LWKD logo

Last Week in Kubernetes Development

Stay up-to-date on Kubernetes development in 15 minutes a week.

Subscribe
Twitter
RSS

View LWKD on GitHub

Week Ending November 24, 2019

Developer News

CSI’s external-provisioner, external-snapshotter, and external-resizer sidecars have all been found to have a security issue with dereferencing PVCs, and have been patched. If you use any of these, update right away, or disable the features until you can.

We are now in Code Thaw.

Test-infra has added a kind/deprecation label so that PRs that deprecate or remove a feature or API will be tagged in a way that makes them easy to find (and summarize). Please start using it.

Also, don’t forget that talk submissions for Kubecon Amsterdam are already due December 4th. We’re also looking for Kubernetes talks for SoCalLinuxExpo.

Release Schedule

Next Deadline: Cherry Pick Deadline Dec. 2nd

We are now in Code Thaw since 1.17rc1 is released. This means your feature docs should already be complete, and you have until Monday to cherry-pick in any last-minute fixes. Fortunately, TestGrid is mostly green.

The next set of patch releases is due December 6th.

#84390: Promoting EndpointSlices to beta

EndpointSlices have been promoted to beta but the feature gate has been disabled by default in v1.17, because the feature still has a lot of bugs and code churn, such as:

#72046: Service Topology implementation for Kubernetes

The first major pass on service topology support has been merged! In short this means that a service can be configured so that when a pod connects to the service IP, rather than getting a random endpoint it will instead get a “local” backend, where “local” can be defined in terms of matching node labels. For example, a common usage might be:

kind: Service
spec:
  topologyKeys: [kubernetes.io/hostname",  "topology.kubernetes.io/zone", "*"]

Meaning the service proxy will first look for a backend on the same node, then the same availability zone, then anywhere in the cluster as it would currently. Unfortunately this new feature does depend on enabling the EndpointSlices system mentioned above, so it may not be immediately available for everyone. But still, this is a great feature to help make more resilient and performant infrastructures for everyone!

#85192: Added fair queuing for server requests

A strong first step towards improving the overload behavior of kube-apiserver, this PR adds a robust queuing management system. This will be further expanded to manage requests coming in so that we can get better prioritization of requests.

Other Merges

Promotions

Deprecated

Version Updates

Last Week In Kubernetes Development (LWKD) is a product of some members of the Kubernetes project, but is not an official publication of the Kubernetes project or the CNCF. All original content is licensed Creative Commons Share-Alike, although linked content and images may be differently licensed. LWKD does collect some information on readers, see our privacy notice for details.

You may contribute to LWKD by submitting pull requests or issues on the LWKD github repo.