Cloud Native Weekly: Kubernetes v1.28 officially released

Open source project recommendation

kurt

A Kubernetes plugin that provides contextual information about restarting content in a Kubernetes cluster.

Kubean

Kubean is a kubespray-based Kubernetes cluster lifecycle management tool.

k8sgpt

k8sgpt is a tool to scan Kubernetes clusters, diagnose and triage issues in plain English.

It weaves SRE experience into its analyzers, helping to extract the most relevant information, enriched by artificial intelligence.

Podinfo is a small web application developed in Go that demonstrates best practices for running microservices in Kubernetes. Podinfo is used by CNCF projects such as Flux and Flagger for end-to-end testing and workshops.

Article recommendation

Kubernetes 1.28: A security perspective

This post is a summary of the security enhancements introduced in Kubernetes version 1.28. The article introduces several security improvements:

CEL-based admission policies 和 webhook match conditions
Reduction of secret-based service account tokens
Ensure secret pulled images
Container image signature handling based on sigstore
KMS v2 improvements
Auth API to Get Self-User Attributes

Build a Kubernetes cluster - choose worker node size

This post discusses choosing worker node sizes when building a Kubernetes cluster. It compares the pros and cons of using fewer larger nodes versus more smaller nodes, and discusses resource allocation and efficiency, reliability and replication, scaling increments and time, and storage among worker nodes. question.

At the end of the article, the author puts forward some conclusions. It emphasizes the need to consider multiple factors when selecting the node size, including resource utilization efficiency, high availability requirements, horizontal expansion capabilities, and failure recovery efficiency. The article does not give a clear conclusion whether larger nodes should always be chosen, but instead suggests trade-offs and decisions on a case-by-case basis.

Cloud Native Dynamics

Kubernetes v1.28 officially released

Last week, Kubernetes v1.28 was officially released, with the theme of Planternetes, the second version in 2023!

This release contains 45 enhancements. Among them, 19 have entered the Alpha stage, 14 have been upgraded to the Beta stage, and 12 have been upgraded to the Stable version (Stable).

New features (main theme):

Support for deviation changes between control plane and node versions
General availability: recovering from non-graceful node shutdown
Improvements to CustomResourceDefinition validation rules
ValidatingAdmissionPolicies upgraded to beta
Matching conditions for admission webhook
Test support for enabling swap space on Linux (beta)
Mixed version agent (alpha version)
Source code reorganization of control plane components
CDI injection support for containers (alpha)
API awareness for sidecar containers (alpha version)
Automatically and retroactively assign default StorageClass Upgrades to Stable
Pod replacement strategy for jobs (alpha)
Backoff limit on job retries, distributed by index (alpha)
CRI container and pod stats, no need for cAdvisor

CNCF Announces Formation of End-User Technology Advisory Council

The CNCF End User Technical Advisory Board (TAB) was established recently.

The End User TAB is a groundbreaking initiative to ensure that the needs and perspectives of end users are adequately and effectively represented in CNCF community decision-making. This is part of our broader mission to drive the future of cloud-native technologies in a direction that works for all stakeholders.

The End User TAB, composed of representatives from End User members, will serve as a bridge between End Users and the various CNCF governance bodies, including the Governing Board (GB) and Technical Oversight Committee (TOC).

This article is published by OpenWrite, a multi-post platform for blogging !