CVE-2024-9042
https://github.com/kubernetes/kubernetes/issues/129654
Command Injection affecting Windows nodes via nodes/*/logs/query API
via Kubernetes Vulnerability Announcements - CVE Feed https://kubernetes.io/docs/reference/issues-security/official-cve-feed/
January 15, 2025 at 05:28PM
Week Ending January 12, 2025
https://lwkd.info/2025/20250115
Developer News
Dims has requested that all SIGs review their Alpha and Beta features for ones that are “stuck” and need to advance or be removed.
The Kubernetes Github account now has access to a few new Github Issue features; sub-issues and advanced search seem particularly useful for us.
Maintainer Track submissions for Kubecon China are now open. The main track CfPs for India and Japan are also open.
Release Schedule
Next Deadline: Production Readiness Freeze, February 6
The full Release Schedule is being finalized by Release Lead Nina Polshakova. Major dates are: PRR Freeze, Feb 6; Enhancements Freeze, Feb 13; Code Freeze, March 6; release April 16th.
The January Patch Releases have been delayed until next week.
Featured PRs
129543: DRA API: bump maximum size of ReservedFor to 256
This PR increases the maximum size of the ReservedFor field in the DRA API from 32 to 256 to accommodate larger workloads, such as those involving shared non-local resources like interconnect channels. This change addresses use cases like NVIDIA GB200 and Google TPU, where a higher limit is necessary for workloads spanning multiple nodes. Warning: downgrades to Kubernetes 1.32 may be impacted if ResourceClaims exceed 256.
Other Merges
kubelet to use env vars in node log query PS command
Fix for image not being pulled if there are errors with sandbox image from CRI
Fix for CRD status subresource ratcheting
Extracted and unify cache bypass logic by creating a CacheProxy struct
Improve topologyToMatchedTermCount map in InterPodAffinity PreFilter
kube-proxy to periodically sync and rewrite iptables rule every one hour
Added introduced and removed version information in etcd fixtures
Upgraded Kubernetes contributor website to Docsy 0.5.1
Promotions
ServiceAccountTokenNodeBinding to GA
Deprecated
EtcdLearnerMode feature gate removed, after it graduated to GA in v1.32
Use of deprecated functions in k8s.io/utils/pointer and k8s.io/apimachinery/pkg/util/sets removed
Deprecate nodefeature for feature labels
Version Updates
coredns to 1.12.0
Subprojects and Dependency Updates
Kubernetes-Python v32.0 released
Shoutouts
Big shoutout to Sayak Mukhopadhyay for pushing through the long-overdue upgrade of Hugo/Docsy on for the contributor site
bentheelder: Thank you to Danilo Gemoli for tracking down multiple longstanding issues affecting Prow
via Last Week in Kubernetes Development https://lwkd.info/
January 15, 2025 at 05:00PM
Ep07 - Ask Me Anything About DevOps, Cloud, Kubernetes, Platform Engineering,... w/Scott Rosenberg
There are no restrictions in this AMA session. You can ask anything about DevOps, Cloud, Kubernetes, Platform Engineering, containers, or anything else. We'll have a special guest Scott Rosenberg to help us out.
▬▬▬▬▬▬ 👋 Contact me 👋 ▬▬▬▬▬▬ ➡ BlueSky: https://vfarcic.bsky.social ➡ LinkedIn: https://www.linkedin.com/in/viktorfarcic/
▬▬▬▬▬▬ 🚀 Other Channels 🚀 ▬▬▬▬▬▬ 🎤 Podcast: https://www.devopsparadox.com/ 💬 Live streams: https://www.youtube.com/c/DevOpsParadox
via YouTube https://www.youtube.com/watch?v=biSxzzlCK-E
Which Kubernetes PostgreSQL operator should you choose?, with David Pech
Are you running PostgreSQL on Kubernetes and need to choose the right operator? In this episode, David Pech, Staff Cloud Ops Engineer, shares his experience implementing database platforms on Kubernetes and guides teams through operator selection and platform requirements.
You will learn:
The core requirements for a PostgreSQL platform on Kubernetes, including autopilot capabilities, security practices, and observability
How to evaluate PostgreSQL operators based on their architecture — from single-instance deployments to cloud-native implementations
What teams should consider before building their own database-as-a-service and common pitfalls to avoid
The distinction between being production-ready (running single instances) versus platform-ready (operating at scale with proper tooling)
Sponsor
This episode is sponsored by Learnk8s — get started on your Kubernetes journey through comprehensive online, in-person or remote training.
More info
Find all the links and info for this episode here: https://ku.bz/rGMF2ktdb
Interested in sponsoring an episode? Learn more.
via KubeFM https://kube.fm
January 14, 2025 at 05:00AM
