Authors: Abdullah Gharaibeh (Google), Aldo
Culquicondor (Google) Whether on-premises or in the cloud, clusters
face real constraints for resource usage, quota, and cost
management reasons.Regardless of the autoscalling capabilities,
clusters have finite capacity.As a result, users want an easy way
to fairly and efficiently share resources. In this article, we
introduce Kueue, an open source job queueing controller
designed to manage batch jobs as a single unit.Kueue leaves
pod-level orchestration to existing stable components of
Kubernetes.Kueue natively supports the Kubernetes Job API and offers
Authors: Rodrigo Campos (Microsoft), Giuseppe
Scrivano (Red Hat) Kubernetes v1.25 introduces the support for user
namespaces. This is a major improvement for running secure
workloads in Kubernetes.Each pod will have access only to a limited
subset of the available UIDs and GIDs on the system, thus adding a
new security layer to protect from other pods running on the same
system.
How does it work?
A process running on Linux can use up to 4294967296 different UIDs and GIDs. User namespaces is a Linux feature that allows
Author: Alexander
Zielenski (Google) Immutable fields can be found in a few
places in the built-in Kubernetes types.For example, you can't
change the
.metadata.name of an object.Specific
objects have fields where changes to existing objects are
constrained;for example, the .spec.selector of a
Deployment. Aside from simple immutability, there are other common
design patterns such as lists which are append-only, or a map with
mutable values and immutable keys. Until recently the best way to
restrict field mutability for CustomResourceDefinitions has been to
Author: Jiawei Wang (Google) The Kubernetes
in-tree storage plugin to Container Storage Interface (CSI) migration
infrastructure has already been beta since v1.17.CSI migration was introduced
as alpha in Kubernetes v1.14.Since then, SIG Storage and other
Kubernetes special interest groups are working to ensure feature
stability and compatibility in preparation for CSI Migration
feature to go GA. SIG Storage is excited to announce that the core
CSI Migration feature is generally available in
Kubernetes v1.25 release! SIG Storage wrote a
Authors: Joe Betz (Google), Cici Huang (Google), Kermit Alexander (Google)
In Kubernetes 1.25, Validation rules for CustomResourceDefinitions (CRDs) have graduated to Beta!
Validation rules make it possible to declare how custom resources are validated using the Common Expression Language (CEL).For example:
Weitere Beiträge ...
- Blog: Kubernetes 1.25: Use Secrets for Node-Driven Expansion of CSI Volumes
- Blog: Kubernetes 1.25: Local Storage Capacity Isolation Reaches GA
- Blog: Kubernetes 1.25: Two Features for Apps Rollouts Graduate to Stable
- Blog: Kubernetes 1.25: PodHasNetwork condition for pods
- Blog: Announcing the Auto-refreshing Official Kubernetes CVE Feed
Seite 11 von 19