Posts in 2022

  • Kubernetes 1.25: alpha support for running Pods with user namespaces

    Monday, October 03, 2022 in Blog

    Authors: Rodrigo Campos (Microsoft), Giuseppe Scrivano (Red Hat) Kubernetes v1.25 introduces the support for user namespaces. This is a major improvement for running secure workloads in Kubernetes. Each pod will have access only to a limited subset …

    Read more

  • Enforce CRD Immutability with CEL Transition Rules

    Thursday, September 29, 2022 in Blog

    Author: Alexander Zielenski (Google) Immutable fields can be found in a few places in the built-in Kubernetes types. For example, you can't change the .metadata.name of an object. Specific objects have fields where changes to existing objects are …

    Read more

  • Kubernetes 1.25: Kubernetes In-Tree to CSI Volume Migration Status Update

    Monday, September 26, 2022 in Blog

    Author: Jiawei Wang (Google) The Kubernetes in-tree storage plugin to Container Storage Interface (CSI) migration infrastructure has already been beta since v1.17. CSI migration was introduced as alpha in Kubernetes v1.14. Since then, SIG Storage and …

    Read more

  • Kubernetes 1.25: CustomResourceDefinition Validation Rules Graduate to Beta

    Friday, September 23, 2022 in Blog

    Authors: Joe Betz (Google), Cici Huang (Google), Kermit Alexander (Google) In Kubernetes 1.25, Validation rules for CustomResourceDefinitions (CRDs) have graduated to Beta! Validation rules make it possible to declare how custom resources are …

    Read more

  • Kubernetes 1.25: Use Secrets for Node-Driven Expansion of CSI Volumes

    Wednesday, September 21, 2022 in Blog

    Author: Humble Chirammal (Red Hat), Louis Koo (deeproute.ai) Kubernetes v1.25, released earlier this month, introduced a new feature that lets your cluster expand storage volumes, even when access to those volumes requires a secret (for example: a …

    Read more

  • Kubernetes 1.25: Local Storage Capacity Isolation Reaches GA

    Monday, September 19, 2022 in Blog

    Author: Jing Xu (Google) Local ephemeral storage capacity isolation was introduced as a alpha feature in Kubernetes 1.7 and it went beta in 1.9. With Kubernetes 1.25 we are excited to announce general availability(GA) of this feature. Pods use …

    Read more

  • Kubernetes 1.25: Two Features for Apps Rollouts Graduate to Stable

    Thursday, September 15, 2022 in Blog

    Authors: Ravi Gudimetla (Apple), Filip Křepinský (Red Hat), Maciej Szulik (Red Hat) This blog describes the two features namely minReadySeconds for StatefulSets and maxSurge for DaemonSets that SIG Apps is happy to graduate to stable in Kubernetes …

    Read more

  • Kubernetes 1.25: PodHasNetwork Condition for Pods

    Wednesday, September 14, 2022 in Blog

    Author: Deep Debroy (Apple) Kubernetes 1.25 introduces Alpha support for a new kubelet-managed pod condition in the status field of a pod: PodHasNetwork. The kubelet, for a worker node, will use the PodHasNetwork condition to accurately surface the …

    Read more

  • Announcing the Auto-refreshing Official Kubernetes CVE Feed

    Monday, September 12, 2022 in Blog

    Author: Pushkar Joglekar (VMware) A long-standing request from the Kubernetes community has been to have a programmatic way for end users to keep track of Kubernetes security issues (also called "CVEs", after the database that tracks public …

    Read more

  • Kubernetes 1.25: KMS V2 Improvements

    Friday, September 09, 2022 in Blog

    Authors: Anish Ramasekar, Rita Zhang, Mo Khan, and Xander Grzywinski (Microsoft) With Kubernetes v1.25, SIG Auth is introducing a new v2alpha1 version of the Key Management Service (KMS) API. There are a lot of improvements in the works, and we're …

    Read more