Kubernetes 1.33 stabilizes 24 features and brings numerous innovations

Contents

Kubernetes is now available in version 1.33, which is the first minor release this year, as planned. The container orchestration presents 24 existing features as stable, while the alpha and beta functions have been added. However, this version also marks the beginning of the departure of some outdated features, including the Endpoints API. The theme this time is “Octarine: The Color of Magic^”, inspired by Terry Pratchett's “Discworld” series of novels.

Generally available: backoffLimit, --subresource and .spec.successPolicy

The backoffLimit parameter in Kubernetes jobs is used to specify the number of retries before an entire job is considered to have failed. As a stable feature, the backoff limits can now be defined for indexed jobs, depending on the index. This means that each index within an indexed job can have its own backoff limit, giving developers finer-grained control. Failure of a specific index will then not lead to premature failure of the entire job.

Another feature that is now generally available is .spec.successPolicy. This allows you to define which pod indices must be successful(succeededIndexes), how many pods must be successful(succeededCount) or a combination of both. This should benefit different workloads, including simulations in which partial completion is sufficient.

In addition to other features, --subresource has now also reached stable status. This is an argument for kubectl subcommands such as get, patch, edit, apply or replace to retrieve and update subresources for all resources that support them.

New alpha and beta features

In Kubernetes 1.14, introduced in 2019, support for Direct Service Return (DSR) on Windows has entered the beta phase. This feature serves to optimize performance: Return traffic that is routed through the load balancer can bypass the load balancer through DSR and respond directly to the client. This reduces the load on the load balancer and lowers the overall latency.

The SupplementalGroupsPolicy is somewhat newer: available since Kubernetes 1.31, it has now reached the beta phase and is activated by default. The function is intended to help ensure that implicit group memberships of container images do not lead to unintended file access authorizations and can bypass policy controls.

The new alpha features include a configurable tolerance for HorizontalPodAutoscalers. This is intended to mitigate scaling reactions to small metric variations. In addition, node topology labels are available via the Downward API. This alpha function is intended to simplify the way in which workloads access node topology information.

Farewell to the original Endpoints API

In the current Kubernetes release, some functions are considered deprecated or have been removed entirely. Many of these changes have already been discussed in advance on the Kubernetes blog. The Kubernetes team follows a few rules: Among other things, it only marks stable APIs as deprecated as soon as a newer, stable version is available. An outdated API will continue to work until it is removed, but a warning will appear.

In version 1.33, this affects the Endpoints API, among others. The newer EndpointSlices API, which has been stable since Kubernetes 1.21 and offers additional functions such as dual-stack networking, is available as a replacement. This deprecation should only impact developers who use the Endpoints API directly from workloads or scripts. They are encouraged to migrate to the EndpointsSlices API.

The status.nodeInfo.kubeProxyVersion is completely omitted. The value of this field – the version information for kube-proxy in node status – was set by kubelet, but was not consistently accurate. It was already marked as deprecated with Kubernetes 1.31 and has been disabled by default since then. In addition, host network support for Windows pods – is no longer available, a feature that had encountered unexpected difficulties with containerd and had never reached stable status. The progress can be tracked in the GitHub issue.

For more information, see the announcement of version 1.33 on the Kubernetes blog and the changelog on GitHub.

(mai)