Suggested Reads

Suggested Reads

54832 bookmarks
Newest
Michigan’s $23B education deal
Michigan’s $23B education deal
Michigan Democrats cap a 19-hour marathon session with approval of an education budget they say will put money back into classrooms. Some school groups opposed the plan, along with all Republicans.
·bridgedetroit.com·
Michigan’s $23B education deal
RSA Conference 2024 Opening Keynote
RSA Conference 2024 Opening Keynote

RSA Conference 2024 Opening Keynote

Welcome to RSA Conference 2024, the perfect opportunity to connect with like-minded colleagues. Where people gather around a shared passion, great things can…

June 28, 2024 at 12:11PM

via Instapaper

·youtube.com·
RSA Conference 2024 Opening Keynote
Last Week in Kubernetes Development - Week Ending June 23 2024
Last Week in Kubernetes Development - Week Ending June 23 2024

Week Ending June 23, 2024

https://lwkd.info/2024/20240628

Developer News

Reminder: all jobs on the old test cluster must migrate or die by August 1. Here’s a table of unmigrated jobs. While you’re at it, start working on using --label-filter to revise how Prow runs your tests.

Release Schedule

Next Deadline: Docs Deadline for placeholder PRs, June 27th

The code freeze deadline has been extended from July 10th to July 24th, adding 2 weeks of time in lieu of the US holidays.

Featured PRs

125560 Add field management support to fake client-go typed client

This PR introduces a new feature by adding field management support to the fake client-go typed client. This enhancement allows developers to use fake.NewClientset() instead of fake.NewSimpleClientset() to create a clientset with managed field support. This improvement addresses issue where Server-Side Apply (and fieldmanagement) was missing in client-go/fake and is crucial for more accurate testing and simulation of Kubernetes API server behaviors in client-go. It ensures that the fake client mimics real client behaviors more closely, benefiting developers who rely on it for unit testing. For more details, refer to kubernetes/client-go#1184 and #99953.

KEP of the Week

KEP 4193: Bound service account token improvements

This (KEP) aims to bind Pod’s associated Node information into Kubernetes service account tokens, enhancing their security and traceability. By embedding the Node’s name and UID into the JWT tokens and including unique identifiers (JTIs), the KEP ensures robust identity verification and improves auditability. This includes extending the TokenRequest API to bind tokens to Node objects and modifying the TokenReview API to validate these tokens. These changes support mitigating replay attacks and improving the overall security posture of Kubernetes clusters by providing a clear, traceable link between tokens and their originating Node objects.

This KEP is tracked for beta release in the upcoming v1.31.

Other Merges

KUBE_EMULATED_VERSION env added to set emulated version of apiserver

Publishing rules to use go1.22.4 for all branches

Add Extra.DisableAvailableConditionController for Generic Control Plane setup in kube-aggregator

Switch PollWithContext to PollUntilContextTimeout

kubeadm adds the ControlPlaneKubeletLocalMode feature gate for running kubeadm with local kube-apiserver

Skip updating Pods which are in the scheduling cycle when SchedulingQueueHint is enabled

kubeadm allows usage of –yes flag with the –config flag

The .status.ready field is tracked faster when active Pods are deleted, specifically when a Job is failed

kubectl describe service now shows internal traffic policy and IP mode of a load balancer serivce

Improve memory usage of kube-apiserver by dropping the .metadata.managedFields field

Fix null lastTransitionTime in Pod condition when setting scheduling gate

Promotions

PDBUnhealthyPodEvictionPolicy to GA

ConsistentListFromCache to beta

HonorPVReclaimPolicy to beta

KubeProxyDrainingTerminatingNodes to GA

LogarithmicScaleDown to GA

RecursiveReadOnlyMounts to beta

Deprecated

Deprecated kubectl exec command execution without dash removed

Version Updates

Go upgraded to 1.22.4 for v1.27, v1.28 and v1.29

Subprojects and Dependency Updates

Kernel Module Management v2.1.1: normalize kernel versions, stop no-op controllers

cni v1.2.1: fix faulty json marshal behavior for embeds types

csi-driver-host-path v1.14.0 replace socat image with hostpathplugin image

prometheus v2.53.0: change GOGC threshold from 100 to 75; also v2.45.6

via Last Week in Kubernetes Development https://lwkd.info/

June 28, 2024 at 08:50AM

·lwkd.info·
Last Week in Kubernetes Development - Week Ending June 23 2024
zackees/transcribe-anything: Input a local file or url and this service will transcribe it using Whisper AI. Completely private and Free
zackees/transcribe-anything: Input a local file or url and this service will transcribe it using Whisper AI. Completely private and Free

zackees/transcribe-anything: Input a local file or url and this service will transcribe it using Whisper AI. Completely private and Free 🤯🤯🤯

USES WHISPER AI Over 300+⭐'s because this program this app just works! This whisper front-end app is the only one to generate a speaker.json file which…

June 27, 2024 at 12:31PM

via Instapaper

·github.com·
zackees/transcribe-anything: Input a local file or url and this service will transcribe it using Whisper AI. Completely private and Free
COVID-19 cases hospitalizations climb in US during summer: Where Michigan stands
COVID-19 cases hospitalizations climb in US during summer: Where Michigan stands

COVID-19 cases, hospitalizations climb in US during summer: Where Michigan stands

Cough, cough. Sniff, sniff. Summer typically is not the season for respiratory infections, but it is the time when people get together for reunions, barbecues and graduation parties, plus celebrate weddings and travel.

Tags:

via Pocket https://www.freep.com/story/news/health/2024/06/27/michigan-covid-19-summer-2024-wave-coronavirus-variants/74220256007/

June 27, 2024 at 12:14PM

·eu.freep.com·
COVID-19 cases hospitalizations climb in US during summer: Where Michigan stands
I’m Just a Simple Macintosh User, Asking a Bazillion Dollar Company for a Better Way To Move Tasks Between Lists in Reminders
I’m Just a Simple Macintosh User, Asking a Bazillion Dollar Company for a Better Way To Move Tasks Between Lists in Reminders
Every summer, I take some time with Apple's updated stock apps. Many of them are quite good, and meet the needs for the vast majority of users. I fully understand that sometimes you and I are not the vast majority of users, and that third-party apps can often better fit our needs. Every year, I [...]
·512pixels.net·
I’m Just a Simple Macintosh User, Asking a Bazillion Dollar Company for a Better Way To Move Tasks Between Lists in Reminders
CVE-2024-5806: Progress MOVEit Transfer Authentication Bypass Vulnerability
CVE-2024-5806: Progress MOVEit Transfer Authentication Bypass Vulnerability
Progress Software has patched a high severity authentication bypass in the MOVEit managed file transfer (MFT) solution. As MOVEit has been a popular target for ransomware gangs and other threat actors, we strongly recommend prioritizing patching of this vulnerability.
·tenable.com·
CVE-2024-5806: Progress MOVEit Transfer Authentication Bypass Vulnerability
ID Verification Service for TikTok Uber X Exposed Driver Licenses
ID Verification Service for TikTok Uber X Exposed Driver Licenses

ID Verification Service for TikTok, Uber, X Exposed Driver Licenses

Subscribe Join the newsletter to get the latest updates. 🖥️ 404 Media is a journalist-owned website. Sign up to support our work and for free access to this…

June 26, 2024 at 11:32AM

via Instapaper

·404media.co·
ID Verification Service for TikTok Uber X Exposed Driver Licenses
Windows on Arm finally has legs
Windows on Arm finally has legs

Windows on Arm finally has legs

Photo by Chris Welch / The Verge When I first used the Arm-powered Surface Pro X in 2019, I loved the hardware but disliked the software experience. Everything…

June 26, 2024 at 10:59AM

via Instapaper

·theverge.com·
Windows on Arm finally has legs