 |
VOOZH | about |
|
VOOZH | about |
We’re so glad you’re here. You can expect all the best TNS content to arrive Monday through Friday to keep you on top of the news and at the top of your game.
Check your inbox for a confirmation email where you can adjust your preferences and even join additional groups.
Follow TNS on your favorite social media networks.
Become a TNS follower on LinkedIn.
Check out the latest featured and trending stories while you wait for your first TNS newsletter.
In with the new and out with the old! The final version of Kubernetes for 2023 was posted last week, and this release, version 1.29, comes with several new dynamic capabilities, as well as the dispatching of a few pokey legacies that were slowing things down.
On their way out are the remaining in-tree integrations with cloud providers, as well as reliance on the antiqued iptables. And on the new-ish side of things, users can start testing a technology that can right-size their containers to specific workload needs, and another to ensure service mesh sidecars stick around to the very end collecting all the operational lifecycle of an application.
Overall, v1.29 comes with 49 enhancements: Eleven are stable new features, 19 are fresh beta projects and 19 have graduated to Alpha.
On Friday, the Cloud Native Computing Foundation YouTube presentation to review the new release, nicknamed “Mandala” to represent the global effort, and reach of this project.
Here are a few of the highlights:
The sexiest new feature has to be the In-Place Update of Pod Resources (KEP-1287), a dynamic pod expansion capability. This will give operators the ability to adjust CPU and memory resource configurations on the fly.
Since the PodSpec’s Container Resources is immutable, hitherto the only way to change the memory or CPU resources is to restart the container — not a desirable option for cloud native workloads, and can be fatal for stateful batch programs.
“This has been a really long-awaited enhancement,” said Nina Polshakova, Kubernetes 1.29 enhancement lead, in the presentation.
If a pod is underpowered, more memory or CPU can be applied. Likewise, if it is using too many resources it can be slimmed down without being shut down altogether.
This feature is still in Alpha status and has been under development for a while. Version 1.29 is the first to support Windows containers.
Typically, Kube-Proxy relies on Linux kernel iptables to keep all the rules around network packet forwarding, and this is becoming problematic for a number of reasons
The Linux community has long wanted to replace IPtables for a number of reasons. Making a single change to iptables would require a reload of an entire table. Also, each packet for each service would have to pass through all the filters, slowing even single actions. Plus, development on iptables has largely slowed, and kernel developers have moved their energies to nftables. K8s devs tried a number of workarounds, though none panned out.
It is deprecated in Red Hat Enterprise Linux and is no longer required for Debian.
Thanks to work from the SIG Network group. KubeProxy can now use the successor to iptables, nftables, which has been available since Linux Kernel 3.13 (KEP-3866).
The nftables for kube-proxy are still in alpha stage, and hence still under development, Polshakova said.
The previous version of Kubernetes, v1.28, made sidecars a first-class citizen with their own designation and the ability to stay online for the full lifecycle of the pod. This new release moves that capability into beta mode, making it worth a look for future planning.
Other features called out in the presentation include:
The release team, led by Priyanka Saggu, worked on 1.29 for 14 weeks (Sept. 6 to Dec. 5), managing contributions from 796 companies and 1,271 individuals, according to the CNCF K8s DevStats project.
Kubernetes 1.29 is available for download on GitHub, and can also be installed with kubeadm.
The full CNCF presentation can be enjoyed here:
