LWKD logo

Last Week in Kubernetes Development

Stay up-to-date on Kubernetes development in 15 minutes a week.


View LWKD on GitHub

Week Ending June 12, 2022

Developer News

Ingress-nginx has a security issue which allows accessing cluster secrets. Upgrade to 1.2.1 or above as soon as possible.

The blog subproject is looking for contributors help them publish new posts. Folks can review upcoming blog posts on the kubernetes/website repository with the label area/blog. Before joining the effort, make sure to read through the blog guide and the style guide. Reach out to #sig-docs-blog to collaborate or ask any questions.

SIG-Release is updating their roadmap, watch the presentation. Josh Berkus has been nominated to chair SIG-Contributor Experience.

Release Schedule

Next Deadline: Enhancements Freeze June 23rd (PRR June 16th)

The Enhancements Freeze has been pushed back to June 23rd to accommodate the many SIGs with a backlog of KEPs to review. Please get your draft KEPs to Production Readiness by this Thursday (the 16th).

New patch releases for all supported versions are planned for this Wednesday.

enhancements#2813: [Bucket API] KEP updates for API review

The Container Object Storage Interface (COSI) team has merged a PR targeting a revamped COSI API to be alpha in 1.25. COSI is a plugin framework similar to CSI but for object storage systems rather than block storage. The end goal is to provide a basic abstraction layer and self-service toolkit for object storage just as we do for block storage. This includes provisioning and deprovisioning the buckets themselves, a simplified access policy abstraction, and being able to provide a workload with credentials or other access information to use the storage bucket.

enhancements#3179: KEP-3178: Cleaning up IPTables Chain Ownership

Both kube-proxy and kubelet create/manage IPTables firewall rules at various points in the codebase. This KEP aims to clarify and streamline things so we can converge on kube-proxy owning all the rules it needs to operate. This will both improve code clarity and streamline things for users of alternate service proxy implementations.

enhancements#3289: KEP 3288: Split stdout and stderr log stream

A common UNIX convention (at least as applied to containers) is to write basic log data to stdout and errors or other exceptional issues to stderr. While we expose container logs via kubectl logs and the matching APIs, it only returns the combined stream of both types of output. This KEP seeks to add a Stream field to PodLogOptions to allow retrieving just one of the two when desirable.

Other Merges

Also, lots of backports of fixes from the last month.


Version Updates

Last Week In Kubernetes Development (LWKD) is a product of multiple contributors participating in Kubernetes SIG Contributor Experience. All original content is licensed Creative Commons Share-Alike, although linked content and images may be differently licensed. LWKD does collect some information on readers, see our privacy notice for details.

You may contribute to LWKD by submitting pull requests or issues on the LWKD github repo.