Prepare yourself for an extra-long LWKD! Apparently once everyone got home from KubeCon EU, they merged all the code they discussed there, especially the Kubeadm team. More than 70 changes worth noting, below.
To find LWKD on the web or subscribe for direct email delivery, see LWKD.info.
Community Meeting Summary
Last week’s Community Meeting featured a demo of Gardner, a new open source multi-cluster manager from the folks at SAP engineering. This includes a collection of Teraform templates for public clouds called Kubify.
SIG Updates: Bobby Salamat explained SIG-Scheduling’s current projects, including getting Priority/Preemption to beta, creating an equivalence cache for scheduling, and gang scheduling in order to make scheduling new pods faster. They’re also working on moving taint-based eviction to beta, and designing two new projects: a scheduling framework, and Pod scheduling policy. For SIG-Scalabilty, Bob Wise detailed performance advice and current work, including that users should use tested etcd versions and test clusters with Kubemark. They’re working on better real-workload testing, and having a presubmit mini-performance test. Daniel Smith of SIG-API Machinery introduced their “new dynamic client” with a better interface. The old client is now deprecated. CRDs will be versioned in 1.11, and they will also be launching an “Apply Working Group” which will govern a feature branch to change how Apply is implemented.
As always, Kubernetes is looking for mentors. The next Meet our Contributors is June 6th. The Discourse Forum for Kubernetes is now active, and the community will be running a 3-hour AMA at DockerCon on June 13th.
Next Deadline: May 25th, placeholder Doc PRs are due for all new features.
1.11.0 beta0 was released on May 16th.
Due to the hard work of many contributors in diagnosing and fixing test failures, CI signal is relatively clean and the Release Team is delaying and shortening Code Freeze as promised. Code Slush now begins a week later, on May 29th and Code Freeze on June 5th.
- Dynamic Kubelet config now supports changes to the ConfigMap.
- Kubelet config validation now understands feature gates, and reports its status as machine-readable JSON instead of human-oriented text.
- kube-up.sh uses crictl on GCE.
- Auditing now truncates too-large event messages.
- The GRPC client in the kubelet increased response size to 8MB.
- You can pass optional args to etcd on GCE now.
- vSphere can store cloud credentials in Kube secrets, and supports SAML.
- The kubernetes-worker charm supports NFS.
Service.spec.publishNotReadyAddressesadded to the API, as planned in 1.9 (oops).
- The APIServer now watches for new secrets coming from nodes.
- Kubectl speaks Korean.
- Services can listen on the same port on different interfaces.
- Kubectl will soon error on duplicate names in its config.
Lots of things are getting promoted to Beta in 1.11!
- CRD Subresources are beta and enabled.
- CRI Log Rotation is beta and on by default (and the log is in a new location).
- The priorityClass API is now beta.
This was a super-busy week for the Kubeadm team.
- Now defaults to using CoreDNS.
- Upgrades work with external etcd clusters, as does CAcert configration.
- Kubeadm can pull images using crictl.
- Kubeadm has a command to print the default config, and another to see planned upgrade steps.
- Kubeadm will soon stop supporting Kubernetes before 1.10.
- The public cadvisor port is gone, as promised last release cycle.
- UID mutation has been removed from request.context.
- Unused fields left over from Kubeadm etcd self-hosting attempt have been removed.
- Kubelets/nodes can no longer modify their own taints.
- InfluxDB monitoring support will be dropped from 1.12.
- Dial has been replaced by DialContext in client-go.
- Close connections if the Kubelet can’t connect to the API instead of hanging waiting for cert validation. Might get backported.
- Openstack Node names have been reverted to their pre-1.10 conventions, to stop breaking existing deployments.
kubectl describe stsincludes update strategy.
- Jordan Liggit fixed a thorny race condition in API aggregation bootstrap.
- Fix GCE support for APIserver load balancing in HA setups.
- The Scheduler unit tests support subtests.
- Fail API calls with --dry-run on APIservers where dry run isn’t supported.
- Prevent Windows pods from crashing if given an invalid symlink as a mount.
Last Week In Kubernetes Development (LWKD) is a product of some members of the Kubernetes project,
but is not an official publication of the Kubernetes project or the CNCF. All original content is licensed
Creative Commons Share-Alike, although linked content and images may be differently licensed.
LWKD does collect some information on readers, see our privacy notice for details.