Hey @marosset , 1.21 Enhancements Shadow here! Please ensure the following are completed prior to the Code Freeze on Tuesday, Feb 9th:
- KEP.yaml status must be updated to implementable
- Test plan need to be completed (currently populated with a placeholder)
- The Feature Enablement and Rollback section needs to be completed under the Production Readiness Review Questionnaire
- Once the KEP is ready to move to implementable and the PRR is completed, request PRR approval
There are a few 1.20 references that I believe can be updated to reflect the shift to targeting 1.21 for alpha (i.e. latest-milestone in kep.yaml, alpha graduation criteria) In order to avoid filing an exception, the following changes need to be merged by EOD on Feb 9th.
If you have any questions please feel free to reach out here or via slack!
Thank you!
Hi @marosset, 1.21 Enhancements Lead here
Enhancements Freeze is 2 days away, Feb 9th EOD PST
Enhancements team is aware that KEP update is currently in progress (PR https://github.com/kubernetes/enhancements/pull/2288). Please make sure PR merges before the freeze. For PRR related questions or to boost the PR for PRR review, please reach out in slack #prod-readiness
Any enhancements that do not complete the following requirements by the freeze will require an exception.
- [IN PROGRESS] The KEP must be merged in an implementable state
- [IN PROGRESS] The KEP must have test plans
- [DONE] ~The KEP must have graduation criteria~
- [IN PROGRESS] The KEP must have a production readiness review
@annajung is the test plan outlined in updated added PR #2288 sufficient here?
Yes, once the PR merges in, it will meet all requirements needed for the enhancements freeze.
Yes, once the PR merges in, it will meet all requirements needed for the enhancements freeze.
Thanks for confirming!
Hi @marosset,
Enhancements Freeze is now in effect.
Unfortunately, your KEP needed to be updated and the PR has not yet merged. If you wish to be included in the 1.21 Release, please submit an Exception Request as soon as possible.
/milestone clear
@jayunit100 yes, see https://groups.google.com/g/kubernetes-sig-windows/c/eY4cuTsOEa4?pli=1
@mvortizr: You must be a member of the kubernetes/milestone-maintainers GitHub team to set the milestone. If you believe you should be able to issue the /milestone command, please contact your and have them propose you as an additional delegate for this responsibility.
In response to this:
/milestone v1.21
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.