We had our first community meeting in the new format last week, led by Laura Santamaria. SIG-Release discussed the 3-releases KEP, and SIG-CLI explained the overhaul for the coming kubectl exit codes. Future community meetings will also focus on topics of interest to our whole contributor community, so join us next month!
The Production Readiness WG would like you to take a survey.
Next Deadline: Enhancements Tracking starts today
The 1.22 release has a schedule now, and Enhancements lead James Laverack has started collecting your enhancments; please note per his message that there is a new (as of 2021) system for tracking them. As part of the new 3/year release schedule, 1.22 will be 15 weeks. Important dates:
Our next set of patch releases closes to cherry-picks on May 7th and is expected out May 12th. Importantly, 1.18 has been extended with one more patch, so the last 1.18 will be 1.18.19, which not incidentally includes a security fix. After this month, though, you’d better start working on upgrading to a supported version.
pods/ephemeralcontainers subresource API has been overhauled. Previously it used a dedicated EphemeralContainers type, but now it expects a complete Pod object. This works similarly to the
/status subresource, accepting a full object but only updating selectively in the underlying data. This change streamlines admission control, making sure the full object is available for those even if only the ephemeral containers will be used in the end. This is a full API break, any older tools using this API will need to be updated. If you’ve been using the “debug container” system behind the feature flag, be ready for a multi-sided upgrade in the future.
While we always do our best to avoid it, it looks like 1.21.0 included a minor breakage in the probes system. During one of the overhauls of that subsystem, startup probe behavior was changed such that they would only be used on the initial startup of the pod/container. Previously, and now again, every time the container is restarted it will run through the same state machine of startup probe to readiness/liveness probe. While not yet merged at time of writing, backports for this are expected shortly. If you make use of a critical startup probe, consider holding off on 1.21.0 or upgrading once a 1.21.1 is available.
A fairly small change but potentially requiring matching changes; the file backend for audit logs will now make sure the file is created with
0600 permissions. If the file already exists at startup, permissions won’t be changed. This means if you use some kind of create-a-new-server style of upgrades or some other immutable infrastructure, you may see this new file mode on your 1.22 upgrade. Double check any scripts or log ingestion tools to make sure they will work or touch/chmod the log file before starting kube-apiserver.
kubectl describenow has a
--chunk-sizeparameter to keep large resource lists from overwhelming the client; this does mean that all object code will need to support chunking
kubectl create ingress
chaos-chancehas been removed
--generatoris gone, both from deployment and autoscale
Last Week In Kubernetes Development (LWKD) is a product of some members of the Kubernetes project, but is not an official publication of the Kubernetes project or the CNCF. All original content is licensed Creative Commons Share-Alike, although linked content and images may be differently licensed. LWKD does collect some information on readers, see our privacy notice for details.
You may contribute to LWKD by submitting pull requests or issues on the LWKD github repo.