LWKD: Week Ending May 7, 2023


            
                            May 10, 2023
                        
                
                LWKD: Week Ending May 7, 2023
                

                        Developer News
SIG-K8s-Infra is moving multiple Prow jobs to the donated build cluster on AWS.
Jeremy Rickard has proposed specifics for the revived WG-LTS.
Daniel Smith has stepped down as API-Machinery Tech Lead, and nominated Joe Betz as his replacement.
Release Schedule
Next Deadline: 1.28 Cycle Begins, May 15th
The cherry-pick deadline for the next set of patch releases is this Friday.
Featured PR
#116779: Controlled rollout of CEL libraries and language features
While the multitude of new CEL-based features has been well received, one open question has been how to evolve the CEL-facing API in a way that satisfies our compatibility requirements. This PR moves us a lot closer to that goal. It adds two distinct environments, NewExpressions for new data and StoredExpressions for existing data in etcd. This allows for slow releases of new functionality, a new CEL field or function can be exposed over time. Look for a future PR to go deeper into features like feature gates for individual CEL functions or potentially API stability tagging for CEL functions.
Other Merges

klog now gives you everything in JSON
Cloud providers can specify custom retry periods for load balancers
Runtimes can share signature validation failure with Kubernetes
New Metrics: kube-proxy sync timing metrics, webhook authorization metrics
Use correct crictl flags
Don't check non-existent PodTopologySpread check
Calculate ResourceQuotas correctly when using PriorityClass
mutatingwebhookconfigurations and validatingwebhookconfigurations are way too long, so you can abbreviate them now
Kubelet captures stderr from credential providers
Clean up variable scoping for EndpointSlices
Use generic sets in the proxy
A whole lot more test coverage for APIresources

Promotions

ProxyTerminatingEndpoints is GA
SelfSubjectReview is GA

Deprecated

The new alpha NewVolumeManagerReconstruction and SELinuxMountReadWriteOncePod feature gates have been disabled in 1.27 and 1.28 due to kubelet failures
Take one scheduler out of scheduler_scheduler_goroutines metric
Remove GA'd feature gates: DevicePlugins, DelegateFSGroupToCSIDriver, KubeletCredentialProviders
KubeSchedulerConfiguration v1beta2 has been deprecated since 1.25; removed
Stop validating tracking annotations for legacy Job configs

Version Updates

golang update: to 1.19.9 in 1.24, 1.25, and 1.26, and to 1.20.4 in 1.27
etcd to 3.5.8
distroless-iptables to 0.2.4
runc/libcontainer to 1.1.6

                    
                            Don't miss what's next. Subscribe to Last Week In Kubernetes Development: