Last week’s Community Meeting started with a demo of Kaniko, a tool from Google’s container tools team to allow building container images inside Kubernetes (or other contained environments) without either
privileged mode (a la
docker-in-docker) or bind-mounting the underlying control socket from the hypervisor.
This is a big step towards safer image builds from inside Kubernetes-based CI/CD systems, though make sure to read up on the security properties of Kaniko and the other image build options as there are still many “gotchas”.
We also heard from the incoming 1.12 release lead, the release team is shaping up nicely. They are still looking for a branch manager, if you’re interested in helping out with either role, message
@tpepper or the
#sig-release channel in the community Slack, or leave a note on the tracking issue. If you’re not feeling up to being a role lead, they are also looking for more shadows on CI signal and release notes.
Next Deadline: End of code freeze, June 19th (EOD PST)
Last week was week 11 of the 1.11 release cycle. The biggest milestone last week was documentation complete for 1.11, and things are looking great for an on-time end of code-freeze (19th) and branching for the RC1 release (20th). Big congratulations to Josh and the whole sig-release team for making this one of the smoothest cycles yet!
As this was the week of documentation freeze, we saw lots of great PRs to the docs site land:
Most of the non-documentation PRs merged this week were bug fixes as we are still in code freeze, but a few last-minute updates were landed.
Kubeadm saw a bunch of fixes:
kubeletphase.WriteKubeletDynamicEnvFilerun at upgrade time if needed for making v1.10 -> v1.11 upgrades work end to end
Vertical Pod Autoscaler was partially merged, but as the bulk of the implementation missed code freeze, it was decided to revert it and pull things back in all together for 1.12:
A reversion from 1.8, when the JSON parsing switched to using
jsoniterator, it was made case-insensitive. This has now been fixed, but this means any configuration files from 1.8-1.10 that used the incorrect casing will now be invalid:
Last Week In Kubernetes Development (LWKD) is a product of some members of the Kubernetes project, but is not an official publication of the Kubernetes project or the CNCF. All original content is licensed Creative Commons Share-Alike, although linked content and images may be differently licensed. LWKD does collect some information on readers, see our privacy notice for details.
You may contribute to LWKD by submitting pull requests or issues on the LWKD github repo.