K3s, the lightweight Kubernetes distribution, has released version v1.28.2+k3s1. This update brings several improvements and bug fixes to the platform.

One of the key changes in this release is the update of Kubernetes to version v1.28.2. Some other notable changes in this release include the update of Kine to version v0.10.3, as well as updates to embedded components like containerd, stargz-snapshotter plugin, and more.

For a full list of changes and details on what’s new, users can refer to the Kubernetes release notes.

For more information, see release notes K3s.

Kubernetes 1.28 introduces several security enhancements to improve the user experience and address the evolving needs of its users. The enhancements include the use of CEL-based admission policies and webhook match conditions, reduction of secret-based service account tokens, ensuring secure image pulling, container image signature handling based on sigstore, KMS v2 improvements, and an Auth API to get self-user attributes. These enhancements provide better security, performance, and management of Kubernetes clusters, ensuring that only verified and secure images are used and that sensitive data remains encrypted. As Kubernetes becomes more essential, these enhancements play a critical role in ensuring the security and reliability of container orchestration platforms.

Source: CNCF Blog.

K3s has released version v1.28.2-rc1+k3s1. The update includes several improvements and bug fixes, such as updating to v1.28.2 of Kubernetes and v1.20.8 of Go. It also includes upgrades to containerd and stargz versions. Additionally, the update addresses issues related to upgrade failures, tunnel dial failures, and delays in apiserver readiness.

Source: K3s.

Linkerd 2.14 has been released with improved support for multi-cluster deployments, full Gateway API conformance, and various other enhancements. The update introduces a new “gateway-less” mode for cross-cluster communication, allowing for improved performance, security, and reduced cloud spend.

Linkerd now fully conforms with the mesh profile of the Gateway API, offering standardized mechanisms for configuring complex resources. The release also includes numerous bug fixes and performance enhancements.

Source: CNCF.

The CNCF Blog is writing about Flux CD, a GitOps continuous delivery tool developed by Weaveworks. It allows for streamlined and automated application deployments in Kubernetes environments. Flux CD recently announced the Generally Available (GA) release of Flux CD v2, marking its stability and reliability for production use. Many organizations, including GitLab, Orange, and Ring Central, use Flux CD.

Flux CD simplifies the deployment and lifecycle management of applications and infrastructure by allowing developers and operators to define the desired state of their applications and configurations as code stored in a Git repository. Flux CD continuously monitors the repository for changes and automatically applies updates to the Kubernetes cluster to ensure the actual state matches the desired state.

Flux CD offers features such as automated deployments, GitOps workflow, progressive delivery, security, and compatibility with popular Kubernetes tools. It integrates seamlessly with tools like Kustomize, Helm, GitHub, GitLab, and more. Flux CD also has a rich ecosystem, including components like the Source controller, Kustomize Controller, Helm Controller, Notification Controller, and Image Reflector and Automation Controller. Additionally, there are extensions and integrations available for tools like Visual Studio Code, Terraform, Flamingo, Weave GitOps, AKS & Azure Arc, and EKS Anywhere.

Source: CNCF.

This guide will help you set up a Kubernetes cluster, including a service mesh using k3s (at the time of writing at version 0.10.2) and Rio. We’ll deploy the cluster on DigitalOcean. Ubuntu 18.04 LTS will be the OS during this tutorial. If you sign up to DigitalOcean using this link, you’ll receive $50 to spend on their services over 30 days. If you wish to run your cluster on your own hardware, you could do so on Raspberry Pis (ARM64) or Intel NUCs (x86_64) for example.