Enable IPv6 on Kubernetes worker node Droplets
Even though Kubernetes does not support IPv6, pods running with host networking enabled can make use of the IPv6 address. IPv6 should be enabled by default or there can be an option to enable it for a Kubernetes node pool.
Support multiple container-registries
It was surprising to me you can only have one registry per-account ( https://docs.digitalocean.com/products/container-registry/details/limits/ ). This is especially true when they are zoned in one region. For reliability, I'd like to create one in each region I run k8s clusters in. I would also like to separate permissions for say prod vs staging, by having different repositories. One related feature, which could be a solution to part of the problem - is multi-homing registries - so even one can survive clusters going down.
Support provisioning docker containers
Would be great to be able to launch docker containers rather than virtual servers. Provisioning would be very fast allowing almost real time auto scaling
Enable Kubernetes Gateway API
The gateway API is the successor of ingress, and development of Ingress has been halted in favor of the Gateway API. Cilium supports it, but it has to be enabled for it to be used.
Restrict access to Kubernetes API Server endpoints
For security reasons, it would be nice to restrict access to the managed Kubernetes control plane API, either via Firewall configuration or basic IP Whitelisting like Managed Databases. Similar to the feature in EKS https://docs.aws.amazon.com/eks/latest/userguide/cluster-endpoint.html
OIDC authentication for k8s
Please release a way to make k8s users authenticating through an OpenID Connect Identity provider, it would greatly enhance the maneageability for those organization already using this way of authenticating. I really like DO k8s, but I'm not sure I'm going to use it on a wider scale due to this limitation; as you know for sure, other cloud providers allow it.
Disappointed to see the k8s dashboard deprecation
I just saw the email regarding the built in kubernetes dashboard deprecation. This is incredibly disappointing. I chose to use DO because of the guarantees of simplicity and assistance that your web UI and service provide such as built-in web-based tools that go above and beyond. When I use DO, I trust that your service is just going to work and be easy when I need to go in and make changes, add services, or debug. Dashboards for databases and even k8s are a huge part of that. Setting it up on my own is a pain. With that in mind: it is incredibly sad to see the k8s dashboard go away. For many users, having a convenience (even if rare) of the dashboard already working is a big deal. Especially for people that aren't k8s experts, or find that even getting their own dash installed is a headache. I really wish that DO reconsiders this, and that they understand that having a built-in tool to make k8s easier is exactly the type of thing that differentiates DO from other cloud providers (!). Just because the dashboard is rarely used doesn't mean it isn't immensely valued when needed. Maybe you can do a better job advertising that it exists -- or maybe you can survey people and ask them: "Even if you didn't know it existed, are you happy that the k8s dash exists? If you had a production incident and you were on the run with limited tools at your disposal to debug quickly from your browser, would the k8s dash be helpful?" In my case I've used it rarely. But when I did, it was a godsend. Please don't mistake rare usage from the value it provides WHEN it is needed. Thank you for the consideration- I hope to see you reverse this decision.
Support associating Container Registries with projects
Was surprised to see I can not associate them with a project. Perhaps folks uses them across projects? Could associate them with many projects.
Adding NAT Gateway for Kubernetes
Add support for static IP for egress traffic in kubernetes networking.
Read-only container registry tokens
We should be able to generate tokens that have read only access to the container registry and not other parts of Digital Ocean. This would be useful for deploying images to maintain good security and only allow our service to pull images, not access droplets or databases.