Stay up-to-date on Kubernetes development in 15 minutes a week.
The legacy cluster jobs is dwindling, but not empty. Thanks to everyone who migrated their jobs, but please look at the remaining few; they will be deactivated this week to make way for the CI control plane post 1.31 release.
Registration for Kubernetes Contributor Summit (KCSNA 24) is live.
Next Deadline: Tests Freeze, 31 July
We are in week 12 of the v1.31 release cycle and are two weeks away from the scheduled release date. Code freeze was last week and we are currently tracking 44 enhancements after code freeze. We received a total of 10 exception requests after code freeze, 9 out of which were approved.
We have a bunch of important deadlines this week, the docs freeze (30th July) and test freeze (31st July). Please make sure your PRs are ready in time for the deadlines! v1.31.0-rc.0 is also scheduled to be cut on 30th July. Read more about the state of the release and important upcoming dates here.
ImageVolumeSource
APIWhile the API types were added a few weeks ago, this PR adds the implementation for the new image
volume type. While this feature has existed in Docker for many years, and through CSI plugins for nearly as long, this will bring into Kubernetes core and make it much more accessible to users. The general idea is simple, mounting a container image into a path so they can be updated independently of the running container image. For example a machine learning service can load its model files from an image updated nightly without having to recertify the code, or a CI system can load tools from an arbitrary image without having to worry about specifics.
This uses the same image management systems as everything else in the Kubelet, so images will be cached and reused if desired, and pull credentials are used automatically:
volumes:
- name: tools
image:
reference: mytools:1.2.3
pullPolicy: Always # or IfNotPresent (optional)
The lease-based leader election framework built into Kubernetes has proven to be robust and powerful even in high-churn environments. What it isn’t, however, is predictable. This can increase the stress of running control plane upgrades, especially during version changes in extremely-low-downtime situations. This PR extends the existing leader election system with a new mode, strategy: OldestEmulationVersion
, which provides for a default-case behavior where leaders are selected based on “simple” criteria (specifically a cascading choice list based on the declared API emulation version, actual version of the server, and creation timestamp of a new LeaseCandidate
object) so that during upgrade we minimize leader swaps and they can also be generally predictable. This is built on top of all the existing machinery, so if something does go very wrong, we’ll still have that same robust safety we’re all accustomed to, but with a much easier happy path.
This KEP introduces an enhancement to Kubernetes by ensuring that the PV reclaim policy is honored even if the PV is deleted before the PVC. For a bound
PV-Persistent Volume Claim (PVC) pair, if the PVC is deleted before the PV, the reclaim policy is honored. However, if the PV is deleted before the PVC, the reclaim policy is not exercised, leaving the storage asset not removed.
This KEP is tracked for beta release in the upcoming v1.31.
DisableKubeletCSRAdmissionValidation
feature gate renamed to AllowInsecureKubeletCertificateSigningRequests--proxy-port-range
removedLast Week In Kubernetes Development (LWKD) is a product of multiple contributors participating in Kubernetes SIG Contributor Experience. All original content is licensed Creative Commons Share-Alike, although linked content and images may be differently licensed. LWKD does collect some information on readers, see our privacy notice for details.
You may contribute to LWKD by submitting pull requests or issues on the LWKD github repo.