After a bit of a hiatus, WG-LTS has been restarted and is running a survey about the upgrade experience to gather information from the community as they decide what the needs of an LTS version of Kubernetes would be in the current environment.
Next Deadline: Test Freeze, November 15th
Code freeze continues, with much of the release team at KubeCon NA updates have been low. Please continue to assist with any requests to clear broken or flaky tests so we can keep things on schedule.
PEMTrustAnchors, this feature adds a dedicated way to manage TLS certificate bundles and distribute them to workloads. It comes in two parts, a
ClusterTrustBundle resource type and a
clusterTrustBundle projected volume source. The
ClusterTrustBundle allows creating a cluster-scoped (i.e. non-namespaced) home for a certificate or chain of certificates, with a signer name and the usual metadata labels. These can then be referenced in a projected volume mount, either directly by name or via label selector if you want to automate the handling of multiple trust roots or root rotations.
Projected volumes are a type of virtual volume source that can map multiple types of metadata into a single mount folder inside a pod. Currently they support the
downwardApi to get information about the Pod itself,
serviceAccountToken for accessing specialized bound tokens, as well as
secret with their usual support. The new
clusterTrustBundle type collects one or more
ClusterTrustBundle objects, combines their PEM data, and exposes it into the requested path.
While not included in this PR, discussions have already started around how to extend this concept to a namespaced
TrustBundle type in the future.
This KEP adds a new metrics endpoint to the kubelet, which serves metrics required by the cluster-level Resource Metrics API. This KEP proposes adding a
/metrics/resource endpoint in the kubelet which exposes metrics in the Prometheus text exposition format. This would provide the minimum set of metrics required to serve the Resource Metrics API.
This KEP is targeting the stable milestone in the upcoming v1.29 release.
ServiceCIDRtype to dynamically reconfigure the IP ranges used for services
Last Week In Kubernetes Development (LWKD) is a product of multiple contributors participating in Kubernetes SIG Contributor Experience. All original content is licensed Creative Commons Share-Alike, although linked content and images may be differently licensed. LWKD does collect some information on readers, see our privacy notice for details.
You may contribute to LWKD by submitting pull requests or issues on the LWKD github repo.