LWKD logo

Last Week in Kubernetes Development

Stay up-to-date on Kubernetes development in 15 minutes a week.

Subscribe
Twitter
RSS

View LWKD on GitHub

Week Ending April 3, 2022

Developer News

Etcd 3.5.X has a significant data corruption issue, and is not recommended for production use. If you have not yet upgraded to Etcd 3.5, please wait for 3.5.3. If you have upgraded, you need to restart etcd with the --experimental-initial-corrupt-check flag. Kubeadm supports this flag.

The Steering Committee is considering archiving SIG Service Catalog due to inactivity. If you use minibroker, service-catalog, or go-open-service-broker projects, please speak up on the linked issues about what you think should be done with that project.

Kubernetes Contributor Summit EU will be held on May 16th at the Fira in Valencia. Registration and additional details coming soon.

Release Schedule

Next Deadline: Doc PRs ready for review, April 5th

The first release candidate for 1.24 has been postponed to next week due to a certificate validation error we need to wait for go 1.18.1 to be fixed. As such, RC 0 will be released next Monday.

There’s plenty to do this week while you wait for RC 0, though. First, your draft documentation on your enhancements is due Tuesday. At the same time, the Release Notes team will be drafting the notes, and asking you questions. And the Release Blog will be finalized Wednesday.

The following test jobs are still flaky, and could easily cause the final release to be delayed, so look into them if you can: skew-cluster-latest, gce-ingress, kind-master-parallel, and ci-kubernetes-unit. Check the CI work board to collaborate.

The cherry pick deadline for the next set of patch releases is April 8th.

#108745: feat: prepare KMS data encryption for migration to AES-GCM

This PR paves the way for using AES-GCM instead of AES-CBC for our at-rest encryption. CBC mode, while overall very safe, is vulnerable to certain types of padding oracle attacks (leaking information through the data padding required by the algorithm). GCM represents a substantial upgrade and will help test the way forward to newer, non-AES options. For 1.24 only the read half of things is implemented. For now this will do nothing but will allow for smooth upgrades and downgrades once 1.25 comes out later this year. If you have any management tools that assume CBC is the default mode, now is a good time to start preparing for the future.

#108995: contextual logging

Building on the bones of our structured logging, we now have the core of a contextual logging framework. The general idea is that rather than a single global logger instance that’s initialized once at program startup, we can generate many sub-loggers and bind them to the Context structs already flowing through the code. These bound loggers can embed default structured logging key-value data which allows a more natural flow of those around a codebase. The feature is flagged off in Kubernetes as a whole but you can enable it for specific daemons with klog.EnableContextualLogging(true). Give it a try and give feedback to WG Structured Logging or SIG Instrumentation.

Other Merges

Since this is CodeFreeze week, we have quite a few new feature pushes:

Of course, not all features made it into 1.24:

And the fixes never stop:

Promotions

Deprecated

Version Updates

Last Week In Kubernetes Development (LWKD) is a product of multiple contributors participating in Kubernetes SIG Contributor Experience. All original content is licensed Creative Commons Share-Alike, although linked content and images may be differently licensed. LWKD does collect some information on readers, see our privacy notice for details.

You may contribute to LWKD by submitting pull requests or issues on the LWKD github repo.