We want to certify OpenUnison's integration with k8s. When I run the test cases to generate the certification data, should I be interacting with our system (and in turn interacting with the API server?) (PS: I'm at kubecon if someone is here to talk to)

Thanks

Do you ship your own version of K8s? If so, then that is what the test harness should be interacting with. Please reopen with other questions.

@dankohn why are you closing an issue after asking a question? I'm unable to re-open. Looking at twistlock's certification, its not a standalone k8s distribution. It installs into k8s. OpenUnison does as well interacting with k8s via apis to manage RBAC and create projects.

I closed it because most people don't come back with follow-up questions. What implementation of K8s would you plan to certify against?

we're agnostic, we work against any k8s deployment. We do most of our testing against kubeadm. Again I'm looking at Twistlock as an example. They don't have a specific k8s deployment either.

The first step of Twistlock's conformance results are to install Twistlock on GCP: https://github.com/cncf/k8s-conformance/tree/master/v1.7/twistlock

It may be that you're looking to certify a Kubernetes application as opposed to a Kubernetes distribution. If so, we don't yet offer support for certifying applications.

Right, but again twistlock isn't a distro and the certification steps don't mention a specific k8s distribution. So is the automated script certifying twistlock or the underlying k8s distro on GCP? Twistlock doesn't have its own k8s distribution, its meant to install into any k8s distro. So the certification tests were run against a distro with twistlock installed on top of it.

I'm not trying to take anything away from twistlock, trying to understand the process. RFPs are coming out requiring Kubernetes certification for integrated systems and tools so even if you're not supporting certifying tools and systems a statement as such would be helpful to include in responding to RFPs.

Twistlock withdrew their certification and we're not accepting add-on certification at this time, though it is an area we're exploring. Please participate in the mailing list to keep up on our progress.

Thanks for following up!