July 12, 2022

LWKD: Week Ending July 10, 2022

Last Week in Kubernetes Development

Week ending July 10, 2022

Developer News

The Steering Committee has proposed some changes to its charter, resolving longstanding issues: moving selection out of the elections folder; adding a process for removing an SC member; adding a process for dissolving the SC. Comment on the PR if you have opinions.

Relatedly, SIG-ContribEx has created the Elections Subproject to oversee elections in the community, including offering preference elections as a service to all SIGs/WGs/Teams. SIG-Release is changing their meeting times.

SIGs CLI and Apps are starting their group mentoring for reviewers. The program is full already, but will happen again.

Release Schedule

Next Deadline: Final Exceptions Due, July 25th

We are in Enhancements freeze and everyone is hard at work on their declared features. By this point, you should also be thinking about whether your feature is going to make the cutoff, and if it should be in the 1.25 blog post (deadline July 27).

Patch releases for supported versions are expected Wednesday.

Featured PRs

Migrate Ginkgo from v1 to v2 #109111

Ginkgo v2 is GA so we're migrating all our e2e tests to it. This includes changes in other areas, including migrating flags, and advancing kube-openapi.

Other Merges

• JobTrackingWithFinalizers is enabled again, having fixed its bugs
• Define your own custom discovery cache location with KUBECACHEDIR
• --dry-run and --force can't be used at the same time
• Requeue jobs even after a conflict error
• IPFamilyPolicy is the new IPFamilyPolicyType
• Don't crash the scheduler by adding unsatisified nodes to PodTopology
• kubelet dumps a proper error log on crash
• If cacheTTL is zero, Pod deadline is nil
• kubectl wait informers are hopefully fixed now
• Clean up IPtables chains less frequently, and dump the IPTables counters that are always zero
• kubeadm changes: user-specified ci images, container retry, KubernetesVersion, non-serialized startup probes

Ongoing testing refactor: ControllerRevisionLifecycle, APIService, more CRD validation tests, Event Lifecycle

Promotions

• Network Policy endPort is GA
• ServiceIPStaticSubrange is beta and enabled by default
• SecCompDefault is beta and enabled by default

Deprecated

• The /logs endpoint for kube-apiserver is no longer enabled by default due to security concerns; set --enable-logs-handler to re-enable

Version Updates

• cAdvisor to v0.39.2 in 1.22, and to v0.43.1 in 1.23
• golangci-lint to 1.46.2