- Project Ideas
If you are a project maintainer and consider mentoring during the GSoC 2021 cycle, please, submit your ideas below using the template.
- Description: The csi-driver-image-populator is a CSI plugin that allows you to mount the contents of a container image as a volume in a container, but it does not use the node's CRI endpoint to pull images. This means that images pulled as volumes will have different configuration (proxy, auth, mirror, etc) from other images run a cluster. A version of of the csi-driver-image-populator that uses a node's CRI provider to pull images would avoid that problem and make it simpler to build on-cluster tooling that makes use of manifest bundles. It may also be worth looking at the CSI / CRI interfaces to see if improvements can be made to simplify the driver, or to enable the use of OCI artifacts.
- Recommended Skills: Go, Kubernetes
- Mentor(s): Evan Cordell (@ecordell)
- Issue: kubernetes-sigs/cluster-addons#100
- Description: Kubernetes (k8s) is a production-grade container-orchestration system. The k8s scheduler decides which pods (containers) should go to which machines to be run. Not everyone has a running cluster lying around, so a web-based simulator that simulates the scheduler's behavior serves as an excellent interactive learning tool.
- Recommended Skills: Golang, Kubernetes
- Mentor(s): Adhityaa Chandrasekar (@adtac)
- Issue(s): kubernetes/kubernetes#99605
- The Strimzi project provides an easy way of running Apache Kafka on Kubernetes. It uses KafkaTopic custom resources to provide a cloud-native way of managing topics in a Kafka cluster. Strimzi also uses Cruise Control to provide Kafka cluster balancing functions. This project would add support for changing a KafkaTopic’s replicationFactor property by using Cruise Control.
- Recommended Skills: Java
- Mentor(s): Tom Bentley (@tombentley), Tom Cooper (@tomncooper)
- Issue: strimzi/strimzi-kafka-operator#191
- TiKV has recently been launching a new feature in the transaction model named Async commit. It's an optimization that reduces the commit latency from 2PC to 1PC. However, this feature has not been reflected in the TLA+ Specs. This project aims to update the spec and to run TLC model checker on the new model to gain more confidence in the async commit design.
- Recommended Skills: Go, Rust, TLA+
- Mentor(s): Ziqian Qin (@ekexium), Andy Lok (@andylokandy)
- Issue: tikv/sig-transaction#97
- TiKV currently lacks a robust tool to import great amount of data. But, in fact, TiKV has implemented
sst_importerto fast import SQL data to TiDB byLightningtool.Lightningimports SQL data in two steps: translating SQL data in KV pairs and importing KV pairs into TiKV. By exposing the second steps, we can support importing KV-like data into TiKV, e.g. migrating from HBase to TiKV. - Recommended Skills: Go
- Mentor(s): Kenny (@kennytm), Andy Lok (@andylokandy)
- Issue: tikv/tikv#9778
- CoreDNS is a cloud-native DNS server with a focus on service discovery. While best known as the default DNS server for Kubernetes, CoreDNS is capable of handle many other scenarios within or outside of Kubernetes clusters for make easy infrastructure management. One such case is the certificate management. This project is to provide ACME protocol support so that it is possible to have automatic certificate management through CoreDNS. More details and discussions are available in coredns/coredns#3460.
- Recommended Skills: Golang, DNS, TLS, Certificate Management
- Mentor(s): Yong Tang (@yongtang), Paul Greenberg (@greenpau)
- Issue: coredns/coredns#3460
- The Keptn project is a cloud-native application life-cycle orchestrator, acting as a control-plane for different tools for deploying, testing, etc of your applications. Currently, Keptn services and integrations can be found on an overview page. While this served fine as a central overview of all currently supported integrations, a more sophisticated "integrations hub" is desired.
- Recommended Skills: Angular/TypeScript
- Mentor(s): Juergen Etzlstorfer (@jetzlstorfer)
- Issue: keptn/keptn#3406
- Description: The PDK or (plugin development kit) aims to allow loading artifacts into tremor at runtime instead of requiring a full recompilation. This streamlines the development process of extending tremor with custom functionality. The goal is to allow live loading of a number of artifacts so start with: Pipeline Operators, Codecs, Pre- and Postprocessors, Custom Functions.
- Recommended Skills: rust, Linux
- Mentor(s): Darach Ennis (@darach), Matthias Wahl (@mfelsche)
- Issue: tremor-rs/tremor-runtime#791
- Description: gRPC is an industry-standard API abstraction and runtime. Currently, tremor supports interfacing with the outside world over WebSockets, HTTP/1.1, or target-specific connectors. Adding support for gRPC will allow generalizing a whole lot of client and server connections and making interfacing with other cloud-native applications easier. The goal of this project is to add support for such generic gRPC based services.
- Recommended Skills: rust, Linux, http/2, protocol buffers
- Mentor(s): Heinz Gies (@Licenser), Anup Dhamala (@anupdhml)
- Issue: tremor-rs/tremor-runtime#790
- cert-manager is one of the most popular Kubernetes addons. It introduces Certificate Authorities and Certificates as custom resource types in the Kubernetes API, and enables automatically managed certificate rotation. While the most common use is publicly trusted ACME certificates for Ingress controllers, it can also be used to manage identites in service meshes such as Istio. The project is to improve the user experience of deploying cert-manager on different cloud providers, helping to diagnose, fix and recommend workarounds for any discovered issues.
- Recommended Skills: Golang, Infrastructure as Code
- Mentors: Jake Sanders (@jakexks), team-cert-manager@Jetstack
- Issue: cert-manager/cert-manager#3720
kubectl cert-manager install: A CLI plugin to make it easy to install and verify the installation of cert-manager
- Description: cert-manager can be installed using Helm or with regular Kubernetes manifests,
but when using regular manifests it is difficult to customize the deployment.
This CLI will make it easier for non-Helm users to customize the configuration of cert-manager,
it will provide a way to see all the configuration options for a cert-manager deployment from the command line
(i.e. by running kubectl cert-manager install --help).
It will provide an option to wait for and verify the deployment, perhaps by integrating the code of cert-manager-verifier.
And it may become the foundation of a future
kubectl cert-manager upgradecommand, which will help users safely upgrade and downgrade between cert-manager versions. - Recommended Skills: Golang, Kubernetes
- Mentors: team-cert-manager@Jetstack
- Issue: cert-manager/cert-manager#3783
- LitmusChaos is a Kubernetes native chaos engineering framework that helps SREs & developers find weaknesses in their deployments, with the chaos intent being defined via custom resources. The goal of this project is to rewrite the authentication server to make it modular and lightweight. Also, add third-party integration of Gmail and Github.
- Recommended Skills: Golang, Kubernetes, MongoDB.
- Mentors: Karthik Satchitanand (@ksatchit), Raj Babu Das (@rajdas98)
- Issue: litmuschaos/litmus#2483
- Description: Users configuring their Envoy-based data planes don't know how to find the optimal Envoy configuration given their workload's resiliency and performance requirements. Nighthawk, Envoy's load generator, supports adaptive load control and horizontally distributed scaling of itself. Using distributed load testing and the creation of a set of adaptive load controllers, Envoy users can be empowered with repeatable tooling to automate identification of an optimal Envoy data plane configuration.
- Recommended Skill(s): Golang, C++, Rust
- Issue(s): envoyproxy/envoy-perf#72
- Mentor(s): Lee Calcote (@lcalcote), Otto van der Schaaf (@oschaaf)
- Description: Bring OSM on par with other service meshes that support WASM filters in their data plane. OSM's Envoy proxies can be extended at runtime with filters that are running in a WebAssembly sandbox (https://github.com/envoyproxy/envoy-wasm). Provide ability to dynamically load and unload Envoy WASM filters. Provide general purpose filtering of application infrastrcuture logic, tying business logic closer to the mesh.
- Recommended Skills: golang, rust
- Mentor(s): Lee Calcote (@leecalcote), Abishek Kumar (@kumarabd)
- Upstream Issue (URL): openservicemesh/osm#1671
- Description: Facilitate federation service mesh deployments across Kubernetes clusters, considering for service catalog federation and identity federation. Account for 1) multiple Kubernetes clusters using the same service mesh, 2) hetrogenius workloads (Kubernetes, VMs, Bare metal) using the same service mesh, 3) multiple Kubernetes clusters using different service meshes (e.g. Istio and Linkerd), 4) heterogeneous workloads using different service meshes (e.g. Istio, Consul).
- Recommended Skills: golang, kubernetes, meshery, smi
- Mentor(s): Lee Calcote (@leecalcote), Abishek Kumar (@kumarabd)
- Upstream Issue (URL): servicemeshinterface/smi-spec#212
- OpenEBS is the leading Container Attached Storage solution. OpenEBS NDM exposes storage devices on the hosts as BlockDevice custom resources. The capacity and mountpoints of these devices can change dynamically on the host and openebs needs to update it in the custom resources, without doing a full reinitialization. The goal is to update this information by parsing dmesg and thus provide the latest information to the users.
- Recommended Skills: Golang, Linux
- Mentor(s): Akhil Mohan (@akhilerm)
- Issue: openebs/openebs#3135
- Description: Currently, Prometheus data is deleted after a configurable amount of time, or once the disk size reaches a configured limit. However, many users would like to keep some data, such as the result of recording rules or SLO data, for a longer period of time than higher cardinality raw data. The goal of this project is to allow users to configure Prometheus to configure the retention time on a per series basis.
- Recommended Skills: golang
- Mentor(s): Chris Marchbanks (@csmarchbanks), Bartlomiej Plotka (@bwplotka)
- Issue: prometheus/prometheus#1381
- Description: Prometheus offers rest API of all sorts but they are not well documented. The idea would be to use OpenAPI to have self-documentation and specification files to be used by third parties. This would enable the use of Prometheus API's with clients from any languages easily.
- Recommended Skills: golang
- Mentor(s): Julien Pivotto (@roidelapluie)
- Issue: prometheus/prometheus#2392
- Description: In Thanos we don’t like manual work. That’s why we try to automate as much as we can, ensuring our documentation is up to date, links are working and documentation works from both GitHub and Website. We want to consolidate our automation and scripts to separate projects called mdox, so it’s working more reliably and helping other projects too! This project is to finish that work and allows students to have a great impact in the project tooling community. NOTE: This is a documentation tooling project, not related strictly to Thanos/Prometheus distributed systems - it’s a great starting point for passionate person interested in working with Go and wanting a soft intro to Cloud Native project maintenance topics!
- Recommended Skills: golang
- Mentor(s): Bartlomiej Plotka (@bwplotka)
- Issue: thanos-io/thanos#3081
- Description: Thanos Querier component supports basic TLS configuration for internal gRPC communication. This works great for basic use cases but it still requires extra forward proxies to make it work for bigger deployments. It’s also hard to rotate certificates automatically and configure safe mTLS. This project aims to remove those simplifications allowing better TLS story for all Thanos metrics APIs!
- Recommended Skills: go, distributed systems, TLS, gRPC
- Mentor(s): Bartek Plotka (@bwplotka), Kemal Akkoyun (@kakkoyun)
- Issue: thanos-io/thanos#977
- Description: Crossplane is an open source Kubernetes add-on that supercharges your Kubernetes clusters enabling you to provision and manage infrastructure, services, and applications. Under the hood, it leverage Open Application Model to define and ship applications across clusters in an developer centric approach. Currently, the implementation in Crossplane is OAM spec v0.2.1 and didn't fully reflect the latest release of upstream specification. This proposal will help Crossplane catch up with the latest change.
- Recommended Skills: Golang, Kubernetes
- Mentor(s): Ryan Zhang (@ryanzhang-oss), Sun Jianbo (@wonderflow)
- Issue(s): crossplane/oam-kubernetes-runtime#321
- Description: This project would ensure that the Buildpack Registry Index and Buildpack Registry Namespace repositories are updated with the latest Github Actions version automatically after it is released.
- Recommended Skills: Go, Github Actions
- Mentor(s): Joe Kutner (@jkutner)
- Upstream Issue (URL): buildpacks/github-actions#40
- Description: Cloud Native Buildpacks' primary function is to turn source code into a runnable image and because of that it's natural for it to be used within common CI/CD platform pipelines. This project would focus on creating a pipeline plugin that makes it easy for users to use Cloud Native Buildpacks within Jenkins.
- Recommended Skills: Java, Docker
- Mentor(s): Javier Romero (@jromero)
- Upstream Issue (URL): buildpacks/pack#531
- Description: A Lifecycle Prepare phase should make it easier for platforms to achieve parity with features of Pack. Today, features like
project.tomlare only supported by Pack, and a new platform would need to write it’s own parser. This project would include design (writing an RFC), specification (updating the CNB spec), and implementation (writing the code for the phase in Lifecycle). - Recommended Skills: Go
- Mentor(s): Joe Kutner (@jkutner), Natalie Arellano (@natalieparellano)
- Upstream Issue (URL): buildpacks/lifecycle#555
- Description: rebuilderd is a verification system for binary packages. It repeats the build process of a package in an identical environment and verifies that the package is identical. It is part of the Reproducible Builds effort and can currently be used to rebuild Arch Linux packages. The rebuild must optionally generate in-toto link attestations which can be used to verify the entire process. To that end, the nascent in-toto-rs library must be developed to enable this integration with rebuilderd.
- Recommended Skills: Rust
- Mentor(s): Santiago Torres-Arias (@SantiagoTorres)
- Upstream Issue (URL): in-toto/in-toto-rs#4
- Description: The in-toto team is working with the TUF project to replace the current signature wrapper used by both projects. This effort has resulted in the signing-spec. The new specification removes the current dependence on canonicalization and is open to encodings other than JSON. Further, moving the signature specification out helps the in-toto specification focus on its key goals, making it more readable. The switch to the new signature specification is proposed in an in-toto Enhancement, ITE-5. The task at hand is adding support to the in-toto reference implementation for the new specification.
- Recommended Skills: Python
- Mentor(s): Santiago Torres-Arias (@SantiagoTorres), Aditya Sirish A Yelgundhalli (@adityasaky)
- Upstream Issue (URL): in-toto/in-toto#445
- Description: The Update Framework (TUF) supports delegating responsibility for signing images. In order to support a large number of delegations, the specification supports binning delegations based on their hash. This project would involve adding this feature to the go implementation of TUF.
- Recommended Skills: Go
- Mentor(s): Marina Moore (@mnm678)
- Upstream Issue (URL): theupdateframework/go-tuf#45
- Description: Dynamic scaling of the Pravega Cluster by the pravega-operator using HPA. This should be simple to implement, and we've already done a successful POC.
- Recommended Skills: Go, Kubernetes
- Mentor(s): Prajakta Belgundi (@pbelgundi)
- Upstream Issue (URL): pravega/pravega-operator#483
- Description: Create a Log4j appender or syslog listener that will write application events to a Stream (record timestamps, event types, etc).
- Recommended Skills: Java, Rust, Python, C#, a language with gRPC bindings
- Mentor(s): Andrei Paduroiu (@andreipaduroiu)
- Description: Simplified Long Term Storage allows Pravega to use almost any storage API for Stream storage. Pravega has ChunkStorage implementations for Extended S3 (ECS), HDFS, NFS and BookKeeper/BlobIt. Write a ChunkStorage implementation for GCP or Azure.
- Recommended Skills: Java
- Mentor(s): Sachin Joshi (@sachin-j-joshi)