LWKD logo

Last Week in Kubernetes Development

Stay up-to-date on Kubernetes development in 15 minutes a week.

Subscribe
Twitter
RSS

View LWKD on GitHub

Week Ending June 13, 2021

Developer News

The Kubernetes Community Meeting is this week; please join us Thursday 1700 UTC / 1pm EDT. We’ll be discussing issues with patch releases, the looming API removal, CLI footguns, and more. And don’t forget to #shoutout in Slack! Note that you may not have a calendar item for this, given ongoing issues with Google Groups.

Reminder: do not update to the last set of patch releases if you haven’t already. Also, folks running 1.18 need to see release announcements below.

Please give some feedback on the 2021 Contributor Summit in two microsurveys: will you attend and help choose a graphic. Also, for SIG Chairs, maintainer track sessions for KubeCon are due July 6th, and must be submitted by SIG Leads or project maintainers only.

The COSI driver for Minio has been archived because Minio’s license change makes it impossible for the Kubernetes community to run tests on it. Minio will be hosting their own repo in the future. SIG-Storage would also like some help on CSI migration for Gluster and Ceph, or confirmation that they’re going ahead without migration.

Jeffrey Sica is stepping down as SIG-UI chair and has nominated Stu Mutou to replace him.

Release Schedule

Next Deadline: Enhancement Exceptions and Features for the Blog due June 28

We’re two weeks away from the deadline both to get your final Exception Requests in, and at the same time you should let Release comms team know what you want to be in the release blog from your SIG, if anything. Code Freeze is July 8th.

SIG-Release Master-Blocking is down to 4 flaky jobs, so good work on closing those test issues.

Last month’s patch releases are regressive for most users, and as such SIG-Release recommends that you not update if you haven’t already; instead, wait for this week’s patch releases, due out Wednesday. This will include 1.18.20, which will patch only that regression; other known issues reported over the last month, such as the migrated PVC attachment issue, will remain unfixed in 1.18. Users of the deprecated version should really work on upgrading pronto.

#102759: Update kubeadm control-plane to run as non-root

Kubeadm isn’t usually the most high-profile project in our ecosystem but it is at the heart of many Kubernetes installers. A long-requested feature, it can now run the control plane services (except for Etcd which is coming soon) as a non-root UID. This new mode also drops all unnecessary capabilities which is most of them. This helps a lot of the security posture of any cluster, a remote code execution vulnerability would still be bad but can be more contained rather than an immediate and total Game Over. If you use Kubeadm for your clusters, you should investigate these new options carefully.

#96374: Create example component for integrating with component-base

The component-base standard is a rapidly-evolving suite of helpers to unify the command line and daemon behaviors of Kubernetes tools. Getting started using them is, unfortunately, a bit tricky. This PR provides a very direct example of using component-base/logs in a simple CLI tool. If your Kubernetes CLI does logging, maybe check it out and see if component-base can improve your UX. Also if you work on other subsystems of component-base consider adding similar examples to aid new adopters!

Other Merges

Promotions

Deprecated

Version Updates

Last Week In Kubernetes Development (LWKD) is a product of some members of the Kubernetes project, but is not an official publication of the Kubernetes project or the CNCF. All original content is licensed Creative Commons Share-Alike, although linked content and images may be differently licensed. LWKD does collect some information on readers, see our privacy notice for details.

You may contribute to LWKD by submitting pull requests or issues on the LWKD github repo.