LWKD logo

Last Week in Kubernetes Development

Stay up-to-date on Kubernetes development in 15 minutes a week.


View LWKD on GitHub

Week Ending November 21, 2021

Developer News

Registration is open for the Contributor Celebration. Join us for end-of-year fun with your peers.

Since Tim Pepper was elected to Steering, he has stepped down from the Code of Conduct Committee and Carlos Panato has taken his place. Steering Liaisons for SIGs are also changing. Steering and CoCC have also jointly made it clear that nobody is above the Code of Conduct.

Release Schedule

Next Deadline: Docs PRs, release blog ready for review, Nov 23

It’s Code Freeze! So a ton of things are happening this Tuesday, just before the Americans all vanish into food comas. Both the Doc PRs and the Release Blog draft should be ready to review. Release candidate 0 will be released. Test jobs will fork, and the Release team will start watching the Release-1.23 jobs instead of Main. If you are on Family Time this week, don’t forget that any Feature Blog articles are due next Tuesday.

Also, 1.23 beta 0 was released last week.

Patch Releases: 1.20.13, 1.21.7, and 1.22.4 are out, including fixes for EndpointSlice mirroring, API panics, iptables regressions, and too many disk mounts on Windows.

#106448: Use golangci-lint for staticcheck

We’re fully switched over to golangci-lint for our staticcheck plumbing, instead of our very funky shell script wrapper. This means slightly different code annotations for skips and some upgrades for an improved version of the linter. Please do make sure you clean up any pending PRs for the new rules! This also adds a config file structure to make it easier to slowly roll out additional linters. If you’re interested in that, please reach out to SIG-Testing (though maybe wait until after 1.23 is a bit more stable).

#106501: Make CRI v1 the default and allow a fallback to v1alpha2

CRI v1 was first released with Kubernetes 1.20 and is now the default for talking to plugins, though the kubelet will automatically try the previous alpha version (there was never a beta release of CRI) automatically to allow for a smooth transition. CRI v1 is supported by CRI-O 1.21+ and is already merged for the upcoming Containerd 1.6. This is not expected to be a compat-impacting change however as with any major codepath alteration, test things to be sure.

#106051: Feature implementation: Validation rules for Custom Resource Definitions using the CEL expression language

We highlighted this one back when discussing KEPs but it’s now actual code! To summarize the feature: you can define CEL expressions on any schema node in a Custom Resource Definition using x-kubernetes-validations. These expressions will be run on create/update like other validations. Each rule expression can access only the data in or below the node it is defined on, as well as a limited set of global values (apiVersion, kind, metadata.name, metadata.generateName). CEL does support simply loops and branching however overall runtime is constrained to avoid runaway complexity explosions (will return an HTTP 408 response).

As an example for the fairly common case of requiring one and only one mode sub-struct to be configured:

- rule: "[has(self.mode1), has(self.mode2)].exists_one(m, m)"
  message: You must configure mode1 or mode2

This will potentially simplify and speed up many operators which previous used webhooks for these kinds of validations. It won’t cover every use case but give them a try!

CSI Migration Updates

And finally we have some forward progress on CSI migrations! Both AWS and GCE have flipped the migration switch by default so those in-tree drivers will be disabled now (but you can re-enable them for a short time longer if needed). Portworx and Ceph RBD are both set up for transition, with the in-tree plugins still enabled for now, and you can disable them once you’ve migrated to avoid conflicts.

Other Merges



Version Updates

Last Week In Kubernetes Development (LWKD) is a product of multiple contributors participating in Kubernetes SIG Contributor Experience. All original content is licensed Creative Commons Share-Alike, although linked content and images may be differently licensed. LWKD does collect some information on readers, see our privacy notice for details.

You may contribute to LWKD by submitting pull requests or issues on the LWKD github repo.