September 12, 2023

LWKD: Week Ending September 10, 2023

Developer News

Please check how the linter is working against your PRs. Both pull-kubernetes-linter-hints and pull-kubernetes-verify-strict-lint running on submit. Right now the latter is non-blocking, but it will change, so please report any times you see it failing to #k8s-code-organization.

Test jobs have been switched to running only external cloud providers, since that's the default. Check if this breaks your tests.

Contributor Summits:

• CfP for planned sessions and SIG/team meetings at KCSNA Chicago closes this Friday
• Registration for KCS Shanghai is open

Also, don't forget to vote for Steering Committee

Release Schedule

Next Deadline: Production Readiness Review Freeze, September 28th

The Call for Enhancements is out; time to decide what feature(s) you can realistically finish before Nov. 1.

Patch releases, including a Go version bump, are due out this week.

KEP of the Week

KEP-2681: Field status.hostIPs added for Pod

KEP-2681 adds the status.hostIPs pod field, which coexists with the singular status.hostIP field. It shows both IPv4 and IPv6 addresses for smoother migration during the dual-stack transition phase. This also lets Kubernetes distinguish between the HostIP that is in use (if any), and the list of IPs that are potentially available.

This KEP was created by Shiming Zhang and received the alpha milestone in v1.28.

Other Merges

• kubectl help can display plugin subcommands
• Stop using kube-proxy --bind-address since it doesn't do what you think it does, but just in case we'll ignore obvious wrong addresses
• Add flag and gate for using APIserver structured configuration files
• Revert the sysctl non-overwrite patch due to some mistaken assumptions in the original feature
• Raise limit of job_sync_duration_seconds to 1min
• Log a restart, not a panic, on kube-proxy restart
• Overhaul the metrics dictionary to be more readable
• Reschedule pods more intelligently, and don't mark them unschedulable if they're currently in backoff
• Use the container log, not the termination log, in tests
• Makefile actually respects GOTOOLCHAIN env
• Minimize calls to the Configmap/Secrets API by using the cache
• DRA: Refactor PodSchedulingContext updates, handle things if ResourceClass is missing
• KMS2: enable KMS2 by default, appserver identity logging, container restart
• Service multiprotocol tests are now considered conformance
• Garbage-collect tracking finalizers for finished Jobs

Test Cleanup: Mock tests for Windows Kube-proxy, WaitForPodsResponding, StorageClass endpoints, DRA test flake, golangci-lint, stop using framework.ExpectEqual, PodGC unit tests

Deprecated

• Remove OpenAPI variable SkipFilterSchemaForKubectlOpenAPIV2Validation because it's unused, and also way too long
• Remove v1beta2 version of the flowcontrol API

Version Updates

• Golang to 1.21.1 in 1.29, and 1.20.8 in all other versions
• Kubernetes Python Client v28.1.0 Beta 1.
• distroless-iptables image to v0.3.2

Subprojects and Dependency Updates

• Kubespray releases v2.23.0, including several bugfixes and features like supporting Kubernetes 1.27.x versions, adding CPU management policies on the node, and adding ingressClass resource for nginx by default
• kubernetes-sigs/node-feature-discovery v0.14.0 is released. The NodeFeature API is enabled by default. The new CRD based API replaces the previous gRPC based communication, reducing network traffic and allows changes in NodeFeatureRules to take effect immediately. Also, node-feature-discovery now provides Prometheus metrics.