Kubernetes

The gateway API is the successor of ingress, and development of Ingress has been halted in favor of the Gateway API. Cilium supports it, but it has to be enabled for it to be used.

Currently digitalocean supports only 1 container registry per account. It will be useful to support multiple registry (may be with max limit - changed by tickets). This will help organize multiple project/microservices deployment in their own registry.

Please release a way to make k8s users authenticating through an OpenID Connect Identity provider, it would greatly enhance the maneageability for those organization already using this way of authenticating. I really like DO k8s, but I'm not sure I'm going to use it on a wider scale due to this limitation; as you know for sure, other cloud providers allow it.

For security reasons, it would be nice to restrict access to the managed Kubernetes control plane API, either via Firewall configuration or basic IP Whitelisting like Managed Databases. Similar to the feature in EKS https://docs.aws.amazon.com/eks/latest/userguide/cluster-endpoint.html

Right now, when attempting to add a pvc to my kubernetes cluster, the minimum amount is 1gb. It would be rather nice to attach much smaller volumes to certain instances (Which can help save on costs). 128mb/64mb should be available to attach.

Currently Cilium is running in partial mode. Having Cilium replace kube-proxy completely would allow customers to use important features such as socket-based load balancing (which is much more reliable than the current kube-proxy iptables based load balancing) or the use of Cilium Local Redirect Policies, which is required for e.g. NodeLocal DNSCache to seamlessly replace kube-dns.

Gateway API, basically the successor of Ingress, allows for a single load balancer to be used for multiple services. For DOKS this probably should be implemented using Cilium, which has support for it since version 1.13. https://gateway-api.sigs.k8s.io/

It would be really useful (also for billing transparency) to have a timeseries graph (e.g. under Kubernetes -> Insights) to see the number of nodes at any given time. It is useful in particular if you enable the Cluster Autoscaler for node pools. In this way you can understand easily how many nodes there were at any given time. Maybe you can also add something like total CPU and total RAM provided by the node pools in the same graph. This would also make it easier to understand the other graphs in Insights. If you don't know how many nodes there were at a given time, it's difficult to interpret cluster CPU / RAM usage and other metrics.

Currently DigitalOcean Managed Kubernetes doesn't provide any methods to track down control plane logs for auditing. Audit logs are highly necessary and useful for security-related issues and situations especially on production environments. This should be one of the first priority feature to be added on DOKS to let user keep their services safe and fully trust DOKS as a production-ready platform.