Week Ending September 8, 2024

https://lwkd.info/2024/20240911

Developer News

SIG-ContribEx is hosting the first monthly New Contributor Orientation. Held on the first Tuesday of each month, this 1-hour video session will help new contributors figure out “where do I get started?” The first one is at 8:30UTC and again at 15:30UTC on September 17th.

You have one more week to propose sessions for the Contributor Summit, including presentations, discussions, and SIG/Team meetings. The Unconference Topics issue is ready for your discussion ideas.

SIG-Node is thinking about dynamic batch workloads.

Tim Hockins wants your answers to silly Kubernetes questions.

Release Schedule

Next Deadline: Production Readiness Freeze, October 3

As of this Monday, the 1.32 release cycle is underway. The team and schedule will be final this Friday, and Release Lead Frederico Muñoz has shared what to expect. Major deadlines include:

Enhancements freeze: Friday 11th October 2024

Code & Test freeze: Friday 8th November 2024

Docs freeze: Tuesday 26th November 2024

Release day: Wednesday 11th December 2024

Patch releases for all supported versions are expected out this week.

KEP of the Week

KEP 4601: Authorize with Field and Label Selectors

This KEP extends Kubernetes authorization attributes to include field and label selectors for List, Watch, and DeleteCollection verbs, allowing authorizers to make more granular security decisions. This enables out-of-tree authorizers to experiment with restrictions based on selectors, improving per-node workload security. Additionally, field and label selectors will be added to webhook authorization types, Subject Access Reviews (SSAR, SAR, Local SAR), and the node authorizer (restricting by nodeName), and will be integrated into the CEL authorizer for more advanced policy evaluations.

This KEP is tracked for alpha release in v1.32.

Other Merges

Accelerate responses for false negative access requests, speeding up workload startup

Use FormatOnly in gengo, which also involved making hundreds of API names unique; if you haven’t refreshed your repo copy after this merge, better do so

Regular init containers do not use the Sidecar code path, preventing startup failures

APIServer can offer UID headers

kubeadm upgrade apply and kubeadm upgrade node can upgrade just the addons or other specific elements, or skip them

Prevent InFlightPods from having more than one element

Remove conntrack binary from kube-proxy

Dynamic client-go won’t panic when it sees an UnstructuredList

Auto-restart init containers stuck in “created”

tryRegisterWithAPIServer continues whether or not it can create a node

New metrics: inflight_events for QueueingHints (but check for memory overflow)

Test improvements: NodeAffinity integration, image volume sharing

Promotions

AnonymousAuthConfigurableEndpoints to Beta

Subprojects and Dependency Updates

minikube v1.34: Kubernetes 1.31 support, ARM 64 qemu, Volcano addon

csi-driver-nfs v4.9.0: fix CVE-2024-5321

csi-driver-host-path v1.15.0: external-resizer to v1.11.2

csi-driver-smb v1.16.0: fix CVE-2024-5321

cri-o v1.30.5: update of checks for internal repair feature & add a new crio check sub-command; also v1.29.8v1.28.10

cloud-provider-openstack v1.31.0: occm add dnsPolicy feature

kubespray v2.26.0: Make kubernetes v1.30.4 default

python-client v31.0.0b1: DRA changes, leader elections, UserNamespaces

via Last Week in Kubernetes Development https://lwkd.info/

September 11, 2024 at 05:00PM

async-profiler/async-profiler: Sampling CPU and HEAP profiler for Java featuring AsyncGetCallTrace + perf_events

This project is a low overhead sampling profiler for Java that does not suffer from Safepoint bias problem. It features HotSpot-specific APIs to collect stack…

September 11, 2024 at 01:20PM

via Instapaper

Why GitHub Actually Won

A few days ago, a video produced by @t3dotgg was posted to his very popular YouTube channel where he reviews an article written by the Graphite team titled “How…

September 11, 2024 at 11:35AM

via Instapaper

Will California flip the AI industry on its head?

Image: Cath Virginia / The Verge, Getty Images Artificial intelligence is moving quickly. It’s now able to mimic humans convincingly enough to fuel massive…

September 11, 2024 at 11:31AM

via Instapaper

Why Open Source AI Has No Meaning

Meta is winning the open source AI story by using the term to push a large language model (LLM) that is not open source. But really, the Meta camp can call open…

September 11, 2024 at 10:13AM

via Instapaper

MariaDB goes private with new CEO as K1 closes acquisition | TechCrunch

Enterprise 6:15 AM PDT • September 10, 2024 Image Credits: Smith Collection/Gado / Getty Images MariaDB‘s short-lived tenure as a public company is all but…

September 11, 2024 at 10:06AM

via Instapaper

K1 Acquires MariaDB, a Leading Database Software Company, and Appoints New CEO

Strategic investment aims to accelerate MariaDB's mission to deliver innovative, scalable database solutions with new executive leadership to drive the next…

September 11, 2024 at 10:02AM

via Instapaper

How we are managing a container platform with Kubernetes, with Ángel Barrera Sánchez

https://kube.fm/platform-gitops-angel

In this KubeFM episode, Ángel Barrera discusses Adidas' strategic shift to a GitOps-based container platform management system, initiated in May 2022, and its impact on their global infrastructure.

You will learn:

The initial state and challenges: Understand the complexities and inefficiencies of Adidas' pre-GitOps infrastructure.

The transition process: Explore the steps and strategies used to migrate to a GitOps-based system, including tool changes and planning.

Technical advantages: Learn about the benefits of the pull mechanism, unified configuration, and improved visibility into cluster states.

Developer and business feedback: Gain insights into the feedback from developers and the business side, and how they were convinced to invest in the migration.

Sponsor

This episode is sponsored by ControlPlane — empower your Kubernetes deployments with ControlPlane Enterprise for Flux CD.

More info

Find all the links and info for this episode here: https://kube.fm/platform-gitops-angel

Interested in sponsoring an episode? Learn more.

via KubeFM https://kube.fm

September 10, 2024 at 06:00AM

Surviving Backstage with Roadie: A Developer''s Nightmare or Dream?

Discover the power and pitfalls of Backstage, the ultimate tool for boosting productivity in your organization. In this video, we dive deep into Backstage's capabilities, its challenges, and how Roadie can simplify your experience. Learn how to set up repositories, automate workflows, and manage Kubernetes clusters with ease. Watch as we transform a project using Backstage and Roadie, and explore the benefits and hurdles along the way.

Backstage #Roadie #IDP #InternalDeveloperPlatform

▬▬▬▬▬▬ 🔗 Additional Info 🔗 ▬▬▬▬▬▬ ➡ Transcript and commands: https://devopstoolkit.live/internal-developer-platforms/surviving-backstage-with-roadie-a-developers-nightmare-or-dream 🔗 Roadie: https://roadie.io 🔗 Backstage: https://backstage.io 🎬 Automate Everything: How One Manifest Powers Your Entire DevOps Pipeline: https://youtu.be/IEgXJEkjBZ0

▬▬▬▬▬▬ 💰 Sponsorships 💰 ▬▬▬▬▬▬ If you are interested in sponsoring this channel, please use https://calendar.app.google/Q9eaDUHN8ibWBaA7A to book a timeslot that suits you, and we'll go over the details. Or feel free to contact me over Twitter or LinkedIn (see below).

▬▬▬▬▬▬ 👋 Contact me 👋 ▬▬▬▬▬▬ ➡ Twitter: https://twitter.com/vfarcic ➡ LinkedIn: https://www.linkedin.com/in/viktorfarcic/

▬▬▬▬▬▬ 🚀 Other Channels 🚀 ▬▬▬▬▬▬ 🎤 Podcast: https://www.devopsparadox.com/ 💬 Live streams: https://www.youtube.com/c/DevOpsParadox

▬▬▬▬▬▬ ⏱ Timecodes ⏱ ▬▬▬▬▬▬ 00:00 Introduction to Backstage and Roadie 04:55 The Project 05:55 Backstage with Roadie in Action

via YouTube https://www.youtube.com/watch?v=LIhnicLyzsk

What You Need to Know About Grok AI and Your Privacy

In 2015, Elon Musk and Sam Altman cofounded OpenAI based on a seemingly ethical ethos: to develop AI technology that benefits humanity, rather than systems…

September 9, 2024 at 09:21AM

via Instapaper