January 10, 2023

LWKD: Week Ending January 8, 2023

Developer News

Happy new year! This is the first LWKD of the new year, so it covers merges and events from over the holidays.

Tim Hockin has some ideas about changes to the Alpha/Beta/GA cadence. Share your thoughts by commenting on the document.

Tim Allclair proposes no longer staleifying triaged issues. Comment on the issue if have any feedback on this change.

Save The Date: the EU Contributor Summit will happen on Tuesday, April 18th, in Amsterdam just before KubeCon. More information coming soon.

Release Schedule

Next Deadline: 1.27 Release Cycle Begins, January 9th

We are now officially in 1.27 development, with Xander Grzywinski as release lead, and lots of other folks backing him up.

The Call for Enhancements is out and they are due February 10th (with PRR a week before that, February 3rd). See the release page for all the dates of this release cycle, expected to come out on April 11th.

Cherry pick deadline for the January patch releases is this Friday the 13th (so maybe don’t leave it until that day, eh?). Note that 1.22 is no longer supported, and 1.23 is in “maintenance mode” (meaning security patches only).

Featured PRs

#113542: Set singular names for core types to pass to discovery

A long time coming, the singular names from core types will now always take precedence over custom types from CRDs. This is a big step forward for both security, as CRDs could be used to “clobber” core types, as well as having entirely predictable behavior for caching. If you were for some reason intentionally overwriting a core type, now is the time to stop doing that!

#114236: Fix data race when emitting similar Events consecutively

Along with #114237, this closes some local race conditions in the event recording client code. If you maintain any operators and make use of the EventRecorder APIs (and if you are writing operators, you really should) then put this on your radar so you can upgrade client-go once it makes sense for your project. Given the trigger conditions for the race require the events be either identical or nearly identical it’s not the highest of high priority fixes but still a good thing to close the loop on when you are able.

Other Merges

• TLS Keys must match their Certs, which may break some existing setups on upgrade
• We have a GRPC service for KMSv2
• Refactor the IPAllocator code
• Kube-proxy can be used with statically linked kernels
• Rename preemption, and tinker with its logic around nodes with terminating pods
• *-endpoint kubelet flags move to kubelet config
• Key encipherment API will allow flexible setups
• Fix a minor set-to-zero bug that nevertheless broke our API in five places
• Preemption event messages won’t include pod metadata
• Hide messy OpenAPI build details for CRDs behind NewTypeConverter
• Replace all those old Ptr functions with the modern ones
• Better pacing of pod disruption queue cleanup
• Unmounting volumes should respect mounter safe unmounting settings, but we’re still gonna force-unmount NFS
• If a pod is unresolvable, the Scheduler will stop trying to place it
• Pod ResourceClaims is a Map
• Don’t run nodeipam controller if we don’t have a cloud provider
• The scheduler stops going through Filters if they’re failing
• Fix permissions race condition for Secrets with fsGroup set
• port-forward exits with error if the remote connection dies
• Don’t run a Filter if the PreFilter says “Skip”
• Daemonsets and StatefulSets will update status despite errors
• Set the right SELinux labels for HostPath volumes

Test Cleanup: GetList test, Windows volume tests

Deprecated

• Remove some old Endpoints functions now that everything is EndpointSlice
• Delete deprecated kubeadm v1beta2 API

Version Updates

• Upgrade 1.23 and 1.24 to golang 1.19
• node-feature-discovery v0.12.0
• cel-go to 0.12.6
• Upgraded golang/org/x/oauth2, and then downgraded it again because it broke go mod
• konnectivity-client to v0.0.35