Last Week in Kubernetes Development
Stay up-to-date on Kubernetes development in 15 minutes a week.
Week Ending June 13, 2021
Developer News
The Kubernetes Community Meeting is this week; please join us Thursday 1700 UTC / 1pm EDT. We’ll be discussing issues with patch releases, the looming API removal, CLI footguns, and more. And don’t forget to #shoutout in Slack! Note that you may not have a calendar item for this, given ongoing issues with Google Groups.
Reminder: do not update to the last set of patch releases if you haven’t already. Also, folks running 1.18 need to see release announcements below.
Please give some feedback on the 2021 Contributor Summit in two microsurveys: will you attend and help choose a graphic. Also, for SIG Chairs, maintainer track sessions for KubeCon are due July 6th, and must be submitted by SIG Leads or project maintainers only.
The COSI driver for Minio has been archived because Minio’s license change makes it impossible for the Kubernetes community to run tests on it. Minio will be hosting their own repo in the future. SIG-Storage would also like some help on CSI migration for Gluster and Ceph, or confirmation that they’re going ahead without migration.
Jeffrey Sica is stepping down as SIG-UI chair and has nominated Stu Mutou to replace him.
Release Schedule
Next Deadline: Enhancement Exceptions and Features for the Blog due June 28
We’re two weeks away from the deadline both to get your final Exception Requests in, and at the same time you should let Release comms team know what you want to be in the release blog from your SIG, if anything. Code Freeze is July 8th.
SIG-Release Master-Blocking is down to 4 flaky jobs, so good work on closing those test issues.
Last month’s patch releases are regressive for most users, and as such SIG-Release recommends that you not update if you haven’t already; instead, wait for this week’s patch releases, due out Wednesday. This will include 1.18.20, which will patch only that regression; other known issues reported over the last month, such as the migrated PVC attachment issue, will remain unfixed in 1.18. Users of the deprecated version should really work on upgrading pronto.
Featured PRs
#102759: Update kubeadm control-plane to run as non-root
Kubeadm isn’t usually the most high-profile project in our ecosystem but it is at the heart of many Kubernetes installers. A long-requested feature, it can now run the control plane services (except for Etcd which is coming soon) as a non-root UID. This new mode also drops all unnecessary capabilities which is most of them. This helps a lot of the security posture of any cluster, a remote code execution vulnerability would still be bad but can be more contained rather than an immediate and total Game Over. If you use Kubeadm for your clusters, you should investigate these new options carefully.
#96374: Create example component for integrating with component-base
The component-base standard is a rapidly-evolving suite of helpers to unify the command line and daemon behaviors of Kubernetes tools. Getting started using them is, unfortunately, a bit tricky. This PR provides a very direct example of using component-base/logs in a simple CLI tool. If your Kubernetes CLI does logging, maybe check it out and see if component-base can improve your UX. Also if you work on other subsystems of component-base consider adding similar examples to aid new adopters!
Other Merges
- Make API data TZ consistently UTC; this may mess with your admin/apps if you were depending on the API to return a different TZ
- Add current usage metric for Priority & Fairness
- Oops, maybe we increased logging for client-go reflector a bit too much
- Kubeadm will dry run control plane creation, and no longer require etcd to use ephemeral storage
- Online Volume Expansion is an explicit capability so that it can be disabled for CSI backends that don’t support it
- Dims purged viper-config from our E2E tests since we never actually used it
- Backport correctly removing pods from PodTopologyHints to 1.21 and 1.20
- Admission metrics get a namespace label and an expanded histogram range
Promotions
Deprecated
- Remove two scheduler flags deprecated since 1.18
- Scheduler Config is now
v1beta2API, which means some duplicated plugins are getting deprecated
Version Updates
- go to 1.16.5 in 1.21 and 1.22
- debian-base to 1.7.1 in official images
- etcd to 3.5.0-rc.0-0 to test for releasing 1.22 with etcd 3.5.0
Last Week In Kubernetes Development (LWKD) is a product of multiple contributors participating in Kubernetes SIG Contributor Experience. All original content is licensed Creative Commons Share-Alike, although linked content and images may be differently licensed. LWKD does collect some information on readers, see our privacy notice for details.
You may contribute to LWKD by submitting pull requests or issues on the LWKD github repo.