Posts in 2023
Kubernetes 1.27: Query Node Logs Using The Kubelet API
By Aravindh Puthiyaparambil (Red Hat) | Friday, April 21, 2023 in Blog
Kubernetes 1.27 introduced a new feature called Node log query that allows viewing logs of services running on the node. What problem does it solve? Cluster administrators face issues when debugging malfunctioning services running on the node. They …
Kubernetes 1.27: Single Pod Access Mode for PersistentVolumes Graduates to Beta
By Chris Henzie (Google) | Thursday, April 20, 2023 in Blog
With the release of Kubernetes v1.27 the ReadWriteOncePod feature has graduated to beta. In this blog post, we'll take a closer look at this feature, what it does, and how it has evolved in the beta release. What is ReadWriteOncePod? ReadWriteOncePod …
Kubernetes 1.27: Efficient SELinux volume relabeling (Beta)
By Jan Šafránek (Red Hat) | Tuesday, April 18, 2023 in Blog
The problem On Linux with Security-Enhanced Linux (SELinux) enabled, it's traditionally the container runtime that applies SELinux labels to a Pod and all its volumes. Kubernetes only passes the SELinux label from a Pod's securityContext fields to …
Kubernetes 1.27: More fine-grained pod topology spread policies reached beta
By Alex Wang (Shopee), Kante Yin (DaoCloud), Kensei Nakada (Mercari) | Monday, April 17, 2023 in Blog
In Kubernetes v1.19, Pod topology spread constraints went to general availability (GA). As time passed, we - SIG Scheduling - received feedback from users, and, as a result, we're actively working on improving the Topology Spread feature via three …
Kubernetes v1.27: Chill Vibes
By Kubernetes v1.27 Release Team | Tuesday, April 11, 2023 in Blog
Announcing the release of Kubernetes v1.27, the first release of 2023! This release consist of 60 enhancements. 18 of those enhancements are entering Alpha, 29 are graduating to Beta, and 13 are graduating to Stable. Release theme and logo Kubernetes …
Keeping Kubernetes Secure with Updated Go Versions
By Jordan Liggitt (Google) | Thursday, April 06, 2023 in Blog
The problem Since v1.19 (released in 2020), the Kubernetes project provides 12-14 months of patch releases for each minor version. This enables users to qualify and adopt Kubernetes versions in an annual upgrade cycle and receive security fixes for a …
Kubernetes Validating Admission Policies: A Practical Example
By Craig Box (ARMO), Ben Hirschberg (ARMO) | Thursday, March 30, 2023 in Blog
Admission control is an important part of the Kubernetes control plane, with several internal features depending on the ability to approve or change an API object as it is submitted to the server. It is also useful for an administrator to be able to …
Kubernetes Removals and Major Changes In v1.27
By Harshita Sao | Friday, March 17, 2023 in Blog
As Kubernetes develops and matures, features may be deprecated, removed, or replaced with better ones for the project's overall health. Based on the information available at this point in the v1.27 release process, which is still ongoing and can …
k8s.gcr.io Redirect to registry.k8s.io - What You Need to Know
By Bob Killen (Google), Davanum Srinivas (AWS), Chris Short (AWS), Frederico Muñoz (SAS Institute), Tim Bannister (The Scale Factory), Ricky Sadowski (AWS), Grace Nguyen (Expo), Mahamed Ali (Rackspace Technology), Mars Toktonaliev (independent), Laura Santamaria (Dell), Kat Cosgrove (Dell) | Friday, March 10, 2023 in Blog
On Monday, March 20th, the k8s.gcr.io registry will be redirected to the community owned registry, registry.k8s.io . TL;DR: What you need to know about this change On Monday, March 20th, traffic from the older k8s.gcr.io registry will be redirected …
Forensic container analysis
By Adrian Reber (Red Hat) | Friday, March 10, 2023 in Blog
In my previous article, Forensic container checkpointing in Kubernetes, I introduced checkpointing in Kubernetes and how it has to be setup and how it can be used. The name of the feature is Forensic container checkpointing, but I did not go into any …