LWKD: Week Ending September 24, 2023


            
                            September 26, 2023
                        
                
                LWKD: Week Ending September 24, 2023
                

                        Developer News
The Steering Committee Election is still open for voting through Wednesday!  Cast your ballot now.
Registration for Kubernetes Contributor Summit Chicago is open.
Release Schedule
Next Deadline: Production Readiness Review Freeze, September 28th (this Thursday)
Kubernetes v1.29.0-alpha.1 is live!
Get your KEPs ready for Production Readiness Review. If you're going to work towards any features, deprecations, or removals during the 1.29 release cycle, please opt-in your KEP(s) before the Enhancements Freeze (October 6th).
KEP of the Week
KEP 3107: NodeExpandSecret for CSI Driver
This KEP proposes adding NodeExpandSecret to the CSI Persistent Volume source so that it can be sent by the CSI client as part of the nodeExpandVolume request to the CSI drivers. CSI spec v1.5 had added an optional secret field to NodeExpandVolumeRequest. The NodeExpandSecret added by this KEP would support that change. The CSI drivers did not have a method to make use of secretRef at the time of Node operations such as Node expansion. This is because the subjected CSI request does not carry a secret or credentials in the request. The Kubernetes CSI have implemented a similar mechanism for Controller operations however. secretRef field is available in the CSI PV source and is making use of it during controllerExpand request. This KEP adds the same field to the nodeExpandVolume request.
This KEP was in alpha in the v1.25 release, graduated to beta in v1.27 and is now targeting to graduate to stable in the upcoming v1.29 release. It has been authored by Humble Chirammal.
Other Merges

The API streams to etcd for more immediate watch cache updates
You can exclude nodes from a daemonset rolling update if taints/tolerations won't let them participate
APIserver tracing shows group, version, namespace, and name
Requeue pods that get a scheduler queuing error
Release ServiceAPI network resources even if the finalizer is removed
kubectl --show-events=false works with PVCs
Ensure that all running cronjobs are on the active list
No attestation required for no-op trust bundle updates
Put resourcequota.NewMonitor back where it was; removing it broke stuff
The nodevolumelimits Scheduler plugin does contextual logging

Testing updates: RunWatchSemantics, kubeproxy mock framework, WatchSemantics storage
Deprecated

kubepkg and rapture, build tools for the legacy image repos are being removed along with all related tests and infra

Version Updates

govmomi to v0.30.6 for all versions using go 1.20

                    
                            Don't miss what's next. Subscribe to Last Week In Kubernetes Development: