LWKD logo

Last Week in Kubernetes Development

Stay up-to-date on Kubernetes development in 15 minutes a week.

Subscribe
Mastodon
Twitter
RSS

View LWKD on GitHub

Week Ending July 18, 2021

Developer News

Security hole CVE-2021-25740 allows an attacker who can create Endpoints to trick Ingress/LB into exposing network addresses that they aren’t supposed to have access too. ExternalName Services may have the same vulnerability, and are being blocked in several popular routing pod templates. While Low in risk/severity, user workaround require blanket role permissions changes(download) that may break some applications. Devs are working on a more elegant fix.

We are in Code Freeze.

Release Schedule

Next Deadline: Documentation ready for review, July 20th

Have your docs ready, the Kubernetes docs team has their red pencils out and are going to start reviewing tomorrow for a final merge July 27th. Tuesday and Wednesday this week, 1.22 will branch, the release notes final drafting starts, and the Communications team will wind up the Release Blog. So 1.22 is becoming a thing! Except for test failures.

Test status is … worrisome. While 6 flakes in Blocking and 4 failures in Informing is an improvement on last week, it’s not good enough for release. Particularly, one Storage issue has been unclaimed for 7 days, and a GCP Cloud Provider flake has been open, without apparent action, since March 14th. Please, if a test flake or failure is in your area, these need to be resolved in the next two weeks, if not sooner.

Patch releases and 1.22 Beta 2 were delayed last week because of work associated with the golang update. 1.19.13, 1.20.9, 1.21.3, and 1.22b2 are available now.

Merges

Version Updates

Last Week In Kubernetes Development (LWKD) is a product of multiple contributors participating in Kubernetes SIG Contributor Experience. All original content is licensed Creative Commons Share-Alike, although linked content and images may be differently licensed. LWKD does collect some information on readers, see our privacy notice for details.

You may contribute to LWKD by submitting pull requests or issues on the LWKD github repo.