Lwkd.info - Week Ending December 2, 2018

lwkd

#1

It’s release time! Kubernetes 1.13 is out, which you can read about elsewhere. Along with the 1.13 release, we also released an all-versions security patch, so even if you’re not upgrading to 1.13, it’s time to update your clusters today.

Also note that we didn’t have an LWKD last week due to Code Freeze, and we may not have one next week due to Kubecon Seattle.

Community Meeting Summary

The community meeting kicked off with Andrew Chen and Dominik Tornow explaining the Docs Modeling Working Group, which is an effort to improve the project’s “big picture” documentation through the use of models and diagrams.

Matt Farina, newly elected chair, briefed us on SIG-Architecture, which now has a charter. They are working on API review, conformance testing, and KEPs (which are moving to kubernetes/enhancements repo). They are hoping to handle Windows conformance testing soon.

SIG-Release was represented by Tim Pepper, also a new chair, who went over the changes from the last few releases. In 1.12, we enabled non-Google branch managers and moved to Tide for merge queue. 1.13 saw a cleanup of the testgrid, moving out unmaintained tests (to be repeated in the future), and creating a Branch Manager team (instead of one person). For 1.14, they’re shooting for better RPMs and Debs, and improvements to build tools and automation. A big change is the launch of the LTS Working Group, who will be figuring out if Kubernetes can and should have Long Term Support releases and what those would look like.

There is a schedule for the Contributor Summit and the last Meet Our Contributors of the year will be December 5.

Release Schedule

By the time you read this, Kubernetes 1.13.0 will be out. 1.12.3, 1.11.5, and 1.12.3 are also out, and patch a super-critical security hole. Update your servers now.

The 1.14 Release Team is being selected and 1.14 development has already started, with the lifting of Code Freeze last week. Here’s some 1.14 changes for you to anticipate:

Featured PRs

#71320: Introduce NodeKiller – a utility to simulate node failures in e2e tests

Chaos monkey for e2e tests! NodeKiller allows randomly shutting down nodes during e2e tests, subject to a bunch of parameters like a time between failures and a percentage of nodes to target overall. While not every test will benefit from this kind of chaos testing, it will hopefully improve the overall reliability of Kubernetes as well as help detect flaky e2e tests. And while we’re on the topic of e2es, we had two new suites added for file exec and pod preemption.

#70227: Add plugin interfaces for reserve and prebind extension points of the scheduling framework

While there have been systems in the past for extending and customizing the behavior of the scheduler, it has been a difficult proposition up until now. This new plugins framework allows very simply registering code to run during different phases of the scheduling process. For now only the reserve and pre-bind steps have been exposed, but more are expected to land before 1.14 ships.

#71302: Split mutable and read-only access to feature gates, limit tests to readonly access

This PR divides up the APIs to access feature gates data into read and write halves. This prevents code from unexpectedly modifying feature gate settings, and makes it easier to track which places are using the mutable API. It’s unlikely this should affect much code in the wild, but it’s possible it may require tweaks to testing systems.

#71488: Change sort function of the scheduling queue to avoid starvation

And finally a shorter entry, a tweak to the scheduler loop to prevent scheduler starvation. This could occur if the cluster has a large number of unschedulable pods such that a small subset of them are continually bumping to the start of the queue and thus others never get picked up as schedulable later on.

Other Merges

Deprecated

  • --experimental-encryption-provider-config has been replaced with --encryption-provider-config and will be dropped in 1.14

Version Updates