Last Week In Kubernetes Development - October 24, 2021

Developer News

The Steering Committee election is still in progress, and you have until November 4th to vote (and until October 29 to ask for an exception). Remember to vote!

Ingress-Nginx has reported a security hole which may allow users to see secrets belonging to other users if custom snippets are enabled. To patch, you will need to both upgrade Ingress-Nginx and disable custom snippets.

SIG-Release is looking hard at the Release Team selection process and would like your thoughts if you’re a current, former, or wanna-be release team member.

Release Schedule

Next Deadline: Final call for enhancements exceptions, Nov. 1

We are now three weeks from code freeze. If you are working on a cool new feature, we’d like to have it on the Feature Blog, and you should maybe contribute to the discussion around themes for 1.23. You should also create placeholder PRs for your docs.

October’s patch releases for 1.20-1.22 should be out this Wednesday.

Merges

• Generic Ephemeral Volumes are allowed to be raw block devices and have new e2e tests
• Swapped out json-iterator for a fork of the json stdlib decoder, for general performance improvements and handling mangled JSON better, although more performance tests would be nice
• Wei Huang cleaned up how the scheduler handles --leader-elect arguments
• Plug memory leak in DeleteCollection
• If you delegate an API request, it releases its slot in the APF queue
• client-go will reuse the same connection for multiple clientsets, and sets the Content Type even in the dynamic client
• remotePath and localPath are now separate storage objects so that they get handled and cleaned up properly
• Log kubernetes objects as structs in JSON format
• Added plumbing for some PodSecurity metrics

Promotions

• EphemeralContainers to beta and enabled by default

Deprecated

• StorageObjectInUseProtection feature gate is now locked to enabled, and will be removed in a future release