cloud-provider
cloud-provider copied to clipboard
kubernetes
Extracting/Migrating the Credential Provider: KEP + Alpha Implementation
As part of the cloud provider extraction/migration, we should start to look into how the credential provider is going to be extracted so that the kubelet does not rely on cloud SDKs for image pulling credentials. Also to support future credential providers without adding it into the main tree.
Need to work with SIG Auth and propose a KEP to extract/migrate credential providers to move out-of-tree.
related: https://github.com/kubernetes/kubernetes/issues/68810
cc @justinsb @mcrute
@mcrute and I are doodling out some ideas for this, hoping we can have an alpha feature-gated version of this in for v1.15.
cc @liggitt @smarterclayton
Would secret a possible solution for this?
Yes, this is one of the possible solutions we're discussing. KEP is work in progress :)
/milestone v1.15 /priority critical-urgent
cc @dchen1107 @derekwaynecarr
For v1.15, p0: KEP + alpha implementation
@andrewsykim What's your proposal for alpha implementation?
Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
If this issue is safe to close now please do so with /close.
Send feedback to sig-testing, kubernetes/test-infra and/or fejta. /lifecycle stale
Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
If this issue is safe to close now please do so with /close.
Send feedback to sig-testing, kubernetes/test-infra and/or fejta. /lifecycle stale
