Kubernetes v1.30 New Features
Kubernetes is an exciting technology in production and in the home lab that is continually evolving. Kubernetes v1.30 is set to bring many exciting changes. Among these changes are new features in alpha, established features that are making their way to “stable,” and long-awaited improvements. Here are some of the enhancements we are excited about in this upcoming release.
1. Structured Parameters for Dynamic Resource Allocation
Dynamic resource allocation, an alpha feature in v1.26, offers an alternative to the traditional device-plugin API for requesting access to third-party resources. However, this approach poses a problem for higher-level controllers that need to make decisions for a group of pods.
To address this problem, Kubernetes is introducing a new model that allows drivers to manage resources and describe them using a specific “structured model” pre-defined by Kubernetes. This will allow components aware of this “structured model” to make decisions about these resources without outsourcing them to some third-party controller, leading to faster allocation of claims.
2. Node Memory Swap Support
In Kubernetes v1.30, memory swap support on Linux nodes is getting a big change to how it works, with an emphasis on improving system stability. The updated, still-beta support for swap on Linux nodes will be available by default, with a default behavior of running the node set to NoSwap mode. However, the big change is the other mode: LimitedSwap.
In this mode, the kubelet actually uses the page file on that node and allows Pods to have some of their virtual memory paged out. Containers (and their parent pods) do not have access to swap beyond their memory limit, but the system can still use the swap space if available.
3. Support for User Namespaces in Pods
User namespaces is a Linux-only feature that better isolates pods to prevent or mitigate several CVEs rated high/critical. In Kubernetes 1.30, support for user namespaces is migrating to beta and now supports pods with and without volumes, custom UID/GID ranges, and more!
4. Structured Authorization Configuration
Support for structured authorization configuration is moving to beta and will be enabled by default. This feature enables the creation of authorization chains with multiple webhooks with well-defined parameters that validate requests in a particular order and allows fine-grained control โ such as explicit Deny on failures. The configuration file approach even allows you to specify CEL rules to pre-filter requests before they are dispatched to webhooks, helping you to prevent unnecessary invocations.
5. Container Resource-Based Pod Autoscaling
This feature allows for automatic scaling based on individual container resource usage rather than the aggregate usage of the entire pod. This feature will be graduating to stable in version 1.30, so be sure to check it out if you’re interested.
6. Common Expression Language (CEL) for admission control.
This new feature allows for a more dynamic evaluation of admission requests, which can be used to define and enforce complex, fine-grained policies at the cluster level. This feature helps enhance security and governance capabilities without impacting performance or flexibility.
The information about the upcoming changes in Kubernetes v1.30 cycle is sourced from the official Kubernetes Blog.
Learn how to install Kubernetes in Ubuntu 22.04: How to Install Kubernetes in Ubuntu 22.04 with Kubeadm.
