Kubernetes v1.31: Here's what you should know about!

Kubernetes 1.31 is set to be released on August 14, 2024, bringing many new features and enhancements. This release includes 10 enhancements graduating to the stable stage, 20 in the beta stage, and 2 in the alpha stage, along with several new features.

Features Graduating to Stable Stage

1. AppArmor Support

  • Stage: Stable
  • Feature Group: sig-node

With AppArmor support, users can achieve more secure deployments and better auditing and security of their systems. AppArmor can be configured for any application to reduce the potential attack surface.

2. Random Pod Selection During ReplicaSet DownScaling

  • Stage: Stable
  • Feature Group: sig-apps

This feature introduces a randomized algorithm for selecting pods when downscaling replica sets. This approach helps maintain balance across failure domains after repeated up and down scales, preserving the system's stability.

3. Unhealthy Pod Eviction Policy for PDBs (PodHealthyPolicy for PodDisruptionBudget)

  • Stage: Stable
  • Feature Group: sig-apps

This policy allows users to specify actions for pods that are healthy but not ready while maintaining pod availability. It provides more granular control over pod eviction processes.

4. Allow StatefulSet to Control Start Replica Ordinal Numbering

  • Stage: Stable
  • Feature Group: sig-apps

This feature is useful for gradually migrating StatefulSet applications from the old StatefulSet with "N" pods to the new StatefulSet with "O" pods. The .spec.ordinals field can configure the integer ordinals assigned to each pod. If .spec.ordinals.start is set, pods will be assigned ordinals from .spec.ordinals. start-up to .spec.ordinals.start + replicas - 1.

5. Retriable and Non-Retriable Pod Failures for Jobs

  • Stage: Stable
  • Feature Group: sig-apps

This feature enhances job handling by retiring jobs based on exit codes or pod deletion. The Job API has been extended with user-friendly syntax to terminate jobs based on the end state of the failed pod.

6. Elastic Indexed Jobs

  • Stage: Stable
  • Feature Group: sig-apps

This improvement allows mutating spec.completions for Indexed Jobs if the updated value equals spec.parallelism. The success and failure semantics remain unchanged for jobs that do not alter spec.completions.

7. Kube-Proxy Improved Ingress Connectivity Reliability

  • Stage: Stable
  • Feature Group: sig-network

This enhancement introduces a more reliable mechanism for handling ingress connectivity for endpoints on terminating nodes and nodes with unhealthy kube-proxies, focusing on eTP services.

8. PersistentVolume Last Phase Transition Time

  • Stage: Stable
  • Feature Group: sig-storage

A new status field in PersistentVolume will hold a timestamp of when a PersistentVolume last transitioned to a different phase (pv.Status.phase). This helps cluster administrators take appropriate actions when a volume transitions to any phase.

Other Features and Enhancements Worth Mentioning in this Kubernetes Version:

  1. Kubelet Limit of Parallel Image Pulls
  • Stage: Beta
  • Feature Group: sig-node

With this feature, node-level limits can be set on the number of parallel image pulls. It includes some defaulting and validation logic:

  • A new integer field, maxParallelImagePulls, will be added to kubelet configuration, setting the maximum number of in-flight image pulls.
  • If both serialize-image-pulls and maxParallelImagePulls are not set, serialize-image-pulls will default to true, applying no limit on parallel pulls (defaulting maxParallelImagePulls to 1).
  • If serialize-image-pulls is not set and maxParallelImagePulls is set, serialize-image-pulls will depend on maxParallelImagePulls.
  • If both serialize-image-pulls and maxParallelImagePulls are set, validation ensures:
  • If serialize-image-pulls is true, maxParallelImagePulls should be nil or 1.
  • If serialize-image-pulls is false, maxParallelImagePulls should be larger than 0.

2. In-Place Update of Pod Resources

  • Stage: Beta
  • Feature Group: sig-node

This feature allows Pod resource requests and limits to be updated in place, without restarting the Pod or its containers. The core idea is to make PodSpec mutable with regards to resources, while PodStatus reflects resources allocated to a Pod and provides information about actual resources applied to the Pod and its containers.

3. Multiple Service CIDR

  • Stage: Beta
  • Feature Group: sig-network

This implementation introduces a new allocator logic using two new API objects: ServiceCIDR and IPAddress. It allows users to dynamically increase the number of service IPs available by creating new ServiceCIDRs. The new allocator can auto-assign IPs from any available ServiceCIDR. Several constraints ensure backward compatibility and avoid collisions with other APIs:

  • ServiceCIDR is immutable after creation.
  • ServiceCIDR can only be deleted if no IP is allocatable.
  • Overlapping ServiceCIDRs are allowed.
  • The API server ensures a default ServiceCIDR exists to cover service CIDR flags and the "kubernetes.default" Service.
  • All IPAddresses must belong to a defined ServiceCIDR.
  • Every Service with a ClusterIP must have an associated IPAddress object.
  • A ServiceCIDR being deleted cannot allocate new IPs.

This creates a one-to-one relationship between Service and IPAddress and a one-to-many relationship between ServiceCIDR and IPAddress. Overlapping ServiceCIDRs are merged in memory, with IPAddresses coming from any ServiceCIDR that includes that IP. The new allocator logic can also be used by other APIs, such as the Gateway API, enabling future administrative and cluster-wide operations on Service ranges.

4. Traffic Distribution for Services

  • Stage: Beta
  • Feature Group: sig-network

A new field, trafficDistribution, will be added to the Service Application. This field serves as a preference hint for the underlying implementation to consider while making routing decisions. It supports the following initial values:

  • PreferClose: Indicates a preference for routing traffic to endpoints that are topologically proximate to the client.
  • The absence of any value indicates no specific routing preference, allowing the implementation to apply a best-effort strategy.

5. Pod Level Resource Limits

  • Stage: Alpha
  • Feature Group: sig-node

This feature extends the Pod API to support Pod-level resource limits and requests for non-extended resources (CPU and memory), in addition to existing container-level settings. Pod-level resource requests and limits simplify resource management for multi-container pods, making it easier to gauge the collective resource usage of all containers in a pod rather than predicting each container's individual needs.

6. Consider Terminating Pods Deployment

  • Stage: Alpha
  • Feature Group: sig-apps

This new feature introduces a field, .spec.podReplacementPolicy, to deployments, allowing users to specify the desired behavior. The goal is to provide an option to either wait for pods to terminate before creating new pods or to create the pods immediately. Deployments and ReplicaSets should indicate the number of managed terminating pods in their status field.

7. Declarative Node Maintenance

  • Stage: Alpha
  • Feature Group: sig-apps

A new NodeMaintenance object signals an intent to gracefully remove pods from given nodes. The Evacuation API ensures graceful pod removal or migration, the ability to measure progress, and a fallback to eviction if progress is lost. The nodeMaintenance implementation also utilizes the existing node’s .spec.unschedulable field, preventing new pods from being scheduled on such nodes.

Conclusion

The Kubernetes 1.31 release marks a significant step forward in enhancing the robustness, security, and flexibility of Kubernetes deployments. With numerous features graduating to the stable stage, and a slew of new and improved functionalities in the beta and alpha stages, this release promises to provide developers and administrators with powerful tools to manage and optimize their clusters more effectively.

The Kubernetes v1.31 Release Theme is "Elli". Kubernetes v1.31's Elli is a cute and joyful dog, with a heart of gold and a nice sailor's cap, as a playful wink to the huge and diverse family of Kubernetes contributors. Check out the official release blog.

As always, the Kubernetes community continues to innovate and evolve, ensuring that Kubernetes remains the leading platform for container orchestration. We look forward to seeing how these new features and enhancements will be utilized to drive even greater success in your Kubernetes deployments.

Stay tuned for more updates and insights on the latest Kubernetes developments. Happy deploying!