Week Ending March 16, 2025

https://lwkd.info/2025/20250319

Developer News

CVE-2026-1767 allows authenticated users to access git repos belonging to other users if created with the in-tree gitRepo volume type. In-tree gitRepo volumes have been deprecated. The SRC suggests several workarounds in the issue.

SIG-Windows plans to make the Windows unit tests release-informing. This is a big step forwards for support of Kubernetes on Windows.

Release Schedule

Next Deadline: Code and Test Freeze, March 20/21

Code and Test Freeze starts at 0200 UTC on Friday, March 21. Your PRs should all be merged by then; file an exception as soon as possible if you think you won’t make that deadline.

Other Merges

kube-openapi updated and integrated streaming tags validation

TestListCorruptObject corrupts the object in etcd instead of changing encryption key

A new function verifyAlphaFeatures implemented to ensure that alpha features cannot be enabled by default

Extracted delegator.Helper interface to allow making delegate decision based on cache state

Split subfunction to allow adding more subtests

Unit tests for Windows DSR and Overlay Support added

scheduler_perf topology spreading tests moved to a separate package

Fixes for unit tests on Windows

PodResourceAllocation type replaced with PodResourceInfoMap

Support for emulation versioning of custom resource formats

Unit tests for credential provider in service account mode

DRA adds user RBAC

InPlacePodVerticalScaling moves pod resize status to pod conditions

DeclarativeValidation feature gate to be enabled by default

ReplicationController spec.replicas and spec.minReadySeconds fields migrated to declarative validation

Declarative Validation enabled for ReplicationController

Fix for incorrect AppArmorProfile.Type marker

JobSuccessPolicy E2E tests promoted to conformance

kubelet to set observedGeneration field on pod conditions if PodObservedGenerationTracking feature gate is set

Workqueue for node updates in DaemonSetController

PreEnqueue plugins to be called before adding pod to backoffQ

Forward compatibility added for compatibility mode

Alpha support for Windows HostNetwork containers removed

Add metrics to track allocation of Uncore Cache blocks

Updated /version response to report binary version information separate from compatibility version

New alpha feature gate MutableCSINodeAllocatableCount introduced

Swap capacity to be reported as part of node.status.nodeSystemInfo

Quota support for PVC with VolumeAttributesClass

UpdatePodSandboxResources CRI method

Multi-tenancy in accessing node images via Pod API

Storage capacity scoring added to VolumeBinding plugin

GA feature gate PersistentVolumeLastPhaseTransitionTime removed

Refactoring for featuregate lifecycle management script

Promotions

InPlacePodVerticalScaling to beta

DRAResourceClaimDeviceStatus to beta

CoordinatedLeaderElection to beta

TopologyAwareHints to GA

RemoteRequestHeaderUID to beta

SchedulerAsyncPreemption to beta

JobSuccessPolicy to GA

Deprecated

apidiscovery.k8s.io/v2beta1 API group is disabled by default

gitRepo volume plugin disabled by default

via Last Week in Kubernetes Development https://lwkd.info/

March 19, 2025 at 02:00PM

Ep15 - Ask Me Anything About DevOps, Cloud, Kubernetes, Platform Engineering,... w/Endre Sara

There are no restrictions in this AMA session. You can ask anything about DevOps, Cloud, Kubernetes, Platform Engineering, containers, or anything else. We'll have a special guest Endre Sara to help us out.

▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬ Sponsor: Codefresh 🔗 GitOps Argo CD Certifications: https://learning.codefresh.io (use "viktor" for a 50% discount) ▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬

▬▬▬▬▬▬ 👋 Contact me 👋 ▬▬▬▬▬▬ ➡ BlueSky: https://vfarcic.bsky.social ➡ LinkedIn: https://www.linkedin.com/in/viktorfarcic/

▬▬▬▬▬▬ 🚀 Other Channels 🚀 ▬▬▬▬▬▬ 🎤 Podcast: https://www.devopsparadox.com/ 💬 Live streams: https://www.youtube.com/c/DevOpsParadox

via YouTube https://www.youtube.com/watch?v=lK0Hh47YUc8

Saving 10s of thousands of dollars deploying AI at scale with Kubernetes, with John McBride

https://ku.bz/wP6bTlrFs

Curious about running AI models on Kubernetes without breaking the bank? This episode delivers practical insights from someone who's done it successfully at scale.

John McBride, VP of Infrastructure and AI Engineering at the Linux Foundation shares how his team at OpenSauced built StarSearch, an AI feature that uses natural language processing to analyze GitHub contributions and provide insights through semantic queries. By using open-source models instead of commercial APIs, the team saved tens of thousands of dollars.

You will learn:

How to deploy VLLM on Kubernetes to serve open-source LLMs like Mistral and Llama, including configuration challenges with GPU drivers and daemon sets

Why smaller models (7-14B parameters) can achieve 95% effectiveness for many tasks compared to larger commercial models, with proper prompt engineering

How running inference workloads on your own infrastructure with T4 GPUs can reduce costs from tens of thousands to just a couple thousand dollars monthly

Practical approaches to monitoring GPU workloads in production, including handling unpredictable failures and VRAM consumption issues

Sponsor

This episode is brought to you by StackGen! Don't let infrastructure block your teams. StackGen deterministically generates secure cloud infrastructure from any input - existing cloud environments, IaC or application code.

More info

Find all the links and info for this episode here: https://ku.bz/wP6bTlrFs

Interested in sponsoring an episode? Learn more.

via KubeFM https://kube.fm

March 18, 2025 at 06:00AM

Cursor vs. GitHub Copilot: AI Coding Showdown!

In this video, we compare two AI coding assistants: GitHub Copilot and Cursor. We'll explore their capabilities in writing code, fixing bugs, and suggesting improvements. From setting up the tools in VSCode to diving into code and test writing, we'll see how each performs in real-time scenarios. We'll also discuss their speed, accuracy, and overall user experience. By the end, you'll have a clear understanding of which AI tool suits your coding needs best.

▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬ Sponsor: Twingate 🔗 https://twingate.com ▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬

GitHubCopilot #CursorAI #AI

Consider joining the channel: https://www.youtube.com/c/devopstoolkit/join

▬▬▬▬▬▬ 🔗 Additional Info 🔗 ▬▬▬▬▬▬ 🔗 Cursor: https://cursor.com

▬▬▬▬▬▬ 💰 Sponsorships 💰 ▬▬▬▬▬▬ If you are interested in sponsoring this channel, please visit https://devopstoolkit.live/sponsor for more information. Alternatively, feel free to contact me over Twitter or LinkedIn (see below).

▬▬▬▬▬▬ 👋 Contact me 👋 ▬▬▬▬▬▬ ➡ BlueSky: https://vfarcic.bsky.social ➡ LinkedIn: https://www.linkedin.com/in/viktorfarcic/

▬▬▬▬▬▬ 🚀 Other Channels 🚀 ▬▬▬▬▬▬ 🎤 Podcast: https://www.devopsparadox.com/ 💬 Live streams: https://www.youtube.com/c/DevOpsParadox

▬▬▬▬▬▬ ⏱ Timecodes ⏱ ▬▬▬▬▬▬ 00:00 AI for Developers Compared 01:15 Twingate (sponsor) 02:17 GitHub Copilot vs. Cursor 03:32 Round 1: Code 16:33 Round 2: Tests 19:05 Round 3: Other Stuff 20:13 GitHub Copilot vs Cursor Verdict

via YouTube https://www.youtube.com/watch?v=aGNtcJyvfGo