KEP-3926: updating the PRR questionnaire #5645
Conversation
ibihim
commented
Oct 9, 2025
ibihim
commented
- One-line PR description: Refining PRR questionnaire based on alpha implementation learnings
- Issue link: Handling undecryptable resources #3926
- Other comments:
- Updates Production Readiness Review sections with corrections from alpha implementation
k8s-ci-robot
added
the
cncf-cla: yes
k8s-ci-robot
added
kind/kep
ibihim
force-pushed
the
enhancements-ibihim-3926-prr-1.35
branch
from
6dec232 to
a893ad0
Compare
|
/approve |
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: enj, ibihim The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
@deads2k could you take a look at this for PRR? |
|
|
||
| #### Alpha | ||
|
|
||
| - Error type is implemented |
There was a problem hiding this comment.
Above, missing links to integration tests, since you're not planning e2e at all, that's a major blocker for promotion.
| https://github.com/kubernetes/kubernetes/pull/97058/files#diff-7826f7adbc1996a05ab52e3f5f02429e94b68ce6bce0dc534d1be636154fded3R246-R282 | ||
| --> | ||
| The implementation, including tests, is waiting for an approval of this enhancement. | ||
| All tests verify feature enablement / disablement to ensure backwards |
There was a problem hiding this comment.
Again, links for the tests, or make sure they are included in the earlier sections.
| If the average time of `apiserver_request_duration_seconds{verb="delete"}` of the kube-apiserver | ||
| increases greatly, this feature might have caused a performance regression. | ||
| If the average time of `apiserver_request_duration_seconds{verb="delete"}` or | ||
| `apiserver_request_duration_seconds{verb="list"}` the amount of |
There was a problem hiding this comment.
Nit, can you make sure these metrics are mentioned at the end of kep.yaml in metrics section, please?
| Longer term, we may want to require automated upgrade/rollback tests, but we | ||
| are missing a bunch of machinery and tooling and can't do that now. | ||
| --> | ||
| No testing of upgrade->downgrade->upgrade necessary. |
There was a problem hiding this comment.
Can you explain why no such tests are necessary?
| - Audit logs: Search for annotation: `apiserver.k8s.io/unsafe-delete-ignore-read-error`. | ||
| - RBAC: Check RoleBindings/ClusterRoleBindings granting `unsafe-delete-ignore-read-errors` verb. | ||
|
|
||
| ###### How can someone using this feature know that it is working for their instance? |
There was a problem hiding this comment.
This question is missing answers.
| --> | ||
|
|
||
| All corrupt object DELETEs complete, when feature is enabled, option is set and | ||
| the user is authorized. |
There was a problem hiding this comment.
The question is about SLO, iow. what is the excpected time for delete completion? Check https://github.com/kubernetes/community/blob/master/sig-scalability/slos/slos.md for suggestions.
| Describe the metrics themselves and the reasons why they weren't added (e.g., cost, | ||
| implementation difficulties, etc.). | ||
| --> | ||
| - No metric tracking when unsafe deletions actually occur. Not assumed to happen |
There was a problem hiding this comment.
Nit:
| - No metric tracking when unsafe deletions actually occur. Not assumed to happen | |
| - No new metric for tracking unsafe deletions is required. The available metrics (`apiserver_request_duration_seconds`) are sufficient to track the functionality of this feature. |
| - Impact of its outage on the feature: | ||
| - Impact of its degraded performance or high-error rates on the feature: | ||
| --> | ||
| - kube-apiserver |
There was a problem hiding this comment.
This is a question about external services to kubernetes. So in your case No is sufficient answer.
| approver: "@deads2k" | ||
| approver: "@deads2k" | ||
| beta: | ||
| approver: "@deads2k" |
There was a problem hiding this comment.
You can put my name here, since I'm looking at this one.
6 participants
