Author | Xinsheng, your heart, into super, Yuan Yi Zhong source
Google: do not donate to any Knative Foundation
Knative since the project began, there has been doubt about whether Knative donated to the Foundation (eg CNCF) of. Google’s leadership has considered this and decided not to donate to any Knative Foundation for the foreseeable future.
containerd v1.3 released
After graduation CNCF first version, including extensions for Windows v2 runtime support, and Plugins related support (such as allowing Plugin is registered as a TCP Service and streaming plugin support), CRI interfaces compatible Kubernetes v1.12 +.
2019 Kubernetes Steering Committee elections are over
Total updated 4 seats (2-year term), the Commission is currently a total of seven seats. Updated seats redhat 2 Ming, google 1 Ming, Loodse 1 name.
CNCF trip report released Envoy project
Report highlights include: development rate (related dimensions: code commits / pull requests / issues filed / authors), the diversity of the code, the document extension (continues to increase and improve the project documentation).
CNCF announced Kubernetes Community Days is now accepting applications
Learn from project experience DevOpsDays and OpenStack Days, and for the next line of organizational learning, sharing Kubernetes practice and other activities to provide support. In addition activities require at least three organizers (which requires a cncf member / Ambassador cncf / cncf project maintainer)
Significant progress upstream
1.Overriding CA file should override skip TLS and CA data
Command-line arguments specified –certificate-authority CA certificate and the CA can not cover skip TLS data in kubeconfig.
2.Adding Kubelet cmd option to make system reserved CPU list specific
kubelet increase the startup parameters –reserved-cpus, explicitly specify the predetermined CPU core. The node 24 cpus, –reserved-cpus = 0,1,2,3 specified, the user can use the container 4 ~ 23 cpu cores.
3.iptables.Monitor: don’t be fooled by “could not get lock” errors
When other processing while using xtables lock, iptables.Monitor check processing will return an error, thereby triggering the iptables rule to reload.
4.kubeadm: fix wrong default value for the “upgrade node –certificate-renewal” flag
Certificate update the default node kubeadm upgrade node configuration command is false, expect the default value is true.
For kubeadm workflows abstract and declarative definition, in order to achieve automation and orchestration execution of kubeadm workflow (such as an updated certificate, kubeadm upgrade, etc.).
6.Add KEP for default Even Pods Spreading
Cluster manager or the user can cluster topology cluster, the more dimensions scheduled distribution area defined from the pod (support zone dimension current scheduling Pod), such as physical host, rack and the like.
7. Fixed an issue API Server in large-scale scenarios, because too many concurrent requests the amount resulting from goruntine and memory leaks:
Restoration of a 504 response for each request appears, it will leak bug of a goruntine;
In the case where the repair request concurrent high, because the API Server loopclient restrictor caused inside the API Server Controller, ServiceAccount goruntine authentication is live hang, causing backlog goruntine bugs; disposed on loopclient subsequent improvements and the discussion.
Open source projects recommended
LoadBalancer provides services for private Kubernetes cluster applications, application scenarios such as rancher k3s, Ali cloud hosting cluster edge. The principle is the application of external exposure for the internat service through the cloud side tunnel, and inlets-operator managed and updated dynamically configure and deploy cloud side tunnel.
Open source Kubernetes Authentication WebHook Server, supports the auth providers include github, gitlab, LDAP and so on. There is also supports user authentication groups configured to facilitate configuration from group RABC dimension.
This week Recommended Reading
1.《12 Kubernetes configuration best practices》
In this article, we will delve into key Kubernetes security configuration, and recommended best practices that you should follow.
2.《Declarative Data Infrastructure Powers the Data Driven Enterprise》
Big Data, artificial intelligence / machine learning and modern analysis has penetrated into the commercial sector, a key element of corporate strategy to provide customers with better service, faster innovation and maintain a competitive advantage. It is the core of all this data. This article will focus on how Kubernetes native container and associated data storage technology to help engineers (ie DataOps team) to build scalable, agile data infrastructure to achieve these goals.
3. “” only Kubernetes distribution no future “Rancher and Ali cloud collaboration reveal container next”
Cloud is a native method to build and run the application, the cloud refers to the vessel cloud, native means out of the box, without additional custom development. Docker to technology as a starting point, Kubernetes container layout tools trend rise, after meeting the initial demand for virtualization, cloud native cloud vendors will be the next step.
4. “Ali Lei: cloud computing ecosystem is rapidly focus point value to” “the” application
Native cloud infrastructure is no longer just concerns the development and operation and maintenance personnel, after the application delivery group was established, CNCF Foundation is more closely linked with application development and application of operation and maintenance personnel.
5. “Istio fuse analysis”
Author introduces the concept of fuse, then practical exercise are the way to create and demonstrate how to set the fuse function Backyards UI, CLI and other means. Note: Backyards Banzai Cloud is the development of a service-based Istio mesh products that this article is the product of a series of feature introduction.
6. “You must know Kubernetes auto-scaling” Kubernetes many users, especially those enterprise users, soon encountered automatic scaling of environmental needs. Fortunately, Kubernetes Horizontal Pod Autoscaler (HPA) allows you to deploy configured to extend horizontally in several ways. One of the biggest advantages of using Kubernetes Autoscaling is that you can track the cluster load capacity of the existing Pod, and calculate whether more of the Pod.
7. “Knative Serverless technology-based weather service – Part I” mentioned weather forecast service, our first reaction is a very simple service, but the actual good weather forecast service is actually not so simple, this paper Knative Serverless perspective , to introduce you to how technology based on the new Serverless Fun Weather service.
“Alibaba Cloud native micro-channel public number (ID: Alicloudnative) focus on micro service, Serverless, container, Service Mesh and other technical fields, focusing popular technology trends in cloud native, cloud native large-scale landing practice, do most understand cloud native developers technology public number. “