Stay up-to-date on Kubernetes development in 15 minutes a week.
Lots of news for you this week, starting with the 1.23 release(release notes). SLSA compliance, Dual Stack, FlexVolume deprecation, PodSecurity API and more. Note that the new version of cri-tools is not yet available, which means that some people should wait to upgrade.
Second, this will be the last LWKD in 2021. Publication will resume in January.
The Contributor Celebration is this week.
The kubernetes-dev
mailing list will be moving to an @kubernetes.io address over the next few weeks, partly in order to fix the community calendar. You should not need to do anything immediately except change your personal address book entry. In 2022, we will be asking document owners to switch document sharing to the new list.
Aldo Culquicondor wants to create a Batch Working Group. SIG-Release will be closing discussion on the SLSA KEP and signing KEP on Dec. 17th, so get your questions in now.
Next Deadline: 1.24 cycle begins, January 10, 2022
The final patch releases of 2021 are expected out Wednesday December 15th.
Hopefully the removal of Dockershim is not, in general, news to anyone reading this but the day has come. Some will celebrate, a few might mourn for the pain of upgrading, but regardless Dockershim is no more. If you haven’t already responded to the SIG-Node survey maybe give that a look, otherwise just get all your Containerds ready and look forward to a cleaner future. Big congratulations to everyone who helped get this done over the years.
client-go
has long had a helper library for managing leader/primary elections, used mostly in controller managers so several replicas can be running for redundancy but most controllers are disabled for secondary instances. Originally this supported two modes, endpoints
and configmaps
, each using their respective API types to create a singleton lock. Back in 1.14, we added a Leases API to more specifically address things like node heartbeats and leader locks. Along with the new API, a leases
lock mode was added. The goal was to move everyone towards the Leases API as it has substantially better performance for both the client and server. While this relatively minor project got a bit lost between other tasks, the day has finally come to force everyone onto bigger and better things.
For migration purposes you can use endpointsleases
and configmapsleases
and do a rolling upgrade to the new API, and those lock modes are still present.
apiserver_flowcontrol_work_estimate_seats_samples
, evictions_total
is the new evictions_number
kubectl diff
gets a prune command to mirror what kubectl apply --prune
does--address
and --port
deprecated and insecure options will be removed from the controller-manager and the apiserver in 1.24k8s.io/apimachinery/util/clock
is being replaced with k8s.io/utils/clock
NamespaceDefaultLabelName
feature gate is removed since it’s GAReallyCrashForTesting
is finally, blessedly, goneLast Week In Kubernetes Development (LWKD) is a product of multiple contributors participating in Kubernetes SIG Contributor Experience. All original content is licensed Creative Commons Share-Alike, although linked content and images may be differently licensed. LWKD does collect some information on readers, see our privacy notice for details.
You may contribute to LWKD by submitting pull requests or issues on the LWKD github repo.