July 10, 2024

LWKD: Week Ending July 7, 2024

Week 2024-07-07

Developer News

Reminder: if you still have jobs running on the old test cluster, you need to move them in the next 3 weeks.

SIG Release is reconsidering its meeting times and cadence. Don't forget to submit your preferred times if you're a regular attendee.

The Kubernetes Contributor Summit NA 2024 is looking for two designs. A Logo for the event and a design for the Contributor Award.

Release Schedule

Next Deadline: Docs PRs ready for review, July 16th

We're two weeks away from code freeze and everything is on track for the release! The docs PR-ready-for-review deadline is coming up on 16th July, so make sure you get your docs PRs ready before the deadline.

Also, v1.31.0-beta.0 cut is planned for 16th July.

KEP of the Week

KEP 4639: Add OCI VolumeSource CRI API

The OCI has added a spec for "artifacts" being distributed as container images. With this KEP, Kubernetes will be taking advantage of the new capabilities as a way of distributing shared files to pods. It adds a new VolumeSource type of OCIObject, which can then get pulled down and mounted as a filesystem just like other volumes. This can be used for secrets, large data blobs, and shared configuration file sets.

An API was merged last week, and a full alpha release is planned for 1.31.

Other Merges

• Typo fixed in error message for anonymous field in AuthenticationConfiguration.
• /sys/devices/virtual/powercap added to default masked paths.
• Cleanup for Job tests.
• publishing-bot rules updated to Go 1.22.5.
• Integration tests added for rejecting non-JSON RawExtensions.
• Service accounts now takes an optional tokenGetter provider function.
• RoundtripToUnstructured extracted to apimachinery apitesting library.
• kube-scheduler implements scheduling hints for the VolumeBinding plugin.
• Namespace autocompletion for kubectl config set-context command has been added.
• New tests for document request timeouts.
• The nftables mode of kube-proxy now requires to use nft v1.0.1 or later and kernel 5.13 or later.
• Windows kube-proxy now uses the update API instead of the create and delete APIs.
• Bugfix to avoid Pods stuck in Pending state when PodTopologySpread rejects Pods.
• The scheduler now takes events registered in rejector PreFilter plugins into consideration when retrying scheduling Pods rejected by PreFilterResult.
• lastSuccessfullTime in cronjobs will now be set reliably.

Promotions

• ServiceTrafficDistribution to beta.
• PodDisruptionConditions to GA.

Version Updates

• Kubernetes v1.29 Go version gets bumped to 1.22.5.

Subprojects and Dependency Updates

• CRI-O v1.30.3: remove a container after it fails to start, to prevent copies of it from piling up until it succeeds; also v1.29.6, v1.28.8, v1.27.8
• kubebuilder v4.1.0: re-introduces authn/authz protection for the metrics endpoint