LWKD logo

Last Week in Kubernetes Development

Stay up-to-date on Kubernetes development in 15 minutes a week.

Subscribe
Mastodon
BlueSky
RSS

View LWKD on GitHub

Week Ending November 24, 2024

Developer News

If you attended the Kubernetes Contributor Summit in Salt Lake City, please complete the post-event survey.

SIG-Security shared CVE-2024-10220, which allowed attackers to use a gitRepo volume for unauthorized file access. This vulnerability was patched in versions 1.31.0, 1.30.3, 1.29.7, and 1.28.12; if you are running older versions, please upgrade.

Release Schedule

Next Deadline: Release Highlights completion, December 3rd

Docs freeze is in effect as of Tuesday 26th November. We are now in the final phases of the v1.32 release cycle with the scheduled release date just two weeks away.

Kubernetes v1.32.0-rc.0 is live!. v1.32.0-rc.1 is scheduled to be cut on Monday, December 3rd.

KEP of the Week

KEP-3157: Allow informers for getting a stream of data instead of chunking

This KEP addresses the kube-apiserver’s vulnerability to excessive memory consumption caused by LIST requests in large clusters, which can lead to server crashes, node pressure, and workload disruption. To solve this, it proposes reducing temporary memory usage from an exponential scale to a manageable constant, leveraging the watch cache to reduce etcd load, ensuring consistent and fresh LIST responses, and maintaining backward compatibility—all while protecting the server and its node from OOM scenarios

This KEP is tracked for beta release in the ongoing v1.32 cycle.

Other Merges

Version Updates

Last Week In Kubernetes Development (LWKD) is a product of multiple contributors participating in Kubernetes SIG Contributor Experience. All original content is licensed Creative Commons Share-Alike, although linked content and images may be differently licensed. LWKD does collect some information on readers, see our privacy notice for details.

You may contribute to LWKD by submitting pull requests or issues on the LWKD github repo.