Since 2005, the Google Summer of Code (GSoC) program has accepted thousands of university students from around the world to spend their summer holiday writing code and learning about the open source community. This year GSoC accepted 1,276 students from 63 countries into the program to work with 201 open source organizations. Now celebrating its 15th year, the program has accepted more than 14,000 students from 109 countries who have collectively written more than 35 million lines of code for 651 open source projects.
Students who are accepted have the opportunity to work with a mentor and become part of an active open source community. CNCF is proud to be one of these communities, hosting 17 interns this summer – our largest class ever. Mentors from our community are paired with interns and work with them to help advance certain aspects of CNCF projects.
“CNCF is a big supporter of GSoC’s mission and we are excited to participate again this year with a record 17 interns showcasing a wide range of cloud native contributions. As open source continues to take over the world, this program has become an important catalyst for students to have an impact on future technologies that we all depend on.” – Chris Aniszczyk, CTO, Cloud Native Computing Foundation (CNCF)
Additional details on the CNCF projects, mentors, and students can be found below. Coding ended August 19th and we’ll report back on progress soon!
_______
Falco
Project: Falco engine performance analysis and optimization
Student: Mattia Lavacca, Politecnico di Torino (Italy)
Mentors:
- Michael Ducy, Sysdig
- Leonardo Di Donato, Sysdig
- Loris Degioanni, Sysdid
This project aims to develop a system to trace and profile Falco Engine performance. First, it is necessary to monitor and document the existing performance constraints of Falco, then by using that information, we can potentially improve the performance by relaxing the impact of the discovered bottlenecks, performing an optimization of the Falco engine. Finally we’ll provide an analysis of the performance improvements and compare the obtained result to the initial one.
containerd
Project: Remote blob store for containerd
Student: Yeshwanth Reddy Karnatakam, Reva University (India)
Mentor:
- Phil Estes, IBM
This project aims to let containerd have remote blob store for image content (layer blobs).
CoreDNS
Project: Support Source IP Based Query Block/Allow in CoreDNS
Student: An Xiao, Zhejiang University (China)
Mentor:
- Yong Tang, MobileIron
When CoreDNS serves DNS queries publicly or inside Kubernetes clusters, the source IP of the incoming DNS query is an important identity. For security considerations, only certain queries (from specific source-IP or CIDR block) should be allowed to prevent the server from being attacked. The goal of this project is to support a firewall-like source-IP based block/allow mechanism for CoreDNS. With our plugin (named as firewall) enabled, users are able to define ACLs for any DNS queries, i.e. allowing authorized queries to recurse or blocking unauthorized queries towards protected DNS zones.
Kubernetes
Project: Implement volume snapshotting support into the external Manila provisioner
Student: Róbert Vašek, University of Zilina (Slovakia)
Mentor:
- Tomáš Smetana, Red Hat
OpenStack Manila manages shared file-systems across the cloud. Being able to create and access these with ease from the container world is showing to be quite useful – and that’s what csi-manila is for. One of the features that’s also in high demand when dealing with shared file-systems is taking snapshots as well as creating new shares from those snapshots from within Container Orchestrators like Kubernetes. csi-manila itself is quite a new piece of software and is missing certain features, like snapshots for an instance. This GSoC project will try to close this feature gap.
Kubernetes
Project: Add Support for Custom Resource Definitions to the Dashboard
Student: Elijah Oyekunle, Federal University of Technology Akure (Nigeria)
Mentors:
- Marcin Maciaszczyk, Loodse
- Sebastian Florek, Loodse
The Kubernetes dashboard previously supported Third Party Resources (TPR), but these were replaced in Kubernetes by Custom Resource Definitions (CRD). As a result, the original TPR support was removed in Dashboard, but CRD support has not yet been added. This proposal aims to provide a generic support for Custom Resource Definitions to the dashboard, similar to the previous TPR support.
Kubernetes
Project: Run GPU sharing workloads with Kubernetes + Kubeflow
Student: Jianbo Ma, Zhejiang University (China)
Mentors:
GPUSharing is an open source project which could share GPU by leveraging Kubernetes scheduling and Device Plugin extensibility. This project aims to integrate it with kubeflow/arena.
Kubernetes
Project: Add Plugin Mechanism to the Dashboard
Student: Ajat Prabha, Indian Institute of Technology, Jodhpur
Mentors:
- Marcin Maciaszczyk, Loodse
- Sebastian Florek, Loodse
This project aims to introduce a plugin mechanism to the Kubernetes Dashboard. It will deal with defining the plugin framework architecture, it’s scope, how it could enhance the Dashboard UI and make it possible to utilize third party APIs to extend its functionality.
Kubernetes
Project: Kubernetes with hardware devices topology awareness at node level
Student: Junjun Li, Zhejiang University (China)
Mentors:
This project aims to improve current Kubernetes topology manager to become aware of generic hardware device topology at node level.This will make it so Deep Learning training can be improved significantly due to data inter-connection between NVIDIA GPU devices on the node.
Linkerd and Envoy Proxy
Project: Multi-mesh performance benchmark tool
Student: Shahriyar Mammadov, International Technological University – ITU (USA)
Mentor:
- Lee Calcote, SolarWinds
Benchmarks continuously strive to improve performance standards in order to stay relevant in the market, and play an important role in better customer loyalty, SEO ranking and more. Meanwhile there are various factors affecting performance. Having a high performance proxy in front of web servers is very important and can be achieved by continuous performance measurements and improvements.
Open Policy Agent (OPA)
Project: IPTables Integration with OPEN POLICY AGENT(OPA)
Student: Urvil Patel, L.D. College of Engineering (India)
Mentors:
- Reinaldo Penno, Cisco
- Tim Hinrichs, Styra
This project involves designing the layout of IPTable rules using OPA’s policy language Rego, implementing the algorithms that generate IPTables from that policy, and writing the code that populates the generated IPTables rules into Linux host.
Prometheus
Project: Extending Prombench and adding rule formatting for Prometheus
Student: Hrishikesh Barman, Girijananda Chowdhury Institute Of Management And Technology (India)
Mentor:
- Krasi Georgiev, Red Hat
Prombench, the benchmarking tool for Prometheus, will be extended to support even more tests, newer components, and metrics, which will help both developers and users in terms of identifying bugs and scalability tests. Another task we aim to solve is the longstanding issue of Prometheus rule formatting.
Prometheus
Project: GitHub integrated benchmarking tool for Prometheus TSDB
Student: Vladimir Masarik, Masaryk University (Czech Republic)
Mentor:
- Krasi Georgiev, Red Hat
This project aims to make it easier to discover database performance problems. Newly introduced performance flaws are hard to notice, and the process of discovering them is cumbersome if done manually. Since Prometheus TSDB does not yet have such a feature, this project is intended to be the solution. The plan is to develop detailed performance tests and automate the process of testing using Prow, the Kubernetes based CI/CD system with GitHub integration. Moreover, for easy analysis, the results of the benchmarked pull request will be compared against the master branch test results. Fortunately, the foundation for implementing the benchmarks partially exists, and so do some benchmarking tests, which make an excellent start for the project.
Prometheus
Project: Optimize Prometheus queries using regex matchers for set lookups & Postings compression
Student: Zhiqi Wang, Carnegie Mellon University (USA)
Mentor:
- Ganesh Vernekar, Grafana
A common use case for regex matchers is to use them to query all series matching a set of label values, e.g. up{instance=~”foo|bar|baz”}. Grafana’s template variables feature is a big user of this pattern. Our goal is to catch and split it into three different matchers, each selecting the three cases, whichwould make the templated queries produced by Grafana much faster. Postings is a lists of numbers which are references to series that contain a given label pair, andare used as a reference table to get the requested series. This project aims to research and implement compression for these features.
Prometheus
Project: Continue the work on low hanging issues in Prombench
Student: Nikita Kokitkar, Pune Institute of Computer Technology (India)
Mentor:
- Krasi Georgiev, Red Hat
This project aims to help with work that needs to be done to check whether Prow can be replaced by Github actions, getting metrics without any gaps and other low hanging fruit labeled issues.
rkt
Project: Add support for the OCI runtime spec by implementing a runc stage2
Student: Alejandro Germain, University of Hertfordshire (UK)
Mentor:
- Iago López Galeiras, Kinvolk GmbH
rkt implements the App Container Executor specification of the appc Container Specification and uses systemd unit properties to implement its features. To implement the OCI runtime spec, systemd unit properties are not suitable since they differ from what the spec defines. The aim of this project is to replace systemd unit properties by runc to implement the OCI runtime spec.
Rook
Project: Enable multiple network interfaces for Rook storage providers
Student: Giovan Isa Musthofa, University of Indonesia
Mentors:
- Dmitry Yusupov, Nexenta Systems
This project aims to create a new API to enable multiple network interfaces for Rook storage providers. Currently, Rook providers only choice is to use hostNetwork or not. The new API will be used to define networks resource for Rook clusters. Rook operators will be able to consume those definitions and manage them, therefore enabling more fine-grained control over storage providers network access.
TiKV
Project: Proposal for Auto-tune RocksDB
Student: Yuanli Wang, University of Minnesota (USA)
Mentor:
- Wu Sheng, Tetrate
This project aims to use a machine learning method to tune database configurations automatically.