replace exception rule by Incubator status#1026
replace exception rule by Incubator status#1026depressiveRobot wants to merge 9 commits intomainfrom
Conversation
depressiveRobot
requested review from
fkr,
garloff and
mbuechse
as code owners
depressiveRobot
changed the title
depressiveRobot
changed the title
|
In addition to @mbuechse 's comment: With the points we get rid of the voting, since I see the voting as one of the primary culprits of the original proposal as well. The decision should lie in the attestation body and with the proposed variant upon points, this would work nicely. |
|
I tried to incorporate what we had discussed in the SIG. I think the name "Incubator" should be reconsidered. |
i concur. Reading it like "SCS-Certified IaaS Incubator" does not really make sense. Apprentice ;)
|
|
Many thanks to both of you, especially @mbuechse for incorporating what was discussed in the SIG. Based on this, I tried to make further adjustments:
My two cents for a better name than "Incubator":
The actual certification process could be described as implementation hints in the Supplement w2. Also with the additions proposed in the SIG, with the three stages of "self-assessment", "codified checks" and "audit". However, this would still require specific plausibility checks and statistics. |
|
Couple of thoughts: By having several levels of SCS-Certified IaaS it becomes more complex to comprehend for outsiders, thats why I kinda liked the different naming. “SCS-certified IaaS Integrator” is simple and easily understood. But maybe this discussion / the course of discussion since September shows that we need this added "complexity" in order to address the needs adequately. The second thought: we just certified four companies with ‘SCS-certified IaaS Integrator’ and renaming this would mean that this has to be adjusted as well. |
|
We can say that "Silver" (and above) MAY be omitted, so as to remain backwards-compatible. |
|
I tried to incorporate our latest proposal regarding certificate levels and the points mentioned in the last SIG Std/Cert on 2025-12-02. |
|
Regarding the open question "How to allow implementation partners who are very knowledgeable, but will never meet the requirements of Integrator to become certified?" Version 2 of this standard intentionally does not consider this question. It should rather be a separate new standard like "Certified SCS Consultant". The other two open issues are addressed in the current draft, see supplement. |
|
During the presentation at the Forum SCS-Standards regular call on 2025-12-12 the issue was raised that the current naming system using certificate levels (aka "Certified SCS IaaS Bronze Integrator") is too long: These were the suggestion so far:
What we are looking for: A shorter name/term that clearly expresses that it is an entry-level/lower level certification to the "normal" SCS Integrator. |
|
I could review this. At a quick glance, I don't see any severe problems. Before I give it more scrutiny, I think we should be clear regarding the naming inside the certificate zoo. |
|
|
||
| - two points for each SCS-compliant environment of a third party successfully brought into production by the applicant in the last 12 months, one point for 6 months; | ||
| - two points for each SCS-compliant environment of a third party actively being managed by the applicant for the last 12 months, one point for 6 months; | ||
| - two points for each SCS-compliant public-cloud environment with at least two regions or at least three availability zones being operated by the applicant for the last 12 months, one point for 6 months. |
There was a problem hiding this comment.
IMO in Kubernetes the regions don't matter really that much. Therefore, I believe this criteria is only really valid for IaaS.
If we want to make it explicitly for both, we should probably think about some examples of what we wanna include in this list and what should be excluded.
There was a problem hiding this comment.
I think this item should be read as specific to IaaS for the time being -- which is the case in scs-0007-v1.
There was a problem hiding this comment.
@mbuechse can you elaborate? In v1 it is probably fixed to IaaS, which is fine, because there was no KaaS. But this is the scs-0007-v2 document that we iterate on.
There was a problem hiding this comment.
v1 does refer to KaaS as well, but not in this last item. What I mean is that we can add an item for KaaS later once we know how to deal with it. As you pointed out yourself, the regions/azs make no sense with KaaS. Or we add such an item now, but it seems to me a dedicated item for KaaS makes more sense than mangling everything into one item. Would you have a suggestion for such an item?
There was a problem hiding this comment.
Okay, so you propose to add another PR later (probably start with writing an issue) that "fixes" this?
So basically an issue to "mark the current as specific to IaaS and add something specific to KaaS?
There was a problem hiding this comment.
No, I would add at least one change to this very PR already, namely to make this item specific for IaaS. And we can also add a KaaS-version of this item in this PR as well, provided that we come up with one. That's why I asked you for a proposal. Time horizon according to fkr would be March 10 (preferably earlier).
There was a problem hiding this comment.
Okay, then let's add the information that this is about IaaS, and I think we'll need to separately discuss KaaS. I'll comment in this PR also based on what we discussed in the SIG meeting
|
@janiskemper Your comments appear to be valid objections. I have added this to the next SIG Std/Cert on 2026-02-12 to discuss it. If you can, please join the meeting. |
|
noted |
| The certificates are awarded for a period of one year based on the predefined scoring system below. | ||
| The certification is done either by the Forum SCS-Standards or an attestation body nominated by the forum. | ||
|
|
||
| ### Certificate levels |
There was a problem hiding this comment.
| ### Certificate levels | |
| ### Certificate tiers |
|
|
||
| ### Certificate levels | ||
|
|
||
| Version 2 of this standard introduces a multilevel certification with Silver and Bronze levels. The levels are awarded according to a target score to be reached based on a predefined scoring system (see below). |
There was a problem hiding this comment.
| Version 2 of this standard introduces a multilevel certification with Silver and Bronze levels. The levels are awarded according to a target score to be reached based on a predefined scoring system (see below). | |
| Version 2 of this standard introduces tiers of certifications beginning with Silver and Bronze tiers. The Tiers are awarded according to a target score to be reached based on a predefined scoring system (see below). |
| - Certified SCS IaaS Silver Integrator: SCS IaaS (Infrastructure as a Service) implementation partner | ||
| - Certified SCS KaaS Silver Integrator: SCS KaaS (Kubernetes as a Service) implementation partner | ||
| - Certified SCS IaaS Bronze Integrator: aspiring SCS IaaS (Infrastructure as a Service) implementation partner | ||
| - Certified SCS KaaS Bronze Integrator: aspiring SCS KaaS (Kubernetes as a Service) implementation partner | ||
|
|
There was a problem hiding this comment.
Looking at these names again. We all agree that basically the Silver and Bronze Scheme is legit. Since those are "Tiers" (not levels, see my other comment), why don't we name them like this:
| - Certified SCS IaaS Silver Integrator: SCS IaaS (Infrastructure as a Service) implementation partner | |
| - Certified SCS KaaS Silver Integrator: SCS KaaS (Kubernetes as a Service) implementation partner | |
| - Certified SCS IaaS Bronze Integrator: aspiring SCS IaaS (Infrastructure as a Service) implementation partner | |
| - Certified SCS KaaS Bronze Integrator: aspiring SCS KaaS (Kubernetes as a Service) implementation partner | |
| - Certified SCS IaaS Integrator (Silver): SCS IaaS (Infrastructure as a Service) implementation partner | |
| - Certified SCS KaaS Integrator (Silver): SCS KaaS (Kubernetes as a Service) implementation partner | |
| - Certified SCS IaaS Integrator (Bronze): aspiring SCS IaaS (Infrastructure as a Service) implementation partner | |
| - Certified SCS KaaS Integrator (Bronze): aspiring SCS KaaS (Kubernetes as a Service) implementation partner | |
Basically making the Bronze and Silver a noticeable tier. The artwork for the badges would also resemble this. This way the name of the Certification stays the same and the Tier becomes visible.
There was a problem hiding this comment.
Sounds good. I’ll start working on the badges and add them to the website with descriptions.
Signed-off-by: Marvin Frommhold <depressiveRobot@users.noreply.github.com>
Signed-off-by: Matthias Büchse <matthias.buechse@alasca.cloud>
Signed-off-by: Marvin Frommhold <depressiveRobot@users.noreply.github.com>
Signed-off-by: Marvin Frommhold <depressiveRobot@users.noreply.github.com>
Signed-off-by: Marvin Frommhold <depressiveRobot@users.noreply.github.com>
Signed-off-by: Marvin Frommhold <depressiveRobot@users.noreply.github.com>
Signed-off-by: Marvin Frommhold <depressiveRobot@users.noreply.github.com>
fkr
force-pushed
the
feat/scs-0007-incubator
branch
from
f5e129c to
3fa1c55
Compare
|
As a timeline for this PR, I'd like to see this PR being merged before March 10th, so that at the Forum's Meeting of March 10th this can be presented so that we can stabilize it afterwards. |
Signed-off-by: Matthias Büchse <matthias.buechse@alasca.cloud>
| Version 2 of this standard introduces a multilevel certification with Silver and Bronze levels. The levels are awarded according to a target score to be reached based on a predefined scoring system (see below). | ||
|
|
||
| - Certified SCS IaaS Silver Integrator: SCS IaaS (Infrastructure as a Service) implementation partner | ||
| - Certified SCS KaaS Silver Integrator: SCS KaaS (Kubernetes as a Service) implementation partner |
There was a problem hiding this comment.
We discussed in the SIG meeting that we want to focus on a KaaS certification, not a Kubernetes certification. What does this mean?
KaaS means that we cannot only create one cluster, but we need a system to create n clusters and manage them in parallel. This includes upgrade processes, scaling, etc.
I wouldn't necessarily say that KaaS MUST be based on a fully automated process, but this is something we should discuss.
IF we say that it has to be fully automated, we can easily have a test case: We need to create a cluster via API, then run the conformance tests successfully, and then delete it again. This happens right now with our Syself Autopilot tests.
IMO there is no need to do further tests, because we also don't have similar load tests on IaaS level.
The goal would be to add a definition what KaaS is and then clarify the exact scoring system.
There was a problem hiding this comment.
Yup. To be frank, that's more or less always been how I viewed it, but it's good (and also necessary, it turns out) to make this explicit.
There was a problem hiding this comment.
Regarding automation: our test suite can run with a static kubeconfig file, but I would expect partners to provide a means of creating and deleting a cluster that can be integrated in the testsuite (we are already using extensible hooks for that).
6 participants
Resolves #1024
There are still some open questions:
Show differences between v1 and v2:
Procedural:
Supplement: