Kubernetes by far has been one of the most active open-source projects in the cloud-native ecosystem. The maintainers are consistently working on releasing newer versions of Kubernetes that consist of new features, bug fixes, and enhancements. Soon Kubernetes v1.27 to be released with a lot of new updates for the community. In this blog, we will talk about the most interesting updates about the latest release that you should have your eye on.
Let’s get started with some of the exciting features and enhancements that k8s v1.27 brings to the table and how it can help solve some real-world problems.
What’s new in K8s v1.27
In this release, there are approximately more than ~ 60 enhancements consisting of new features, some features graduating to stable, and some existing features enhancements. Some of the major highlights of K8s v1.27 are:
TimeZone Support in CronJob #3140
TimeZone support in CronJob is a long-time requested feature and is now Graduating to Stable in this release. It will allow users to use their respective time zones for configuring and running the next job.
VolumeGroupSnapshot #3476
This capability will allow users to take snapshots of multiple Volumes used by an application. For eg, if your application is using different volumes let’s say - one for database, one for logs, and one for media files, in this case, VolumeGroupSnapshot can be useful to take the snapshot of all different volumes at the same time.
VolumeGroupSnapshot is a Net New feature Graduating to Alpha in 1.27
Multiple Service CIDRs #1880
In K8s v1.27, the whole process of service IP allocation has been revamped due to certain limitations on the current implementation. With this release, the users will be able to resize/ increase the range of IPs assigned to Services.
It is a Net New feature Graduating to Alpha and can be enabled in K8s v1.27 with a feature gate - MultiCIDRServiceAllocator: True
. By default, it would be disabled.
Auto-remove PVCs created by StatefulSet #1847
No more manual deletion of PVCs after the K8s v1.27 release. It was a long-time request and solves some great use cases. With this release, now PVCs can be automatically deleted once you delete the corresponding StatefulSet.
This feature is Graduating to Beta and would be available by default after the release.
In-Place Update of Pod Resources #1287
Currently, PodSpec is immutable with respect to the resources assigned. With the release of this feature, users would be able to modify the resources allocated and ability to control the pod getting restarted. Additionally, it also aims to extend the capabilities of PodStatus to show resources allocated to a Pod and provide information about actual resources applied to the Pod and its Containers.
It is Graduating to Alpha in v1.27 and features gate InPlacePodVerticalScaling: True
has to be enabled to use this feature.
Node log query #2258
Troubleshooting issues with the master plane is quite hectic for Kubernetes cluster administrators. For any issues related to API-server, kubelet, etc, users have to ssh into the master node and figure out the root cause. But with the release of this feature, users will be able to get the live streaming logs of API-server and other Linux services right in their worker node using `kubectl` commands.
It is a Net New feature Graduating to Alpha in v1.27 and can be enabled by using the feature gate i.e, NodeLogQuery: True
Retriable and non-retriable Pod failures for Jobs #3329
This feature will allow users to configure podFailurePolicy
in Job spec that helps in determining if the Job should run again or not. There are many cases where the pod is failed due to node error or application failure. In such cases, it would be really helpful to set up podFailurePolicy
instead of just re-triggering the job depending on the backoffLimit
set.
It is Graduating to Beta and would be enabled by default.
Add subresource support to kubectl #2590
With the release of this feature, users now will be able to perform kubectl operations like, get, patch, edit, and replace to update status
and scale
subresources. A new flag --subresource=[subresource-name]
would be introduced in this release that would help perform fetch and update operations.
It is Graduating to Beta with the v1.27 release
Default container annotation that to be used by kubectl #2227
With the release of this feature, a new annotation for pod has been added i.e, kubectl.kubernetes.io/default-container that specifies the default container to be chosen for commands like kubectl exec
, kubectl logs
, kubectl cp
or kubectl attach
.
It is Graduating to Stable with this release and would be available by default for use.
PodHealthyPolicy for PodDisruptionBudget #3017
With the current implementation of PodDisruptionBudget, it doesn’t account for the pods that are healthy or not. If there’s a pod running in your cluster, PDB might be preventing its deletion even if it's not Ready. With the release of this feature in v1.26, it introduces a few extra fields in spec and status to help you manage unhealthy pods.
It is Graduating to Beta with this release and would be available by default.
These are some of the cool enhancements and features that we feel might be helpful to keep an eye on. There are a lot more enhancements and features introduced in Kubernetes v1.27 that can be tracked by the enhancement tracking sheet available on GitHub.
Now let’s look around at some of the deprecation that comes with this hot release.
K8s v1.27 Deprecations
With the release of K8s v1.27, a few APIs, Feature Gates, and command line arguments are removed and no longer will be supported in the latest version. One of the most interesting highlights of K8s v1.27 is, the legacy K8s container registry i.e, k8s.gcr.io will no longer be supported.
K8s.gcr.io Container Registry Deprecated
Kubernetes project uses k8s.gcr.io to host all its container images but from March 20th onwards, all traffic has been redirected to a community-owned container registry, i.e, registry.k8s.io. With v1.27, the support of k8s.gcr.io is completely removed and all updates would be released in registry.k8s.io from here-onwards.
API Removed
- storage.k8s.io/v1beta1 is removed from CSIStorageCapacity
The API Version storage.k8s.io/v1beta1 of CSIStorageCapacity was deprecated in k8s v1.24 and will be completely removed from v1.27
Users can configure the manifests to use storage.k8s.io/v1, available since v1.24.
Feature Gates Removed
- ExpandCSIVolumes
- ExpandInUsePersistentVolumes
- ExpandPersistentVolumes
ControllerManagerLeaderMigration
- CSIMigration
- CSIInlineVolume
- EphemeralContainers
- LocalStorageCapacityIsolation
- NetworkPolicyEndPort
- StatefulSetMinReadySeconds
- IdentifyPodOS
- DaemonSetUpdateSurge
Command Line Arguments Removed
There are a few command-line arguments that were already deprecated in the previous version that is being removed with the release of v1.27.
- --master-service-namespace
- --enable-taint-manager
- --pod-eviction-timeout
- --container-runtime
For more detailed information about all the removals and major changes, feel free to explore the Kubernetes blog.