SIG-Node is hosting a bug scrub on June 24-25. Come help squash come kubelet bugs!
SIG-Observability is considering dropping some klog functionality in order to make JSON logs match klog ones, including writing logs to specific files, adding/removing headers, and location-based stacktrace. Are these features you’re using? Comment on the issue
SIG-Release has published a draft future release schedule for 2021 releases.
Next Deadline: Feature Blogs due, burndown meetings start June 28th
We have rounded the corner, and begun the stretch towards Code Freeze (July 8th). So get that code wrapped up and start working on documentation (and feature summaries). Also, Beta 0 comes out tomorrow, so maybe test it a little. Master-blocking is in pretty good shape, with just three jobs flaking, but master-informing is a mess with 6 failing and 9 flaking tests. Please help clean that up in prep for code freeze, and if a test is just never gonna be fixed, maybe tell SIG-Release so.
Patch releases 1.21.2, 1.20.8, and 1.19.12 are available now. SIG-Release recommends that you skip the prior set of patch releases and update directly to these; if you already installed 1.21.1/1.20.7/1.19.11, then please update your cluster(s) to the current patch level immediately to ensure stability. 1.18 users, you get 1.18.20, but not only is it the last patch for 1.18, it doesn’t contain some fixes for issues resolved in supported versions. So maybe upgrade RSN.
As more and more vendors have moved towards
exec authentication plugins, one frustrating case has been working with plugins that want interactive user input. Most often this is for multi-factor authentication, such as TOTP codes, but it has only worked in some situations and the resulting error messages are often confusing to users. This whole setup now has first-class support in the
exec plumbing. The configuration in a
kubeconfig YAML file can declare one of three
Never (input is not needed ever),
IfAvailable (sometimes needed but the plugin can decide),
Always (don’t even try if input isn’t available). There is also now an
interactive field in the JSON blob passed to the plugin (assuming the config value allows for the plugin to run at all) so
IfAvailable plugins can decide if a specialized error is needed or if they can survive without user input this time. These new features should streamline some workflows for complex authentication plugins so give them a look.
A smaller PR but very interesting for debugging use; JSON logs will now include the location of the log call in a key/value pair like
"caller": "filename:lineno". If you’re making heavy use of JSON logging already, definitely try this out as the data collection does add some slight overhead to logging calls but the hope is the benefits outweigh those costs.
Liggit did a massive cleanup of etcd, grpc and protobuf version dependancies, removing internal conflicts and dependancies on EOL versions.
Last Week In Kubernetes Development (LWKD) is a product of some members of the Kubernetes project, but is not an official publication of the Kubernetes project or the CNCF. All original content is licensed Creative Commons Share-Alike, although linked content and images may be differently licensed. LWKD does collect some information on readers, see our privacy notice for details.
You may contribute to LWKD by submitting pull requests or issues on the LWKD github repo.