This DevStats graph shows that we have a fairly consistent number of contributions throughout the year.
We have fairly high number of downloads of our release manifests and artifacts. We showcase two examples below.
In addition, we have a very high number of downloads of our container images from quay.io. Since the download statistics is not publicly visible, we are not adding any link.
As an example of our traction the aggregated number of container image
downloads from the Metal3's container repository from 10-26-2022 to 11-2-2022 was on average 12193 and the peak was 15755 during a single day.
The following table contains both the project's approvers and reviewers combined.
| Reviewer/Approver | GitHub ID | Affiliation |
|---|---|---|
| Andrea Fasano | andfasano | Red Hat |
| Bob Fournier | bfournie | Red Hat |
| Derek Higgins | derekhiggins | Red Hat |
| Dmitry Tantsur | dtantsur | Red Hat |
| Riccardo Pittau | elfosardo | Red Hat |
| Honza Pokorny | honza | Red Hat |
| Himanshu Roy | hroyrh | Red Hat |
| Zane Bitter | zaneb | Red Hat |
| Iury Gregory | iurygregory | Red Hat |
| Kashif Khan | kashifest | Ericsson Software Technology |
| Furkat Gofurov | furkatgofurov7 | Ericsson Software Technology |
| Mohammed Boukhalfa | mboukhalfa | Ericsson Software Technology |
| Lennart Jern | lentzi90 | Ericsson Software Technology |
| Adil Ghaffar | adilGhaffarDev | Ericsson Software Technology |
| Moshiur Rahman | smoshiur1237 | Ericsson Software Technology |
| Sunnatillo Samadov | Sunnatillo | Ericsson Software Technology |
| Adam Rozman | Rozzii | Ericsson Software Technology |
Complete list of approvers across different repositories can be found here. We have introduced the option of moving people to emeritus approvers and reviewers list for people who became less active in the review/maintenance process.
The project's adopters list can be found here.
Companies that are using Metal3 in production:
IKEA IT AB: "IKEA IT AB uses Metal3 to handle Bare Metal provisioning and
lifecycle management in its CAPI-Based bare metal cloud infrastructure."
Ericsson: "We have chosen Metal3 as a bare metal provisioner for Ericsson’s
Cloud Container Distribution since Metal3 is a forerunner when it comes to
Kubernetes on top of bare metal servers. Besides the robust features of
Metal3, a very involved community and clearly defined roadmap have been
the key factors for us to choose Metal3 as a core component."
Red Hat: Red Hat's OpenShift distribution includes Metal3 as part of its
solution for automating the deployment of bare metal clusters.
Fujitsu: "As a server vendor, we are developing and using Metal3 to
provide Fujitsu servers as Kubernetes bare metal nodes."
Deutsche Telekom: "We have various Telco applications that require bare
metal infrastructure. We rely on metal3 for provisioning since it supports
layer 3 only deployments which makes it easier to use in our complex
networking setup than other options."
Other open source projects that are utilizing Metal3:
In addition to the official adopters there are projects like Medik8s who are providing options for users to use Metal3 specific features like Metal3 based remediation.
Furthermore maintainers have noticed that there are many more companies that are actively using Metal3, as representatives of said companies are opening issues, writing proposals and in general contribute to the project but have not registered themselves as official adopters.
This is our second annual review report after joining CNCF. We have included here some of the major achievements that took place during the past year. One of the major achievement was to release beta releases of Cluster API Provider Metal3 and IP Address Manager. With this, Cluster API Provider Metal3 API has become stable and production ready.
In last years report we listed some goals for the year that has now passed. Here is a summary of those goals and their status:
Goals achieved in the past year
- Split the current BareMetalHost CRD inspection data into a new CRD
- ✔️ The inspection data now has its own CRD (HardwareData).
- Add support for vendor-specific firmware configuration
- Freeze the BareMetalHost CRD
- ❌ We are not quite ready to do this yet.
- Start releasing process for BMO
- ✔️ A release process has been defined and documented.
- Establish a formal security reporting process
- ✔️ Security Process has been introduced.
- CAPM3 v1beta1 migration
- ✔️ The
v1beta1migration was done for the v1.1.0 release.
- ✔️ The
- Improve end-to-end testing
- ✔️ Adopted the CAPI e2e framework. (Initial PR)
Documentation improvements
- Improve end user documentation
- ✔️ Added a user-guide in form of the Metal3 Book
-
metal3-docs
- Introduce Metal3 Book for comprehensive user-guide across the organization.
-
cluster-api-provider-metal3
- Add v1beta1 types and related changes #342
- Support IP Reuse for BMHs using Preallocations #656
- Introduce additional providerID format #563
- Adoption of CAPI e2e framework Initial PR
- Add live-iso support to CAPI Metal3 provider #189
-
baremetal-operator
- Release process for BMO #1150
- HardwareData custom resource for host inspection data #1099
- PreprovisioningImage API and integration #936
- New API and integration of hostFirmwareSettings and firmwareSchema resources #901, #938
- Enable RAID for Redfish-based iDRAC driver flavor #1095
- Reboot API Implementation #424
- Add physicalDisks and controller parameters to HardwareRAID #1062
- Implement explicit reboot mode options #795
- Add live-iso support #759
- Add support for detached annotation #827
- Add support for ironic custom deploy interface #884
-
ip-address-manager
- It's a comprehensive tool to manage static IP address allocations in Cluster API Provider Metal3. It has its own controller and quite a few new features are added in this repo.
NOTE
A few of the above mentioned features is a result of work done not only in the previous year but before that time period also. We have put it here to highlight these since we didn't put them in the previous review.
- Added kubesec for security analysis of Kubernetes manifest files.
- Added gosec for security analysis of go files.
- Enhanced e2e and full stack CI building process.
- Bi-weekly triaging of issues.
- Restrict interface usage of ironic for better security.
- Rename all the ‘master’ branches to ‘main’.
-
One of the main goals for 2022 was to help adoption of Metal3 thus the Metal3 community has started writing a User-guide. The community plans to extend the guide continuously and also provide separate tutorials that will showcase the deployment process on bare metal environment that is as close to a production environment as possible.
-
In 2022 certain aspects of Metal3 security has been improved, but there is more planned specially related to the topics of container security and related to the testing of Metal3 security features during e2e tests.
-
There are improvements done on the CI infrastructure of the Metal3 project, but there are more to come in terms of securing and speeding the test processes to help contributors receive feedback faster.
-
There is long-running cooperation between the
Openstack-Ironcand theMetal3-iocommunities, thus in the spirit of cooperation there is an ongoing effort to run Metal3 CI jobs against Ironic upstream. -
There is an ongoing process that will continue in the future to align the Metal3 e2e test better with the CAPI e2e tests as well as to rework the developer environment that is currently used to better fit the CI use cases.
-
There are ongoing discussion related to expanding the features of BMO, CAPM3 and IPAM e.g.:
- Adding better support for Ironic root device hint operators.
- Supporting use-cases where the user would like to manage the lifecycle of bare metal machines from a K8S cluster but don't want to include the machines as nodes in the cluster.
- Adding support for the CAPI IPAM contract.
- Adding support for selective disk cleaning in baremetal-operator.
- Adding support for multitenancy.
-
We would like to ask CNCF to guide us through the fuzzing process using CNCF fuzzing.
-
We would like to ask CNCF to help Metal3-io project to improve its visibility in any way possible e.g.:
- finding advocate(s) for the project
- facilitating cooperation between Metal3 and other FOSS projects
- or providing with Metal3-io with any other opportunity to improve its traction/visibility
The Metal3-io project's general security policy is located here.
In addition to the project's security policy, all the active repositories
should have a SECURITY_CONTACTS file.
The SECURITY_CONTACTS file informs contributors about:
- the project's security policy
- basic rules of security vulnerability disclosure
Optionally the SECURITY_CONTACTS may contain:
- repository specific security fix back porting information
- repository specific security fix release information
We think the Metal3-io project meets the criteria of incubation. We have shown healthy number of contributions and sustainable process of feature additions in Metal3-io. Our adopters list is also growing steadily. We will be opening proposal for incubation very soon.