𝐊𝐮𝐛𝐞𝐫𝐧𝐞𝐭𝐞𝐬 1.29 Mid-cycle Changes

Quick walkthrough around K8s 1.29 mid-cycle Removals, Deprecations & changes

Overview

In order to deploy and manage containerized applications at scale, Kubernetes has quickly emerged as the industry standard container orchestration platform.

Kubernetes release 1.29

Let’s Dive before that changes if you are not aware of registries & packages.

Redirection from k8s.gcr.io to registry.k8s.io

• The container images used by the Kubernetes project are stored on registry.k8s.io, a community-owned image registry. From April k8s.gcr.io frozen and traffic redirected to the new image registry registry.k8s.io. Part of release 1.25.
• The out-of-date k8s.gcr.io registry will gradually go down. To learn more about this update, please check out the official doc k8s.gcr.io.

Community-owned package repositories

• The Kubernetes project made the community-owned software repository pkgs.k8s.io for Debian & RPM packages available earlier in 2023.
• Old Google‘s repositories (apt.kubernetes.io & yum.kubernetes.io) will be replaced by the community-owned repositories. On September 13, 2023, the outdated repositories were deprecated already.

Deprecations, removals & features 1.29

• FlowSchema & PriorityLevelConfiguration API versions flowcontrol.apiserver.k8s.io/v1beta2 will no longer be supported in v1.29.
• Use the flowcontrol.apiserver.k8s.io/v1beta3 API version, which there since v1.26, for manifests and API clients.
• Notable modifications in flowcontrol.apiserver.k8s.io/v1beta3 is the for PriorityLevelConfiguration. Renamed field assuredConcurrencyShares to nominalConcurrencyShares.
• For Kubernetes v1.29, both the feature gatesDisableCloudproviders & DisableKubeletCloudCredentialsProviders will be set to true by default.

DisableCloudProviders: This feature gate, turns off kube-apiserver, kube-controller-manager, and kubelet functionality related to the ` — cloud-provider` component.

DisableKubeletCloudCredentialProvider: This will turn off the kubelet’s in-tree authentication for image pull credentials to container registries.

• status.nodeInfo.kubeProxyVersion object field will be deprecated in version 1.29. Kubelet sets this field. It doesn’t know the version of kube-proxy even if it’s up and running. Featuregate — DisableNodeKubeProxyVersion
• Kube-proxy has new — init-only flag, is to run in a privileged init container so that the main container runs with a strict security context.
• ReadWriteOncePod to general availability

It restricts the Single POD access to a single node however ReadWriteOnce restricts currently access to a single node but multiple PODs can access from that node.

You can read more & details from Changelog.md 1.29

Read more about K8s 1.28 exciting features, the most viewed article in Google Cloud Community.