The Transformation of Kubernetes with Planternetes

Overview

The world of container orchestration has been evolving rapidly, and Kubernetes (often referred to as K8s) has firmly established itself as the go-to solution for managing containerized applications. However, even as Kubernetes continues to dominate the container orchestration landscape, it is constantly evolving, with new features and tools emerging to make the management of Kubernetes clusters more efficient and accessible. One such innovative development is the arrival of “Planternetes,” a concept that promises to redefine how we manage Kubernetes clusters. In this blog, we’ll explore the Transformation’s in K8s.

Pioneers in Cloud Consulting & Migration Services

Reduced infrastructural costs
Accelerated application deployment

Get Started

Introduction

With the arrival of Kubernetes version 1.28, a whirlwind of advancements sweeps in, numbering 45 improvements. Among these enhancements, 19 stride into the realm of Alpha, while 14 proudly elevate to Beta, and a solid 12 bask in the glory of achieving Stable status.

Sailing under the banner of “Planternetes,” Kubernetes v1.28 unfurls its sails with a new theme and logo, symbolizing the fusion of planning and growth that lies at the core of every Kubernetes release.

The release journey is replete with dynamic growth, trials, and prospects. The Planternetes theme pays homage to the meticulous nurturing, intention, and endeavors that have steered this release to its present state. Together, our efforts flourish in unity.

Highlighting the Transformation in K8s

Evolving Supported Skew Between Control Plane and Node Versions

Kubernetes v1.28 extends supported skew, allowing core node and control plane components to differ by one minor version (from n-2 to n-3).
This reduces disruptions during node maintenance and decreases downtime for maintenance, benefiting long-running workloads.
Users can choose the latest patch versions for security and conduct up to three minor version upgrades each year.
A single minor version update annually is possible, preserving upstream support and providing a balanced option.
Users preferring more frequent cluster upgrades are also supported.

Enabling Recovery from Non-Graceful Node Shutdowns

In Kubernetes v1.28, stability includes improved recovery from unforeseen or irreparable node shutdowns. In sudden node failures or permanent hardware/OS issues, Kubernetes enables better recovery by smoothly transitioning stateful workloads to other nodes. This is a valuable feature when original nodes malfunction due to factors like incomplete shutdown handling, especially in Linux environments lacking graceful shutdown support. Certain scenarios, like Windows nodes or Linux nodes using different init systems, not triggering system inhibitor locks, or facing configuration errors, could still disrupt this process. Nonetheless, Kubernetes v1.28’s enhanced recovery capability ensures greater resilience and uninterrupted operation despite unexpected node incidents.

Enhanced CustomResourceDefinition Validation Rules

Kubernetes v1.28 introduces enhanced CustomResourceDefinition (CRD) validation rules by integrating the Common Expression Language (CEL). This beta feature simplifies the validation process and allows CRD authors to embed validation expressions directly into the CRD schema, eliminating the need for complex webhook design.

Two additional fields, reason, and fieldPath, enable authors to specify failure reasons and field paths in instances of validation failure.

This shift towards CEL-based validation enhances CRD authoring experiences and aligns with best practices.

Graduation of ValidatingAdmissionPolicies to Beta

Kubernetes v1.28 introduces the beta graduation of ValidatingAdmissionPolicies, a dynamic feature driven by the Common Expression Language (CEL) that empowers customizable, in-process validation of requests directed at the Kubernetes API server. This advancement resonates with Kubernetes users striving for greater flexibility and conformity to best practices.

To embrace ValidatingAdmissionPolicies, users must enable the admissionregistration.k8s.io/v1beta1 API group and the ValidatingAdmissionPolicy feature gate within their cluster’s control plane. This integration strengthens policy compliance across the ecosystem.

Refined Match Conditions for Admission Webhooks

Kubernetes v1.28 enhances the capacity for specifying match conditions when triggering admission webhooks. The matchCondition field, originally featured in Kubernetes v1.27, evolves to beta status in v1.28, reflecting its enhanced functionality and reliability.

Within ValidatingWebhookConfiguration and MutatingWebhookConfiguration, the matchCondition field surfaces as a CEL expression that governs whether an admission request triggers a remote HTTP call. Enabling the matchCondition field by default in Kubernetes v1.28 solidifies its position as a vital tool for optimizing webhook-triggered actions based on specific criteria.

Beta Support for Enabling Swap Space on Linux

A beta feature unfurls in Kubernetes v1.28, offering support for swap space on Linux nodes. This support arrives with meticulous control, granting Kubernetes users the ability to conduct testing and accumulate data in their quest to enhance cluster capabilities atop the framework of swap memory.

The two distinct user groups:

Node administrators seek improved node-level performance and stability, often to mitigate issues like noisy neighbors.
Application developers crafting applications poised to benefit from utilizing swap memory.

The measured inclusion of swap support promotes controlled experimentation and data gathering, underlining Kubernetes’ commitment to meeting diverse user needs.

Pioneering Mixed Version Proxy

Kubernetes v1.28 introduces the mixed version proxy, an alpha mechanism that navigates clusters with multiple API servers of varying versions. It resides within the API server’s aggregation layer. It directs requests to compatible API servers, ensuring seamless interactions even during periods of version skew and proving invaluable during cluster upgrades or rollouts.

The mixed version proxy fosters a smoother user experience by concealing intricate version dynamics.

Revamped Source Code Organization for Control Plane Components

Kubernetes contributors embark on a transformative journey in Kubernetes v1.28 as they commence a strategic code reorganization for the kube-apiserver. This reorganization revolves around a new staging repository that harnesses k/apiserver as a foundation. This repository encompasses a curated subset of kube-apiserver functionality, rendering it reusable across distinct contexts.

API Awareness of Sidecar Containers

This alpha-level feature enhances the orchestration of sidecar containers by introducing a restartPolicy field for init containers, allowing main containers to proceed as soon as sidecar init containers meet specific criteria for completion.

Conclusion

Kubernetes v1.28 emerges as a beacon of progress, igniting a series of remarkable enhancements that redefine the landscape. This release streamlines operations, bolsters resilience, and fuels efficiency with features like enhanced CRD validation rules and the beta graduation of ValidatingAdmissionPolicies. The refined match conditions for admission webhooks and the introduction of a mixed version proxy exemplify Kubernetes’ commitment to seamless interactions and user-centered experiences.

Furthermore, the embrace of swap space on Linux nodes and the strategic source code reorganization spotlight Kubernetes’ adaptability and architecture refinement. This release paves the way for growth, efficiency, and uncharted possibilities in Kubernetes.

Drop a query if you have any questions regarding Kubernetes and we will get back to you quickly.

Making IT Networks Enterprise-ready – Cloud Management Services

Accelerated cloud migration
End-to-end view of the cloud environment

Get Started

About CloudThat

CloudThat is a leading provider of Cloud Training and Consulting services with a global presence in India, the USA, Asia, Europe, and Africa. Specializing in AWS, Microsoft Azure, GCP, VMware, Databricks, and more, the company serves mid-market and enterprise clients, offering comprehensive expertise in Cloud Migration, Data Platforms, DevOps, IoT, AI/ML, and more.

FAQs

1. How does Kubernetes v1.28 improve compatibility between control plane and node versions?

ANS: – Kubernetes v1.28 extends the supported skew, allowing the core node and control plane components to stretch by one minor version. This simplifies node maintenance and reduces downtime during upgrades.

2. How does Kubernetes v1.28 enhance recovery from non-graceful node shutdowns?

ANS: – Kubernetes v1.28 enhances stability by enabling recovery from unexpected node shutdowns. Stateful workloads can transition to alternate nodes, ensuring continuity even in node failures.

3. What is CEL-based validation in Kubernetes v1.28?

ANS: – Kubernetes v1.28 introduces enhanced CRD validation using the Common Expression Language (CEL). This allows authors to embed validation expressions directly into CRD schemas, simplifying the validation process.

WRITTEN BY Navneet Nirmal Toppo

Navneet is a Research Associate at CloudThat. He is a Microsoft Certified Solution Professional and a Certified Network Security Specialist and who has experience in AWS, Azure, GCP & vSphere. He is passionate about cloud computing, cybersecurity, and learning new cloud-native technologies who strives to provide the best cloud experience to clients through transparency.