Introduce WG Checkpoint Restore

[adrianreber]

As described in sig-wg-lifecycle.md this PR is the next step after sending an email to [email protected] about the creation of the Working Group Checkpoint Restore.

CC: @rst0git, @viktoriaas, @xhejtman

[k8s-ci-robot]

Welcome @adrianreber!

It looks like this is your first PR to kubernetes/community 🎉. Please refer to our pull request process documentation to help your PR have a smooth ride to approval.

You will be prompted by a bot to use commands during the review process. Do not be afraid to follow the prompts! It is okay to experiment. Here is the bot commands documentation.

You can also check if kubernetes/community has its own contribution guidelines.

You may want to refer to our testing guide if you run into trouble with your tests not passing.

If you are having difficulty getting your pull request seen, please follow the recommended escalation practices. Also, for tips and tricks in the contribution process you may want to read the Kubernetes contributor cheat sheet. We want to make sure your contribution gets all the attention it needs!

Thank you, and welcome to Kubernetes. 😃

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: adrianreber
Once this PR has been reviewed and has the lgtm label, please assign saschagrunert for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[k8s-ci-robot]

Hi @adrianreber. Thanks for your PR.

I'm waiting for a kubernetes member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[kannon92]

/ok-to-test

[kannon92]

Looking at #8519,

I see that we are missing a charter.

[adrianreber]

Looking at #8519,

I see that we are missing a charter.

In https://github.com/kubernetes/community/blob/master/sig-wg-lifecycle.md#GitHub is says to add a charter once this initial PR has been merged. That's why is skipped it.

[SergeyKanzhelev]

sig auth may have a big say in security of this whole restoration pipeline

[rst0git]

Thank you for pointing this out! Security is definitely an important topic that we need to discuss with sig-auth, both for the checkpoint API and the restoration pipeline. The following paper and master thesis describe our recent work on this topic:

• Towards Efficient End-to-End Encryption for Container Checkpointing Systems
• Improving Checkpoint/Restore Functionality in Kubernetes

[adrianreber]

I added sig auth to the list of stakeholder sigs

[liggitt]

this showed up in the sig-auth meeting, we may have missed the discussion around this WG

if this WG is contemplating taking state from a running pod / saving it / letting it be consumed on another node or from another pod or another namespace, then sig-auth is definitely interested in making sure the permissions model around that exists and is ~consistent with similar things Kubernetes does elsewhere (like PVC / snapshots)

We're happy to consult on that, I'm not sure our awareness / involvement rises to the level of sponsoring the WG :)

cc @kubernetes/sig-auth-leads

[SergeyKanzhelev]

is charter included into this PR?

[adrianreber]

now it is, I didn't add it initially as the lifecycle document mentions that it is added later, but looking at the WG PRs it seems to be common to have a charter in the initial PR.

[adrianreber]

/test pull-community-verify

[adrianreber]

/verify-owners

[janetkuo]

This is a valuable initiative. The charter mentions that the scope includes checkpointing and restoring 'workloads' and providing 'guidance for developers on checkpoint-friendly app design.' Given this focus, it's essential for SIG Apps to be involved as a key stakeholder.

[rst0git]

@janetkuo This is a good idea, thank you so much for suggesting it!

[adrianreber]

Yes, thanks @janetkuo. I added SIG Apps to the proposal.

[SergeyKanzhelev]

there may be API needed to communicate between the app and API server that the checkopoint is requested AND/OR that the app is ready for checkpoint. Something that is beyond just guidance

[adrianreber]

That is actually something we discussed how to do in containers for years now (outside of Kubernetes). But we never found the right way how to do this. We were looking at kernel interfaces or systemd interfaces because for many applications it could be helpful to free temporary memory to reduce checkpoint size or even drop confidential information. Also after restore it would be good to tell the application that maybe certain cryptographic values need to be reset or regenerated. I will try to include something mentioning this. Thanks.

[k8s-ci-robot]

The following users are mentioned in OWNERS file(s) but are untrusted for the following reasons. One way to make the user trusted is to add them as members of the kubernetes org. You can then trigger verification by writing /verify-owners in a comment.

• viktoriaas
  • User is not a member of the org. Satisfy at least one of these conditions to make the user trusted.
• rst0git
  • User is not a member of the org. Satisfy at least one of these conditions to make the user trusted.

[aramase]

/assign ritazh

(assigned as part of SIG Auth triage; to review the SIG Auth updates)

[k8s-ci-robot]

PR needs rebase.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[BenTheElder]

has there been outreach to these SIGs yet? I see some SIG node participants/leaders but not CLI yet for example

[rst0git]

Changing from SIG CLI to SIG API machinery after SIG CLI mentioned that new commands are first introduced via a plugin.

kubernetes/enhancements#5091

I have a simple prototype of a plugin for the kubectl checkpoint command that we used in our demos and can discuss further in the working group.

[BenTheElder]

OK, we should remove the SIG if they are not a stakeholder, or else the WG organizers should reach out to the SIGs.

[BenTheElder]

@kubernetes/sig-node-leads are you all +1, officially?

[haircommander]

+1 from me

[BenTheElder]

This is missing the steering liason field, we discussed in the steering meeting today, you can add me..

Looking forward to being more directly helpful with @rst0git @viktoriaas and crew :-)

[viktoriaas]

Added, thanks

Suggested change

	mailing_list: https://groups.google.com/forum/#!forum/kubernetes-wg-checkpoint-restore
	mailing_list: https://groups.google.com/forum/#!forum/kubernetes-wg-checkpoint-restore
	liaison:
	github: BenTheElder
	name: Benjamin Elder

[aojea]

I have doubts if this incentivize the right behavior and will encourage people to build WG to get a slot in the kubecon

[aojea]

we may need some clarification on this paragraph, for readers unfamiliar with Kubernetes governance, the current wording ("WG will define a roadmap," "distribute tasks," "define possible APIs") could give the impression that the WG is an authoritative body with the power to approve APIs and dictate roadmaps for the project.

As we know, a WG's primary role is to serve as a forum for cross-SIG collaboration, and SIGs are the ultimate authority for code and API changes.

To avoid this potential confusion, could we rephrase this section to better reflect the WG's role as a facilitator and a place for proposing ideas to the SIGs?

what about something like:

Suggested change

	As a first mandate, the WG will define a roadmap and tasks in the first quarter
	of operation.
	After that the WG will distribute the different tasks to different community
	members to define possible APIs and how it can be integrated in Kubernetes.
	As a first mandate, the WG will propose a draft roadmap and identify key tasks in the first quarter of operation.
	After that, the WG will facilitate collaboration among community members to explore possible APIs and draft proposals for their integration into Kubernetes, which will then be presented to the relevant SIGs.

[viktoriaas]

adding @BenTheElder as liaison to README too.

Suggested change

	- [Open Community Issues/PRs](https://github.com/kubernetes/community/labels/wg%2Fcheckpoint-restore)
	- [Open Community Issues/PRs](https://github.com/kubernetes/community/labels/wg%2Fcheckpoint-restore)
	- Steering Committee Liaison: Benjamin Elder (**[@BenTheElder](https://github.com/BenTheElder)**)