“K8S Ecology Weekly” mainly contains some recommended weekly information related to K8S ecology that I have come into contact with. Welcome to subscribe zhihu column “K8S Ecology”.
Docker CE V19.03.8 released
This is a temporary addition to the security update to improve on previous fixes to CVE-2019-14271.
In September last year, I published K8S ecological weekly | Harbor v1.9 bring many new features , I have introduced Docker v19.03.1 release basically is to repair the CVE – 2019-14271 holes.
Although this is a security update, I do not recommend you upgrade to v19.03.8 immediately unless you are not using Docker’s file system recognition features. For details, please refer to my weekly report released last week K8S ecological weekly | Docker v19.03.7 release.
In v19.03.7, the Backing Filesystem is displayed as unknown when executing the docker info command.
I have fixed the problem and it was planned to be released in V19.03.8, but it coincides with this security update, so it is now delayed to release in V19.03.9, please look forward to it.
Helm v3.1.2 release
The Helm released version v3.1.2 this week, the second Bugfix version of Helm V3.1. There are two things worth noting in this release:
- # 7674When using
APIVersionV2When performinghelm packagewillChart.lockPack it too. This will make the Helm package easier to distribute and the problem of relying on versions easier; - # 7661 为
helm upgradeAdd one--skip-crdsOption to allow skipping CRDs;
In addition, there are some minor fixes and changes. Interested friends can refer to ReleaseNote or directly upgrade the experience.
Kubernetes has been released in several versions
Several versions of Kubernetes were released this week, including V1.15.11, V1.16.8 and V1.17.4. Similar to the previous situation, the content is mainly related to the SIG Cloud Provider, which is not discussed here. In my opinion, there are two things worth noting:
- #88079 Fixed an issue where Kubelet could crash during client certificate rotation.
The main problem is that there is a bug in the code handling the connection. In practice, Kubelet will crash abnormally when this happens. We usually use something like Systemd to manage kubelet and add an automatic restart that will pull it up again.
So overall, the possibility of being affected by this bug is not big, but it is recommended to upgrade.
- #88505 fixed a kubelet logic for modifying the Pod state
Please refer to ReleaseNote V1.15.11 v1.16.8 and V1.17.4
Progress in the upstream
- # 88004Officially added
kubectl alpha debugCommand to debug resources in Kubernetes, but please note that this command is still in alpha and will change later; - # 88758Hidden in the
kubectl describe中kubectl.kubernetes.io/last-applied-configurationThe relevant output can be effectively shortenedkubectl describeOutput content, very useful; - # 88240In the implementation
kubectl get pods“, Pod hasNotReadyIn the state. In fact, it is the originalRunningIf a Pod has been started but does not meet the condition, it will be displayed asNotReadyThe state of.
digression
Do a little research, is there any dissatisfaction with the current Docker experience on Linux/macOS/Windows? Would it improve the user experience or lower the barriers to entry if they all had a unified GUI? Welcome to leave comments and discuss
Please feel free to subscribe to my official account [MoeLove]
