September 27, 2022

LWKD: Week Ending September 25, 2022

Last Week in Kubernetes Development

Week ending September 25, 2022

Developer News

There have been extra patch releases due to a breaking change, see below.

Kubernetes contributor Cody Crudgington has passed away unexpectedly. Cody was a dedicated Kubernetes contributor and organizer of contributor events and meetups. He will be missed; remember him online.

Label changes: all kubernetes/ repos will soon have access to the /area community-meeting label, so that you can flag an issue or PR for discussion at the monthly community meeting. Also, PRs that are auto-closed by the bot will be labelled Not Planned.

Polls are open for the Steering Committee election until Thursday, so please vote now. Your vote determines the leadership for the Kubernetes project.

Registration for the Contributor Summit is still open.

Release Schedule

Next Deadline: Next Deadline: Production Readiness Sept. 29th

Have your draft KEPs ready for the PRR team by Thursday, and final versions opted-in by Oct. 6. Current CI signal is green.

The September 15th patch releases broke user applications (see below). As such, new patch releases for 1.25.2, 1.24.6, 1.23.12, and 1.22.15 were pushed on Sept. 21. Users should skip the prior update and go straight to this one.

Featured PRs

Limit redirect proxy handling to redirected responses #112526

We added redirect restrictions to the APIserver in the last patch release in order to close security hole CVE-2022-3172. However, that change mistakenly treated all 300 codes as redirects, including 304 Not Modified, breaking user code. As such, non-redirect codes have been exempted and new patch releases issued.

Other Merges

• kubernetes_feature_enabled tells you what feature gates you have turned on, or you can check the kubernetes_feature_info metric
• KMS has its own staging repo so that you can work on it there
• Feel free to --disable-compression in kubectl
• Convenience functions for writing SLI metrics
• Kubeadm validates repository image URIs
• Refactor encryption config code
• Only volume cleanup the specific plugin’s subpath
• Pods on NoExecute nodes should be terminated even if PodDisruptionConditions is turned on

Testing Improvements: retroactive storage class, HPA CRDs E2E TLA test, volume snapshot tests

Deprecated

• Remove deprecated klog flags such as --log-dir and --log-max-file-size
• GA feature gates removed: podOverhead, ServiceLoadBalancerClass and ServiceLBNodePortControl
• We don’t use linkcheck in tests, so dropped
• Also drop dot and gonum libraries, and purell library

Version Updates

• cri-tools to 1.25