LWKD: Week Ending January 28, 2024
Last Week In Kubernetes Development
Week Ending January 28, 2024
Developer News
Registration for the Kubernetes Contributor Summit EU 2024 is officially open! You can find the registration link here The call for Contributor Summit Sessions is still open, for your discussions, workshops, or SIG meetings.
Members with NO recorded activity (PRs, issues, comments, or any GitHub emitted event) on Devstats across any of the Kubernetes orgs for 12 months or longer will be removed from the Kubernetes GitHub orgs. Check the list of inactive members who are slated to be removed; if you are on it, but are actually still active, comment on the issue
Release Schedule
Next Deadline: Production Readiness Freeze, February 1st
The Call for Enhancements is still open. Make sure to opt-in well before the Production Readiness Review Freeze on 1st Feb to ensure adequate time for reviews. This is your chance to decide what feature(s) you can realistically finish before March 6.
Featured PR
#122886: [CEL Library] Unstructured Object Construction Support
As CEL support has been added in more and more places throughout Kubernetes, one feature we've not yet had is the ability to construct whole new deeply-nested objects in CEL expressions. This PR adds support for a syntax similar to Go structs which works in CEL:
Object{
spec: Object.spec{
replicas: 3
}
}
Currently this can only be used to creating non-schema-enforcing Unstructureds however the plan is to add schema checks using OpenAPI data in the future. Look forward to more support functions being added for using and manipulating these objects too!
Other Merges
- Refactor
pull-kubernetes-node-e2e-containerd
to cleanly isolate code with gcloud dependencies. - Fixed ValidatingAdmissionPolicy behaviour to successfully sync policies using CRD params.
- Bump dependencies to go 1.22rc2.
- Added support for creating objects using Object construction syntax for CEL Library.
- Added fix for kubelet not creating symlink for ConfigMap volume after being restarted.
- Increased unit test coverage for kubeadm for certs and ReadWriter.
kubectl get hpa
to show metric target names.- process_start_time added to /metrics/slis endpoints of all components.
- --nodeport-address behaviour to default to "primary node IP(s) only" rather than "all node IPs".
- NFTables proxier will now reject packets destined for invalid ports of service IPs.
- Added more information to
kubectl describe
outputs of Pod templates and Jobs. - kubeadm adds support for parallel image pulls in v1beta4 via NodeRegistration.ImagePullSerial.
- New presubmit script to restrict test only libraries from linking into prod binaries.
- A fix to service account token projected volume validation to ensure it calls validateLocalNonReservedPath on the token path.
- Documentation added to kubelet's cpu accumulator code.
- sysadmin debugging profile added to kubectl debug.
Promotions
Deprecated
--cidr-allocator-type
no longer does anything and will be removed in a future release- in-tree cloud provider for vsphere removed.
Subprojects and Dependency Updates
- gRPC prerelease candidates grpc-1.61.0-pre2 and grpc-1.16.0-pre3 released, containing bug fixes and other improvements
- kops 1.28.3 released featuring updates to Go, Cilium, aws-sdk-go and fix to retrieve instance info only when max pods is not set.
- Prometheus 2.45.3 released with bugfix to remove double memory snapshot on shutdown.