Merge pull request kubernetes#1504 from dhellmann/twie-2023-10-27

openshift-ci[bot] · web-flow · commit 56c322e5d324 · 2023-10-27T13:14:49.000Z
this-week: 2023-10-27
diff --git a/this-week/2023-10-27.md b/this-week/2023-10-27.md
@@ -0,0 +1,130 @@
+# This Week in Enhancements - 2023-10-27
+
+*Updates since 2023-10-20*
+
+
+## Enhancements
+
+### Merged Changes
+
+*&lt;PR ID&gt;: (activity this week / total activity) summary*
+
+There were 4 Merged pull requests:
+
+- [1064](https://github.com/openshift/enhancements/pull/1064): (36/279) network: Add enhancement proposal for SDN live migration (pliurh) ([SDN-2612](https://issues.redhat.com/browse/SDN-2612))
+
+  > Migrating the CNI network provider network of a running cluster from
+  > OpenShift SDN to OVN Kubernetes without service interruption. During the
+  > migration, we will partition the cluster into two sets of nodes controlled by
+  > different network plugins. We will utilize the Hybrid overlay feature of
+  > OVN Kubernetes to connect the networks of the two CNI network plugins. So that
+  > pods on each side can still talk to pods on the other side.
+
+- [1402](https://github.com/openshift/enhancements/pull/1402): (6/483) api-review: [OCPNODE-1639] Add ClusterImagePolicy, ImagePolicy to support signature verification (QiWang19) ([OCPNODE-1628](https://issues.redhat.com/browse/OCPNODE-1628))
+
+  > This enhancement introduces ClusterImagePolicy and ImagePolicy CRDs to independently manage configurations at the cluster and namespace scopes.
+
+- [1483](https://github.com/openshift/enhancements/pull/1483): (5/101) update: Don't require registry during reboot and upgrade (jhernand) ([RFE-4482](https://issues.redhat.com/browse/RFE-4482))
+
+  > Ensure that clusters don't require a registry server to reboot existing nodes or
+  > upgrade when all the required images have already been pulled.
+
+
+#### Merged Pull Requests Modifying Existing Documents
+
+- [1501](https://github.com/openshift/enhancements/pull/1501): (5/5) installer: OTA-1041: Add some warnings about gotchas that have caused issues for teams doing capability implementations (bparees) ([OCPPLAN-7589](https://issues.redhat.com/browse/OCPPLAN-7589))
+
+### New Changes
+
+*&lt;PR ID&gt;: (activity this week / total activity) summary*
+
+There were 4 New pull requests:
+
+- [1500](https://github.com/openshift/enhancements/pull/1500): (2/2) machine-config: Introduce machineconfiguration status enhancement (cdoern) ([MCO-452](https://issues.redhat.com/browse/MCO-452))
+
+  `do-not-merge/work-in-progress`
+
+  > This enhancement describes how MCO component progression should be aggregated into the machineconfiguration operator/v1 object. The goal here is to allow customers and the MCO team to decipher the our processes in a more verbose way, speeding up the debugging process and allowing for better customer engagement.
+
+- [1502](https://github.com/openshift/enhancements/pull/1502): (6/6) security: Create tls-artifacts-registry enhancement (vrutkovs) ([API-1603](https://issues.redhat.com/browse/API-1603))
+
+  > This enhancement describes a single registry to store all produced
+  > TLS artifacts. Both engineering and customers have expressed concern
+  > about a lack of understanding what is the purpose of a particular
+  > certificate or CA bundle, who issued it, and which team is responsible
+  > for its contents and lifecycle. This enhancement describes a registry
+  > to store necessary information about all certificates in the cluster
+  > and sets requirements for TLS artifacts metadata.
+
+- [1503](https://github.com/openshift/enhancements/pull/1503): (2/2) cluster-logging: Add LokiStack tokenized auth proposal (periklis) ([OCPSTRAT-6](https://issues.redhat.com/browse/OCPSTRAT-6)) ([OCPSTRAT-171 (AWS STS)](https://issues.redhat.com/browse/OCPSTRAT-171 (AWS STS))) ([OCPSTRAT-114 (Azure WIF)](https://issues.redhat.com/browse/OCPSTRAT-114 (Azure WIF))) ([OCPSTRAT-922 (GCP WIF)](https://issues.redhat.com/browse/OCPSTRAT-922 (GCP WIF))) ([LOG-4540 (AWS & Azure)](https://issues.redhat.com/browse/LOG-4540 (AWS & Azure))) ([LOG-4754 (GCP)](https://issues.redhat.com/browse/LOG-4754 (GCP)))
+
+  > Many Cloud Providers offer services that allow authentication via short-lived tokens assigned to limited set of privileges. Currently OpenShift supports provisioning tokenized authentication on all major Cloud Providers via the Cloud Credential Operator (CCO), i.e. AWS STS (4.14.0), Azure (4.14.z) and GCP (4.15.0).
+  >
+  > This enhancement seeks to bring a unified integration to configure LokiStack with CCO's capabilities to use tokenized authentication for accessing the respective Cloud Providers' object storage service. This improves the UX for consumers of the Loki Operator and in turn the Red Hat OpenShift Logging product.
+
+
+#### New Pull Requests Modifying Existing Documents
+
+- [1499](https://github.com/openshift/enhancements/pull/1499): (2/2) guidelines: Add specific operating at scale section to the enhancement template (jcaamano)
+
+### Active Changes
+
+*&lt;PR ID&gt;: (activity this week / total activity) summary*
+
+There were 21 Active pull requests:
+
+- [1490](https://github.com/openshift/enhancements/pull/1490): (112/138) machine-config: MCO-811: MachineConfigNode introduction for MCO State Reporting (cdoern) ([MCO-452](https://issues.redhat.com/browse/MCO-452))
+- [1436](https://github.com/openshift/enhancements/pull/1436): (25/216) dns: NE-1325: External DNS Operator support for Shared VPCs (gcs278)
+- [1456](https://github.com/openshift/enhancements/pull/1456): (24/237) network: DNM| WIP: SDN-4035: IPAM for VMs for OVN Kubernetes secondary networks (maiqueb) ([SDN-4035](https://issues.redhat.com/browse/SDN-4035))
+- [1494](https://github.com/openshift/enhancements/pull/1494): (24/28) observability-ui: add observability ui operator proposal (jgbernalp) ([OU-204](https://issues.redhat.com/browse/OU-204))
+- [1482](https://github.com/openshift/enhancements/pull/1482): (21/74) installer: IR-402: Expose the publishing status of the cluster (flavianmissi) ([IR-302](https://issues.redhat.com/browse/IR-302))
+- [1496](https://github.com/openshift/enhancements/pull/1496): (12/55) machine-config: Managing boot images via the MCO (djoshy) ([MCO-589](https://issues.redhat.com/browse/MCO-589))
+- [1485](https://github.com/openshift/enhancements/pull/1485): (10/77) update: ClusterVersion has option to reach local OSUS instance for signature verification (PratikMahajan) ([OTA-916](https://issues.redhat.com/browse/OTA-916))
+- [1468](https://github.com/openshift/enhancements/pull/1468): (8/28) installer: Customer configured DNS for cloud platforms AWS, Azure and GCP (sadasu) ([CORS-1874](https://issues.redhat.com/browse/CORS-1874))
+- [1396](https://github.com/openshift/enhancements/pull/1396): (8/251) node-tuning: CNF-7603: mixed-cpu-node-plugin (Tal-or) ([CNF-7603](https://issues.redhat.com/browse/CNF-7603)) ([1421](https://github.com/openshift/enhancements/pull/1421)) ([mixed-cpu-node-plugin](https://github.com/openshift-kni/mixed-cpu-node-plugin))
+- [1440](https://github.com/openshift/enhancements/pull/1440): (7/103) network: OPNET-268: Configure-ovs Alternative (cybertron)
+- [1481](https://github.com/openshift/enhancements/pull/1481): (7/236) machine-config: Pin and pre-load images (jhernand) ([RFE-4482](https://issues.redhat.com/browse/RFE-4482))
+- [1463](https://github.com/openshift/enhancements/pull/1463): (5/70) network: Mutable dual-stack VIPs (mkowalski) ([OCPSTRAT-178](https://issues.redhat.com/browse/OCPSTRAT-178)) ([OPNET-340](https://issues.redhat.com/browse/OPNET-340)) ([OPNET-80](https://issues.redhat.com/browse/OPNET-80))
+- [1457](https://github.com/openshift/enhancements/pull/1457): (3/82) cluster-scope-secret-volumes: Shared Resources via OpenShift Builds Operator (adambkaplan)
+- [1479](https://github.com/openshift/enhancements/pull/1479): (2/33) cluster-api: Enhancement for installing OpenShift natively via Cluster API (JoelSpeed)
+- [1465](https://github.com/openshift/enhancements/pull/1465): (2/203) machine-api: OCPCLOUD-1578: Add enhancement for converting Machine API resource to Cluster API (JoelSpeed) ([OCPCLOUD-1578](https://issues.redhat.com/browse/OCPCLOUD-1578))
+- [1368](https://github.com/openshift/enhancements/pull/1368): (2/52) machine-config: OCPNODE-1525: Support Evented PLEG in Openshift (sairameshv) ([OCPNODE-1525](https://issues.redhat.com/browse/OCPNODE-1525))
+- [1497](https://github.com/openshift/enhancements/pull/1497): (1/14) cluster-logging: LOG-4606: Initial proposal for Azure Monitor Log integration (vparfonov)
+- [1480](https://github.com/openshift/enhancements/pull/1480): (1/33) kube-apiserver: AUTH-387: kube-apiserver: allow unsupported files sync (stlaz) ([AUTH-387](https://issues.redhat.com/browse/AUTH-387))
+- [1426](https://github.com/openshift/enhancements/pull/1426): (1/179) monitoring: MON-3193: Proposal to switch from prometheus-adapter to metrics-server for implementing resource metric API (slashpai) ([MON-3153](https://issues.redhat.com/browse/MON-3153))
+- [1298](https://github.com/openshift/enhancements/pull/1298): (1/272) monitoring: Metrics collection profiles (JoaoBraveCoding)
+
+#### Active Pull Requests Modifying Existing Documents
+
+- [1487](https://github.com/openshift/enhancements/pull/1487): (10/27) oc: Implementation details for `--all-images` (dharmit)
+
+### Idle (no comments for at least 7 days) Changes
+
+*&lt;PR ID&gt;: (activity this week / total activity) summary*
+
+There were 7 Idle (no comments for at least 7 days) pull requests:
+
+- [1413](https://github.com/openshift/enhancements/pull/1413): (0/23) single-node: Relocatable single node openshift (eranco74) ([MGMT-14516](https://issues.redhat.com/browse/MGMT-14516)) ([OCPBU-608](https://issues.redhat.com/browse/OCPBU-608))
+- [1431](https://github.com/openshift/enhancements/pull/1431): (0/105) ingress: OCPSTRAT-139: Ingress operator dashboard (jotak) ([OCPSTRAT-139](https://issues.redhat.com/browse/OCPSTRAT-139)) ([NETOBSERV-1052](https://issues.redhat.com/browse/NETOBSERV-1052))
+- [1466](https://github.com/openshift/enhancements/pull/1466): (0/4) general: [TRACING-3490] enhancement proposal default observability service (frzifus)
+- [1492](https://github.com/openshift/enhancements/pull/1492): (0/23) update: OTA-1029: Add CVO Log level API (Davoska) ([OTA-1029](https://issues.redhat.com/browse/OTA-1029))
+- [1493](https://github.com/openshift/enhancements/pull/1493): (0/41) authentication: HOSTEDCP-1240: WIP: auth: add an enhancement on a supported direct OIDC config (stlaz) ([HOSTEDCP-1240](https://issues.redhat.com/browse/HOSTEDCP-1240))
+
+#### Idle (no comments for at least 7 days) Pull Requests Modifying Existing Documents
+
+- [1411](https://github.com/openshift/enhancements/pull/1411): (0/29) dev-guide: Add exception to pointer guidance for structs that must be omitted (JoelSpeed)
+- [1446](https://github.com/openshift/enhancements/pull/1446): (0/284) ingress: NE-1366: Revisions for set-delete-http-headers EP (miheer) ([NE-982](https://issues.redhat.com/browse/NE-982)) ([RFE-464](https://issues.redhat.com/browse/RFE-464))
+
+### With lifecycle/stale or lifecycle/rotten Changes
+
+*&lt;PR ID&gt;: (activity this week / total activity) summary*
+
+There were 4 With lifecycle/stale or lifecycle/rotten pull requests:
+
+- [1415](https://github.com/openshift/enhancements/pull/1415): (1/345) ingress: NE-1129: Make ingress operator optional on HyperShift (alebedev87) ([NE-1129](https://issues.redhat.com/browse/NE-1129))
+- [1453](https://github.com/openshift/enhancements/pull/1453): (1/5) network: ovn ns ipsec (yuvalk)
+
+#### With lifecycle/stale or lifecycle/rotten Pull Requests Modifying Existing Documents
+
+- [1449](https://github.com/openshift/enhancements/pull/1449): (1/22) dev-guide: Updating the information about default runlevel (LalatenduMohanty)
+- [1478](https://github.com/openshift/enhancements/pull/1478): (1/4) network: Networking: update EIP multi NIC proposal (martinkennelly) ([SDN-1123](https://issues.redhat.com/browse/SDN-1123))
