
1_r/devopsish
A guide to modern Kubernetes network policies
Scott Rigby Aug 21, 2024 Blog > 101 In the world of Kubernetes, network policies are essential for controlling traffic within your cluster. But what are they…
September 5, 2024 at 03:15PM
via Instapaper
Week Ending September 1, 2024
https://lwkd.info/2024/20240905
Developer News
The New Contributor Guide put together by the folks at SIG Contribex is now available!
SIG ContribEx is also starting a new meeting for new contributor orientation. Starting on September 17th 2024, monthly meetings on the 3rd Tuesday of every month (this may shift). These meetings are intended to help new contributors to orient with the community. The meeting will be held at 2 times to accommodate different timezones: EMEA/APAC-friendly: 1:30 PT / 8:30 UTC / 10:30 CET / 14:00 IST AMER-friendly: 8:30 PT / 15:30 UTC / 17:30 CET / 21:00 IST
Release Schedule
Next Deadline: 1.32 cycle begins, September 9
Last Chance to Apply for Shadow Applications!
The window for shadow applications for the v1.32 release team is closing this week! If you’re interested in gaining valuable experience and contributing to our upcoming release, now is the time to act.
Application Deadline: September 6, 2024
Tentative Release Cycle: September 9, 2024 - December 11, 2024
KEP of the Week
KEP 4569: Move cgroup v1 support into maintenance mode
This (KEP) aims to move cgroup v1 support in Kubernetes to maintenance mode, aligning with the industry’s transition to cgroup v2 as the default for Linux kernel resource management. With cgroup v2 offering better functionality, consistency, and scalability, and major Linux distributions and projects like systemd phasing out cgroup v1, Kubernetes must adapt to maintain compatibility and leverage these improvements. This shift reflects the broader ecosystem’s move away from cgroup v1, making it necessary for Kubernetes to follow suit. Removing cgroup v1 support. Deprecation and removal will be addressed in a future KEP.
This KEP is tracked for stable release in v1.31.
Other Merges
trafficDistribution feature’s API docs updated to reflect beta status
Reverted flaky tests in apf tests
New cluster events UpdatePodSchedulingGatesEliminated and UpdatePodTolerations for scheduler plugins implemented
Fix for etcd failures in ci-kubernetes-e2e-cos-gce-disruptive-canary
Support inflight_events metric in the scheduler for QueueingHint
TypedNewDelayingQueue renamed to NewTypedDelayingQueue
Fix for DaemonRestart tests
Kubelet to consider returning metrics if Usage or VolumeCondition is set
Speed up update-codegen.sh by switching to FormatOnly in gengo
JWT authenticators now set the jti claim as credential id for use by audit logging
Clarification that new usages of generic *ObjectReference structs are discouraged
applyconfiguration-gen no longer generates duplicate methods and ambiguous member accesses
kubectl top command’s percentage display modified for readability
Refactor to watch cache storage
kubeadm switches the kube-scheduler static Pod to use the endpoints /livez and /readyz instead of /healthz
Documentation fix for flags in kube-controller-manager and cloud-provider
kubeadm increases unit test coverage for util/dryrun
PodEligibleToPreemptOthers in the preemption interface gets ctx in the parameters
Promotions
AnonymousAuthConfigurableEndpoints to beta
Deprecated
Feature gates ServerSideApply/ServerSideFieldValidation removed after graduating to GA
The flowcontrol.apiserver.k8s.io/v1beta3 API version of FlowSchema and PriorityLevelConfiguration is no longer served in v1.32
Aggregated Discovery v2beta1 fixture is removed in ./api/discovery
Feature gate AllowServiceLBStatusOnNonLB removed
Version Updates
Kubernetes is now built with Go 1.23.0!
Updated publishing-bot rules to Go 1.22.6
etcd to 3.5.15
Subprojects and Dependency Updates
containerd v1.7.21 regenerate introspection UUID if state is empty
grpc v1.66.1 enable EDS dualstack support by default
prometheus v2.54.1 allow multiple samples on same series, with explicit timestamps
via Last Week in Kubernetes Development https://lwkd.info/
September 05, 2024 at 12:12PM
‘Right to Repair for Your Body’: The Rise of DIY, Pirated Medicine
created and open sourced is the Microlab
September 5, 2024 at 11:33AM
via Instapaper
FourThievesVinegar/solderless-microlab
Microlab The MicroLab is an open-source, DIY, automated controlled lab reactor (CLR) that people can assemble with parts available online. We hope this will do…
September 5, 2024 at 11:26AM
via Instapaper
The basics of observing Kubernetes: a bird-watcher's perspective, with Miguel Luna
https://kube.fm/observability-kubernetes-miguel
In this KubeFM episode, Miguel Luna discusses the intricacies of Observability in Kubernetes, including its components, tools, and future trends.
You will learn:
The fundamental components of Observability: metrics, logs, and traces, and their roles in understanding system performance and health.
Key tools and projects: insights into Keptn and OpenTelemetry and their significance in the Observability ecosystem.
The integration of AI technologies: how AI is shaping the future of Observability in Kubernetes.
Practical steps for implementing Observability: starting points, what to monitor, and how to manage alerts effectively.
Sponsor
This episode is sponsored by Learnk8s — estimate the perfect cluster node with the Kubernetes Instance Calculator
More info
Find all the links and info for this episode here: https://kube.fm/observability-kubernetes-miguel
Interested in sponsoring an episode? Learn more.
via KubeFM https://kube.fm
September 03, 2024 at 06:00AM
Master Terminal Multiplexing with Zellij in Minutes!
Discover the power of Zellij, a terminal workspace that boosts productivity! In this video, we'll explore how to set up and use Zellij. We'll learn how to create sessions, split terminal into tabs and panes, and automate tasks using layouts. Watch as we demonstrate running commands, managing resources, and switching between tasks—all without touching the mouse. Perfect for developers looking to streamline their workflow. Don't miss out on mastering terminal multiplexing with Zellij!
Zellij #TerminalProductivity #DeveloperTools #TerminalMultiplexing
▬▬▬▬▬▬ 🔗 Additional Info 🔗 ▬▬▬▬▬▬ ➡ Transcript and commands: https://devopstoolkit.live/terminal/master-terminal-multiplexing-with-zellij-in-minutes 🔗 https://zellij.dev
▬▬▬▬▬▬ 💰 Sponsorships 💰 ▬▬▬▬▬▬ If you are interested in sponsoring this channel, please use https://calendar.app.google/Q9eaDUHN8ibWBaA7A to book a timeslot that suits you, and we'll go over the details. Or feel free to contact me over Twitter or LinkedIn (see below).
▬▬▬▬▬▬ 👋 Contact me 👋 ▬▬▬▬▬▬ ➡ Twitter: https://twitter.com/vfarcic ➡ LinkedIn: https://www.linkedin.com/in/viktorfarcic/
▬▬▬▬▬▬ 🚀 Other Channels 🚀 ▬▬▬▬▬▬ 🎤 Podcast: https://www.devopsparadox.com/ 💬 Live streams: https://www.youtube.com/c/DevOpsParadox
▬▬▬▬▬▬ ⏱ Timecodes ⏱ ▬▬▬▬▬▬ 00:00 Terminal Multiplexing 01:25 What is Zellij? 02:17 Terminal Multiplexing With Zellij
via YouTube https://www.youtube.com/watch?v=ZndhImXIGlg
Dashboards - Feat. Kubernetes Dashboard, Headlamp, Meshery (You Choose!, Ch. 4, Ep. 01)
Dashboards - Choose Your Own Adventure: The Observability Odyssey
In this episode, we'll go through dashboards. The contestants are Kubernetes Dashboard, Headlamp, and Meshery.
Vote for your choice of a tool for signing artifacts at https://cloud-native.slack.com/archives/C05M2NFNVRN. If you have not already joined CNCF Slack, you can do so from https://slack.cncf.io.
This and all other episodes are available at https://www.youtube.com/playlist?list=PLyicRj904Z9-FzCPvGpVHgRQVYJpVmx3Z.
More information about the "Choose Your Own Adventure" project including the source code and links to all the videos can be found at https://github.com/vfarcic/cncf-demo.
٩( ᐛ )و Whitney's YouTube Channel → https://www.youtube.com/@wiggitywhitney
ContainerSSH #ConfidentialContainers
▬▬▬▬▬▬ 🔗 Additional Info 🔗 ▬▬▬▬▬▬ 🔗 Dashboards: https://github.com/vfarcic/cncf-demo/tree/main/manuscript/dashboards/README.md
via YouTube https://www.youtube.com/watch?v=GhfRu3l4F8U
These Are Apple's Oldest Products Still Sold Today
For over two decades, the MacRumors Buyer's Guide has served as a valuable resource for keeping track of when Apple products were last updated. Below, we have…
August 29, 2024 at 04:15PM
via Instapaper
The Observability Odyssey (You Choose! Ch. 4, Ep. 0)
Chapter 4 of "Choose Your Own Adventure" is about to begin! In this one, we'll explore observability tools among CNCF projects.
More information about the "Choose Your Own Adventure" project including the source code and links to all the videos can be found at https://github.com/vfarcic/cncf-demo.
This and all other episodes are available at https://www.youtube.com/playlist?list=PLyicRj904Z9-FzCPvGpVHgRQVYJpVmx3Z.
observability #CNCF #cloud
٩( ᐛ )و Whitney's YouTube Channel → https://www.youtube.com/@wiggitywhitney
Consider joining the channel: https://www.youtube.com/c/devopstoolkit/join
▬▬▬▬▬▬ 💰 Sponsoships 💰 ▬▬▬▬▬▬ If you are interested in sponsoring this channel, please use https://calendar.app.google/Q9eaDUHN8ibWBaA7A to book a timeslot that suits you, and we'll go over the details. Or feel free to contact me over Twitter or LinkedIn (see below).
▬▬▬▬▬▬ 👋 Contact me 👋 ▬▬▬▬▬▬ ➡ Twitter: https://twitter.com/vfarcic ➡ LinkedIn: https://www.linkedin.com/in/viktorfarcic/
▬▬▬▬▬▬ 🚀 Other Channels 🚀 ▬▬▬▬▬▬ 🎤 Podcast: https://www.devopsparadox.com/ 💬 Live streams: https://www.youtube.com/c/DevOpsParadox
via YouTube https://www.youtube.com/watch?v=_sVIxEksR1M
Introduction | Dalec
Dalec is a project aimed at providing a declarative format for building system packages and containers from those packages. Our goal is to provide a secure and…
August 29, 2024 at 10:55AM
via Instapaper
will-moss/isaiah: Self-hostable clone of lazydocker for the web. Manage your Docker fleet with ease
August 29, 2024 at 10:55AM
via Instapaper
Week Ending August 25, 2024
https://lwkd.info/2024/20240828
Developer News
KubeCon + CloudNativeCon + Open Source Summit China 2024 happened last week in Hong Kong. The event had various talks on AI, running AI workloads on Kubernetes and the CNCF ecosystem, and updates from various maintainers of different CNCF projects. There was also a keynote by Linus Torvalds. Videos will be posted in the CNCF YouTube channel soon.
Release Schedule
Next Deadline: 1.32 cycle begins, September 9
We’re in the period between releases. Shadow applications for the v1.32 release team are open until September 6. The tentative dates for the v1.32 cycle are from September 9th to December 11th, 2024.
Featured PRs
126745: Improve PVC protection controller’s scalability by batch-processing PVCs by namespace & caching live pod list results [fixed dead loop issue with idle work queue]
This PR significantly enhances the scalability of the PVC Protection Controller by implementing batch processing of PVCs by namespace and caching live pod list results. It resolves a critical dead loop issue in the idle work queue and addresses performance bottlenecks in large clusters by reducing the number of API calls required for PVC deletion. As a result, the kube-controller-manager’s CPU usage is optimized, ensuring more efficient and reliable operation, especially in environments with high pod and PVC churn.
KEP of the Week
KEP 3998: Job success/completion policy
This (KEP) aims to enhance Indexed Jobs by allowing custom success criteria, so a job can be marked as succeeded based on specific pod indexes, such as leader pods, rather than requiring all pods to succeed. It supports distributed computing frameworks like MPI and PyTorch, where only certain pods determine job success. The proposal does not alter the default behavior for jobs without a SuccessPolicy or extend this feature to NonIndexed Jobs in its first iteration.
This KEP is tracked for beta release in v1.31.
Other Merges
kubeadm now sorts the result of MergeKubeadmEnvVars, and allows mixing of flags `–print-manifest and –config
Printer unit tests added for DRA resources
transformation_operations_total metric gets additional resource label
pkg/kubelet/cm/dra migrated to contextual logging
Fix for estimated cost for Kubernetes defined CEL types for equals
Common apiserver for all testcases in CEL tests
kube-scheduler removes non-csi volumelimit plugins
Scheduling throughput thresholds set in scheduler_perf tests
Fix to DRA with structured params to make unschedulable pods schedulable again after ResourceSlice cluster events
kube-proxy now uses field-selector clusterIP!=None on Services to avoid watching for Headless Services
NominatedPodsForNode moved to scheduling queue to make the invocations more direct
Events cached in the scheduling queue are cleared as soon as possible when SchedulerQueueingHints is enabled so that scheduler consumes less memory.
New e2e tests for Node endpoints
Deprecated
Graduated feature gates being removed: ValiatingAdmissionPolicy, StableLoadBalancerNodeSet, CloudDualStackNodeIPs, LegacyServiceAccountTokenCleanUp
kubeadm removes the deprecated flag ‘–experimental-output’
kubeadm removes the deprecated sub-phase of ‘init kubelet-finilize’ called experimental-cert-rotation
Version Updates
corefile-migration to v1.0.24
Subprojects and Dependency Updates
prometheus v2.54.1 allow multiple samples on same series, with explicit timestamps
containerd v1.7.21 regenerate introspection UUID if state is empty
grpc v1.66.1 enable EDS dualstack support by default; also v1.66.0
via Last Week in Kubernetes Development https://lwkd.info/
August 28, 2024 at 07:00PM