January 23, 2024

LWKD: Week Ending January 21, 2024

Last Week in Kubernetes Development

Week Ending January 21, 2024

Developer News

The call for Contributor Summit Sessions is still open, for your discussions, workshops, or SIG meetings.

The legacy Linux package repositories (apt.kubernetes.io and yum.kubernetes.io AKA packages.cloud.google.com) have been frozen starting from September 13, 2023 and are going away in January 2024. Clusters running versions older than 1.24 and relying on the k8s project Linux package repositories (apt.kubernetes.io and yum.kubernetes.io AKA packages.cloud.google.com) will be affected. See the blog post.

WG-LTS upgrade survey is open until the end of January, please fill it out if you haven't already.

Antonio Ojea is now a Tech Lead for SIG-Network.

Release Schedule

Next Deadline: Production Readiness Review Freeze, February 1st

Patch releases 1.29.1, 1.28.6, 1.27.10, and 1.26.13 are available, including a Golang update, etcd update, and a couple of storage fixes.

Featured PRs

#122738: feature(gate): Integrate Inject Feature Gate Instance into client-go for Kubernetes Components

This PR aims to streamline the management of client-go features by registering them with the DefaultFeatureGate instance. It establishes a connection that allows client-go to perform feature checks using the same instance used for Kubernetes feature checks. Notably, this integration ensures that client features seamlessly align with the existing --feature-gates flag for Kubernetes components.

To circumvent a potential dependency cycle between component-base and client-go, this PR involves maintaining parallel definitions of feature types and constants in both. The successful integration hinges on the inclusion of an adapter to pass Kubernetes' default feature gate instance to client-go.

KEP of the Week

KEP 3715: Elastic Indexed Jobs

Currently spec.completions is an immutable field for Jobs with both Indexed and NonIndexed completion modes. This KEP proposes to allow mutating the spec.completions field for Indexed Jobs when spec.completions equals to spec.parallelism. With this, we can handle cases which require autoscaled indexed jobs. While such workloads can be modeled as StatefulSets, the Job API is better suited because of its features like allowing indexes to run to completion and better error handling. The KEP also describes in detail how the success and failure semantics are changed in the cases where spec.completions is mutated.

This KEP is targeting to graduate to stable state in the upcoming v1.30 release.

Other Merges

• Mutable feature gates: allow enabling a feature gate for just one component

• Introduce feature gates to client-go, including the WatchListClient gate lets clients get a stream of items instead of chunks from the server

• kube_codegen ignores the vendor folder

• kubeadm: notice the --kubeconfig flag,

• Don't assign a default StorageClass to PVCs that don't want one

• InPlacePodVerticalScaling won't prevent you from deleting PVCs

• Show more info about VolumeResourceClasses

• Proxy LoadBalancerSourceRanges work even in nftables mode

• ConsistentHTTPGetHandlers gate is locked to default

• kubectl drain won't assume a pod is deleted after an API error

• Scheduler Framework plugins can be gracefully closed

• kubectl get cronjob shows timezone

• contextual logging: cmd/kube-proxy, and client-go NewEventBroadcasterAdapter

• Don't fail PVs if the finalizer can't find the reclaim policy plugin of the external provisioner

• Cleanup deleted inodes in Image storage

Promotions

• EventedPLEG has reverted to alpha after some pod start failures; backported

Deprecated

• Unused fields MetricsBindAddress, HealthzBindAddress removed from SchedulerConfiguration API

• In-tree Azurefile storage has been removed

Version Updates

• golang to 1.20.13, distroless-iptabes to 0.2.9 in 1.26, 1.27, 1.28

• golang to 1.21.6m, distroless-iptables to 0.4.4 in 1.29, 1.30

Subprojects and Dependency Updates

• CRI-O to v1.29.1, v1.28.3, and v1.27.3, fixing CVE-2023-6476

• containerd to 1.7.12 and 1.6.27, removes runc dependency and improves /etc/group handling.

• etcd to v3.4.29, adding livez/readyz endpoints and prevents unsafe HTTP redirects/SSRF

• prometheus to 2.49.0 Add a promql-experimental-functions feature flag containing some new experimental PromQL functions, and 2.49.1

• csi-driver-nfs to v4.6.0 fix CVE-2023-48795

• csi-driver-smb to v1.14.0 fix CVE-2023-5528

• cloud-provider-openstack to v1.29.0

• cloud-provider-vsphere to v1.29.0 Support VPC networking for Routable pod feature

• kompose to v1.32.0 Add COMPOSE_FILE env variable

• kubespray to v2.24.0 Add kubernetes v1.28.0, v1.28.1, v1.28.2, v1.28.3, v1.28.4, v1.28.5