Kubernetes 1.16 – Unlimited Breadsticks for all!

Kubernetes 1.16 was released on 19th September and includes a raft of new features as well as some very important deprecation changes.

Off the back of the CNCFs Security Audit there is a raft of security improvements closing 4 CVE’s and improving items like TLS between services and the security poster from escalating privileges. Enhancements have also been made to improve monitoring, public cloud integration, storage bug fixes, IPv4 & IPv6 dual stack support and robustness improvements.

The main feature released as part of 1.16 is general availability of Custom Resource Definitions (CRDs) which were originally introduced in 1.7. CRDs are widely used by third parties and now many optional behaviours are now required by default as part of this release to keep the APIs stable. Products like FluxCD for example, creates CRDs to monitor repositories for code changes and automatically make deployments – simplifying deployment pipelines.

Another big change for 1.16 is the deprecation of APIs in favour of more stable versions. This means that existing services will stop working unless changes are made to the YAML file references and custom CRDs are updated. These API versions include:

  • Network Policy – extensions/v1beta1 -> networking.k8s.io/v1
  • PodSecurityPolicy – extensions/v1beta1 -> policy/v1beta1
  • DaemonSet, Deployment, StatefulSet, ReplicaSet – extensions/v1beta1 apps/v1beta2 -> apps/v1

Other noteworthy items include:

  • Ephemeral containers – ability to debug running pods by adding ephemeral containers to running pods.
  • EndpointSlice API which splits endpoints into several Endpoint Slice resources, fixing the problem of having a single large Endpoint object.
  • Even Pod Spreading allows pods to be automatically spread across availability zones for high availability rather than manually constructing this scenario.
  • Kubeadm has improved support for Windows by adding the ‘kubeadm join’ functionality.
  • Node Topolgy Manager – a new component to help allocate resources for a pod based on requested resources.
  • Overhauled metrics – a metrics registry enhances the visibility of available metrics.

 

Enterprise and public sector trust Mobilise to securely transform their tech, teams and how they do business.

Say hello to your independence with our project enablement approach.