LWKD: Week Ending August 22, 2021
Developer News
Vallery Lancey and Nabarun Pal have been elected to the Code of Conduct Committee for the 2021-2023 term.
SIG-Docs is looking for contributors, particularly folks interested in becoming reviewers, and eventually Chairs. If you like writing, SIG-Docs is the place for you!
Is Code Freeze too long? Too short? Just right? Add your thinky bits to the discussion.
Release Schedule
Next Deadline: Enhancements Freeze, Sept. 9
The 1.23 release cycle began today. As always, the call for Enhancements is the first activity we'll see, and notably the PRR Committee would like to see the PRR part of your KEP a week before, on Sept. 2nd, if at all possible.
1.22.1, with the first batch of post-release fixes, is now available.
Featured PRs
#104368: golang 1.17 fails to parse IPs with leading zeros
One of the backwards-incompatible changes in Go 1.17 is that net.ParseIP
and net.ParseCIDR
now reject IPs with leading zeroes, such as 1.2.3.004
. In Go 1.16 these would parse but octets with a leading zero would be interpreted as octal, leading to both user confusion and potential security issues in edge cases. This unfortunately puts us in a difficult place as we can't (or at least really prefer not to) change the validation behavior in ways that affect existing stored data. As a temporary "no worse than it was before" solution we have added two functions to k8s.io/utils/net
, ParseIPSloppy
and ParseCIDRSloppy
. If you are interacting with stored IPs or CIDR masks in Kubernetes types, please make sure you use these going forward rather than the net
versions. And stay tuned for future updates as this is hopefully only a stopgap answer.
#101081: kubelet: add graceful shutdown events
The graceful node shutdown allows giving pods time to be evicted before a node terminates or reboots. As a new addition, this will also yield a Shutdown
type event into the Node object's event stream. This can be used for fleet analysis, scripting waits, or alerting.
#104281: send retry-after until the apiserver is ready
And finally a short but useful feature, a --startup-send-retry-after-until-ready=true
command line option for kube-apiserver to set it to return an HTTP 429 Too Many Requests and a Retry-After
header in the (short) time between the listening socket being opened and the API server being ready for requests. If you work on a Kubernetes client that doesn't already support 429/Retry-After, now would be a great time to add it!
Other Merges
- Prevent an LRU cache panic in most of the Kubernetes processes; backported to 1.22, where the issue first appears
- Kubectl stops recommending flags that don't exist
- Metrics:
apiserver_longrunning_requests
is the newapiserver_longrunning_gauge
, and rationalize the Volume Scheduling duration metrics - Append the server context path to
kubectl proxy
requests, so they don't have to be in the URL
Version Updates
- Node Feature Discovery 0.9.0 is out
- cri-tools to 1.22.0
- csi-proxy to v1.0.1-gke in kube-up.sh installs