Weekly GitHub Report for Kubernetes: July 21, 2025 - July 28, 2025 (12:03:31)
Weekly GitHub Report for Kubernetes
Thank you for subscribing to our weekly newsletter! Each week, we deliver a comprehensive summary of your GitHub project's latest activity right to your inbox, including an overview of your project's issues, pull requests, contributors, and commit activity.
Table of Contents
I. News
1.1 Recent Version Releases:
The current version of this repository is v1.32.3
1.2 Version Information:
The Kubernetes version released on March 11, 2025, introduces key updates detailed in the official CHANGELOG, with additional binary downloads available. For comprehensive information on new features and changes, users are encouraged to consult the Kubernetes announce forum and the linked CHANGELOG.
II. Issues
2.1 Top 5 Active Issues:
We consider active issues to be issues that that have been commented on most frequently within the last week. Bot comments are omitted.
-
unit-master-golang-tip broke spectaularly!: This issue reports a breakage in the Kubernetes unit tests caused by a recent commit to the Go language repository, specifically related to protobuf handling that results in a gzip checksum panic. The discussion investigates the root cause, comparing good and bad Go commits, considering hardware differences like CPU instruction sets, and ultimately identifies a specific Go commit that introduced the failure, with a linked upstream Go issue filed for resolution.
- The comments analyze the failure by comparing Go and Kubernetes commit diffs, discuss inability to reproduce locally possibly due to CPU architecture differences, identify a Go commit involving hashing as the culprit, confirm the breakage with multiple test logs, and link to related Go issues while suggesting testing with the latest Go release candidate.
- Number of comments this week: 12
-
List available endpoints for kube-controller-manager's /statusz : This issue requests the addition of a list of available endpoints for the kube-controller-manager's /statusz path, including "/livez", "/readyz", "/healthz", and "/metrics". It is a sub-issue related to a larger Kubernetes project and is tagged for the instrumentation special interest group (SIG).
- The comments show the issue was triaged and accepted, with multiple suggestions to label it as a good first issue and offers of help, followed by repeated assignment commands indicating attempts to take ownership of the task.
- Number of comments this week: 7
-
Failed to destroy network for pod from CNI network after reboot: This issue describes a problem where a DaemonSet pod fails to be properly terminated and removed from the Cilium CNI network after a node reboot, causing the pod to get stuck in a terminating state and preventing new pods from starting on that node. The error occurs because the network namespace (netns) associated with the pod cannot be found during the CNI DEL operation, leading to a failure in destroying the pod’s network sandbox.
- The comments identify this as a complex and known challenge related to node reboots and CNI lifecycle handling, particularly with Cilium and device plugins like Nvidia’s. Contributors suggest the problem likely stems from lost network namespace context after reboot, recommend investigating kubelet and CRI-O logs for more insight, and note that this issue is not unique to Nvidia but also reproducible with other images; the discussion concludes with sharing logs and a suggestion to follow up in the Cilium project since Kubernetes itself has limited control over CNI plugin internals.
- Number of comments this week: 6
-
After getting UserNamespaces configured and setting idsPerPod, the uid/gid maps inside containers are not seeing the settings propagate: This issue describes a problem where configuring UserNamespaces with a higher
idsPerPod
value in the kubelet does not propagate correctly to containers, which remain limited to the default 65536 UID/GID mappings despite the configuration showing as updated on the node. The user is seeking clarification on how these settings should propagate to containers, whether the limit applies per pod or per container, and what might be missing from the documentation to achieve the expected behavior of expanded UID/GID ranges inside pods.- The comments discuss whether the
idsPerPod
setting is applied or ignored, confirming that containers in a pod should share the same user namespace and UID range. It is acknowledged that the observed behavior is likely a bug, with debug logs showing the kubelet still using the default 65536 value instead of the configured 1048576, indicating the configuration is not being properly read or applied. - Number of comments this week: 6
- The comments discuss whether the
-
Deprecated Usage of
strings.Title
inServiceCheck.Name()
: This issue addresses the deprecated usage of thestrings.Title
function in theServiceCheck.Name()
method within the Kubernetes codebase, recommending its replacement with the Unicode- and locale-awarecases.Title
from thegolang.org/x/text/cases
package. It highlights the correctness and future-proofing benefits of this change despite some performance overhead, and proposes auditing the codebase for similar deprecated usages and adding relevant test coverage.- The comments discuss the scope of
strings.Title
usage across multiple files, noting that some occurrences are in vendor directories and can be ignored, while others require replacement grouped by SIG ownership. Contributors seek guidance on triage and PR organization, emphasizing the need to coordinate changes across different SIGs and consider benchmarking for certain replacements. - Number of comments this week: 6
- The comments discuss the scope of
2.2 Top 5 Stale Issues:
We consider stale issues to be issues that has had no activity within the last 30 days. The team should work together to get these issues resolved and closed as soon as possible.
- apimachinery resource.Quantity primitive values should be public for recursive hashing: This issue addresses the problem that the primitive values within the API Machinery resource.Quantity struct are private, which prevents recursive hashing libraries from accurately detecting changes in these quantities when hashing custom resource definitions (CRDs). The requester highlights that this limitation complicates change detection in scenarios like spec-drift detection for resource reservations, and suggests making these values public or providing a public representation to improve native support for such workflows.
- APF borrowing by exempt does not match KEP: This issue highlights a discrepancy between the Kubernetes Enhancement Proposal (KEP) and the actual implementation regarding how the exempt priority level calculates its borrowing of concurrency limits in the API Priority and Fairness (APF) system. Specifically, the implementation does not apply the special borrowing rules for exempt priorities described in the KEP, resulting in the exempt priority level receiving a minimum concurrency limit of zero, which deviates from the intended behavior outlined in the design document.
- apimachinery's unstructured converter panics if the destination struct contains private fields: This issue describes a panic occurring in the apimachinery's DefaultUnstructuredConverter when it attempts to convert an unstructured object into a destination struct that contains private (non-exported) fields. The reporter expects the converter to safely ignore these private fields instead of panicking, as this problem arises notably with protobuf-generated gRPC structs that include private fields for internal state, causing the conversion to fail even when only public fields are present in the unstructured data.
- Jsonpath impl does not support left match regex: This issue requests the addition of support for the
=~
operator in jsonpath filter expressions, enabling regex matching based on Golang regular expressions within jsonpath queries. The user highlights that this feature would simplify locating specific resources among many by allowing case-insensitive and pattern-based filtering, and they have expressed willingness to contribute an implementation. Since there were fewer than 5 open issues, all of the open issues have been listed above.
2.3 Open Issues
This section lists, groups, and then summarizes issues that were created within the last week in the repository.
Issues Opened This Week: 34
Summarized Issues:
- Container Lifecycle Hook Testing Issues: The current end-to-end tests for Container Lifecycle Hook and Restartable Init Container Lifecycle Hook rely on an unusual scenario where lifecycle hooks perform HTTP/TCP requests to a different pod. This approach conflicts with upcoming security changes restricting the
.host
field tolocalhost
and raises concerns about the practical use cases and reliability of these tests. - issues/133091
- Pod Preemption and Eviction Problems: Using PriorityClass for pod preemption can cause immediate eviction of multiple lower-priority pods without respecting rolling update strategies or PodDisruptionBudgets. This behavior leads to potential downtime instead of a graceful, one-at-a-time eviction process.
- issues/133102
- Test Server Parallel Start Flakiness: The
kubeapiserverapptesting.StartTestServer
function currently cannot handle parallel starts without causing test flakiness. Fixing this issue may require significant refactoring due to dependencies on global state. - issues/133106
- Security Vulnerability in Image Builder: Kubernetes Image Builder versions up to v0.1.44 have a high-severity security vulnerability (CVE-2025-7342) where Windows VM images built with Nutanix or OVA providers use default administrator credentials if not overridden. This flaw potentially allows unauthorized root access to affected nodes.
- issues/133115
- Device Resource Allocator Health Timeout Configuration: The timeout duration for marking a Device Resource Allocator (DRA) device's health status as "Unknown" is currently hardcoded to 30 seconds. There is a request to make this timeout configurable per plugin to accommodate varying hardware health-reporting characteristics, as introduced by KEP-4680.
- issues/133118
- Pod Scheduling with Multiple Storage Volumes: Pods with multiple storage volumes can remain pending if one volume binds successfully but another fails due to insufficient disk space. This issue suggests exploring more precise scheduling based on available storage to prevent such failures.
- issues/133121
- Preferred Storage Version Updates: There are proposals to update the preferred storage version to v1 in Kubernetes 1.35 for more objects in etcd and specifically for the VolumeAttributesClass. These updates follow the introduction of resource.k8s.io/v1 in version 1.34.
- issues/133131, issues/133160
- Kubelet Shutdown Race Condition: A race condition exists where systemd-logind configuration reload does not complete before the kubelet shutdown manager updates InhibitDelayMaxSec. This causes the shutdown inhibitor to fail to register properly, preventing the shutdown manager from functioning as intended.
- issues/133133
- User Namespace ID Mapping Bug: Despite configuring the kubelet with a higher
idsPerPod
value, UID/GID mappings inside containers remain limited to the default 65,536 IDs. This indicates the updated setting is not propagating correctly, suggesting a potential bug in kubelet or CRI-O. - issues/133144
- Stateful Workload Testing Enhancement: A proposal exists to add a stateful workload simulating a toy database with strict upgrade and readiness conditions. This aims to enhance testing of StatefulSet behaviors and ensure robustness during upgrades.
- issues/133151
- Deprecated Function Replacement: The deprecated
strings.Title
function used inServiceCheck.Name()
should be replaced withcases.Title
fromgolang.org/x/text/cases
for correct Unicode and locale-aware title casing. A codebase audit for similar deprecated usages and performance considerations is also proposed. - issues/133154
- Autoscaler Contract and API Stability: Requests include moving the AllocatedState type to the framework package and formally defining the scheduler/autoscaler contract for DRA consumable capacity. These changes aim to improve visibility, stability, and review processes to prevent unnoticed breaking changes affecting Cluster Autoscaler and kube-scheduler integration.
- issues/133161, issues/133162
- Dynamic Load Balancer Membership Trigger: There is a request to trigger the "EnsureLoadBalancer" method whenever Kubernetes node labels are updated. This enables dynamic load balancer pool membership based on node label selectors, improving traffic routing and health checks, especially for OpenStack Octavia LBaaS.
- issues/133165
- Core Dump Location Issue: Coredump files sometimes appear on the host's
/var/crash
directory instead of the intended persistent volume path inside the container, despite a softlink redirecting core dumps to the mounted persistent volume. - issues/133169
- Deprecated ErrWaitTimeout Replacement: The deprecated
ErrWaitTimeout
method should be replaced with the recommended alternative across multiple packages beyond client-go and kubectl to ensure consistent code updates. - issues/133175
- Null Pointer Dereference Risk: A potential null pointer dereference exists in
csi_attacher.go
wherespec.PersistentVolume
is dereferenced without a nil check, leading to aDEREF_AFTER_NULL
error detected by static analysis. - issues/133177
- Statusz Endpoint Enhancements: Requests have been made to add lists of available endpoints such as
/livez
,/readyz
,/healthz
, and/metrics
to the/statusz
paths of kube-controller-manager, kubelet, and kube-proxy. These are sub-issues linked to a larger Kubernetes project discussion. - issues/133182, issues/133184, issues/133185
- Kubelet CSI Attachment Stress Test: A new stress test is proposed to verify kubelet behavior when the CSI attachment limit is exceeded, required for graduating the MutableCSINodeAllocatableCount feature to Beta by default.
- issues/133188
- API Ownership and Approval Process: Expanding ownership coverage and refactoring files involved in API changes is proposed to ensure mechanical and auto-generated modifications receive appropriate API approver permissions, improving the approval process for API promotions.
- issues/133189
- PodLevelResources and DRA Interaction Clarification: Clarification and definition of interaction and precedence rules between PodLevelResources API and Device Resource Allocation (DRA) system are requested. This addresses handling pod specs with both pod-level and container-level resource claims to ensure smooth PodLevelResources beta transition and GA.
- issues/133194
- Kubectl Pod Labeling Feature: A feature request proposes allowing users to label pods directly when creating deployments imperatively with kubectl, improving usability by enabling commands like
kubectl create deployment deployment-1 --image=nginx --pod-labels=app=frontend,version=v1
. - issues/133196
- DRA Health API Enhancement: There is a proposal to add a detailed, human-readable message field to the Pod Resource Health Status in the DRA Health gRPC API. This would provide specific context about device health, improving troubleshooting and user experience beyond the existing HealthStatus enum.
- issues/133202
- DRA End-to-End Test Flakiness: The "supports reusing resources" DRA end-to-end test flakes due to timeouts caused by scheduling many pods after removing concurrent user limits on claims. This leads to unpredictable performance and suggests the test may need disabling or modification.
- issues/133209
- Probe Timeout Override Failure: Kubernetes end-to-end tests fail because the probing container does not correctly override
timeoutGracePeriodSeconds
when LivenessProbe or StartupProbe fields are set. This results in unexpected container restart counts during node conformance testing. - issues/133216
- DRA Resource Health Test Failures: Persistent failures occur in DRA Resource Health status end-to-end node tests, where device health changes are not reflected correctly and tests time out waiting for "Healthy" status. This indicates problems with the ResourceHealthStatus feature gate handling in the test environment.
- issues/133219
- Windows CI DRA Flaky Test: A recurring flaky test in Windows CI related to DRA causes kubelet to fail resource allocation due to a CEL selector runtime error "no such key: healthy." This intermittently blocks pull requests on Windows nodes.
- issues/133223
- Go Language Breaking Change Impact: A recent Go language commit introduced a breaking change causing Kubernetes unit test failures due to a panic from an invalid gzip checksum in protobuf handling. This issue appears linked to new CPU instruction sets and cannot be easily reproduced locally.
- issues/133224
- Downward API Pod-Level Resource Test Failure: Downward API tests for pod-level resources fail to provide correct default CPU and memory limits, causing mismatches in expected and actual MEMORY_LIMIT values after merging PR #132605.
- issues/133232
- Kube-apiserver High Memory Usage: The kube-apiserver consumes an unusually high amount of memory (20GB) which significantly drops after container restart. This raises concerns about whether it is failing to release memory timely under heavy cluster load.
- issues/133233
2.4 Closed Issues
This section lists, groups, and then summarizes issues that were closed within the last week in the repository. This section also links the associated pull requests if applicable.
Issues Closed This Week: 19
Summarized Issues:
- Kubelet and Cluster Initialization Failures on aarch64: Multiple issues report panics and failures in kubelet version 1.26.0 on aarch64 architectures causing
kubeadm init
to fail due to the kubelet being unable to start the control plane. These failures result in connection refusals to the API server and timeouts waiting for the control plane to become healthy, preventing successful Kubernetes cluster initialization. - issues/133094, issues/133095, issues/133096
- Kubelet Startup and Configuration Issues: Several issues describe kubelet startup failures caused by invalid memory reservation configurations and errors during the kubelet-check step in kubeadm initialization. These problems lead to test job failures and cluster initialization errors, impacting the reliability of Kubernetes node setup and testing.
- issues/133090, issues/133093
- Pod Scheduling Optimization and Sticky Scheduling Requests: There are issues focused on improving pod scheduling times during node power outages and adding scheduling hints for sticky scheduling in Pod.Spec. These aim to reduce pod switching time and improve performance by allowing pod controllers to suggest optimal node placement at creation time.
- issues/133049, issues/133181
- Resource Claim and Dynamic Resource Allocation Failures on Windows: Issues report failing DRA unit tests and control plane controller manager tests on Windows due to errors in resource claim allocation and incorrect metric labels. These failures cause timeouts and test errors related to ResourceClaim templates and dynamicresources plugin functionality.
- issues/133148, issues/133208
- Security Vulnerabilities and Deprecated Features: Several issues highlight persistent security vulnerabilities in kubectl binaries, a vulnerable dependency requiring upgrade, and confusion caused by deprecated AppArmor annotations still enforced by Pod Security Standards. These issues raise concerns about security risks and misleading documentation or validation behavior.
- issues/132952, issues/133143, issues/133221
- Test Failures and Flaky Tests Due to Concurrency and Environment Issues: Issues describe flaky integration tests caused by data races in OIDC authentication admission plugin flag registration and SSH connection timeouts preventing kubetest2 tests from running. These problems hinder test reliability and triage efforts in the Kubernetes CI pipeline.
- issues/133082, issues/133099
- Package Installation and Validation Issues on Debian: One issue reports a warning during
apt update
on Debian 13 when installing kubectl due to insecure Signature Packet v3 used in package signing. This causes the package manager to reject the signature and prevents a clean installation without warnings. - issues/133098
- Code Cleanliness and Validation Logic Improvements: Issues address removing redundant type conversions in batch API fuzzers and adding validation logic to reject unsupported pod-level resource specifications on Windows. These efforts aim to improve code quality and enforce platform-specific constraints in Kubernetes components.
- issues/132790, issues/132582
- User Guidance on Vulnerability Reporting Scope: One issue involves a user seeking guidance on reporting a potential vulnerability related to a
cncf.io
subdomain that is outside the HackerOne program's scope. This highlights the need for clear channels for vulnerability disclosures beyond the current bug bounty program. - issues/133222
- Failing Integration Tests Due to Controller and FlowSchema Issues: An issue reports a failing integration test caused by a post-start hook error and a FlowSchema referencing a PriorityLevelConfiguration object that exists but causes the test to fail. This impacts the stability of Kubernetes service CIDR controller tests.
- issues/133201
2.5 Issue Discussion Insights
This section will analyze the tone and sentiment of discussions within this project's open and closed issues that occurred within the past week. It aims to identify potentially heated exchanges and to maintain a constructive project environment.
Based on our analysis, there are no instances of toxic discussions in the project's open or closed issues from the past week.
III. Pull Requests
3.1 Open Pull Requests
This section provides a summary of pull requests that were opened in the repository over the past week. The top three pull requests with the highest number of commits are highlighted as 'key' pull requests. Other pull requests are grouped based on similar characteristics for easier analysis. Up to 25 pull requests are displayed in this section, while any remaining pull requests beyond this limit are omitted for brevity.
Pull Requests Opened This Week: 56
Key Open Pull Requests
1. Optimize set: This pull request optimizes set operations and their usage in the codebase by improving iteration methods, introducing more efficient set insertion without conversion to slices, utilizing cloning functions, and fixing related null pointer exceptions to enhance performance and code clarity.
- URL: pull/133231
- Merged: No
2. Http probe request object reuse : This pull request aims to optimize HTTP probe operations by reusing a single HTTP request object across multiple probes within the worker, thereby avoiding the overhead of creating a new request object for each probe and improving efficiency.
- URL: pull/133109
- Merged: No
3. Move interfaces: Handle and Plugin and related types from kubernetes/kubernetes to staging repo kube-scheduler: This pull request moves numerous scheduler framework interfaces and related types, including Handle, Plugin, and Parallelizer, from the main kubernetes/kubernetes repository to the staging repository k8s.io/kube-scheduler to enable users to import scheduler framework interfaces without depending on the entire k/k repo, while also splitting the Parallelizer type into an interface in the staging repo and an internal struct in k/k.
- URL: pull/133172
- Merged: No
Other Open Pull Requests
- Feature Gate Promotions: This set of pull requests promotes several Kubernetes features to beta status, enabling their feature gates by default to improve functionality and stability. These include DeploymentReplicaSetTerminatingReplicas and MaxUnavailableStatefulSet, both aimed at enhancing deployment and StatefulSet management.
- Bug Fixes and Typo Corrections: Multiple pull requests address minor bugs and typos in the Kubernetes codebase and documentation to improve clarity and correctness. These include fixing a typo in a docstring, correcting error messages, and replacing invalid PCI device examples with realistic ones.
- Testing Improvements and Flake Fixes: Several pull requests focus on improving test reliability and diagnosability by refactoring test setups, adding subtests, and skipping flaky tests on specific platforms. These changes help reduce race conditions and improve debugging capabilities.
- Logging and Debugging Enhancements: These pull requests add features to improve logging clarity and debugging, such as printing exact kubectl commands behind kuberc aliases and migrating kubelet modules to use contextual logging for better maintainability.
- Scheduler and Preemption Improvements: Pull requests in this group add integration tests for the NominatedNodeName feature, implement metrics for asynchronous API calls in the scheduler, and fix corner cases in asynchronous preemption logic to stabilize integration tests.
- Code Refactoring and Cleanup: These pull requests refactor code by encapsulating behaviors into generic functions, introducing interfaces to unify logic, and removing redundant checks to improve code maintainability and clarity.
- Automated Cherry Picks: Multiple pull requests are automated cherry picks of previous changes to various release branches, focusing on improvements such as Concurrentmap iteration and adding NodeSelectors to DriverDefinition.
- Kubelet Optimizations and CSR Garbage Collection: These pull requests optimize kubelet image verification policies to avoid unnecessary credential lookups and implement garbage collection for Approved-But-Unissued client CSRs to reduce etcd space usage.
- Error Handling Improvements: This pull request improves eviction error handling by adding the correct error message when eviction is blocked due to the DisruptionController's failSafe mechanism, addressing confusion caused by the TooManyRequests error.
- CI Configuration Updates: This pull request updates the continuous integration setup by migrating the logexporter container image from a legacy Google registry to a community-hosted registry to improve image sourcing.
- Project Health and Contributor Visibility: This pull request adds LFX Health score and active contributor badges to the Kubernetes README to visually indicate project health and contributor activity.
3.2 Closed Pull Requests
This section provides a summary of pull requests that were closed in the repository over the past week. The top three pull requests with the highest number of commits are highlighted as 'key' pull requests. Other pull requests are grouped based on similar characteristics for easier analysis. Up to 25 pull requests are displayed in this section, while any remaining pull requests beyond this limit are omitted for brevity.
Pull Requests Closed This Week: 91
Key Closed Pull Requests
1. Refactor addressing TODOs in test/utils: This pull request refactors the test utilities in the Kubernetes project by addressing TODO comments to encapsulate object-specific behavior in resource creation with generics, introduce a common interface for resource deletion, and implement exponential backoff for resource updates, thereby improving code clarity and reducing duplication.
- URL: pull/133235
- Merged: No
- Associated Commits: 7a4a5, 505ed, d05bf, 7c88f, 059b7, 07744, 5894a, 2355c, a80d3, 9e1e3, 19c61, 41c6c, f10a9, 17ac9, 607b1, 38ec9, f68bf, 252b5, 436d0, 13d12, fb4a1, ddc44, 527b5, 820a9, 85d9f, 1682c, 3a981, 8521c, 36252, 07020, 57191, 33832, 90115, bb8ee, ef138, 7575a, d41dc, 3276f, a2b8f, d8167, 019d0, 1a76e, e131e, 22506, f8297, fd367, 884f3, ea964, 3ce6c, c8e1b, 0aabf, 1e003
2. Reject pod when attachment limit is exceeded: This pull request introduces a mechanism in the kubelet to detect when a CSI volume attachment fails due to exceeding the node's attachment limit, causing the pod to be cleanly rejected and marked as Failed instead of getting stuck indefinitely in the ContainerCreating
state, thereby enabling the pod's controller to take corrective action such as rescheduling.
- URL: pull/132933
- Merged: 2025-07-25T00:58:54Z
3. Endpoints e2e updates for KEP-4974: This pull request introduces new helper functions for EndpointSlice end-to-end tests and refactors existing network e2e tests to focus exclusively on EndpointSlices rather than both Endpoints and EndpointSlices, thereby cleaning up KEP-4974-related tests and updating conformance tests to reflect this shift while reducing redundant testing of the Endpoints controller.
- URL: pull/132991
- Merged: 2025-07-24T02:56:27Z
Other Closed Pull Requests
- kube-proxy NodeManager improvements: This pull request reintroduces and refines the kube-proxy NodeManager to enhance monitoring and management of Node objects, including tracking topology labels and handling NodeIP changes. It merges related node event handlers and ensures backward compatibility to address an issue in the Azure cloud provider integration.
- kubectl kyaml output format addition: This pull request adds support for a new
kyaml
output format tokubectl
, defining KYAML as a strict subset of YAML that combines YAML and JSON features. The format provides explicit, whitespace-independent, and less error-prone serialization with consistent quoting, bracket usage, trailing commas, comments, and compact formatting.
- VolumeAttributesClass API promotion and GA: This pull request promotes the API
VolumeAttributesClass
andVolumeAttributesClassList
tostorage.k8s.io/v1
and graduates the feature gateVolumeAttributesClass
to general availability. It also includes related test adjustments and fixes.
- CertificateSigningRequest status.conditions validation: This pull request adds declarative validation tags to CSR status.conditions fields for v1 and v1beta1 APIs to enforce mutually exclusive approved and denied conditions. It updates hand-written validation logic and tests accordingly and includes migration tests to ensure equivalence between hand-written and declarative validations.
- CPUManager policy test coverage expansion: This pull request expands test coverage for the
prefer-align=cpus-by-uncore-cache
CPUManager policy by adding unit and end-to-end tests. It verifies compatibility withstrict-cpu-reservation
and incompatibility withdistribute-cpus-across-numa
anddistribute-cpus-across-cores
to fulfill beta graduation requirements.
- Dynamic Resource Allocation (DRA) test cleanup: This pull request cleans up DRA end-to-end tests by removing redundant executions, simplifying test names, and reducing multi-node test requirements to two nodes to enable their use as conformance tests.
- Useful endpoints listing for kube-apiserver and kube-scheduler: These pull requests add features to list and make available useful endpoints for the kube-apiserver and propose adding a "Useful Endpoints" section to the kube-scheduler's /statusz endpoint. They improve observability by listing health and monitoring endpoints such as /healthz, /livez, /readyz, and /metrics.
- PodObservedGenerationTracking feature promotion: This pull request promotes the
PodObservedGenerationTracking
feature to beta and enables it by default. It ensures thatstatus.observedGeneration
andstatus.conditions[].observedGeneration
fields in pods reflect themetadata.generation
of the pod spec at the time the status or condition is reported.
- CBOR serialization library update and transcoding support: This pull request updates the CBOR serialization library to version 2.9.0 and adds support for automatic transcoding of types using standard JSON and text marshaling/unmarshaling interfaces. This enables seamless encoding and decoding between CBOR and these formats.
- PodLevelResources validation for Windows OS: This pull request adds validation to reject Pods using the PodLevelResources feature when targeting Windows OS. It ensures Pods with PodLevelResources are only admitted on Linux nodes due to lack of Windows support.
- Non-mergeable CI troubleshooting test submissions: These pull requests are non-mergeable tests created to troubleshoot and validate continuous integration processes, including end-to-end testing for mirror pods and fixing linting problems.
- Node test code cleanup and deduplication: This pull request cleans up node test code by deduplicating logic for fetching allocatable and available CPU and memory resources, improving maintainability and addressing a TODO.
- DRA driver watch channel handling fix: This pull request fixes watch channel conversion in the DRA driver to ensure proper closure of downstream event channels when the apiserver closes a watch. This allows the informer to retry and recover correctly after apiserver restarts on Kubernetes versions lacking support for the resource.k8s.io version used by the DRA driver.
- Validation-gen component cleanup: This pull request removes a TODO related to ratcheting behavior for slices and maps and corrects typos in comments and documentation within the validation-gen component.
- Node podresources API Get endpoint test coverage: This pull request improves test coverage for the node podresources API
Get
endpoint by adding end-to-end tests for non-existing or terminated pods and enabling multi-container test scenarios.
- CRD schema warnings for unsupported formats: This pull request adds functionality to generate warnings when CustomResourceDefinitions include unrecognized or unsupported "format" strings in their schemas during creation or updates. This improves schema validation feedback without rejecting the resource.
- CRI out-of-support metric and KubeletCgroupDriverFromCRI GA: This pull request adds a metric to track out-of-support Container Runtime Interface implementations and promotes the KubeletCgroupDriverFromCRI feature gate to General Availability to fulfill KEP 4033 requirements.
- kubectl kustomize dependency upgrade and cleanup: This pull request upgrades
kubectl kustomize
dependencies to kustomize version 5.7.0 and related modules to v0.20.0. It also cleans up deprecated packages and removes forked copies of goyaml libraries.
- Redis dependency removal from e2e tests: This pull request removes the Redis dependency from end-to-end test configurations to simplify and clean up redundant test dependencies.
- DRAPrioritizedList feature promotion to Beta: This pull request promotes the DRAPrioritizedList feature to Beta and enables it by default, allowing users to specify a prioritized list of subrequests in a ResourceClaim as part of scheduling enhancements.
- Kubelet plugin manager protobuf update: This pull request updates the kubelet plugin manager by replacing deprecated gogo protobuf definitions with the standard protoc implementation to improve code consistency and maintainability.
- Batch API redundant type conversion removal: This pull request removes redundant type conversions within the apis/batch/fuzzer directory to clean up the codebase and improve maintainability.
- cpumanager cgroup v1 compatibility in e2e tests: This pull request implements compatibility for cgroup v1 in cpumanager end-to-end node tests to ensure coverage while preparing for full transition to the new cpumanager suite. CFS quota tests remain supported only on cgroup v2.
3.3 Pull Request Discussion Insights
This section will analyze the tone and sentiment of discussions within this project's open and closed pull requests that occurred within the past week. It aims to identify potentially heated exchanges and to maintain a constructive project environment.
Based on our analysis, there are no instances of toxic discussions in the project's open or closed pull requests from the past week.
IV. Contributors
4.1 Contributors
Active Contributors:
We consider an active contributor in this project to be any contributor who has made at least 1 commit, opened at least 1 issue, created at least 1 pull request, or made more than 2 comments in the last month.
If there are more than 10 active contributors, the list is truncated to the top 10 based on contribution metrics for better clarity.
Contributor | Commits | Pull Requests | Issues | Comments |
---|---|---|---|---|
ylink-lfs | 42 | 20 | 4 | 50 |
pohly | 31 | 13 | 9 | 28 |
macsko | 3 | 2 | 1 | 52 |
BenTheElder | 2 | 0 | 0 | 54 |
PatrickLaabs | 30 | 3 | 2 | 14 |
natasha41575 | 20 | 5 | 1 | 13 |
danwinship | 8 | 2 | 3 | 25 |
liggitt | 9 | 3 | 0 | 25 |
tallclair | 14 | 1 | 3 | 16 |
dims | 5 | 2 | 5 | 22 |