|
| 1 | +# API Extensions - Best Practices |
| 2 | + |
| 3 | +It is sometimes desireable to build new networking features as [CRDs] rather |
| 4 | +than [in-tree]. Reasons may include (but aren't limited to): |
| 5 | + |
| 6 | +* A desire to be free of lockstep with the [KEP] process |
| 7 | +* Experimentation and highly iterative development |
| 8 | +* The feature is useful to multiple parties, but is niche |
| 9 | +* the API doesn't or can't have a default implementation in core |
| 10 | + |
| 11 | +Whatever the case may be, we have multiple SIG Network sub-projects that have |
| 12 | +taken this approach for various reasons: |
| 13 | + |
| 14 | +* [Gateway API] |
| 15 | +* [Network Policy] |
| 16 | +* [Multi Network] |
| 17 | + |
| 18 | +This document intends to share guidelines and best practices for how to create |
| 19 | +and manage these kinds of "official, but add-on and optional" features, which |
| 20 | +throughout this document we'll refer to as **Official CRDs**. |
| 21 | + |
| 22 | +> **Note**: **This is not a standard**, but **SIG Network projects should try |
| 23 | +> and follow this guidance** unless they have some good reasons not to, as the |
| 24 | +> guidance here comes from the experience of those who have walked this road |
| 25 | +> before. This guidance might be applicable to some other SIGs, but as of the |
| 26 | +> time of writing none except SIG Network have reviewed this. |
| 27 | +
|
| 28 | +> **Note**: This is **not a comprehensive guide**. |
| 29 | +
|
| 30 | +[CRDs]:https://kubernetes.io/docs/concepts/extend-kubernetes/api-extension/custom-resources/ |
| 31 | +[in-tree]:https://github.com/kubernetes/api |
| 32 | +[KEP]:https://github.com/kubernetes/enhancements/blob/master/keps/README.md |
| 33 | +[Gateway API]:https://github.com/kubernetes-sigs/gateway-api |
| 34 | +[Network Policy]:https://github.com/kubernetes-sigs/network-policy-api |
| 35 | +[Multi Network]:https://github.com/kubernetes-sigs/multi-network |
| 36 | + |
| 37 | +## Objectives |
| 38 | + |
| 39 | +At a high level, SIG Network sub-projects that deploy as [CRDs] will need to |
| 40 | +deal with (at least) the following dimensions: |
| 41 | + |
| 42 | +* Enhancement Proposals |
| 43 | +* Developing CRDs |
| 44 | +* Delivering CRDs |
| 45 | +* CRD Lifecycle Management |
| 46 | +* Conformance Tests & Reports |
| 47 | +* Documentation |
| 48 | +* Community & Evangelism |
| 49 | + |
| 50 | +In the following section we'll talk about each of these in-depth, including |
| 51 | +some lessons learned by existing or historical sub-projects. |
| 52 | + |
| 53 | +[CRDs]:https://kubernetes.io/docs/concepts/extend-kubernetes/api-extension/custom-resources/ |
| 54 | + |
| 55 | +### Enhancement Proposals |
| 56 | + |
| 57 | +Projects which produce optional [Custom Resource Defintion (CRD)][CRD]-based |
| 58 | +APIs should provide a project-specific enhancement proposal system. You can see |
| 59 | +examples of using project-specific enhancement proposals with some of the |
| 60 | +current sub-projects: |
| 61 | + |
| 62 | +* [Gateway Enhancement Proposals (GEPs)][geps] |
| 63 | +* [Network Policy Enhancement Proposals (NPEPs)][npeps] |
| 64 | + |
| 65 | +Key characteristics of this pattern are: |
| 66 | + |
| 67 | +* an easy to find directory at the root of repositories, such as `geps/`, with |
| 68 | + references provided from the `README.md`. |
| 69 | +* a readme for the enhancement process (we recommend using GEP as a template, |
| 70 | + and we recommend a motivation focused proposal process (see more below)). |
| 71 | +* a project board which organizes these GEPs and helps provide visibility into |
| 72 | + the project's priorities and roadmap |
| 73 | +* trackable issues and PRs for every proposal that go through phases (e.g. |
| 74 | + (`provisional`, `implementable`, `experimental`, e.t.c.) |
| 75 | + |
| 76 | +We strongly recommend this pattern (unless there's some very compelling reason |
| 77 | +reason not to use it for any particular project). |
| 78 | + |
| 79 | +> **Note**: When starting new projects, we advise having enhancement proposals |
| 80 | +> preceed any code whatsoever, for posterity and to ensure time for all |
| 81 | +> stakeholders in the community are represented. |
| 82 | +
|
| 83 | +> **Note**: Taking this approach doesn't mean complete autonomy. Any GA APIs |
| 84 | +> (version is v1 or greater) with a `*.k8s.io` group **MUST** go through the API |
| 85 | +> review process with the SIG Network leads for any content considered |
| 86 | +> stable/standard/GA. The use of any non-`*.k8s.io` group for APIs published by |
| 87 | +> official SIG Network sub-projects or working groups needs to be ratified with |
| 88 | +> SIG Network leads first. Experimental features, alpha, beta, e.t.c. can be |
| 89 | +> developed without that additional oversight until they are promoted to GA. |
| 90 | +
|
| 91 | +[KEP]:https://github.com/kubernetes/enhancements/blob/master/keps/README.md |
| 92 | +[geps]:https://github.com/kubernetes-sigs/gateway-api/blob/main/geps/overview.md |
| 93 | +[npeps]:https://github.com/kubernetes-sigs/network-policy-api/tree/main/npeps |
| 94 | + |
| 95 | +#### Motivation Focused Enhancement Proposals |
| 96 | + |
| 97 | +It can be very easy to bring a new proposal to the table, and start with a huge |
| 98 | +GEP and maybe a ton of upfront code. In our experience however having too much |
| 99 | +up front, and in particular coming right to the table with an implementation |
| 100 | +can cause a proposal to get gridlocked very quickly. |
| 101 | + |
| 102 | +**We strongly recommend a "What, why and who before how" approach**. The first |
| 103 | +PR which adds an enhancement proposal should establish: |
| 104 | + |
| 105 | +* **What?** - What do we want to do, at a high level? A summary and/or specific |
| 106 | + high-level goals to achieve. |
| 107 | +* **Why?** - The motivation, the user stories, the reason we want to do this. |
| 108 | +* **Who?** - Every proposal stands a better chance of succeeding if there are |
| 109 | + multiple aligned parties interested in it, and collaborating on it upfront. |
| 110 | + |
| 111 | +Without any indication of _how_ we accomplish it. This, plus a process of steps |
| 112 | +for graduation (e.g. `provisional` -> `implementable` -> `experimental` -> |
| 113 | +`standard`) allows the community to work more iteratively, and work on alignment |
| 114 | +with the principles before spending any time in the implementation details. |
| 115 | + |
| 116 | +### Developing CRDs |
| 117 | + |
| 118 | +TODO |
| 119 | + |
| 120 | +### Delivering CRDs |
| 121 | + |
| 122 | +TODO |
| 123 | + |
| 124 | +### CRD Lifecycle Management |
| 125 | + |
| 126 | +TODO - installing, and managing on real systems |
| 127 | + |
| 128 | +### Conformance Tests & Reports |
| 129 | + |
| 130 | +TODO - framework for testing and reporting |
| 131 | + |
| 132 | +### Documentation |
| 133 | + |
| 134 | +TODO |
| 135 | + |
| 136 | +## Important Notes |
| 137 | + |
| 138 | +> **Note**: At the time of writing, we have no extension APIs that have |
| 139 | +> transferred themselves in-tree after doing development iterations |
| 140 | +> out-of-tree. This is uncharted territory at present, though we are not |
| 141 | +> opposed to it happening if it seems appropriate. |
0 commit comments