We’re back! After a hiatus for conference travel, LWKD returns this week with your usual slushball of information about what’s happening in the land of cloud-natively hacking.
Security Alert: kubelet v1.13.6 and v1.14.2 have a security regression. You should downgrade to the prior patch release, set RunAsUser, or upgrade to the patch versions coming out later this week.
If you are using TravisCI with your repo, you need to remove it, since Prow and Tide can’t interact with it anymore. This includes a long list of repos that are about to stop merging, so please fix. Further, merge commits will now be blocked from Kubernetes/Kubernetes.
On the nice side, Prow now checks your Github status before assigning reviews to you.
Several SIGs have started doing day-long cleanups where they go through their backlogs of issues and PRs to see what can be closed. See SIG mailing lists to join one.
Next Deadline: All enhancements should have Docs patches ready to review today, June 4th. Beta.2 comes out June 5.
Version 1.15 is currently in Code Freeze. The upcoming release has 27 enhancements, one of which may not make it. CI Signal status is yellow, and 20 PRs are waiting to be merged, so please review and fix those tests!
Leading off with a documentation update!
sample-apiserver is a small project which shows how to create a standalone API service, usually to use with kube-apiserver’s aggregation proxy mode. While Kubebuilder (and apiserver-builder) have mostly replaced it for practical uses, this project is still a great place to tinker with API concepts and learn the nuts and bolts of how an API server is put together. The new docs show how to compile things and how to deploy out to a cluster. If you’re interested in API internals, check it out.
While external load balancers have always been cleaned up eventually, it has previously been an asynchronous process. This PR uses the finalizer system to block the deletion of the Service object itself until the external resources are torn down fully. This both makes testing easier, it helps improve the behavior of any tools built around LoadBalancer services to more accurately report their state.
Long awaited but finally here,
kubectl is getting its own staging repo: kubernetes/kubectl aka
k8s.io/kubectl. For Kubectl plugins which need to pull in some of its utilities, this should help reduce the final executable size as well as streamline dependency management.
And finally a nice, advanced scheduling feature. This adds a
preemptionPolicy field to both Pods and PriorityClasses which can be set to
Never to ensure that no matter what other priorities are in use, the pod will never get preempted. Use with caution, but for services that really can’t be disrupted no matter what, this is a nice knob to have.
kubectl topgets configurable sorting
kubeadm upgrade nodeinstead of earlier commands
kubectl execdrops the
transformer_failure_totalmetric deprecated in favor of
Last Week In Kubernetes Development (LWKD) is a product of some members of the Kubernetes project, but is not an official publication of the Kubernetes project or the CNCF. All original content is licensed Creative Commons Share-Alike, although linked content and images may be differently licensed. LWKD does collect some information on readers, see our privacy notice for details.
You may contribute to LWKD by submitting pull requests or issues on the LWKD github repo.