Welcome to the 5th year of LWKD! LWKD is brought to you by Josh Berkus and Noah Kantrowitz of SIG-ContribEx. You can contribute through the git repo. As usual for the first issue of the year we’ll be summarizing the last 3 weeks or so of development over the holidays.
firstname.lastname@example.org is the new
kubernetes-dev@googlegroups: over the holidays, Paris Pittman and others moved us from the old Dev mailing list, to one hosted on the kubernetes.io domain. If you were subscribed to kubernetes-dev, you should be subscribed to the new email@example.com mailing list now. Remember to post to the right place! This move will let us have a real community calendar again.
If you are using the fluentd-elasticsearch addon, you need to update to patch log4j.
Linus Arver is overhauling the Prow documentation and could maybe use your help.
Next Deadline: PRR heads-ups due, January 27th
The 1.24 Release Cycle has begun, with a new crew of community members running the show. That means that the call for enhancements is open, and you have until February 3rd to finish your KEP and register it. As last cycle, the PRR Team has requested that any KEPs that require a PRR (most of them) get them a completed PRR questionnaire a week before the enhancements deadline, if possible.
In case you missed it due to holidays, 1.20.14, 1.21.8, 1.22.5, and 1.23.1 were released on December 15th. For those waiting for the first patch on 1.23, you can upgrade now. For those using 1.20, it’s almost EOL (one more update) and you should really upgrade.
With the new cycle just kicking off, we’ve got some early bird KEPs targeting 1.24.
ClusterIP for a Service can be either automatically allocated from a dynamic range or manually specified in the ServiceSpec. While both of these options work fine on their own, mixing them in the same address space can risk collisions or other network sadness. This KEP outlines an improved address allocator that will better coexist with static IPs.
Hardly a week goes by these days without a software supply chain attack story in the news. To try and be better citizens of this modern landscape, we’re moving forward on signed release artifacts. This KEP mostly lays out the reasons and goals behind release signing so we have a clear target to aim towards. On the implementation side the expectation is still that we’ll be using
sigstore though some exact details of tooling are still being worked out. If you’re interested in helping with this, please contact SIG-Release. This will theoretically get us to SLSA Level 2, with a whole separate effort being started to get us to Level 3 but that is expected to be a much longer road.
kubectl rollouthas a label selector allowing batch upgrades/restarts
kubectl logsdefaults to the “first” container
kubectl config set-contextgets tab completion
We had a lot of fixes backported to all versions, so you can expect these to show up in next week’s update release:
Also, Kubeadm is making a number of breaking changes in 1.24, including removing dockershim, switching to v1beta3 API, turning the configmap on by default, requiring a URL scheme for CRI, and letting ca.crt contain multiple certificates.
Service.Spec.LoadBalancerIPis deprecated because it doesn’t work with DualStack and it’s provider-dependent to boot