LWKD logo

Last Week in Kubernetes Development

Stay up-to-date on Kubernetes development in 15 minutes a week.

Subscribe
Mastodon
Twitter
RSS

View LWKD on GitHub

Week Ending July 25, 2021

Developer News

Planning for the 2021 Contributor Summit, which will be held in Los Angeles and online on October 11th, has begun. While the program will be mostly unconference, the committee will solicit a few scheduled talks and workshops. If you have something to teach other contributors, let them know during registration in August. Also, the Summit team could use volunteers to help with content and logistics; if you’re available, please add your name to that issue or ask on #ContribEx in slack.

fejta-bot has been retired in favor of k8s-triage-robot, who will hereafter be the automated voice to tell you when you’ve forgotten to tag a SIG in your PR.

Rodrigo Campos has shared a proposal to use a DAG for sidecar startup ordering, for comment.

If you’re a Helm user, you need to update your install ASAP to avoid a credential-exposing security hole.

Release Schedule

Next Deadline: Docs complete, July 27th

We’re in the home stretch, and hopefully you’ve already merged your final documentation PR comments. Release notes will be completed this Thursday, hopefully for a release on August 4. But … first we need to debug some test fails and flakes. While things have improved from last week, there’s 5 flaky jobs in 1.22-blocking and six critical test fail and test flake issues. So please respond quickly to any messages from CI so that we can get 1.22 out on time.

Also, 1.22rc0 is out, so please test on your own infra.

With 1.22 almost done, it’s time to select a 1.23 team; if you wanted to try out being part of the Kubernetes release, shadowing is the way to start.

community#5724: Introduce documentation about managing a separate mount namespace

A new design sketch from SIG-Node would allow running containers in their own mount namespace, distinct from the host system. This is interesting both from a performance standpoint, as the current mount structures can cause high CPU usage from systemd, but also for security. Specifically this would likely have proactively mitigated the recently discovered CVE-2021-33909 aka Sequoia. If you have any comments or thoughts on topic, please comment on the proposal or reach out to SIG-Node.

Merges

Reversions

Version Updates

Last Week In Kubernetes Development (LWKD) is a product of multiple contributors participating in Kubernetes SIG Contributor Experience. All original content is licensed Creative Commons Share-Alike, although linked content and images may be differently licensed. LWKD does collect some information on readers, see our privacy notice for details.

You may contribute to LWKD by submitting pull requests or issues on the LWKD github repo.