Luna was laying it on thick when she saw the luggage being packed. #corgi #pembrokewelshcorgi #dog #dogsofinstagram
July 31, 2024 at 03:17PM
via Instagram https://instagr.am/p/C-GTeQxvIwm/
Week Ending July 28, 2024
https://lwkd.info/2024/20240730
Developer News
The legacy cluster jobs is dwindling, but not empty. Thanks to everyone who migrated their jobs, but please look at the remaining few; they will be deactivated this week to make way for the CI control plane post 1.31 release.
Registration for Kubernetes Contributor Summit (KCSNA 24) is live.
Release Schedule
Next Deadline: Tests Freeze, 31 July
We are in week 12 of the v1.31 release cycle and are two weeks away from the scheduled release date. Code freeze was last week and we are currently tracking 44 enhancements after code freeze. We received a total of 10 exception requests after code freeze, 9 out of which were approved.
We have a bunch of important deadlines this week, the docs freeze (30th July) and test freeze (31st July). Please make sure your PRs are ready in time for the deadlines! v1.31.0-rc.0 is also scheduled to be cut on 30th July. Read more about the state of the release and important upcoming dates here.
Featured PRs
While the API types were added a few weeks ago, this PR adds the implementation for the new image volume type. While this feature has existed in Docker for many years, and through CSI plugins for nearly as long, this will bring into Kubernetes core and make it much more accessible to users. The general idea is simple, mounting a container image into a path so they can be updated independently of the running container image. For example a machine learning service can load its model files from an image updated nightly without having to recertify the code, or a CI system can load tools from an arbitrary image without having to worry about specifics.
This uses the same image management systems as everything else in the Kubelet, so images will be cached and reused if desired, and pull credentials are used automatically:
volumes:
The lease-based leader election framework built into Kubernetes has proven to be robust and powerful even in high-churn environments. What it isn’t, however, is predictable. This can increase the stress of running control plane upgrades, especially during version changes in extremely-low-downtime situations. This PR extends the existing leader election system with a new mode, strategy: OldestEmulationVersion, which provides for a default-case behavior where leaders are selected based on “simple” criteria (specifically a cascading choice list based on the declared API emulation version, actual version of the server, and creation timestamp of a new LeaseCandidate object) so that during upgrade we minimize leader swaps and they can also be generally predictable. This is built on top of all the existing machinery, so if something does go very wrong, we’ll still have that same robust safety we’re all accustomed to, but with a much easier happy path.
KEP of the Week
KEP 2644: Honor Persistent Volume Reclaim Policy
This KEP introduces an enhancement to Kubernetes by ensuring that the PV reclaim policy is honored even if the PV is deleted before the PVC. For a bound PV-Persistent Volume Claim (PVC) pair, if the PVC is deleted before the PV, the reclaim policy is honored. However, if the PV is deleted before the PVC, the reclaim policy is not exercised, leaving the storage asset not removed.
This KEP is tracked for beta release in the upcoming v1.31.
Other Merges
The DisableKubeletCSRAdmissionValidation feature gate renamed to AllowInsecureKubeletCertificateSigningRequests
Fix for kubelet cadvisor stats runtime panic
Fixes to coordinated leader election controller unit tests
LocalStorageCapacityIsolationFSQuotaMonitoring is false by default
Go version reverted to v1.22.5
ProcMountType to be disabled by default
Resource health implemented in Pod status
CRD validation rules support direct use of CEL reserved keywords
RetryWatcher.Stop is idempotent to avoid causing panic when calling Stop multiple times
partialSync implemented for kube-proxy nftables mode
Bug fix for init containers with Always restartPolicy not terminating gracefully
Fix for nodeNotReady in first sync period after kubelet restart
Fix for kubelet not calculating process usage of pods correctly
Validation for CABundle when writing CRDs
New cluster events UpdatePodScaleDown and UpdatePodLabel for Pods implemented
DRA resource quotas implemented
Promotions
KubeletSeparateDiskGC to beta
VolumeAttributesClass to beta
JobSuccessPolicy to beta
AppArmor to GA
LocalStorageCapacityIsolation to beta
Deprecated
kube-proxy’s deprecated flag --proxy-port-range removed
Subprojects and Dependency Updates
kops v1.29.2 support kube-controller-manager
libcni v1.2.3 correct a divergence between the specification and libcni
kubebuilder v4.1.1 new CLI option and allow access to underlying CLI command
grpc v1.65.2
via Last Week in Kubernetes Development https://lwkd.info/
July 30, 2024 at 05:00PM
With Open Source Artificial Intelligence, Don’t Forget the Lessons of Open Source Software | CISA
An official website of the United States government Here’s how you know Official websites use .gov A .gov website belongs to an official government organization…
July 29, 2024 at 01:34PM
via Instapaper
Websites are Blocking the Wrong AI Scrapers
Hundreds of websites trying to block the AI company Anthropic from scraping their content are blocking the wrong bots, seemingly because they are copy/pasting…
July 29, 2024 at 01:31PM
via Instapaper
