Kubernetes Podcast from Google

Kubernetes v1.29, with Priyanka Saggu

Dec 13, 2023

Priyanka Saggu, Kubernetes v1.29 release lead, discusses the new features and enhancements of the release. The interview also covers address encryption in Kubernetes APIs, the trend of treating vendor-specific functionalities as plugins, and reflections on the past year of the podcast.

01:14:17

Creator website

Episode guests

Priyanka Saggu

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

Kubernetes v1.29 introduces in-place update of port resources for dynamic modification, sidecar containers for convenient network and storage sharing, and KMS V2 improvements for increased security and control over secrets.

The Mandala theme in Kubernetes v1.29 represents the community-driven release process, while the NFTables QProxy Backend presents a potential successor to IP tables for configuring packet forwarding rules.

Kubernetes v1.29 addresses security concerns with the Legacy Service Account Token Cleanup and introduces the NFTables QProxy Backend as a successor to IP tables for enhanced networking capabilities.

Deep dives

Kubernetes 1.29 Release: Major Enhancements and Graduations

Kubernetes version 1.29 brings a variety of significant enhancements and feature graduations. One notable improvement is the in-place update of port resources, which allows for dynamic modification of resource allocation without restarting the port. This feature promotes efficient resource utilization. Additionally, the introduction of sidecar containers in Beta allows for convenient network and storage sharing within pods, enhancing capabilities for tasks like collecting logs and intercepting traffic. Another important update is the KMS V2 improvements, which focus on securing API data in ECD through address encryption. These enhancements provide increased control over secrets and improve security in Kubernetes deployments. These are just a few highlights of the 49 enhancements in this release, offering new alpha and stable features to explore and leverage in Kubernetes deployments.

Introduction

2min

News updates and introduction of Priyanka Sagu, the release lead for Kubernetes 1.29

4min

Kubernetes 1.29 Release Theme: Mandala

24min

Address Encryption in Kubernetes APIs

29min

Discussion about the Interview and Podcast Theme

3min

Kubernetes v1.29 Release and Plugin Flexibility

11min

Reflections on the Past Year and Holiday Plans

2min

In this episode we interviewed Priyanka Saggu, Kubernetes v1.29 release lead and SIG ContribEx Tech Lead. We spoke about the release, the new features and enhancements, and more.

Do you have something cool to share? Some questions? Let us know:

- web: kubernetespodcast.com

- mail: kubernetespodcast@google.com

- twitter: @kubernetespod

News of the week

Kyverno completes third-party security audit

Google Deepmind Introduction to Gemini

Google launches Gemini - The Verge

Linux Foundation Newsletter: November 2023

High Performance Software Foundation (HPSF) Founding Announcement
App Defense Alliance joins Joint Development Foundation under the Linux Foundation

Open Source Summit North America 2023 CFP (closes January 14, 2024)

Links from the interview

Kubernetes v1.29 release information page on k8s.dev

Removals, Deprecations, and Major Changes in Kubernetes 1.29

Release Blog - Kubernetes v1.29: Mandala

Breaking changes

KEP 2395: Removing In-Tree Cloud Providers (SIG Cloud Provider, Beta)

Kubernetes v1.28 on the Kubernetes Podcast from Google - discussion of removal of in-tree storage plug-ins

Major Changes

KEP 1287: In-Place Update of Pod Resources (SIG Node, Alpha)

Support in-place Pod vertical scaling in VPA

KEP 753: Sidecar Containers (SIG Node, Beta)

Stable

KEP 3299: KMS v2 Improvements OR KMSv2 (SIG Auth)

SIG Etcd on the Kubernetes Podcast from Google

KEP 2485: ReadWriteOncePod PersistentVolume Access Mode (SIG Storage, SIG Scheduling)
KEP 727: Kubelet Resource Metrics Endpoint (SIG Instrumentation)

“The Kubelet Summary API is a source of both Resource and Monitoring Metrics. Because of it’s dual purpose, it does a poor job of both.”

Beta

KEP 2799: Reduction of Secret-based Service Account Tokens (SIG Auth)

Alpha

KEP 3866: nftables kube-proxy backend (SIG Network)

[KCSNA 2023] Iptables the end of an era - Dan Winship, Antonio Ojea

Links from the post-interview chat

Kaslin’s blog about “Out of Tree” Kubernetes