[Proposal] z-pages for kubernetes components

[Richa Banker]

Hi all

I wanted to start a thread regarding a new proposal, originating from SIG Instrumentation, looking for feedback from SIG Architecture, regarding adding new HTTP handlers for introducing (more) z-pages to K8s components.

The proposal itself is drafted in this doc. Could I please get some feedback on this, before I add it as a discussion topic in the SIG meeting or start working on a KEP? Thanks!

Best,

Richa 

[Richa Banker]

Hello all,

Thank you for your valuable input on the proposed z-pages in Kubernetes in the SIG-meeting yesterday. Please find the attached meeting minutes for your reference. Kindly note any missing points or necessary corrections.

Discussion Points:

Standardization and Minimization:

• Ensure component consistency and minimal changes
• OpenTelemetry's z-pages could be considered for standardization of the exposed information
  

Usability:

• Start with text format
• Consider making it a versioned API, but not turn it on by default
  
• Make it clear that people should not depend on this being stable
• Consider potential confusion with flagz and configz points, or any existing z-page
  

Call out non-goals:

• Avoid aggregating across scoped network boundaries
• Keep it simple
• Do not allow extensibility for runtime information exposure, leave those up to component owners

Auth and Security:

1. Use existing patterns for authn (system monitoring group)
2. Protect sensitive information
   
3. Consider potential security issues with HTML format since access to z-pages via kubectl proxy will allow same domain access to K8s API service, potential XSS attacks

Action Items:

• Create a separate doc for deeper dive on initial z-pages, focus on format and content
• Gather input from SIG Security (if we decide to use HTML format)
• Engage with the broader community (outside Google) for feedback
  

I will follow up on the above action items in the coming weeks.

Thanks

Richa

[Richa Banker]

Hello all,

Following up on the last discussion in the SIG-Architecture meeting regarding the z-pages in Kubernetes proposal, I have updated the document to address the concerns that were raised.

Key updates:

• Expanded the Non-goals section to provide more clarity
• Explicitly stated that the initial format will be text
• Confirmed that we will implement versioned URLs, allowing us to enhance the feature by supporting structured formats in future releases
• Included a link to a separate document that provides the exhaustive list of z-pages we plan to introduce in alpha, along with the schema of the response

We will be assuming lazy consensus on this proposal. If there are no further concerns or questions raised about the schema or the general proposal within the next few weeks (ideally before Sept 16), we will consider that we have the buy-in from SIG-Architecture and will proceed with the KEP work.

Please feel free to reach out if you have any further questions or feedback.

Thank you for your time and consideration.

Sincerely,

Richa

--

Richa Banker Software Engineer richa...@google.com +16506024871

[Richa Banker]

Hello all,

As a follow up to the above, I have the following KEPs out for introducing 

• /statusz endpoint https://github.com/kubernetes/enhancements/pull/4830 
• /flagz endpoint https://github.com/kubernetes/enhancements/pull/4831

for all core Kubernetes components.

Would love to get your feedback on the KEPs and discuss any concerns around the same.

Thanks!

Richa