Kubernetes Unveils Details on Upcoming v1.30 Release
The upcoming Kubernetes v1.30 release is set to introduce several significant enhancements and new features. Here’s a detailed look at some of the key changes:
-
Structured Parameters for Dynamic Resource Allocation (KEP-4381): This update aims to make dynamic resource allocation less opaque by introducing a framework that enables “structured models” for describing resources. This change, which builds upon the alpha feature introduced in v1.26, allows for more efficient allocation of third-party resources by the scheduler and other components.
-
Node Memory Swap Support (KEP-2400): The v1.30 release will see improvements to memory swap support on Linux nodes, focusing on system stability. The
UnlimitedSwap
behavior is being removed, and the default behavior will be set toNoSwap
, with an option forLimitedSwap
. This update allows pods to use some page file memory without exceeding their memory limit, improving node stability. -
Support for User Namespaces in Pods (KEP-127): Moving to beta in v1.30, this feature enhances the isolation of pods on Linux systems, addressing several high/critical CVEs. It now supports pods with and without volumes, custom UID/GID ranges, and more.
-
Structured Authorization Configuration (KEP-3221): This feature, advancing to beta, enables the creation of authorization chains with multiple webhooks and fine-grained control, including explicit deny policies on failures. The API server will automatically reload the authorizer chain upon configuration file modifications.
-
Container Resource Based Pod Autoscaling (KEP-1610): Graduating to stable in v1.30, this enhancement allows the HorizontalPodAutoscaler to scale based on individual container resource usage rather than aggregate pod resource usage.
-
CEL for Admission Control (KEP-3488): This integration introduces a dynamic and expressive way to evaluate admission requests using Common Expression Language (CEL), allowing for complex, fine-grained policies to be enforced through the Kubernetes API.