LWKD logo

Last Week in Kubernetes Development

Stay up-to-date on Kubernetes development in 15 minutes a week.


View LWKD on GitHub

Week Ending March 12, 2023

Developer News

Lots of important and urgent news this week.

In one week, deprecated registry k8s.gcr.io will be automatically redirected to registry.k8s.io. This may break some existing Kubernetes setups, especially those running older versions in secure or gapped environments. Make sure that registry.k8s.io is on your allowlist for image pulls. This measure is only temporary; long-term, you still need to update your installations and components to use registry.k8s.io.

We’ve had to stop releasing Kubernetes for 32-bit Linux/ARM because Golang isn’t consistently working on it. If 32-bit ARM as a platform matters to you, consider getting involved in the Go project to stabilize support.

The project is making a clear separation between Chair and Tech Lead roles for all SIGs. If you haven’t had a separate TL role for your SIG yet, you’ll need to figure out who is doing what soon.

Patrick Ohly and others have finished adding support for linter checks in Kubernetes pre-submit testing. This will get turned on for 1.28 development.

Registration for the EU Contributor Summit is open.

Release Schedule

Next Deadline: CODE FREEZE, March 14th

It’s Deadline Week for 1.27! Pencils down, everyone. Tomorrow is both Code Freeze and the deadline for major themes submissions. Docs placeholder PRs are due on Thursday. Test freeze is next week. We currently have 78 listed Enhancements in 1.27; let’s finish these up and get 1.27 out the door. CI Signal is, fortunately, green after dropping 32-bit ARM.

Patch releases for all supported versions are due out this Wednesday.

#116293: Enable plugin resolution as subcommand for selected builtin commands

Kubectl plugins have allowed for a huge variety of workflow tools and other CLI improvements, all using a very simple system of converting kubectl foo to exec("kubectl-foo"). This has been a huge boon for the community but what if we took it ever farther? A limitation of the existing system is that plugins must use a top-level command that is currently unused. SIG-CLI has now added the next step, allowing arbitrary levels of commands to be provided by plugins. This follows the same pattern as before, kubectl create mything will try to run a command kubectl-create-mything. For now this is only supported for kubectl create as well as being behind a feature flag through the $KUBECTL_ENABLE_CMD_SHADOW environment variable. There are still some open questions about how to steer this towards GA, mostly around how to handle the case of a new built-in command taking priority over what used to be a plugin, however the SIG is hard at work hammering out those details and how to expand the feature for more of Kubectl.

#116161: Mutable pod scheduling directives

The new PodSchedulingReadiness feature, added in 1.26 as an alpha feature and graduating to beta in 1.27, allows for blocking a Pod from getting scheduled until some conditions are met. This works similarly to the finalizers system, with the conditions being entirely abstracted behind an array of tags, it being up to the controllers which manage them to know the meaning. Overall this allows for more flexible scheduling as a gate controller can do things like initialize hardware or check more complex system health conditions before scheduling is allowed to proceed. To better fulfill that mission, a limited mutation capability has been added for Pods in this in-between state where they have been accepted by the API but scheduling is disallowed. While in that limbo, you can now add extra terms to the node selector or affinity expressions. This only allows pure addition, existing values can’t be removed or modified. But this could be used for things like a spot-instance-aware scheduling helper which can adjust bids based on Pod-level information, and then ensures things end up on the correct machines. If you’ve got any kind of complex scheduling needs, make sure to check out this new feature.

Other Merges

Lots of merges this week, it’s Code Freeze Time!


Testing Improvements: sidecar lifecycle checks, SElinux, init containers, more init containers, dedup after-roundtrip fixtures, multi-protocol ports, terminating pod connections, parallelize node ipam test, implement AllAlpha and AllBeta, debug profiles, StatefulSet Ordinal, node expand volume, nodestatus, util.go, kuberuntime, Windows kubelet, winstats, kubelet types



Version Updates

Last Week In Kubernetes Development (LWKD) is a product of multiple contributors participating in Kubernetes SIG Contributor Experience. All original content is licensed Creative Commons Share-Alike, although linked content and images may be differently licensed. LWKD does collect some information on readers, see our privacy notice for details.

You may contribute to LWKD by submitting pull requests or issues on the LWKD github repo.