# SIG Updates ## SIG-Docs missed this one ## SIG-API-Machinery - CRDs - Admission Webhooks - WG: Apply - Pain points - client-go interface churn - setting up webhooks/aggregated apiservers(certs!) ## SIG-Apps Focusing on application development and developer experience - Helm 2.9 is released - Helm 3 proposal has been merged - come to the intro or deep dive for more information - Application CRD, aggregated components in kubernetes cluster to create high level view - Charter: PR is open with first round of feedback - developer tooling discussions are occuring ## SIG-Architecture Participation in Architecture as a general rule: changes in architecture tend to have a greater impact on all sigs - join us! - Questions: Do we need to include leadership from every company that's involved in kubernetes? How does governance work? etc. - Is membership of the chair determined by sig-architecture? Answer: No. Sig-architecture would discuss whether the way the chair is determined makes sense ## SIG- Auth - pod identity improvements - client-go credential providers - OIDC distributed claim support Policy Audit Logging - RBAC role & binding, PodSecurityPolicy Node Isolation Security Conformance - just starting to think about this - missing from conformance test suite Question: Token request API - for requesting a scoped service account token that can be tied to a specific audience. - unsure of status in 1.11, needs to check Question: Security conformance test and the bug bounty - proposed at SIG-Auth ~3 months ago and at community meeting - CNCF has arranged for funding for the bug bounty program - need to decide who provider will be - release process not streamlined and unable to handle stream of authentication requests ## SIG-Autoscaling - external metrics support - cluster autoscaler improvements What's next in 1.11? - vertical pod autoscaler alpha - metric label selectors - tweaks to HPA v2 ergonomics ## SIG-AWS - Heptio authenticator - making more use of sig-repositories - cross sig concern - virtual kubelet - should be broken into 2 pieces: virtual kubelet -> sig-node ## SIG-Cluster-Lifecycle - provide more transparency on deliverables and execution - Looking to build up the approvers group/leadership What's coming in 1.11 - Kubeadm - Triage and backlog - KEPS for - componentconfig for kubeadm - rethinking self hosting (sentinel) - Initial master join workflow - Phases refactory - ClusterAPI - alpha in 1.11 - new home in the kubernetes-sigs ## SIG-CLI - Moving client side logic to server side - Initiatives: - server-side printing - server-side apply - Making remaining client-side kubectl work with extensions and version skew - OpenAPI schema instead of static go structs - subresources ## SIG-Contributor-Experience - If it's not automated, it better be documented - dev stats talk tomorrow - Achieving a SPOF-less SIG - working to ensure information is dispersed - Growing our contributors - mentoring is time consuming. solutions: group mentoring, one on one hour, mentoring talk tomorrow. - All contributors should have a relatively same and smooth process across repos Subprojects - devStats - mentoring - contributor documentation - and site: one stop shop without documentation all over the repo - and twitter? - community management - events - contributor workflow and documentation ## SIG-IBM-Cloud Less than 10 days old! - currently 20 members - bi-weekly meetings Wednesday @ 14:00EST ## SIG-Instrumentation - Metrics APIs - beta in 1.8 - slowly integrating all Kubernetes parts to be using them, finished integration in 1.10 - E2E ## SIG-Multicluster Cross Sig Issues - ClusterRegistry - sig-apimachinery - implementing as CRD - Auth in Cluster Registry - sig-auth - Multicluster Ingress - sig-networking - kubemci Come to sig deep dive (Thursday @ 11:55) for more info ## SIG-OpenStack - kubernetes/cloud-openstack-provider repository - goal to remove k/k provider code after 1.11 - 3rd party end-to-end testing of the cloud provider - based off upstream minikube e2e testing - building prow integrations to report back to test grid - SIG-<provider> - defining common standards for kubernetes-hosted providers - SIG-Docs - working with SIG docs to define common standards for provider documentation - SIG-Testing - working with SIG-Testing ## SIG ## SIG ## SIG ## SIG ## SIG ## SIG ## SIG