KubeCon North America is now! Please bear with everyone as response times from SIGs and code review may be longer than usual.
Next Deadline: Exceptions Due, October 31st
SIG-Release posted a comprehensive update on the state of 1.26 to the dev mailing list. Normal releases will resume after KubeCon.
While pod lifecycle handlers (postStart and preStop) have supported HTTP actions for a while, this has used a different code path than the more commonly-used HTTP actions in readiness/liveness probes. More specifically several common features such as setting custom HTTP headers or using HTTPS for connections were not supported. This has now been unified, rejoice! This does bring some complex migration behavior though, as the these struct fields were previously present but unused so they have already been set by unaware developers. To help with this, if a handler is set to use HTTPS and the connection fails, it will automatically retry with HTTP as it would have made the request previously. This feature can also be globally disabled via
--feature-gates=ConsistentHTTPGetHandlers=false if it causes you problems in your infrastructure. Now would be a great time to audit your pods for unexpected
https:// scheme values.
kubernetes.io/legacy-token-last-usedannotation when used