forked from kubernetes/enhancements
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add feature page for: Service Credential Distribution for VMs [Beta] (k…
- Loading branch information
Showing
1 changed file
with
225 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,225 @@ | ||
[//]: # (The syntax preceeding this line is a comment marker used to help guide the author in populating this document) | ||
[//]: # (to github. Unlike HTML comments commonly used throughout istio.io documentation, this comment will not be rendered) | ||
[//]: # (by github. Comments must be separated by carriage return preceding and concluding the text and be a single line.) | ||
|
||
[//]: # (This is a living document representing the maturity of a feature. Completion of this template enables Istio work groups) | ||
[//]: # (to collect information on potential new functionality. This template should be completed before users are exposed to) | ||
[//]: # (any new experimental feature. Please complete this template during development.) | ||
|
||
[//]: # (The feature implementation section must be completed before submission of the document.) | ||
|
||
# Feature: | ||
|
||
[//]: # (All information in this section is mandatory.) | ||
|
||
**Feature name:** | ||
|
||
Service Credential Distribution for Virtual Machines | ||
|
||
[//]: # (The name of the feature, e.g. Multiple control planes) | ||
|
||
**Primary lead(s):** | ||
|
||
Limin Wang | ||
|
||
[//]: # (The primary lead or leads responsible for the feature. These individuals serve as a point of contact for the feature.) | ||
|
||
**Short description:** | ||
|
||
Identity and certificate management for VMs in Istio | ||
|
||
[//]: # (A short description of the feature. One or two sentences maximum.) | ||
|
||
|
||
**Design Docs:** | ||
|
||
- [Mesh Expansion: VM Security](https://docs.google.com/document/d/1-612Sgz_skeoX44dw3MU6Z8ONgq1f29wLUI9zggyLec/edit#heading=h.ls9r1x3pxz4v) | ||
- [VM Cert Provisioning](https://docs.google.com/document/d/1lPyIPLYQfjde_DUL3eBIlJqof65LSoDiRqB60xVZESY/edit#heading=h.xw1gqgyqs5b) | ||
- [VM Identity Bootstrapping](https://docs.google.com/document/d/1JndFmMKpWKg0kuRK7GVsNEyu9Z3ha0XFGpI2G0_wrWA/edit#heading=h.gahs6ye2t8n2) | ||
- [Bootstrapping VM Identities using bootstrap tokens](https://docs.google.com/document/d/1Fp-Oe7P4_JU9_c6InQwFgJZgjcy1OIfrrQ-UEQUu5YU/edit#heading=h.xw1gqgyqs5b) | ||
|
||
[//]: # (Design docs for feature) | ||
|
||
|
||
**Relevant Documentation:** | ||
|
||
[//]: # (Links to relevant documentation for feature) | ||
|
||
**RFC:** | ||
|
||
[//]: # (Link to RFC for feature) | ||
|
||
|
||
--- | ||
|
||
## Experimental | ||
|
||
### Requirements: | ||
|
||
[//]: # (All information in this section is mandatory for promotion. Please modify the links in this) | ||
[//]: # (section.) | ||
|
||
- [ ] [User stories](insert_your_link_here) reviewed in a work group meeting. | ||
|
||
[//]: # (User stories are a way to communicate user value. User stories follow the style) | ||
[//]: # (as a [type of user], I want [an action] so that [a benefit/a value]. Istio currently has no user) | ||
[//]: # (story template. Maybe you can make one?) | ||
|
||
[//]: # (User stories must be presented in a work group meeting. They need no approval and are later integrated) | ||
[//]: # (into the RFCs, which do need approval for alpha. You may find value to negotiate within the work group where the) | ||
[//]: # (user stories are presented to help clarify the user stories.) | ||
|
||
- [ ] [RFC Authored] - [create an RFC using template](https://docs.google.com/document/d/1ewJoCcw5-04crH-M0xw4zFxz1cfwVCPnNyW4K3m4Yyc/template/preview). | ||
|
||
[//]: # (An RFC is mandatory to graduate to experimental. The RFC does not have to be reviewed in a work group) | ||
[//]: # (meeting to graduate to experimental.) | ||
|
||
- [ ] [Documentation](insert_your_link_here) for enabling and using the feature. | ||
|
||
[//]: # (The documentation instructions may exist on the developer wiki or the team drive. They may include instructions) | ||
[//]: # (for building running a `istioctl experimental command`, or using the preview profile,) | ||
[//]: # (or any other relevant information.) | ||
|
||
- [ ] [Feedback plan](insert_your_link_here). | ||
|
||
[//]: # (This may include user feedback meetings, discuss.istio.io conversations, GitHub issues, or mailing lists.) | ||
|
||
- [ ] Disabled by default. | ||
|
||
- [ ] No impact on performance when the feature is disabled. | ||
|
||
|
||
[//]: # (Once all other items are completed, features.yaml should be updated to promote the feature) | ||
|
||
- [ ] [features.yaml](https://github.com/istio/enhancements/blob/master/features.yaml) updated for this feature | ||
--- | ||
|
||
## Alpha | ||
|
||
### Requirements: | ||
|
||
**Design** | ||
|
||
- [x] RFC has been approved describing the intention of the feature as well as the user stories behind the feature. | ||
|
||
**Config** | ||
|
||
- [x] Explicit user action is required to enable this feature (e.g. a config field, config resource, or installation action). | ||
|
||
> Link to instructions for enabling | ||
**Docs** | ||
|
||
- [x] Reference docs are published to preliminary.istio.io or the Istio wiki. | ||
- [x] Basic feature docs are published on preliminary.istio.io describing what the feature does, how to use it, and any caveats. | ||
- [x] Release notes entries added as appropriate | ||
- [x] Upgrade notes entries added as appropriate | ||
|
||
**Tests** | ||
|
||
- [x] Automated integration tests cover core use cases with the feature enabled. | ||
- [x] When disabled, the feature does not affect system stability or performance. | ||
|
||
**API** | ||
|
||
- [x] Initial API review. | ||
|
||
**Approvals** | ||
|
||
- [x] The appropriate work group(s) have reviewed and approved promotion of the feature. | ||
- [x] The TOC has reviewed and approved promotion of the feature as part of the | ||
roadmap for a release. | ||
|
||
**Promotion** | ||
|
||
[//]: # (Once all other items are completed, features.yaml should be updated to promote the feature) | ||
|
||
- [x] [features.yaml](https://github.com/istio/enhancements/blob/master/features.yaml) updated for this feature | ||
|
||
--- | ||
|
||
## Beta | ||
|
||
### Requirements: | ||
|
||
**Design** | ||
|
||
- [x] Design doc describing the intention of the feature, how it will be | ||
implemented, and any thoughts on how to test the feature has been approved by | ||
relevant work group leads | ||
- [x] Feature coverage and test plans written and approved. | ||
|
||
**Docs** | ||
|
||
- [x] Documentation on istio.io includes performance expectations; may have caveats. | ||
- [x] Documentation on istio.io includes samples/tutorials. | ||
- [x] Documentation on istio.io includes appropriate glossary entries. | ||
- [x] All new documentation containing user actions includes istio.io tests. | ||
- [x] Release notes have been added. | ||
- [x] Upgrade notes have been added. | ||
|
||
**Tests** | ||
|
||
- [x] Integration tests cover feature edge cases | ||
- [x] End-to-end tests cover samples/tutorials | ||
- [x] Fixed issues have tests to prevent regressions | ||
- [ ] Stability/stress test suite includes coverage for the feature. | ||
|
||
**Performance** | ||
|
||
- [x] Feature coverage and test plans written and approved | ||
- [ ] Tests exist with the feature enabled that can be integrated with our automated performance testing. | ||
|
||
**API** | ||
|
||
- [x] TOC has reviewed the API and determined it to be complete. | ||
|
||
**Tooling** | ||
|
||
- [ ] Any necessary tooling to use/debug the feature has been implemented and is complete. | ||
|
||
**Bugs** | ||
|
||
- [x] Feature has no known major issues. | ||
|
||
**Approvals** | ||
|
||
- [x] The appropriate work group(s) have reviewed and approved promotion of the feature. | ||
- [x] The supportability review panel has reviewed promotion of the feature. | ||
- [x] The TOC has reviewed and approved promotion of the feature as part of the | ||
road map for a release. | ||
|
||
|
||
**Promotion** | ||
|
||
[//]: # (Once all other items are completed, features.yaml should be updated to promote the feature) | ||
|
||
- [x] [features.yaml](https://github.com/istio/enhancements/blob/master/features.yaml) updated for this feature | ||
--- | ||
|
||
## Stable | ||
|
||
### Requirements: | ||
|
||
**Performance** | ||
|
||
- [ ] Latency, throughput, and scalability are quantified and documented on | ||
istio.io. | ||
|
||
**Bugs** | ||
|
||
- [ ] Feature has no known major issues. | ||
|
||
**Approvals** | ||
|
||
- [ ] The appropriate work group(s) have reviewed and approved promotion of the feature. | ||
- [ ] The [supportability review panel](https://docs.google.com/document/d/1w0epyFhhDSf_TwFEfa_lrn1v61mXNJKpEp_kUgp4sSc/edit#) has reviewed the feature in order to find any supportability concerns. | ||
- [ ] The TOC has reviewed and approved promotion of the feature as part of the | ||
roadmap for a release. | ||
|
||
|
||
**Promotion** | ||
|
||
[//]: # (Once all other items are completed, features.yaml should be updated to promote the feature) | ||
|
||
- [ ] [features.yaml](https://github.com/istio/enhancements/blob/master/features.yaml) updated for this feature |