LWKD: Week Ending September 25, 2022
Last Week in Kubernetes Development
Week ending September 25, 2022
Developer News
There have been extra patch releases due to a breaking change, see below.
Kubernetes contributor Cody Crudgington has passed away unexpectedly. Cody was a dedicated Kubernetes contributor and organizer of contributor events and meetups. He will be missed; remember him online.
Label changes: all kubernetes/ repos will soon have access to the /area community-meeting
label, so that you can flag an issue or PR for discussion at the monthly community meeting. Also, PRs that are auto-closed by the bot will be labelled Not Planned
.
Polls are open for the Steering Committee election until Thursday, so please vote now. Your vote determines the leadership for the Kubernetes project.
Registration for the Contributor Summit is still open.
Release Schedule
Next Deadline: Next Deadline: Production Readiness Sept. 29th
Have your draft KEPs ready for the PRR team by Thursday, and final versions opted-in by Oct. 6. Current CI signal is green.
The September 15th patch releases broke user applications (see below). As such, new patch releases for 1.25.2, 1.24.6, 1.23.12, and 1.22.15 were pushed on Sept. 21. Users should skip the prior update and go straight to this one.
Featured PRs
Limit redirect proxy handling to redirected responses #112526
We added redirect restrictions to the APIserver in the last patch release in order to close security hole CVE-2022-3172. However, that change mistakenly treated all 300 codes as redirects, including 304 Not Modified
, breaking user code. As such, non-redirect codes have been exempted and new patch releases issued.
Other Merges
kubernetes_feature_enabled
tells you what feature gates you have turned on, or you can check thekubernetes_feature_info
metric- KMS has its own staging repo so that you can work on it there
- Feel free to
--disable-compression
in kubectl - Convenience functions for writing SLI metrics
- Kubeadm validates repository image URIs
- Refactor encryption config code
- Only volume cleanup the specific plugin’s subpath
- Pods on NoExecute nodes should be terminated even if PodDisruptionConditions is turned on
Testing Improvements: retroactive storage class, HPA CRDs E2E TLA test, volume snapshot tests
Deprecated
- Remove deprecated klog flags such as
--log-dir
and--log-max-file-size
- GA feature gates removed: podOverhead, ServiceLoadBalancerClass and ServiceLBNodePortControl
- We don’t use linkcheck in tests, so dropped
- Also drop dot and gonum libraries, and purell library