Ingress-nginx has a security issue which allows accessing cluster secrets. Upgrade to 1.2.1 or above as soon as possible.
The blog subproject is looking for contributors help them publish new posts. Folks can review upcoming blog posts on the kubernetes/website repository with the label
area/blog. Before joining the effort, make sure to read through the blog guide and the style guide. Reach out to #sig-docs-blog to collaborate or ask any questions.
Next Deadline: Enhancements Freeze June 23rd (PRR June 16th)
The Enhancements Freeze has been pushed back to June 23rd to accommodate the many SIGs with a backlog of KEPs to review. Please get your draft KEPs to Production Readiness by this Thursday (the 16th).
New patch releases for all supported versions are planned for this Wednesday.
The Container Object Storage Interface (COSI) team has merged a PR targeting a revamped COSI API to be alpha in 1.25. COSI is a plugin framework similar to CSI but for object storage systems rather than block storage. The end goal is to provide a basic abstraction layer and self-service toolkit for object storage just as we do for block storage. This includes provisioning and deprovisioning the buckets themselves, a simplified access policy abstraction, and being able to provide a workload with credentials or other access information to use the storage bucket.
Both kube-proxy and kubelet create/manage IPTables firewall rules at various points in the codebase. This KEP aims to clarify and streamline things so we can converge on kube-proxy owning all the rules it needs to operate. This will both improve code clarity and streamline things for users of alternate service proxy implementations.
A common UNIX convention (at least as applied to containers) is to write basic log data to stdout and errors or other exceptional issues to stderr. While we expose container logs via
kubectl logs and the matching APIs, it only returns the combined stream of both types of output. This KEP seeks to add a
Stream field to
PodLogOptions to allow retrieving just one of the two when desirable.
Also, lots of backports of fixes from the last month.
Last Week In Kubernetes Development (LWKD) is a product of multiple contributors participating in Kubernetes SIG Contributor Experience. All original content is licensed Creative Commons Share-Alike, although linked content and images may be differently licensed. LWKD does collect some information on readers, see our privacy notice for details.
You may contribute to LWKD by submitting pull requests or issues on the LWKD github repo.