Currently DigitalOcean Managed Kubernetes doesn't provide any methods to track down control plane logs for auditing. Audit logs are highly necessary and useful for security-related issues and situations especially on production environments. This should be one of the first priority feature to be added on DOKS to let user keep their services safe and fully trust DOKS as a production-ready platform.

It is usually needed where we have to white list of our worker nodes IP to be white listed by some external source, however there is always limitation in Cluster that it has always dynamic IP and no fixed range which makes it difficult to use for third party connection who needs fixed IP

Add support for static IP for egress traffic in kubernetes networking.

For security reasons, it would be nice to restrict access to the managed Kubernetes control plane API, either via Firewall configuration or basic IP Whitelisting like Managed Databases. Similar to the feature in EKS https://docs.aws.amazon.com/eks/latest/userguide/cluster-endpoint.html

Currently Cilium is running in partial mode. Having Cilium replace kube-proxy completely would allow customers to use important features such as socket-based load balancing (which is much more reliable than the current kube-proxy iptables based load balancing) or the use of Cilium Local Redirect Policies, which is required for e.g. NodeLocal DNSCache to seamlessly replace kube-dns.

For lots of reasons people who use DOKS might want to install cluster autoscaler themselves, to tweak its settings, see the logs etc. Currently that is not possible due to https://github.com/kubernetes/autoscaler/issues/3556#issuecomment-796653795 So my idea is basically to put a little more effort on this issue, it would also make Digitalocean more competitive with EKS, GCP, Azure and other cloud providers who already support people installing their own autoscaler

Would be great to be able to launch docker containers rather than virtual servers. Provisioning would be very fast allowing almost real time auto scaling

Currently the Digital Ocean Kubernetes dashboard can ONLY be accessed via de DO webconsole. A way to obtain this url straight from the CLI (Terraform or doctl) would be very nice.

We should be able to generate tokens that have read only access to the container registry and not other parts of Digital Ocean. This would be useful for deploying images to maintain good security and only allow our service to pull images, not access droplets or databases.

Kubernetes cluster is not showing under digital ocean projects. We are working on a product where we will need to create multiple k8s clusters, each used with different project