kubernetes
/
community
mirror of https://github.com/kubernetes/community.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Convert wg-k8s-infra to sig-k8s-infra (#5928) 

* mv wg-k8s-infra sig-k8s-infra

* sigs.yaml: mv wg-k8s-infra to sig-k8s-infra

* sigs.yaml: update sig-k8s-infra

Specifically:

- update mission statement
- add k8s-infra-dns subproject
- add k8s-infra-groups subproject

* sigs.yaml: ran make

* manual search-replace of wg-k8s-infra

* slack-config: rename wg-k8s-infra channel

* sig-k8s-infra: update charter

Refresh the charter to:

- define in scope binaries, apps, and services
- explicitly spell out areas of collaboration that were previously
  implied
- drop aspirational goals around on-call and vetting that we haven't had
  bandwidth to implement
- drop WG-related governance terms or links
This commit is contained in:
Aaron Crickenberger 2021-09-20 15:52:23 -07:00 committed by GitHub
parent 8a343cbccc
commit 754ccd2e64
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
13 changed files with 359 additions and 249 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
OWNERS_ALIASES
View File

@ -48,6 +48,11 @@ aliases:
- dashpole
- ehashman
- logicalhan
sig-k8s-infra-leads:
- ameukam
- dims
- spiffxp
- thockin
sig-multicluster-leads:
- jeremyot
- pmorie
@ -112,10 +117,6 @@ aliases:
- cantbewong
- cindyxing
- dejanb
wg-k8s-infra-leads:
- ameukam
- dims
- spiffxp
wg-multitenancy-leads:
- srampal
- tashimi

3
communication/slack-config/channels.yaml
View File

@ -418,7 +418,8 @@ channels:
- name: wg-component-standard-mentorship
- name: wg-data-protection
- name: wg-iot-edge
- name: wg-k8s-infra
- name: sig-k8s-infra
id: CCK68P2Q2
- name: wg-lts
archived: true
- name: wg-machine-learning

3
communication/youtube/youtube-guidelines.md
View File

@ -167,7 +167,6 @@ The following SIGs and groups are currently running splain.io:
- [SIG Network](/sig-network/README.md)
- [Steering Committee](/committee-steering/governance/README.md)
- [WG Data Protection](/wg-data-protection/README.md)
- [WG K8s Infra](/wg-k8s-infra/README.md)
The main zoom admin account which holds Meet Our Contributors and others (if
you log in to splain using this account, all of the other accounts will be
@ -227,4 +226,4 @@ detailed information about streaming, see our [Streaming Config]
[Streaming Config]: ./streaming-config.md
[Subprojects]: /governance.md#subprojects
[moderation guidelines]: /communication/moderation.md
[zoom guidelines]:/communication/zoom-guidelines.md
[zoom guidelines]:/communication/zoom-guidelines.md

2
liaisons.md
View File

@ -34,6 +34,7 @@ of SIGs, WGs and UGs.
| [SIG Contributor Experience](sig-contributor-experience/README.md) | Bob Killen (**[@mrbobbytables](https://github.com/mrbobbytables)**) |
| [SIG Docs](sig-docs/README.md) | Jordan Liggitt (**[@liggitt](https://github.com/liggitt)**) |
| [SIG Instrumentation](sig-instrumentation/README.md) | Christoph Blecker (**[@cblecker](https://github.com/cblecker)**) |
| [SIG K8s Infra](sig-k8s-infra/README.md) | Nikhita Raghunath (**[@nikhita](https://github.com/nikhita)**) |
| [SIG Multicluster](sig-multicluster/README.md) | Paris Pittman (**[@parispittman](https://github.com/parispittman)**) |
| [SIG Network](sig-network/README.md) | Derek Carr (**[@derekwaynecarr](https://github.com/derekwaynecarr)**) |
| [SIG Node](sig-node/README.md) | Nikhita Raghunath (**[@nikhita](https://github.com/nikhita)**) |
@ -51,7 +52,6 @@ of SIGs, WGs and UGs.
| [WG Component Standard](wg-component-standard/README.md) | Christoph Blecker (**[@cblecker](https://github.com/cblecker)**) |
| [WG Data Protection](wg-data-protection/README.md) | Paris Pittman (**[@parispittman](https://github.com/parispittman)**) |
| [WG IoT Edge](wg-iot-edge/README.md) | Derek Carr (**[@derekwaynecarr](https://github.com/derekwaynecarr)**) |
| [WG K8s Infra](wg-k8s-infra/README.md) | Nikhita Raghunath (**[@nikhita](https://github.com/nikhita)**) |
| [WG Multitenancy](wg-multitenancy/README.md) | Jordan Liggitt (**[@liggitt](https://github.com/liggitt)**) |
| [WG Naming](wg-naming/README.md) | Bob Killen (**[@mrbobbytables](https://github.com/mrbobbytables)**) |
| [WG Policy](wg-policy/README.md) | Christoph Blecker (**[@cblecker](https://github.com/cblecker)**) |

4
sig-contributor-experience/README.md
View File

@ -114,10 +114,6 @@ Manages and controls Github permissions, repos, and groups, including Org Member
- GitHub Administration Subproject: [Thursdays at 09:30 PT (Pacific Time)](https://zoom.us/j/442435463?pwd=Rk1PWWpSSTJDaWJKdzRYb2EyTlkvZz09) (Monthly on 4th Thursday). [Convert to your timezone](http://www.thetimezoneconverter.com/?t=09:30&tz=PT%20%28Pacific%20Time%29).
- [Meeting notes and Agenda](https://docs.google.com/document/d/1IiVrr1hcFWmbboExk971FsMUGfr2Wp68mdMribCuzLs/edit).
- [Meeting recordings](https://www.youtube.com/playlist?list=PL69nYSiGNLP2x_48wbOPO0vXQgNTm_xxr).
### k8s.io
Creates and maintains shortcuts and automation apps running in the k8s.io domain.
- **Owners:**
- [kubernetes/k8s.io](https://github.com/kubernetes/k8s.io/blob/main/OWNERS)
### mentoring
Oversees and develops programs for helping contributors ascend the contributor ladder, including the New Contributor Workshops, Meet Our Contributors, and other programs.
- **Owners:**

6
wg-k8s-infra/OWNERS → sig-k8s-infra/OWNERS
View File

@ -1,8 +1,8 @@
# See the OWNERS docs at https://go.k8s.io/owners
reviewers:
- wg-k8s-infra-leads
- sig-k8s-infra-leads
approvers:
- wg-k8s-infra-leads
- sig-k8s-infra-leads
labels:
- wg/k8s-infra
- sig/k8s-infra

68
sig-k8s-infra/README.md Normal file
View File

@ -0,0 +1,68 @@
<!---
This is an autogenerated file!
Please do not edit this file directly, but instead make changes to the
sigs.yaml file in the project root.
To understand how this file is generated, see https://git.k8s.io/community/generator/README.md
--->
# K8s Infra Special Interest Group
SIG K8s Infra is interested in the successful migration of ownership and management of all Kubernetes project infrastructure from the google.com GCP Organization (or elsewhere) to the CNCF, such that the Kubernetes project is able to sustainably operate itself without direct assistance from external vendors or entities.
In other words, we seek to eradicate usage of the phrase "oh that's something that only an employee of Vendor X can do, we're blocked until they respond."
The [charter](charter.md) defines the scope and governance of the K8s Infra Special Interest Group.
## Meetings
* Regular SIG Meeting: [Wednesdays at 20:00 UTC](https://zoom.us/j/93109963352?pwd=SHJTcFR2bVg1akYxSDREUWQzaldrQT09) (bi-weekly). [Convert to your timezone](http://www.thetimezoneconverter.com/?t=20:00&tz=UTC).
* [Meeting notes and Agenda](http://bit.ly/sig-k8s-infra-notes).
* [Meeting recordings](http://bit.ly/sig-k8s-infra-playlist).
## Leadership
### Chairs
The Chairs of the SIG run operations and processes governing the SIG.
* Arnaud Meukam (**[@ameukam](https://github.com/ameukam)**), Alter Way
* Davanum Srinivas (**[@dims](https://github.com/dims)**), VMware
### Technical Leads
The Technical Leads of the SIG establish new subprojects, decommission existing
subprojects, and resolve cross-subproject technical issues and decisions.
* Aaron Crickenberger (**[@spiffxp](https://github.com/spiffxp)**), Google
* Tim Hockin (**[@thockin](https://github.com/thockin)**), Google
## Emeritus Leads
* Bart Smykla (**[@bartsmykla](https://github.com/bartsmykla)**)
## Contact
- Slack: [#sig-k8s-infra](https://kubernetes.slack.com/messages/sig-k8s-infra)
- [Mailing list](https://groups.google.com/forum/#!forum/kubernetes-sig-k8s-infra)
- [Open Community Issues/PRs](https://github.com/kubernetes/community/labels/sig%2Fk8s-infra)
- GitHub Teams:
- [@kubernetes/sig-k8s-infra](https://github.com/orgs/kubernetes/teams/sig-k8s-infra) - active contributors in sig-k8s-infra
- [@kubernetes/sig-k8s-infra-leads](https://github.com/orgs/kubernetes/teams/sig-k8s-infra-leads) - sig-k8s-infra chairs and tech leads
- Steering Committee Liaison: Nikhita Raghunath (**[@nikhita](https://github.com/nikhita)**)
## Subprojects
The following [subprojects][subproject-definition] are owned by sig-k8s-infra:
### k8s-infra-dns
Code and configuration to manage DNS records for domains owned by the Kubernetes project such as k8s.io and kubernetes.io
- **Owners:**
- [kubernetes/k8s.io/dns](https://github.com/kubernetes/k8s.io/blob/main/dns/OWNERS)
### k8s-infra-groups
Code and configuration to manage Google Groups for domains owned by the Kubernetes project such kubernetes.io
- **Owners:**
- [kubernetes/k8s.io/groups](https://github.com/kubernetes/k8s.io/blob/main/groups/OWNERS)
### k8s.io
Code and configuration to manage Kubernetes project infrastructure, including various *.k8s.io sites
- **Owners:**
- [kubernetes/k8s.io](https://github.com/kubernetes/k8s.io/blob/main/OWNERS)
[subproject-definition]: https://github.com/kubernetes/community/blob/master/governance.md#subprojects
<!-- BEGIN CUSTOM CONTENT -->
<!-- END CUSTOM CONTENT -->

4
wg-k8s-infra/annual-report-2020.md → sig-k8s-infra/annual-report-2020.md
View File

@ -168,7 +168,7 @@ What remains (TODO: we need to update our issues to reflect this)
**Have you produced any artifacts, reports, white papers to date?**
We provide a [publicly viewable billing report](https://datastudio.google.com/u/0/reporting/14UWSuqD5ef9E4LnsCD9uJWTPv8MHOA3e)
accessible to members of kubernetes-wg-k8s-infra@googlegroups.com.
accessible to members of kubernetes-sig-k8s-infra@googlegroups.com.
The project was given $3M/yr for 3 years, and our third year started ~August 2020.
Our spend over the past 28 days has been ~$109K, which works out to ~$1.42M/yr.
A very rough breakdown of the $109k:
@ -179,7 +179,7 @@ A very rough breakdown of the $109k:
**Is everything in your readme accurate? posting meetings on youtube?**
Our community
[readme](https://github.com/kubernetes/community/tree/master/wg-k8s-infra) is
[readme](https://github.com/kubernetes/community/tree/master/sig-k8s-infra) is
accurate if sparse. The
[readme](https://github.com/kubernetes/k8s.io/blob/main/README.md) in k8s.io,
which houses most of the actual infrastructure, is terse and slightly out of

209
sig-k8s-infra/charter.md Normal file
View File

@ -0,0 +1,209 @@
# SIG K8s Infra Charter
This charter adheres to the conventions described in the
[Kubernetes Charter README] and uses the Roles and Organization Management
outlined in [sig-governance].
## Scope
The successful migration of ownership and management of all Kubernetes
project infrastructure from the google.com GCP Organization
(or other IaaS vendor-owned locations) to the CNCF, such that the Kubernetes
project is able to sustainably operate itself without direct assistance from
external vendors or entities.
In other words, we seek to eradicate usage of the phrase "oh that's
something that only an employee of Vendor X can do, we're blocked until
they respond."
### In scope
Within this document, "infrastructure" is used to refer to cloud resources
managed through an "infrastructure as a service" offering. This includes
more than just raw compute, storage, and networking resources, since many
cloud services provide a rich variety of resources for API-driven management.
#### Code, Binaries and Services
Code, data and policies necessary to provision, update, decommission and
otherwise manage all project infrastructure as provisioned through
infrastructure-as-a-service (IaaS) offerings. This includes more than raw
compute, storage, and network resources traditionally bucketed under IaaS,
since many cloud offerings provide a rich variety of resources via API-driven
management. This may also include code and binaries which run on top of the
IaaS offerings to provide services to the Kubernetes project.
Given that this is a broad scope, we prefer (where possible) to delegate
ownership and operation of the code / infrastructure to more directly
responsible SIGs or Committees. This is largely how the SIG operated during
its lifetime as a WG, driving the policies and tooling upon which SIG-owned
infrastructure operates.
Areas of responsibility include:
- Policy definition and enforcement for areas related to project
infrastructure, including:
- What is in-scope/out-of-scope for project infrastructure
- Who should be allowed access to which parts of project infrastructure,
e.g. team definition, vetting criteria, etc.
- How infrastructure should be managed, e.g. naming schemes, acceptable
tooling or practices, on-call or escalation policies, etc.
- Configuration management of all resources and service usage within the
kubernetes.io GCP Organization, including, but not limited to:
- API / Service enablement
- BigQuery datasets
- DNS records, e.g. for k8s.io, kubernetes.io, and other project-owned domains
- GCB usage
- GCP projects, instances, images
- GCR repositories
- GCS buckets
- GKE clusters, e.g. community infra cluster, prow build clusters
- GSM secrets
- Google Groups
- IAM roles, service accounts, and policies
- KMS keys
- Managed Certificates, e.g. for k8s.io, kubernetes.io, and other project-owned
domains
- Reports on infrastructure operation, including:
- Anonymized traffic reports to show which parts of our infrastructure
are seeing the most use
- Auditing reports to show the current configuration of the community's
infrastructure
- Billing reports to show where the community's infrastructure budget is
being spent
In terms of subprojects, this means we own kubernetes/k8s.io and are an
escalation point of last resort for more tightly scoped subprojects that
live within this repo.
#### Cross-cutting and Externally Facing Processes
We prefer (where possible) to delegate ownership, operation and policy
definition to SIGs that are more directly responsible for a given area
of the project. However, we reserve the right to halt infrastructure or
roll back changes if the project as a whole is being negatively impacted.
Some examples for illustrative purposes
##### Access Policies
- We are responsible for ensuring the appropriate members of a SIG have
sufficient permissions to troubleshoot and manage their app or
infrastructure.
- However, we will NOT grant overly broad permissions to an overly broad
group of people. We will collaborate with SIGs to ensure access is
appropriately scoped.
- We WILL ensure the appropriate set of CNCF staff have access to act as
an escalation path of last resort
- We MAY revoke access in the event of a security-related incident
e.g. SIG Release is responsible for who gets what level of access to
infrastructure used by the release-engineering subproject to cut a Kubernetes
release
##### Artifact Hosting
- We are not responsible for promoting into production artifacts that belong
to subprojects owned by other SIGs.
- However, we MAY revert changes that prevent artifact promotion from
functioning.
e.g. SIG Storage is responsible for declaring which CSI-related images should
be promoted to production, SIG Release is responsible for ensuring those
images make it to production, and SIG K8s Infra is responsible for ensuring
that production exists in the first place
##### Community Infra Cluster
- We are responsible for ensuring a community-owned GKE cluster is available
to run apps owned by other SIGs.
- However, we are NOT responsible for ensuring proper functionality of those
apps. That is left to the SIGs.
e.g. SIG Scalability is responsible for ensuring perfdash.k8s.io displays
valid data
##### Project Infrastructure Budget
- We are responsible for enforcing policy on what is considered in-scope and
out-of-scope for project infrastructure (and thus, where we spend our
infrastructure budget)
- Crafting such policy is done in collaboration with the Steering Committee
(owns project spending) and SIG Architecture (owns Kubernetes definition)
- We MAY delete or scope down infrastructure in the event of unexpected or
undue spend
e.g. SIG K8s Infra will deny requests to host artifacts for projects that are
formerly part of or adjacent to the Kubernetes project (e.g. helm, cri-o)
##### Public Names
- We are responsible for enforcing policy on what is considered appropriate
or inappropriate for the names of public-facing entities such as DNS
records and Google Group names
- Crafting such policy is done in collaboration with the Steering Committee,
SIG Architecture, and SIG Contributor Experience
e.g. Group names that are used to communicate upon behalf of the project such
as `contributors@kubernetes.io` are vetted by SIG Contributor Experience,
group names that are used for RBAC or IAM bindings are vetted by SIG K8s Infra.
##### Secrets and Credentials
- We are responsible for ensuring secure storage and retrieval of secrets
such as passwords, tokens, keys, etc.
- However, we are NOT responsible for ensuring the value of those secrets
is valid.
- We MAY delete or deactivate secrets in the event of a security-related
incident
e.g. SIG Contributor Experience is responsible for ensuring valid Slack API
credentials exist for proper functioning of slack-infra
##### Security Response
- Overriding all of the above, we MAY revoke, delete, or deactivate
infrastructure, services or access in the event of a security-related
incident.
- This depends on responsiveness of the owning SIG, and urgency and severity
of the incident being responded to
e.g. SIG K8s Infra may force rotation of prow build cluster credentials if
appropriately credentialed members of SIG Testing are not available
### Out of scope
We are not resonsible for code that runs _on_ project infrastructure, with
the exception of:
- subprojects of this SIG (as listed in [`sigs.yaml`], which is more likely
to be kept up to date than this charter)
- code we share responsibility for (as listed in the [Cross-cutting and
Externally Facing Processes] section)
We are not responsible for the management of nor in the escalation path for
supporting non-IaaS offerings used by the Kubernetes project that are
managed by other subprojects under other SIGs. For example, problems with
GitHub should be routed to SIG Contributor Experience.
We are not responsible for managing infrastructure which has not yet been
migrated to the CNCF. For example, problems with prow.k8s.io should be routed
to SIG Testing.
## Roles and Organization Management
This sig adheres to the Roles and Organization Management outlined in
[sig-governance] and opts-in to updates and modifications to [sig-governance].
We may revise this portion of the charter when it comes time to talk about
providing a level of support and responsiveness that one might reasonably
expect from a globally distributed open source project.
[sig-governance]: https://git.k8s.io/community/committee-steering/governance/sig-governance.md
[Kubernetes Charter README]: https://git.k8s.io/community/committee-steering/governance/README.md
[lazy consensus]: http://en.osswiki.info/concepts/lazy_consensus
[kubernetes-dev@]: https://groups.google.com/forum/#!forum/kubernetes-dev
[sig-k8s-infra@]: https://groups.google.com/forum/#!forum/kubernetes-sig-k8s-infra
[kubernetes/k8s.io]: https://git.k8s.io/k8s.io
[`sigs.yaml`]: https://git.k8s.io/community/sigs.yaml

2
sig-list.md
View File

@ -43,6 +43,7 @@ When the need arises, a [new SIG can be created](sig-wg-lifecycle.md)
|[Contributor Experience](sig-contributor-experience/README.md)|contributor-experience|* [Alison Dowdney](https://github.com/alisondy), Weaveworks<br>* [Bob Killen](https://github.com/mrbobbytables), Google<br>|* [Slack](https://kubernetes.slack.com/messages/sig-contribex)<br>* [Mailing List](https://groups.google.com/forum/#!forum/kubernetes-sig-contribex)|* Regular SIG Meeting: [Wednesdays at 9:00 PT (Pacific Time) (biweekly)](https://zoom.us/j/397264241?pwd=bHNnZVArNFdPaWVJMmttdko0Sktudz09)<br>* (community-management) APAC Coordinator Meeting: [Thursdays at 5:00 UTC (biweekly)](https://zoom.us/j/144440337?pwd=VEVBejdPYkE2MGdUSDZZZnVlNFdrdz09)<br>* (contributor-comms) Contributor Comms - Upstream Marketing Team Meeting: [Fridays at 8:00 PT (Pacific Time) (weekly)](https://zoom.us/j/596959769?pwd=TURBNlZPb3BEWVFmbWlCYXlMVVJiUT09)<br>* (events) Office Hours European Edition (Open Q&A for end-user kubernetes related questions): [Wednesdays at 09:00 ET (Eastern Time) (monthly on 3rd Wednesday)](https://hackmd.io/@k8s/office-hours)<br>* (events) Office Hours Western Edition (Open Q&A for end-user kubernetes related questions): [Wednesdays at 12:00 ET (Eastern Time) (monthly on 3rd Wednesday)]()<br>* (github-management) GitHub Administration Subproject: [Thursdays at 09:30 PT (Pacific Time) (Monthly on 4th Thursday)](https://zoom.us/j/442435463?pwd=Rk1PWWpSSTJDaWJKdzRYb2EyTlkvZz09)<br>* (mentoring) Mentoring Subproject Meeting: [Mondays at 08:00 PT (Biweekly)](https://zoom.us/j/95894431386?pwd=RFdmQzlZeVZDVWJzcFVXZXR5djNwUT09)<br>
|[Docs](sig-docs/README.md)|docs|* [Jim Angel](https://github.com/jimangel), Google<br>|* [Slack](https://kubernetes.slack.com/messages/sig-docs)<br>* [Mailing List](https://groups.google.com/forum/#!forum/kubernetes-sig-docs)|* APAC SIG Meeting: [Wednesdays at 01:00 UTC (monthly - Wednesday, after the fourth Tuesday, every month)](https://docs.google.com/document/d/1ddHwLK3kUMX1wVFIwlksjTk0MsqitBnWPe1LRa1Rx5A/edit)<br>* Korean Team Meeting: [Thursdays at 13:00 UTC (biweekly)](https://docs.google.com/document/d/1h5sMhBpPB5unJmBAS7KzDiPs-_eFQOu5o4UyHwMtFCA/edit)<br>* Localization Subgroup Meeting: [Mondays at 15:00 UTC (monthly)](https://docs.google.com/document/d/1NwO1AN8Ea2zlK8uAdaDAKf1-LZDAFvSewIfrKqfl5No/)<br>* Regular SIG Meeting: [Tuesdays at 17:30 UTC (weekly - except fourth Tuesday every month)](https://docs.google.com/document/d/1ddHwLK3kUMX1wVFIwlksjTk0MsqitBnWPe1LRa1Rx5A/edit)<br>* Spanish Team Meeting: [Tuesdays at 15:30 UTC (weekly)](https://zoom.us/j/95918289494?pwd=Wk9Oa0xZUkFXSDV5OTFoZEZsTURCZz09)<br>
|[Instrumentation](sig-instrumentation/README.md)|instrumentation|* [Elana Hashman](https://github.com/ehashman), Red Hat<br>* [Han Kang](https://github.com/logicalhan), Google<br>|* [Slack](https://kubernetes.slack.com/messages/sig-instrumentation)<br>* [Mailing List](https://groups.google.com/forum/#!forum/kubernetes-sig-instrumentation)|* Regular SIG Meeting: [Thursdays at 9:30 PT (Pacific Time) (biweekly)](https://zoom.us/j/5342565819?pwd=RlVsK21NVnR1dmE3SWZQSXhveHZPdz09)<br>* Regular Triage Meeting: [Thursdays at 9:30 PT (Pacific Time) (biweekly - alternating with regular meeting)](https://zoom.us/j/5342565819?pwd=RlVsK21NVnR1dmE3SWZQSXhveHZPdz09)<br>
|[K8s Infra](sig-k8s-infra/README.md)|k8s-infra|* [Arnaud Meukam](https://github.com/ameukam), Alter Way<br>* [Davanum Srinivas](https://github.com/dims), VMware<br>|* [Slack](https://kubernetes.slack.com/messages/sig-k8s-infra)<br>* [Mailing List](https://groups.google.com/forum/#!forum/kubernetes-sig-k8s-infra)|* Regular SIG Meeting: [Wednesdays at 20:00 UTC (bi-weekly)](https://zoom.us/j/93109963352?pwd=SHJTcFR2bVg1akYxSDREUWQzaldrQT09)<br>
|[Multicluster](sig-multicluster/README.md)|multicluster|* [Jeremy Olmsted-Thompson](https://github.com/jeremyot), Google<br>* [Paul Morie](https://github.com/pmorie), Red Hat<br>|* [Slack](https://kubernetes.slack.com/messages/sig-multicluster)<br>* [Mailing List](https://groups.google.com/forum/#!forum/kubernetes-sig-multicluster)|* Regular SIG Meeting: [Tuesdays at 9:30 PT (Pacific Time) (weekly)](https://zoom.us/my/k8s.mc)<br>
|[Network](sig-network/README.md)|network|* [Casey Davenport](https://github.com/caseydavenport), Tigera<br>* [Dan Williams](https://github.com/dcbw), Red Hat<br>* [Tim Hockin](https://github.com/thockin), Google<br>|* [Slack](https://kubernetes.slack.com/messages/sig-network)<br>* [Mailing List](https://groups.google.com/forum/#!forum/kubernetes-sig-network)|* Gateway API Meeting (APAC Friendly): [Mondays at 15:00 PT (Pacific Time) (biweekly)](https://zoom.us/j/441530404)<br>* Gateway API Meeting (EMEA Friendly): [Tuesdays at 10:00 PT (Pacific Time) (biweekly)](https://zoom.us/j/441530404)<br>* Network Policy API Meeting: [Mondays at 13:00 PT (Pacific Time) (weekly)](https://zoom.us/j/96264742248)<br>* SIG Network Ingress NGINX Meeting: [Tuesdays at 9:00 PT (Pacific Time) (biweekly)](https://zoom.us/j/98377891310)<br>* SIG Network Kube Proxy Meeting: [Fridays at 8:30 PT (Pacific Time) (weekly)](https://docs.google.com/document/d/1yW3AUp5rYDLYCAtZc6e4zeLbP5HPLXdvuEFeVESOTic/edit)<br>* SIG Network Meeting: [Thursdays at 14:00 PT (Pacific Time) (biweekly)](https://zoom.us/j/361123509)<br>
|[Node](sig-node/README.md)|node|* [Dawn Chen](https://github.com/dchen1107), Google<br>* [Derek Carr](https://github.com/derekwaynecarr), Red Hat<br>|* [Slack](https://kubernetes.slack.com/messages/sig-node)<br>* [Mailing List](https://groups.google.com/forum/#!forum/kubernetes-sig-node)|* Main SIG Meeting: [Tuesdays at 10:00 PT (Pacific Time) (weekly)](https://zoom.us/j/4799874685)<br>* Monthly Alternate Time CI/Triage Meeting: [second Thursdays at 08:00 PT (Pacific Time) (monthly)](https://zoom.us/j/4799874685)<br>* Weekly CI/Triage Meeting: [Wednesdays at 10:00 PT (Pacific Time) (weekly - excluding 2nd week of the month)](https://zoom.us/j/4799874685)<br>
@ -65,7 +66,6 @@ When the need arises, a [new SIG can be created](sig-wg-lifecycle.md)
|[Component Standard](wg-component-standard/README.md)|* API Machinery<br>* Architecture<br>* Cluster Lifecycle<br>|* [Michael Taufen](https://github.com/mtaufen), Google<br>* [Leigh Capili](https://github.com/stealthybox), Weaveworks<br>|* [Slack](https://kubernetes.slack.com/messages/wg-component-standard)<br>* [Mailing List](https://groups.google.com/forum/#!forum/kubernetes-wg-component-standard)|* Regular WG Meeting (please join kubernetes-dev@googlegroups.com or kubernetes-wg-component-standard@googlegroups.com to access the notes): [Tuesdays at 08:30 PT (Pacific Time) (weekly)](https://zoom.us/j/8027741546)<br>* Weekly Mentorship Office Hours - Come ask questions and get help: [Tuesdays at 10:00 PT (Pacific Time) (weekly)](https://zoom.us/j/8027741546)<br>
|[Data Protection](wg-data-protection/README.md)|* Apps<br>* Storage<br>|* [Xing Yang](https://github.com/xing-yang), VMware<br>* [Xiangqian Yu](https://github.com/yuxiangqian), Google<br>|* [Slack](https://kubernetes.slack.com/messages/wg-data-protection)<br>* [Mailing List](https://groups.google.com/forum/#!forum/kubernetes-data-protection)|* Regular WG Meeting: [Wednesdays at 9:00 PT (Pacific Time) (bi-weekly)](https://zoom.us/j/6933410772)<br>
|[IoT Edge](wg-iot-edge/README.md)|* Multicluster<br>* Network<br>|* [Steve Wong](https://github.com/cantbewong), VMware<br>* [Cindy Xing](https://github.com/cindyxing), Microsoft<br>* [Dejan Bosanac](https://github.com/dejanb), Red Hat<br>|* [Slack](https://kubernetes.slack.com/messages/wg-iot-edge)<br>* [Mailing List](https://groups.google.com/forum/#!forum/kubernetes-wg-iot-edge)|* APAC WG Meeting: [Wednesdays at 5:00 UTC (every four weeks)](https://zoom.us/j/91251176046?pwd=cmdqclovM3R3eDB1VlpuL1ZGU1hnZz09)<br>* Regular WG Meeting (Pacific Time): [Wednesdays at 09:00 PT (every four weeks)](https://zoom.us/j/92778512626?pwd=MXhlemwvYnhkQmkxeXllQ0Z5VGs4Zz09)<br>
|[K8s Infra](wg-k8s-infra/README.md)|* Architecture<br>* Contributor Experience<br>* Release<br>* Testing<br>|* [Arnaud Meukam](https://github.com/ameukam), Alter Way<br>* [Davanum Srinivas](https://github.com/dims), VMware<br>* [Aaron Crickenberger](https://github.com/spiffxp), Google<br>|* [Slack](https://kubernetes.slack.com/messages/wg-k8s-infra)<br>* [Mailing List](https://groups.google.com/forum/#!forum/kubernetes-wg-k8s-infra)|* Regular WG Meeting: [Wednesdays at 20:00 UTC (bi-weekly)](https://zoom.us/j/93109963352?pwd=SHJTcFR2bVg1akYxSDREUWQzaldrQT09)<br>
|[Multitenancy](wg-multitenancy/README.md)|* API Machinery<br>* Auth<br>* Network<br>* Node<br>* Scheduling<br>* Storage<br>|* [Sanjeev Rampal](https://github.com/srampal), Cisco<br>* [Tasha Drew](https://github.com/tashimi), VMware<br>|* [Slack](https://kubernetes.slack.com/messages/wg-multitenancy)<br>* [Mailing List](https://groups.google.com/forum/#!forum/kubernetes-wg-multitenancy)|* Regular WG Meeting: [Tuesdays at 11:00 PT (Pacific Time) (biweekly)](https://zoom.us/my/k8s.sig.auth)<br>
|[Naming](wg-naming/README.md)|* Architecture<br>* Contributor Experience<br>* Docs<br>|* [Celeste Horgan](https://github.com/celestehorgan), CNCF<br>* [Jaice Singer DuMars](https://github.com/jdumars), Apple<br>* [Stephen Augustus](https://github.com/justaugustus), Cisco<br>|* [Slack](https://kubernetes.slack.com/messages/wg-naming)<br>* [Mailing List](https://groups.google.com/forum/#!forum/kubernetes-wg-naming)|* Regular WG Meeting: [Mondays at 10:30 PT (Pacific Time) (monthly - second Monday of month)](https://zoom.us/j/91522666403?pwd=WnRSNlNhNXhDWkR2ZU9ydGpsNWxtZz09)<br>
|[Policy](wg-policy/README.md)|* Architecture<br>* Auth<br>* Multicluster<br>* Network<br>* Node<br>* Scheduling<br>* Storage<br>|* [Jim Bugwadia](https://github.com/JimBugwadia), Kyverno/Nirmata<br>* [Robert Ficcaglia](https://github.com/rficcaglia), SunStone<br>|* [Slack](https://kubernetes.slack.com/messages/wg-policy)<br>* [Mailing List](https://groups.google.com/forum/#!forum/kubernetes-wg-policy)|* Regular WG Meeting: [Wednesdays at 8:00 PT (Pacific Time) (semimonthly)](https://zoom.us/j/7375677271)<br>

121
sigs.yaml
View File

@ -1306,11 +1306,6 @@ sigs:
url: https://zoom.us/j/442435463?pwd=Rk1PWWpSSTJDaWJKdzRYb2EyTlkvZz09
archive_url: https://docs.google.com/document/d/1IiVrr1hcFWmbboExk971FsMUGfr2Wp68mdMribCuzLs/edit
recordings_url: https://www.youtube.com/playlist?list=PL69nYSiGNLP2x_48wbOPO0vXQgNTm_xxr
- name: k8s.io
description: Creates and maintains shortcuts and automation apps running in the
k8s.io domain.
owners:
- https://raw.githubusercontent.com/kubernetes/k8s.io/main/OWNERS
- name: mentoring
description: Oversees and develops programs for helping contributors ascend the
contributor ladder, including the New Contributor Workshops, Meet Our Contributors,
@ -1554,6 +1549,73 @@ sigs:
- name: structured-logging
owners:
- https://raw.githubusercontent.com/kubernetes/kubernetes/master/staging/src/k8s.io/component-base/logs/OWNERS
- dir: sig-k8s-infra
name: K8s Infra
mission_statement: >
SIG K8s Infra is interested in the successful migration of ownership and management
of all Kubernetes project infrastructure from the google.com GCP Organization
(or elsewhere) to the CNCF, such that the Kubernetes project is able to sustainably
operate itself without direct assistance from external vendors or entities.
In other words, we seek to eradicate usage of the phrase "oh that's something
that only an employee of Vendor X can do, we're blocked until they respond."
charter_link: charter.md
label: k8s-infra
leadership:
chairs:
- github: ameukam
name: Arnaud Meukam
company: Alter Way
- github: dims
name: Davanum Srinivas
company: VMware
tech_leads:
- github: spiffxp
name: Aaron Crickenberger
company: Google
- github: thockin
name: Tim Hockin
company: Google
emeritus_leads:
- github: bartsmykla
name: Bart Smykla
meetings:
- description: Regular SIG Meeting
day: Wednesday
time: "20:00"
tz: UTC
frequency: bi-weekly
url: https://zoom.us/j/93109963352?pwd=SHJTcFR2bVg1akYxSDREUWQzaldrQT09
archive_url: http://bit.ly/sig-k8s-infra-notes
recordings_url: http://bit.ly/sig-k8s-infra-playlist
contact:
slack: sig-k8s-infra
mailing_list: https://groups.google.com/forum/#!forum/kubernetes-sig-k8s-infra
teams:
- name: sig-k8s-infra
description: active contributors in sig-k8s-infra
- name: sig-k8s-infra-leads
description: sig-k8s-infra chairs and tech leads
liaison:
github: nikhita
name: Nikhita Raghunath
subprojects:
- name: k8s-infra-dns
description: Code and configuration to manage DNS records for domains owned by
the Kubernetes project such as k8s.io and kubernetes.io
owners:
- https://raw.githubusercontent.com/kubernetes/k8s.io/main/dns/OWNERS
- name: k8s-infra-groups
description: Code and configuration to manage Google Groups for domains owned
by the Kubernetes project such kubernetes.io
owners:
- https://raw.githubusercontent.com/kubernetes/k8s.io/main/groups/OWNERS
- name: k8s.io
description: Code and configuration to manage Kubernetes project infrastructure,
including various *.k8s.io sites
owners:
- https://raw.githubusercontent.com/kubernetes/k8s.io/main/OWNERS
- dir: sig-multicluster
name: Multicluster
mission_statement: >
@ -2830,55 +2892,6 @@ workinggroups:
liaison:
github: derekwaynecarr
name: Derek Carr
- dir: wg-k8s-infra
name: K8s Infra
mission_statement: >
A Working Group dedicated to migrating Kubernetes project infrastructure over
to the CNCF, and the creation of teams and processes for ongoing maintenance.
Involves collaboration with multiple SIGs such as Architecture, Contributor Experience,
Release, and Testing, etc.
charter_link: charter.md
stakeholder_sigs:
- Architecture
- Contributor Experience
- Release
- Testing
label: k8s-infra
leadership:
chairs:
- github: ameukam
name: Arnaud Meukam
company: Alter Way
- github: dims
name: Davanum Srinivas
company: VMware
- github: spiffxp
name: Aaron Crickenberger
company: Google
emeritus_leads:
- github: bartsmykla
name: Bart Smykla
meetings:
- description: Regular WG Meeting
day: Wednesday
time: "20:00"
tz: UTC
frequency: bi-weekly
url: https://zoom.us/j/93109963352?pwd=SHJTcFR2bVg1akYxSDREUWQzaldrQT09
archive_url: http://bit.ly/wg-k8s-infra-notes
recordings_url: http://bit.ly/wg-k8s-infra-playlist
contact:
slack: wg-k8s-infra
mailing_list: https://groups.google.com/forum/#!forum/kubernetes-wg-k8s-infra
teams:
- name: wg-k8s-infra
description: active contributors in wg-k8s-infra
- name: wg-k8s-infra-leads
description: wg-k8s-infra leads
liaison:
github: nikhita
name: Nikhita Raghunath
- dir: wg-multitenancy
name: Multitenancy
mission_statement: >

46
wg-k8s-infra/README.md
View File

@ -1,46 +0,0 @@
<!---
This is an autogenerated file!
Please do not edit this file directly, but instead make changes to the
sigs.yaml file in the project root.
To understand how this file is generated, see https://git.k8s.io/community/generator/README.md
--->
# K8s Infra Working Group
A Working Group dedicated to migrating Kubernetes project infrastructure over to the CNCF, and the creation of teams and processes for ongoing maintenance. Involves collaboration with multiple SIGs such as Architecture, Contributor Experience, Release, and Testing, etc.
The [charter](charter.md) defines the scope and governance of the K8s Infra Working Group.
## Stakeholder SIGs
* SIG Architecture
* SIG Contributor Experience
* SIG Release
* SIG Testing
## Meetings
* Regular WG Meeting: [Wednesdays at 20:00 UTC](https://zoom.us/j/93109963352?pwd=SHJTcFR2bVg1akYxSDREUWQzaldrQT09) (bi-weekly). [Convert to your timezone](http://www.thetimezoneconverter.com/?t=20:00&tz=UTC).
* [Meeting notes and Agenda](http://bit.ly/wg-k8s-infra-notes).
* [Meeting recordings](http://bit.ly/wg-k8s-infra-playlist).
## Organizers
* Arnaud Meukam (**[@ameukam](https://github.com/ameukam)**), Alter Way
* Davanum Srinivas (**[@dims](https://github.com/dims)**), VMware
* Aaron Crickenberger (**[@spiffxp](https://github.com/spiffxp)**), Google
## Emeritus Organizers
* Bart Smykla (**[@bartsmykla](https://github.com/bartsmykla)**)
## Contact
- Slack: [#wg-k8s-infra](https://kubernetes.slack.com/messages/wg-k8s-infra)
- [Mailing list](https://groups.google.com/forum/#!forum/kubernetes-wg-k8s-infra)
- [Open Community Issues/PRs](https://github.com/kubernetes/community/labels/wg%2Fk8s-infra)
- GitHub Teams:
- [@kubernetes/wg-k8s-infra](https://github.com/orgs/kubernetes/teams/wg-k8s-infra) - active contributors in wg-k8s-infra
- [@kubernetes/wg-k8s-infra-leads](https://github.com/orgs/kubernetes/teams/wg-k8s-infra-leads) - wg-k8s-infra leads
- Steering Committee Liaison: Nikhita Raghunath (**[@nikhita](https://github.com/nikhita)**)
<!-- BEGIN CUSTOM CONTENT -->
<!-- END CUSTOM CONTENT -->

131
wg-k8s-infra/charter.md
View File

@ -1,131 +0,0 @@
# WG K8s Infra Charter
This charter adheres to the [wg-governance] guidance, as well as
adheres to the general conventions described in the [Kubernetes
Charter README] and the Roles and Organization Management outlined
in [sig-governance], where applicable to a Working Group.
## Scope
The K8s Infra Working Group is interested in the successful migration of all
project infrastructure from Google (or elsewhere) to the CNCF, such that the
project is able to sustainably operate itself without direct assistance from
entities such as Google or Red Hat.
### Disband criteria
It is our intent to disband once this migration is complete, with ownership
of all code, processes and teams assigned to the appropriate SIGs. If we find
that this is not possible, we will work with the Steering Committee and
respective SIGs to find a more sustainable model (SIG, Committee or Team)
### In scope
#### Code, Binaries and Services
External facing services implemented as subprojects. They often span multiple
SIGs in terms of ownership, hence why this WG is acting as a steward of their
migration.
| Service | SIG(s) | Notes |
| --- | --- | --- |
| DNS | Contribex, Release | Domain Name Services for Kubernetes assets |
| GAE | Testing | Gubernator, Testgerid |
| GCB | Release | Used to build releases |
| GCR | Release | Repository for Container Images |
| GCS / Object Storage | Release, Testing | Buckets for logs, test artifacts, release tarballs, APT, RPM |
| GKE + Stack Driver | Contribex, Release, Testing | Clusters for running bots, utilities, prow, etc |
| Big Query | Testing | Data for test results |
| Website / Blogs | Contribex, CNCF | Communications platform |
| Pool of compute resources for testing | Testing, CNCF, Cloud Providers| GCE, AWS |
Internal infrastructure which will be necessary to support these, including:
- Credential store to work across teams
- Certificate store for signing certs
- Github repo for storing artifacts like scripts/yamls
- and for requesting resources (using github issues as tickets?)
Documented policies and processes for how to staff and structure these
subprojects, including:
- naming schemes
- teams and ACL's
- vetting criteria
- on-call / escalation policies
#### Cross-cutting and Externally Facing Processes
##### Deploying Changes
We aspire to remain agile and deploy quickly, while ensuring a disruption-free
experience for project contributors. As such, the amount of notice we provide
and the amount of consensus we seek is driven by our estimation of risk. We
don't currently define risk in terms of objective metrics, so here is a rough
description of the guidelines we follow. We anticipate refining these over
time.
- **Low risk** changes do not break existing contributor workflows, are easy
to roll back, and impact at most a few project repos or SIGs. These should
be reviewed by another member of WG K8s infra or the affected SIG(s),
preferably an approver.
- **Medium risk** changes may impact existing contributor workflows, should be
easy to roll back, and may impact all of the project's repos. These should
be shared with the appropriate SIGs, and may require a [lazy consensus]
issue with [kubernetes-dev@] notice.
- **High risk changes** likely break existing contributor workflows, may be
difficult to roll back, and likely impact all of the project's repos. These
require a consultation with SIG Contributor Experience as well as any other
owning SIGs, and a [lazy consensus] issue with [kubernetes-dev@] notice.
### Out of Scope
- We are not responsible for maintaining infrastructure which has not yet been
migrated to the CNCF. For example, problems with prow.k8s.io should be routed
to SIG Testing.
## Roles and Organization Management
- Proposing and making decisions _MAY_ be done without the use of KEPS so long
as the decision is documented in a linkable medium. We prefer to see written
decisions and reasoning on the [wg-k8s-infra@] mailing list or as issues
filed against [kubernetes/k8s.io]. We encourage the use of faster mediums
such as slack of video conferences to come to consensus.
- It is our intent that each infra-related subproject identified for migration
must be staffed / owned by at least 3 volunteers
- We aspire to follow the same 1/3 maximal representation rules used by the
Steering Committee, Product Security Committee, and other groups that have
project-wide impact
- However, while we are bootstrapping, we consider it acceptable for maximal
representation concerns to be violated, since this will often be necessary
for Google-staffed subprojects to divest themselves of the infrastructure.
- Our plan would be to rectify this when choosing new members or rotating
old members such that we eventually meet maximal representation criteria
- We plan to follow the model set forth by the Product Security Committee for
suitable vetting new subproject owners
- Subproject owners must provide additional contact details within the WG, and
we will need to identify when and how it is appropriate to share these with
other parts of the project. Such details include:
- Alternate e-mails
- Phone numbers
- Timezone
- As this is a Working Group, we own no code and cannot create subprojects. We
will instead identify and petition the appropriate SIG for subproject
creation. We will provide guidelines on how the relevant subprojects should
be staffed, per the above.
[sig-governance]: https://github.com/kubernetes/community/blob/master/committee-steering/governance/sig-governance.md
[wg-governance]: https://github.com/kubernetes/community/blob/master/committee-steering/governance/wg-governance.md
[Kubernetes Charter README]: https://github.com/kubernetes/community/blob/master/committee-steering/governance/README.md
[lazy consensus]: http://en.osswiki.info/concepts/lazy_consensus
[kubernetes-dev@]: https://groups.google.com/forum/#!forum/kubernetes-dev
[wg-k8s-infra@]: https://groups.google.com/forum/#!forum/kubernetes-wg-k8s-infra
[kubernetes/k8s.io]: https://git.k8s.io/k8s.io