Having participated in the Google Summer of Code (GSoC) since 2017, CNCF is thrilled to announce that this year, 16 interns working on the Foundation’s projects have graduated from the program. Interns this year got to be a part of Graduated, Incubating and Sanbox projects including CoreDNS, Cortex, Envoy, in-toto, Kubernetes, Prometheus, Rook, Service Mesh Interface, Thanos and TiKV.
GSoC is one of several programs CNCF is involved in that helps students from around the world get involved with open source projects. This year, 1,106 students from 65 countries successfully completed the three-month GSoC 2020 program, with 198 open source organizations, and over 2,000 mentors from 67 countries. CNCF is proud to be one of these organizations, hosting over 16 interns throughout this last summer. Mentors from the cloud native community volunteered to work with each intern to enable them to advance certain parts of CNCF projects.
“We are thrilled to be able to work with such an amazing group of developers during our participation in GSoC this year. As open source continues to be a driving force for technological innovation, programs like GSoC are incredibly important in bringing new developers into the open source fold. The more developers we are able to help introduce to open source communities like CNCF, the more sustainable the projects that we all depend on will be.” – Chris Aniszczyk, CTO, Cloud Native Computing Foundation (CNCF)
Additional details on the CNCF projects, mentors, and students can be found below. Congratulations to all our interns!
Anomaly Detection of CoreDNS Server through Machine Learning
Mentee: Chanakya Ekbote
Mentor: Yong Tang
This project aims to try and detect anomalies that occur in a CoreDNS server using a machine learning model developed in Keras. This project would help automate the process of anomaly detection, and reduce the necessity to write anomaly detection ‘rules’.
Selectively disable Indexing of labels
Mentee: Jay Batra
Prometheus is one of the standard-bearing open-source solutions for monitoring and observability. As a Prometheus-as-a-Service platform, Cortex fills in all of these crucial gaps with aplomb and thus provides a complete out-of-the-box solution for even the most demanding monitoring and observability use cases. Currently all querying labels are indexed. This is IO operation and storage heavy. The idea is to reduce that.
Distributed Load Testing of Envoy Data Planes
Mentee: Kush Trivedi
Many performance benchmarks are limited to single instance load generation (single pod load generator). This limits the amount of traffic that can be generated to the output of the single machine that the benchmark tool runs on in or out of a cluster.
Distributed load testing in parallel poses a challenge when merging results without losing the precision we need to gain insight into the high tail percentiles.
Port runlib into in-toto golang
Mentee: Christian Rebischke
- Santiago Torres-Arias, New York University
- Justin Cappos, New York University
- Lukas Pühringer, New York University
in-toto is a project for protecting supply chain integrity. The project is a sister project of the TUF project and both are there for tightening the release process and making releases more secure. Therefore it’s not surprisingly, that in-toto has frameworks in various languages like golang. The golang in-toto framework is missing runlib functionality. The runlib library implements functionality for capturing evidence of a running process. For this project it’s possible to have a look on the python implementation for reimplementing the same functionality in golang. In the end it should be possible to call a function or a group of functions within golang for generating and signing in-toto link metadata.
Kubernetes Multitenancy Working Group: Benchmarks
Mentee: Anuj Sharma
The Kubernetes Multi-Tenancy Working Group is chartered with exploring and defining multi-tenancy models for Kubernetes. The Multi Tenancy Benchmarks effort focuses on measuring and validating the desired behaviors for multitenancy. Part of this effort is to automate behavioral and configuration checks on existing clusters, which will be the focus of this project. This automated test suite will help all Kubernetes users validate whether their clusters are set up correctly for multi-tenancy.
Do resource delivery around Kubernetes
Mentee: Wangqian Qian
- Jianbo Sun
- Resource Provision: Use CRD Operator to invoke the cloud resource and create the resource object.
- Resource Binding: Use Service binding to do the resource binding, that is inject data to the resource object.
- More Detailed Resource Provision: Do more refined resource supply, simplify the complexity of resource application.
Cluster Addons: Package all things!
Mentee: Somtochi Onyekwere
Cluster Addons are resources that are considered inherently part of the Kubernetes cluster as they help extend the functionality of the cluster. Over time different addons have surfaced with increasing complexity while the tools for managing these addons have not progressed as much.
The aim of this proposal is to build and package operators for different popular addons that are easy to use and follow best practices in various clusters.
Extending promtool for formatting PromQL expressions and YAML structure in rules files
Mentee: Harkishen Singh
Prometheus is a monitoring tool that monitors the specified targets, scrapes the system and application metrics at regular intervals, evaluates rules and performs alerting on condition.
This project aims to implement the following features:
- Extending promtool in order to support formatting of **YAML structure**, **PromQL expressions** in rules files.
- Preserving custom comments in **PromQL expressions** and **YAML structure** in the rules files.
- Spreading **PromQL expressions** over multiple lines based on conditions, as followed by most linters.
- Solve issues related to promtool. _(priority and regular)_
Running prombench on EKS and update dashboards
Mentee: Drumil Patel
- Hrishikesh Barman, Clarisights
## Prombench is the automated E2E testing and benchmarking for Prometheus.
Prombench uses Kubernetes to benchmark Prometheus using various scalable configurations of fake web servers. Prombench uses Prometheus, Grafana and Loki for monitoring difference between versions.
Presently Google Kubernetes can only be used for prombench. This creates a scarcity of use of prombench. This problem can be resolved using following : Use of another cloud provider like (AWS)Amazon web services
Presently, Grafana Dashboard consist of many useful graphs and useful visualization but there is a scope of improvement. Various issues which aims to improve visualizations for grafana are as follows :
- Refactor the grafana dashboards to show a more consistent memory usage(#324)
- Revisit all current dashboards to add new and remove unneeded to make them more useful for catching bugs(#186)
- Node exported does not get filesystem size metrics from SSD path /mnt/disks/ssd0(#159)
- Add explanations to all panels on the Prombench dashboard(#305)
- Loki not showing previous test prometheus instance logs(#322)
Develop local cluster provider for test-infa/prombench and extending test-infra
Mentee: Raj Babu Das
- Hrishikesh Barman, Clarisights
“This project aims is to work on the following issues:
1. Develop local cluster provider (KIND)
2. Deployment of Prombench on EKS and local cluster
3. Resolve issues related to Grafana Dashboard being used in prometheus/test-infra
This needs to create a provider for the local cluster with the help of KIND and deploy different components of prombench in the KIND cluster. Currently, Prombench is only supported on GKE Cluster. By having a KIND provider, users can check the performance of Prometheus in the KIND cluster.
Secondly, I am proposing to resolve the issues of the Grafana dashboard used in test-infra of Prometheus. This will help the user to see more consistent and useful dashboards”
Rewrite NFS Operator to use controller-runtime
Mentee: Ahmad Nurus Shobah
Mentor: Ashish Ranjan, jbw976, Rohan
This project aims to implement controller-runtime for Rook NFS-operator and addresses several issues along with it. Currently, Rook NFS-operator only simply watches an event of CustomResource from an informer. Controller-runtime is a good library for building an operator which incorporates the best-practice controller principles.
Service Mesh Interface
SMI Conformance Tool
Mentee: Naveen Jain
- Lee Calcote, Layer5
Currently, there exists no software solution for checking whether a service mesh implements Service Mesh Interface or not.
This causes the following problems:
- For Service mesh maintainers, maintainers need to check whether the service mesh they are creating conforms to service mesh interface
- Users using service mesh don’t know whether a feature is supported or not by the particular mesh they are using.
In this project, the aim is to:
- Build meshery as the underlying technology to support SMI Certification
- Generate a compatibility matrix identifying the SMI features that are supported per service mesh.
- Decide the definition of what behavior is expected and conforms to spec. vs not. Partial conformance could be defined by a minimum requirement. It may be that partial conformance allows for / encourages extensibility
Enriching and Extending Thanos UIs with React for Awesome User Experience
Mentee: Prem Saraswat
So far Thanos has successfully used pieces of old Prometheus UI with some improvements. However, since Prometheus now moved all UI pages to React, it opens new possibilities for Thanos as well. The task is to move all UI to React and enrich them with Thanos features. As mentioned in the proposed idea, I also plan to add UI to every component of Thanos ensuring consistency and improve the experience of using Thanos even more.
Per Series Metric Retention
Mentee: Harshitha Chowdary Thota
Thanos is allowing storing metrics for long, if not unlimited time. Currently, however there is no fine-granular process of retaining only some portion of metrics for longer time e.g useful aggregations, while deleting other parts early on. This project aims to implement this missing feature in Thanos and potentially Prometheus.
Mentee: Hyungsuk Kang
- Yi Wu, PingCap
Versioned key-value data management interface for TiKV
Cloud Native KV-service
Mentee: Devdutt Shenoi
- Yi Wu, PingCap
To create a Cloud Native TiKV implementation which utilizes a Cloud Platform’s remote provisions to augment the current local-only storage back-end based on rocksdb.