Skip to content

Add Standard document for version policy regarding k8s updates #184

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
garloff merged 3 commits into from
Jan 26, 2023
Merged

Add Standard document for version policy regarding k8s updates #184

Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
8919375
Add draft for version policy regarding k8s updates
ajfriesen Jan 23, 2023
5fabb0f
Rename the tilte and file to specifcly mention new versions
ajfriesen Jan 23, 2023
dd3560c
Rename file to reflect SCS standards/ADR naming.
garloff Jan 26, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
49 changes: 49 additions & 0 deletions Decisions/scs-0210-v1-k8s-new-version-policy.mv
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,49 @@
---
title: SCS K8S Version Policy for new Kubernetes versions
type: Standard
status: Draft
track: KaaS
---

# Introduction

Here we will describe how fast providers need to keep up with the upstream Kubernetes version.

To create a informed decision we summarize here the Kubernetes rules regarding versioning at the time of writing (2023-01-16):

Kubernetes usually provides about **3 minor** releases per year.
[Kubernetes Release Cycle](https://kubernetes.io/releases/release/#the-release-cycle)

Patch release cadence is typically monthly. However, the first patches after the first minor release usually arrive 1-2 weeks after the first minor release.
[Patch Release Cadence](https://kubernetes.io/releases/patch-releases/#cadence)

In general the latest 3 minor version are maintained by the Kubernetes project.
Every release will be maintained for about 14 months.
First 12 month is standard support period.
The remaining 2 months are only for:
- CVEs (under the advisement of the Security Response Committee)
- dependency issues (including base image updates)
- critical core component issues

[Kubernetes Support Period](https://kubernetes.io/releases/patch-releases/#support-period)

# Motivation

Kubernetes is a fast paced project. We want to achieve that providers keep up to date with upstream and do not fall behind Kubernetes releases.
However, providers should have reasonable time to implement the new Kubernetes versions and test them.
This will allow customers to be insured that their clusters are up to date regarding security issues, bug fixes and new features when using SCS compliant clusters.

# Decision

- Must provide latest minor version no later than 4 months after release
- Must provide latest patch version no later than a week after release
- Should be faster for critical CVEs (CVSS >= 8)
- Should be tested

# Related Documents

All important documents regarding versioning, releases, etc. for the official Kubernetes project can be found here: [Kubernetes Releases](https://kubernetes.io/releases/)

# Conformance Tests

TBD