The new Kubernetes v1.31.0 is here: what's new, and why should I care?

Kubernetes v1.31 is more than just a collection of new features and improvements; it's a testament to the project's commitment to constant evolution, improved user experience, and enhanced security. Whether you're a seasoned Kubernetes veteran or just starting your journey, v1.31 has something to offer everyone. So, why wait? Dive in, explore, and experience the power and flexibility of Kubernetes v1.31

Ok, Enough blah-blah. Get straight to the point!

Every Kubernetes release has its stars, and v1.31 is no exception. Let's shine the spotlight on a few game-changers:

In-Tree Cloud Providers? Out the Window!

This is the tech equivalent of that band you've been following since their garage days finally hitting it big. Kubernetes is going cloud-agnostic! v1.31 bids farewell to all in-tree integrations with cloud providers. This externalization process is a massive leap towards a truly vendor-neutral Kubernetes, freeing it from the shackles of specific cloud environments.

PersistentVolume Reclaim Policy: Now With Teeth!

Remember when you set a PersistentVolume Reclaim Policy and it felt more like a suggestion than a rule? Those days are gone. v1.31 introduces deletion protection finalizers to ensure your policy is actually enforced. Finally, you can trust that your precious data will be handled according to your wishes.

Kubectl Debug Gets a Custom Profile Makeover

Debugging shell-less base images just got a whole lot smoother. v1.31 introduces a custom profile option for the kubectl debug command, allowing you to mount data volumes and other resources directly into your debug container. It's like having a backstage pass to troubleshoot your applications with ease.

Apps in Kubernetes 1.31: Feature Fiesta

Kubernetes isn't just about infrastructure; it's about empowering your applications. Here's how v1.31 levels up your app game:

PodDisruptionBudgets Get Healthy (Policy, That Is)

Say goodbye to those awkward moments when unhealthy pods hog resources and mess with your scaling. v1.31 introduces the PodHealthyPolicy for PodDisruptionBudgets (PDB), allowing you to specify whether only healthy pods should be considered when enforcing disruption limits. It's like a bouncer for your cluster, ensuring only the healthy and ready get through.

StatefulSets: Masters of Their Own Domain (and Ordinal Numbering)

Migrating StatefulSets just got a whole lot less stressful. v1.31 empowers StatefulSets to control their own start replica ordinal numbering, paving the way for seamless migrations across namespaces and clusters without the drama of downtime or manual reschedules. It's like giving your StatefulSets a first-class ticket to their destination.

Job Success/Completion Policy: Defining Your Own Victory

Who says Kubernetes should dictate what success looks like for your jobs? v1.31 puts you in the driver's seat with the ability to define custom success and completion policies for Indexed Jobs. This is particularly handy for batch workloads where success might not mean all indexes completing. It's like having a custom finish line for your batch processing marathons.

CLI in Kubernetes 1.31: Streamlining Your Command-Line Kung Fu

The Kubernetes CLI is your trusty sidekick for managing clusters. v1.31 gives it some slick upgrades:

SPDY Out, WebSockets In: A Networking Glow Up

Kubernetes is embracing the future of web communication by shifting from SPDY to WebSockets. v1.31 introduces a WebSocketExecutor to kubectl, enabling faster and more efficient communication with the Kubernetes API server. It's like upgrading your dial-up connection to fiber optic.

Kustomize: Flying Solo (Eventually)

While deferred for now, the plan to decouple kustomize from kubectl is still on the horizon. This separation allows each tool to evolve at its own pace, preventing version mismatches and streamlining the kubectl codebase. It's like that amicable breakup where everyone agrees it's for the best.

Kubectl Preferences: Separation Anxiety No More

Mixing user preferences with cluster configs is so last release. v1.31 introduces the kuberc file, a dedicated space for storing your kubectl preferences. Now you can keep your personal settings separate from cluster-specific configurations, preventing accidental overwrites and simplifying preference management. It's like having a separate drawer for your socks and your shirts.

Kubernetes v1.31 Instrumentation: Keeping a Closer Eye on Things

Monitoring and metrics are crucial for keeping your cluster running smoothly. v1.31 brings some notable enhancements in this area:

Metric Cardinality Enforcement: Taming Those Runaway Metrics

Uncontrolled metric cardinality can quickly turn into a resource nightmare. v1.31 introduces metric cardinality enforcement, giving cluster administrators the power to define limits and prevent runaway metrics from consuming all your resources. It's like putting a governor on a speed demon, ensuring everything runs within safe limits.

Networking in Kubernetes 1.31: Smoother Connections, More Control

Networking is the backbone of any Kubernetes cluster, and v1.31 brings some significant improvements:

Ingress Connectivity: Kube-Proxy Gets a Reliability Boost

v1.31 introduces connection draining for terminating nodes and improves health checks for Kube-proxy, leading to more reliable ingress connectivity for your applications. It's like having a traffic cop directing traffic smoothly, even during rush hour.

Traffic Distribution: Fine-Tuning Your Routing

v1.31 gives you more control over how traffic flows through your cluster with the addition of the trafficDistribution field in the Service specification. This allows you to specify preferences for routing traffic, such as preferring topologically closer endpoints. It's like having a GPS for your cluster traffic, guiding it along the most efficient routes.

Multiple Service CIDRs: IP Address Abundance

Running out of Service IPs is a thing of the past. v1.31 introduces ServiceCIDR and IPAddress objects, allowing you to dynamically expand your available Service IP address space. It's like adding lanes to a highway, accommodating more traffic without breaking a sweat.

Kubernetes v1.31 Nodes: Swap Support, Cgroups, and AppArmor, Oh My!

At the heart of every Kubernetes cluster are the worker nodes. v1.31 introduces some fundamental changes to how nodes operate:

Node Memory Swap Support: Breathing Room for Your Workloads

Swap memory finally gets the recognition it deserves in Kubernetes. v1.31 introduces node-level swap support, giving you the flexibility to utilize swap space and potentially improve the performance of your workloads. It's like giving your nodes a shot of espresso, allowing them to handle bursts of activity with ease.

Cgroup v1: Time for a Retirement Party

Cgroup v1 has served us well, but it's time to pass the torch. v1.31 transitions cgroup v1 support into maintenance mode, paving the way for the adoption of the more powerful and efficient cgroup v2. It's like upgrading from a rotary phone to a smartphone—a necessary evolution.

AppArmor Support: Locking Down Your Containers

Security-conscious Kubernetes users rejoice! v1.31 introduces native AppArmor support, allowing you to define fine-grained security profiles for your containers and pods. This adds an extra layer of protection to your workloads, limiting their capabilities and mitigating the impact of potential security breaches. It's like having a security detail for your containers, ensuring they play by the rules.

Scheduling in Kubernetes: Affinity Gets Refined

Efficient scheduling is crucial for optimizing resource utilization. v1.31 brings some welcome refinements to Pod affinity:

PodAffinity and PodAntiAffinity Get More Selective

Say goodbye to the days of clunky Pod affinity rules. v1.31 introduces MatchLabelKeys and MismatchLabelKeys for PodAffinityTerm, giving you more granular control over how Pods are co-located or spread across your cluster. It's like having a matchmaker for your Pods, ensuring they find their ideal neighbors (or avoid the ones they dislike).

Kubernetes Storage: PersistentVolume Timestamps, VolumeAttributesClass, and More

Storage is a critical aspect of any Kubernetes deployment, and v1.31 introduces some noteworthy enhancements:

PersistentVolume Timestamps: Keeping Track of Time's Passage

Managing PersistentVolumes just got easier. v1.31 adds a new timestamp field to PersistentVolumes, recording when they transition between different phases. This helps you understand the lifecycle of your volumes, simplify cleanup tasks, and gain insights into your storage usage patterns. It's like having a logbook for your volumes, tracking their journeys through the Kubernetes seas.

VolumeAttributesClass: Decoupling Attributes from Capacity

Gone are the days of managing storage attributes and capacity as a monolithic entity. v1.31 introduces the VolumeAttributesClass resource, allowing you to define and manage volume attributes like IOPS and throughput independently of capacity. This fine-grained control simplifies storage management and makes it easier to tailor storage resources to the specific needs of your workloads. It's like having a toolbox full of different storage options, allowing you to pick and choose the best fit for each job.

CSI Differential Snapshot: Optimizing Snapshots for Efficiency

Snapshots are essential for data protection, but they can be resource-intensive. While deferred for now, the planned CSI Differential Snapshot feature aims to optimize this process by allowing the retrieval of metadata for only the changed blocks between snapshots. This can significantly reduce the time and resources required for snapshot operations. It's like taking a snapshot of only the changes in a document instead of the entire document every time, saving time and space.

Other Notable Enhancements in Kubernetes 1.31

Kubernetes v1.31 is packed with numerous other enhancements and refinements. Here are a few highlights:

Bound Service Account Token Enhancements: Boosting Security and Traceability

v1.31 strengthens security by embedding Node information into bound service account tokens, making them more difficult to misuse. Additionally, it introduces UUIDs for tokens, improving the traceability of API server requests. It's like adding tamper-proof seals and tracking numbers to your tokens, enhancing security and accountability.

Mutating Admission Policies: CEL-ebrating Flexibility

v1.31 takes another step towards simplifying admission control with the introduction of mutating admission policies using CEL (Common Expression Language). This provides a more efficient alternative to mutating admission webhooks for common tasks like setting labels or injecting sidecar containers. It's like having a set of programmable rules for automatically modifying resources as they enter your cluster.

Elastic Indexed Jobs: Scaling with Grace

v1.31 introduces more flexibility for managing Indexed Jobs by allowing you to modify the desired number of completions (spec.completions) dynamically. This makes it easier to scale your batch processing workloads up or down without disrupting the job's progress. It's like having an accordion for your Indexed Jobs, expanding or contracting to accommodate varying workloads.

Links and sources:

kubernetes/CHANGELOG/CHANGELOG-1.31.md at master · kubernetes/kubernetes

Production-Grade Container Scheduling and Management - kubernetes/kubernetes

GitHubkubernetes

Kubernetes 1.31 - What’s new?

Kubernetes 1.31 is nearly here, and it’s full of exciting major changes to the project! So, what’s new in this upcoming release?

SysdigNigel Douglas