-
Notifications
You must be signed in to change notification settings - Fork 35
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #456 from kubernetes-sigs/20241124
Publish 11/24 issue
- Loading branch information
Showing
1 changed file
with
36 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,36 @@ | ||
| --- | ||
| layout: post | ||
| title: Week Ending November 24, 2024 | ||
| date: 2024-11-27 22:00:00 -0000 | ||
| slug: 2024-11-24-update | ||
| --- | ||
|
|
||
| ## Developer News | ||
|
|
||
| If you attended the Kubernetes Contributor Summit in Salt Lake City, please complete the [post-event survey](https://groups.google.com/a/kubernetes.io/g/dev/c/ZwEfU7TewXM). | ||
|
|
||
| SIG-Security shared [CVE-2024-10220](https://groups.google.com/a/kubernetes.io/g/dev/c/dyiF8nNlM1A), which allowed attackers to use a gitRepo volume for unauthorized file access. This vulnerability was patched in versions 1.31.0, 1.30.3, 1.29.7, and 1.28.12; if you are running older versions, please upgrade. | ||
|
|
||
| ## Release Schedule | ||
|
|
||
| **Next Deadline: Release Highlights completion, December 3rd** | ||
|
|
||
| Docs freeze is in effect as of Tuesday 26th November. We are now in the final phases of the v1.32 release cycle with the scheduled release date just two weeks away. | ||
|
|
||
| Kubernetes [v1.32.0-rc.0 is live!](https://groups.google.com/a/kubernetes.io/g/dev/c/mBnmSYH0B_g). v1.32.0-rc.1 is scheduled to be cut on Monday, December 3rd. | ||
|
|
||
| ## KEP of the Week | ||
|
|
||
| ### [KEP-3157: Allow informers for getting a stream of data instead of chunking](https://github.com/kubernetes/enhancements/blob/master/keps/sig-api-machinery/3157-watch-list/README.md) | ||
|
|
||
| This KEP addresses the kube-apiserver's vulnerability to excessive memory consumption caused by `LIST` requests in large clusters, which can lead to server crashes, node pressure, and workload disruption. To solve this, it proposes reducing temporary memory usage from an exponential scale to a manageable constant, leveraging the watch cache to reduce etcd load, ensuring consistent and fresh `LIST` responses, and maintaining backward compatibility—all while protecting the server and its node from `OOM scenarios` | ||
|
|
||
| This KEP is tracked for beta release in the ongoing v1.32 cycle. | ||
|
|
||
| ## Other Merges | ||
|
|
||
| * Validate DRA [Node Selector Labels](https://github.com/kubernetes/kubernetes/pull/128932) even on upgraded objects; while this is a backwards-incompatible change, it's not expected to break anything | ||
|
|
||
| ## Version Updates | ||
|
|
||
| * [golang to 1.23.3](https://github.com/kubernetes/kubernetes/pull/128852) in 1.32, and [to 1.22.9](https://github.com/kubernetes/kubernetes/pull/128912) in older releases |