metal-stack · vknabel · Feb 20, 2026 · Feb 19, 2026 · Feb 20, 2026 · vknabel
@@ -30,7 +30,7 @@ With so many people on-site we divided into multiple tracks. The recap page list
 
 ### Autonomous Control Plane and gardenadm
 
-I'm knee-deep in [MEP-18](https://docs.metal-stack.io/stable/contributing/01-Proposals/MEP18/README/) at the moment, so I gravitated toward the `gardenadm` workstream even though it wasn't the main hackathon theme. The Gardener team pushed the tool to roughly 95% completion, ironing out installation flows and HA concerns so that bootstrapping an autonomous Gardener control plane finally feels repeatable. A handful of annoyingly small bugs are still blocking day-to-day usage, yet the remaining work is well understood and in flight.
+I'm knee-deep in [MEP-18](https://docs.metal-stack.io/stable/contributing/04-Proposals/MEP18/README/) at the moment, so I gravitated toward the `gardenadm` workstream even though it wasn't the main hackathon theme. The Gardener team pushed the tool to roughly 95% completion, ironing out installation flows and HA concerns so that bootstrapping an autonomous Gardener control plane finally feels repeatable. A handful of annoyingly small bugs are still blocking day-to-day usage, yet the remaining work is well understood and in flight.
 
 ### Networking Modernization
 

@@ -0,0 +1,17 @@
+---
+slug: /community
+title: Community
+sidebar_position: 1
+---
+
+# Community
+
+The Open Source culture lives from an active community! We are very happy about everyone who wants to actively participate in the metal-stack project. Feel free to reach out to us on our [Slack channel](https://join.slack.com/t/metal-stack/shared_invite/zt-3eqheaymr-obQueWBLOMkhbEWTZZyDRg)!
+
+You can also meet us in person at conferences and community events, such as [FOSDEM](https://fosdem.org/), [Gardener Hackathons](https://gardener.cloud/community/hackathons/), and more. Many of these events are announced on our [blog](/blog/tags/conferences) as well.
+
+We have a [public roadmap](./03-roadmap.mdx) and hold regular [planning meetings](./03-roadmap.mdx#planning-meetings).
+
+If you want to contribute code, please also refer to our [contribution guidelines](./02-contribution-guideline.md).
+
+When you read to this point: Welcome, and we look forward to seeing you soon! 😊
@@ -1,7 +1,7 @@
 ---
 slug: /contribution-guideline
 title: Contribution Guideline
-sidebar_position: 3
+sidebar_position: 2
 ---
 
 # Contribution Guideline
@@ -21,7 +21,7 @@ Open a Github issue in the project you would like to contribute. Within the issu
 When opening an issue please consider the following aspects:
 
 1. Create a meaningful issue describing the WHY? of your contribution.
-1. Try to set appropriate labels to the issue. For example, attach the `triage` label to your issue if you want it to be discussed in the next [planning meeting](./02-planning-meetings.mdx). It might be useful to attend the meeting if you want to emphasize it being worked on.
+1. Try to set appropriate labels to the issue. For example, attach the `triage` label to your issue if you want it to be discussed in the next [planning meeting](./03-roadmap.mdx#planning-meetings). It might be useful to attend the meeting if you want to emphasize it being worked on.
 
 ### Pull Requests
 

@@ -1,10 +1,16 @@
 ---
-slug: /planning-meetings
-title: Planning Meetings
-sidebar_position: 2
+slug: /roadmap
+title: Roadmap
+sidebar_position: 3
 ---
 
-# Planning Meetings
+# Roadmap
+
+For metal-stack we share a [Github board](https://github.com/orgs/metal-stack/projects/34) that displays our roadmap. It gives a rough overview over our development focus.
+
+If you have ideas to improve metal-stack, please suggest your thoughts on the [discussions page](https://github.com/metal-stack/releases/discussions) in the releases repository.
+
+## Planning Meetings
 
 Public planning meetings are held **biweekly** on **odd calendar weeks** from **14:00 to 14:30** (Berlin/Europe timezone) on Microsoft Teams. The purpose is to provide an overview of our current projects and priorities, as well as to discuss new topics and issues within the group.
 
@@ -87,7 +93,7 @@ Planning meetings are currently not recorded. The meetings are held either in En
 Note that anyone can contribute to metal-stack without participating in planning meetings. However, if you want to speed up the review process for your requirements, it might be helpful to attend the meetings.
 :::
 
-## Agenda
+### Meeting Agenda
 
 Here is the agenda that we generally want to follow in a planning meeting:
 
@@ -98,23 +104,3 @@ Here is the agenda that we generally want to follow in a planning meeting:
 - Check new issues labelled with `triage` and prioritize them
 - Allow attendees to bring up issues and prioritize them
   - Attendees have the chance to briefly present these new issues
-
-## Idea Backlog
-
-The backlog contains ideas of what could become part of the roadmap in the future. The list is ordered alphabetically. Therefore, the order does not express the importance or weight of a backlog item.
-
-We incorporate community feedback into the roadmap. If you think that important points are missing in the backlog, please share your ideas with us. We have a Slack channel. Please check out [metal-stack.io](https://metal-stack.io) for contact information.
-
-:::danger
-By no means this list is a promise of what is being worked on in the near future. It is just a summary of ideas that was agreed on to be "nice to have". It is up to the investors, maintainers and the community to choose topics from this list and to implement them or to remove them from the list.
-:::
-
-- Add metal-stack to [Gardener conformance test grid](https://testgrid.k8s.io/gardener-all)
-- Autoscaler for metal control plane components
-- CI dashboard and public integration testing
-- Improved release and deploy processes (GitOps, [Spinnaker](https://spinnaker.io/), [Flux](https://fluxcd.io/))
-- Machine internet without firewalls
-- metal-stack dashboard (UI)
-- Offer our metal-stack extensions as enterprise products (accounting, cluster-api, S3) (neither of them will ever be required for running metal-stack, they just add extra value for certain enterprises)
-- Partition managed by Kubernetes (with Kubelets joining the control plane cluster)
-- Public offering / demo playground
@@ -1,4 +1,4 @@
 {
-  "position": 1,
+  "position": 4,
   "label": "Enhancement Proposals"
-}
+}
@@ -1,7 +1,7 @@
 ---
 slug: /release-flow
 title: Release Flow
-sidebar_position: 4
+sidebar_position: 5
 ---
 
 # Releases

@@ -1,7 +1,7 @@
 ---
 slug: /oci-artifacts
 title: OCI Artifacts
-sidebar_position: 5
+sidebar_position: 6
 ---
 
 # OCI Artifacts

@@ -14,7 +14,7 @@ As modern infrastructure and cloud native applications are designed with Kuberne
 
 Regardless which flavor of metal-stack you use, it is always possible to manually provision machines, networks and ip addresses. This is the most basic way of using metal-stack and is very similar to how traditional bare metal infrastructures are managed.
 
-Using plain metal-stack without additional layer was not a focus in the past. Therefore firewall and role management might be premature. These will be addressed by [MEP-4](../../contributing/01-Proposals/MEP4/README.md) and [MEP-16](../../contributing/01-Proposals/MEP16/README.md) in the future.
+Using plain metal-stack without additional layer was not a focus in the past. Therefore firewall and role management might be premature. These will be addressed by [MEP-4](../../contributing/04-Proposals/MEP4/README.md) and [MEP-16](../../contributing/04-Proposals/MEP16/README.md) in the future.
 
 ## Gardener
 

@@ -31,7 +31,7 @@ You can use the [mini-lab](https://github.com/metal-stack/mini-lab) as a templat
 The metal control plane is typically deployed in a Kubernetes cluster. Therefore, this document will assume that you have a Kubernetes cluster ready for getting deployed. Even though it is theoretically possible to deploy metal-stack without Kubernetes, we strongly advise you to use the described method because we believe that Kubernetes gives you a lot of benefits regarding the stability and maintainability of the application deployment.
 
 :::tip
-For metal-stack it does not matter where your control plane Kubernetes cluster is located. You can of course use a cluster managed by a hyperscaler. This has the advantage of not having to setup Kubernetes by yourself and could even become beneficial in terms of fail-safe operation. However, we also describe a solution of how to setup metal-stack with a self-hosted, [Autonomous Control Plane](../../contributing/01-Proposals/MEP18/README.md) cluster. The only requirement from metal-stack is that your partitions can establish network connections to the metal control plane. If you are interested, you can find a reasoning behind this deployment decision [here](../05-Concepts/01-architecture.mdx#target-deployment-platforms).
+For metal-stack it does not matter where your control plane Kubernetes cluster is located. You can of course use a cluster managed by a hyperscaler. This has the advantage of not having to setup Kubernetes by yourself and could even become beneficial in terms of fail-safe operation. However, we also describe a solution of how to setup metal-stack with a self-hosted, [Autonomous Control Plane](../../contributing/04-Proposals/MEP18/README.md) cluster. The only requirement from metal-stack is that your partitions can establish network connections to the metal control plane. If you are interested, you can find a reasoning behind this deployment decision [here](../05-Concepts/01-architecture.mdx#target-deployment-platforms).
 :::
 
 Let's start off with a fresh folder for your deployment:
@@ -75,7 +75,7 @@ At the end of this section we are gonna end up with the following files and fold
 
 ### Releases and Ansible Role Dependencies
 
-As metal-stack consists of many microservices all having individual versions, we have come up with a [releases](https://github.com/metal-stack/releases) repository. It contains a YAML file (we often call it release vector) describing the fitting versions of all components for every release of metal-stack. Ansible role dependencies are also part of a metal-stack release. Both the metal-stack release vector and the metal-stack ansible-roles are shipped as OCI artifacts following a specific format that's described [here](../../contributing/05-oci-artifacts.md). These artifacts are signed with the CI token of the metal-stack Github organization and can be verified using [cosign](https://github.com/sigstore/cosign).
+As metal-stack consists of many microservices all having individual versions, we have come up with a [releases](https://github.com/metal-stack/releases) repository. It contains a YAML file (we often call it release vector) describing the fitting versions of all components for every release of metal-stack. Ansible role dependencies are also part of a metal-stack release. Both the metal-stack release vector and the metal-stack ansible-roles are shipped as OCI artifacts following a specific format that's described [here](../../contributing/06-oci-artifacts.md). These artifacts are signed with the CI token of the metal-stack Github organization and can be verified using [cosign](https://github.com/sigstore/cosign).
 
 In order to download the release vector and the referenced ansible-roles prior to a deployment, we provide a small helper module called `metal_stack_release_vector` as part of the [metal-deployment-base](https://github.com/metal-stack/metal-deployment-base) deployment image. Its main tasks are:
 

@@ -152,4 +152,4 @@ Thus, for creating a partition as well as a machine or a firewall, the flags `dn
 
 In order to be fully offline resilient, make sure to check out `metal-image-cache-sync`. This component provides copies of `metal-images`, `metal-kernel` and `metal-hammer`.
 
-This feature is related to [MEP14](../../contributing/01-Proposals/MEP14/README.md).
+This feature is related to [MEP14](../../contributing/04-Proposals/MEP14/README.md).
@@ -7,7 +7,7 @@ sidebar_position: 2
 # User Management
 
 At the moment, metal-stack can more or less be seen as a low-level API that does not scope access based on projects and tenants.
-Fine-grained access control with full multi-tenancy support is actively worked on in [MEP4](../../contributing/01-Proposals/MEP4/README.md).
+Fine-grained access control with full multi-tenancy support is actively worked on in [MEP4](../../contributing/04-Proposals/MEP4/README.md).
 
 Until then projects and tenants can be created, but have no effect on access control.
 

@@ -15,7 +15,7 @@ The minimal need to know principle is a security concept that restricts access t
 ### RBAC
 
 :::info
-As of now metal-stack does not implement fine-grained Role-Based Access Control (RBAC) within the `metal-api` but this is worked on in [MEP-4](../../../contributing/01-Proposals/MEP4/README.md).
+As of now metal-stack does not implement fine-grained Role-Based Access Control (RBAC) within the `metal-api` but this is worked on in [MEP-4](../../../contributing/04-Proposals/MEP4/README.md).
 :::
 
 As described in our [User Management](../../05-Concepts/02-user-management.md) concept the [metal-api](https://github.com/metal-stack/metal-api) currently offers three different user roles for authorization:
@@ -73,4 +73,4 @@ Note: The `metal-db` is not encrypted. Access to the metal-control-plane namespa
 :::
 
 The `metal` user is solely intended for SOL (Serial over LAN) out-of-band administrative access to the machine via [metalctl](/docs/references/metalctl). To establish this connection, the [`metal-console`](docs/references/metal-console) component is used, which transfers console output over SSH. This setup ensures secure, remote out-of-band management, allowing operators to troubleshoot and control machines even when the operating system is unavailable.
-To maintain security, the BMC credentials should be treated as system-managed accounts. For security and compliance, administrators are strongly advised to avoid interactive logins with them.
+To maintain security, the BMC credentials should be treated as system-managed accounts. For security and compliance, administrators are strongly advised to avoid interactive logins with them.
@@ -116,7 +116,7 @@ Please note that every [networking setup](../../05-Concepts/03-Network/01-theory
 | VLAN       | Switches, Firewalls         | Layer 2 traffic segmentation.                                                                  |
 | VXLAN      | Switches, Firewalls         | Encapsulate Layer 2 frames in Layer 3 packets for network virtualization.                      |
 | EVPN       | Switches, Firewalls         | Overlay network technology for scalable and flexible network architectures.                    |
-| VPN        | Firewalls                   | Management access [without open SSH ports](../../../contributing/01-Proposals/MEP9/README.md). |
+| VPN        | Firewalls                   | Management access [without open SSH ports](../../../contributing/04-Proposals/MEP9/README.md). |
 | BGP        | Multiple                    | Routing protocol for dynamic routing and network management.                                   |
 | SSH        | Management Server, Switches | Secure shell access for management and configuration.                                          |
 | LLDP       | Switches, Machines          | Link Layer Discovery Protocol for network device discovery.                                    |

@@ -31,4 +31,4 @@ To ensure that internal components interact securely with the metal-api, metal-s
 
 Users can interact with the metal-api using [metalctl](https://github.com/metal-stack/metalctl), the command-line interface provided by metal-stack. Depending on the required operations, users should authenticate with the appropriate role to match their level of access.
 
-As part of [MEP-4](../../contributing/01-Proposals/MEP4/README.md), significant work is underway to introduce more fine-grained access control mechanisms within metal-stack, enhancing the precision and flexibility of permission management.
+As part of [MEP-4](../../contributing/04-Proposals/MEP4/README.md), significant work is underway to introduce more fine-grained access control mechanisms within metal-stack, enhancing the precision and flexibility of permission management.
@@ -6,7 +6,7 @@ title: Remote Access
 
 ## Machines and Firewalls
 
-Remote access to machines and firewalls is essential for performing administrative tasks such as incident management, troubleshooting and sometimes for development. Standard SSH access is often insufficient for these purposes. In many cases, direct serial console access is required to fully manage the system. metal-stack follows a security-first approach by not offering direct SSH access to machines. This practice reduces the attack surface and prevents unauthorized access that could lead to system damage. Detailed information can be found in [MEP-9](../../contributing/01-Proposals/MEP9/README.md). Administrators can access machines in two primary ways.
+Remote access to machines and firewalls is essential for performing administrative tasks such as incident management, troubleshooting and sometimes for development. Standard SSH access is often insufficient for these purposes. In many cases, direct serial console access is required to fully manage the system. metal-stack follows a security-first approach by not offering direct SSH access to machines. This practice reduces the attack surface and prevents unauthorized access that could lead to system damage. Detailed information can be found in [MEP-9](../../contributing/04-Proposals/MEP9/README.md). Administrators can access machines in two primary ways.
 
 **Out-of-band management via SOL**
 
@@ -26,4 +26,4 @@ This approach uses the [`metal-console`](../08-References/Control%20Plane/metal-
 
 Both methods ensure secure and controlled access to machines without exposing them unnecessarily to the network, maintaining the integrity and safety of the infrastructure.
 
-Connecting directly to a machine without a clear plan of action can have unintended consequences and negatively impact stability. For this reason, administrative privileges are required. This restriction ensures that only authorized personnel with the necessary expertise can perform actions that affect the underlying infrastructure. These principles will evolve with the introduction of [MEP-4](../../contributing/01-Proposals/MEP4/README.md).
+Connecting directly to a machine without a clear plan of action can have unintended consequences and negatively impact stability. For this reason, administrative privileges are required. This restriction ensures that only authorized personnel with the necessary expertise can perform actions that affect the underlying infrastructure. These principles will evolve with the introduction of [MEP-4](../../contributing/04-Proposals/MEP4/README.md).
@@ -114,8 +114,10 @@ const config: Config = {
           docId: "docs/home",
         },
         {
-          label: "Contributing",
+          label: "Community",
           type: "doc",
+          // TODO: after next release change to:
+          // docId: "contributing/community",
           docId: "contributing/contribution-guideline",
         },
         {

@@ -9,6 +9,8 @@
 https://docs.metal-stack.io https://metal-stack.io/docs/home 301!
 https://docs.metal-stack.io/* https://metal-stack.io/:splat 301!
 /docs /docs/home
+/docs/planning-meetings /docs/roadmap
+/docs/next/planning-meetings /docs/next/roadmap
 
 # migrate archived paths to stable versions quickly
 /stable/overview/* /docs/:splat 301
Original file line number	Diff line number	Diff line change
Expand Up		@@ -152,4 +152,4 @@ Thus, for creating a partition as well as a machine or a firewall, the flags `dn

		In order to be fully offline resilient, make sure to check out `metal-image-cache-sync`. This component provides copies of `metal-images`, `metal-kernel` and `metal-hammer`.

		This feature is related to [MEP14](../../contributing/01-Proposals/MEP14/README.md).
		This feature is related to [MEP14](../../contributing/04-Proposals/MEP14/README.md).
Original file line number	Diff line number	Diff line change
Expand Up		@@ -31,4 +31,4 @@ To ensure that internal components interact securely with the metal-api, metal-s

		Users can interact with the metal-api using [metalctl](https://github.com/metal-stack/metalctl), the command-line interface provided by metal-stack. Depending on the required operations, users should authenticate with the appropriate role to match their level of access.

		As part of [MEP-4](../../contributing/01-Proposals/MEP4/README.md), significant work is underway to introduce more fine-grained access control mechanisms within metal-stack, enhancing the precision and flexibility of permission management.
		As part of [MEP-4](../../contributing/04-Proposals/MEP4/README.md), significant work is underway to introduce more fine-grained access control mechanisms within metal-stack, enhancing the precision and flexibility of permission management.