Posts in 2023

  • Kubernetes 1.27: StatefulSet Start Ordinal Simplifies Migration

    Friday, April 28, 2023 in Blog

    Author: Peter Schuurman (Google) Kubernetes v1.26 introduced a new, alpha-level feature for StatefulSets that controls the ordinal numbering of Pod replicas. As of Kubernetes v1.27, this feature is now beta. Ordinals can start from arbitrary …

    Read more

  • Updates to the Auto-refreshing Official CVE Feed

    Tuesday, April 25, 2023 in Blog

    Authors: Cailyn Edwards (Shopify), Mahé Tardy (Isovalent), Pushkar Joglekar Since launching the Auto-refreshing Official CVE feed as an alpha feature in the 1.25 release, we have made significant improvements and updates. We are excited to announce …

    Read more

  • Kubernetes 1.27: Server Side Field Validation and OpenAPI V3 move to GA

    Monday, April 24, 2023 in Blog

    Author: Jeffrey Ying (Google), Antoine Pelisse (Google) Before Kubernetes v1.8 (!), typos, mis-indentations or minor errors in YAMLs could have catastrophic consequences (e.g. a typo like forgetting the trailing s in replica: 1000 could cause an …

    Read more

  • Kubernetes 1.27: Query Node Logs Using The Kubelet API

    Friday, April 21, 2023 in Blog

    Author: Aravindh Puthiyaparambil (Red Hat) Kubernetes 1.27 introduced a new feature called Node log query that allows viewing logs of services running on the node. What problem does it solve? Cluster administrators face issues when debugging …

    Read more

  • Kubernetes 1.27: Single Pod Access Mode for PersistentVolumes Graduates to Beta

    Thursday, April 20, 2023 in Blog

    Author: Chris Henzie (Google) With the release of Kubernetes v1.27 the ReadWriteOncePod feature has graduated to beta. In this blog post, we'll take a closer look at this feature, what it does, and how it has evolved in the beta release. What is …

    Read more

  • Kubernetes 1.27: Efficient SELinux volume relabeling (Beta)

    Tuesday, April 18, 2023 in Blog

    Author: Jan Šafránek (Red Hat) The problem On Linux with Security-Enhanced Linux (SELinux) enabled, it's traditionally the container runtime that applies SELinux labels to a Pod and all its volumes. Kubernetes only passes the SELinux label from a …

    Read more

  • Kubernetes 1.27: More fine-grained pod topology spread policies reached beta

    Monday, April 17, 2023 in Blog

    Authors: Alex Wang (Shopee), Kante Yin (DaoCloud), Kensei Nakada (Mercari) In Kubernetes v1.19, Pod topology spread constraints went to general availability (GA). As time passed, we - SIG Scheduling - received feedback from users, and, as a result, …

    Read more

  • Kubernetes v1.27: Chill Vibes

    Tuesday, April 11, 2023 in Blog

    Authors: Kubernetes v1.27 Release Team Announcing the release of Kubernetes v1.27, the first release of 2023! This release consist of 60 enhancements. 18 of those enhancements are entering Alpha, 29 are graduating to Beta, and 13 are graduating to …

    Read more

  • Keeping Kubernetes Secure with Updated Go Versions

    Thursday, April 06, 2023 in Blog

    Author: Jordan Liggitt (Google) The problem Since v1.19 (released in 2020), the Kubernetes project provides 12-14 months of patch releases for each minor version. This enables users to qualify and adopt Kubernetes versions in an annual upgrade cycle …

    Read more

  • Kubernetes Validating Admission Policies: A Practical Example

    Thursday, March 30, 2023 in Blog

    Authors: Craig Box (ARMO), Ben Hirschberg (ARMO) Admission control is an important part of the Kubernetes control plane, with several internal features depending on the ability to approve or change an API object as it is submitted to the server. It …

    Read more