Community Meeting Summary
The community meeting started with a demo of Automation Broker by Michael Hrivnak. This is really a set of Ansible-based tools for building Service Catalog services, including the broker itself, the Ansible Playbook Bundle, and the Ansible Operator. You can even use it to run Helm.
Nishi Davidson updated us on SIG-AWS. Subprojects
out-of-tree-ccm will be going in as alpha in 1.13. The in-tree cloud provider will soon have e2e tests, and will be maintained until the plugin is GA, sometime in late 2019. They’ve added the aws-tester plugin which creates an EKS cluster for testing.
The SIG-Scheduling updates for 1.12, per Bobby Salamat, included scheduler performance improvement, TaintNodesByCondition, ImageLocality (track which nodes have which images), and finalizing the design of the Scheduler plugin architecture. For 1.13, they’re working on gang scheduling, pod scheduling policies, implementing extension/plugin points, and improving the equivalence cache.
Paris presented about SIG-ContribEx. Last cycle, they completed the contributor survey (result graphs coming soon), overhauled how the various project media are moderated, and launched discuss.kubernetes.io. Now, they’re revamping the developer guide, building a new contributor site, and improving SIG Chair processes. For the last please reach out to #sig-contribex if you have ideas.
KEPs are moving repos, per discussion, with plans to eventually become the mandatory new feature process. The Seattle Contributor Summit is waitlisted.
Next Deadline: Code Slush, November 9
We will also be releasing the beta and creating a branch on Nov. 6th. Code freeze is just 2 weeks away, so try to finish up your work for 1.13. Once code slush starts, PRs must be labeled completely.
We have also finalized the criteria for blocking tests and will be re-shuffling the test boards in accord with them.
Updates 1.11.4 and 1.12.2 were released last week.
Flex-plugin-based persistent volumes now have a
ExpandVolumeDevice hook to resize the underlying volume size, and
ExpandFS to grow the filesystem to match. Together these allow live resizing of volumes in the same way as the in-tree plugins like AWS-EBS and GCE-PD.
Up until now, custom resources have had to use the
nopConversion, making it very difficult to use the normal alpha, beta, GA progression that in-tree resources follow. A KEP to improve this has been approved, and this PR adds in the API skeleton. The overall idea is to add a webhook between kube-apiserver and the CRD controller to handle the data translation. Eventually this will allow smooth upgrades for existing custom objects.
Somewhat burying the lede, this PR switching the
kubectl rollout commands from
apps/v1, which is one step closer to being able to remove the old beta Deployment APIs. A good reminder to check any custom Deployment tooling to ensure you’re on the
A follow up to last week’s featured PR, this adds a set of token authentication wrappers for pre-audience tokens. Anything using token authentication may want to use these wrappers to match the new requirements.
- MountPropagation is now unconditionally enabled in 1.13.
- Components can now generate self-signed certs in memory if no cert is provided
- CSI drivers get mount options
- Kubeadm ControlPlane timeout is now configurable, and HostPathMount now uses ReadOnly instead of Writeable
- The Azure provider supports UltraSSD disks, and no longer orphans public IPs
--audit-log-versionnow default to v1
- The Openstack Provider stops trying to handle non-Openstack volumes
kubectl plugin listnow shows plugins in PATH order
- Switch from rollout to recreate in kubectl without clearing all the rollout fields
- Only activate unscheduleable pods if a node’s scheduling properties change, and use a fake client for scheduler tests.
Named pipe mounts,
--kube-reservednow work on Windows nodes
- SIG-Scheduling is deprecating the “critical pod” annotation as of 1.13. Please replace it with Tainting and/or Priorities.
- Kubeadm no longer supports multiple API endpoints on join