LWKD logo

Last Week in Kubernetes Development

Stay up-to-date on Kubernetes development in 15 minutes a week.

Subscribe
Mastodon
BlueSky
RSS

View LWKD on GitHub

Week Ending April 6, 2025

Developer News

KubeCon + CloudNativeCon EU took place last week in London, along with the CNCF Maintainer Summit. The recordings of the talks would be uploaded to the CNCF YouTube channel soon.

Photographs from the Maintainer Summit can be found in this Flickr album. Photographs from KubeCon + CloudNativeCon are being uploaded here.

If you haven’t done it already, do submit your feedback for the Maintainer Summit before April 18th!

Release Schedule

Next Deadline: Release day, April 23

Kubernetes v1.33.0-rc.0 is now available for your testing pleasure.

We are less than two weeks away from the scheduled release date for Kubernetes v1.33!

KEP of the Week

KEP 3619: Fine-grained SupplementalGroups control

This KEP adds a new way to choose correct behaviour with how container runtimes are applying SupplementalGroups to the first container process. Previous to this KEP, supplemental groups attached to containers were defined at two levels in Kubernetes - the OCI image level as well as the Kubernetes API level. The Kubernetes API level PodSecurityContext.{RunAsUser, RunAsGroup, SupplementalGroups} was designed to override the config.User configuration of OCI images. But in the current implementation, even if supplemental groups are defined at the Kubernetes API level, the group memberships defined in the container image for the UID are attached to the container process. This KEP proposes changes to both the Kubernets API and the CRI API to fix this issue.

This KEP is driven by @everpeace and is tracked to graduate to beta in the v1.33 cycle.

Shoutouts

No shoutouts this week. Want to thank someone for special efforts to improve Kubernetes? Tag them in the #shoutouts channel.

Last Week In Kubernetes Development (LWKD) is a product of multiple contributors participating in Kubernetes SIG Contributor Experience. All original content is licensed Creative Commons Share-Alike, although linked content and images may be differently licensed. LWKD does collect some information on readers, see our privacy notice for details.

You may contribute to LWKD by submitting pull requests or issues on the LWKD github repo.