Completing the largest migration in Kubernetes history

Since as early as Kubernetes v1.7, the Kubernetes project has pursued the ambitious goal of removing built-in cloud provider integrations (KEP-2395). While these integrations were instrumental in Kubernetes’ early development and growth, their removal was driven by two key factors: the growing complexity of maintaining native support for every cloud provider across millions of lines Read more about Completing the largest migration in Kubernetes history[…]

From Code to Quill: Embark on a Legendary Kubernetes Quest with SIG Docs

You’ve likely heard the adage, “Contributing isn’t just about writing code”, whispered in forums or seen etched into the digital walls of open source communities. But what depth of truth lies within this ancient wisdom, especially in the vast, evolving world of Kubernetes? Today, contributing to open source extends far beyond the realm of coding. Read more about From Code to Quill: Embark on a Legendary Kubernetes Quest with SIG Docs[…]

Kubernetes 1.30: Preventing unauthorized volume mode conversion moves to GA

With the release of Kubernetes 1.30, the feature to prevent the modification of the volume mode of a PersistentVolumeClaim that was created from an existing VolumeSnapshot in a Kubernetes cluster, has moved to GA! The problem The Volume Mode of a PersistentVolumeClaim refers to whether the underlying volume on the storage device is formatted into Read more about Kubernetes 1.30: Preventing unauthorized volume mode conversion moves to GA[…]

Kubernetes 1.30: Multi-Webhook and Modular Authorization Made Much Easier

With Kubernetes 1.30, we (SIG Auth) are moving Structured Authorization Configuration to beta. Today’s article is about authorization: deciding what someone can and cannot access. Check a previous article from yesterday to find about what’s new in Kubernetes v1.30 around authentication (finding out who’s performing a task, and checking that they are who they say Read more about Kubernetes 1.30: Multi-Webhook and Modular Authorization Made Much Easier[…]

Kubernetes 1.30: Structured Authentication Configuration Moves to Beta

With Kubernetes 1.30, we (SIG Auth) are moving Structured Authentication Configuration to beta. Today’s article is about authentication: finding out who’s performing a task, and checking that they are who they say they are. Check back in tomorrow to find about what’s new in Kubernetes v1.30 around authorization (deciding what someone can and can’t access). Read more about Kubernetes 1.30: Structured Authentication Configuration Moves to Beta[…]

Kubernetes 1.30: Validating Admission Policy Is Generally Available

On behalf of the Kubernetes project, I am excited to announce that ValidatingAdmissionPolicy has reached general availability as part of Kubernetes 1.30 release. If you have not yet read about this new declarative alternative to validating admission webhooks, it may be interesting to read our previous post about the new feature. If you have already Read more about Kubernetes 1.30: Validating Admission Policy Is Generally Available[…]

Kubernetes 1.30: Read-only volume mounts can be finally literally read-only

Author: Akihiro Suda (NTT) Read-only volume mounts have been a feature of Kubernetes since the beginning. Surprisingly, read-only mounts are not completely read-only under certain conditions on Linux. As of the v1.30 release, they can be made completely read-only, with alpha support for recursive read-only mounts. Read-only volume mounts are not really read-only by default Read more about Kubernetes 1.30: Read-only volume mounts can be finally literally read-only[…]

Kubernetes 1.30: Beta Support For Pods With User Namespaces

Authors: Rodrigo Campos Catelin (Microsoft), Giuseppe Scrivano (Red Hat), Sascha Grunert (Red Hat) Linux provides different namespaces to isolate processes from each other. For example, a typical Kubernetes pod runs within a network namespace to isolate the network identity and a PID namespace to isolate the processes. One Linux namespace that was left behind is Read more about Kubernetes 1.30: Beta Support For Pods With User Namespaces[…]

Kubernetes v1.30: Uwubernetes

Editors: Amit Dsouza, Frederick Kautz, Kristin Martin, Abigail McCarthy, Natali Vlatko Announcing the release of Kubernetes v1.30: Uwubernetes, the cutest release! Similar to previous releases, the release of Kubernetes v1.30 introduces new stable, beta, and alpha features. The consistent delivery of top-notch releases underscores the strength of our development cycle and the vibrant support from Read more about Kubernetes v1.30: Uwubernetes[…]