Share your feedback...
Adding NAT Gateway for Kubernetes
Add support for static IP for egress traffic in kubernetes networking.
Audit logs support for Managed Kubernetes
Currently DigitalOcean Managed Kubernetes doesn't provide any methods to track down control plane logs for auditing. Audit logs are highly necessary and useful for security-related issues and situations especially on production environments. This should be one of the first priority feature to be added on DOKS to let user keep their services safe and fully trust DOKS as a production-ready platform.
Restrict access to Kubernetes API Server endpoints
For security reasons, it would be nice to restrict access to the managed Kubernetes control plane API, either via Firewall configuration or basic IP Whitelisting like Managed Databases. Similar to the feature in EKS https://docs.aws.amazon.com/eks/latest/userguide/cluster-endpoint.html
Disappointed to see the k8s dashboard deprecation
I just saw the email regarding the built in kubernetes dashboard deprecation. This is incredibly disappointing. I chose to use DO because of the guarantees of simplicity and assistance that your web UI and service provide such as built-in web-based tools that go above and beyond. When I use DO, I trust that your service is just going to work and be easy when I need to go in and make changes, add services, or debug. Dashboards for databases and even k8s are a huge part of that. Setting it up on my own is a pain. With that in mind: it is incredibly sad to see the k8s dashboard go away. For many users, having a convenience (even if rare) of the dashboard already working is a big deal. Especially for people that aren't k8s experts, or find that even getting their own dash installed is a headache. I really wish that DO reconsiders this, and that they understand that having a built-in tool to make k8s easier is exactly the type of thing that differentiates DO from other cloud providers (!). Just because the dashboard is rarely used doesn't mean it isn't immensely valued when needed. Maybe you can do a better job advertising that it exists -- or maybe you can survey people and ask them: "Even if you didn't know it existed, are you happy that the k8s dash exists? If you had a production incident and you were on the run with limited tools at your disposal to debug quickly from your browser, would the k8s dash be helpful?" In my case I've used it rarely. But when I did, it was a godsend. Please don't mistake rare usage from the value it provides WHEN it is needed. Thank you for the consideration- I hope to see you reverse this decision.
Urgent Appeal for the Reinstatement of the Kubernetes Dashboard
Dear DigitalOcean Team, I hope this message finds you well. I am reaching out to share my recent experience with your platform, which has significantly impacted my workflow and perception of DigitalOcean's service quality. As a loyal customer, I've always admired DigitalOcean for its commitment to user-friendliness and innovation, positioning itself as the "most user intuitive cloud platform." It's precisely this reputation that makes it so surprising and disappointing to see the removal of the one-click installation feature. This feature was not just a convenience; it was a cornerstone of my operational efficiency, enabling me to monitor my deployments and cluster health directly. Its absence now necessitates a cumbersome workaround, involving port forwarding and other adjustments, which is far from the seamless experience I've come to expect from DigitalOcean. I understand that maintaining software and features can be challenging, especially when it comes to version control and ensuring compatibility. However, considering DigitalOcean's stature and resources as a leading cloud services provider, I am confident that a solution that does not compromise user experience is within reach. The decision to remove this feature has not only added complexity to my workflow but has also prompted me to reconsider the value proposition of staying with DigitalOcean. This is not a step I take lightly, given my otherwise positive experience with your platform. I earnestly request that you reconsider the removal of the one-click installation feature. Reinstating it would not only alleviate the operational hurdles many of us now face but also reaffirm DigitalOcean's commitment to delivering the best possible user experience. Thank you for considering my feedback. I am hopeful for a resolution that reinforces why I chose DigitalOcean as my cloud platform of choice. Warm regards.
Add Reserved IP's for Kubernetes Worker Nodes
When using Digital Ocean Droplets as Kubernetes Worker Nodes, there is no possibility of assigning the Reserved IP´s to the Droplets. This is a Digital Ocean Reserved IP´s limitation described in: https://docs.digitalocean.com/products/networking/reserved-ips/details/limits/ When using external systems with whitelists tied to Droplets IP´s, every time they change either for a manual action or during the cluster upgrades (the most common scenario), the access to the external system is lost and a manual update of the whitelist must be done. So, as this a very common scenario in production systems, it will be great to be added.
Support for Fixed IP or IP Range for worker nodes
It is usually needed where we have to white list of our worker nodes IP to be white listed by some external source, however there is always limitation in Cluster that it has always dynamic IP and no fixed range which makes it difficult to use for third party connection who needs fixed IP
Increase UDP Buffer Sizes on worker nodes by default
By https://github.com/quic-go/quic-go/wiki/UDP-Buffer-Sizes , it is recommended to increase buffer sizes in the kernel. This should help boosting performance on tools using QUIC for communication, e.g. HTTP/3 connections or Cloudflare tunnels, which will probably become even more mainstream in the near future. As discussed in the digitalocean-k8s slack channel, a current workaround for users is creating a daemonset and alter the worker nodes to support this.