LWKD: Week Ending October 20, 2024
Week: 2024-10-20
Developer News
Join other members of your SIG for the Kubernetes SIG Meet & Greet & Lunch & Learn at Kubecon on Nov 14th. Sign up to table for your SIG.
If you are a SIG lead, please also add callouts for the Summit opening session to find new contributors for your SIG.
The Summit Social will be at Flanker and will have the usual fun & games. Unusually, due to Utah law, you will be required to bring an ID/passport. Also, the Summit is still looking for volunteers to help staff.
Release Schedule
Next Deadline: Docs placeholder PRs deadline, October 24
We are now in Enhancements Freeze, and Alpha2 has been released. For those working on 1.32 enhancements and documentation updates, now's the time to open your PR against dev-1.32 on the kubernetes/website repo. It would be awesome if full docs are ready, but a placeholder PR will keep your contribution on track. Final exceptions for missed Enhancements are due on Monday.
October patch releases were delayed due to Go update issues. They are available now for v1.28.15, v1.29.10, v1.30.6, and v1.31.2.
KEP of the Week
KEP 784: Kube Proxy component configuration graduation
This KEP proposes a plan to graduate kube-proxy's component configuration to beta, addressing its current complexity. Originally configured via command-line flags, kube-proxy's config became difficult to manage as new features were added, staying in v1alpha1. The current format is hard to use, with poorly grouped options and inconsistencies, making restructuring and stabilization necessary.
This KEP is tracked for alpha release in the ongoing v1.32 cycle.
Other Merges
- scheduler_perf test cases added for NodeUpdate event handling
- Apply fsGroup policy for ReadWriteOncePod volumes
- Fix AssignedPodUpdated in scheduler to check if the incoming events are scale down events
- Removed legacy cloud provider integration code from kube-controller-manager
- Fix for 1.31 regression that can crash kube-controller-manager’s service-lb-controller loop
- Clarification for API validation error for toleration if
operatorisExistsandvalueis not empty - Fix for kubelet wrongly dropping the QOSClass field of the Pod’s status when it rejects a Pod
- Image pull error used in messages during back-off
- Fix for failing storage e2e test
- Improvements to CSILimits plugin accuracy by using VolumeAttachments
- Added kubelet support for systemd watchdog integration
- More fine-grained QHints for podtopologyspread plugin
- Add e2e test for custom profile in kubectl debug
- container_aligned_compute_resources_count metric added to kubelet to report containers getting aligned compute resources
- corev1.Binding deprecation message removed
- kubeadm removes preflight check for existence of conntrack binary
- e2e tests added for ClusterTrustBundle to prepare promotion to beta
- Fixed issue in the kubelet that showed when writeable layers and read-only layers were at different paths within the same mount
- Fine-grained kubelet API authorization checks added for kubelet /configz, /healthz and /pods API
- CRI adds field to support CPU affinity on Windows
- Refactor for node shutdown manager
Promotions
- StructuredAuthorizationConfiguration to GA
- ServiceAccountTokenJTI, ServiceAccountTokenPodNodeInfo and ServiceAccountTokenNodeBindingValidation to GA
- AuthorizeNodeWithSelectors and AuthorizeWithSelectors to beta
- RelaxedEnvironmentVariableValidation to beta
Deprecated
- PostStartHookContext.StopCh removed