Kubernetes Blog

Kubernetes v1.34: Of Wind & Will (O' WaW)

Wed, 27 Aug 2025 10:30:00 -0800

ç·¨é›†è€…: Agustina Barbetta, Alejandro Josue Leon Bellido, Graziano Casto, Melony Qin, Dipesh Rawat

å‰å›žã®ãƒªãƒªãƒ¼ã‚¹ã¨åŒæ§˜ã«ã€Kubernetes v1.34ã®ãƒªãƒªãƒ¼ã‚¹ã§ã¯æ–°ã—ã„GAã€ãƒ™ãƒ¼ã‚¿ç‰ˆã€ã‚¢ãƒ«ãƒ•ã‚¡ç‰ˆã®æ©Ÿèƒ½ãŒå°Žå…¥ã•ã‚Œã¾ã™ã€‚ é«˜å“è³ªãªãƒªãƒªãƒ¼ã‚¹ã®ç¶™ç¶šçš„ãªæä¾›ã¯ã€ç§ãŸã¡ã®é–‹ç™ºã‚µã‚¤ã‚¯ãƒ«ã®å¼·ã•ã¨ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã‹ã‚‰ã®æ´»ç™ºãªã‚µãƒãƒ¼ãƒˆã‚’ç¤ºã—ã¦ã„ã¾ã™ã€‚

ã“ã®ãƒªãƒªãƒ¼ã‚¹ã¯58å€‹ã®æ©Ÿèƒ½æ”¹å–„ã§æ§‹æˆã•ã‚Œã¦ã„ã¾ã™ã€‚ ãã‚Œã‚‰ã®ã†ã¡ã€GAã¸ã®æ˜‡æ ¼ãŒ23å€‹ã€ãƒ™ãƒ¼ã‚¿ã¸ã®ç§»è¡ŒãŒ22å€‹ã€ã‚¢ãƒ«ãƒ•ã‚¡ã¨ã—ã¦ã®å°Žå…¥ãŒ13å€‹ã¨ãªã£ã¦ã„ã¾ã™ã€‚

ã¾ãŸã€ã“ã®ãƒªãƒªãƒ¼ã‚¹ã«ã¯ã„ãã¤ã‹ã®éžæŽ¨å¥¨åŒ–ã¨å‰Šé™¤ãŒã‚ã‚Šã¾ã™ã€‚ ã“ã‚Œã‚‰ã«å¿…ãšç›®ã‚’é€šã—ã¦ãã ã•ã„ã€‚

ãƒªãƒªãƒ¼ã‚¹ã®ãƒ†ãƒ¼ãƒžã¨ãƒã‚´

ç§ãŸã¡ã‚’å–ã‚Šå·»ãé¢¨ã€ãã—ã¦ç§ãŸã¡ã®å†…ãªã‚‹æ„å¿—ã«ã‚ˆã£ã¦å‹•ã‹ã•ã‚Œã‚‹ãƒªãƒªãƒ¼ã‚¹ã€‚

è¨³æ³¨: ã“ã®ãƒªãƒªãƒ¼ã‚¹ã§ã¯ã€Kubernetesã®é–‹ç™ºã‚’èˆªæµ·ã«ãªãžã‚‰ãˆã¦ã„ã¾ã™ã€‚

ã™ã¹ã¦ã®ãƒªãƒªãƒ¼ã‚¹ã‚µã‚¤ã‚¯ãƒ«ã§ã€ç§ãŸã¡ã¯å®Ÿéš›ã«ã¯ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ«ã§ããªã„ã€Œé¢¨ã€ã‚’å—ã‘ç¶™ãŽã¾ã™ â€” ãƒ„ãƒ¼ãƒ«ã®çŠ¶æ…‹ã€ãƒ‰ã‚ãƒ¥ãƒ¡ãƒ³ãƒˆã€ãã—ã¦ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã®æ´å²çš„ãªç‰¹æ€§ã§ã™ã€‚ æ™‚ã«ã“ã‚Œã‚‰ã®é¢¨ã¯ç§ãŸã¡ã®å¸†ã‚’æº€ãŸã—ã€æ™‚ã«æ¨ªã«æŠ¼ã—æµã—ã€æ™‚ã«å‡ªã„ã§ã—ã¾ã„ã¾ã™ã€‚

Kubernetesã‚’å‰é€²ã•ã›ç¶šã‘ã¦ã„ã‚‹ã®ã¯å®Œç’§ãªé¢¨ã§ã¯ãªãã€èˆ¹å“¡ãŸã¡ã®æ„å¿—ã§ã™ã€‚ å½¼ã‚‰ã¯å¸†ã‚’èª¿æ•´ã—ã€èˆµã‚’å–ã‚Šã€èˆªè·¯ã‚’å®šã‚ã€èˆ¹ã‚’å®‰å®šã•ã›ã¾ã™ã€‚ ãƒªãƒªãƒ¼ã‚¹ãŒå®Ÿç¾ã™ã‚‹ã®ã¯æ¡ä»¶ãŒå¸¸ã«ç†æƒ³çš„ã ã‹ã‚‰ã§ã¯ã‚ã‚Šã¾ã›ã‚“ã€‚ ãã‚Œã‚’æ§‹ç¯‰ã™ã‚‹äººã€…ã€ãƒªãƒªãƒ¼ã‚¹ã™ã‚‹äººã€…ã€ãã—ã¦ã‚¯ãƒž^{^}ã€çŒ«ã€çŠ¬ã€é”æ³•ä½¿ã„ã€å¥½å¥‡å¿ƒã«æº€ã¡ãŸäººã€…ãŒã„ã‚‹ã‹ã‚‰ã“ãå®Ÿç¾ã™ã‚‹ã®ã§ã™ã€‚ é¢¨ãŒã©ã®æ–¹å‘ã«å¹ã„ã¦ã‚‚ã€å½¼ã‚‰ã¯Kubernetesã‚’åŠ›å¼·ãå‰é€²ã•ã›ç¶šã‘ã¦ã„ã¾ã™ã€‚

ã“ã®ãƒªãƒªãƒ¼ã‚¹ Of Wind & Will (O' WaW) ã¯ã€ç§ãŸã¡ã‚’å½¢ä½œã£ã¦ããŸé¢¨ã¨ã€ç§ãŸã¡ã‚’å‰é€²ã•ã›ã‚‹æ„å¿—ã«æ•¬æ„ã‚’è¡¨ã—ã¦ã„ã¾ã™ã€‚

_{^ ãªãœã‚¯ãƒžãªã®ã‹ï¼Ÿ ãã®ç”ãˆã¯ã”æƒ³åƒã«ãŠä»»ã›ã—ã¾ã™ï¼}

ä¸»ãªã‚¢ãƒƒãƒ—ãƒ‡ãƒ¼ãƒˆæƒ…å ±

Kubernetes v1.34ã¯æ–°æ©Ÿèƒ½ã¨æ”¹å–„ç‚¹ãŒæº€è¼‰ã§ã™ã€‚ ã“ã®ã‚»ã‚¯ã‚·ãƒ§ãƒ³ã§ã¯ã€ãƒªãƒªãƒ¼ã‚¹ãƒãƒ¼ãƒ ãŒç‰¹ã«æ³¨ç›®ã—ã¦æ¬²ã—ã„ã€é¸ã‚Šã™ãã‚Šã®ã‚¢ãƒƒãƒ—ãƒ‡ãƒ¼ãƒˆå†…å®¹ã‚’ã”ç´¹ä»‹ã—ã¾ã™ï¼

GA: DRAã®ã‚³ã‚¢æ©Ÿèƒ½

Dynamic Resource Allocation (DRA)ã¯ã€GPUã€TPUã€NICãŠã‚ˆã³ãã®ä»–ã®ãƒ‡ãƒã‚¤ã‚¹ã‚’é¸æŠžã€å‰²ã‚Šå½“ã¦ã€å…±æœ‰ã€è¨å®šã™ã‚‹ãŸã‚ã®ã‚ˆã‚Šå¼·åŠ›ãªæ–¹æ³•ã‚’æä¾›ã—ã¾ã™ã€‚

v1.30ãƒªãƒªãƒ¼ã‚¹ä»¥é™ã€DRAã¯æ§‹é€ åŒ–ãƒ‘ãƒ©ãƒ¡ãƒ¼ã‚¿ãƒ¼ã‚’ä½¿ã£ã¦ãƒ‡ãƒã‚¤ã‚¹ã‚’è¦æ±‚ã™ã‚‹ä»•çµ„ã¿ã‚’æŽ¡ç”¨ã—ã¦ã„ã¾ã™ã€‚ ã“ã‚Œã‚‰ã®ãƒ‘ãƒ©ãƒ¡ãƒ¼ã‚¿ãƒ¼ã¯Kubernetesã®ã‚³ã‚¢ã‹ã‚‰ã¯ç›´æŽ¥è¦‹ãˆãªã„å½¢ã§å‡¦ç†ã•ã‚Œã¾ã™ã€‚ ã“ã®è¨è¨ˆã¯ã€ã‚¹ãƒˆãƒ¬ãƒ¼ã‚¸ãƒœãƒªãƒ¥ãƒ¼ãƒ ã®å‹•çš„ãƒ—ãƒãƒ“ã‚¸ãƒ§ãƒ‹ãƒ³ã‚°ã‹ã‚‰ç€æƒ³ã‚’å¾—ã¦ã„ã¾ã™ã€‚ æ§‹é€ åŒ–ãƒ‘ãƒ©ãƒ¡ãƒ¼ã‚¿ãƒ¼ã‚’ä½¿ç”¨ã™ã‚‹DRAã¯ã€resource.k8s.ioé…ä¸‹ã®ä»¥ä¸‹ã®APIã«ä¾å˜ã—ã¦ã„ã¾ã™ã€‚ResourceClaimã€DeviceClassã€ResourceClaimTemplateã€ResourceSliceã€‚ ã¾ãŸã€Podã®.specã«æ–°ã—ã„resourceClaimsãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã‚’è¿½åŠ ã—ã¦ã„ã¾ã™ã€‚
resource.k8s.io/v1 APIã¯GAã«æ˜‡æ ¼ã—ã€ç¾åœ¨ã¯ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã§åˆ©ç”¨å¯èƒ½ã§ã™ã€‚

ã“ã®ä½œæ¥ã¯WG Device ManagementãŒä¸»å°Žã—ãŸKEP #4381ã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

ãƒ™ãƒ¼ã‚¿: `kubelet`ã‚¤ãƒ¡ãƒ¼ã‚¸èªè¨¼ãƒ—ãƒãƒã‚¤ãƒ€ãƒ¼å‘ã‘ã®Projected ServiceAccountãƒˆãƒ¼ã‚¯ãƒ³

ãƒ—ãƒ©ã‚¤ãƒ™ãƒ¼ãƒˆã‚³ãƒ³ãƒ†ãƒŠã‚¤ãƒ¡ãƒ¼ã‚¸ã‚’å–å¾—ã™ã‚‹éš›ã«ä½¿ç”¨ã•ã‚Œã‚‹kubeletã®èªè¨¼ãƒ—ãƒãƒã‚¤ãƒ€ãƒ¼ã¯ã€å¾“æ¥ã€ãƒŽãƒ¼ãƒ‰ã‚„ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã«ä¿å˜ã•ã‚ŒãŸé•·æœŸé–“æœ‰åŠ¹ãªSecretã«ä¾å˜ã—ã¦ã„ã¾ã—ãŸã€‚ ã“ã®æ–¹æ³•ã§ã¯ã€èªè¨¼æƒ…å ±ãŒç‰¹å®šã®ãƒ¯ãƒ¼ã‚¯ãƒãƒ¼ãƒ‰ã«ç´ä»˜ã‘ã‚‰ã‚Œãšã€è‡ªå‹•æ›´æ–°ã‚‚ã•ã‚Œãªã„ãŸã‚ã€ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£ãƒªã‚¹ã‚¯ã¨ç®¡ç†ã®æ‰‹é–“ãŒå¢—å¤§ã—ã¦ã„ã¾ã—ãŸã€‚
ã“ã®å•é¡Œã‚’è§£æ±ºã™ã‚‹ãŸã‚ã€kubeletãŒã‚³ãƒ³ãƒ†ãƒŠãƒ¬ã‚¸ã‚¹ãƒˆãƒªã¸ã®èªè¨¼ã«ã€çŸæœŸé–“ã®ã¿æœ‰åŠ¹ã§ç‰¹å®šã®ç”¨é€”ã«é™å®šã•ã‚ŒãŸServiceAccountãƒˆãƒ¼ã‚¯ãƒ³ã‚’è¦æ±‚ã§ãã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã—ãŸã€‚ ã“ã‚Œã«ã‚ˆã‚Šã€ãƒŽãƒ¼ãƒ‰å…¨ä½“ã®èªè¨¼æƒ…å ±ã§ã¯ãªãã€Podå›ºæœ‰ã®ã‚¢ã‚¤ãƒ‡ãƒ³ãƒ†ã‚£ãƒ†ã‚£ã«åŸºã¥ã„ã¦ã‚¤ãƒ¡ãƒ¼ã‚¸ã®å–å¾—ã‚’èªå¯ã§ãã¾ã™ã€‚
æœ€å¤§ã®åˆ©ç‚¹ã¯ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£ã®å¤§å¹…ãªå‘ä¸Šã§ã™ã€‚ ã‚¤ãƒ¡ãƒ¼ã‚¸å–å¾—ã®ãŸã‚ã«é•·æœŸé–“æœ‰åŠ¹ãªSecretã‚’ä¿æŒã™ã‚‹å¿…è¦ãŒãªããªã‚Šã€æ”»æ’ƒã‚’å—ã‘ã‚‹ãƒªã‚¹ã‚¯ãŒæ¸›å°‘ã—ã€ç®¡ç†è€…ã¨é–‹ç™ºè€…ã®ä¸¡æ–¹ã«ã¨ã£ã¦èªè¨¼æƒ…å ±ã®ç®¡ç†ãŒã‚·ãƒ³ãƒ—ãƒ«ã«ãªã‚Šã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯SIG Authã¨SIG NodeãŒä¸»å°Žã—ãŸKEP #4412ã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

ã‚¢ãƒ«ãƒ•ã‚¡: KYAML(Kuberneteså‘ã‘ã«æœ€é©åŒ–ã•ã‚ŒãŸYAMLå½¢å¼)ã®ã‚µãƒãƒ¼ãƒˆ

KYAMLã¯ã€Kuberneteså‘ã‘ã«æœ€é©åŒ–ã•ã‚ŒãŸã€ã‚ˆã‚Šå®‰å…¨ã§æ›–æ˜§ã•ã®å°‘ãªã„YAMLã®ã‚µãƒ–ã‚»ãƒƒãƒˆã§ã™ã€‚ Kubernetes v1.34ä»¥é™ã€ã©ã®ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã®Kubernetesã‚’ä½¿ç”¨ã—ã¦ã„ã¦ã‚‚ã€kubectlã®æ–°ã—ã„å‡ºåŠ›å½¢å¼ã¨ã—ã¦KYAMLã‚’åˆ©ç”¨ã§ãã¾ã™ã€‚

KYAMLã¯ã€YAMLã¨JSONãã‚Œãžã‚ŒãŒæŠ±ãˆã‚‹èª²é¡Œã‚’è§£æ±ºã—ã¾ã™ã€‚ YAMLã§ã¯ç©ºç™½æ–‡å—ãŒé‡è¦ãªæ„å‘³ã‚’æŒã¤ãŸã‚ã€ã‚¤ãƒ³ãƒ‡ãƒ³ãƒˆã‚„ãƒã‚¹ãƒˆã«ç´°å¿ƒã®æ³¨æ„ãŒå¿…è¦ã§ã™ã€‚ ã¾ãŸã€æ–‡å—åˆ—ã®å¼•ç”¨ç¬¦ã‚’çœç•¥ã§ãã‚‹ã“ã¨ã§ã€äºˆæœŸã—ãªã„åž‹å¤‰æ›ãŒç™ºç”Ÿã™ã‚‹ã“ã¨ãŒã‚ã‚Šã¾ã™(ä¾‹: ã€ŒãƒŽãƒ«ã‚¦ã‚§ãƒ¼å•é¡Œã€)ã€‚ ä¸€æ–¹ã€JSONã¯ã‚³ãƒ¡ãƒ³ãƒˆãŒæ›¸ã‘ãšã€æœ«å°¾ã®ã‚«ãƒ³ãƒžã‚„å¼•ç”¨ç¬¦ä»˜ãã®ã‚ãƒ¼ã«é–¢ã—ã¦åŽ³å¯†ãªãƒ«ãƒ¼ãƒ«ãŒã‚ã‚Šã¾ã™ã€‚

KYAMLãƒ•ã‚¡ã‚¤ãƒ«ã¯ã™ã¹ã¦æœ‰åŠ¹ãªYAMLã§ã‚‚ã‚ã‚‹ãŸã‚ã€KYAMLã§è¨˜è¿°ã—ãŸãƒ•ã‚¡ã‚¤ãƒ«ã¯ã©ã®ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã®kubectlã«ã‚‚å…¥åŠ›ã¨ã—ã¦æ¸¡ã›ã¾ã™ã€‚ v1.34ã®kubectlã§ã¯ã€ç’°å¢ƒå¤‰æ•°KUBECTL_KYAML=trueã‚’è¨å®šã™ã‚‹ã“ã¨ã§ã€KYAMLå½¢å¼ã§ã®å‡ºåŠ›ã‚‚ãƒªã‚¯ã‚¨ã‚¹ãƒˆã§ãã¾ã™(ä¾‹: kubectl get -o kyaml ...)ã€‚ ã‚‚ã¡ã‚ã‚“ã€å¾“æ¥é€šã‚ŠJSONã‚„YAMLå½¢å¼ã§ã®å‡ºåŠ›ã‚‚å¯èƒ½ã§ã™ã€‚

ã“ã®ä½œæ¥ã¯SIG CLIãŒä¸»å°Žã—ãŸKEP #5295ã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

GAã«æ˜‡æ ¼ã—ãŸæ©Ÿèƒ½

ã“ã‚Œã¯v1.34ãƒªãƒªãƒ¼ã‚¹å¾Œã«GAã¨ãªã£ãŸæ”¹å–„ç‚¹ã®ä¸€éƒ¨ã§ã™ã€‚

Jobã®ä»£æ›¿Podã®é…å»¶ä½œæˆ

ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã§ã¯ã€Jobã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ã¯PodãŒçµ‚äº†å‡¦ç†ã‚’å§‹ã‚ãŸæ™‚ç‚¹ã§ã€ã™ãã«ä»£æ›¿ã¨ãªã‚‹æ–°ã—ã„Podã‚’ä½œæˆã—ã¾ã™ã€‚ ãã®çµæžœã€çµ‚äº†ä¸ã®å¤ã„Podã¨ã¾ã æ–°ã—ã„PodãŒåŒæ™‚ã«å˜åœ¨ã—ã€ä¸¡æ–¹ãŒãƒªã‚½ãƒ¼ã‚¹ã‚’ä½¿ç”¨ã™ã‚‹çŠ¶æ…‹ã«ãªã‚Šã¾ã™ã€‚ ãƒªã‚½ãƒ¼ã‚¹ãŒé™ã‚‰ã‚ŒãŸã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã§ã¯ã€å¤ã„PodãŒå®Œå…¨ã«çµ‚äº†ã—ã¦ãƒªã‚½ãƒ¼ã‚¹ã‚’è§£æ”¾ã™ã‚‹ã¾ã§ã€æ–°ã—ã„PodãŒèµ·å‹•ã§ããšã«å¾…æ©ŸçŠ¶æ…‹ã¨ãªã‚Šã€ãƒªã‚½ãƒ¼ã‚¹ã®ç«¶åˆãŒç™ºç”Ÿã—ã¾ã™ã€‚ ã¾ãŸã€ã“ã®çŠ¶æ³ã«ã‚ˆã‚Šã€ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã‚ªãƒ¼ãƒˆã‚¹ã‚±ãƒ¼ãƒ©ãƒ¼ãŒä¸å¿…è¦ã«ãƒŽãƒ¼ãƒ‰ã‚’è¿½åŠ ã—ã¦ã—ã¾ã†ã“ã¨ã‚‚ã‚ã‚Šã¾ã™ã€‚ ã•ã‚‰ã«ã€TensorFlowã‚„JAXãªã©ã®æ©Ÿæ¢°å¦ç¿’ãƒ•ãƒ¬ãƒ¼ãƒ ãƒ¯ãƒ¼ã‚¯ã¯ã€åŒã˜ã‚¤ãƒ³ãƒ‡ãƒƒã‚¯ã‚¹ã®PodãŒè¤‡æ•°åŒæ™‚ã«å‹•ä½œã™ã‚‹ã“ã¨ã‚’è¨±å¯ã—ãªã„ãŸã‚ã€ã“ã®åŒæ™‚å®Ÿè¡ŒãŒå•é¡Œã¨ãªã‚Šã¾ã™ã€‚ ã“ã®æ©Ÿèƒ½ã«ã‚ˆã‚Šã€Jobã«.spec.podReplacementPolicyãŒå°Žå…¥ã•ã‚Œã¾ã™ã€‚ PodãŒå®Œå…¨ã«çµ‚äº†ã—ãŸå¾Œ(.status.phase: Failedã¨ãªã£ãŸå¾Œ)ã«ã®ã¿ä»£æ›¿Podã‚’ä½œæˆã™ã‚‹ã‚ˆã†è¨å®šã§ãã¾ã™ã€‚ ã“ã‚Œã‚’è¡Œã†ã«ã¯ã€.spec.podReplacementPolicy: Failedã‚’è¨å®šã—ã¾ã™ã€‚
v1.28ã§ã‚¢ãƒ«ãƒ•ã‚¡ã¨ã—ã¦å°Žå…¥ã•ã‚ŒãŸã“ã®æ©Ÿèƒ½ã¯ã€v1.34ã§GAã«æ˜‡æ ¼ã—ã¾ã—ãŸã€‚

ã“ã®ä½œæ¥ã¯SIG AppsãŒä¸»å°Žã—ãŸKEP #3939ã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

ãƒœãƒªãƒ¥ãƒ¼ãƒ æ‹¡å¼µå¤±æ•—ã‹ã‚‰ã®å¾©æ—§

ã“ã®æ©Ÿèƒ½ã«ã‚ˆã‚Šã€ã‚¹ãƒˆãƒ¬ãƒ¼ã‚¸ãƒ—ãƒãƒã‚¤ãƒ€ãƒ¼ãŒã‚µãƒãƒ¼ãƒˆã—ã¦ã„ãªã„ã‚µã‚¤ã‚ºã¸ã®ãƒœãƒªãƒ¥ãƒ¼ãƒ æ‹¡å¼µãŒå¤±æ•—ã—ãŸå ´åˆã«ã€ãã®æ‹¡å¼µæ“ä½œã‚’ã‚ãƒ£ãƒ³ã‚»ãƒ«ã—ã€ã‚µãƒãƒ¼ãƒˆç¯„å›²å†…ã®ã‚ˆã‚Šå°ã•ãªã‚µã‚¤ã‚ºã§å†åº¦æ‹¡å¼µã‚’è©¦ã¿ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚
v1.23ã§ã‚¢ãƒ«ãƒ•ã‚¡ã¨ã—ã¦å°Žå…¥ã•ã‚ŒãŸã“ã®æ©Ÿèƒ½ã¯ã€v1.34ã§GAã«æ˜‡æ ¼ã—ã¾ã—ãŸã€‚

ã“ã®ä½œæ¥ã¯SIG StorageãŒä¸»å°Žã—ãŸKEP #1790ã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

ãƒœãƒªãƒ¥ãƒ¼ãƒ å¤‰æ›´ã®ãŸã‚ã®VolumeAttributesClass

VolumeAttributesClassãŒv1.34ã§GAã«æ˜‡æ ¼ã—ã¾ã—ãŸã€‚ VolumeAttributesClassã¯ã€ãƒ—ãƒãƒ“ã‚¸ãƒ§ãƒ‹ãƒ³ã‚°ã•ã‚ŒãŸIOãªã©ã®ãƒœãƒªãƒ¥ãƒ¼ãƒ ãƒ‘ãƒ©ãƒ¡ãƒ¼ã‚¿ãƒ¼ã‚’å¤‰æ›´ã™ã‚‹ãŸã‚ã®ã€æ±Žç”¨çš„ãªKubernetesãƒã‚¤ãƒ†ã‚£ãƒ–ãªAPIã§ã™ã€‚ ãƒ—ãƒãƒã‚¤ãƒ€ãƒ¼ãŒã‚µãƒãƒ¼ãƒˆã—ã¦ã„ã‚‹å ´åˆã€ãƒ¯ãƒ¼ã‚¯ãƒãƒ¼ãƒ‰ãŒã‚³ã‚¹ãƒˆã¨ãƒ‘ãƒ•ã‚©ãƒ¼ãƒžãƒ³ã‚¹ã®ãƒãƒ©ãƒ³ã‚¹ã‚’å–ã‚ŠãªãŒã‚‰ã€ç¨¼åƒä¸ã«ãƒœãƒªãƒ¥ãƒ¼ãƒ ã‚’åž‚ç›´ã‚¹ã‚±ãƒ¼ãƒªãƒ³ã‚°ã§ãã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã™ã€‚
Kubernetesã®ä»–ã®ã™ã¹ã¦ã®æ–°ã—ã„ãƒœãƒªãƒ¥ãƒ¼ãƒ æ©Ÿèƒ½ã¨åŒæ§˜ã«ã€ã“ã®APIã¯Container Storage Interface (CSI)ã‚’ä»‹ã—ã¦å®Ÿè£…ã•ã‚Œã¦ã„ã¾ã™ã€‚ ã“ã®æ©Ÿèƒ½ã‚’ä½¿ç”¨ã™ã‚‹ã«ã¯ã€ãŠä½¿ã„ã®ãƒ—ãƒãƒ“ã‚¸ãƒ§ãƒŠãƒ¼å›ºæœ‰ã®CSIãƒ‰ãƒ©ã‚¤ãƒãƒ¼ãŒã€ã“ã®æ©Ÿèƒ½ã®CSIå´ã®å®Ÿè£…ã§ã‚ã‚‹æ–°ã—ã„ModifyVolume APIã‚’ã‚µãƒãƒ¼ãƒˆã—ã¦ã„ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯SIG StorageãŒä¸»å°Žã—ãŸKEP #3751ã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

æ§‹é€ åŒ–ã•ã‚ŒãŸèªè¨¼è¨å®š

Kubernetes v1.29ã§ã¯ã€APIã‚µãƒ¼ãƒãƒ¼ã®ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆèªè¨¼ã‚’ç®¡ç†ã™ã‚‹æ–°ã—ã„æ–¹æ³•ãŒå°Žå…¥ã•ã‚Œã¾ã—ãŸã€‚ ã“ã‚Œã¾ã§å¤šæ•°ã®ã‚³ãƒžãƒ³ãƒ‰ãƒ©ã‚¤ãƒ³ã‚ªãƒ—ã‚·ãƒ§ãƒ³ã§è¨å®šã—ã¦ã„ãŸèªè¨¼ã‚’ã€æ§‹é€ åŒ–ã•ã‚ŒãŸè¨å®šãƒ•ã‚¡ã‚¤ãƒ«ã§ç®¡ç†ã§ãã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã—ãŸã€‚ AuthenticationConfigurationã¨ã„ã†æ–°ã—ã„ãƒªã‚½ãƒ¼ã‚¹ã«ã‚ˆã‚Šã€ç®¡ç†è€…ã¯è¤‡æ•°ã®JWTèªè¨¼æ©Ÿæ§‹ã®è¨å®šã€CELå¼ã‚’ä½¿ã£ãŸæŸ”è»Ÿãªæ¤œè¨¼ãƒ«ãƒ¼ãƒ«ã®å®šç¾©ã€ãã—ã¦ã‚µãƒ¼ãƒãƒ¼ã‚’å†èµ·å‹•ã™ã‚‹ã“ã¨ãªãè¨å®šã‚’å‹•çš„ã«å†èªã¿è¾¼ã¿ã™ã‚‹ã“ã¨ãŒå¯èƒ½ã«ãªã‚Šã¾ã™ã€‚ ã“ã®å¤‰æ›´ã«ã‚ˆã‚Šã€ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã®èªè¨¼è¨å®šãŒã‚ˆã‚Šç®¡ç†ã—ã‚„ã™ãã€ç›£æŸ»ã—ã‚„ã™ããªã‚Šã¾ã—ãŸã€‚ ã“ã®æ©Ÿèƒ½ã¯v1.34ã§GAã«æ˜‡æ ¼ã—ã¦ã„ã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯SIG AuthãŒä¸»å°Žã—ãŸKEP #3331ã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

ã‚»ãƒ¬ã‚¯ã‚¿ãƒ¼ã«åŸºã¥ãç´°ã‹ã„èªå¯

Kubernetesã®èªå¯æ©Ÿæ§‹(Webhookèªå¯ã‚„çµ„ã¿è¾¼ã¿ã®ãƒŽãƒ¼ãƒ‰èªå¯ã‚’å«ã‚€)ãŒã€ãƒªã‚¯ã‚¨ã‚¹ãƒˆã«å«ã¾ã‚Œã‚‹ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã‚»ãƒ¬ã‚¯ã‚¿ãƒ¼ã‚„ãƒ©ãƒ™ãƒ«ã‚»ãƒ¬ã‚¯ã‚¿ãƒ¼ã®å†…å®¹ã¾ã§è€ƒæ…®ã—ã¦ã€ã‚ˆã‚Šç´°ã‹ã„èªå¯åˆ¤æ–ã‚’è¡Œãˆã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã—ãŸã€‚ listã€watchã€deletecollection ã¨ã„ã£ãŸä¸€è¦§å–å¾—ã‚„å‰Šé™¤ã®ãƒªã‚¯ã‚¨ã‚¹ãƒˆã«ã‚»ãƒ¬ã‚¯ã‚¿ãƒ¼ãŒå«ã¾ã‚Œã¦ã„ã‚‹å ´åˆã€èªå¯ãƒ¬ã‚¤ãƒ¤ãƒ¼ã¯ãã®æ¡ä»¶ã‚‚å«ã‚ã¦ã‚¢ã‚¯ã‚»ã‚¹æ¨©é™ã‚’è©•ä¾¡ã—ã¾ã™ã€‚

ä¾‹ãˆã°ã€ã€Œç‰¹å®šã®ãƒŽãƒ¼ãƒ‰(.spec.nodeName)ã«å‰²ã‚Šå½“ã¦ã‚‰ã‚ŒãŸPodã®ã¿ã‚’ä¸€è¦§è¡¨ç¤ºã§ãã‚‹ã€ã¨ã„ã†èªå¯ãƒãƒªã‚·ãƒ¼ã‚’ä½œæˆã§ãã¾ã™ã€‚ ã“ã®å ´åˆã€ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆ(ä¾‹: ç‰¹å®šãƒŽãƒ¼ãƒ‰ä¸Šã®kubelet)ã¯å¿…è¦ãªãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã‚»ãƒ¬ã‚¯ã‚¿ãƒ¼ã‚’æ˜Žç¤ºçš„ã«æŒ‡å®šã™ã‚‹å¿…è¦ãŒã‚ã‚Šã€æŒ‡å®šãŒãªã„å ´åˆã¯ãƒªã‚¯ã‚¨ã‚¹ãƒˆãŒæ‹’å¦ã•ã‚Œã¾ã™ã€‚ ã“ã®æ©Ÿèƒ½ã«ã‚ˆã‚Šã€ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆãŒåˆ¶é™äº‹é …ã‚’ç†è§£ã—é©åˆ‡ã«ãƒªã‚¯ã‚¨ã‚¹ãƒˆã‚’é€ä¿¡ã§ãã‚‹ç’°å¢ƒã§ã‚ã‚Œã°ã€æœ€å°æ¨©é™ã®åŽŸå‰‡ã«åŸºã¥ã„ãŸåŽ³å¯†ãªã‚¢ã‚¯ã‚»ã‚¹åˆ¶å¾¡ãŒå®Ÿç¾ã§ãã¾ã™ã€‚ Kubernetes v1.34ã§ã¯ã€ãƒŽãƒ¼ãƒ‰ã”ã¨ã®ãƒªã‚½ãƒ¼ã‚¹åˆ†é›¢ã‚„ã‚«ã‚¹ã‚¿ãƒ ãƒžãƒ«ãƒãƒ†ãƒŠãƒ³ãƒˆæ§‹æˆãªã©ã€ãã‚ç´°ã‹ã„åˆ¶å¾¡ãŒå¿…è¦ãªç’°å¢ƒã§ã®é‹ç”¨ãŒã‚ˆã‚Šå®‰å…¨ã«ãªã‚Šã¾ã—ãŸã€‚

ã“ã®ä½œæ¥ã¯SIG AuthãŒä¸»å°Žã—ãŸKEP #4601ã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

ç´°ã‹ã„åˆ¶å¾¡ã«ã‚ˆã‚‹åŒ¿åãƒªã‚¯ã‚¨ã‚¹ãƒˆã®åˆ¶é™

åŒ¿åã‚¢ã‚¯ã‚»ã‚¹ã‚’å®Œå…¨ã«æœ‰åŠ¹ã¾ãŸã¯ç„¡åŠ¹ã«ã™ã‚‹ä»£ã‚ã‚Šã«ã€èªè¨¼ã•ã‚Œã¦ã„ãªã„ãƒªã‚¯ã‚¨ã‚¹ãƒˆã‚’è¨±å¯ã™ã‚‹ç‰¹å®šã®ã‚¨ãƒ³ãƒ‰ãƒã‚¤ãƒ³ãƒˆã®ãƒªã‚¹ãƒˆã‚’åŽ³å¯†ã«è¨å®šã§ãã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã—ãŸã€‚ ã“ã‚Œã«ã‚ˆã‚Šã€/healthzã€/readyzã€/livezãªã©ã®ãƒ˜ãƒ«ã‚¹ãƒã‚§ãƒƒã‚¯ã‚„ãƒ–ãƒ¼ãƒˆã‚¹ãƒˆãƒ©ãƒƒãƒ—ç”¨ã‚¨ãƒ³ãƒ‰ãƒã‚¤ãƒ³ãƒˆã¸ã®åŒ¿åã‚¢ã‚¯ã‚»ã‚¹ã«ä¾å˜ã™ã‚‹ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã«å¯¾ã—ã¦ã€ã‚ˆã‚Šå®‰å…¨ãªä»£æ›¿æ‰‹æ®µã‚’æä¾›ã—ã¾ã™ã€‚

ã“ã®æ©Ÿèƒ½ã«ã‚ˆã‚Šã€åŒ¿åãƒ¦ãƒ¼ã‚¶ãƒ¼ã«åºƒç¯„ãªã‚¢ã‚¯ã‚»ã‚¹æ¨©ã‚’èª¤ã£ã¦ä»˜ä¸Žã—ã¦ã—ã¾ã†RBACã®è¨å®šãƒŸã‚¹ã‚’é˜²ãã“ã¨ãŒã§ãã€å¤–éƒ¨ã®ãƒ—ãƒãƒ¼ãƒ–ãƒ„ãƒ¼ãƒ«ã‚„ãƒ–ãƒ¼ãƒˆã‚¹ãƒˆãƒ©ãƒƒãƒ—ãƒ„ãƒ¼ãƒ«ã¸ã®å¤‰æ›´ã‚‚ä¸è¦ã§ã™ã€‚

ã“ã®ä½œæ¥ã¯SIG AuthãŒä¸»å°Žã—ãŸKEP #4633ã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

ãƒ—ãƒ©ã‚°ã‚¤ãƒ³å›ºæœ‰ã®ã‚³ãƒ¼ãƒ«ãƒãƒƒã‚¯ã«ã‚ˆã‚‹åŠ¹çŽ‡çš„ãªå†ã‚ãƒ¥ãƒ¼ã‚¤ãƒ³ã‚°

kube-schedulerãŒã€ä»¥å‰ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ«ã§ããªã‹ã£ãŸPodã‚’ã„ã¤å†è©¦è¡Œã™ã¹ãã‹ã«ã¤ã„ã¦ã€ã‚ˆã‚Šæ£ç¢ºãªåˆ¤æ–ã‚’ä¸‹ã›ã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã—ãŸã€‚ å„ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒªãƒ³ã‚°ãƒ—ãƒ©ã‚°ã‚¤ãƒ³ãŒç‹¬è‡ªã®ã‚³ãƒ¼ãƒ«ãƒãƒƒã‚¯é–¢æ•°ã‚’ç™»éŒ²ã§ãã‚‹ã‚ˆã†ã«ãªã‚Šã€ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã§ç™ºç”Ÿã—ãŸã‚¤ãƒ™ãƒ³ãƒˆãŒã€ä»¥å‰æ‹’å¦ã•ã‚ŒãŸPodã‚’ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ«å¯èƒ½ã«ã™ã‚‹å¯èƒ½æ€§ãŒã‚ã‚‹ã‹ã©ã†ã‹ã‚’ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ©ãƒ¼ã«é€šçŸ¥ã—ã¾ã™ã€‚

ã“ã‚Œã«ã‚ˆã‚Šã€ä¸è¦ãªå†è©¦è¡ŒãŒå‰Šæ¸›ã•ã‚Œã€ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒªãƒ³ã‚°å…¨ä½“ã®ã‚¹ãƒ«ãƒ¼ãƒ—ãƒƒãƒˆãŒå‘ä¸Šã—ã¾ã™ã€‚ ç‰¹ã«å‹•çš„ãƒªã‚½ãƒ¼ã‚¹å‰²ã‚Šå½“ã¦(DRA)ã‚’ä½¿ç”¨ã™ã‚‹ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã§åŠ¹æžœçš„ã§ã™ã€‚ ã¾ãŸã€ç‰¹å®šã®ãƒ—ãƒ©ã‚°ã‚¤ãƒ³ãŒå®‰å…¨ã¨åˆ¤æ–ã—ãŸå ´åˆã«ã¯ã€é€šå¸¸ã®ãƒãƒƒã‚¯ã‚ªãƒ•é…å»¶ã‚’ã‚¹ã‚ãƒƒãƒ—ã§ãã‚‹ã‚ˆã†ã«ãªã‚Šã€ç‰¹å®šã®ã‚±ãƒ¼ã‚¹ã§ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒªãƒ³ã‚°ãŒã‚ˆã‚Šé«˜é€ŸåŒ–ã•ã‚Œã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯SIG SchedulingãŒä¸»å°Žã—ãŸKEP #4247ã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

é †åºä»˜ã‘ã‚‰ã‚ŒãŸNamespaceå‰Šé™¤

ãƒ©ãƒ³ãƒ€ãƒ ã«è¿‘ã„ãƒªã‚½ãƒ¼ã‚¹å‰Šé™¤é †åºã¯ã€ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£ã‚®ãƒ£ãƒƒãƒ—ã‚„æ„å›³ã—ãªã„å‹•ä½œã‚’å¼•ãèµ·ã“ã™å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã™ã€‚ ä¾‹ãˆã°ã€NetworkPolicyãŒå‰Šé™¤ã•ã‚ŒãŸå¾Œã‚‚PodãŒæ®‹ã‚Šç¶šã‘ã‚‹ã¨ã„ã£ãŸå•é¡Œã§ã™ã€‚
ã“ã®æ”¹å–„ã«ã‚ˆã‚Šã€Kubernetesåå‰ç©ºé–“ã«å¯¾ã—ã¦ã€ã‚ˆã‚Šæ§‹é€ åŒ–ã•ã‚ŒãŸå‰Šé™¤ãƒ—ãƒã‚»ã‚¹ãŒå°Žå…¥ã•ã‚Œã€å®‰å…¨ã§æ±ºå®šçš„ãªãƒªã‚½ãƒ¼ã‚¹å‰Šé™¤ãŒä¿è¨¼ã•ã‚Œã¾ã™ã€‚ è«–ç†çš„ãªä¾å˜é–¢ä¿‚ã‚„ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£ã®ä¾å˜é–¢ä¿‚ã‚’å°Šé‡ã™ã‚‹å‰Šé™¤é †åºã‚’å¼·åˆ¶ã™ã‚‹ã“ã¨ã§ã€PodãŒä»–ã®ãƒªã‚½ãƒ¼ã‚¹ã‚ˆã‚Šã‚‚å…ˆã«å‰Šé™¤ã•ã‚Œã‚‹ã“ã¨ãŒä¿è¨¼ã•ã‚Œã¾ã™ã€‚
ã“ã®æ©Ÿèƒ½ã¯Kubernetes v1.33ã§å°Žå…¥ã•ã‚Œã€v1.34ã§GAã«æ˜‡æ ¼ã—ã¾ã—ãŸã€‚ ã“ã®æ˜‡æ ¼ã«ã‚ˆã‚Šã€CVE-2024-7598ã§èª¬æ˜Žã•ã‚Œã¦ã„ã‚‹è„†å¼±æ€§ã‚’å«ã‚€ã€éžæ±ºå®šçš„ãªå‰Šé™¤ã«ã‚ˆã‚‹ãƒªã‚¹ã‚¯ã‚’è»½æ¸›ã—ã€ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£ã¨ä¿¡é ¼æ€§ãŒå‘ä¸Šã—ã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯SIG API MachineryãŒä¸»å°Žã—ãŸKEP #5080ã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

list å¿œç”ã®ã‚¹ãƒˆãƒªãƒ¼ãƒŸãƒ³ã‚°

Kubernetesã§å¤§è¦æ¨¡ãªlistå¿œç”ã‚’å‡¦ç†ã™ã‚‹ã“ã¨ã¯ã€ã“ã‚Œã¾ã§å¤§ããªã‚¹ã‚±ãƒ¼ãƒ©ãƒ“ãƒªãƒ†ã‚£ã®èª²é¡Œã§ã—ãŸã€‚ ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆãŒæ•°åƒã®Podã‚„ã‚«ã‚¹ã‚¿ãƒ ãƒªã‚½ãƒ¼ã‚¹ãªã©ã®å¤§è¦æ¨¡ãªãƒªã‚½ãƒ¼ã‚¹ãƒªã‚¹ãƒˆã‚’è¦æ±‚ã—ãŸå ´åˆã€APIã‚µãƒ¼ãƒãƒ¼ã¯é€ä¿¡å‰ã«ã‚ªãƒ–ã‚¸ã‚§ã‚¯ãƒˆã®ã‚³ãƒ¬ã‚¯ã‚·ãƒ§ãƒ³å…¨ä½“ã‚’å˜ä¸€ã®å¤§ããªãƒ¡ãƒ¢ãƒªãƒãƒƒãƒ•ã‚¡ã«ã‚·ãƒªã‚¢ãƒ©ã‚¤ã‚ºã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã—ãŸã€‚ ã“ã®ãƒ—ãƒã‚»ã‚¹ã¯å¤§é‡ã®ãƒ¡ãƒ¢ãƒªè² è·ã‚’ç”Ÿã¿å‡ºã—ã€ãƒ‘ãƒ•ã‚©ãƒ¼ãƒžãƒ³ã‚¹ã®ä½Žä¸‹ã‚’å¼•ãèµ·ã“ã—ã€ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼å…¨ä½“ã®å®‰å®šæ€§ã«å½±éŸ¿ã‚’ä¸Žãˆã‚‹å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã—ãŸã€‚
ã“ã®åˆ¶é™ã«å¯¾å‡¦ã™ã‚‹ãŸã‚ã€ã‚³ãƒ¬ã‚¯ã‚·ãƒ§ãƒ³( list å¿œç”)ã®ã‚¹ãƒˆãƒªãƒ¼ãƒŸãƒ³ã‚°ã‚¨ãƒ³ã‚³ãƒ¼ãƒ‡ã‚£ãƒ³ã‚°ãƒ¡ã‚«ãƒ‹ã‚ºãƒ ãŒå°Žå…¥ã•ã‚Œã¾ã—ãŸã€‚ JSONãŠã‚ˆã³Kubernetes Protobufå¿œç”å½¢å¼ã§ã¯ã€ã“ã®ã‚¹ãƒˆãƒªãƒ¼ãƒŸãƒ³ã‚°ãƒ¡ã‚«ãƒ‹ã‚ºãƒ ãŒè‡ªå‹•çš„ã«æœ‰åŠ¹ã«ãªã‚Šã€é–¢é€£ã™ã‚‹ãƒ•ã‚£ãƒ¼ãƒãƒ£ãƒ¼ã‚²ãƒ¼ãƒˆã¯GAã¨ãªã£ã¦ã„ã¾ã™ã€‚ ã“ã®æ–¹æ³•ã®ä¸»ãªåˆ©ç‚¹ã¯ã€APIã‚µãƒ¼ãƒãƒ¼ã§ã®å¤§è¦æ¨¡ãªãƒ¡ãƒ¢ãƒªå‰²ã‚Šå½“ã¦ã‚’å›žé¿ã—ã€ãƒ¡ãƒ¢ãƒªãƒ•ãƒƒãƒˆãƒ—ãƒªãƒ³ãƒˆã‚’ã‚ˆã‚Šå°ã•ãäºˆæ¸¬å¯èƒ½ã«ã™ã‚‹ã“ã¨ã§ã™ã€‚ ãã®çµæžœã€ç‰¹ã«å¤§è¦æ¨¡ãªãƒªã‚½ãƒ¼ã‚¹ãƒªã‚¹ãƒˆã®é »ç¹ãªãƒªã‚¯ã‚¨ã‚¹ãƒˆãŒä¸€èˆ¬çš„ãªå¤§è¦æ¨¡ç’°å¢ƒã«ãŠã„ã¦ã€ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã®å›žå¾©åŠ›ã¨ãƒ‘ãƒ•ã‚©ãƒ¼ãƒžãƒ³ã‚¹ãŒå‘ä¸Šã—ã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯SIG API MachineryãŒä¸»å°Žã—ãŸKEP #5116ã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

å›žå¾©åŠ›ã®ã‚ã‚‹Watchã‚ãƒ£ãƒƒã‚·ãƒ¥ã®åˆæœŸåŒ–

Watchã‚ãƒ£ãƒƒã‚·ãƒ¥ã¯ã€etcdã«ä¿å˜ã•ã‚Œã¦ã„ã‚‹ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼çŠ¶æ…‹ã®çµæžœæ•´åˆæ€§ã‚’ä¿ã¤ã‚ãƒ£ãƒƒã‚·ãƒ¥ãƒ¬ã‚¤ãƒ¤ãƒ¼ã§ã€kube-apiserverå†…éƒ¨ã§å‹•ä½œã—ã¾ã™ã€‚ ã“ã‚Œã¾ã§ã€kube-apiserverã®èµ·å‹•æ™‚ã«Watchã‚ãƒ£ãƒƒã‚·ãƒ¥ãŒã¾ã åˆæœŸåŒ–ã•ã‚Œã¦ã„ãªã„å ´åˆã‚„ã€Watchã‚ãƒ£ãƒƒã‚·ãƒ¥ã®å†åˆæœŸåŒ–ãŒå¿…è¦ãªå ´åˆã«å•é¡ŒãŒç™ºç”Ÿã™ã‚‹ã“ã¨ãŒã‚ã‚Šã¾ã—ãŸã€‚

ã“ã‚Œã‚‰ã®å•é¡Œã«å¯¾å‡¦ã™ã‚‹ãŸã‚ã€Watchã‚ãƒ£ãƒƒã‚·ãƒ¥ã®åˆæœŸåŒ–ãƒ—ãƒã‚»ã‚¹ãŒéšœå®³ã«å¯¾ã—ã¦ã‚ˆã‚Šå›žå¾©åŠ›ã®ã‚ã‚‹ã‚‚ã®ã«æ”¹å–„ã•ã‚Œã€ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ«ãƒ—ãƒ¬ãƒ¼ãƒ³ã®å …ç‰¢æ€§ãŒå‘ä¸Šã—ã€ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ã‚„ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆãŒç¢ºå®Ÿã«Watchã‚’ç¢ºç«‹ã§ãã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã—ãŸã€‚ã“ã®æ”¹å–„ã¯v1.31ã§ãƒ™ãƒ¼ã‚¿ã¨ã—ã¦å°Žå…¥ã•ã‚Œã€ç¾åœ¨ã¯GAã¨ãªã£ã¦ã„ã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯SIG API Machineryã¨SIG ScalabilityãŒä¸»å°Žã—ãŸKEP #4568ã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

DNSæ¤œç´¢ãƒ‘ã‚¹æ¤œè¨¼ã®ç·©å’Œ

ã“ã‚Œã¾ã§ã€Podã®DNS searchãƒ‘ã‚¹ã«å¯¾ã™ã‚‹åŽ³æ ¼ãªæ¤œè¨¼ã¯ã€è¤‡é›‘ãªãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ç’°å¢ƒã‚„ãƒ¬ã‚¬ã‚·ãƒ¼ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ç’°å¢ƒã§ã®çµ±åˆã«ãŠã„ã¦å•é¡ŒãŒç™ºç”Ÿã™ã‚‹ã“ã¨ãŒã‚ˆãã‚ã‚Šã¾ã—ãŸã€‚ ã“ã®åˆ¶é™ã«ã‚ˆã‚Šã€çµ„ç¹”ã®ã‚¤ãƒ³ãƒ•ãƒ©ã‚¹ãƒˆãƒ©ã‚¯ãƒãƒ£ã«å¿…è¦ãªè¨å®šãŒãƒ–ãƒãƒƒã‚¯ã•ã‚Œã€ç®¡ç†è€…ã¯å›°é›£ãªå›žé¿ç–ã®å®Ÿè£…ã‚’å¼·ã„ã‚‰ã‚Œã¦ã„ã¾ã—ãŸã€‚
ã“ã®å•é¡Œã«å¯¾å‡¦ã™ã‚‹ãŸã‚ã€ç·©å’Œã•ã‚ŒãŸDNSæ¤œè¨¼ãŒv1.32ã§ã‚¢ãƒ«ãƒ•ã‚¡ã¨ã—ã¦å°Žå…¥ã•ã‚Œã€v1.34ã§GAã«æ˜‡æ ¼ã—ã¾ã—ãŸã€‚ ä¸€èˆ¬çš„ãªãƒ¦ãƒ¼ã‚¹ã‚±ãƒ¼ã‚¹ã¨ã—ã¦ã€PodãŒå†…éƒ¨ã®Kubernetesã‚µãƒ¼ãƒ“ã‚¹ã¨å¤–éƒ¨ãƒ‰ãƒ¡ã‚¤ãƒ³ã®ä¸¡æ–¹ã¨é€šä¿¡ã™ã‚‹å¿…è¦ãŒã‚ã‚‹å ´åˆãŒã‚ã‚Šã¾ã™ã€‚ Podã®.spec.dnsConfigã®searchesãƒªã‚¹ãƒˆã®æœ€åˆã®ã‚¨ãƒ³ãƒˆãƒªã«å˜ä¸€ã®ãƒ‰ãƒƒãƒˆ(.)ã‚’è¨å®šã™ã‚‹ã“ã¨ã§ã€ã‚·ã‚¹ãƒ†ãƒ ã®ãƒªã‚¾ãƒ«ãƒãƒ¼ãŒã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã®å†…éƒ¨æ¤œç´¢ãƒ‰ãƒ¡ã‚¤ãƒ³ã‚’å¤–éƒ¨ã‚¯ã‚¨ãƒªã«è¿½åŠ ã™ã‚‹ã“ã¨ã‚’é˜²ã’ã¾ã™ã€‚ ã“ã‚Œã«ã‚ˆã‚Šã€å¤–éƒ¨ãƒ›ã‚¹ãƒˆåã«å¯¾ã™ã‚‹ä¸è¦ãªå†…éƒ¨DNSã‚µãƒ¼ãƒãƒ¼ã¸ã®DNSãƒªã‚¯ã‚¨ã‚¹ãƒˆã®ç”Ÿæˆã‚’å›žé¿ã—ã€åŠ¹çŽ‡ã‚’å‘ä¸Šã•ã›ã€æ½œåœ¨çš„ãªåå‰è§£æ±ºã‚¨ãƒ©ãƒ¼ã‚’é˜²ãŽã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯SIG NetworkãŒä¸»å°Žã—ãŸKEP #4427ã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

Windows `kube-proxy`ã«ãŠã‘ã‚‹Direct Service Return(DSR)ã®ã‚µãƒãƒ¼ãƒˆ

DSRã¯ã€ãƒãƒ¼ãƒ‰ãƒãƒ©ãƒ³ã‚µãƒ¼ã‚’çµŒç”±ã—ãŸãƒªã‚¿ãƒ¼ãƒ³ãƒˆãƒ©ãƒ•ã‚£ãƒƒã‚¯ãŒãƒãƒ¼ãƒ‰ãƒãƒ©ãƒ³ã‚µãƒ¼ã‚’ãƒã‚¤ãƒ‘ã‚¹ã—ã¦ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆã«ç›´æŽ¥å¿œç”ã§ãã‚‹ã‚ˆã†ã«ã™ã‚‹ã“ã¨ã§ã€ãƒ‘ãƒ•ã‚©ãƒ¼ãƒžãƒ³ã‚¹ã‚’æœ€é©åŒ–ã—ã¾ã™ã€‚ ã“ã‚Œã«ã‚ˆã‚Šã€ãƒãƒ¼ãƒ‰ãƒãƒ©ãƒ³ã‚µãƒ¼ã®è² è·ãŒè»½æ¸›ã•ã‚Œã€å…¨ä½“çš„ãªãƒ¬ã‚¤ãƒ†ãƒ³ã‚·ãƒ¼ãŒæ”¹å–„ã•ã‚Œã¾ã™ã€‚ Windowsä¸Šã®DSRã®è©³ç´°ã«ã¤ã„ã¦ã¯ã€Direct Server Return (DSR) in a nutshellã‚’ã”è¦§ãã ã•ã„ã€‚
v1.14ã§æœ€åˆã«å°Žå…¥ã•ã‚ŒãŸã“ã®æ©Ÿèƒ½ã¯ã€v1.34ã§GAã«æ˜‡æ ¼ã—ã¾ã—ãŸã€‚

ã“ã®ä½œæ¥ã¯SIG WindowsãŒä¸»å°Žã—ãŸKEP #5100ã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

ã‚³ãƒ³ãƒ†ãƒŠãƒ©ã‚¤ãƒ•ã‚µã‚¤ã‚¯ãƒ«ãƒ•ãƒƒã‚¯ã®Sleepã‚¢ã‚¯ã‚·ãƒ§ãƒ³

ã‚³ãƒ³ãƒ†ãƒŠã®PreStopãŠã‚ˆã³PostStartãƒ©ã‚¤ãƒ•ã‚µã‚¤ã‚¯ãƒ«ãƒ•ãƒƒã‚¯ã«Sleepã‚¢ã‚¯ã‚·ãƒ§ãƒ³ãŒå°Žå…¥ã•ã‚Œã€å®‰å…¨ãªçµ‚äº†ã®ç®¡ç†ã¨ã‚³ãƒ³ãƒ†ãƒŠãƒ©ã‚¤ãƒ•ã‚µã‚¤ã‚¯ãƒ«ç®¡ç†å…¨ä½“ã‚’æ”¹å–„ã™ã‚‹ç°¡å˜ãªæ–¹æ³•ãŒæä¾›ã•ã‚Œã¾ã—ãŸã€‚
Sleepã‚¢ã‚¯ã‚·ãƒ§ãƒ³ã«ã‚ˆã‚Šã€ã‚³ãƒ³ãƒ†ãƒŠã¯èµ·å‹•å¾Œã¾ãŸã¯çµ‚äº†å‰ã«æŒ‡å®šã•ã‚ŒãŸæ™‚é–“ã ã‘ä¸€æ™‚åœæ¢ã§ãã¾ã™ã€‚ è² ã®å€¤ã¾ãŸã¯ã‚¼ãƒã®ã‚¹ãƒªãƒ¼ãƒ—æ™‚é–“ã‚’ä½¿ç”¨ã™ã‚‹ã¨ã€ã™ãã«æˆ»ã‚Šã€çµæžœçš„ã«ä½•ã‚‚å®Ÿè¡Œã—ãªã„(no-op)å‹•ä½œã¨ãªã‚Šã¾ã™ã€‚
Sleepã‚¢ã‚¯ã‚·ãƒ§ãƒ³ã¯ã€Kubernetes v1.29ã§å°Žå…¥ã•ã‚Œã€v1.32ã§ã‚¼ãƒå€¤ã®ã‚µãƒãƒ¼ãƒˆãŒè¿½åŠ ã•ã‚Œã¾ã—ãŸã€‚ ä¸¡æ–¹ã®æ©Ÿèƒ½ãŒv1.34ã§GAã«æ˜‡æ ¼ã—ã¾ã—ãŸã€‚

ã“ã®ä½œæ¥ã¯SIG NodeãŒä¸»å°Žã—ãŸKEP #3960ãŠã‚ˆã³KEP #4818ã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

LinuxãƒŽãƒ¼ãƒ‰ã§ã®ã‚¹ãƒ¯ãƒƒãƒ—æ©Ÿèƒ½ã®ã‚µãƒãƒ¼ãƒˆ

ã“ã‚Œã¾ã§ã€Kubernetesã§ã‚¹ãƒ¯ãƒƒãƒ—æ©Ÿèƒ½ã‚µãƒãƒ¼ãƒˆãŒãªã‹ã£ãŸãŸã‚ã€ãƒ¡ãƒ¢ãƒªä¸è¶³ã«é™¥ã£ãŸãƒŽãƒ¼ãƒ‰ã§ã¯ãƒ—ãƒã‚»ã‚¹ã‚’çªç„¶çµ‚äº†ã•ã›ã–ã‚‹ã‚’å¾—ãšã€ãƒ¯ãƒ¼ã‚¯ãƒãƒ¼ãƒ‰ãŒä¸å®‰å®šã«ãªã‚‹ã“ã¨ãŒã‚ˆãã‚ã‚Šã¾ã—ãŸã€‚ ã“ã®å•é¡Œã¯ç‰¹ã«ã€å¤§å®¹é‡ã ãŒã‚¢ã‚¯ã‚»ã‚¹é »åº¦ã®ä½Žã„ãƒ¡ãƒ¢ãƒªãƒ•ãƒƒãƒˆãƒ—ãƒªãƒ³ãƒˆã‚’æŒã¤ã‚¢ãƒ—ãƒªã‚±ãƒ¼ã‚·ãƒ§ãƒ³ã«å½±éŸ¿ã—ã€ã‚ˆã‚ŠæŸ”è»Ÿãªãƒªã‚½ãƒ¼ã‚¹ç®¡ç†ã‚’å¦¨ã’ã¦ã„ã¾ã—ãŸã€‚

ã“ã®å•é¡Œã«å¯¾å‡¦ã™ã‚‹ãŸã‚ã€ãƒŽãƒ¼ãƒ‰ã”ã¨ã«è¨å®šå¯èƒ½ãªã‚¹ãƒ¯ãƒƒãƒ—æ©Ÿèƒ½ã®ã‚µãƒãƒ¼ãƒˆãŒv1.22ã§å°Žå…¥ã•ã‚Œã¾ã—ãŸã€‚ ã‚¢ãƒ«ãƒ•ã‚¡ç‰ˆã¨ãƒ™ãƒ¼ã‚¿ç‰ˆã®æ®µéšŽã‚’çµŒã¦ã€v1.34ã§GAã«æ˜‡æ ¼ã—ã¾ã—ãŸã€‚ ä¸»è¦ãªãƒ¢ãƒ¼ãƒ‰ã§ã‚ã‚‹LimitedSwapã§ã¯ã€PodãŒæ—¢å˜ã®ãƒ¡ãƒ¢ãƒªåˆ¶é™å†…ã§ã‚¹ãƒ¯ãƒƒãƒ—ã‚’ä½¿ç”¨ã§ãã€å•é¡Œã«å¯¾ã™ã‚‹ç›´æŽ¥çš„ãªè§£æ±ºç–ã‚’æä¾›ã—ã¾ã™ã€‚ ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã§ã¯ã€kubeletã¯NoSwapãƒ¢ãƒ¼ãƒ‰ã§è¨å®šã•ã‚Œã¦ãŠã‚Šã€Kubernetesãƒ¯ãƒ¼ã‚¯ãƒãƒ¼ãƒ‰ã¯ã‚¹ãƒ¯ãƒƒãƒ—ã‚’ä½¿ç”¨ã§ãã¾ã›ã‚“ã€‚

ã“ã®æ©Ÿèƒ½ã«ã‚ˆã‚Šã€ãƒ¯ãƒ¼ã‚¯ãƒãƒ¼ãƒ‰ã®å®‰å®šæ€§ãŒå‘ä¸Šã—ã€ãƒªã‚½ãƒ¼ã‚¹ä½¿ç”¨çŽ‡ãŒã‚ˆã‚ŠåŠ¹çŽ‡çš„ã«ãªã‚Šã¾ã™ã€‚ ãƒªã‚½ãƒ¼ã‚¹ã«åˆ¶ç´„ã®ã‚ã‚‹ç’°å¢ƒã§ã€ã‚ˆã‚Šå¤šæ§˜ãªã‚¢ãƒ—ãƒªã‚±ãƒ¼ã‚·ãƒ§ãƒ³ã‚’ã‚µãƒãƒ¼ãƒˆã§ãã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã™ãŒã€ç®¡ç†è€…ã¯ã‚¹ãƒ¯ãƒƒãƒ—ä½¿ç”¨ã«ã‚ˆã‚‹æ½œåœ¨çš„ãªãƒ‘ãƒ•ã‚©ãƒ¼ãƒžãƒ³ã‚¹ã¸ã®å½±éŸ¿ã‚’è€ƒæ…®ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯SIG NodeãŒä¸»å°Žã—ãŸKEP #2400ã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

ç’°å¢ƒå¤‰æ•°ã§ã®ç‰¹æ®Šæ–‡å—ã®è¨±å¯

Kubernetesã®ç’°å¢ƒå¤‰æ•°æ¤œè¨¼ãƒ«ãƒ¼ãƒ«ãŒç·©å’Œã•ã‚Œã€=ã‚’é™¤ãã»ã¼ã™ã¹ã¦ã®å°å—å¯èƒ½ãªASCIIæ–‡å—ã‚’å¤‰æ•°åã§ä½¿ç”¨ã§ãã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã—ãŸã€‚ ã“ã®å¤‰æ›´ã«ã‚ˆã‚Šã€éžæ¨™æº–çš„ãªæ–‡å—ã‚’å¤‰æ•°åã«å¿…è¦ã¨ã™ã‚‹ãƒ¯ãƒ¼ã‚¯ãƒãƒ¼ãƒ‰ã®ã‚·ãƒŠãƒªã‚ªã‚’ã‚µãƒãƒ¼ãƒˆã—ã¾ã™ã€‚ ä¾‹ãˆã°ã€.NET Coreã®ã‚ˆã†ãªãƒ•ãƒ¬ãƒ¼ãƒ ãƒ¯ãƒ¼ã‚¯ã§ã¯ã€ãƒã‚¹ãƒˆã•ã‚ŒãŸè¨å®šã‚ãƒ¼ã‚’è¡¨ã™ãŸã‚ã«:ã‚’ä½¿ç”¨ã—ã¾ã™ã€‚

ç·©å’Œã•ã‚ŒãŸæ¤œè¨¼ã¯ã€Podä»•æ§˜ã§ç›´æŽ¥å®šç¾©ã•ã‚ŒãŸç’°å¢ƒå¤‰æ•°ã ã‘ã§ãªãã€ConfigMapã‚„Secretã¸ã®envFromå‚ç…§ã‚’ä½¿ç”¨ã—ã¦æ³¨å…¥ã•ã‚ŒãŸç’°å¢ƒå¤‰æ•°ã«ã‚‚é©ç”¨ã•ã‚Œã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯SIG NodeãŒä¸»å°Žã—ãŸKEP #4369ã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

Taintç®¡ç†ã®Nodeãƒ©ã‚¤ãƒ•ã‚µã‚¤ã‚¯ãƒ«ã‹ã‚‰ã®åˆ†é›¢

ã“ã‚Œã¾ã§ã€TaintManagerãŒãƒŽãƒ¼ãƒ‰ã®çŠ¶æ…‹(NotReadyã€Unreachableãªã©)ã«åŸºã¥ã„ã¦NoScheduleã‚„NoExecute taintã‚’é©ç”¨ã™ã‚‹ãƒã‚¸ãƒƒã‚¯ã¯ã€ãƒŽãƒ¼ãƒ‰ã®ãƒ©ã‚¤ãƒ•ã‚µã‚¤ã‚¯ãƒ«ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ã¨å¯†æŽ¥ã«çµåˆã—ã¦ã„ã¾ã—ãŸã€‚ ã“ã®å¯†çµåˆã«ã‚ˆã‚Šã€ã‚³ãƒ¼ãƒ‰ã®ä¿å®ˆæ€§ã¨ãƒ†ã‚¹ãƒˆãŒå›°é›£ã«ãªã‚Šã€taintãƒ™ãƒ¼ã‚¹ã®é€€é¿ãƒ¡ã‚«ãƒ‹ã‚ºãƒ ã®æŸ”è»Ÿæ€§ã‚‚åˆ¶é™ã•ã‚Œã¦ã„ã¾ã—ãŸã€‚ ã“ã®KEPã§ã¯ã€TaintManagerã‚’Kubernetesã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ãƒžãƒãƒ¼ã‚¸ãƒ£ãƒ¼å†…ã®ç‹¬ç«‹ã—ãŸã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ã¨ã—ã¦ãƒªãƒ•ã‚¡ã‚¯ã‚¿ãƒªãƒ³ã‚°ã—ã¾ã™ã€‚ ã“ã‚Œã¯ã‚³ãƒ¼ãƒ‰ã®ãƒ¢ã‚¸ãƒ¥ãƒ¼ãƒ«æ€§ã¨ä¿å®ˆæ€§ã‚’å‘ä¸Šã•ã›ã‚‹ãŸã‚ã®å†…éƒ¨çš„ãªã‚¢ãƒ¼ã‚ãƒ†ã‚¯ãƒãƒ£ã®æ”¹å–„ã§ã™ã€‚ ã“ã®å¤‰æ›´ã«ã‚ˆã‚Šã€taintãƒ™ãƒ¼ã‚¹ã®é€€é¿ãƒã‚¸ãƒƒã‚¯ã‚’ç‹¬ç«‹ã—ã¦ãƒ†ã‚¹ãƒˆã—ã€ç™ºå±•ã•ã›ã‚‹ã“ã¨ãŒã§ãã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã™ãŒã€taintã®ä½¿ç”¨æ–¹æ³•ã«å¯¾ã™ã‚‹ãƒ¦ãƒ¼ã‚¶ãƒ¼å‘ã‘ã®ç›´æŽ¥çš„ãªå½±éŸ¿ã¯ã‚ã‚Šã¾ã›ã‚“ã€‚

ã“ã®ä½œæ¥ã¯SIG Schedulingã¨SIG NodeãŒä¸»å°Žã—ãŸKEP #3902ã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

ãƒ™ãƒ¼ã‚¿ã®æ–°æ©Ÿèƒ½

ã“ã‚Œã¯v1.34ã®ãƒªãƒªãƒ¼ã‚¹å¾Œã«ãƒ™ãƒ¼ã‚¿ã¨ãªã£ãŸæ”¹å–„ç‚¹ã®ä¸€éƒ¨ã§ã™ã€‚

Podãƒ¬ãƒ™ãƒ«ã®ãƒªã‚½ãƒ¼ã‚¹è¦æ±‚ã¨åˆ¶é™

è¤‡æ•°ã®ã‚³ãƒ³ãƒ†ãƒŠã‚’æŒã¤Podã®ãƒªã‚½ãƒ¼ã‚¹è¦æ±‚ã‚’å®šç¾©ã™ã‚‹ã“ã¨ã¯ã€ã“ã‚Œã¾ã§å›°é›£ã§ã—ãŸã€‚ è¦æ±‚ã¨åˆ¶é™ã¯ã‚³ãƒ³ãƒ†ãƒŠã”ã¨ã«ã—ã‹è¨å®šã§ããªã‹ã£ãŸãŸã‚ã€é–‹ç™ºè€…ã¯å„ã‚³ãƒ³ãƒ†ãƒŠã«éŽå‰°ãªãƒªã‚½ãƒ¼ã‚¹ã‚’å‰²ã‚Šå½“ã¦ã‚‹ã‹ã€å¿…è¦ãªãƒªã‚½ãƒ¼ã‚¹ç·é‡ã‚’ç´°ã‹ãåˆ†å‰²ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã—ãŸã€‚ ã“ã‚Œã«ã‚ˆã‚Šè¨å®šãŒè¤‡é›‘ã«ãªã‚Šã€éžåŠ¹çŽ‡çš„ãªãƒªã‚½ãƒ¼ã‚¹å‰²ã‚Šå½“ã¦ã«ã¤ãªãŒã‚‹ã“ã¨ãŒã‚ˆãã‚ã‚Šã¾ã—ãŸã€‚ ã“ã®å•é¡Œã‚’ç°¡ç´ åŒ–ã™ã‚‹ãŸã‚ã€Podãƒ¬ãƒ™ãƒ«ã§ãƒªã‚½ãƒ¼ã‚¹è¦æ±‚ã¨åˆ¶é™ã‚’æŒ‡å®šã§ãã‚‹æ©Ÿèƒ½ãŒå°Žå…¥ã•ã‚Œã¾ã—ãŸã€‚ ã“ã‚Œã«ã‚ˆã‚Šã€é–‹ç™ºè€…ã¯Podå…¨ä½“ã®ãƒªã‚½ãƒ¼ã‚¹äºˆç®—ã‚’å®šç¾©ã—ã€ãã‚Œã‚’æ§‹æˆã™ã‚‹ã‚³ãƒ³ãƒ†ãƒŠé–“ã§å…±æœ‰ã§ãã¾ã™ã€‚ ã“ã®æ©Ÿèƒ½ã¯v1.32ã§ã‚¢ãƒ«ãƒ•ã‚¡ã¨ã—ã¦å°Žå…¥ã•ã‚Œã€v1.34ã§ãƒ™ãƒ¼ã‚¿ã«æ˜‡æ ¼ã—ã€HPAã‚‚Podãƒ¬ãƒ™ãƒ«ã®ãƒªã‚½ãƒ¼ã‚¹æŒ‡å®šã‚’ã‚µãƒãƒ¼ãƒˆã™ã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã—ãŸã€‚ ä¸»ãªåˆ©ç‚¹ã¯ã€ãƒžãƒ«ãƒã‚³ãƒ³ãƒ†ãƒŠPodã®ãƒªã‚½ãƒ¼ã‚¹ç®¡ç†ãŒã‚ˆã‚Šç›´æ„Ÿçš„ã§ç°¡å˜ã«ãªã‚‹ã“ã¨ã§ã™ã€‚ ã™ã¹ã¦ã®ã‚³ãƒ³ãƒ†ãƒŠãŒä½¿ç”¨ã™ã‚‹ãƒªã‚½ãƒ¼ã‚¹ã®åˆè¨ˆãŒPodã®å®šç¾©ã•ã‚ŒãŸåˆ¶é™ã‚’è¶…ãˆãªã„ã“ã¨ãŒä¿è¨¼ã•ã‚Œã¾ã™ã€‚ ã“ã‚Œã«ã‚ˆã‚Šã€ãƒªã‚½ãƒ¼ã‚¹è¨ˆç”»ã®æ”¹å–„ã€ã‚ˆã‚Šæ£ç¢ºãªã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒªãƒ³ã‚°ã€ãã—ã¦ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ãƒªã‚½ãƒ¼ã‚¹ã®åŠ¹çŽ‡çš„ãªåˆ©ç”¨ãŒå®Ÿç¾ã•ã‚Œã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯SIG Schedulingã¨SIG AutoscalingãŒä¸»å°Žã—ãŸKEP #2837ã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

`kubectl`å‘ã‘ãƒ¦ãƒ¼ã‚¶ãƒ¼è¨å®šã®ãŸã‚ã®`.kuberc`ãƒ•ã‚¡ã‚¤ãƒ«

.kubercè¨å®šãƒ•ã‚¡ã‚¤ãƒ«ã«ã‚ˆã‚Šã€ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã‚ªãƒ—ã‚·ãƒ§ãƒ³ã‚„ã‚³ãƒžãƒ³ãƒ‰ã‚¨ã‚¤ãƒªã‚¢ã‚¹ãªã©ã€kubectlã®è¨å®šã‚’å®šç¾©ã§ãã¾ã™ã€‚ kubeconfigãƒ•ã‚¡ã‚¤ãƒ«ã¨ã¯ç•°ãªã‚Šã€.kubercè¨å®šãƒ•ã‚¡ã‚¤ãƒ«ã«ã¯ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã®è©³ç´°ã€ãƒ¦ãƒ¼ã‚¶ãƒ¼åã€ãƒ‘ã‚¹ãƒ¯ãƒ¼ãƒ‰ã¯å«ã¾ã‚Œã¾ã›ã‚“ã€‚
ã“ã®æ©Ÿèƒ½ã¯ã‚¢ãƒ«ãƒ•ã‚¡ã¨ã—ã¦v1.33ã§å°Žå…¥ã•ã‚Œã€ç’°å¢ƒå¤‰æ•°KUBECTL_KUBERCã§æœ‰åŠ¹ã«ã™ã‚‹ã“ã¨ã§åˆ©ç”¨ã§ãã¾ã™ã€‚ v1.34ã§ãƒ™ãƒ¼ã‚¿ã«æ˜‡æ ¼ã—ã€ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã§æœ‰åŠ¹ã«ãªã£ã¦ã„ã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯SIG CLIãŒä¸»å°Žã—ãŸKEP #3104ã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

å¤–éƒ¨ServiceAccountã®ãƒˆãƒ¼ã‚¯ãƒ³ç½²å

ã“ã‚Œã¾ã§ã€Kubernetesã¯ServiceAccountãƒˆãƒ¼ã‚¯ãƒ³ã‚’ã€kube-apiserverã®èµ·å‹•æ™‚ã«ãƒ‡ã‚£ã‚¹ã‚¯ã‹ã‚‰èªã¿è¾¼ã¾ã‚Œã‚‹é™çš„ãªç½²åéµã‚’ä½¿ç”¨ã—ã¦ç®¡ç†ã—ã¦ã„ã¾ã—ãŸã€‚ ã“ã®æ©Ÿèƒ½ã§ã¯ã€ãƒ—ãƒã‚»ã‚¹å¤–ç½²åã®ãŸã‚ã®ExternalJWTSigner gRPCã‚µãƒ¼ãƒ“ã‚¹ãŒå°Žå…¥ã•ã‚Œã¾ã™ã€‚ ã“ã‚Œã«ã‚ˆã‚Šã€Kubernetesãƒ‡ã‚£ã‚¹ãƒˆãƒªãƒ“ãƒ¥ãƒ¼ã‚·ãƒ§ãƒ³ã¯ã€é™çš„ãªãƒ‡ã‚£ã‚¹ã‚¯ãƒ™ãƒ¼ã‚¹ã®éµã®ä»£ã‚ã‚Šã«å¤–éƒ¨éµç®¡ç†ã‚½ãƒªãƒ¥ãƒ¼ã‚·ãƒ§ãƒ³(HSMã€ã‚¯ãƒ©ã‚¦ãƒ‰KMSãªã©)ã‚’ä½¿ç”¨ã—ã¦ServiceAccountãƒˆãƒ¼ã‚¯ãƒ³ã®ç½²åã‚’è¡Œãˆã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã™ã€‚

v1.32ã§ã‚¢ãƒ«ãƒ•ã‚¡ã¨ã—ã¦å°Žå…¥ã•ã‚ŒãŸã“ã®å¤–éƒ¨JWTã®ç½²åæ©Ÿèƒ½ã¯ã€v1.34ã§ãƒ™ãƒ¼ã‚¿ã«é€²ã¿ã€ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã§æœ‰åŠ¹ã«ãªã£ã¦ã„ã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯SIG AuthãŒä¸»å°Žã—ãŸKEP #740ã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

ãƒ™ãƒ¼ã‚¿ç‰ˆã®DRAæ©Ÿèƒ½

ã‚»ã‚ãƒ¥ã‚¢ãªãƒªã‚½ãƒ¼ã‚¹ãƒ¢ãƒ‹ã‚¿ãƒªãƒ³ã‚°ã®ãŸã‚ã®ç®¡ç†è€…ã‚¢ã‚¯ã‚»ã‚¹

DRAã¯ã€ResourceClaimã¾ãŸã¯ResourceClaimTemplateã®adminAccessãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã‚’é€šã˜ã¦ã€åˆ¶å¾¡ã•ã‚ŒãŸç®¡ç†è€…ã‚¢ã‚¯ã‚»ã‚¹ã‚’ã‚µãƒãƒ¼ãƒˆã—ã¾ã™ã€‚ ã“ã‚Œã«ã‚ˆã‚Šã€ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼é‹ç”¨è€…ã¯ä»–ã®ãƒ¦ãƒ¼ã‚¶ãƒ¼ãŒä½¿ç”¨ä¸ã®ãƒ‡ãƒã‚¤ã‚¹ã«ãƒ¢ãƒ‹ã‚¿ãƒªãƒ³ã‚°ã‚„è¨ºæ–ã®ãŸã‚ã«ã‚¢ã‚¯ã‚»ã‚¹ã§ãã¾ã™ã€‚ ã“ã®ç‰¹æ¨©ãƒ¢ãƒ¼ãƒ‰ã¯ã€resource.k8s.io/admin-access: "true"ã§ãƒ©ãƒ™ãƒ«ä»˜ã‘ã•ã‚ŒãŸåå‰ç©ºé–“ã§ãã®ã‚ˆã†ãªã‚ªãƒ–ã‚¸ã‚§ã‚¯ãƒˆã‚’ä½œæˆã™ã‚‹æ¨©é™ã‚’æŒã¤ãƒ¦ãƒ¼ã‚¶ãƒ¼ã«é™å®šã•ã‚Œã¾ã™ã€‚ ã“ã‚Œã«ã‚ˆã‚Šã€é€šå¸¸ã®ãƒ¯ãƒ¼ã‚¯ãƒãƒ¼ãƒ‰ã¯å½±éŸ¿ã‚’å—ã‘ã¾ã›ã‚“ã€‚ v1.34ã§ãƒ™ãƒ¼ã‚¿ã«æ˜‡æ ¼ã—ãŸã“ã®æ©Ÿèƒ½ã¯ã€åå‰ç©ºé–“ãƒ™ãƒ¼ã‚¹ã®èªå¯ãƒã‚§ãƒƒã‚¯ã‚’é€šã˜ã¦ãƒ¯ãƒ¼ã‚¯ãƒãƒ¼ãƒ‰ã®åˆ†é›¢ã‚’ä¿ã¡ãªãŒã‚‰ã€ã‚»ã‚ãƒ¥ã‚¢ãªå†…éƒ¨ç›£è¦–æ©Ÿèƒ½ã‚’æä¾›ã—ã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯WG Device Managementã¨SIG AuthãŒä¸»å°Žã—ãŸKEP #5018ã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

ResourceClaimã¨ResourceClaimTemplateã«ãŠã‘ã‚‹å„ªå…ˆé †ä½ä»˜ãã®ä»£æ›¿æ¡ˆ

ãƒ¯ãƒ¼ã‚¯ãƒãƒ¼ãƒ‰ã¯å˜ä¸€ã®é«˜æ€§èƒ½GPUã§æœ€é©ã«å‹•ä½œã™ã‚‹ã‹ã‚‚ã—ã‚Œã¾ã›ã‚“ãŒã€2ã¤ã®ä¸ç´šGPUã§ã‚‚å‹•ä½œå¯èƒ½ãªå ´åˆãŒã‚ã‚Šã¾ã™ã€‚
ãƒ•ã‚£ãƒ¼ãƒãƒ£ãƒ¼ã‚²ãƒ¼ãƒˆã®DRAPrioritizedList(ç¾åœ¨ã¯ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã§æœ‰åŠ¹)ã«ã‚ˆã‚Šã€ResourceClaimã¨ResourceClaimTemplateã«æ–°ã—ã„firstAvailableãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ãŒè¿½åŠ ã•ã‚Œã¾ã™ã€‚ ã“ã®ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã¯é †åºä»˜ããƒªã‚¹ãƒˆã§ã€ãƒªã‚¯ã‚¨ã‚¹ãƒˆãŒæ§˜ã€…ãªæ–¹æ³•ã§æº€ãŸã•ã‚Œã‚‹å¯èƒ½æ€§ãŒã‚ã‚‹ã“ã¨ã‚’æŒ‡å®šã§ãã¾ã™ã€‚ ç‰¹å®šã®ãƒãƒ¼ãƒ‰ã‚¦ã‚§ã‚¢ãŒåˆ©ç”¨ã§ããªã„å ´åˆã¯ä½•ã‚‚å‰²ã‚Šå½“ã¦ãªã„ã¨ã„ã†é¸æŠžã‚‚å«ã¾ã‚Œã¾ã™ã€‚ ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ©ãƒ¼ã¯ãƒªã‚¹ãƒˆå†…ã®ä»£æ›¿æ¡ˆã‚’é †ç•ªã«æº€ãŸãã†ã¨ã™ã‚‹ãŸã‚ã€ãƒ¯ãƒ¼ã‚¯ãƒãƒ¼ãƒ‰ã«ã¯ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã§åˆ©ç”¨å¯èƒ½ãªæœ€é©ãªãƒ‡ãƒã‚¤ã‚¹ã‚»ãƒƒãƒˆãŒå‰²ã‚Šå½“ã¦ã‚‰ã‚Œã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯WG Device ManagementãŒä¸»å°Žã—ãŸKEP #4816ã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

`kubelet`ã«ã‚ˆã‚‹å‰²ã‚Šå½“ã¦æ¸ˆã¿DRAãƒªã‚½ãƒ¼ã‚¹ã®å ±å‘Š

kubeletã®APIãŒæ›´æ–°ã•ã‚Œã€DRAã‚’é€šã˜ã¦å‰²ã‚Šå½“ã¦ã‚‰ã‚ŒãŸPodãƒªã‚½ãƒ¼ã‚¹ã‚’å ±å‘Šã§ãã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã—ãŸã€‚ ã“ã‚Œã«ã‚ˆã‚Šã€ãƒŽãƒ¼ãƒ‰ã®ãƒ¢ãƒ‹ã‚¿ãƒªãƒ³ã‚°ã‚¨ãƒ¼ã‚¸ã‚§ãƒ³ãƒˆã¯ã€å„ãƒŽãƒ¼ãƒ‰ã§Podã«å‰²ã‚Šå½“ã¦ã‚‰ã‚Œã¦ã„ã‚‹DRAãƒªã‚½ãƒ¼ã‚¹ã‚’æ¤œå‡ºã§ãã¾ã™ã€‚ ã•ã‚‰ã«ã€ãƒŽãƒ¼ãƒ‰ã‚³ãƒ³ãƒãƒ¼ãƒãƒ³ãƒˆã¯PodResourcesAPIã‚’ä½¿ç”¨ã—ã¦ã“ã®DRAæƒ…å ±ã‚’æ´»ç”¨ã—ã€æ–°ã—ã„æ©Ÿèƒ½ã‚„çµ±åˆã‚’é–‹ç™ºã§ãã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã™ã€‚
Kubernetes v1.34ä»¥é™ã€ã“ã®æ©Ÿèƒ½ã¯ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã§æœ‰åŠ¹ã«ãªã£ã¦ã„ã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯WG Device ManagementãŒä¸»å°Žã—ãŸKEP #3695ã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

`kube-scheduler`ã®éžãƒ–ãƒãƒƒã‚ãƒ³ã‚°APIã‚³ãƒ¼ãƒ«

kube-schedulerã¯ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒªãƒ³ã‚°ã‚µã‚¤ã‚¯ãƒ«ä¸ã«ãƒ–ãƒãƒƒã‚ãƒ³ã‚°APIã‚³ãƒ¼ãƒ«ã‚’è¡Œã„ã€ãƒ‘ãƒ•ã‚©ãƒ¼ãƒžãƒ³ã‚¹ã®ãƒœãƒˆãƒ«ãƒãƒƒã‚¯ã‚’ç”Ÿã¿å‡ºã—ã¦ã„ã¾ã—ãŸã€‚ ã“ã®æ©Ÿèƒ½ã§ã¯ã€ãƒªã‚¯ã‚¨ã‚¹ãƒˆé‡è¤‡æŽ’é™¤ã‚’å‚™ãˆãŸå„ªå…ˆåº¦ä»˜ãã‚ãƒ¥ãƒ¼ã‚·ã‚¹ãƒ†ãƒ ã‚’é€šã˜ãŸéžåŒæœŸAPIå‡¦ç†ãŒå°Žå…¥ã•ã‚Œã¾ã™ã€‚ ã“ã‚Œã«ã‚ˆã‚Šã€ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ©ãƒ¼ã¯ãƒãƒƒã‚¯ã‚°ãƒ©ã‚¦ãƒ³ãƒ‰ã§APIæ“ä½œãŒå®Œäº†ã™ã‚‹é–“ã‚‚ã€Podã®å‡¦ç†ã‚’ç¶™ç¶šã§ãã¾ã™ã€‚ ä¸»ãªåˆ©ç‚¹ã¨ã—ã¦ã€ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒªãƒ³ã‚°ãƒ¬ã‚¤ãƒ†ãƒ³ã‚·ãƒ¼ã®å‰Šæ¸›ã€APIé…å»¶æ™‚ã®ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ©ãƒ¼ã‚¹ãƒ¬ãƒƒãƒ‰ã®æž¯æ¸‡é˜²æ¢ã€ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ«ä¸å¯èƒ½ãªPodã®å³åº§ã®å†è©¦è¡Œæ©Ÿèƒ½ãŒã‚ã‚Šã¾ã™ã€‚ ã“ã®å®Ÿè£…ã¯å¾Œæ–¹äº’æ›æ€§ã‚’ç¶æŒã—ã€ä¿ç•™ä¸ã®APIæ“ä½œã‚’ç›£è¦–ã™ã‚‹ãŸã‚ã®ãƒ¡ãƒˆãƒªã‚¯ã‚¹ã‚‚è¿½åŠ ã•ã‚Œã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯SIG SchedulingãŒä¸»å°Žã—ãŸKEP #5229ã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

Mutating Admission Policy

MutatingAdmissionPolicyã¯ã€Mutating Admission Webhookã«å¯¾ã™ã‚‹å®£è¨€çš„ã§ãƒ—ãƒã‚»ã‚¹å†…ã®ä»£æ›¿æ‰‹æ®µã‚’æä¾›ã—ã¾ã™ã€‚ ã“ã®æ©Ÿèƒ½ã¯CELã®ã‚ªãƒ–ã‚¸ã‚§ã‚¯ãƒˆã‚¤ãƒ³ã‚¹ã‚¿ãƒ³ã‚¹åŒ–ã¨JSONã®ãƒ‘ãƒƒãƒæˆ¦ç•¥ã‚’ã€Server-Side Applyã®ãƒžãƒ¼ã‚¸ã‚¢ãƒ«ã‚´ãƒªã‚ºãƒ ã¨çµ„ã¿åˆã‚ã›ã¦æ´»ç”¨ã—ã¾ã™ã€‚
ã“ã‚Œã«ã‚ˆã‚Šã€ç®¡ç†è€…ãŒAPIã‚µãƒ¼ãƒãƒ¼å†…ã§ç›´æŽ¥Mutationãƒ«ãƒ¼ãƒ«ã‚’å®šç¾©ã§ãã‚‹ã‚ˆã†ã«ãªã‚Šã€ã‚¢ãƒ‰ãƒŸãƒƒã‚·ãƒ§ãƒ³åˆ¶å¾¡ãŒå¤§å¹…ã«ç°¡ç´ åŒ–ã•ã‚Œã¾ã™ã€‚
v1.32ã§ã‚¢ãƒ«ãƒ•ã‚¡ã¨ã—ã¦å°Žå…¥ã•ã‚ŒãŸMutating Admission Policyã¯ã€v1.34ã§ãƒ™ãƒ¼ã‚¿ã«æ˜‡æ ¼ã—ã¾ã—ãŸã€‚

ã“ã®ä½œæ¥ã¯SIG API MachineryãŒä¸»å°Žã—ãŸKEP #3962ã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

ã‚¹ãƒŠãƒƒãƒ—ã‚·ãƒ§ãƒƒãƒˆå¯èƒ½ãªAPIã‚µãƒ¼ãƒãƒ¼ã®ã‚ãƒ£ãƒƒã‚·ãƒ¥

kube-apiserverã®ã‚ãƒ£ãƒƒã‚·ãƒ¥ãƒ¡ã‚«ãƒ‹ã‚ºãƒ (Watchã‚ãƒ£ãƒƒã‚·ãƒ¥)ã¯ã€æœ€æ–°ã®è¦³æ¸¬çŠ¶æ…‹ã«å¯¾ã™ã‚‹ãƒªã‚¯ã‚¨ã‚¹ãƒˆã‚’åŠ¹çŽ‡çš„ã«å‡¦ç†ã—ã¾ã™ã€‚ ã—ã‹ã—ã€ä»¥å‰ã®çŠ¶æ…‹ã«å¯¾ã™ã‚‹ list ãƒªã‚¯ã‚¨ã‚¹ãƒˆ(ãƒšãƒ¼ã‚¸ãƒãƒ¼ã‚·ãƒ§ãƒ³ã‚„resourceVersionã®æŒ‡å®šãªã©)ã¯ã€å¤šãã®å ´åˆã“ã®ã‚ãƒ£ãƒƒã‚·ãƒ¥ã‚’ãƒã‚¤ãƒ‘ã‚¹ã—ã€etcdã‹ã‚‰ç›´æŽ¥æä¾›ã•ã‚Œã¾ã™ã€‚ ã“ã®etcdã¸ã®ç›´æŽ¥ã‚¢ã‚¯ã‚»ã‚¹ã¯ã€ãƒ‘ãƒ•ã‚©ãƒ¼ãƒžãƒ³ã‚¹ã‚³ã‚¹ãƒˆã‚’å¤§å¹…ã«å¢—åŠ ã•ã›ã€ç‰¹ã«å¤§è¦æ¨¡ãªãƒªã‚½ãƒ¼ã‚¹ã§ã¯å¤§é‡ã®ãƒ‡ãƒ¼ã‚¿è»¢é€ã«ã‚ˆã‚‹ãƒ¡ãƒ¢ãƒªåœ§è¿«ã‹ã‚‰å®‰å®šæ€§ã®å•é¡Œã‚’å¼•ãèµ·ã“ã™å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã™ã€‚
ListFromCacheSnapshotãƒ•ã‚£ãƒ¼ãƒãƒ£ãƒ¼ã‚²ãƒ¼ãƒˆãŒãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã§æœ‰åŠ¹ã«ãªã‚‹ã“ã¨ã§ã€kube-apiserverã¯è¦æ±‚ã•ã‚ŒãŸresourceVersionã‚ˆã‚Šå¤ã„ã‚¹ãƒŠãƒƒãƒ—ã‚·ãƒ§ãƒƒãƒˆãŒåˆ©ç”¨å¯èƒ½ãªå ´åˆã€ãã“ã‹ã‚‰å¿œç”ã‚’æä¾›ã—ã‚ˆã†ã¨ã—ã¾ã™ã€‚ kube-apiserverã¯æœ€åˆã‚¹ãƒŠãƒƒãƒ—ã‚·ãƒ§ãƒƒãƒˆãŒãªã„çŠ¶æ…‹ã§é–‹å§‹ã—ã€watchã‚¤ãƒ™ãƒ³ãƒˆã”ã¨ã«æ–°ã—ã„ã‚¹ãƒŠãƒƒãƒ—ã‚·ãƒ§ãƒƒãƒˆã‚’ä½œæˆã—ã¾ã™ã€‚ etcdãŒã‚³ãƒ³ãƒ‘ã‚¯ã‚·ãƒ§ãƒ³ã•ã‚ŒãŸã“ã¨ã‚’æ¤œå‡ºã™ã‚‹ã‹ã€75ç§’ã‚ˆã‚Šå¤ã„ã‚¤ãƒ™ãƒ³ãƒˆã§ã‚ãƒ£ãƒƒã‚·ãƒ¥ãŒã„ã£ã±ã„ã«ãªã‚‹ã¾ã§ã€ã‚¹ãƒŠãƒƒãƒ—ã‚·ãƒ§ãƒƒãƒˆã‚’ä¿æŒã—ã¾ã™ã€‚ æŒ‡å®šã•ã‚ŒãŸresourceVersionãŒåˆ©ç”¨ã§ããªã„å ´åˆã€ã‚µãƒ¼ãƒãƒ¼ã¯etcdã«ãƒ•ã‚©ãƒ¼ãƒ«ãƒãƒƒã‚¯ã—ã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯SIG API MachineryãŒä¸»å°Žã—ãŸKEP #4988ã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

Kubernetesãƒã‚¤ãƒ†ã‚£ãƒ–åž‹ã®å®£è¨€çš„æ¤œè¨¼ã®ãŸã‚ã®ãƒ„ãƒ¼ãƒ«

ã“ã®ãƒªãƒªãƒ¼ã‚¹ä»¥å‰ã¯ã€Kubernetesã«çµ„ã¿è¾¼ã¾ã‚ŒãŸAPIã®æ¤œè¨¼ãƒ«ãƒ¼ãƒ«ã¯ã™ã¹ã¦æ‰‹ä½œæ¥ã§æ›¸ã‹ã‚Œã¦ãŠã‚Šã€ãƒ¡ãƒ³ãƒ†ãƒŠãƒ¼ã«ã¨ã£ã¦ç™ºè¦‹ã€ç†è§£ã€æ”¹å–„ã€ãƒ†ã‚¹ãƒˆãŒå›°é›£ã§ã—ãŸã€‚ APIã«é©ç”¨ã•ã‚Œã‚‹å¯èƒ½æ€§ã®ã‚ã‚‹ã™ã¹ã¦ã®æ¤œè¨¼ãƒ«ãƒ¼ãƒ«ã‚’è¦‹ã¤ã‘ã‚‹çµ±ä¸€çš„ãªæ–¹æ³•ã‚‚å˜åœ¨ã—ã¾ã›ã‚“ã§ã—ãŸã€‚ å®£è¨€çš„æ¤œè¨¼ ã«ã‚ˆã‚Šã€APIé–‹ç™ºã€ä¿å®ˆã€ãƒ¬ãƒ“ãƒ¥ãƒ¼ãŒå®¹æ˜“ã«ãªã‚Šã€ã‚ˆã‚Šè‰¯ã„ãƒ„ãƒ¼ãƒ«ã¨ãƒ‰ã‚ãƒ¥ãƒ¡ãƒ³ãƒ†ãƒ¼ã‚·ãƒ§ãƒ³ã®ãŸã‚ã®ãƒ—ãƒã‚°ãƒ©ãƒ çš„ãªæ¤œæŸ»ã‚‚å¯èƒ½ã«ãªã‚Šã¾ã™ã€‚ Kubernetesãƒ©ã‚¤ãƒ–ãƒ©ãƒªã‚’ä½¿ç”¨ã—ã¦ç‹¬è‡ªã®ã‚³ãƒ¼ãƒ‰(ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ãªã©)ã‚’æ›¸ãé–‹ç™ºè€…ã«ã¨ã£ã¦ã‚‚ã€è¤‡é›‘ãªæ¤œè¨¼é–¢æ•°ã§ã¯ãªãIDLã‚¿ã‚°ã‚’é€šã˜ã¦æ–°ã—ã„ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã‚’è¿½åŠ ã§ãã‚‹ãŸã‚ã€ä½œæ¥ãŒç°¡ç´ åŒ–ã•ã‚Œã¾ã™ã€‚ ã“ã®å¤‰æ›´ã¯æ¤œè¨¼ç”¨ã®ãƒœã‚¤ãƒ©ãƒ¼ãƒ—ãƒ¬ãƒ¼ãƒˆ(å®šåž‹ã‚³ãƒ¼ãƒ‰)ã‚’è‡ªå‹•åŒ–ã—ã¦APIä½œæˆã‚’é«˜é€ŸåŒ–ã—ã€ãƒãƒ¼ã‚¸ãƒ§ãƒ³ç®¡ç†ã•ã‚ŒãŸåž‹ã§æ¤œè¨¼ã‚’å®Ÿè¡Œã™ã‚‹ã“ã¨ã§ã‚ˆã‚Šé–¢é€£æ€§ã®é«˜ã„ã‚¨ãƒ©ãƒ¼ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã‚’æä¾›ã—ã¾ã™ã€‚
ã“ã®æ©Ÿèƒ½å¼·åŒ–(v1.33ã§ãƒ™ãƒ¼ã‚¿ã«æ˜‡æ ¼ã—ã€v1.34ã§ã‚‚ãƒ™ãƒ¼ã‚¿ã¨ã—ã¦ç¶™ç¶š)ã¯ã€ãƒã‚¤ãƒ†ã‚£ãƒ–Kubernetesåž‹ã«CELãƒ™ãƒ¼ã‚¹ã®æ¤œè¨¼ãƒ«ãƒ¼ãƒ«ã‚’ã‚‚ãŸã‚‰ã—ã€åž‹å®šç¾©ã«ç›´æŽ¥ã€ã‚ˆã‚Šç´°ã‹ãå®£è¨€çš„ãªæ¤œè¨¼ã‚’å®šç¾©ã§ãã‚‹ã‚ˆã†ã«ã—ã¾ã™ã€‚ ã“ã‚Œã«ã‚ˆã‚ŠAPIã®ä¸€è²«æ€§ã¨é–‹ç™ºè€…ä½“é¨“ãŒå‘ä¸Šã—ã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯SIG API MachineryãŒä¸»å°Žã—ãŸKEP #5073ã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

list ãƒªã‚¯ã‚¨ã‚¹ãƒˆç”¨ã®ã‚¹ãƒˆãƒªãƒ¼ãƒŸãƒ³ã‚°ã‚¤ãƒ³ãƒ•ã‚©ãƒ¼ãƒžãƒ¼

v1.32ä»¥é™ãƒ™ãƒ¼ã‚¿ã¨ãªã£ã¦ã„ã‚‹ã‚¹ãƒˆãƒªãƒ¼ãƒŸãƒ³ã‚°ã‚¤ãƒ³ãƒ•ã‚©ãƒ¼ãƒžãƒ¼æ©Ÿèƒ½ã¯ã€v1.34ã§ã•ã‚‰ãªã‚‹ãƒ™ãƒ¼ã‚¿ã®æ”¹å–„ã‚’ã—ã¾ã—ãŸã€‚ ã“ã®æ©Ÿèƒ½ã«ã‚ˆã‚Šã€list ãƒªã‚¯ã‚¨ã‚¹ãƒˆã¯etcdã‹ã‚‰ç›´æŽ¥ãƒšãƒ¼ã‚¸åŒ–ã•ã‚ŒãŸçµæžœã‚’çµ„ã¿ç«‹ã¦ã‚‹ã®ã§ã¯ãªãã€APIã‚µãƒ¼ãƒãƒ¼ã®Watchã‚ãƒ£ãƒƒã‚·ãƒ¥ã‹ã‚‰ç¶™ç¶šçš„ãªã‚ªãƒ–ã‚¸ã‚§ã‚¯ãƒˆã®ã‚¹ãƒˆãƒªãƒ¼ãƒ ã¨ã—ã¦ãƒ‡ãƒ¼ã‚¿ã‚’è¿”ã™ã“ã¨ãŒã§ãã¾ã™ã€‚ Watchæ“ä½œã«ä½¿ç”¨ã•ã‚Œã‚‹ã®ã¨åŒã˜ãƒ¡ã‚«ãƒ‹ã‚ºãƒ ã‚’å†åˆ©ç”¨ã™ã‚‹ã“ã¨ã§ã€APIã‚µãƒ¼ãƒãƒ¼ã¯å®‰å®šã—ãŸãƒ¡ãƒ¢ãƒªä½¿ç”¨é‡ã‚’ä¿ã¡ãªãŒã‚‰å¤§è¦æ¨¡ãªãƒ‡ãƒ¼ã‚¿ã‚»ãƒƒãƒˆã‚’æä¾›ã§ãã€å®‰å®šæ€§ã«å½±éŸ¿ã‚’ä¸Žãˆã‚‹å‰²ã‚Šå½“ã¦ã®ã‚¹ãƒ‘ã‚¤ã‚¯ã‚’å›žé¿ã§ãã¾ã™ã€‚

ã“ã®ãƒªãƒªãƒ¼ã‚¹ã§ã¯ã€kube-apiserverã¨kube-controller-managerã®ä¸¡æ–¹ãŒãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã§æ–°ã—ã„WatchListãƒ¡ã‚«ãƒ‹ã‚ºãƒ ã‚’æ´»ç”¨ã—ã¾ã™ã€‚ kube-apiserverã§ã¯listãƒªã‚¯ã‚¨ã‚¹ãƒˆãŒã‚ˆã‚ŠåŠ¹çŽ‡çš„ã«ã‚¹ãƒˆãƒªãƒ¼ãƒŸãƒ³ã‚°ã•ã‚Œã€kube-controller-managerã¯ã‚¤ãƒ³ãƒ•ã‚©ãƒ¼ãƒžãƒ¼ã‚’æ‰±ã†ãŸã‚ã®ã‚ˆã‚Šãƒ¡ãƒ¢ãƒªåŠ¹çŽ‡çš„ã§äºˆæ¸¬å¯èƒ½ãªæ–¹æ³•ã®æ©æµã‚’å—ã‘ã¾ã™ã€‚ ã“ã‚Œã‚‰ã®æ”¹å–„ã«ã‚ˆã‚Šã€å¤§è¦æ¨¡ãªlistæ“ä½œä¸ã®ãƒ¡ãƒ¢ãƒªåœ§è¿«ãŒå‰Šæ¸›ã•ã‚Œã€æŒç¶šçš„ãªè² è·ä¸‹ã§ã®ä¿¡é ¼æ€§ãŒå‘ä¸Šã—ã€listã‚¹ãƒˆãƒªãƒ¼ãƒŸãƒ³ã‚°ãŒã‚ˆã‚Šäºˆæ¸¬å¯èƒ½ã§åŠ¹çŽ‡çš„ã«ãªã‚Šã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯SIG API Machineryã¨SIG ScalabilityãŒä¸»å°Žã—ãŸKEP #3157ã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

WindowsãƒŽãƒ¼ãƒ‰ã®å®‰å…¨ãªçµ‚äº†

WindowsãƒŽãƒ¼ãƒ‰ä¸Šã®kubeletãŒã‚·ã‚¹ãƒ†ãƒ ã®ã‚·ãƒ£ãƒƒãƒˆãƒ€ã‚¦ãƒ³ã‚¤ãƒ™ãƒ³ãƒˆã‚’æ¤œå‡ºã—ã€å®Ÿè¡Œä¸ã®Podã®å®‰å…¨ãªçµ‚äº†ã‚’é–‹å§‹ã§ãã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã—ãŸã€‚ ã“ã‚Œã¯Linuxä¸Šã®æ—¢å˜ã®å‹•ä½œã‚’åæ˜ ã—ã¦ãŠã‚Šã€è¨ˆç”»çš„ãªã‚·ãƒ£ãƒƒãƒˆãƒ€ã‚¦ãƒ³ã‚„å†èµ·å‹•æ™‚ã«ãƒ¯ãƒ¼ã‚¯ãƒãƒ¼ãƒ‰ãŒã‚¯ãƒªãƒ¼ãƒ³ã«çµ‚äº†ã™ã‚‹ã“ã¨ã‚’ä¿è¨¼ã—ã¾ã™ã€‚
ã‚·ã‚¹ãƒ†ãƒ ãŒã‚·ãƒ£ãƒƒãƒˆãƒ€ã‚¦ãƒ³ã‚’é–‹å§‹ã™ã‚‹ã¨ã€kubeletã¯æ¨™æº–çš„ãªçµ‚äº†ãƒã‚¸ãƒƒã‚¯ã‚’ä½¿ç”¨ã—ã¦åå¿œã—ã¾ã™ã€‚ è¨å®šã•ã‚ŒãŸãƒ©ã‚¤ãƒ•ã‚µã‚¤ã‚¯ãƒ«ãƒ•ãƒƒã‚¯ã¨çŒ¶äºˆæœŸé–“ã‚’å°Šé‡ã—ã€ãƒŽãƒ¼ãƒ‰ãŒé›»æºã‚ªãƒ•ã«ãªã‚‹å‰ã«Podã«åœæ¢ã™ã‚‹æ™‚é–“ã‚’ä¸Žãˆã¾ã™ã€‚ ã“ã®æ©Ÿèƒ½ã¯Windowsã®ãƒ—ãƒ¬ã‚·ãƒ£ãƒƒãƒˆãƒ€ã‚¦ãƒ³é€šçŸ¥ã«ä¾å˜ã—ã¦ã“ã®ãƒ—ãƒã‚»ã‚¹ã‚’èª¿æ•´ã—ã¾ã™ã€‚ ã“ã®æ©Ÿèƒ½å¼·åŒ–ã«ã‚ˆã‚Šã€ãƒ¡ãƒ³ãƒ†ãƒŠãƒ³ã‚¹ã€å†èµ·å‹•ã€ã¾ãŸã¯ã‚·ã‚¹ãƒ†ãƒ ã‚¢ãƒƒãƒ—ãƒ‡ãƒ¼ãƒˆæ™‚ã®ãƒ¯ãƒ¼ã‚¯ãƒãƒ¼ãƒ‰ã®ä¿¡é ¼æ€§ãŒå‘ä¸Šã—ã¾ã™ã€‚ ç¾åœ¨ãƒ™ãƒ¼ã‚¿ç‰ˆã§ã€ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã§æœ‰åŠ¹ã«ãªã£ã¦ã„ã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯SIG WindowsãŒä¸»å°Žã—ãŸKEP #4802ã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

ã‚¤ãƒ³ãƒ—ãƒ¬ãƒ¼ã‚¹ãªPodã®ãƒªã‚µã‚¤ã‚ºæ©Ÿèƒ½ã®æ”¹å–„

v1.33ã§ãƒ™ãƒ¼ã‚¿ã«æ˜‡æ ¼ã—ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã§æœ‰åŠ¹ã«ãªã£ãŸã‚¤ãƒ³ãƒ—ãƒ¬ãƒ¼ã‚¹ãªPodã®ãƒªã‚µã‚¤ã‚ºæ©Ÿèƒ½ã¯ã€v1.34ã§ã•ã‚‰ãªã‚‹æ”¹å–„ã‚’å—ã‘ã¦ã„ã¾ã™ã€‚ ã“ã‚Œã«ã¯ã€ãƒ¡ãƒ¢ãƒªä½¿ç”¨é‡ã®å‰Šæ¸›ã®ã‚µãƒãƒ¼ãƒˆã¨Podãƒ¬ãƒ™ãƒ«ãƒªã‚½ãƒ¼ã‚¹ã¨ã®çµ±åˆãŒå«ã¾ã‚Œã¾ã™ã€‚

ã“ã®æ©Ÿèƒ½ã¯v1.34ã§ã‚‚ãƒ™ãƒ¼ã‚¿ã®ã¾ã¾ç¶æŒã•ã‚Œã¦ã„ã¾ã™ã€‚ è©³ç´°ãªä½¿ç”¨æ–¹æ³•ã¨ä¾‹ã«ã¤ã„ã¦ã¯ã€ãƒ‰ã‚ãƒ¥ãƒ¡ãƒ³ãƒˆã‚³ãƒ³ãƒ†ãƒŠã«å‰²ã‚Šå½“ã¦ã‚‰ã‚ŒãŸCPUã¨ãƒ¡ãƒ¢ãƒªãƒªã‚½ãƒ¼ã‚¹ã®ãƒªã‚µã‚¤ã‚ºã‚’ã”å‚ç…§ãã ã•ã„ã€‚

ã“ã®ä½œæ¥ã¯SIG Nodeã¨SIG AutoscalingãŒä¸»å°Žã—ãŸKEP #1287ã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

ã‚¢ãƒ«ãƒ•ã‚¡ã®æ–°æ©Ÿèƒ½

ã“ã‚Œã¯v1.34ãƒªãƒªãƒ¼ã‚¹å¾Œã«ã‚¢ãƒ«ãƒ•ã‚¡ã¨ãªã£ãŸæ”¹å–„ç‚¹ã®ä¸€éƒ¨ã§ã™ã€‚

mTLSèªè¨¼ã®ãŸã‚ã®Podã®è¨¼æ˜Žæ›¸

ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼å†…ã®ãƒ¯ãƒ¼ã‚¯ãƒãƒ¼ãƒ‰ã®èªè¨¼ã€ç‰¹ã«APIã‚µãƒ¼ãƒãƒ¼ã¨ã®é€šä¿¡ã§ã¯ã€ä¸»ã«ServiceAccountãƒˆãƒ¼ã‚¯ãƒ³ã«ä¾å˜ã—ã¦ãã¾ã—ãŸã€‚ åŠ¹æžœçš„ã§ã¯ã‚ã‚‹ã‚‚ã®ã®ã€ã“ã‚Œã‚‰ã®ãƒˆãƒ¼ã‚¯ãƒ³ã¯ç›¸äº’TLS(mTLS)ã®ãŸã‚ã®å¼·åŠ›ã§æ¤œè¨¼å¯èƒ½ãªã‚¢ã‚¤ãƒ‡ãƒ³ãƒ†ã‚£ãƒ†ã‚£ã‚’ç¢ºç«‹ã™ã‚‹ã«ã¯å¿…ãšã—ã‚‚ç†æƒ³çš„ã§ã¯ãªãã€è¨¼æ˜Žæ›¸ãƒ™ãƒ¼ã‚¹ã®èªè¨¼ã‚’æœŸå¾…ã™ã‚‹å¤–éƒ¨ã‚·ã‚¹ãƒ†ãƒ ã¨ã®çµ±åˆæ™‚ã«èª²é¡ŒãŒç”Ÿã˜ã‚‹ã“ã¨ãŒã‚ã‚Šã¾ã™ã€‚
Kubernetes v1.34ã§ã¯ã€PodCertificateRequestã‚’ä»‹ã—ã¦PodãŒX.509è¨¼æ˜Žæ›¸ã‚’å–å¾—ã™ã‚‹ãŸã‚ã®çµ„ã¿è¾¼ã¿ãƒ¡ã‚«ãƒ‹ã‚ºãƒ ãŒå°Žå…¥ã•ã‚Œã¾ã™ã€‚ kubeletã¯Podç”¨ã®è¨¼æ˜Žæ›¸ã‚’è¦æ±‚ãƒ»ç®¡ç†ã§ãã€ã“ã‚Œã‚‰ã®è¨¼æ˜Žæ›¸ã¯mTLSã‚’ä½¿ç”¨ã—ã¦Kubernetes APIã‚µãƒ¼ãƒãƒ¼ã‚„ä»–ã®ã‚µãƒ¼ãƒ“ã‚¹ã¸ã®èªè¨¼ã«ä½¿ç”¨ã§ãã¾ã™ã€‚ ä¸»ãªåˆ©ç‚¹ã¯ã€Podã®ãŸã‚ã®ã‚ˆã‚Šå …ç‰¢ã§æŸ”è»Ÿãªã‚¢ã‚¤ãƒ‡ãƒ³ãƒ†ã‚£ãƒ†ã‚£ãƒ¡ã‚«ãƒ‹ã‚ºãƒ ã§ã™ã€‚ Bearerãƒˆãƒ¼ã‚¯ãƒ³ã®ã¿ã«ä¾å˜ã™ã‚‹ã“ã¨ãªãã€å¼·åŠ›ãªmTLSèªè¨¼ã‚’å®Ÿè£…ã™ã‚‹ãƒã‚¤ãƒ†ã‚£ãƒ–ãªæ–¹æ³•ã‚’æä¾›ã—ã€Kubernetesã‚’æ¨™æº–çš„ãªã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£ãƒ—ãƒ©ã‚¯ãƒ†ã‚£ã‚¹ã«åˆã‚ã›ã€è¨¼æ˜Žæ›¸å¯¾å¿œã®å¯è¦³æ¸¬æ€§ã‚„ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£ãƒ„ãƒ¼ãƒ«ã¨ã®çµ±åˆã‚’ç°¡ç´ åŒ–ã—ã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯SIG AuthãŒä¸»å°Žã—ãŸKEP #4317ã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

ã€Œåˆ¶é™ã€Podã®ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£æ¨™æº–ã«ã‚ˆã‚‹Remote Probeã®ç¦æ¢

ProbeãŠã‚ˆã³ãƒ©ã‚¤ãƒ•ã‚µã‚¤ã‚¯ãƒ«ãƒãƒ³ãƒ‰ãƒ©ãƒ¼å†…ã®hostãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã«ã‚ˆã‚Šã€ãƒ¦ãƒ¼ã‚¶ãƒ¼ã¯kubeletãŒProbeã™ã‚‹å¯¾è±¡ã¨ã—ã¦podIPä»¥å¤–ã®ã‚¨ãƒ³ãƒ†ã‚£ãƒ†ã‚£ã‚’æŒ‡å®šã§ãã¾ã™ã€‚ ã—ã‹ã—ã€ã“ã‚Œã¯æ‚ªç”¨ã‚„ã€ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£åˆ¶å¾¡ã‚’ãƒã‚¤ãƒ‘ã‚¹ã™ã‚‹æ”»æ’ƒã®çµŒè·¯ã‚’é–‹ãã¾ã™ã€‚ hostãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã«ã¯ã€ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£ä¸Šé‡è¦ãªå¤–éƒ¨ãƒ›ã‚¹ãƒˆã‚„ãƒŽãƒ¼ãƒ‰ä¸Šã®localhostã‚’å«ã‚€ã€ä»»æ„ã®å€¤ã‚’è¨å®šã§ãã‚‹ãŸã‚ã§ã™ã€‚ Kubernetes v1.34ã§ã¯ã€PodãŒåˆ¶é™Podã®ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£æ¨™æº–ã‚’æº€ãŸã™ã®ã¯ã€hostãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã‚’æœªè¨å®šã®ã¾ã¾ã«ã™ã‚‹ã‹ã€ã“ã®ã‚¿ã‚¤ãƒ—ã®Probeã‚’ä½¿ç”¨ã—ãªã„å ´åˆã®ã¿ã¨ãªã‚Šã¾ã™ã€‚ ã“ã®æ¨™æº–ã‚’å¼·åˆ¶ã™ã‚‹ã«ã¯ã€Podã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£ã‚¢ãƒ‰ãƒŸãƒƒã‚·ãƒ§ãƒ³ ã¾ãŸã¯ã‚µãƒ¼ãƒ‰ãƒ‘ãƒ¼ãƒ†ã‚£ã‚½ãƒªãƒ¥ãƒ¼ã‚·ãƒ§ãƒ³ã‚’ä½¿ç”¨ã§ãã¾ã™ã€‚ ã“ã‚Œã‚‰ã¯ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£åˆ¶å¾¡ã§ã‚ã‚‹ãŸã‚ã€é¸æŠžã—ãŸå¼·åˆ¶ãƒ¡ã‚«ãƒ‹ã‚ºãƒ ã®åˆ¶é™ã¨å‹•ä½œã‚’ç†è§£ã™ã‚‹ãŸã‚ã«ãƒ‰ã‚ãƒ¥ãƒ¡ãƒ³ãƒˆã‚’ç¢ºèªã—ã¦ãã ã•ã„ã€‚

ã“ã®ä½œæ¥ã¯SIG AuthãŒä¸»å°Žã—ãŸKEP #4940ã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

Podé…ç½®ã‚’è¡¨ç¾ã™ã‚‹ãŸã‚ã®`.status.nominatedNodeName`ã®ä½¿ç”¨

kube-schedulerãŒPodã‚’Nodeã«ãƒã‚¤ãƒ³ãƒ‰ã™ã‚‹ã®ã«æ™‚é–“ãŒã‹ã‹ã‚‹å ´åˆã€ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã‚ªãƒ¼ãƒˆã‚¹ã‚±ãƒ¼ãƒ©ãƒ¼ã¯PodãŒç‰¹å®šã®Nodeã«ãƒã‚¤ãƒ³ãƒ‰ã•ã‚Œã‚‹ã“ã¨ã‚’ç†è§£ã§ããªã„å ´åˆãŒã‚ã‚Šã¾ã™ã€‚ ãã®çµæžœã€Nodeã‚’ä½¿ç”¨çŽ‡ãŒä½Žã„ã¨èª¤åˆ¤æ–ã—ã€å‰Šé™¤ã—ã¦ã—ã¾ã†å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã™ã€‚
ã“ã®å•é¡Œã«å¯¾å‡¦ã™ã‚‹ãŸã‚ã€kube-schedulerã¯.status.nominatedNodeNameã‚’ä½¿ç”¨ã—ã¦ã€é€²è¡Œä¸ã®ãƒ—ãƒªã‚¨ãƒ³ãƒ—ã‚·ãƒ§ãƒ³ã‚’ç¤ºã™ã ã‘ã§ãªãã€Podã®é…ç½®æ„å›³ã‚‚è¡¨ç¾ã§ãã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã™ã€‚ NominatedNodeNameForExpectationãƒ•ã‚£ãƒ¼ãƒãƒ£ãƒ¼ã‚²ãƒ¼ãƒˆã‚’æœ‰åŠ¹ã«ã™ã‚‹ã“ã¨ã§ã€ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ©ãƒ¼ã¯ã“ã®ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã‚’ä½¿ç”¨ã—ã¦PodãŒã©ã“ã«ãƒã‚¤ãƒ³ãƒ‰ã•ã‚Œã‚‹ã‹ã‚’ç¤ºã—ã¾ã™ã€‚ ã“ã‚Œã«ã‚ˆã‚Šå†…éƒ¨çš„ãªäºˆç´„ãŒå…¬é–‹ã•ã‚Œã€å¤–éƒ¨ã‚³ãƒ³ãƒãƒ¼ãƒãƒ³ãƒˆãŒæƒ…å ±ã«åŸºã¥ã„ãŸåˆ¤æ–ã‚’ä¸‹ã›ã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯SIG SchedulingãŒä¸»å°Žã—ãŸKEP #5278ã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

ã‚¢ãƒ«ãƒ•ã‚¡ç‰ˆã®DRAæ©Ÿèƒ½

DRAã®ãƒªã‚½ãƒ¼ã‚¹ãƒ˜ãƒ«ã‚¹çŠ¶æ…‹

PodãŒæ•…éšœã—ãŸã€ã¾ãŸã¯ä¸€æ™‚çš„ã«ç•°å¸¸ãªãƒ‡ãƒã‚¤ã‚¹ã‚’ä½¿ç”¨ã—ã¦ã„ã‚‹å ´åˆã€ãã‚Œã‚’æŠŠæ¡ã™ã‚‹ã“ã¨ã¯å›°é›£ã§ã™ã€‚ ã“ã‚Œã«ã‚ˆã‚ŠPodã®ã‚¯ãƒ©ãƒƒã‚·ãƒ¥ã®ãƒˆãƒ©ãƒ–ãƒ«ã‚·ãƒ¥ãƒ¼ãƒ†ã‚£ãƒ³ã‚°ãŒé›£ã—ãã€æ™‚ã«ã¯ä¸å¯èƒ½ã«ãªã‚Šã¾ã™ã€‚
DRAã®ãƒªã‚½ãƒ¼ã‚¹ãƒ˜ãƒ«ã‚¹çŠ¶æ…‹æ©Ÿèƒ½ã¯ã€Podã«å‰²ã‚Šå½“ã¦ã‚‰ã‚ŒãŸãƒ‡ãƒã‚¤ã‚¹ã®ãƒ˜ãƒ«ã‚¹çŠ¶æ…‹ã‚’Podã®ã‚¹ãƒ†ãƒ¼ã‚¿ã‚¹ã«å…¬é–‹ã™ã‚‹ã“ã¨ã§ã€å¯è¦³æ¸¬æ€§ã‚’å‘ä¸Šã•ã›ã¾ã™ã€‚ ã“ã‚Œã«ã‚ˆã‚Šã€ç•°å¸¸ãªãƒ‡ãƒã‚¤ã‚¹ã«é–¢é€£ã™ã‚‹Podã®å•é¡Œã®åŽŸå› ã‚’ç‰¹å®šã—ã‚„ã™ããªã‚Šã€é©åˆ‡ã«å¯¾å¿œã§ãã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã™ã€‚
ã“ã®æ©Ÿèƒ½ã‚’æœ‰åŠ¹ã«ã™ã‚‹ã«ã¯ã€ResourceHealthStatusãƒ•ã‚£ãƒ¼ãƒãƒ£ãƒ¼ã‚²ãƒ¼ãƒˆã‚’æœ‰åŠ¹ã«ã—ã€DRAãƒ‰ãƒ©ã‚¤ãƒãƒ¼ãŒDRAResourceHealth gRPCã‚µãƒ¼ãƒ“ã‚¹ã‚’å®Ÿè£…ã—ã¦ã„ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯WG Device ManagementãŒä¸»å°Žã—ãŸKEP #4680ã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

æ‹¡å¼µãƒªã‚½ãƒ¼ã‚¹ãƒžãƒƒãƒ”ãƒ³ã‚°

æ‹¡å¼µãƒªã‚½ãƒ¼ã‚¹ãƒžãƒƒãƒ”ãƒ³ã‚°ã¯ã€ãƒªã‚½ãƒ¼ã‚¹ã®å®¹é‡ã¨æ¶ˆè²»é‡ã‚’è¨˜è¿°ã™ã‚‹ãŸã‚ã®ç°¡å˜ãªæ–¹æ³•ã‚’æä¾›ã™ã‚‹ã“ã¨ã§ã€DRAã®è¡¨ç¾åŠ›è±Šã‹ã§æŸ”è»Ÿãªã‚¢ãƒ—ãƒãƒ¼ãƒã‚ˆã‚Šã‚‚ã‚·ãƒ³ãƒ—ãƒ«ãªä»£æ›¿æ‰‹æ®µã¨ãªã‚Šã¾ã™ã€‚ ã“ã‚Œã«ã‚ˆã‚Šã€ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ç®¡ç†è€…ã¯DRAã§ç®¡ç†ã—ã¦ã„ã‚‹ãƒªã‚½ãƒ¼ã‚¹ã‚’æ‹¡å¼µãƒªã‚½ãƒ¼ã‚¹ã¨ã—ã¦å…¬é–‹ã§ãã€ã‚¢ãƒ—ãƒªã‚±ãƒ¼ã‚·ãƒ§ãƒ³é–‹ç™ºè€…ã‚„é‹ç”¨è€…ã¯æ–°ã—ã„DRA APIã‚’å¦ã¶ã“ã¨ãªãã€å¾“æ¥é€šã‚Šã‚³ãƒ³ãƒ†ãƒŠã®.spec.resourcesãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã§ã“ã‚Œã‚‰ã®ãƒªã‚½ãƒ¼ã‚¹ã‚’è¦æ±‚ã§ãã¾ã™ã€‚
ã“ã®æ©Ÿèƒ½ã®æœ€å¤§ã®åˆ©ç‚¹ã¯ã€æ—¢å˜ã®ãƒ¯ãƒ¼ã‚¯ãƒãƒ¼ãƒ‰ã‚’å¤‰æ›´ã›ãšã«DRAã®æ©æµã‚’å—ã‘ã‚‰ã‚Œã‚‹ã“ã¨ã§ã™ã€‚ ã‚¢ãƒ—ãƒªã‚±ãƒ¼ã‚·ãƒ§ãƒ³é–‹ç™ºè€…ã¨ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ç®¡ç†è€…ã®ä¸¡æ–¹ã«ã¨ã£ã¦ã€DRAã¸ã®ç§»è¡ŒãŒå¤§å¹…ã«ç°¡å˜ã«ãªã‚Šã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯WG Device ManagementãŒä¸»å°Žã—ãŸKEP #5004ã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

DRAã®æ¶ˆè²»å¯èƒ½ãªå®¹é‡

Kubernetes v1.33ã§ã¯ã€ãƒªã‚½ãƒ¼ã‚¹ãƒ‰ãƒ©ã‚¤ãƒãƒ¼ãŒãƒ‡ãƒã‚¤ã‚¹å…¨ä½“ã‚’ä¸€ã¤ã®å˜ä½ã¨ã—ã¦æ‰±ã†ã®ã§ã¯ãªãã€åˆ©ç”¨å¯èƒ½ãªãƒ‡ãƒã‚¤ã‚¹ã®ä¸€éƒ¨åˆ†(ã‚¹ãƒ©ã‚¤ã‚¹)ã‚’å…¬é–‹ã§ãã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã—ãŸã€‚ ã—ã‹ã—ã€ã“ã®ã‚¢ãƒ—ãƒãƒ¼ãƒã§ã¯ã€ãƒ‡ãƒã‚¤ã‚¹ãƒ‰ãƒ©ã‚¤ãƒãƒ¼ãŒãƒ¦ãƒ¼ã‚¶ãƒ¼ã®è¦æ±‚ã«åŸºã¥ã„ã¦ãƒ‡ãƒã‚¤ã‚¹ãƒªã‚½ãƒ¼ã‚¹ã‚’ç´°ã‹ãå‹•çš„ã«åˆ†å‰²ã™ã‚‹å ´åˆã‚„ã€ResourceClaimã®ä»•æ§˜ã¨åå‰ç©ºé–“ã®åˆ¶é™ã‚’è¶…ãˆã¦ãƒªã‚½ãƒ¼ã‚¹ã‚’å…±æœ‰ã™ã‚‹å ´åˆã«å¯¾å¿œã§ãã¾ã›ã‚“ã§ã—ãŸã€‚
DRAConsumableCapacityãƒ•ã‚£ãƒ¼ãƒãƒ£ãƒ¼ã‚²ãƒ¼ãƒˆã‚’æœ‰åŠ¹ã«ã™ã‚‹ã“ã¨ã§(v1.34ã§ã‚¢ãƒ«ãƒ•ã‚¡ã¨ã—ã¦å°Žå…¥)ã€ãƒªã‚½ãƒ¼ã‚¹ãƒ‰ãƒ©ã‚¤ãƒãƒ¼ã¯åŒã˜ãƒ‡ãƒã‚¤ã‚¹ã‚„ãƒ‡ãƒã‚¤ã‚¹ã®ä¸€éƒ¨ã‚’ã€è¤‡æ•°ã®ResourceClaimã¾ãŸã¯è¤‡æ•°ã®DeviceRequesté–“ã§å…±æœ‰ã§ãã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã™ã€‚ ã“ã®æ©Ÿèƒ½ã¯ã¾ãŸã€capacityãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã§å®šç¾©ã•ã‚ŒãŸãƒ‡ãƒã‚¤ã‚¹ãƒªã‚½ãƒ¼ã‚¹ã®ä¸€éƒ¨ã‚’å‰²ã‚Šå½“ã¦ã‚‹ã“ã¨ã‚’ã‚µãƒãƒ¼ãƒˆã™ã‚‹ã‚ˆã†ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ©ãƒ¼ã‚’æ‹¡å¼µã—ã¾ã™ã€‚ ã“ã®DRAæ©Ÿèƒ½ã«ã‚ˆã‚Šã€åå‰ç©ºé–“ã‚„ã‚¯ãƒ¬ãƒ¼ãƒ é–“ã§ã®ãƒ‡ãƒã‚¤ã‚¹å…±æœ‰ãŒæ”¹å–„ã•ã‚Œã€Podã®ãƒ‹ãƒ¼ã‚ºã«åˆã‚ã›ãŸèª¿æ•´ãŒå¯èƒ½ã«ãªã‚Šã¾ã™ã€‚ ãƒ‰ãƒ©ã‚¤ãƒãƒ¼ãŒå®¹é‡åˆ¶é™ã‚’å¼·åˆ¶ã§ãã€ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒªãƒ³ã‚°ãŒå¼·åŒ–ã•ã‚Œã€å¸¯åŸŸå¹…ã‚’è€ƒæ…®ã—ãŸãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚ãƒ³ã‚°ã‚„ãƒžãƒ«ãƒãƒ†ãƒŠãƒ³ãƒˆå…±æœ‰ãªã©ã®æ–°ã—ã„ãƒ¦ãƒ¼ã‚¹ã‚±ãƒ¼ã‚¹ã‚’ã‚µãƒãƒ¼ãƒˆã—ã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯WG Device ManagementãŒä¸»å°Žã—ãŸKEP #5075ã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

ãƒ‡ãƒã‚¤ã‚¹ã®ãƒã‚¤ãƒ³ãƒ‰æ¡ä»¶

Kubernetesã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ©ãƒ¼ã¯ã€å¿…è¦ãªå¤–éƒ¨ãƒªã‚½ãƒ¼ã‚¹(ã‚¢ã‚¿ãƒƒãƒå¯èƒ½ãªãƒ‡ãƒã‚¤ã‚¹ã‚„FPGAãªã©)ãŒæº–å‚™å®Œäº†ã§ã‚ã‚‹ã“ã¨ã‚’ç¢ºèªã™ã‚‹ã¾ã§ã€Podã®Nodeã¸ã®ãƒã‚¤ãƒ³ãƒ‡ã‚£ãƒ³ã‚°ã‚’é…å»¶ã•ã›ã‚‹ã“ã¨ã§ã€ã‚ˆã‚Šä¿¡é ¼æ€§ãŒå‘ä¸Šã—ã¾ã™ã€‚
ã“ã®é…å»¶ãƒ¡ã‚«ãƒ‹ã‚ºãƒ ã¯ã€ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒªãƒ³ã‚°ãƒ•ãƒ¬ãƒ¼ãƒ ãƒ¯ãƒ¼ã‚¯ã®PreBindãƒ•ã‚§ãƒ¼ã‚ºã§å®Ÿè£…ã•ã‚Œã¾ã™ã€‚ ã“ã®ãƒ•ã‚§ãƒ¼ã‚ºä¸ã«ã€ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ©ãƒ¼ã¯å¿…è¦ãªã™ã¹ã¦ã®ãƒ‡ãƒã‚¤ã‚¹æ¡ä»¶ãŒæº€ãŸã•ã‚Œã¦ã„ã‚‹ã‹ã‚’ç¢ºèªã—ã¦ã‹ã‚‰ã€ãƒã‚¤ãƒ³ãƒ‡ã‚£ãƒ³ã‚°ã‚’ç¶šè¡Œã—ã¾ã™ã€‚ ã“ã‚Œã«ã‚ˆã‚Šå¤–éƒ¨ãƒ‡ãƒã‚¤ã‚¹ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ã¨ã®èª¿æ•´ãŒå¯èƒ½ã«ãªã‚Šã€ã‚ˆã‚Šå …ç‰¢ã§äºˆæ¸¬å¯èƒ½ãªã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒªãƒ³ã‚°ãŒå®Ÿç¾ã—ã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯WG Device ManagementãŒä¸»å°Žã—ãŸKEP #5007ã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

ã‚³ãƒ³ãƒ†ãƒŠå†èµ·å‹•ãƒ«ãƒ¼ãƒ«

ç¾åœ¨ã€Podå†…ã®ã™ã¹ã¦ã®ã‚³ãƒ³ãƒ†ãƒŠã¯ã€çµ‚äº†ã¾ãŸã¯ã‚¯ãƒ©ãƒƒã‚·ãƒ¥æ™‚ã«åŒã˜.spec.restartPolicyã«å¾“ã„ã¾ã™ã€‚ ã—ã‹ã—ã€è¤‡æ•°ã®ã‚³ãƒ³ãƒ†ãƒŠã‚’å®Ÿè¡Œã™ã‚‹Podã§ã¯ã€å„ã‚³ãƒ³ãƒ†ãƒŠã«ç•°ãªã‚‹å†èµ·å‹•è¦ä»¶ãŒå¿…è¦ãªå ´åˆãŒã‚ã‚Šã¾ã™ã€‚ ä¾‹ãˆã°ã€åˆæœŸåŒ–ã‚’å®Ÿè¡Œã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã‚‹Initã‚³ãƒ³ãƒ†ãƒŠã§ã¯ã€å¤±æ•—æ™‚ã«åˆæœŸåŒ–ã‚’å†è©¦è¡Œã—ãŸããªã„å ´åˆãŒã‚ã‚Šã¾ã™ã€‚ åŒæ§˜ã«é•·æ™‚é–“å®Ÿè¡Œã•ã‚Œã‚‹è¨“ç·´ãƒ¯ãƒ¼ã‚¯ãƒãƒ¼ãƒ‰ã‚’æ‰±ã†MLç ”ç©¶ã®ç’°å¢ƒã§ã¯ã€å†è©¦è¡Œå¯èƒ½ãªçµ‚äº†ã‚³ãƒ¼ãƒ‰ã§å¤±æ•—ã—ãŸã‚³ãƒ³ãƒ†ãƒŠã¯ã€Podå…¨ä½“ã‚’å†ä½œæˆã—ã¦é€²è¡ŒçŠ¶æ³ã‚’å¤±ã†ã®ã§ã¯ãªãã€ãã®å ´ã§ç´ æ—©ãå†èµ·å‹•ã™ã¹ãã§ã™ã€‚
Kubernetes v1.34ã§ã¯ContainerRestartRulesãƒ•ã‚£ãƒ¼ãƒãƒ£ãƒ¼ã‚²ãƒ¼ãƒˆã‚’å°Žå…¥ã—ã¾ã™ã€‚ æœ‰åŠ¹ã«ã™ã‚‹ã¨ã€Podå†…ã®å„ã‚³ãƒ³ãƒ†ãƒŠã«å¯¾ã—ã¦restartPolicyã‚’æŒ‡å®šã§ãã¾ã™ã€‚ ã¾ãŸã€æœ€å¾Œã®çµ‚äº†ã‚³ãƒ¼ãƒ‰ã«åŸºã¥ã„ã¦restartPolicyã‚’ä¸Šæ›¸ãã™ã‚‹restartPolicyRulesãƒªã‚¹ãƒˆã‚‚å®šç¾©ã§ãã¾ã™ã€‚ ã“ã‚Œã«ã‚ˆã‚Šã€è¤‡é›‘ãªã‚·ãƒŠãƒªã‚ªã«å¯¾å‡¦ã™ã‚‹ãŸã‚ã«å¿…è¦ãªç´°ã‹ã„åˆ¶å¾¡ã¨ã€è¨ˆç®—ãƒªã‚½ãƒ¼ã‚¹ã®ã‚ˆã‚Šè‰¯ã„åˆ©ç”¨ãŒå¯èƒ½ã«ãªã‚Šã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯SIG NodeãŒä¸»å°Žã—ãŸKEP #5307ã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

å®Ÿè¡Œæ™‚ã«ä½œæˆã•ã‚ŒãŸãƒ•ã‚¡ã‚¤ãƒ«ã‹ã‚‰ã®ç’°å¢ƒå¤‰æ•°ã®èªã¿è¾¼ã¿

ã‚¢ãƒ—ãƒªã‚±ãƒ¼ã‚·ãƒ§ãƒ³é–‹ç™ºè€…ã¯é•·ã„é–“ã€ç’°å¢ƒå¤‰æ•°å®£è¨€ã®ã‚ˆã‚ŠæŸ”è»Ÿãªæ–¹æ³•ã‚’æ±‚ã‚ã¦ãã¾ã—ãŸã€‚ ã“ã‚Œã¾ã§ã€ç’°å¢ƒå¤‰æ•°ã¯é™çš„ãªå€¤ã€ConfigMapã¾ãŸã¯Secretã‚’ä»‹ã—ã¦APIã‚µãƒ¼ãƒãƒ¼å´ã§å®£è¨€ã•ã‚Œã¦ã„ã¾ã—ãŸã€‚

EnvFilesãƒ•ã‚£ãƒ¼ãƒãƒ£ãƒ¼ã‚²ãƒ¼ãƒˆã«ã‚ˆã£ã¦ã€Kubernetes v1.34ã§ã¯å®Ÿè¡Œæ™‚ã«ç’°å¢ƒå¤‰æ•°ã‚’å®£è¨€ã™ã‚‹æ©Ÿèƒ½ã‚’å°Žå…¥ã—ã¾ã™ã€‚ ã‚ã‚‹ã‚³ãƒ³ãƒ†ãƒŠ(é€šå¸¸ã¯Initã‚³ãƒ³ãƒ†ãƒŠ)ãŒå¤‰æ•°ã‚’ç”Ÿæˆã—ã¦ãƒ•ã‚¡ã‚¤ãƒ«ã«ä¿å˜ã—ã€å¾Œç¶šã®ã‚³ãƒ³ãƒ†ãƒŠãŒãã®ãƒ•ã‚¡ã‚¤ãƒ«ã‹ã‚‰ç’°å¢ƒå¤‰æ•°ã‚’èªã¿è¾¼ã‚“ã§èµ·å‹•ã§ãã¾ã™ã€‚ ã“ã®ã‚¢ãƒ—ãƒãƒ¼ãƒã«ã‚ˆã‚Šã€å¯¾è±¡ã‚³ãƒ³ãƒ†ãƒŠã®ã‚¨ãƒ³ãƒˆãƒªãƒã‚¤ãƒ³ãƒˆã‚’ã€Œãƒ©ãƒƒãƒ—ã€ã™ã‚‹(èµ·å‹•ã‚³ãƒžãƒ³ãƒ‰ã‚’å¤‰æ›´ã™ã‚‹)å¿…è¦ãŒãªããªã‚Šã€Podå†…ã§ã®ã‚ˆã‚ŠæŸ”è»Ÿãªã‚³ãƒ³ãƒ†ãƒŠã‚ªãƒ¼ã‚±ã‚¹ãƒˆãƒ¬ãƒ¼ã‚·ãƒ§ãƒ³ãŒå¯èƒ½ã«ãªã‚Šã¾ã™ã€‚

ã“ã®æ©Ÿèƒ½ã¯ç‰¹ã«AI/MLãƒˆãƒ¬ãƒ¼ãƒ‹ãƒ³ã‚°ã®ãƒ¯ãƒ¼ã‚¯ãƒãƒ¼ãƒ‰ã«æœ‰ç›Šã§ã™ã€‚ è¨“ç·´Jobå†…ã®å„PodãŒå®Ÿè¡Œæ™‚ã«å®šç¾©ã•ã‚Œã‚‹å€¤ã§åˆæœŸåŒ–ã•ã‚Œã‚‹å¿…è¦ãŒã‚ã‚‹å ´åˆã«å½¹ç«‹ã¡ã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯SIG NodeãŒä¸»å°Žã—ãŸKEP #3721ã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

v1.34ã§ã®æ˜‡æ ¼ã€éžæŽ¨å¥¨åŒ–ã€ãŠã‚ˆã³å‰Šé™¤

GAã¸ã®æ˜‡æ ¼

ã“ã‚Œã¯å®‰å®šç‰ˆ(ä¸€èˆ¬æä¾›ã€GAã¨ã‚‚å‘¼ã°ã‚Œã‚‹)ã«æ˜‡æ ¼ã—ãŸã™ã¹ã¦ã®æ©Ÿèƒ½ã‚’ä¸€è¦§ã«ã—ãŸã‚‚ã®ã§ã™ã€‚ ã‚¢ãƒ«ãƒ•ã‚¡ã‹ã‚‰ãƒ™ãƒ¼ã‚¿ã¸ã®æ˜‡æ ¼ã‚„æ–°æ©Ÿèƒ½ã‚’å«ã‚€æ›´æ–°ã®å®Œå…¨ãªãƒªã‚¹ãƒˆã«ã¤ã„ã¦ã¯ã€ãƒªãƒªãƒ¼ã‚¹ãƒŽãƒ¼ãƒˆã‚’ã”è¦§ãã ã•ã„ã€‚

ã“ã®ãƒªãƒªãƒ¼ã‚¹ã«ã¯ã€GAã«æ˜‡æ ¼ã—ãŸåˆè¨ˆ23ã®æ©Ÿèƒ½å¼·åŒ–ãŒå«ã¾ã‚Œã¦ã„ã¾ã™:

éžæŽ¨å¥¨åŒ–ã¨å‰Šé™¤

Kubernetesã®é–‹ç™ºã¨æˆç†Ÿã«ä¼´ã„ã€ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆå…¨ä½“ã®å¥å…¨æ€§ã‚’å‘ä¸Šã•ã›ã‚‹ãŸã‚ã«æ©Ÿèƒ½ãŒéžæŽ¨å¥¨åŒ–ã•ã‚ŒãŸã‚Šã€å‰Šé™¤ã•ã‚ŒãŸã‚Šã€ã‚ˆã‚Šè‰¯ã„æ©Ÿèƒ½ã«ç½®ãæ›ãˆã‚‰ã‚ŒãŸã‚Šã™ã‚‹ã“ã¨ãŒã‚ã‚Šã¾ã™ã€‚ ã“ã®ãƒ—ãƒã‚»ã‚¹ã«é–¢ã™ã‚‹è©³ç´°ã¯ã€KuberneteséžæŽ¨å¥¨ãƒãƒªã‚·ãƒ¼ã‚’å‚ç…§ã—ã¦ãã ã•ã„ã€‚ Kubernetes v1.34ã«ã¯ã„ãã¤ã‹ã®éžæŽ¨å¥¨åŒ–ãŒå«ã¾ã‚Œã¦ã„ã¾ã™ã€‚

æ‰‹å‹•ã§ã®cgroupãƒ‰ãƒ©ã‚¤ãƒãƒ¼è¨å®šã®éžæŽ¨å¥¨åŒ–

ã“ã‚Œã¾ã§ã€æ£ã—ã„cgroupãƒ‰ãƒ©ã‚¤ãƒãƒ¼ã®è¨å®šã¯ã€Kubernetesã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã‚’å®Ÿè¡Œã™ã‚‹ãƒ¦ãƒ¼ã‚¶ãƒ¼ã«ã¨ã£ã¦æ‚©ã¿ã®ç¨®ã§ã—ãŸã€‚ Kubernetes v1.28ã§ã¯ã€kubeletãŒCRIå®Ÿè£…ã«å•ã„åˆã‚ã›ã¦ä½¿ç”¨ã™ã¹ãcgroupãƒ‰ãƒ©ã‚¤ãƒãƒ¼ã‚’è¦‹ã¤ã‘ã‚‹æ–¹æ³•ãŒè¿½åŠ ã•ã‚Œã¾ã—ãŸã€‚ ã“ã®è‡ªå‹•æ¤œå‡ºãŒç¾åœ¨å¼·ãæŽ¨å¥¨ã•ã‚Œã¦ãŠã‚Šã€ãã®ã‚µãƒãƒ¼ãƒˆã¯v1.34ã§GAã«æ˜‡æ ¼ã—ã¾ã—ãŸã€‚ ãŠä½¿ã„ã®CRIã‚³ãƒ³ãƒ†ãƒŠãƒ©ãƒ³ã‚¿ã‚¤ãƒ ãŒå¿…è¦ãªcgroupãƒ‰ãƒ©ã‚¤ãƒãƒ¼ã‚’å ±å‘Šã™ã‚‹æ©Ÿèƒ½ã‚’ã‚µãƒãƒ¼ãƒˆã—ã¦ã„ãªã„å ´åˆã¯ã€ã‚³ãƒ³ãƒ†ãƒŠãƒ©ãƒ³ã‚¿ã‚¤ãƒ ã‚’ã‚¢ãƒƒãƒ—ã‚°ãƒ¬ãƒ¼ãƒ‰ã¾ãŸã¯å¤‰æ›´ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚ kubeletè¨å®šãƒ•ã‚¡ã‚¤ãƒ«ã®cgroupDriverè¨å®šã¯ç¾åœ¨éžæŽ¨å¥¨ã¨ãªã£ã¦ã„ã¾ã™ã€‚ å¯¾å¿œã™ã‚‹ã‚³ãƒžãƒ³ãƒ‰ãƒ©ã‚¤ãƒ³ã‚ªãƒ—ã‚·ãƒ§ãƒ³--cgroup-driverã¯ä»¥å‰ã‹ã‚‰éžæŽ¨å¥¨ã¨ãªã£ã¦ãŠã‚Šã€Kubernetesã§ã¯è¨å®šãƒ•ã‚¡ã‚¤ãƒ«ã®ä½¿ç”¨ã‚’æŽ¨å¥¨ã—ã¦ã„ã¾ã™ã€‚ è¨å®šé …ç›®ã¨ã‚³ãƒžãƒ³ãƒ‰ãƒ©ã‚¤ãƒ³ã‚ªãƒ—ã‚·ãƒ§ãƒ³ã®ä¸¡æ–¹ã¯å°†æ¥ã®ãƒªãƒªãƒ¼ã‚¹ã§å‰Šé™¤ã•ã‚Œã‚‹äºˆå®šã§ã™ãŒã€ãã®å‰Šé™¤ã¯v1.36ã®ãƒžã‚¤ãƒŠãƒ¼ãƒªãƒªãƒ¼ã‚¹ã‚ˆã‚Šå‰ã«ã¯è¡Œã‚ã‚Œã¾ã›ã‚“ã€‚

ã“ã®ä½œæ¥ã¯SIG NodeãŒä¸»å°Žã—ãŸKEP #4033ã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

v1.36ã§ã®containerd 1.xã‚µãƒãƒ¼ãƒˆçµ‚äº†

Kubernetes v1.34ã¯ã¾ã containerd 1.7ã‚„ãã®ä»–ã®LTSãƒªãƒªãƒ¼ã‚¹ã‚’ã‚µãƒãƒ¼ãƒˆã—ã¦ã„ã¾ã™ãŒã€è‡ªå‹•ã§ã®cgroupãƒ‰ãƒ©ã‚¤ãƒãƒ¼æ¤œå‡ºã®çµæžœã¨ã—ã¦ã€Kubernetes SIG Nodeã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã¯containerd v1.Xã®æœ€çµ‚ã‚µãƒãƒ¼ãƒˆã‚¿ã‚¤ãƒ ãƒ©ã‚¤ãƒ³ã«ã¤ã„ã¦æ£å¼ã«åˆæ„ã—ã¾ã—ãŸã€‚ ã“ã®ã‚µãƒãƒ¼ãƒˆã‚’æä¾›ã™ã‚‹æœ€å¾Œã®Kubernetesãƒªãƒªãƒ¼ã‚¹ã¯v1.35ã¨ãªã‚Šã¾ã™(containerd 1.7ã®EOLã«åˆã‚ã›ã¦)ã€‚ ã“ã‚Œã¯æ—©æœŸã®è¦å‘Šã§ã™ã€‚ containerd 1.Xã‚’ä½¿ç”¨ã—ã¦ã„ã‚‹å ´åˆã¯ã€æ—©æ€¥ã«2.0ä»¥é™ã¸ã®åˆ‡ã‚Šæ›¿ãˆã‚’æ¤œè¨Žã—ã¦ãã ã•ã„ã€‚ ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼å†…ã®ãƒŽãƒ¼ãƒ‰ãŒã€ã¾ã‚‚ãªãã‚µãƒãƒ¼ãƒˆå¯¾è±¡å¤–ã¨ãªã‚‹containerdãƒãƒ¼ã‚¸ãƒ§ãƒ³ã‚’ä½¿ç”¨ã—ã¦ã„ã‚‹ã‹ã©ã†ã‹ã‚’åˆ¤æ–ã™ã‚‹ãŸã‚ã«ã€kubelet_cri_losing_supportãƒ¡ãƒˆãƒªã‚¯ã‚¹ã‚’ç›£è¦–ã§ãã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯SIG NodeãŒä¸»å°Žã—ãŸKEP #4033ã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

`PreferClose`ãƒˆãƒ©ãƒ•ã‚£ãƒƒã‚¯åˆ†æ•£ã®éžæŽ¨å¥¨åŒ–

Kubernetes Serviceå†…ã®spec.trafficDistributionãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã«ã‚ˆã‚Šã€ãƒ¦ãƒ¼ã‚¶ãƒ¼ã¯Serviceã‚¨ãƒ³ãƒ‰ãƒã‚¤ãƒ³ãƒˆã¸ã®ãƒˆãƒ©ãƒ•ã‚£ãƒƒã‚¯ã®ãƒ«ãƒ¼ãƒ†ã‚£ãƒ³ã‚°æ–¹æ³•ã«é–¢ã™ã‚‹å„ªå…ˆè¨å®šã‚’æŒ‡å®šã§ãã¾ã™ã€‚

KEP-3015ã§ã¯PreferCloseã‚’éžæŽ¨å¥¨ã¨ã—ã€2ã¤ã®æ–°ã—ã„å€¤PreferSameZoneã¨PreferSameNodeã‚’å°Žå…¥ã—ã¾ã™ã€‚ PreferSameZoneã¯æ—¢å˜ã®PreferCloseã®ã‚¨ã‚¤ãƒªã‚¢ã‚¹ã§ã€ãã®æ„å‘³ã‚’ã‚ˆã‚Šæ˜Žç¢ºã«ã—ã¾ã™ã€‚ PreferSameNodeã¯å¯èƒ½ãªå ´åˆã¯ãƒãƒ¼ã‚«ãƒ«ã‚¨ãƒ³ãƒ‰ãƒã‚¤ãƒ³ãƒˆã«æŽ¥ç¶šã‚’é…ä¿¡ã—ã€ä¸å¯èƒ½ãªå ´åˆã¯ãƒªãƒ¢ãƒ¼ãƒˆã‚¨ãƒ³ãƒ‰ãƒã‚¤ãƒ³ãƒˆã«ãƒ•ã‚©ãƒ¼ãƒ«ãƒãƒƒã‚¯ã™ã‚‹ã“ã¨ã‚’å¯èƒ½ã«ã—ã¾ã™ã€‚

ã“ã®æ©Ÿèƒ½ã¯PreferSameTrafficDistributionãƒ•ã‚£ãƒ¼ãƒãƒ£ãƒ¼ã‚²ãƒ¼ãƒˆã®ä¸‹ã§v1.33ã§å°Žå…¥ã•ã‚Œã¾ã—ãŸã€‚ v1.34ã§ãƒ™ãƒ¼ã‚¿ã«æ˜‡æ ¼ã—ã€ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã§æœ‰åŠ¹ã«ãªã£ã¦ã„ã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯SIG NetworkãŒä¸»å°Žã—ãŸKEP #3015ã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸ

ãƒªãƒªãƒ¼ã‚¹ãƒŽãƒ¼ãƒˆ

Kubernetes v1.34ãƒªãƒªãƒ¼ã‚¹ã®è©³ç´°ã«ã¤ã„ã¦ã¯ã€ãƒªãƒªãƒ¼ã‚¹ãƒŽãƒ¼ãƒˆã‚’ã”è¦§ãã ã•ã„ã€‚

å…¥æ‰‹æ–¹æ³•

Kubernetes v1.34ã¯GitHubã¾ãŸã¯Kuberneteså…¬å¼ã‚µã‚¤ãƒˆã®ãƒ€ã‚¦ãƒ³ãƒãƒ¼ãƒ‰ãƒšãƒ¼ã‚¸ã‹ã‚‰ãƒ€ã‚¦ãƒ³ãƒãƒ¼ãƒ‰ã§ãã¾ã™ã€‚

Kubernetesã‚’å§‹ã‚ã‚‹ã«ã¯ã€ãƒãƒ¥ãƒ¼ãƒˆãƒªã‚¢ãƒ«ã‚’ãƒã‚§ãƒƒã‚¯ã™ã‚‹ã‹ã€minikubeã‚’ä½¿ç”¨ã—ã¦ãƒãƒ¼ã‚«ãƒ«Kubernetesã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã‚’å®Ÿè¡Œã—ã¦ãã ã•ã„ã€‚ã¾ãŸã€kubeadmã‚’ä½¿ç”¨ã—ã¦ç°¡å˜ã«v1.34ã‚’ã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ«ã™ã‚‹ã“ã¨ã‚‚ã§ãã¾ã™ã€‚

ãƒªãƒªãƒ¼ã‚¹ãƒãƒ¼ãƒ

Kubernetesã¯ã€ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã®æ”¯æ´ã¨çŒ®èº«çš„ãªåŠªåŠ›ã«ã‚ˆã£ã¦æˆã‚Šç«‹ã£ã¦ã„ã¾ã™ã€‚ å„ãƒªãƒªãƒ¼ã‚¹ãƒãƒ¼ãƒ ã¯ã€çš†ã•ã‚“ãŒåˆ©ç”¨ã™ã‚‹Kubernetesãƒªãƒªãƒ¼ã‚¹ã‚’æ§‹æˆã™ã‚‹æ§˜ã€…ãªè¦ç´ ã‚’å”åŠ›ã—ã¦æ§‹ç¯‰ã™ã‚‹ã€çŒ®èº«çš„ãªã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ãƒœãƒ©ãƒ³ãƒ†ã‚£ã‚¢ã§æ§‹æˆã•ã‚Œã¦ã„ã¾ã™ã€‚ ã“ã‚Œã‚’å®Ÿç¾ã™ã‚‹ã«ã¯ã€ã‚³ãƒ¼ãƒ‰ãã®ã‚‚ã®ã‹ã‚‰ãƒ‰ã‚ãƒ¥ãƒ¡ãƒ³ãƒˆä½œæˆã€ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆç®¡ç†ã«è‡³ã‚‹ã¾ã§ã€ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã®ã‚ã‚‰ã‚†ã‚‹åˆ†é‡Žã®å°‚é–€ã‚¹ã‚ãƒ«ãŒå¿…è¦ã§ã™ã€‚

ç§ãŸã¡ã¯ã€æŠ€è¡“ã¨ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£æ§‹ç¯‰ã¸ã®æƒ…ç†±ã§Kubernetesã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã«å¤§ããªè¶³è·¡ã‚’æ®‹ã—ãŸçŒ®èº«çš„ãªã‚³ãƒ³ãƒˆãƒªãƒ“ãƒ¥ãƒ¼ã‚¿ãƒ¼ã€Rodolfo "Rodo" MartÃnez Vegaã‚’è¿½æ‚¼ã—ã¾ã™ã€‚ Rodoã¯ã€v1.22-v1.23ãŠã‚ˆã³v1.25-v1.30ã‚’å«ã‚€è¤‡æ•°ã®ãƒªãƒªãƒ¼ã‚¹ã§Kubernetesãƒªãƒªãƒ¼ã‚¹ãƒãƒ¼ãƒ ã®ãƒ¡ãƒ³ãƒãƒ¼ã¨ã—ã¦æ´»å‹•ã—ã€ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã®æˆåŠŸã¨å®‰å®šæ€§ã«å¯¾ã™ã‚‹æºã‚‹ãŽãªã„çŒ®èº«ã‚’ç¤ºã—ã¾ã—ãŸã€‚
ãƒªãƒªãƒ¼ã‚¹ãƒãƒ¼ãƒ ã§ã®æ´»å‹•ã«åŠ ãˆã€Rodoã¯Cloud Native LATAMã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã®ç™ºå±•ã«æ·±ãé–¢ã‚ã‚Šã€ã“ã®åˆ†é‡Žã«ãŠã‘ã‚‹è¨€èªžã¨æ–‡åŒ–ã®å£ã‚’è¶Šãˆã‚‹æž¶ã‘æ©‹ã¨ãªã‚Šã¾ã—ãŸã€‚ Kubernetesãƒ‰ã‚ãƒ¥ãƒ¡ãƒ³ãƒˆã®ã‚¹ãƒšã‚¤ãƒ³èªžç‰ˆã‚„CNCF Glossaryã§ã®æ´»å‹•ã¯ã€ä¸–ç•Œä¸ã®ã‚¹ãƒšã‚¤ãƒ³èªžè©±è€…ã®é–‹ç™ºè€…ã«çŸ¥è˜ã‚’å±Šã‘ãŸã„ã¨ã„ã†å½¼ã®å¼·ã„æ€ã„ã‚’ä½“ç¾ã—ã¦ã„ã¾ã—ãŸã€‚ RodoãŒæŒ‡å°Žã—ãŸæ•°å¤šãã®ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ãƒ¡ãƒ³ãƒãƒ¼ã€å½¼ãŒæ”¯ãˆãŸãƒªãƒªãƒ¼ã‚¹ã€ãã—ã¦å½¼ãŒè‚²ã‚“ã æ´»æ°—ã‚ã‚‹LATAM Kubernetesã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã‚’é€šã˜ã¦ã€å½¼ã®éºç”£ã¯ä»Šã‚‚ç”Ÿãç¶šã‘ã¦ã„ã¾ã™ã€‚

Kubernetes v1.34ãƒªãƒªãƒ¼ã‚¹ã‚’ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã«å±Šã‘ã‚‹ãŸã‚ã«å¤šãã®æ™‚é–“ã‚’è²»ã‚„ã—ã¦å–ã‚Šçµ„ã‚“ã§ãã‚ŒãŸãƒªãƒªãƒ¼ã‚¹ãƒãƒ¼ãƒ å…¨ä½“ã«æ„Ÿè¬ã—ã¾ã™ã€‚ ãƒªãƒªãƒ¼ã‚¹ãƒãƒ¼ãƒ ã«ã¯ã€åˆå‚åŠ ã®Shadow(è¦‹ç¿’ã„)ã‹ã‚‰ã€è¤‡æ•°ã®ãƒªãƒªãƒ¼ã‚¹ã‚µã‚¤ã‚¯ãƒ«ã§çµŒé¨“ã‚’ç©ã‚“ã ãƒ™ãƒ†ãƒ©ãƒ³ã®ãƒãƒ¼ãƒ ãƒªãƒ¼ãƒ‰ã¾ã§ã€æ§˜ã€…ãªãƒ¡ãƒ³ãƒãƒ¼ãŒå‚åŠ ã—ã¦ã„ã¾ã™ã€‚ ãƒªãƒªãƒ¼ã‚¹ãƒªãƒ¼ãƒ‰ã®Vyom Yadavã«å¿ƒã‚ˆã‚Šæ„Ÿè¬ã—ã¾ã™ã€‚ å½¼ã¯æˆåŠŸã¸ã¨å°Žããƒªãƒ¼ãƒ€ãƒ¼ã‚·ãƒƒãƒ—ã€èª²é¡Œè§£æ±ºã¸ã®å®Ÿè·µçš„ãªã‚¢ãƒ—ãƒãƒ¼ãƒã€ãã—ã¦ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã‚’å‰é€²ã•ã›ã‚‹æ´»åŠ›ã¨æ€ã„ã‚„ã‚Šã‚’ç¤ºã—ã¦ãã‚Œã¾ã—ãŸã€‚

ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã®æ´»å‹•çŠ¶æ³

CNCF K8sã®DevStatsãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã¯ã€KubernetesãŠã‚ˆã³æ§˜ã€…ãªã‚µãƒ–ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã®æ´»å‹•çŠ¶æ³ã«é–¢ã™ã‚‹èˆˆå‘³æ·±ã„ãƒ‡ãƒ¼ã‚¿ãƒã‚¤ãƒ³ãƒˆã‚’é›†è¨ˆã—ã¦ã„ã¾ã™ã€‚ ã“ã‚Œã«ã¯å€‹äººã®è²¢çŒ®ã‹ã‚‰è²¢çŒ®ä¼æ¥æ•°ã¾ã§å«ã¾ã‚Œã€ã“ã®ã‚¨ã‚³ã‚·ã‚¹ãƒ†ãƒ ã®ç™ºå±•ã«è²»ã‚„ã•ã‚Œã‚‹åŠªåŠ›ã®æ·±ã•ã¨åºƒã•ã‚’ç¤ºã—ã¦ã„ã¾ã™ã€‚

v1.34ãƒªãƒªãƒ¼ã‚¹ã‚µã‚¤ã‚¯ãƒ«(2025å¹´5æœˆ19æ—¥ã‹ã‚‰2025å¹´8æœˆ27æ—¥ã¾ã§ã®15é€±é–“)ã«ãŠã„ã¦ã€Kubernetesã«ã¯æœ€å¤§106ã®ç•°ãªã‚‹ä¼æ¥ã¨491äººã®å€‹äººã‹ã‚‰è²¢çŒ®ãŒã‚ã‚Šã¾ã—ãŸã€‚ ã‚ˆã‚Šåºƒç¯„ãªã‚¯ãƒ©ã‚¦ãƒ‰ãƒã‚¤ãƒ†ã‚£ãƒ–ã‚¨ã‚³ã‚·ã‚¹ãƒ†ãƒ ã§ã¯ã€ã“ã®æ•°å—ã¯370ç¤¾ã€åˆè¨ˆ2235äººã®ã‚³ãƒ³ãƒˆãƒªãƒ“ãƒ¥ãƒ¼ã‚¿ãƒ¼ã«é”ã—ã¦ã„ã¾ã™ã€‚

ãªãŠã€ã€Œè²¢çŒ®ã€ã¨ã¯ã‚³ãƒŸãƒƒãƒˆã®ä½œæˆã€ã‚³ãƒ¼ãƒ‰ãƒ¬ãƒ“ãƒ¥ãƒ¼ã€ã‚³ãƒ¡ãƒ³ãƒˆã€Issueã‚„PRã®ä½œæˆã€PRã®ãƒ¬ãƒ“ãƒ¥ãƒ¼(ãƒ–ãƒã‚°ã‚„ãƒ‰ã‚ãƒ¥ãƒ¡ãƒ³ãƒˆã‚’å«ã‚€)ã€ã¾ãŸã¯Issueã‚„PRã¸ã®ã‚³ãƒ¡ãƒ³ãƒˆã‚’è¡Œã†ã“ã¨ã‚’æŒ‡ã—ã¾ã™ã€‚
è²¢çŒ®ã«èˆˆå‘³ãŒã‚ã‚‹å ´åˆã¯ã€ã‚³ãƒ³ãƒˆãƒªãƒ“ãƒ¥ãƒ¼ã‚¿ãƒ¼å‘ã‘Webã‚µã‚¤ãƒˆã®ã¯ã˜ã‚ã«ã‚’ã”è¦§ãã ã•ã„ã€‚

ãƒ‡ãƒ¼ã‚¿ã‚½ãƒ¼ã‚¹:

ã‚¤ãƒ™ãƒ³ãƒˆæƒ…å ±

ä»Šå¾Œé–‹å‚¬äºˆå®šã®KubernetesãŠã‚ˆã³ã‚¯ãƒ©ã‚¦ãƒ‰ãƒã‚¤ãƒ†ã‚£ãƒ–ã‚¤ãƒ™ãƒ³ãƒˆ(KubeCon + CloudNativeConã€KCDãªã©)ã‚„ã€ä¸–ç•Œå„åœ°ã§é–‹å‚¬ã•ã‚Œã‚‹ä¸»è¦ãªã‚«ãƒ³ãƒ•ã‚¡ãƒ¬ãƒ³ã‚¹ã«ã¤ã„ã¦ç´¹ä»‹ã—ã¾ã™ã€‚ Kubernetesã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã®æœ€æ–°æƒ…å ±ã‚’å…¥æ‰‹ã—ã€å‚åŠ ã—ã¾ã—ã‚‡ã†ï¼

2025å¹´8æœˆ

KCD - Kubernetes Community Days: Colombia: 2025å¹´8æœˆ28æ—¥ | ã‚³ãƒãƒ³ãƒ“ã‚¢ã€ãƒœã‚´ã‚¿

2025å¹´9æœˆ

CloudCon Sydney: 2025å¹´9æœˆ9æ—¥-10æ—¥ | ã‚ªãƒ¼ã‚¹ãƒˆãƒ©ãƒªã‚¢ã€ã‚·ãƒ‰ãƒ‹ãƒ¼
KCD - Kubernetes Community Days: San Francisco Bay Area: 2025å¹´9æœˆ9æ—¥ | ã‚¢ãƒ¡ãƒªã‚«ã€ã‚µãƒ³ãƒ•ãƒ©ãƒ³ã‚·ã‚¹ã‚³
KCD - Kubernetes Community Days: Washington DC: 2025å¹´9æœˆ16æ—¥ | ã‚¢ãƒ¡ãƒªã‚«ã€ãƒ¯ã‚·ãƒ³ãƒˆãƒ³D.C.
KCD - Kubernetes Community Days: Sofia: 2025å¹´9æœˆ18æ—¥ | ãƒ–ãƒ«ã‚¬ãƒªã‚¢ã€ã‚½ãƒ•ã‚£ã‚¢
KCD - Kubernetes Community Days: El Salvador: 2025å¹´9æœˆ20æ—¥ | ã‚¨ãƒ«ã‚µãƒ«ãƒãƒ‰ãƒ«ã€ã‚µãƒ³ã‚µãƒ«ãƒãƒ‰ãƒ«

2025å¹´10æœˆ

KCD - Kubernetes Community Days: Warsaw: 2025å¹´10æœˆ9æ—¥ | ãƒãƒ¼ãƒ©ãƒ³ãƒ‰ã€ãƒ¯ãƒ«ã‚·ãƒ£ãƒ¯
KCD - Kubernetes Community Days: Edinburgh: 2025å¹´10æœˆ21æ—¥ | ã‚¤ã‚®ãƒªã‚¹ã€ã‚¨ãƒ‡ã‚£ãƒ³ãƒãƒ©
KCD - Kubernetes Community Days: Sri Lanka: 2025å¹´10æœˆ26æ—¥ | ã‚¹ãƒªãƒ©ãƒ³ã‚«ã€ã‚³ãƒãƒ³ãƒœ

2025å¹´11æœˆ

KCD - Kubernetes Community Days: Porto: 2025å¹´11æœˆ3æ—¥ | ãƒãƒ«ãƒˆã‚¬ãƒ«ã€ãƒãƒ«ãƒˆ
KubeCon + CloudNativeCon North America 2025: 2025å¹´11æœˆ10æ—¥-13æ—¥ | ã‚¢ãƒ¡ãƒªã‚«ã€ã‚¢ãƒˆãƒ©ãƒ³ã‚¿
KCD - Kubernetes Community Days: Hangzhou: 2025å¹´11æœˆ14æ—¥ | ä¸å›½ã€æå·ž

2025å¹´12æœˆ

KCD - Kubernetes Community Days: Suisse Romande: 2025å¹´12æœˆ4æ—¥ | ã‚¹ã‚¤ã‚¹ã€ã‚¸ãƒ¥ãƒãƒ¼ãƒ–

æœ€æ–°ã®ã‚¤ãƒ™ãƒ³ãƒˆæƒ…å ±ã¯ã“ã¡ã‚‰ã§ã”ç¢ºèªã„ãŸã ã‘ã¾ã™ã€‚

ã‚¦ã‚§ãƒ“ãƒŠãƒ¼ã®ã”æ¡ˆå†…

Kubernetes v1.34ãƒªãƒªãƒ¼ã‚¹ãƒãƒ¼ãƒ ã®ãƒ¡ãƒ³ãƒãƒ¼ã¨ä¸€ç·’ã« 2025å¹´9æœˆ24æ—¥(æ°´)åˆå¾Œ4æ™‚(UTC) ã‹ã‚‰ã€ã“ã®ãƒªãƒªãƒ¼ã‚¹ã®ãƒã‚¤ãƒ©ã‚¤ãƒˆã‚„ã‚¢ãƒƒãƒ—ã‚°ãƒ¬ãƒ¼ãƒ‰ã®è¨ˆç”»ã«å½¹ç«‹ã¤éžæŽ¨å¥¨äº‹é …ã‚„å‰Šé™¤äº‹é …ã«ã¤ã„ã¦å¦ã³ã¾ã—ã‚‡ã†ã€‚ è©³ç´°ãŠã‚ˆã³å‚åŠ ç™»éŒ²ã¯ã€CNCFã‚ªãƒ³ãƒ©ã‚¤ãƒ³ãƒ—ãƒã‚°ãƒ©ãƒ ãƒ»ã‚µã‚¤ãƒˆã®ã‚¤ãƒ™ãƒ³ãƒˆãƒšãƒ¼ã‚¸ã‚’ã”è¦§ãã ã•ã„ã€‚

å‚åŠ æ–¹æ³•

Kubernetesã«é–¢ã‚ã‚‹æœ€ã‚‚ç°¡å˜ãªæ–¹æ³•ã¯ã€ã‚ãªãŸã®èˆˆå‘³ã«åˆã£ãŸSpecial Interest Groups (SIGs)ã®ã„ãšã‚Œã‹ã«å‚åŠ ã™ã‚‹ã“ã¨ã§ã™ã€‚ Kubernetesã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã«å‘ã‘ã¦ä½•ã‹ç™ºä¿¡ã—ãŸã„ã“ã¨ã¯ã‚ã‚Šã¾ã™ã‹ï¼Ÿ æ¯Žé€±ã®ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ãƒŸãƒ¼ãƒ†ã‚£ãƒ³ã‚°ã‚„ã€ä»¥ä¸‹ã®ãƒãƒ£ãƒ³ãƒãƒ«ã§ã‚ãªãŸã®å£°ã‚’å…±æœ‰ã—ã¦ãã ã•ã„ã€‚ ç¶™ç¶šçš„ãªãƒ•ã‚£ãƒ¼ãƒ‰ãƒãƒƒã‚¯ã¨ã‚µãƒãƒ¼ãƒˆã«æ„Ÿè¬ã„ãŸã—ã¾ã™ã€‚

æœ€æ–°æƒ…å ±ã¯BlueSkyã®@kubernetes.ioã‚’ãƒ•ã‚©ãƒãƒ¼ã—ã¦ãã ã•ã„
Discussã§ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ãƒ‡ã‚£ã‚¹ã‚«ãƒƒã‚·ãƒ§ãƒ³ã«å‚åŠ ã—ã¦ãã ã•ã„
Slackã§ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã«å‚åŠ ã—ã¦ãã ã•ã„
Stack Overflowã§è³ªå•ã—ãŸã‚Šã€å›žç”ã—ãŸã‚Šã—ã¦ãã ã•ã„
ã‚ãªãŸã®Kubernetesã«é–¢ã™ã‚‹ã‚¹ãƒˆãƒ¼ãƒªãƒ¼ã‚’å…±æœ‰ã—ã¦ãã ã•ã„
Kubernetesã®æœ€æ–°æƒ…å ±ã¯ãƒ–ãƒã‚°ã§ã•ã‚‰ã«è©³ã—ãèªã‚€ã“ã¨ãŒã§ãã¾ã™
ãƒªãƒªãƒ¼ã‚¹ãƒãƒ¼ãƒ ã«ã¤ã„ã¦ã®è©³ç´°ã¯Kubernetes Release Teamã‚’ã”è¦§ãã ã•ã„

Kubernetes v1.33: æ€ã„æã„ã¦ã„ãŸã¨ãŠã‚Šã«å‹•ä½œã™ã‚‹ã‚ˆã†ã«ãªã£ãŸImage Pull Policyï¼

Mon, 12 May 2025 10:30:00 -0800

æ€ã„æã„ã¦ã„ãŸã¨ãŠã‚Šã«å‹•ä½œã™ã‚‹ã‚ˆã†ã«ãªã£ãŸImage Pull Policyï¼

Kubernetesã«ã¯æ„å¤–ãªæŒ™å‹•ãŒã„ãã¤ã‹å˜åœ¨ã—ã¾ã™ãŒã€imagePullPolicyã®æŒ™å‹•ã‚‚ãã®ä¸€ã¤ã‹ã‚‚ã—ã‚Œã¾ã›ã‚“ã€‚ KubernetesãŒPodã®å®Ÿè¡Œã‚’æœ¬è³ªã¨ã™ã‚‹ã‚‚ã®ã§ã‚ã‚‹ã“ã¨ã‚’è¸ã¾ãˆã‚‹ã¨ã€èªè¨¼ãŒå¿…è¦ãªã‚¤ãƒ¡ãƒ¼ã‚¸ã«å¯¾ã—ã¦Podã®ã‚¢ã‚¯ã‚»ã‚¹ã‚’åˆ¶é™ã—ã‚ˆã†ã¨ã™ã‚‹éš›ã«ã€10å¹´ä»¥ä¸Šå‰ã‹ã‚‰issue 18787ã¨ã„ã†å½¢ã§æ³¨æ„ç‚¹ãŒå˜åœ¨ã—ã¦ã„ãŸã“ã¨ã‚’çŸ¥ã‚‹ã¨ã€æ„å¤–ã«æ€ã†ã‹ã‚‚ã—ã‚Œã¾ã›ã‚“ã€‚ ã“ã®10å¹´è¶Šã—ã®å•é¡ŒãŒè§£æ±ºã•ã‚Œã‚‹ãƒªãƒªãƒ¼ã‚¹ã¯ã€éžå¸¸ã«èˆˆå¥®ã™ã¹ãã‚‚ã®ã§ã™ã€‚

å‚™è€ƒ:

ã“ã®ãƒ–ãƒã‚°è¨˜äº‹å…¨ä½“ã‚’é€šã—ã¦ã€ŒPodã®èªè¨¼æƒ…å ±ã€ã¨ã„ã†ç”¨èªžãŒé »ç¹ã«ä½¿ã‚ã‚Œã¾ã™ã€‚ ã“ã®æ–‡è„ˆã«ãŠã„ã¦ã¯ã€ã“ã®ç”¨èªžã¯ã€ä¸€èˆ¬çš„ã«ã‚³ãƒ³ãƒ†ãƒŠã‚¤ãƒ¡ãƒ¼ã‚¸ã®ãƒ—ãƒ«ã‚’èªè¨¼ã™ã‚‹ãŸã‚ã«PodãŒåˆ©ç”¨ã§ãã‚‹èªè¨¼æƒ…å ±å…¨ä½“ã‚’æŒ‡ã—ã¾ã™ã€‚

IfNotPresentã€ãŸã¨ãˆæœ¬æ¥æŒã¤ã¹ãã§ãªã„ã¨ã—ã¦ã‚‚

ã“ã®å•é¡Œã®è¦ç‚¹ã¯ã€imagePullPolicy: IfNotPresentã¨ã„ã†è¨å®šãŒã€ã¾ã•ã«æ–‡å—é€šã‚Šã®æ„å‘³ã§ã—ã‹å‹•ä½œã›ãšã€ãã‚Œä»¥ä¸Šã®ã“ã¨ã¯ä¸€åˆ‡è¡Œã£ã¦ã“ãªã‹ã£ãŸã¨ã„ã†ç‚¹ã§ã™ã€‚ ã“ã“ã§ã€ã¨ã‚ã‚‹ã‚·ãƒŠãƒªã‚ªã‚’è€ƒãˆã¦ã¿ã¾ã—ã‚‡ã†ã€‚ ã¾ãšã€Namespace Xå†…ã®Pod AãŒNode 1ã«ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ«ã•ã‚Œã€ãƒ—ãƒ©ã‚¤ãƒ™ãƒ¼ãƒˆãƒªãƒã‚¸ãƒˆãƒªã‹ã‚‰image Fooã‚’å¿…è¦ã¨ã™ã‚‹çŠ¶æ³ã‚’è€ƒãˆã¾ã™ã€‚ ã‚¤ãƒ¡ãƒ¼ã‚¸ãƒ—ãƒ«æ™‚ã®èªè¨¼æƒ…å ±ã¨ã—ã¦ã€ã“ã®Podã¯imagePullSecretsã®Secret 1ã‚’å‚ç…§ã—ã¦ã„ã¾ã™ã€‚ Secret 1ã«ã¯ã€ãƒ—ãƒ©ã‚¤ãƒ™ãƒ¼ãƒˆãƒªãƒã‚¸ãƒˆãƒªã‹ã‚‰ã‚¤ãƒ¡ãƒ¼ã‚¸ã‚’ãƒ—ãƒ«ã™ã‚‹ãŸã‚ã«å¿…è¦ãªèªè¨¼æƒ…å ±ãŒå«ã¾ã‚Œã¦ã„ã¾ã™ã€‚ Kubeletã¯Pod Aã‹ã‚‰æä¾›ã•ã‚ŒãŸSecret 1ã®èªè¨¼æƒ…å ±ã‚’ä½¿ç”¨ã—ã€ãƒ¬ã‚¸ã‚¹ãƒˆãƒªã‹ã‚‰container image Fooã‚’ãƒ—ãƒ«ã™ã‚‹ã“ã¨ã«ãªã‚Šã¾ã™ã€‚ ã“ã‚ŒãŒæ„å›³ã—ãŸ(ã‹ã¤å®‰å…¨ãª)å‹•ä½œã§ã™ã€‚

ã—ã‹ã—ã€ã“ã“ã‹ã‚‰ãŒèˆˆå‘³æ·±ã„ã¨ã“ã‚ã§ã™ã€‚ Namespace Yå†…ã®Pod Bã‚‚ã€ãŸã¾ãŸã¾Node 1ã«ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ«ã•ã‚ŒãŸã¨ã—ã¾ã™ã€‚ ã“ã®ã¨ãã€äºˆæœŸã—ãªã„(ã‹ã¤æ½œåœ¨çš„ã«å®‰å…¨ã§ãªã„)äº‹æ…‹ãŒç™ºç”Ÿã—ã¾ã™ã€‚ Pod Bã¯IfNotPresentã®ã‚¤ãƒ¡ãƒ¼ã‚¸ãƒ—ãƒ«ãƒãƒªã‚·ãƒ¼ã‚’æŒ‡å®šã—ã€åŒã˜ãƒ—ãƒ©ã‚¤ãƒ™ãƒ¼ãƒˆã‚¤ãƒ¡ãƒ¼ã‚¸ã‚’å‚ç…§ã—ã¦ã„ã‚‹ã‹ã‚‚ã—ã‚Œã¾ã›ã‚“ã€‚ ã—ã‹ã—ã€Pod Bã¯imagePullSecretsã§Secret 1(ã‚ã‚‹ã„ã¯æœ¬ä¾‹ã§ã¯ã€ã„ã‹ãªã‚‹Secretã‚‚)ã‚’æŒ‡å®šã—ã¦ã„ã¾ã›ã‚“ã€‚ KubeletãŒã“ã®Podã‚’å®Ÿè¡Œã—ã‚ˆã†ã¨ã™ã‚‹ã¨ã€IfNotPresentã®ãƒãƒªã‚·ãƒ¼ãŒå°Šé‡ã•ã‚Œã¾ã™ã€‚ Kubeletã¯ã€image FooãŒã™ã§ã«ãƒãƒ¼ã‚«ãƒ«ã«å˜åœ¨ã—ã¦ã„ã‚‹ã“ã¨ã‚’ç¢ºèªã—ã€ãã®image Fooã‚’Pod Bã«æä¾›ã—ã¾ã™ã€‚ ã¤ã¾ã‚Šã€Pod Bã¯ãã‚‚ãã‚‚ã€ãã®ã‚¤ãƒ¡ãƒ¼ã‚¸ã‚’ãƒ—ãƒ«ã™ã‚‹æ¨©é™ã‚’ç¤ºã™èªè¨¼æƒ…å ±ã‚’ä¸€åˆ‡æä¾›ã—ã¦ã„ãªã„ã«ã‚‚ã‹ã‹ã‚ã‚‰ãšã€ãã®ã‚¤ãƒ¡ãƒ¼ã‚¸ã‚’å®Ÿè¡Œã§ãã¦ã—ã¾ã†ã®ã§ã™ã€‚

ç•°ãªã‚‹Podã«ã‚ˆã£ã¦ãƒ—ãƒ«ã•ã‚ŒãŸãƒ—ãƒ©ã‚¤ãƒ™ãƒ¼ãƒˆã‚¤ãƒ¡ãƒ¼ã‚¸ã‚’ä½¿ç”¨ã™ã‚‹

IfNotPresentã¯ã€ã‚¤ãƒ¡ãƒ¼ã‚¸ãŒãƒŽãƒ¼ãƒ‰ä¸Šã«ã™ã§ã«å˜åœ¨ã—ã¦ã„ã‚‹å ´åˆã«ã¯image Fooã‚’ãƒ—ãƒ«ã™ã¹ãã§ã¯ã‚ã‚Šã¾ã›ã‚“ãŒã€ãƒŽãƒ¼ãƒ‰ã«ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ«ã•ã‚ŒãŸã™ã¹ã¦ã®PodãŒã€éŽåŽ»ã«ãƒ—ãƒ«ã•ã‚ŒãŸãƒ—ãƒ©ã‚¤ãƒ™ãƒ¼ãƒˆã‚¤ãƒ¡ãƒ¼ã‚¸ã¸ã‚¢ã‚¯ã‚»ã‚¹ã§ãã¦ã—ã¾ã†ã¨ã„ã†ã®ã¯ã€ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£ä¸Šä¸é©åˆ‡ãªæ§‹æˆã§ã™ã€‚ ã“ã‚Œã‚‰ã®Podã¯ãã‚‚ãã‚‚ã€ãã®ã‚¤ãƒ¡ãƒ¼ã‚¸ã‚’ãƒ—ãƒ«ã™ã‚‹æ¨©é™ã‚’å…¨ãä¸Žãˆã‚‰ã‚Œã¦ã„ãªã‹ã£ãŸã®ã§ã™ã€‚

IfNotPresentã€ãŸã ã—æœ¬æ¥ã‚¢ã‚¯ã‚»ã‚¹æ¨©ãŒã‚ã‚‹å ´åˆã«é™ã‚‹

Kubernetes v1.33ã§ã¯ã€SIG Authã¨SIG NodeãŒã¤ã„ã«ã“ã®(éžå¸¸ã«å¤ãã‹ã‚‰ã‚ã‚‹)å•é¡Œã¸ã®å¯¾å¿œã‚’é–‹å§‹ã—ã€é©åˆ‡ãªæ¤œè¨¼ãŒè¡Œã‚ã‚Œã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã—ãŸï¼ åŸºæœ¬çš„ãªæœŸå¾…ã•ã‚Œã‚‹æŒ™å‹•ã¯å¤‰æ›´ã•ã‚Œã¦ã„ã¾ã›ã‚“ã€‚ ã‚¤ãƒ¡ãƒ¼ã‚¸ãŒå˜åœ¨ã—ãªã„å ´åˆã€Kubeletã¯ãã®ã‚¤ãƒ¡ãƒ¼ã‚¸ã‚’ãƒ—ãƒ«ã—ã‚ˆã†ã¨ã—ã¾ã™ã€‚ ãã®éš›ã«ã¯ã€å„PodãŒæä¾›ã™ã‚‹èªè¨¼æƒ…å ±ãŒä½¿ç”¨ã•ã‚Œã¾ã™ã€‚ ã“ã®æŒ™å‹•ã¯1.33ä»¥å‰ã¨åŒæ§˜ã§ã™ã€‚

ã‚¤ãƒ¡ãƒ¼ã‚¸ãŒã™ã§ã«å˜åœ¨ã—ã¦ã„ã‚‹å ´åˆã€Kubeletã®æŒ™å‹•ã¯å¤‰åŒ–ã—ã¾ã™ã€‚ ã“ã‚Œã‹ã‚‰ã¯ã€Kubeletã¯Podã«ãã®ã‚¤ãƒ¡ãƒ¼ã‚¸ã®ä½¿ç”¨ã‚’è¨±å¯ã™ã‚‹å‰ã«ã€ãã®Podã®èªè¨¼æƒ…å ±ã‚’æ¤œè¨¼ã™ã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã™ã€‚

ã“ã®æ©Ÿèƒ½ã®æ”¹ä¿®ã«ã‚ãŸã£ã¦ã¯ã€ãƒ‘ãƒ•ã‚©ãƒ¼ãƒžãƒ³ã‚¹ã¨ã‚µãƒ¼ãƒ“ã‚¹ã®å®‰å®šæ€§ã‚‚è€ƒæ…®ã•ã‚Œã¦ã„ã¾ã™ã€‚ åŒã˜èªè¨¼æƒ…å ±ã‚’ä½¿ç”¨ã™ã‚‹Podã¯ã€å†èªè¨¼ã‚’è¦æ±‚ã•ã‚Œã‚‹ã“ã¨ã¯ã‚ã‚Šã¾ã›ã‚“ã€‚ ã“ã‚Œã¯ã€PodãŒåŒã˜Kubernetesã®Secretã‚ªãƒ–ã‚¸ã‚§ã‚¯ãƒˆã‹ã‚‰èªè¨¼æƒ…å ±ã‚’å–å¾—ã—ã¦ã„ã‚‹å ´åˆã«ã¯ã€ãŸã¨ãˆãã®èªè¨¼æƒ…å ±ãŒãƒãƒ¼ãƒ†ãƒ¼ã‚·ãƒ§ãƒ³ã•ã‚Œã¦ã„ãŸã¨ã—ã¦ã‚‚ã€å½“ã¦ã¯ã¾ã‚Šã¾ã™ã€‚

Never pullã€ãŸã ã—èªè¨¼ã•ã‚Œã¦ã„ã‚‹å ´åˆã«é™ã‚‹

imagePullPolicy: Neverã‚ªãƒ—ã‚·ãƒ§ãƒ³ã¯ã€ã‚¤ãƒ¡ãƒ¼ã‚¸ã‚’å–å¾—ã—ã¾ã›ã‚“ã€‚ ãŸã ã—ã€ã‚³ãƒ³ãƒ†ãƒŠã‚¤ãƒ¡ãƒ¼ã‚¸ãŒã™ã§ã«ãƒŽãƒ¼ãƒ‰ä¸Šã«å˜åœ¨ã™ã‚‹å ´åˆã€ãã®ãƒ—ãƒ©ã‚¤ãƒ™ãƒ¼ãƒˆã‚¤ãƒ¡ãƒ¼ã‚¸ã‚’ä½¿ç”¨ã—ã‚ˆã†ã¨ã™ã‚‹ã™ã¹ã¦ã®Podã¯ã€èªè¨¼æƒ…å ±ã®æç¤ºãŒæ±‚ã‚ã‚‰ã‚Œã€ãã®èªè¨¼æƒ…å ±ã¯æ¤œè¨¼ã•ã‚Œã¾ã™ã€‚

åŒã˜èªè¨¼æƒ…å ±ã‚’ä½¿ç”¨ã™ã‚‹Podã¯ã€å†èªè¨¼ã‚’è¦æ±‚ã•ã‚Œã‚‹ã“ã¨ã¯ã‚ã‚Šã¾ã›ã‚“ã€‚ ä¸€æ–¹ã§ã€ä»¥å‰ã«ãã®ã‚¤ãƒ¡ãƒ¼ã‚¸ã®ãƒ—ãƒ«ã«æˆåŠŸã—ãŸèªè¨¼æƒ…å ±ã‚’æç¤ºã—ãªã„Podã«ã¯ã€ãƒ—ãƒ©ã‚¤ãƒ™ãƒ¼ãƒˆã‚¤ãƒ¡ãƒ¼ã‚¸ã®ä½¿ç”¨ãŒè¨±å¯ã•ã‚Œã¾ã›ã‚“ã€‚

Always pullã€ãŸã ã—èªè¨¼ã•ã‚Œã¦ã„ã‚‹å ´åˆã«é™ã‚‹

imagePullPolicy: Alwaysã¯ã€ã“ã‚Œã¾ã§ã‚‚æ„å›³ãŠã‚Šã«å‹•ä½œã—ã¦ãã¾ã—ãŸã€‚ ã‚¤ãƒ¡ãƒ¼ã‚¸ãŒè¦æ±‚ã•ã‚Œã‚‹ãŸã³ã«ã€ãã®ãƒªã‚¯ã‚¨ã‚¹ãƒˆã¯ãƒ¬ã‚¸ã‚¹ãƒˆãƒªã«é€ã‚‰ã‚Œã€ãƒ¬ã‚¸ã‚¹ãƒˆãƒªå´ã§èªè¨¼ãƒã‚§ãƒƒã‚¯ãŒå®Ÿè¡Œã•ã‚Œã¾ã™ã€‚

ä»¥å‰ã¯ã€ãƒ—ãƒ©ã‚¤ãƒ™ãƒ¼ãƒˆãªã‚³ãƒ³ãƒ†ãƒŠã‚¤ãƒ¡ãƒ¼ã‚¸ãŒã€ã™ã§ã«ã‚¤ãƒ¡ãƒ¼ã‚¸ã‚’ãƒ—ãƒ«æ¸ˆã¿ã®ãƒŽãƒ¼ãƒ‰ä¸Šã§ä»–ã®Podã«å†åˆ©ç”¨ã•ã‚Œãªã„ã‚ˆã†ã«ã™ã‚‹å”¯ä¸€ã®æ‰‹æ®µã¯ã€Podã®ã‚¢ãƒ‰ãƒŸãƒƒã‚·ãƒ§ãƒ³æ™‚ã«å¼·åˆ¶çš„ã«Alwaysã®ã‚¤ãƒ¡ãƒ¼ã‚¸ãƒ—ãƒ«ãƒãƒªã‚·ãƒ¼ã‚’é©ç”¨ã™ã‚‹ã“ã¨ã§ã—ãŸã€‚

å¹¸ã„ã«ã‚‚ã€ã“ã®æ–¹æ³•ã¯ã‚ã‚‹ç¨‹åº¦ãƒ‘ãƒ•ã‚©ãƒ¼ãƒžãƒ³ã‚¹ã«å„ªã‚Œã¦ã„ã¾ã—ãŸã€‚ ãƒ—ãƒ«ã•ã‚Œã‚‹ã®ã¯ã‚¤ãƒ¡ãƒ¼ã‚¸ãã®ã‚‚ã®ã§ã¯ãªãã€ã‚¤ãƒ¡ãƒ¼ã‚¸ãƒžãƒ‹ãƒ•ã‚§ã‚¹ãƒˆã ã‘ã ã£ãŸã‹ã‚‰ã§ã™ã€‚ ã—ã‹ã—ãªãŒã‚‰ã€ãã‚Œã§ã‚‚ã‚³ã‚¹ãƒˆã¨ãƒªã‚¹ã‚¯ã¯å˜åœ¨ã—ã¦ã„ã¾ã—ãŸã€‚ æ–°ã—ã„ãƒãƒ¼ãƒ«ã‚¢ã‚¦ãƒˆã€ã‚¹ã‚±ãƒ¼ãƒ«ã‚¢ãƒƒãƒ—ã€ã¾ãŸã¯Podã®å†èµ·å‹•ã®éš›ã«ã¯ã€ã‚¤ãƒ¡ãƒ¼ã‚¸ã‚’æä¾›ã™ã‚‹ãƒ¬ã‚¸ã‚¹ãƒˆãƒªãŒèªè¨¼ãƒã‚§ãƒƒã‚¯ã®ãŸã‚ã«å¿…ãšåˆ©ç”¨å¯èƒ½ã§ãªã‘ã‚Œã°ãªã‚‰ãšã€ãã®çµæžœã€ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼å†…ã§ç¨¼åƒã™ã‚‹ã‚µãƒ¼ãƒ“ã‚¹ã®å®‰å®šæ€§ã«ãŠã„ã¦ã€ã‚¤ãƒ¡ãƒ¼ã‚¸ãƒ¬ã‚¸ã‚¹ãƒˆãƒªãŒã‚¯ãƒªãƒ†ã‚£ã‚«ãƒ«ãƒ‘ã‚¹ã«ç½®ã‹ã‚Œã‚‹ã“ã¨ã«ãªã‚Šã¾ã™ã€‚

ä»•çµ„ã¿ã«ã¤ã„ã¦

ã“ã®æ©Ÿèƒ½ã¯ã€å„ãƒŽãƒ¼ãƒ‰ã«å˜åœ¨ã™ã‚‹æ°¸ç¶šçš„ãªãƒ•ã‚¡ã‚¤ãƒ«ãƒ™ãƒ¼ã‚¹ã®ã‚ãƒ£ãƒƒã‚·ãƒ¥ã«åŸºã¥ã„ã¦å‹•ä½œã—ã¾ã™ã€‚ ä»¥ä¸‹ã¯ã€ã“ã®æ©Ÿèƒ½ãŒã©ã®ã‚ˆã†ã«å‹•ä½œã™ã‚‹ã‹ã®ç°¡ç•¥åŒ–ã•ã‚ŒãŸèª¬æ˜Žã§ã™ã€‚ å®Œå…¨ãªä»•æ§˜ã«ã¤ã„ã¦ã¯ã€KEP-2535ã‚’ã”å‚ç…§ãã ã•ã„ã€‚

åˆã‚ã¦ã‚¤ãƒ¡ãƒ¼ã‚¸ã‚’ãƒªã‚¯ã‚¨ã‚¹ãƒˆã™ã‚‹éš›ã®å‡¦ç†ã®æµã‚Œã¯ã€ä»¥ä¸‹ã®ã¨ãŠã‚Šã§ã™:

ãƒ—ãƒ©ã‚¤ãƒ™ãƒ¼ãƒˆãƒ¬ã‚¸ã‚¹ãƒˆãƒªã‹ã‚‰ã‚¤ãƒ¡ãƒ¼ã‚¸ã‚’è¦æ±‚ã™ã‚‹PodãŒã€ãƒŽãƒ¼ãƒ‰ã«ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ«ã•ã‚Œã‚‹ã€‚
è¦æ±‚ã•ã‚ŒãŸã‚¤ãƒ¡ãƒ¼ã‚¸ãŒã€å½“è©²ãƒŽãƒ¼ãƒ‰ä¸Šã«å˜åœ¨ã—ãªã„ã€‚
Kubeletã¯ã€ãã®ã‚¤ãƒ¡ãƒ¼ã‚¸ã‚’ãƒ—ãƒ«ã—ã‚ˆã†ã¨ã—ã¦ã„ã‚‹çŠ¶æ…‹ã§ã‚ã‚‹ã“ã¨ã‚’ç¤ºã™è¨˜éŒ²ã‚’ä½œæˆã™ã‚‹ã€‚
Kubeletã¯ã€Podã«image pull secretã¨ã—ã¦æŒ‡å®šã•ã‚ŒãŸKubernetesã®Secretã‹ã‚‰èªè¨¼æƒ…å ±ã‚’æŠ½å‡ºã—ã€ãã‚Œã‚’ä½¿ç”¨ã—ã¦ãƒ—ãƒ©ã‚¤ãƒ™ãƒ¼ãƒˆãƒ¬ã‚¸ã‚¹ãƒˆãƒªã‹ã‚‰ã‚¤ãƒ¡ãƒ¼ã‚¸ã‚’å–å¾—ã—ã¾ã™ã€‚ã€‚
ã‚¤ãƒ¡ãƒ¼ã‚¸ã®ãƒ—ãƒ«ã«æˆåŠŸã™ã‚‹ã¨ã€Kubeletã¯ãã®æˆåŠŸã‚’è¨˜éŒ²ã™ã‚‹ã€‚ã“ã®è¨˜éŒ²ã«ã¯ã€ä½¿ç”¨ã•ã‚ŒãŸèªè¨¼æƒ…å ±(ãƒãƒƒã‚·ãƒ¥å½¢å¼)ãŠã‚ˆã³ã€ãã‚Œã‚‰ã®èªè¨¼æƒ…å ±ã‚’å–å¾—ã™ã‚‹ãŸã‚ã«ä½¿ã‚ã‚ŒãŸSecretã®æƒ…å ±ã‚‚å«ã¾ã‚Œã‚‹ã€‚
Kubeletã¯ã€å…ƒã®ãƒ—ãƒ«ã—ã‚ˆã†ã¨ã—ã¦ã„ã‚‹çŠ¶æ…‹ã§ã‚ã‚‹ã“ã¨ã‚’ç¤ºã™è¨˜éŒ²ã‚’å‰Šé™¤ã™ã‚‹ã€‚
Kubeletã¯ã€ãƒ—ãƒ«ã«æˆåŠŸã—ãŸã“ã¨ã‚’ç¤ºã™è¨˜éŒ²ã‚’å¾Œã®åˆ©ç”¨ã®ãŸã‚ã«ä¿æŒã™ã‚‹ã€‚

å¾Œã«ã€åŒã˜ãƒŽãƒ¼ãƒ‰ã«ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ«ã•ã‚ŒãŸåˆ¥ã®PodãŒã€ä»¥å‰ã«ãƒ—ãƒ«ã•ã‚ŒãŸãƒ—ãƒ©ã‚¤ãƒ™ãƒ¼ãƒˆã‚¤ãƒ¡ãƒ¼ã‚¸ã‚’è¦æ±‚ã—ãŸå ´åˆã®å‡¦ç†ã¯æ¬¡ã®ã¨ãŠã‚Šã§ã™:

Kubeletã¯ã€ãã®æ–°ã—ã„PodãŒãƒ—ãƒ«ã®ãŸã‚ã«æä¾›ã—ãŸèªè¨¼æƒ…å ±ã‚’ç¢ºèªã™ã‚‹ã€‚
ãã®èªè¨¼æƒ…å ±ã®ãƒãƒƒã‚·ãƒ¥ã€ã¾ãŸã¯ãã®èªè¨¼æƒ…å ±ã®å…ƒã¨ãªã£ãŸSecretãŒã€ä»¥å‰ã®ãƒ—ãƒ«æˆåŠŸæ™‚ã«è¨˜éŒ²ã•ã‚ŒãŸãƒãƒƒã‚·ãƒ¥ã¾ãŸã¯Secretã¨ä¸€è‡´ã™ã‚‹å ´åˆã€ãã®Podã«ã¯ä»¥å‰ã«ãƒ—ãƒ«ã•ã‚ŒãŸã‚¤ãƒ¡ãƒ¼ã‚¸ã®ä½¿ç”¨ãŒè¨±å¯ã•ã‚Œã‚‹ã€‚
èªè¨¼æƒ…å ±ã¾ãŸã¯ãã®èªè¨¼æƒ…å ±ã®å…ƒã¨ãªã‚‹SecretãŒã€ãã®ã‚¤ãƒ¡ãƒ¼ã‚¸ã«é–¢ã™ã‚‹ãƒ—ãƒ«æˆåŠŸè¨˜éŒ²ã®ä¸ã«å˜åœ¨ã—ãªã„å ´åˆã€Kubeletã¯ãã®æ–°ã—ã„èªè¨¼æƒ…å ±ã‚’ä½¿ã£ã¦ãƒªãƒ¢ãƒ¼ãƒˆãƒ¬ã‚¸ã‚¹ãƒˆãƒªã‹ã‚‰ã®å†ãƒ—ãƒ«ã‚’è©¦ã¿ã€èªè¨¼ãƒ•ãƒãƒ¼ã‚’é–‹å§‹ã™ã‚‹ã€‚

è©¦ã—ã¦ã¿ã‚ˆã†

Kubernetes v1.33ã§ã¯ã€ã“ã®æ©Ÿèƒ½ã®ã‚¢ãƒ«ãƒ•ã‚¡ç‰ˆãŒãƒªãƒªãƒ¼ã‚¹ã•ã‚Œã¾ã—ãŸã€‚ å®Ÿéš›ã«è©¦ã—ã¦ã¿ã‚‹ã«ã¯ã€ãƒãƒ¼ã‚¸ãƒ§ãƒ³1.33ã®Kubeletã«ãŠã„ã¦ã€KubeletEnsureSecretPulledImagesãƒ•ã‚£ãƒ¼ãƒãƒ£ãƒ¼ã‚²ãƒ¼ãƒˆã‚’æœ‰åŠ¹ã«ã—ã¦ãã ã•ã„ã€‚

ã“ã®æ©Ÿèƒ½ã‚„è¿½åŠ ã®ã‚ªãƒ—ã‚·ãƒ§ãƒ³è¨å®šã®è©³ç´°ã«ã¤ã„ã¦ã¯ã€Kuberneteså…¬å¼ãƒ‰ã‚ãƒ¥ãƒ¡ãƒ³ãƒˆã®ã‚¤ãƒ¡ãƒ¼ã‚¸ã®æ¦‚è¦ãƒšãƒ¼ã‚¸ã‚’ã”è¦§ãã ã•ã„ã€‚

ä»Šå¾Œã®äºˆå®š

ä»Šå¾Œã®ãƒªãƒªãƒ¼ã‚¹ã«ãŠã„ã¦ã€ä»¥ä¸‹ã®å¯¾å¿œã‚’äºˆå®šã—ã¦ã„ã¾ã™:

Kubeletã‚¤ãƒ¡ãƒ¼ã‚¸èªè¨¼ãƒ—ãƒãƒã‚¤ãƒ€ç”¨ã®æŠ•å½±ã‚µãƒ¼ãƒ“ã‚¹ã‚¢ã‚«ã‚¦ãƒ³ãƒˆãƒˆãƒ¼ã‚¯ãƒ³ã¨ã®é€£æºã‚’å®Ÿç¾ã—ã¾ã™ã€‚ã“ã‚Œã«ã‚ˆã‚Šã€ãƒ¯ãƒ¼ã‚¯ãƒãƒ¼ãƒ‰ã«ç‰¹åŒ–ã—ãŸæ–°ã—ã„ã‚¤ãƒ¡ãƒ¼ã‚¸ãƒ—ãƒ«èªè¨¼æƒ…å ±ã®ä¾›çµ¦å…ƒãŒè¿½åŠ ã•ã‚Œã¾ã™ã€‚
ã“ã®æ©Ÿèƒ½ã®ãƒ‘ãƒ•ã‚©ãƒ¼ãƒžãƒ³ã‚¹ã‚’è¨ˆæ¸¬ã—ã€å°†æ¥çš„ãªå¤‰æ›´ã®å½±éŸ¿ã‚’è©•ä¾¡ã™ã‚‹ãŸã‚ã®ãƒ™ãƒ³ãƒãƒžãƒ¼ã‚¯ã‚¹ã‚¤ãƒ¼ãƒˆã‚’ä½œæˆã—ã¾ã™ã€‚
å„ã‚¤ãƒ¡ãƒ¼ã‚¸ãƒ—ãƒ«è¦æ±‚ã®ãŸã³ã«ãƒ•ã‚¡ã‚¤ãƒ«ã‚’èªã¿è¾¼ã‚€å¿…è¦ãŒãªããªã‚‹ã‚ˆã†ã«ã€ã‚¤ãƒ³ãƒ¡ãƒ¢ãƒªã‚ãƒ£ãƒƒã‚·ãƒ¥å±¤ã‚’å®Ÿè£…ã—ã¾ã™ã€‚
èªè¨¼æƒ…å ±ã®æœ‰åŠ¹æœŸé™ã‚’ã‚µãƒãƒ¼ãƒˆã—ã€ä»¥å‰ã«æ¤œè¨¼æ¸ˆã¿ã®èªè¨¼æƒ…å ±ã§ã‚‚å¼·åˆ¶çš„ã«å†èªè¨¼ã™ã‚‹ã‚ˆã†ã«ã—ã¾ã™ã€‚

å‚åŠ ã™ã‚‹ã«ã¯

ã“ã‚Œã‚‰ã®å¤‰æ›´ã«ã¤ã„ã¦è©³ã—ãç†è§£ã™ã‚‹ã«ã¯ã€KEP-2535ã‚’èªã‚€ã®ãŒæœ€é©ã§ã™ã€‚

ã•ã‚‰ã«é–¢ã‚ã‚ŠãŸã„æ–¹ã¯ã€Kubernetes Slackã®#sig-auth-authenticators-devãƒãƒ£ãƒ³ãƒãƒ«ã§ç§ãŸã¡ã«ã”é€£çµ¡ãã ã•ã„(æ‹›å¾…ã‚’å—ã‘ã‚‹ã«ã¯https://slack.k8s.io/ã‚’ã”ç¢ºèªãã ã•ã„)ã€‚ ã¾ãŸã€éš”é€±æ°´æ›œæ—¥ã«é–‹å‚¬ã•ã‚Œã¦ã„ã‚‹SIG Authã®ãƒŸãƒ¼ãƒ†ã‚£ãƒ³ã‚°ã¸ã®å‚åŠ ã‚‚æ“è¿Žã§ã™ã€‚

Kubernetes v1.33: HorizontalPodAutoscalerã®è¨å®šå¯èƒ½ãªè¨±å®¹å€¤

Mon, 28 Apr 2025 10:30:00 -0800

ã“ã®æŠ•ç¨¿ã§ã¯ã€Kubernetes 1.33ã§åˆã‚ã¦åˆ©ç”¨å¯èƒ½ã«ãªã£ãŸæ–°ã—ã„ã‚¢ãƒ«ãƒ•ã‚¡æ©Ÿèƒ½ã§ã‚ã‚‹ã€HorizontalPodAutoscalerã®è¨å®šå¯èƒ½ãªè¨±å®¹å€¤ ã«ã¤ã„ã¦èª¬æ˜Žã—ã¾ã™ã€‚

ã“ã‚Œã¯ä½•ã§ã™ã‹ï¼Ÿ

æ°´å¹³Podè‡ªå‹•ã‚¹ã‚±ãƒ¼ãƒªãƒ³ã‚°ã¯ã€Kubernetesã®ã‚ˆãçŸ¥ã‚‰ã‚ŒãŸæ©Ÿèƒ½ã§ã‚ã‚Šã€ãƒªã‚½ãƒ¼ã‚¹ä½¿ç”¨çŽ‡ã«åŸºã¥ã„ã¦ãƒ¬ãƒ—ãƒªã‚«ã‚’è¿½åŠ ã¾ãŸã¯å‰Šé™¤ã™ã‚‹ã“ã¨ã§ã€ãƒ¯ãƒ¼ã‚¯ãƒãƒ¼ãƒ‰ã®ã‚µã‚¤ã‚ºã‚’è‡ªå‹•çš„ã«èª¿æ•´ã§ãã¾ã™ã€‚

ãŸã¨ãˆã°ã€Kubernetesã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã§50å€‹ã®ãƒ¬ãƒ—ãƒªã‚«ã‚’æŒã¤Webã‚¢ãƒ—ãƒªã‚±ãƒ¼ã‚·ãƒ§ãƒ³ãŒç¨¼åƒã—ã¦ã„ã‚‹ã¨ã—ã¾ã™ã€‚ HorizontalPodAutoscaler(HPA)ã‚’CPUä½¿ç”¨çŽ‡ã«åŸºã¥ã„ã¦ã‚¹ã‚±ãƒ¼ãƒªãƒ³ã‚°ã™ã‚‹ã‚ˆã†ã«æ§‹æˆã—ã€ç›®æ¨™ä½¿ç”¨çŽ‡ã‚’75%ã«è¨å®šã—ã¾ã™ã€‚ ç¾åœ¨ã®å…¨ãƒ¬ãƒ—ãƒªã‚«ã«ãŠã‘ã‚‹CPUä½¿ç”¨çŽ‡ãŒç›®æ¨™ã®75%ã‚’ä¸Šå›žã‚‹90%ã§ã‚ã‚‹ã¨ä»®å®šã—ã¾ã™ã€‚ ã“ã®ã¨ãã€HPAã¯æ¬¡ã®å¼ã‚’ä½¿ç”¨ã—ã¦å¿…è¦ãªãƒ¬ãƒ—ãƒªã‚«æ•°ã‚’è¨ˆç®—ã—ã¾ã™ã€‚

$$desiredReplicas = ceil\left\lceil currentReplicas \times \frac{currentMetricValue}{desiredMetricValue} \right\rceil$$

ã“ã®ä¾‹ã®å ´åˆã§ã¯ã€ä¸‹è¨˜ã®ã‚ˆã†ã«ãªã‚Šã¾ã™ã€‚

$$50 \times (90/75) = 60$$

ãã®ãŸã‚ã€HPAã¯å„Podã®è² è·ã‚’è»½æ¸›ã™ã‚‹ãŸã‚ã«ã€ãƒ¬ãƒ—ãƒªã‚«æ•°ã‚’50ã‹ã‚‰60ã«å¢—ã‚„ã—ã¾ã™ã€‚ åŒæ§˜ã«ã€CPUä½¿ç”¨çŽ‡ãŒ75%ã‚’ä¸‹å›žã£ãŸå ´åˆã¯ã€HPAãŒãã‚Œã«å¿œã˜ã¦ãƒ¬ãƒ—ãƒªã‚«æ•°ã‚’ç¸®å°ã—ã¾ã™ã€‚ Kubernetesã®ãƒ‰ã‚ãƒ¥ãƒ¡ãƒ³ãƒˆã§ã¯ã€ã‚¹ã‚±ãƒ¼ãƒªãƒ³ã‚°ã‚¢ãƒ«ã‚´ãƒªã‚ºãƒ ã®è©³ç´°ãªèª¬æ˜ŽãŒæä¾›ã•ã‚Œã¦ã„ã¾ã™ã€‚

å°ã•ãªãƒ¡ãƒˆãƒªã‚¯ã‚¹ã®å¤‰å‹•ãŒã‚ã‚‹ãŸã³ã«ãƒ¬ãƒ—ãƒªã‚«ãŒä½œæˆã¾ãŸã¯å‰Šé™¤ã•ã‚Œã‚‹ã®ã‚’é˜²ããŸã‚ã«ã€Kubernetesã¯ãƒ’ã‚¹ãƒ†ãƒªã‚·ã‚¹ã®ä»•çµ„ã¿ã‚’é©ç”¨ã—ã¦ã„ã¾ã™ã€‚ ç¾åœ¨ã®å€¤ã¨ç›®æ¨™å€¤ã®å·®ãŒ10%ã‚’è¶…ãˆãŸå ´åˆã«ã®ã¿ã€ãƒ¬ãƒ—ãƒªã‚«æ•°ã‚’å¤‰æ›´ã—ã¾ã™ã€‚ ä¸Šè¨˜ã®ä¾‹ã§ã¯ã€ç¾åœ¨å€¤ã¨ç›®æ¨™å€¤ã®æ¯”çŽ‡ã¯$90/75$ã€ã™ãªã‚ã¡ç›®æ¨™ã‚’20%ä¸Šå›žã£ã¦ãŠã‚Šã€10%ã®è¨±å®¹å€¤ã‚’è¶…ãˆã¦ã„ã‚‹ãŸã‚ã€ã‚¹ã‚±ãƒ¼ãƒ«ã‚¢ãƒƒãƒ—ãŒå®Ÿè¡Œã•ã‚Œã¾ã™ã€‚

ã“ã®10%ã¨ã„ã†ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã®è¨±å®¹å€¤ã¯ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼å…¨ä½“ã«é©ç”¨ã•ã‚Œã‚‹ã‚‚ã®ã§ã‚ã‚Šã€ã“ã‚Œã¾ã§ã®Kubernetesã®ãƒªãƒªãƒ¼ã‚¹ã§ã¯ç´°ã‹ãèª¿æ•´ã™ã‚‹ã“ã¨ãŒã§ãã¾ã›ã‚“ã§ã—ãŸã€‚ å¤šãã®ç”¨é€”ã«ã¯é©ã—ã¦ã„ã¾ã™ãŒã€10%ã®è¨±å®¹å€¤ãŒæ•°åå€‹ã®Podã«ç›¸å½“ã™ã‚‹ã‚ˆã†ãªå¤§è¦æ¨¡ãªãƒ‡ãƒ—ãƒã‚¤ãƒ¡ãƒ³ãƒˆã«ã¯ç²—ã™ãŽã¾ã™ã€‚ ãã®çµæžœã€ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã§ã¯ã€ã“ã®å€¤ã‚’èª¿æ•´å¯èƒ½ã«ã—ã¦ã»ã—ã„ã¨ã„ã†è¦æœ›ãŒä»¥å‰ã‹ã‚‰å¯„ã›ã‚‰ã‚Œã¦ãã¾ã—ãŸã€‚

Kubernetes v1.33ã§ã¯ã€ã“ã‚ŒãŒå¯èƒ½ã«ãªã‚Šã¾ã—ãŸã€‚

ã©ã†ã‚„ã£ã¦ä½¿ã†ã®ã‹ï¼Ÿ

Kubernetes v1.33ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã§HPAConfigurableToleranceãƒ•ã‚£ãƒ¼ãƒãƒ£ãƒ¼ã‚²ãƒ¼ãƒˆã‚’æœ‰åŠ¹ã«ã—ãŸå¾Œã€HorizontalPodAutoscalerã‚ªãƒ–ã‚¸ã‚§ã‚¯ãƒˆã«å¯¾ã—ã¦å¸Œæœ›ã™ã‚‹è¨±å®¹å€¤ã‚’è¨å®šã§ãã¾ã™ã€‚

è¨±å®¹å€¤ã¯spec.behavior.scaleDownãŠã‚ˆã³spec.behavior.scaleUpãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã®ä¸‹ã«æŒ‡å®šã•ã‚Œã€ã‚¹ã‚±ãƒ¼ãƒ«ã‚¢ãƒƒãƒ—ã¨ã‚¹ã‚±ãƒ¼ãƒ«ãƒ€ã‚¦ãƒ³ã§ç•°ãªã‚‹å€¤ã‚’è¨å®šã™ã‚‹ã“ã¨ãŒå¯èƒ½ã§ã™ã€‚ å…¸åž‹çš„ãªä½¿ã„æ–¹ã¨ã—ã¦ã¯ã€ã‚¹ã‚±ãƒ¼ãƒ«ã‚¢ãƒƒãƒ—ã«ã¯å°ã•ãªè¨±å®¹ç¯„å›²(ã‚¹ãƒ‘ã‚¤ã‚¯ã«ç´ æ—©ãåå¿œã™ã‚‹ãŸã‚)ã€ã‚¹ã‚±ãƒ¼ãƒ«ãƒ€ã‚¦ãƒ³ã«ã¯å¤§ããªè¨±å®¹ç¯„å›²(ãƒ¡ãƒˆãƒªã‚¯ã‚¹ã®å°ã•ãªå¤‰å‹•ã«å¯¾ã—ã¦ãƒ¬ãƒ—ãƒªã‚«ã‚’éŽå‰°ã«è¿½åŠ ãƒ»å‰Šé™¤ã—ãªã„ã‚ˆã†ã«ã™ã‚‹ãŸã‚)ã‚’æŒ‡å®šã™ã‚‹ã“ã¨ãŒæŒ™ã’ã‚‰ã‚Œã¾ã™ã€‚

ãŸã¨ãˆã°ã€ã‚¹ã‚±ãƒ¼ãƒ«ãƒ€ã‚¦ãƒ³ã«å¯¾ã—ã¦5%ã®è¨±å®¹å€¤ã‚’ã€ã‚¹ã‚±ãƒ¼ãƒ«ã‚¢ãƒƒãƒ—ã«å¯¾ã—ã¦è¨±å®¹å€¤ã‚’æŒ‡å®šã—ãªã„HPAã¯ã€æ¬¡ã®ã‚ˆã†ã«ãªã‚Šã¾ã™ã€‚

apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
 name: my-app
spec:
 ...
 behavior:
 scaleDown:
 tolerance: 0.05
 scaleUp:
 tolerance: 0

ã™ã¹ã¦ã®è©³ç´°ã‚’çŸ¥ã‚ŠãŸã„ï¼

ã™ã¹ã¦ã®æŠ€è¡“çš„ãªè©³ç´°ã«ã¤ã„ã¦ã¯ã€KEP-4951ã‚’å‚ç…§ã—ã¦ãã ã•ã„ã€‚ ã¾ãŸã€issue 4951ã‚’ãƒ•ã‚©ãƒãƒ¼ã™ã‚‹ã“ã¨ã§ã€ã“ã®æ©Ÿèƒ½ã®å®‰å®šç‰ˆã¸ã®ç§»è¡Œã«ã¤ã„ã¦ã®é€šçŸ¥ã‚’å—ã‘å–ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚

Kubernetes v1.33: Endpointsã‹ã‚‰EndpointSliceã¸ã®ç¶™ç¶šçš„ãªç§»è¡Œã‚’é€²ã‚ã‚‹

Thu, 24 Apr 2025 10:30:00 -0800

EndpointSlice (KEP-752)ãŒv1.15ã§ã‚¢ãƒ«ãƒ•ã‚¡ã¨ã—ã¦å°Žå…¥ã•ã‚Œã€v1.21ã§GAã¨ãªã£ã¦ä»¥æ¥ã€Endpoints APIã¯Kubernetesã®ä¸ã§ã»ã¼ä½¿ã‚ã‚Œãšã€åŸƒã‚’è¢«ã£ã¦ã„ã¾ã™ã€‚ ãƒ‡ãƒ¥ã‚¢ãƒ«ã‚¹ã‚¿ãƒƒã‚¯ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ã‚„ãƒˆãƒ©ãƒ•ã‚£ãƒƒã‚¯åˆ†æ•£ãªã©ã€Serviceã®æ–°æ©Ÿèƒ½ã¯EndpointSlice APIã§ã®ã¿ã‚µãƒãƒ¼ãƒˆã•ã‚Œã¦ã„ã‚‹ãŸã‚ã€å…¨ã¦ã®ã‚µãƒ¼ãƒ“ã‚¹ãƒ—ãƒã‚ã‚·ã€Gateway APIå®Ÿè£…ã€åŠã³åŒæ§˜ã®ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ã¯Endpointsã‹ã‚‰EndpointSliceã¸ã®ç§»è¡Œã‚’ä½™å„€ãªãã•ã‚Œã¾ã—ãŸã€‚ ç¾æ™‚ç‚¹ã®Endpoints APIã¯ã€æœªã ã«Endpointsã‚’ä½¿ã£ã¦ã„ã‚‹ã‚¨ãƒ³ãƒ‰ãƒ¦ãƒ¼ã‚¶ãƒ¼ã®ãƒ¯ãƒ¼ã‚¯ãƒãƒ¼ãƒ‰ã‚„ã‚¹ã‚¯ãƒªãƒ—ãƒˆã®äº’æ›æ€§ã‚’ç¶æŒã™ã‚‹ãŸã‚ã®å˜åœ¨ã«éŽãŽã¾ã›ã‚“ã€‚

Kubernetes 1.33ä»¥é™ã€Endpoints APIã¯æ£å¼ã«éžæŽ¨å¥¨ã¨ãªã‚Šã€Endpointsãƒªã‚½ãƒ¼ã‚¹ã‚’èªã¿æ›¸ãã™ã‚‹ãƒ¦ãƒ¼ã‚¶ãƒ¼ã«å¯¾ã—ã¦ã€EndpointSliceã‚’ä½¿ç”¨ã™ã‚‹ã‚ˆã†APIã‚µãƒ¼ãƒãƒ¼ã‹ã‚‰è¦å‘ŠãŒè¿”ã•ã‚Œã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã—ãŸã€‚

æœ€çµ‚çš„ã«ã¯ã€ã€ŒServiceã¨Podã«åŸºã¥ã„ã¦Endpointsã‚ªãƒ–ã‚¸ã‚§ã‚¯ãƒˆã‚’ç”Ÿæˆã™ã‚‹ Endpointsã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ ãŒã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼å†…ã§å®Ÿè¡Œã•ã‚Œã¦ã„ã‚‹ã€ã¨ã„ã†åŸºæº–ã‚’Kubernetes Conformanceã‹ã‚‰é™¤å¤–ã™ã‚‹ã“ã¨ãŒKEP-4974ã«ã¦è¨ˆç”»ã•ã‚Œã¦ã„ã¾ã™ã€‚ ã“ã‚Œã®å®Ÿç¾ã«ã‚ˆã£ã¦ã€ç¾ä»£çš„ãªã»ã¨ã‚“ã©ã®ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã«ãŠã„ã¦ä¸è¦ãªä½œæ¥ã‚’å›žé¿ã™ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚

KuberneteséžæŽ¨å¥¨ãƒãƒªã‚·ãƒ¼ã«å¾“ã†ã¨ã€Endpointsã‚¿ã‚¤ãƒ—è‡ªä½“ãŒå®Œå…¨ã«å»ƒæ¢ã•ã‚Œã‚‹ã“ã¨ã¯ãŠãã‚‰ãç„¡ã„ã§ã™ãŒã€Endpoints APIã‚’ä½¿ã†ãƒ¯ãƒ¼ã‚¯ãƒãƒ¼ãƒ‰ã‚„ã‚¹ã‚¯ãƒªãƒ—ãƒˆã‚’ä¿æœ‰ã—ã¦ã„ã‚‹ãƒ¦ãƒ¼ã‚¶ãƒ¼ã¯EndpointSliceã¸ã®ç§»è¡ŒãŒæŽ¨å¥¨ã•ã‚Œã¾ã™ã€‚

Endpointsã‹ã‚‰EndpointSliceã¸ã®ç§»è¡Œã«é–¢ã™ã‚‹æ³¨æ„ç‚¹

EndpointSliceã‚’åˆ©ç”¨ã™ã‚‹

ã‚¨ãƒ³ãƒ‰ãƒ¦ãƒ¼ã‚¶ãƒ¼ã«ã¨ã£ã¦ã€Endpoints APIã¨EndpointSlice APIã®æœ€å¤§ã®é•ã„ã¯ã€selectorã‚’æŒã¤å…¨ã¦ã®ServiceãŒè‡ªèº«ã¨åŒã˜åå‰ã®Endpointsã‚ªãƒ–ã‚¸ã‚§ã‚¯ãƒˆã‚’å¿…ãš1ã¤ãšã¤æŒã¤ã®ã«å¯¾ã—ã€1ã¤ã®Serviceã«ç´ã¥ã‘ã‚‰ã‚Œã‚‹EndpointSliceã¯è¤‡æ•°å˜åœ¨ã™ã‚‹å¯èƒ½æ€§ãŒã‚ã‚‹ã€ã¨ã„ã†ç‚¹ã§ã™ã€‚

$ kubectl get endpoints myservice
Warning: v1 Endpoints is deprecated in v1.33+; use discovery.k8s.io/v1 EndpointSlice
NAME ENDPOINTS AGE
myservice 10.180.3.17:443 1h

$ kubectl get endpointslice -l kubernetes.io/service-name=myservice
NAME ADDRESSTYPE PORTS ENDPOINTS AGE
myservice-7vzhx IPv4 443 10.180.3.17 21s
myservice-jcv8s IPv6 443 2001:db8:0123::5 21s

ã“ã®å ´åˆã€ServiceãŒãƒ‡ãƒ¥ã‚¢ãƒ«ã‚¹ã‚¿ãƒƒã‚¯ã§ã‚ã‚‹ãŸã‚ã€EndpointSliceãŒIPv4ã‚¢ãƒ‰ãƒ¬ã‚¹ç”¨ã¨IPv6ã‚¢ãƒ‰ãƒ¬ã‚¹ç”¨ã®2ã¤å˜åœ¨ã—ã¾ã™ã€‚ (Endpoints APIã¯ãƒ‡ãƒ¥ã‚¢ãƒ«ã‚¹ã‚¿ãƒƒã‚¯ã‚’ã‚µãƒãƒ¼ãƒˆã—ã¦ã„ãªã„ãŸã‚ã€Endpointsã‚ªãƒ–ã‚¸ã‚§ã‚¯ãƒˆã«ã¯ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã®ãƒ—ãƒ©ã‚¤ãƒžãƒªã‚¢ãƒ‰ãƒ¬ã‚¹ãƒ•ã‚¡ãƒŸãƒªãƒ¼ã®ã‚¢ãƒ‰ãƒ¬ã‚¹ã®ã¿ãŒè¡¨ç¤ºã•ã‚Œã¦ã„ã¾ã™ã€‚)

è¤‡æ•°ã®EndpointSliceã‚’æŒã¤ å¯èƒ½æ€§ ã¯ã€è¤‡æ•°ã®ã‚¨ãƒ³ãƒ‰ãƒã‚¤ãƒ³ãƒˆãŒå˜åœ¨ã™ã‚‹ã‚ã‚‰ã‚†ã‚‹Serviceã«ã‚ã‚Šã¾ã™ãŒã€ä»£è¡¨çš„ãªã‚±ãƒ¼ã‚¹ãŒ3ã¤å˜åœ¨ã—ã¾ã™ã€‚

EndpointSliceã¯å˜ä¸€ã®IPãƒ•ã‚¡ãƒŸãƒªãƒ¼ã®ã‚¨ãƒ³ãƒ‰ãƒã‚¤ãƒ³ãƒˆã—ã‹è¡¨ç¾ã§ããªã„ãŸã‚ã€ãƒ‡ãƒ¥ã‚¢ãƒ«ã‚¹ã‚¿ãƒƒã‚¯Serviceã®å ´åˆã€IPv4ç”¨ã¨IPv6ç”¨ã®EndpointSliceãŒãã‚Œãžã‚Œä½œæˆã•ã‚Œã¾ã™ã€‚
å˜ä¸€ã®EndpointSliceå†…ã®ã‚¨ãƒ³ãƒ‰ãƒã‚¤ãƒ³ãƒˆã¯ã€å…¨ã¦åŒã˜ãƒãƒ¼ãƒˆã‚’å¯¾è±¡ã¨ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚ä¾‹ãˆã°ã€ã‚¨ãƒ³ãƒ‰ãƒã‚¤ãƒ³ãƒˆã¨ãªã‚‹Podã‚’ãƒãƒ¼ãƒ«ã‚¢ã‚¦ãƒˆã—ã¦ã€ãƒªãƒƒã‚¹ãƒ³ã™ã‚‹ãƒãƒ¼ãƒˆç•ªå·ã‚’80ã‹ã‚‰8080ã«æ›´æ–°ã™ã‚‹å ´åˆã€ãƒãƒ¼ãƒ«ã‚¢ã‚¦ãƒˆä¸ã¯Serviceã«2ã¤ã®EndpointSliceãŒå¿…è¦ã«ãªã‚Šã¾ã™ã€‚1ã¤ã¯ãƒãƒ¼ãƒˆ80ã‚’ãƒªãƒƒã‚¹ãƒ³ã—ã¦ã„ã‚‹ã‚¨ãƒ³ãƒ‰ãƒã‚¤ãƒ³ãƒˆç”¨ã€ã‚‚ã†1ã¤ã¯ãƒãƒ¼ãƒˆ8080ã‚’ãƒªãƒƒã‚¹ãƒ³ã—ã¦ã„ã‚‹ã‚¨ãƒ³ãƒ‰ãƒã‚¤ãƒ³ãƒˆç”¨ã§ã™ã€‚
Serviceã«100ä»¥ä¸Šã®ã‚¨ãƒ³ãƒ‰ãƒã‚¤ãƒ³ãƒˆãŒå˜åœ¨ã™ã‚‹å ´åˆã€Endpointsã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ã¯1ã¤ã®å·¨å¤§ãªã‚ªãƒ–ã‚¸ã‚§ã‚¯ãƒˆã«ã‚¨ãƒ³ãƒ‰ãƒã‚¤ãƒ³ãƒˆã‚’é›†ç´„ã—ã¦ã„ã¾ã—ãŸãŒã€EndpointSliceã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ã¯ã“ã‚Œã‚‰ã‚’è¤‡æ•°ã®EndpointSliceã«åˆ†å‰²ã—ã¾ã™ã€‚

Serviceã¨EndpointSliceã®é–“ã«äºˆæ¸¬å¯èƒ½ãª1å¯¾1ã®å¯¾å¿œé–¢ä¿‚ã¯ãªã„ãŸã‚ã€ã‚ã‚‹Serviceã«ç´ã¥ã‘ã‚‰ã‚Œã‚‹EndpointSliceãƒªã‚½ãƒ¼ã‚¹ã®å®Ÿéš›ã®åå‰ã‚’äº‹å‰ã«çŸ¥ã‚‹ã“ã¨ã¯ã§ãã¾ã›ã‚“ã€‚ ãã®ãŸã‚ã€Serviceã«ç´ã¥ã‘ã‚‰ã‚Œã‚‹EndpointSliceãƒªã‚½ãƒ¼ã‚¹ã‚’å–å¾—ã™ã‚‹éš›ã¯ã€åå‰ã§å–å¾—ã™ã‚‹ã®ã§ã¯ãªãã€"kubernetes.io/service-name"ãƒ©ãƒ™ãƒ«ãŒç›®çš„ã®Serviceã‚’æŒ‡ã—ã¦ã„ã‚‹EndpointSliceã‚’å…¨ã¦å–å¾—ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚

kubectl get endpointslice -l kubernetes.io/service-name=myservice

Goã®ã‚³ãƒ¼ãƒ‰ã§ã‚‚åŒæ§˜ã®å¤‰æ›´ãŒå¿…è¦ã§ã™ã€‚ Endpointsã‚’ä½¿ç”¨ã—ã¦æ¬¡ã®ã‚ˆã†ã«è¨˜è¿°ã—ã¦ã„ãŸã¨ã“ã‚ã¯ã€

// `namespace`å†…ã®`name`ã¨ã„ã†åå‰ã®Endpointsã‚’å–å¾—ã™ã‚‹
endpoint, err := client.CoreV1().Endpoints(namespace).Get(ctx, name, metav1.GetOptions{})
if err != nil {
 if apierrors.IsNotFound(err) {
 // ã‚µãƒ¼ãƒ“ã‚¹ã«å¯¾å¿œã™ã‚‹EndpointsãŒ(ã¾ã )å˜åœ¨ã—ãªã„
 ...
 }
 // ä»–ã®ã‚¨ãƒ©ãƒ¼ã‚’å‡¦ç†
 ...
}

// `endpoint`ã‚’ä½¿ã£ãŸå‡¦ç†ã‚’ç¶šã‘ã‚‹
...

EndpointSliceã‚’ä½¿ã†ã¨æ¬¡ã®ã‚ˆã†ã«ãªã‚Šã¾ã™ã€‚

// `namespace`å†…ã®`name`ã¨ã„ã†Serviceã«ç´ã¥ã„ãŸå…¨ã¦ã®EndpointSliceã‚’å–å¾—ã™ã‚‹
slices, err := client.DiscoveryV1().EndpointSlices(namespace).List(ctx,
 metav1.ListOptions{LabelSelector: discoveryv1.LabelServiceName + "=" + name})
if err != nil {
 // ã‚¨ãƒ©ãƒ¼ã‚’å‡¦ç†
 ...
} else if len(slices.Items) == 0 {
 // Serviceã«å¯¾å¿œã™ã‚‹EndpointSliceãŒ(ã¾ã )å˜åœ¨ã—ãªã„
 ...
}

// `slices.Items`ã‚’ä½¿ã£ãŸå‡¦ç†ã‚’ç¶šã‘ã‚‹
...

EndpointSliceã‚’ç”Ÿæˆã™ã‚‹

æ‰‹ä½œæ¥ã§Endpointsã‚’ç”Ÿæˆã—ã¦ã„ã‚‹ç®‡æ‰€ã‚„ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ã«ã¤ã„ã¦ã¯ã€è¤‡æ•°ã®EndpointSliceã‚’è€ƒæ…®ã—ãªãã¦ã‚‚ã‚ˆã„å ´åˆãŒå¤šã„ãŸã‚ã€æ¯”è¼ƒçš„ç°¡å˜ã«EndpointSliceã¸ã®ç§»è¡ŒãŒã§ãã¾ã™ã€‚ Endpointsã‹ã‚‰å°‘ã—æƒ…å ±ã®æ•´ç†ã®ä»•æ–¹ã¯å¤‰ã‚ã£ã¦ã„ã¾ã™ãŒã€å˜ã«EndpointSliceã¨ã„ã†æ–°ã—ã„åž‹ã‚’ä½¿ç”¨ã™ã‚‹ã‚ˆã†ã«YAMLã‚„Goã®ã‚³ãƒ¼ãƒ‰ã‚’æ›´æ–°ã™ã‚‹ã ã‘ã§æ¸ˆã¿ã¾ã™ã€‚

ä¾‹ãˆã°ã“ã®ã‚ˆã†ãªEndpointsã‚ªãƒ–ã‚¸ã‚§ã‚¯ãƒˆã®å ´åˆã€

apiVersion: v1
kind: Endpoints
metadata:
 name: myservice
subsets:
 - addresses:
 - ip: 10.180.3.17
 nodeName: node-4
 - ip: 10.180.5.22
 nodeName: node-9
 - ip: 10.180.18.2
 nodeName: node-7
 notReadyAddresses:
 - ip: 10.180.6.6
 nodeName: node-8
 ports:
 - name: https
 protocol: TCP
 port: 443

æ¬¡ã®ã‚ˆã†ãªEndpointSliceã‚ªãƒ–ã‚¸ã‚§ã‚¯ãƒˆã«ãªã‚Šã¾ã™ã€‚

apiVersion: discovery.k8s.io/v1
kind: EndpointSlice
metadata:
 name: myservice
 labels:
 kubernetes.io/service-name: myservice
addressType: IPv4
endpoints:
 - addresses:
 - 10.180.3.17
 nodeName: node-4
 - addresses:
 - 10.180.5.22
 nodeName: node-9
 - addresses:
 - 10.180.18.12
 nodeName: node-7
 - addresses:
 - 10.180.6.6
 nodeName: node-8
 conditions:
 ready: false
ports:
 - name: https
 protocol: TCP
 port: 443

ã„ãã¤ã‹ç•™æ„ç‚¹ãŒã‚ã‚Šã¾ã™ã€‚

ã“ã®ä¾‹ã§ã¯æ˜Žç¤ºçš„ã«nameã‚’æŒ‡å®šã—ã¦ã„ã¾ã™ãŒã€generateNameã‚’ä½¿ç”¨ã™ã‚‹ã“ã¨ã§APIã‚µãƒ¼ãƒãƒ¼ã«ãƒ¦ãƒ‹ãƒ¼ã‚¯ãªã‚µãƒ•ã‚£ãƒƒã‚¯ã‚¹ã‚’ä»˜åŠ ã•ã›ã‚‹ã“ã¨ã‚‚ã§ãã¾ã™ã€‚é‡è¦ãªã®ã¯åå‰è‡ªä½“ã§ã¯ãªãã€Serviceã‚’æŒ‡ã™"kubernetes.io/service-name"ãƒ©ãƒ™ãƒ«ã§ã™ã€‚
æ˜Žç¤ºçš„ã«addressType: IPv4(ã¾ãŸã¯IPv6)ã‚’æŒ‡å®šã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
EndpointSliceã¯ã€Endpointsã®"subsets"ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã®ä¸€è¦ç´ ã¨é¡žä¼¼ã—ã¦ã„ã¾ã™ã€‚è¤‡æ•°ã®subsetsã‚’æŒã¤Endpointsã‚ªãƒ–ã‚¸ã‚§ã‚¯ãƒˆã‚’è¡¨ç¾ã™ã‚‹å ´åˆã€åŸºæœ¬çš„ã«ã¯ç•°ãªã‚‹"ports"ã‚’æŒã¤è¤‡æ•°ã®EndpointSliceã«ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
endpointsãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã¨addressesãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã¯ã©ã¡ã‚‰ã‚‚é…åˆ—ã§ã™ãŒã€æ…£ç¿’çš„ã«addressesãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã¯1ã¤ã®è¦ç´ ã—ã‹å«ã¿ã¾ã›ã‚“ã€‚Serviceã«è¤‡æ•°ã®ã‚¨ãƒ³ãƒ‰ãƒã‚¤ãƒ³ãƒˆãŒã‚ã‚‹å ´åˆã¯ã€endpointsãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã«è¤‡æ•°ã®è¦ç´ ã‚’æŒãŸã›ã€ãã‚Œãžã‚Œã®addressesãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã«ã¯1ã¤ã®è¦ç´ ã®ã¿ã‚’å«ã‚ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
Endpoints APIã§ã¯ã€Œreadyã€ã¨ã€Œnot-readyã€ã®ã‚¨ãƒ³ãƒ‰ãƒã‚¤ãƒ³ãƒˆãŒåˆ¥ã€…ã«åˆ—æŒ™ã•ã‚Œã¾ã™ãŒã€EndpointSlice APIã§ã¯å„ã‚¨ãƒ³ãƒ‰ãƒã‚¤ãƒ³ãƒˆã«å¯¾ã—ã¦conditions(ready: falseãªã©)ã‚’è¨å®šã™ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚

ã‚‚ã¡ã‚ã‚“ã€ã²ã¨ãŸã³EndpointSliceã«ç§»è¡Œã™ã‚Œã°ã€topology hintsã‚„terminating endpointsãªã©EndpointSliceç‰¹æœ‰ã®æ©Ÿèƒ½ã‚’æ´»ç”¨ã§ãã¾ã™ã€‚ è©³ç´°ã¯EndpointSlice APIã®ãƒ‰ã‚ãƒ¥ãƒ¡ãƒ³ãƒˆã‚’ã”å‚ç…§ä¸‹ã•ã„ã€‚

Kubernetes v1.33: Octarine

Wed, 23 Apr 2025 10:30:00 -0800

ç·¨é›†è€…: Agustina Barbetta, Aakanksha Bhende, Udi Hofesh, Ryota Sawada, Sneha Yadav

å‰å›žã®ãƒªãƒªãƒ¼ã‚¹ã¨åŒæ§˜ã«ã€Kubernetes v1.33ãƒªãƒªãƒ¼ã‚¹ã§ã¯æ–°ã—ã„GAã€ãƒ™ãƒ¼ã‚¿ã€ã‚¢ãƒ«ãƒ•ã‚¡ã®æ©Ÿèƒ½ãŒå°Žå…¥ã•ã‚Œã¦ã„ã¾ã™ã€‚ é«˜å“è³ªãªãƒªãƒªãƒ¼ã‚¹ã®ç¶™ç¶šçš„ãªæä¾›ã¯ã€ç§ãŸã¡ã®é–‹ç™ºã‚µã‚¤ã‚¯ãƒ«ã®å¼·ã•ã¨ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã‹ã‚‰ã®æ´»ç™ºãªã‚µãƒãƒ¼ãƒˆã‚’ç¤ºã—ã¦ã„ã¾ã™ã€‚

ã“ã®ãƒªãƒªãƒ¼ã‚¹ã«ã¯64å€‹ã®æ©Ÿèƒ½æ”¹å–„ãŒå«ã¾ã‚Œã¦ã„ã¾ã™ã€‚ ãã‚Œã‚‰ã®ã†ã¡ã€GAã¸ã®æ˜‡æ ¼ãŒ18å€‹ã€ãƒ™ãƒ¼ã‚¿ã¸ã®ç§»è¡ŒãŒ20å€‹ã€ã‚¢ãƒ«ãƒ•ã‚¡ã¨ã—ã¦ã®å°Žå…¥ãŒ24å€‹ã€æ©Ÿèƒ½ã®éžæŽ¨å¥¨åŒ–åŠã³æ’¤å›žãŒ2å€‹ã¨ãªã£ã¦ã„ã¾ã™ã€‚

ã¾ãŸã€ã“ã®ãƒªãƒªãƒ¼ã‚¹ã«ã¯ã„ãã¤ã‹ã®æ³¨ç›®ã™ã¹ãéžæŽ¨å¥¨åŒ–ã¨å‰Šé™¤ãŒã‚ã‚Šã¾ã™ã€‚ ã¾ã å¤ã„ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã®Kubernetesã‚’å®Ÿè¡Œã—ã¦ã„ã‚‹å ´åˆã¯ã€ã“ã‚Œã‚‰ã«å¿…ãšç›®ã‚’é€šã—ã¦ãã ã•ã„ã€‚

ãƒªãƒªãƒ¼ã‚¹ã®ãƒ†ãƒ¼ãƒžã¨ãƒã‚´

Kubernetes v1.33ã®ãƒ†ãƒ¼ãƒžã¯Octarine: é”æ³•ã®è‰²¹ã§ã€ãƒ†ãƒªãƒ¼ãƒ»ãƒ—ãƒ©ãƒã‚§ãƒƒãƒˆã® ãƒ‡ã‚£ã‚¹ã‚¯ãƒ¯ãƒ¼ãƒ«ãƒ‰ ã‚·ãƒªãƒ¼ã‚ºã«ç€æƒ³ã‚’å¾—ã¦ã„ã¾ã™ã€‚

ã“ã®ãƒªãƒªãƒ¼ã‚¹ã¯ã€KubernetesãŒã‚¨ã‚³ã‚·ã‚¹ãƒ†ãƒ å…¨ä½“ã§å¯èƒ½ã«ã™ã‚‹ã‚ªãƒ¼ãƒ—ãƒ³ã‚½ãƒ¼ã‚¹ã®é”æ³•²ã‚’å¼·èª¿ã—ã¦ã„ã¾ã™ã€‚

ãƒ‡ã‚£ã‚¹ã‚¯ãƒ¯ãƒ¼ãƒ«ãƒ‰ã®ä¸–ç•Œã«è©³ã—ã„æ–¹ãªã‚‰ã€"è¦‹ãˆã–ã‚‹å¤§å¦"ã®å¡”ã®ä¸Šã«æ¢ã¾ã£ãŸå°ã•ãªæ²¼ãƒ‰ãƒ©ã‚´ãƒ³ãŒã€ã‚¢ãƒ³ã‚¯ãƒ»ãƒ¢ãƒ«ãƒãƒ¼ã‚¯ã®è¡—ã®ä¸Šã«64ã®æ˜Ÿ³ã¨å…±ã«æµ®ã‹ã¶Kubernetesã®æœˆã‚’è¦‹ä¸Šã’ã‚‹æ§˜åã‚’æ€ã„æµ®ã‹ã¹ã¦ã„ã‚‹ã“ã¨ã§ã—ã‚‡ã†ã€‚

KubernetesãŒ10å¹´ã®ç¯€ç›®ã‚’è¿Žãˆæ–°ãŸãª10å¹´ã¸è¸ã¿å‡ºã™ã«ã‚ãŸã‚Šã€ç§ãŸã¡ã¯ãƒ¡ãƒ³ãƒ†ãƒŠãƒ¼ã®é”è¡“ã€æ–°ã—ã„ã‚³ãƒ³ãƒˆãƒªãƒ“ãƒ¥ãƒ¼ã‚¿ãƒ¼ã®å¥½å¥‡å¿ƒã€ãã—ã¦ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã‚’æŽ¨é€²ã™ã‚‹å”åŠ›çš„ãªç²¾ç¥žã‚’ç¥ç¦ã—ã¾ã™ã€‚ v1.33ãƒªãƒªãƒ¼ã‚¹ã¯ã€ãƒ—ãƒ©ãƒã‚§ãƒƒãƒˆãŒæ›¸ã„ãŸã‚ˆã†ã«ã€ã€Œã‚„ã‚Šæ–¹ã‚’çŸ¥ã£ã¦ã„ã¦ã‚‚ã€ãã‚Œã¯ã¾ã é”æ³•ã ã€ ã¨ã„ã†ã“ã¨ã‚’æ€ã„å‡ºã•ã›ã¦ãã‚Œã¾ã™ã€‚ Kubernetesã®ã‚³ãƒ¼ãƒ‰ãƒ™ãƒ¼ã‚¹ã®è©³ç´°ã‚’ã™ã¹ã¦çŸ¥ã£ã¦ã„ãŸã¨ã—ã¦ã‚‚ã€ãƒªãƒªãƒ¼ã‚¹ã‚µã‚¤ã‚¯ãƒ«ã®çµ‚ã‚ã‚Šã«ç«‹ã¡æ¢ã¾ã£ã¦ã¿ã‚‹ã¨ã€Kubernetesã¯ã¾ã é”æ³•ã®ã¾ã¾ã§ã‚ã‚‹ã“ã¨ãŒã‚ã‹ã‚‹ã§ã—ã‚‡ã†ã€‚

Kubernetes v1.33ã¯ã€çœŸã«å“è¶Šã—ãŸã‚‚ã®ã‚’ç”Ÿã¿å‡ºã™ãŸã‚ã«ä¸–ç•Œä¸ã®ä½•ç™¾äººã‚‚ã®ã‚³ãƒ³ãƒˆãƒªãƒ“ãƒ¥ãƒ¼ã‚¿ãƒ¼⁴ãŒå”åŠ›ã™ã‚‹ã€ã‚ªãƒ¼ãƒ—ãƒ³ã‚½ãƒ¼ã‚¹ã‚¤ãƒŽãƒ™ãƒ¼ã‚·ãƒ§ãƒ³ã®æŒç¶šçš„ãªåŠ›ã®è¨¼ã§ã™ã€‚ ã‚ã‚‰ã‚†ã‚‹æ–°æ©Ÿèƒ½ã®èƒŒå¾Œã«ã¯ã€ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã‚’ç¶æŒãƒ»æ”¹å–„ã—ãŸã‚Šã€å®‰å…¨æ€§ã‚„ä¿¡é ¼æ€§ã‚’æ‹…ä¿ã—ãŸã‚Šã€è¨ˆç”»é€šã‚Šã«ãƒªãƒªãƒ¼ã‚¹ã—ãŸã‚Šã¨ã„ã£ãŸKubernetesã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã®åƒããŒã‚ã‚Šã¾ã™ã€‚

_{1. Octarineã¯ãƒ‡ã‚£ã‚¹ã‚¯ãƒ¯ãƒ¼ãƒ«ãƒ‰ä¸–ç•Œã®ç¥žè©±ä¸Šã®8ç•ªç›®ã®è‰²ã§ã€ã€Œè›å…‰ã®ç·‘ãŒã‹ã£ãŸé»„ç´«è‰²ã€ã¨è¡¨ç¾ã•ã‚Œã‚‹æž¶ç©ºã®è‰²ã§ã™ã€‚
ç§˜è¡“ã«èª¿å¾‹ã•ã‚ŒãŸäººã€…â€”é”æ³•ä½¿ã„ã€é”å¥³ã€ãã—ã¦ã‚‚ã¡ã‚ã‚“çŒ«ã«ã®ã¿è¦‹ãˆã¾ã™ã€‚
ä¸€èˆ¬äººã¯ç›®ã‚’é–‰ã˜ãŸæ™‚ã®ã¿ã“ã®è‰²ã‚’æ„Ÿã˜ã‚‹ã“ã¨ãŒã§ãã‚‹ã¨ã•ã‚Œã¦ã„ã¾ã™ã€‚
ãã—ã¦æ™‚ã€…ã€IPãƒ†ãƒ¼ãƒ–ãƒ«ã®ãƒ«ãƒ¼ãƒ«ã‚’é•·æ™‚é–“è¦‹ã¤ã‚ã¦ããŸäººã«ã‚‚è¦‹ãˆã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã™ã€‚}
_{2. ã€Œååˆ†ã«ç™ºé”ã—ãŸæŠ€è¡“ã¯é”æ³•ã¨åŒºåˆ¥ãŒã¤ã‹ãªã„ã€ã§ã™ã‚ˆãâ€¦ï¼Ÿ}
_{3. v1.33ã«ã‚‚64ã®KEP(Kubernetes Enhancement Proposals)ãŒå«ã¾ã‚Œã¦ã„ã¾ã™ãŒã€ã“ã‚Œã¯å¶ç„¶ã§ã¯ã‚ã‚Šã¾ã›ã‚“ã€‚}
_{4. v1.33ã®ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆæ´»å‹•çŠ¶æ³ã‚»ã‚¯ã‚·ãƒ§ãƒ³ã‚’ã”è¦§ãã ã•ã„ ðŸš€}

ä¸»ãªã‚¢ãƒƒãƒ—ãƒ‡ãƒ¼ãƒˆæƒ…å ±

Kubernetes v1.33ã¯æ–°æ©Ÿèƒ½ã¨æ”¹å–„ç‚¹ãŒæº€è¼‰ã§ã™ã€‚ ã“ã®ã‚»ã‚¯ã‚·ãƒ§ãƒ³ã§ã¯ã€ãƒªãƒªãƒ¼ã‚¹ãƒãƒ¼ãƒ ãŒç‰¹ã«æ³¨ç›®ã—ã¦æ¬²ã—ã„ã€é¸ã‚Šã™ãã‚Šã®ã‚¢ãƒƒãƒ—ãƒ‡ãƒ¼ãƒˆå†…å®¹ã‚’ã”ç´¹ä»‹ã—ã¾ã™ï¼

GA: ã‚µã‚¤ãƒ‰ã‚«ãƒ¼ã‚³ãƒ³ãƒ†ãƒŠ

ã‚µã‚¤ãƒ‰ã‚«ãƒ¼ãƒ‘ã‚¿ãƒ¼ãƒ³ã§ã¯ã€ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚ãƒ³ã‚°ã€ãƒã‚®ãƒ³ã‚°ã€ãƒ¡ãƒˆãƒªã‚¯ã‚¹åŽé›†ãªã©ã®åˆ†é‡Žã«ãŠã‘ã‚‹è¿½åŠ æ©Ÿèƒ½ã‚’å‡¦ç†ã™ã‚‹ãŸã‚ã«ã€åˆ¥é€”è£œåŠ©çš„ãªã‚³ãƒ³ãƒ†ãƒŠã‚’ãƒ‡ãƒ—ãƒã‚¤ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚ ã‚µã‚¤ãƒ‰ã‚«ãƒ¼ã‚³ãƒ³ãƒ†ãƒŠã¯v1.33ã§GAã«æ˜‡æ ¼ã—ã¾ã—ãŸã€‚

Kubernetesã§ã¯ã€restartPolicy: AlwaysãŒè¨å®šã•ã‚ŒãŸã€ç‰¹åˆ¥ãªç¨®é¡žã®initã‚³ãƒ³ãƒ†ãƒŠã¨ã—ã¦ã‚µã‚¤ãƒ‰ã‚«ãƒ¼ã‚’å®Ÿè£…ã—ã¦ã„ã¾ã™ã€‚ ã‚µã‚¤ãƒ‰ã‚«ãƒ¼ã¯ã€ã‚¢ãƒ—ãƒªã‚±ãƒ¼ã‚·ãƒ§ãƒ³ã‚³ãƒ³ãƒ†ãƒŠã‚ˆã‚Šå…ˆã«èµ·å‹•ã—ã€Podã®ãƒ©ã‚¤ãƒ•ã‚µã‚¤ã‚¯ãƒ«å…¨ä½“ã‚’é€šã˜ã¦å®Ÿè¡Œã•ã‚Œç¶šã‘ã€ã‚¢ãƒ—ãƒªã‚±ãƒ¼ã‚·ãƒ§ãƒ³ã‚³ãƒ³ãƒ†ãƒŠã®çµ‚äº†ã‚’å¾…ã£ã¦ã‹ã‚‰è‡ªå‹•çš„ã«çµ‚äº†ã™ã‚‹ã“ã¨ãŒä¿è¨¼ã•ã‚Œã¾ã™ã€‚

ã•ã‚‰ã«ã€ã‚µã‚¤ãƒ‰ã‚«ãƒ¼ã¯probe(startupã€readinessã€liveness)ã‚’ä½¿ç”¨ã—ã¦å‹•ä½œçŠ¶æ…‹ã‚’é€šçŸ¥ã§ãã‚‹ä»–ã€ãƒ¡ãƒ¢ãƒªä¸è¶³æ™‚ã®æ—©æœŸçµ‚äº†ã‚’é˜²ããŸã‚ã€Out-Of-Memory(OOM)ã‚¹ã‚³ã‚¢èª¿æ•´ãŒãƒ—ãƒ©ã‚¤ãƒžãƒªã‚³ãƒ³ãƒ†ãƒŠã¨æƒãˆã‚‰ã‚Œã¦ã„ã¾ã™ã€‚

è©³ç´°ã«ã¤ã„ã¦ã¯ã€ã‚µã‚¤ãƒ‰ã‚«ãƒ¼ã‚³ãƒ³ãƒ†ãƒŠã‚’ãŠèªã¿ãã ã•ã„ã€‚

ã“ã®ä½œæ¥ã¯SIG NodeãŒä¸»å°Žã—ãŸKEP-753: Sidecar Containersã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

ãƒ™ãƒ¼ã‚¿: Podã®åž‚ç›´ã‚¹ã‚±ãƒ¼ãƒªãƒ³ã‚°ã®ãŸã‚ã®ã‚¤ãƒ³ãƒ—ãƒ¬ãƒ¼ã‚¹ãªãƒªã‚½ãƒ¼ã‚¹ãƒªã‚µã‚¤ã‚º

ãƒ¯ãƒ¼ã‚¯ãƒãƒ¼ãƒ‰ã¯Deploymentã€StatefulSetãªã©ã®APIã‚’ä½¿ç”¨ã—ã¦å®šç¾©ã§ãã¾ã™ã€‚ ã“ã‚Œã‚‰ã¯ãƒ¡ãƒ¢ãƒªã‚„CPUãƒªã‚½ãƒ¼ã‚¹ã€ã¾ãŸå®Ÿè¡Œã™ã¹ãPodã®æ•°(ãƒ¬ãƒ—ãƒªã‚«æ•°)ã‚’å«ã‚€ã€å®Ÿè¡Œã•ã‚Œã‚‹ã¹ãPodã®ãƒ†ãƒ³ãƒ—ãƒ¬ãƒ¼ãƒˆã‚’ç¤ºã—ã¦ã„ã¾ã™ã€‚ ãƒ¯ãƒ¼ã‚¯ãƒãƒ¼ãƒ‰ã¯Podã®ãƒ¬ãƒ—ãƒªã‚«æ•°ã‚’æ›´æ–°ã™ã‚‹ã“ã¨ã§æ°´å¹³æ–¹å‘ã«ã‚¹ã‚±ãƒ¼ãƒ«ã—ãŸã‚Šã€Podã®ã‚³ãƒ³ãƒ†ãƒŠã«å¿…è¦ãªãƒªã‚½ãƒ¼ã‚¹ã‚’æ›´æ–°ã™ã‚‹ã“ã¨ã§åž‚ç›´æ–¹å‘ã«ã‚¹ã‚±ãƒ¼ãƒ«ã—ãŸã‚Šã§ãã¾ã™ã€‚ ã“ã®æ©Ÿèƒ½æ”¹å–„ãŒå…¥ã‚‹å‰ã€Podã®specã§å®šç¾©ã•ã‚ŒãŸã‚³ãƒ³ãƒ†ãƒŠãƒªã‚½ãƒ¼ã‚¹ã¯ä¸å¤‰ã§ã‚ã‚Šã€ã“ã‚Œã‚‰ã®è©³ç´°ã‚’Podãƒ†ãƒ³ãƒ—ãƒ¬ãƒ¼ãƒˆå†…ã§æ›´æ–°ã™ã‚‹ã«ã¯Podã®ç½®ãæ›ãˆãŒå¿…è¦ã§ã—ãŸã€‚

ã—ã‹ã—ã€å†èµ·å‹•ç„¡ã—ã§æ—¢å˜ã®Podã®ãƒªã‚½ãƒ¼ã‚¹è¨å®šã‚’å‹•çš„ã«æ›´æ–°ã§ãã‚‹ã¨ã—ãŸã‚‰ã©ã†ã§ã—ã‚‡ã†ã‹ï¼Ÿ

KEP-1287ã¯ã€ã¾ã•ã«ãã®ã‚ˆã†ãªã‚¤ãƒ³ãƒ—ãƒ¬ãƒ¼ã‚¹Podæ›´æ–°ã‚’å¯èƒ½ã«ã™ã‚‹ãŸã‚ã®ã‚‚ã®ã§ã™ã€‚ ã“ã‚Œã¯v1.27ã§ã‚¢ãƒ«ãƒ•ã‚¡ã¨ã—ã¦ãƒªãƒªãƒ¼ã‚¹ã•ã‚Œã€v1.33ã§ãƒ™ãƒ¼ã‚¿ã«æ˜‡æ ¼ã—ã¾ã—ãŸã€‚ ã“ã‚Œã«ã‚ˆã‚Šã€ã‚¹ãƒ†ãƒ¼ãƒˆãƒ•ãƒ«ãªãƒ—ãƒã‚»ã‚¹ã‚’ãƒ€ã‚¦ãƒ³ã‚¿ã‚¤ãƒ ãªã—ã§åž‚ç›´æ–¹å‘ã«ã‚¹ã‚±ãƒ¼ãƒ«ã‚¢ãƒƒãƒ—ã—ãŸã‚Šã€ãƒˆãƒ©ãƒ•ã‚£ãƒƒã‚¯ãŒå°‘ãªã„æ™‚ã‚·ãƒ¼ãƒ ãƒ¬ã‚¹ã«ã‚¹ã‚±ãƒ¼ãƒ«ãƒ€ã‚¦ãƒ³ã™ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚ ã•ã‚‰ã«ã¯èµ·å‹•æ™‚ã«å¤§ããªãƒªã‚½ãƒ¼ã‚¹ã‚’å‰²ã‚Šå½“ã¦ã¦ã€åˆæœŸè¨å®šãŒå®Œäº†ã—ãŸã‚‰å‰Šæ¸›ã—ãŸã‚Šã™ã‚‹ãªã©ã€ã•ã¾ã–ã¾ãªå¯èƒ½æ€§ãŒé–‹ã‹ã‚Œã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯SIG Nodeã¨SIG AutoscalingãŒä¸»å°Žã—ãŸKEP-1287: In-Place Update of Pod Resourcesã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

ã‚¢ãƒ«ãƒ•ã‚¡: `.kuberc`ã«ã‚ˆã‚‹kubectlå‘ã‘ãƒ¦ãƒ¼ã‚¶ãƒ¼è¨å®šã®æ–°ã—ã„è¨˜è¿°ã‚ªãƒ—ã‚·ãƒ§ãƒ³

v1.33ã«ã¦ã€kubectlã¯æ–°ã—ã„ã‚¢ãƒ«ãƒ•ã‚¡æ©Ÿèƒ½ã¨ã—ã¦ã€ãƒ¦ãƒ¼ã‚¶ãƒ¼è¨å®šã‚’ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼è¨å®šã¨åˆ†ã‘ã¦æ˜Žç¤ºçš„ã«è¨˜è¿°ã™ã‚‹ãƒ•ã‚¡ã‚¤ãƒ«ã€.kubercã‚’å°Žå…¥ã—ã¾ã™ã€‚ ã“ã®ãƒ•ã‚¡ã‚¤ãƒ«ã«ã¯kubectlã®ã‚¨ã‚¤ãƒªã‚¢ã‚¹ã‚„ä¸Šæ›¸ãè¨å®š(ä¾‹ãˆã°Server-Side Applyã‚’ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã§ä½¿ç”¨ã™ã‚‹ãªã©)ã‚’å«ã‚ã‚‹ã“ã¨ãŒã§ãã¾ã™ãŒã€ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼èªè¨¼æƒ…å ±ã‚„ãƒ›ã‚¹ãƒˆæƒ…å ±ã¯kubeconfigã«æ®‹ã—ã¦ãŠãå¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚

ã“ã®åˆ†é›¢ã«ã‚ˆã£ã¦ã€å¯¾è±¡ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã‚„ä½¿ç”¨ã™ã‚‹kubeconfigã«é–¢ã‚ã‚‰ãšã€kubectlã®æ“ä½œã«é–¢ã‚ã‚‹ãƒ¦ãƒ¼ã‚¶ãƒ¼è¨å®šã¯åŒã˜ç‰©ã‚’ä½¿ã„å›žã›ã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã™ã€‚

ã“ã®ã‚¢ãƒ«ãƒ•ã‚¡æ©Ÿèƒ½ã‚’æœ‰åŠ¹ã«ã™ã‚‹ãŸã‚ã«ã¯ã€ç’°å¢ƒå¤‰æ•°KUBECTL_KUBERC=trueã‚’è¨å®šã—ã€.kubercè¨å®šãƒ•ã‚¡ã‚¤ãƒ«ã‚’ä½œæˆã—ã¦ä¸‹ã•ã„ã€‚ ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã®çŠ¶æ…‹ã§ã¯ã€kubectlã¯~/.kube/kubercã«ã“ã®ãƒ•ã‚¡ã‚¤ãƒ«ãŒç„¡ã„ã‹æŽ¢ã—ã¾ã™ã€‚ --kubercãƒ•ãƒ©ã‚°ã‚’ä½¿ç”¨ã™ã‚‹ã¨ã€ä»£ã‚ã‚Šã®å ´æ‰€ã‚’æŒ‡å®šã™ã‚‹ã“ã¨ã‚‚ã§ãã¾ã™ã€‚

ä¾‹: kubectl --kuberc /var/kube/rc

ã“ã®ä½œæ¥ã¯SIG CLIãŒä¸»å°Žã—ãŸKEP-3104: Separate kubectl user preferences from cluster configsã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

GAã«æ˜‡æ ¼ã—ãŸæ©Ÿèƒ½

ã“ã‚Œã¯v1.33ãƒªãƒªãƒ¼ã‚¹å¾Œã«GAã¨ãªã£ãŸæ”¹å–„ç‚¹ã®ä¸€éƒ¨ã§ã™ã€‚

ã‚¤ãƒ³ãƒ‡ãƒƒã‚¯ã‚¹ä»˜ãJobã®ã‚¤ãƒ³ãƒ‡ãƒƒã‚¯ã‚¹ã”ã¨ã®ãƒãƒƒã‚¯ã‚ªãƒ•åˆ¶é™

ã“ã®ãƒªãƒªãƒ¼ã‚¹ã§ã¯ã€ã‚¤ãƒ³ãƒ‡ãƒƒã‚¯ã‚¹ä»˜ãJobã®ã‚¤ãƒ³ãƒ‡ãƒƒã‚¯ã‚¹ã”ã¨ã«ãƒãƒƒã‚¯ã‚ªãƒ•åˆ¶é™ã‚’è¨å®šã§ãã‚‹æ©Ÿèƒ½ãŒGAã«æ˜‡æ ¼ã—ã¾ã—ãŸã€‚ å¾“æ¥ã€Kubernetes Jobã®backoffLimitãƒ‘ãƒ©ãƒ¡ãƒ¼ã‚¿ãƒ¼ã¯ã€Jobå…¨ä½“ãŒå¤±æ•—ã¨ã¿ãªã•ã‚Œã‚‹å‰ã®å†è©¦è¡Œå›žæ•°ã‚’æŒ‡å®šã—ã¦ã„ã¾ã—ãŸã€‚ ã“ã®æ©Ÿèƒ½å¼·åŒ–ã«ã‚ˆã‚Šã€ã‚¤ãƒ³ãƒ‡ãƒƒã‚¯ã‚¹ä»˜ãJobå†…ã®å„ã‚¤ãƒ³ãƒ‡ãƒƒã‚¯ã‚¹ãŒç‹¬è‡ªã®ãƒãƒƒã‚¯ã‚ªãƒ•åˆ¶é™ã‚’æŒã¤ã“ã¨ãŒã§ãã‚‹ã‚ˆã†ã«ãªã‚Šã€å€‹ã€…ã®ã‚¿ã‚¹ã‚¯ã®å†è©¦è¡Œå‹•ä½œã‚’ã‚ˆã‚Šç´°ã‹ãåˆ¶å¾¡ã§ãã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã—ãŸã€‚ ã“ã‚Œã«ã‚ˆã‚Šã€ç‰¹å®šã®ã‚¤ãƒ³ãƒ‡ãƒƒã‚¯ã‚¹ã®å¤±æ•—ãŒJobå…¨ä½“ã‚’æ—©æœŸã«çµ‚äº†ã•ã›ã‚‹ã“ã¨ãªãã€ä»–ã®ã‚¤ãƒ³ãƒ‡ãƒƒã‚¯ã‚¹ãŒç‹¬ç«‹ã—ã¦å‡¦ç†ã‚’ç¶™ç¶šã§ãã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯SIG AppsãŒä¸»å°Žã—ãŸKEP-3850: Backoff Limit Per Index For Indexed Jobsã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

JobæˆåŠŸãƒãƒªã‚·ãƒ¼

.spec.successPolicyã‚’ä½¿ç”¨ã—ã¦ãƒ¦ãƒ¼ã‚¶ãƒ¼ã¯ã©ã®Podã‚¤ãƒ³ãƒ‡ãƒƒã‚¯ã‚¹ãŒæˆåŠŸã™ã‚‹å¿…è¦ãŒã‚ã‚‹ã‹(succeededIndexes)ã€ä½•å€‹ã®PodãŒæˆåŠŸã™ã‚‹å¿…è¦ãŒã‚ã‚‹ã‹(succeededCount)ã€ã¾ãŸã¯ãã®ä¸¡æ–¹ã®çµ„ã¿åˆã‚ã›ã‚’æŒ‡å®šã§ãã¾ã™ã€‚ ã“ã®æ©Ÿèƒ½ã¯ã€éƒ¨åˆ†çš„ãªå®Œäº†ã§ååˆ†ãªã‚·ãƒŸãƒ¥ãƒ¬ãƒ¼ã‚·ãƒ§ãƒ³ã‚„ãƒªãƒ¼ãƒ€ãƒ¼ã®æˆåŠŸã ã‘ãŒJobã®å…¨ä½“çš„ãªçµæžœã‚’æ±ºå®šã™ã‚‹ãƒªãƒ¼ãƒ€ãƒ¼ãƒ»ãƒ¯ãƒ¼ã‚«ãƒ¼ãƒ‘ã‚¿ãƒ¼ãƒ³ãªã©ã€ã•ã¾ã–ã¾ãªãƒ¯ãƒ¼ã‚¯ãƒãƒ¼ãƒ‰ã«åˆ©ç‚¹ã‚’ã‚‚ãŸã‚‰ã—ã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯SIG AppsãŒä¸»å°Žã—ãŸKEP-3998: Job success/completion policyã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

ãƒã‚¤ãƒ³ãƒ‰ã•ã‚ŒãŸServiceAccountãƒˆãƒ¼ã‚¯ãƒ³ã®ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£æ”¹å–„

ã“ã®æ©Ÿèƒ½å¼·åŒ–ã§ã¯ä¸€æ„ã®ãƒˆãƒ¼ã‚¯ãƒ³è˜åˆ¥å(ã™ãªã‚ã¡JWT IDã‚¯ãƒ¬ãƒ¼ãƒ ã€JTIã¨ã‚‚å‘¼ã°ã‚Œã‚‹)ã‚„ãƒŽãƒ¼ãƒ‰æƒ…å ±ã‚’ãƒˆãƒ¼ã‚¯ãƒ³å†…ã«å«ã‚ã‚‹ã“ã¨ã§ã€ã‚ˆã‚Šæ£ç¢ºãªæ¤œè¨¼ã¨ç›£æŸ»ã‚’å¯èƒ½ã«ã™ã‚‹æ©Ÿèƒ½ãªã©ãŒå°Žå…¥ã•ã‚Œã¾ã—ãŸã€‚ ã•ã‚‰ã«ã€ãƒŽãƒ¼ãƒ‰å›ºæœ‰ã®åˆ¶é™ã‚’ã‚µãƒãƒ¼ãƒˆã—ã€ãƒˆãƒ¼ã‚¯ãƒ³ãŒæŒ‡å®šã•ã‚ŒãŸãƒŽãƒ¼ãƒ‰ã§ã®ã¿ä½¿ç”¨å¯èƒ½ã§ã‚ã‚‹ã“ã¨ã‚’ä¿è¨¼ã™ã‚‹ã“ã¨ã§ã€ãƒˆãƒ¼ã‚¯ãƒ³ã®ä¸æ£ä½¿ç”¨ã‚„æ½œåœ¨çš„ãªã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£ä¾µå®³ã®ãƒªã‚¹ã‚¯ã‚’ä½Žæ¸›ã—ã¾ã™ã€‚ ã“ã‚Œã‚‰ã®æ”¹å–„ã¯ç¾åœ¨ä¸€èˆ¬æä¾›ã•ã‚Œã€Kubernetesã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼å†…ã®ã‚µãƒ¼ãƒ“ã‚¹ã‚¢ã‚«ã‚¦ãƒ³ãƒˆãƒˆãƒ¼ã‚¯ãƒ³ã®å…¨ä½“çš„ãªã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£æ…‹å‹¢ã‚’å¼·åŒ–ã™ã‚‹ã“ã¨ã‚’ç›®çš„ã¨ã—ã¦ã„ã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯SIG AuthãŒä¸»å°Žã—ãŸKEP-4193: Bound service account token improvementsã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

kubectlã§ã®ã‚µãƒ–ãƒªã‚½ãƒ¼ã‚¹ã‚µãƒãƒ¼ãƒˆ

--subresourceå¼•æ•°ãŒç¾åœ¨kubectlã®ã‚µãƒ–ã‚³ãƒžãƒ³ãƒ‰(getã€patchã€editã€applyã€replaceãªã©)ã§ä¸€èˆ¬æä¾›ã•ã‚Œã‚‹ã‚ˆã†ã«ãªã‚Šã€ãƒ¦ãƒ¼ã‚¶ãƒ¼ã¯ãã‚Œã‚‰ã‚’ã‚µãƒãƒ¼ãƒˆã™ã‚‹ã™ã¹ã¦ã®ãƒªã‚½ãƒ¼ã‚¹ã®ã‚µãƒ–ãƒªã‚½ãƒ¼ã‚¹ã‚’å–å¾—ãŠã‚ˆã³æ›´æ–°ã§ãã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã—ãŸã€‚ ã‚µãƒãƒ¼ãƒˆã•ã‚Œã¦ã„ã‚‹ã‚µãƒ–ãƒªã‚½ãƒ¼ã‚¹ã®è©³ç´°ã«ã¤ã„ã¦ã¯ã€Subresourcesã‚’ã”è¦§ãã ã•ã„ã€‚

ã“ã®ä½œæ¥ã¯SIG CLIãŒä¸»å°Žã—ãŸKEP-2590: Add subresource support to kubectlã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

è¤‡æ•°ã®ã‚µãƒ¼ãƒ“ã‚¹CIDR

ã“ã®æ©Ÿèƒ½å¼·åŒ–ã§ã¯ã€ã‚µãƒ¼ãƒ“ã‚¹IPã®å‰²ã‚Šå½“ã¦ãƒã‚¸ãƒƒã‚¯ã®æ–°ã—ã„å®Ÿè£…ãŒå°Žå…¥ã•ã‚Œã¾ã—ãŸã€‚ ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼å…¨ä½“ã§ã€type: ClusterIPã®å„ã‚µãƒ¼ãƒ“ã‚¹ã«ã¯ä¸€æ„ã®IPã‚¢ãƒ‰ãƒ¬ã‚¹ãŒå‰²ã‚Šå½“ã¦ã‚‰ã‚Œã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚ æ—¢ã«å‰²ã‚Šå½“ã¦ã‚‰ã‚Œã¦ã„ã‚‹ç‰¹å®šã®ClusterIPã§ã‚µãƒ¼ãƒ“ã‚¹ã‚’ä½œæˆã—ã‚ˆã†ã¨ã™ã‚‹ã¨ã€ã‚¨ãƒ©ãƒ¼ãŒè¿”ã•ã‚Œã¾ã™ã€‚ æ›´æ–°ã•ã‚ŒãŸIPã‚¢ãƒ‰ãƒ¬ã‚¹å‰²ã‚Šå½“ã¦ãƒã‚¸ãƒƒã‚¯ã¯ã€ServiceCIDRã¨IPAddressã¨ã„ã†2ã¤ã®æ–°ã—ãå®‰å®šåŒ–ã—ãŸAPIã‚ªãƒ–ã‚¸ã‚§ã‚¯ãƒˆã‚’ä½¿ç”¨ã—ã¾ã™ã€‚ ç¾åœ¨ä¸€èˆ¬æä¾›ã•ã‚Œã¦ã„ã‚‹ã“ã‚Œã‚‰ã®APIã«ã‚ˆã‚Šã€ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ç®¡ç†è€…ã¯(æ–°ã—ã„ServiceCIDRã‚ªãƒ–ã‚¸ã‚§ã‚¯ãƒˆã‚’ä½œæˆã™ã‚‹ã“ã¨ã§)type: ClusterIPã‚µãƒ¼ãƒ“ã‚¹ã«åˆ©ç”¨å¯èƒ½ãªIPã‚¢ãƒ‰ãƒ¬ã‚¹ã®æ•°ã‚’å‹•çš„ã«å¢—ã‚„ã™ã“ã¨ãŒã§ãã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯SIG NetworkãŒä¸»å°Žã—ãŸKEP-1880: Multiple Service CIDRsã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

kube-proxyã®`nftables`ãƒãƒƒã‚¯ã‚¨ãƒ³ãƒ‰

kube-proxyã®nftablesãƒãƒƒã‚¯ã‚¨ãƒ³ãƒ‰ãŒGAã«ãªã‚Šã€Kubernetesã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼å†…ã®ã‚µãƒ¼ãƒ“ã‚¹å®Ÿè£…ã®ãƒ‘ãƒ•ã‚©ãƒ¼ãƒžãƒ³ã‚¹ã¨ã‚¹ã‚±ãƒ¼ãƒ©ãƒ“ãƒªãƒ†ã‚£ã‚’å¤§å¹…ã«å‘ä¸Šã•ã›ã‚‹æ–°ã—ã„å®Ÿè£…ãŒè¿½åŠ ã•ã‚Œã¾ã—ãŸã€‚ äº’æ›æ€§ã®ç†ç”±ã‹ã‚‰ã€LinuxãƒŽãƒ¼ãƒ‰ã§ã¯ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã§iptablesã®ã¾ã¾ã§ã™ã€‚ è©¦ã—ã¦ã¿ãŸã„å ´åˆã¯Migrating from iptables mode to nftablesã‚’ã”ç¢ºèªãã ã•ã„ã€‚

ã“ã®ä½œæ¥ã¯SIG NetworkãŒä¸»å°Žã—ãŸKEP-3866: nftables kube-proxy backendã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

`trafficDistribution: PreferClose`ã«ã‚ˆã‚‹Topology Aware Routing

ã“ã®ãƒªãƒªãƒ¼ã‚¹ã§ã¯ã€Topology Aware Routingã¨ãƒˆãƒ©ãƒ•ã‚£ãƒƒã‚¯åˆ†æ•£ãŒGAã«æ˜‡æ ¼ã—ã€ãƒžãƒ«ãƒã‚¾ãƒ¼ãƒ³ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã§ã®ã‚µãƒ¼ãƒ“ã‚¹ãƒˆãƒ©ãƒ•ã‚£ãƒƒã‚¯ã‚’æœ€é©åŒ–ã§ãã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã—ãŸã€‚ EndpointSliceã®Topology Aware Hintã«ã‚ˆã‚Škube-proxyãªã©ã®ã‚³ãƒ³ãƒãƒ¼ãƒãƒ³ãƒˆã¯åŒã˜ã‚¾ãƒ¼ãƒ³å†…ã®ã‚¨ãƒ³ãƒ‰ãƒã‚¤ãƒ³ãƒˆã¸ã®ãƒˆãƒ©ãƒ•ã‚£ãƒƒã‚¯ãƒ«ãƒ¼ãƒ†ã‚£ãƒ³ã‚°ã‚’å„ªå…ˆã§ãã‚‹ã‚ˆã†ã«ãªã‚Šã€ãƒ¬ã‚¤ãƒ†ãƒ³ã‚·ãƒ¼ã¨ã‚¯ãƒã‚¹ã‚¾ãƒ¼ãƒ³ãƒ‡ãƒ¼ã‚¿è»¢é€ã‚³ã‚¹ãƒˆãŒå‰Šæ¸›ã•ã‚Œã¾ã™ã€‚ ã“ã‚Œã‚’åŸºã«ã€Serviceã®ä»•æ§˜ã«trafficDistributionãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ãŒè¿½åŠ ã•ã‚Œã€PreferCloseã‚ªãƒ—ã‚·ãƒ§ãƒ³ã«ã‚ˆã‚Šãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ãƒˆãƒãƒã‚¸ãƒ¼ã«åŸºã¥ã„ã¦æœ€ã‚‚è¿‘ã„åˆ©ç”¨å¯èƒ½ãªã‚¨ãƒ³ãƒ‰ãƒã‚¤ãƒ³ãƒˆã«ãƒˆãƒ©ãƒ•ã‚£ãƒƒã‚¯ãŒèª˜å°Žã•ã‚Œã¾ã™ã€‚ ã“ã®æ§‹æˆã¯ã‚¾ãƒ¼ãƒ³é–“é€šä¿¡ã‚’æœ€å°é™ã«æŠ‘ãˆã‚‹ã“ã¨ã§ãƒ‘ãƒ•ã‚©ãƒ¼ãƒžãƒ³ã‚¹ã¨ã‚³ã‚¹ãƒˆåŠ¹çŽ‡ã‚’å‘ä¸Šã•ã›ã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯SIG NetworkãŒä¸»å°Žã—ãŸKEP-4444: Traffic Distribution for Servicesã¨KEP-2433: Topology Aware Routingã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

SMTéžå¯¾å¿œãƒ¯ãƒ¼ã‚¯ãƒãƒ¼ãƒ‰ã‚’æ‹’å¦ã™ã‚‹ã‚ªãƒ—ã‚·ãƒ§ãƒ³

ã“ã®æ©Ÿèƒ½ã¯CPUãƒžãƒãƒ¼ã‚¸ãƒ£ãƒ¼ã«ãƒãƒªã‚·ãƒ¼ã‚ªãƒ—ã‚·ãƒ§ãƒ³ã‚’è¿½åŠ ã—ã€Simultaneous Multithreading(SMT)æ§‹æˆã«é©åˆã—ãªã„ãƒ¯ãƒ¼ã‚¯ãƒãƒ¼ãƒ‰ã‚’æ‹’å¦ã§ãã‚‹ã‚ˆã†ã«ã—ã¾ã—ãŸã€‚ ç¾åœ¨ä¸€èˆ¬æä¾›ã•ã‚Œã¦ã„ã‚‹ã“ã®æ©Ÿèƒ½å¼·åŒ–ã«ã‚ˆã‚Šã€PodãŒCPUã‚³ã‚¢ã®æŽ’ä»–çš„ä½¿ç”¨ã‚’è¦æ±‚ã™ã‚‹å ´åˆã€CPUãƒžãƒãƒ¼ã‚¸ãƒ£ãƒ¼ã¯SMTå¯¾å¿œã‚·ã‚¹ãƒ†ãƒ ã§å®Œå…¨ãªã‚³ã‚¢ãƒšã‚¢(ãƒ—ãƒ©ã‚¤ãƒžãƒªã‚¹ãƒ¬ãƒƒãƒ‰ã¨å…„å¼Ÿã‚¹ãƒ¬ãƒƒãƒ‰ä¸¡æ–¹ã‚’å«ã‚€)ã®å‰²ã‚Šå½“ã¦ã‚’å¼·åˆ¶ã§ãã‚‹ã‚ˆã†ã«ãªã‚Šã€ãƒ¯ãƒ¼ã‚¯ãƒãƒ¼ãƒ‰ãŒæ„å›³ã—ãªã„æ–¹æ³•ã§CPUãƒªã‚½ãƒ¼ã‚¹ã‚’å…±æœ‰ã™ã‚‹ã‚·ãƒŠãƒªã‚ªã‚’é˜²æ¢ã—ã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯SIG NodeãŒä¸»å°Žã—ãŸKEP-2625: node: cpumanager: add options to reject non SMT-aligned workloadã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

`matchLabelKeys`ã¨`mismatchLabelKeys`ã‚’ä½¿ç”¨ã—ãŸPodã‚¢ãƒ•ã‚£ãƒ‹ãƒ†ã‚£ã¾ãŸã¯ã‚¢ãƒ³ãƒã‚¢ãƒ•ã‚£ãƒ‹ãƒ†ã‚£ã®å®šç¾©

matchLabelKeysã¨mismatchLabelKeysãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ãŒPodã‚¢ãƒ•ã‚£ãƒ‹ãƒ†ã‚£æ¡ä»¶ã§åˆ©ç”¨å¯èƒ½ã«ãªã‚Šã€ãƒ¦ãƒ¼ã‚¶ãƒ¼ã¯PodãŒå…±å˜ã™ã‚‹(ã‚¢ãƒ•ã‚£ãƒ‹ãƒ†ã‚£)ã¾ãŸã¯å…±å˜ã—ãªã„(ã‚¢ãƒ³ãƒã‚¢ãƒ•ã‚£ãƒ‹ãƒ†ã‚£)ã¹ãç¯„å›²ã‚’ç´°ã‹ãåˆ¶å¾¡ã§ãã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã—ãŸã€‚ ã“ã‚Œã‚‰ã®æ–°ã—ãå®‰å®šåŒ–ã—ãŸã‚ªãƒ—ã‚·ãƒ§ãƒ³ã¯ã€æ—¢å˜ã®labelSelectorãƒ¡ã‚«ãƒ‹ã‚ºãƒ ã‚’è£œå®Œã—ã¾ã™ã€‚ affinityãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã¯ã€å¤šç”¨é€”ãªãƒãƒ¼ãƒªãƒ³ã‚°ã‚¢ãƒƒãƒ—ãƒ‡ãƒ¼ãƒˆã®å¼·åŒ–ã•ã‚ŒãŸã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒªãƒ³ã‚°ã‚„ã€ã‚°ãƒãƒ¼ãƒãƒ«æ§‹æˆã«åŸºã¥ã„ã¦ãƒ„ãƒ¼ãƒ«ã‚„ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ã«ã‚ˆã£ã¦ç®¡ç†ã•ã‚Œã‚‹ã‚µãƒ¼ãƒ“ã‚¹ã®åˆ†é›¢ã‚’å®¹æ˜“ã«ã—ã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯SIG SchedulingãŒä¸»å°Žã—ãŸKEP-3633: Introduce MatchLabelKeys to Pod Affinity and Pod Anti Affinityã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

Podãƒˆãƒãƒã‚¸ãƒ¼åˆ†æ•£åˆ¶ç´„ã‚¹ã‚ãƒ¥ãƒ¼ã®è¨ˆç®—æ™‚ã«taintã¨tolerationã‚’è€ƒæ…®ã™ã‚‹

ã“ã®æ©Ÿèƒ½å¼·åŒ–ã¯PodTopologySpreadã«nodeAffinityPolicyã¨nodeTaintsPolicyã¨ã„ã†2ã¤ã®ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã‚’å°Žå…¥ã—ã¾ã—ãŸã€‚ ã“ã‚Œã‚‰ã®ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã«ã‚ˆã‚Šã€ãƒ¦ãƒ¼ã‚¶ãƒ¼ã¯ãƒŽãƒ¼ãƒ‰é–“ã®Podåˆ†æ•£ã®ã‚¹ã‚ãƒ¥ãƒ¼(åã‚Š)ã‚’è¨ˆç®—ã™ã‚‹éš›ã«ãƒŽãƒ¼ãƒ‰ã‚¢ãƒ•ã‚£ãƒ‹ãƒ†ã‚£ãƒ«ãƒ¼ãƒ«ã¨ãƒŽãƒ¼ãƒ‰ãƒ†ã‚¤ãƒ³ãƒˆã‚’è€ƒæ…®ã™ã¹ãã‹ã©ã†ã‹ã‚’æŒ‡å®šã§ãã¾ã™ã€‚ ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã§ã¯ã€nodeAffinityPolicyã¯Honorã«è¨å®šã•ã‚Œã¦ãŠã‚Šã€Podã®ãƒŽãƒ¼ãƒ‰ã‚¢ãƒ•ã‚£ãƒ‹ãƒ†ã‚£ã¾ãŸã¯ã‚»ãƒ¬ã‚¯ã‚¿ãƒ¼ã«ä¸€è‡´ã™ã‚‹ãƒŽãƒ¼ãƒ‰ã®ã¿ãŒåˆ†æ•£è¨ˆç®—ã«å«ã¾ã‚Œã‚‹ã“ã¨ã‚’æ„å‘³ã—ã¾ã™ã€‚ nodeTaintsPolicyã¯ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã§Ignoreã«è¨å®šã•ã‚Œã¦ãŠã‚Šã€æŒ‡å®šã•ã‚Œãªã„é™ã‚ŠãƒŽãƒ¼ãƒ‰ãƒ†ã‚¤ãƒ³ãƒˆã¯è€ƒæ…®ã•ã‚Œãªã„ã“ã¨ã‚’ç¤ºã—ã¾ã™ã€‚ ã“ã®æ©Ÿèƒ½å¼·åŒ–ã«ã‚ˆã‚ŠPodé…ç½®ã®ã‚ˆã‚Šç´°ã‹ã„åˆ¶å¾¡ãŒå¯èƒ½ã«ãªã‚Šã€PodãŒã‚¢ãƒ•ã‚£ãƒ‹ãƒ†ã‚£ã¨ãƒ†ã‚¤ãƒ³ãƒˆè¨±å®¹ã®ä¸¡æ–¹ã®è¦ä»¶ã‚’æº€ãŸã™ãƒŽãƒ¼ãƒ‰ã«ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ«ã•ã‚Œã‚‹ã“ã¨ã‚’ä¿è¨¼ã—ã€åˆ¶ç´„ã‚’æº€ãŸã•ãªã„ãŸã‚ã«PodãŒä¿ç•™çŠ¶æ…‹ã®ã¾ã¾ã«ãªã‚‹ã‚·ãƒŠãƒªã‚ªã‚’é˜²æ¢ã—ã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯SIG SchedulingãŒä¸»å°Žã—ãŸKEP-3094: Take taints/tolerations into consideration when calculating PodTopologySpread skewã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

Volume Populators

v1.24ã§ãƒ™ãƒ¼ã‚¿ã¨ã—ã¦ãƒªãƒªãƒ¼ã‚¹ã•ã‚ŒãŸå¾Œã€Volume Populators ã¯v1.33ã§GAã«æ˜‡æ ¼ã—ã¾ã—ãŸã€‚ ã“ã®æ–°ã—ãå®‰å®šåŒ–ã—ãŸæ©Ÿèƒ½ã¯ã€ãƒ¦ãƒ¼ã‚¶ãƒ¼ãŒPersistentVolumeClaim(PVC)ã‚¯ãƒãƒ¼ãƒ³ã‚„ãƒœãƒªãƒ¥ãƒ¼ãƒ ã‚¹ãƒŠãƒƒãƒ—ã‚·ãƒ§ãƒƒãƒˆã ã‘ã§ãªãã€æ§˜ã€…ãªã‚½ãƒ¼ã‚¹ã‹ã‚‰ã®ãƒ‡ãƒ¼ã‚¿ã§ãƒœãƒªãƒ¥ãƒ¼ãƒ ã‚’äº‹å‰ã«æº–å‚™ã™ã‚‹æ–¹æ³•ã‚’æä¾›ã—ã¾ã™ã€‚ ã“ã®ãƒ¡ã‚«ãƒ‹ã‚ºãƒ ã¯PersistentVolumeClaimå†…ã®dataSourceRefãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã«ä¾å˜ã—ã¦ã„ã¾ã™ã€‚ ã“ã®ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã¯æ—¢å˜ã®dataSourceãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã‚ˆã‚Šã‚‚æŸ”è»Ÿæ€§ãŒé«˜ãã€ã‚«ã‚¹ã‚¿ãƒ ãƒªã‚½ãƒ¼ã‚¹ã‚’ãƒ‡ãƒ¼ã‚¿ã‚½ãƒ¼ã‚¹ã¨ã—ã¦ä½¿ç”¨ã™ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚

ç‰¹åˆ¥ãªã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ã§ã‚ã‚‹volume-data-source-validatorã¯ã€VolumePopulatorã¨ã„ã†åå‰ã®APIç¨®åˆ¥ã®ãŸã‚ã®æ–°ã—ãå®‰å®šåŒ–ã—ãŸCustomResourceDefinition(CRD)ã¨å…±ã«ã€ã“ã‚Œã‚‰ã®ãƒ‡ãƒ¼ã‚¿ã‚½ãƒ¼ã‚¹å‚ç…§ã‚’æ¤œè¨¼ã—ã¾ã™ã€‚ VolumePopulator APIã«ã‚ˆã‚Šã€ãƒœãƒªãƒ¥ãƒ¼ãƒ ãƒãƒ”ãƒ¥ãƒ¬ãƒ¼ã‚¿ãƒ¼ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ã¯ã‚µãƒãƒ¼ãƒˆã™ã‚‹ãƒ‡ãƒ¼ã‚¿ã‚½ãƒ¼ã‚¹ã®ã‚¿ã‚¤ãƒ—ã‚’ç™»éŒ²ã§ãã¾ã™ã€‚ ãƒœãƒªãƒ¥ãƒ¼ãƒ ãƒãƒ”ãƒ¥ãƒ¬ãƒ¼ã‚¿ãƒ¼ã‚’ä½¿ç”¨ã™ã‚‹ã«ã¯ã€é©åˆ‡ãªCRDã§ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã‚’ã‚»ãƒƒãƒˆã‚¢ãƒƒãƒ—ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯SIG StorageãŒä¸»å°Žã—ãŸKEP-1495: Generic data populatorsã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

PersistentVolumeã®å†åˆ©ç”¨ãƒãƒªã‚·ãƒ¼ã‚’å¸¸ã«å°Šé‡ã™ã‚‹

ã“ã®æ©Ÿèƒ½å¼·åŒ–ã¯Persistent Volume(PV)ã®å†åˆ©ç”¨ãƒãƒªã‚·ãƒ¼ãŒä¸€è²«ã—ã¦å°Šé‡ã•ã‚Œãªã„å•é¡Œã«å¯¾å‡¦ã—ãŸã‚‚ã®ã§ã€ã‚¹ãƒˆãƒ¬ãƒ¼ã‚¸ãƒªã‚½ãƒ¼ã‚¹ã®ãƒªãƒ¼ã‚¯ã‚’é˜²ãŽã¾ã™ã€‚ å…·ä½“çš„ã«ã¯PVãŒãã®é–¢é€£ã™ã‚‹Persistent Volume Claim(PVC)ã‚ˆã‚Šå…ˆã«å‰Šé™¤ã•ã‚ŒãŸå ´åˆã€å†åˆ©ç”¨ãƒãƒªã‚·ãƒ¼(Delete)ãŒå®Ÿè¡Œã•ã‚Œãšã€åŸºç›¤ã¨ãªã‚‹ã‚¹ãƒˆãƒ¬ãƒ¼ã‚¸ã‚¢ã‚»ãƒƒãƒˆãŒãã®ã¾ã¾æ®‹ã£ã¦ã—ã¾ã†å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã—ãŸã€‚ ã“ã‚Œã‚’ç·©å’Œã™ã‚‹ãŸã‚ã«ã€Kubernetesã¯é–¢é€£ã™ã‚‹PVã«ãƒ•ã‚¡ã‚¤ãƒŠãƒ©ã‚¤ã‚¶ãƒ¼ã‚’è¨å®šã—ã€å‰Šé™¤é †åºã«é–¢ä¿‚ãªãå†åˆ©ç”¨ãƒãƒªã‚·ãƒ¼ãŒé©ç”¨ã•ã‚Œã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã—ãŸã€‚ ã“ã®æ©Ÿèƒ½å¼·åŒ–ã«ã‚ˆã‚Šã€ã‚¹ãƒˆãƒ¬ãƒ¼ã‚¸ãƒªã‚½ãƒ¼ã‚¹ã®æ„å›³ã—ãªã„ä¿æŒã‚’é˜²ãŽã€PVãƒ©ã‚¤ãƒ•ã‚µã‚¤ã‚¯ãƒ«ç®¡ç†ã®ä¸€è²«æ€§ã‚’ç¶æŒã—ã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯SIG StorageãŒä¸»å°Žã—ãŸKEP-2644: Always Honor PersistentVolume Reclaim Policyã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

ãƒ™ãƒ¼ã‚¿ã®æ–°æ©Ÿèƒ½

ã“ã‚Œã¯v1.33ãƒªãƒªãƒ¼ã‚¹å¾Œã«ãƒ™ãƒ¼ã‚¿ã¨ãªã£ãŸæ”¹å–„ç‚¹ã®ä¸€éƒ¨ã§ã™ã€‚

Windowsã®kube-proxyã«ãŠã‘ã‚‹Direct Service Return (DSR)ã®ã‚µãƒãƒ¼ãƒˆ

DSRã¯ã€ãƒãƒ¼ãƒ‰ãƒãƒ©ãƒ³ã‚µãƒ¼ã‚’çµŒç”±ã™ã‚‹ãƒªã‚¿ãƒ¼ãƒ³ãƒˆãƒ©ãƒ•ã‚£ãƒƒã‚¯ãŒãƒãƒ¼ãƒ‰ãƒãƒ©ãƒ³ã‚µãƒ¼ã‚’ãƒã‚¤ãƒ‘ã‚¹ã—ã¦ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆã«ç›´æŽ¥å¿œç”ã§ãã‚‹ã‚ˆã†ã«ã™ã‚‹ã“ã¨ã§ãƒ‘ãƒ•ã‚©ãƒ¼ãƒžãƒ³ã‚¹ã‚’æœ€é©åŒ–ã—ã¾ã™ã€‚ ã“ã‚Œã«ã‚ˆã‚Šãƒãƒ¼ãƒ‰ãƒãƒ©ãƒ³ã‚µãƒ¼ã®è² è·ãŒè»½æ¸›ã•ã‚Œã€å…¨ä½“çš„ãªãƒ¬ã‚¤ãƒ†ãƒ³ã‚·ãƒ¼ã‚‚ä½Žæ¸›ã•ã‚Œã¾ã™ã€‚ Windowsä¸Šã®DSRã«é–¢ã™ã‚‹æƒ…å ±ã¯ã€Direct Server Return (DSR) in a nutshellã‚’ãŠèªã¿ãã ã•ã„ã€‚

v1.14ã§æœ€åˆã«å°Žå…¥ã•ã‚ŒãŸDSRã®ã‚µãƒãƒ¼ãƒˆã¯ã€KEP-5100: Support for Direct Service Return (DSR) and overlay networking in Windows kube-proxyã®ä¸€ç’°ã¨ã—ã¦SIG Windowsã«ã‚ˆã‚Šãƒ™ãƒ¼ã‚¿ã«æ˜‡æ ¼ã—ã¾ã—ãŸã€‚

æ§‹é€ åŒ–ãƒ‘ãƒ©ãƒ¡ãƒ¼ã‚¿ãƒ¼ã®ã‚µãƒãƒ¼ãƒˆ

æ§‹é€ åŒ–ãƒ‘ãƒ©ãƒ¡ãƒ¼ã‚¿ãƒ¼ã®ã‚µãƒãƒ¼ãƒˆã¯Kubernetes v1.33ã§ãƒ™ãƒ¼ã‚¿æ©Ÿèƒ½ã¨ã—ã¦ç¶™ç¶šã•ã‚Œã‚‹ä¸ã€Dynamic Resource Allocation(DRA)ã®ã“ã®ä¸æ ¸éƒ¨åˆ†ã«å¤§å¹…ãªæ”¹å–„ãŒè¦‹ã‚‰ã‚Œã¾ã—ãŸã€‚ æ–°ã—ã„v1beta2ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã¯resource.k8s.io APIã‚’ç°¡ç´ åŒ–ã—ã€åå‰ç©ºé–“ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã®editãƒãƒ¼ãƒ«ã‚’æŒã¤ä¸€èˆ¬ãƒ¦ãƒ¼ã‚¶ãƒ¼ãŒç¾åœ¨DRAã‚’ä½¿ç”¨ã§ãã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã—ãŸã€‚

kubeletã¯ç¾åœ¨ã‚·ãƒ¼ãƒ ãƒ¬ã‚¹ãªã‚¢ãƒƒãƒ—ã‚°ãƒ¬ãƒ¼ãƒ‰ã‚µãƒãƒ¼ãƒˆã‚’å«ã¿ã€DaemonSetã¨ã—ã¦ãƒ‡ãƒ—ãƒã‚¤ã•ã‚ŒãŸãƒ‰ãƒ©ã‚¤ãƒãƒ¼ãŒãƒãƒ¼ãƒªãƒ³ã‚°ã‚¢ãƒƒãƒ—ãƒ‡ãƒ¼ãƒˆãƒ¡ã‚«ãƒ‹ã‚ºãƒ ã‚’ä½¿ç”¨ã§ãã‚‹ã‚ˆã†ã«ãªã£ã¦ã„ã¾ã™ã€‚ DRAå®Ÿè£…ã§ã¯ã€ã“ã‚Œã«ã‚ˆã‚ŠResourceSliceã®å‰Šé™¤ã¨å†ä½œæˆãŒé˜²æ¢ã•ã‚Œã€ã‚¢ãƒƒãƒ—ã‚°ãƒ¬ãƒ¼ãƒ‰ä¸ã‚‚å¤‰æ›´ã•ã‚Œãªã„ã¾ã¾ã«ã™ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚ ã•ã‚‰ã«ã€ãƒ‰ãƒ©ã‚¤ãƒãƒ¼ã®ç™»éŒ²è§£é™¤å¾Œã«kubeletãŒã‚¯ãƒªãƒ¼ãƒ³ã‚¢ãƒƒãƒ—ã‚’è¡Œã†å‰ã«30ç§’ã®çŒ¶äºˆæœŸé–“ãŒå°Žå…¥ã•ã‚Œã€ãƒãƒ¼ãƒªãƒ³ã‚°ã‚¢ãƒƒãƒ—ãƒ‡ãƒ¼ãƒˆã‚’ä½¿ç”¨ã—ãªã„ãƒ‰ãƒ©ã‚¤ãƒãƒ¼ã®ã‚µãƒãƒ¼ãƒˆãŒå‘ä¸Šã—ã¾ã—ãŸã€‚

ã“ã®ä½œæ¥ã¯SIG Nodeã€SIG Schedulingã€SIG Autoscalingã‚’å«ã‚€æ©Ÿèƒ½æ¨ªæ–ãƒãƒ¼ãƒ ã§ã‚ã‚‹WG Device Managementã«ã‚ˆã‚‹KEP-4381: DRA: structured parametersã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ã‚¤ãƒ³ã‚¿ãƒ¼ãƒ•ã‚§ãƒ¼ã‚¹å‘ã‘Dynamic Resource Allocation(DRA)

v1.32ã§å°Žå…¥ã•ã‚ŒãŸDRAã«ã‚ˆã‚‹ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ã‚¤ãƒ³ã‚¿ãƒ¼ãƒ•ã‚§ãƒ¼ã‚¹ãƒ‡ãƒ¼ã‚¿ã®æ¨™æº–åŒ–ã•ã‚ŒãŸå ±å‘ŠãŒv1.33ã§ãƒ™ãƒ¼ã‚¿ã«æ˜‡æ ¼ã—ã¾ã—ãŸã€‚ ã“ã‚Œã«ã‚ˆã‚Šã€ã‚ˆã‚Šãƒã‚¤ãƒ†ã‚£ãƒ–ãªKubernetesãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ã®çµ±åˆãŒå¯èƒ½ã«ãªã‚Šã€ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ãƒ‡ãƒã‚¤ã‚¹ã®é–‹ç™ºã¨ç®¡ç†ãŒç°¡ç´ åŒ–ã•ã‚Œã¾ã™ã€‚ ã“ã‚Œã«ã¤ã„ã¦ã¯ä»¥å‰ã«v1.32ãƒªãƒªãƒ¼ã‚¹ç™ºè¡¨ãƒ–ãƒã‚°ã§èª¬æ˜Žã•ã‚Œã¦ã„ã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯SIG Networkã€SIG Nodeã€ãŠã‚ˆã³WG Device ManagementãŒä¸»å°Žã—ãŸKEP-4817: DRA: Resource Claim Status with possible standardized network interface dataã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ©ãƒ¼ãŒ`activeQ`ã«Podã‚’æŒãŸãªã„å ´åˆã«ã€ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ«ã•ã‚Œã¦ã„ãªã„Podã‚’æ—©æœŸã«å‡¦ç†

ã“ã®æ©Ÿèƒ½ã¯ã‚ãƒ¥ãƒ¼ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒªãƒ³ã‚°ã®å‹•ä½œã‚’æ”¹å–„ã—ã¾ã™ã€‚ è£å´ã§ã¯ã€ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ©ãƒ¼ã¯activeQãŒç©ºã®å ´åˆã«ã€ã‚¨ãƒ©ãƒ¼ã«ã‚ˆã£ã¦ãƒãƒƒã‚¯ã‚ªãƒ•ã•ã‚Œã¦ã„ãªã„Podã‚’backoffQã‹ã‚‰ãƒãƒƒãƒ—ã™ã‚‹ã“ã¨ã§ã“ã‚Œã‚’å®Ÿç¾ã—ã¦ã„ã¾ã™ã€‚ ä»¥å‰ã¯ã€activeQãŒç©ºã®å ´åˆã§ã‚‚ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ©ãƒ¼ã¯ã‚¢ã‚¤ãƒ‰ãƒ«çŠ¶æ…‹ã«ãªã£ã¦ã—ã¾ã„ã¾ã—ãŸãŒã€ã“ã®æ©Ÿèƒ½å¼·åŒ–ã¯ãã‚Œã‚’é˜²æ¢ã™ã‚‹ã“ã¨ã§ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒªãƒ³ã‚°åŠ¹çŽ‡ã‚’å‘ä¸Šã•ã›ã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯SIG SchedulingãŒä¸»å°Žã—ãŸKEP-5142: Pop pod from backoffQ when activeQ is emptyã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

Kubernetesã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ©ãƒ¼ã«ãŠã‘ã‚‹éžåŒæœŸãƒ—ãƒªã‚¨ãƒ³ãƒ—ã‚·ãƒ§ãƒ³

ãƒ—ãƒªã‚¨ãƒ³ãƒ—ã‚·ãƒ§ãƒ³ã¯ã€å„ªå…ˆåº¦ã®ä½Žã„Podã‚’é€€é¿ã•ã›ã‚‹ã“ã¨ã§ã€å„ªå…ˆåº¦ã®é«˜ã„PodãŒå¿…è¦ãªãƒªã‚½ãƒ¼ã‚¹ã‚’ç¢ºä¿ã§ãã‚‹ã‚ˆã†ã«ã—ã¾ã™ã€‚ v1.32ã§ã‚¢ãƒ«ãƒ•ã‚¡ã¨ã—ã¦å°Žå…¥ã•ã‚ŒãŸéžåŒæœŸãƒ—ãƒªã‚¨ãƒ³ãƒ—ã‚·ãƒ§ãƒ³ãŒv1.33ã§ãƒ™ãƒ¼ã‚¿ã«æ˜‡æ ¼ã—ã¾ã—ãŸã€‚ ã“ã®æ©Ÿèƒ½å¼·åŒ–ã«ã‚ˆã‚Šã€Podã‚’å‰Šé™¤ã™ã‚‹ãŸã‚ã®APIã‚³ãƒ¼ãƒ«ãªã©ã®é‡ã„æ“ä½œãŒä¸¦è¡Œã—ã¦å‡¦ç†ã•ã‚Œã‚‹ã‚ˆã†ã«ãªã‚Šã€ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ©ãƒ¼ã¯é…å»¶ãªãä»–ã®Podã®ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒªãƒ³ã‚°ã‚’ç¶™ç¶šã§ãã¾ã™ã€‚ ã“ã®æ”¹å–„ã¯ç‰¹ã«Podã®å…¥ã‚Œæ›¿ã‚ã‚ŠãŒæ¿€ã—ã„ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã‚„ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒªãƒ³ã‚°ã®å¤±æ•—ãŒé »ç¹ã«ç™ºç”Ÿã™ã‚‹ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã§æœ‰ç›Šã§ã‚ã‚Šã€ã‚ˆã‚ŠåŠ¹çŽ‡çš„ã§å›žå¾©åŠ›ã®ã‚ã‚‹ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒªãƒ³ã‚°ãƒ—ãƒã‚»ã‚¹ã‚’ç¢ºä¿ã—ã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯SIG SchedulingãŒä¸»å°Žã—ãŸKEP-4832: Asynchronous preemption in the schedulerã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

ClusterTrustBundle

X.509ãƒˆãƒ©ã‚¹ãƒˆã‚¢ãƒ³ã‚«ãƒ¼(ãƒ«ãƒ¼ãƒˆè¨¼æ˜Žæ›¸)ã‚’ä¿æŒã™ã‚‹ãŸã‚ã«è¨è¨ˆã•ã‚ŒãŸã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã‚¹ã‚³ãƒ¼ãƒ—ãƒªã‚½ãƒ¼ã‚¹ã§ã‚ã‚‹ClusterTrustBundleãŒv1.33ã§ãƒ™ãƒ¼ã‚¿ã«æ˜‡æ ¼ã—ã¾ã—ãŸã€‚ ã“ã®APIã«ã‚ˆã‚Šã€ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼å†…ã®è¨¼æ˜Žæ›¸ç½²åè€…ãŒX.509ãƒˆãƒ©ã‚¹ãƒˆã‚¢ãƒ³ã‚«ãƒ¼ã‚’ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ãƒ¯ãƒ¼ã‚¯ãƒãƒ¼ãƒ‰ã«å…¬é–‹ãŠã‚ˆã³é€šä¿¡ã™ã‚‹ã“ã¨ãŒå®¹æ˜“ã«ãªã‚Šã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯SIG AuthãŒä¸»å°Žã—ãŸKEP-3257: ClusterTrustBundles (previously Trust Anchor Sets)ã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

ãã‚ç´°ã‹ã„SupplementalGroupsã®åˆ¶å¾¡

v1.31ã§å°Žå…¥ã•ã‚ŒãŸã“ã®æ©Ÿèƒ½ã¯v1.33ã§ãƒ™ãƒ¼ã‚¿ã«æ˜‡æ ¼ã—ã€ç¾åœ¨ã¯ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã§æœ‰åŠ¹ã«ãªã£ã¦ã„ã¾ã™ã€‚ ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã§ãƒ•ã‚£ãƒ¼ãƒãƒ£ãƒ¼ã‚²ãƒ¼ãƒˆã®SupplementalGroupsPolicyãŒæœ‰åŠ¹ã«ãªã£ã¦ã„ã‚‹å ´åˆã€Podã®securityContextå†…ã®supplementalGroupsPolicyãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã¯2ã¤ã®ãƒãƒªã‚·ãƒ¼ã‚’ã‚µãƒãƒ¼ãƒˆã—ã¾ã™: ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã®Mergeãƒãƒªã‚·ãƒ¼ã¯ã‚³ãƒ³ãƒ†ãƒŠã‚¤ãƒ¡ãƒ¼ã‚¸ã®/etc/groupãƒ•ã‚¡ã‚¤ãƒ«ã‹ã‚‰ã®ã‚°ãƒ«ãƒ¼ãƒ—ã¨æŒ‡å®šã•ã‚ŒãŸã‚°ãƒ«ãƒ¼ãƒ—ã‚’çµåˆã™ã‚‹ã“ã¨ã§å¾Œæ–¹äº’æ›æ€§ã‚’ç¶æŒã—ã€æ–°ã—ã„Strictãƒãƒªã‚·ãƒ¼ã¯æ˜Žç¤ºçš„ã«å®šç¾©ã•ã‚ŒãŸã‚°ãƒ«ãƒ¼ãƒ—ã®ã¿ã‚’é©ç”¨ã—ã¾ã™ã€‚

ã“ã®æ©Ÿèƒ½å¼·åŒ–ã¯ã€ã‚³ãƒ³ãƒ†ãƒŠã‚¤ãƒ¡ãƒ¼ã‚¸ã‹ã‚‰ã®æš—é»™çš„ãªã‚°ãƒ«ãƒ¼ãƒ—ãƒ¡ãƒ³ãƒãƒ¼ã‚·ãƒƒãƒ—ãŒæ„å›³ã—ãªã„ãƒ•ã‚¡ã‚¤ãƒ«ã‚¢ã‚¯ã‚»ã‚¹æ¨©é™ã«ã¤ãªãŒã‚Šã€ãƒãƒªã‚·ãƒ¼åˆ¶å¾¡ã‚’ãƒã‚¤ãƒ‘ã‚¹ã™ã‚‹å¯èƒ½æ€§ãŒã‚ã‚‹ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£ä¸Šã®æ‡¸å¿µã«å¯¾å‡¦ã™ã‚‹ã®ã«å½¹ç«‹ã¡ã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯SIG NodeãŒä¸»å°Žã—ãŸKEP-3619: Fine-grained SupplementalGroups controlã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

ã‚¤ãƒ¡ãƒ¼ã‚¸ã‚’ãƒœãƒªãƒ¥ãƒ¼ãƒ ã¨ã—ã¦ãƒžã‚¦ãƒ³ãƒˆã™ã‚‹æ©Ÿèƒ½ã‚’ã‚µãƒãƒ¼ãƒˆ

v1.31ã§å°Žå…¥ã•ã‚ŒãŸPodã§Open Container Initiative(OCI)ã‚¤ãƒ¡ãƒ¼ã‚¸ã‚’ãƒœãƒªãƒ¥ãƒ¼ãƒ ã¨ã—ã¦ä½¿ç”¨ã™ã‚‹æ©Ÿèƒ½ã®ã‚µãƒãƒ¼ãƒˆãŒãƒ™ãƒ¼ã‚¿ã«æ˜‡æ ¼ã—ã¾ã—ãŸã€‚ ã“ã®æ©Ÿèƒ½ã«ã‚ˆã‚Šã€ãƒ¦ãƒ¼ã‚¶ãƒ¼ã¯Podå†…ã§ã‚¤ãƒ¡ãƒ¼ã‚¸å‚ç…§ã‚’ãƒœãƒªãƒ¥ãƒ¼ãƒ ã¨ã—ã¦æŒ‡å®šã—ã€ã‚³ãƒ³ãƒ†ãƒŠå†…ã§ãƒœãƒªãƒ¥ãƒ¼ãƒ ãƒžã‚¦ãƒ³ãƒˆã¨ã—ã¦å†åˆ©ç”¨ã§ãã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã™ã€‚ ã“ã‚Œã«ã‚ˆã‚Šã€ãƒœãƒªãƒ¥ãƒ¼ãƒ ãƒ‡ãƒ¼ã‚¿ã‚’åˆ¥ã€…ã«ãƒ‘ãƒƒã‚±ãƒ¼ã‚¸åŒ–ã—ã€ãƒ¡ã‚¤ãƒ³ã‚¤ãƒ¡ãƒ¼ã‚¸ã«å«ã‚ã‚‹ã“ã¨ãªãPodå†…ã®ã‚³ãƒ³ãƒ†ãƒŠé–“ã§å…±æœ‰ã™ã‚‹å¯èƒ½æ€§ãŒé–‹ã‹ã‚Œã€è„†å¼±æ€§ã‚’æ¸›ã‚‰ã—ã‚¤ãƒ¡ãƒ¼ã‚¸ä½œæˆã‚’ç°¡ç´ åŒ–ã—ã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯SIG Nodeã¨SIG StorageãŒä¸»å°Žã—ãŸKEP-4639: VolumeSource: OCI Artifact and/or Imageã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

Linux Podã«ãŠã‘ã‚‹ãƒ¦ãƒ¼ã‚¶ãƒ¼åå‰ç©ºé–“ã®ã‚µãƒãƒ¼ãƒˆ

åŸ·ç†æ™‚ç‚¹ã§æœ€ã‚‚å¤ã„ã‚ªãƒ¼ãƒ—ãƒ³ãªKEPã®1ã¤ã§ã‚ã‚‹KEP-127ã¯ã€Podç”¨ã®Linuxãƒ¦ãƒ¼ã‚¶ãƒ¼åå‰ç©ºé–“ã‚’ä½¿ç”¨ã—ãŸPodã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£ã®æ”¹å–„ã§ã™ã€‚ ã“ã®KEPã¯2016å¹´å¾ŒåŠã«æœ€åˆã«ææ¡ˆã•ã‚Œã€è¤‡æ•°ã®æ”¹è¨‚ã‚’çµŒã¦ã€v1.25ã§ã‚¢ãƒ«ãƒ•ã‚¡ãƒªãƒªãƒ¼ã‚¹ã€v1.30ã§åˆæœŸãƒ™ãƒ¼ã‚¿(ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã§ã¯ç„¡åŠ¹)ã¨ãªã‚Šã€v1.33ã®ä¸€éƒ¨ã¨ã—ã¦ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã§æœ‰åŠ¹ãªãƒ™ãƒ¼ã‚¿ã«ç§»è¡Œã—ã¾ã—ãŸã€‚

ã“ã®ã‚µãƒãƒ¼ãƒˆã¯ã€æ‰‹å‹•ã§pod.spec.hostUsersã‚’æŒ‡å®šã—ã¦ã‚ªãƒ—ãƒˆã‚¤ãƒ³ã—ãªã„é™ã‚Šã€æ—¢å˜ã®Podã«å½±éŸ¿ã‚’ä¸Žãˆã¾ã›ã‚“ã€‚ v1.30ã®å…ˆè¡Œç´¹ä»‹ãƒ–ãƒã‚°ã§å¼·èª¿ã•ã‚Œã¦ã„ã‚‹ã‚ˆã†ã«ã€ã“ã‚Œã¯è„†å¼±æ€§ã‚’è»½æ¸›ã™ã‚‹ãŸã‚ã®é‡è¦ãªãƒžã‚¤ãƒ«ã‚¹ãƒˆãƒ¼ãƒ³ã§ã™ã€‚

ã“ã®ä½œæ¥ã¯SIG NodeãŒä¸»å°Žã—ãŸKEP-127: Support User Namespaces in podsã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

Podã®`procMount`ã‚ªãƒ—ã‚·ãƒ§ãƒ³

v1.12ã§ã‚¢ãƒ«ãƒ•ã‚¡ã¨ã—ã¦å°Žå…¥ã•ã‚Œã€v1.31ã§ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆç„¡åŠ¹ã®ãƒ™ãƒ¼ã‚¿ã ã£ãŸprocMountã‚ªãƒ—ã‚·ãƒ§ãƒ³ãŒã€v1.33ã§ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆæœ‰åŠ¹ã®ãƒ™ãƒ¼ã‚¿ã«ç§»è¡Œã—ã¾ã—ãŸã€‚ ã“ã®æ©Ÿèƒ½å¼·åŒ–ã¯ãƒ¦ãƒ¼ã‚¶ãƒ¼ãŒ/procãƒ•ã‚¡ã‚¤ãƒ«ã‚·ã‚¹ãƒ†ãƒ ã¸ã®ã‚¢ã‚¯ã‚»ã‚¹ã‚’ç´°ã‹ãèª¿æ•´ã§ãã‚‹ã‚ˆã†ã«ã™ã‚‹ã“ã¨ã§Podåˆ†é›¢ã‚’æ”¹å–„ã—ã¾ã™ã€‚ å…·ä½“çš„ã«ã¯ã€Podã®securityContextã«ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã‚’è¿½åŠ ã—ã€ç‰¹å®šã®/procãƒ‘ã‚¹ã‚’ãƒžã‚¹ã‚¯ã—ãŸã‚Šèªã¿å–ã‚Šå°‚ç”¨ã¨ã—ã¦ãƒžãƒ¼ã‚¯ã™ã‚‹ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã®å‹•ä½œã‚’ã‚ªãƒ¼ãƒãƒ¼ãƒ©ã‚¤ãƒ‰ã§ãã‚‹ã‚ˆã†ã«ã—ã¾ã™ã€‚ ã“ã‚Œã¯ç‰¹ã«ã€ãƒ¦ãƒ¼ã‚¶ãƒ¼ãŒãƒ¦ãƒ¼ã‚¶ãƒ¼åå‰ç©ºé–“ã‚’ä½¿ç”¨ã—ã¦Kubernetes Podå†…ã§éžç‰¹æ¨©ã‚³ãƒ³ãƒ†ãƒŠã‚’å®Ÿè¡Œã—ãŸã„å ´åˆã«ä¾¿åˆ©ã§ã™ã€‚ é€šå¸¸ã€ã‚³ãƒ³ãƒ†ãƒŠãƒ©ãƒ³ã‚¿ã‚¤ãƒ (CRIå®Ÿè£…ã‚’ä»‹ã—ã¦)ã¯åŽ³æ ¼ãª/procãƒžã‚¦ãƒ³ãƒˆè¨å®šã§å¤–éƒ¨ã‚³ãƒ³ãƒ†ãƒŠã‚’èµ·å‹•ã—ã¾ã™ã€‚ ã—ã‹ã—ã€éžç‰¹æ¨©Podå†…ã§ãƒã‚¹ãƒˆã•ã‚ŒãŸã‚³ãƒ³ãƒ†ãƒŠã‚’æ£å¸¸ã«å®Ÿè¡Œã™ã‚‹ã«ã¯ã€ãƒ¦ãƒ¼ã‚¶ãƒ¼ã¯ãã‚Œã‚‰ã®ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆè¨å®šã‚’ç·©å’Œã™ã‚‹ãƒ¡ã‚«ãƒ‹ã‚ºãƒ ãŒå¿…è¦ã§ã‚ã‚Šã€ã“ã®æ©Ÿèƒ½ã¯ã¾ã•ã«ãã‚Œã‚’æä¾›ã—ã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯SIG NodeãŒä¸»å°Žã—ãŸKEP-4265: add ProcMount optionã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

NUMAãƒŽãƒ¼ãƒ‰é–“ã§CPUã‚’åˆ†æ•£ã•ã›ã‚‹CPUManagerãƒãƒªã‚·ãƒ¼

ã“ã®æ©Ÿèƒ½ã¯CPUManagerã«ã€å˜ä¸€ãƒŽãƒ¼ãƒ‰ã«é›†ä¸ã•ã›ã‚‹ã®ã§ã¯ãªãéžä¸€æ§˜ãƒ¡ãƒ¢ãƒªã‚¢ã‚¯ã‚»ã‚¹(NUMA)ãƒŽãƒ¼ãƒ‰é–“ã§CPUã‚’åˆ†æ•£ã•ã›ã‚‹æ–°ã—ã„ãƒãƒªã‚·ãƒ¼ã‚ªãƒ—ã‚·ãƒ§ãƒ³ã‚’è¿½åŠ ã—ã¾ã™ã€‚ ã“ã‚Œã«ã‚ˆã‚Šè¤‡æ•°ã®NUMAãƒŽãƒ¼ãƒ‰é–“ã§ãƒ¯ãƒ¼ã‚¯ãƒãƒ¼ãƒ‰ã®ãƒãƒ©ãƒ³ã‚¹ã‚’å–ã‚‹ã“ã¨ã§CPUãƒªã‚½ãƒ¼ã‚¹ã®å‰²ã‚Šå½“ã¦ã‚’æœ€é©åŒ–ã—ã€ãƒžãƒ«ãƒNUMAã‚·ã‚¹ãƒ†ãƒ ã«ãŠã‘ã‚‹ãƒ‘ãƒ•ã‚©ãƒ¼ãƒžãƒ³ã‚¹ã¨ãƒªã‚½ãƒ¼ã‚¹ä½¿ç”¨çŽ‡ã‚’å‘ä¸Šã•ã›ã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯SIG NodeãŒä¸»å°Žã—ãŸKEP-2902: Add CPUManager policy option to distribute CPUs across NUMA nodes instead of packing themã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

ã‚³ãƒ³ãƒ†ãƒŠã®PreStopãƒ•ãƒƒã‚¯ã®ã‚¼ãƒç§’ã‚¹ãƒªãƒ¼ãƒ—

Kubernetes 1.29ã§ã¯Podã®preStopãƒ©ã‚¤ãƒ•ã‚µã‚¤ã‚¯ãƒ«ãƒ•ãƒƒã‚¯ã«Sleepã‚¢ã‚¯ã‚·ãƒ§ãƒ³ãŒå°Žå…¥ã•ã‚Œã€ã‚³ãƒ³ãƒ†ãƒŠãŒçµ‚äº†ã™ã‚‹å‰ã«æŒ‡å®šã•ã‚ŒãŸæ™‚é–“ã ã‘ä¸€æ™‚åœæ¢ã§ãã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã—ãŸã€‚ ã“ã‚Œã«ã‚ˆã‚Šã€æŽ¥ç¶šã®ãƒ‰ãƒ¬ã‚¤ãƒ³(æŽ’å‡º)ã‚„ã‚¯ãƒªãƒ¼ãƒ³ã‚¢ãƒƒãƒ—æ“ä½œãªã©ã®ã‚¿ã‚¹ã‚¯ã‚’å®¹æ˜“ã«ã™ã‚‹ã‚³ãƒ³ãƒ†ãƒŠã®ã‚·ãƒ£ãƒƒãƒˆãƒ€ã‚¦ãƒ³ã‚’é…ã‚‰ã›ã‚‹ãŸã‚ã®ç°¡å˜ãªæ–¹æ³•ãŒæä¾›ã•ã‚Œã¾ã™ã€‚

preStopãƒ•ãƒƒã‚¯ã®Sleepã‚¢ã‚¯ã‚·ãƒ§ãƒ³ã¯ã€ç¾åœ¨ãƒ™ãƒ¼ã‚¿æ©Ÿèƒ½ã¨ã—ã¦ã‚¼ãƒç§’ã®æ™‚é–“ã‚’å—ã‘ä»˜ã‘ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚ ã“ã‚Œã«ã‚ˆã‚Šã€preStopãƒ•ãƒƒã‚¯ãŒå¿…è¦ã ãŒé…å»¶ãŒä¸è¦ãªå ´åˆã«ä¾¿åˆ©ãªã€ç„¡æ“ä½œ(no-op)ã®preStopãƒ•ãƒƒã‚¯ã‚’å®šç¾©ã§ãã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯SIG NodeãŒä¸»å°Žã—ãŸKEP-3960: Introducing Sleep Action for PreStop HookãŠã‚ˆã³KEP-4818: Allow zero value for Sleep Action of PreStop Hookã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

Kubernetesãƒã‚¤ãƒ†ã‚£ãƒ–åž‹ã®å®£è¨€çš„æ¤œè¨¼ã®ãŸã‚ã®å†…éƒ¨ãƒ„ãƒ¼ãƒ«

ã²ãã‹ã«ã€Kubernetesã®å†…éƒ¨ã¯ã‚ªãƒ–ã‚¸ã‚§ã‚¯ãƒˆã¨ã‚ªãƒ–ã‚¸ã‚§ã‚¯ãƒˆã¸ã®å¤‰æ›´ã‚’æ¤œè¨¼ã™ã‚‹ãŸã‚ã®æ–°ã—ã„ãƒ¡ã‚«ãƒ‹ã‚ºãƒ ã®ä½¿ç”¨ã‚’é–‹å§‹ã—ã¦ã„ã¾ã™ã€‚ Kubernetes v1.33ã§ã¯ã€Kubernetesã‚³ãƒ³ãƒˆãƒªãƒ“ãƒ¥ãƒ¼ã‚¿ãƒ¼ãŒå®£è¨€çš„ãªæ¤œè¨¼ãƒ«ãƒ¼ãƒ«ã‚’ç”Ÿæˆã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã™ã‚‹å†…éƒ¨ãƒ„ãƒ¼ãƒ«validation-genã‚’å°Žå…¥ã—ã¦ã„ã¾ã™ã€‚ å…¨ä½“çš„ãªç›®æ¨™ã¯ã€é–‹ç™ºè€…ãŒæ¤œè¨¼åˆ¶ç´„ã‚’å®£è¨€çš„ã«æŒ‡å®šã§ãã‚‹ã‚ˆã†ã«ã™ã‚‹ã“ã¨ã§APIæ¤œè¨¼ã®å …ç‰¢æ€§ã¨ä¿å®ˆæ€§ã‚’å‘ä¸Šã•ã›ã€æ‰‹å‹•ã‚³ãƒ¼ãƒ‡ã‚£ãƒ³ã‚°ã‚¨ãƒ©ãƒ¼ã‚’æ¸›ã‚‰ã—ã€ã‚³ãƒ¼ãƒ‰ãƒ™ãƒ¼ã‚¹å…¨ä½“ã§ã®ä¸€è²«æ€§ã‚’ç¢ºä¿ã™ã‚‹ã“ã¨ã§ã™ã€‚

ã“ã®ä½œæ¥ã¯SIG API MachineryãŒä¸»å°Žã—ãŸKEP-5073: Declarative Validation Of Kubernetes Native Types With validation-genã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

ã‚¢ãƒ«ãƒ•ã‚¡ã®æ–°æ©Ÿèƒ½

ã“ã‚Œã¯v1.33ãƒªãƒªãƒ¼ã‚¹å¾Œã«ã‚¢ãƒ«ãƒ•ã‚¡ã¨ãªã£ãŸæ”¹å–„ç‚¹ã®ä¸€éƒ¨ã§ã™ã€‚

HorizontalPodAutoscalerã®è¨å®šå¯èƒ½ãªè¨±å®¹å€¤

ã“ã®æ©Ÿèƒ½ã¯ã€HorizontalPodAutoscalerè¨å®šå¯èƒ½ãªè¨±å®¹å€¤ã‚’å°Žå…¥ã—ã€å°ã•ãªãƒ¡ãƒˆãƒªã‚¯ã‚¹å¤‰å‹•ã«å¯¾ã™ã‚‹ã‚¹ã‚±ãƒ¼ãƒªãƒ³ã‚°åå¿œã‚’æŠ‘åˆ¶ã—ã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯SIG AutoscalingãŒä¸»å°Žã—ãŸKEP-4951: Configurable tolerance for Horizontal Pod Autoscalersã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

è¨å®šå¯èƒ½ãªã‚³ãƒ³ãƒ†ãƒŠã®å†èµ·å‹•é…å»¶

CrashLoopBackOffã®å‡¦ç†æ–¹æ³•ã‚’å¾®èª¿æ•´ã§ãã‚‹æ©Ÿèƒ½ã§ã™ã€‚

ã“ã®ä½œæ¥ã¯SIG NodeãŒä¸»å°Žã—ãŸKEP-4603: Tune CrashLoopBackOffã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

ã‚«ã‚¹ã‚¿ãƒ ã‚³ãƒ³ãƒ†ãƒŠã®åœæ¢ã‚·ã‚°ãƒŠãƒ«

Kubernetes v1.33ã‚ˆã‚Šå‰ã§ã¯ã€åœæ¢ã‚·ã‚°ãƒŠãƒ«ã¯ã‚³ãƒ³ãƒ†ãƒŠã‚¤ãƒ¡ãƒ¼ã‚¸å®šç¾©å†…ã§ã®ã¿è¨å®šå¯èƒ½ã§ã—ãŸ(ä¾‹ãˆã°ã€ã‚¤ãƒ¡ãƒ¼ã‚¸ãƒ¡ã‚¿ãƒ‡ãƒ¼ã‚¿ã®StopSignalãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã‚’ä»‹ã—ã¦)ã€‚ çµ‚äº†å‹•ä½œã‚’å¤‰æ›´ã—ãŸã„å ´åˆã¯ã€ã‚«ã‚¹ã‚¿ãƒ ã‚³ãƒ³ãƒ†ãƒŠã‚¤ãƒ¡ãƒ¼ã‚¸ã‚’ãƒ“ãƒ«ãƒ‰ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã—ãŸã€‚ Kubernetes v1.33ã§(ã‚¢ãƒ«ãƒ•ã‚¡ã®)ãƒ•ã‚£ãƒ¼ãƒãƒ£ãƒ¼ã‚²ãƒ¼ãƒˆã§ã‚ã‚‹ContainerStopSignalsã‚’æœ‰åŠ¹ã«ã™ã‚‹ã“ã¨ã§ã€Podä»•æ§˜å†…ã§ç›´æŽ¥ã‚«ã‚¹ã‚¿ãƒ åœæ¢ã‚·ã‚°ãƒŠãƒ«ã‚’å®šç¾©ã§ãã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã—ãŸã€‚ ã“ã‚Œã¯ã‚³ãƒ³ãƒ†ãƒŠã®lifecycle.stopSignalãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã§å®šç¾©ã•ã‚Œã€Podã®spec.os.nameãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ãŒå˜åœ¨ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚ æŒ‡å®šã•ã‚Œãªã„å ´åˆã€ã‚³ãƒ³ãƒ†ãƒŠã¯ã‚¤ãƒ¡ãƒ¼ã‚¸ã§å®šç¾©ã•ã‚ŒãŸåœæ¢ã‚·ã‚°ãƒŠãƒ«(å˜åœ¨ã™ã‚‹å ´åˆ)ã€ã¾ãŸã¯ã‚³ãƒ³ãƒ†ãƒŠãƒ©ãƒ³ã‚¿ã‚¤ãƒ ã®ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆ(é€šå¸¸Linuxã®å ´åˆã¯SIGTERM)ã«ãƒ•ã‚©ãƒ¼ãƒ«ãƒãƒƒã‚¯ã—ã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯SIG NodeãŒä¸»å°Žã—ãŸKEP-4960: Container Stop Signalsã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

è±Šå¯ŒãªDRAæ©Ÿèƒ½å¼·åŒ–

Kubernetes v1.33ã¯ã€ä»Šæ—¥ã®è¤‡é›‘ãªã‚¤ãƒ³ãƒ•ãƒ©ã‚¹ãƒˆãƒ©ã‚¯ãƒãƒ£å‘ã‘ã«è¨è¨ˆã•ã‚ŒãŸæ©Ÿèƒ½ã‚’å‚™ãˆãŸDynamic Resource Allocation (DRA)ã®é–‹ç™ºã‚’ç¶™ç¶šã—ã¦ã„ã¾ã™ã€‚ DRAã¯Podé–“ãŠã‚ˆã³Podå†…ã®ã‚³ãƒ³ãƒ†ãƒŠé–“ã§ãƒªã‚½ãƒ¼ã‚¹ã‚’è¦æ±‚ãŠã‚ˆã³å…±æœ‰ã™ã‚‹ãŸã‚ã®APIã§ã™ã€‚ é€šå¸¸ã€ãã‚Œã‚‰ã®ãƒªã‚½ãƒ¼ã‚¹ã¯GPUã€FPGAã€ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ã‚¢ãƒ€ãƒ—ã‚¿ãƒ¼ãªã©ã®ãƒ‡ãƒã‚¤ã‚¹ã§ã™ã€‚

ä»¥ä¸‹ã¯v1.33ã§å°Žå…¥ã•ã‚ŒãŸã™ã¹ã¦ã®ã‚¢ãƒ«ãƒ•ã‚¡ã®DRAã®ãƒ•ã‚£ãƒ¼ãƒãƒ£ãƒ¼ã‚²ãƒ¼ãƒˆã§ã™:

ãƒŽãƒ¼ãƒ‰ãƒ†ã‚¤ãƒ³ãƒˆã¨åŒæ§˜ã«ã€ãƒ•ã‚£ãƒ¼ãƒãƒ£ãƒ¼ã‚²ãƒ¼ãƒˆã®DRADeviceTaintsã‚’æœ‰åŠ¹ã«ã™ã‚‹ã“ã¨ã§ã€ãƒ‡ãƒã‚¤ã‚¹ã¯Taintã¨Tolerationã‚’ã‚µãƒãƒ¼ãƒˆã—ã¾ã™ã€‚ ç®¡ç†è€…ã¾ãŸã¯ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ«ãƒ—ãƒ¬ãƒ¼ãƒ³ã‚³ãƒ³ãƒãƒ¼ãƒãƒ³ãƒˆã¯ãƒ‡ãƒã‚¤ã‚¹ã«ãƒ†ã‚¤ãƒ³ãƒˆã‚’ä»˜ã‘ã¦ä½¿ç”¨ã‚’åˆ¶é™ã§ãã¾ã™ã€‚ ãƒ†ã‚¤ãƒ³ãƒˆãŒå˜åœ¨ã™ã‚‹é–“ã€ãã‚Œã‚‰ã®ãƒ‡ãƒã‚¤ã‚¹ã«ä¾å˜ã™ã‚‹Podã®ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒªãƒ³ã‚°ã‚’ä¸€æ™‚åœæ¢ã—ãŸã‚Šã€ãƒ†ã‚¤ãƒ³ãƒˆã•ã‚ŒãŸãƒ‡ãƒã‚¤ã‚¹ã‚’ä½¿ç”¨ã™ã‚‹Podã‚’é€€é¿ã•ã›ãŸã‚Šã™ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚
ãƒ•ã‚£ãƒ¼ãƒãƒ£ãƒ¼ã‚²ãƒ¼ãƒˆã®DRAPrioritizedListã‚’æœ‰åŠ¹ã«ã™ã‚‹ã“ã¨ã§ã€DeviceRequestsã¯firstAvailableã¨ã„ã†æ–°ã—ã„ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã‚’å–å¾—ã—ã¾ã™ã€‚ ã“ã®ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã¯é †åºä»˜ã‘ã‚‰ã‚ŒãŸãƒªã‚¹ãƒˆã§ã€ãƒ¦ãƒ¼ã‚¶ãƒ¼ãŒç‰¹å®šã®ãƒãƒ¼ãƒ‰ã‚¦ã‚§ã‚¢ãŒåˆ©ç”¨ã§ããªã„å ´åˆã«ä½•ã‚‚å‰²ã‚Šå½“ã¦ãªã„ã“ã¨ã‚’å«ã‚ã€ãƒªã‚¯ã‚¨ã‚¹ãƒˆãŒç•°ãªã‚‹æ–¹æ³•ã§æº€ãŸã•ã‚Œã‚‹å¯èƒ½æ€§ã‚’æŒ‡å®šã§ãã‚‹ã‚ˆã†ã«ã—ã¾ã™ã€‚
ãƒ•ã‚£ãƒ¼ãƒãƒ£ãƒ¼ã‚²ãƒ¼ãƒˆã®DRAAdminAccessã‚’æœ‰åŠ¹ã«ã™ã‚‹ã¨ã€resource.k8s.io/admin-access: "true"ã§ãƒ©ãƒ™ãƒ«ä»˜ã‘ã•ã‚ŒãŸåå‰ç©ºé–“å†…ã§ResourceClaimã¾ãŸã¯ResourceClaimTemplateã‚ªãƒ–ã‚¸ã‚§ã‚¯ãƒˆã‚’ä½œæˆã™ã‚‹æ¨©é™ã‚’æŒã¤ãƒ¦ãƒ¼ã‚¶ãƒ¼ã®ã¿ãŒadminAccessãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã‚’ä½¿ç”¨ã§ãã¾ã™ã€‚ ã“ã‚Œã«ã‚ˆã‚Šã€ç®¡ç†è€…ä»¥å¤–ã®ãƒ¦ãƒ¼ã‚¶ãƒ¼ãŒadminAccessæ©Ÿèƒ½ã‚’èª¤ç”¨ã§ããªã„ã‚ˆã†ã«ãªã‚Šã¾ã™ã€‚
v1.31ä»¥é™ã€ãƒ‡ãƒã‚¤ã‚¹ãƒ‘ãƒ¼ãƒ†ã‚£ã‚·ãƒ§ãƒ³ã®ä½¿ç”¨ãŒå¯èƒ½ã§ã—ãŸãŒã€ãƒ™ãƒ³ãƒ€ãƒ¼ã¯ãƒ‡ãƒã‚¤ã‚¹ã‚’äº‹å‰ã«ãƒ‘ãƒ¼ãƒ†ã‚£ã‚·ãƒ§ãƒ³åˆ†å‰²ã—ã€ãã‚Œã«å¿œã˜ã¦é€šçŸ¥ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã—ãŸã€‚ v1.33ã§ãƒ•ã‚£ãƒ¼ãƒãƒ£ãƒ¼ã‚²ãƒ¼ãƒˆã®DRAPartitionableDevicesã‚’æœ‰åŠ¹ã«ã™ã‚‹ã“ã¨ã§ã€ãƒ‡ãƒã‚¤ã‚¹ãƒ™ãƒ³ãƒ€ãƒ¼ã¯é‡è¤‡ã™ã‚‹ã‚‚ã®ã‚’å«ã‚€è¤‡æ•°ã®ãƒ‘ãƒ¼ãƒ†ã‚£ã‚·ãƒ§ãƒ³ã‚’é€šçŸ¥ã§ãã¾ã™ã€‚ Kubernetesã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ©ãƒ¼ã¯ãƒ¯ãƒ¼ã‚¯ãƒãƒ¼ãƒ‰è¦æ±‚ã«åŸºã¥ã„ã¦ãƒ‘ãƒ¼ãƒ†ã‚£ã‚·ãƒ§ãƒ³ã‚’é¸æŠžã—ã€ç«¶åˆã™ã‚‹ãƒ‘ãƒ¼ãƒ†ã‚£ã‚·ãƒ§ãƒ³ã®åŒæ™‚å‰²ã‚Šå½“ã¦ã‚’é˜²æ¢ã—ã¾ã™ã€‚ ã“ã®æ©Ÿèƒ½ã«ã‚ˆã‚Šã€ãƒ™ãƒ³ãƒ€ãƒ¼ã¯å‰²ã‚Šå½“ã¦æ™‚ã«å‹•çš„ã«ãƒ‘ãƒ¼ãƒ†ã‚£ã‚·ãƒ§ãƒ³ã‚’ä½œæˆã™ã‚‹æ©Ÿèƒ½ã‚’æŒã¡ã¾ã™ã€‚ å‰²ã‚Šå½“ã¦ã¨å‹•çš„ãƒ‘ãƒ¼ãƒ†ã‚£ã‚·ãƒ§ãƒ‹ãƒ³ã‚°ã¯è‡ªå‹•çš„ã‹ã¤ãƒ¦ãƒ¼ã‚¶ãƒ¼ã«é€éŽçš„ã«è¡Œã‚ã‚Œã€ãƒªã‚½ãƒ¼ã‚¹ä½¿ç”¨çŽ‡ã®å‘ä¸Šã‚’å¯èƒ½ã«ã—ã¾ã™ã€‚

ã“ã‚Œã‚‰ã®ãƒ•ã‚£ãƒ¼ãƒãƒ£ãƒ¼ã‚²ãƒ¼ãƒˆã¯ã€ãƒ•ã‚£ãƒ¼ãƒãƒ£ãƒ¼ã‚²ãƒ¼ãƒˆã®DynamicResourceAllocationã‚‚æœ‰åŠ¹ã«ã—ãªã„é™ã‚ŠåŠ¹æžœãŒã‚ã‚Šã¾ã›ã‚“ã€‚

ã“ã®ä½œæ¥ã¯SIG Nodeã€SIG Schedulingã€SIG AuthãŒä¸»å°Žã—ãŸ KEP-5055: DRA: device taints and tolerationsã€ KEP-4816: DRA: Prioritized Alternatives in Device Requestsã€ KEP-5018: DRA: AdminAccess for ResourceClaims and ResourceClaimTemplatesã€ ãŠã‚ˆã³KEP-4815: DRA: Add support for partitionable devicesã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

`IfNotPresent`ã¨`Never`ã®ã‚¤ãƒ¡ãƒ¼ã‚¸ã«å¯¾ã™ã‚‹èªè¨¼ã‚’è¡Œã†å …ç‰¢ãªimagePullPolicy

ã“ã®æ©Ÿèƒ½ã«ã‚ˆã‚Šã€ãƒ¦ãƒ¼ã‚¶ãƒ¼ã¯ã‚¤ãƒ¡ãƒ¼ã‚¸ãŒãƒŽãƒ¼ãƒ‰ä¸Šã«æ—¢ã«å˜åœ¨ã™ã‚‹ã‹ã©ã†ã‹ã«é–¢ã‚ã‚‰ãšã€æ–°ã—ã„è³‡æ ¼æƒ…å ±ã‚»ãƒƒãƒˆã”ã¨ã«kubeletãŒã‚¤ãƒ¡ãƒ¼ã‚¸ãƒ—ãƒ«èªè¨¼ãƒã‚§ãƒƒã‚¯ã‚’è¦æ±‚ã™ã‚‹ã“ã¨ã‚’ç¢ºå®Ÿã«ã§ãã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯SIG AuthãŒä¸»å°Žã—ãŸKEP-2535: Ensure secret pulled imagesã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

Downward APIã‚’é€šã˜ã¦åˆ©ç”¨å¯èƒ½ãªãƒŽãƒ¼ãƒ‰ãƒˆãƒãƒã‚¸ãƒ¼ãƒ©ãƒ™ãƒ«

ã“ã®æ©Ÿèƒ½ã«ã‚ˆã‚Šã€ãƒŽãƒ¼ãƒ‰ãƒˆãƒãƒã‚¸ãƒ¼ãƒ©ãƒ™ãƒ«ãŒãƒ€ã‚¦ãƒ³ãƒ¯ãƒ¼ãƒ‰APIã‚’é€šã˜ã¦å…¬é–‹ã•ã‚Œã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã™ã€‚ Kubernetes v1.33ã‚ˆã‚Šå‰ã§ã¯ã€åŸºç›¤ã¨ãªã‚‹ãƒŽãƒ¼ãƒ‰ã«ã¤ã„ã¦Kubernetes APIã«å•ã„åˆã‚ã›ã‚‹ãŸã‚ã«åˆæœŸåŒ–ã‚³ãƒ³ãƒ†ãƒŠã‚’ä½¿ç”¨ã™ã‚‹å›žé¿ç–ãŒå¿…è¦ã§ã—ãŸã€‚ ã“ã®ã‚¢ãƒ«ãƒ•ã‚¡æ©Ÿèƒ½ã«ã‚ˆã‚Šã€ãƒ¯ãƒ¼ã‚¯ãƒãƒ¼ãƒ‰ãŒãƒŽãƒ¼ãƒ‰ãƒˆãƒãƒã‚¸ãƒ¼æƒ…å ±ã«ã‚¢ã‚¯ã‚»ã‚¹ã™ã‚‹æ–¹æ³•ãŒç°¡ç´ åŒ–ã•ã‚Œã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯SIG NodeãŒä¸»å°Žã—ãŸKEP-4742: Expose Node labels via downward APIã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

ç”Ÿæˆç•ªå·ã¨è¦³æ¸¬ã•ã‚ŒãŸç”Ÿæˆç•ªå·ã«ã‚ˆã‚‹ã‚ˆã‚Šè‰¯ã„Podã‚¹ãƒ†ãƒ¼ã‚¿ã‚¹

ã“ã®å¤‰æ›´ä»¥å‰ã¯ã€metadata.generationãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã¯Podã§ã¯ä½¿ç”¨ã•ã‚Œã¦ã„ã¾ã›ã‚“ã§ã—ãŸã€‚ metadata.generationã‚’ã‚µãƒãƒ¼ãƒˆã™ã‚‹ãŸã‚ã®æ‹¡å¼µã«åŠ ãˆã¦ã€ã“ã®æ©Ÿèƒ½ã¯status.observedGenerationã‚’å°Žå…¥ã—ã€ã‚ˆã‚Šæ˜Žç¢ºãªPodã‚¹ãƒ†ãƒ¼ã‚¿ã‚¹ã‚’æä¾›ã—ã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯SIG NodeãŒä¸»å°Žã—ãŸKEP-5067: Pod Generationã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

kubeletã®CPU Managerã«ã‚ˆã‚‹åˆ†å‰²ãƒ¬ãƒ™ãƒ«3ã‚ãƒ£ãƒƒã‚·ãƒ¥ã‚¢ãƒ¼ã‚ãƒ†ã‚¯ãƒãƒ£ã®ã‚µãƒãƒ¼ãƒˆ

ã“ã‚Œã¾ã§ã®kubeletã®CPU Managerã¯åˆ†å‰²L3ã‚ãƒ£ãƒƒã‚·ãƒ¥ã‚¢ãƒ¼ã‚ãƒ†ã‚¯ãƒãƒ£(Last Level Cacheã€ã¾ãŸã¯LLCã¨ã‚‚å‘¼ã°ã‚Œã‚‹)ã‚’èªè˜ã›ãšã€åˆ†å‰²L3ã‚ãƒ£ãƒƒã‚·ãƒ¥ã‚’è€ƒæ…®ã›ãšã«CPUå‰²ã‚Šå½“ã¦ã‚’åˆ†æ•£ã•ã›ã‚‹å¯èƒ½æ€§ãŒã‚ã‚Šã€ãƒŽã‚¤ã‚¸ãƒ¼ãƒã‚¤ãƒãƒ¼å•é¡Œã‚’å¼•ãèµ·ã“ã™å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã—ãŸã€‚ ã“ã®ã‚¢ãƒ«ãƒ•ã‚¡æ©Ÿèƒ½ã¯CPU Managerã‚’æ”¹å–„ã—ã€ã‚ˆã‚Šè‰¯ã„ãƒ‘ãƒ•ã‚©ãƒ¼ãƒžãƒ³ã‚¹ã®ãŸã‚ã«CPUã‚³ã‚¢ã‚’ã‚ˆã‚Šé©åˆ‡ã«å‰²ã‚Šå½“ã¦ã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯SIG NodeãŒä¸»å°Žã—ãŸKEP-5109: Split L3 Cache Topology Awareness in CPU Managerã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒªãƒ³ã‚°æ”¹å–„ã®ãŸã‚ã®PSI(Pressure Stall Information)ãƒ¡ãƒˆãƒªã‚¯ã‚¹

ã“ã®æ©Ÿèƒ½ã¯ã€LinuxãƒŽãƒ¼ãƒ‰ã«cgroupv2ã‚’ä½¿ç”¨ã—ã¦PSIçµ±è¨ˆã¨ãƒ¡ãƒˆãƒªã‚¯ã‚¹ã‚’æä¾›ã™ã‚‹ã‚µãƒãƒ¼ãƒˆã‚’è¿½åŠ ã—ã¾ã™ã€‚ ã“ã‚Œã«ã‚ˆã‚Šãƒªã‚½ãƒ¼ã‚¹ä¸è¶³ã‚’æ¤œå‡ºã—ã€Podã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒªãƒ³ã‚°ã®ãŸã‚ã®ã‚ˆã‚Šç´°ã‹ã„åˆ¶å¾¡ã‚’ãƒŽãƒ¼ãƒ‰ã«æä¾›ã§ãã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯SIG NodeãŒä¸»å°Žã—ãŸKEP-4205: Support PSI based on cgroupv2ã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

kubeletã«ã‚ˆã‚‹ã‚·ãƒ¼ã‚¯ãƒ¬ãƒƒãƒˆãƒ¬ã‚¹ã‚¤ãƒ¡ãƒ¼ã‚¸Pull

kubeletã®ã‚ªãƒ³ãƒ‡ã‚£ã‚¹ã‚¯èªè¨¼æƒ…å ±ãƒ—ãƒãƒã‚¤ãƒ€ãƒ¼ãŒã€ã‚ªãƒ—ã‚·ãƒ§ãƒ³ã§Kubernetes ServiceAccount(SA)ãƒˆãƒ¼ã‚¯ãƒ³ã®å–å¾—ã‚’ã‚µãƒãƒ¼ãƒˆã™ã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã—ãŸã€‚ ã“ã‚Œã«ã‚ˆã‚Šã€ã‚¯ãƒ©ã‚¦ãƒ‰ãƒ—ãƒãƒã‚¤ãƒ€ãƒ¼ã¯OIDCäº’æ›ã®ã‚¢ã‚¤ãƒ‡ãƒ³ãƒ†ã‚£ãƒ†ã‚£ã‚½ãƒªãƒ¥ãƒ¼ã‚·ãƒ§ãƒ³ã¨ã‚ˆã‚Šé©åˆ‡ã«çµ±åˆã§ãã€ã‚¤ãƒ¡ãƒ¼ã‚¸ãƒ¬ã‚¸ã‚¹ãƒˆãƒªã¨ã®èªè¨¼ãŒç°¡ç´ åŒ–ã•ã‚Œã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯SIG AuthãŒä¸»å°Žã—ãŸKEP-4412: Projected service account tokens for Kubelet image credential providersã®ä¸€ç’°ã¨ã—ã¦è¡Œã‚ã‚Œã¾ã—ãŸã€‚

v1.33ã§ã®æ˜‡æ ¼ã€éžæŽ¨å¥¨åŒ–ã€ãŠã‚ˆã³å‰Šé™¤

GAã¸ã®æ˜‡æ ¼

ã“ã‚Œã¯å®‰å®šç‰ˆ(ä¸€èˆ¬æä¾›ã€GAã¨ã‚‚å‘¼ã°ã‚Œã‚‹)ã«æ˜‡æ ¼ã—ãŸã™ã¹ã¦ã®æ©Ÿèƒ½ã‚’ä¸€è¦§ã«ã—ãŸã‚‚ã®ã§ã™ã€‚ ã‚¢ãƒ«ãƒ•ã‚¡ã‹ã‚‰ãƒ™ãƒ¼ã‚¿ã¸ã®æ˜‡æ ¼ã‚„æ–°æ©Ÿèƒ½ã‚’å«ã‚€æ›´æ–°ã®å®Œå…¨ãªãƒªã‚¹ãƒˆã«ã¤ã„ã¦ã¯ã€ãƒªãƒªãƒ¼ã‚¹ãƒŽãƒ¼ãƒˆã‚’ã”è¦§ãã ã•ã„ã€‚

ã“ã®ãƒªãƒªãƒ¼ã‚¹ã«ã¯ã€GAã«æ˜‡æ ¼ã—ãŸåˆè¨ˆ18ã®æ©Ÿèƒ½å¼·åŒ–ãŒå«ã¾ã‚Œã¦ã„ã¾ã™:

éžæŽ¨å¥¨åŒ–ã¨å‰Šé™¤

Kubernetesã®é–‹ç™ºã¨æˆç†Ÿã«ä¼´ã„ã€ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆå…¨ä½“ã®å¥å…¨æ€§ã‚’å‘ä¸Šã•ã›ã‚‹ãŸã‚ã«æ©Ÿèƒ½ãŒéžæŽ¨å¥¨åŒ–ã•ã‚ŒãŸã‚Šã€å‰Šé™¤ã•ã‚ŒãŸã‚Šã€ã‚ˆã‚Šè‰¯ã„æ©Ÿèƒ½ã«ç½®ãæ›ãˆã‚‰ã‚ŒãŸã‚Šã™ã‚‹ã“ã¨ãŒã‚ã‚Šã¾ã™ã€‚ ã“ã®ãƒ—ãƒã‚»ã‚¹ã«é–¢ã™ã‚‹è©³ç´°ã¯ã€KuberneteséžæŽ¨å¥¨ãƒãƒªã‚·ãƒ¼ã‚’å‚ç…§ã—ã¦ãã ã•ã„ã€‚ ã“ã‚Œã‚‰ã®éžæŽ¨å¥¨åŒ–ã‚„å‰Šé™¤ã®å¤šãã¯ã€Kubernetes v1.33ã®å…ˆè¡Œç´¹ä»‹ãƒ–ãƒã‚°ã§å‘ŠçŸ¥ã•ã‚Œã¾ã—ãŸã€‚

Endpoints APIã®éžæŽ¨å¥¨åŒ–

v1.21ä»¥é™GAã•ã‚ŒãŸEndpointSlice APIã¯ã€å…ƒã®Endpoint APIã‚’äº‹å®Ÿä¸Šç½®ãæ›ãˆã¾ã—ãŸã€‚ å…ƒã®Endpoint APIã¯ã‚·ãƒ³ãƒ—ãƒ«ã§åˆ†ã‹ã‚Šã‚„ã™ã‹ã£ãŸã‚‚ã®ã®ã€å¤šæ•°ã®ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ã‚¨ãƒ³ãƒ‰ãƒã‚¤ãƒ³ãƒˆã¸ã‚¹ã‚±ãƒ¼ãƒªãƒ³ã‚°ã™ã‚‹éš›ã«ã„ãã¤ã‹ã®èª²é¡ŒãŒã‚ã‚Šã¾ã—ãŸã€‚ EndpointSlice APIã«ã¯ãƒ‡ãƒ¥ã‚¢ãƒ«ã‚¹ã‚¿ãƒƒã‚¯ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚ãƒ³ã‚°ãªã©ã®æ–°æ©Ÿèƒ½ãŒå°Žå…¥ã•ã‚Œã€ã“ã‚Œã«ã‚ˆã‚Šå…ƒã®Endpoint APIã¯éžæŽ¨å¥¨åŒ–ã•ã‚Œã‚‹ã“ã¨ã«ãªã‚Šã¾ã—ãŸã€‚

ã“ã®éžæŽ¨å¥¨åŒ–ã¯ã€ãƒ¯ãƒ¼ã‚¯ãƒãƒ¼ãƒ‰ã‚„ã‚¹ã‚¯ãƒªãƒ—ãƒˆã‹ã‚‰Endpoint APIã‚’ç›´æŽ¥ä½¿ç”¨ã—ã¦ã„ã‚‹ãƒ¦ãƒ¼ã‚¶ãƒ¼ã«ã®ã¿å½±éŸ¿ã—ã¾ã™ã€‚ ã“ã‚Œã‚‰ã®ãƒ¦ãƒ¼ã‚¶ãƒ¼ã¯ä»£ã‚ã‚Šã«EndpointSliceã‚’ä½¿ç”¨ã™ã‚‹ã‚ˆã†ã«ç§»è¡Œã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚ éžæŽ¨å¥¨åŒ–ã«ã‚ˆã‚‹å½±éŸ¿ã¨ç§»è¡Œè¨ˆç”»ã«é–¢ã™ã‚‹è©³ç´°ã‚’è¨˜è¼‰ã—ãŸå°‚ç”¨ã®ãƒ–ãƒã‚°è¨˜äº‹ãŒå…¬é–‹ã•ã‚Œã‚‹äºˆå®šã§ã™ã€‚

è©³ç´°ã¯KEP-4974: Deprecate v1.Endpointsã§ç¢ºèªã§ãã¾ã™ã€‚

Nodeã‚¹ãƒ†ãƒ¼ã‚¿ã‚¹ã«ãŠã‘ã‚‹kube-proxyãƒãƒ¼ã‚¸ãƒ§ãƒ³æƒ…å ±ã®å‰Šé™¤

v1.31ã®ã€ŒDeprecation of status.nodeInfo.kubeProxyVersion field for Nodesã€ã§å¼·èª¿ã•ã‚Œã¦ã„ã‚‹ã‚ˆã†ã«ã€v1.31ã§ã®éžæŽ¨å¥¨åŒ–ã«ç¶šãã€Nodeã®.status.nodeInfo.kubeProxyVersionãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ãŒv1.33ã§å‰Šé™¤ã•ã‚Œã¾ã—ãŸã€‚

ã“ã®ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã¯kubeletã«ã‚ˆã£ã¦è¨å®šã•ã‚Œã¦ã„ã¾ã—ãŸãŒã€ãã®å€¤ã¯ä¸€è²«ã—ã¦æ£ç¢ºã§ã¯ã‚ã‚Šã¾ã›ã‚“ã§ã—ãŸã€‚ v1.31ä»¥é™ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã§ç„¡åŠ¹åŒ–ã•ã‚Œã¦ã„ãŸãŸã‚ã€ã“ã®ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã¯v1.33ã§å®Œå…¨ã«å‰Šé™¤ã•ã‚Œã¾ã—ãŸã€‚

è©³ç´°ã¯KEP-4004: Deprecate status.nodeInfo.kubeProxyVersion fieldã§ç¢ºèªã§ãã¾ã™ã€‚

ã‚¤ãƒ³ãƒ„ãƒªãƒ¼ã®gitRepoãƒœãƒªãƒ¥ãƒ¼ãƒ ãƒ‰ãƒ©ã‚¤ãƒãƒ¼ã®å‰Šé™¤

gitRepoãƒœãƒªãƒ¥ãƒ¼ãƒ ã‚¿ã‚¤ãƒ—ã¯ã€ç´„7å¹´å‰ã®v1.11ã‹ã‚‰éžæŽ¨å¥¨åŒ–ã•ã‚Œã¦ã„ã¾ã—ãŸã€‚ éžæŽ¨å¥¨åŒ–ã•ã‚Œã¦ä»¥é™ã€gitRepoãƒœãƒªãƒ¥ãƒ¼ãƒ ã‚¿ã‚¤ãƒ—ãŒãƒŽãƒ¼ãƒ‰ä¸Šã§rootã¨ã—ã¦ãƒªãƒ¢ãƒ¼ãƒˆã‚³ãƒ¼ãƒ‰å®Ÿè¡Œã‚’å¾—ã‚‹ãŸã‚ã«ã©ã®ã‚ˆã†ã«æ‚ªç”¨ã•ã‚Œã†ã‚‹ã‹ã¨ã„ã£ãŸã€ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£ä¸Šã®æ‡¸å¿µãŒã‚ã‚Šã¾ã—ãŸã€‚ v1.33ã§ã¯ã€ã‚¤ãƒ³ãƒ„ãƒªãƒ¼ã®ãƒ‰ãƒ©ã‚¤ãƒãƒ¼ã‚³ãƒ¼ãƒ‰ãŒå‰Šé™¤ã•ã‚Œã¾ã™ã€‚

ä»£æ›¿æ‰‹æ®µã¨ã—ã¦git-syncã‚„initã‚³ãƒ³ãƒ†ãƒŠãŒã‚ã‚Šã¾ã™ã€‚ Kubernetes APIã®gitVolumesã¯å‰Šé™¤ã•ã‚Œãªã„ãŸã‚ã€gitRepoãƒœãƒªãƒ¥ãƒ¼ãƒ ã‚’æŒã¤Podã¯kube-apiserverã«ã‚ˆã£ã¦å—ã‘å…¥ã‚Œã‚‰ã‚Œã¾ã™ã€‚ ã—ã‹ã—ã€ãƒ•ã‚£ãƒ¼ãƒãƒ£ãƒ¼ã‚²ãƒ¼ãƒˆã®GitRepoVolumeDriverãŒfalseã«è¨å®šã•ã‚Œã¦ã„ã‚‹kubeletã¯ãã‚Œã‚‰ã‚’å®Ÿè¡Œã›ãšã€ãƒ¦ãƒ¼ã‚¶ãƒ¼ã«é©åˆ‡ãªã‚¨ãƒ©ãƒ¼ã‚’è¿”ã—ã¾ã™ã€‚ ã“ã‚Œã«ã‚ˆã‚Šã€ãƒ¦ãƒ¼ã‚¶ãƒ¼ã¯ãƒ¯ãƒ¼ã‚¯ãƒãƒ¼ãƒ‰ã‚’ä¿®æ£ã™ã‚‹ãŸã‚ã®ååˆ†ãªæ™‚é–“ã‚’ç¢ºä¿ã™ã‚‹ãŸã‚ã«ã€3ãƒãƒ¼ã‚¸ãƒ§ãƒ³åˆ†ã®æœŸé–“ã€ãƒ‰ãƒ©ã‚¤ãƒãƒ¼ã®å†æœ‰åŠ¹åŒ–ã‚’ã‚ªãƒ—ãƒˆã‚¤ãƒ³ã§ãã¾ã™ã€‚

kubeletã®ãƒ•ã‚£ãƒ¼ãƒãƒ£ãƒ¼ã‚²ãƒ¼ãƒˆã¨ã‚¤ãƒ³ãƒ„ãƒªãƒ¼ã®ãƒ—ãƒ©ã‚°ã‚¤ãƒ³ã‚³ãƒ¼ãƒ‰ã¯ã€v1.39ãƒªãƒªãƒ¼ã‚¹ã§å‰Šé™¤ã•ã‚Œã‚‹äºˆå®šã§ã™ã€‚

è©³ç´°ã¯KEP-5040: Remove gitRepo volume driverã§ç¢ºèªã§ãã¾ã™ã€‚

Windows Podã«ãŠã‘ã‚‹ãƒ›ã‚¹ãƒˆãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ã‚µãƒãƒ¼ãƒˆã®å‰Šé™¤

Windows Podã®ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚ãƒ³ã‚°ã¯ã€ã‚³ãƒ³ãƒ†ãƒŠãŒNodeã®ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯åå‰ç©ºé–“ã‚’ä½¿ç”¨ã§ãã‚‹ã‚ˆã†ã«ã™ã‚‹ã“ã¨ã§Linuxã¨ã®æ©Ÿèƒ½ãƒ‘ãƒªãƒ†ã‚£ã‚’é”æˆã—ã€ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼å¯†åº¦ã‚’å‘ä¸Šã•ã›ã‚‹ã“ã¨ã‚’ç›®æŒ‡ã—ã¦ã„ã¾ã—ãŸã€‚ å…ƒã®å®Ÿè£…ã¯v1.26ã§ã‚¢ãƒ«ãƒ•ã‚¡ã¨ã—ã¦å°Žå…¥ã•ã‚Œã¾ã—ãŸãŒã€äºˆæœŸã›ã¬containerdã®æŒ™å‹•ã«ç›´é¢ã—ã€ä»£æ›¿ã‚½ãƒªãƒ¥ãƒ¼ã‚·ãƒ§ãƒ³ãŒå˜åœ¨ã—ãŸãŸã‚ã€Kubernetesãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã¯é–¢é€£ã™ã‚‹KEPã‚’å–ã‚Šä¸‹ã’ã‚‹ã“ã¨ã‚’æ±ºå®šã—ã¾ã—ãŸã€‚ ã‚µãƒãƒ¼ãƒˆã¯v1.33ã§å®Œå…¨ã«å‰Šé™¤ã•ã‚Œã¾ã—ãŸã€‚

ã“ã‚Œã¯ã€ãƒ›ã‚¹ãƒˆãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ãŠã‚ˆã³ãƒ›ã‚¹ãƒˆãƒ¬ãƒ™ãƒ«ã®ã‚¢ã‚¯ã‚»ã‚¹ã‚’æä¾›ã™ã‚‹HostProcessã‚³ãƒ³ãƒ†ãƒŠã«ã¯å½±éŸ¿ã—ãªã„ã“ã¨ã«æ³¨æ„ã—ã¦ãã ã•ã„ã€‚ v1.33ã§å–ã‚Šä¸‹ã’ã‚‰ã‚ŒãŸKEPã¯ã€ãƒ›ã‚¹ãƒˆãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ã®ã¿ã‚’æä¾›ã™ã‚‹ã“ã¨ã«é–¢ã™ã‚‹ã‚‚ã®ã§ã—ãŸãŒã€Windowsã®ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚ãƒ³ã‚°ãƒã‚¸ãƒƒã‚¯ã«ãŠã‘ã‚‹æŠ€è¡“çš„ãªåˆ¶é™ã®ãŸã‚ã€å®‰å®šã™ã‚‹ã“ã¨ã¯ã‚ã‚Šã¾ã›ã‚“ã§ã—ãŸã€‚

è©³ç´°ã¯KEP-3503: Host network support for Windows podsã§ç¢ºèªã§ãã¾ã™ã€‚

ãƒªãƒªãƒ¼ã‚¹ãƒŽãƒ¼ãƒˆ

Kubernetes v1.33ãƒªãƒªãƒ¼ã‚¹ã®è©³ç´°ã«ã¤ã„ã¦ã¯ã€ãƒªãƒªãƒ¼ã‚¹ãƒŽãƒ¼ãƒˆã‚’ã”è¦§ãã ã•ã„ã€‚

å…¥æ‰‹æ–¹æ³•

Kubernetes v1.33ã¯GitHubã¾ãŸã¯Kuberneteså…¬å¼ã‚µã‚¤ãƒˆã®ãƒ€ã‚¦ãƒ³ãƒãƒ¼ãƒ‰ãƒšãƒ¼ã‚¸ã‹ã‚‰ãƒ€ã‚¦ãƒ³ãƒãƒ¼ãƒ‰ã§ãã¾ã™ã€‚

Kubernetesã‚’å§‹ã‚ã‚‹ã«ã¯ã€ãƒãƒ¥ãƒ¼ãƒˆãƒªã‚¢ãƒ«ã‚’ãƒã‚§ãƒƒã‚¯ã™ã‚‹ã‹ã€minikubeã‚’ä½¿ç”¨ã—ã¦ãƒãƒ¼ã‚«ãƒ«Kubernetesã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã‚’å®Ÿè¡Œã—ã¦ãã ã•ã„ã€‚ ã¾ãŸã€kubeadmã‚’ä½¿ç”¨ã—ã¦ç°¡å˜ã«v1.33ã‚’ã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ«ã™ã‚‹ã“ã¨ã‚‚ã§ãã¾ã™ã€‚

ãƒªãƒªãƒ¼ã‚¹ãƒãƒ¼ãƒ

Kubernetesã¯ãã®ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã®ã‚µãƒãƒ¼ãƒˆã€ã‚³ãƒŸãƒƒãƒˆãƒ¡ãƒ³ãƒˆã€ãã—ã¦æ‡¸å‘½ãªåƒãã«ã‚ˆã£ã¦ã®ã¿å®Ÿç¾å¯èƒ½ã§ã™ã€‚ ãƒªãƒªãƒ¼ã‚¹ãƒãƒ¼ãƒ ã¯ã€ãƒ¦ãƒ¼ã‚¶ãƒ¼ãŒä¾å˜ã™ã‚‹Kubernetesãƒªãƒªãƒ¼ã‚¹ã‚’æ§‹æˆã™ã‚‹å¤šãã®éƒ¨åˆ†ã‚’æ§‹ç¯‰ã™ã‚‹ãŸã‚ã«å”åŠ›ã™ã‚‹ã€çŒ®èº«çš„ãªã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ãƒœãƒ©ãƒ³ãƒ†ã‚£ã‚¢ã«ã‚ˆã£ã¦æ§‹æˆã•ã‚Œã¦ã„ã¾ã™ã€‚ ã“ã‚Œã«ã¯ã€ã‚³ãƒ¼ãƒ‰è‡ªä½“ã‹ã‚‰ãƒ‰ã‚ãƒ¥ãƒ¡ãƒ³ãƒ†ãƒ¼ã‚·ãƒ§ãƒ³ã‚„ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆç®¡ç†ã¾ã§ã€ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã®ã‚ã‚‰ã‚†ã‚‹åˆ†é‡Žã®äººã€…ã®å°‚é–€çš„ãªã‚¹ã‚ãƒ«ãŒå¿…è¦ã§ã™ã€‚

ç§ãŸã¡ã¯ã€Kubernetes v1.33ãƒªãƒªãƒ¼ã‚¹ã‚’ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã«æä¾›ã™ã‚‹ãŸã‚ã«ç†±å¿ƒã«å–ã‚Šçµ„ã‚“ã æ™‚é–“ã«ã¤ã„ã¦ã€ãƒªãƒªãƒ¼ã‚¹ãƒãƒ¼ãƒ å…¨ä½“ã«æ„Ÿè¬ã—ã¾ã™ã€‚ ãƒªãƒªãƒ¼ã‚¹ãƒãƒ¼ãƒ ã®ãƒ¡ãƒ³ãƒãƒ¼ã¯ã€åˆã‚ã¦ã®Shadow(è¦‹ç¿’ã„)ã‹ã‚‰ã€è¤‡æ•°ã®ãƒªãƒªãƒ¼ã‚¹ã‚µã‚¤ã‚¯ãƒ«ã§åŸ¹ã‚ã‚ŒãŸçµŒé¨“ã‚’æŒã¡ã€å¾©å¸°ã‚’ã—ãŸãƒãƒ¼ãƒ ãƒªãƒ¼ãƒ‰ã¾ã§å¹…åºƒãå˜åœ¨ã—ã¾ã™ã€‚ ã“ã®ãƒªãƒªãƒ¼ã‚¹ã‚µã‚¤ã‚¯ãƒ«ã§ã¯ã€ãƒªãƒªãƒ¼ã‚¹ãƒŽãƒ¼ãƒˆã¨Docsã®ã‚µãƒ–ãƒãƒ¼ãƒ ã‚’çµ±åˆã—ã€Docsã‚µãƒ–ãƒãƒ¼ãƒ ã«çµ±ä¸€ã™ã‚‹ã¨ã„ã†æ–°ã—ã„ãƒãƒ¼ãƒ æ§‹é€ ãŒæŽ¡ç”¨ã•ã‚Œã¾ã—ãŸã€‚ æ–°ã—ã„Docsãƒãƒ¼ãƒ ã‹ã‚‰é–¢é€£æƒ…å ±ã¨ãƒªã‚½ãƒ¼ã‚¹ã‚’æ•´ç†ã™ã‚‹ç¶¿å¯†ãªåŠªåŠ›ã®ãŠã‹ã’ã§ã€ãƒªãƒªãƒ¼ã‚¹ãƒŽãƒ¼ãƒˆã¨Docsã®è¿½è·¡ã¯å††æ»‘ã‹ã¤æˆåŠŸã—ãŸç§»è¡Œã‚’å®Ÿç¾ã—ã¾ã—ãŸã€‚ æœ€å¾Œã«ã€æˆåŠŸã—ãŸãƒªãƒªãƒ¼ã‚¹ã‚µã‚¤ã‚¯ãƒ«ã‚’é€šã—ã¦ã®ã‚µãƒãƒ¼ãƒˆã€æ”¯æ´ã€èª°ã‚‚ãŒåŠ¹æžœçš„ã«è²¢çŒ®ã§ãã‚‹ã‚ˆã†ã«ã™ã‚‹å–ã‚Šçµ„ã¿ã€ãã—ã¦ãƒªãƒªãƒ¼ã‚¹ãƒ—ãƒã‚»ã‚¹ã‚’æ”¹å–„ã™ã‚‹ãŸã‚ã®èª²é¡Œã«å¯¾ã—ã¦ã€ãƒªãƒªãƒ¼ã‚¹ãƒªãƒ¼ãƒ‰ã®Nina Polshakovaã«å¿ƒã‚ˆã‚Šæ„Ÿè¬ã—ã¾ã™ã€‚

ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã®æ´»å‹•çŠ¶æ³

v1.33ãƒªãƒªãƒ¼ã‚¹ã‚µã‚¤ã‚¯ãƒ«(2025å¹´1æœˆ13æ—¥ã‹ã‚‰4æœˆ23æ—¥ã¾ã§ã®15é€±é–“)ã«ãŠã„ã¦ã€Kubernetesã«ã¯æœ€å¤§121ã®ç•°ãªã‚‹ä¼æ¥ã¨570äººã®å€‹äººã‹ã‚‰è²¢çŒ®ãŒã‚ã‚Šã¾ã—ãŸ(åŸ·ç†æ™‚ç‚¹ã§ã¯ã€ãƒªãƒªãƒ¼ã‚¹æ—¥ã®æ•°é€±é–“å‰ã®æ•°å€¤ã§ã™)ã€‚ ã‚ˆã‚Šåºƒç¯„ãªã‚¯ãƒ©ã‚¦ãƒ‰ãƒã‚¤ãƒ†ã‚£ãƒ–ã‚¨ã‚³ã‚·ã‚¹ãƒ†ãƒ ã§ã¯ã€ã“ã®æ•°å—ã¯435ç¤¾ã€åˆè¨ˆ2400äººã®ã‚³ãƒ³ãƒˆãƒªãƒ“ãƒ¥ãƒ¼ã‚¿ãƒ¼ã«é”ã—ã¦ã„ã¾ã™ã€‚ ãƒ‡ãƒ¼ã‚¿ã‚½ãƒ¼ã‚¹ã¯ã“ã®ãƒ€ãƒƒã‚·ãƒ¥ãƒœãƒ¼ãƒ‰ã§ç¢ºèªã§ãã¾ã™ã€‚ å‰å›žã®ãƒªãƒªãƒ¼ã‚¹v1.32ã®æ´»å‹•ãƒ‡ãƒ¼ã‚¿ã¨æ¯”è¼ƒã™ã‚‹ã¨ã€ä¼æ¥ã‚„å€‹äººã‹ã‚‰ã®è²¢çŒ®ãƒ¬ãƒ™ãƒ«ã¯åŒæ§˜ã§ã‚ã‚Šã€ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã®é–¢å¿ƒã¨å‚åŠ ãŒå¼•ãç¶šãå¼·ã„ã“ã¨ã‚’ç¤ºã—ã¦ã„ã¾ã™ã€‚

ãªãŠã€ã€Œè²¢çŒ®ã€ã¨ã¯ã‚³ãƒŸãƒƒãƒˆã®ä½œæˆã€ã‚³ãƒ¼ãƒ‰ãƒ¬ãƒ“ãƒ¥ãƒ¼ã€ã‚³ãƒ¡ãƒ³ãƒˆã€Issueã‚„PRã®ä½œæˆã€PRã®ãƒ¬ãƒ“ãƒ¥ãƒ¼(ãƒ–ãƒã‚°ã‚„ãƒ‰ã‚ãƒ¥ãƒ¡ãƒ³ãƒˆã‚’å«ã‚€)ã€ã¾ãŸã¯Issueã‚„PRã¸ã®ã‚³ãƒ¡ãƒ³ãƒˆã‚’è¡Œã†ã“ã¨ã‚’æŒ‡ã—ã¾ã™ã€‚ è²¢çŒ®ã«èˆˆå‘³ãŒã‚ã‚‹å ´åˆã¯ã€å…¬å¼ãƒ‰ã‚ãƒ¥ãƒ¡ãƒ³ãƒˆã®ã‚³ãƒ³ãƒˆãƒªãƒ“ãƒ¥ãƒ¼ã‚¿ãƒ¼å‘ã‘ã®ã¯ã˜ã‚ã«ã‚’ã”è¦§ãã ã•ã„ã€‚

Kubernetesãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã¨ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã®å…¨ä½“çš„ãªæ´»å‹•çŠ¶æ³ã«ã¤ã„ã¦ã•ã‚‰ã«è©³ã—ãçŸ¥ã‚‹ã«ã¯ã€DevStatsã‚’ãƒã‚§ãƒƒã‚¯ã—ã¦ãã ã•ã„ã€‚

ã‚¤ãƒ™ãƒ³ãƒˆæƒ…å ±

2025å¹´5æœˆ

KCD - Kubernetes Community Days: Costa Rica: 2025å¹´5æœˆ3æ—¥ | ã‚³ã‚¹ã‚¿ãƒªã‚«ã€ã‚¨ãƒ¬ãƒ‡ã‚£ã‚¢
KCD - Kubernetes Community Days: Helsinki: 2025å¹´5æœˆ6æ—¥ | ãƒ•ã‚£ãƒ³ãƒ©ãƒ³ãƒ‰ã€ãƒ˜ãƒ«ã‚·ãƒ³ã‚
KCD - Kubernetes Community Days: Texas Austin: 2025å¹´5æœˆ15æ—¥ | ã‚¢ãƒ¡ãƒªã‚«ã€ã‚ªãƒ¼ã‚¹ãƒ†ã‚£ãƒ³
KCD - Kubernetes Community Days: Seoul: 2025å¹´5æœˆ22æ—¥ | éŸ“å›½ã€ã‚½ã‚¦ãƒ«
KCD - Kubernetes Community Days: Istanbul, Turkey: 2025å¹´5æœˆ23æ—¥ | ãƒˆãƒ«ã‚³ã€ã‚¤ã‚¹ã‚¿ãƒ³ãƒ–ãƒ¼ãƒ«
KCD - Kubernetes Community Days: San Francisco Bay Area: 2025å¹´5æœˆ28æ—¥ | ã‚¢ãƒ¡ãƒªã‚«ã€ã‚µãƒ³ãƒ•ãƒ©ãƒ³ã‚·ã‚¹ã‚³

2025å¹´6æœˆ

KCD - Kubernetes Community Days: New York: 2025å¹´6æœˆ4æ—¥ | ã‚¢ãƒ¡ãƒªã‚«ã€ãƒ‹ãƒ¥ãƒ¼ãƒ¨ãƒ¼ã‚¯
KCD - Kubernetes Community Days: Czech & Slovak: 2025å¹´6æœˆ5æ—¥ | ã‚¹ãƒãƒã‚ã‚¢ã€ãƒ–ãƒ©ãƒã‚¹ãƒ©ãƒ
KCD - Kubernetes Community Days: Bengaluru: 2025å¹´6æœˆ6æ—¥ | ã‚¤ãƒ³ãƒ‰ã€ãƒãƒ³ã‚¬ãƒãƒ¼ãƒ«
KubeCon + CloudNativeCon China 2025: 2025å¹´6æœˆ10æ—¥-11æ—¥ | é¦™æ¸¯
KCD - Kubernetes Community Days: Antigua Guatemala: 2025å¹´6æœˆ14æ—¥ | ã‚°ã‚¢ãƒ†ãƒžãƒ©ã€ã‚¢ãƒ³ãƒ†ã‚£ã‚°ã‚¢ãƒ»ã‚°ã‚¢ãƒ†ãƒžãƒ©
KubeCon + CloudNativeCon Japan 2025: 2025å¹´6æœˆ16æ—¥-17æ—¥ | æ—¥æœ¬ã€æ±äº¬
KCD - Kubernetes Community Days: Nigeria, Africa: 2025å¹´6æœˆ19æ—¥ | ã‚¢ãƒ•ãƒªã‚«ã€ãƒŠã‚¤ã‚¸ã‚§ãƒªã‚¢

2025å¹´7æœˆ

KCD - Kubernetes Community Days: Utrecht: 2025å¹´7æœˆ4æ—¥ | ã‚ªãƒ©ãƒ³ãƒ€ã€ãƒ¦ãƒˆãƒ¬ãƒ’ãƒˆ
KCD - Kubernetes Community Days: Taipei: 2025å¹´7æœˆ5æ—¥ | å°æ¹¾ã€å°åŒ—
KCD - Kubernetes Community Days: Lima, Peru: 2025å¹´7æœˆ19æ—¥ | ãƒšãƒ«ãƒ¼ã€ãƒªãƒž

2025å¹´8æœˆ

KubeCon + CloudNativeCon India 2025: 2025å¹´8æœˆ6æ—¥-7æ—¥ | ã‚¤ãƒ³ãƒ‰ã€ãƒã‚¤ãƒ‡ãƒ©ãƒãƒ¼ãƒ‰
KCD - Kubernetes Community Days: Colombia: 2025å¹´8æœˆ29æ—¥ | ã‚³ãƒãƒ³ãƒ“ã‚¢ã€ãƒœã‚´ã‚¿

æœ€æ–°ã®KCDæƒ…å ±ã¯ã“ã¡ã‚‰ã§ã”ç¢ºèªã„ãŸã ã‘ã¾ã™ã€‚

ã‚¦ã‚§ãƒ“ãƒŠãƒ¼ã®ã”æ¡ˆå†…

Kubernetes v1.33ãƒªãƒªãƒ¼ã‚¹ãƒãƒ¼ãƒ ã®ãƒ¡ãƒ³ãƒãƒ¼ã¨ä¸€ç·’ã« 2025å¹´5æœˆ16æ—¥(é‡‘)åˆå¾Œ4æ™‚(UTC) ã‹ã‚‰ã€ã“ã®ãƒªãƒªãƒ¼ã‚¹ã®ãƒã‚¤ãƒ©ã‚¤ãƒˆã‚„ã‚¢ãƒƒãƒ—ã‚°ãƒ¬ãƒ¼ãƒ‰ã®è¨ˆç”»ã«å½¹ç«‹ã¤éžæŽ¨å¥¨äº‹é …ã‚„å‰Šé™¤äº‹é …ã«ã¤ã„ã¦å¦ã³ã¾ã—ã‚‡ã†ã€‚ è©³ç´°ãŠã‚ˆã³å‚åŠ ç™»éŒ²ã¯ã€CNCFã‚ªãƒ³ãƒ©ã‚¤ãƒ³ãƒ—ãƒã‚°ãƒ©ãƒ ãƒ»ã‚µã‚¤ãƒˆã®ã‚¤ãƒ™ãƒ³ãƒˆãƒšãƒ¼ã‚¸ã‚’ã”è¦§ãã ã•ã„ã€‚

å‚åŠ æ–¹æ³•

æœ€æ–°æƒ…å ±ã¯BlueSkyã®@kubernetes.ioã‚’ãƒ•ã‚©ãƒãƒ¼ã—ã¦ãã ã•ã„
Discussã§ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ãƒ‡ã‚£ã‚¹ã‚«ãƒƒã‚·ãƒ§ãƒ³ã«å‚åŠ ã—ã¦ãã ã•ã„
Slackã§ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã«å‚åŠ ã—ã¦ãã ã•ã„
Server Faultã‹Stack Overflowã§è³ªå•ã—ãŸã‚Šã€å›žç”ã—ãŸã‚Šã—ã¦ãã ã•ã„
ã‚ãªãŸã®Kubernetesã«é–¢ã™ã‚‹ã‚¹ãƒˆãƒ¼ãƒªãƒ¼ã‚’å…±æœ‰ã—ã¦ãã ã•ã„
Kubernetesã®æœ€æ–°æƒ…å ±ã¯ãƒ–ãƒã‚°ã§ã•ã‚‰ã«è©³ã—ãèªã‚€ã“ã¨ãŒã§ãã¾ã™
Kubernetes Release Teamã«ã¤ã„ã¦ã®è©³ç´°ã¯ã“ã¡ã‚‰ã‚’ã”è¦§ãã ã•ã„

Kubernetesã®ãƒžãƒ«ãƒã‚³ãƒ³ãƒ†ãƒŠPod: æ¦‚è¦

Tue, 22 Apr 2025 00:00:00 +0000

ã‚¯ãƒ©ã‚¦ãƒ‰ãƒã‚¤ãƒ†ã‚£ãƒ–ã‚¢ãƒ¼ã‚ãƒ†ã‚¯ãƒãƒ£ã®é€²åŒ–ãŒç¶šãä¸ã€Kubernetesã¯è¤‡é›‘ã§åˆ†æ•£ã—ãŸã‚·ã‚¹ãƒ†ãƒ ã‚’ãƒ‡ãƒ—ãƒã‚¤ã™ã‚‹ãŸã‚ã®å®šç•ªã®ãƒ—ãƒ©ãƒƒãƒˆãƒ•ã‚©ãƒ¼ãƒ ã¨ãªã£ã¦ãã¾ã—ãŸã€‚ ã“ã®ã‚¨ã‚³ã‚·ã‚¹ãƒ†ãƒ ã«ãŠã‘ã‚‹æœ€ã‚‚å¼·åŠ›ã§ã‚ã‚ŠãªãŒã‚‰ç¹Šç´°ãªè¨è¨ˆãƒ‘ã‚¿ãƒ¼ãƒ³ã®ä¸€ã¤ãŒã‚µã‚¤ãƒ‰ã‚«ãƒ¼ãƒ‘ã‚¿ãƒ¼ãƒ³ã§ã™ã€‚ã“ã‚Œã¯ã€é–‹ç™ºè€…ãŒã‚½ãƒ¼ã‚¹ã‚³ãƒ¼ãƒ‰ã«æ·±ãè¸ã¿è¾¼ã‚€ã“ã¨ãªãã€ã‚¢ãƒ—ãƒªã‚±ãƒ¼ã‚·ãƒ§ãƒ³ã®æ©Ÿèƒ½ã‚’æ‹¡å¼µã§ãã‚‹æ‰‹æ³•ã§ã™ã€‚

ã‚µã‚¤ãƒ‰ã‚«ãƒ¼ãƒ‘ã‚¿ãƒ¼ãƒ³ã®èµ·æº

ã‚µã‚¤ãƒ‰ã‚«ãƒ¼ã¯ã€ãƒã‚¤ã‚¯ã«å–ã‚Šä»˜ã‘ã‚‹ä¿¡é ¼ã§ãã‚‹è£œåŠ©åº§å¸ã®ã‚ˆã†ãªã‚‚ã®ã ã¨è€ƒãˆã¦ã¿ã¦ãã ã•ã„ã€‚ ITã‚¤ãƒ³ãƒ•ãƒ©ã‚¹ãƒˆãƒ©ã‚¯ãƒãƒ£ã§ã¯ã€é‡è¦ãªå‡¦ç†ã‚’æ‹…ã†ãŸã‚ã«ã€è£œåŠ©çš„ãªã‚µãƒ¼ãƒ“ã‚¹ãŒå¾“æ¥ã‹ã‚‰åˆ©ç”¨ã•ã‚Œã¦ãã¾ã—ãŸã€‚ ã‚³ãƒ³ãƒ†ãƒŠãŒç™»å ´ã™ã‚‹ä»¥å‰ã¯ã€ãƒã‚®ãƒ³ã‚°ã€ãƒ¢ãƒ‹ã‚¿ãƒªãƒ³ã‚°ã€ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯å‡¦ç†ã‚’ç®¡ç†ã™ã‚‹ãŸã‚ã«ã€ãƒãƒƒã‚¯ã‚°ãƒ©ã‚¦ãƒ³ãƒ‰ãƒ—ãƒã‚»ã‚¹ã‚„ãƒ˜ãƒ«ãƒ‘ãƒ¼ãƒ‡ãƒ¼ãƒ¢ãƒ³ã«ä¾å˜ã—ã¦ã„ã¾ã—ãŸã€‚ ãƒžã‚¤ã‚¯ãƒã‚µãƒ¼ãƒ“ã‚¹ã®é©å‘½ã«ã‚ˆã‚Šã€ã“ã®ã‚¢ãƒ—ãƒãƒ¼ãƒã¯å¤‰é©ã•ã‚Œã€ã‚µã‚¤ãƒ‰ã‚«ãƒ¼ã¯ä½“ç³»çš„ã‹ã¤æ„å›³çš„ãªã‚¢ãƒ¼ã‚ãƒ†ã‚¯ãƒãƒ£ã®é¸æŠžè‚¢ã¨ãªã‚Šã¾ã—ãŸã€‚ ãƒžã‚¤ã‚¯ãƒã‚µãƒ¼ãƒ“ã‚¹ã®å°é ã«ä¼´ã„ã€ã‚µã‚¤ãƒ‰ã‚«ãƒ¼ãƒ‘ã‚¿ãƒ¼ãƒ³ã¯ã‚ˆã‚Šæ˜Žç¢ºã«å®šç¾©ã•ã‚Œã‚‹ã‚ˆã†ã«ãªã‚Šã€é–‹ç™ºè€…ã¯ãƒ¡ã‚¤ãƒ³ã‚µãƒ¼ãƒ“ã‚¹ã®ã‚³ãƒ¼ãƒ‰ã‚’å¤‰æ›´ã™ã‚‹ã“ã¨ãªãã€ç‰¹å®šã®è²¬å‹™ã‚’åˆ‡ã‚Šé›¢ã›ã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã—ãŸã€‚ Istioã‚„Linkerdã®ã‚ˆã†ãªã‚µãƒ¼ãƒ“ã‚¹ãƒ¡ãƒƒã‚·ãƒ¥ã¯ã€ã‚µã‚¤ãƒ‰ã‚«ãƒ¼ãƒ—ãƒã‚ã‚·ã‚’æ™®åŠã•ã›ã€ã“ã‚Œã‚‰ã®è£œåŠ©çš„ãªã‚³ãƒ³ãƒ†ãƒŠãŒåˆ†æ•£ã‚·ã‚¹ãƒ†ãƒ ã«ãŠã‘ã‚‹å¯è¦³æ¸¬æ€§ã€ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£ã€ãƒˆãƒ©ãƒ•ã‚£ãƒƒã‚¯ç®¡ç†ã‚’æ´—ç·´ã•ã‚ŒãŸæ–¹æ³•ã§å‡¦ç†ã§ãã‚‹ã“ã¨ã‚’ç¤ºã—ã¾ã—ãŸã€‚

Kubernetesã«ãŠã‘ã‚‹å®Ÿè£…

Kubernetesã§ã¯ã€ã‚µã‚¤ãƒ‰ã‚«ãƒ¼ã‚³ãƒ³ãƒ†ãƒŠã¯ãƒ¡ã‚¤ãƒ³ã®ã‚¢ãƒ—ãƒªã‚±ãƒ¼ã‚·ãƒ§ãƒ³ã¨åŒã˜Podå†…ã§å‹•ä½œã—ã€é€šä¿¡ã‚„ãƒªã‚½ãƒ¼ã‚¹ã®å…±æœ‰ã‚’å¯èƒ½ã«ã—ã¾ã™ã€‚ ã“ã‚Œã¯ã€å˜ã«Podå†…ã«è¤‡æ•°ã®ã‚³ãƒ³ãƒ†ãƒŠã‚’ä¸¦åˆ—ã«å®šç¾©ã™ã‚‹ã“ã¨ã®ã‚ˆã†ã«èžã“ãˆã‚‹ã‹ã‚‚ã—ã‚Œã¾ã›ã‚“ã€‚ å®Ÿéš›ã€ãã®é€šã‚Šã§ã‚ã‚Šã€Kubernetes v1.29.0ã§ã‚µã‚¤ãƒ‰ã‚«ãƒ¼ã®ãƒã‚¤ãƒ†ã‚£ãƒ–ã‚µãƒãƒ¼ãƒˆãŒå°Žå…¥ã•ã‚Œã‚‹ã¾ã§ã¯ã€ãã®ã‚ˆã†ã«å®Ÿè£…ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã—ãŸã€‚ ç¾åœ¨ã§ã¯ã€Podãƒžãƒ‹ãƒ•ã‚§ã‚¹ãƒˆå†…ã§spec.initContainersãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã‚’ä½¿ç”¨ã—ã¦ã‚µã‚¤ãƒ‰ã‚«ãƒ¼ã‚³ãƒ³ãƒ†ãƒŠã‚’å®šç¾©ã™ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚ ã“ã‚Œã‚’ã‚µã‚¤ãƒ‰ã‚«ãƒ¼ã‚³ãƒ³ãƒ†ãƒŠã¨ã—ã¦æ©Ÿèƒ½ã•ã›ã‚‹ãƒã‚¤ãƒ³ãƒˆã¯ã€restartPolicy: Alwaysã‚’æŒ‡å®šã™ã‚‹ã“ã¨ã§ã™ã€‚ ä»¥ä¸‹ã¯ãã®ä¸€ä¾‹ã§ã€Kubernetesãƒžãƒ‹ãƒ•ã‚§ã‚¹ãƒˆå…¨ä½“ã®ä¸€éƒ¨ã‚’æŠœç²‹ã—ãŸã‚‚ã®ã§ã™ã€‚

initContainers:
 - name: logshipper
 image: alpine:latest
 restartPolicy: Always
 command: ['sh', '-c', 'tail -F /opt/logs.txt']
 volumeMounts:
 - name: data
 mountPath: /opt

spec.initContainersã¨ã„ã†ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰åã¯ã€æ··ä¹±ã‚’æ‹›ãã‹ã‚‚ã—ã‚Œã¾ã›ã‚“ã€‚ ã‚µã‚¤ãƒ‰ã‚«ãƒ¼ã‚³ãƒ³ãƒ†ãƒŠã‚’å®šç¾©ã—ãŸã„ã®ã«ã€ãªãœspec.initContainersé…åˆ—ã«ã‚¨ãƒ³ãƒˆãƒªã‚’è¿½åŠ ã—ãªã‘ã‚Œã°ãªã‚‰ãªã„ã®ã§ã—ã‚‡ã†ã‹ï¼Ÿ spec.initContainersã«å®šç¾©ã•ã‚ŒãŸã‚³ãƒ³ãƒ†ãƒŠã¯ã€ãƒ¡ã‚¤ãƒ³ã‚¢ãƒ—ãƒªã‚±ãƒ¼ã‚·ãƒ§ãƒ³ãŒèµ·å‹•ã™ã‚‹ç›´å‰ã«ä¸€åº¦ã ã‘å®Ÿè¡Œã•ã‚Œã€å®Œäº†ã™ã‚‹ã¨çµ‚äº†ã—ã¾ã™ã€‚ ä¸€æ–¹ã€ã‚µã‚¤ãƒ‰ã‚«ãƒ¼ã‚³ãƒ³ãƒ†ãƒŠã¯é€šå¸¸ã€ãƒ¡ã‚¤ãƒ³ã®ã‚¢ãƒ—ãƒªã‚±ãƒ¼ã‚·ãƒ§ãƒ³ã‚³ãƒ³ãƒ†ãƒŠã¨ä¸¦è¡Œã—ã¦å‹•ä½œã—ç¶šã‘ã¾ã™ã€‚ Kubernetesã«ãŠã‘ã‚‹ãƒã‚¤ãƒ†ã‚£ãƒ–ãªã‚µã‚¤ãƒ‰ã‚«ãƒ¼ã‚³ãƒ³ãƒ†ãƒŠã¯ã€spec.initContainersã«restartPolicy:Alwaysã‚’æŒ‡å®šã™ã‚‹ã“ã¨ã§ã€å¾“æ¥ã®Initã‚³ãƒ³ãƒ†ãƒŠã¨ã¯ç•°ãªã‚‹æŒ™å‹•ã‚’æŒã¡ã€å¸¸ã«ç¨¼åƒã—ç¶šã‘ã‚‹ã“ã¨ãŒä¿è¨¼ã•ã‚Œã¾ã™ã€‚

ã‚µã‚¤ãƒ‰ã‚«ãƒ¼ã‚’æŽ¡ç”¨ã™ã¹ãå ´åˆã¨é¿ã‘ã‚‹ã¹ãå ´åˆ

ã‚µã‚¤ãƒ‰ã‚«ãƒ¼ãƒ‘ã‚¿ãƒ¼ãƒ³ã¯å¤šãã®ã‚±ãƒ¼ã‚¹ã§æœ‰ç”¨ã§ã™ãŒã€æ£å½“åŒ–ã•ã‚Œã‚‹ã‚ˆã†ãªãƒ¦ãƒ¼ã‚¹ã‚±ãƒ¼ã‚¹ãŒãªã„é™ã‚Šã€ä¸€èˆ¬çš„ã«ã¯æŽ¨å¥¨ã•ã‚Œã‚‹æ‰‹æ³•ã§ã¯ã‚ã‚Šã¾ã›ã‚“ã€‚ ã‚µã‚¤ãƒ‰ã‚«ãƒ¼ã‚’è¿½åŠ ã™ã‚‹ã¨ã€è¤‡é›‘æ€§ã‚„ãƒªã‚½ãƒ¼ã‚¹æ¶ˆè²»ã€ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯é…å»¶ã®å¯èƒ½æ€§ãŒå¢—å¤§ã—ã¾ã™ã€‚ ãã®ä»£ã‚ã‚Šã«ã€ã¾ãšã¯çµ„ã¿è¾¼ã¿ãƒ©ã‚¤ãƒ–ãƒ©ãƒªã‚„å…±é€šã‚¤ãƒ³ãƒ•ãƒ©ãªã©ã€ã‚ˆã‚Šå˜ç´”ãªä»£æ›¿æ‰‹æ®µã‚’æ¤œè¨Žã™ã¹ãã§ã™ã€‚

ã‚µã‚¤ãƒ‰ã‚«ãƒ¼ã®å°Žå…¥ãŒé©ã—ã¦ã„ã‚‹ã®ã¯æ¬¡ã®ã‚ˆã†ãªå ´åˆã§ã™:

å…ƒã®ã‚³ãƒ¼ãƒ‰ã«æ‰‹ã‚’åŠ ãˆã‚‹ã“ã¨ãªãã‚¢ãƒ—ãƒªã‚±ãƒ¼ã‚·ãƒ§ãƒ³ã®æ©Ÿèƒ½ã‚’æ‹¡å¼µã™ã‚‹å¿…è¦ãŒã‚ã‚‹å ´åˆ
ãƒã‚®ãƒ³ã‚°ã€ãƒ¢ãƒ‹ã‚¿ãƒªãƒ³ã‚°ã€ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£ãªã©ã®æ¨ªæ–çš„ãªè€ƒæ…®ãŒå¿…è¦ãªå®Ÿè£…ã‚’ã™ã‚‹å ´åˆ
ãƒ¢ãƒ€ãƒ³ãªãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯æ©Ÿèƒ½ã‚’å¿…è¦ã¨ã™ã‚‹ãƒ¬ã‚¬ã‚·ãƒ¼ã‚¢ãƒ—ãƒªã‚±ãƒ¼ã‚·ãƒ§ãƒ³ã‚’æ‰±ã†å ´åˆ
ç‹¬ç«‹ã—ãŸã‚¹ã‚±ãƒ¼ãƒªãƒ³ã‚°ã‚„æ›´æ–°ãŒæ±‚ã‚ã‚‰ã‚Œã‚‹ãƒžã‚¤ã‚¯ãƒã‚µãƒ¼ãƒ“ã‚¹ã‚’è¨è¨ˆã™ã‚‹å ´åˆ

æ¬¡ã®ã‚ˆã†ãªå ´åˆã¯æ…Žé‡ã«æ¤œè¨Žã—ã¦ãã ã•ã„:

ãƒªã‚½ãƒ¼ã‚¹åŠ¹çŽ‡ã‚’æœ€å„ªå…ˆã—ãŸã„å ´åˆ
æœ€å°é™ã®ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯é…å»¶ãŒé‡è¦ãªå ´åˆ
ã‚ˆã‚Šå˜ç´”ãªä»£æ›¿æ‰‹æ®µãŒå˜åœ¨ã™ã‚‹å ´åˆ
ãƒˆãƒ©ãƒ–ãƒ«ã‚·ãƒ¥ãƒ¼ãƒ†ã‚£ãƒ³ã‚°ã®è¤‡é›‘ã•ã‚’æœ€å°é™ã«æŠ‘ãˆãŸã„å ´åˆ

4ã¤ã®é‡è¦ãªãƒžãƒ«ãƒã‚³ãƒ³ãƒ†ãƒŠãƒ‘ã‚¿ãƒ¼ãƒ³

Initã‚³ãƒ³ãƒ†ãƒŠãƒ‘ã‚¿ãƒ¼ãƒ³

Initã‚³ãƒ³ãƒ†ãƒŠãƒ‘ã‚¿ãƒ¼ãƒ³ã¯ã€ãƒ¡ã‚¤ãƒ³ã®ã‚¢ãƒ—ãƒªã‚±ãƒ¼ã‚·ãƒ§ãƒ³ã‚³ãƒ³ãƒ†ãƒŠãŒèµ·å‹•ã™ã‚‹å‰ã«(ã—ã°ã—ã°é‡è¦ãª)åˆæœŸåŒ–å‡¦ç†ã‚’å®Ÿè¡Œã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚ é€šå¸¸ã®ã‚³ãƒ³ãƒ†ãƒŠã¨ç•°ãªã‚Šã€Initã‚³ãƒ³ãƒ†ãƒŠã¯å‡¦ç†ãŒå®Œäº†ã™ã‚‹ã¨çµ‚äº†ã—ã€ãƒ¡ã‚¤ãƒ³ã‚¢ãƒ—ãƒªã‚±ãƒ¼ã‚·ãƒ§ãƒ³ã®å‰ææ¡ä»¶ãŒæº€ãŸã•ã‚Œã‚‹ã“ã¨ã‚’ä¿è¨¼ã—ã¾ã™ã€‚

ã“ã®ãƒ‘ã‚¿ãƒ¼ãƒ³ãŒé©ã—ã¦ã„ã‚‹ã‚±ãƒ¼ã‚¹:

å„ç¨®è¨å®šã®æº–å‚™
ã‚·ãƒ¼ã‚¯ãƒ¬ãƒƒãƒˆã®èªã¿è¾¼ã¿
ä¾å˜é–¢ä¿‚ã®åˆ©ç”¨å¯èƒ½æ€§ã®ç¢ºèª
ãƒ‡ãƒ¼ã‚¿ãƒ™ãƒ¼ã‚¹ãƒžã‚¤ã‚°ãƒ¬ãƒ¼ã‚·ãƒ§ãƒ³ã®å®Ÿè¡Œ

Initã‚³ãƒ³ãƒ†ãƒŠã‚’ä½¿ç”¨ã™ã‚‹ã“ã¨ã§ã€ã‚¢ãƒ—ãƒªã‚±ãƒ¼ã‚·ãƒ§ãƒ³ã®ã‚³ãƒ¼ãƒ‰ã‚’å¤‰æ›´ã™ã‚‹ã“ã¨ãªãã€äºˆæ¸¬å¯èƒ½ã§åˆ¶å¾¡ã•ã‚ŒãŸç’°å¢ƒä¸‹ã§ã®èµ·å‹•ã‚’å®Ÿç¾ã§ãã¾ã™ã€‚

Ambassadorãƒ‘ã‚¿ãƒ¼ãƒ³

Ambassadorã‚³ãƒ³ãƒ†ãƒŠã¯ã€Podå†…ã§å‹•ä½œã™ã‚‹è£œåŠ©çš„ãªã‚µãƒ¼ãƒ“ã‚¹ã‚’æä¾›ã—ã€ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ã‚µãƒ¼ãƒ“ã‚¹ã¸ã®ã‚¢ã‚¯ã‚»ã‚¹ã‚’ç°¡æ˜“åŒ–ã—ã¾ã™ã€‚ ä¸€èˆ¬çš„ã«ã€Ambassadorã‚³ãƒ³ãƒ†ãƒŠã¯ã‚¢ãƒ—ãƒªã‚±ãƒ¼ã‚·ãƒ§ãƒ³ã‚³ãƒ³ãƒ†ãƒŠã«ä»£ã‚ã£ã¦ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ãƒªã‚¯ã‚¨ã‚¹ãƒˆã‚’é€ä¿¡ã—ã€ã‚µãƒ¼ãƒ“ã‚¹æ¤œå‡ºã€ãƒ”ã‚¢ã®è˜åˆ¥æ¤œè¨¼ã€é€šä¿¡ã®æš—å·åŒ–ã¨ã„ã£ãŸå‡¦ç†ã‚’æ‹…ã„ã¾ã™ã€‚

ã“ã®ãƒ‘ã‚¿ãƒ¼ãƒ³ãŒç‰¹ã«æœ‰åŠ¹ãªã®ã¯æ¬¡ã®ã‚ˆã†ãªå ´åˆã§ã™:

ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆæŽ¥ç¶šã«é–¢ã™ã‚‹å‡¦ç†ã‚’åˆ‡ã‚Šé›¢ã™å ´åˆ
è¨€èªžã«ä¾å˜ã—ãªã„ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯æ©Ÿèƒ½ã‚’å®Ÿè£…ã™ã‚‹å ´åˆ
TLSãªã©ã®ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£å±¤ã‚’è¿½åŠ ã™ã‚‹å ´åˆ
å …ç‰¢ãªã‚µãƒ¼ã‚ãƒƒãƒˆãƒ–ãƒ¬ãƒ¼ã‚«ãƒ¼ã‚„ãƒªãƒˆãƒ©ã‚¤æ©Ÿæ§‹ã‚’æ§‹ç¯‰ã™ã‚‹å ´åˆ

Configuration helper

configuration helper ã‚µã‚¤ãƒ‰ã‚«ãƒ¼ã¯ã€ã‚¢ãƒ—ãƒªã‚±ãƒ¼ã‚·ãƒ§ãƒ³ã«å¯¾ã—ã¦è¨å®šã®æ›´æ–°ã‚’å‹•çš„ã«æä¾›ã—ã€ã‚µãƒ¼ãƒ“ã‚¹ã‚’ä¸æ–ã•ã›ã‚‹ã“ã¨ãªãå¸¸ã«æœ€æ–°ã®è¨å®šã«ã‚¢ã‚¯ã‚»ã‚¹ã§ãã‚‹ã‚ˆã†ã«ã—ã¾ã™ã€‚ å¤šãã®å ´åˆã€ã‚¢ãƒ—ãƒªã‚±ãƒ¼ã‚·ãƒ§ãƒ³ãŒæ£å¸¸ã«èµ·å‹•ã™ã‚‹ãŸã‚ã«ã¯ã€äº‹å‰ã«åˆæœŸè¨å®šã‚’æä¾›ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚

ãƒ¦ãƒ¼ã‚¹ã‚±ãƒ¼ã‚¹:

ç’°å¢ƒå¤‰æ•°ã‚„ã‚·ãƒ¼ã‚¯ãƒ¬ãƒƒãƒˆã®å–å¾—
è¨å®šå¤‰æ›´ã®ãƒãƒ¼ãƒªãƒ³ã‚°
è¨å®šç®¡ç†ã¨ã‚¢ãƒ—ãƒªã‚±ãƒ¼ã‚·ãƒ§ãƒ³ãƒã‚¸ãƒƒã‚¯ã®åˆ†é›¢

Adapterãƒ‘ã‚¿ãƒ¼ãƒ³

adapter(ã¾ãŸã¯ faÃ§ade)ã‚³ãƒ³ãƒ†ãƒŠã¯ã€ãƒ¡ã‚¤ãƒ³ã®ã‚¢ãƒ—ãƒªã‚±ãƒ¼ã‚·ãƒ§ãƒ³ã‚³ãƒ³ãƒ†ãƒŠã¨å¤–éƒ¨ã‚µãƒ¼ãƒ“ã‚¹ã¨ã®é–“ã®ç›¸äº’é‹ç”¨æ€§ã‚’å®Ÿç¾ã—ã¾ã™ã€‚ ã“ã‚Œã¯ã€ãƒ‡ãƒ¼ã‚¿å½¢å¼ã€ãƒ—ãƒãƒˆã‚³ãƒ«ã€ã¾ãŸã¯APIã®å¤‰æ›ã‚’è¡Œã†ã“ã¨ã§å®Ÿç¾ã•ã‚Œã¾ã™ã€‚

ã“ã®ãƒ‘ã‚¿ãƒ¼ãƒ³ã®å¼·ã¿:

ãƒ¬ã‚¬ã‚·ãƒ¼ãªãƒ‡ãƒ¼ã‚¿å½¢å¼ã®å¤‰æ›
é€šä¿¡ãƒ—ãƒãƒˆã‚³ãƒ«é–“ã®æ©‹æ¸¡ã—
äº’æ›æ€§ã®ãªã„ã‚µãƒ¼ãƒ“ã‚¹é–“ã®çµ±åˆä¿ƒé€²

ã¾ã¨ã‚

ã‚µã‚¤ãƒ‰ã‚«ãƒ¼ãƒ‘ã‚¿ãƒ¼ãƒ³ã¯éžå¸¸ã«é«˜ã„æŸ”è»Ÿæ€§ã‚’æä¾›ã—ã¦ãã‚Œã¾ã™ãŒã€éŠ€ã®å¼¾ä¸¸ã§ã¯ã‚ã‚Šã¾ã›ã‚“ã€‚ ã‚µã‚¤ãƒ‰ã‚«ãƒ¼ã‚’è¿½åŠ ã™ã‚‹ãŸã³ã«ã€è¤‡é›‘æ€§ãŒå¢—ã—ã€ãƒªã‚½ãƒ¼ã‚¹ã‚’æ¶ˆè²»ã—ã€é‹ç”¨è² è·ãŒé«˜ã¾ã‚‹å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã™ã€‚ ã¾ãšã¯ã€ã‚ˆã‚Šå˜ç´”ãªä»£æ›¿æ‰‹æ®µã‚’æ¤œè¨Žã™ã‚‹ã‚ˆã†ã«ã—ã¦ãã ã•ã„ã€‚ éµã¨ãªã‚‹ã®ã¯ã€æˆ¦ç•¥çš„ãªå®Ÿè£…ã§ã™ã€‚ ã‚µã‚¤ãƒ‰ã‚«ãƒ¼ã¯ã€ã‚ã‚‰ã‚†ã‚‹å ´é¢ã§ä½¿ã†ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã®æ–¹æ³•ã§ã¯ãªãã€ç‰¹å®šã®ã‚¢ãƒ¼ã‚ãƒ†ã‚¯ãƒãƒ£ä¸Šã®èª²é¡Œã‚’è§£æ±ºã™ã‚‹ãŸã‚ã®ç²¾å¯†ãªãƒ„ãƒ¼ãƒ«ã¨ã—ã¦æ´»ç”¨ã™ã¹ãã§ã™ã€‚ é©åˆ‡ã«ä½¿ç”¨ã™ã‚Œã°ã€ã‚³ãƒ³ãƒ†ãƒŠåŒ–ã•ã‚ŒãŸç’°å¢ƒã«ãŠã„ã¦ã€ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£ã€ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚ãƒ³ã‚°ã€è¨å®šç®¡ç†ã®å‘ä¸Šã«è²¢çŒ®ã§ãã¾ã™ã€‚ è³¢æ˜Žã«é¸ã³ã€æ³¨æ„æ·±ãå®Ÿè£…ã—ã€ã‚µã‚¤ãƒ‰ã‚«ãƒ¼ã‚’æ´»ç”¨ã—ã¦ã‚³ãƒ³ãƒ†ãƒŠã‚¨ã‚³ã‚·ã‚¹ãƒ†ãƒ ã‚’ã•ã‚‰ã«é«˜ã‚ã¾ã—ã‚‡ã†ã€‚

kube-scheduler-simulatorã®ç´¹ä»‹

Mon, 07 Apr 2025 00:00:00 +0000

Kubernetesã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ©ãƒ¼ã¯ã€PodãŒã©ã®ãƒŽãƒ¼ãƒ‰ã§å®Ÿè¡Œã•ã‚Œã‚‹ã‹ã‚’æ±ºå®šã™ã‚‹ã€éžå¸¸ã«é‡è¦ãªã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ«ãƒ—ãƒ¬ãƒ¼ãƒ³ã‚³ãƒ³ãƒãƒ¼ãƒãƒ³ãƒˆã§ã™ã€‚ ãã®ãŸã‚ã€Kubernetesã‚’åˆ©ç”¨ã™ã‚‹ã™ã¹ã¦ã®ãƒ¦ãƒ¼ã‚¶ãƒ¼ã¯ã€ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ©ãƒ¼ã«ä¾å˜ã—ã¦ã„ã¾ã™ã€‚

kube-scheduler-simulatorã¯ã€Kubernetesã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ©ãƒ¼ã® ã‚·ãƒŸãƒ¥ãƒ¬ãƒ¼ã‚¿ãƒ¼ ã§ã‚ã‚Šã€Google Summer of Code 2021ã«ãŠã„ã¦ç§(Kensei Nakada)ãŒé–‹ç™ºã‚’é–‹å§‹ã—ã€ãã®å¾Œå¤šãã®ã‚³ãƒ³ãƒˆãƒªãƒ“ãƒ¥ãƒ¼ã‚·ãƒ§ãƒ³ã‚’å—ã‘ã¦ããŸãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã§ã™ã€‚ ã“ã®ãƒ„ãƒ¼ãƒ«ã‚’ä½¿ç”¨ã™ã‚‹ã¨ã€ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ©ãƒ¼ã®å‹•ä½œã‚„æ„æ€æ±ºå®šã‚’è©³ç´°ã«è¦³å¯Ÿã™ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚

ã“ã®ã‚·ãƒŸãƒ¥ãƒ¬ãƒ¼ã‚¿ãƒ¼ã¯ã€ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒªãƒ³ã‚°åˆ¶ç´„(ãŸã¨ãˆã°ã€Podé–“ã®ã‚¢ãƒ•ã‚£ãƒ‹ãƒ†ã‚£)ã‚’åˆ©ç”¨ã™ã‚‹ä¸€èˆ¬ãƒ¦ãƒ¼ã‚¶ãƒ¼ã«ã¨ã£ã¦ã‚‚æœ‰ç”¨ã§ã™ã—ã€ã‚«ã‚¹ã‚¿ãƒ ãƒ—ãƒ©ã‚°ã‚¤ãƒ³ã«ã‚ˆã£ã¦ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ©ãƒ¼ã‚’æ‹¡å¼µã™ã‚‹ã‚¨ã‚ã‚¹ãƒ‘ãƒ¼ãƒˆã«ã¨ã£ã¦ã‚‚æœ‰ç”¨ã§ã™ã€‚

å‹•æ©Ÿ

ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ©ãƒ¼ã¯ã€å¤šãã®ãƒ—ãƒ©ã‚°ã‚¤ãƒ³ã§æ§‹æˆã•ã‚Œã¦ãŠã‚Šã€ãã‚Œãžã‚ŒãŒç‹¬è‡ªã®è¦³ç‚¹ã§ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒªãƒ³ã‚°ã®æ„æ€æ±ºå®šã«å¯„ä¸Žã—ã¦ã„ã‚‹ãŸã‚ã€ã—ã°ã—ã°ãƒ–ãƒ©ãƒƒã‚¯ãƒœãƒƒã‚¯ã‚¹ã®ã‚ˆã†ã«è¦‹ãˆã¾ã™ã€‚ ãã®å‹•ä½œã‚’ç†è§£ã™ã‚‹ã“ã¨ã¯ã€è€ƒæ…®ã•ã‚Œã‚‹è¦ç´ ãŒéžå¸¸ã«å¤šã„ãŸã‚å›°é›£ã§ã™ã€‚

ãŸã¨ãˆã‚·ãƒ³ãƒ—ãƒ«ãªãƒ†ã‚¹ãƒˆã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã«ãŠã„ã¦PodãŒæ£ã—ãã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒªãƒ³ã‚°ã•ã‚Œã¦ã„ã‚‹ã‚ˆã†ã«è¦‹ãˆã¦ã‚‚ã€æƒ³å®šã¨ã¯ç•°ãªã‚‹è¨ˆç®—ã«åŸºã¥ã„ã¦ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒªãƒ³ã‚°ã•ã‚Œã¦ã„ã‚‹å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã™ã€‚ ã“ã®ã‚ˆã†ãªãšã‚Œã¯ã€æœ¬ç•ªã®å¤§è¦æ¨¡ãªç’°å¢ƒã«ãŠã„ã¦ã€äºˆæœŸã—ãªã„ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒªãƒ³ã‚°çµæžœã‚’å¼•ãèµ·ã“ã™ã“ã¨ã«ã¤ãªãŒã‚Šã‹ãã¾ã›ã‚“ã€‚

ã¾ãŸã€ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ©ãƒ¼ã‚’ãƒ†ã‚¹ãƒˆã™ã‚‹ã“ã¨ã¯éžå¸¸ã«è¤‡é›‘ãªèª²é¡Œã§ã™ã€‚ å®Ÿéš›ã®ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼å†…ã§ã¯ç„¡æ•°ã®æ“ä½œãƒ‘ã‚¿ãƒ¼ãƒ³ãŒå˜åœ¨ã—ã€æœ‰é™ãªæ•°ã®ãƒ†ã‚¹ãƒˆã§ã‚ã‚‰ã‚†ã‚‹ã‚·ãƒŠãƒªã‚ªã‚’äºˆæ¸¬ã™ã‚‹ã“ã¨ã¯ç¾å®Ÿçš„ã§ã¯ã‚ã‚Šã¾ã›ã‚“ã€‚ å¤šãã®å ´åˆã€ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ©ãƒ¼ã‚’å®Ÿéš›ã®ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã«ãƒ‡ãƒ—ãƒã‚¤ã—ã¦åˆã‚ã¦ãƒã‚°ãŒç™ºè¦‹ã•ã‚Œã¾ã™ã€‚ å®Ÿéš›ã€ã‚¢ãƒƒãƒ—ã‚¹ãƒˆãƒªãƒ¼ãƒ ã®kube-schedulerã§ã‚ã£ã¦ã‚‚ã€ãƒªãƒªãƒ¼ã‚¹å¾Œã«ãƒ¦ãƒ¼ã‚¶ãƒ¼ã«ã‚ˆã£ã¦å¤šãã®ãƒã‚°ãŒç™ºè¦‹ã•ã‚Œã¦ã„ã¾ã™ã€‚

ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ©ãƒ¼ã€ã‚ã‚‹ã„ã¯ã©ã‚“ãªKubernetesã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ã§ã‚ã£ã¦ã‚‚ã€ãã‚Œã‚‰ã‚’ãƒ†ã‚¹ãƒˆã™ã‚‹ãŸã‚ã®é–‹ç™ºç’°å¢ƒã‚„ã‚µãƒ³ãƒ‰ãƒœãƒƒã‚¯ã‚¹ç’°å¢ƒã‚’ç”¨æ„ã™ã‚‹ã“ã¨ã¯ã€ä¸€èˆ¬çš„ãªãƒ—ãƒ©ã‚¯ãƒ†ã‚£ã‚¹ã§ã™ã€‚ ã—ã‹ã—ã€ã“ã®æ–¹æ³•ã§ã¯ã€æœ¬ç•ªã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã§ç™ºç”Ÿã—å¾—ã‚‹ã™ã¹ã¦ã®ã‚·ãƒŠãƒªã‚ªã‚’ç¶²ç¾…ã™ã‚‹ã«ã¯ä¸ååˆ†ã§ã™ã€‚ ã¨ã„ã†ã®ã‚‚ã€é–‹ç™ºã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã¯é€šå¸¸ã€æœ¬ç•ªã«æ¯”ã¹ã¦ã¯ã‚‹ã‹ã«å°è¦æ¨¡ã§ã‚ã‚Šã€ãƒ¯ãƒ¼ã‚¯ãƒãƒ¼ãƒ‰ã®è¦æ¨¡ã‚„ã‚¹ã‚±ãƒ¼ãƒªãƒ³ã‚°ã®ç‰¹æ€§ã«ã‚‚å¤§ããªé•ã„ãŒã‚ã‚‹ãŸã‚ã§ã™ã€‚ é–‹ç™ºã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã¯æœ¬ç•ªç’°å¢ƒã¨ã¾ã£ãŸãåŒã˜ä½¿ã‚ã‚Œæ–¹ã‚’ã™ã‚‹ã“ã¨ã¯ãªãã€åŒã˜æŒ™å‹•ã‚’ç¤ºã™ã“ã¨ã‚‚ã‚ã‚Šã¾ã›ã‚“ã€‚

kube-scheduler-simulatorã¯ã€ã“ã‚Œã‚‰ã®å•é¡Œã‚’è§£æ±ºã™ã‚‹ã“ã¨ã‚’ç›®çš„ã¨ã—ã¦ã„ã¾ã™ã€‚ ãƒ¦ãƒ¼ã‚¶ãƒ¼ã¯ã€ã“ã®ãƒ„ãƒ¼ãƒ«ã‚’ç”¨ã„ã¦ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒªãƒ³ã‚°åˆ¶ç´„ã‚„ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ©ãƒ¼ã®è¨å®šã€ã‚«ã‚¹ã‚¿ãƒ ãƒ—ãƒ©ã‚°ã‚¤ãƒ³ã‚’ãƒ†ã‚¹ãƒˆã—ã¤ã¤ã€ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒªãƒ³ã‚°ã®æ„æ€æ±ºå®šã«ãŠã‘ã‚‹ã‚ã‚‰ã‚†ã‚‹è©³ç´°ãªéƒ¨åˆ†ã‚’ç¢ºèªã™ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚ ã¾ãŸã€ãƒ¦ãƒ¼ã‚¶ãƒ¼ã¯æœ¬ç•ªã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã¨åŒã˜ãƒªã‚½ãƒ¼ã‚¹ã‚’ä½¿ã„ãªãŒã‚‰ã€å®Ÿéš›ã®ãƒ¯ãƒ¼ã‚¯ãƒãƒ¼ãƒ‰ã«å½±éŸ¿ã‚’ä¸Žãˆã‚‹ã“ã¨ãªãã€ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ©ãƒ¼ã‚’ãƒ†ã‚¹ãƒˆã§ãã‚‹ã‚·ãƒŸãƒ¥ãƒ¬ãƒ¼ãƒˆã•ã‚ŒãŸã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ç’°å¢ƒã‚’ä½œæˆã™ã‚‹ã“ã¨ã‚‚å¯èƒ½ã§ã™ã€‚

kube-scheduler-simulatorã®æ©Ÿèƒ½

kube-scheduler-simulatorã®ã‚³ã‚¢æ©Ÿèƒ½ã¯ã€ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ©ãƒ¼ã®å†…éƒ¨çš„ãªæ„æ€æ±ºå®šã‚’å¯è¦–åŒ–ã§ãã‚‹ç‚¹ã«ã‚ã‚Šã¾ã™ã€‚ ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ©ãƒ¼ã¯ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒªãƒ³ã‚°ãƒ•ãƒ¬ãƒ¼ãƒ ãƒ¯ãƒ¼ã‚¯ã«åŸºã¥ã„ã¦å‹•ä½œã—ã¦ãŠã‚Šã€ã•ã¾ã–ã¾ãªæ‹¡å¼µãƒã‚¤ãƒ³ãƒˆã§è¤‡æ•°ã®ãƒ—ãƒ©ã‚°ã‚¤ãƒ³ã‚’åˆ©ç”¨ã—ã€ãƒŽãƒ¼ãƒ‰ã®ãƒ•ã‚£ãƒ«ã‚¿ãƒªãƒ³ã‚°(Filterãƒ•ã‚§ãƒ¼ã‚º)ã€ã‚¹ã‚³ã‚¢ä»˜ã‘(Scoreãƒ•ã‚§ãƒ¼ã‚º)ã‚’çµŒã¦ã€æœ€çµ‚çš„ã«Podã«æœ€é©ãªãƒŽãƒ¼ãƒ‰ã‚’æ±ºå®šã—ã¾ã™ã€‚

ã“ã®ã‚·ãƒŸãƒ¥ãƒ¬ãƒ¼ã‚¿ãƒ¼ã‚’ç”¨ã„ã‚‹ã“ã¨ã§ã€ãƒ¦ãƒ¼ã‚¶ãƒ¼ã¯Kubernetesãƒªã‚½ãƒ¼ã‚¹ã‚’ä½œæˆã—ã€å„ãƒ—ãƒ©ã‚°ã‚¤ãƒ³ãŒPodã®ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒªãƒ³ã‚°ã«ã©ã®ã‚ˆã†ã«å½±éŸ¿ã‚’ä¸Žãˆã¦ã„ã‚‹ã‹ã‚’è¦³å¯Ÿã§ãã¾ã™ã€‚ ã“ã‚Œã«ã‚ˆã‚Šã€ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ©ãƒ¼ã®ä»•çµ„ã¿ã‚’ç†è§£ã—ã€é©åˆ‡ãªã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒªãƒ³ã‚°åˆ¶ç´„ã‚’å®šç¾©ã™ã‚‹åŠ©ã‘ã¨ãªã‚Šã¾ã™ã€‚

ã‚·ãƒŸãƒ¥ãƒ¬ãƒ¼ã‚¿ãƒ¼ã®webãƒ•ãƒãƒ³ãƒˆã‚¨ãƒ³ãƒ‰

ã“ã®ã‚·ãƒŸãƒ¥ãƒ¬ãƒ¼ã‚¿ãƒ¼ã®å†…éƒ¨ã§ã¯ã€é€šå¸¸ã®ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ©ãƒ¼(vanilla scheduler)ã§ã¯ãªãã€Debuggable Schedulerã¨å‘¼ã°ã‚Œã‚‹ãƒ‡ãƒãƒƒã‚°ã‚’å®¹æ˜“ã«ã™ã‚‹ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ©ãƒ¼ãŒå‹•ä½œã—ã¾ã™ã€‚ ã“ã®Debuggable Schedulerã¯ã€å„æ‹¡å¼µãƒã‚¤ãƒ³ãƒˆã«ãŠã‘ã‚‹å„ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ©ãƒ¼ãƒ—ãƒ©ã‚°ã‚¤ãƒ³ã®çµæžœã‚’ã€ä»¥ä¸‹ã®ãƒžãƒ‹ãƒ•ã‚§ã‚¹ãƒˆã«ç¤ºã™ã‚ˆã†ã«Podã®ã‚¢ãƒŽãƒ†ãƒ¼ã‚·ãƒ§ãƒ³ã¨ã—ã¦å‡ºåŠ›ã—ã¾ã™ã€‚ webãƒ•ãƒãƒ³ãƒˆã‚¨ãƒ³ãƒ‰ã¯ã“ã‚Œã‚‰ã®ã‚¢ãƒŽãƒ†ãƒ¼ã‚·ãƒ§ãƒ³ã«åŸºã¥ã„ã¦ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒªãƒ³ã‚°çµæžœã‚’æ•´å½¢ãƒ»å¯è¦–åŒ–ã—ã¾ã™ã€‚

kind: Pod
apiVersion: v1
metadata:
 # ã“ã®ãƒ–ãƒã‚°æŠ•ç¨¿ã§ã¯ã€ã‚¢ãƒŽãƒ†ãƒ¼ã‚·ãƒ§ãƒ³å†…ã®JSONã¯è¦‹ã‚„ã™ã•ã®ãŸã‚ã«æ‰‹å‹•ã§æ•´å½¢ã•ã‚Œã¦ã„ã¾ã™ã€‚
 annotations:
 kube-scheduler-simulator.sigs.k8s.io/bind-result: '{"DefaultBinder":"success"}'
 kube-scheduler-simulator.sigs.k8s.io/filter-result: >-
 {
 "node-jjfg5":{
 "NodeName":"passed",
 "NodeResourcesFit":"passed",
 "NodeUnschedulable":"passed",
 "TaintToleration":"passed"
 },
 "node-mtb5x":{
 "NodeName":"passed",
 "NodeResourcesFit":"passed",
 "NodeUnschedulable":"passed",
 "TaintToleration":"passed"
 }
 }
 kube-scheduler-simulator.sigs.k8s.io/finalscore-result: >-
 {
 "node-jjfg5":{
 "ImageLocality":"0",
 "NodeAffinity":"0",
 "NodeResourcesBalancedAllocation":"52",
 "NodeResourcesFit":"47",
 "TaintToleration":"300",
 "VolumeBinding":"0"
 },
 "node-mtb5x":{
 "ImageLocality":"0",
 "NodeAffinity":"0",
 "NodeResourcesBalancedAllocation":"76",
 "NodeResourcesFit":"73",
 "TaintToleration":"300",
 "VolumeBinding":"0"
 }
 }
 kube-scheduler-simulator.sigs.k8s.io/permit-result: '{}'
 kube-scheduler-simulator.sigs.k8s.io/permit-result-timeout: '{}'
 kube-scheduler-simulator.sigs.k8s.io/postfilter-result: '{}'
 kube-scheduler-simulator.sigs.k8s.io/prebind-result: '{"VolumeBinding":"success"}'
 kube-scheduler-simulator.sigs.k8s.io/prefilter-result: '{}'
 kube-scheduler-simulator.sigs.k8s.io/prefilter-result-status: >-
 {
 "AzureDiskLimits":"",
 "EBSLimits":"",
 "GCEPDLimits":"",
 "InterPodAffinity":"",
 "NodeAffinity":"",
 "NodePorts":"",
 "NodeResourcesFit":"success",
 "NodeVolumeLimits":"",
 "PodTopologySpread":"",
 "VolumeBinding":"",
 "VolumeRestrictions":"",
 "VolumeZone":""
 }
 kube-scheduler-simulator.sigs.k8s.io/prescore-result: >-
 {
 "InterPodAffinity":"",
 "NodeAffinity":"success",
 "NodeResourcesBalancedAllocation":"success",
 "NodeResourcesFit":"success",
 "PodTopologySpread":"",
 "TaintToleration":"success"
 }
 kube-scheduler-simulator.sigs.k8s.io/reserve-result: '{"VolumeBinding":"success"}'
 kube-scheduler-simulator.sigs.k8s.io/result-history: >-
 [
 {
 "kube-scheduler-simulator.sigs.k8s.io/bind-result":"{\"DefaultBinder\":\"success\"}",
 "kube-scheduler-simulator.sigs.k8s.io/filter-result":"{\"node-jjfg5\":{\"NodeName\":\"passed\",\"NodeResourcesFit\":\"passed\",\"NodeUnschedulable\":\"passed\",\"TaintToleration\":\"passed\"},\"node-mtb5x\":{\"NodeName\":\"passed\",\"NodeResourcesFit\":\"passed\",\"NodeUnschedulable\":\"passed\",\"TaintToleration\":\"passed\"}}",
 "kube-scheduler-simulator.sigs.k8s.io/finalscore-result":"{\"node-jjfg5\":{\"ImageLocality\":\"0\",\"NodeAffinity\":\"0\",\"NodeResourcesBalancedAllocation\":\"52\",\"NodeResourcesFit\":\"47\",\"TaintToleration\":\"300\",\"VolumeBinding\":\"0\"},\"node-mtb5x\":{\"ImageLocality\":\"0\",\"NodeAffinity\":\"0\",\"NodeResourcesBalancedAllocation\":\"76\",\"NodeResourcesFit\":\"73\",\"TaintToleration\":\"300\",\"VolumeBinding\":\"0\"}}",
 "kube-scheduler-simulator.sigs.k8s.io/permit-result":"{}",
 "kube-scheduler-simulator.sigs.k8s.io/permit-result-timeout":"{}",
 "kube-scheduler-simulator.sigs.k8s.io/postfilter-result":"{}",
 "kube-scheduler-simulator.sigs.k8s.io/prebind-result":"{\"VolumeBinding\":\"success\"}",
 "kube-scheduler-simulator.sigs.k8s.io/prefilter-result":"{}",
 "kube-scheduler-simulator.sigs.k8s.io/prefilter-result-status":"{\"AzureDiskLimits\":\"\",\"EBSLimits\":\"\",\"GCEPDLimits\":\"\",\"InterPodAffinity\":\"\",\"NodeAffinity\":\"\",\"NodePorts\":\"\",\"NodeResourcesFit\":\"success\",\"NodeVolumeLimits\":\"\",\"PodTopologySpread\":\"\",\"VolumeBinding\":\"\",\"VolumeRestrictions\":\"\",\"VolumeZone\":\"\"}",
 "kube-scheduler-simulator.sigs.k8s.io/prescore-result":"{\"InterPodAffinity\":\"\",\"NodeAffinity\":\"success\",\"NodeResourcesBalancedAllocation\":\"success\",\"NodeResourcesFit\":\"success\",\"PodTopologySpread\":\"\",\"TaintToleration\":\"success\"}",
 "kube-scheduler-simulator.sigs.k8s.io/reserve-result":"{\"VolumeBinding\":\"success\"}",
 "kube-scheduler-simulator.sigs.k8s.io/score-result":"{\"node-jjfg5\":{\"ImageLocality\":\"0\",\"NodeAffinity\":\"0\",\"NodeResourcesBalancedAllocation\":\"52\",\"NodeResourcesFit\":\"47\",\"TaintToleration\":\"0\",\"VolumeBinding\":\"0\"},\"node-mtb5x\":{\"ImageLocality\":\"0\",\"NodeAffinity\":\"0\",\"NodeResourcesBalancedAllocation\":\"76\",\"NodeResourcesFit\":\"73\",\"TaintToleration\":\"0\",\"VolumeBinding\":\"0\"}}",
 "kube-scheduler-simulator.sigs.k8s.io/selected-node":"node-mtb5x"
 }
 ]
 kube-scheduler-simulator.sigs.k8s.io/score-result: >-
 {
 "node-jjfg5":{
 "ImageLocality":"0",
 "NodeAffinity":"0",
 "NodeResourcesBalancedAllocation":"52",
 "NodeResourcesFit":"47",
 "TaintToleration":"0",
 "VolumeBinding":"0"
 },
 "node-mtb5x":{
 "ImageLocality":"0",
 "NodeAffinity":"0",
 "NodeResourcesBalancedAllocation":"76",
 "NodeResourcesFit":"73",
 "TaintToleration":"0",
 "VolumeBinding":"0"
 }
 }
 kube-scheduler-simulator.sigs.k8s.io/selected-node: node-mtb5x

ãƒ¦ãƒ¼ã‚¶ãƒ¼ã¯ã¾ãŸã€è‡ªèº«ã®ã‚«ã‚¹ã‚¿ãƒ ãƒ—ãƒ©ã‚°ã‚¤ãƒ³ã‚„extenderã‚’ã“ã®Debuggable Schedulerã«çµ±åˆã—ã€ãã®çµæžœã‚’å¯è¦–åŒ–ã™ã‚‹ã“ã¨ã‚‚ã§ãã¾ã™ã€‚

ã“ã®Debuggable Schedulerã¯ã€ãŸã¨ãˆã°ä»»æ„ã®Kubernetesã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ä¸Šã‚„çµ±åˆãƒ†ã‚¹ãƒˆå†…ãªã©ã€ã‚¹ã‚¿ãƒ³ãƒ‰ã‚¢ãƒãƒ¼ãƒ³ã§å®Ÿè¡Œã™ã‚‹ã“ã¨ã‚‚å¯èƒ½ã§ã™ã€‚ã“ã‚Œã¯ã€è‡ªèº«ã®ãƒ—ãƒ©ã‚°ã‚¤ãƒ³ã‚’ãƒ†ã‚¹ãƒˆã—ãŸã‚Šã€å®Ÿã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ä¸Šã§ã‚«ã‚¹ã‚¿ãƒ ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ©ãƒ¼ã‚’ã‚ˆã‚Šãƒ‡ãƒãƒƒã‚°ã—ã‚„ã™ãã—ãŸã„ã¨è€ƒãˆã‚‹ã‚«ã‚¹ã‚¿ãƒ ãƒ—ãƒ©ã‚°ã‚¤ãƒ³é–‹ç™ºè€…ã«ã¨ã£ã¦æœ‰ç”¨ã§ã™ã€‚

ã‚ˆã‚Šå„ªã‚ŒãŸé–‹ç™ºã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã¨ã—ã¦ã®ã‚·ãƒŸãƒ¥ãƒ¬ãƒ¼ã‚¿ãƒ¼

å‰è¿°ã®ã¨ãŠã‚Šã€é™ã‚‰ã‚ŒãŸãƒ†ã‚¹ãƒˆã ã‘ã§ã¯å®Ÿä¸–ç•Œã®ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã§èµ·ã“ã‚Šå¾—ã‚‹ã™ã¹ã¦ã®ã‚·ãƒŠãƒªã‚ªã‚’äºˆæ¸¬ã™ã‚‹ã“ã¨ã¯ä¸å¯èƒ½ã§ã™ã€‚ ãƒ¦ãƒ¼ã‚¶ãƒ¼ã¯ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ©ãƒ¼ã‚’æœ¬ç•ªç’°å¢ƒã«ãƒ‡ãƒ—ãƒã‚¤ã™ã‚‹å‰ã«ã€å°è¦æ¨¡ãªé–‹ç™ºã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã§ãƒ†ã‚¹ãƒˆã—ã€å•é¡ŒãŒç™ºç”Ÿã—ãªã„ã“ã¨ã‚’é¡˜ã†ã“ã¨ã—ã‹ã§ãã¾ã›ã‚“ã€‚

ãã“ã§ã€ã‚·ãƒŸãƒ¥ãƒ¬ãƒ¼ã‚¿ãƒ¼ã®ã‚¤ãƒ³ãƒãƒ¼ãƒˆæ©Ÿèƒ½ã‚’ä½¿ã†ã“ã¨ã§ã€æœ¬ç•ªç’°å¢ƒã«è¿‘ã„ç’°å¢ƒã§ã€ç¨¼åƒä¸ã®ãƒ¯ãƒ¼ã‚¯ãƒãƒ¼ãƒ‰ã«å½±éŸ¿ã‚’ä¸Žãˆã‚‹ã“ã¨ãªãã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ©ãƒ¼ã®ã‚·ãƒŸãƒ¥ãƒ¬ãƒ¼ã‚·ãƒ§ãƒ³ã‚’ã™ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚

æœ¬ç•ªã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã¨ã‚·ãƒŸãƒ¥ãƒ¬ãƒ¼ã‚¿ãƒ¼ã®é–“ã§ç¶™ç¶šçš„ã«åŒæœŸã‚’è¡Œã†ã“ã¨ã§ã€ãƒ¦ãƒ¼ã‚¶ãƒ¼ã¯æœ¬ç•ªã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ãŒå¯¾å¿œã™ã‚‹ãƒªã‚½ãƒ¼ã‚¹ã¨åŒã˜ãƒªã‚½ãƒ¼ã‚¹ã‚’ç”¨ã„ã¦ã€æ–°ã—ã„ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã®ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ©ãƒ¼ã‚’å®‰å…¨ã«ãƒ†ã‚¹ãƒˆã™ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚ ãã®å‹•ä½œã«ç¢ºä¿¡ãŒæŒã¦ãŸæ®µéšŽã§æœ¬ç•ªç’°å¢ƒã¸ã®ãƒ‡ãƒ—ãƒã‚¤ã«é€²ã‚€ã“ã¨ãŒã§ãã€äºˆæœŸã—ãªã„å•é¡Œã®ãƒªã‚¹ã‚¯ã‚’ä½Žæ¸›ã§ãã¾ã™ã€‚

ãƒ¦ãƒ¼ã‚¹ã‚±ãƒ¼ã‚¹ã¯ï¼Ÿ

ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ãƒ¦ãƒ¼ã‚¶ãƒ¼: ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒªãƒ³ã‚°åˆ¶ç´„(ãŸã¨ãˆã°ã€PodAffinityã‚„PodTopologySpreadãªã©)ãŒæ„å›³ã—ãŸé€šã‚Šã«æ©Ÿèƒ½ã—ã¦ã„ã‚‹ã‹ã‚’æ¤œè¨¼ã™ã‚‹ã€‚
ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ç®¡ç†è€…: ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ©ãƒ¼ã®è¨å®šã‚’å¤‰æ›´ã—ãŸå ´åˆã«ã€ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ãŒã©ã®ã‚ˆã†ã«å‹•ä½œã™ã‚‹ã‹ã‚’è©•ä¾¡ã™ã‚‹ã€‚
ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ©ãƒ¼ãƒ—ãƒ©ã‚°ã‚¤ãƒ³é–‹ç™ºè€…: ã‚«ã‚¹ã‚¿ãƒ ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ©ãƒ¼ãƒ—ãƒ©ã‚°ã‚¤ãƒ³ã‚„ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ©ãƒ¼æ‹¡å¼µã‚’ãƒ†ã‚¹ãƒˆã™ã‚‹ã€‚Debuggable Schedulerã‚’çµ±åˆãƒ†ã‚¹ãƒˆã‚„é–‹ç™ºã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã§ä½¿ç”¨ã—ãŸã‚Šã€æœ¬ç•ªç’°å¢ƒã«è¿‘ã„ç’°å¢ƒã§ã®ãƒ†ã‚¹ãƒˆã®ãŸã‚ã«åŒæœŸæ©Ÿèƒ½ã‚’æ´»ç”¨ã—ãŸã‚Šã™ã‚‹ã€‚

åˆ©ç”¨é–‹å§‹ã®æ‰‹é †

ã“ã®ã‚·ãƒŸãƒ¥ãƒ¬ãƒ¼ã‚¿ãƒ¼ã‚’ä½¿ç”¨ã™ã‚‹ã«ã¯ã€ãƒžã‚·ãƒ³ã«DockerãŒã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ«ã•ã‚Œã¦ã„ã‚Œã°ååˆ†ã§ã€Kubernetesã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã¯å¿…è¦ã‚ã‚Šã¾ã›ã‚“ã€‚

git clone [email protected]:kubernetes-sigs/kube-scheduler-simulator.git
cd kube-scheduler-simulator
make docker_up

http://localhost:3000ã§ã‚·ãƒŸãƒ¥ãƒ¬ãƒ¼ã‚¿ãƒ¼ã®web UIã«ã‚¢ã‚¯ã‚»ã‚¹ã§ãã¾ã™ã€‚

è©³ã—ãã¯ã€kube-scheduler-simulatorã®ãƒªãƒã‚¸ãƒˆãƒªã‚’ã”è¦§ãã ã•ã„ï¼

è²¢çŒ®ã™ã‚‹ã«ã¯

ã“ã®ã‚·ãƒŸãƒ¥ãƒ¬ãƒ¼ã‚¿ãƒ¼ã¯ã€Kubernetes SIG Schedulingã«ã‚ˆã£ã¦é–‹ç™ºã•ã‚Œã¦ã„ã¾ã™ã€‚ ãƒ•ã‚£ãƒ¼ãƒ‰ãƒãƒƒã‚¯ã‚„ã‚³ãƒ³ãƒˆãƒªãƒ“ãƒ¥ãƒ¼ã‚·ãƒ§ãƒ³ã¯å¤§æ“è¿Žã§ã™ï¼

å•é¡Œã®å ±å‘Šã‚„ãƒ—ãƒ«ãƒªã‚¯ã‚¨ã‚¹ãƒˆã¯ã€kube-scheduler-simulatorã®ãƒªãƒã‚¸ãƒˆãƒªã§è¡Œã£ã¦ãã ã•ã„ã€‚ ã¾ãŸã€Slackã®#sig-schedulingãƒãƒ£ãƒ³ãƒãƒ«ã«ã‚‚ãœã²ã”å‚åŠ ãã ã•ã„ã€‚

è¬è¾ž

ã“ã®ã‚·ãƒŸãƒ¥ãƒ¬ãƒ¼ã‚¿ãƒ¼ã®ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã¯ã€ç†±æ„ã‚ã‚‹ãƒœãƒ©ãƒ³ãƒ†ã‚£ã‚¢ã®ã‚¨ãƒ³ã‚¸ãƒ‹ã‚¢ãŸã¡ã«ã‚ˆã£ã¦ãƒ¡ãƒ³ãƒ†ãƒŠãƒ³ã‚¹ã•ã‚Œã€å¤šãã®èª²é¡Œã‚’ä¹—ã‚Šè¶Šãˆã¦ç¾åœ¨ã®å½¢ã«è‡³ã‚Šã¾ã—ãŸã€‚

ç´ æ™´ã‚‰ã—ã„ã‚³ãƒ³ãƒˆãƒªãƒ“ãƒ¥ãƒ¼ã‚¿ãƒ¼ã®çš†ã•ã‚“ã«å¿ƒã‚ˆã‚Šæ„Ÿè¬ã„ãŸã—ã¾ã™ï¼

Kubernetes v1.33ã®å…ˆè¡Œç´¹ä»‹

Wed, 26 Mar 2025 10:30:00 -0800

Kubernetes v1.33ã®ãƒªãƒªãƒ¼ã‚¹ãŒè¿‘ã¥ãä¸ã§ã€Kubernetesãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã¯é€²åŒ–ã‚’ç¶šã‘ã¦ã„ã¾ã™ã€‚ ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆå…¨ä½“ã®å¥å…¨æ€§ã‚’é«˜ã‚ã‚‹ãŸã‚ã«ã€ä¸€éƒ¨ã®æ©Ÿèƒ½ãŒéžæŽ¨å¥¨ã¨ãªã£ãŸã‚Šã€å‰Šé™¤ã¾ãŸã¯ç½®ãæ›ãˆã‚‰ã‚ŒãŸã‚Šã™ã‚‹å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã™ã€‚ æœ¬ãƒ–ãƒã‚°è¨˜äº‹ã§ã¯ã€v1.33ãƒªãƒªãƒ¼ã‚¹ã«å‘ã‘ã¦è¨ˆç”»ã•ã‚Œã¦ã„ã‚‹å¤‰æ›´ã®ä¸€éƒ¨ã‚’ç´¹ä»‹ã—ã¾ã™ã€‚ ã“ã‚Œã‚‰ã¯ã€Kubernetesç’°å¢ƒã‚’å®‰å®šã—ã¦é‹ç”¨ã—ã€æœ€æ–°ã®é–‹ç™ºå‹•å‘ã‚’æŠŠæ¡ã—ç¶šã‘ã‚‹ãŸã‚ã«ã€ãƒªãƒªãƒ¼ã‚¹ãƒãƒ¼ãƒ ãŒç‰¹ã«çŸ¥ã£ã¦ãŠãã¹ãã§ã‚ã‚‹ã¨è€ƒãˆã¦ã„ã‚‹æƒ…å ±ã§ã™ã€‚ ä»¥ä¸‹ã®æƒ…å ±ã¯ã€v1.33ãƒªãƒªãƒ¼ã‚¹ã®ç¾æ™‚ç‚¹ã®çŠ¶æ³ã«åŸºã¥ã„ã¦ãŠã‚Šã€æ£å¼ãƒªãƒªãƒ¼ã‚¹ã¾ã§ã«å¤‰æ›´ã•ã‚Œã‚‹å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã™ã€‚

Kubernetes APIã®å‰Šé™¤ãŠã‚ˆã³éžæŽ¨å¥¨ãƒ—ãƒã‚»ã‚¹

Kubernetesãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã§ã¯ã€æ©Ÿèƒ½ã®éžæŽ¨å¥¨ãƒãƒªã‚·ãƒ¼ãŒæ˜Žç¢ºã«æ–‡æ›¸åŒ–ã•ã‚Œã¦ã„ã¾ã™ã€‚ ã“ã®ãƒãƒªã‚·ãƒ¼ã§ã¯ã€å®‰å®šç‰ˆã®APIã‚’éžæŽ¨å¥¨ã¨ã™ã‚‹ã«ã¯åŒã˜APIã®æ–°ãŸãªå®‰å®šç‰ˆãŒå˜åœ¨ã—ã¦ã„ã‚‹ã“ã¨ãŒæ¡ä»¶ã¨ã•ã‚Œã¦ã„ã¾ã™ã€‚ ã¾ãŸã€APIã®å®‰å®šæ€§ãƒ¬ãƒ™ãƒ«ã”ã¨ã«æœ€ä½Žé™ã®ã‚µãƒãƒ¼ãƒˆæœŸé–“ãŒå®šã‚ã‚‰ã‚Œã¦ã„ã¾ã™ã€‚ éžæŽ¨å¥¨ã¨ãªã£ãŸAPIã¯ã€å°†æ¥ã®Kubernetesãƒªãƒªãƒ¼ã‚¹ã§å‰Šé™¤ã•ã‚Œã‚‹äºˆå®šã§ã‚ã‚‹ã“ã¨ã‚’ç¤ºã—ã¦ã„ã¾ã™ã€‚ å‰Šé™¤ã¾ã§ã¯å¼•ãç¶šãå‹•ä½œã—ã¾ã™ãŒ(éžæŽ¨å¥¨ã‹ã‚‰å°‘ãªãã¨ã‚‚1å¹´é–“ã¯åˆ©ç”¨å¯èƒ½ã§ã™)ã€åˆ©ç”¨æ™‚ã«ã¯è¦å‘Šãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ãŒè¡¨ç¤ºã•ã‚Œã¾ã™ã€‚ å‰Šé™¤ã•ã‚ŒãŸAPIã¯ç¾åœ¨ã®ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã§ã¯åˆ©ç”¨ã§ããªããªã‚Šã€ãã®æ™‚ç‚¹ã§ä»£æ›¿æ‰‹æ®µã¸ã®ç§»è¡ŒãŒå¿…é ˆã¨ãªã‚Šã¾ã™ã€‚

ä¸€èˆ¬å…¬é–‹ç‰ˆ(GA)ã¾ãŸã¯å®‰å®šç‰ˆã®APIãƒãƒ¼ã‚¸ãƒ§ãƒ³ãŒéžæŽ¨å¥¨ã¨ãªã‚‹å¯èƒ½æ€§ã¯ã‚ã‚Šã¾ã™ãŒã€Kubernetesã®åŒä¸€ã®ãƒ¡ã‚¸ãƒ£ãƒ¼ãƒãƒ¼ã‚¸ãƒ§ãƒ³å†…ã§å‰Šé™¤ã•ã‚Œã¦ã¯ãªã‚Šã¾ã›ã‚“ã€‚
ãƒ™ãƒ¼ã‚¿ç‰ˆã‚„ãƒ—ãƒ¬ãƒªãƒªãƒ¼ã‚¹ã®APIãƒãƒ¼ã‚¸ãƒ§ãƒ³ã¯ã€éžæŽ¨å¥¨ã¨ãªã£ã¦ã‹ã‚‰3ã¤ã®ãƒªãƒªãƒ¼ã‚¹åˆ†ã¯ã‚µãƒãƒ¼ãƒˆã•ã‚Œãªã‘ã‚Œã°ãªã‚Šã¾ã›ã‚“ã€‚
ã‚¢ãƒ«ãƒ•ã‚¡ç‰ˆã¾ãŸã¯å®Ÿé¨“çš„ãªAPIãƒãƒ¼ã‚¸ãƒ§ãƒ³ã¯ã€äº‹å‰ã®éžæŽ¨å¥¨é€šçŸ¥ãªã—ã«ä»»æ„ã®ãƒªãƒªãƒ¼ã‚¹ã§å‰Šé™¤ã•ã‚Œã‚‹å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã™ã€‚ã™ã§ã«åŒä¸€ã®æ©Ÿèƒ½ã«å¯¾ã—ã¦åˆ¥ã®å®Ÿè£…ãŒå˜åœ¨ã™ã‚‹å ´åˆã€ã“ã®ãƒ—ãƒã‚»ã‚¹ã¯ã€Œæ’¤å›žã€ã¨è¦‹ãªã•ã‚Œã‚‹ã“ã¨ãŒã‚ã‚Šã¾ã™ã€‚

æ©Ÿèƒ½ãŒãƒ™ãƒ¼ã‚¿ç‰ˆã‹ã‚‰å®‰å®šç‰ˆã¸æ˜‡æ ¼ã—ãŸçµæžœã¨ã—ã¦APIãŒå‰Šé™¤ã•ã‚Œã‚‹å ´åˆã§ã‚‚ã€å˜ã«ãã®APIãŒå®šç€ã—ãªã‹ã£ãŸå ´åˆã§ã‚‚ã€ã™ã¹ã¦ã®å‰Šé™¤ã¯ã“ã®éžæŽ¨å¥¨ãƒãƒªã‚·ãƒ¼ã«æº–æ‹ ã—ã¦å®Ÿæ–½ã•ã‚Œã¾ã™ã€‚ APIãŒå‰Šé™¤ã•ã‚Œã‚‹éš›ã«ã¯ã€ç§»è¡Œæ‰‹æ®µãŒéžæŽ¨å¥¨ã‚¬ã‚¤ãƒ‰å†…ã§æ¡ˆå†…ã•ã‚Œã¾ã™ã€‚

Kubernetes v1.33ã«ãŠã‘ã‚‹éžæŽ¨å¥¨ã¨å‰Šé™¤

å®‰å®šç‰ˆEndpoints APIã®éžæŽ¨å¥¨åŒ–

EndpointSlices APIã¯v1.21ã‹ã‚‰å®‰å®šç‰ˆã¨ãªã£ã¦ãŠã‚Šã€å®Ÿè³ªçš„ã«å¾“æ¥ã®Endpoints APIã‚’ç½®ãæ›ãˆã‚‹å˜åœ¨ã¨ãªã£ã¦ã„ã¾ã™ã€‚ å…ƒã®Endpoints APIã¯ã‚·ãƒ³ãƒ—ãƒ«ã§åˆ†ã‹ã‚Šã‚„ã™ã„è¨è¨ˆã§ã—ãŸãŒã€å¤§è¦æ¨¡ãªãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ã‚¨ãƒ³ãƒ‰ãƒã‚¤ãƒ³ãƒˆã«ã‚¹ã‚±ãƒ¼ãƒ«ã™ã‚‹éš›ã«èª²é¡ŒãŒã‚ã‚Šã¾ã—ãŸã€‚ EndpointSlices APIã¯ãƒ‡ãƒ¥ã‚¢ãƒ«ã‚¹ã‚¿ãƒƒã‚¯ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯å¯¾å¿œãªã©ã®æ–°æ©Ÿèƒ½ã‚’å°Žå…¥ã—ã¦ãŠã‚Šã€ã“ã‚Œã«ã‚ˆã‚Šå¾“æ¥ã®Endpoints APIã¯éžæŽ¨å¥¨ã¨ã™ã‚‹æº–å‚™ãŒæ•´ã„ã¾ã—ãŸã€‚

ä»Šå›žã®éžæŽ¨å¥¨ã¯ã€ãƒ¯ãƒ¼ã‚¯ãƒãƒ¼ãƒ‰ã‚„ã‚¹ã‚¯ãƒªãƒ—ãƒˆã‹ã‚‰Endpoints APIã‚’ç›´æŽ¥ä½¿ç”¨ã—ã¦ã„ã‚‹ãƒ¦ãƒ¼ã‚¶ãƒ¼ã®ã¿ã«å½±éŸ¿ã—ã¾ã™ã€‚ ã“ã‚Œã‚‰ã®ãƒ¦ãƒ¼ã‚¶ãƒ¼ã¯ã€ä»£ã‚ã‚Šã«EndpointSliceã®ä½¿ç”¨ã¸ç§»è¡Œã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚ éžæŽ¨å¥¨ã«ã‚ˆã‚‹å½±éŸ¿ã¨ç§»è¡Œè¨ˆç”»ã®è©³ç´°ã«ã¤ã„ã¦ã¯ã€ä»Šå¾Œæ•°é€±é–“ä»¥å†…ã«å°‚ç”¨ã®ãƒ–ãƒã‚°è¨˜äº‹ãŒå…¬é–‹ã•ã‚Œã‚‹äºˆå®šã§ã™ã€‚

è©³ç´°ã¯KEP-4974: Deprecate v1.Endpointsã‚’ã”è¦§ãã ã•ã„ã€‚

ãƒŽãƒ¼ãƒ‰ã‚¹ãƒ†ãƒ¼ã‚¿ã‚¹ã‹ã‚‰ã®kube-proxyãƒãƒ¼ã‚¸ãƒ§ãƒ³æƒ…å ±ã®å‰Šé™¤

ãƒªãƒªãƒ¼ã‚¹ã‚¢ãƒŠã‚¦ãƒ³ã‚¹ã§ç¤ºã•ã‚ŒãŸã¨ãŠã‚Šã€v1.31ã§éžæŽ¨å¥¨ã¨ãªã£ãŸstatus.nodeInfo.kubeProxyVersionãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã¯ã€v1.33ã§å‰Šé™¤ã•ã‚Œã¾ã™ã€‚ ã“ã®ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã¯kubeletã«ã‚ˆã£ã¦è¨å®šã•ã‚Œã¦ã„ã¾ã—ãŸãŒã€ãã®å€¤ã¯ä¸€è²«ã—ã¦æ£ç¢ºã¨ã¯é™ã‚Šã¾ã›ã‚“ã§ã—ãŸã€‚ v1.31ä»¥é™ã€ã“ã®ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã¯ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã§ç„¡åŠ¹åŒ–ã•ã‚Œã¦ã„ã‚‹ãŸã‚ã€v1.33ã§ã¯å®Œå…¨ã«å‰Šé™¤ã•ã‚Œã¾ã™ã€‚

è©³ç´°ã¯KEP-4004: Deprecate status.nodeInfo.kubeProxyVersion fieldã‚’ã”è¦§ãã ã•ã„ã€‚

Windows Podã«ãŠã‘ã‚‹ãƒ›ã‚¹ãƒˆãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯å¯¾å¿œã®å‰Šé™¤

Windows Podã®ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯æ©Ÿèƒ½ã¯ã€Linuxã¨åŒç‰ã®æ©Ÿèƒ½ã‚’æä¾›ã—ã€ã‚³ãƒ³ãƒ†ãƒŠãŒãƒŽãƒ¼ãƒ‰ã®ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯åå‰ç©ºé–“ã‚’ä½¿ç”¨ã§ãã‚‹ã‚ˆã†ã«ã™ã‚‹ã“ã¨ã§ã€ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼å¯†åº¦ã®å‘ä¸Šã‚’ç›®æŒ‡ã—ã¦ã„ã¾ã—ãŸã€‚ ã“ã®æ©Ÿèƒ½ã®åˆæœŸå®Ÿè£…ã¯v1.26ã§ã‚¢ãƒ«ãƒ•ã‚¡ç‰ˆã¨ã—ã¦å°Žå…¥ã•ã‚Œã¾ã—ãŸãŒã€containerdã«é–¢ã™ã‚‹äºˆæœŸã›ã¬æŒ™å‹•ãŒç¢ºèªã•ã‚Œã€ã¾ãŸä»£æ›¿æ‰‹æ®µã‚‚å˜åœ¨ã—ã¦ã„ãŸã“ã¨ã‹ã‚‰ã€Kubernetesãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã¯é–¢é€£ã™ã‚‹KEPã®æ’¤å›žã‚’æ±ºå®šã—ã¾ã—ãŸã€‚ v1.33ã«ãŠã„ã¦ã€ã“ã®æ©Ÿèƒ½ã®ã‚µãƒãƒ¼ãƒˆã¯å®Œå…¨ã«å‰Šé™¤ã•ã‚Œã‚‹è¦‹è¾¼ã¿ã§ã™ã€‚

è©³ç´°ã¯KEP-3503: Host network support for Windows podsã‚’ã”è¦§ãã ã•ã„ã€‚

Kubernetes v1.33ã®æ³¨ç›®ã™ã¹ãå¤‰æ›´ç‚¹

æœ¬è¨˜äº‹ã®åŸ·ç†è€…ã¨ã—ã¦ã€ç§ãŸã¡ã¯ç‰¹ã«æ³¨ç›®ã™ã¹ãé‡è¦ãªæ”¹å–„ç‚¹ã‚’1ã¤é¸ã³ã¾ã—ãŸï¼

Linux Podã«ãŠã‘ã‚‹ãƒ¦ãƒ¼ã‚¶ãƒ¼åå‰ç©ºé–“ã®ã‚µãƒãƒ¼ãƒˆ

ç¾åœ¨ã‚‚ã‚ªãƒ¼ãƒ—ãƒ³ãªKEPã®ä¸ã§æœ€ã‚‚å¤ã„ã‚‚ã®ã®ä¸€ã¤ãŒã€KEP-127ã€ŒPodã«å¯¾ã—ã¦Linuxãƒ¦ãƒ¼ã‚¶ãƒ¼åå‰ç©ºé–“ã‚’ä½¿ç”¨ã™ã‚‹ã“ã¨ã«ã‚ˆã‚‹ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£ã®æ”¹å–„ã€ã§ã™ã€‚ã“ã®KEPã¯2016å¹´å¾ŒåŠã«åˆã‚ã¦ææ¡ˆã•ã‚Œã€è¤‡æ•°å›žã®æ”¹è¨‚ã‚’çµŒã¦v1.25ã§ã‚¢ãƒ«ãƒ•ã‚¡ç‰ˆã¨ã—ã¦ç™»å ´ã—ã€v1.30ã§åˆã‚ã¦ãƒ™ãƒ¼ã‚¿ç‰ˆãŒæä¾›ã•ã‚Œã¾ã—ãŸ(ã“ã®æ™‚ç‚¹ã§ã¯ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã§ç„¡åŠ¹)ã€‚ãã—ã¦v1.33ã§ã¯ã€ã“ã®æ©Ÿèƒ½ãŒãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã§æœ‰åŠ¹ãªçŠ¶æ…‹ã§æä¾›ã•ã‚Œã‚‹äºˆå®šã§ã™ã€‚

ã“ã®æ©Ÿèƒ½ã¯ã€æ˜Žç¤ºçš„ã«pod.spec.hostUsersã‚’æŒ‡å®šã—ã¦æœ‰åŠ¹åŒ–ã—ãªã„é™ã‚Šã€æ—¢å˜ã®Podã«ã¯å½±éŸ¿ã—ã¾ã›ã‚“ã€‚ Kubernetes v1.30ã‚’ãã£ã¨è¦—ãã§ã‚‚è§¦ã‚Œã‚‰ã‚Œã¦ã„ã‚‹ã‚ˆã†ã«ã€ã“ã®æ©Ÿèƒ½ã¯è„†å¼±æ€§ã®è»½æ¸›ã«å‘ã‘ãŸé‡è¦ãªãƒžã‚¤ãƒ«ã‚¹ãƒˆãƒ¼ãƒ³ã¨ãªã‚Šã¾ã™ã€‚

è©³ç´°ã¯KEP-127: Support User Namespaces in podsã‚’ã”è¦§ãã ã•ã„ã€‚

ãã®ä»–ã®æ³¨ç›®ã™ã¹ãKubernetes v1.33ã®æ”¹å–„ç‚¹

ä»¥ä¸‹ã«æŒ™ã’ã‚‹æ”¹å–„é …ç›®ã¯ã€ä»Šå¾Œãƒªãƒªãƒ¼ã‚¹äºˆå®šã®v1.33ã«å«ã¾ã‚Œã‚‹è¦‹è¾¼ã¿ã®ã‚‚ã®ã§ã™ã€‚ ãŸã ã—ã€ã“ã‚Œã‚‰ã¯ç¢ºå®šäº‹é …ã§ã¯ãªãã€ãƒªãƒªãƒ¼ã‚¹å†…å®¹ã¯å¤‰æ›´ã•ã‚Œã‚‹å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã™ã€‚

Podã®åž‚ç›´ã‚¹ã‚±ãƒ¼ãƒªãƒ³ã‚°ã«å¯¾å¿œã—ãŸãƒªã‚½ãƒ¼ã‚¹ã®å‹•çš„ãƒªã‚µã‚¤ã‚º

Podã‚’ãƒ—ãƒãƒ“ã‚¸ãƒ§ãƒ‹ãƒ³ã‚°ã™ã‚‹éš›ã«ã¯ã€Deploymentã‚„StatefulSetãªã©ã€ã•ã¾ã–ã¾ãªãƒªã‚½ãƒ¼ã‚¹ã‚’åˆ©ç”¨ã§ãã¾ã™ã€‚ ã‚¹ã‚±ãƒ¼ãƒ©ãƒ“ãƒªãƒ†ã‚£ã®è¦ä»¶ã«ã‚ˆã£ã¦ã¯ã€Podã®ãƒ¬ãƒ—ãƒªã‚«æ•°ã‚’æ›´æ–°ã™ã‚‹æ°´å¹³ã‚¹ã‚±ãƒ¼ãƒªãƒ³ã‚°ã€ã‚ã‚‹ã„ã¯Podå†…ã®ã‚³ãƒ³ãƒ†ãƒŠã«å‰²ã‚Šå½“ã¦ã‚‹ãƒªã‚½ãƒ¼ã‚¹ã‚’æ›´æ–°ã™ã‚‹åž‚ç›´ã‚¹ã‚±ãƒ¼ãƒªãƒ³ã‚°ãŒå¿…è¦ã«ãªã‚‹å ´åˆãŒã‚ã‚Šã¾ã™ã€‚ ã“ã®æ”¹å–„ãŒå°Žå…¥ã•ã‚Œã‚‹ä»¥å‰ã¯ã€Podã®specã«å®šç¾©ã•ã‚ŒãŸã‚³ãƒ³ãƒ†ãƒŠãƒªã‚½ãƒ¼ã‚¹ã¯å¤‰æ›´ã§ããšã€Podãƒ†ãƒ³ãƒ—ãƒ¬ãƒ¼ãƒˆå†…ã®ãƒªã‚½ãƒ¼ã‚¹ã‚’æ›´æ–°ã™ã‚‹ã¨Podã®ç½®ãæ›ãˆãŒç™ºç”Ÿã—ã¦ã„ã¾ã—ãŸã€‚

ã—ã‹ã—ã€æ—¢å˜ã®Podã‚’å†èµ·å‹•ã›ãšã«ã€å‹•çš„ã«ãƒªã‚½ãƒ¼ã‚¹è¨å®šã‚’æ›´æ–°ã§ããŸã‚‰ã©ã†ã§ã—ã‚‡ã†ã‹ï¼Ÿ

KEP-1287ã¯ã€ã¾ã•ã«ã“ã®ã‚ˆã†ãªPodã®ã‚¤ãƒ³ãƒ—ãƒ¬ãƒ¼ã‚¹æ›´æ–°ã‚’å¯èƒ½ã«ã™ã‚‹ãŸã‚ã®ã‚‚ã®ã§ã™ã€‚ ã“ã‚Œã«ã‚ˆã‚Šã€ã‚¹ãƒ†ãƒ¼ãƒˆãƒ•ãƒ«ãªãƒ—ãƒã‚»ã‚¹ã«å¯¾ã—ã¦ãƒ€ã‚¦ãƒ³ã‚¿ã‚¤ãƒ ãªã—ã§ã®åž‚ç›´ã‚¹ã‚±ãƒ¼ãƒ«ã‚¢ãƒƒãƒ—ã‚„ã€ãƒˆãƒ©ãƒ•ã‚£ãƒƒã‚¯ãŒå°‘ãªã„ã¨ãã®ã‚·ãƒ¼ãƒ ãƒ¬ã‚¹ãªã‚¹ã‚±ãƒ¼ãƒ«ãƒ€ã‚¦ãƒ³ã€ã•ã‚‰ã«ã¯èµ·å‹•æ™‚ã«ä¸€æ™‚çš„ã«å¤§ããªãƒªã‚½ãƒ¼ã‚¹ã‚’å‰²ã‚Šå½“ã¦ã€åˆæœŸå‡¦ç†ãŒå®Œäº†ã—ãŸå¾Œã«ãã‚Œã‚’ç¸®å°ã™ã‚‹ã¨ã„ã£ãŸã“ã¨ã‚‚å¯èƒ½ã«ãªã‚Šã¾ã™ã€‚ ã“ã®æ©Ÿèƒ½ã¯v1.27ã§ã‚¢ãƒ«ãƒ•ã‚¡ç‰ˆã¨ã—ã¦ãƒªãƒªãƒ¼ã‚¹ã•ã‚Œã¦ãŠã‚Šã€v1.33ã§ã¯ãƒ™ãƒ¼ã‚¿ç‰ˆã¨ã—ã¦æä¾›ã•ã‚Œã‚‹äºˆå®šã§ã™ã€‚

è©³ç´°ã¯KEP-1287: In-Place Update of Pod Resourcesã‚’ã”è¦§ãã ã•ã„ã€‚

DRAã®ResourceClaimã«ãŠã‘ã‚‹ãƒ‡ãƒã‚¤ã‚¹ã‚¹ãƒ†ãƒ¼ã‚¿ã‚¹ãŒãƒ™ãƒ¼ã‚¿ã«æ˜‡æ ¼

ResourceClaimã®statuså†…ã«ã‚ã‚‹devicesãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã¯ã€v1.32ãƒªãƒªãƒ¼ã‚¹ã§å°Žå…¥ã•ã‚ŒãŸæ©Ÿèƒ½ã§ã‚ã‚Šã€v1.33ã§ãƒ™ãƒ¼ã‚¿ã«æ˜‡æ ¼ã™ã‚‹è¦‹è¾¼ã¿ã§ã™ã€‚ ã“ã®ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã¯ã€ãƒ‰ãƒ©ã‚¤ãƒãƒ¼ãŒãƒ‡ãƒã‚¤ã‚¹ã®çŠ¶æ…‹æƒ…å ±ã‚’å ±å‘Šã§ãã‚‹ã‚ˆã†ã«ã™ã‚‹ã‚‚ã®ã§ã€å¯è¦³æ¸¬æ€§ã¨ãƒˆãƒ©ãƒ–ãƒ«ã‚·ãƒ¥ãƒ¼ãƒ†ã‚£ãƒ³ã‚°èƒ½åŠ›ã®å‘ä¸Šã«è²¢çŒ®ã—ã¾ã™ã€‚

ä¾‹ãˆã°ã€ResourceClaimã®ã‚¹ãƒ†ãƒ¼ã‚¿ã‚¹ã«ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ã‚¤ãƒ³ã‚¿ãƒ¼ãƒ•ã‚§ãƒ¼ã‚¹ã®åå‰ã€MACã‚¢ãƒ‰ãƒ¬ã‚¹ã€IPã‚¢ãƒ‰ãƒ¬ã‚¹ã‚’å ±å‘Šã™ã‚‹ã“ã¨ã¯ã€ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ã‚µãƒ¼ãƒ“ã‚¹ã®è¨å®šã‚„ç®¡ç†ã€ãªã‚‰ã³ã«ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯é–¢é€£ã®å•é¡Œã®ãƒ‡ãƒãƒƒã‚°ã«å¤§ã„ã«å½¹ç«‹ã¡ã¾ã™ã€‚ã“ã®æ©Ÿèƒ½ã®è©³ç´°ã¯ã€å‹•çš„ãƒªã‚½ãƒ¼ã‚¹å‰²ã‚Šå½“ã¦ã®ãƒ‰ã‚ãƒ¥ãƒ¡ãƒ³ãƒˆã‚’ã”è¦§ãã ã•ã„ã€‚

ã¾ãŸã€è¨ˆç”»ä¸ã®æ‹¡å¼µã«ã¤ã„ã¦ã¯KEP-4817: DRA: Resource Claim Status with possible standardized network interface dataã«è¨˜è¼‰ã•ã‚Œã¦ã„ã¾ã™ã€‚

åå‰ç©ºé–“ã®é †åºä»˜ãå‰Šé™¤

ã“ã®KEPã¯ã€Kubernetesã®åå‰ç©ºé–“ã«å¯¾ã—ã¦ã€ã‚ˆã‚Šæ§‹é€ åŒ–ã•ã‚ŒãŸå‰Šé™¤ãƒ—ãƒã‚»ã‚¹ã‚’å°Žå…¥ã™ã‚‹ã“ã¨ã§ã€ãƒªã‚½ãƒ¼ã‚¹ã®å®‰å…¨ã‹ã¤æ±ºå®šè«–çš„ãªå‰Šé™¤ã‚’å®Ÿç¾ã™ã‚‹ã“ã¨ã‚’ç›®çš„ã¨ã—ã¦ã„ã¾ã™ã€‚ ç¾åœ¨ã®å‰Šé™¤å‡¦ç†ã¯ã»ã¼ãƒ©ãƒ³ãƒ€ãƒ ãªé †åºã§è¡Œã‚ã‚Œã‚‹ãŸã‚ã€ãŸã¨ãˆã°NetworkPolicyãŒå…ˆã«å‰Šé™¤ã•ã‚Œã¦PodãŒæ®‹ã‚‹ã¨ã„ã£ãŸã€ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£ä¸Šã®å•é¡Œã‚„æ„å›³ã—ãªã„å‹•ä½œã‚’å¼•ãèµ·ã“ã™å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã™ã€‚ è«–ç†çš„ãŠã‚ˆã³ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£ä¸Šã®ä¾å˜é–¢ä¿‚ã‚’è€ƒæ…®ã—ãŸæ§‹é€ åŒ–ã•ã‚ŒãŸå‰Šé™¤é †åºã‚’å¼·åˆ¶ã™ã‚‹ã“ã¨ã§ã€ã“ã®ã‚¢ãƒ—ãƒãƒ¼ãƒã¯PodãŒä»–ã®ãƒªã‚½ãƒ¼ã‚¹ã‚ˆã‚Šå…ˆã«å‰Šé™¤ã•ã‚Œã‚‹ã“ã¨ã‚’ä¿è¨¼ã—ã¾ã™ã€‚ ã“ã®è¨è¨ˆã¯ã€éžæ±ºå®šçš„ãªå‰Šé™¤ã«é–¢é€£ã™ã‚‹ãƒªã‚¹ã‚¯ã‚’è»½æ¸›ã™ã‚‹ã“ã¨ã§ã€Kubernetesã®ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£ã¨ä¿¡é ¼æ€§ã‚’å‘ä¸Šã•ã›ã¾ã™ã€‚

è©³ç´°ã¯KEP-5080: Ordered namespace deletionã‚’ã”è¦§ãã ã•ã„ã€‚

Indexed Jobç®¡ç†ã®å¼·åŒ–

ã“ã‚Œã‚‰2ã¤ã®KEPã¯ã€ã‚¸ãƒ§ãƒ–ã®å‡¦ç†ã€ç‰¹ã«Indexed Jobã®ä¿¡é ¼æ€§ã‚’å‘ä¸Šã•ã›ã‚‹ãŸã‚ã«GAã«æ˜‡æ ¼ã™ã‚‹äºˆå®šã§ã™ã€‚ KEP-3850ã§ã¯ã€Indexed Jobã«å¯¾ã—ã¦ã‚¤ãƒ³ãƒ‡ãƒƒã‚¯ã‚¹ã”ã¨ã®ãƒãƒƒã‚¯ã‚ªãƒ•åˆ¶é™ã‚’æä¾›ã—ã¦ãŠã‚Šã€å„ã‚¤ãƒ³ãƒ‡ãƒƒã‚¯ã‚¹ãŒä»–ã®ã‚¤ãƒ³ãƒ‡ãƒƒã‚¯ã‚¹ã¨å®Œå…¨ã«ç‹¬ç«‹ã—ã¦å‹•ä½œã§ãã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã™ã€‚ ã¾ãŸã€KEP-3998ã¯Job APIã‚’æ‹¡å¼µã—ã€ã™ã¹ã¦ã®ã‚¤ãƒ³ãƒ‡ãƒƒã‚¯ã‚¹ãŒæˆåŠŸã—ã¦ã„ãªã„å ´åˆã§ã‚‚Indexed Jobã‚’æˆåŠŸã¨è¦‹ãªã™ãŸã‚ã®æ¡ä»¶ã‚’å®šç¾©ã§ãã‚‹ã‚ˆã†ã«ã—ã¾ã™ã€‚

è©³ç´°ã¯ã€KEP-3850: Backoff Limit Per Index For Indexed JobsãŠã‚ˆã³KEP-3998: Job success/completion policyã‚’ã”è¦§ãã ã•ã„ã€‚

ã•ã‚‰ã«è©³ã—ãçŸ¥ã‚ŠãŸã„æ–¹ã¸

æ–°æ©Ÿèƒ½ã‚„éžæŽ¨å¥¨ã®é …ç›®ã«ã¤ã„ã¦ã¯ã€Kubernetesã®ãƒªãƒªãƒ¼ã‚¹ãƒŽãƒ¼ãƒˆã§ã‚‚ã‚¢ãƒŠã‚¦ãƒ³ã‚¹ã•ã‚Œã¦ã„ã¾ã™ã€‚ Kubernetes v1.33ã®æ–°æ©Ÿèƒ½ã«ã¤ã„ã¦ã¯ã€è©²å½“ãƒªãƒªãƒ¼ã‚¹ã®CHANGELOGã«ã¦æ£å¼ã«ç™ºè¡¨ã•ã‚Œã‚‹äºˆå®šã§ã™ã€‚

Kubernetes v1.33ã®ãƒªãƒªãƒ¼ã‚¹ã¯ 2025å¹´4æœˆ23æ—¥(æ°´) ã‚’äºˆå®šã—ã¦ã„ã¾ã™ã€‚ ä»Šå¾Œã®æ›´æ–°æƒ…å ±ã«ã‚‚ãœã²ã”æ³¨ç›®ãã ã•ã„ï¼

ä»¥ä¸‹ã®ãƒªãƒªãƒ¼ã‚¹ãƒŽãƒ¼ãƒˆã§ã‚‚ã€å„ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã«ãŠã‘ã‚‹å¤‰æ›´ç‚¹ã®ã‚¢ãƒŠã‚¦ãƒ³ã‚¹ã‚’ç¢ºèªã§ãã¾ã™ã€‚

ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã¸ã®å‚åŠ æ–¹æ³•

Kubernetesã«é–¢ã‚ã‚‹ãŸã‚ã®æœ€ã‚‚ç°¡å˜ãªæ–¹æ³•ã¯ã€é–¢å¿ƒã®ã‚ã‚‹åˆ†é‡Žã«é–¢é€£ã™ã‚‹Special Interest Groups(SIGs)ã®ã„ãšã‚Œã‹ã«å‚åŠ ã™ã‚‹ã“ã¨ã§ã™ã€‚ Kubernetesã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã«å‘ã‘ã¦ç™ºä¿¡ã—ãŸã„å†…å®¹ãŒã‚ã‚Šã¾ã™ã‹ï¼Ÿ ã‚‚ã—ã‚ã‚Œã°ã€æ¯Žé€±é–‹å‚¬ã•ã‚Œã¦ã„ã‚‹ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ãƒŸãƒ¼ãƒ†ã‚£ãƒ³ã‚°ã‚„ã€ä¸‹è¨˜ã®å„ç¨®ãƒãƒ£ãƒãƒ«ã‚’é€šã˜ã¦ã€ãœã²å£°ã‚’å±Šã‘ã¦ãã ã•ã„ã€‚ çš†ã•ã¾ã‹ã‚‰ã®ç¶™ç¶šçš„ãªã”æ„è¦‹ã¨ã”æ”¯æ´ã«ã€å¿ƒã‚ˆã‚Šæ„Ÿè¬ç”³ã—ä¸Šã’ã¾ã™ã€‚

æœ€æ–°æƒ…å ±ã¯Blueskyã®@kubernetes.ioã§ã”ç¢ºèªãã ã•ã„
Discussã§ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã®ãƒ‡ã‚£ã‚¹ã‚«ãƒƒã‚·ãƒ§ãƒ³ã«å‚åŠ ã—ã¾ã—ã‚‡ã†
Slackã®ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã«å‚åŠ ã—ã¾ã—ã‚‡ã†
Server Faultã‚„Stack Overflowã«è³ªå•ã‚’æŠ•ç¨¿ã—ãŸã‚Šã€ä»–ã®è³ªå•ã«å›žç”ã—ãŸã‚Šã—ã¾ã—ã‚‡ã†
ã‚ãªãŸã®Kubernetesã‚¹ãƒˆãƒ¼ãƒªãƒ¼ã‚’å…±æœ‰ã—ã¾ã—ã‚‡ã†
Kubernetesã«é–¢ã™ã‚‹æœ€æ–°æƒ…å ±ã¯ãƒ–ãƒã‚°ã‚’ã”è¦§ãã ã•ã„
Kubernetesãƒªãƒªãƒ¼ã‚¹ãƒãƒ¼ãƒ ã«ã¤ã„ã¦å¦ã³ã¾ã—ã‚‡ã†

Ingress-nginxã®è„†å¼±æ€§CVE-2025-1974: çŸ¥ã£ã¦ãŠãã¹ãã“ã¨

Mon, 24 Mar 2025 12:00:00 -0800

æœ¬æ—¥ã€ingress-nginxã®ãƒ¡ãƒ³ãƒ†ãƒŠãƒ¼ã¯ã€æ”»æ’ƒè€…ãŒKubernetesã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã‚’ä¹—ã£å–ã‚‹ã“ã¨ã‚’å®¹æ˜“ã«ã™ã‚‹å¯èƒ½æ€§ã®ã‚ã‚‹ã€ä¸€é€£ã®é‡å¤§ãªè„†å¼±æ€§ã«å¯¾ã™ã‚‹ãƒ‘ãƒƒãƒã‚’ãƒªãƒªãƒ¼ã‚¹ã—ã¾ã—ãŸ: ingress-nginx v1.12.1ãŠã‚ˆã³ingress-nginx v1.11.5ã€‚ ingress-nginxã¯ã€Kubernetesç®¡ç†è€…ã®40%è¶…ãŒåˆ©ç”¨ã—ã¦ã„ã¾ã™ã€‚ ã‚‚ã—ã‚ãªãŸãŒãã‚Œã«è©²å½“ã™ã‚‹å ´åˆã¯ã€ãƒ¦ãƒ¼ã‚¶ãƒ¼ã¨ãƒ‡ãƒ¼ã‚¿ã‚’ä¿è·ã™ã‚‹ãŸã‚ã«ç›´ã¡ã«å¯¾å¿œã‚’è¡Œã£ã¦ãã ã•ã„ã€‚

èƒŒæ™¯

Ingressã¯ã€ãƒ¯ãƒ¼ã‚¯ãƒãƒ¼ãƒ‰Podã‚’å¤–éƒ¨ã«å…¬é–‹ã—ã¦æ´»ç”¨ã§ãã‚‹ã‚ˆã†ã«ã™ã‚‹ã€Kubernetesã«ãŠã‘ã‚‹å¾“æ¥ã®æ©Ÿèƒ½ã§ã™ã€‚ å®Ÿè£…ã«ä¾å˜ã—ãªã„æ–¹æ³•ã§ã€Kubernetesãƒ¦ãƒ¼ã‚¶ãƒ¼ã¯ã‚¢ãƒ—ãƒªã‚±ãƒ¼ã‚·ãƒ§ãƒ³ã‚’ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ä¸Šã«ã©ã®ã‚ˆã†ã«å…¬é–‹ã™ã‚‹ã‹ã‚’å®šç¾©ã§ãã¾ã™ã€‚ æ¬¡ã«ã€Ingressã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ãŒãã®å®šç¾©ã«å¾“ã„ã€ãƒ¦ãƒ¼ã‚¶ãƒ¼ã®çŠ¶æ³ã‚„ãƒ‹ãƒ¼ã‚ºã«å¿œã˜ã¦ãƒãƒ¼ã‚«ãƒ«ã¾ãŸã¯ã‚¯ãƒ©ã‚¦ãƒ‰ã®ãƒªã‚½ãƒ¼ã‚¹ã‚’æ§‹æˆã—ã¾ã™ã€‚

ã•ã¾ã–ã¾ãªã‚¯ãƒ©ã‚¦ãƒ‰ãƒ—ãƒãƒã‚¤ãƒ€ãƒ¼ã‚„ãƒãƒ¼ãƒ‰ãƒãƒ©ãƒ³ã‚µãƒ¼è£½å“ã«å¯¾å¿œã™ã‚‹ãŸã‚ã«ã€å¤šãã®Ingressã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ãŒåˆ©ç”¨å¯èƒ½ã§ã™ã€‚ Ingress-nginxã¯ã€Kubernetesãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆãŒæä¾›ã™ã‚‹ã‚½ãƒ•ãƒˆã‚¦ã‚§ã‚¢ãƒ™ãƒ¼ã‚¹ã®Ingressã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ã§ã™ã€‚ ãã®æŸ”è»Ÿæ€§ã¨ä½¿ã„ã‚„ã™ã•ã‹ã‚‰ã€ingress-nginxã¯éžå¸¸ã«äººæ°—ãŒã‚ã‚Šã€Kubernetesã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã®40%è¶…ã§å°Žå…¥ã•ã‚Œã¦ã„ã¾ã™ï¼

Ingress-nginxã¯ã€Ingressã‚ªãƒ–ã‚¸ã‚§ã‚¯ãƒˆã®è¦ä»¶ã‚’ã€å¼·åŠ›ãªã‚ªãƒ¼ãƒ—ãƒ³ã‚½ãƒ¼ã‚¹ã®Webã‚µãƒ¼ãƒãƒ¼ãƒ‡ãƒ¼ãƒ¢ãƒ³ã§ã‚ã‚‹nginxã®è¨å®šã«å¤‰æ›ã—ã¾ã™ã€‚ ãã®å¾Œã€nginxã¯ã“ã®è¨å®šã‚’ç”¨ã„ã¦ã€Kubernetesã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼å†…ã§ç¨¼åƒã—ã¦ã„ã‚‹ã•ã¾ã–ã¾ãªã‚¢ãƒ—ãƒªã‚±ãƒ¼ã‚·ãƒ§ãƒ³ã¸ã®ãƒªã‚¯ã‚¨ã‚¹ãƒˆã‚’å—ã‘ä»˜ã‘ã€ãƒ«ãƒ¼ãƒ†ã‚£ãƒ³ã‚°ã—ã¾ã™ã€‚ ã“ã‚Œã‚‰ã®nginxè¨å®šãƒ‘ãƒ©ãƒ¡ãƒ¼ã‚¿ãƒ¼ã‚’é©åˆ‡ã«å–ã‚Šæ‰±ã†ã“ã¨ã¯æ¥µã‚ã¦é‡è¦ã§ã™ã€‚ ãªãœãªã‚‰ã€ingress-nginxã¯ãƒ¦ãƒ¼ã‚¶ãƒ¼ã«å¯¾ã—ã¦é«˜ã„æŸ”è»Ÿæ€§ã‚’æä¾›ã™ã‚‹å¿…è¦ãŒã‚ã‚‹ä¸€æ–¹ã§ã€nginxã«å¯¾ã—ã¦ä¸é©åˆ‡ãªå‹•ä½œã‚’æ„å›³çš„ã¾ãŸã¯éŽå¤±ã«ã‚ˆã‚Šèª˜ç™ºã•ã›ãªã„ã‚ˆã†ã«ã—ãªã‘ã‚Œã°ãªã‚‰ãªã„ãŸã‚ã§ã™ã€‚

æœ¬æ—¥ä¿®æ£ã•ã‚ŒãŸè„†å¼±æ€§

æœ¬æ—¥ä¿®æ£ã•ã‚ŒãŸingress-nginxã®è„†å¼±æ€§ã®ã†ã¡4ä»¶ã¯ã€ç‰¹å®šã®nginxè¨å®šã®å–ã‚Šæ‰±ã„ã«é–¢ã™ã‚‹æ”¹å–„ã§ã™ã€‚ ã“ã‚Œã‚‰ã®ä¿®æ£ãŒãªã„å ´åˆã€ç‰¹åˆ¥ã«ç´°å·¥ã•ã‚ŒãŸIngressã‚ªãƒ–ã‚¸ã‚§ã‚¯ãƒˆã«ã‚ˆã£ã¦nginxãŒä¸æ£ãªå‹•ä½œã‚’å¼•ãèµ·ã“ã™å¯èƒ½æ€§ãŒã‚ã‚Šã€ãŸã¨ãˆã°ã€ingress-nginxã«ã¨ã£ã¦ã‚¢ã‚¯ã‚»ã‚¹å¯èƒ½ãªSecretã®å€¤ãŒæ¼æ´©ã™ã‚‹ãªã©ã®äº‹æ…‹ãŒç™ºç”Ÿã—ã¾ã™ã€‚ ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã§ã¯ã€ingress-nginxã¯ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼å…¨ä½“ã®Secretã«ã‚¢ã‚¯ã‚»ã‚¹ã§ãã‚‹ãŸã‚ã€Ingressã‚’ä½œæˆã™ã‚‹æ¨©é™ã‚’æŒã¤ãƒ¦ãƒ¼ã‚¶ãƒ¼ã‚„ã‚¨ãƒ³ãƒ†ã‚£ãƒ†ã‚£ãŒã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼å…¨ä½“ã‚’ä¹—ã£å–ã‚‹äº‹æ…‹ã«ã¤ãªãŒã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚

æœ¬æ—¥å…¬é–‹ã•ã‚ŒãŸè„†å¼±æ€§ã®ã†ã¡æœ€ã‚‚æ·±åˆ»ãªã‚‚ã®ã¯ã€CVE-2025-1974ã§ã™ã€‚ ã“ã®è„†å¼±æ€§ã¯9.8 CVSSã¨è©•ä¾¡ã•ã‚Œã¦ãŠã‚Šã€ingress-nginxã®Validating Admission Controlleræ©Ÿèƒ½ã‚’é€šã˜ã¦ã€Podãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ä¸Šã®ä»»æ„ã®ã‚¨ãƒ³ãƒ†ã‚£ãƒ†ã‚£ãŒè¨å®šã‚¤ãƒ³ã‚¸ã‚§ã‚¯ã‚·ãƒ§ãƒ³ã®è„†å¼±æ€§ã‚’æ‚ªç”¨ã§ãã‚‹ã¨ã„ã†ã‚‚ã®ã§ã™ã€‚ ã“ã®ãŸã‚ã€é€šå¸¸ã§ã‚ã‚Œã°ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼å†…ã«Ingressã‚ªãƒ–ã‚¸ã‚§ã‚¯ãƒˆã‚’ä½œæˆã™ã‚‹(æ¯”è¼ƒçš„é«˜ã„æ¨©é™ãŒå¿…è¦ãª)æ“ä½œãŒå‰æã¨ãªã‚‹æ”»æ’ƒãŒã€å¤§å¹…ã«å®¹æ˜“ã‹ã¤å±é™ºãªã‚‚ã®ã«ãªã‚Šã¾ã™ã€‚ ã•ã‚‰ã«ã€ä»Šå›žã®ä»–ã®è„†å¼±æ€§ã¨çµ„ã¿åˆã‚ã•ã‚‹ã“ã¨ã§ã€CVE-2025-1974ã«ã‚ˆã‚Šã€Podãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ä¸Šã«å˜åœ¨ã™ã‚‹ä»»æ„ã®ã‚‚ã®ãŒã€èªè¨¼æƒ…å ±ã‚„ç®¡ç†æ¨©é™ãªã—ã«Kubernetesã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã‚’ä¹—ã£å–ã‚‹å¯èƒ½æ€§ãŒé«˜ã¾ã‚Šã¾ã™ã€‚ å¤šãã®ä¸€èˆ¬çš„ãªã‚·ãƒŠãƒªã‚ªã§ã¯ã€Podãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ã¯ã‚¯ãƒ©ã‚¦ãƒ‰VPCå†…ã®ã™ã¹ã¦ã®ãƒ¯ãƒ¼ã‚¯ãƒãƒ¼ãƒ‰ã€ã‚ã‚‹ã„ã¯ä¼æ¥ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ã«æŽ¥ç¶šã—ã¦ã„ã‚‹ã™ã¹ã¦ã®ãƒ¦ãƒ¼ã‚¶ãƒ¼ã‹ã‚‰ã‚¢ã‚¯ã‚»ã‚¹å¯èƒ½ã§ã™ï¼ ã“ã‚Œã¯ã€éžå¸¸ã«æ·±åˆ»ãªçŠ¶æ³ã§ã™ã€‚

æœ¬æ—¥ã€ã“ã‚Œã‚‰5ä»¶ã®è„†å¼±æ€§ã™ã¹ã¦ã«å¯¾ã™ã‚‹ä¿®æ£ã‚’å«ã‚€ingress-nginx v1.12.1ãŠã‚ˆã³ingress-nginx v1.11.5ã‚’ãƒªãƒªãƒ¼ã‚¹ã—ã¾ã—ãŸã€‚

æ¬¡ã®ã‚¹ãƒ†ãƒƒãƒ—

ã¾ãšã¯ã€ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã§ingress-nginxãŒä½¿ç”¨ã•ã‚Œã¦ã„ã‚‹ã‹ã©ã†ã‹ã‚’ç¢ºèªã—ã¦ãã ã•ã„ã€‚ å¤šãã®å ´åˆã€ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ç®¡ç†è€…æ¨©é™ã‚’ç”¨ã„ã¦kubectl get pods --all-namespaces --selector app.kubernetes.io/name=ingress-nginxã‚’å®Ÿè¡Œã™ã‚‹ã“ã¨ã§ç¢ºèªã§ãã¾ã™ã€‚

ingress-nginxã‚’ä½¿ç”¨ã—ã¦ã„ã‚‹å ´åˆã¯ã€ç›´ã¡ã«ã“ã‚Œã‚‰ã®è„†å¼±æ€§ã¸ã®å¯¾å¿œã‚’è¨ˆç”»ã—ã¦ãã ã•ã„ã€‚

æœ€ã‚‚åŠ¹æžœçš„ã‹ã¤ç°¡å˜ãªå¯¾å‡¦æ–¹æ³•ã¯ã€ingress-nginxã®æ–°ã—ã„ãƒ‘ãƒƒãƒãƒªãƒªãƒ¼ã‚¹ã«ã‚¢ãƒƒãƒ—ã‚°ãƒ¬ãƒ¼ãƒ‰ã™ã‚‹ã“ã¨ ã§ã™ã€‚ æœ¬æ—¥ãƒªãƒªãƒ¼ã‚¹ã•ã‚ŒãŸãƒ‘ãƒƒãƒã‚’é©ç”¨ã™ã‚‹ã“ã¨ã§ã€5ä»¶ã™ã¹ã¦ã®è„†å¼±æ€§ãŒä¿®æ£ã•ã‚Œã¾ã™ã€‚

ã™ãã«ã‚¢ãƒƒãƒ—ã‚°ãƒ¬ãƒ¼ãƒ‰ã§ããªã„å ´åˆã¯ã€ingress-nginxã®Validating Admission Controlleræ©Ÿèƒ½ã‚’ç„¡åŠ¹åŒ–ã™ã‚‹ã“ã¨ã§ã€ãƒªã‚¹ã‚¯ã‚’å¤§å¹…ã«è»½æ¸›ã™ã‚‹ã“ã¨ãŒå¯èƒ½ã§ã™ã€‚

ingress-nginxã‚’Helmã§ã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ«ã—ã¦ã„ã‚‹å ´åˆ
- Helmã®è¨å®šå€¤controller.admissionWebhooks.enabled=falseã‚’è¨å®šã—ã¦å†ã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ«ã—ã¦ãã ã•ã„ã€‚
ingress-nginxã‚’æ‰‹å‹•ã§ã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ«ã—ã¦ã„ã‚‹å ´åˆ
- ingress-nginx-admissionã¨ã„ã†åå‰ã®ValidatingWebhookConfigurationã‚’å‰Šé™¤ã—ã¦ãã ã•ã„ã€‚
- ingress-nginx-controllerã®Deploymentã¾ãŸã¯DaemonSetã‚’ç·¨é›†ã—ã€controllerã‚³ãƒ³ãƒ†ãƒŠã®å¼•æ•°ã‹ã‚‰--validating-webhookã‚’å‰Šé™¤ã—ã¦ãã ã•ã„ã€‚

CVE-2025-1974ã«å¯¾ã™ã‚‹ç·©å’Œç–ã¨ã—ã¦Validating Admission Controlleræ©Ÿèƒ½ã‚’ç„¡åŠ¹åŒ–ã—ãŸå ´åˆã¯ã€ã‚¢ãƒƒãƒ—ã‚°ãƒ¬ãƒ¼ãƒ‰å¾Œã«å¿…ãšå†ã³æœ‰åŠ¹åŒ–ã™ã‚‹ã“ã¨ã‚’å¿˜ã‚Œãªã„ã§ãã ã•ã„ã€‚ ã“ã®æ©Ÿèƒ½ã¯ã€ä¸æ£ãªIngressè¨å®šãŒé©ç”¨ã•ã‚Œã‚‹å‰ã«è¦å‘Šã‚’å‡ºã™ã“ã¨ã§ã€ãƒ¦ãƒ¼ã‚¶ãƒ¼ä½“é¨“ã‚’å‘ä¸Šã•ã›ã‚‹é‡è¦ãªå½¹å‰²ã‚’æ‹…ã£ã¦ã„ã¾ã™ã€‚

çµè«–ã€è¬è¾žã€ãŠã‚ˆã³ã•ã‚‰ãªã‚‹æƒ…å ±

æœ¬æ—¥ç™ºè¡¨ã•ã‚ŒãŸCVE-2025-1974ã‚’å«ã‚€ingress-nginxã®è„†å¼±æ€§ã¯ã€å¤šãã®Kubernetesãƒ¦ãƒ¼ã‚¶ãƒ¼ã¨ãã®ãƒ‡ãƒ¼ã‚¿ã«å¯¾ã—ã¦é‡å¤§ãªãƒªã‚¹ã‚¯ã¨ãªã‚Šã¾ã™ã€‚ ingress-nginxã‚’åˆ©ç”¨ã—ã¦ã„ã‚‹å ´åˆã¯ã€è‡ªèº«ã®å®‰å…¨ã‚’å®ˆã‚‹ãŸã‚ã«ç›´ã¡ã«å¯¾ç–ã‚’è¬›ã˜ã¦ãã ã•ã„ã€‚

ä»Šå›žã®è„†å¼±æ€§ã‚’é©åˆ‡ã«å ±å‘Šã—ã€Kubernetesã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£å¯¾å¿œãƒãƒ¼ãƒ (SRC)ãŠã‚ˆã³ingress-nginxãƒ¡ãƒ³ãƒ†ãƒŠãƒ¼(Marco Ebertæ°ã€James Strongæ°)ã¨é€£æºã—ã¦åŠ¹æžœçš„ãªä¿®æ£ã«å°½åŠ›ã„ãŸã ã„ãŸWizã®Nir Ohfeldæ°ã€Sagi Tzadikæ°ã€Ronen Shustinæ°ã€Hillai Ben-Sassonæ°ã«æ„Ÿè¬ã„ãŸã—ã¾ã™ã€‚

ingress-nginxã®ä»Šå¾Œã®ä¿å®ˆãŠã‚ˆã³å°†æ¥ã«é–¢ã™ã‚‹è©³ç´°ã¯ã€ã“ã®GitHub issueã‚’ã”è¦§ã„ãŸã ãã‹ã€Jamesæ°ãŠã‚ˆã³Marcoæ°ã«ã‚ˆã‚‹KubeCon/CloudNativeCon EU 2025ã®è¬›æ¼”ã«ã”å‚åŠ ãã ã•ã„ã€‚

æœ¬è¨˜äº‹ã§å–ã‚Šä¸Šã’ãŸå„è„†å¼±æ€§ã®è©³ç´°ã«ã¤ã„ã¦ã¯ã€ä»¥ä¸‹ã®ç„¶ã‚‹ã¹ãGitHub Issueã‚’ã”å‚ç…§ãã ã•ã„: CVE-2025-24513ã€CVE-2025-24514ã€CVE-2025-1097ã€CVE-2025-1098ã€CVE-2025-1974ã€‚

ã“ã®ãƒ–ãƒã‚°è¨˜äº‹ã¯ã€ãƒã‚¤ãƒ‘ãƒ¼ãƒªãƒ³ã‚¯ã‚’æ›´æ–°ã™ã‚‹ãŸã‚ã«2025å¹´5æœˆã«æ”¹è¨‚ã•ã‚Œã¾ã—ãŸã€‚

SIG Appsã®å–ã‚Šçµ„ã¿ã®ç´¹ä»‹

Wed, 12 Mar 2025 00:00:00 +0000

SIG Spotlightã‚·ãƒªãƒ¼ã‚ºã§ã¯ã€ã•ã¾ã–ã¾ãªSpecial Interest Group(SIG)ã®ãƒªãƒ¼ãƒ€ãƒ¼ã¸ã®ã‚¤ãƒ³ã‚¿ãƒ“ãƒ¥ãƒ¼ã‚’é€šã˜ã¦ã€Kubernetesãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã®æ ¸å¿ƒã«è¿«ã‚Šã¾ã™ã€‚ ä»Šå›žã¯ã€Kubernetesä¸Šã«ãŠã‘ã‚‹ã‚¢ãƒ—ãƒªã‚±ãƒ¼ã‚·ãƒ§ãƒ³ã®é–‹ç™ºã€ãƒ‡ãƒ—ãƒã‚¤ã€é‹ç”¨ã«é–¢é€£ã™ã‚‹ã™ã¹ã¦ã‚’æ‹…å½“ã™ã‚‹ã‚°ãƒ«ãƒ¼ãƒ—ã§ã‚ã‚‹ SIG Apps ã‚’å–ã‚Šä¸Šã’ã¾ã™ã€‚ Sandipan Panda(DevZero)ã¯ã€SIG Appsã®ãƒã‚§ã‚¢ãŠã‚ˆã³ãƒ†ãƒƒã‚¯ãƒªãƒ¼ãƒ‰ã§ã‚ã‚‹Maciej Szulik(Defense Unicorns)ã¨Janet Kuo(Google)ã«ã‚¤ãƒ³ã‚¿ãƒ“ãƒ¥ãƒ¼ã™ã‚‹æ©Ÿä¼šã‚’å¾—ã‚‹ã“ã¨ãŒã§ãã¾ã—ãŸã€‚ å½¼ã‚‰ã¯ã€Kubernetesã‚¨ã‚³ã‚·ã‚¹ãƒ†ãƒ ã«ãŠã‘ã‚‹ã‚¢ãƒ—ãƒªã‚±ãƒ¼ã‚·ãƒ§ãƒ³ç®¡ç†ã®çµŒé¨“ã€èª²é¡Œã€ãã—ã¦å°†æ¥ã®ãƒ“ã‚¸ãƒ§ãƒ³ã«ã¤ã„ã¦å…±æœ‰ã—ã¦ãã‚Œã¾ã—ãŸã€‚

ã¯ã˜ã‚ã«

Sandipan: ã“ã‚“ã«ã¡ã¯ã€‚ã¾ãšã¯ã”è‡ªèº«ã«ã¤ã„ã¦ã€ç¾åœ¨ã®å½¹å‰²ã‚„ã€SIG Appsã«ãŠã‘ã‚‹ç¾åœ¨ã®å½¹è·ã«è‡³ã‚‹ã¾ã§ã®Kubernetesã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã§ã®æ©ã¿ã«ã¤ã„ã¦æ•™ãˆã¦ã„ãŸã ã‘ã¾ã™ã‹ï¼Ÿ

Maciej: ã“ã‚“ã«ã¡ã¯ã€‚SIG Appsã®ãƒªãƒ¼ãƒ‰ã‚’å‹™ã‚ã‚‹Maciejã§ã™ã€‚ã“ã®å½¹å‰²ã«åŠ ãˆã¦ã€SIG CLIã§ã‚‚æ´»å‹•ã—ã¦ãŠã‚Šã€Steering Committeeãƒ¡ãƒ³ãƒãƒ¼ã®ã²ã¨ã‚Šã§ã‚‚ã‚ã‚Šã¾ã™ã€‚ç§ã¯2014å¹´å¾ŒåŠã‹ã‚‰ã€ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ã€apiserverã€kubectlã‚’å«ã‚€ã•ã¾ã–ã¾ãªé ˜åŸŸã§Kubernetesã«è²¢çŒ®ã—ã¦ãã¾ã—ãŸã€‚

Janet: ã‚‚ã¡ã‚ã‚“ã§ã™ï¼ç§ã¯Janetã§ã™ã€‚Googleã§ã‚¹ã‚¿ãƒƒãƒ•ã‚½ãƒ•ãƒˆã‚¦ã‚§ã‚¢ã‚¨ãƒ³ã‚¸ãƒ‹ã‚¢ã‚’å‹™ã‚ã¦ãŠã‚Šã€Kubernetesãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã«ã¯åˆæœŸã®æ®µéšŽã€2015å¹´ã®ãƒãƒ¼ã‚¸ãƒ§ãƒ³1.0ã®ãƒªãƒªãƒ¼ã‚¹ä»¥å‰ã‹ã‚‰æ·±ãé–¢ã‚ã£ã¦ãã¾ã—ãŸã€‚ã“ã‚Œã¾ã§ã®é“ã®ã‚Šã¯æœ¬å½“ã«ç´ æ™´ã‚‰ã—ã„ã‚‚ã®ã§ã—ãŸï¼

Kubernetesã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã«ãŠã‘ã‚‹ç§ã®ç¾åœ¨ã®å½¹å‰²ã¯ã€SIG Appsã®ãƒã‚§ã‚¢å…¼ãƒ†ãƒƒã‚¯ãƒªãƒ¼ãƒ‰ã®ä¸€äººã§ã™ã€‚SIG Appsã¨ã®é–¢ã‚ã‚Šã¯è‡ªç„¶ãªæµã‚Œã§å§‹ã¾ã‚Šã¾ã—ãŸã€‚ ç§ã¯ã¾ãšã€Deployment APIã®æ§‹ç¯‰ã‚„ãƒãƒ¼ãƒªãƒ³ã‚°ã‚¢ãƒƒãƒ—ãƒ‡ãƒ¼ãƒˆæ©Ÿèƒ½ã®è¿½åŠ ã«å–ã‚Šçµ„ã¿ã¾ã—ãŸã€‚ ãã®ä¸ã§è‡ªç„¶ã¨SIG Appsã«å¼•ãå¯„ã›ã‚‰ã‚Œã€æ¬¡ç¬¬ã«é–¢ä¸Žã‚’æ·±ã‚ã¦ã„ãã¾ã—ãŸã€‚ æ™‚ãŒçµŒã¤ã«ã¤ã‚Œã¦ã€ã‚ˆã‚Šå¤šãã®è²¬ä»»ã‚’æ‹…ã†ã‚ˆã†ã«ãªã‚Šã€ç¾åœ¨ã®ãƒªãƒ¼ãƒ€ãƒ¼ã‚·ãƒƒãƒ—ã®å½¹å‰²ã‚’å‹™ã‚ã‚‹ã«è‡³ã‚Šã¾ã—ãŸã€‚

SIG Appsã«ã¤ã„ã¦

ä»¥ä¸‹ã®å›žç”ã¯ã™ã¹ã¦Maciejã¨Janetã®å…±åŒã«ã‚ˆã‚‹ã‚‚ã®ã§ã™ã€‚

Sandipan: ã”å˜ã˜ãªã„æ–¹ã®ãŸã‚ã«ã€SIG Appsã®ä½¿å‘½ã¨ç›®çš„ã«ã¤ã„ã¦æ¦‚è¦ã‚’æ•™ãˆã¦ã„ãŸã ã‘ã¾ã™ã‹ï¼ŸKubernetesã‚¨ã‚³ã‚·ã‚¹ãƒ†ãƒ ã®ä¸ã§ã€ã©ã®ã‚ˆã†ãªä¸»è¦ãªèª²é¡Œã®è§£æ±ºã‚’ç›®æŒ‡ã—ã¦ã„ã‚‹ã®ã§ã—ã‚‡ã†ã‹ï¼Ÿ

charterã«è¨˜è¼‰ã•ã‚Œã¦ã„ã‚‹ã¨ãŠã‚Šã€ç§ãŸã¡ã¯Kubernetesä¸Šã§ã‚¢ãƒ—ãƒªã‚±ãƒ¼ã‚·ãƒ§ãƒ³ã‚’é–‹ç™ºã€ãƒ‡ãƒ—ãƒã‚¤ã€é‹ç”¨ã™ã‚‹ã“ã¨ã«é–¢é€£ã™ã‚‹å¹…åºƒã„é ˜åŸŸã‚’ã‚«ãƒãƒ¼ã—ã¦ã„ã¾ã™ã€‚ ç°¡å˜ã«è¨€ãˆã°ã€éš”é€±ã§é–‹å‚¬ã—ã¦ã„ã‚‹ãƒŸãƒ¼ãƒ†ã‚£ãƒ³ã‚°ã«ã¯èª°ã§ã‚‚è‡ªç”±ã«å‚åŠ ã§ãã€Kubernetesä¸Šã§ã‚¢ãƒ—ãƒªã‚±ãƒ¼ã‚·ãƒ§ãƒ³ã‚’è¨˜è¿°ãƒ»ãƒ‡ãƒ—ãƒã‚¤ã™ã‚‹éš›ã®è‰¯ã‹ã£ãŸç‚¹ã‚„å›°ã£ãŸç‚¹ã«ã¤ã„ã¦è°è«–ã™ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚

Sandipan: ç¾åœ¨ã€SIG AppsãŒå–ã‚Šçµ„ã‚“ã§ã„ã‚‹æœ€ã‚‚é‡è¦ãªãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã‚„ã‚¤ãƒ‹ã‚·ã‚¢ãƒãƒ–ã«ã¯ã©ã®ã‚ˆã†ãªã‚‚ã®ãŒã‚ã‚Šã¾ã™ã‹ï¼Ÿ

ç¾æ™‚ç‚¹ã«ãŠã„ã¦ã€ç§ãŸã¡ã®ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼é–‹ç™ºã‚’æŽ¨é€²ã—ã¦ã„ã‚‹ä¸»ãªè¦ç´ ã¯ã€ã•ã¾ã–ã¾ãªAIé–¢é€£ã®ãƒ¯ãƒ¼ã‚¯ãƒãƒ¼ãƒ‰ã‚’å®Ÿè¡Œã™ã‚‹éš›ã«ç”Ÿã˜ã‚‹èª²é¡Œã§ã™ã€‚ ã“ã“ã§ã€ç§ãŸã¡ãŒéŽåŽ»æ•°å¹´é–“ã«æ¸¡ã£ã¦æ”¯æ´ã—ã¦ããŸ2ã¤ã®ãƒ¯ãƒ¼ã‚ãƒ³ã‚°ã‚°ãƒ«ãƒ¼ãƒ—ã«ã¤ã„ã¦è¨€åŠã™ã‚‹ä¾¡å€¤ãŒã‚ã‚Šã¾ã™ã€‚

The Batch Working Group: Kubernetesä¸Šã§HPCã€AI/MLã€ãƒ‡ãƒ¼ã‚¿åˆ†æžã‚¸ãƒ§ãƒ–ã‚’å®Ÿè¡Œã™ã‚‹ã“ã¨ã«å–ã‚Šçµ„ã‚“ã§ã„ã¾ã™ã€‚
The Serving Working Group: ãƒãƒ¼ãƒ‰ã‚¦ã‚§ã‚¢ã‚¢ã‚¯ã‚»ãƒ©ãƒ¬ãƒ¼ã‚·ãƒ§ãƒ³ã‚’ç”¨ã„ãŸAI/MLæŽ¨è«–ã«ç„¦ç‚¹ã‚’å½“ã¦ã¦ã„ã¾ã™ã€‚

ãƒ™ã‚¹ãƒˆãƒ—ãƒ©ã‚¯ãƒ†ã‚£ã‚¹ã¨èª²é¡Œ

Sandipan: SIG Appsã¯ã€Kubernetesã«ãŠã‘ã‚‹ã‚¢ãƒ—ãƒªã‚±ãƒ¼ã‚·ãƒ§ãƒ³ç®¡ç†ã®ãƒ™ã‚¹ãƒˆãƒ—ãƒ©ã‚¯ãƒ†ã‚£ã‚¹ã®ç–å®šã«ãŠã„ã¦é‡è¦ãªå½¹å‰²ã‚’æ‹…ã£ã¦ã„ã¾ã™ã€‚ã“ã‚Œã‚‰ã®ãƒ™ã‚¹ãƒˆãƒ—ãƒ©ã‚¯ãƒ†ã‚£ã‚¹ã®ä¸€éƒ¨ã¨ã€ãã‚ŒãŒã‚¢ãƒ—ãƒªã‚±ãƒ¼ã‚·ãƒ§ãƒ³ã®ãƒ©ã‚¤ãƒ•ã‚µã‚¤ã‚¯ãƒ«ç®¡ç†ã«ã©ã®ã‚ˆã†ã«å½¹ç«‹ã¤ã‹ã‚’æ•™ãˆã¦ã„ãŸã ã‘ã¾ã™ã‹ï¼Ÿ

ãƒ˜ãƒ«ã‚¹ãƒã‚§ãƒƒã‚¯ã¨Readiness Probeã‚’å®Ÿè£…ã™ã‚‹ã“ã¨ã§ã€ã‚¢ãƒ—ãƒªã‚±ãƒ¼ã‚·ãƒ§ãƒ³ãŒæ£å¸¸ã§ã‚ã‚Šã€ãƒˆãƒ©ãƒ•ã‚£ãƒƒã‚¯ã‚’å‡¦ç†ã™ã‚‹æº–å‚™ãŒã§ãã¦ã„ã‚‹ã“ã¨ã‚’ç¢ºèªã§ãã¾ã™ã€‚ã“ã‚Œã«ã‚ˆã‚Šã€ä¿¡é ¼æ€§ã¨ç¨¼åƒæ™‚é–“ãŒå‘ä¸Šã—ã¾ã™ã€‚ã“ã‚Œã‚‰ã«åŠ ãˆã¦ã€åŒ…æ‹¬çš„ãªãƒã‚°å‡ºåŠ›ã€ãƒ¢ãƒ‹ã‚¿ãƒªãƒ³ã‚°ã€ãƒˆãƒ¬ãƒ¼ã‚·ãƒ³ã‚°ã®ã‚½ãƒªãƒ¥ãƒ¼ã‚·ãƒ§ãƒ³ã‚’çµ„ã¿åˆã‚ã›ã‚‹ã“ã¨ã§ã€ã‚¢ãƒ—ãƒªã‚±ãƒ¼ã‚·ãƒ§ãƒ³ã®å‹•ä½œã«é–¢ã™ã‚‹ã‚¤ãƒ³ã‚µã‚¤ãƒˆã‚’å¾—ã‚‹ã“ã¨ãŒã§ãã€å•é¡Œã®ç‰¹å®šã¨è§£æ±ºã‚’è¿…é€Ÿã«è¡Œã†ã“ã¨ãŒå¯èƒ½ã«ãªã‚Šã¾ã™ã€‚
ãƒªã‚½ãƒ¼ã‚¹ä½¿ç”¨é‡ã‚„ã‚«ã‚¹ã‚¿ãƒ ãƒ¡ãƒˆãƒªã‚¯ã‚¹ã«åŸºã¥ã„ã¦ã‚¢ãƒ—ãƒªã‚±ãƒ¼ã‚·ãƒ§ãƒ³ã‚’ã‚ªãƒ¼ãƒˆã‚¹ã‚±ãƒ¼ãƒ«ã™ã‚‹ã“ã¨ã§ã€ãƒªã‚½ãƒ¼ã‚¹ã®ä½¿ç”¨ã‚’æœ€é©åŒ–ã—ã€å¤‰å‹•ã™ã‚‹è² è·ã«å¯¾å¿œã§ãã‚‹ã‚ˆã†ã«ã—ã¾ã™ã€‚
ã‚¹ãƒ†ãƒ¼ãƒˆãƒ¬ã‚¹ãªã‚¢ãƒ—ãƒªã‚±ãƒ¼ã‚·ãƒ§ãƒ³ã«ã¯Deploymentã‚’ã€ã‚¹ãƒ†ãƒ¼ãƒˆãƒ•ãƒ«ãªã‚¢ãƒ—ãƒªã‚±ãƒ¼ã‚·ãƒ§ãƒ³ã«ã¯StatefulSetã‚’ã€ãƒãƒƒãƒãƒ¯ãƒ¼ã‚¯ãƒãƒ¼ãƒ‰ã«ã¯Jobã‚„CronJobã‚’ã€å„ãƒŽãƒ¼ãƒ‰ã§ãƒ‡ãƒ¼ãƒ¢ãƒ³ã‚’å®Ÿè¡Œã™ã‚‹ã«ã¯DaemonSetã‚’ä½¿ç”¨ã—ã¦ãã ã•ã„ã€‚ã¾ãŸã€Operatorã‚„CRDã‚’æ´»ç”¨ã—ã¦Kubernetes APIã‚’æ‹¡å¼µã™ã‚‹ã“ã¨ã§ã€è¤‡é›‘ãªã‚¢ãƒ—ãƒªã‚±ãƒ¼ã‚·ãƒ§ãƒ³ã®ãƒ‡ãƒ—ãƒã‚¤ãƒ»ç®¡ç†ãƒ»ãƒ©ã‚¤ãƒ•ã‚µã‚¤ã‚¯ãƒ«ã‚’è‡ªå‹•åŒ–ã§ãã€é‹ç”¨ãŒå®¹æ˜“ã«ãªã‚Šã€æ‰‹å‹•ã«ã‚ˆã‚‹ä»‹å…¥ã‚’æ¸›ã‚‰ã™ã“ã¨ãŒã§ãã¾ã™ã€‚

Sandipan: SIG AppsãŒç›´é¢ã—ã¦ã„ã‚‹ä¸€èˆ¬çš„ãªèª²é¡Œã«ã¯ã©ã®ã‚ˆã†ãªã‚‚ã®ãŒã‚ã‚Šã¾ã™ã‹ï¼Ÿã¾ãŸã€ãã‚Œã«å¯¾ã—ã¦ã©ã®ã‚ˆã†ã«å¯¾å‡¦ã—ã¦ã„ã¾ã™ã‹ï¼Ÿ

ç§ãŸã¡ãŒå¸¸ã«ç›´é¢ã—ã¦ã„ã‚‹æœ€å¤§ã®èª²é¡Œã¯ã€å¤šãã®æ©Ÿèƒ½ã€ã‚¢ã‚¤ãƒ‡ã‚¢ã€æ”¹å–„ææ¡ˆã‚’å´ä¸‹ã—ãªã‘ã‚Œã°ãªã‚‰ãªã„ã¨ã„ã†ç‚¹ã§ã™ã€‚ã“ã†ã—ãŸåˆ¤æ–ã®èƒŒæ™¯ã«ã‚ã‚‹ç†ç”±ã‚’èª¬æ˜Žã™ã‚‹ã«ã¯ã€å¤šãã®è¦å¾‹ã¨å¿è€ãŒå¿…è¦ã¨ãªã‚Šã¾ã™ã€‚

Sandipan: Kubernetesã®é€²åŒ–ã¯SIG Appsã®æ´»å‹•ã«ã©ã®ã‚ˆã†ãªå½±éŸ¿ã‚’ä¸Žãˆã¾ã—ãŸã‹ï¼Ÿæœ€è¿‘ã®å¤‰æ›´ã‚„ä»Šå¾Œã®æ©Ÿèƒ½ã®ä¸ã§ã€SIG Appsã«ã¨ã£ã¦ç‰¹ã«é–¢é€£æ€§ãŒé«˜ã„ã€ã‚ã‚‹ã„ã¯æœ‰ç›Šã ã¨è€ƒãˆã‚‹ã‚‚ã®ã¯ã‚ã‚Šã¾ã™ã‹ï¼Ÿ

SIG Appsã«é–¢ã‚ã‚‹ç§ãŸã¡è‡ªèº«ã€ãã—ã¦ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£å…¨ä½“ã«ã¨ã£ã¦ã®ä¸»ãªåˆ©ç‚¹ã¯ã€ã‚«ã‚¹ã‚¿ãƒ ãƒªã‚½ãƒ¼ã‚¹ã«ã‚ˆã£ã¦Kubernetesã‚’æ‹¡å¼µã§ãã‚‹ã“ã¨ã§ã™ã€‚ ã¾ãŸã€ãƒ¦ãƒ¼ã‚¶ãƒ¼ãŒçµ„ã¿è¾¼ã¿ã®ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ã‚’æ´»ç”¨ã—ã¦ç‹¬è‡ªã®ã‚«ã‚¹ã‚¿ãƒ ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ã‚’æ§‹ç¯‰ã—ã€ç§ãŸã¡ã‚³ã‚¢ãƒ¡ãƒ³ãƒ†ãƒŠãƒ¼ãŒè€ƒæ…®ã—ã¦ã„ãªã‹ã£ãŸã€ã‚ã‚‹ã„ã¯Kuberneteså†…ã§åŠ¹çŽ‡çš„ã«å¯¾å¿œã§ããªã‹ã£ãŸé«˜åº¦ãªãƒ¦ãƒ¼ã‚¹ã‚±ãƒ¼ã‚¹ã‚’å®Ÿç¾ã§ãã‚‹ç‚¹ã‚‚é‡è¦ã§ã™ã€‚

SIG Appsã¸ã®è²¢çŒ®

Sandipan: SIG Appsã«é–¢ã‚ã‚ŠãŸã„ã¨è€ƒãˆã¦ã„ã‚‹æ–°ã—ã„ã‚³ãƒ³ãƒˆãƒªãƒ“ãƒ¥ãƒ¼ã‚¿ãƒ¼ã«ã¯ã€ã©ã®ã‚ˆã†ãªæ©Ÿä¼šãŒã‚ã‚Šã¾ã™ã‹ï¼Ÿã¾ãŸã€ã©ã®ã‚ˆã†ãªã‚¢ãƒ‰ãƒã‚¤ã‚¹ãŒã‚ã‚Šã¾ã™ã‹ï¼Ÿ

ã€Œæœ€åˆã«å–ã‚Šçµ„ã‚€ã®ã«ãŠã™ã™ã‚ã®issueã¯ã‚ã‚Šã¾ã™ã‹ï¼Ÿã€ã¨ã„ã†è³ªå•ã¯ã¨ã¦ã‚‚ã‚ˆãå¯„ã›ã‚‰ã‚Œã¾ã™:-) ã—ã‹ã—ã€æ®‹å¿µãªãŒã‚‰ç°¡å˜ã«ç”ãˆã‚‰ã‚Œã‚‹ã‚‚ã®ã§ã¯ã‚ã‚Šã¾ã›ã‚“ã€‚ ç§ãŸã¡ã¯ã„ã¤ã‚‚ã€ã€Œã‚³ã‚¢ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ã¸ã®è²¢çŒ®ã‚’å§‹ã‚ã‚‹æœ€å–„ã®æ–¹æ³•ã¯ã€ã—ã°ã‚‰ãæ™‚é–“ã‚’ã‹ã‘ã¦å–ã‚Šçµ„ã¿ãŸã„ã¨æ€ãˆã‚‹ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ã‚’è¦‹ã¤ã‘ã‚‹ã“ã¨ã§ã™ã€ã¨çš†ã•ã‚“ã«ä¼ãˆã¦ã„ã¾ã™ã€‚ ãã®ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ã®ã‚³ãƒ¼ãƒ‰ã‚’èªã¿ã€ãƒ¦ãƒ‹ãƒƒãƒˆãƒ†ã‚¹ãƒˆã‚„çµ±åˆãƒ†ã‚¹ãƒˆã‚’å®Ÿè¡Œã—ã¦ã¿ã¦ãã ã•ã„ã€‚ ä¸€åº¦ã€å…¨ä½“ã®ä»•çµ„ã¿ã‚’ç†è§£ã§ããŸã‚‰ã€ã‚ãˆã¦å£Šã—ã¦ã¿ã¦ã€ãƒ†ã‚¹ãƒˆãŒå¤±æ•—ã™ã‚‹ã“ã¨ã‚’ç¢ºèªã™ã‚‹ã®ã‚‚ã‚ˆã„ã§ã—ã‚‡ã†ã€‚ ãã®ç‰¹å®šã®ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ã«ã¤ã„ã¦ç†è§£ãŒæ·±ã¾ã‚Šã€è‡ªä¿¡ãŒã¤ã„ã¦ããŸã‚‰ã€ãã®ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ã«é–¢é€£ã™ã‚‹ã‚ªãƒ¼ãƒ—ãƒ³ãªissueã‚’æŽ¢ã—ã¦ã¿ã‚‹ã¨ã‚ˆã„ã§ã—ã‚‡ã†ã€‚ãƒ¦ãƒ¼ã‚¶ãƒ¼ãŒç›´é¢ã—ã¦ã„ã‚‹å•é¡Œã«ã¤ã„ã¦èª¬æ˜Žã‚’åŠ ãˆãŸã‚Šã€æ”¹å–„æ¡ˆã‚’ææ¡ˆã—ãŸã‚Šã€ã‚ã‚‹ã„ã¯æœ€åˆã®ä¿®æ£ã«æŒ‘æˆ¦ã—ã¦ã¿ã‚‹ã®ã‚‚è‰¯ã„ã‹ã‚‚ã—ã‚Œã¾ã›ã‚“ã€‚

å…ˆã»ã©è¿°ã¹ãŸã¨ãŠã‚Šã€ã“ã®é“ã«è¿‘é“ã¯ã‚ã‚Šã¾ã›ã‚“ã€‚ ç§ãŸã¡ãŒç¾åœ¨ã®çŠ¶æ…‹ã«è‡³ã‚‹ã¾ã§ã«å¾ã€…ã«ç©ã¿é‡ãã¦ããŸã™ã¹ã¦ã®ã‚¨ãƒƒã‚¸ã‚±ãƒ¼ã‚¹ã‚’ç†è§£ã™ã‚‹ãŸã‚ã«ã¯ã€ã‚³ãƒ¼ãƒ‰ãƒ™ãƒ¼ã‚¹ã¨å‘ãåˆã£ã¦æ™‚é–“ã‚’ã‹ã‘ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚ 1ã¤ã®ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ã§ã†ã¾ãã„ã£ãŸã‚‰ã€ãã®ãƒ—ãƒã‚»ã‚¹ã‚’ä»–ã®ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ã§ã‚‚å†ã³ç¹°ã‚Šè¿”ã™å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚

Sandipan: SIG Appsã¯ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã‹ã‚‰ã©ã®ã‚ˆã†ã«ãƒ•ã‚£ãƒ¼ãƒ‰ãƒãƒƒã‚¯ã‚’åŽé›†ã—ã¦ãŠã‚Šã€ãã‚Œã‚’ã©ã®ã‚ˆã†ã«æ´»å‹•ã¸åæ˜ ã—ã¦ã„ã‚‹ã®ã§ã—ã‚‡ã†ã‹ï¼Ÿ

ç§ãŸã¡ã¯å¸¸ã«ã€éš”é€±ã§é–‹å‚¬ã—ã¦ã„ã‚‹ãƒŸãƒ¼ãƒ†ã‚£ãƒ³ã‚°ã«å‚åŠ ã—ã€ã”è‡ªèº«ã®èª²é¡Œã‚„è§£æ±ºç–ã‚’ç™ºè¡¨ã—ã¦ã„ãŸã ãã‚ˆã†ã€çš†ã•ã‚“ã«å¥¨åŠ±ã—ã¦ã„ã¾ã™ã€‚ Kubernetesä¸Šã§èˆˆå‘³æ·±ã„å•é¡Œã«å–ã‚Šçµ„ã‚“ã§ãŠã‚Šã€ã‚³ã‚¢ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ã«é–¢ã™ã‚‹æœ‰ç”¨ãªãƒ•ã‚£ãƒ¼ãƒ‰ãƒãƒƒã‚¯ã‚’æä¾›ã§ãã‚‹ã®ã§ã‚ã‚Œã°ã€ã©ãªãŸã‹ã‚‰ã®å£°ã§ã‚‚å¸¸ã«æ“è¿Žã—ã¦ã„ã¾ã™ã€‚

ä»Šå¾Œã®å±•æœ›

Sandipan: ä»Šå¾Œã‚’è¦‹æ®ãˆãŸã¨ãã€Kubernetesã«ãŠã‘ã‚‹ã‚¢ãƒ—ãƒªã‚±ãƒ¼ã‚·ãƒ§ãƒ³ç®¡ç†ã«é–¢ã—ã¦ã€SIG AppsãŒæ³¨ç›®ã—ã¦ã„ã‚‹ä¸»è¦ãªæ³¨åŠ›é ˜åŸŸã‚„ä»Šå¾Œã®ãƒˆãƒ¬ãƒ³ãƒ‰ã«ã¯ã©ã®ã‚ˆã†ãªã‚‚ã®ãŒã‚ã‚Šã¾ã™ã‹ï¼ŸSIGã¯ãã‚Œã‚‰ã®ãƒˆãƒ¬ãƒ³ãƒ‰ã«ã©ã®ã‚ˆã†ã«é©å¿œã—ã¦ã„ã‚‹ã®ã§ã—ã‚‡ã†ã‹ï¼Ÿ

é–“é•ã„ãªãã€ç¾åœ¨ã®AIãƒ–ãƒ¼ãƒ ãŒæœ€å¤§ã®æŽ¨é€²è¦å› ã§ã™ã€‚ å‰è¿°ã®ã¨ãŠã‚Šã€ç§ãŸã¡ã¯ãã‚Œãžã‚Œç•°ãªã‚‹å´é¢ã‚’æ‰±ã†2ã¤ã®ãƒ¯ãƒ¼ã‚ãƒ³ã‚°ã‚°ãƒ«ãƒ¼ãƒ—ã‚’æœ‰ã—ã¦ã„ã¾ã™ã€‚

Sandipan: ã“ã®SIGã«é–¢ã—ã¦ã€æ°—ã«å…¥ã£ã¦ã„ã‚‹ç‚¹ãŒã‚ã‚Œã°æ•™ãˆã¦ãã ã•ã„ã€‚

é–“é•ã„ãªãã€ãƒŸãƒ¼ãƒ†ã‚£ãƒ³ã‚°ã‚„Slackã«å‚åŠ ã—ã¦ãã‚Œã¦ã„ã‚‹äººã€…ã§ã™ã€‚ å½¼ã‚‰ã¯ã€èª²é¡Œã®ãƒˆãƒªã‚¢ãƒ¼ã‚¸ã‚„ãƒ—ãƒ«ãƒªã‚¯ã‚¨ã‚¹ãƒˆã«çµ¶ãˆé–“ãªãè²¢çŒ®ã—ã€Kubernetesã‚’ç´ æ™´ã‚‰ã—ã„ã‚‚ã®ã«ã™ã‚‹ãŸã‚ã«(éžå¸¸ã«é »ç¹ã«ç§çš„ãªæ™‚é–“ã‚’ä½¿ã£ã¦)å¤šãã®æ™‚é–“ã‚’è²»ã‚„ã—ã¦ãã‚Œã¦ã„ã¾ã™ï¼

SIG Appsã¯ã€Kubernetesã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã«ãŠã‘ã‚‹å¿…è¦ä¸å¯æ¬ ãªæ§‹æˆè¦ç´ ã§ã‚ã‚Šã€å¤§è¦æ¨¡ãªã‚¢ãƒ—ãƒªã‚±ãƒ¼ã‚·ãƒ§ãƒ³ã®ãƒ‡ãƒ—ãƒã‚¤ã¨ç®¡ç†ã®ã‚ã‚Šæ–¹ã‚’å½¢æˆã™ã‚‹å½¹å‰²ã‚’æ‹…ã£ã¦ã„ã¾ã™ã€‚ Kubernetesã®ãƒ¯ãƒ¼ã‚¯ãƒãƒ¼ãƒ‰APIã®æ”¹å–„ã‹ã‚‰ã€AI/MLã‚¢ãƒ—ãƒªã‚±ãƒ¼ã‚·ãƒ§ãƒ³ç®¡ç†ã«ãŠã‘ã‚‹ã‚¤ãƒŽãƒ™ãƒ¼ã‚·ãƒ§ãƒ³ã®æŽ¨é€²ã¾ã§ã€SIG Appsã¯çµ¶ãˆé–“ãªãç¾ä»£ã®ã‚¢ãƒ—ãƒªã‚±ãƒ¼ã‚·ãƒ§ãƒ³é–‹ç™ºè€…ãŠã‚ˆã³é‹ç”¨è€…ã®ãƒ‹ãƒ¼ã‚ºã«å¿œãˆç¶šã‘ã¦ã„ã¾ã™ã€‚ æ–°ã—ã„ã‚³ãƒ³ãƒˆãƒªãƒ“ãƒ¥ãƒ¼ã‚¿ãƒ¼ã§ã‚ã£ã¦ã‚‚ã€çµŒé¨“è±Šå¯Œãªé–‹ç™ºè€…ã§ã‚ã£ã¦ã‚‚ã€é–¢ä¸Žã—ã€è²¢çŒ®ã™ã‚‹æ©Ÿä¼šã¯å¸¸ã«å˜åœ¨ã—ã¾ã™ã€‚

SIG Appsã«ã¤ã„ã¦ã•ã‚‰ã«å¦ã³ãŸã„æ–¹ã‚„ã€è²¢çŒ®ã«é–¢å¿ƒã®ã‚ã‚‹æ–¹ã¯ã€SIG READMEã‚’ã”ç¢ºèªã®ã†ãˆã€éš”é€±ã§é–‹å‚¬ã•ã‚Œã¦ã„ã‚‹ãƒŸãƒ¼ãƒ†ã‚£ãƒ³ã‚°ã«ãœã²ã”å‚åŠ ãã ã•ã„ã€‚

SIG etcdã®å–ã‚Šçµ„ã¿ã®ç´¹ä»‹

Tue, 04 Mar 2025 00:00:00 +0000

ä»Šå›žã®SIG etcd spotlightã§ã¯ã€ã“ã®Kubernetesã®Special Interest Groupã«ã¤ã„ã¦ã•ã‚‰ã«ç†è§£ã‚’æ·±ã‚ã‚‹ãŸã‚ã€James Blairæ°ã€Marek Siarkowiczæ°ã€Wenjia Zhangæ°ã€Benjamin Wangæ°ã«ãŠè©±ã‚’ä¼ºã„ã¾ã—ãŸã€‚

SIG etcdã®ç´¹ä»‹

Frederico: ã“ã‚“ã«ã¡ã¯ã€ãŠæ™‚é–“ã‚’ã„ãŸã ãã‚ã‚ŠãŒã¨ã†ã”ã–ã„ã¾ã™ï¼ã¾ãšã¯è‡ªå·±ç´¹ä»‹ã‹ã‚‰å§‹ã‚ã¾ã—ã‚‡ã†ã€‚ã”è‡ªèº«ã®ã“ã¨ã€ç¾åœ¨ã®å½¹å‰²ã€ãã—ã¦Kubernetesã«é–¢ã‚ã‚‹ã‚ˆã†ã«ãªã£ãŸçµŒç·¯ã«ã¤ã„ã¦æ•™ãˆã¦ãã ã•ã„ã€‚

Benjamin: ã“ã‚“ã«ã¡ã¯ã€Benjaminã¨ç”³ã—ã¾ã™ã€‚ç§ã¯SIG etcdã®ãƒ†ãƒƒã‚¯ãƒªãƒ¼ãƒ‰ã§ã‚ã‚Šã€etcdã®ãƒ¡ãƒ³ãƒ†ãƒŠãƒ¼ã®ã²ã¨ã‚Šã§ã™ã€‚ç§ã¯Broadcomã‚°ãƒ«ãƒ¼ãƒ—ã®ä¸€éƒ¨ã§ã‚ã‚‹VMwareã«å‹¤ã‚ã¦ã„ã¾ã™ã€‚Kubernetesã€etcdã€ãã—ã¦CSI(Container Storage Interface)ã«ã¯ã€ä»•äº‹ã‚’é€šã˜ã¦ã€ã¾ãŸã‚ªãƒ¼ãƒ—ãƒ³ã‚½ãƒ¼ã‚¹ã¸ã®å¤§ããªæƒ…ç†±ã‹ã‚‰é–¢ã‚ã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã—ãŸã€‚2020å¹´ã‹ã‚‰Kubernetesã€etcdã€(ãŠã‚ˆã³CSI)ã«å–ã‚Šçµ„ã‚“ã§ã„ã¾ã™ã€‚

James: ã“ã‚“ã«ã¡ã¯ã€ãƒãƒ¼ãƒ ã®çš†ã•ã‚“ã€‚ç§ã¯Jamesã§ã™ã€‚SIG etcdã®å…±åŒãƒã‚§ã‚¢ã§ã‚ã‚Šã€etcdã®ãƒ¡ãƒ³ãƒ†ãƒŠãƒ¼ã‚’å‹™ã‚ã¦ã„ã¾ã™ã€‚Red Hatã«å‹¤ã‚ã¦ãŠã‚Šã€ã‚¹ãƒšã‚·ãƒ£ãƒªã‚¹ãƒˆã‚¢ãƒ¼ã‚ãƒ†ã‚¯ãƒˆã¨ã—ã¦ã‚¯ãƒ©ã‚¦ãƒ‰ãƒã‚¤ãƒ†ã‚£ãƒ–æŠ€è¡“ã®å°Žå…¥æ”¯æ´ã‚’è¡Œã£ã¦ã„ã¾ã™ã€‚Kubernetesã‚¨ã‚³ã‚·ã‚¹ãƒ†ãƒ ã«ã¯2019å¹´ã‹ã‚‰é–¢ã‚ã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã—ãŸã€‚2022å¹´æœ«é ƒã€etcdã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã¨ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆãŒæ”¯æ´ã‚’å¿…è¦ã¨ã—ã¦ã„ã‚‹ã“ã¨ã«æ°—ä»˜ãã€ã§ãã‚‹é™ã‚Šé »ç¹ã«è²¢çŒ®ã‚’å§‹ã‚ã¾ã—ãŸã€‚ ç§ãŸã¡ã®ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã«ã¯ã€ŒæŠ€è¡“ãŒãã£ã‹ã‘ã§å‚åŠ ã—ã€äººã¨ã®ã¤ãªãŒã‚Šã§ç•™ã¾ã‚‹ã€ã¨ã„ã†è¨€è‘‰ãŒã‚ã‚Šã¾ã™ãŒã€ç§ã«ã¨ã£ã¦ã“ã‚Œã¯ã¾ã•ã«ãã®é€šã‚Šã§ã™ã€‚ ã“ã‚Œã¾ã§ç´ æ™´ã‚‰ã—ã„æ—…è·¯ã§ã‚ã‚Šã€ã“ã‚Œã‹ã‚‰ã‚‚ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã‚’æ”¯ãˆã¦ã„ã‘ã‚‹ã“ã¨ã‚’æ¥½ã—ã¿ã«ã—ã¦ã„ã¾ã™ã€‚

Marek: çš†ã•ã‚“ã“ã‚“ã«ã¡ã¯ã€ç§ã¯Marekã§ã™ã€‚SIG etcdã®ãƒªãƒ¼ãƒ‰ã‚’å‹™ã‚ã¦ã„ã¾ã™ã€‚Googleã§ã¯ã€GKEã®etcdãƒãƒ¼ãƒ ã‚’çŽ‡ã„ã¦ãŠã‚Šã€ã™ã¹ã¦ã®GKEãƒ¦ãƒ¼ã‚¶ãƒ¼ã«å¯¾ã—ã¦å®‰å®šã‹ã¤ä¿¡é ¼æ€§ã®é«˜ã„ä½“é¨“ã‚’æä¾›ã™ã‚‹ã“ã¨ã‚’ç›®æŒ‡ã—ã¦ã„ã¾ã™ã€‚ ç§ã®Kubernetesã¨ã®é–¢ã‚ã‚Šã¯ã€SIG Instrumentationã‹ã‚‰å§‹ã¾ã‚Šã¾ã—ãŸã€‚ ãã“ã§ã¯ã€Kubernetes Structured Logging effortã‚’ç«‹ã¡ä¸Šã’ã€ä¸»å°Žã—ã¾ã—ãŸã€‚ ç¾åœ¨ã‚‚ã€Kubernetes Metrics Serverã®ä¸»è¦ãªãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆãƒªãƒ¼ãƒ‰ã‚’å‹™ã‚ã¦ãŠã‚Šã€Kubernetesã«ãŠã‘ã‚‹ã‚ªãƒ¼ãƒˆã‚¹ã‚±ãƒ¼ãƒªãƒ³ã‚°ã«å¿…è¦ãªé‡è¦ãªã‚·ã‚°ãƒŠãƒ«ã‚’æä¾›ã—ã¦ã„ã¾ã™ã€‚ etcdã«ã¯3å¹´å‰ã€ãƒãƒ¼ã‚¸ãƒ§ãƒ³3.5ã®ãƒªãƒªãƒ¼ã‚¹æ™‚æœŸã‹ã‚‰é–¢ã‚ã‚Šå§‹ã‚ã¾ã—ãŸã€‚ å½“åˆã¯ã„ãã¤ã‹ã®èª²é¡Œã«ç›´é¢ã—ã¾ã—ãŸãŒã€ä»Šã§ã¯etcdã¯ã“ã‚Œã¾ã§ã§æœ€ã‚‚ã‚¹ã‚±ãƒ¼ãƒ©ãƒ–ãƒ«ã§ä¿¡é ¼æ€§ã®é«˜ã„çŠ¶æ…‹ã«ã‚ã‚Šã€ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆå²ä¸Šæœ€å¤šã®ã‚³ãƒ³ãƒˆãƒªãƒ“ãƒ¥ãƒ¼ã‚·ãƒ§ãƒ³æ•°ã‚’è¨˜éŒ²ã—ã¦ã„ã¾ã™ã€‚ ã“ã®ã“ã¨ã«éžå¸¸ã«èˆˆå¥®ã—ã¦ã„ã¾ã™ã€‚ ç§ã¯åˆ†æ•£ã‚·ã‚¹ãƒ†ãƒ ã€ã‚¨ã‚¯ã‚¹ãƒˆãƒªãƒ¼ãƒ ãƒ»ãƒ—ãƒã‚°ãƒ©ãƒŸãƒ³ã‚°ã€ãƒ†ã‚¹ãƒˆã«æƒ…ç†±ã‚’æŒã£ã¦ã„ã¾ã™ã€‚

Wenjia: ã“ã‚“ã«ã¡ã¯ã€Wenjiaã¨ç”³ã—ã¾ã™ã€‚SIG etcdã®å…±åŒãƒã‚§ã‚¢ã§ã‚ã‚Šã€etcdã®ãƒ¡ãƒ³ãƒ†ãƒŠãƒ¼ã®ã²ã¨ã‚Šã§ã™ã€‚Googleã§ã‚¨ãƒ³ã‚¸ãƒ‹ã‚¢ãƒªãƒ³ã‚°ãƒžãƒãƒ¼ã‚¸ãƒ£ãƒ¼ã¨ã—ã¦ã€GKE(Google Kubernetes Engine)ãŠã‚ˆã³GDC(Google Distributed Cloud)ã«å–ã‚Šçµ„ã‚“ã§ã„ã¾ã™ã€‚ Kubernetes v1.10ãŠã‚ˆã³etcd v3.1ã®ãƒªãƒªãƒ¼ã‚¹æ™‚æœŸã‹ã‚‰ã€ã‚ªãƒ¼ãƒ—ãƒ³ã‚½ãƒ¼ã‚¹ã®KubernetesãŠã‚ˆã³etcdã®åˆ†é‡Žã§æ´»å‹•ã—ã¦ã„ã¾ã™ã€‚ Kubernetesã«é–¢ã‚ã‚‹ã‚ˆã†ã«ãªã£ãŸãã£ã‹ã‘ã¯ä»•äº‹ã§ã—ãŸãŒã€ç§ã‚’ã“ã®åˆ†é‡Žã«ã¨ã©ã‚ã¦ã„ã‚‹ã®ã¯ã€ã‚³ãƒ³ãƒ†ãƒŠã‚ªãƒ¼ã‚±ã‚¹ãƒˆãƒ¬ãƒ¼ã‚·ãƒ§ãƒ³æŠ€è¡“ã®é…åŠ›ã€ãã—ã¦ã•ã‚‰ã«é‡è¦ãªã“ã¨ã«ã€ç´ æ™´ã‚‰ã—ã„ã‚ªãƒ¼ãƒ—ãƒ³ã‚½ãƒ¼ã‚¹ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã®å˜åœ¨ã§ã™ã€‚

Kubernetesã®Special Interest Group(SIG)ã«ãªã‚‹ã¾ã§

Frederico: ç´ æ™´ã‚‰ã—ã„ã§ã™ã€ã‚ã‚ŠãŒã¨ã†ã”ã–ã„ã¾ã™ã€‚ã¾ãšã¯SIGè‡ªä½“ã®èµ·æºã«ã¤ã„ã¦ãŠèžãã—ãŸã„ã¨æ€ã„ã¾ã™ã€‚SIG etcdã¯éžå¸¸ã«æ–°ã—ã„SIGã§ã™ãŒã€ãã®è¨ç«‹ã®çµŒç·¯ã¨èƒŒæ™¯ã«ã¤ã„ã¦ç°¡å˜ã«æ•™ãˆã¦ã„ãŸã ã‘ã¾ã™ã‹ï¼Ÿ

Marek: ã‚‚ã¡ã‚ã‚“ã§ã™ï¼SIG etcdã¯ã€etcdãŒKubernetesã®ãƒ‡ãƒ¼ã‚¿ã‚¹ãƒˆã‚¢ã¨ã—ã¦é‡è¦ãªã‚³ãƒ³ãƒãƒ¼ãƒãƒ³ãƒˆã§ã‚ã‚‹ã“ã¨ã‹ã‚‰è¨ç«‹ã•ã‚Œã¾ã—ãŸã€‚ã—ã‹ã—å½“æ™‚ã€etcdã¯ãƒ¡ãƒ³ãƒ†ãƒŠãƒ¼ã®å…¥ã‚Œæ›¿ã‚ã‚Šã‚„ä¿¡é ¼æ€§ã®å•é¡Œãªã©ã€ã„ãã¤ã‹ã®èª²é¡Œã‚’æŠ±ãˆã¦ã„ã¾ã—ãŸã€‚å°‚ç”¨ã®SIGã‚’è¨ç«‹ã™ã‚‹ã“ã¨ã§ã€ã“ã‚Œã‚‰ã®å•é¡Œã«é›†ä¸ã—ã¦å–ã‚Šçµ„ã¿ã€é–‹ç™ºãƒ»ä¿å®ˆãƒ—ãƒã‚»ã‚¹ã‚’æ”¹å–„ã—ã€ã‚¯ãƒ©ã‚¦ãƒ‰ãƒã‚¤ãƒ†ã‚£ãƒ–ã®ç’°å¢ƒã¨é€£å‹•ã—ã¦etcdã‚’ç™ºå±•ã•ã›ã¦ã„ãä½“åˆ¶ãŒæ•´ã„ã¾ã—ãŸã€‚

Frederico: SIGã«ãªã£ãŸã“ã¨ã§ã€æœŸå¾…ã©ãŠã‚Šã®æˆæžœã¯å¾—ã‚‰ã‚Œã¾ã—ãŸã‹ï¼Ÿã•ã‚‰ã«è¨€ãˆã°ã€å…ˆã»ã©æŒ™ã’ã‚‰ã‚ŒãŸå‹•æ©Ÿã¯å®Ÿéš›ã«è§£æ¶ˆã•ã‚Œã¤ã¤ã‚ã‚Šã¾ã™ã‹ï¼Ÿãã®é”æˆåº¦ã«ã¤ã„ã¦ã‚‚æ•™ãˆã¦ãã ã•ã„ã€‚

Marek: å…¨ä½“çš„ã«è¦‹ã¦éžå¸¸ã«ãƒã‚¸ãƒ†ã‚£ãƒ–ãªå¤‰åŒ–ã§ã—ãŸã€‚SIGã«ãªã‚‹ã“ã¨ã§ã€etcdã®é–‹ç™ºã«ã‚ˆã‚Šæ˜Žç¢ºãªæ§‹é€ ã¨é€æ˜Žæ€§ãŒã‚‚ãŸã‚‰ã•ã‚Œã¾ã—ãŸã€‚ç§ãŸã¡ã¯ã€KEP(Kubernetes Enhancement Proposals)ã‚„PRR(Production Readiness Reviews)ã¨ã„ã£ãŸKubernetesã®ãƒ—ãƒã‚»ã‚¹ã‚’å–ã‚Šå…¥ã‚Œã€ãã‚Œã«ã‚ˆã‚Šæ©Ÿèƒ½é–‹ç™ºã‚„ãƒªãƒªãƒ¼ã‚¹ã‚µã‚¤ã‚¯ãƒ«ãŒæ”¹å–„ã•ã‚Œã¦ã„ã¾ã™ã€‚

Frederico: ãã‚Œã‚‰ã«åŠ ãˆã¦ã€SIGã«ãªã£ãŸã“ã¨ã«ã‚ˆã£ã¦å¾—ã‚‰ã‚ŒãŸæœ€å¤§ã®ãƒ¡ãƒªãƒƒãƒˆã‚’ä¸€ã¤é¸ã¶ãªã‚‰ãªã‚“ã§ã—ã‚‡ã†ã‹ï¼Ÿ

Marek: ç§ã«ã¨ã£ã¦æœ€å¤§ã®åˆ©ç‚¹ã¯ã€Prowã‚„TestGridã¨ã„ã£ãŸãƒ„ãƒ¼ãƒ«ã®ã‚ˆã†ãªKubernetesã®ãƒ†ã‚¹ãƒˆåŸºç›¤ã‚’æŽ¡ç”¨ã§ããŸã“ã¨ã§ã™ã€‚etcdã®ã‚ˆã†ãªå¤§è¦æ¨¡ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã®å ´åˆã€GitHubæ¨™æº–ã®ãƒ„ãƒ¼ãƒ«ã¨ã¯åˆ°åº•æ¯”è¼ƒã«ãªã‚Šã¾ã›ã‚“ã€‚ä½¿ã„æ…£ã‚ŒãŸã€æ˜Žç¢ºã§æ‰±ã„ã‚„ã™ã„ãƒ„ãƒ¼ãƒ«ãŒã‚ã‚‹ã“ã¨ã¯ã€etcdã«ã¨ã£ã¦å¤§ããªå¼·åŒ–ã¨ãªã‚Šã€Kubernetesã®ã‚³ãƒ³ãƒˆãƒªãƒ“ãƒ¥ãƒ¼ã‚¿ãƒ¼ãŒetcdã«ã‚‚è²¢çŒ®ã—ã‚„ã™ããªã‚Šã¾ã™ã€‚

Wenjia: ã¾ã£ãŸãåŒæ„Ÿã§ã™ã€‚èª²é¡Œã¯ä¾ç„¶ã¨ã—ã¦æ®‹ã£ã¦ã„ã¾ã™ãŒã€SIGã¨ã„ã†æž çµ„ã¿ãŒãã‚Œã‚‰ã«å–ã‚Šçµ„ã‚€ãŸã‚ã®ç¢ºã‹ãªåŸºç›¤ã‚’æä¾›ã—ã¦ãŠã‚Šã€etcdãŒKubernetesã‚¨ã‚³ã‚·ã‚¹ãƒ†ãƒ ã®é‡è¦ãªã‚³ãƒ³ãƒãƒ¼ãƒãƒ³ãƒˆã¨ã—ã¦ä»Šå¾Œã‚‚æˆåŠŸã—ç¶šã‘ã‚‹ã“ã¨ã‚’ç¢ºã‹ãªã‚‚ã®ã«ã—ã¦ãã‚Œã¦ã„ã¾ã™ã€‚

ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã¸ã®ãƒã‚¸ãƒ†ã‚£ãƒ–ãªå½±éŸ¿ã‚‚ã¾ãŸã€SIG etcdã®æˆåŠŸã«ãŠã„ã¦å¼·èª¿ã—ã¦ãŠããŸã„é‡è¦ãªå´é¢ã§ã™ã€‚ Kubernetesã®SIGã¨ã„ã†æž çµ„ã¿ã«ã‚ˆã£ã¦ã€etcdã®ã‚³ãƒ³ãƒˆãƒªãƒ“ãƒ¥ãƒ¼ã‚¿ãƒ¼ã‚’å—ã‘å…¥ã‚Œã‚„ã™ã„ç’°å¢ƒãŒæ•´ã„ã€ã‚ˆã‚Šåºƒã„Kubernetesã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã‹ã‚‰ã®å‚åŠ ãŒå¢—åŠ ã—ã¾ã—ãŸã€‚ ã¾ãŸã€SIG API Machineryã€SIG Scalabilityã€SIG Testingã€SIG Cluster Lifecycleãªã©ã€ä»–ã®SIGã¨ã®é€£æºã‚‚å¼·åŒ–ã•ã‚Œã¦ã„ã¾ã™ã€‚

ã“ã®ã‚ˆã†ãªé€£æºã®ãŠã‹ã’ã§ã€etcdã®é–‹ç™ºãŒã€ã‚ˆã‚Šåºƒã„Kubernetesã‚¨ã‚³ã‚·ã‚¹ãƒ†ãƒ ã®ãƒ‹ãƒ¼ã‚ºã¨ç¢ºå®Ÿã«æ•´åˆã™ã‚‹ã‚ˆã†ã«ãªã£ã¦ã„ã¾ã™ã€‚SIG etcdã¨SIG Cluster Lifecycleã®å…±åŒã®å–ã‚Šçµ„ã¿ã«ã‚ˆã‚Šè¨ç«‹ã•ã‚ŒãŸetcd Operator Working Groupã¯ã€ã“ã®ã‚ˆã†ãªæˆåŠŸã—ãŸé€£æºã®å¥½ä¾‹ã§ã‚ã‚Šã€Kubernetesã«ãŠã‘ã‚‹etcdã®é‹ç”¨é¢ã‚’æ”¹å–„ã—ã‚ˆã†ã¨ã™ã‚‹å…±é€šã®å–ã‚Šçµ„ã¿å§¿å‹¢ã‚’ç¤ºã—ã¦ã„ã¾ã™ã€‚

Frederico: ã‚³ãƒ©ãƒœãƒ¬ãƒ¼ã‚·ãƒ§ãƒ³ã«ã¤ã„ã¦è¨€åŠãŒã‚ã‚Šã¾ã—ãŸãŒã€ã“ã“æ•°ã‹æœˆã§ã‚³ãƒ³ãƒˆãƒªãƒ“ãƒ¥ãƒ¼ã‚¿ãƒ¼ã‚„ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã®é–¢ä¸Žã«å¤‰åŒ–ã¯è¦‹ã‚‰ã‚Œã¾ã—ãŸã‹ï¼Ÿ

James: ã¯ã„ã€ãƒ¦ãƒ‹ãƒ¼ã‚¯ãªPRä½œæˆè€…ã®ãƒ‡ãƒ¼ã‚¿ã«ã‚‚ç¤ºã•ã‚Œã¦ã„ã‚‹ã¨ãŠã‚Šã€ç§ãŸã¡ã¯æœ€è¿‘3æœˆã«éŽåŽ»æœ€é«˜ã‚’è¨˜éŒ²ã—ã€ãƒã‚¸ãƒ†ã‚£ãƒ–ãªå‚¾å‘ãŒç¶šã„ã¦ã„ã¾ã™ã€‚

ã•ã‚‰ã«ã€etcdãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã®å…¨ãƒªãƒã‚¸ãƒˆãƒªã«ãŠã‘ã‚‹å…¨ä½“çš„ãªã‚³ãƒ³ãƒˆãƒªãƒ“ãƒ¥ãƒ¼ã‚·ãƒ§ãƒ³ã‚’è¦‹ã¦ã‚‚ã€etcdãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã®æ´»å‹•ãŒå†ã³æ´»ç™ºåŒ–ã—ã¦ã„ã‚‹ã“ã¨ã‚’ç¤ºã™ãƒã‚¸ãƒ†ã‚£ãƒ–ãªå‚¾å‘ã‚’ç¢ºèªã—ã¦ã„ã¾ã™ã€‚

ä»Šå¾Œã®å±•æœ›

Frederico: å¤§å¤‰èˆˆå‘³æ·±ã„è©±ã§ã—ãŸã€ã‚ã‚ŠãŒã¨ã†ã”ã–ã„ã¾ã™ã€‚ç›´è¿‘ã®è©±ã¨ã—ã¦ã€SIG etcdã®ç¾åœ¨ã®å„ªå…ˆäº‹é …ã«ã¯ã©ã®ã‚ˆã†ãªã‚‚ã®ãŒã‚ã‚Šã¾ã™ã‹ï¼Ÿ

Marek: ä¿¡é ¼æ€§ã¯å¸¸ã«æœ€é‡è¦èª²é¡Œã§ã™ã€‚etcdãŒå …ç‰¢ã§ã‚ã‚‹ã“ã¨ã‚’ç¢ºå®Ÿã«ã—ãªã‘ã‚Œã°ãªã‚Šã¾ã›ã‚“ã€‚ã¾ãŸã€ã‚ªãƒšãƒ¬ãƒ¼ã‚¿ãƒ¼ã«ã¨ã£ã¦etcdã‚’ã‚ˆã‚Šä½¿ã„ã‚„ã™ãã€ç®¡ç†ã—ã‚„ã™ãã™ã‚‹ãŸã‚ã®å–ã‚Šçµ„ã¿ã‚‚é€²ã‚ã¦ã„ã¾ã™ã€‚ã•ã‚‰ã«ã€etcdã‚’Kubernetesã«é™ã‚‰ãšã€ã‚¤ãƒ³ãƒ•ãƒ©ç®¡ç†ã®ãŸã‚ã®ç¾å®Ÿçš„ã«åˆ©ç”¨å¯èƒ½ãªã‚¹ã‚¿ãƒ³ãƒ‰ã‚¢ãƒãƒ³ã®é¸æŠžè‚¢ã¨ã™ã‚‹ã“ã¨ã‚‚è¦–é‡Žã«å…¥ã‚Œã¦ã„ã¾ã™ã€‚ãã—ã¦ã‚‚ã¡ã‚ã‚“ã€ã‚¹ã‚±ãƒ¼ãƒ©ãƒ“ãƒªãƒ†ã‚£ã‚‚é‡è¦ã§ã™ã€‚ã‚¯ãƒ©ã‚¦ãƒ‰ãƒã‚¤ãƒ†ã‚£ãƒ–ã®ä¸–ç•Œã§æ‹¡å¤§ã—ç¶šã‘ã‚‹è¦æ±‚ã«å¯¾å¿œã§ãã‚‹ã‚ˆã†ã«ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚

Benjamin: ä¿¡é ¼æ€§ã‚’æœ€å„ªå…ˆã®åŽŸå‰‡ã¨ã™ã¹ãã ã¨ã„ã†ç‚¹ã«ã¯ç§ã‚‚åŒæ„ã—ã¾ã™ã€‚æ£ç¢ºæ€§ã ã‘ã§ãªãã€äº’æ›æ€§ã‚‚ç¢ºä¿ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚åŠ ãˆã¦ã€etcdã®ç†è§£ã—ã‚„ã™ã•ã¨ä¿å®ˆæ€§ã‚’ç¶™ç¶šçš„ã«æ”¹å–„ã—ã¦ã„ãã¹ãã§ã™ã€‚ç§ãŸã¡ãŒæ³¨åŠ›ã™ã¹ãã¯ã€ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ãŒæœ€ã‚‚é–¢å¿ƒã‚’å¯„ã›ã¦ã„ã‚‹ãƒšã‚¤ãƒ³ãƒã‚¤ãƒ³ãƒˆã®è§£æ¶ˆã§ã™ã€‚

Frederico: ç‰¹ã«ç·Šå¯†ã«é€£æºã—ã¦ã„ã‚‹SIGã¯ã‚ã‚Šã¾ã™ã‹ï¼Ÿ

Marek: SIG API Machineryã¯é–“é•ã„ãªãç·Šå¯†ã«é€£æºã—ã¦ã„ã‚‹ç›¸æ‰‹ã§ã™ã€‚å½¼ã‚‰ã¯etcdãŒä¿å˜ã™ã‚‹ãƒ‡ãƒ¼ã‚¿ã®æ§‹é€ ã‚’ä¿æœ‰ã—ã¦ã„ã‚‹ãŸã‚ã€ç§ãŸã¡ã¯å¸¸ã«é€£æºã—ã¦å–ã‚Šçµ„ã‚“ã§ã„ã¾ã™ã€‚ã¾ãŸã€SIG Cluster Lifecycleã‚‚é‡è¦ã§ã™ã€‚etcdã¯Kubernetesã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã®é‡è¦ãªæ§‹æˆè¦ç´ ã§ã‚ã‚‹ãŸã‚ã€æ–°ãŸã«è¨ç«‹ã•ã‚ŒãŸetcd operator Working groupã§ã‚‚å”åƒã—ã¦ã„ã¾ã™ã€‚

Wenjia: MarekãŒæŒ™ã’ãŸSIG API Machineryã¨SIG Cluster Lifecycleä»¥å¤–ã«ã‚‚ã€SIG Scalabilityã‚„SIG Testingã¨ã‚‚å¯†æŽ¥ã«é€£æºã—ã¦ã„ã¾ã™ã€‚

Frederico: ã‚ˆã‚Šä¸€èˆ¬çš„ãªè¦³ç‚¹ã§ãŠèžãã—ã¾ã™ãŒã€ã‚¯ãƒ©ã‚¦ãƒ‰ãƒã‚¤ãƒ†ã‚£ãƒ–ç’°å¢ƒãŒé€²åŒ–ã™ã‚‹ä¸ã§ã€SIG etcdã«ã¨ã£ã¦ã®ä¸»ãªèª²é¡Œã¯ä½•ã ã¨ãŠè€ƒãˆã§ã™ã‹ï¼Ÿ

Marek: ãã†ã§ã™ãã€é‡è¦ãªãƒ‡ãƒ¼ã‚¿ã‚’æ‰±ã£ã¦ã„ã‚‹ä»¥ä¸Šã€ä¿¡é ¼æ€§ã¯å¸¸ã«èª²é¡Œã§ã™ã€‚ã‚¯ãƒ©ã‚¦ãƒ‰ãƒã‚¤ãƒ†ã‚£ãƒ–ã®ä¸–ç•Œã¯éžå¸¸ã«é€Ÿã„ãƒšãƒ¼ã‚¹ã§é€²åŒ–ã—ã¦ãŠã‚Šã€ãã®è¦æ±‚ã«å¿œãˆã‚‰ã‚Œã‚‹ã‚ˆã†ãªã‚¹ã‚±ãƒ¼ãƒ©ãƒ“ãƒªãƒ†ã‚£ã‚’ç¢ºä¿ã™ã‚‹ã«ã¯ç¶™ç¶šçš„ãªåŠªåŠ›ãŒå¿…è¦ã§ã™ã€‚

å‚åŠ æ–¹æ³•

Frederico: ãã‚ãã‚ãŠè©±ã‚‚çµ‚ã‚ã‚Šã«è¿‘ã¥ã„ã¦ãã¾ã—ãŸãŒã€etcdã«é–¢å¿ƒã®ã‚ã‚‹æ–¹ã¯ã©ã®ã‚ˆã†ã«é–¢ã‚ã‚‹ã“ã¨ãŒã§ãã¾ã™ã‹ï¼Ÿ

Marek: ãœã²å‚åŠ ã—ã¦ã„ãŸã ããŸã„ã§ã™ï¼æœ€ã‚‚è‰¯ã„å§‹ã‚æ–¹ã¯ã€SIG etcdãƒŸãƒ¼ãƒ†ã‚£ãƒ³ã‚°ã«å‚åŠ ã—ã€etcd-devãƒ¡ãƒ¼ãƒªãƒ³ã‚°ãƒªã‚¹ãƒˆã§ã®è°è«–ã‚’è¿½ã„ã€GitHubã®Issueã‚’ç¢ºèªã™ã‚‹ã“ã¨ã§ã™ã€‚ææ¡ˆã®ãƒ¬ãƒ“ãƒ¥ãƒ¼ã€ã‚³ãƒ¼ãƒ‰ã®ãƒ†ã‚¹ãƒˆã€ãƒ‰ã‚ãƒ¥ãƒ¡ãƒ³ãƒˆã®è²¢çŒ®ãªã©ã€å¸¸ã«å”åŠ›ã—ã¦ãã ã•ã‚‹æ–¹ã‚’æ“è¿Žã—ã¦ã„ã¾ã™ã€‚

Wenjia: ã“ã®è³ªå•ã¯ã¨ã¦ã‚‚å¬‰ã—ã„ã§ã™ãðŸ˜€ã€‚SIG etcdã¸ã®è²¢çŒ®ã«é–¢å¿ƒã®ã‚ã‚‹æ–¹ãŒé–¢ã‚ã‚Šã€å½±éŸ¿ã‚’ä¸Žãˆã‚‹æ–¹æ³•ã¯æ•°å¤šãã‚ã‚Šã¾ã™ã€‚ä»¥ä¸‹ã¯ã€çš†ã•ã‚“ãŒè²¢çŒ®ã§ãã‚‹ä¸»ãªåˆ†é‡Žã®ä¸€éƒ¨ã§ã™ã€‚

ã‚³ãƒ¼ãƒ‰ã§ã®è²¢çŒ®:

ãƒã‚°ä¿®æ£: etcdã®ã‚³ãƒ¼ãƒ‰ãƒ™ãƒ¼ã‚¹ã®æ—¢çŸ¥ã®å•é¡Œã«å–ã‚Šçµ„ã¿ã¾ã™ã€‚åˆå¿ƒè€…ã«é©ã—ãŸã‚¿ã‚¹ã‚¯ã‚’è¦‹ã¤ã‘ã‚‹ã«ã¯ã€ã€Œgood first issueã€ã‚„ã€Œhelp wantedã€ã¨ãƒ©ãƒ™ãƒ«ä»˜ã‘ã•ã‚ŒãŸIssueã‹ã‚‰å§‹ã‚ã‚‹ã®ãŒè‰¯ã„ã§ã—ã‚‡ã†ã€‚
æ©Ÿèƒ½é–‹ç™º: æ–°æ©Ÿèƒ½ã‚„æ©Ÿèƒ½å¼·åŒ–ã®é–‹ç™ºã«è²¢çŒ®ã—ã¾ã™ã€‚etcdã®ãƒãƒ¼ãƒ‰ãƒžãƒƒãƒ—ã‚„ãƒ‡ã‚£ã‚¹ã‚«ãƒƒã‚·ãƒ§ãƒ³ã‚’ç¢ºèªã—ã€è¨ˆç”»ä¸ã®å†…å®¹ã‚„è‡ªèº«ã®ã‚¹ã‚ãƒ«ãŒæ´»ã‹ã›ã‚‹é ˜åŸŸã‚’æŽ¢ã—ã¦ãã ã•ã„ã€‚
ãƒ†ã‚¹ãƒˆã¨ã‚³ãƒ¼ãƒ‰ãƒ¬ãƒ“ãƒ¥ãƒ¼: ãƒ†ã‚¹ãƒˆã®ä½œæˆã€ã‚³ãƒ¼ãƒ‰å¤‰æ›´ã®ãƒ¬ãƒ“ãƒ¥ãƒ¼ã€ãƒ•ã‚£ãƒ¼ãƒ‰ãƒãƒƒã‚¯ã®æä¾›ã‚’é€šã˜ã¦ã€etcdã®å“è³ªç¢ºä¿ã«è²¢çŒ®ã—ã¾ã™ã€‚
ãƒ‰ã‚ãƒ¥ãƒ¡ãƒ³ãƒˆ: æ–°ã—ã„ã‚³ãƒ³ãƒ†ãƒ³ãƒ„ã®è¿½åŠ ã€æ—¢å˜æƒ…å ±ã®æ˜Žç¢ºåŒ–ã€èª¤è¨˜ã®ä¿®æ£ãªã©ã‚’é€šã˜ã¦ã€etcdã®ãƒ‰ã‚ãƒ¥ãƒ¡ãƒ³ãƒˆã‚’æ”¹å–„ã—ã¾ã™ã€‚æ˜Žç¢ºã§åŒ…æ‹¬çš„ãªãƒ‰ã‚ãƒ¥ãƒ¡ãƒ³ãƒˆã¯ã€ãƒ¦ãƒ¼ã‚¶ãƒ¼ãŠã‚ˆã³ã‚³ãƒ³ãƒˆãƒªãƒ“ãƒ¥ãƒ¼ã‚¿ãƒ¼ã®åŒæ–¹ã«ã¨ã£ã¦ä¸å¯æ¬ ã§ã™ã€‚
ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã‚µãƒãƒ¼ãƒˆ: ãƒ•ã‚©ãƒ¼ãƒ©ãƒ ã€ãƒ¡ãƒ¼ãƒªãƒ³ã‚°ãƒªã‚¹ãƒˆã€ã¾ãŸã¯Slackãƒãƒ£ãƒ³ãƒãƒ«ã§è³ªå•ã«å›žç”ã—ã¾ã™ã€‚etcdã®ç†è§£ã¨åˆ©ç”¨ã‚’æ”¯æ´ã™ã‚‹ã“ã¨ã‚‚ã€ä¾¡å€¤ã®ã‚ã‚‹è²¢çŒ®ã§ã™ã€‚

å‚åŠ æ–¹æ³•:

ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã«å‚åŠ ã™ã‚‹: ã¾ãšã¯Slackä¸Šã®etcdã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã«å‚åŠ ã—ã€SIGã®ãƒŸãƒ¼ãƒ†ã‚£ãƒ³ã‚°ã«å‡ºå¸ã—ã€ãƒ¡ãƒ¼ãƒªãƒ³ã‚°ãƒªã‚¹ãƒˆã‚’ãƒ•ã‚©ãƒãƒ¼ã—ã¾ã—ã‚‡ã†ã€‚ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã€ãã®ãƒ—ãƒã‚»ã‚¹ã€é–¢ã‚ã£ã¦ã„ã‚‹äººã€…ã«ã¤ã„ã¦ç†è§£ã‚’æ·±ã‚ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚
ãƒ¡ãƒ³ã‚¿ãƒ¼ã‚’è¦‹ã¤ã‘ã‚‹: ã‚ªãƒ¼ãƒ—ãƒ³ã‚½ãƒ¼ã‚¹ã‚„etcdã«ä¸æ…£ã‚Œãªå ´åˆã¯ã€ã‚¬ã‚¤ãƒ‰å½¹ã¨ã—ã¦æ”¯æ´ã—ã¦ãã‚Œã‚‹ãƒ¡ãƒ³ã‚¿ãƒ¼ã‚’è¦‹ã¤ã‘ã‚‹ã“ã¨ã‚’æ¤œè¨Žã—ã¦ãã ã•ã„ã€‚ç¶šå ±ã«ã”æ³¨ç›®ãã ã•ã„ï¼ç¬¬1æœŸã®ãƒ¡ãƒ³ã‚¿ãƒ¼ãƒ—ãƒã‚°ãƒ©ãƒ ã¯å¤§å¤‰æˆåŠŸã‚’åŽã‚ã¾ã—ãŸã€‚æ¬¡å›žã®ãƒ¡ãƒ³ã‚¿ãƒ¼ãƒ—ãƒã‚°ãƒ©ãƒ ã‚‚è¿‘æ—¥é–‹å§‹äºˆå®šã§ã™ã€‚
å°ã•ãå§‹ã‚ã‚‹: å°ã•ãªè²¢çŒ®ã‹ã‚‰å§‹ã‚ã‚‹ã“ã¨ã‚’æã‚Œãªã„ã§ãã ã•ã„ã€‚ãŸã¨ãˆã°ã€ãƒ‰ã‚ãƒ¥ãƒ¡ãƒ³ãƒˆã®èª¤å—ã‚’ä¿®æ£ã—ãŸã‚Šã€ç°¡å˜ãªãƒã‚°ä¿®æ£ã‚’ææ¡ˆã—ãŸã‚Šã™ã‚‹ã ã‘ã§ã‚‚ã€ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã«å‚åŠ ã™ã‚‹ãŸã‚ã®ç´ æ™´ã‚‰ã—ã„ç¬¬ä¸€æ©ã¨ãªã‚Šã¾ã™ã€‚

etcdã«è²¢çŒ®ã™ã‚‹ã“ã¨ã§ã€ã‚¯ãƒ©ã‚¦ãƒ‰ãƒã‚¤ãƒ†ã‚£ãƒ–ã‚¨ã‚³ã‚·ã‚¹ãƒ†ãƒ ã®é‡è¦ãªè¦ç´ ã‚’æ”¹å–„ã™ã‚‹æ‰‹åŠ©ã‘ã¨ãªã‚‹ã ã‘ã§ãªãã€è²´é‡ãªçµŒé¨“ã¨ã‚¹ã‚ãƒ«ã‚‚å¾—ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚ ãœã²é£›ã³è¾¼ã‚“ã§ã€è²¢çŒ®ã‚’å§‹ã‚ã¦ã¿ã¦ãã ã•ã„ï¼

Frederico: ç´ æ™´ã‚‰ã—ã„ãŠè©±ã‚’ã‚ã‚ŠãŒã¨ã†ã”ã–ã„ã¾ã—ãŸã€‚æœ€å¾Œã«ã€è¨ç«‹ã•ã‚ŒãŸã°ã‹ã‚Šã®ä»–ã®SIGã«å‘ã‘ã¦ã€ã‚¢ãƒ‰ãƒã‚¤ã‚¹ã‚’ã²ã¨ã¤ã„ãŸã ã‘ã¾ã™ã‹ï¼Ÿ

Marek: ã‚‚ã¡ã‚ã‚“ã§ã™ï¼ç§ã‹ã‚‰ã®ã‚¢ãƒ‰ãƒã‚¤ã‚¹ã¯ã€Kuberneteså…¨ä½“ã®ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã§ç¢ºç«‹ã•ã‚Œã¦ã„ã‚‹ãƒ—ãƒã‚»ã‚¹ã‚’ç©æ¥µçš„ã«å–ã‚Šå…¥ã‚Œã€ä»–ã®SIGã¨ã®é€£æºã‚’å„ªå…ˆã—ã€å¼·å›ºãªã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã®æ§‹ç¯‰ã«æ³¨åŠ›ã™ã‚‹ã“ã¨ã§ã™ã€‚

Wenjia: ç§è‡ªèº«ã®OSSæ´»å‹•ã®ä¸ã§ã¨ã¦ã‚‚å½¹ç«‹ã£ãŸãƒã‚¤ãƒ³ãƒˆã‚’ã„ãã¤ã‹ç´¹ä»‹ã—ã¾ã™ã€‚

å¿è€å¼·ãã‚ã‚‹ã“ã¨: ã‚ªãƒ¼ãƒ—ãƒ³ã‚½ãƒ¼ã‚¹é–‹ç™ºã«ã¯æ™‚é–“ãŒã‹ã‹ã‚‹ã“ã¨ãŒã‚ã‚Šã¾ã™ã€‚è²¢çŒ®ãŒã™ãã«å—ã‘å…¥ã‚Œã‚‰ã‚Œãªã‹ã£ãŸã‚Šã€å›°é›£ã«ç›´é¢ã—ã¦ã‚‚æ°—è½ã¡ã—ãªã„ã§ãã ã•ã„ã€‚
æ•¬æ„ã‚’æŒã¤ã“ã¨: etcdã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã§ã¯å”èª¿ã¨æ•¬æ„ãŒé‡è¦–ã•ã‚Œã¦ã„ã¾ã™ã€‚ä»–ã®äººã®æ„è¦‹ã«é…æ…®ã—ã€å…±é€šã®ç›®æ¨™ã«å‘ã‹ã£ã¦å”åŠ›ã—ã¾ã—ã‚‡ã†ã€‚
æ¥½ã—ã‚€ã“ã¨: ã‚ªãƒ¼ãƒ—ãƒ³ã‚½ãƒ¼ã‚¹ã¸ã®è²¢çŒ®ã¯æ¥½ã—ã„ã‚‚ã®ã§ã‚ã‚‹ã¹ãã§ã™ã€‚è‡ªåˆ†ã®èˆˆå‘³ã®ã‚ã‚‹åˆ†é‡Žã‚’è¦‹ã¤ã‘ã¦ã€ã‚„ã‚ŠãŒã„ã‚’æ„Ÿã˜ã‚‰ã‚Œã‚‹æ–¹æ³•ã§è²¢çŒ®ã—ã¦ãã ã•ã„ã€‚

Frederico: ç´ æ™´ã‚‰ã—ã„ç· ã‚ããã‚Šã§ã™ãã€‚çš†ã•ã‚“ã€æœ¬æ—¥ã¯ã‚ã‚ŠãŒã¨ã†ã”ã–ã„ã¾ã—ãŸï¼

è©³ç´°æƒ…å ±ã‚„å„ç¨®ãƒªã‚½ãƒ¼ã‚¹ã«ã¤ã„ã¦ã¯ã€ä»¥ä¸‹ã‚’ã”è¦§ãã ã•ã„ã€‚

etcdã®å…¬å¼ã‚¦ã‚§ãƒ–ã‚µã‚¤ãƒˆ: https://etcd.io/
etcdã®GitHubãƒªãƒã‚¸ãƒˆãƒª: https://github.com/etcd-io/etcd
etcdã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ãƒšãƒ¼ã‚¸: https://etcd.io/community/

ã‚¯ãƒ©ã‚¦ãƒ‰ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ãƒžãƒãƒ¼ã‚¸ãƒ£ãƒ¼ã«é–¢ã™ã‚‹ã€Œé¶ãŒå…ˆã‹åµãŒå…ˆã‹ã€å•é¡Œ

Fri, 14 Feb 2025 00:00:00 +0000

Kubernetes 1.31ã«ãŠã„ã¦ã€Kuberneteså²ä¸Šæœ€å¤§ã®ç§»è¡Œä½œæ¥ã‚’å®Œäº†ã—ã€in-treeã®ã‚¯ãƒ©ã‚¦ãƒ‰ãƒ—ãƒãƒã‚¤ãƒ€ãƒ¼ãŒå‰Šé™¤ã•ã‚Œã¾ã—ãŸã€‚ ã‚³ãƒ³ãƒãƒ¼ãƒãƒ³ãƒˆã®ç§»è¡Œè‡ªä½“ã¯å®Œäº†ã—ãŸã‚‚ã®ã®ã€ãƒ¦ãƒ¼ã‚¶ãƒ¼ã‚„ã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ©ãƒ¼ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆ(ä¾‹ãˆã°ã€kOpsã‚„Cluster API)ã«ã¨ã£ã¦ã¯ã€ã„ãã¤ã‹ã®è¿½åŠ çš„ãªè¤‡é›‘ã•ãŒæ®‹ã‚‹ã“ã¨ã«ãªã‚Šã¾ã—ãŸã€‚ ã“ã‚Œã‚‰ã®è¿½åŠ æ‰‹é †ã‚„éšœå®³ãƒã‚¤ãƒ³ãƒˆã«ã¤ã„ã¦èª¬æ˜Žã—ã€ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ç®¡ç†è€…å‘ã‘ã«æŽ¨å¥¨äº‹é …ã‚’ç¤ºã—ã¾ã™ã€‚ ã“ã®ç§»è¡Œä½œæ¥ã¯éžå¸¸ã«è¤‡é›‘ã§ã€ã„ãã¤ã‹ã®ãƒã‚¸ãƒƒã‚¯ã¯ã‚³ã‚¢ã‚³ãƒ³ãƒãƒ¼ãƒãƒ³ãƒˆã‹ã‚‰åˆ†é›¢ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã€4ã¤ã®æ–°ã—ã„ã‚µãƒ–ã‚·ã‚¹ãƒ†ãƒ ãŒæ§‹ç¯‰ã•ã‚Œã¾ã—ãŸã€‚

ã‚¯ãƒ©ã‚¦ãƒ‰ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ãƒžãƒãƒ¼ã‚¸ãƒ£ãƒ¼(KEP-2392)
APIã‚µãƒ¼ãƒãƒ¼ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ãƒ—ãƒã‚ã‚·(KEP-1281)
kubeletã‚¯ãƒ¬ãƒ‡ãƒ³ã‚·ãƒ£ãƒ«ãƒ—ãƒãƒã‚¤ãƒ€ãƒ¼ãƒ—ãƒ©ã‚°ã‚¤ãƒ³(KEP-2133)
CSIã‚’ä½¿ç”¨ã™ã‚‹ã‚¹ãƒˆãƒ¬ãƒ¼ã‚¸ã®ç§»è¡Œ(KEP-625)

ã‚¯ãƒ©ã‚¦ãƒ‰ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ãƒžãƒãƒ¼ã‚¸ãƒ£ãƒ¼ã¯ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ«ãƒ—ãƒ¬ãƒ¼ãƒ³ã®ä¸€éƒ¨ã§ã™ã€‚ kube-controller-managerã‚„kubeletã«å¾“æ¥å˜åœ¨ã—ã¦ã„ãŸæ©Ÿèƒ½ã®ä¸€éƒ¨ã‚’ç½®ãæ›ãˆã‚‹é‡è¦ãªã‚³ãƒ³ãƒãƒ¼ãƒãƒ³ãƒˆã§ã™ã€‚

Kubernetesã®ã‚³ãƒ³ãƒãƒ¼ãƒãƒ³ãƒˆ

ã‚¯ãƒ©ã‚¦ãƒ‰ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ãƒžãƒãƒ¼ã‚¸ãƒ£ãƒ¼ã®ä¸ã§ã‚‚æœ€ã‚‚é‡è¦ãªæ©Ÿèƒ½ã®ã²ã¨ã¤ãŒãƒŽãƒ¼ãƒ‰ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ã§ã€ãƒŽãƒ¼ãƒ‰ã®åˆæœŸåŒ–ã‚’æ‹…å½“ã—ã¦ã„ã¾ã™ã€‚

ä»¥ä¸‹ã®å›³ã«ç¤ºã™ã‚ˆã†ã«ã€kubeletãŒèµ·å‹•ã™ã‚‹ã¨ã€Nodeã‚ªãƒ–ã‚¸ã‚§ã‚¯ãƒˆã‚’APIã‚µãƒ¼ãƒãƒ¼ã«ç™»éŒ²ã—ã€ãã®ãƒŽãƒ¼ãƒ‰ã«Taintã‚’ä»˜ä¸Žã™ã‚‹ã“ã¨ã§ã€æœ€åˆã«cloud-controller-managerã«ã‚ˆã£ã¦å‡¦ç†ã•ã‚Œã‚‹ã‚ˆã†ã«ã—ã¾ã™ã€‚ åˆæœŸçŠ¶æ…‹ã®Nodeã«ã¯ã€ãƒŽãƒ¼ãƒ‰ã‚¢ãƒ‰ãƒ¬ã‚¹ã‚„ã€ãƒŽãƒ¼ãƒ‰ã€ãƒªãƒ¼ã‚¸ãƒ§ãƒ³ã€ã‚¤ãƒ³ã‚¹ã‚¿ãƒ³ã‚¹ã‚¿ã‚¤ãƒ—ãªã©ã®ã‚¯ãƒ©ã‚¦ãƒ‰ãƒ—ãƒãƒã‚¤ãƒ€ãƒ¼å›ºæœ‰ã®æƒ…å ±ã‚’å«ã‚€ãƒ©ãƒ™ãƒ«ã¨ã„ã£ãŸã€ã‚¯ãƒ©ã‚¦ãƒ‰ãƒ—ãƒãƒã‚¤ãƒ€ãƒ¼å›ºæœ‰ã®æƒ…å ±ãŒæ¬ ã‘ã¦ã„ã¾ã™ã€‚

ã€Œé¶ãŒå…ˆã‹åµãŒå…ˆã‹ã€å•é¡Œã®ã‚·ãƒ¼ã‚±ãƒ³ã‚¹å›³

ã“ã®æ–°ã—ã„åˆæœŸåŒ–ãƒ—ãƒã‚»ã‚¹ã«ã‚ˆã‚Šã€ãƒŽãƒ¼ãƒ‰ãŒæº–å‚™å®Œäº†ã¨ãªã‚‹ã¾ã§ã«è‹¥å¹²ã®é…å»¶ãŒç™ºç”Ÿã—ã¾ã™ã€‚ å¾“æ¥ã¯ã€kubeletãŒãƒŽãƒ¼ãƒ‰ã‚’ä½œæˆã™ã‚‹éš›ã€åŒæ™‚ã«ãƒŽãƒ¼ãƒ‰ã®åˆæœŸåŒ–ã‚’è¡Œã†ã“ã¨ã‚‚å¯èƒ½ã§ã—ãŸã€‚ ã—ã‹ã—ã€ãã®å‡¦ç†ãŒcloud-controller-managerã«ç§»è¡Œã•ã‚ŒãŸã“ã¨ã§ã€ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã®ãƒ–ãƒ¼ãƒˆã‚¹ãƒˆãƒ©ãƒƒãƒ—æ™‚ã«ã€Œé¶ãŒå…ˆã‹åµãŒå…ˆã‹ã€å•é¡ŒãŒç™ºç”Ÿã™ã‚‹å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã™ã€‚ ã“ã‚Œã¯ã€cloud-controller-managerã‚’ä»–ã®ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ«ãƒ—ãƒ¬ãƒ¼ãƒ³ã‚³ãƒ³ãƒãƒ¼ãƒãƒ³ãƒˆã¨åŒæ§˜ã«ãƒ‡ãƒ—ãƒã‚¤ã—ã¦ã„ãªã„Kubernetesã‚¢ãƒ¼ã‚ãƒ†ã‚¯ãƒãƒ£(ãŸã¨ãˆã°ã€static Podã€ã‚¹ã‚¿ãƒ³ãƒ‰ã‚¢ãƒãƒ³ãƒã‚¤ãƒŠãƒªã€ã¾ãŸã¯Taintã‚’è¨±å®¹ã—hostNetworkã‚’ä½¿ç”¨ã™ã‚‹DaemonSetã‚„Deploymentãªã©)ã«ãŠã„ã¦ç‰¹ã«å•é¡Œã¨ãªã‚Šã¾ã™(ã“ã®ç‚¹ã«ã¤ã„ã¦ã¯å¾Œè¿°ã—ã¾ã™)ã€‚

ä¾å˜é–¢ä¿‚ã®å•é¡Œã®å…·ä½“ä¾‹

å‰è¿°ã®ã¨ãŠã‚Šã€ãƒ–ãƒ¼ãƒˆã‚¹ãƒˆãƒ©ãƒƒãƒ—æ™‚ã«cloud-controller-managerãŒã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒªãƒ³ã‚°ä¸å¯ã¨ãªã‚Šã€ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ãŒæ£å¸¸ã«åˆæœŸåŒ–ã•ã‚Œãªã„å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã™ã€‚ ä»¥ä¸‹ã«ã€ã“ã®å•é¡ŒãŒã©ã®ã‚ˆã†ã«è¡¨é¢åŒ–ã™ã‚‹ã‹ã€ã¾ãŸãã®åŽŸå› ã¨ãªã‚Šå¾—ã‚‹æ ¹æœ¬çš„ãªè¦å› ã®å…·ä½“ä¾‹ã‚’ç¤ºã—ã¾ã™ã€‚

ã“ã‚Œã‚‰ã®ä¾‹ã§ã¯ã€cloud-controller-managerã‚’Kubernetesãƒªã‚½ãƒ¼ã‚¹(ãŸã¨ãˆã°ã€Deploymentã‚„DaemonSetãªã©)ã¨ã—ã¦å®Ÿè¡Œã—ã€ãã®ãƒ©ã‚¤ãƒ•ã‚µã‚¤ã‚¯ãƒ«ã‚’ç®¡ç†ã—ã¦ã„ã‚‹ã“ã¨ã‚’å‰æã¨ã—ã¦ã„ã¾ã™ã€‚ ã“ã‚Œã‚‰ã®æ–¹æ³•ã§ã¯ã€cloud-controller-managerã®ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒªãƒ³ã‚°ãŒKubernetesã«ä¾å˜ã™ã‚‹ãŸã‚ã€ç¢ºå®Ÿã«ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒªãƒ³ã‚°ã•ã‚Œã‚‹ã‚ˆã†ã«æ³¨æ„ãŒå¿…è¦ã§ã™ã€‚

ä¾‹: æœªåˆæœŸåŒ–ã®Taintã«ã‚ˆã‚Šã‚¯ãƒ©ã‚¦ãƒ‰ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ãƒžãƒãƒ¼ã‚¸ãƒ£ãƒ¼ãŒã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒªãƒ³ã‚°ã•ã‚Œãªã„

Kubernetesã®ãƒ‰ã‚ãƒ¥ãƒ¡ãƒ³ãƒˆã«è¨˜è¼‰ã•ã‚Œã¦ã„ã‚‹ã¨ãŠã‚Šã€--cloud-provider=externalãƒ•ãƒ©ã‚°ã‚’ä»˜ã‘ã¦kubeletã‚’èµ·å‹•ã—ãŸå ´åˆã€å¯¾å¿œã™ã‚‹Nodeã‚ªãƒ–ã‚¸ã‚§ã‚¯ãƒˆã«ã¯node.cloudprovider.kubernetes.io/uninitializedã¨ã„ã†No Schedule TaintãŒè¿½åŠ ã•ã‚Œã¾ã™ã€‚ ãã®No Schedule Taintã‚’é™¤åŽ»ã™ã‚‹ã®ã¯cloud-controller-managerã®è²¬ä»»ã§ã‚ã‚‹ãŸã‚ã€cloud-controller-managerã‚’Deploymentã‚„DaemonSetãªã©ã®Kubernetesãƒªã‚½ãƒ¼ã‚¹ã§ç®¡ç†ã—ã¦ã„ã‚‹å ´åˆã€cloud-controller-managerè‡ªèº«ãŒã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒªãƒ³ã‚°ã§ããªã„ã¨ã„ã†çŠ¶æ³ãŒç™ºç”Ÿã™ã‚‹å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã™ã€‚

ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ«ãƒ—ãƒ¬ãƒ¼ãƒ³ã®åˆæœŸåŒ–ä¸ã«cloud-controller-managerãŒã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒªãƒ³ã‚°ã§ããªã„ã¨ã€çµæžœã¨ã—ã¦ä½œæˆã•ã‚Œã‚‹ã™ã¹ã¦ã®Nodeã‚ªãƒ–ã‚¸ã‚§ã‚¯ãƒˆã«node.cloudprovider.kubernetes.io/uninitializedã¨ã„ã†No Schedule TaintãŒä»˜ä¸Žã•ã‚ŒãŸã¾ã¾ã¨ãªã‚Šã¾ã™ã€‚ ã¾ãŸã€ã“ã®Taintã®å‰Šé™¤ã¯cloud-controller-managerã®è²¬å‹™ã§ã‚ã‚‹ãŸã‚ã€cloud-controller-managerãŒå®Ÿè¡Œã•ã‚Œãªã‘ã‚Œã°Taintã¯å‰Šé™¤ã•ã‚Œã¾ã›ã‚“ã€‚ ã“ã®No Schedule TaintãŒé™¤åŽ»ã•ã‚Œãªã„ã¨ã€ã‚³ãƒ³ãƒ†ãƒŠãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ã‚¤ãƒ³ã‚¿ãƒ¼ãƒ•ã‚§ãƒ¼ã‚¹ã®ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ãªã©ã®é‡è¦ãªãƒ¯ãƒ¼ã‚¯ãƒãƒ¼ãƒ‰ãŒã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒªãƒ³ã‚°ã•ã‚Œãšã€ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã¯æ£å¸¸ãªçŠ¶æ…‹ã«ãªã‚Šã¾ã›ã‚“ã€‚

ä¾‹: Not-Ready Taintã«ã‚ˆã‚Šã‚¯ãƒ©ã‚¦ãƒ‰ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ãƒžãƒãƒ¼ã‚¸ãƒ£ãƒ¼ãŒã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒªãƒ³ã‚°ã•ã‚Œãªã„

æ¬¡ã®ä¾‹ã¯ã€ã‚³ãƒ³ãƒ†ãƒŠãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ã‚¤ãƒ³ã‚¿ãƒ¼ãƒ•ã‚§ãƒ¼ã‚¹(CNI)ãŒcloud-controller-manager(CCM)ã‹ã‚‰ã®IPã‚¢ãƒ‰ãƒ¬ã‚¹æƒ…å ±ã‚’å¾…ã¡å—ã‘ã¦ãŠã‚Šã€ã‹ã¤CCMãŒCNIã«ã‚ˆã£ã¦é™¤åŽ»ã•ã‚Œã‚‹ã¯ãšã®Taintã‚’è¨±å®¹ã—ã¦ã„ãªã„çŠ¶æ³ã§ç™ºç”Ÿã™ã‚‹å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã™ã€‚

Kubernetesã®ãƒ‰ã‚ãƒ¥ãƒ¡ãƒ³ãƒˆã§ã¯ã€node.kubernetes.io/not-ready Taintã«ã¤ã„ã¦æ¬¡ã®ã‚ˆã†ã«èª¬æ˜Žã•ã‚Œã¦ã„ã¾ã™ã€‚

ã€ŒNodeã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ã¯ã€ãƒŽãƒ¼ãƒ‰ã®æ£å¸¸æ€§ã‚’ç›£è¦–ã™ã‚‹ã“ã¨ã§ãã®çŠ¶æ…‹ã‚’åˆ¤æ–ã—ã€ãã‚Œã«å¿œã˜ã¦ã“ã®Taintã‚’è¿½åŠ ã¾ãŸã¯å‰Šé™¤ã—ã¾ã™ã€‚ã€

ã“ã®TaintãŒNodeãƒªã‚½ãƒ¼ã‚¹ã«ä»˜ä¸Žã•ã‚Œã‚‹æ¡ä»¶ã®ä¸€ã¤ã¯ã€ãã®ãƒŽãƒ¼ãƒ‰ä¸Šã§ã‚³ãƒ³ãƒ†ãƒŠãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ãŒã¾ã åˆæœŸåŒ–ã•ã‚Œã¦ã„ãªã„å ´åˆã§ã™ã€‚ cloud-controller-managerã¯Nodeãƒªã‚½ãƒ¼ã‚¹ã«IPã‚¢ãƒ‰ãƒ¬ã‚¹ã‚’è¿½åŠ ã™ã‚‹è²¬ä»»ãŒã‚ã‚Šã€ã‚³ãƒ³ãƒ†ãƒŠãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ã¯ã‚³ãƒ³ãƒ†ãƒŠãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ã‚’é©åˆ‡ã«æ§‹æˆã™ã‚‹ãŸã‚ã«IPã‚¢ãƒ‰ãƒ¬ã‚¹ã‚’å¿…è¦ã¨ã—ã¾ã™ã€‚ ã—ãŸãŒã£ã¦ã€å ´åˆã«ã‚ˆã£ã¦ã¯ãƒŽãƒ¼ãƒ‰ãŒNot Readyã®ã¾ã¾åˆæœŸåŒ–ã•ã‚Œãšã€æ’ä¹…çš„ã«ãã®çŠ¶æ…‹ã«ã¨ã©ã¾ã‚‹ã“ã¨ãŒã‚ã‚Šã¾ã™ã€‚

ã“ã®çŠ¶æ³ã¯æœ€åˆã®ä¾‹ã¨åŒæ§˜ã®ç†ç”±ã§ç™ºç”Ÿã—ã¾ã™ãŒã€ã“ã®å ´åˆã¯node.kubernetes.io/not-ready TaintãŒNo Executeã®åŠ¹æžœã¨ã¨ã‚‚ã«ä½¿ç”¨ã•ã‚Œã¦ã„ã‚‹ãŸã‚ã€cloud-controller-managerã¯ã“ã®TaintãŒä»˜ä¸Žã•ã‚ŒãŸãƒŽãƒ¼ãƒ‰ä¸Šã§å®Ÿè¡Œã•ã‚Œã¾ã›ã‚“ã€‚ cloud-controller-managerãŒå®Ÿè¡Œã§ããªã„å ´åˆã€ãƒŽãƒ¼ãƒ‰ã¯åˆæœŸåŒ–ã•ã‚Œã¾ã›ã‚“ã€‚ ã“ã‚Œã¯ã‚³ãƒ³ãƒ†ãƒŠãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ãŒæ£å¸¸ã«å‹•ä½œã§ããªã„ã“ã¨ã¸ã¨é€£éŽ–ã—ã€ãƒŽãƒ¼ãƒ‰ã¯node.cloudprovider.kubernetes.io/uninitializedã¨node.kubernetes.io/not-readyã®ä¸¡æ–¹ã®Taintã‚’ä¿æŒã™ã‚‹ã“ã¨ã«ãªã‚Šã€ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã¯æ£å¸¸ãªçŠ¶æ…‹ã§ã¯ãªããªã‚Šã¾ã™ã€‚

æŽ¨å¥¨äº‹é …

cloud-controller-managerã®å®Ÿè¡Œæ–¹æ³•ã«ã€Œã“ã‚ŒãŒæ£è§£ã€ã¨ã„ã†å”¯ä¸€ã®æ–¹æ³•ã¯ã‚ã‚Šã¾ã›ã‚“ã€‚ è©³ç´°ã¯ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ç®¡ç†è€…ãŠã‚ˆã³ãƒ¦ãƒ¼ã‚¶ãƒ¼ã®å…·ä½“çš„ãªãƒ‹ãƒ¼ã‚ºã«ä¾å˜ã—ã¾ã™ã€‚ ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ãŠã‚ˆã³cloud-controller-managerã®ãƒ©ã‚¤ãƒ•ã‚µã‚¤ã‚¯ãƒ«ã‚’è¨ˆç”»ã™ã‚‹éš›ã«ã¯ã€ä»¥ä¸‹ã®ã‚¬ã‚¤ãƒ€ãƒ³ã‚¹ã‚’è€ƒæ…®ã—ã¦ãã ã•ã„ã€‚

cloud-controller-managerãŒç®¡ç†å¯¾è±¡ã¨åŒã˜ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼å†…ã§å®Ÿè¡Œã•ã‚Œã¦ã„ã‚‹å ´åˆã¯ã€ä¸‹è¨˜ã®æŽ¨å¥¨äº‹é …ã‚’è€ƒæ…®ã—ã¦ãã ã•ã„ã€‚

Podãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ã§ã¯ãªãã€ãƒ›ã‚¹ãƒˆãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ãƒ¢ãƒ¼ãƒ‰ã‚’ä½¿ç”¨ã—ã¦ãã ã•ã„ã€‚å¤šãã®å ´åˆã€ã‚¯ãƒ©ã‚¦ãƒ‰ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ãƒžãƒãƒ¼ã‚¸ãƒ£ãƒ¼ã¯ã‚¤ãƒ³ãƒ•ãƒ©ã‚¹ãƒˆãƒ©ã‚¯ãƒãƒ£ã«é–¢é€£ä»˜ã‘ã‚‰ã‚ŒãŸAPIã‚µãƒ¼ãƒ“ã‚¹ã‚¨ãƒ³ãƒ‰ãƒã‚¤ãƒ³ãƒˆã¨é€šä¿¡ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚"hostNetwork"ã‚’trueã«è¨å®šã™ã‚‹ã“ã¨ã§ã€ã‚¯ãƒ©ã‚¦ãƒ‰ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ã¯ã‚³ãƒ³ãƒ†ãƒŠãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ã§ã¯ãªããƒ›ã‚¹ãƒˆã®ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ã‚’ä½¿ç”¨ã™ã‚‹ã‚ˆã†ã«ãªã‚Šã€ãƒ›ã‚¹ãƒˆã‚ªãƒšãƒ¬ãƒ¼ãƒ†ã‚£ãƒ³ã‚°ã‚·ã‚¹ãƒ†ãƒ ã¨åŒã˜ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ã‚¢ã‚¯ã‚»ã‚¹ã‚’æŒã¤ã“ã¨ãŒä¿è¨¼ã•ã‚Œã¾ã™ã€‚ã¾ãŸã€ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ãƒ—ãƒ©ã‚°ã‚¤ãƒ³ã¸ã®ä¾å˜ã‚‚ãªããªã‚Šã¾ã™ã€‚ã“ã‚Œã«ã‚ˆã‚Šã€ã‚¯ãƒ©ã‚¦ãƒ‰ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ãŒã‚¤ãƒ³ãƒ•ãƒ©ã‚¹ãƒˆãƒ©ã‚¯ãƒãƒ£ã®ã‚¨ãƒ³ãƒ‰ãƒã‚¤ãƒ³ãƒˆã¸ã‚¢ã‚¯ã‚»ã‚¹ã§ãã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã™(ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯æ§‹æˆãŒã‚¤ãƒ³ãƒ•ãƒ©ã‚¹ãƒˆãƒ©ã‚¯ãƒãƒ£ãƒ—ãƒãƒã‚¤ãƒ€ãƒ¼ã®æŒ‡ç¤ºã¨ä¸€è‡´ã—ã¦ã„ã‚‹ã‹å¿…ãšç¢ºèªã—ã¦ãã ã•ã„)ã€‚
ã‚¹ã‚±ãƒ¼ãƒ©ãƒ–ãƒ«ãªãƒªã‚½ãƒ¼ã‚¹ã‚¿ã‚¤ãƒ—ã‚’ä½¿ç”¨ã—ã¦ãã ã•ã„ã€‚Deploymentã‚„DaemonSetã¯ã€ã‚¯ãƒ©ã‚¦ãƒ‰ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ã®ãƒ©ã‚¤ãƒ•ã‚µã‚¤ã‚¯ãƒ«ã‚’ç®¡ç†ã™ã‚‹ã®ã«æœ‰ç”¨ã§ã™ã€‚ã“ã‚Œã‚‰ã‚’ä½¿ç”¨ã™ã‚‹ã“ã¨ã§ã€å†—é•·æ€§ã®ãŸã‚ã«è¤‡æ•°ã®ã‚¤ãƒ³ã‚¹ã‚¿ãƒ³ã‚¹ã‚’å®Ÿè¡Œã—ãŸã‚Šã€Kubernetesã®ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒªãƒ³ã‚°æ©Ÿèƒ½ã«ã‚ˆã£ã¦ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼å†…ã§é©åˆ‡ã«é…ç½®ã—ãŸã‚Šã™ã‚‹ã“ã¨ãŒå®¹æ˜“ã«ãªã‚Šã¾ã™ã€‚ã“ã‚Œã‚‰ã®ãƒ—ãƒªãƒŸãƒ†ã‚£ãƒ–ã‚’ä½¿ã£ã¦ã‚¯ãƒ©ã‚¦ãƒ‰ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ã®ãƒ©ã‚¤ãƒ•ã‚µã‚¤ã‚¯ãƒ«ã‚’ç®¡ç†ã—ã€è¤‡æ•°ã®ãƒ¬ãƒ—ãƒªã‚«ã‚’å®Ÿè¡Œã™ã‚‹å ´åˆã¯ã€ãƒªãƒ¼ãƒ€ãƒ¼é¸å‡ºã‚’æœ‰åŠ¹ã«ã™ã‚‹ã“ã¨ã‚’å¿˜ã‚Œãªã„ã§ãã ã•ã„ã€‚ãã†ã—ãªã„ã¨ã€å„ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ãŒäº’ã„ã«å¹²æ¸‰ã—ã€ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼å†…ã®ãƒŽãƒ¼ãƒ‰ãŒåˆæœŸåŒ–ã•ã‚Œãªã„å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã™ã€‚
ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ãƒžãƒãƒ¼ã‚¸ãƒ£ãƒ¼ã®ã‚³ãƒ³ãƒ†ãƒŠã‚’ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ«ãƒ—ãƒ¬ãƒ¼ãƒ³ã«é…ç½®ã—ã¦ãã ã•ã„ã€‚ä»–ã®ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼(ãŸã¨ãˆã°Azureã®ãƒŽãƒ¼ãƒ‰ãƒžãƒãƒ¼ã‚¸ãƒ£ãƒ¼ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ãªã©)ãŒã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ«ãƒ—ãƒ¬ãƒ¼ãƒ³å¤–ã§å®Ÿè¡Œã•ã‚Œã‚‹å¿…è¦ãŒã‚ã‚‹å ´åˆã‚‚ã‚ã‚Šã¾ã™ãŒã€ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ãƒžãƒãƒ¼ã‚¸ãƒ£ãƒ¼è‡ªä½“ã¯ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ«ãƒ—ãƒ¬ãƒ¼ãƒ³ã«ãƒ‡ãƒ—ãƒã‚¤ã™ã‚‹ã¹ãã§ã™ã€‚ã‚¯ãƒ©ã‚¦ãƒ‰ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ã‚’ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ«ãƒ—ãƒ¬ãƒ¼ãƒ³ä¸Šã§å®Ÿè¡Œã™ã‚‹ã‚ˆã†ã«ã€nodeSelectorã‚„affinityã‚¹ã‚¿ãƒ³ã‚¶ã‚’ä½¿ç”¨ã—ã¦ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒªãƒ³ã‚°ã‚’åˆ¶å¾¡ã—ã¦ãã ã•ã„ã€‚ã“ã‚Œã«ã‚ˆã‚Šã€ã‚¯ãƒ©ã‚¦ãƒ‰ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ã‚’ä¿è·ã•ã‚ŒãŸé ˜åŸŸã§å®Ÿè¡Œã§ãã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã™ã€‚ã‚¯ãƒ©ã‚¦ãƒ‰ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ã¯Kubernetesã¨ç‰©ç†ã‚¤ãƒ³ãƒ•ãƒ©ã‚¹ãƒˆãƒ©ã‚¯ãƒãƒ£ã¨ã®é–“ã®æŽ¥ç¶šã‚’æ‹…ã„ã€ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã¸ã®ãƒŽãƒ¼ãƒ‰ã®è¿½åŠ ãƒ»å‰Šé™¤ã«ä¸å¯æ¬ ã§ã™ã€‚ã“ã‚Œã‚‰ã‚’ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ«ãƒ—ãƒ¬ãƒ¼ãƒ³ä¸Šã§å®Ÿè¡Œã™ã‚‹ã“ã¨ã§ã€ä»–ã®ã‚³ã‚¢ã®ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ã¨åŒç‰ã®å„ªå…ˆåº¦ã§å®Ÿè¡Œã•ã‚Œã€éžç‰¹æ¨©ãƒ¦ãƒ¼ã‚¶ãƒ¼ã®ãƒ¯ãƒ¼ã‚¯ãƒãƒ¼ãƒ‰ã¨ã¯åˆ†é›¢ã•ã‚Œã‚‹ã“ã¨ãŒç¢ºä¿ã•ã‚Œã¾ã™ã€‚
1. ã‚¯ãƒ©ã‚¦ãƒ‰ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ãŒåŒä¸€ã®ãƒ›ã‚¹ãƒˆä¸Šã§å®Ÿè¡Œã•ã‚Œãªã„ã‚ˆã†ã«ã™ã‚‹ãŸã‚ã®anti-affinityã‚¹ã‚¿ãƒ³ã‚¶ã‚‚ã€å˜ä¸€ãƒŽãƒ¼ãƒ‰ã®éšœå®³ã«ã‚ˆã£ã¦ã‚¯ãƒ©ã‚¦ãƒ‰ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ã®ãƒ‘ãƒ•ã‚©ãƒ¼ãƒžãƒ³ã‚¹ãŒä½Žä¸‹ã™ã‚‹ã®ã‚’é˜²ãã†ãˆã§éžå¸¸ã«æœ‰ç”¨ã§ã‚ã‚‹ã“ã¨ã¯æ³¨ç›®ã«å€¤ã—ã¾ã™ã€‚
é‹ç”¨ãŒå¯èƒ½ã¨ãªã‚‹ã‚ˆã†ã«ã€é©åˆ‡ãªTolerationã‚’è¨å®šã—ã¦ãã ã•ã„ã€‚ã‚¯ãƒ©ã‚¦ãƒ‰ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ã‚³ãƒ³ãƒ†ãƒŠã®ãƒžãƒ‹ãƒ•ã‚§ã‚¹ãƒˆã«ã¯ã€é©åˆ‡ãªãƒŽãƒ¼ãƒ‰ã«ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒªãƒ³ã‚°ã•ã‚Œã‚‹ã‚ˆã†ã€ã¾ãŸãƒŽãƒ¼ãƒ‰ãŒåˆæœŸåŒ–ä¸ã§ã‚ã£ã¦ã‚‚å®Ÿè¡Œã§ãã‚‹ã‚ˆã†ã«ã™ã‚‹ãŸã‚ã®Tolerationã‚’è¨˜è¿°ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚ã“ã‚Œã¯ã€ã‚¯ãƒ©ã‚¦ãƒ‰ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ãŒnode.cloudprovider.kubernetes.io/uninitialized Taintã‚’è¨±å®¹ã™ã¹ãã§ã‚ã‚‹ã“ã¨ã‚’æ„å‘³ã—ã¾ã™ã€‚ã¾ãŸã€ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ«ãƒ—ãƒ¬ãƒ¼ãƒ³ã«é–¢é€£ä»˜ã‘ã‚‰ã‚ŒãŸTaint(ãŸã¨ãˆã°node-role.kubernetes.io/control-planeã‚„node-role.kubernetes.io/master)ã‚‚è¨±å®¹ã™ã¹ãã§ã™ã€‚ã•ã‚‰ã«ã€ãƒŽãƒ¼ãƒ‰ãŒã¾ã æ£å¸¸æ€§ç›£è¦–ã®åˆ©ç”¨ãŒã§ããªã„çŠ¶æ…‹ã§ã‚‚ã‚¯ãƒ©ã‚¦ãƒ‰ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ãŒå®Ÿè¡Œã§ãã‚‹ã‚ˆã†ã€node.kubernetes.io/not-ready Taintã‚’è¨±å®¹ã™ã‚‹ã“ã¨ã‚‚æœ‰ç”¨ã§ã™ã€‚

cloud-controller-managerã‚’ã€ç®¡ç†å¯¾è±¡ã®ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ä¸Šã§ã¯ãªãã€åˆ¥ã®ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼(ãŸã¨ãˆã°ã€ãƒ›ã‚¹ãƒˆåž‹ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ«ãƒ—ãƒ¬ãƒ¼ãƒ³ã‚’ç”¨ã„ãŸæ§‹æˆ)ã§å®Ÿè¡Œã™ã‚‹å ´åˆã€ãã®é‹ç”¨ã¯cloud-controller-managerã‚’å®Ÿè¡Œã—ã¦ã„ã‚‹ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã®ç’°å¢ƒã«ä¾å˜ã™ã‚‹ãŸã‚ã€ã‚ˆã‚ŠåŽ³ã—ã„åˆ¶ç´„ã‚’å—ã‘ã‚‹ã“ã¨ã«ãªã‚Šã¾ã™ã€‚ è‡ªå·±ç®¡ç†åž‹ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ä¸Šã§ã®é‹ç”¨ã«é–¢ã™ã‚‹æŽ¨å¥¨äº‹é …ã¯ã€ç«¶åˆã®ç¨®é¡žã‚„ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯åˆ¶ç´„ãŒç•°ãªã‚‹ãŸã‚ã€é©åˆ‡ã§ãªã„å ´åˆãŒã‚ã‚Šã¾ã™ã€‚ ã“ã®ã‚ˆã†ãªã‚·ãƒŠãƒªã‚ªã«ãŠã„ã¦ã¯ã€ã”åˆ©ç”¨ã®ãƒˆãƒãƒã‚¸ãƒ¼ã«å¿œã˜ãŸã‚¢ãƒ¼ã‚ãƒ†ã‚¯ãƒãƒ£ã¨è¦ä»¶ã‚’ç¢ºèªã—ã¦ãã ã•ã„ã€‚

ä¾‹

ä»¥ä¸‹ã¯ã€ä¸Šè¨˜ã®ã‚¬ã‚¤ãƒ€ãƒ³ã‚¹ã‚’åæ˜ ã—ãŸKubernetesã®Deploymentã®ä¾‹ã§ã™ã€‚ ã“ã‚Œã¯ã‚ãã¾ã§ãƒ‡ãƒ¢ãƒ³ã‚¹ãƒˆãƒ¬ãƒ¼ã‚·ãƒ§ãƒ³ç”¨ã®ã‚‚ã®ã§ã‚ã‚Šã€å®Ÿé‹ç”¨ã§ä½¿ç”¨ã™ã‚‹å ´åˆã¯å¿…ãšã‚¯ãƒ©ã‚¦ãƒ‰ãƒ—ãƒãƒã‚¤ãƒ€ãƒ¼ã®ãƒ‰ã‚ãƒ¥ãƒ¡ãƒ³ãƒˆã‚’å‚ç…§ã—ã¦ãã ã•ã„ã€‚

apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app.kubernetes.io/name: cloud-controller-manager
name: cloud-controller-manager
namespace: kube-system
spec:
replicas: 2
selector:
matchLabels:
app.kubernetes.io/name: cloud-controller-manager
strategy:
type: Recreate
template:
metadata:
labels:
app.kubernetes.io/name: cloud-controller-manager
annotations:
kubernetes.io/description: Cloud controller manager for my infrastructure
spec:
containers: # ã‚³ãƒ³ãƒ†ãƒŠã®è©³ç´°ã¯ä½¿ç”¨ã™ã‚‹ã‚¯ãƒ©ã‚¦ãƒ‰ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ãƒžãƒãƒ¼ã‚¸ãƒ£ãƒ¼ã«ä¾å˜ã—ã¾ã™
- name: cloud-controller-manager
command:
- /bin/my-infrastructure-cloud-controller-manager
- --leader-elect=true
- -v=1
image: registry/my-infrastructure-cloud-controller-manager@latest
resources:
requests:
cpu: 200m
memory: 50Mi
hostNetwork: true # ã“ã‚Œã‚‰ã®Podã¯ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ«ãƒ—ãƒ¬ãƒ¼ãƒ³ã®ä¸€éƒ¨ã§ã™
nodeSelector:
node-role.kubernetes.io/control-plane: ""
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- topologyKey: "kubernetes.io/hostname"
labelSelector:
matchLabels:
app.kubernetes.io/name: cloud-controller-manager
tolerations:
- effect: NoSchedule
key: node-role.kubernetes.io/master
operator: Exists
- effect: NoExecute
key: node.kubernetes.io/unreachable
operator: Exists
tolerationSeconds: 120
- effect: NoExecute
key: node.kubernetes.io/not-ready
operator: Exists
tolerationSeconds: 120
- effect: NoSchedule
key: node.cloudprovider.kubernetes.io/uninitialized
operator: Exists
- effect: NoSchedule
key: node.kubernetes.io/not-ready
operator: Exists

ã‚¯ãƒ©ã‚¦ãƒ‰ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ãƒžãƒãƒ¼ã‚¸ãƒ£ãƒ¼ã®ãƒ‡ãƒ—ãƒã‚¤æ–¹æ³•ã‚’æ±ºå®šã™ã‚‹éš›ã«ã¯ã€ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã®è¦æ¨¡ã‚„ãƒªã‚½ãƒ¼ã‚¹ã«å¿œã˜ãŸPodã®ã‚ªãƒ¼ãƒˆã‚¹ã‚±ãƒ¼ãƒªãƒ³ã‚°ã¯æŽ¨å¥¨ã•ã‚Œãªã„ã“ã¨ã«æ³¨æ„ã—ã¦ãã ã•ã„ã€‚ ã‚¯ãƒ©ã‚¦ãƒ‰ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ãƒžãƒãƒ¼ã‚¸ãƒ£ãƒ¼ã®ãƒ¬ãƒ—ãƒªã‚«ã‚’è¤‡æ•°å®Ÿè¡Œã™ã‚‹ã“ã¨ã¯ã€é«˜å¯ç”¨æ€§ã‚„å†—é•·æ€§ã‚’ç¢ºä¿ã™ã‚‹ä¸Šã§æœ‰åŠ¹ãªæ‰‹æ³•ã§ã™ãŒã€ãƒ‘ãƒ•ã‚©ãƒ¼ãƒžãƒ³ã‚¹ã®å‘ä¸Šã«ã¯ã¤ãªãŒã‚Šã¾ã›ã‚“ã€‚ ä¸€èˆ¬ã«ã€ä»»æ„ã®æ™‚ç‚¹ã§ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã®æ•´åˆæ€§ã‚’ä¿ã¤å‡¦ç†ã‚’è¡Œã†ã®ã¯ã‚¯ãƒ©ã‚¦ãƒ‰ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ãƒžãƒãƒ¼ã‚¸ãƒ£ãƒ¼ã®ã‚¤ãƒ³ã‚¹ã‚¿ãƒ³ã‚¹ã®ã†ã¡1ã¤ã ã‘ã§ã™ã€‚

SIG Architecture: Enhancementsã®å–ã‚Šçµ„ã¿ã®ç´¹ä»‹

Tue, 21 Jan 2025 00:00:00 +0000

ã“ã‚Œã¯ã€SIG Architecture Spotlightã‚·ãƒªãƒ¼ã‚ºã®ç¬¬4å›žç›®ã®ã‚¤ãƒ³ã‚¿ãƒ“ãƒ¥ãƒ¼ã§ã‚ã‚Šã€ä»Šå¾Œã‚‚ã•ã¾ã–ã¾ãªã‚µãƒ–ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã‚’å–ã‚Šä¸Šã’ã‚‹äºˆå®šã§ã™ã€‚ ä»Šå›žã¯ã€SIG Architecture: Enhancementsã‚’ç‰¹é›†ã—ã¾ã™ã€‚

ã“ã®SIG Architecture Spotlightã§ã¯ã€Enhancementsã‚µãƒ–ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã®ãƒªãƒ¼ãƒ‰ã§ã‚ã‚‹Kirsten Garrisonã•ã‚“ã«ãŠè©±ã‚’ä¼ºã„ã¾ã—ãŸã€‚

Enhancementsã‚µãƒ–ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆ

Frederico(FSM): Kirstenã•ã‚“ã€Enhancementsã‚µãƒ–ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã«ã¤ã„ã¦ãŠè©±ã—ã§ãã‚‹æ©Ÿä¼šã‚’ã„ãŸã ãã€ã¨ã¦ã‚‚ã†ã‚Œã—ãæ€ã„ã¾ã™ã€‚ ã¾ãšã¯ç°¡å˜ã«è‡ªå·±ç´¹ä»‹ã¨ã”è‡ªèº«ã®å½¹å‰²ã«ã¤ã„ã¦æ•™ãˆã¦ãã ã•ã„ã€‚

Kirsten Garrison(KG): ç§ã¯SIG-Architectureã®Enhancementsã‚µãƒ–ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã®ãƒªãƒ¼ãƒ‰ã‚’å‹™ã‚ã¦ãŠã‚Šã€ç¾åœ¨ã¯Googleã«å‹¤å‹™ã—ã¦ã„ã¾ã™ã€‚ æœ€åˆã¯Carolyn Van Slyckã•ã‚“ã®åŠ©ã‘ã‚’å€Ÿã‚ŠãªãŒã‚‰ã€service-catalogãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã¸ã®ã‚³ãƒ³ãƒˆãƒªãƒ“ãƒ¥ãƒ¼ãƒˆã‚’é€šã˜ã¦é–¢ã‚ã‚Šå§‹ã‚ã¾ã—ãŸã€‚ ãã®å¾Œã€ãƒªãƒªãƒ¼ã‚¹ãƒãƒ¼ãƒ ã«å‚åŠ ã—ã€æœ€çµ‚çš„ã«Enhancementsã®ãƒªãƒ¼ãƒ‰ãŠã‚ˆã³Release Leadã®è£œä½ã‚’å‹™ã‚ã‚‹ã“ã¨ã«ãªã‚Šã¾ã—ãŸã€‚ ãƒªãƒªãƒ¼ã‚¹ãƒãƒ¼ãƒ ã§ã¯ã€ç§ã®ãƒãƒ¼ãƒ ã®çµŒé¨“ã«åŸºã¥ãã€å„SIGã‚„Enhancementsãƒãƒ¼ãƒ ã«ã¨ã£ã¦ã‚ˆã‚Šè‰¯ã„ãƒ—ãƒã‚»ã‚¹ã¨ãªã‚‹ã‚ˆã†(ã‚ªãƒ—ãƒˆã‚¤ãƒ³ãƒ—ãƒã‚»ã‚¹ãªã©ã®)ã„ãã¤ã‹ã®ã‚¢ã‚¤ãƒ‡ã‚¢ã«å–ã‚Šçµ„ã¿ã¾ã—ãŸã€‚ æœ€çµ‚çš„ã«ã¯ã€ã‚µãƒ–ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã®ãƒŸãƒ¼ãƒ†ã‚£ãƒ³ã‚°ã«å‚åŠ ã—ã€ãã®ä½œæ¥ã«ã‚‚è²¢çŒ®ã™ã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã—ãŸã€‚

FSM: Enhancementsã‚µãƒ–ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã«ã¤ã„ã¦è¨€åŠã•ã‚Œã¦ã„ã¾ã—ãŸãŒã€ãã®ä¸»ãªç›®çš„ã‚„é–¢ä¸Žã™ã‚‹é ˜åŸŸã«ã¤ã„ã¦èª¬æ˜Žã—ã¦ã„ãŸã ã‘ã¾ã™ã‹ï¼Ÿ

KG: Enhancementsã‚µãƒ–ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã¯ã€ä¸»ã«Kubernetes Enhancement Proposal(ç•¥ã—ã¦ KEP)ã‚’æ‰±ã£ã¦ã„ã¾ã™ã€‚ KEPã¯ã€Kubernetesãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã«ãŠã‘ã‚‹ã™ã¹ã¦ã®æ–°æ©Ÿèƒ½ãŠã‚ˆã³é‡è¦ãªå¤‰æ›´ã«å¿…è¦ã¨ãªã‚‹ã€Œè¨è¨ˆã€ãƒ‰ã‚ãƒ¥ãƒ¡ãƒ³ãƒˆã§ã™ã€‚

KEPã¨ãã®å½±éŸ¿

FSM: KEPãƒ—ãƒã‚»ã‚¹ã®æ”¹å–„ã¯ã€ã‹ã¤ã¦ã‹ã‚‰(ãã—ã¦ç¾åœ¨ã‚‚)ã€SIG ArchitectureãŒæ·±ãé–¢ä¸Žã—ã¦ã„ã‚‹å–ã‚Šçµ„ã¿ã®ä¸€ã¤ã§ã™ã€‚ ã“ã®ãƒ—ãƒã‚»ã‚¹ã«ã¤ã„ã¦çŸ¥ã‚‰ãªã„æ–¹ã®ãŸã‚ã«ã€èª¬æ˜Žã—ã¦ã„ãŸã ã‘ã¾ã™ã‹ï¼Ÿ

KG: å„ãƒªãƒªãƒ¼ã‚¹ã«ãŠã„ã¦ã€å„SIGã¯ãã®ãƒªãƒªãƒ¼ã‚¹ã«å«ã‚ãŸã„ã¨è€ƒãˆã¦ã„ã‚‹æ©Ÿèƒ½ã‚’ãƒªãƒªãƒ¼ã‚¹ãƒãƒ¼ãƒ ã«å…±æœ‰ã—ã¾ã™ã€‚ å…ˆã»ã©è¿°ã¹ãŸã¨ãŠã‚Šã€ã“ã‚Œã‚‰ã®å¤‰æ›´ã®å‰æã¨ãªã‚‹ã®ãŒKEPã§ã™ã€‚ KEPã¯æ¨™æº–åŒ–ã•ã‚ŒãŸè¨è¨ˆãƒ‰ã‚ãƒ¥ãƒ¡ãƒ³ãƒˆã§ã‚ã‚Šã€ã™ã¹ã¦ã®ä½œæˆè€…ãŒãƒªãƒªãƒ¼ã‚¹ã‚µã‚¤ã‚¯ãƒ«ã®æœ€åˆã®æ•°é€±é–“ã§è¨˜å…¥ã—ã€æ‰¿èªã•ã‚Œãªã‘ã‚Œã°ãªã‚Šã¾ã›ã‚“ã€‚ ã»ã¨ã‚“ã©ã®æ©Ÿèƒ½ã¯ã€alphaã€betaã€æœ€çµ‚çš„ã«ã¯GAã¨ã„ã†3ã¤ã®ãƒ•ã‚§ãƒ¼ã‚ºã‚’çµŒã¦é€²è¡Œã—ã¾ã™ã€‚ ãã®ãŸã‚ã€æ©Ÿèƒ½ã‚’æ‰¿èªã™ã‚‹ã¨ã„ã†ã“ã¨ã¯ã€SIGã«ã¨ã£ã¦å¤§ããªè²¬ä»»ã‚’ä¼´ã†æ±ºå®šã¨ãªã‚Šã¾ã™ã€‚

KEPã¯ã€ã‚ã‚‹æ©Ÿèƒ½ã«é–¢ã™ã‚‹å”¯ä¸€ã®ä¿¡é ¼ã§ãã‚‹æƒ…å ±æºã¨ã—ã¦ã®å½¹å‰²ãŒã‚ã‚Šã¾ã™ã€‚ KEPãƒ†ãƒ³ãƒ—ãƒ¬ãƒ¼ãƒˆã«ã¯ã€æ©Ÿèƒ½ãŒã©ã®æ®µéšŽã«ã„ã‚‹ã‹ã«å¿œã˜ã¦ç•°ãªã‚‹è¦ä»¶ãŒã‚ã‚Šã¾ã™ãŒã€ä¸€èˆ¬çš„ã«ã¯è¨è¨ˆã‚„å½±éŸ¿ã«ã¤ã„ã¦ã®è©³ç´°ãªè°è«–ã€å®‰å®šæ€§ã‚„ãƒ‘ãƒ•ã‚©ãƒ¼ãƒžãƒ³ã‚¹ã«é–¢ã™ã‚‹æˆæžœç‰©ã®æç¤ºãŒæ±‚ã‚ã‚‰ã‚Œã¾ã™ã€‚ KEPãŒæ‰¿èªã•ã‚Œã‚‹ã¾ã§ã«ã¯ã€ä½œæˆè€…ã€SIGã®ãƒ¬ãƒ“ãƒ¥ã‚¢ãƒ¼ã€APIãƒ¬ãƒ“ãƒ¥ãƒ¼ãƒãƒ¼ãƒ ã€Production Readiness Reviewãƒãƒ¼ãƒ ¹ã¨ã®é–“ã§ã‹ãªã‚Šã®åå¾©çš„ãªã‚„ã‚Šå–ã‚ŠãŒå¿…è¦ã¨ãªã‚Šã¾ã™ã€‚ å„ãƒ¬ãƒ“ãƒ¥ã‚¢ãƒ¼ãƒãƒ¼ãƒ ã¯ã€Kubernetesãƒªãƒªãƒ¼ã‚¹ãŒå®‰å®šã—ã€ãƒ‘ãƒ•ã‚©ãƒ¼ãƒžãƒ³ã‚¹ã«å„ªã‚ŒãŸã‚‚ã®ã¨ãªã‚‹ã‚ˆã†ã€ãã®ææ¡ˆãŒè‡ªåˆ†ãŸã¡ã®åŸºæº–ã‚’æº€ãŸã—ã¦ã„ã‚‹ã‹ã‚’ç¢ºèªã—ã¾ã™ã€‚ ã™ã¹ã¦ã®æ‰¿èªãŒå¾—ã‚‰ã‚Œã¦åˆã‚ã¦ä½œæˆè€…ã¯æ¬¡ã«é€²ã‚€ã“ã¨ãŒã§ãã€Kubernetesã®ã‚³ãƒ¼ãƒ‰ãƒ™ãƒ¼ã‚¹ã«è‡ªèº«ã®æ©Ÿèƒ½ã‚’ãƒžãƒ¼ã‚¸ã™ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚

FSM: ãªã‚‹ã»ã©ã€ã‹ãªã‚Šå¤šãã®æž çµ„ã¿ãŒè¿½åŠ ã•ã‚ŒãŸã®ã§ã™ãã€‚ æŒ¯ã‚Šè¿”ã£ã¦ã¿ã¦ã€ãã®ã‚¢ãƒ—ãƒãƒ¼ãƒã«ã‚ˆã‚‹æœ€ã‚‚é‡è¦ãªæ”¹å–„ç‚¹ã¯ä½•ã ã£ãŸã¨æ€ã„ã¾ã™ã‹ï¼Ÿ

KG: æ¦‚ã—ã¦ã€æœ€ã‚‚å¤§ããªå½±éŸ¿ã‚’ä¸ŽãˆãŸæ”¹å–„ç‚¹ã¯ã€KEPã®æœ¬æ¥ã®æ„å›³ã«ç„¦ç‚¹ã‚’å½“ã¦ãŸã“ã¨ã ã¨è€ƒãˆã¦ã„ã¾ã™ã€‚ KEPã¯å˜ã«è¨è¨ˆã‚’è¨˜éŒ²ã™ã‚‹ãŸã‚ã«å˜åœ¨ã™ã‚‹ã®ã§ã¯ãªãã€å¤‰æ›´ã®ã•ã¾ã–ã¾ãªå´é¢ã«ã¤ã„ã¦è°è«–ã—ã€åˆæ„ã«è‡³ã‚‹ãŸã‚ã®æ§‹é€ åŒ–ã•ã‚ŒãŸæ‰‹æ®µã‚’æä¾›ã™ã‚‹ã‚‚ã®ã§ã™ã€‚ KEPãƒ—ãƒã‚»ã‚¹ã®ä¸å¿ƒã«ã‚ã‚‹ã®ã¯ã€ã‚³ãƒŸãƒ¥ãƒ‹ã‚±ãƒ¼ã‚·ãƒ§ãƒ³ã¨é…æ…®ã§ã™ã€‚

ãã®ç›®çš„ã®ãŸã‚ã«ã€ã„ãã¤ã‹ã®é‡è¦ãªå¤‰æ›´ã¯ã€ã‚ˆã‚Šè©³ç´°ã§ã‚¢ã‚¯ã‚»ã‚¹ã—ã‚„ã™ã„KEPãƒ†ãƒ³ãƒ—ãƒ¬ãƒ¼ãƒˆã‚’ä¸å¿ƒã«è¡Œã‚ã‚Œã¦ã„ã¾ã™ã€‚ ç¾åœ¨ã®k/enhancementsãƒªãƒã‚¸ãƒˆãƒªã®å½¢ã«ãªã‚‹ã¾ã§ã«ã¯ã€å¤šãã®æ™‚é–“ã‚’ã‹ã‘ã¦ã‹ãªã‚Šã®ä½œæ¥ãŒè¡Œã‚ã‚Œã¦ãã¾ã—ãŸã€‚ å…·ä½“çš„ã«ã¯ã€SIGã”ã¨ã«æ•´ç†ã•ã‚ŒãŸãƒ‡ã‚£ãƒ¬ã‚¯ãƒˆãƒªæ§‹æˆã¨ã€ç¾è¡Œã®KEPãƒ†ãƒ³ãƒ—ãƒ¬ãƒ¼ãƒˆ(Proposal/Motivation/Design Detailsã®ã‚µãƒ–ã‚»ã‚¯ã‚·ãƒ§ãƒ³ã‚’å«ã‚€)ã®æž çµ„ã¿ãŒæ•´ãˆã‚‰ã‚Œã¾ã—ãŸã€‚ ä»Šã§ã¯ã€ã“ã®åŸºæœ¬çš„ãªæ§‹é€ ã¯å½“ãŸã‚Šå‰ã®ã‚ˆã†ã«æ„Ÿã˜ã‚‰ã‚Œã‚‹ã‹ã‚‚ã—ã‚Œã¾ã›ã‚“ãŒã€å®Ÿéš›ã«ã¯ã“ã®ãƒ—ãƒã‚»ã‚¹ã®åŸºç›¤ã‚’æ•´ãˆã‚‹ãŸã‚ã«ã€å¤šãã®äººã€…ãŒé•·å¹´ã«ã‚ãŸã£ã¦å–ã‚Šçµ„ã‚“ã§ããŸæˆæžœã‚’åæ˜ ã—ãŸã‚‚ã®ã§ã™ã€‚

KubernetesãŒæˆç†Ÿã™ã‚‹ã«ã¤ã‚Œã¦ã€å˜ã«1ã¤ã®æ©Ÿèƒ½ã‚’ãƒžãƒ¼ã‚¸ã™ã‚‹ã¨ã„ã†æœ€çµ‚çš„ãªç›®æ¨™ã ã‘ã§ãªãã€å®‰å®šæ€§ã‚„ãƒ‘ãƒ•ã‚©ãƒ¼ãƒžãƒ³ã‚¹ã€ãƒ¦ãƒ¼ã‚¶ãƒ¼ã®æœŸå¾…ã®è¨å®šã¨ãã‚Œã«å¿œãˆã‚‹ã“ã¨ãªã©ã€ã•ã‚‰ã«å¤šãã®è¦ç´ ã‚’è€ƒæ…®ã™ã‚‹å¿…è¦ãŒå‡ºã¦ãã¾ã—ãŸã€‚ ã“ã†ã—ãŸç‚¹ã‚’æ„è˜ã™ã‚‹ä¸ã§ã€ãƒ†ãƒ³ãƒ—ãƒ¬ãƒ¼ãƒˆã‚‚ã‚ˆã‚Šè©³ç´°ãªã‚‚ã®ã¸ã¨ç™ºå±•ã—ã¦ãã¾ã—ãŸã€‚ Production Readiness Reviewã®è¿½åŠ ã‚„æ”¹å–„ã•ã‚ŒãŸãƒ†ã‚¹ãƒˆè¦ä»¶(KEPã®ãƒ©ã‚¤ãƒ•ã‚µã‚¤ã‚¯ãƒ«ã®æ®µéšŽã”ã¨ã«ç•°ãªã‚Šã¾ã™)ã‚‚ã€å¤§ããªå¤‰æ›´ç‚¹ã§ã—ãŸã€‚

ç¾åœ¨ã®æ³¨åŠ›åˆ†é‡Ž

FSM: æˆç†Ÿã®è©±ã¨ã„ãˆã°ã€æœ€è¿‘Kubernetes v1.31ã‚’ãƒªãƒªãƒ¼ã‚¹ã—ã€v1.32ã®ä½œæ¥ã‚‚ã™ã§ã«å§‹ã¾ã£ã¦ã„ã¾ã™ã€‚Enhancementsã‚µãƒ–ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆãŒç¾åœ¨å–ã‚Šçµ„ã‚“ã§ã„ã‚‹å†…å®¹ã®ä¸ã§ã€ä»Šå¾Œã®é€²ã‚æ–¹ã«å½±éŸ¿ã‚’ä¸Žãˆã‚‹å¯èƒ½æ€§ãŒã‚ã‚‹ã‚‚ã®ã¯ã‚ã‚Šã¾ã™ã‹ï¼Ÿ

KG: ç¾åœ¨ã€2ã¤ã®å–ã‚Šçµ„ã¿ã‚’é€²ã‚ã¦ã„ã¾ã™ã€‚

ãƒ—ãƒã‚»ã‚¹ç”¨KEPãƒ†ãƒ³ãƒ—ãƒ¬ãƒ¼ãƒˆã®ä½œæˆ: æ©Ÿèƒ½æŒ‡å‘ã§ã¯ãªããƒ—ãƒã‚»ã‚¹æŒ‡å‘ã®é‡è¦ãªå¤‰æ›´ã«å¯¾ã—ã¦ã‚‚KEPãƒ—ãƒã‚»ã‚¹ã‚’æ´»ç”¨ã—ãŸã„ã¨è€ƒãˆã‚‹äººãŒã„ã¾ã™ã€‚ ç§ãŸã¡ã¯ã“ã®ã‚ˆã†ãªå–ã‚Šçµ„ã¿ã‚’æ”¯æ´ã—ãŸã„ã¨è€ƒãˆã¦ã„ã¾ã™ã€‚ ã¨ã„ã†ã®ã‚‚ã€å¤‰æ›´ã‚’è¨˜éŒ²ã¨ã—ã¦æ®‹ã™ã“ã¨ã¯é‡è¦ã§ã‚ã‚Šã€ãã‚Œã‚’å®Ÿç¾ã™ã‚‹ãŸã‚ã®ã‚ˆã‚Šå„ªã‚ŒãŸãƒ„ãƒ¼ãƒ«ã‚’æä¾›ã™ã‚‹ã“ã¨ã§ã€ã•ã‚‰ãªã‚‹è°è«–ã¨é€æ˜Žæ€§ã®å‘ä¸ŠãŒä¿ƒã•ã‚Œã‚‹ã‹ã‚‰ã§ã™ã€‚
KEPã®ãƒãƒ¼ã‚¸ãƒ§ãƒ³ç®¡ç†: ãƒ†ãƒ³ãƒ—ãƒ¬ãƒ¼ãƒˆã®å¤‰æ›´ã¯å¯èƒ½ãªé™ã‚Šéžç ´å£Šçš„ã«è¡Œã†ã“ã¨ã‚’ç›®æŒ‡ã—ã¦ã„ã¾ã™ãŒã€KEPãƒ†ãƒ³ãƒ—ãƒ¬ãƒ¼ãƒˆã«ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã‚’è¨ã‘ã€ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã«å¯¾å¿œã™ã‚‹ãƒãƒªã‚·ãƒ¼ã‚’æ•´å‚™ã™ã‚‹ã“ã¨ã§ã€å¤‰æ›´ã‚’ã‚ˆã‚Šé©åˆ‡ã«è¿½è·¡ãƒ»å…±æœ‰ã§ãã‚‹ã‚ˆã†ã«ãªã‚‹ã¨è€ƒãˆã¦ã„ã¾ã™ã€‚

ã“ã‚Œã‚‰ã®æ©Ÿèƒ½ã¯ã„ãšã‚Œã‚‚ã€æ£ã—ãè¨è¨ˆã—ã€å®Œå…¨ã«å±•é–‹ã™ã‚‹ã¾ã§ã«æ™‚é–“ã‚’è¦ã—ã¾ã™ãŒ(ã¾ã•ã«KEPã®æ©Ÿèƒ½ã¨åŒæ§˜ã§ã™)ã€ã©ã¡ã‚‰ã‚‚ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£å…¨ä½“ã«ã¨ã£ã¦æœ‰ç›Šãªæ”¹å–„ã«ã¤ãªãŒã‚‹ã¨ä¿¡ã˜ã¦ã„ã¾ã™ã€‚

FSM: æ”¹å–„ç‚¹ã«ã¤ã„ã¦è¨€åŠã•ã‚Œã¾ã—ãŸãŒã€æœ€è¿‘ã®ãƒªãƒªãƒ¼ã‚¹ã§Enhancementã®ãƒˆãƒ©ãƒƒã‚ãƒ³ã‚°ç”¨ã«ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆãƒœãƒ¼ãƒ‰ãŒå°Žå…¥ã•ã‚Œã€éžå¸¸ã«åŠ¹æžœçš„ã§ã€ãƒªãƒªãƒ¼ã‚¹ãƒãƒ¼ãƒ ã®ãƒ¡ãƒ³ãƒãƒ¼ã‹ã‚‰ã‚‚æº€å ´ä¸€è‡´ã§ç§°è³›ã•ã‚Œã¦ã„ãŸã®ã‚’æ€ã„å‡ºã—ã¾ã™ã€‚ ã“ã‚Œã¯ã€ã‚µãƒ–ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã¨ã—ã¦ç‰¹ã«æ³¨åŠ›ã—ã¦ã„ãŸåˆ†é‡Žã ã£ãŸã®ã§ã—ã‚‡ã†ã‹ï¼Ÿ

KG: ã“ã®ã‚µãƒ–ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã¯ã€ãƒªãƒªãƒ¼ã‚¹ãƒãƒ¼ãƒ ã®Enhancementãƒãƒ¼ãƒ ã«ã‚ˆã‚‹ã‚¹ãƒ—ãƒ¬ãƒƒãƒ‰ã‚·ãƒ¼ãƒˆã‹ã‚‰ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆãƒœãƒ¼ãƒ‰ã¸ã®ç§»è¡Œã‚’æ”¯æ´ã—ã¾ã—ãŸã€‚ Enhancementã®åŽé›†ã¨ãƒˆãƒ©ãƒƒã‚ãƒ³ã‚°ã¯ã€å¸¸ã«é‹ç”¨ä¸Šã®èª²é¡Œã§ã—ãŸã€‚ ç§ãŒãƒªãƒªãƒ¼ã‚¹ãƒãƒ¼ãƒ ã«æ‰€å±žã—ã¦ã„ãŸé ƒã«ã¯ã€SIGã®ãƒªãƒ¼ãƒ‰ãŒãƒªãƒªãƒ¼ã‚¹ãƒˆãƒ©ãƒƒã‚ãƒ³ã‚°ã®å¯¾è±¡ã¨ã™ã‚‹KEPã‚’ã€Œã‚ªãƒ—ãƒˆã‚¤ãƒ³ã€ã™ã‚‹æ–¹å¼ã¸ã®ç§»è¡Œã‚’æ”¯æ´ã—ã¾ã—ãŸã€‚ ã“ã‚Œã«ã‚ˆã‚Šã€KEPã«å¯¾ã—ã¦é‡è¦ãªä½œæ¥ã‚’é–‹å§‹ã™ã‚‹å‰ã«ã€ä½œæˆè€…ã¨SIGã®é–“ã§ã‚ˆã‚Šè‰¯ã„ã‚³ãƒŸãƒ¥ãƒ‹ã‚±ãƒ¼ã‚·ãƒ§ãƒ³ãŒå–ã‚Œã‚‹ã‚ˆã†ã«ãªã‚Šã€Enhancementsãƒãƒ¼ãƒ ã®æ‰‹é–“ã‚‚è»½æ¸›ã•ã‚Œã¾ã—ãŸã€‚ ã“ã®å¤‰æ›´ã§ã¯ã€ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã«ä¸€åº¦ã«å¤šãã®å¤‰æ›´ã‚’å°Žå…¥ã™ã‚‹ã“ã¨ã‚’é¿ã‘ã‚‹ãŸã‚ã€æ—¢å˜ã®ãƒ„ãƒ¼ãƒ«ã‚’æ´»ç”¨ã—ã¾ã—ãŸã€‚ ãã®å¾Œã€ãƒªãƒªãƒ¼ã‚¹ãƒãƒ¼ãƒ ãŒã€Enhancementã®åŽé›†ãƒ—ãƒã‚»ã‚¹ã‚’ã•ã‚‰ã«æ”¹å–„ã™ã‚‹ãŸã‚ã€GitHubã®ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆãƒœãƒ¼ãƒ‰ã‚’æ´»ç”¨ã™ã‚‹ã¨ã„ã†ã‚¢ã‚¤ãƒ‡ã‚¢ã‚’ã“ã®ã‚µãƒ–ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã«ææ¡ˆã—ã¾ã—ãŸã€‚ ã“ã‚Œã¯ã€è¤‡é›‘ãªã‚¹ãƒ—ãƒ¬ãƒƒãƒ‰ã‚·ãƒ¼ãƒˆã®ä½¿ç”¨ã‚’ã‚„ã‚ã€k/enhancementã®Issueã«ä»˜ä¸Žã•ã‚ŒãŸãƒªãƒã‚¸ãƒˆãƒªãƒã‚¤ãƒ†ã‚£ãƒ–ãªãƒ©ãƒ™ãƒ«ã¨ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆãƒœãƒ¼ãƒ‰ã‚’ç”¨ã„ã‚‹æ–¹å‘ã¸ã®è»¢æ›ã§ã—ãŸã€‚

FSM: ãã‚Œã¯ã€é–“é•ã„ãªããƒ¯ãƒ¼ã‚¯ãƒ•ãƒãƒ¼ã®ç°¡ç´ åŒ–ã«å¤§ããªå½±éŸ¿ã‚’ä¸ŽãˆãŸã“ã¨ã§ã—ã‚‡ã†ãâ€¦ã€‚

KG: æ‘©æ“¦ã®åŽŸå› ã‚’å–ã‚Šé™¤ãã€æ˜Žç¢ºãªã‚³ãƒŸãƒ¥ãƒ‹ã‚±ãƒ¼ã‚·ãƒ§ãƒ³ã‚’ä¿ƒé€²ã™ã‚‹ã“ã¨ã¯ã€Enhancementsã‚µãƒ–ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã«ã¨ã£ã¦éžå¸¸ã«é‡è¦ã§ã™ã€‚ åŒæ™‚ã«ã€ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£å…¨ä½“ã«å½±éŸ¿ã‚’åŠã¼ã™æ„æ€æ±ºå®šã«ã¤ã„ã¦ã¯æ…Žé‡ã«æ¤œè¨Žã™ã‚‹ã“ã¨ã‚‚é‡è¦ã§ã™ã€‚ å¤‰æ›´ã«ã‚ˆã£ã¦åˆ©ç‚¹ãŒå¾—ã‚‰ã‚Œã‚‹ä¸€æ–¹ã§ã€å±•é–‹æ™‚ã«å¾Œé€€ã‚„æ··ä¹±ã‚’ä¸€åˆ‡å¼•ãèµ·ã“ã•ãªã„ã‚ˆã†ã«ã€ãƒãƒ©ãƒ³ã‚¹ã®å–ã‚ŒãŸå¯¾å¿œã¨ãªã‚‹ã“ã¨ã‚’ç§ãŸã¡ã¯ç¢ºå®Ÿã«ã—ãŸã„ã¨è€ƒãˆã¦ã„ã¾ã™ã€‚ ç§ãŸã¡ã¯ã€ã‚¢ã‚¤ãƒ‡ã‚¢å‡ºã—ã‹ã‚‰ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆãƒœãƒ¼ãƒ‰ã¸ã®å®Ÿéš›ã®ç§»è¡Œä½œæ¥ã«è‡³ã‚‹ã¾ã§ã€ãƒªãƒªãƒ¼ã‚¹ãƒãƒ¼ãƒ ã‚’æ”¯æ´ã—ã¾ã—ãŸã€‚ ã“ã‚Œã¯å¤§æˆåŠŸã‚’åŽã‚ã€KEPãƒ—ãƒã‚»ã‚¹ã«é–¢ã‚ã‚‹ã™ã¹ã¦ã®äººã€…ã‚’åŠ©ã‘ã‚‹ã‚ˆã†ãªé«˜ã„å½±éŸ¿ã‚’æŒã¤å¤‰æ›´ã‚’ãƒãƒ¼ãƒ ãŒå®Ÿç¾ã™ã‚‹ã®ã‚’è¦‹ã‚‹ã®ã¯ã€ã¨ã¦ã‚‚åˆºæ¿€çš„ãªã“ã¨ã§ã—ãŸï¼

å‚åŠ æ–¹æ³•

FSM: èˆˆå‘³ã‚’æŒã£ã¦å‚åŠ ã‚’æ¤œè¨Žã—ã¦ã„ã‚‹èªè€…ã«å‘ã‘ã¦ã€ã“ã®ã‚µãƒ–ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã«é–¢ã‚ã‚‹ãŸã‚ã«å¿…è¦ãªã‚¹ã‚ãƒ«ã«ã¤ã„ã¦æ•™ãˆã¦ã„ãŸã ã‘ã¾ã™ã‹ï¼Ÿ

KG: KEPã«é–¢ã™ã‚‹çŸ¥è˜ãŒã‚ã‚‹ã¨å½¹ç«‹ã¡ã¾ã™ã€‚ ãã‚Œã¯å®Ÿéš›ã®çµŒé¨“ã‹ã‚‰å¾—ãŸã‚‚ã®ã§ã‚ã£ã¦ã‚‚ã€kubernetes/enhancementsãƒªãƒã‚¸ãƒˆãƒªã‚’æ™‚é–“ã‚’ã‹ã‘ã¦èªã¿è¾¼ã‚“ã çµæžœã§ã‚ã£ã¦ã‚‚æ§‹ã„ã¾ã›ã‚“ã€‚ èˆˆå‘³ãŒã‚ã‚‹æ–¹ã¯èª°ã§ã‚‚æ“è¿Žã§ã™ã€‚ãã“ã‹ã‚‰ä¸€ç·’ã«é€²ã‚ã¦ã„ãã¾ã—ã‚‡ã†ã€‚

FSM: ç´ æ™´ã‚‰ã—ã„ã§ã™ï¼ãŠæ™‚é–“ã¨è²´é‡ãªãŠè©±ã‚’æœ¬å½“ã«ã‚ã‚ŠãŒã¨ã†ã”ã–ã„ã¾ã—ãŸã€‚ æœ€å¾Œã«èªè€…ã®çš†ã•ã‚“ã«ä¼ãˆãŸã„ã“ã¨ã¯ã‚ã‚Šã¾ã™ã‹ï¼Ÿ

KG: Enhancementsãƒ—ãƒã‚»ã‚¹ã¯ã€Kubernetesã«ãŠã‘ã‚‹æœ€ã‚‚é‡è¦ãªè¦ç´ ã®ä¸€ã¤ã§ã‚ã‚Šã€ãã‚Œã‚’æˆåŠŸã•ã›ã‚‹ãŸã‚ã«ã¯ã€ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆå…¨ä½“ã«ã‚ãŸã‚‹å¤šãã®äººã€…ã‚„ãƒãƒ¼ãƒ ã«ã‚ˆã‚‹è†¨å¤§ãªèª¿æ•´ã¨å”åŠ›ãŒå¿…è¦ã§ã™ã€‚ ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã‚’ã‚ˆã‚Šè‰¯ã„ã‚‚ã®ã«ã™ã‚‹ãŸã‚ã«ã€çš†ã•ã‚“ãŒç¶™ç¶šçš„ã«åŠªåŠ›ã—ã€å°½åŠ›ã—ã¦ã„ã‚‹ã“ã¨ã«å¿ƒã‹ã‚‰æ„Ÿè¬ã—ã€ã¾ãŸå¤§ã„ã«åŠ±ã¾ã•ã‚Œã¦ã„ã¾ã™ã€‚ ã“ã®ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã¯æœ¬å½“ã«ç´ æ™´ã‚‰ã—ã„ã‚‚ã®ã§ã™ã€‚

è©³ç´°ã«ã¤ã„ã¦ã¯ã€ã“ã®ã‚·ãƒªãƒ¼ã‚ºã®Production Readiness Review spotlight interviewã‚’ç¢ºèªã—ã¦ã¿ã¦ãã ã•ã„ã€‚ ↩︎

Kubernetes v1.32: Penelope

Wed, 11 Dec 2024 00:00:00 +0000

ç·¨é›†è€…: Matteo Bianchi, Edith Puclla, William Rizzo, Ryota Sawada, Rashan Smith

Kubernetes v1.32: Penelopeã®ãƒªãƒªãƒ¼ã‚¹ã‚’ç™ºè¡¨ã—ã¾ã™ï¼

ã“ã‚Œã¾ã§ã®ãƒªãƒªãƒ¼ã‚¹ã¨åŒæ§˜ã«ã€Kubernetes v1.32ã§ã¯æ–°ãŸãªGAã€ãƒ™ãƒ¼ã‚¿ã€ã‚¢ãƒ«ãƒ•ã‚¡ã®æ©Ÿèƒ½ãŒå°Žå…¥ã•ã‚Œã¦ã„ã¾ã™ã€‚ ç¶™ç¶šçš„ã«é«˜å“è³ªãªãƒªãƒªãƒ¼ã‚¹ã‚’æä¾›ã§ãã¦ã„ã‚‹ã“ã¨ã¯ã€ç§ãŸã¡ã®é–‹ç™ºã‚µã‚¤ã‚¯ãƒ«ã®å¼·ã•ã¨ã€æ´»ç™ºãªã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã®ã‚µãƒãƒ¼ãƒˆã‚’ç¤ºã™ã‚‚ã®ã§ã™ã€‚ ä»Šå›žã®ãƒªãƒªãƒ¼ã‚¹ã§ã¯ã€44ã®æ©Ÿèƒ½å¼·åŒ–ãŒè¡Œã‚ã‚Œã¾ã—ãŸã€‚ ãã®ã†ã¡ã€13ã®æ©Ÿèƒ½ãŒGAã«æ˜‡æ ¼ã—ã€12ã®æ©Ÿèƒ½ãŒãƒ™ãƒ¼ã‚¿ã«ç§»è¡Œã—ã€19ã®æ©Ÿèƒ½ãŒã‚¢ãƒ«ãƒ•ã‚¡ã¨ã—ã¦å°Žå…¥ã•ã‚Œã¦ã„ã¾ã™ã€‚

ãƒªãƒªãƒ¼ã‚¹ã®ãƒ†ãƒ¼ãƒžã¨ãƒã‚´

Kubernetes v1.32ã®ãƒªãƒªãƒ¼ã‚¹ãƒ†ãƒ¼ãƒžã¯"Penelope"ã§ã™ã€‚

KubernetesãŒå¤ä»£ã‚®ãƒªã‚·ãƒ£èªžã§ã€Œãƒ‘ã‚¤ãƒãƒƒãƒˆã€ã¾ãŸã¯ã€Œèˆµå–ã‚Šã€ã‚’æ„å‘³ã™ã‚‹ã“ã¨ã‹ã‚‰å§‹ã‚ã€ã“ã®ãƒªãƒªãƒ¼ã‚¹ã§ã¯Kubernetesã®10å¹´é–“ã¨ãã®æˆæžœã‚’æŒ¯ã‚Šè¿”ã‚Šã¾ã™ã€‚ å„ãƒªãƒªãƒ¼ã‚¹ã‚µã‚¤ã‚¯ãƒ«ã¯ä¸€ã¤ã®æ—…è·¯ã§ã‚ã‚Šã€ã€Œã‚ªãƒ‡ãƒ¥ãƒƒã‚»ã‚¤ã‚¢ã€ã®ãƒšãƒ¼ãƒãƒãƒšãƒ¼ãŒ10å¹´ã®é–“ã€æ˜¼ã«ç¹”ã£ãŸã‚‚ã®ã‚’å¤œã«ãªã‚‹ã¨è§£ã„ã¦ã„ã£ãŸã‚ˆã†ã«ã€å„ãƒªãƒªãƒ¼ã‚¹ã§ã¯æ–°æ©Ÿèƒ½ã®è¿½åŠ ã¨æ—¢å˜æ©Ÿèƒ½ã®å‰Šé™¤ã‚’è¡Œã„ã¾ã™ã€‚ ãŸã ã—ã“ã“ã§ã¯ã€Kubernetesã‚’ç¶™ç¶šçš„ã«æ”¹å–„ã™ã‚‹ã¨ã„ã†ã‚ˆã‚Šæ˜Žç¢ºãªç›®çš„ã‚’æŒã£ã¦è¡Œã‚ã‚Œã¦ã„ã¾ã™ã€‚ v1.32ã¯KubernetesãŒ10å‘¨å¹´ã‚’è¿Žãˆã‚‹å¹´ã®æœ€å¾Œã®ãƒªãƒªãƒ¼ã‚¹ã¨ãªã‚‹ã“ã¨ã‹ã‚‰ã€ã‚¯ãƒ©ã‚¦ãƒ‰ãƒã‚¤ãƒ†ã‚£ãƒ–ã®æµ·ã®è©¦ç·´ã‚„èª²é¡Œã‚’èˆªæµ·ã—ã¦ããŸã‚°ãƒãƒ¼ãƒãƒ«ãªKubernetesã‚¯ãƒ«ãƒ¼ã®ä¸€å“¡ã¨ã—ã¦è²¢çŒ®ã—ã¦ãã ã•ã£ãŸå…¨ã¦ã®æ–¹ã€…ã«æ•¬æ„ã‚’è¡¨ã—ãŸã„ã¨æ€ã„ã¾ã™ã€‚ ã“ã‚Œã‹ã‚‰ã‚‚å…±ã«Kubernetesã®æœªæ¥ã‚’ç´¡ã„ã§ã„ã‘ã‚‹ã“ã¨ã‚’é¡˜ã£ã¦ã„ã¾ã™ã€‚

æœ€è¿‘ã®ä¸»è¦ãªæ©Ÿèƒ½ã®æ›´æ–°

DRAã®æ©Ÿèƒ½å¼·åŒ–ã«é–¢ã™ã‚‹æ³¨è¨˜

ä»Šå›žã®ãƒªãƒªãƒ¼ã‚¹ã§ã¯ã€å‰å›žã®ãƒªãƒªãƒ¼ã‚¹ã¨åŒæ§˜ã«ã€Kubernetesãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã¯Dynamic Resource Allocation(DRA)ã«å¯¾ã—ã¦å¤šãã®æ©Ÿèƒ½å¼·åŒ–ã‚’ææ¡ˆã—ç¶šã‘ã¦ã„ã¾ã™ã€‚ DRAã¯Kubernetesã®ãƒªã‚½ãƒ¼ã‚¹ç®¡ç†ã‚·ã‚¹ãƒ†ãƒ ã®ä¸»è¦ãªã‚³ãƒ³ãƒãƒ¼ãƒãƒ³ãƒˆã§ã™ã€‚ ã“ã‚Œã‚‰ã®æ©Ÿèƒ½å¼·åŒ–ã¯ã€GPUã€FPGAã€ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ã‚¢ãƒ€ãƒ—ã‚¿ãƒ¼ãªã©ã®ç‰¹æ®Šãªãƒãƒ¼ãƒ‰ã‚¦ã‚§ã‚¢ã‚’å¿…è¦ã¨ã™ã‚‹ãƒ¯ãƒ¼ã‚¯ãƒãƒ¼ãƒ‰ã«å¯¾ã™ã‚‹ãƒªã‚½ãƒ¼ã‚¹å‰²ã‚Šå½“ã¦ã®æŸ”è»Ÿæ€§ã¨åŠ¹çŽ‡æ€§ã‚’å‘ä¸Šã•ã›ã‚‹ã“ã¨ã‚’ç›®çš„ã¨ã—ã¦ã„ã¾ã™ã€‚

ã“ã‚Œã‚‰ã®æ©Ÿèƒ½ã¯ã€æ©Ÿæ¢°å¦ç¿’ã‚„é«˜æ€§èƒ½ã‚³ãƒ³ãƒ”ãƒ¥ãƒ¼ãƒ†ã‚£ãƒ³ã‚°ã‚¢ãƒ—ãƒªã‚±ãƒ¼ã‚·ãƒ§ãƒ³ãªã©ã®ãƒ¦ãƒ¼ã‚¹ã‚±ãƒ¼ã‚¹ã§ç‰¹ã«æœ‰ç”¨ã§ã™ã€‚DRAã®Structured parameterã‚µãƒãƒ¼ãƒˆã‚’å¯èƒ½ã«ã™ã‚‹ã‚³ã‚¢éƒ¨åˆ†ã¯ãƒ™ãƒ¼ã‚¿ã«æ˜‡æ ¼ã—ã¾ã—ãŸã€‚

ãƒŽãƒ¼ãƒ‰ã¨ã‚µã‚¤ãƒ‰ã‚«ãƒ¼ã‚³ãƒ³ãƒ†ãƒŠã®æ›´æ–°ã«ãŠã‘ã‚‹æŒ¯ã‚‹èˆžã„ã®æ”¹å–„

SIG Nodeã§ã¯ã€KEPã®ç¯„å›²ã‚’è¶…ãˆã¦ä»¥ä¸‹ã®ã‚ˆã†ãªæ”¹å–„ãŒè¡Œã‚ã‚Œã¦ã„ã¾ã™:

kubeletã®ãƒ˜ãƒ«ã‚¹ãƒã‚§ãƒƒã‚¯ãŒå¤±æ•—ã—ãŸéš›ã«kubeletã‚’å†èµ·å‹•ã™ã‚‹ãŸã‚ã«ã€systemdã®watchdogæ©Ÿèƒ½ãŒä½¿ç”¨ã•ã‚Œã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã—ãŸã€‚ ã¾ãŸã€ä¸€å®šæ™‚é–“å†…ã®æœ€å¤§å†èµ·å‹•å›žæ•°ã‚‚åˆ¶é™ã•ã‚Œã¾ã™ã€‚ ã“ã‚Œã«ã‚ˆã‚Škubeletã®ä¿¡é ¼æ€§ãŒå‘ä¸Šã—ã¾ã™ã€‚ è©³ç´°ã«ã¤ã„ã¦ã¯Pull Requestã®#127566ã‚’ã”è¦§ãã ã•ã„ã€‚
ã‚¤ãƒ¡ãƒ¼ã‚¸ãƒ—ãƒ«ã®ãƒãƒƒã‚¯ã‚ªãƒ•ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸå ´åˆã€Podã®ã‚¹ãƒ†ãƒ¼ã‚¿ã‚¹ã«è¡¨ç¤ºã•ã‚Œã‚‹ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ãŒæ”¹å–„ã•ã‚Œã€ã‚ˆã‚Šåˆ†ã‹ã‚Šã‚„ã™ããªã‚Šã€PodãŒã“ã®çŠ¶æ…‹ã«ã‚ã‚‹ç†ç”±ã®è©³ç´°ãŒç¤ºã•ã‚Œã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã—ãŸã€‚ ã‚¤ãƒ¡ãƒ¼ã‚¸ãƒ—ãƒ«ã®ãƒãƒƒã‚¯ã‚ªãƒ•ãŒç™ºç”Ÿã™ã‚‹ã¨ã€ã‚¨ãƒ©ãƒ¼ã¯Podä»•æ§˜ã®status.containerStatuses[*].state.waiting.messageãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã«è¿½åŠ ã•ã‚Œã€reasonãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã«ã¯ImagePullBackOffã®å€¤ãŒè¨å®šã•ã‚Œã¾ã™ã€‚ ã“ã®å¤‰æ›´ã«ã‚ˆã‚Šã€ã‚ˆã‚Šå¤šãã®ã‚³ãƒ³ãƒ†ã‚ã‚¹ãƒˆãŒæä¾›ã•ã‚Œã€å•é¡Œã®æ ¹æœ¬åŽŸå› ã‚’ç‰¹å®šã™ã‚‹ã®ã«å½¹ç«‹ã¡ã¾ã™ã€‚ è©³ç´°ã«ã¤ã„ã¦ã¯ã€Pull Requestã®#127918ã‚’ã”è¦§ãã ã•ã„ã€‚
ã‚µã‚¤ãƒ‰ã‚«ãƒ¼ã‚³ãƒ³ãƒ†ãƒŠæ©Ÿèƒ½ã¯ã€v1.33ã§Stableã¸ã®æ˜‡æ ¼ã‚’ç›®æŒ‡ã—ã¦ã„ã¾ã™ã€‚ æ®‹ã‚Šã®ä½œæ¥é …ç›®ã¨ãƒ¦ãƒ¼ã‚¶ãƒ¼ã‹ã‚‰ã®ãƒ•ã‚£ãƒ¼ãƒ‰ãƒãƒƒã‚¯ã«ã¤ã„ã¦ã¯ã€Issueã®#753ã®ã‚³ãƒ¡ãƒ³ãƒˆã‚’ã”è¦§ãã ã•ã„ã€‚

GAã«æ˜‡æ ¼ã—ãŸæ©Ÿèƒ½ã®ãƒã‚¤ãƒ©ã‚¤ãƒˆ

ã“ã‚Œã¯ã€v1.32ã®ãƒªãƒªãƒ¼ã‚¹ã«ä¼´ã„GAã¨ãªã£ãŸæ”¹å–„ç‚¹ã®ä¸€éƒ¨ã§ã™ã€‚

ã‚«ã‚¹ã‚¿ãƒ ãƒªã‚½ãƒ¼ã‚¹ã®ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã‚»ãƒ¬ã‚¯ã‚¿ãƒ¼

ã‚«ã‚¹ã‚¿ãƒ ãƒªã‚½ãƒ¼ã‚¹ã®ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã‚»ãƒ¬ã‚¯ã‚¿ãƒ¼ã«ã‚ˆã‚Šã€é–‹ç™ºè€…ã¯çµ„ã¿è¾¼ã¿ã®Kubernetesã‚ªãƒ–ã‚¸ã‚§ã‚¯ãƒˆã§åˆ©ç”¨ã§ãã‚‹æ©Ÿèƒ½ã¨åŒæ§˜ã«ã€ã‚«ã‚¹ã‚¿ãƒ ãƒªã‚½ãƒ¼ã‚¹ã«ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã‚»ãƒ¬ã‚¯ã‚¿ãƒ¼ã‚’è¿½åŠ ã§ãã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã—ãŸã€‚ ã“ã‚Œã«ã‚ˆã‚Šã€ã‚«ã‚¹ã‚¿ãƒ ãƒªã‚½ãƒ¼ã‚¹ã®ã‚ˆã‚ŠåŠ¹çŽ‡çš„ã§æ£ç¢ºãªãƒ•ã‚£ãƒ«ã‚¿ãƒªãƒ³ã‚°ãŒå¯èƒ½ã«ãªã‚Šã€ã‚ˆã‚Šè‰¯ã„APIè¨è¨ˆã®å®Ÿè·µã‚’ä¿ƒé€²ã—ã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯ã€SIG API Machineryã«ã‚ˆã‚ŠKEP #4358ã®ä¸€éƒ¨ã¨ã—ã¦å®Ÿæ–½ã•ã‚Œã¾ã—ãŸã€‚

SizeMemoryBackedVolumesã®ã‚µãƒãƒ¼ãƒˆ

ã“ã®æ©Ÿèƒ½ã«ã‚ˆã‚Šã€Podã®ãƒªã‚½ãƒ¼ã‚¹åˆ¶é™ã«åŸºã¥ã„ã¦ãƒ¡ãƒ¢ãƒªãƒãƒƒã‚¯ã‚¢ãƒƒãƒ—ãƒœãƒªãƒ¥ãƒ¼ãƒ ã‚’å‹•çš„ã«ã‚µã‚¤ã‚ºè¨å®šã§ãã‚‹ã‚ˆã†ã«ãªã‚Šã€ãƒ¯ãƒ¼ã‚¯ãƒãƒ¼ãƒ‰ã®ç§»æ¤æ€§ã¨ãƒŽãƒ¼ãƒ‰ã®ãƒªã‚½ãƒ¼ã‚¹ä½¿ç”¨çŽ‡ã®å…¨ä½“çš„ãªå‘ä¸Šã‚’å®Ÿç¾ã—ã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯ã€SIG Nodeã«ã‚ˆã‚ŠKEP #1967ã®ä¸€éƒ¨ã¨ã—ã¦å®Ÿæ–½ã•ã‚Œã¾ã—ãŸã€‚

ãƒã‚¤ãƒ³ãƒ‰ã•ã‚ŒãŸã‚µãƒ¼ãƒ“ã‚¹ã‚¢ã‚«ã‚¦ãƒ³ãƒˆãƒˆãƒ¼ã‚¯ãƒ³ã®æ”¹å–„

ã‚µãƒ¼ãƒ“ã‚¹ã‚¢ã‚«ã‚¦ãƒ³ãƒˆãƒˆãƒ¼ã‚¯ãƒ³ã®ã‚¯ãƒ¬ãƒ¼ãƒ ã«ãƒŽãƒ¼ãƒ‰åã‚’å«ã‚ã‚‹ã“ã¨ã§ã€èªå¯ã¨èªè¨¼(ValidatingAdmissionPolicy)ã®éŽç¨‹ã§ã“ã®æƒ…å ±ã‚’ä½¿ç”¨ã§ãã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã—ãŸã€‚ ã•ã‚‰ã«ã€ã“ã®æ”¹å–„ã«ã‚ˆã‚Šã‚µãƒ¼ãƒ“ã‚¹ã‚¢ã‚«ã‚¦ãƒ³ãƒˆã®èªè¨¼æƒ…å ±ãŒãƒŽãƒ¼ãƒ‰ã®æ¨©é™æ˜‡æ ¼ãƒ‘ã‚¹ã¨ãªã‚‹ã“ã¨ã‚’é˜²ãŽã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯ã€SIG Authã«ã‚ˆã‚ŠKEP #4193ã®ä¸€éƒ¨ã¨ã—ã¦å®Ÿæ–½ã•ã‚Œã¾ã—ãŸã€‚

æ§‹é€ åŒ–ã•ã‚ŒãŸèªå¯è¨å®š

APIã‚µãƒ¼ãƒãƒ¼ã«è¤‡æ•°ã®èªå¯æ©Ÿèƒ½ã‚’è¨å®šã§ãã‚‹ã‚ˆã†ã«ãªã‚Šã€webhookã§ã®CELãƒžãƒƒãƒæ¡ä»¶ã‚’ã‚µãƒãƒ¼ãƒˆã™ã‚‹ã“ã¨ã§ã€æ§‹é€ åŒ–ã•ã‚ŒãŸèªå¯ã®åˆ¤æ–ãŒå¯èƒ½ã«ãªã‚Šã¾ã—ãŸã€‚

ã“ã®ä½œæ¥ã¯ã€SIG Authã«ã‚ˆã‚ŠKEP #3221ã®ä¸€éƒ¨ã¨ã—ã¦å®Ÿæ–½ã•ã‚Œã¾ã—ãŸã€‚

StatefulSetã«ã‚ˆã£ã¦ä½œæˆã•ã‚ŒãŸPVCã®è‡ªå‹•å‰Šé™¤

StatefulSetãŒä½œæˆã—ãŸPersistentVolumeClaim(PVC)ã¯ã€ä¸è¦ã«ãªã‚‹ã¨è‡ªå‹•çš„ã«å‰Šé™¤ã•ã‚Œã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã—ãŸã€‚ ã“ã‚Œã¯StatefulSetã®æ›´æ–°ã‚„ãƒŽãƒ¼ãƒ‰ã®ãƒ¡ãƒ³ãƒ†ãƒŠãƒ³ã‚¹æ™‚ã«ã‚‚ãƒ‡ãƒ¼ã‚¿ã‚’ç¢ºå®Ÿã«ä¿æŒã—ãŸã¾ã¾å‰Šé™¤å‡¦ç†ã‚’è¡Œã„ã¾ã™ã€‚ ã“ã®æ©Ÿèƒ½ã«ã‚ˆã‚Šã€StatefulSetã®ã‚¹ãƒˆãƒ¬ãƒ¼ã‚¸ç®¡ç†ãŒå®¹æ˜“ã«ãªã‚Šã€PVCãŒæ®‹ã•ã‚ŒãŸã¾ã¾ã«ãªã‚‹ãƒªã‚¹ã‚¯ã‚‚æ¸›å°‘ã—ã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯ã€SIG Appsã«ã‚ˆã‚ŠKEP #1847ã®ä¸€éƒ¨ã¨ã—ã¦å®Ÿæ–½ã•ã‚Œã¾ã—ãŸã€‚

ãƒ™ãƒ¼ã‚¿ã«æ˜‡æ ¼ã—ãŸæ©Ÿèƒ½ã®ãƒã‚¤ãƒ©ã‚¤ãƒˆ

ã“ã‚Œã¯ã€v1.32ã®ãƒªãƒªãƒ¼ã‚¹ã«ä¼´ã„ãƒ™ãƒ¼ã‚¿ã¨ãªã£ãŸæ”¹å–„ç‚¹ã®ä¸€éƒ¨ã§ã™ã€‚

Jobã®APIç®¡ç†ãƒ¡ã‚«ãƒ‹ã‚ºãƒ

Jobã®managedByãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ãŒv1.32ã§ãƒ™ãƒ¼ã‚¿ã«æ˜‡æ ¼ã—ã¾ã—ãŸã€‚ ã“ã®æ©Ÿèƒ½ã«ã‚ˆã‚Šã€å¤–éƒ¨ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼(Kueueãªã©)ãŒJobã®åŒæœŸã‚’ç®¡ç†ã§ãã‚‹ã‚ˆã†ã«ãªã‚Šã€é«˜åº¦ãªãƒ¯ãƒ¼ã‚¯ãƒãƒ¼ãƒ‰ç®¡ç†ã‚·ã‚¹ãƒ†ãƒ ã¨ã®ã‚ˆã‚ŠæŸ”è»Ÿãªçµ±åˆãŒå¯èƒ½ã«ãªã‚Šã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯ã€SIG Appsã«ã‚ˆã‚ŠKEP #4368ã®ä¸€éƒ¨ã¨ã—ã¦å®Ÿæ–½ã•ã‚Œã¾ã—ãŸã€‚

è¨å®šã•ã‚ŒãŸã‚¨ãƒ³ãƒ‰ãƒã‚¤ãƒ³ãƒˆã®ã¿ã®åŒ¿åèªè¨¼ã‚’è¨±å¯

ã“ã®æ©Ÿèƒ½ã«ã‚ˆã‚Šã€ç®¡ç†è€…ã¯åŒ¿åãƒªã‚¯ã‚¨ã‚¹ãƒˆã‚’è¨±å¯ã™ã‚‹ã‚¨ãƒ³ãƒ‰ãƒã‚¤ãƒ³ãƒˆã‚’æŒ‡å®šã§ãã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã—ãŸã€‚ ä¾‹ãˆã°ã€ç®¡ç†è€…ã¯/healthzã€/livezã€/readyzãªã©ã®ãƒ˜ãƒ«ã‚¹ã‚¨ãƒ³ãƒ‰ãƒã‚¤ãƒ³ãƒˆã¸ã®åŒ¿åã‚¢ã‚¯ã‚»ã‚¹ã®ã¿ã‚’è¨±å¯ã—ã€ãƒ¦ãƒ¼ã‚¶ãƒ¼ãŒRBACã‚’èª¤è¨å®šã—ãŸå ´åˆã§ã‚‚ã€ä»–ã®ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã‚¨ãƒ³ãƒ‰ãƒã‚¤ãƒ³ãƒˆã‚„ãƒªã‚½ãƒ¼ã‚¹ã¸ã®åŒ¿åã‚¢ã‚¯ã‚»ã‚¹ã‚’ç¢ºå®Ÿã«é˜²æ¢ã§ãã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯ã€SIG Authã«ã‚ˆã‚ŠKEP #4633ã®ä¸€éƒ¨ã¨ã—ã¦å®Ÿæ–½ã•ã‚Œã¾ã—ãŸã€‚

kube-schedulerã«ãŠã‘ã‚‹ãƒ—ãƒ©ã‚°ã‚¤ãƒ³ã”ã¨ã®å†ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ«åˆ¤æ–æ©Ÿèƒ½ã®æ”¹å–„

ã“ã®æ©Ÿèƒ½ã¯ã€ãƒ—ãƒ©ã‚°ã‚¤ãƒ³ã”ã¨ã®ã‚³ãƒ¼ãƒ«ãƒãƒƒã‚¯é–¢æ•°(QueueingHint)ã«ã‚ˆã£ã¦ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒªãƒ³ã‚°ã®å†è©¦è¡Œã®åˆ¤æ–ã‚’ã‚ˆã‚ŠåŠ¹çŽ‡çš„ã«ã™ã‚‹ã“ã¨ã§ã€ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒªãƒ³ã‚°ã®ã‚¹ãƒ«ãƒ¼ãƒ—ãƒƒãƒˆã‚’å‘ä¸Šã•ã›ã¾ã™ã€‚ ã™ã¹ã¦ã®ãƒ—ãƒ©ã‚°ã‚¤ãƒ³ãŒQueueingHintsã‚’æŒã¤ã‚ˆã†ã«ãªã‚Šã¾ã—ãŸã€‚

ã“ã®ä½œæ¥ã¯ã€SIG Schedulingã«ã‚ˆã‚ŠKEP #4247ã®ä¸€éƒ¨ã¨ã—ã¦å®Ÿæ–½ã•ã‚Œã¾ã—ãŸã€‚

ãƒœãƒªãƒ¥ãƒ¼ãƒ æ‹¡å¼µã®å¤±æ•—ã‹ã‚‰ã®ãƒªã‚«ãƒãƒªãƒ¼

ã“ã®æ©Ÿèƒ½ã«ã‚ˆã‚Šã€ãƒ¦ãƒ¼ã‚¶ãƒ¼ã¯å°ã•ã„ã‚µã‚¤ã‚ºã§å†è©¦è¡Œã™ã‚‹ã“ã¨ã§ãƒœãƒªãƒ¥ãƒ¼ãƒ æ‹¡å¼µã®å¤±æ•—ã‹ã‚‰å›žå¾©ã§ãã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã—ãŸã€‚ ã“ã®æ”¹å–„ã«ã‚ˆã‚Šã€ãƒœãƒªãƒ¥ãƒ¼ãƒ æ‹¡å¼µãŒã‚ˆã‚Šå …ç‰¢ã§ä¿¡é ¼æ€§ã®é«˜ã„ã‚‚ã®ã¨ãªã‚Šã€ãƒ—ãƒã‚»ã‚¹ä¸ã®ãƒ‡ãƒ¼ã‚¿æå¤±ã‚„ç ´æã®ãƒªã‚¹ã‚¯ãŒè»½æ¸›ã•ã‚Œã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯ã€SIG Storageã«ã‚ˆã‚ŠKEP #1790ã®ä¸€éƒ¨ã¨ã—ã¦å®Ÿæ–½ã•ã‚Œã¾ã—ãŸã€‚

ãƒœãƒªãƒ¥ãƒ¼ãƒ ã‚°ãƒ«ãƒ¼ãƒ—ã‚¹ãƒŠãƒƒãƒ—ã‚·ãƒ§ãƒƒãƒˆ

ã“ã®æ©Ÿèƒ½ã¯ã€VolumeGroupSnapshot APIã‚’å°Žå…¥ã—ã€ãƒ¦ãƒ¼ã‚¶ãƒ¼ãŒè¤‡æ•°ã®ãƒœãƒªãƒ¥ãƒ¼ãƒ ã‚’åŒæ™‚ã«ã‚¹ãƒŠãƒƒãƒ—ã‚·ãƒ§ãƒƒãƒˆå–å¾—ã§ãã‚‹ã‚ˆã†ã«ã™ã‚‹ã“ã¨ã§ã€ãƒœãƒªãƒ¥ãƒ¼ãƒ é–“ã®ãƒ‡ãƒ¼ã‚¿æ•´åˆæ€§ã‚’ç¢ºä¿ã—ã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯ã€SIG Storageã«ã‚ˆã‚ŠKEP #3476ã®ä¸€éƒ¨ã¨ã—ã¦å®Ÿæ–½ã•ã‚Œã¾ã—ãŸã€‚

æ§‹é€ åŒ–ãƒ‘ãƒ©ãƒ¡ãƒ¼ã‚¿ãƒ¼ã®ã‚µãƒãƒ¼ãƒˆ

Dynamic Resource Allocation(DRA)ã®ã‚³ã‚¢éƒ¨åˆ†ã§ã‚ã‚‹æ§‹é€ åŒ–ãƒ‘ãƒ©ãƒ¡ãƒ¼ã‚¿ãƒ¼ã®ã‚µãƒãƒ¼ãƒˆãŒãƒ™ãƒ¼ã‚¿ã«æ˜‡æ ¼ã—ã¾ã—ãŸã€‚ ã“ã‚Œã«ã‚ˆã‚Šã€kube-schedulerã¨Cluster Autoscalerã¯ã‚µãƒ¼ãƒ‰ãƒ‘ãƒ¼ãƒ†ã‚£ãƒ‰ãƒ©ã‚¤ãƒãƒ¼ã‚’å¿…è¦ã¨ã›ãšã«ã€ç›´æŽ¥ã‚¯ãƒ¬ãƒ¼ãƒ ã®å‰²ã‚Šå½“ã¦ã‚’ã‚·ãƒŸãƒ¥ãƒ¬ãƒ¼ã‚·ãƒ§ãƒ³ã§ãã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã—ãŸã€‚

ã“ã‚Œã‚‰ã®ã‚³ãƒ³ãƒãƒ¼ãƒãƒ³ãƒˆã¯ã€å®Ÿéš›ã«å‰²ã‚Šå½“ã¦ã‚’ç¢ºå®šã™ã‚‹ã“ã¨ãªãã€ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã®ç¾åœ¨ã®çŠ¶æ…‹ã«åŸºã¥ã„ã¦ãƒªã‚½ãƒ¼ã‚¹è¦æ±‚ãŒæº€ãŸã•ã‚Œã‚‹ã‹ã©ã†ã‹ã‚’äºˆæ¸¬ã§ãã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã—ãŸã€‚ ã‚µãƒ¼ãƒ‰ãƒ‘ãƒ¼ãƒ†ã‚£ãƒ‰ãƒ©ã‚¤ãƒãƒ¼ã«ã‚ˆã‚‹å‰²ã‚Šå½“ã¦ã®æ¤œè¨¼ã‚„ãƒ†ã‚¹ãƒˆãŒä¸è¦ã«ãªã£ãŸã“ã¨ã§ã€ã“ã®æ©Ÿèƒ½ã¯ãƒªã‚½ãƒ¼ã‚¹åˆ†é…ã®è¨ˆç”»ã¨æ„æ€æ±ºå®šã‚’æ”¹å–„ã—ã€ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒªãƒ³ã‚°ã¨ã‚¹ã‚±ãƒ¼ãƒªãƒ³ã‚°ã®ãƒ—ãƒã‚»ã‚¹ã‚’ã‚ˆã‚ŠåŠ¹çŽ‡çš„ã«ã—ã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯ã€WG Device Management(SIG Nodeã€SIG Schedulingã€SIG Autoscalingã‚’å«ã‚€æ©Ÿèƒ½æ¨ªæ–ãƒãƒ¼ãƒ )ã«ã‚ˆã‚ŠKEP #4381ã®ä¸€éƒ¨ã¨ã—ã¦å®Ÿæ–½ã•ã‚Œã¾ã—ãŸã€‚

ãƒ©ãƒ™ãƒ«ã¨ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã‚»ãƒ¬ã‚¯ã‚¿ãƒ¼ã®èªå¯

èªå¯ã®åˆ¤æ–ã«ãƒ©ãƒ™ãƒ«ã¨ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã‚»ãƒ¬ã‚¯ã‚¿ãƒ¼ã‚’ä½¿ç”¨ã§ãã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã—ãŸã€‚ ãƒŽãƒ¼ãƒ‰ã®èªå¯æ©Ÿèƒ½ã¯ã€ã“ã‚Œã‚’è‡ªå‹•çš„ã«æ´»ç”¨ã—ã¦ãƒŽãƒ¼ãƒ‰ãŒè‡ªèº«ã®Podã®ã¿ã‚’ãƒªã‚¹ãƒˆã‚„ã‚¦ã‚©ãƒƒãƒã§ãã‚‹ã‚ˆã†ã«åˆ¶é™ã—ã¾ã™ã€‚ Webhookã®èªå¯æ©Ÿèƒ½ã¯ã€ä½¿ç”¨ã•ã‚Œã‚‹ãƒ©ãƒ™ãƒ«ã‚„ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã‚»ãƒ¬ã‚¯ã‚¿ãƒ¼ã«åŸºã¥ã„ã¦ãƒªã‚¯ã‚¨ã‚¹ãƒˆã‚’åˆ¶é™ã™ã‚‹ã‚ˆã†ã«æ›´æ–°ã§ãã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯ã€SIG Authã«ã‚ˆã‚ŠKEP #4601ã®ä¸€éƒ¨ã¨ã—ã¦å®Ÿæ–½ã•ã‚Œã¾ã—ãŸã€‚

ã‚¢ãƒ«ãƒ•ã‚¡ã¨ã—ã¦å°Žå…¥ã•ã‚ŒãŸæ–°æ©Ÿèƒ½

ã“ã‚Œã¯ã€v1.32ã®ãƒªãƒªãƒ¼ã‚¹ã§ã‚¢ãƒ«ãƒ•ã‚¡ã¨ã—ã¦å°Žå…¥ã•ã‚ŒãŸä¸»ãªæ”¹å–„ç‚¹ã®ä¸€éƒ¨ã§ã™ã€‚

Kubernetesã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ©ãƒ¼ã«ãŠã‘ã‚‹éžåŒæœŸãƒ—ãƒªã‚¨ãƒ³ãƒ—ã‚·ãƒ§ãƒ³

Kubernetesã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ©ãƒ¼ã¯ã€ãƒ—ãƒªã‚¨ãƒ³ãƒ—ã‚·ãƒ§ãƒ³æ“ä½œã‚’éžåŒæœŸã§å‡¦ç†ã™ã‚‹ã“ã¨ã§ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒªãƒ³ã‚°ã®ã‚¹ãƒ«ãƒ¼ãƒ—ãƒƒãƒˆã‚’å‘ä¸Šã•ã›ã‚‹ã€éžåŒæœŸãƒ—ãƒªã‚¨ãƒ³ãƒ—ã‚·ãƒ§ãƒ³æ©Ÿèƒ½ãŒå¼·åŒ–ã•ã‚Œã¾ã—ãŸã€‚ ãƒ—ãƒªã‚¨ãƒ³ãƒ—ã‚·ãƒ§ãƒ³ã¯ã€å„ªå…ˆåº¦ã®ä½Žã„Podã‚’é€€é¿ã•ã›ã‚‹ã“ã¨ã§ã€å„ªå…ˆåº¦ã®é«˜ã„Podã«å¿…è¦ãªãƒªã‚½ãƒ¼ã‚¹ã‚’ç¢ºä¿ã—ã¾ã™ã€‚ ã—ã‹ã—ã€ã“ã‚Œã¾ã§ã“ã®ãƒ—ãƒã‚»ã‚¹ã§ã¯Podã‚’å‰Šé™¤ã™ã‚‹ãŸã‚ã®APIã‚³ãƒ¼ãƒ«ãªã©ã®é‡ã„æ“ä½œãŒå¿…è¦ã§ã€ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ©ãƒ¼ã®é€Ÿåº¦ä½Žä¸‹ã‚’å¼•ãèµ·ã“ã—ã¦ã„ã¾ã—ãŸã€‚ ã“ã®å¼·åŒ–ã«ã‚ˆã‚Šã€ãã®ã‚ˆã†ãªå‡¦ç†ãŒä¸¦åˆ—ã§å®Ÿè¡Œã•ã‚Œã‚‹ã‚ˆã†ã«ãªã‚Šã€ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ©ãƒ¼ã¯ä»–ã®Podã®ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒªãƒ³ã‚°ã‚’é…å»¶ãªãç¶™ç¶šã§ãã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã—ãŸã€‚ ã“ã®æ”¹å–„ã¯ã€ç‰¹ã«Podã®å…¥ã‚Œæ›¿ã‚ã‚ŠãŒé »ç¹ãªã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã‚„ã€ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒªãƒ³ã‚°ã®å¤±æ•—ãŒé »ç™ºã™ã‚‹ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã§æœ‰åŠ¹ã§ã€ã‚ˆã‚ŠåŠ¹çŽ‡çš„ã§å …ç‰¢ãªã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒªãƒ³ã‚°ãƒ—ãƒã‚»ã‚¹ã‚’å®Ÿç¾ã—ã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯ã€SIG Schedulingã«ã‚ˆã‚ŠKEP #4832ã®ä¸€éƒ¨ã¨ã—ã¦å®Ÿæ–½ã•ã‚Œã¾ã—ãŸã€‚

CELå¼ã‚’ä½¿ç”¨ã—ãŸMutating Admission Policy

ã“ã®æ©Ÿèƒ½ã¯ã€CELã®ã‚ªãƒ–ã‚¸ã‚§ã‚¯ãƒˆã‚¤ãƒ³ã‚¹ã‚¿ãƒ³ã‚¹åŒ–ã¨JSONãƒ‘ãƒƒãƒæˆ¦ç•¥ã‚’ã€Server Side Applyã®ãƒžãƒ¼ã‚¸ã‚¢ãƒ«ã‚´ãƒªã‚ºãƒ ã¨çµ„ã¿åˆã‚ã›ã¦æ´»ç”¨ã—ã¾ã™ã€‚ ã“ã‚Œã«ã‚ˆã‚Šã€ãƒãƒªã‚·ãƒ¼å®šç¾©ãŒç°¡ç´ åŒ–ã•ã‚Œã€å¤‰æ›´ã®ç«¶åˆãŒå‰Šæ¸›ã•ã‚Œã€ã‚¢ãƒ‰ãƒŸãƒƒã‚·ãƒ§ãƒ³åˆ¶å¾¡ã®ãƒ‘ãƒ•ã‚©ãƒ¼ãƒžãƒ³ã‚¹ãŒå‘ä¸Šã™ã‚‹ã¨åŒæ™‚ã«ã€Kubernetesã«ãŠã‘ã‚‹ã‚ˆã‚Šå …ç‰¢ã§æ‹¡å¼µå¯èƒ½ãªãƒãƒªã‚·ãƒ¼ãƒ•ãƒ¬ãƒ¼ãƒ ãƒ¯ãƒ¼ã‚¯ã®åŸºç›¤ãŒæ§‹ç¯‰ã•ã‚Œã¾ã™ã€‚

Kubernetesã®APIã‚µãƒ¼ãƒãƒ¼ã¯ã€Common Expression Language(CEL)ãƒ™ãƒ¼ã‚¹ã®Mutating Admission Policyã‚’ã‚µãƒãƒ¼ãƒˆã™ã‚‹ã‚ˆã†ã«ãªã‚Šã€Mutating Admission Webhookã®è»½é‡ã§åŠ¹çŽ‡çš„ãªä»£æ›¿æ‰‹æ®µã‚’æä¾›ã—ã¾ã™ã€‚ ã“ã®å¼·åŒ–ã«ã‚ˆã‚Šã€ç®¡ç†è€…ã¯CELã‚’ä½¿ç”¨ã—ã¦ã€ãƒ©ãƒ™ãƒ«ã®è¨å®šã€ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã®ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆå€¤è¨å®šã€ã‚µã‚¤ãƒ‰ã‚«ãƒ¼ã®æ³¨å…¥ã¨ã„ã£ãŸå¤‰æ›´ã‚’ã€ã‚·ãƒ³ãƒ—ãƒ«ãªå®£è¨€çš„ãªå¼ã§å®šç¾©ã§ãã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã—ãŸã€‚ ã“ã®ã‚¢ãƒ—ãƒãƒ¼ãƒã«ã‚ˆã‚Šã€é‹ç”¨ã®è¤‡é›‘ã•ãŒè»½æ¸›ã•ã‚Œã€webhookã®å¿…è¦æ€§ãŒæŽ’é™¤ã•ã‚Œã€kube-apiserverã¨ç›´æŽ¥çµ±åˆã•ã‚Œã‚‹ã“ã¨ã§ã€ã‚ˆã‚Šé«˜é€Ÿã§ä¿¡é ¼æ€§ã®é«˜ã„ãƒ—ãƒã‚»ã‚¹å†…å¤‰æ›´å‡¦ç†ã‚’å®Ÿç¾ã—ã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯ã€SIG API Machineryã«ã‚ˆã‚ŠKEP #3962ã®ä¸€éƒ¨ã¨ã—ã¦å®Ÿæ–½ã•ã‚Œã¾ã—ãŸã€‚

Podãƒ¬ãƒ™ãƒ«ã®ãƒªã‚½ãƒ¼ã‚¹æŒ‡å®š

ã“ã®æ©Ÿèƒ½å¼·åŒ–ã«ã‚ˆã‚Šã€Podãƒ¬ãƒ™ãƒ«ã§ãƒªã‚½ãƒ¼ã‚¹ã®è¦æ±‚ã¨åˆ¶é™ã‚’è¨å®šã§ãã‚‹ã‚ˆã†ã«ãªã‚Šã€Podå†…ã®ã™ã¹ã¦ã®ã‚³ãƒ³ãƒ†ãƒŠãŒå‹•çš„ã«ä½¿ç”¨ã§ãã‚‹å…±æœ‰ãƒ—ãƒ¼ãƒ«ã‚’ä½œæˆã™ã‚‹ã“ã¨ã§ã€Kubernetesã®ãƒªã‚½ãƒ¼ã‚¹ç®¡ç†ãŒç°¡ç´ åŒ–ã•ã‚Œã¾ã™ã€‚ ã“ã‚Œã¯ç‰¹ã«ã€ãƒªã‚½ãƒ¼ã‚¹éœ€è¦ãŒå¤‰å‹•çš„ã¾ãŸã¯ãƒãƒ¼ã‚¹ãƒˆçš„ãªã‚³ãƒ³ãƒ†ãƒŠã‚’æŒã¤ãƒ¯ãƒ¼ã‚¯ãƒãƒ¼ãƒ‰ã«ã¨ã£ã¦æœ‰ç”¨ã§ã€éŽå‰°ãªãƒ—ãƒãƒ“ã‚¸ãƒ§ãƒ‹ãƒ³ã‚°ã‚’æœ€å°é™ã«æŠ‘ãˆã€å…¨ä½“çš„ãªãƒªã‚½ãƒ¼ã‚¹åŠ¹çŽ‡ã‚’å‘ä¸Šã•ã›ã¾ã™ã€‚

Kubernetesã¯Podãƒ¬ãƒ™ãƒ«ã§Linuxã®cgroupè¨å®šã‚’æ´»ç”¨ã™ã‚‹ã“ã¨ã§ã€ã“ã‚Œã‚‰ã®ãƒªã‚½ãƒ¼ã‚¹åˆ¶é™ã‚’ç¢ºå®Ÿã«é©ç”¨ã—ãªãŒã‚‰ã€å¯†çµåˆã—ãŸã‚³ãƒ³ãƒ†ãƒŠãŒäººç‚ºçš„ãªåˆ¶ç´„ã«ç¸›ã‚‰ã‚Œã‚‹ã“ã¨ãªãã€ã‚ˆã‚ŠåŠ¹æžœçš„ã«é€£æºã§ãã‚‹ã‚ˆã†ã«ã—ã¾ã™ã€‚ é‡è¦ãªã“ã¨ã«ã€ã“ã®æ©Ÿèƒ½ã¯æ—¢å˜ã®ã‚³ãƒ³ãƒ†ãƒŠãƒ¬ãƒ™ãƒ«ã®ãƒªã‚½ãƒ¼ã‚¹è¨å®šã¨ã®å¾Œæ–¹äº’æ›æ€§ã‚’ç¶æŒã—ã¦ãŠã‚Šã€ãƒ¦ãƒ¼ã‚¶ãƒ¼ã¯ç¾åœ¨ã®ãƒ¯ãƒ¼ã‚¯ãƒ•ãƒãƒ¼ã‚„æ—¢å˜ã®è¨å®šã‚’ä¸æ–ã™ã‚‹ã“ã¨ãªãã€æ®µéšŽçš„ã«æŽ¡ç”¨ã§ãã¾ã™ã€‚

ã“ã‚Œã¯ã€ã‚³ãƒ³ãƒ†ãƒŠé–“ã®ãƒªã‚½ãƒ¼ã‚¹å‰²ã‚Šå½“ã¦ç®¡ç†ã®é‹ç”¨è¤‡é›‘æ€§ã‚’è»½æ¸›ã™ã‚‹ãŸã‚ã€ãƒžãƒ«ãƒã‚³ãƒ³ãƒ†ãƒŠPodã«ã¨ã£ã¦é‡è¦ãªæ”¹å–„ã¨ãªã‚Šã¾ã™ã€‚ ã¾ãŸã€ã‚³ãƒ³ãƒ†ãƒŠãŒãƒ¯ãƒ¼ã‚¯ãƒãƒ¼ãƒ‰ã‚’å…±æœ‰ã—ãŸã‚Šã€æœ€é©ãªãƒ‘ãƒ•ã‚©ãƒ¼ãƒžãƒ³ã‚¹ã‚’ç™ºæ®ã™ã‚‹ãŸã‚ã«äº’ã„ã®å¯ç”¨æ€§ã«ä¾å˜ã—ãŸã‚Šã™ã‚‹ã‚µã‚¤ãƒ‰ã‚«ãƒ¼ã‚¢ãƒ¼ã‚ãƒ†ã‚¯ãƒãƒ£ãªã©ã®å¯†æŽ¥ã«çµ±åˆã•ã‚ŒãŸã‚¢ãƒ—ãƒªã‚±ãƒ¼ã‚·ãƒ§ãƒ³ã«ãŠã„ã¦ã€ãƒ‘ãƒ•ã‚©ãƒ¼ãƒžãƒ³ã‚¹ã®å‘ä¸Šã‚’ã‚‚ãŸã‚‰ã—ã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯ã€SIG Nodeã«ã‚ˆã‚ŠKEP #2837ã®ä¸€éƒ¨ã¨ã—ã¦å®Ÿæ–½ã•ã‚Œã¾ã—ãŸã€‚

PreStopãƒ•ãƒƒã‚¯ã®ã‚¹ãƒªãƒ¼ãƒ—ã‚¢ã‚¯ã‚·ãƒ§ãƒ³ã§ã‚¼ãƒå€¤ã‚’è¨±å¯

ã“ã®æ©Ÿèƒ½å¼·åŒ–ã«ã‚ˆã‚Šã€Kubernetesã®PreStopãƒ©ã‚¤ãƒ•ã‚µã‚¤ã‚¯ãƒ«ãƒ•ãƒƒã‚¯ã§0ç§’ã®ã‚¹ãƒªãƒ¼ãƒ—æ™‚é–“ã‚’è¨å®šã§ãã‚‹ã‚ˆã†ã«ãªã‚Šã€ãƒªã‚½ãƒ¼ã‚¹ã®æ¤œè¨¼ã¨ã‚«ã‚¹ã‚¿ãƒžã‚¤ã‚ºã®ãŸã‚ã®ã‚ˆã‚ŠæŸ”è»Ÿãªç„¡æ“ä½œã‚ªãƒ—ã‚·ãƒ§ãƒ³ã‚’æä¾›ã—ã¾ã™ã€‚ ã“ã‚Œã¾ã§ã¯ã€ã‚¹ãƒªãƒ¼ãƒ—ã‚¢ã‚¯ã‚·ãƒ§ãƒ³ã«ã‚¼ãƒå€¤ã‚’è¨å®šã—ã‚ˆã†ã¨ã™ã‚‹ã¨ãƒãƒªãƒ‡ãƒ¼ã‚·ãƒ§ãƒ³ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ã€ãã®ä½¿ç”¨ãŒåˆ¶é™ã•ã‚Œã¦ã„ã¾ã—ãŸã€‚ ã“ã®æ›´æ–°ã«ã‚ˆã‚Šã€ãƒ¦ãƒ¼ã‚¶ãƒ¼ã¯ã‚¼ãƒç§’ã®æ™‚é–“ã‚’æœ‰åŠ¹ãªã‚¹ãƒªãƒ¼ãƒ—è¨å®šã¨ã—ã¦è¨å®šã§ãã€å¿…è¦ã«å¿œã˜ã¦å³æ™‚å®Ÿè¡Œã¨çµ‚äº†ã®å‹•ä½œãŒå¯èƒ½ã«ãªã‚Šã¾ã™ã€‚

ã“ã®æ©Ÿèƒ½å¼·åŒ–ã¯å¾Œæ–¹äº’æ›æ€§ãŒã‚ã‚Šã€PodLifecycleSleepActionAllowZeroãƒ•ã‚£ãƒ¼ãƒãƒ£ãƒ¼ã‚²ãƒ¼ãƒˆã«ã‚ˆã£ã¦åˆ¶å¾¡ã•ã‚Œã‚‹ã‚ªãƒ—ãƒˆã‚¤ãƒ³æ©Ÿèƒ½ã¨ã—ã¦å°Žå…¥ã•ã‚Œã¦ã„ã¾ã™ã€‚ ã“ã®å¤‰æ›´ã¯ã€å®Ÿéš›ã®ã‚¹ãƒªãƒ¼ãƒ—æ™‚é–“ã‚’å¿…è¦ã¨ã›ãšã«ã€æ¤œè¨¼ã‚„Admission Webhookå‡¦ç†ã®ãŸã‚ã«PreStopãƒ•ãƒƒã‚¯ã‚’å¿…è¦ã¨ã™ã‚‹ã‚·ãƒŠãƒªã‚ªã§ç‰¹ã«æœ‰åŠ¹ã§ã™ã€‚ Goã®time.Afteré–¢æ•°ã®æ©Ÿèƒ½ã«åˆã‚ã›ã‚‹ã“ã¨ã§ã€ã“ã®æ›´æ–°ã¯Kubernetesãƒ¯ãƒ¼ã‚¯ãƒãƒ¼ãƒ‰ã®è¨å®šã‚’ç°¡ç´ åŒ–ã—ã€ä½¿ã„ã‚„ã™ã•ã‚’å‘ä¸Šã•ã›ã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯ã€SIG Nodeã«ã‚ˆã‚ŠKEP #4818ã®ä¸€éƒ¨ã¨ã—ã¦å®Ÿæ–½ã•ã‚Œã¾ã—ãŸã€‚

DRAï¼šResourceClaimã‚¹ãƒ†ãƒ¼ã‚¿ã‚¹ã®ãŸã‚ã®æ¨™æº–åŒ–ã•ã‚ŒãŸãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ã‚¤ãƒ³ã‚¿ãƒ¼ãƒ•ã‚§ãƒ¼ã‚¹ãƒ‡ãƒ¼ã‚¿

ã“ã®æ©Ÿèƒ½å¼·åŒ–ã«ã‚ˆã‚Šã€ãƒ‰ãƒ©ã‚¤ãƒãƒ¼ãŒResourceClaimã®å„å‰²ã‚Šå½“ã¦ã‚ªãƒ–ã‚¸ã‚§ã‚¯ãƒˆã«å¯¾ã—ã¦ç‰¹å®šã®ãƒ‡ãƒã‚¤ã‚¹ã‚¹ãƒ†ãƒ¼ã‚¿ã‚¹ãƒ‡ãƒ¼ã‚¿ã‚’å ±å‘Šã§ãã‚‹æ–°ã—ã„ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ãŒè¿½åŠ ã•ã‚Œã¾ã—ãŸã€‚ ã¾ãŸã€ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ãƒ‡ãƒã‚¤ã‚¹æƒ…å ±ã‚’è¡¨ç¾ã™ã‚‹ãŸã‚ã®æ¨™æº–çš„ãªæ–¹æ³•ã‚‚ç¢ºç«‹ã•ã‚Œã¾ã—ãŸã€‚

ã“ã®ä½œæ¥ã¯ã€SIG Networkã«ã‚ˆã‚ŠKEP #4817ã®ä¸€éƒ¨ã¨ã—ã¦å®Ÿæ–½ã•ã‚Œã¾ã—ãŸã€‚

ã‚³ã‚¢ã‚³ãƒ³ãƒãƒ¼ãƒãƒ³ãƒˆã®æ–°ã—ã„statuszã¨flagzã‚¨ãƒ³ãƒ‰ãƒã‚¤ãƒ³ãƒˆ

ã‚³ã‚¢ã‚³ãƒ³ãƒãƒ¼ãƒãƒ³ãƒˆã«å¯¾ã—ã¦ã€2ã¤ã®æ–°ã—ã„HTTPã‚¨ãƒ³ãƒ‰ãƒã‚¤ãƒ³ãƒˆ(/statuszã¨/flagz)ã‚’æœ‰åŠ¹ã«ã§ãã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã—ãŸã€‚ ã“ã‚Œã‚‰ã®ã‚¨ãƒ³ãƒ‰ãƒã‚¤ãƒ³ãƒˆã¯ã€ã‚³ãƒ³ãƒãƒ¼ãƒãƒ³ãƒˆãŒå®Ÿè¡Œã•ã‚Œã¦ã„ã‚‹ãƒãƒ¼ã‚¸ãƒ§ãƒ³(Golangã®ãƒãƒ¼ã‚¸ãƒ§ãƒ³ãªã©)ã‚„ã€ç¨¼åƒæ™‚é–“ã€ãã®ã‚³ãƒ³ãƒãƒ¼ãƒãƒ³ãƒˆãŒå®Ÿè¡Œã•ã‚ŒãŸéš›ã®ã‚³ãƒžãƒ³ãƒ‰ãƒ©ã‚¤ãƒ³ãƒ•ãƒ©ã‚°ã®è©³ç´°ã‚’æŠŠæ¡ã™ã‚‹ã“ã¨ã§ã€ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã®ãƒ‡ãƒãƒƒã‚°æ€§ã‚’å‘ä¸Šã•ã›ã¾ã™ã€‚ ã“ã‚Œã«ã‚ˆã‚Šã€å®Ÿè¡Œæ™‚ãŠã‚ˆã³è¨å®šã®å•é¡Œã®è¨ºæ–ãŒå®¹æ˜“ã«ãªã‚Šã¾ã™ã€‚

ã“ã®ä½œæ¥ã¯ã€SIG Instrumentationã«ã‚ˆã‚ŠKEP #4827ã¨KEP #4828ã®ä¸€éƒ¨ã¨ã—ã¦å®Ÿæ–½ã•ã‚Œã¾ã—ãŸã€‚

Windowsã®é€†è¥²

Kubernetesã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã«ãŠã„ã¦ã€WindowsãƒŽãƒ¼ãƒ‰ã®æ£å¸¸ãªã‚·ãƒ£ãƒƒãƒˆãƒ€ã‚¦ãƒ³ã®ã‚µãƒãƒ¼ãƒˆãŒè¿½åŠ ã•ã‚Œã¾ã—ãŸã€‚ ã“ã®ãƒªãƒªãƒ¼ã‚¹ä»¥å‰ã€Kubernetesã¯LinuxãƒŽãƒ¼ãƒ‰ã«å¯¾ã—ã¦æ£å¸¸ãªãƒŽãƒ¼ãƒ‰ã‚·ãƒ£ãƒƒãƒˆãƒ€ã‚¦ãƒ³æ©Ÿèƒ½ã‚’æä¾›ã—ã¦ã„ã¾ã—ãŸãŒã€Windowsã«å¯¾ã™ã‚‹åŒç‰ã®ã‚µãƒãƒ¼ãƒˆã¯æ¬ ã‘ã¦ã„ã¾ã—ãŸã€‚ ã“ã®æ©Ÿèƒ½å¼·åŒ–ã«ã‚ˆã‚Šã€WindowsãƒŽãƒ¼ãƒ‰ä¸Šã®kubeletãŒã‚·ã‚¹ãƒ†ãƒ ã®ã‚·ãƒ£ãƒƒãƒˆãƒ€ã‚¦ãƒ³ã‚¤ãƒ™ãƒ³ãƒˆã‚’é©åˆ‡ã«å‡¦ç†ã§ãã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã—ãŸã€‚ ã“ã‚Œã«ã‚ˆã‚Šã€WindowsãƒŽãƒ¼ãƒ‰ä¸Šã§å®Ÿè¡Œã•ã‚Œã¦ã„ã‚‹PodãŒæ£å¸¸ã«çµ‚äº†ã•ã‚Œã€ãƒ¯ãƒ¼ã‚¯ãƒãƒ¼ãƒ‰ã®ä¸æ–ãªã—ã§ã®å†ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ«ãŒå¯èƒ½ã«ãªã‚Šã¾ã™ã€‚ ã“ã®æ”¹å–„ã«ã‚ˆã‚Šã€ç‰¹ã«è¨ˆç”»çš„ãªãƒ¡ãƒ³ãƒ†ãƒŠãƒ³ã‚¹ã‚„ã‚·ã‚¹ãƒ†ãƒ æ›´æ–°æ™‚ã«ãŠã„ã¦ã€WindowsãƒŽãƒ¼ãƒ‰ã‚’å«ã‚€ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã®ä¿¡é ¼æ€§ã¨å®‰å®šæ€§ãŒå‘ä¸Šã—ã¾ã™ã€‚

ã•ã‚‰ã«ã€CPUãƒžãƒãƒ¼ã‚¸ãƒ£ãƒ¼ã€ãƒ¡ãƒ¢ãƒªãƒžãƒãƒ¼ã‚¸ãƒ£ãƒ¼ã€ãƒˆãƒãƒã‚¸ãƒ¼ãƒžãƒãƒ¼ã‚¸ãƒ£ãƒ¼ã®æ”¹å–„ã«ã‚ˆã‚Šã€WindowsãƒŽãƒ¼ãƒ‰ã«å¯¾ã™ã‚‹CPUã¨ãƒ¡ãƒ¢ãƒªã®ã‚¢ãƒ•ã‚£ãƒ‹ãƒ†ã‚£ã‚µãƒãƒ¼ãƒˆãŒè¿½åŠ ã•ã‚Œã¾ã—ãŸã€‚

ã“ã®ä½œæ¥ã¯ã€SIG Windowsã«ã‚ˆã‚ŠKEP #4802ã¨KEP #4885ã®ä¸€éƒ¨ã¨ã—ã¦å®Ÿæ–½ã•ã‚Œã¾ã—ãŸã€‚

GAã¸ã®æ˜‡æ ¼

ã“ã“ã§ã¯ã€GA(ä¸€èˆ¬æä¾› ã¨ã‚‚å‘¼ã°ã‚Œã‚‹)ã«æ˜‡æ ¼ã—ãŸã™ã¹ã¦ã®æ©Ÿèƒ½ã‚’ç´¹ä»‹ã—ã¾ã™ã€‚æ–°æ©Ÿèƒ½ã‚„ã‚¢ãƒ«ãƒ•ã‚¡ã‹ã‚‰ãƒ™ãƒ¼ã‚¿ã¸ã®æ˜‡æ ¼ã‚’å«ã‚€å®Œå…¨ãªæ›´æ–°ãƒªã‚¹ãƒˆã«ã¤ã„ã¦ã¯ã€ãƒªãƒªãƒ¼ã‚¹ãƒŽãƒ¼ãƒˆã‚’ã”è¦§ãã ã•ã„ã€‚

éžæŽ¨å¥¨åŒ–ã¨å‰Šé™¤

Kubernetesã®é–‹ç™ºã¨æˆç†Ÿã«ä¼´ã„ã€ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆå…¨ä½“ã®å¥å…¨æ€§ã®ãŸã‚ã«ã€æ©Ÿèƒ½ãŒéžæŽ¨å¥¨åŒ–ã€å‰Šé™¤ã€ã¾ãŸã¯ã‚ˆã‚Šè‰¯ã„ã‚‚ã®ã«ç½®ãæ›ãˆã‚‰ã‚Œã‚‹å ´åˆãŒã‚ã‚Šã¾ã™ã€‚ ã“ã®ãƒ—ãƒã‚»ã‚¹ã®è©³ç´°ã«ã¤ã„ã¦ã¯ã€Kubernetesã®éžæŽ¨å¥¨åŒ–ã¨å‰Šé™¤ã®ãƒãƒªã‚·ãƒ¼ã‚’ã”è¦§ãã ã•ã„ã€‚

å¤ã„DRAå®Ÿè£…ã®å»ƒæ¢

KEP #3063ã«ã‚ˆã‚Šã€Kubernetes 1.26ã§Dynamic Resource Allocation(DRA)ãŒå°Žå…¥ã•ã‚Œã¾ã—ãŸã€‚

ã—ã‹ã—ã€Kubernetes v1.32ã§ã¯ã€ã“ã®DRAã®ã‚¢ãƒ—ãƒãƒ¼ãƒãŒå¤§å¹…ã«å¤‰æ›´ã•ã‚Œã¾ã™ã€‚å…ƒã®å®Ÿè£…ã«é–¢é€£ã™ã‚‹ã‚³ãƒ¼ãƒ‰ã¯å‰Šé™¤ã•ã‚Œã€KEP #4381ãŒã€Œæ–°ã—ã„ã€åŸºæœ¬æ©Ÿèƒ½ã¨ã—ã¦æ®‹ã‚Šã¾ã™ã€‚

æ—¢å˜ã®ã‚¢ãƒ—ãƒãƒ¼ãƒã‚’å¤‰æ›´ã™ã‚‹æ±ºå®šã¯ã€ãƒªã‚½ãƒ¼ã‚¹ã®å¯ç”¨æ€§ãŒä¸é€æ˜Žã§ã‚ã£ãŸã“ã¨ã«ã‚ˆã‚‹ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã‚ªãƒ¼ãƒˆã‚¹ã‚±ãƒ¼ãƒªãƒ³ã‚°ã¨ã®éžäº’æ›æ€§ã«èµ·å› ã—ã¦ãŠã‚Šã€ã“ã‚Œã«ã‚ˆã‚ŠCluster Autoscalerã¨ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ã®ä¸¡æ–¹ã®æ„æ€æ±ºå®šãŒè¤‡é›‘åŒ–ã—ã¦ã„ã¾ã—ãŸã€‚ æ–°ã—ãè¿½åŠ ã•ã‚ŒãŸStructured Parameterãƒ¢ãƒ‡ãƒ«ãŒãã®æ©Ÿèƒ½ã‚’ç½®ãæ›ãˆã¾ã™ã€‚

ã“ã®å‰Šé™¤ã«ã‚ˆã‚Šã€Kubernetesã¯kube-apiserverã¨ã®åŒæ–¹å‘ã®APIã‚³ãƒ¼ãƒ«ã®è¤‡é›‘ã•ã‚’å›žé¿ã—ã€æ–°ã—ã„ãƒãƒ¼ãƒ‰ã‚¦ã‚§ã‚¢è¦ä»¶ã¨ãƒªã‚½ãƒ¼ã‚¹ã‚¯ãƒ¬ãƒ¼ãƒ ã‚’ã‚ˆã‚Šäºˆæ¸¬å¯èƒ½ãªæ–¹æ³•ã§å‡¦ç†ã§ãã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã™ã€‚

APIå‰Šé™¤

Kubernetes v1.32ã§ã¯ã€ä»¥ä¸‹ã®APIãŒå‰Šé™¤ã•ã‚Œã¾ã™ï¼š

FlowSchemaã¨PriorityLevelConfigurationã®flowcontrol.apiserver.k8s.io/v1beta3 APIãƒãƒ¼ã‚¸ãƒ§ãƒ³ãŒå‰Šé™¤ã•ã‚Œã¾ã™ã€‚ ã“ã‚Œã«å‚™ãˆã‚‹ãŸã‚ã€æ—¢å˜ã®ãƒžãƒ‹ãƒ•ã‚§ã‚¹ãƒˆã‚’ç·¨é›†ã—ã€v1.29ä»¥é™ã§åˆ©ç”¨å¯èƒ½ãªflowcontrol.apiserver.k8s.io/v1 APIãƒãƒ¼ã‚¸ãƒ§ãƒ³ã‚’ä½¿ç”¨ã™ã‚‹ã‚ˆã†ã«ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆã‚½ãƒ•ãƒˆã‚¦ã‚§ã‚¢ã‚’æ›¸ãæ›ãˆã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚ æ—¢å˜ã®æ°¸ç¶šåŒ–ã•ã‚ŒãŸã‚ªãƒ–ã‚¸ã‚§ã‚¯ãƒˆã¯ã™ã¹ã¦æ–°ã—ã„APIã‚’é€šã˜ã¦ã‚¢ã‚¯ã‚»ã‚¹å¯èƒ½ã§ã™ã€‚ flowcontrol.apiserver.k8s.io/v1beta3ã«ãŠã‘ã‚‹ä¸»ãªå¤‰æ›´ç‚¹ã¨ã—ã¦ã€PriorityLevelConfigurationã®spec.limited.nominalConcurrencySharesãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã¯æœªæŒ‡å®šã®å ´åˆã«ã®ã¿ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã§30ã¨ãªã‚Šã€æ˜Žç¤ºçš„ã«0ãŒæŒ‡å®šã•ã‚ŒãŸå ´åˆã¯30ã«å¤‰æ›´ã•ã‚Œãªã„ã‚ˆã†ã«ãªã‚Šã¾ã—ãŸã€‚

ãƒªãƒªãƒ¼ã‚¹ãƒŽãƒ¼ãƒˆã¨ã‚¢ãƒƒãƒ—ã‚°ãƒ¬ãƒ¼ãƒ‰ã«å¿…è¦ãªã‚¢ã‚¯ã‚·ãƒ§ãƒ³

å…¥æ‰‹æ–¹æ³•

Kubernetes v1.32ã¯ã€GitHubã¾ãŸã¯Kubernetesãƒ€ã‚¦ãƒ³ãƒãƒ¼ãƒ‰ãƒšãƒ¼ã‚¸ã‹ã‚‰ãƒ€ã‚¦ãƒ³ãƒãƒ¼ãƒ‰ã§ãã¾ã™ã€‚

Kubernetesã‚’å§‹ã‚ã‚‹ã«ã¯ã€å¯¾è©±å¼ã®ãƒãƒ¥ãƒ¼ãƒˆãƒªã‚¢ãƒ«ã‚’ãƒã‚§ãƒƒã‚¯ã™ã‚‹ã‹ã€minikubeã‚’ä½¿ç”¨ã—ã¦ãƒãƒ¼ã‚«ãƒ«Kubernetesã‚¯ãƒ©ã‚¹ã‚¿ã‚’å®Ÿè¡Œã—ã¦ãã ã•ã„ã€‚ ã¾ãŸã€kubeadmã‚’ä½¿ç”¨ã—ã¦ç°¡å˜ã«v1.32ã‚’ã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ«ã™ã‚‹ã“ã¨ã‚‚ã§ãã¾ã™ã€‚

ãƒªãƒªãƒ¼ã‚¹ãƒãƒ¼ãƒ

Kubernetesã¯ã€ãã®ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã®ã‚µãƒãƒ¼ãƒˆã€çŒ®èº«ã€ãã—ã¦æ‡¸å‘½ãªåŠªåŠ›ã«æ”¯ãˆã‚‰ã‚Œã¦å®Ÿç¾ã—ã¦ã„ã¾ã™ã€‚ å„ãƒªãƒªãƒ¼ã‚¹ãƒãƒ¼ãƒ ã¯ã€çš†æ§˜ãŒé ¼ã‚Šã«ã—ã¦ã„ã‚‹Kubernetesãƒªãƒªãƒ¼ã‚¹ã‚’æ§‹æˆã™ã‚‹å¤šãã®è¦ç´ ã‚’æ§‹ç¯‰ã™ã‚‹ãŸã‚ã«å”åŠ›ã—ã¦åƒãã€çŒ®èº«çš„ãªã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ãƒœãƒ©ãƒ³ãƒ†ã‚£ã‚¢ã§æ§‹æˆã•ã‚Œã¦ã„ã¾ã™ã€‚ ã“ã‚Œã«ã¯ã€ã‚³ãƒ¼ãƒ‰è‡ªä½“ã‹ã‚‰ãƒ‰ã‚ãƒ¥ãƒ¡ãƒ³ãƒ†ãƒ¼ã‚·ãƒ§ãƒ³ã€ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆç®¡ç†ã«è‡³ã‚‹ã¾ã§ã€ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã®ã‚ã‚‰ã‚†ã‚‹åˆ†é‡Žã‹ã‚‰å°‚é–€çš„ãªã‚¹ã‚ãƒ«ã‚’æŒã¤äººã€…ãŒå¿…è¦ã§ã™ã€‚

ç§ãŸã¡ã¯ã€Kubernetes v1.32ãƒªãƒªãƒ¼ã‚¹ã‚’ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã«æä¾›ã™ã‚‹ãŸã‚ã«å¤šãã®æ™‚é–“ã‚’è²»ã‚„ã—ã¦ãã ã•ã£ãŸãƒªãƒªãƒ¼ã‚¹ãƒãƒ¼ãƒ å…¨ä½“ã«æ„Ÿè¬ã®æ„ã‚’è¡¨ã—ã¾ã™ã€‚ ãƒªãƒªãƒ¼ã‚¹ãƒãƒ¼ãƒ ã®ãƒ¡ãƒ³ãƒãƒ¼ã¯ã€åˆã‚ã¦Shadowã¨ã—ã¦å‚åŠ ã™ã‚‹äººã‹ã‚‰ã€è¤‡æ•°ã®ãƒªãƒªãƒ¼ã‚¹ã‚µã‚¤ã‚¯ãƒ«ã‚’çµŒé¨“ã—ãŸãƒ™ãƒ†ãƒ©ãƒ³ã®ãƒãƒ¼ãƒ ãƒªãƒ¼ãƒ€ãƒ¼ã¾ã§å¤šå²ã«ã‚ãŸã‚Šã¾ã™ã€‚ ãƒªãƒªãƒ¼ã‚¹ãƒªãƒ¼ãƒ‰ã®Frederico MuÃ±ozã«ã¯ã€ãƒªãƒªãƒ¼ã‚¹ãƒãƒ¼ãƒ ã‚’è¦‹äº‹ã«çŽ‡ã„ã¦ã€ã‚ã‚‰ã‚†ã‚‹äº‹æŸ„ã‚’ç´°å¿ƒã®æ³¨æ„ã‚’æ‰•ã£ã¦å‡¦ç†ã—ã€ã“ã®ãƒªãƒªãƒ¼ã‚¹ã‚’å††æ»‘ã‹ã¤åŠ¹çŽ‡çš„ã«å®Ÿè¡Œã—ã¦ãã‚ŒãŸã“ã¨ã«ã€ç‰¹åˆ¥ãªæ„Ÿè¬ã®æ„ã‚’è¡¨ã—ã¾ã™ã€‚ æœ€å¾Œã«ãªã‚Šã¾ã—ãŸãŒã€ã™ã¹ã¦ã®ãƒªãƒªãƒ¼ã‚¹ãƒ¡ãƒ³ãƒãƒ¼(ãƒªãƒ¼ãƒ‰ã¨Shadowã®åŒæ–¹)ã€ãã—ã¦14é€±é–“ã®ãƒªãƒªãƒ¼ã‚¹ä½œæ¥æœŸé–“ä¸ã«ç´ æ™´ã‚‰ã—ã„ä»•äº‹ã¨æˆæžœã‚’ä¸Šã’ã¦ãã‚ŒãŸä»¥ä¸‹ã®SIGsã«ã€å¤§ããªæ„Ÿè¬ã®æ„ã‚’è¡¨ã—ã¾ã™ï¼š

SIG Docs - ãƒ‰ã‚ãƒ¥ãƒ¡ãƒ³ãƒˆã¨ãƒ–ãƒã‚°ã®ãƒ¬ãƒ“ãƒ¥ãƒ¼ã«ãŠã‘ã‚‹åŸºæœ¬çš„ãªã‚µãƒãƒ¼ãƒˆã‚’æä¾›ã—ã€ãƒªãƒªãƒ¼ã‚¹ã®ã‚³ãƒŸãƒ¥ãƒ‹ã‚±ãƒ¼ã‚·ãƒ§ãƒ³ã¨ãƒ‰ã‚ãƒ¥ãƒ¡ãƒ³ãƒˆãƒãƒ¼ãƒ ã¨ã®ç¶™ç¶šçš„ãªå”åŠ›ã‚’è¡Œã£ã¦ãã‚Œã¾ã—ãŸã€‚
SIG K8s Infraã¨SIG Testing - å¿…è¦ãªã™ã¹ã¦ã®ã‚¤ãƒ³ãƒ•ãƒ©ã‚³ãƒ³ãƒãƒ¼ãƒãƒ³ãƒˆã¨å…±ã«ã€ãƒ†ã‚¹ãƒˆãƒ•ãƒ¬ãƒ¼ãƒ ãƒ¯ãƒ¼ã‚¯ã‚’ç¢ºå®Ÿã«ç¶æŒã™ã‚‹ãŸã‚ã®ç´ æ™´ã‚‰ã—ã„ä»•äº‹ã‚’è¡Œã£ã¦ãã‚Œã¾ã—ãŸã€‚
SIG Releaseã¨ã™ã¹ã¦ã®ãƒªãƒªãƒ¼ã‚¹ãƒžãƒãƒ¼ã‚¸ãƒ£ãƒ¼ - ãƒªãƒªãƒ¼ã‚¹å…¨ä½“ã®èª¿æ•´ã‚’é€šã˜ã¦ç´ æ™´ã‚‰ã—ã„ã‚µãƒãƒ¼ãƒˆã‚’æä¾›ã—ã€æœ€ã‚‚å›°é›£ãªèª²é¡Œã§ã‚‚é©åˆ‡ã‹ã¤ã‚¿ã‚¤ãƒ ãƒªãƒ¼ã«å¯¾å¿œã—ã¦ãã‚Œã¾ã—ãŸã€‚

ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã®é€²æ—é€Ÿåº¦

CNCFã®K8s DevStatsãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã¯ã€Kubernetesã¨æ§˜ã€…ãªã‚µãƒ–ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã®é€²æ—ã«é–¢ã™ã‚‹èˆˆå‘³æ·±ã„ãƒ‡ãƒ¼ã‚¿ãƒã‚¤ãƒ³ãƒˆã‚’é›†è¨ˆã—ã¦ã„ã¾ã™ã€‚ ã“ã‚Œã«ã¯ã€å€‹äººã®è²¢çŒ®ã‹ã‚‰è²¢çŒ®ã—ã¦ã„ã‚‹ä¼æ¥ã®æ•°ã¾ã§ã€ã“ã®ã‚¨ã‚³ã‚·ã‚¹ãƒ†ãƒ ã®é€²åŒ–ã«é–¢ã‚ã‚‹å–ã‚Šçµ„ã¿ã®æ·±ã•ã¨åºƒã•ã‚’ç¤ºã™æ§˜ã€…ãªæƒ…å ±ãŒå«ã¾ã‚Œã¦ã„ã¾ã™ã€‚

14é€±é–“(9æœˆ9æ—¥ã‹ã‚‰12æœˆ11æ—¥ã¾ã§)ç¶šã„ãŸv1.32ãƒªãƒªãƒ¼ã‚¹ã‚µã‚¤ã‚¯ãƒ«ã§ã¯ã€125ã®ç•°ãªã‚‹ä¼æ¥ã¨559ã®å€‹äººãŒKubernetesã«è²¢çŒ®ã—ã¾ã—ãŸã€‚

ã‚¯ãƒ©ã‚¦ãƒ‰ãƒã‚¤ãƒ†ã‚£ãƒ–ã‚¨ã‚³ã‚·ã‚¹ãƒ†ãƒ å…¨ä½“ã§ã¯ã€433ã®ä¼æ¥ã‹ã‚‰åˆè¨ˆ2441äººã®è²¢çŒ®è€…ãŒã„ã¾ã™ã€‚ ã“ã‚Œã¯å‰å›žã®ãƒªãƒªãƒ¼ã‚¹ã‚µã‚¤ã‚¯ãƒ«ã¨æ¯”è¼ƒã—ã¦ã€å…¨ä½“ã®è²¢çŒ®ãŒ7%å¢—åŠ ã—ã€å‚åŠ ä¼æ¥æ•°ã‚‚14%å¢—åŠ ã—ãŸã“ã¨ã‚’ç¤ºã—ã¦ãŠã‚Šã€ã‚¯ãƒ©ã‚¦ãƒ‰ãƒã‚¤ãƒ†ã‚£ãƒ–ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã«å¯¾ã™ã‚‹å¼·ã„é–¢å¿ƒã¨ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã®æ”¯æŒãŒè¡¨ã‚Œã¦ã„ã¾ã™ã€‚

ã“ã®ãƒ‡ãƒ¼ã‚¿ã®å‡ºå…¸:

ã“ã“ã§ã®è²¢çŒ®ã¨ã¯ã€ã‚³ãƒŸãƒƒãƒˆã®ä½œæˆã€ã‚³ãƒ¼ãƒ‰ãƒ¬ãƒ“ãƒ¥ãƒ¼ã€ã‚³ãƒ¡ãƒ³ãƒˆã€Issueã‚„PRã®ä½œæˆã€PR(ãƒ–ãƒã‚°ã‚„ãƒ‰ã‚ãƒ¥ãƒ¡ãƒ³ãƒˆã‚’å«ã‚€)ã®ãƒ¬ãƒ“ãƒ¥ãƒ¼ã€ã‚‚ã—ãã¯Issueã‚„PRã¸ã®ã‚³ãƒ¡ãƒ³ãƒˆã‚’æŒ‡ã—ã¾ã™ã€‚

ã‚³ãƒ³ãƒˆãƒªãƒ“ãƒ¥ãƒ¼ã‚¿ãƒ¼ã‚¦ã‚§ãƒ–ã‚µã‚¤ãƒˆã®Getting Startedã‹ã‚‰ã€è²¢çŒ®ã‚’å§‹ã‚ã‚‹æ–¹æ³•ã‚’ã”ç¢ºèªãã ã•ã„ã€‚

ã‚¤ãƒ™ãƒ³ãƒˆæƒ…å ±

2025å¹´3æœˆã‹ã‚‰6æœˆã«ã‹ã‘ã¦é–‹å‚¬äºˆå®šã®Kubernetesã¨ã‚¯ãƒ©ã‚¦ãƒ‰ãƒã‚¤ãƒ†ã‚£ãƒ–é–¢é€£ã®ã‚¤ãƒ™ãƒ³ãƒˆã‚’ã”ç´¹ä»‹ã—ã¾ã™ã€‚ KubeConã€KCDã€ãã®ä»–ä¸–ç•Œå„åœ°ã§é–‹å‚¬ã•ã‚Œã‚‹æ³¨ç›®ã®ã‚«ãƒ³ãƒ•ã‚¡ãƒ¬ãƒ³ã‚¹ãŒå«ã¾ã‚Œã¦ã„ã¾ã™ã€‚ Kubernetesã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã®æœ€æ–°æƒ…å ±ã‚’å…¥æ‰‹ã—ã€äº¤æµã‚’æ·±ã‚ã¾ã—ã‚‡ã†ã€‚

2025å¹´3æœˆ

KCD - Kubernetes Community Days: Beijing, China: 3æœˆ | åŒ—äº¬(ä¸å›½)

2025å¹´4æœˆ

KubeCon + CloudNativeCon Europe 2025: 2025å¹´4æœˆ1æ—¥-4æ—¥ | ãƒãƒ³ãƒ‰ãƒ³(ã‚¤ã‚®ãƒªã‚¹)
KCD - Kubernetes Community Days: Budapest, Hungary: 2025å¹´4æœˆ23æ—¥ | ãƒ–ãƒ€ãƒšã‚¹ãƒˆ(ãƒãƒ³ã‚¬ãƒªãƒ¼)
KCD - Kubernetes Community Days: Chennai, India: 2025å¹´4æœˆ26æ—¥ | ãƒã‚§ãƒ³ãƒŠã‚¤(ã‚¤ãƒ³ãƒ‰)
KCD - Kubernetes Community Days: Auckland, New Zealand: 2025å¹´4æœˆ28æ—¥ | ã‚ªãƒ¼ã‚¯ãƒ©ãƒ³ãƒ‰(ãƒ‹ãƒ¥ãƒ¼ã‚¸ãƒ¼ãƒ©ãƒ³ãƒ‰)

2025å¹´5æœˆ

KCD - Kubernetes Community Days: Austin, USA: 2025å¹´5æœˆ15æ—¥ | ã‚ªãƒ¼ã‚¹ãƒ†ã‚£ãƒ³(ã‚¢ãƒ¡ãƒªã‚«)
KCD - Kubernetes Community Days: Seoul, South Korea: 2025å¹´5æœˆ22æ—¥ | ã‚½ã‚¦ãƒ«(éŸ“å›½)
KCD - Kubernetes Community Days: Istanbul, Turkey: 2025å¹´5æœˆ23æ—¥ | ã‚¤ã‚¹ã‚¿ãƒ³ãƒ–ãƒ¼ãƒ«(ãƒˆãƒ«ã‚³)
KCD - Kubernetes Community Days: Heredia, Costa Rica: 2025å¹´5æœˆ31æ—¥ | ã‚¨ãƒ¬ãƒ‡ã‚£ã‚¢(ã‚³ã‚¹ã‚¿ãƒªã‚«)
KCD - Kubernetes Community Days: New York, USA: 2025å¹´5æœˆ | ãƒ‹ãƒ¥ãƒ¼ãƒ¨ãƒ¼ã‚¯(ã‚¢ãƒ¡ãƒªã‚«)

2025å¹´6æœˆ

KCD - Kubernetes Community Days: Bangalore, India: 2025å¹´6æœˆ6æ—¥ | ãƒãƒ³ã‚¬ãƒãƒ¼ãƒ«(ã‚¤ãƒ³ãƒ‰)
KubeCon + CloudNativeCon China 2025: 2025å¹´6æœˆ10æ—¥-11æ—¥ | é¦™æ¸¯
KCD - Kubernetes Community Days: Antigua Guatemala, Guatemala: 2025å¹´6æœˆ14æ—¥ | ã‚¢ãƒ³ãƒ†ã‚£ã‚°ã‚¢ ã‚°ã‚¢ãƒ†ãƒžãƒ©(ã‚°ã‚¢ãƒ†ãƒžãƒ©)
KubeCon + CloudNativeCon Japan 2025: 2025å¹´6æœˆ16æ—¥-17æ—¥ | æ±äº¬(æ—¥æœ¬)
KCD - Kubernetes Community Days: Nigeria, Africa: 2025å¹´6æœˆ19æ—¥ | ãƒŠã‚¤ã‚¸ã‚§ãƒªã‚¢

æ¬¡æœŸãƒªãƒªãƒ¼ã‚¹ã«é–¢ã™ã‚‹ã‚¦ã‚§ãƒ“ãƒŠãƒ¼ã®ãŠçŸ¥ã‚‰ã›

2025å¹´1æœˆ9æ—¥(æœ¨)åˆå¾Œ5æ™‚(å¤ªå¹³æ´‹æ™‚é–“) ã«é–‹å‚¬ã•ã‚Œã‚‹Kubernetes v1.32ãƒªãƒªãƒ¼ã‚¹ãƒãƒ¼ãƒ ãƒ¡ãƒ³ãƒãƒ¼ã«ã‚ˆã‚‹ã‚¦ã‚§ãƒ“ãƒŠãƒ¼ã«ã”å‚åŠ ãã ã•ã„ã€‚ ã“ã®ãƒªãƒªãƒ¼ã‚¹ã®ä¸»è¦ãªæ©Ÿèƒ½ã‚„ã€ã‚¢ãƒƒãƒ—ã‚°ãƒ¬ãƒ¼ãƒ‰è¨ˆç”»ã«å½¹ç«‹ã¤éžæŽ¨å¥¨åŒ–ãŠã‚ˆã³å‰Šé™¤ã•ã‚ŒãŸæ©Ÿèƒ½ã«ã¤ã„ã¦å¦ã¶ã“ã¨ãŒã§ãã¾ã™ã€‚ è©³ç´°ãŠã‚ˆã³å‚åŠ ç™»éŒ²ã«ã¤ã„ã¦ã¯ã€CNCFã‚ªãƒ³ãƒ©ã‚¤ãƒ³ãƒ—ãƒã‚°ãƒ©ãƒ ã‚µã‚¤ãƒˆã®ã‚¤ãƒ™ãƒ³ãƒˆãƒšãƒ¼ã‚¸ã‚’ã”è¦§ãã ã•ã„ã€‚

å‚åŠ æ–¹æ³•

Kubernetesã«é–¢ã‚ã‚‹æœ€ã‚‚ç°¡å˜ãªæ–¹æ³•ã¯ã€ã‚ãªãŸã®èˆˆå‘³ã«åˆã£ãŸSpecial Interest Groups(SIG)ã®ã„ãšã‚Œã‹ã«å‚åŠ ã™ã‚‹ã“ã¨ã§ã™ã€‚ Kubernetesã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã«å‘ã‘ã¦ä½•ã‹ç™ºä¿¡ã—ãŸã„ã“ã¨ã¯ã‚ã‚Šã¾ã™ã‹ï¼Ÿ æ¯Žé€±ã®ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ãƒŸãƒ¼ãƒ†ã‚£ãƒ³ã‚°ã‚„ã€ä»¥ä¸‹ã®ãƒãƒ£ãƒ³ãƒãƒ«ã§ã‚ãªãŸã®å£°ã‚’å…±æœ‰ã—ã¦ãã ã•ã„ã€‚ ç¶™ç¶šçš„ãªãƒ•ã‚£ãƒ¼ãƒ‰ãƒãƒƒã‚¯ã¨ã‚µãƒãƒ¼ãƒˆã«æ„Ÿè¬ã„ãŸã—ã¾ã™ã€‚

Discussã§ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ãƒ‡ã‚£ã‚¹ã‚«ãƒƒã‚·ãƒ§ãƒ³ã«å‚åŠ ã—ã¦ãã ã•ã„
Slackã§ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã«å‚åŠ ã—ã¦ãã ã•ã„
Stack Overflowã§è³ªå•ã—ãŸã‚Šã€å›žç”ã—ãŸã‚Šã—ã¦ãã ã•ã„
ã‚ãªãŸã®Kubernetesã«é–¢ã™ã‚‹ã‚¹ãƒˆãƒ¼ãƒªãƒ¼ã‚’å…±æœ‰ã—ã¦ãã ã•ã„
Kubernetesãƒªãƒªãƒ¼ã‚¹ãƒãƒ¼ãƒ ã«ã¤ã„ã¦ã‚‚ã£ã¨å¦ã‚“ã§ãã ã•ã„

Kubernetes Upstream Training in Japanã®å–ã‚Šçµ„ã¿ã®ç´¹ä»‹

Mon, 28 Oct 2024 00:00:00 +0000

ç§ãŸã¡ã¯ã€Kubernetes Upstream Training in Japanã®ã‚ªãƒ¼ã‚¬ãƒŠã‚¤ã‚¶ãƒ¼ãƒãƒ¼ãƒ ã§ã™ã€‚ ãƒãƒ¼ãƒ ã¯ã€Kubernetesã¸ã®ã‚³ãƒ³ãƒˆãƒªãƒ“ãƒ¥ãƒ¼ã‚·ãƒ§ãƒ³ã‚’ç¶šã‘ã‚‹ãƒ¡ãƒ³ãƒãƒ¼ã§æ§‹æˆã•ã‚Œã€ãã®ä¸ã«ã¯Reviewerã‚„Approverã€Chairã¨ã„ã£ãŸå½¹å‰²ã‚’æ‹…ã†äººã€…ã‚‚å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚

ç§ãŸã¡ã®ç›®æ¨™ã¯ã€Kubernetesã®ã‚³ãƒ³ãƒˆãƒªãƒ“ãƒ¥ãƒ¼ã‚¿ãƒ¼ã‚’å¢—ã‚„ã—ã€ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã®æˆé•·ã‚’ä¿ƒé€²ã™ã‚‹ã“ã¨ã§ã™ã€‚Kubernetesã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã¯è¦ªåˆ‡ã§å”åŠ›çš„ã§ã™ãŒã€åˆã‚ã¦ã®è²¢çŒ®ã¯ã‚„ã‚„ãƒãƒ¼ãƒ‰ãƒ«ãŒé«˜ã„ã¨æ„Ÿã˜ã‚‹æ–¹ã‚‚ã„ã¾ã™ã€‚ç§ãŸã¡ã®ãƒˆãƒ¬ãƒ¼ãƒ‹ãƒ³ã‚°ãƒ—ãƒã‚°ãƒ©ãƒ ã¯ã€ãã®ãƒãƒ¼ãƒ‰ãƒ«ã‚’ä¸‹ã’ã€åˆå¿ƒè€…ã§ã‚‚ã‚¹ãƒ ãƒ¼ã‚ºã«å‚åŠ ã§ãã‚‹ç’°å¢ƒã‚’æä¾›ã™ã‚‹ã“ã¨ã‚’ç›®çš„ã¨ã—ã¦ã„ã¾ã™ã€‚

Kubernetes Upstream Training in Japanã¨ã¯ï¼Ÿ

Kubernetes Upstream Training in Japanã¯2019å¹´ã‹ã‚‰å§‹ã¾ã‚Šã€å¹´ã«1ã€œ2å›žã®ãƒšãƒ¼ã‚¹ã§é–‹å‚¬ã•ã‚Œã¦ã„ã¾ã™ã€‚ å½“åˆã€Kubernetes Upstream Trainingã¯KubeConã®co-locatedã‚¤ãƒ™ãƒ³ãƒˆ(Kubernetes Contributor Summit)ã®ä¸ã§å®Ÿæ–½ã•ã‚Œã¦ã„ã¾ã—ãŸãŒã€åŒæ§˜ã®ã‚¤ãƒ™ãƒ³ãƒˆã‚’æ—¥æœ¬ã§ã‚‚è¡Œã£ã¦æ—¥æœ¬äººã®ã‚³ãƒ³ãƒˆãƒªãƒ“ãƒ¥ãƒ¼ã‚¿ãƒ¼ã‚’å¢—ã‚„ã—ãŸã„ã¨ã„ã†æ€ã„ã‹ã‚‰ã€ç§ãŸã¡ã¯Kubernetes Upstream Training in Japanã‚’ç«‹ã¡ä¸Šã’ã¾ã—ãŸã€‚

ãƒ‘ãƒ³ãƒ‡ãƒŸãƒƒã‚¯ä»¥å‰ã¯å¯¾é¢å½¢å¼ã§è¡Œã‚ã‚Œã¦ã„ã¾ã—ãŸãŒã€2020å¹´ä»¥é™ã¯ã‚ªãƒ³ãƒ©ã‚¤ãƒ³ã§é–‹å‚¬ã—ã¦ã„ã¾ã™ã€‚ ãƒˆãƒ¬ãƒ¼ãƒ‹ãƒ³ã‚°ã§ã¯ã€Kubernetesã«ã¾ã ã‚³ãƒ³ãƒˆãƒªãƒ“ãƒ¥ãƒ¼ã‚·ãƒ§ãƒ³ã‚’ã—ãŸã“ã¨ãŒãªã„æ–¹ã€…ã«å‘ã‘ã¦ã€ä»¥ä¸‹ã®ã‚ˆã†ãªå†…å®¹ã‚’æä¾›ã—ã¦ã„ã¾ã™ã€‚

Kubernetesã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã®ç´¹ä»‹
Kubernetesã®ã‚³ãƒ¼ãƒ‰ãƒ™ãƒ¼ã‚¹ã®ç´¹ä»‹ã¨ã€PRã®ä½œæˆæ–¹æ³•
é–‹ç™ºç’°å¢ƒã®ã‚»ãƒƒãƒˆã‚¢ãƒƒãƒ—æ–¹æ³•
kubernetes-sigs/contributor-playgroundã‚’ä½¿ç”¨ã—ãŸãƒãƒ³ã‚ºã‚ªãƒ³

ãƒ—ãƒã‚°ãƒ©ãƒ ã®æœ€åˆã«ã€ãªãœKubernetesã«ã‚³ãƒ³ãƒˆãƒªãƒ“ãƒ¥ãƒ¼ã‚·ãƒ§ãƒ³ã™ã‚‹ã®ã‹ã€ã ã‚ŒãŒKubernetesã«ã‚³ãƒ³ãƒˆãƒªãƒ“ãƒ¥ãƒ¼ã‚·ãƒ§ãƒ³ã§ãã‚‹ã®ã‹ã‚’ä¼ãˆã¾ã™ã€‚ Kubernetesã«è²¢çŒ®ã™ã‚‹ã“ã¨ã¯ã€ä¸–ç•Œä¸ã«ã‚¤ãƒ³ãƒ‘ã‚¯ãƒˆã®ã‚ã‚‹è²¢çŒ®ãŒã§ãã‚‹ã“ã¨ã€ãã—ã¦Kuberenetesã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã¯ã¿ãªã•ã‚“ã‹ã‚‰ã®ã‚³ãƒ³ãƒˆãƒªãƒ“ãƒ¥ãƒ¼ã‚·ãƒ§ãƒ³ã‚’æ¥½ã—ã¿ã«ã—ã¦ã„ã‚‹ã“ã¨ã‚’ä¼ãˆã¾ã™ï¼

Kubernetesã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã‚„SIGã€Working Groupã«ã¤ã„ã¦èª¬æ˜Žã—ã¾ã™ã€‚ ã¾ãŸã€ç§ãŸã¡ãŒä¸»ã«ã‚³ãƒŸãƒ¥ãƒ‹ã‚±ãƒ¼ã‚·ãƒ§ãƒ³ã®ãŸã‚ã«ç”¨ã„ã‚‹Slackã‚„GitHubã€ãƒ¡ãƒ¼ãƒªãƒ³ã‚°ãƒªã‚¹ãƒˆã«ã¤ã„ã¦èª¬æ˜Žã—ã¾ã™ã€‚ æ—¥æœ¬èªžã‚’è©±ã™äººã®ä¸ã«ã¯ã€è‹±èªžã«ã‚ˆã‚‹ã‚³ãƒŸãƒ¥ãƒ‹ã‚±ãƒ¼ã‚·ãƒ§ãƒ³ã«éšœå£ã‚’æ„Ÿã˜ã‚‹äººã‚‚ã„ã¾ã™ã€‚ ã¾ãŸã€ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã«åˆã‚ã¦å‚åŠ ã™ã‚‹äººã¯ã€ã©ã“ã§ã©ã®ã‚ˆã†ãªã‚³ãƒŸãƒ¥ãƒ‹ã‚±ãƒ¼ã‚·ãƒ§ãƒ³ãŒè¡Œã‚ã‚Œã¦ã„ã‚‹ã®ã‹çŸ¥ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚ ã‚‚ã¡ã‚ã‚“ã€ç§ãŸã¡ãŒãƒˆãƒ¬ãƒ¼ãƒ‹ãƒ³ã‚°ã®ä¸ã§æœ€ã‚‚å¤§åˆ‡ã«ã—ã¦ã„ã‚‹ã“ã¨ã¯ç¬¬ä¸€æ©ã‚’è¸ã¿å‡ºã™ã“ã¨ã§ã™ï¼

æ¬¡ã«ã€Memberã€Reviewerã€Approverã€Tech leadã‚„Chairã¨ã„ã£ãŸå½¹å‰²ã‚„è²¬ä»»ã«ã¤ã„ã¦èª¬æ˜Žã—ã¾ã™ã€‚

ãã®å¾Œã€Kubernetesã®ã‚³ãƒ¼ãƒ‰ãƒ™ãƒ¼ã‚¹ã®æ§‹æˆã€ä¸»è¦ãªãƒªãƒã‚¸ãƒˆãƒªã€PRã®ä½œæˆæ–¹æ³•ã€Prowã‚’ä½¿ã£ãŸCI/CDã®ä»•çµ„ã¿ãªã©ã‚’è§£èª¬ã—ã¾ã™ã€‚ PRãŒä½œæˆã•ã‚Œã¦ã‹ã‚‰ãƒžãƒ¼ã‚¸ã•ã‚Œã‚‹ã¾ã§ã®ãƒ—ãƒã‚»ã‚¹ã«ã¤ã„ã¦è©³ã—ãèª¬æ˜Žã—ã¾ã™ã€‚

ã„ãã¤ã‹ã®è¬›ç¾©ã‚’è¡Œã£ãŸå¾Œã€å®Ÿéš›ã«å‚åŠ è€…ã«ã¯ã€kubernetes-sigs/contributor-playgroundã‚’ä½¿ç”¨ã—ãŸãƒãƒ³ã‚ºã‚ªãƒ³ã‚’è¡Œã„ã€ç°¡å˜ãªPRã®ä½œæˆã‚’ä½“é¨“ã—ã¦ã‚‚ã‚‰ã„ã¾ã™ã€‚ ã“ã‚Œã«ã‚ˆã‚Šã€Kubernetesã¸ã®ã‚³ãƒ³ãƒˆãƒªãƒ“ãƒ¥ãƒ¼ã‚·ãƒ§ãƒ³ã®æµã‚Œã‚’å®Ÿæ„Ÿã—ã¦ã‚‚ã‚‰ã†ã“ã¨ãŒç›®çš„ã§ã™ã€‚

ãƒ—ãƒã‚°ãƒ©ãƒ ã®æœ€å¾Œã«ã¯ã€ãƒãƒ¼ã‚«ãƒ«ã§ã®ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼æ§‹ç¯‰ã€ã‚³ãƒ¼ãƒ‰ã®ãƒ“ãƒ«ãƒ‰ã€åŠ¹çŽ‡çš„ãªãƒ†ã‚¹ãƒˆå®Ÿè¡Œæ–¹æ³•ãªã©ã€kubernetes/kubernetesãƒªãƒã‚¸ãƒˆãƒªã«è²¢çŒ®ã™ã‚‹ãŸã‚ã®å…·ä½“çš„ãªé–‹ç™ºç’°å¢ƒã®ã‚»ãƒƒãƒˆã‚¢ãƒƒãƒ—ã«ã¤ã„ã¦ã‚‚è§£èª¬ã—ã¾ã™ã€‚

å‚åŠ è€…ã¸ã®ã‚¤ãƒ³ã‚¿ãƒ“ãƒ¥ãƒ¼

ç§ãŸã¡ã®ãƒˆãƒ¬ãƒ¼ãƒ‹ãƒ³ã‚°ãƒ—ãƒã‚°ãƒ©ãƒ ã«å‚åŠ ã—ãŸæ–¹ã€…ã«ã‚¤ãƒ³ã‚¿ãƒ“ãƒ¥ãƒ¼ã‚’è¡Œã„ã¾ã—ãŸã€‚ å‚åŠ ã—ãŸç†ç”±ã‚„æ„Ÿæƒ³ã€ãã—ã¦ä»Šå¾Œã®ç›®æ¨™ã«ã¤ã„ã¦ä¼ºã„ã¾ã—ãŸã€‚

Keita Mochizukiã•ã‚“ï¼ˆNTT DATA Group Corporationï¼‰

Keita Mochizukiã•ã‚“ã¯ã€Kubernetesã‚„å‘¨è¾ºã®ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã¸ç¶™ç¶šçš„ã«è²¢çŒ®ã—ã¦ã„ã‚‹ã‚³ãƒ³ãƒˆãƒªãƒ“ãƒ¥ãƒ¼ã‚¿ãƒ¼ã§ã™ã€‚ Keitaã•ã‚“ã¯ã€ã‚³ãƒ³ãƒ†ãƒŠã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£ã®ãƒ—ãƒãƒ•ã‚§ãƒƒã‚·ãƒ§ãƒŠãƒ«ã§ã‚‚ã‚ã‚Šã€æœ€è¿‘ã¯æ›¸ç±ã®å‡ºç‰ˆã‚’è¡Œã„ã¾ã—ãŸã€‚ ã¾ãŸã€æ–°è¦ã‚³ãƒ³ãƒˆãƒªãƒ“ãƒ¥ãƒ¼ã‚¿ãƒ¼ã®ãŸã‚ã®ãƒãƒ¼ãƒ‰ãƒžãƒƒãƒ—ã‚’å…¬é–‹ã—ã¦ãŠã‚Šã€ã“ã‚Œã¯æ–°ãŸãªã‚³ãƒ³ãƒˆãƒªãƒ“ãƒ¥ãƒ¼ã‚¿ãƒ¼ã«ã¨ã£ã¦éžå¸¸ã«å½¹ç«‹ã¤ã‚‚ã®ã§ã™ã€‚

Junya: ãªãœKubernetes Upstream Trainingã«å‚åŠ ã—ã‚ˆã†ã¨æ€ã„ã¾ã—ãŸã‹ï¼Ÿ

Keita: å®Ÿã¯ç§ã¯2020å¹´ã¨2022å¹´ã®2å›žå‚åŠ ã—ã¾ã—ãŸã€‚2020å¹´ã¯k8sã«è§¦ã‚Œå§‹ã‚ãŸã°ã‹ã‚Šã§ã€ç¤¾å¤–æ´»å‹•ã«å‚åŠ ã—ã¦ã¿ã‚ˆã†ã¨æ€ã„ã€å¶ç„¶Twitterã§è¦‹ã‹ã‘ã¦ç”³ã—è¾¼ã¿ã¾ã—ãŸã€‚ã—ã‹ã—ã€å½“æ™‚ã¯çŸ¥è˜ã‚‚æµ…ãã€OSSã«PRã‚’é€ã‚‹ã“ã¨è‡ªä½“ãŒé›²ã®ä¸Šã®å˜åœ¨ã®ã‚ˆã†ã«æ„Ÿã˜ã¦ã„ã¾ã—ãŸã€‚ãã®ãŸã‚ã€å—è¬›å¾Œã®ç†è§£åº¦ã¯æµ…ãã€ãªã‚“ã¨ãªãã€Œãµãƒ¼ã‚“ã€ã¨ã„ã†æ„Ÿè¦šã§ã—ãŸã€‚

2å›žç›®ã®2022å¹´ã¯ã€å…·ä½“çš„ã«ã‚³ãƒ³ãƒˆãƒªãƒ“ãƒ¥ãƒ¼ã‚·ãƒ§ãƒ³ã‚’å§‹ã‚ã‚ˆã†ã¨ã—ã¦ã„ãŸã‚¿ã‚¤ãƒŸãƒ³ã‚°ã§ã€å†åº¦å‚åŠ ã—ã¾ã—ãŸã€‚ã“ã®æ™‚ã¯äº‹å‰èª¿æŸ»ã‚‚è¡Œã„ã€ç–‘å•ç‚¹ã‚’è¬›ç¾©ä¸ã«è§£æ±ºã§ããŸã®ã§ã€éžå¸¸ã«å®Ÿã‚Šã‚ã‚‹æ™‚é–“ã‚’éŽã”ã›ã¾ã—ãŸã€‚

Keita: ã“ã®ãƒˆãƒ¬ãƒ¼ãƒ‹ãƒ³ã‚°ã¯å‚åŠ è€…ã®ã‚¹ã‚¿ãƒ³ã‚¹æ¬¡ç¬¬ã§ãã®æ„ç¾©ãŒå¤§ããå¤‰ã‚ã‚‹ã‚‚ã®ã ã¨æ„Ÿã˜ã¾ã—ãŸã€‚ãƒˆãƒ¬ãƒ¼ãƒ‹ãƒ³ã‚°è‡ªä½“ã¯ä¸€èˆ¬çš„ãªè§£èª¬ã¨ç°¡å˜ãªãƒãƒ³ã‚ºã‚ªãƒ³ã§æ§‹æˆã•ã‚Œã¦ã„ã¾ã™ãŒã€ã“ã®ãƒˆãƒ¬ãƒ¼ãƒ‹ãƒ³ã‚°ã«å‚åŠ ã—ãŸã‹ã‚‰ã¨ã„ã£ã¦ã€ã™ãã«ã‚³ãƒ³ãƒˆãƒªãƒ“ãƒ¥ãƒ¼ã‚·ãƒ§ãƒ³ãŒã§ãã‚‹ã‹ã¨ã„ã†ã¨ã€ãã†ç°¡å˜ã§ã¯ã‚ã‚Šã¾ã›ã‚“ã€‚ã—ã‹ã—ã€ã‚‚ã—äº‹å‰ã«è‡ªåˆ†ãŒä»Šå¾Œã‚³ãƒ³ãƒˆãƒªãƒ“ãƒ¥ãƒ¼ã‚·ãƒ§ãƒ³ã‚’è¡Œã†ã‚¤ãƒ¡ãƒ¼ã‚¸ã‚’ãªã‚“ã¨ãªãã§ã‚‚æŒã£ã¦ã„ãŸã‚Šã€å…·ä½“çš„ãªç–‘å•ã‚„èª²é¡Œã‚’æ˜Žç¢ºã«ã—ã¦ãŠãã“ã¨ãŒã§ãã‚Œã°ã€è¬›å¸«ã®æ–¹ã€…ãŒå®Ÿéš›ã«ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã§åŸ¹ã£ãŸè²´é‡ãªãƒŽã‚¦ãƒã‚¦ã‚’æ´»ã‹ã—ã¦ã€ãã‚Œã‚‰ã«å¯¾ã—ã¦ä¸å¯§ã«å¿œãˆã¦ãã‚Œã‚‹ãŸã‚ã€å¤§å¤‰æœ‰æ„ç¾©ãªãƒˆãƒ¬ãƒ¼ãƒ‹ãƒ³ã‚°ã«ãªã‚‹ã¨æ€ã„ã¾ã™ã€‚

Junya: ã‚³ãƒ³ãƒˆãƒªãƒ“ãƒ¥ãƒ¼ã‚·ãƒ§ãƒ³ã®ç›®çš„ã¯ä½•ã§ã™ã‹ï¼Ÿ

Keita: æœ€åˆã®ãƒ¢ãƒãƒ™ãƒ¼ã‚·ãƒ§ãƒ³ã¯ã€ŒKubernetesã®æ·±ã„ç†è§£ã¨å®Ÿç¸¾ã®ç²å¾—ã€ã§ã€ã¤ã¾ã‚Šã€Œã‚³ãƒ³ãƒˆãƒªãƒ“ãƒ¥ãƒ¼ã‚·ãƒ§ãƒ³ãã®ã‚‚ã®ãŒç›®çš„ã€ã§ã—ãŸã€‚ ç¾åœ¨ã¯ã“ã‚Œã«åŠ ãˆã€æ¥å‹™ã§ç™ºè¦‹ã—ãŸãƒã‚°ã‚„åˆ¶ç´„ã¸ã®å¯¾å¿œã‚’ç›®çš„ã«ã‚³ãƒ³ãƒˆãƒªãƒ“ãƒ¥ãƒ¼ã‚·ãƒ§ãƒ³ã‚’è¡Œã†ã“ã¨ã‚‚ã‚ã‚Šã¾ã™ã€‚ã¾ãŸã€ã‚³ãƒ³ãƒˆãƒªãƒ“ãƒ¥ãƒ¼ã‚·ãƒ§ãƒ³æ´»å‹•ã‚’é€šã˜ã¦ã€ãƒ‰ã‚ãƒ¥ãƒ¡ãƒ³ãƒˆåŒ–ã•ã‚Œã¦ã„ãªã„ä»•æ§˜ã‚’ã‚½ãƒ¼ã‚¹ã‚³ãƒ¼ãƒ‰ã‹ã‚‰è§£æžã™ã‚‹ã“ã¨ã¸ã®æŠµæŠ—ãŒä»¥å‰ã‚ˆã‚Šã‚‚å°‘ãªããªã‚Šã¾ã—ãŸã€‚

Junya: ã‚³ãƒ³ãƒˆãƒªãƒ“ãƒ¥ãƒ¼ã‚·ãƒ§ãƒ³ã‚’ã™ã‚‹ä¸ã§ã€é›£ã—ã‹ã£ãŸã“ã¨ã¯ä½•ã§ã™ã‹ï¼Ÿ

Keita: æœ€ã‚‚é›£ã—ã‹ã£ãŸã®ã¯ã€æœ€åˆã®ä¸€æ©ã‚’è¸ã¿å‡ºã™ã“ã¨ã§ã—ãŸã€‚OSSã¸ã®ã‚³ãƒ³ãƒˆãƒªãƒ“ãƒ¥ãƒ¼ã‚·ãƒ§ãƒ³ã«ã¯ä¸€å®šã®çŸ¥è˜ã‚„ãƒŽã‚¦ãƒã‚¦ãŒå¿…è¦ã¨ãªã‚‹ãŸã‚ã€æœ¬ãƒˆãƒ¬ãƒ¼ãƒ‹ãƒ³ã‚°ã‚’ã¯ã˜ã‚ã€ã•ã¾ã–ã¾ãªãƒªã‚½ãƒ¼ã‚¹ã®æ´»ç”¨ã‚„äººã‹ã‚‰ã®ã‚µãƒãƒ¼ãƒˆãŒä¸å¯æ¬ ã§ã—ãŸã€‚ãã®ä¸ã§ã€ã€Œæœ€åˆã®ä¸€æ©ã‚’è¸ã¿å‡ºã™ã¨ã€ã‚ã¨ã¯ã©ã‚“ã©ã‚“å‰ã«é€²ã‚ã‚‹ã€ã¨ã„ã†è¨€è‘‰ãŒå¼·ãå°è±¡ã«æ®‹ã£ã¦ã„ã¾ã™ã€‚ã¾ãŸã€æ¥å‹™ã¨ã—ã¦ã‚³ãƒ³ãƒˆãƒªãƒ“ãƒ¥ãƒ¼ã‚·ãƒ§ãƒ³ã‚’ç¶šã‘ã‚‹ä¸Šã§ä¸€ç•ªé›£ã—ã„ã®ã¯ã€ãã®æˆæžœã‚’æ¥ç¸¾ã¨ã—ã¦ç¤ºã™ã“ã¨ã§ã™ã€‚ç¶™ç¶šçš„ã«å–ã‚Šçµ„ã‚€ãŸã‚ã«ã¯äº‹æ¥ç›®æ¨™ã‚„æˆ¦ç•¥ã¨é–¢é€£ä»˜ã‘ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ãŒã€Upstreamã¸ã®Contributionã¯å¿…ãšã—ã‚‚çŸæœŸçš„ã«æ¥ç¸¾ã«ç¹‹ãŒã‚‹ã‚±ãƒ¼ã‚¹ã°ã‹ã‚Šã§ã¯ãªã„ãŸã‚ã€ãã®ã“ã¨ã‚’ãƒžãƒãƒ¼ã‚¸ãƒ£ãƒ¼ã¨ååˆ†ã«èªè˜ã‚’åˆã‚ã›ã€ç†è§£ã‚’å¾—ã‚‹ã“ã¨ãŒé‡è¦ã§ã‚ã‚‹ã¨è€ƒãˆã¦ã„ã¾ã™ã€‚

Junya: ä»Šå¾Œã®ç›®æ¨™ã¯ä½•ã§ã™ã‹ï¼Ÿ

Keita: ã‚ˆã‚Šã‚¤ãƒ³ãƒ‘ã‚¯ãƒˆã®ã‚ã‚‹é ˜åŸŸã«ã‚³ãƒ³ãƒˆãƒªãƒ“ãƒ¥ãƒ¼ã‚·ãƒ§ãƒ³ã™ã‚‹ã“ã¨ã§ã™ã€‚ã“ã‚Œã¾ã§ã¯å®Ÿç¸¾ã‚’å¾—ã‚‹ã“ã¨ã‚’ä¸»ç›®çš„ã¨ã—ã¦ã„ãŸãŸã‚æ¯”è¼ƒçš„å°ã•ãªå€‹ã€…ã®ãƒã‚°ç‰ã‚’ä¸å¿ƒã«ã‚³ãƒ³ãƒˆãƒªãƒ“ãƒ¥ãƒ¼ã‚·ãƒ§ãƒ³ã‚’è¡Œã†ã“ã¨ãŒå¤šã‹ã£ãŸã®ã§ã™ãŒã€ä»Šå¾Œã¯Kubernetesã®ãƒ¦ãƒ¼ã‚¶ãƒ¼ã«å¯¾ã—ã¦å½±éŸ¿åº¦ã®é«˜ã„ã‚‚ã®ã‚„ã€æ¥å‹™ä¸Šã®èª²é¡Œè§£æ±ºã«ç¹‹ãŒã‚‹ã‚‚ã®ã«æŒ‘æˆ¦ã®å¹…ã‚’åºƒã’ãŸã„ã¨æ€ã£ã¦ã„ã¾ã™ã€‚æœ€è¿‘ã¯è‡ªèº«ãŒã‚³ãƒ¼ãƒ‰ãƒ™ãƒ¼ã‚¹ã®é–‹ç™ºã‚„ä¿®æ£ã«æºã‚ã£ãŸå†…å®¹ã‚’å…¬å¼ãƒ‰ã‚ãƒ¥ãƒ¡ãƒ³ãƒˆã«åæ˜ ã™ã‚‹ã¨è¨€ã†ã“ã¨ã‚‚è¡Œã£ã¦ã„ã¾ã™ãŒã€ã“ã‚Œã‚‚ç›®æ¨™ã«å‘ã‘ã¦ã®1æ©ã ã¨è€ƒãˆã¦ã„ã¾ã™ã€‚

Junya: ã‚ã‚ŠãŒã¨ã†ã”ã–ã„ã¾ã—ãŸï¼

Yoshiki Fujikaneã•ã‚“ï¼ˆCyberAgent, Inc.ï¼‰

Yoshiki Fujikaneã•ã‚“ã¯ã€CNCFã®Sandboxãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã®ã²ã¨ã‚Šã§ã‚ã‚‹PipeCDã®ãƒ¡ãƒ³ãƒ†ãƒŠã®ã²ã¨ã‚Šã§ã™ã€‚ PipeCDã®Kubernetesã‚µãƒãƒ¼ãƒˆã«é–¢ã™ã‚‹æ–°æ©Ÿèƒ½ã®é–‹ç™ºã®ä»–ã«ã€ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£é‹å–¶ã‚„ã€å„ç¨®æŠ€è¡“ã‚«ãƒ³ãƒ•ã‚¡ãƒ¬ãƒ³ã‚¹ã¸ã®ç™»å£‡ã‚‚ç©æ¥µçš„ã«è¡Œã£ã¦ã„ã¾ã™ã€‚

Junya: ãªãœKubernetes Upstream Trainingã«å‚åŠ ã—ã‚ˆã†ã¨æ€ã„ã¾ã—ãŸã‹ï¼Ÿ

Yoshiki: å‚åŠ ã—ãŸå½“æ™‚ã¯ã¾ã å¦ç”Ÿæ™‚ä»£ã§ã—ãŸã€‚ãã®æ™‚ã¯EKSã‚’è»½ãè§¦ã£ã¦ã„ãŸã ã‘ã§ã—ãŸãŒã€ãªã‚“ã‹é›£ã—ã„ã‘ã©ã‹ã£ã“ã„ã„ãªï¼ã¨k8sè‡ªä½“ã«èˆˆå‘³ã‚’ãµã‚“ã‚ã‚Šã¨æŒã£ã¦ã„ã‚‹çŠ¶æ…‹ã§ã—ãŸã€‚å½“æ™‚ã¯æœ¬å½“ã«OSSã¯é›²ã®ä¸Šã®å˜åœ¨ã§ã€ã¾ã—ã¦ã‚„k8sã®upstreamã®é–‹ç™ºãªã‚“ã¦ã™ã”ã™ãŽã¦æ‰‹ã®å±Šã‹ãªã„å˜åœ¨ã ã¨æ€ã£ã¦ã¾ã—ãŸã€‚OSSã«ã¯ã‚‚ã¨ã‚‚ã¨èˆˆå‘³ãŒã‚ã£ãŸã®ã§ã™ãŒã€ä½•ã‹ã‚‰å§‹ã‚ã‚Œã°ã„ã„ã®ã‹ã‚ã‹ã‚‰ãªã‹ã£ãŸã§ã™ã€‚ãã‚“ãªæ™‚ã«kubernetes upstream trainingã®å˜åœ¨ã‚’çŸ¥ã£ã¦ã€k8sã¸ã®ã‚³ãƒ³ãƒˆãƒªãƒ“ãƒ¥ãƒ¼ã‚·ãƒ§ãƒ³ã«æŒ‘æˆ¦ã—ã¦ã¿ã‚ˆã†ã¨æ€ã„ã¾ã—ãŸã€‚

Yoshiki: OSSã«é–¢ã‚ã‚‹ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ãŒã©ã‚“ãªã‚‚ã®ã‹ã‚’çŸ¥ã‚‹ã‚ãƒƒã‚«ã‚±ã¨ã—ã¦ã¨ã¦ã‚‚ã‚ã‚ŠãŒãŸã„ãªã¨æ„Ÿã˜ã¾ã—ãŸã€‚å½“æ™‚ã¯è‹±èªžåŠ›ã‚‚ãã“ã¾ã§é«˜ããªãã€ä¸€æ¬¡æƒ…å ±ã‚’è¦‹ã«è¡Œãã“ã¨ã¯è‡ªåˆ†ã«ã¨ã£ã¦å¤§ããªãƒãƒ¼ãƒ‰ãƒ«ã§ã—ãŸã€‚ k8sã¯éžå¸¸ã«å¤§ããªãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆãªã®ã§ã€ã‚³ãƒ³ãƒˆãƒªãƒ“ãƒ¥ãƒ¼ã‚·ãƒ§ãƒ³ã«å¿…è¦ãªã“ã¨ã ã‘ã§ãªãã€å…¨ä½“åƒãŒã‚ã¾ã‚Šã‚ã‹ã£ã¦ã„ãªã„çŠ¶æ…‹ã§ã—ãŸã€‚upstream trainingã§ã¯ã€ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã®æ§‹é€ ã‚’æ—¥æœ¬èªžã§èª¬æ˜Žã—ã¦ã„ãŸã ã„ãŸã†ãˆã§ã€ã‚³ãƒ³ãƒˆãƒªãƒ“ãƒ¥ãƒ¼ã‚·ãƒ§ãƒ³ã‚’å®Ÿéš›ã«è¡Œã†ã¨ã“ã‚ã¾ã§ä¸€é€šã‚ŠçµŒé¨“ã™ã‚‹ã“ã¨ãŒã§ãã¾ã—ãŸã€‚ãã“ã§ã€ä¸€æ¬¡æƒ…å ±ã«é–¢ã™ã‚‹æƒ…å ±ã‚’å…±æœ‰ã—ã¦ãã ã•ã£ãŸãŠã‹ã’ã§ã€ãã®å¾Œè‡ªåˆ†ãªã‚Šã«ã‚¨ãƒ³ãƒˆãƒªãƒ¼ãƒã‚¤ãƒ³ãƒˆã¨ã—ã¦åˆ©ç”¨ã—ã¤ã¤è¿½åŠ ã§èª¿æŸ»ã™ã‚‹ã‚ãƒƒã‚«ã‚±ã¥ãã‚Šã«ãªã£ã¦éžå¸¸ã«ã‚ã‚ŠãŒãŸã‹ã£ãŸã§ã™ã€‚ã“ã®çµŒé¨“ã‹ã‚‰ã€ä¸€æ¬¡æƒ…å ±ã‚’æ•´ç†ã—ã¤ã¤è¦‹ã‚‹ç¿’æ…£ã‚’èº«ã«ã¤ã‘ã‚‹å¿…è¦ãŒã‚ã‚‹ãªã¨æ€ã„ã€æ°—ã«ãªã£ãŸã‚‚ã®ã¯GitHubã®issueã‚„docsã‚’æ¼ã‚Šã«è¦‹ã«è¡Œãã‚ˆã†ã«ãªã‚Šã¾ã—ãŸã€‚çµæžœã¨ã—ã¦ã€ä»Šã¯k8sã®ã‚³ãƒ³ãƒˆãƒªãƒ“ãƒ¥ãƒ¼ã‚·ãƒ§ãƒ³è‡ªä½“ã¯è¡Œã£ã¦ã„ã¾ã›ã‚“ãŒã€ã“ã“ã§ã®çµŒé¨“ãŒåˆ¥ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã«ã‚³ãƒ³ãƒˆãƒªãƒ“ãƒ¥ãƒ¼ã‚·ãƒ§ãƒ³ã™ã‚‹ãŸã‚ã®ç´ åœ°ã¨ãªã£ã¦å½¹ç«‹ã£ã¦ã„ã¾ã™ã€‚

Junya: ç¾åœ¨ã¯ã©ã®ã‚ˆã†ãªé ˜åŸŸã§ã‚³ãƒ³ãƒˆãƒªãƒ“ãƒ¥ãƒ¼ã‚·ãƒ§ãƒ³ã‚’è¡Œã£ã¦ã„ã¾ã™ã‹ï¼Ÿåˆ¥ã®ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã¨ã¯ã©ã®ã‚ˆã†ãªã‚‚ã®ã§ã—ã‚‡ã†ã‹ï¼Ÿ

Yoshiki: ç¾åœ¨ã¯k8sã‹ã‚‰ã¯å°‘ã—é›¢ã‚Œã¦ã„ã¦ã€CNCFã®Sandbox Projectã§ã‚ã‚‹PipeCDã®ãƒ¡ãƒ³ãƒ†ãƒŠã‚’ã‚„ã£ã¦ã„ã¾ã™ã€‚PipeCDã¯CDãƒ„ãƒ¼ãƒ«ã®ä¸€ã¤ã§ã€æ§˜ã€…ãªã‚¢ãƒ—ãƒªã‚±ãƒ¼ã‚·ãƒ§ãƒ³ãƒ—ãƒ©ãƒƒãƒˆãƒ•ã‚©ãƒ¼ãƒ ã«å¯¾ã—ã¦GitOpsã‚¹ã‚¿ã‚¤ãƒ«ã§ãƒ‡ãƒ—ãƒã‚¤ã™ã‚‹æ©Ÿèƒ½ã‚’æŒã£ã¦ã„ã¾ã™ã€‚ã“ã®ãƒ„ãƒ¼ãƒ«ã¯ã€å…ƒã€…ã‚µã‚¤ãƒãƒ¼ã‚¨ãƒ¼ã‚¸ã‚§ãƒ³ãƒˆå†…éƒ¨ã§é–‹ç™ºãŒå§‹ã¾ã‚Šã¾ã—ãŸã€‚å¤§å°æ§˜ã€…ãªãƒãƒ¼ãƒ ãŒç•°ãªã‚‹ãƒ—ãƒ©ãƒƒãƒˆãƒ•ã‚©ãƒ¼ãƒ ã‚’æŽ¡ç”¨ã—ã¦ã„ãŸä¸ã§ã€çµ±ä¸€çš„ãªUXã§å…±é€šã§åˆ©ç”¨ã§ãã‚‹CDåŸºç›¤ã‚’å®Ÿç¾ã™ã‚‹ãŸã‚ã«é–‹ç™ºãŒé€²ã‚ã‚‰ã‚ŒãŸèƒŒæ™¯ãŒã‚ã‚Šã¾ã™ã€‚ç¾åœ¨ã¯k8sã€AWS ECSã€Lambdaã€Cloud Runã€Terraformã¨ã„ã£ãŸãƒ—ãƒ©ãƒƒãƒˆãƒ•ã‚©ãƒ¼ãƒ ã«å¯¾å¿œã—ã¦ã„ã¾ã™ã€‚

Yoshiki: ç§ã¯ãƒãƒ¼ãƒ å†…ã§ã¯k8så‘¨ã‚Šã®æ©Ÿèƒ½æ”¹å–„ã€é–‹ç™ºã‚’ãƒ•ãƒ«ã‚¿ã‚¤ãƒ ã®ä»•äº‹ã¨ã—ã¦è¡Œã£ã¦ã„ã¾ã™ã€‚ç¤¾å†…å‘ã‘ã«PipeCDã‚’SaaSã¨ã—ã¦æä¾›ã—ã¦ã„ã‚‹ãŸã‚ã€ãã®ã‚µãƒãƒ¼ãƒˆã®ä¸€ç’°ã¨ã—ã¦ã€æ–°è¦æ©Ÿèƒ½ã®è¿½åŠ ã‚„æ—¢å˜æ©Ÿèƒ½ã®æ”¹å–„ãªã©ã‚’è¡Œã†ã“ã¨ãŒä¸»ãªç›®çš„ã§ã™ã€‚ã•ã‚‰ã«ã€ã‚³ãƒ¼ãƒ‰ä»¥å¤–ã®ã‚³ãƒ³ãƒˆãƒªãƒ“ãƒ¥ãƒ¼ã‚·ãƒ§ãƒ³ã¨ã—ã¦ã¯ã€PipeCDè‡ªä½“ã®ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£æ‹¡å¤§ã«å‘ã‘ã¦å„ç¨®ç™»å£‡ã§ã‚ã£ãŸã‚Šã€ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ãƒŸãƒ¼ãƒ†ã‚£ãƒ³ã‚°ã®é‹å–¶ã‚’è¡Œã£ã¦ã„ã‚‹ã¨ã“ã‚ã§ã™ã€‚

Yoshiki: PipeCDã¯Kubernetesã®GitOpsã‚„Progressive Deliveryã‚’ã‚µãƒãƒ¼ãƒˆã—ã¦ã„ã¦ã€ãã‚Œã‚‰ã®æ©Ÿèƒ½é–‹ç™ºãªã©ã§ã™ã€‚ç›´è¿‘ã ã¨ã€ãƒžãƒ«ãƒã‚¯ãƒ©ã‚¹ã‚¿ä¸Šã¸ã®ãƒ‡ãƒ—ãƒã‚¤ã‚’åŠ¹çŽ‡åŒ–ã™ã‚‹ãŸã‚ã®æ©Ÿèƒ½é–‹ç™ºã‚’é€²ã‚ã¦ã„ã‚‹ã¨ã“ã‚ã§ã™ã€‚

Junya: OSSã‚³ãƒ³ãƒˆãƒªãƒ“ãƒ¥ãƒ¼ã‚·ãƒ§ãƒ³ã‚’è¡Œã†ãªã‹ã§ã€é›£ã—ã‹ã£ãŸã“ã¨ã¯ã‚ã‚Šã¾ã™ã‹ï¼Ÿ

Yoshiki: æ©Ÿèƒ½ã®æ±Žç”¨æ€§ã‚’ç¶æŒã—ã¤ã¤ã€ãƒ¦ãƒ¼ã‚¶ã®ãƒ¦ãƒ¼ã‚¹ã‚±ãƒ¼ã‚¹ã‚’æº€ãŸã™ã‚ˆã†ã«é–‹ç™ºã‚’é€²ã‚ã‚‹ã“ã¨ã§ã™ã€‚ç¤¾å†…SaaSã‚’é‹ç”¨ã™ã‚‹ä¸ã§æ©Ÿèƒ½è¦æœ›ã‚’ã„ãŸã ã„ãŸéš›ã«ã¯ã€ã‚‚ã¡ã‚ã‚“èª²é¡Œã‚’è§£æ±ºã™ã‚‹ãŸã‚ã«ã¾ãšã¯æ©Ÿèƒ½è¿½åŠ ã‚’æ¤œè¨Žã—ã¾ã™ã€‚ä¸€æ–¹ã§ã€PipeCDã¯OSSã¨ã—ã¦ã‚ˆã‚Šå¤šãã®ãƒ¦ãƒ¼ã‚¶ã«ä½¿ã£ã¦ã‚‚ã‚‰ã†ã“ã¨ã‚‚è€ƒãˆã¦è¡ŒããŸã„ã§ã™ã€‚ãªã®ã§ã€ã‚ã‚‹ãƒ¦ãƒ¼ã‚¹ã‚±ãƒ¼ã‚¹ã‚’ã‚‚ã¨ã«åˆ¥ã®ãƒ¦ãƒ¼ã‚¹ã‚±ãƒ¼ã‚¹ã¨ã—ã¦ã‚‚ä½¿ãˆã‚‹ã‹ã©ã†ã‹ã‚’è€ƒãˆã€ã‚½ãƒ•ãƒˆã‚¦ã‚§ã‚¢ã¨ã—ã¦æ±Žç”¨æ€§ã‚’ã‚‚ãŸã›ã‚‹ã‚ˆã†ã«æ„è˜ã—ã¦ã„ã¾ã™ã€‚

Junya: ä»Šå¾Œã®ç›®æ¨™ã‚’æ•™ãˆã¦ãã ã•ã„ï¼

Yoshiki: PipeCDã®æ©Ÿèƒ½æ‹¡å¼µã«åŠ›ã‚’å…¥ã‚Œã¦ã„ããŸã„ã¨è€ƒãˆã¦ã„ã¾ã™ã€‚PipeCDã¯ç¾åœ¨One CD for All ã®ã‚¹ãƒãƒ¼ã‚¬ãƒ³ã®ã‚‚ã¨é–‹ç™ºã‚’é€²ã‚ã¦ã„ã¾ã™ã€‚å…ˆç¨‹ãŠä¼ãˆã—ãŸé€šã‚Šã€k8sã€AWS ECSã€Lambdaã€Cloud Runã€Terraform ã®5ç¨®é¡žã«å¯¾å¿œã—ã¦ã„ã¾ã™ãŒã€ã“ã‚Œä»¥å¤–ã«ã‚‚ãƒ—ãƒ©ãƒƒãƒˆãƒ•ã‚©ãƒ¼ãƒ ã¯å˜åœ¨ã—ã¾ã™ã—ã€ä»Šå¾Œã‚‚æ–°ãŸãªãƒ—ãƒ©ãƒƒãƒˆãƒ•ã‚©ãƒ¼ãƒ ãŒå°é ã—ã¦ãã‚‹ã‹ã‚‚ã—ã‚Œã¾ã›ã‚“ã€‚ãã“ã§ã€PipeCDã¯ç¾åœ¨ãƒ¦ãƒ¼ã‚¶ãŒç‹¬è‡ªã«æ‹¡å¼µã§ãã‚‹ã‚ˆã†ã«ãƒ—ãƒ©ã‚°ã‚¤ãƒ³æ©Ÿæ§‹ã®é–‹ç™ºã‚’é€²ã‚ã¦ã„ã¾ã™ã€‚ãã‚Œã«åŠ›ã‚’å…¥ã‚Œã¦ã„ããŸã„ã§ã™ãã€‚ã¾ãŸã€k8sã®ãƒžãƒ«ãƒã‚¯ãƒ©ã‚¹ã‚¿ãƒ‡ãƒ—ãƒã‚¤å‘ã‘ã®æ©Ÿèƒ½é–‹ç™ºã‚‚é€²ã‚ã¦ã„ã‚‹ã¨ã“ã‚ã§ã€ã“ã‚Œã‹ã‚‰ã‚‚ã‚ˆã‚Šã‚¤ãƒ³ãƒ‘ã‚¯ãƒˆã®ã‚ã‚‹ã‚³ãƒ³ãƒˆãƒªãƒ“ãƒ¥ãƒ¼ã‚·ãƒ§ãƒ³ã‚’ã—ã¦ã„ããŸã„ã¨è€ƒãˆã¦ã¾ã™ã€‚

Junya: ã‚ã‚ŠãŒã¨ã†ã”ã–ã„ã¾ã—ãŸï¼

Kubernetes Upstream Training ã®æœªæ¥

ç§ãŸã¡ã¯ã€ã“ã‚Œã‹ã‚‰ã‚‚Kubernetes Upstream Training in Japanã‚’ç¶™ç¶šã—ã¦é–‹å‚¬ã—ã€å¤šãã®æ–°ã—ã„ã‚³ãƒ³ãƒˆãƒªãƒ“ãƒ¥ãƒ¼ã‚¿ãƒ¼ã‚’è¿ŽãˆãŸã„ã¨è€ƒãˆã¦ã„ã¾ã™ã€‚ æ¬¡å›žã®é–‹å‚¬ã¯11æœˆæœ«ã®CloudNative Days Winter 2024ã®ä¸ã§ã®é–‹å‚¬ã‚’äºˆå®šã—ã¦ã„ã¾ã™ã€‚

ã¾ãŸã€ç§ãŸã¡ã®ç›®æ¨™ã¯ã€ã“ã‚Œã‚‰ã®ãƒˆãƒ¬ãƒ¼ãƒ‹ãƒ³ã‚°ãƒ—ãƒã‚°ãƒ©ãƒ ã‚’æ—¥æœ¬ã ã‘ã§ãªãã€ä¸–ç•Œä¸ã«åºƒã’ã¦ã„ãã“ã¨ã§ã™ã€‚ Kubernetesã¯ä»Šå¹´ã§10å‘¨å¹´ã‚’è¿Žãˆã¾ã—ãŸãŒã€ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ãŒã“ã‚Œã¾ã§ä»¥ä¸Šã«æ´»ç™ºã«ãªã‚‹ãŸã‚ã«ã¯ã€ä¸–ç•Œä¸ã®äººã€…ãŒè²¢çŒ®ã—ç¶šã‘ã‚‹ã“ã¨ãŒé‡è¦ã§ã™ã€‚ ç¾åœ¨ã€Upstream Trainingã¯ã„ãã¤ã‹ã®åœ°åŸŸã§é–‹å‚¬ã•ã‚Œã¦ã„ã¾ã™ãŒã€ç§ãŸã¡ã¯ã•ã‚‰ã«å¤šãã®åœ°åŸŸã§ã®é–‹å‚¬ã‚’ç›®æŒ‡ã—ã¦ã„ã¾ã™ã€‚

å¤šãã®äººã€…ãŒKubernetesã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã«å‚åŠ ã—ã€è²¢çŒ®ã™ã‚‹ã“ã¨ã§ã€ç§ãŸã¡ã®ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ãŒã¾ã™ã¾ã™æ´»æ°—ã¥ãã“ã¨ã‚’æ¥½ã—ã¿ã«ã—ã¦ã„ã¾ã™ï¼

Kubernetes 1.31: Fine-grained SupplementalGroups control

Thu, 22 Aug 2024 00:00:00 +0000

ã“ã®è¨˜äº‹ã§ã¯Kubernetes 1.31ã®æ–°æ©Ÿèƒ½ã§ã‚ã‚‹ã€Podå†…ã®ã‚³ãƒ³ãƒ†ãƒŠã«ãŠã‘ã‚‹è£œåŠ©ã‚°ãƒ«ãƒ¼ãƒ—åˆ¶å¾¡ã®æ”¹å–„æ©Ÿèƒ½ã«ã¤ã„ã¦èª¬æ˜Žã—ã¾ã™ã€‚

ã“ã®æŒ™å‹•ã¯å¤šãã®Kubernetesã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã®ãƒ¦ãƒ¼ã‚¶ãƒ¼ã€ç®¡ç†è€…ã«ã¨ã£ã¦ã‚ã¾ã‚ŠçŸ¥ã‚‰ã‚Œã¦ã„ãªã„ã‹ã‚‚ã—ã‚Œã¾ã›ã‚“ãŒã€Kubernetesã¯ã€ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã§ã¯ã€Podã§å®šç¾©ã•ã‚ŒãŸæƒ…å ±ã«åŠ ãˆã¦ã€ã‚³ãƒ³ãƒ†ãƒŠã‚¤ãƒ¡ãƒ¼ã‚¸å†…ã®/etc/groupã®ã‚°ãƒ«ãƒ¼ãƒ—æƒ…å ±ã‚’ ãƒžãƒ¼ã‚¸ ã—ã¾ã™ã€‚

ä¾‹ã‚’è¦‹ã¦ã¿ã¾ã—ã‚‡ã†ã€‚ã“ã®Podã¯securityContextã§runAsUser=1000ã€runAsGroup=3000ã€supplementalGroups=4000ã‚’æŒ‡å®šã—ã¦ã„ã¾ã™ã€‚

implicit-groups.yaml

apiVersion: v1
kind: Pod
metadata:
 name: implicit-groups
spec:
 securityContext:
 runAsUser: 1000
 runAsGroup: 3000
 supplementalGroups: [4000]
 containers:
 - name: ctr
 image: registry.k8s.io/e2e-test-images/agnhost:2.45
 command: [ "sh", "-c", "sleep 1h" ]
 securityContext:
 allowPrivilegeEscalation: false

ctrã‚³ãƒ³ãƒ†ãƒŠã§idã‚³ãƒžãƒ³ãƒ‰ã‚’å®Ÿè¡Œã™ã‚‹ã¨ä½•ãŒå‡ºåŠ›ã•ã‚Œã‚‹ã§ã—ã‚‡ã†ã‹ï¼Ÿ

# Podã‚’ä½œæˆã—ã¦ã¿ã¾ã—ã‚‡ã†ã€‚
$ kubectl apply -f https://k8s.io/blog/2024-08-22-Fine-grained-SupplementalGroups-control/implicit-groups.yaml

# Podã®ã‚³ãƒ³ãƒ†ãƒŠãŒå®Ÿè¡Œã•ã‚Œã¦ã„ã‚‹ã“ã¨ã‚’ç¢ºèªã—ã¾ã™ã€‚
$ kubectl get pod implicit-groups

# idã‚³ãƒžãƒ³ãƒ‰ã‚’ç¢ºèªã—ã¾ã™ã€‚
$ kubectl exec implicit-groups -- id

å‡ºåŠ›ã¯æ¬¡ã®ã‚ˆã†ã«ãªã‚‹ã§ã—ã‚‡ã†ã€‚

uid=1000 gid=3000 groups=3000,4000,50000

Podãƒžãƒ‹ãƒ•ã‚§ã‚¹ãƒˆã«ã¯50000ã¯ä¸€åˆ‡å®šç¾©ã•ã‚Œã¦ã„ãªã„ã«ã‚‚ã‹ã‹ã‚ã‚‰ãšã€è£œåŠ©ã‚°ãƒ«ãƒ¼ãƒ—(groupsãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰)ã«å«ã¾ã‚Œã¦ã„ã‚‹ã‚°ãƒ«ãƒ¼ãƒ—ID50000ã¯ä¸€ä½“ã©ã“ã‹ã‚‰æ¥ã‚‹ã®ã§ã—ã‚‡ã†ã‹? ç”ãˆã¯ã‚³ãƒ³ãƒ†ãƒŠã‚¤ãƒ¡ãƒ¼ã‚¸ã®/etc/groupãƒ•ã‚¡ã‚¤ãƒ«ã§ã™ã€‚

ã‚³ãƒ³ãƒ†ãƒŠã‚¤ãƒ¡ãƒ¼ã‚¸ã®/etc/groupã®å†…å®¹ãŒä¸‹è¨˜ã®ã‚ˆã†ã«ãªã£ã¦ã„ã‚‹ã“ã¨ãŒç¢ºèªã§ãã‚‹ã§ã—ã‚‡ã†ã€‚

$ kubectl exec implicit-groups -- cat /etc/group
...
user-defined-in-image:x:1000:
group-defined-in-image:x:50000:user-defined-in-image

ãªã‚‹ã»ã©ï¼ã‚³ãƒ³ãƒ†ãƒŠã®ãƒ—ãƒ©ã‚¤ãƒžãƒªãƒ¦ãƒ¼ã‚¶ãƒ¼ã§ã‚ã‚‹ãƒ¦ãƒ¼ã‚¶ãƒ¼(1000)ãŒã‚°ãƒ«ãƒ¼ãƒ—(50000)ã«å±žã—ã¦ã„ã‚‹ã“ã¨ãŒæœ€å¾Œã®ã‚¨ãƒ³ãƒˆãƒªã‹ã‚‰ç¢ºèªå‡ºæ¥ã¾ã—ãŸã€‚

ã“ã®ã‚ˆã†ã«ã€ã‚³ãƒ³ãƒ†ãƒŠã‚¤ãƒ¡ãƒ¼ã‚¸ä¸Šã®/etc/groupã§å®šç¾©ã•ã‚Œã‚‹ã€ã‚³ãƒ³ãƒ†ãƒŠã®ãƒ—ãƒ©ã‚¤ãƒžãƒªãƒ¦ãƒ¼ã‚¶ãƒ¼ã®ã‚°ãƒ«ãƒ¼ãƒ—æƒ…å ±ã¯ã€Podã‹ã‚‰ã®æƒ…å ±ã«åŠ ãˆã¦ æš—é»™çš„ã«ãƒžãƒ¼ã‚¸ ã•ã‚Œã¾ã™ã€‚ãŸã ã—ã€ã“ã®æŒ™å‹•ã¯ã€ç¾åœ¨ã®CRIå®Ÿè£…ãŒDockerã‹ã‚‰å¼•ãç¶™ã„ã è¨è¨ˆä¸Šã®æ±ºå®šã§ã‚ã‚Šã€ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã¯ã“ã‚Œã¾ã§ã“ã®æŒ™å‹•ã«ã¤ã„ã¦å†æ¤œè¨Žã™ã‚‹ã“ã¨ã¯ã»ã¨ã‚“ã©ã‚ã‚Šã¾ã›ã‚“ã§ã—ãŸã€‚

ä½•ãŒæ‚ªã„ã®ã‹ï¼Ÿ

ã‚³ãƒ³ãƒ†ãƒŠã‚¤ãƒ¡ãƒ¼ã‚¸ã®/etc/groupã‹ã‚‰ æš—é»™çš„ã«ãƒžãƒ¼ã‚¸ ã•ã‚Œã‚‹ã‚°ãƒ«ãƒ¼ãƒ—æƒ…å ±ã¯ã€ç‰¹ã«ãƒœãƒªãƒ¥ãƒ¼ãƒ ã‚¢ã‚¯ã‚»ã‚¹ã‚’è¡Œã†éš›ã«ã€ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£ä¸Šã®æ‡¸å¿µã‚’å¼•ãèµ·ã“ã™ã“ã¨ãŒã‚ã‚Šã¾ã™(è©³ç´°ã¯kubernetes/kubernetes#112879ã‚’å‚ç…§ã—ã¦ãã ã•ã„)ã€‚ãªãœãªã‚‰ã€Linuxã«ãŠã„ã¦ã€ãƒ•ã‚¡ã‚¤ãƒ«ãƒ‘ãƒ¼ãƒŸãƒƒã‚·ãƒ§ãƒ³ã¯uid/gidã§åˆ¶å¾¡ã•ã‚Œã¦ã„ã‚‹ã‹ã‚‰ã§ã™ã€‚æ›´ã«æ‚ªã„ã“ã¨ã«ã€/etc/groupã«ç”±æ¥ã™ã‚‹æš—é»™çš„ãªgidã¯ã€ãƒžãƒ‹ãƒ•ã‚§ã‚¹ãƒˆã«ã‚°ãƒ«ãƒ¼ãƒ—æƒ…å ±ã®æ‰‹ãŒã‹ã‚ŠãŒç„¡ã„ãŸã‚ã€ãƒãƒªã‚·ãƒ¼ã‚¨ãƒ³ã‚¸ãƒ³ç‰ã§ãƒã‚§ãƒƒã‚¯ãƒ»æ¤œçŸ¥ã‚’ã™ã‚‹ã“ã¨ãŒå‡ºæ¥ã¾ã›ã‚“ã€‚ã“ã‚Œã¯Kubernetesã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£ã®è¦³ç‚¹ã‹ã‚‰ã‚‚æ‡¸å¿µã¨ãªã‚Šã¾ã™ã€‚

Podã«ãŠã‘ã‚‹Fine-grained(ãã‚ç´°ã‹ã„) SupplementalGroups control: `SupplementaryGroupsPolicy`

ã“ã®èª²é¡Œã‚’è§£æ±ºã™ã‚‹ãŸã‚ã«ã€Kubernetes 1.31ã¯Podã®.spec.securityContextã«ã€æ–°ã—ãsupplementalGroupsPolicyãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã‚’è¿½åŠ ã—ã¾ã™ã€‚

ã“ã®ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã¯ã€Podå†…ã®ã‚³ãƒ³ãƒ†ãƒŠãƒ—ãƒã‚»ã‚¹ã«ä»˜ä¸Žã•ã‚Œã‚‹è£œåŠ©ã‚°ãƒ«ãƒ¼ãƒ—ã‚’æ±ºå®šã™ã‚‹ã‚’æ–¹æ³•ã‚’åˆ¶å¾¡ã§ãã‚‹ã‚ˆã†ã«ã—ã¾ã™ã€‚æœ‰åŠ¹ãªãƒãƒªã‚·ãƒ¼ã¯æ¬¡ã®2ã¤ã§ã™ã€‚

Merge: /etc/groupã§å®šç¾©ã•ã‚Œã¦ã„ã‚‹ã€ã‚³ãƒ³ãƒ†ãƒŠã®ãƒ—ãƒ©ã‚¤ãƒžãƒªãƒ¦ãƒ¼ã‚¶ãƒ¼ãŒæ‰€å±žã™ã‚‹ã‚°ãƒ«ãƒ¼ãƒ—æƒ…å ±ã‚’ãƒžãƒ¼ã‚¸ã—ã¾ã™ã€‚æŒ‡å®šã•ã‚Œã¦ã„ãªã„å ´åˆã€ã“ã®ãƒãƒªã‚·ãƒ¼ãŒãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã§ã™(å¾Œæ–¹äº’æ›æ€§ã‚’è€ƒæ…®ã—ã¦æ—¢å˜ã®æŒ™å‹•ã¨åŒæ§˜)ã€‚
Strict: fsGroupã€supplementalGroupsã€runAsGroupãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã§æŒ‡å®šã•ã‚ŒãŸã‚°ãƒ«ãƒ¼ãƒ—IDã®ã¿è£œåŠ©ã‚°ãƒ«ãƒ¼ãƒ—ã«æŒ‡å®šã•ã‚Œã¾ã™ã€‚ã¤ã¾ã‚Šã€/etc/groupã§å®šç¾©ã•ã‚ŒãŸã€ã‚³ãƒ³ãƒ†ãƒŠã®ãƒ—ãƒ©ã‚¤ãƒžãƒªãƒ¦ãƒ¼ã‚¶ãƒ¼ã®ã‚°ãƒ«ãƒ¼ãƒ—æƒ…å ±ã¯ãƒžãƒ¼ã‚¸ã•ã‚Œã¾ã›ã‚“ã€‚

strict-supplementalgroups-policy.yaml

apiVersion: v1
kind: Pod
metadata:
 name: strict-supplementalgroups-policy
spec:
 securityContext:
 runAsUser: 1000
 runAsGroup: 3000
 supplementalGroups: [4000]
 supplementalGroupsPolicy: Strict
 containers:
 - name: ctr
 image: registry.k8s.io/e2e-test-images/agnhost:2.45
 command: [ "sh", "-c", "sleep 1h" ]
 securityContext:
 allowPrivilegeEscalation: false

# Podã‚’ä½œæˆã—ã¦ã¿ã¾ã—ã‚‡ã†ã€‚
$ kubectl apply -f https://k8s.io/blog/2024-08-22-Fine-grained-SupplementalGroups-control/strict-supplementalgroups-policy.yaml

# Podã®ã‚³ãƒ³ãƒ†ãƒŠãŒå®Ÿè¡Œã•ã‚Œã¦ã„ã‚‹ã“ã¨ã‚’ç¢ºèªã—ã¾ã™ã€‚
$ kubectl get pod strict-supplementalgroups-policy

# ãƒ—ãƒã‚»ã‚¹ã®ãƒ¦ãƒ¼ã‚¶ãƒ¼ã€ã‚°ãƒ«ãƒ¼ãƒ—æƒ…å ±ã‚’ç¢ºèªã—ã¾ã™ã€‚
kubectl exec -it strict-supplementalgroups-policy -- id

å‡ºåŠ›ã¯ã“ã®ã‚ˆã†ã«ãªã‚Šã¾ã™ã€‚

uid=1000 gid=3000 groups=3000,4000

Strictãƒãƒªã‚·ãƒ¼ã«ã‚ˆã£ã¦ã‚°ãƒ«ãƒ¼ãƒ—50000ãŒgroupsã‹ã‚‰é™¤å¤–ã•ã‚Œã¦ã„ã‚‹ã®ãŒç¢ºèªã§ãã¾ã—ãŸï¼

ã“ã®ã‚ˆã†ã«ã€ç¢ºå®Ÿã«supplementalGroupsPolicy: Strictã‚’è¨å®šã™ã‚‹(ãƒãƒªã‚·ãƒ¼ã‚¨ãƒ³ã‚¸ãƒ³ç‰ã«ã‚ˆã£ã¦å¼·åˆ¶ã™ã‚‹)ã“ã¨ã§ã€æš—é»™çš„ãªè£œåŠ©ã‚°ãƒ«ãƒ¼ãƒ—ã‚’å›žé¿ã™ã‚‹ã“ã¨ãŒå¯èƒ½ã«ãªã‚Šã¾ã™ã€‚

å‚™è€ƒ:

ã“ã®ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã®å€¤ã‚’å¼·åˆ¶ã™ã‚‹ã ã‘ã§ã¯ä¸ååˆ†ãªå ´åˆã‚‚ã‚ã‚Šã¾ã™ã€‚ãªãœãªã‚‰ã€ãƒ—ãƒã‚»ã‚¹ãŒè‡ªåˆ†è‡ªèº«ã®ãƒ¦ãƒ¼ã‚¶ãƒ¼ã€ã‚°ãƒ«ãƒ¼ãƒ—æƒ…å ±ã‚’å¤‰æ›´ã§ãã‚‹æ¨©é™/ã‚±ãƒ¼ãƒ‘ãƒ“ãƒªãƒ†ã‚£ã‚’æŒã£ã¦ã„ã‚‹å ´åˆãŒã‚ã‚‹ã‹ã‚‰ã§ã™ã€‚è©³ç´°ã¯æ¬¡ã®ã‚»ã‚¯ã‚·ãƒ§ãƒ³ã‚’å‚ç…§ã—ã¦ãã ã•ã„ã€‚

Podã‚¹ãƒ†ãƒ¼ã‚¿ã‚¹ã«ãŠã‘ã‚‹ä»˜ä¸Žã•ã‚ŒãŸãƒ¦ãƒ¼ã‚¶ãƒ¼ã€ã‚°ãƒ«ãƒ¼ãƒ—æƒ…å ±ã®ç¢ºèª

ã“ã®æ©Ÿèƒ½ã¯ã€Podã®status.containerStatuses[].user.linuxãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã§ã‚³ãƒ³ãƒ†ãƒŠã®æœ€åˆã®ãƒ—ãƒã‚»ã‚¹ã«ä»˜ä¸Žã•ã‚ŒãŸãƒ¦ãƒ¼ã‚¶ãƒ¼ã€ã‚°ãƒ«ãƒ¼ãƒ—æƒ…å ±ã‚’å…¬é–‹ã—ã¦ã„ã¾ã™ã€‚æš—é»™çš„ãªã‚°ãƒ«ãƒ¼ãƒ—IDãŒä»˜ä¸Žã•ã‚Œã¦ã„ã‚‹ã‹ã©ã†ã‹ã‚’ç¢ºèªã™ã‚‹ã®ã«ä¾¿åˆ©ã§ã—ã‚‡ã†ã€‚

...
status:
 containerStatuses:
 - name: ctr
 user:
 linux:
 gid: 3000
 supplementalGroups:
 - 3000
 - 4000
 uid: 1000
...

å‚™è€ƒ:

status.containerStatuses[].user.linuxãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã§å…¬é–‹ã•ã‚Œã¦ã„ã‚‹ãƒ¦ãƒ¼ã‚¶ãƒ¼ã€ã‚°ãƒ«ãƒ¼ãƒ—æƒ…å ±ã¯ã€ã‚³ãƒ³ãƒ†ãƒŠã®æœ€åˆã®ãƒ—ãƒã‚»ã‚¹ã«ã€æœ€åˆã«ä»˜ä¸Žã•ã‚ŒãŸ æƒ…å ±ã§ã‚ã‚‹ã“ã¨ã«æ³¨æ„ã—ã¦ãã ã•ã„ã€‚ ã‚‚ã—ãã®ãƒ—ãƒã‚»ã‚¹ãŒã€è‡ªèº«ã®ãƒ¦ãƒ¼ã‚¶ãƒ¼ã€ã‚°ãƒ«ãƒ¼ãƒ—æƒ…å ±ã‚’å¤‰æ›´ã§ãã‚‹ã‚·ã‚¹ãƒ†ãƒ ã‚³ãƒ¼ãƒ«(ä¾‹ãˆã° setuid(2), setgid(2), setgroups(2)ç‰)ã‚’å®Ÿè¡Œã™ã‚‹æ¨©é™ã‚’æŒã£ã¦ã„ã‚‹å ´åˆã€ãƒ—ãƒã‚»ã‚¹è‡ªèº«ã§å‹•çš„ã«å¤‰æ›´ãŒå¯èƒ½ãªãŸã‚ã§ã™ã€‚ ã¤ã¾ã‚Šã€å®Ÿéš›ã«ãƒ—ãƒã‚»ã‚¹ã«ä»˜ä¸Žã•ã‚Œã¦ã„ã‚‹ãƒ¦ãƒ¼ã‚¶ãƒ¼ã€ã‚°ãƒ«ãƒ¼ãƒ—æƒ…å ±ã¯å‹•çš„ã«å¤‰åŒ–ã—ã¾ã™ã€‚

supplementalGroupsPolicyãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã‚’æœ‰åŠ¹åŒ–ã™ã‚‹ã«ã¯ã€ä¸‹è¨˜ã®ã‚³ãƒ³ãƒãƒ¼ãƒãƒ³ãƒˆã‚’åˆ©ç”¨ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚

Kubernetes: v1.31ä»¥é™ã€ã‹ã¤ã€SupplementalGroupsPolicyãƒ•ã‚£ãƒ¼ãƒãƒ£ãƒ¼ã‚²ãƒ¼ãƒˆãŒæœ‰åŠ¹åŒ–ã•ã‚Œã¦ã„ã‚‹ã“ã¨ã€‚v1.31ç¾åœ¨ã€ã“ã®ãƒ•ã‚£ãƒ¼ãƒãƒ£ãƒ¼ã‚²ãƒ¼ãƒˆã¯ã‚¢ãƒ«ãƒ•ã‚¡ã§ã™ã€‚
CRIå®Ÿè£…:
- containerd: v2.0ä»¥é™
- CRI-O: v1.31ä»¥é™

apiVersion: v1
kind: Node
...
status:
 features:
 supplementalGroupsPolicy: true

å°†æ¥ã®å±•æœ›

Kubernetes SIG Nodeã¯ã€ã“ã®æ©Ÿèƒ½ãŒå°†æ¥çš„ãªKubernetesã®ãƒªãƒªãƒ¼ã‚¹ã§ãƒ™ãƒ¼ã‚¿ç‰ˆã«æ˜‡æ ¼ã—ã€æœ€çµ‚çš„ã«ã¯ä¸€èˆ¬æä¾›(GA)ã•ã‚Œã‚‹ã“ã¨ã‚’æœ›ã‚“ã§ãŠã‚Šã€æœŸå¾…ã—ã¦ã„ã¾ã™ã€‚ãã†ãªã‚Œã°ã€ãƒ¦ãƒ¼ã‚¶ãƒ¼ã¯ã‚‚ã¯ã‚„æ©Ÿèƒ½ã‚²ãƒ¼ãƒˆã‚’æ‰‹å‹•ã§æœ‰åŠ¹ã«ã™ã‚‹å¿…è¦ãŒãªããªã‚Šã¾ã™ã€‚

ã‚ˆã‚Šå¦ã¶ã«ã¯ï¼Ÿ

KEP-3619: Fine-grained SupplementalGroups control

å‚åŠ ã™ã‚‹ã«ã¯ï¼Ÿ

ã“ã®æ©Ÿèƒ½ã¯SIG Nodeã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã«ã‚ˆã£ã¦æŽ¨é€²ã•ã‚Œã¦ã„ã¾ã™ã€‚ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã«å‚åŠ ã—ã¦ã€ä¸Šè¨˜ã®æ©Ÿèƒ½ã‚„ãã‚Œä»¥å¤–ã®ã‚¢ã‚¤ãƒ‡ã‚¢ã‚„ãƒ•ã‚£ãƒ¼ãƒ‰ãƒãƒƒã‚¯ã‚’å…±æœ‰ã—ã¦ãã ã•ã„ã€‚çš†ã•ã‚“ã‹ã‚‰ã®ã”æ„è¦‹ã‚’ãŠå¾…ã¡ã—ã¦ã„ã¾ã™ï¼

Kubernetes 1.31: SPDYã‹ã‚‰WebSocketã¸ã®ã‚¹ãƒˆãƒªãƒ¼ãƒŸãƒ³ã‚°ã®ç§»è¡Œ

Tue, 20 Aug 2024 00:00:00 +0000

Kubernetes 1.31ã§ã¯ã€kubectlãŒã‚¹ãƒˆãƒªãƒ¼ãƒŸãƒ³ã‚°ã™ã‚‹éš›ã«ã€SPDYã«ä»£ã‚ã‚ŠWebSocketãƒ—ãƒãƒˆã‚³ãƒ«ã‚’ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã§ä½¿ç”¨ã™ã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã—ãŸã€‚

ã“ã®è¨˜äº‹ã§ã¯ã€ã“ã®å¤‰æ›´ãŒæ„å‘³ã™ã‚‹ã¨ã“ã‚ã¨ã€ãªãœã“ã‚Œã‚‰ã®ã‚¹ãƒˆãƒªãƒ¼ãƒŸãƒ³ã‚°APIãŒé‡è¦ãªã®ã‹ã«ã¤ã„ã¦èª¬æ˜Žã—ã¾ã™ã€‚

Kubernetesã®ã‚¹ãƒˆãƒªãƒ¼ãƒŸãƒ³ã‚°API

Kubernetesã§ã¯ã€HTTPã¾ãŸã¯RESTfulã‚¤ãƒ³ã‚¿ãƒ¼ãƒ•ã‚§ãƒ¼ã‚¹ã¨ã—ã¦å…¬é–‹ã•ã‚Œã‚‹ç‰¹å®šã®ã‚¨ãƒ³ãƒ‰ãƒã‚¤ãƒ³ãƒˆãŒã€ã‚¹ãƒˆãƒªãƒ¼ãƒŸãƒ³ã‚°ãƒ—ãƒãƒˆã‚³ãƒ«ãŒå¿…è¦ãªã€ã‚¹ãƒˆãƒªãƒ¼ãƒŸãƒ³ã‚°æŽ¥ç¶šã«ã‚¢ãƒƒãƒ—ã‚°ãƒ¬ãƒ¼ãƒ‰ã•ã‚Œã¾ã™ã€‚ ãƒªã‚¯ã‚¨ã‚¹ãƒˆãƒ»ãƒ¬ã‚¹ãƒãƒ³ã‚¹åž‹ãƒ—ãƒãƒˆã‚³ãƒ«ã§ã‚ã‚‹HTTPã¨ã¯ç•°ãªã‚Šã€ã‚¹ãƒˆãƒªãƒ¼ãƒŸãƒ³ã‚°ãƒ—ãƒãƒˆã‚³ãƒ«ã¯åŒæ–¹å‘ãƒ»ä½Žé…å»¶ã®æ°¸ç¶šçš„ãªæŽ¥ç¶šã‚’æä¾›ã—ã€ãƒªã‚¢ãƒ«ã‚¿ã‚¤ãƒ ã§ã®å¯¾è©±ã‚’å¯èƒ½ã«ã—ã¾ã™ã€‚ ã‚¹ãƒˆãƒªãƒ¼ãƒŸãƒ³ã‚°ãƒ—ãƒãƒˆã‚³ãƒ«ã¯ã€ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆã¨ã‚µãƒ¼ãƒãƒ¼é–“ã§åŒä¸€ã®æŽ¥ç¶šã‚’ä»‹ã—ã¦ã€åŒæ–¹å‘ã§ã®ãƒ‡ãƒ¼ã‚¿ã®èªã¿æ›¸ãã‚’ã‚µãƒãƒ¼ãƒˆã—ã¾ã™ã€‚ ã“ã®ã‚¿ã‚¤ãƒ—ã®æŽ¥ç¶šã¯ã€ä¾‹ãˆã°ã€ãƒãƒ¼ã‚«ãƒ«ãƒ¯ãƒ¼ã‚¯ã‚¹ãƒ†ãƒ¼ã‚·ãƒ§ãƒ³ã‹ã‚‰å®Ÿè¡Œä¸ã®ã‚³ãƒ³ãƒ†ãƒŠå†…ã«ã‚·ã‚§ãƒ«ã‚’ä½œæˆã—ã€ãã®ã‚³ãƒ³ãƒ†ãƒŠå†…ã§ã‚³ãƒžãƒ³ãƒ‰ã‚’å®Ÿè¡Œã™ã‚‹å ´åˆãªã©ã«å½¹ç«‹ã¡ã¾ã™ã€‚

ãªãœã‚¹ãƒˆãƒªãƒ¼ãƒŸãƒ³ã‚°ãƒ—ãƒãƒˆã‚³ãƒ«ã‚’å¤‰æ›´ã™ã‚‹ã®ã‹ï¼Ÿ

v1.31ãƒªãƒªãƒ¼ã‚¹ä»¥å‰ã¯ã€Kubernetesã¯ã‚¹ãƒˆãƒªãƒ¼ãƒŸãƒ³ã‚°æŽ¥ç¶šã‚’ã‚¢ãƒƒãƒ—ã‚°ãƒ¬ãƒ¼ãƒ‰ã™ã‚‹éš›ã«ã€ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã§SPDY/3.1ãƒ—ãƒãƒˆã‚³ãƒ«ã‚’ä½¿ç”¨ã—ã¦ã„ã¾ã—ãŸã€‚ SPDY/3.1ã¯8å¹´å‰ã«éžæŽ¨å¥¨ã¨ãªã£ã¦ãŠã‚Šã€æ¨™æº–åŒ–ã•ã‚Œã‚‹ã“ã¨ã¯ã‚ã‚Šã¾ã›ã‚“ã§ã—ãŸã€‚ å¤šãã®æœ€æ–°ã®ãƒ—ãƒã‚ã‚·ã€ã‚²ãƒ¼ãƒˆã‚¦ã‚§ã‚¤ã€ãƒãƒ¼ãƒ‰ãƒãƒ©ãƒ³ã‚µãƒ¼ã¯ã€ã“ã®ãƒ—ãƒãƒˆã‚³ãƒ«ã‚’ã‚µãƒãƒ¼ãƒˆã—ã¦ã„ã¾ã›ã‚“ã€‚ ãã®çµæžœã€ãƒ—ãƒã‚ã‚·ã‚„ã‚²ãƒ¼ãƒˆã‚¦ã‚§ã‚¤ã‚’ä»‹ã—ã¦ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã«ã‚¢ã‚¯ã‚»ã‚¹ã—ã‚ˆã†ã¨ã™ã‚‹ã¨ã€kubectl cpã€kubectl attachã€kubectl execã€kubectl port-forwardãªã©ã®ã‚³ãƒžãƒ³ãƒ‰ãŒæ©Ÿèƒ½ã—ãªããªã‚‹ã“ã¨ãŒã‚ã‚Šã¾ã™ã€‚

Kubernetes v1.31ä»¥é™ã€SIG API Machineryã¯ã€Kubernetesã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆ(kubectlãªã©)ãŒã“ã‚Œã‚‰ã®ã‚³ãƒžãƒ³ãƒ‰ã«ä½¿ç”¨ã™ã‚‹ã‚¹ãƒˆãƒªãƒ¼ãƒŸãƒ³ã‚°ãƒ—ãƒãƒˆã‚³ãƒ«ã‚’ã€ã‚ˆã‚Šãƒ¢ãƒ€ãƒ³ãªWebSocketã‚¹ãƒˆãƒªãƒ¼ãƒŸãƒ³ã‚°ãƒ—ãƒãƒˆã‚³ãƒ«ã«å¤‰æ›´ã—ã¾ã—ãŸã€‚ WebSocketãƒ—ãƒãƒˆã‚³ãƒ«ã¯ã€ç¾åœ¨ã‚µãƒãƒ¼ãƒˆã•ã‚Œã¦ã„ã‚‹æ¨™æº–åŒ–ã•ã‚ŒãŸã‚¹ãƒˆãƒªãƒ¼ãƒŸãƒ³ã‚°ãƒ—ãƒãƒˆã‚³ãƒ«ã§ã‚ã‚Šã€æ§˜ã€…ãªã‚³ãƒ³ãƒãƒ¼ãƒãƒ³ãƒˆã‚„ãƒ—ãƒã‚°ãƒ©ãƒŸãƒ³ã‚°è¨€èªžé–“ã®äº’æ›æ€§ã¨ç›¸äº’é‹ç”¨æ€§ã‚’ä¿è¨¼ã—ã¾ã™ã€‚ WebSocketãƒ—ãƒãƒˆã‚³ãƒ«ã¯ã€SPDYã‚ˆã‚Šã‚‚æœ€æ–°ã®ãƒ—ãƒã‚ã‚·ã‚„ã‚²ãƒ¼ãƒˆã‚¦ã‚§ã‚¤ã§åºƒãã‚µãƒãƒ¼ãƒˆã•ã‚Œã¦ã„ã¾ã™ã€‚

ã‚¹ãƒˆãƒªãƒ¼ãƒŸãƒ³ã‚°APIã®ä»•çµ„ã¿

Kubernetesã¯ã€ç™ºä¿¡å…ƒã®HTTPãƒªã‚¯ã‚¨ã‚¹ãƒˆã«ç‰¹å®šã®ã‚¢ãƒƒãƒ—ã‚°ãƒ¬ãƒ¼ãƒ‰ãƒ˜ãƒƒãƒ€ãƒ¼ã‚’è¿½åŠ ã™ã‚‹ã“ã¨ã§ã€HTTPæŽ¥ç¶šã‚’ã‚¹ãƒˆãƒªãƒ¼ãƒŸãƒ³ã‚°é€šä¿¡ãŒå¯èƒ½ãªæŽ¥ç¶šã¸ã¨åˆ‡ã‚Šæ›¿ãˆã¾ã™ã€‚ ä¾‹ãˆã°ã€ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼å†…ã®nginxã‚³ãƒ³ãƒ†ãƒŠã§dateã‚³ãƒžãƒ³ãƒ‰ã‚’å®Ÿè¡Œã™ã‚‹ãŸã‚ã®HTTPã‚¢ãƒƒãƒ—ã‚°ãƒ¬ãƒ¼ãƒ‰ãƒªã‚¯ã‚¨ã‚¹ãƒˆã¯ã€ä»¥ä¸‹ã®ã‚ˆã†ã«ãªã‚Šã¾ã™:

$ kubectl exec -v=8 nginx -- date
GET https://127.0.0.1:43251/api/v1/namespaces/default/pods/nginx/exec?command=dateâ€¦
Request Headers:
 Connection: Upgrade
 Upgrade: websocket
 Sec-Websocket-Protocol: v5.channel.k8s.io
 User-Agent: kubectl/v1.31.0 (linux/amd64) kubernetes/6911225

ã‚³ãƒ³ãƒ†ãƒŠãƒ©ãƒ³ã‚¿ã‚¤ãƒ ãŒWebSocketã‚¹ãƒˆãƒªãƒ¼ãƒŸãƒ³ã‚°ãƒ—ãƒãƒˆã‚³ãƒ«ã¨ã€å°‘ãªãã¨ã‚‚1ã¤ã®ã‚µãƒ–ãƒ—ãƒãƒˆã‚³ãƒ«ãƒãƒ¼ã‚¸ãƒ§ãƒ³(ä¾‹:v5.channel.k8s.io)ã‚’ã‚µãƒãƒ¼ãƒˆã—ã¦ã„ã‚‹å ´åˆã€ã‚µãƒ¼ãƒãƒ¼ã¯æˆåŠŸã‚’ç¤ºã™101 Switching Protocolsã‚¹ãƒ†ãƒ¼ã‚¿ã‚¹ã¨ã€ãƒã‚´ã‚·ã‚¨ãƒ¼ãƒˆã•ã‚ŒãŸã‚µãƒ–ãƒ—ãƒãƒˆã‚³ãƒ«ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã‚’å«ã‚ã¦å¿œç”ã—ã¾ã™:

Response Status: 101 Switching Protocols in 3 milliseconds
Response Headers:
 Upgrade: websocket
 Connection: Upgrade
 Sec-Websocket-Accept: j0/jHW9RpaUoGsUAv97EcKw8jFM=
 Sec-Websocket-Protocol: v5.channel.k8s.io

ã“ã®æ™‚ç‚¹ã§ã€HTTPãƒ—ãƒãƒˆã‚³ãƒ«ã«ä½¿ç”¨ã•ã‚Œã¦ã„ãŸTCPæŽ¥ç¶šã¯ã‚¹ãƒˆãƒªãƒ¼ãƒŸãƒ³ã‚°æŽ¥ç¶šã«å¤‰æ›´ã•ã‚Œã¦ã„ã¾ã™ã€‚ ã“ã®å¯¾è©±åž‹ã‚·ã‚§ãƒ«ã§ã®STDINã€STDOUTã€STDERR(ã‚¿ãƒ¼ãƒŸãƒŠãƒ«ã®ãƒªã‚µã‚¤ã‚ºæƒ…å ±ã‚„ãƒ—ãƒã‚»ã‚¹çµ‚äº†ã‚³ãƒ¼ãƒ‰ã‚‚å«ã‚€)ãƒ‡ãƒ¼ã‚¿ã¯ã€ã“ã®ã‚¢ãƒƒãƒ—ã‚°ãƒ¬ãƒ¼ãƒ‰ã•ã‚ŒãŸæŽ¥ç¶šã‚’é€šã˜ã¦ã‚¹ãƒˆãƒªãƒ¼ãƒŸãƒ³ã‚°ã•ã‚Œã¾ã™ã€‚

æ–°ã—ã„WebSocketã‚¹ãƒˆãƒªãƒ¼ãƒŸãƒ³ã‚°ãƒ—ãƒãƒˆã‚³ãƒ«ã®ä½¿ç”¨æ–¹æ³•

ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã¨kubectlãŒãƒãƒ¼ã‚¸ãƒ§ãƒ³1.29ä»¥é™ã®å ´åˆã€SPDYã§ã¯ãªãWebSocketã®ä½¿ç”¨ã‚’åˆ¶å¾¡ã™ã‚‹ãŸã‚ã®ã€2ã¤ã®ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ«ãƒ—ãƒ¬ãƒ¼ãƒ³ãƒ•ã‚£ãƒ¼ãƒãƒ£ãƒ¼ã‚²ãƒ¼ãƒˆã¨2ã¤ã®kubectlç’°å¢ƒå¤‰æ•°ãŒã‚ã‚Šã¾ã™ã€‚ Kubernetes 1.31ã§ã¯ã€ä»¥ä¸‹ã®ã™ã¹ã¦ã®ãƒ•ã‚£ãƒ¼ãƒãƒ£ãƒ¼ã‚²ãƒ¼ãƒˆãŒãƒ™ãƒ¼ã‚¿ç‰ˆã§ã‚ã‚Šã€ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã§æœ‰åŠ¹ã«ãªã£ã¦ã„ã¾ã™:

ãƒ•ã‚£ãƒ¼ãƒãƒ£ãƒ¼ã‚²ãƒ¼ãƒˆ
- TranslateStreamCloseWebsocketRequests
  - .../exec
  - .../attach
- PortForwardWebsockets
  - .../port-forward
kubectlã®æ©Ÿèƒ½ã‚’åˆ¶å¾¡ã™ã‚‹ç’°å¢ƒå¤‰æ•°
- KUBECTL_REMOTE_COMMAND_WEBSOCKETS
  - kubectl exec
  - kubectl cp
  - kubectl attach
- KUBECTL_PORT_FORWARD_WEBSOCKETS
  - kubectl port-forward

å¤ã„ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã®ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã«ãŠã„ã¦ã‚‚ã€ãƒ•ã‚£ãƒ¼ãƒãƒ£ãƒ¼ã‚²ãƒ¼ãƒˆè¨å®šã‚’ç®¡ç†ã§ãã‚‹å ´åˆã§ã‚ã‚Œã°ã€TranslateStreamCloseWebsocketRequests(Kubernetes v1.29ã§è¿½åŠ )ã¨PortForwardWebsockets(Kubernetes v1.30ã§è¿½åŠ )ã®ä¸¡æ–¹ã‚’æœ‰åŠ¹ã«ã—ã¦ã€ã“ã®æ–°ã—ã„å‹•ä½œã‚’è©¦ã™ã“ã¨ãŒã§ãã¾ã™ã€‚ ãƒãƒ¼ã‚¸ãƒ§ãƒ³1.31ã®kubectlã¯è‡ªå‹•çš„ã«æ–°ã—ã„å‹•ä½œã‚’ä½¿ç”¨ã§ãã¾ã™ãŒã€ã‚µãƒ¼ãƒãƒ¼å´ã®æ©Ÿèƒ½ãŒæ˜Žç¤ºçš„ã«æœ‰åŠ¹ã«ãªã£ã¦ã„ã‚‹ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã«æŽ¥ç¶šã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚

ã‚¹ãƒˆãƒªãƒ¼ãƒŸãƒ³ã‚°APIã«ã¤ã„ã¦ã•ã‚‰ã«å¦ã¶

Thu, 15 Aug 2024 00:00:00 +0000

Kubernetesã¯ã‚³ãƒ³ãƒ†ãƒŠåŒ–ã•ã‚ŒãŸã‚¢ãƒ—ãƒªã‚±ãƒ¼ã‚·ãƒ§ãƒ³ã®å …ç‰¢ãªã‚ªãƒ¼ã‚±ã‚¹ãƒˆãƒ¬ãƒ¼ã‚·ãƒ§ãƒ³ã§çŸ¥ã‚‰ã‚Œã¦ã„ã¾ã™ãŒã€ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã®è¦æ¨¡ãŒæ‹¡å¤§ã™ã‚‹ã«ã¤ã‚Œã¦ã€ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ«ãƒ—ãƒ¬ãƒ¼ãƒ³ã¸ã®è² è·ãŒãƒœãƒˆãƒ«ãƒãƒƒã‚¯ã¨ãªã‚‹å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã™ã€‚ ç‰¹ã«å¤§ããªèª²é¡Œã¨ãªã£ã¦ã„ãŸã®ã¯ã€etcdãƒ‡ãƒ¼ã‚¿ã‚¹ãƒˆã‚¢ã‹ã‚‰ã®ãƒ‡ãƒ¼ã‚¿èªã¿è¾¼ã¿ã®åŽ³å¯†ãªæ•´åˆæ€§ã‚’ä¿è¨¼ã™ã‚‹ã“ã¨ã§ã™ã€‚ ã“ã‚Œã‚’å®Ÿç¾ã™ã‚‹ã«ã¯ã€ãƒªã‚½ãƒ¼ã‚¹ã‚’å¤§é‡ã«æ¶ˆè²»ã™ã‚‹ã‚¯ã‚©ãƒ¼ãƒ©ãƒ èªã¿è¾¼ã¿ãŒå¿…è¦ã§ã—ãŸã€‚

æœ¬æ—¥ã€Kubernetesã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã¯ã€å¤§ããªæ”¹å–„ã‚’ç™ºè¡¨ã§ãã‚‹ã“ã¨ã‚’å¬‰ã—ãæ€ã„ã¾ã™ã€‚ Kubernetes v1.31ã«ãŠã„ã¦ã€ã€Œã‚ãƒ£ãƒƒã‚·ãƒ¥ã‹ã‚‰ã®æ•´åˆæ€§ã®ã‚ã‚‹èªã¿è¾¼ã¿ã€ãŒãƒ™ãƒ¼ã‚¿ç‰ˆã«ç§»è¡Œã—ã¾ã—ãŸã€‚

ãªãœæ•´åˆæ€§ã®ã‚ã‚‹èªã¿è¾¼ã¿ãŒé‡è¦ãªã®ã‹

Kubernetes ã‚³ãƒ³ãƒãƒ¼ãƒãƒ³ãƒˆãŒã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã®æœ€æ–°çŠ¶æ…‹ã‚’æ£ç¢ºã«æŠŠæ¡ã™ã‚‹ãŸã‚ã«ã¯ã€æ•´åˆæ€§ã®ã‚ã‚‹èªã¿è¾¼ã¿ãŒä¸å¯æ¬ ã§ã™ã€‚ æ•´åˆæ€§ã®ã‚ã‚‹èªã¿è¾¼ã¿ã‚’ä¿è¨¼ã™ã‚‹ã“ã¨ã§ã€Kubernetesã®æ“ä½œã®æ£ç¢ºæ€§ã¨ä¿¡é ¼æ€§ãŒç¶æŒã•ã‚Œã€å„ã‚³ãƒ³ãƒãƒ¼ãƒãƒ³ãƒˆã¯æœ€æ–°ã®æƒ…å ±ã«åŸºã¥ã„ã¦é©åˆ‡ãªåˆ¤æ–ã‚’ä¸‹ã™ã“ã¨ãŒã§ãã¾ã™ã€‚ ã—ã‹ã—ã€å¤§è¦æ¨¡ãªã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã§ã¯ã€ãã®ãŸã‚ã®ãƒ‡ãƒ¼ã‚¿ã®å–å¾—ã¨å‡¦ç†ãŒãƒ‘ãƒ•ã‚©ãƒ¼ãƒžãƒ³ã‚¹ã®ãƒœãƒˆãƒ«ãƒãƒƒã‚¯ã¨ãªã‚‹ãŠãã‚ŒãŒã‚ã‚Šã¾ã™ã€‚ ç‰¹ã«ã€çµæžœã®ãƒ•ã‚£ãƒ«ã‚¿ãƒªãƒ³ã‚°ã‚’ä¼´ã†ãƒªã‚¯ã‚¨ã‚¹ãƒˆã§ã“ã®å•é¡ŒãŒé¡•è‘—ã«ãªã‚Šã¾ã™ã€‚ Kubernetesã¯etcdå†…ã§åå‰ç©ºé–“ã”ã¨ã«ãƒ‡ãƒ¼ã‚¿ã‚’ç›´æŽ¥ãƒ•ã‚£ãƒ«ã‚¿ãƒªãƒ³ã‚°ã§ãã¾ã™ãŒã€ãƒ©ãƒ™ãƒ«ã‚„ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã‚»ãƒ¬ã‚¯ã‚¿ã«ã‚ˆã‚‹ãã®ä»–ã®ãƒ•ã‚£ãƒ«ã‚¿ãƒªãƒ³ã‚°ã§ã¯ã€ãƒ‡ãƒ¼ã‚¿ã‚»ãƒƒãƒˆå…¨ä½“ã‚’etcdã‹ã‚‰å–å¾—ã—ã€Kubernetes APIã‚µãƒ¼ãƒãƒ¼ãŒãƒ¡ãƒ¢ãƒªä¸Šã§ãƒ•ã‚£ãƒ«ã‚¿ãƒªãƒ³ã‚°ã‚’è¡Œã†å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚ ã“ã®å•é¡Œã¯ã€ç‰¹ã«kubeletãªã©ã®ã‚³ãƒ³ãƒãƒ¼ãƒãƒ³ãƒˆã«å¤§ããªå½±éŸ¿ã‚’ä¸Žãˆã¾ã™ã€‚ kubeletã¯è‡ªèº«ã®ãƒŽãƒ¼ãƒ‰ã«ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ«ã•ã‚ŒãŸPodã®ã¿ã‚’ãƒªã‚¹ãƒˆã™ã‚‹ã ã‘ã§è¶³ã‚Šã‚‹ã¨ã“ã‚ã‚’ã€ã“ã‚Œã¾ã§ã®ä»•çµ„ã¿ã§ã¯ã€APIã‚µãƒ¼ãƒãƒ¼ã¨etcdãŒã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼å†…ã®ã™ã¹ã¦ã®Podã‚’å‡¦ç†ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã—ãŸã€‚

ãƒ–ãƒ¬ã‚¤ã‚¯ã‚¹ãƒ«ãƒ¼: ä¿¡é ¼æ€§ã®é«˜ã„ã‚ãƒ£ãƒƒã‚·ãƒ³ã‚°

Kubernetesã¯ã€èªã¿è¾¼ã¿æ“ä½œã‚’æœ€é©åŒ–ã™ã‚‹ãŸã‚ã«ã€ä»¥å‰ã‹ã‚‰Watchã‚ãƒ£ãƒƒã‚·ãƒ¥ã‚’ä½¿ç”¨ã—ã¦ãã¾ã—ãŸã€‚ Watchã‚ãƒ£ãƒƒã‚·ãƒ¥ã¯ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã®çŠ¶æ…‹ã®ã‚¹ãƒŠãƒƒãƒ—ã‚·ãƒ§ãƒƒãƒˆã‚’ä¿å˜ã—ã€etcdã®Watchã‚’é€šã˜ã¦æ›´æ–°æƒ…å ±ã‚’å—ã‘å–ã‚Šã¾ã™ã€‚ ã—ã‹ã—ã€ã“ã‚Œã¾ã§ã¯ã‚ãƒ£ãƒƒã‚·ãƒ¥ãŒå®Œå…¨ã«æœ€æ–°ã®çŠ¶æ…‹ã§ã‚ã‚‹ã“ã¨ã‚’ä¿è¨¼ã§ããªã‹ã£ãŸãŸã‚ã€æ•´åˆæ€§ã®ã‚ã‚‹èªã¿è¾¼ã¿ã‚’ç›´æŽ¥æä¾›ã™ã‚‹ã“ã¨ãŒã§ãã¾ã›ã‚“ã§ã—ãŸã€‚

ã€Œã‚ãƒ£ãƒƒã‚·ãƒ¥ã‹ã‚‰ã®æ•´åˆæ€§ã®ã‚ã‚‹èªã¿è¾¼ã¿ã€æ©Ÿèƒ½ã¯ã€etcdã®é€²æ—é€šçŸ¥ã®ãƒ¡ã‚«ãƒ‹ã‚ºãƒ ã‚’æ´»ç”¨ã—ã¦ã“ã®å•é¡Œã«å¯¾å‡¦ã—ã¾ã™ã€‚ ã“ã®é€šçŸ¥ã«ã‚ˆã‚Šã€Watchã‚ãƒ£ãƒƒã‚·ãƒ¥ã¯è‡ªèº«ã¨etcdã‚’æ¯”è¼ƒã—ã€ãƒ‡ãƒ¼ã‚¿ãŒæœ€æ–°ã‹ã©ã†ã‹ã‚’æŠŠæ¡ã§ãã¾ã™ã€‚ æ•´åˆæ€§ã®ã‚ã‚‹èªã¿è¾¼ã¿ãŒè¦æ±‚ã•ã‚Œã‚‹ã¨ã€ã‚·ã‚¹ãƒ†ãƒ ã¯ã¾ãšWatchã‚ãƒ£ãƒƒã‚·ãƒ¥ã®å†…å®¹ãŒæœ€æ–°ã‹ã©ã†ã‹ã‚’ç¢ºèªã—ã¾ã™ã€‚ ã‚ãƒ£ãƒƒã‚·ãƒ¥ãŒæœ€æ–°ã§ãªã„å ´åˆã€ã‚·ã‚¹ãƒ†ãƒ ã¯ã‚ãƒ£ãƒƒã‚·ãƒ¥ã®å†…å®¹ãŒå®Œå…¨ã«æ›´æ–°ã•ã‚ŒãŸã¨ç¢ºèªã§ãã‚‹ã¾ã§ã€etcdã«é€²æ—é€šçŸ¥ã‚’å•ã„åˆã‚ã›ç¶šã‘ã¾ã™ã€‚ ãã—ã¦æº–å‚™ãŒæ•´ã†ã¨ã€è¦æ±‚ã•ã‚ŒãŸãƒ‡ãƒ¼ã‚¿ã¯ã‚ãƒ£ãƒƒã‚·ãƒ¥ã‹ã‚‰ç›´æŽ¥èªã¿å–ã‚‰ã‚ŒåŠ¹çŽ‡çš„ã«æä¾›ã•ã‚Œã¾ã™ã€‚ ã“ã®ãŸã‚ã€ç‰¹ã«etcdã‹ã‚‰å¤§é‡ã®ãƒ‡ãƒ¼ã‚¿ã‚’å–å¾—ã™ã‚‹å¿…è¦ãŒã‚ã‚‹ã‚ˆã†ãªå ´é¢ã§ã€ãƒ‘ãƒ•ã‚©ãƒ¼ãƒžãƒ³ã‚¹ã‚’å¤§å¹…ã«å‘ä¸Šã•ã›ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚ ä»¥ä¸Šã®ã‚ˆã†ã«ã—ã¦ã€ãƒ‡ãƒ¼ã‚¿ã‚’ãƒ•ã‚£ãƒ«ã‚¿ãƒªãƒ³ã‚°ã™ã‚‹ãƒªã‚¯ã‚¨ã‚¹ãƒˆã‚’ã‚ãƒ£ãƒƒã‚·ãƒ¥ã‹ã‚‰å‡¦ç†ã§ãã‚‹ã‚ˆã†ã«ãªã‚Šã€etcdã‹ã‚‰èªã¿å–ã‚‹å¿…è¦ã®ã‚ã‚‹ãƒ¡ã‚¿ãƒ‡ãƒ¼ã‚¿ã¯æœ€å°é™ã«æŠ‘ãˆã‚‰ã‚Œã¾ã™ã€‚

é‡è¦ãªæ³¨æ„ç‚¹: ã“ã®æ©Ÿèƒ½ã‚’åˆ©ç”¨ã™ã‚‹ã«ã¯ã€Kubernetesã‚¯ãƒ©ã‚¹ã‚¿ã§etcdãƒãƒ¼ã‚¸ãƒ§ãƒ³3.4.31ä»¥é™ã¾ãŸã¯3.5.13ä»¥é™ã‚’å®Ÿè¡Œã—ã¦ã„ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚ å¤ã„ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã®etcdã‚’ä½¿ç”¨ã—ã¦ã„ã‚‹å ´åˆã€etcdã‹ã‚‰ç›´æŽ¥æ•´åˆæ€§ã®ã‚ã‚‹èªã¿è¾¼ã¿ã‚’è¡Œã†æ–¹å¼ã«è‡ªå‹•ã§åˆ‡ã‚Šæ›¿ã‚ã‚Šã¾ã™ã€‚

etcdã®è² è·è»½æ¸›: Kubernetes v1.31ã§ã¯ã€etcdã®ä½œæ¥è² è·ã‚’è»½æ¸›ã—ã€ä»–ã®é‡è¦ãªæ“ä½œã®ãŸã‚ã«ãƒªã‚½ãƒ¼ã‚¹ã‚’è§£æ”¾ã§ãã¾ã™ã€‚
ãƒ¬ã‚¤ãƒ†ãƒ³ã‚·ã®çŸç¸®: ã‚ãƒ£ãƒƒã‚·ãƒ¥ã‹ã‚‰ã®èªã¿è¾¼ã¿ã¯ã€etcdã‹ã‚‰ãƒ‡ãƒ¼ã‚¿ã‚’å–å¾—ã—ã¦å‡¦ç†ã™ã‚‹ã‚ˆã‚Šã‚‚ã¯ã‚‹ã‹ã«é«˜é€Ÿã§ã™ã€‚ ã“ã‚Œã¯ã‚³ãƒ³ãƒãƒ¼ãƒãƒ³ãƒˆã¸ã®å¿œç”ãŒè¿…é€Ÿã«ãªã‚Šã€ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼å…¨ä½“ã®å¿œç”æ€§ãŒå‘ä¸Šã™ã‚‹ã“ã¨ã‚’æ„å‘³ã—ã¾ã™ã€‚
ã‚¹ã‚±ãƒ¼ãƒ©ãƒ“ãƒªãƒ†ã‚£ã®å‘ä¸Š: etcdã®è² è·è»½æ¸›ã«ã‚ˆã‚Šã€ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ«ãƒ—ãƒ¬ãƒ¼ãƒ³ã¯ãƒ‘ãƒ•ã‚©ãƒ¼ãƒžãƒ³ã‚¹ã‚’çŠ ç‰²ã«ã™ã‚‹ã“ã¨ãªãã‚ˆã‚Šå¤šãã®ãƒªã‚¯ã‚¨ã‚¹ãƒˆã‚’å‡¦ç†ã§ãã‚‹ã‚ˆã†ã«ãªã‚‹ãŸã‚ã€ æ•°åƒã‚‚ã®ãƒŽãƒ¼ãƒ‰ã¨Podã‚’æŒã¤ã‚ˆã†ãªå¤§è¦æ¨¡ãªã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã§ã¯ã€æœ€ã‚‚å¤§ããªãƒ¡ãƒªãƒƒãƒˆãŒå¾—ã‚‰ã‚Œã¾ã™ã€‚

5,000ãƒŽãƒ¼ãƒ‰ã®ã‚¹ã‚±ãƒ¼ãƒ©ãƒ“ãƒªãƒ†ã‚£ãƒ†ã‚¹ãƒˆçµæžœ: 5,000ãƒŽãƒ¼ãƒ‰ã®ã‚¯ãƒ©ã‚¹ã‚¿ã§è¡Œã‚ã‚ŒãŸæœ€è¿‘ã®ã‚¹ã‚±ãƒ¼ãƒ©ãƒ“ãƒªãƒ†ã‚£ãƒ†ã‚¹ãƒˆã§ã¯ã€ã‚ãƒ£ãƒƒã‚·ãƒ¥ã‹ã‚‰ã®æ•´åˆæ€§ã®ã‚ã‚‹èªã¿è¾¼ã¿ã‚’æœ‰åŠ¹ã«ã™ã‚‹ã“ã¨ã§ã€ä»¥ä¸‹ã®ã‚ˆã†ãªç›®è¦šã¾ã—ã„æ”¹å–„ãŒè¦‹ã‚‰ã‚Œã¾ã—ãŸã€‚

kube-apiserverã®CPUä½¿ç”¨çŽ‡ãŒ 30%å‰Šæ¸›
etcdã®CPUä½¿ç”¨çŽ‡ãŒ 25%å‰Šæ¸›
Podã®LISTãƒªã‚¯ã‚¨ã‚¹ãƒˆã®99ãƒ‘ãƒ¼ã‚»ãƒ³ã‚¿ã‚¤ãƒ«ãƒ¬ã‚¤ãƒ†ãƒ³ã‚·ãŒæœ€å¤§ 3åˆ†ã®1ã«çŸç¸® (5ç§’ã‹ã‚‰1.5ç§’)

ä»Šå¾Œã®äºˆå®š

ãƒ™ãƒ¼ã‚¿ç‰ˆã¸ã®ç§»è¡Œã«ã‚ˆã‚Šã€ã‚ãƒ£ãƒƒã‚·ãƒ¥ã‹ã‚‰ã®æ•´åˆæ€§ã®ã‚ã‚‹èªã¿è¾¼ã¿ã¯ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã§æœ‰åŠ¹ã«ãªã‚Šã€ã‚µãƒãƒ¼ãƒˆã•ã‚Œã¦ã„ã‚‹etcdãƒãƒ¼ã‚¸ãƒ§ãƒ³ã‚’å®Ÿè¡Œã—ã¦ã„ã‚‹ã™ã¹ã¦ã®Kubernetesãƒ¦ãƒ¼ã‚¶ãƒ¼ã«ã‚·ãƒ¼ãƒ ãƒ¬ã‚¹ãªãƒ‘ãƒ•ã‚©ãƒ¼ãƒžãƒ³ã‚¹å‘ä¸Šã‚’æä¾›ã—ã¾ã™ã€‚

ç§ãŸã¡ã®æ—…ã¯ã“ã‚Œã§çµ‚ã‚ã‚Šã§ã¯ã‚ã‚Šã¾ã›ã‚“ã€‚ Kubernetesã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã¯ã€å°†æ¥çš„ã«ã•ã‚‰ã«ãƒ‘ãƒ•ã‚©ãƒ¼ãƒžãƒ³ã‚¹ã‚’æœ€é©åŒ–ã™ã‚‹ãŸã‚ã«ã€Watchã‚ãƒ£ãƒƒã‚·ãƒ¥ã§ã®ãƒšãƒ¼ã‚¸ãƒãƒ¼ã‚·ãƒ§ãƒ³ã®ã‚µãƒãƒ¼ãƒˆã‚’ç©æ¥µçš„ã«æ¤œè¨Žã—ã¦ã„ã¾ã™ã€‚

ã¯ã˜ã‚æ–¹

Kubernetes v1.31ã«ã‚¢ãƒƒãƒ—ã‚°ãƒ¬ãƒ¼ãƒ‰ã—ã€etcdãƒãƒ¼ã‚¸ãƒ§ãƒ³3.4.31ä»¥é™ã¾ãŸã¯3.5.13ä»¥é™ã‚’ä½¿ç”¨ã—ã¦ã„ã‚‹ã“ã¨ã‚’ç¢ºèªã™ã‚‹ã®ãŒã€ã‚ãƒ£ãƒƒã‚·ãƒ¥ã‹ã‚‰ã®æ•´åˆæ€§ã®ã‚ã‚‹èªã¿è¾¼ã¿ã®ãƒ¡ãƒªãƒƒãƒˆã‚’ä½“é¨“ã™ã‚‹æœ€ã‚‚ç°¡å˜ãªæ–¹æ³•ã§ã™ã€‚ ã”è³ªå•ã‚„ãƒ•ã‚£ãƒ¼ãƒ‰ãƒãƒƒã‚¯ãŒã‚ã‚‹å ´åˆã¯ã€Kubernetesã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã¾ã§ãŠæ°—è»½ã«ãŠå•ã„åˆã‚ã›ãã ã•ã„ã€‚

Kubernetes v1.31: Elli

Tue, 13 Aug 2024 00:00:00 +0000

ç·¨é›†è€…: Matteo Bianchi, Yigit Demirbas, Abigail McCarthy, Edith Puclla, Rashan Smith

Kubernetes v1.31: Elliã®ãƒªãƒªãƒ¼ã‚¹ã‚’ç™ºè¡¨ã—ã¾ã™ï¼

ã“ã‚Œã¾ã§ã®ãƒªãƒªãƒ¼ã‚¹ã¨åŒæ§˜ã«ã€Kubernetes v1.31ã§ã¯æ–°ãŸãªGAã€ãƒ™ãƒ¼ã‚¿ã€ã‚¢ãƒ«ãƒ•ã‚¡ã®æ©Ÿèƒ½ãŒå°Žå…¥ã•ã‚Œã¦ã„ã¾ã™ã€‚ ç¶™ç¶šçš„ã«é«˜å“è³ªãªãƒªãƒªãƒ¼ã‚¹ã‚’æä¾›ã§ãã¦ã„ã‚‹ã“ã¨ã¯ã€ç§ãŸã¡ã®é–‹ç™ºã‚µã‚¤ã‚¯ãƒ«ã®å¼·ã•ã¨ã€æ´»ç™ºãªã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã®ã‚µãƒãƒ¼ãƒˆã‚’ç¤ºã™ã‚‚ã®ã§ã™ã€‚ ä»Šå›žã®ãƒªãƒªãƒ¼ã‚¹ã§ã¯ã€45ã®æ©Ÿèƒ½å¼·åŒ–ãŒè¡Œã‚ã‚Œã¾ã—ãŸã€‚ ãã®ã†ã¡ã€11ã®æ©Ÿèƒ½ãŒGAã«æ˜‡æ ¼ã—ã€22ã®æ©Ÿèƒ½ãŒãƒ™ãƒ¼ã‚¿ã«ç§»è¡Œã—ã€12ã®æ©Ÿèƒ½ãŒã‚¢ãƒ«ãƒ•ã‚¡ã¨ã—ã¦å°Žå…¥ã•ã‚Œã¦ã„ã¾ã™ã€‚

ãƒªãƒªãƒ¼ã‚¹ã®ãƒ†ãƒ¼ãƒžã¨ãƒã‚´

Kubernetes v1.31ã®ãƒªãƒªãƒ¼ã‚¹ãƒ†ãƒ¼ãƒžã¯"Elli"ã§ã™ã€‚

Kubernetes v1.31ã®Elliã¯ã€å„ªã—ã„å¿ƒã‚’æŒã¤æ„›ã‚‰ã—ã„çŠ¬ã§ã€ã‹ã‚ã„ã‚‰ã—ã„èˆ¹ä¹—ã‚Šã®å¸½åã‚’ã‹ã¶ã£ã¦ã„ã¾ã™ã€‚ ã“ã‚Œã¯ã€å¤šæ§˜ã§å¤§ããªKubernetesã‚³ãƒ³ãƒˆãƒªãƒ“ãƒ¥ãƒ¼ã‚¿ãƒ¼ãƒ•ã‚¡ãƒŸãƒªãƒ¼ã¸ã®éŠã³å¿ƒã‚ãµã‚Œã‚‹æ•¬æ„ã‚’è¡¨ã—ã¦ã„ã¾ã™ã€‚

Kubernetes v1.31ã¯ã€ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆãŒ10å‘¨å¹´ã‚’ç¥ã£ãŸå¾Œã®åˆã‚ã¦ã®ãƒªãƒªãƒ¼ã‚¹ã§ã™ã€‚ Kubernetesã¯èª•ç”Ÿä»¥æ¥ã€é•·ã„é“ã®ã‚Šã‚’æ©ã‚“ã§ãã¾ã—ãŸã€‚ ãã—ã¦ä»Šã‚‚ãªãŠã€å„ãƒªãƒªãƒ¼ã‚¹ã§æ–°ãŸãªæ–¹å‘ã«é€²åŒ–ã—ç¶šã‘ã¦ã„ã¾ã™ã€‚ 10å¹´ã¨ã„ã†ç¯€ç›®ã‚’è¿Žãˆã€ã“ã‚Œã‚’å®Ÿç¾ã•ã›ãŸæ•°ãˆåˆ‡ã‚Œãªã„ã»ã©ã®Kubernetesã‚³ãƒ³ãƒˆãƒªãƒ“ãƒ¥ãƒ¼ã‚¿ãƒ¼ãŸã¡ã®åŠªåŠ›ã€çŒ®èº«ã€æŠ€è¡“ã€çŸ¥æµã€ãã—ã¦åœ°é“ãªä½œæ¥ã‚’æŒ¯ã‚Šè¿”ã‚‹ã¨ã€æ·±ã„æ„ŸéŠ˜ã‚’å—ã‘ãšã«ã¯ã„ã‚‰ã‚Œã¾ã›ã‚“ã€‚

ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã®é‹å–¶ã«ã¯è†¨å¤§ãªåŠ´åŠ›ãŒå¿…è¦ã§ã™ãŒã€ãã‚Œã«ã‚‚ã‹ã‹ã‚ã‚‰ãšã€ç†±æ„ã¨ç¬‘é¡”ã‚’æŒã£ã¦ä½•åº¦ã‚‚è²¢çŒ®ã—ã€ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã®ä¸€å“¡ã§ã‚ã‚‹ã“ã¨ã«èª‡ã‚Šã‚’æ„Ÿã˜ã‚‹äººã€…ãŒçµ¶ãˆã¾ã›ã‚“ã€‚ æ–°æ—§å•ã‚ãšã‚³ãƒ³ãƒˆãƒªãƒ“ãƒ¥ãƒ¼ã‚¿ãƒ¼ã‹ã‚‰è¦‹ã‚‰ã‚Œã‚‹ã“ã®ã€Œé‚ã€ã“ããŒã€æ´»æ°—ã«æº€ã¡ãŸã€ã¾ã•ã«ã€Œå–œã³ã«ã‚ãµã‚ŒãŸã€ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã®è¨¼ãªã®ã§ã™ã€‚

Kubernetes v1.31ã®Elliã¯ã€ã¾ã•ã«ã“ã®ç´ æ™´ã‚‰ã—ã„ç²¾ç¥žã‚’ç¥ç¦ã™ã‚‹å˜åœ¨ãªã®ã§ã™ï¼ Kubernetesã®è¼ã‹ã—ã„æ¬¡ã®10å¹´ã«ã€ã¿ã‚“ãªã§ä¹¾æ¯ã—ã¾ã—ã‚‡ã†ï¼

ã“ã‚Œã¯ã€v1.31ã®ãƒªãƒªãƒ¼ã‚¹ã«ä¼´ã„GAã¨ãªã£ãŸæ”¹å–„ç‚¹ã®ä¸€éƒ¨ã§ã™ã€‚

AppArmorã®ã‚µãƒãƒ¼ãƒˆãŒGAã«

Kubernetesã®AppArmorã‚µãƒãƒ¼ãƒˆãŒGAã«ãªã‚Šã¾ã—ãŸã€‚ ã‚³ãƒ³ãƒ†ãƒŠã®securityContextå†…ã®appArmorProfile.typeãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã‚’è¨å®šã™ã‚‹ã“ã¨ã§ã€AppArmorã‚’ä½¿ç”¨ã—ã¦ã‚³ãƒ³ãƒ†ãƒŠã‚’ä¿è·ã§ãã¾ã™ã€‚ Kubernetes v1.30ã‚ˆã‚Šå‰ã§ã¯ã€AppArmorã¯ã‚¢ãƒŽãƒ†ãƒ¼ã‚·ãƒ§ãƒ³ã§åˆ¶å¾¡ã•ã‚Œã¦ã„ã¾ã—ãŸãŒã€v1.30ã‹ã‚‰ã¯ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã‚’ä½¿ç”¨ã—ã¦åˆ¶å¾¡ã•ã‚Œã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã—ãŸã€‚ ãã®ãŸã‚ã‚¢ãƒŽãƒ†ãƒ¼ã‚·ãƒ§ãƒ³ã®ä½¿ç”¨ã‚’ã‚„ã‚ã€appArmorProfile.typeãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã®ä½¿ç”¨ã«ç§»è¡Œã™ã‚‹ã“ã¨ã‚’ãŠå‹§ã‚ã—ã¾ã™ã€‚

è©³ç´°ã«ã¤ã„ã¦ã¯ã€AppArmorã®ãƒãƒ¥ãƒ¼ãƒˆãƒªã‚¢ãƒ«ã‚’ã”è¦§ãã ã•ã„ã€‚ ã“ã®æ©Ÿèƒ½ã¯ã€SIG Nodeã«ã‚ˆã£ã¦KEP #24ã®ä¸€ç’°ã¨ã—ã¦é–‹ç™ºã—ã¾ã—ãŸã€‚

kube-proxyã«ã‚ˆã‚‹å¤–éƒ¨ã‹ã‚‰ã®æŽ¥ç¶šã®å®‰å®šæ€§æ”¹å–„

kube-proxyã‚’ä½¿ç”¨ã—ãŸå¤–éƒ¨ã‹ã‚‰ã®æŽ¥ç¶šã®å®‰å®šæ€§ãŒã€v1.31ã§å¤§ããæ”¹å–„ã•ã‚Œã¾ã—ãŸã€‚ Kubernetesã®ãƒãƒ¼ãƒ‰ãƒãƒ©ãƒ³ã‚µãƒ¼ã«é–¢ã™ã‚‹ä¸€èˆ¬çš„ãªèª²é¡Œã®1ã¤ã«ã€ãƒˆãƒ©ãƒ•ã‚£ãƒƒã‚¯ã®æå¤±ã‚’é˜²ããŸã‚ã®å„ã‚³ãƒ³ãƒãƒ¼ãƒãƒ³ãƒˆé–“ã®é€£æºãŒã‚ã‚Šã¾ã™ã€‚ ã“ã®æ©Ÿèƒ½ã§ã¯ã€kube-proxyã«æ–°ãŸãªä»•çµ„ã¿ã‚’å°Žå…¥ã—ã€type: LoadBalancerã¨externalTrafficPolicy: Clusterã‚’è¨å®šã—ãŸã‚µãƒ¼ãƒ“ã‚¹ã§å…¬é–‹ã•ã‚Œã‚‹çµ‚äº†äºˆå®šã®Nodeã«å¯¾ã—ã¦ã€ãƒãƒ¼ãƒ‰ãƒãƒ©ãƒ³ã‚µãƒ¼ãŒæŽ¥ç¶šã‚’ã‚¹ãƒ ãƒ¼ã‚ºã«åˆ‡ã‚Šæ›¿ãˆã‚‰ã‚Œã‚‹ã‚ˆã†ã«ã—ã¦ã„ã¾ã™ã€‚ ã¾ãŸã€ã‚¯ãƒ©ã‚¦ãƒ‰ãƒ—ãƒãƒã‚¤ãƒ€ãƒ¼ã¨Kubernetesã®ãƒãƒ¼ãƒ‰ãƒãƒ©ãƒ³ã‚µãƒ¼å®Ÿè£…ã«ãŠã‘ã‚‹æŽ¨å¥¨ãƒ—ãƒ©ã‚¯ãƒ†ã‚£ã‚¹ã‚‚ç¢ºç«‹ã—ã¾ã—ãŸã€‚

ã“ã®æ©Ÿèƒ½ã‚’åˆ©ç”¨ã™ã‚‹ã«ã¯ã€kube-proxyãŒã‚¯ãƒ©ã‚¹ã‚¿ä¸Šã§ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã®ã‚µãƒ¼ãƒ“ã‚¹ãƒ—ãƒã‚ã‚·ã¨ã—ã¦å‹•ä½œã—ã€ãƒãƒ¼ãƒ‰ãƒãƒ©ãƒ³ã‚µãƒ¼ãŒæŽ¥ç¶šã®åˆ‡ã‚Šæ›¿ãˆã‚’ã‚µãƒãƒ¼ãƒˆã—ã¦ã„ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚ ç‰¹åˆ¥ãªè¨å®šã¯ä¸è¦ã§ã€v1.30ã‹ã‚‰kube-proxyã«ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã§çµ„ã¿è¾¼ã¾ã‚Œã¦ãŠã‚Šã€v1.31ã§æ£å¼ã«GAã¨ãªã‚Šã¾ã—ãŸã€‚

æ°¸ç¶šãƒœãƒªãƒ¥ãƒ¼ãƒ ã®çŠ¶æ…‹å¤‰åŒ–æ™‚åˆ»ã‚’è¨˜éŒ²ã™ã‚‹æ©Ÿèƒ½ãŒã€v1.31ã§æ£å¼ã«ãƒªãƒªãƒ¼ã‚¹ã•ã‚Œã¾ã—ãŸã€‚ ã“ã®æ©Ÿèƒ½ã«ã‚ˆã‚Šã€PersistentVolumeã®çŠ¶æ…‹ãŒæœ€å¾Œã«å¤‰ã‚ã£ãŸæ™‚åˆ»ã‚’ä¿å˜ã™ã‚‹PersistentVolumeStatusãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ãŒè¿½åŠ ã•ã‚Œã¾ã™ã€‚ æ©Ÿèƒ½ãŒæœ‰åŠ¹ã«ãªã‚‹ã¨ã€ã™ã¹ã¦ã®PersistentVolumeã‚ªãƒ–ã‚¸ã‚§ã‚¯ãƒˆã«.status.lastTransitionTimeã¨ã„ã†æ–°ã—ã„ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ãŒè¨ã‘ã‚‰ã‚Œã€ãƒœãƒªãƒ¥ãƒ¼ãƒ ã®çŠ¶æ…‹ãŒæœ€å¾Œã«å¤‰ã‚ã£ãŸæ™‚åˆ»ãŒè¨˜éŒ²ã•ã‚Œã¾ã™ã€‚ ãŸã ã—ã€ã“ã®å¤‰æ›´ã¯ã™ãã«ã¯åæ˜ ã•ã‚Œã¾ã›ã‚“ã€‚ Kubernetes v1.31ã«ã‚¢ãƒƒãƒ—ã‚°ãƒ¬ãƒ¼ãƒ‰ã—ãŸå¾Œã€PersistentVolumeãŒæ›´æ–°ã•ã‚Œã€çŠ¶æ…‹(Pendingã€Boundã€Released)ãŒåˆã‚ã¦å¤‰ã‚ã£ãŸã¨ãã«ã€æ–°ã—ã„ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã«æ™‚åˆ»ãŒè¨˜éŒ²ã•ã‚Œã¾ã™ã€‚ ã“ã®æ©Ÿèƒ½ã«ã‚ˆã‚Šã€PersistentVolumeãŒPendingã‹ã‚‰Boundã«å¤‰ã‚ã‚‹ã¾ã§ã®æ™‚é–“ã‚’æ¸¬å®šã§ãã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã™ã€‚ ã¾ãŸã€æ§˜ã€…ãªæŒ‡æ¨™ã‚„SLOã®è¨å®šã«ã‚‚æ´»ç”¨ã§ãã¾ã™ã€‚

ã“ã‚Œã¯ã€v1.31ã®ãƒªãƒªãƒ¼ã‚¹ã«ä¼´ã„ãƒ™ãƒ¼ã‚¿ã¨ãªã£ãŸæ”¹å–„ç‚¹ã®ä¸€éƒ¨ã§ã™ã€‚

kube-proxyã§ã®nftablesãƒãƒƒã‚¯ã‚¨ãƒ³ãƒ‰ã®å°Žå…¥

v1.31ã§ã¯ã€nftablesãƒãƒƒã‚¯ã‚¨ãƒ³ãƒ‰ãŒãƒ™ãƒ¼ã‚¿ã¨ã—ã¦ç™»å ´ã—ã¾ã—ãŸã€‚ ã“ã®æ©Ÿèƒ½ã¯NFTablesProxyModeã¨ã„ã†è¨å®šã§åˆ¶å¾¡ã•ã‚Œã€ç¾åœ¨ã¯ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã§æœ‰åŠ¹ã«ãªã£ã¦ã„ã¾ã™ã€‚

nftables APIã¯ã€iptables APIã®æ¬¡ä¸–ä»£ç‰ˆã¨ã—ã¦é–‹ç™ºã•ã‚Œã€ã‚ˆã‚Šé«˜ã„ãƒ‘ãƒ•ã‚©ãƒ¼ãƒžãƒ³ã‚¹ã¨æ‹¡å¼µæ€§ã‚’æä¾›ã—ã¾ã™ã€‚ nftablesãƒ—ãƒã‚ã‚·ãƒ¢ãƒ¼ãƒ‰ã¯ã€iptablesãƒ¢ãƒ¼ãƒ‰ã¨æ¯”ã¹ã¦ã‚µãƒ¼ãƒ“ã‚¹ã‚¨ãƒ³ãƒ‰ãƒã‚¤ãƒ³ãƒˆã®å¤‰æ›´ã‚’ã‚ˆã‚Šè¿…é€Ÿã‹ã¤åŠ¹çŽ‡çš„ã«å‡¦ç†ã§ãã¾ã™ã€‚ ã¾ãŸã€ã‚«ãƒ¼ãƒãƒ«å†…ã§ã®ãƒ‘ã‚±ãƒƒãƒˆå‡¦ç†ã‚‚åŠ¹çŽ‡åŒ–ã•ã‚Œã¦ã„ã¾ã™(ãŸã ã—ã€ã“ã®åŠ¹æžœã¯æ•°ä¸‡ã®ã‚µãƒ¼ãƒ“ã‚¹ã‚’æŒã¤å¤§è¦æ¨¡ã‚¯ãƒ©ã‚¹ã‚¿ã§ã‚ˆã‚Šé¡•è‘—ã«ãªã‚Šã¾ã™)ã€‚

Kubernetes v1.31ã®æ™‚ç‚¹ã§ã¯ã€nftablesãƒ¢ãƒ¼ãƒ‰ã¯ã¾ã æ–°ã—ã„æ©Ÿèƒ½ã®ãŸã‚ã€ã™ã¹ã¦ã®ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ãƒ—ãƒ©ã‚°ã‚¤ãƒ³ã¨ã®äº’æ›æ€§ãŒç¢ºèªã•ã‚Œã¦ã„ã‚‹ã‚ã‘ã§ã¯ã‚ã‚Šã¾ã›ã‚“ã€‚ ãŠä½¿ã„ã®ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ãƒ—ãƒ©ã‚°ã‚¤ãƒ³ã®ãƒ‰ã‚ãƒ¥ãƒ¡ãƒ³ãƒˆã§å¯¾å¿œçŠ¶æ³ã‚’ç¢ºèªã—ã¦ãã ã•ã„ã€‚ ã“ã®ãƒ—ãƒã‚ã‚·ãƒ¢ãƒ¼ãƒ‰ã¯Linux Nodeã®ã¿ã§åˆ©ç”¨å¯èƒ½ã§ã€ã‚«ãƒ¼ãƒãƒ«5.13ä»¥é™ãŒå¿…è¦ã§ã™ã€‚ ç§»è¡Œã‚’æ¤œè¨Žã™ã‚‹éš›ã¯ã€ç‰¹ã«NodePortã‚µãƒ¼ãƒ“ã‚¹ã«é–¢é€£ã™ã‚‹ä¸€éƒ¨ã®æ©Ÿèƒ½ãŒã€iptablesãƒ¢ãƒ¼ãƒ‰ã¨nftablesãƒ¢ãƒ¼ãƒ‰ã§å®Œå…¨ã«åŒã˜ã‚ˆã†ã«å‹•ä½œã—ãªã„ç‚¹ã«æ³¨æ„ãŒå¿…è¦ã§ã™ã€‚ ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆè¨å®šã®å¤‰æ›´ãŒå¿…è¦ã‹ã©ã†ã‹ã¯ã€ç§»è¡Œã‚¬ã‚¤ãƒ‰ã§ç¢ºèªã—ã¦ãã ã•ã„ã€‚

æ°¸ç¶šãƒœãƒªãƒ¥ãƒ¼ãƒ ã®reclaimãƒãƒªã‚·ãƒ¼ã«é–¢ã™ã‚‹å¤‰æ›´

Kubernetes v1.31ã§ã¯ã€PersistentVolumeã®reclaimãƒãƒªã‚·ãƒ¼ã‚’å¸¸ã«å°Šé‡ã™ã‚‹æ©Ÿèƒ½ãŒãƒ™ãƒ¼ã‚¿ã«ãªã‚Šã¾ã—ãŸã€‚ ã“ã®æ©Ÿèƒ½å¼·åŒ–ã«ã‚ˆã‚Šã€é–¢é€£ã™ã‚‹PersistentVolumeClaim(PVC)ãŒå‰Šé™¤ã•ã‚ŒãŸå¾Œã§ã‚‚ã€PersistentVolume(PV)ã®reclaimãƒãƒªã‚·ãƒ¼ãŒç¢ºå®Ÿã«é©ç”¨ã•ã‚Œã‚‹ã‚ˆã†ã«ãªã‚Šã€ãƒœãƒªãƒ¥ãƒ¼ãƒ ã®æ¼æ´©ã‚’é˜²æ¢ã—ã¾ã™ã€‚

ã“ã‚Œã¾ã§ã¯ã€PVã¨PVCã®ã©ã¡ã‚‰ãŒå…ˆã«å‰Šé™¤ã•ã‚ŒãŸã‹ã«ã‚ˆã£ã¦ã€ç‰¹å®šã®æ¡ä»¶ä¸‹ã§PVã«è¨å®šã•ã‚ŒãŸreclaimãƒãƒªã‚·ãƒ¼ãŒç„¡è¦–ã•ã‚Œã‚‹ã“ã¨ãŒã‚ã‚Šã¾ã—ãŸã€‚ ãã®çµæžœã€reclaimãƒãƒªã‚·ãƒ¼ãŒ"Delete"ã«è¨å®šã•ã‚Œã¦ã„ã¦ã‚‚ã€å¤–éƒ¨ã‚¤ãƒ³ãƒ•ãƒ©ã®å¯¾å¿œã™ã‚‹ã‚¹ãƒˆãƒ¬ãƒ¼ã‚¸ãƒªã‚½ãƒ¼ã‚¹ãŒå‰Šé™¤ã•ã‚Œãªã„ã‚±ãƒ¼ã‚¹ãŒã‚ã‚Šã¾ã—ãŸã€‚ ã“ã‚Œã«ã‚ˆã‚Šã€ä¸€è²«æ€§ã®æ¬ å¦‚ã‚„ãƒªã‚½ãƒ¼ã‚¹ã®ãƒªãƒ¼ã‚¯ãŒç™ºç”Ÿã™ã‚‹å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã—ãŸã€‚

ã“ã®æ©Ÿèƒ½ã®å°Žå…¥ã«ã‚ˆã‚Šã€PVã¨PVCã®å‰Šé™¤é †åºã«é–¢ä¿‚ãªãã€reclaimãƒãƒªã‚·ãƒ¼ã®"Delete"ãŒç¢ºå®Ÿã«å®Ÿè¡Œã•ã‚Œã€ãƒãƒƒã‚¯ã‚¨ãƒ³ãƒ‰ã‚¤ãƒ³ãƒ•ãƒ©ã‹ã‚‰åŸºç›¤ã¨ãªã‚‹ã‚¹ãƒˆãƒ¬ãƒ¼ã‚¸ã‚ªãƒ–ã‚¸ã‚§ã‚¯ãƒˆãŒå‰Šé™¤ã•ã‚Œã‚‹ã“ã¨ãŒKubernetesã«ã‚ˆã£ã¦ä¿è¨¼ã•ã‚Œã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã—ãŸã€‚

ãƒã‚¤ãƒ³ãƒ‰ã•ã‚ŒãŸã‚µãƒ¼ãƒ“ã‚¹ã‚¢ã‚«ã‚¦ãƒ³ãƒˆãƒˆãƒ¼ã‚¯ãƒ³ã®æ”¹å–„

ServiceAccountTokenNodeBindingæ©Ÿèƒ½ãŒã€v1.31ã§ãƒ™ãƒ¼ã‚¿ã«æ˜‡æ ¼ã—ã¾ã—ãŸã€‚ ã“ã®æ©Ÿèƒ½ã«ã‚ˆã‚Šã€Podã§ã¯ãªãNodeã«ã®ã¿ãƒã‚¤ãƒ³ãƒ‰ã•ã‚ŒãŸãƒˆãƒ¼ã‚¯ãƒ³ã‚’è¦æ±‚ã§ãã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã—ãŸã€‚ ã“ã®ãƒˆãƒ¼ã‚¯ãƒ³ã«ã¯ã€Nodeæƒ…å ±ãŒå«ã¾ã‚Œã¦ãŠã‚Šã€ãƒˆãƒ¼ã‚¯ãƒ³ãŒä½¿ç”¨ã•ã‚Œã‚‹éš›ã«Nodeã®å˜åœ¨ã‚’æ¤œè¨¼ã—ã¾ã™ã€‚ è©³ã—ãã¯ã€ãƒã‚¤ãƒ³ãƒ‰ã•ã‚ŒãŸã‚µãƒ¼ãƒ“ã‚¹ã‚¢ã‚«ã‚¦ãƒ³ãƒˆãƒˆãƒ¼ã‚¯ãƒ³ã®ãƒ‰ã‚ãƒ¥ãƒ¡ãƒ³ãƒˆã‚’ã”è¦§ãã ã•ã„ã€‚

è¤‡æ•°ã®ã‚µãƒ¼ãƒ“ã‚¹CIDRã®ã‚µãƒãƒ¼ãƒˆ

v1.31ã§ã¯ã€è¤‡æ•°ã®ã‚µãƒ¼ãƒ“ã‚¹CIDRã‚’æŒã¤ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã®ã‚µãƒãƒ¼ãƒˆãŒãƒ™ãƒ¼ã‚¿ã«ãªã‚Šã¾ã—ãŸ(ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã§ã¯ç„¡åŠ¹)ã€‚

Kubernetesã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã«ã¯ã€IPã‚¢ãƒ‰ãƒ¬ã‚¹ã‚’ä½¿ç”¨ã™ã‚‹è¤‡æ•°ã®ã‚³ãƒ³ãƒãƒ¼ãƒãƒ³ãƒˆãŒã‚ã‚Šã¾ã™: Nodeã€Podã€ãã—ã¦Serviceã§ã™ã€‚ Nodeã¨Podã®IPç¯„å›²ã¯ã€ãã‚Œãžã‚Œã‚¤ãƒ³ãƒ•ãƒ©ã‚¹ãƒˆãƒ©ã‚¯ãƒãƒ£ã‚„ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ãƒ—ãƒ©ã‚°ã‚¤ãƒ³ã«ä¾å˜ã™ã‚‹ãŸã‚ã€å‹•çš„ã«å¤‰æ›´ã§ãã¾ã™ã€‚ ã—ã‹ã—ã€ã‚µãƒ¼ãƒ“ã‚¹ã®IPç¯„å›²ã¯ã€ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ä½œæˆæ™‚ã«kube-apiserverã®ãƒãƒ¼ãƒ‰ã‚³ãƒ¼ãƒ‰ã•ã‚ŒãŸãƒ•ãƒ©ã‚°ã¨ã—ã¦å®šç¾©ã•ã‚Œã¦ã„ã¾ã—ãŸã€‚ é•·æœŸé–“é‹ç”¨ã•ã‚Œã¦ã„ã‚‹ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã‚„å¤§è¦æ¨¡ãªã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã§ã¯ã€ç®¡ç†è€…ãŒå‰²ã‚Šå½“ã¦ã‚‰ã‚ŒãŸã‚µãƒ¼ãƒ“ã‚¹CIDRç¯„å›²ã‚’æ‹¡å¼µã€ç¸®å°ã€ã‚ã‚‹ã„ã¯å®Œå…¨ã«ç½®ãæ›ãˆã‚‹å¿…è¦ãŒã‚ã‚Šã€IPã‚¢ãƒ‰ãƒ¬ã‚¹ã®æž¯æ¸‡ãŒå•é¡Œã¨ãªã£ã¦ã„ã¾ã—ãŸã€‚ ã“ã‚Œã‚‰ã®æ“ä½œã¯æ£å¼ã«ã‚µãƒãƒ¼ãƒˆã•ã‚Œã¦ãŠã‚‰ãšã€è¤‡é›‘ã§ç¹Šç´°ãªãƒ¡ãƒ³ãƒ†ãƒŠãƒ³ã‚¹ä½œæ¥ã‚’é€šã˜ã¦è¡Œã‚ã‚Œã€ã—ã°ã—ã°ã‚¯ãƒ©ã‚¹ã‚¿ã®ãƒ€ã‚¦ãƒ³ã‚¿ã‚¤ãƒ ã‚’å¼•ãèµ·ã“ã—ã¦ã„ã¾ã—ãŸã€‚ ã“ã®æ–°æ©Ÿèƒ½ã«ã‚ˆã‚Šã€ãƒ¦ãƒ¼ã‚¶ãƒ¼ã¨ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ç®¡ç†è€…ã¯ãƒ€ã‚¦ãƒ³ã‚¿ã‚¤ãƒ ãªã—ã§ã‚µãƒ¼ãƒ“ã‚¹CIDRç¯„å›²ã‚’å‹•çš„ã«å¤‰æ›´ã§ãã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã™ã€‚

SIG Networkingã¯ã€ã‚µãƒ¼ãƒ“ã‚¹ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚ãƒ³ã‚°ã«ãŠã‘ã‚‹æœ€é©ãªãƒ¦ãƒ¼ã‚¶ãƒ¼ä½“é¨“ã¨ãƒˆãƒ©ãƒ•ã‚£ãƒƒã‚¯åˆ¶å¾¡æ©Ÿèƒ½ã‚’è¦‹å‡ºã™ãŸã‚ã€ä½•åº¦ã‚‚æ”¹è‰¯ã‚’é‡ãã¦ãã¾ã—ãŸã€‚ ãã®çµæžœã€ã‚µãƒ¼ãƒ“ã‚¹ä»•æ§˜ã«trafficDistributionãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã‚’å®Ÿè£…ã—ã¾ã—ãŸã€‚ ã“ã®ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã¯ã€ãƒ«ãƒ¼ãƒ†ã‚£ãƒ³ã‚°ã®æ±ºå®šã‚’è¡Œã†éš›ã«ã€åŸºç›¤ã¨ãªã‚‹å®Ÿè£…ãŒè€ƒæ…®ã™ã¹ãæŒ‡é‡ã¨ã—ã¦æ©Ÿèƒ½ã—ã¾ã™ã€‚

ã“ã®æ©Ÿèƒ½ã®è©³ç´°ã«ã¤ã„ã¦ã¯ã€1.30ãƒªãƒªãƒ¼ã‚¹ãƒ–ãƒã‚°ã‚’ãŠèªã¿ã„ãŸã ãã‹ã€ã‚µãƒ¼ãƒ“ã‚¹ã®ãƒ‰ã‚ãƒ¥ãƒ¡ãƒ³ãƒˆãƒšãƒ¼ã‚¸ã‚’ã”è¦§ãã ã•ã„ã€‚

VolumeAttributesClass APIãŒã€v1.31ã§ãƒ™ãƒ¼ã‚¿ã«ãªã‚Šã¾ã™ã€‚ VolumeAttributesClassã¯ã€ãƒ—ãƒãƒ“ã‚¸ãƒ§ãƒ‹ãƒ³ã‚°ã•ã‚ŒãŸIOã®ã‚ˆã†ãªå‹•çš„ãªãƒœãƒªãƒ¥ãƒ¼ãƒ ãƒ‘ãƒ©ãƒ¡ãƒ¼ã‚¿ã‚’ä¿®æ£ã™ã‚‹ãŸã‚ã®ã€Kubernetesç‹¬è‡ªã®æ±Žç”¨APIã‚’æä¾›ã—ã¾ã™ã€‚ ã“ã‚Œã«ã‚ˆã‚Šã€ãƒ—ãƒãƒã‚¤ãƒ€ãƒ¼ãŒã‚µãƒãƒ¼ãƒˆã—ã¦ã„ã‚‹å ´åˆã€ãƒ¯ãƒ¼ã‚¯ãƒãƒ¼ãƒ‰ã¯ã‚³ã‚¹ãƒˆã¨ãƒ‘ãƒ•ã‚©ãƒ¼ãƒžãƒ³ã‚¹ã®ãƒãƒ©ãƒ³ã‚¹ã‚’å–ã‚‹ãŸã‚ã«ã€ã‚ªãƒ³ãƒ©ã‚¤ãƒ³ã§ãƒœãƒªãƒ¥ãƒ¼ãƒ ã‚’åž‚ç›´ã‚¹ã‚±ãƒ¼ãƒªãƒ³ã‚°ã§ãã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã™ã€‚ ã“ã®æ©Ÿèƒ½ã¯ã€Kubernetes 1.29ã‹ã‚‰ã‚¢ãƒ«ãƒ•ã‚¡ã¨ã—ã¦æä¾›ã•ã‚Œã¦ã„ã¾ã—ãŸã€‚

ã“ã‚Œã¯ã€v1.31ã®ãƒªãƒªãƒ¼ã‚¹ã§ã‚¢ãƒ«ãƒ•ã‚¡ã¨ã—ã¦å°Žå…¥ã•ã‚ŒãŸä¸»ãªæ”¹å–„ç‚¹ã®ä¸€éƒ¨ã§ã™ã€‚

Kubernetes v1.31ã§ã¯ã€å‹•çš„ãƒªã‚½ãƒ¼ã‚¹å‰²ã‚Šå½“ã¦(DRA)APIã¨ãã®è¨è¨ˆãŒæ›´æ–°ã•ã‚Œã¾ã—ãŸã€‚ ã“ã®æ›´æ–°ã®ä¸»ãªç„¦ç‚¹ã¯æ§‹é€ åŒ–ãƒ‘ãƒ©ãƒ¡ãƒ¼ã‚¿ã«ã‚ã‚Šã¾ã™ã€‚ ã“ã‚Œã«ã‚ˆã‚Šã€ãƒªã‚½ãƒ¼ã‚¹æƒ…å ±ã¨ãƒªã‚¯ã‚¨ã‚¹ãƒˆãŒKubernetesã¨ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆã«å¯¾ã—ã¦é€æ˜Žã«ãªã‚Šã€ã‚¯ãƒ©ã‚¹ã‚¿ã®ã‚ªãƒ¼ãƒˆã‚¹ã‚±ãƒ¼ãƒªãƒ³ã‚°ãªã©ã®æ©Ÿèƒ½ã®å®Ÿè£…ãŒå¯èƒ½ã«ãªã‚Šã¾ã™ã€‚ kubeletã®DRAã‚µãƒãƒ¼ãƒˆã‚‚æ›´æ–°ã•ã‚Œã€kubeletã¨ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ«ãƒ—ãƒ¬ãƒ¼ãƒ³é–“ã®ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã®é•ã„ã«å¯¾å¿œã§ãã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã—ãŸã€‚ æ§‹é€ åŒ–ãƒ‘ãƒ©ãƒ¡ãƒ¼ã‚¿ã«ã‚ˆã‚Šã€ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ©ã¯Podã®ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒªãƒ³ã‚°æ™‚ã«ResourceClaimã‚’å‰²ã‚Šå½“ã¦ã¾ã™ã€‚ DRAãƒ‰ãƒ©ã‚¤ãƒã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ã«ã‚ˆã‚‹å‰²ã‚Šå½“ã¦ã¯ã€ç¾åœ¨ã€Œã‚¯ãƒ©ã‚·ãƒƒã‚¯DRAã€ã¨å‘¼ã°ã‚Œã‚‹æ–¹æ³•ã§ã‚‚å¼•ãç¶šãã‚µãƒãƒ¼ãƒˆã•ã‚Œã¦ã„ã¾ã™ã€‚

Kubernetes v1.31ã§ã¯ã€ã‚¯ãƒ©ã‚·ãƒƒã‚¯DRAã«DRAControlPlaneControllerã¨ã„ã†åˆ¥ã®ãƒ•ã‚£ãƒ¼ãƒãƒ£ãƒ¼ã‚²ãƒ¼ãƒˆãŒç”¨æ„ã•ã‚Œã¦ãŠã‚Šã€ã“ã‚Œã‚’æ˜Žç¤ºçš„ã«æœ‰åŠ¹ã«ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚ ã“ã®ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ«ãƒ—ãƒ¬ãƒ¼ãƒ³ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ãƒ¼ã‚’ä½¿ç”¨ã™ã‚‹ã“ã¨ã§ã€DRAãƒ‰ãƒ©ã‚¤ãƒã¯æ§‹é€ åŒ–ãƒ‘ãƒ©ãƒ¡ãƒ¼ã‚¿ã§ã¯ã¾ã ã‚µãƒãƒ¼ãƒˆã•ã‚Œã¦ã„ãªã„å‰²ã‚Šå½“ã¦ãƒãƒªã‚·ãƒ¼ã‚’å®Ÿè£…ã§ãã¾ã™ã€‚

ã‚¤ãƒ¡ãƒ¼ã‚¸ãƒœãƒªãƒ¥ãƒ¼ãƒ ã®ã‚µãƒãƒ¼ãƒˆ

Kubernetesã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã¯ã€å°†æ¥çš„ã«äººå·¥çŸ¥èƒ½(AI)ã‚„æ©Ÿæ¢°å¦ç¿’(ML)ã®ãƒ¦ãƒ¼ã‚¹ã‚±ãƒ¼ã‚¹ã‚’ã‚ˆã‚Šå¤šãå®Ÿç¾ã™ã‚‹ã“ã¨ã‚’ç›®æŒ‡ã—ã¦ã„ã¾ã™ã€‚

ã“ã‚Œã‚‰ã®ãƒ¦ãƒ¼ã‚¹ã‚±ãƒ¼ã‚¹ã‚’å®Ÿç¾ã™ã‚‹ãŸã‚ã®è¦ä»¶ã®1ã¤ã¯ã€Open Container Initiative(OCI)äº’æ›ã®ã‚¤ãƒ¡ãƒ¼ã‚¸ã‚„ã‚¢ãƒ¼ãƒ†ã‚£ãƒ•ã‚¡ã‚¯ãƒˆ(OCIã‚ªãƒ–ã‚¸ã‚§ã‚¯ãƒˆã¨å‘¼ã°ã‚Œã‚‹)ã‚’ã€ãƒã‚¤ãƒ†ã‚£ãƒ–ã®ãƒœãƒªãƒ¥ãƒ¼ãƒ ã‚½ãƒ¼ã‚¹ã¨ã—ã¦ç›´æŽ¥ã‚µãƒãƒ¼ãƒˆã™ã‚‹ã“ã¨ã§ã™ã€‚ ã“ã‚Œã«ã‚ˆã‚Šã€ãƒ¦ãƒ¼ã‚¶ãƒ¼ã¯OCIæ¨™æº–ã«é›†ä¸ã§ãã€OCIãƒ¬ã‚¸ã‚¹ãƒˆãƒªã‚’ä½¿ç”¨ã—ã¦ã‚ã‚‰ã‚†ã‚‹ã‚³ãƒ³ãƒ†ãƒ³ãƒ„ã‚’ä¿å˜ãƒ»é…å¸ƒã§ãã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã™ã€‚

ãã“ã§ã€v1.31ã§ã¯ã€OCIã‚¤ãƒ¡ãƒ¼ã‚¸ã‚’Podå†…ã®ãƒœãƒªãƒ¥ãƒ¼ãƒ ã¨ã—ã¦ä½¿ç”¨ã§ãã‚‹æ–°ã—ã„ã‚¢ãƒ«ãƒ•ã‚¡æ©Ÿèƒ½ãŒè¿½åŠ ã•ã‚Œã¾ã—ãŸã€‚ ã“ã®æ©Ÿèƒ½ã«ã‚ˆã‚Šã€ãƒ¦ãƒ¼ã‚¶ãƒ¼ã¯Podå†…ã§ã‚¤ãƒ¡ãƒ¼ã‚¸å‚ç…§ã‚’ãƒœãƒªãƒ¥ãƒ¼ãƒ ã¨ã—ã¦æŒ‡å®šã—ã€ãã‚Œã‚’ã‚³ãƒ³ãƒ†ãƒŠå†…ã®ãƒœãƒªãƒ¥ãƒ¼ãƒ ãƒžã‚¦ãƒ³ãƒˆã¨ã—ã¦å†åˆ©ç”¨ã§ãã¾ã™ã€‚ ã“ã®æ©Ÿèƒ½ã‚’è©¦ã™ã«ã¯ã€ImageVolumeãƒ•ã‚£ãƒ¼ãƒãƒ£ãƒ¼ã‚²ãƒ¼ãƒˆã‚’æœ‰åŠ¹ã«ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚

Podã‚¹ãƒ†ãƒ¼ã‚¿ã‚¹ã‚’é€šã˜ãŸãƒ‡ãƒã‚¤ã‚¹ã®å¥å…¨æ€§æƒ…å ±ã®å…¬é–‹

Podã‚¹ãƒ†ãƒ¼ã‚¿ã‚¹ã‚’é€šã˜ã¦ãƒ‡ãƒã‚¤ã‚¹ã®å¥å…¨æ€§æƒ…å ±ã‚’å…¬é–‹ã™ã‚‹æ©Ÿèƒ½ãŒã€v1.31ã§æ–°ã—ã„ã‚¢ãƒ«ãƒ•ã‚¡æ©Ÿèƒ½ã¨ã—ã¦è¿½åŠ ã•ã‚Œã¾ã—ãŸã€‚ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã§ã¯ç„¡åŠ¹ã«ãªã£ã¦ã„ã¾ã™ã€‚

Kubernetes v1.31ä»¥å‰ã§ã¯ã€PodãŒæ•…éšœã—ãŸãƒ‡ãƒã‚¤ã‚¹ã¨é–¢é€£ä»˜ã‘ã‚‰ã‚Œã¦ã„ã‚‹ã‹ã©ã†ã‹ã‚’çŸ¥ã‚‹æ–¹æ³•ã¯ã€PodResources APIã‚’ä½¿ç”¨ã™ã‚‹ã“ã¨ã§ã—ãŸã€‚

ã“ã®æ©Ÿèƒ½ã‚’æœ‰åŠ¹ã«ã™ã‚‹ã¨ã€å„Pod ã®.statuså†…ã®å„ã‚³ãƒ³ãƒ†ãƒŠã‚¹ãƒ†ãƒ¼ã‚¿ã‚¹ã«allocatedResourcesStatusãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ãŒè¿½åŠ ã•ã‚Œã¾ã™ã€‚ allocatedResourcesStatusãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã¯ã€ã‚³ãƒ³ãƒ†ãƒŠã«å‰²ã‚Šå½“ã¦ã‚‰ã‚ŒãŸå„ãƒ‡ãƒã‚¤ã‚¹ã®å¥å…¨æ€§æƒ…å ±ã‚’å ±å‘Šã—ã¾ã™ã€‚

ã‚»ãƒ¬ã‚¯ã‚¿ãƒ¼ã«åŸºã¥ã„ãŸã‚ˆã‚Šç´°ã‹ãªèªå¯

ã“ã®æ©Ÿèƒ½ã«ã‚ˆã‚Šã€Webhookã‚ªãƒ¼ã‚½ãƒ©ã‚¤ã‚¶ãƒ¼ã‚„å°†æ¥ã®(ç¾åœ¨ã¯è¨è¨ˆã•ã‚Œã¦ã„ãªã„)ãƒ„ãƒªãƒ¼å†…ã‚ªãƒ¼ã‚½ãƒ©ã‚¤ã‚¶ãƒ¼ãŒã€ãƒ©ãƒ™ãƒ«ã‚„ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã‚»ãƒ¬ã‚¯ã‚¿ãƒ¼ã‚’ä½¿ç”¨ã™ã‚‹ãƒªã‚¯ã‚¨ã‚¹ãƒˆã«é™ã‚Šã€listã¨watchãƒªã‚¯ã‚¨ã‚¹ãƒˆã‚’è¨±å¯ã§ãã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã™ã€‚ ä¾‹ãˆã°ã€ã‚ªãƒ¼ã‚½ãƒ©ã‚¤ã‚¶ãƒ¼ã¯æ¬¡ã®ã‚ˆã†ãªè¡¨ç¾ãŒå¯èƒ½ã«ãªã‚Šã¾ã™: ã“ã®ãƒ¦ãƒ¼ã‚¶ãƒ¼ã¯ã™ã¹ã¦ã®Podã‚’ãƒªã‚¹ãƒˆã§ããªã„ãŒã€.spec.nodeNameãŒç‰¹å®šã®å€¤ã«ä¸€è‡´ã™ã‚‹Podã¯ãƒªã‚¹ãƒˆã§ãã‚‹ã€‚ ã‚ã‚‹ã„ã¯ã€ãƒ¦ãƒ¼ã‚¶ãƒ¼ãŒåå‰ç©ºé–“å†…ã®confidential: trueã¨ãƒ©ãƒ™ãƒ«ä»˜ã‘ã•ã‚Œã¦ã„ãªã„ã™ã¹ã¦ã®Secretã‚’ç›£è¦–ã™ã‚‹ã“ã¨ã‚’è¨±å¯ã™ã‚‹ã€‚ CRDãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã‚»ãƒ¬ã‚¯ã‚¿ãƒ¼(ã“ã‚Œã‚‚v1.31ã§ãƒ™ãƒ¼ã‚¿ã«ç§»è¡Œ)ã¨çµ„ã¿åˆã‚ã›ã‚‹ã“ã¨ã§ã€ã‚ˆã‚Šå®‰å…¨ãªNodeã”ã¨ã®æ‹¡å¼µæ©Ÿèƒ½ã‚’ä½œæˆã™ã‚‹ã“ã¨ãŒå¯èƒ½ã«ãªã‚Šã¾ã™ã€‚

åŒ¿åAPIã‚¢ã‚¯ã‚»ã‚¹ã¸ã®åˆ¶é™

AnonymousAuthConfigurableEndpointsãƒ•ã‚£ãƒ¼ãƒãƒ£ãƒ¼ã‚²ãƒ¼ãƒˆã‚’æœ‰åŠ¹ã«ã™ã‚‹ã“ã¨ã§ã€ãƒ¦ãƒ¼ã‚¶ãƒ¼ã¯èªè¨¼è¨å®šãƒ•ã‚¡ã‚¤ãƒ«ã‚’ä½¿ç”¨ã—ã¦ã€åŒ¿åãƒªã‚¯ã‚¨ã‚¹ãƒˆãŒã‚¢ã‚¯ã‚»ã‚¹ã§ãã‚‹ã‚¨ãƒ³ãƒ‰ãƒã‚¤ãƒ³ãƒˆã‚’è¨å®šã§ãã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã—ãŸã€‚ ã“ã‚Œã«ã‚ˆã‚Šã€åŒ¿åãƒ¦ãƒ¼ã‚¶ãƒ¼ã«ã‚¯ãƒ©ã‚¹ã‚¿ã¸ã®åºƒç¯„ãªã‚¢ã‚¯ã‚»ã‚¹ã‚’ä¸Žãˆã¦ã—ã¾ã†ã‚ˆã†ãªRBACè¨å®šãƒŸã‚¹ã‹ã‚‰ã€ãƒ¦ãƒ¼ã‚¶ãƒ¼è‡ªèº«ã‚’å®ˆã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚

GAã¸ã®æ˜‡æ ¼

ã“ã“ã§ã¯ã€GA(ä¸€èˆ¬æä¾›ã¨ã‚‚å‘¼ã°ã‚Œã‚‹)ã«æ˜‡æ ¼ã—ãŸã™ã¹ã¦ã®æ©Ÿèƒ½ã‚’ç´¹ä»‹ã—ã¾ã™ã€‚æ–°æ©Ÿèƒ½ã‚„ã‚¢ãƒ«ãƒ•ã‚¡ã‹ã‚‰ãƒ™ãƒ¼ã‚¿ã¸ã®æ˜‡æ ¼ã‚’å«ã‚€å®Œå…¨ãªæ›´æ–°ãƒªã‚¹ãƒˆã«ã¤ã„ã¦ã¯ã€ãƒªãƒªãƒ¼ã‚¹ãƒŽãƒ¼ãƒˆã‚’ã”è¦§ãã ã•ã„ã€‚

éžæŽ¨å¥¨åŒ–ã¨å‰Šé™¤

cgroup v1ã®ãƒ¡ãƒ³ãƒ†ãƒŠãƒ³ã‚¹ãƒ¢ãƒ¼ãƒ‰ã¸ã®ç§»è¡Œ

KubernetesãŒã‚³ãƒ³ãƒ†ãƒŠã‚ªãƒ¼ã‚±ã‚¹ãƒˆãƒ¬ãƒ¼ã‚·ãƒ§ãƒ³ã®å¤‰åŒ–ã«é©å¿œã—ç¶šã‘ã‚‹ä¸ã€ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã¯v1.31ã§cgroup v1ã®ã‚µãƒãƒ¼ãƒˆã‚’ãƒ¡ãƒ³ãƒ†ãƒŠãƒ³ã‚¹ãƒ¢ãƒ¼ãƒ‰ã«ç§»è¡Œã™ã‚‹ã“ã¨ã‚’æ±ºå®šã—ã¾ã—ãŸã€‚ ã“ã®å¤‰æ›´ã¯ã€æ¥ç•Œå…¨ä½“ã®cgroup v2ã¸ã®ç§»è¡Œã¨æ©èª¿ã‚’åˆã‚ã›ã¦ãŠã‚Šã€æ©Ÿèƒ½æ€§ã€æ‹¡å¼µæ€§ã€ãã—ã¦ã‚ˆã‚Šä¸€è²«æ€§ã®ã‚ã‚‹ã‚¤ãƒ³ã‚¿ãƒ¼ãƒ•ã‚§ãƒ¼ã‚¹ã®å‘ä¸Šã‚’æä¾›ã—ã¾ã™ã€‚ Kubernetesã®ãƒ¡ãƒ³ãƒ†ãƒŠãƒ³ã‚¹ãƒ¢ãƒ¼ãƒ‰ã¨ã¯ã€cgroup v1ã‚µãƒãƒ¼ãƒˆã«æ–°æ©Ÿèƒ½ãŒè¿½åŠ ã•ã‚Œãªã„ã“ã¨ã‚’æ„å‘³ã—ã¾ã™ã€‚ é‡è¦ãªã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£ä¿®æ£ã¯å¼•ãç¶šãæä¾›ã•ã‚Œã¾ã™ãŒã€ãƒã‚°ä¿®æ£ã¯ãƒ™ã‚¹ãƒˆã‚¨ãƒ•ã‚©ãƒ¼ãƒˆã¨ãªã‚Šã€é‡å¤§ãªãƒã‚°ã¯å¯èƒ½ãªå ´åˆä¿®æ£ã•ã‚Œã¾ã™ãŒã€ä¸€éƒ¨ã®å•é¡Œã¯æœªè§£æ±ºã®ã¾ã¾ã¨ãªã‚‹å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã™ã€‚

ã§ãã‚‹ã ã‘æ—©ãcgroup v2ã¸ã®ç§»è¡Œã‚’é–‹å§‹ã™ã‚‹ã“ã¨ã‚’ãŠå‹§ã‚ã—ã¾ã™ã€‚ ã“ã®ç§»è¡Œã¯ã‚¢ãƒ¼ã‚ãƒ†ã‚¯ãƒãƒ£ã«ä¾å˜ã—ã€åŸºç›¤ã¨ãªã‚‹ã‚ªãƒšãƒ¬ãƒ¼ãƒ†ã‚£ãƒ³ã‚°ã‚·ã‚¹ãƒ†ãƒ ã¨ã‚³ãƒ³ãƒ†ãƒŠãƒ©ãƒ³ã‚¿ã‚¤ãƒ ãŒcgroup v2ã‚’ã‚µãƒãƒ¼ãƒˆã—ã¦ã„ã‚‹ã“ã¨ã‚’ç¢ºèªã—ã€ãƒ¯ãƒ¼ã‚¯ãƒãƒ¼ãƒ‰ã¨ã‚¢ãƒ—ãƒªã‚±ãƒ¼ã‚·ãƒ§ãƒ³ãŒcgroup v2ã§æ£ã—ãæ©Ÿèƒ½ã™ã‚‹ã“ã¨ã‚’æ¤œè¨¼ã™ã‚‹ãŸã‚ã®ãƒ†ã‚¹ãƒˆã‚’å«ã¿ã¾ã™ã€‚

å•é¡ŒãŒç™ºç”Ÿã—ãŸå ´åˆã¯ã€issueã‚’ä½œæˆã—ã¦å ±å‘Šã—ã¦ãã ã•ã„ã€‚

SHA-1ç½²åã‚µãƒãƒ¼ãƒˆã«é–¢ã™ã‚‹æ³¨æ„äº‹é …

go1.18(2022å¹´3æœˆãƒªãƒªãƒ¼ã‚¹)ä»¥é™ã€crypto/x509ãƒ©ã‚¤ãƒ–ãƒ©ãƒªã¯SHA-1ãƒãƒƒã‚·ãƒ¥é–¢æ•°ã§ç½²åã•ã‚ŒãŸè¨¼æ˜Žæ›¸ã‚’æ‹’å¦ã™ã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã—ãŸã€‚ SHA-1ã¯å®‰å…¨ã§ãªã„ã“ã¨ãŒç¢ºç«‹ã•ã‚Œã¦ãŠã‚Šã€å…¬çš„ã«ä¿¡é ¼ã•ã‚ŒãŸèªè¨¼å±€ã¯2015å¹´ä»¥é™SHA-1è¨¼æ˜Žæ›¸ã‚’ç™ºè¡Œã—ã¦ã„ã¾ã›ã‚“ã€‚ Kubernetesã®ã‚³ãƒ³ãƒ†ã‚ã‚¹ãƒˆã§ã¯ã€ã‚¢ã‚°ãƒªã‚±ãƒ¼ã‚·ãƒ§ãƒ³APIã‚µãƒ¼ãƒãƒ¼ã‚„Webhookã«ä½¿ç”¨ã•ã‚Œã‚‹ç§çš„ãªèªè¨¼å±€ã‚’é€šã˜ã¦SHA-1ãƒãƒƒã‚·ãƒ¥é–¢æ•°ã§ç½²åã•ã‚ŒãŸãƒ¦ãƒ¼ã‚¶ãƒ¼æä¾›ã®è¨¼æ˜Žæ›¸ãŒä¾ç„¶ã¨ã—ã¦å˜åœ¨ã™ã‚‹å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã™ã€‚ SHA-1ãƒ™ãƒ¼ã‚¹ã®è¨¼æ˜Žæ›¸ã‚’ä½¿ç”¨ã—ã¦ã„ã‚‹å ´åˆã¯ã€ç’°å¢ƒã«GODEBUG=x509sha1=1ã‚’è¨å®šã™ã‚‹ã“ã¨ã§ã€æ˜Žç¤ºçš„ã«ãã®ã‚µãƒãƒ¼ãƒˆã‚’æœ‰åŠ¹ã«ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚

Goã®GODEBUGã®äº’æ›æ€§ãƒãƒªã‚·ãƒ¼ã«åŸºã¥ãã€x509sha1 GODEBUGã¨SHA-1è¨¼æ˜Žæ›¸ã®ã‚µãƒãƒ¼ãƒˆã¯ã€go1.24ã§å®Œå…¨ã«å‰Šé™¤ã•ã‚Œã‚‹äºˆå®šã§ã™ã€‚ go1.24ã¯2025å¹´å‰åŠã«ãƒªãƒªãƒ¼ã‚¹ã•ã‚Œã‚‹äºˆå®šã§ã™ã€‚ SHA-1è¨¼æ˜Žæ›¸ã«ä¾å˜ã—ã¦ã„ã‚‹å ´åˆã¯ã€ã§ãã‚‹ã ã‘æ—©ãç§»è¡Œã‚’é–‹å§‹ã—ã¦ãã ã•ã„ã€‚

SHA-1ã‚µãƒãƒ¼ãƒˆã®çµ‚äº†æ™‚æœŸã€Kubernetesãƒªãƒªãƒ¼ã‚¹ãŒgo1.24ã‚’æŽ¡ç”¨ã™ã‚‹è¨ˆç”»ã€ãŠã‚ˆã³ãƒ¡ãƒˆãƒªã‚¯ã‚¹ã¨ç›£æŸ»ãƒã‚°ã‚’é€šã˜ã¦SHA-1è¨¼æ˜Žæ›¸ã®ä½¿ç”¨ã‚’æ¤œå‡ºã™ã‚‹æ–¹æ³•ã®è©³ç´°ã«ã¤ã„ã¦ã¯ã€Kubernetes issue #125689ã‚’ã”è¦§ãã ã•ã„ã€‚

Nodeã®`status.nodeInfo.kubeProxyVersion`ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã®éžæŽ¨å¥¨åŒ–(KEP 4004)

Kubernetes v1.31ã§ã¯ã€Nodeã®.status.nodeInfo.kubeProxyVersionãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ãŒéžæŽ¨å¥¨ã¨ãªã‚Šã€å°†æ¥ã®ãƒªãƒªãƒ¼ã‚¹ã§å‰Šé™¤ã•ã‚Œã‚‹äºˆå®šã§ã™ã€‚ ã“ã®ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã®å€¤ãŒæ£ç¢ºã§ã¯ãªã‹ã£ãŸ(ãã—ã¦ç¾åœ¨ã‚‚æ£ç¢ºã§ã¯ãªã„)ãŸã‚ã€éžæŽ¨å¥¨åŒ–ã•ã‚Œã¦ã„ã¾ã™ã€‚ ã“ã®ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã¯kubeletã«ã‚ˆã£ã¦è¨å®šã•ã‚Œã¾ã™ãŒã€kubeletã¯kube-proxyã®ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã‚„kube-proxyãŒå®Ÿè¡Œã•ã‚Œã¦ã„ã‚‹ã‹ã©ã†ã‹ã«ã¤ã„ã¦ä¿¡é ¼ã§ãã‚‹æƒ…å ±ã‚’æŒã£ã¦ã„ã¾ã›ã‚“ã€‚

v1.31ã§ã¯ã€DisableNodeKubeProxyVersionãƒ•ã‚£ãƒ¼ãƒãƒ£ãƒ¼ã‚²ãƒ¼ãƒˆãŒãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã§trueã«è¨å®šã•ã‚Œã€kubeletã¯é–¢é€£ã™ã‚‹Nodeã®.status.kubeProxyVersionãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã‚’è¨å®šã—ãªããªã‚Šã¾ã™ã€‚

ä»¥å‰ã®è¨˜äº‹ã§å¼·èª¿ã—ãŸã‚ˆã†ã«ã€ã‚¯ãƒ©ã‚¦ãƒ‰ãƒ—ãƒãƒã‚¤ãƒ€ãƒ¼çµ±åˆã®æœ€å¾Œã«æ®‹ã£ã¦ã„ãŸã‚¤ãƒ³ãƒ„ãƒªãƒ¼ã‚µãƒãƒ¼ãƒˆãŒv1.31ãƒªãƒªãƒ¼ã‚¹ã®ä¸€éƒ¨ã¨ã—ã¦å‰Šé™¤ã•ã‚Œã¾ã—ãŸã€‚ ã“ã‚Œã¯ã€ã‚¯ãƒ©ã‚¦ãƒ‰ãƒ—ãƒãƒã‚¤ãƒ€ãƒ¼ã¨çµ±åˆã§ããªããªã£ãŸã¨ã„ã†æ„å‘³ã§ã¯ã‚ã‚Šã¾ã›ã‚“ã€‚ ãŸã ã—ã€å¤–éƒ¨çµ±åˆã‚’ä½¿ç”¨ã™ã‚‹æŽ¨å¥¨ã‚¢ãƒ—ãƒãƒ¼ãƒã‚’å¿…ãšä½¿ç”¨ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚ ä¸€éƒ¨ã®çµ±åˆã¯Kubernetesãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã®ä¸€éƒ¨ã§ã‚ã‚Šã€ä»–ã¯ã‚µãƒ¼ãƒ‰ãƒ‘ãƒ¼ãƒ†ã‚£ã®ã‚½ãƒ•ãƒˆã‚¦ã‚§ã‚¢ã§ã™ã€‚

ã“ã®ç¯€ç›®ã¯ã€Kubernetes v1.26ã‹ã‚‰å§‹ã¾ã£ãŸã€å…¨ã¦ã®ã‚¯ãƒ©ã‚¦ãƒ‰ãƒ—ãƒãƒã‚¤ãƒ€ãƒ¼çµ±åˆã®Kubernetesã‚³ã‚¢ã‹ã‚‰ã®å¤–éƒ¨åŒ–ãƒ—ãƒã‚»ã‚¹ã®å®Œäº†ã‚’ç¤ºã—ã¦ã„ã¾ã™(KEP-2395)ã€‚ ã“ã®å¤‰æ›´ã«ã‚ˆã‚Šã€Kubernetesã¯çœŸã«ãƒ™ãƒ³ãƒ€ãƒ¼ä¸ç«‹ãªãƒ—ãƒ©ãƒƒãƒˆãƒ•ã‚©ãƒ¼ãƒ ã«è¿‘ã¥ãã¾ã™ã€‚

ã‚¯ãƒ©ã‚¦ãƒ‰ãƒ—ãƒãƒã‚¤ãƒ€ãƒ¼çµ±åˆã®è©³ç´°ã«ã¤ã„ã¦ã¯ã€v1.29 ã‚¯ãƒ©ã‚¦ãƒ‰ãƒ—ãƒãƒã‚¤ãƒ€ãƒ¼çµ±åˆæ©Ÿèƒ½ã®ãƒ–ãƒã‚°è¨˜äº‹ã‚’ãŠèªã¿ãã ã•ã„ã€‚ ã‚¤ãƒ³ãƒ„ãƒªãƒ¼ã®ã‚³ãƒ¼ãƒ‰å‰Šé™¤ã«é–¢ã™ã‚‹è¿½åŠ ã®èƒŒæ™¯ã«ã¤ã„ã¦ã¯ã€(v1.29 éžæŽ¨å¥¨åŒ–ãƒ–ãƒã‚°)ã‚’ã”ç¢ºèªãã ã•ã„ã€‚

å¾Œè€…ã®ãƒ–ãƒã‚°ã«ã¯ã€v1.29ä»¥é™ã®ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã«ç§»è¡Œã™ã‚‹å¿…è¦ãŒã‚ã‚‹ãƒ¦ãƒ¼ã‚¶ãƒ¼ã«ã¨ã£ã¦æœ‰ç”¨ãªæƒ…å ±ã‚‚å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚

ã‚¤ãƒ³ãƒ„ãƒªãƒ¼ãƒ—ãƒãƒã‚¤ãƒ€ãƒ¼ã®ãƒ•ã‚£ãƒ¼ãƒãƒ£ãƒ¼ã‚²ãƒ¼ãƒˆã®å‰Šé™¤

Kubernetes v1.31ã§ã¯ã€ä»¥ä¸‹ã®ã‚¢ãƒ«ãƒ•ã‚¡ãƒ•ã‚£ãƒ¼ãƒãƒ£ãƒ¼ã‚²ãƒ¼ãƒˆãŒå‰Šé™¤ã•ã‚Œã¾ã—ãŸ: InTreePluginAWSUnregisterã€InTreePluginAzureDiskUnregisterã€InTreePluginAzureFileUnregisterã€InTreePluginGCEUnregisterã€InTreePluginOpenStackUnregisterã€ãŠã‚ˆã³InTreePluginvSphereUnregisterã€‚ ã“ã‚Œã‚‰ã®ãƒ•ã‚£ãƒ¼ãƒãƒ£ãƒ¼ã‚²ãƒ¼ãƒˆã¯ã€å®Ÿéš›ã«ã‚³ãƒ¼ãƒ‰ãƒ™ãƒ¼ã‚¹ã‹ã‚‰å‰Šé™¤ã™ã‚‹ã“ã¨ãªãã€ã‚¤ãƒ³ãƒ„ãƒªãƒ¼ã®ãƒœãƒªãƒ¥ãƒ¼ãƒ ãƒ—ãƒ©ã‚°ã‚¤ãƒ³ãŒå‰Šé™¤ã•ã‚ŒãŸã‚·ãƒŠãƒªã‚ªã®ãƒ†ã‚¹ãƒˆã‚’å®¹æ˜“ã«ã™ã‚‹ãŸã‚ã«å°Žå…¥ã•ã‚Œã¾ã—ãŸã€‚ Kubernetes 1.30ã§ã“ã‚Œã‚‰ã®ã‚¤ãƒ³ãƒ„ãƒªãƒ¼ã®ãƒœãƒªãƒ¥ãƒ¼ãƒ ãƒ—ãƒ©ã‚°ã‚¤ãƒ³ãŒéžæŽ¨å¥¨ã¨ãªã£ãŸãŸã‚ã€ã“ã‚Œã‚‰ã®ãƒ•ã‚£ãƒ¼ãƒãƒ£ãƒ¼ã‚²ãƒ¼ãƒˆã¯å†—é•·ã¨ãªã‚Šã€ã‚‚ã¯ã‚„ç›®çš„ã‚’æžœãŸã•ãªããªã‚Šã¾ã—ãŸã€‚ å”¯ä¸€æ®‹ã£ã¦ã„ã‚‹CSIã®ç§»è¡Œã‚²ãƒ¼ãƒˆã¯InTreePluginPortworxUnregisterã§ã€ã“ã‚Œã¯Portworxã®CSIç§»è¡ŒãŒå®Œäº†ã—ã€ãã®ãƒ„ãƒªãƒ¼å†…ãƒœãƒªãƒ¥ãƒ¼ãƒ ãƒ—ãƒ©ã‚°ã‚¤ãƒ³ã®å‰Šé™¤æº–å‚™ãŒæ•´ã†ã¾ã§ã‚¢ãƒ«ãƒ•ã‚¡ã®ã¾ã¾ã¨ãªã‚Šã¾ã™ã€‚

2017å¹´ã«éžæŽ¨å¥¨ã¨ãªã£ãŸkubeletã®ãƒ•ãƒ©ã‚°--keep-terminated-pod-volumesãŒã€v1.31ãƒªãƒªãƒ¼ã‚¹ã®ä¸€éƒ¨ã¨ã—ã¦å‰Šé™¤ã•ã‚Œã¾ã—ãŸã€‚

CephFSãƒœãƒªãƒ¥ãƒ¼ãƒ ãƒ—ãƒ©ã‚°ã‚¤ãƒ³ãŒã“ã®ãƒªãƒªãƒ¼ã‚¹ã§å‰Šé™¤ã•ã‚Œã€cephfsãƒœãƒªãƒ¥ãƒ¼ãƒ ã‚¿ã‚¤ãƒ—ã¯æ©Ÿèƒ½ã—ãªããªã‚Šã¾ã—ãŸã€‚

ä»£ã‚ã‚Šã«ã€ã‚µãƒ¼ãƒ‰ãƒ‘ãƒ¼ãƒ†ã‚£ã®ã‚¹ãƒˆãƒ¬ãƒ¼ã‚¸ãƒ‰ãƒ©ã‚¤ãƒãƒ¼ã¨ã—ã¦CephFS CSIãƒ‰ãƒ©ã‚¤ãƒãƒ¼ã‚’ä½¿ç”¨ã™ã‚‹ã“ã¨ã‚’ãŠå‹§ã‚ã—ã¾ã™ã€‚ ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã‚’v1.31ã«ã‚¢ãƒƒãƒ—ã‚°ãƒ¬ãƒ¼ãƒ‰ã™ã‚‹å‰ã«CephFSãƒœãƒªãƒ¥ãƒ¼ãƒ ãƒ—ãƒ©ã‚°ã‚¤ãƒ³ã‚’ä½¿ç”¨ã—ã¦ã„ãŸå ´åˆã¯ã€æ–°ã—ã„ãƒ‰ãƒ©ã‚¤ãƒãƒ¼ã‚’ä½¿ç”¨ã™ã‚‹ã‚ˆã†ã«ã‚¢ãƒ—ãƒªã‚±ãƒ¼ã‚·ãƒ§ãƒ³ã‚’å†ãƒ‡ãƒ—ãƒã‚¤ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚

v1.31ãƒªãƒªãƒ¼ã‚¹ã§ã¯ã€Ceph RBDãƒœãƒªãƒ¥ãƒ¼ãƒ ãƒ—ãƒ©ã‚°ã‚¤ãƒ³ã¨ãã®CSIç§»è¡Œã‚µãƒãƒ¼ãƒˆãŒå‰Šé™¤ã•ã‚Œã€rbdãƒœãƒªãƒ¥ãƒ¼ãƒ ã‚¿ã‚¤ãƒ—ã¯æ©Ÿèƒ½ã—ãªããªã‚Šã¾ã—ãŸã€‚

ä»£ã‚ã‚Šã«ã€ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã§RBD CSIãƒ‰ãƒ©ã‚¤ãƒãƒ¼ã‚’ä½¿ç”¨ã™ã‚‹ã“ã¨ã‚’ãŠå‹§ã‚ã—ã¾ã™ã€‚ ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã‚’v1.31ã«ã‚¢ãƒƒãƒ—ã‚°ãƒ¬ãƒ¼ãƒ‰ã™ã‚‹å‰ã«Ceph RBDãƒœãƒªãƒ¥ãƒ¼ãƒ ãƒ—ãƒ©ã‚°ã‚¤ãƒ³ã‚’ä½¿ç”¨ã—ã¦ã„ãŸå ´åˆã¯ã€æ–°ã—ã„ãƒ‰ãƒ©ã‚¤ãƒãƒ¼ã‚’ä½¿ç”¨ã™ã‚‹ã‚ˆã†ã«ã‚¢ãƒ—ãƒªã‚±ãƒ¼ã‚·ãƒ§ãƒ³ã‚’å†ãƒ‡ãƒ—ãƒã‚¤ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚

v1.31ãƒªãƒªãƒ¼ã‚¹ã§ã¯ã€ã™ã¹ã¦ã®éžCSIãƒœãƒªãƒ¥ãƒ¼ãƒ åˆ¶é™ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ©ãƒ¼ãƒ—ãƒ©ã‚°ã‚¤ãƒ³ãŒéžæŽ¨å¥¨ã¨ãªã‚Šã€ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆãƒ—ãƒ©ã‚°ã‚¤ãƒ³ã‹ã‚‰æ—¢ã«éžæŽ¨å¥¨ã¨ãªã£ã¦ã„ã‚‹ã„ãã¤ã‹ã®ãƒ—ãƒ©ã‚°ã‚¤ãƒ³ãŒå‰Šé™¤ã•ã‚Œã¾ã™ã€‚ ã“ã‚Œã«ã¯ä»¥ä¸‹ãŒå«ã¾ã‚Œã¾ã™ï¼š

AzureDiskLimits
CinderLimits
EBSLimits
GCEPDLimits

ã“ã‚Œã‚‰ã®ãƒœãƒªãƒ¥ãƒ¼ãƒ ã‚¿ã‚¤ãƒ—ã¯CSIã«ç§»è¡Œã•ã‚Œã¦ã„ã‚‹ãŸã‚ã€ä»£ã‚ã‚Šã«NodeVolumeLimitsãƒ—ãƒ©ã‚°ã‚¤ãƒ³ã‚’ä½¿ç”¨ã™ã‚‹ã“ã¨ã‚’ãŠå‹§ã‚ã—ã¾ã™ã€‚ NodeVolumeLimitsãƒ—ãƒ©ã‚°ã‚¤ãƒ³ã¯ã€å‰Šé™¤ã•ã‚ŒãŸãƒ—ãƒ©ã‚°ã‚¤ãƒ³ã¨åŒã˜æ©Ÿèƒ½ã‚’å‡¦ç†ã§ãã¾ã™ã€‚ ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ©ãƒ¼ã®è¨å®šã§æ˜Žç¤ºçš„ã«ã“ã‚Œã‚‰ã®ãƒ—ãƒ©ã‚°ã‚¤ãƒ³ã‚’ä½¿ç”¨ã—ã¦ã„ã‚‹å ´åˆã¯ã€éžæŽ¨å¥¨ã®ãƒ—ãƒ©ã‚°ã‚¤ãƒ³ã‚’NodeVolumeLimitsãƒ—ãƒ©ã‚°ã‚¤ãƒ³ã«ç½®ãæ›ãˆã¦ãã ã•ã„ã€‚ AzureDiskLimitsã€CinderLimitsã€EBSLimitsã€GCEPDLimitsãƒ—ãƒ©ã‚°ã‚¤ãƒ³ã¯å°†æ¥ã®ãƒªãƒªãƒ¼ã‚¹ã§å‰Šé™¤ã•ã‚Œã‚‹äºˆå®šã§ã™ã€‚

ã“ã‚Œã‚‰ã®ãƒ—ãƒ©ã‚°ã‚¤ãƒ³ã¯ã€Kubernetes v1.14ä»¥é™éžæŽ¨å¥¨ã¨ãªã£ã¦ã„ãŸãŸã‚ã€ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã®ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ©ãƒ¼ãƒ—ãƒ©ã‚°ã‚¤ãƒ³ãƒªã‚¹ãƒˆã‹ã‚‰å‰Šé™¤ã•ã‚Œã¾ã™ã€‚

ãƒªãƒªãƒ¼ã‚¹ãƒŽãƒ¼ãƒˆã¨ã‚¢ãƒƒãƒ—ã‚°ãƒ¬ãƒ¼ãƒ‰ã«å¿…è¦ãªã‚¢ã‚¯ã‚·ãƒ§ãƒ³

ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ©ãƒ¼ã«ã€Pod/Updatedã‚¤ãƒ™ãƒ³ãƒˆã«ç™»éŒ²ã•ã‚ŒãŸQueueingHintã‚’ä½¿ç”¨ã—ã¦ã€ä»¥å‰ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ«ä¸å¯èƒ½ã ã£ãŸPodã®æ›´æ–°ãŒãã‚Œã‚‰ã‚’ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ«å¯èƒ½ã«ã—ãŸã‹ã©ã†ã‹ã‚’åˆ¤æ–ã™ã‚‹ã‚µãƒãƒ¼ãƒˆãŒè¿½åŠ ã•ã‚Œã¾ã—ãŸã€‚ ã“ã®æ–°æ©Ÿèƒ½ã¯ã€ãƒ•ã‚£ãƒ¼ãƒãƒ£ãƒ¼ã‚²ãƒ¼ãƒˆSchedulerQueueingHintsãŒæœ‰åŠ¹ãªå ´åˆã«å‹•ä½œã—ã¾ã™ã€‚

ã“ã‚Œã¾ã§ã€ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ«ä¸å¯èƒ½ãªPodãŒæ›´æ–°ã•ã‚ŒãŸå ´åˆã€ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ©ã¯å¸¸ã«Podã‚’ã‚ãƒ¥ãƒ¼(activeQ / backoffQ)ã«æˆ»ã—ã¦ã„ã¾ã—ãŸã€‚ ã—ã‹ã—ã€Podã¸ã®ã™ã¹ã¦ã®æ›´æ–°ãŒPodã‚’ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ«å¯èƒ½ã«ã™ã‚‹ã‚ã‘ã§ã¯ã‚ã‚Šã¾ã›ã‚“ã€‚ ç‰¹ã«ã€ç¾åœ¨ã®å¤šãã®ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒªãƒ³ã‚°åˆ¶ç´„ãŒä¸å¤‰ã§ã‚ã‚‹ã“ã¨ã‚’è€ƒæ…®ã™ã‚‹ã¨ã€ãã†ã§ã¯ã‚ã‚Šã¾ã›ã‚“ã€‚ æ–°ã—ã„å‹•ä½œã§ã¯ã€ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ«ä¸å¯èƒ½ãªPodãŒæ›´æ–°ã•ã‚Œã‚‹ã¨ã€ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒªãƒ³ã‚°ã‚ãƒ¥ãƒ¼ã¯QueueingHint(s)ã‚’ä½¿ç”¨ã—ã¦ã€ãã®æ›´æ–°ãŒPodã‚’ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ«å¯èƒ½ã«ã™ã‚‹å¯èƒ½æ€§ãŒã‚ã‚‹ã‹ã©ã†ã‹ã‚’ãƒã‚§ãƒƒã‚¯ã—ã¾ã™ã€‚ å°‘ãªãã¨ã‚‚1ã¤ã®QueueingHintãŒQueueã‚’è¿”ã—ãŸå ´åˆã«ã®ã¿ã€ãã‚Œã‚‰ã‚’activeQã¾ãŸã¯backoffQã«å†åº¦ã‚ãƒ¥ãƒ¼ã‚¤ãƒ³ã‚°ã—ã¾ã™ã€‚

ã‚«ã‚¹ã‚¿ãƒ ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ©ãƒ¼ãƒ—ãƒ©ã‚°ã‚¤ãƒ³é–‹ç™ºè€…å‘ã‘ã®å¿…è¦ãªã‚¢ã‚¯ã‚·ãƒ§ãƒ³: ãƒ—ãƒ©ã‚°ã‚¤ãƒ³ã‹ã‚‰ã®æ‹’å¦ãŒã€ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ«ã•ã‚Œã¦ã„ãªã„Podè‡ªä½“ã®æ›´æ–°ã«ã‚ˆã£ã¦è§£æ±ºã•ã‚Œã‚‹å¯èƒ½æ€§ãŒã‚ã‚‹å ´åˆã€ãƒ—ãƒ©ã‚°ã‚¤ãƒ³ã¯Pod/Updateã‚¤ãƒ™ãƒ³ãƒˆã«å¯¾ã™ã‚‹QueueingHintã‚’å®Ÿè£…ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚ ä¾‹ãˆã°schedulable=falseãƒ©ãƒ™ãƒ«ã‚’æŒã¤Podã‚’æ‹’å¦ã™ã‚‹ã‚«ã‚¹ã‚¿ãƒ ãƒ—ãƒ©ã‚°ã‚¤ãƒ³ã‚’é–‹ç™ºã—ãŸã¨ã—ã¾ã™ã€‚ schedulable=falseãƒ©ãƒ™ãƒ«ã‚’æŒã¤Podã¯ã€schedulable=falseãƒ©ãƒ™ãƒ«ãŒå‰Šé™¤ã•ã‚Œã‚‹ã¨ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ«å¯èƒ½ã«ãªã‚Šã¾ã™ã€‚ã“ã®ãƒ—ãƒ©ã‚°ã‚¤ãƒ³ã¯Pod/Updateã‚¤ãƒ™ãƒ³ãƒˆã«å¯¾ã™ã‚‹QueueingHintã‚’å®Ÿè£…ã—ã€ã‚¹ã‚±ã‚¸ãƒ¥ãƒ¼ãƒ«ã•ã‚Œã¦ã„ãªã„Podã§ãã®ã‚ˆã†ãªãƒ©ãƒ™ãƒ«ã®å¤‰æ›´ãŒè¡Œã‚ã‚ŒãŸå ´åˆã«Queueã‚’è¿”ã™ã‚ˆã†ã«ã—ã¾ã™ã€‚ è©³ç´°ã«ã¤ã„ã¦ã¯ã€Pull Request #122234ã‚’ã”è¦§ãã ã•ã„ã€‚

å…¥æ‰‹æ–¹æ³•

Kubernetes v1.31ã¯ã€GitHubã¾ãŸã¯Kubernetesãƒ€ã‚¦ãƒ³ãƒãƒ¼ãƒ‰ãƒšãƒ¼ã‚¸ã‹ã‚‰ãƒ€ã‚¦ãƒ³ãƒãƒ¼ãƒ‰ã§ãã¾ã™ã€‚

Kubernetesã‚’å§‹ã‚ã‚‹ã«ã¯ã€å¯¾è©±å¼ã®ãƒãƒ¥ãƒ¼ãƒˆãƒªã‚¢ãƒ«ã‚’ãƒã‚§ãƒƒã‚¯ã™ã‚‹ã‹ã€minikubeã‚’ä½¿ç”¨ã—ã¦ãƒãƒ¼ã‚«ãƒ«Kubernetesã‚¯ãƒ©ã‚¹ã‚¿ã‚’å®Ÿè¡Œã—ã¦ãã ã•ã„ã€‚ ã¾ãŸã€kubeadmã‚’ä½¿ç”¨ã—ã¦ç°¡å˜ã«v1.31ã‚’ã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ«ã™ã‚‹ã“ã¨ã‚‚ã§ãã¾ã™ã€‚

ãƒªãƒªãƒ¼ã‚¹ãƒãƒ¼ãƒ

ç§ãŸã¡ã¯ã€Kubernetes v1.31ãƒªãƒªãƒ¼ã‚¹ã‚’ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã«æä¾›ã™ã‚‹ãŸã‚ã«å¤šãã®æ™‚é–“ã‚’è²»ã‚„ã—ã¦ãã ã•ã£ãŸãƒªãƒªãƒ¼ã‚¹ãƒãƒ¼ãƒ å…¨ä½“ã«æ„Ÿè¬ã®æ„ã‚’è¡¨ã—ã¾ã™ã€‚ ãƒªãƒªãƒ¼ã‚¹ãƒãƒ¼ãƒ ã®ãƒ¡ãƒ³ãƒãƒ¼ã¯ã€åˆã‚ã¦Shadowã¨ã—ã¦å‚åŠ ã™ã‚‹äººã‹ã‚‰ã€è¤‡æ•°ã®ãƒªãƒªãƒ¼ã‚¹ã‚µã‚¤ã‚¯ãƒ«ã‚’çµŒé¨“ã—ãŸãƒ™ãƒ†ãƒ©ãƒ³ã®ãƒãƒ¼ãƒ ãƒªãƒ¼ãƒ€ãƒ¼ã¾ã§å¤šå²ã«ã‚ãŸã‚Šã¾ã™ã€‚ ç‰¹ã«ã€ãƒªãƒªãƒ¼ã‚¹ãƒªãƒ¼ãƒ€ãƒ¼ã®Angelos Kolaitisã«ã¯ç‰¹åˆ¥ãªæ„Ÿè¬ã®æ„ã‚’è¡¨ã—ã¾ã™ã€‚ ãƒªãƒªãƒ¼ã‚¹ã‚µã‚¤ã‚¯ãƒ«ã‚’æˆåŠŸã«å°Žãã€ãƒãƒ¼ãƒ å…¨ä½“ã‚’ã‚µãƒãƒ¼ãƒˆã—ã€å„ãƒ¡ãƒ³ãƒãƒ¼ãŒæœ€å¤§é™ã«è²¢çŒ®ã§ãã‚‹ç’°å¢ƒã‚’æ•´ãˆã‚‹ã¨åŒæ™‚ã«ã€ãƒªãƒªãƒ¼ã‚¹ãƒ—ãƒã‚»ã‚¹ã®æ”¹å–„ã«ã‚‚å–ã‚Šçµ„ã‚“ã§ãã‚Œã¾ã—ãŸã€‚

ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã®é€²æ—é€Ÿåº¦

CNCF K8s DevStatsãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã¯ã€Kubernetesã¨æ§˜ã€…ãªã‚µãƒ–ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã®é€²æ—ã«é–¢ã™ã‚‹èˆˆå‘³æ·±ã„ãƒ‡ãƒ¼ã‚¿ãƒã‚¤ãƒ³ãƒˆã‚’é›†è¨ˆã—ã¦ã„ã¾ã™ã€‚ ã“ã‚Œã«ã¯ã€å€‹äººã®è²¢çŒ®ã‹ã‚‰è²¢çŒ®ã—ã¦ã„ã‚‹ä¼æ¥ã®æ•°ã¾ã§ã€ã“ã®ã‚¨ã‚³ã‚·ã‚¹ãƒ†ãƒ ã®é€²åŒ–ã«é–¢ã‚ã‚‹å–ã‚Šçµ„ã¿ã®æ·±ã•ã¨åºƒã•ã‚’ç¤ºã™æ§˜ã€…ãªæƒ…å ±ãŒå«ã¾ã‚Œã¦ã„ã¾ã™ã€‚

14é€±é–“(5æœˆ7æ—¥ã‹ã‚‰8æœˆ13æ—¥ã¾ã§)ç¶šã„ãŸv1.31ãƒªãƒªãƒ¼ã‚¹ã‚µã‚¤ã‚¯ãƒ«ã§ã¯ã€113ã®ç•°ãªã‚‹ä¼æ¥ã¨528ã®å€‹äººãŒKubernetesã«è²¢çŒ®ã—ã¾ã—ãŸã€‚

ã‚¯ãƒ©ã‚¦ãƒ‰ãƒã‚¤ãƒ†ã‚£ãƒ–ã‚¨ã‚³ã‚·ã‚¹ãƒ†ãƒ å…¨ä½“ã§ã¯ã€379ã®ä¼æ¥ã‹ã‚‰åˆè¨ˆ2268äººã®è²¢çŒ®è€…ãŒã„ã¾ã™ã€‚ ã“ã‚Œã¯ã€å‰å›žã®ãƒªãƒªãƒ¼ã‚¹ã‚µã‚¤ã‚¯ãƒ«ã¨æ¯”è¼ƒã—ã¦ã€è²¢çŒ®è€…æ•°ãŒé©šç•°ã®63%å¢—åŠ ã—ã¾ã—ãŸï¼

ã“ã®ãƒ‡ãƒ¼ã‚¿ã®å‡ºå…¸:

ã“ã“ã§ã„ã†è²¢çŒ®ã¨ã¯ã€ã‚³ãƒŸãƒƒãƒˆã®ä½œæˆã€ã‚³ãƒ¼ãƒ‰ãƒ¬ãƒ“ãƒ¥ãƒ¼ã€ã‚³ãƒ¡ãƒ³ãƒˆã€Issueã‚„PRã®ä½œæˆã€PRã®ãƒ¬ãƒ“ãƒ¥ãƒ¼(ãƒ–ãƒã‚°ã‚„ãƒ‰ã‚ãƒ¥ãƒ¡ãƒ³ãƒˆã‚’å«ã‚€)ã€ã¾ãŸã¯Issueã‚„PRã¸ã®ã‚³ãƒ¡ãƒ³ãƒˆã‚’æŒ‡ã—ã¾ã™ã€‚

è²¢çŒ®ã«èˆˆå‘³ãŒã‚ã‚‹æ–¹ã¯ã€ã“ã®ãƒšãƒ¼ã‚¸ã‚’è¨ªã‚Œã¦å§‹ã‚ã¦ãã ã•ã„ã€‚

Kubernetesãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã¨ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£å…¨ä½“ã®é€²æ—é€Ÿåº¦ã«ã¤ã„ã¦ã‚‚ã£ã¨çŸ¥ã‚ŠãŸã„æ–¹ã¯ã€DevStatsã‚’ãƒã‚§ãƒƒã‚¯ã—ã¦ãã ã•ã„ã€‚

ã‚¤ãƒ™ãƒ³ãƒˆæƒ…å ±

2024å¹´8æœˆã‹ã‚‰11æœˆã«ã‹ã‘ã¦é–‹å‚¬äºˆå®šã®Kubernetesã¨ã‚¯ãƒ©ã‚¦ãƒ‰ãƒã‚¤ãƒ†ã‚£ãƒ–é–¢é€£ã®ã‚¤ãƒ™ãƒ³ãƒˆã‚’ã”ç´¹ä»‹ã—ã¾ã™ã€‚KubeConã€KCDã€ãã®ä»–ä¸–ç•Œå„åœ°ã§é–‹å‚¬ã•ã‚Œã‚‹æ³¨ç›®ã®ã‚«ãƒ³ãƒ•ã‚¡ãƒ¬ãƒ³ã‚¹ãŒå«ã¾ã‚Œã¦ã„ã¾ã™ã€‚Kubernetesã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã®æœ€æ–°æƒ…å ±ã‚’å…¥æ‰‹ã—ã€äº¤æµã‚’æ·±ã‚ã¾ã—ã‚‡ã†ã€‚

2024å¹´8æœˆ

KubeCon + CloudNativeCon + Open Source Summit China 2024: 2024å¹´8æœˆ21æ—¥-23æ—¥ | é¦™æ¸¯
KubeDay Japan: 2024å¹´8æœˆ27æ—¥ | æ±äº¬ã€æ—¥æœ¬

2024å¹´9æœˆ

KuberTENes Birthday Bash Stockholm: 2024å¹´9æœˆ5æ—¥ | ã‚¹ãƒˆãƒƒã‚¯ãƒ›ãƒ«ãƒ ã€ã‚¹ã‚¦ã‚§ãƒ¼ãƒ‡ãƒ³
KCD Washington DC 2024: 2024å¹´9æœˆ24æ—¥ | ãƒ¯ã‚·ãƒ³ãƒˆãƒ³DCã€ã‚¢ãƒ¡ãƒªã‚«åˆè¡†å›½
KCD Porto 2024: 2024å¹´9æœˆ27æ—¥-28æ—¥ | ãƒãƒ«ãƒˆã€ãƒãƒ«ãƒˆã‚¬ãƒ«

2024å¹´10æœˆ

KCD Austria 2024: 2024å¹´10æœˆ8æ—¥-10æ—¥ | ã‚¦ã‚£ãƒ¼ãƒ³ã€ã‚ªãƒ¼ã‚¹ãƒˆãƒªã‚¢
KCD UK - London 2024: 2024å¹´10æœˆ22æ—¥-23æ—¥ | ã‚°ãƒ¬ãƒ¼ã‚¿ãƒ¼ãƒãƒ³ãƒ‰ãƒ³ã€ã‚¤ã‚®ãƒªã‚¹

2024å¹´11æœˆ

KubeCon + CloudNativeCon North America 2024: 2024å¹´11æœˆ12æ—¥-15æ—¥ | ã‚½ãƒ«ãƒˆãƒ¬ã‚¤ã‚¯ã‚·ãƒ†ã‚£ã€ã‚¢ãƒ¡ãƒªã‚«åˆè¡†å›½
Kubernetes on EDGE Day North America: 2024å¹´11æœˆ12æ—¥ | ã‚½ãƒ«ãƒˆãƒ¬ã‚¤ã‚¯ã‚·ãƒ†ã‚£ã€ã‚¢ãƒ¡ãƒªã‚«åˆè¡†å›½

æ¬¡æœŸãƒªãƒªãƒ¼ã‚¹ã«é–¢ã™ã‚‹ã‚¦ã‚§ãƒ“ãƒŠãƒ¼ã®ãŠçŸ¥ã‚‰ã›

2024å¹´9æœˆ12æ—¥(æœ¨)åˆå‰10æ™‚(å¤ªå¹³æ´‹æ™‚é–“)ã«é–‹å‚¬ã•ã‚Œã‚‹Kubernetes v1.31ãƒªãƒªãƒ¼ã‚¹ãƒãƒ¼ãƒ ãƒ¡ãƒ³ãƒãƒ¼ã«ã‚ˆã‚‹ã‚¦ã‚§ãƒ“ãƒŠãƒ¼ã«ã”å‚åŠ ãã ã•ã„ã€‚ã“ã®ãƒªãƒªãƒ¼ã‚¹ã®ä¸»è¦ãªæ©Ÿèƒ½ã‚„ã€ã‚¢ãƒƒãƒ—ã‚°ãƒ¬ãƒ¼ãƒ‰è¨ˆç”»ã«å½¹ç«‹ã¤éžæŽ¨å¥¨åŒ–ãŠã‚ˆã³å‰Šé™¤ã•ã‚ŒãŸæ©Ÿèƒ½ã«ã¤ã„ã¦å¦ã¶ã“ã¨ãŒã§ãã¾ã™ã€‚ è©³ç´°ãŠã‚ˆã³ç™»éŒ²ã«ã¤ã„ã¦ã¯ã€CNCFã‚ªãƒ³ãƒ©ã‚¤ãƒ³ãƒ—ãƒã‚°ãƒ©ãƒ ã‚µã‚¤ãƒˆã®ã‚¤ãƒ™ãƒ³ãƒˆãƒšãƒ¼ã‚¸ã‚’ã”è¦§ãã ã•ã„ã€‚

å‚åŠ æ–¹æ³•

Discussã§ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ãƒ‡ã‚£ã‚¹ã‚«ãƒƒã‚·ãƒ§ãƒ³ã«å‚åŠ ã—ã¦ãã ã•ã„
Slackã§ã‚³ãƒŸãƒ¥ãƒ‹ãƒ†ã‚£ã«å‚åŠ ã—ã¦ãã ã•ã„
Stack Overflowã§è³ªå•ã—ãŸã‚Šã€å›žç”ã—ãŸã‚Šã—ã¦ãã ã•ã„
ã‚ãªãŸã®Kubernetesã«é–¢ã™ã‚‹ã‚¹ãƒˆãƒ¼ãƒªãƒ¼ã‚’å…±æœ‰ã—ã¦ãã ã•ã„
Kubernetesãƒªãƒªãƒ¼ã‚¹ãƒãƒ¼ãƒ ã«ã¤ã„ã¦ã‚‚ã£ã¨å¦ã‚“ã§ãã ã•ã„

Kubernetes Blog

Kubernetes v1.34: Of Wind & Will (O' WaW)

ãƒªãƒªãƒ¼ã‚¹ã®ãƒ†ãƒ¼ãƒžã¨ãƒ­ã‚´

ä¸»ãªã‚¢ãƒƒãƒ—ãƒ‡ãƒ¼ãƒˆæƒ…å ±

GA: DRAã®ã‚³ã‚¢æ©Ÿèƒ½

ãƒ™ãƒ¼ã‚¿: kubeletã‚¤ãƒ¡ãƒ¼ã‚¸èªè¨¼ãƒ—ãƒ­ãƒã‚¤ãƒ€ãƒ¼å‘ã‘ã®Projected ServiceAccountãƒˆãƒ¼ã‚¯ãƒ³

ã‚¢ãƒ«ãƒ•ã‚¡: KYAML(Kuberneteså‘ã‘ã«æœ€é©åŒ–ã•ã‚ŒãŸYAMLå½¢å¼)ã®ã‚µãƒãƒ¼ãƒˆ

GAã«æ˜‡æ ¼ã—ãŸæ©Ÿèƒ½

Jobã®ä»£æ›¿Podã®é…å»¶ä½œæˆ

ãƒœãƒªãƒ¥ãƒ¼ãƒ æ‹¡å¼µå¤±æ•—ã‹ã‚‰ã®å¾©æ—§

ãƒœãƒªãƒ¥ãƒ¼ãƒ å¤‰æ›´ã®ãŸã‚ã®VolumeAttributesClass

æ§‹é€ åŒ–ã•ã‚ŒãŸèªè¨¼è¨­å®š

ã‚»ãƒ¬ã‚¯ã‚¿ãƒ¼ã«åŸºã¥ãç´°ã‹ã„èªå¯

ç´°ã‹ã„åˆ¶å¾¡ã«ã‚ˆã‚‹åŒ¿åãƒªã‚¯ã‚¨ã‚¹ãƒˆã®åˆ¶é™

ãƒ—ãƒ©ã‚°ã‚¤ãƒ³å›ºæœ‰ã®ã‚³ãƒ¼ãƒ«ãƒãƒƒã‚¯ã«ã‚ˆã‚‹åŠ¹çŽ‡çš„ãªå†ã‚­ãƒ¥ãƒ¼ã‚¤ãƒ³ã‚°

é †åºä»˜ã‘ã‚‰ã‚ŒãŸNamespaceå‰Šé™¤

list å¿œç­”ã®ã‚¹ãƒˆãƒªãƒ¼ãƒŸãƒ³ã‚°

å›žå¾©åŠ›ã®ã‚ã‚‹Watchã‚­ãƒ£ãƒƒã‚·ãƒ¥ã®åˆæœŸåŒ–

DNSæ¤œç´¢ãƒ‘ã‚¹æ¤œè¨¼ã®ç·©å’Œ

Windows kube-proxyã«ãŠã‘ã‚‹Direct Service Return(DSR)ã®ã‚µãƒãƒ¼ãƒˆ

ã‚³ãƒ³ãƒ†ãƒŠãƒ©ã‚¤ãƒ•ã‚µã‚¤ã‚¯ãƒ«ãƒ•ãƒƒã‚¯ã®Sleepã‚¢ã‚¯ã‚·ãƒ§ãƒ³

LinuxãƒŽãƒ¼ãƒ‰ã§ã®ã‚¹ãƒ¯ãƒƒãƒ—æ©Ÿèƒ½ã®ã‚µãƒãƒ¼ãƒˆ

ç’°å¢ƒå¤‰æ•°ã§ã®ç‰¹æ®Šæ–‡å­—ã®è¨±å¯

Taintç®¡ç†ã®Nodeãƒ©ã‚¤ãƒ•ã‚µã‚¤ã‚¯ãƒ«ã‹ã‚‰ã®åˆ†é›¢

ãƒ™ãƒ¼ã‚¿ã®æ–°æ©Ÿèƒ½

Podãƒ¬ãƒ™ãƒ«ã®ãƒªã‚½ãƒ¼ã‚¹è¦æ±‚ã¨åˆ¶é™

kubectlå‘ã‘ãƒ¦ãƒ¼ã‚¶ãƒ¼è¨­å®šã®ãŸã‚ã®.kubercãƒ•ã‚¡ã‚¤ãƒ«

å¤–éƒ¨ServiceAccountã®ãƒˆãƒ¼ã‚¯ãƒ³ç½²å

ãƒ™ãƒ¼ã‚¿ç‰ˆã®DRAæ©Ÿèƒ½

ã‚»ã‚­ãƒ¥ã‚¢ãªãƒªã‚½ãƒ¼ã‚¹ãƒ¢ãƒ‹ã‚¿ãƒªãƒ³ã‚°ã®ãŸã‚ã®ç®¡ç†è€…ã‚¢ã‚¯ã‚»ã‚¹

ResourceClaimã¨ResourceClaimTemplateã«ãŠã‘ã‚‹å„ªå…ˆé †ä½ä»˜ãã®ä»£æ›¿æ¡ˆ

kubeletã«ã‚ˆã‚‹å‰²ã‚Šå½“ã¦æ¸ˆã¿DRAãƒªã‚½ãƒ¼ã‚¹ã®å ±å‘Š

kube-schedulerã®éžãƒ–ãƒ­ãƒƒã‚­ãƒ³ã‚°APIã‚³ãƒ¼ãƒ«

Mutating Admission Policy

ã‚¹ãƒŠãƒƒãƒ—ã‚·ãƒ§ãƒƒãƒˆå¯èƒ½ãªAPIã‚µãƒ¼ãƒãƒ¼ã®ã‚­ãƒ£ãƒƒã‚·ãƒ¥

Kubernetesãƒã‚¤ãƒ†ã‚£ãƒ–åž‹ã®å®£è¨€çš„æ¤œè¨¼ã®ãŸã‚ã®ãƒ„ãƒ¼ãƒ«

list ãƒªã‚¯ã‚¨ã‚¹ãƒˆç”¨ã®ã‚¹ãƒˆãƒªãƒ¼ãƒŸãƒ³ã‚°ã‚¤ãƒ³ãƒ•ã‚©ãƒ¼ãƒžãƒ¼

WindowsãƒŽãƒ¼ãƒ‰ã®å®‰å…¨ãªçµ‚äº†

ã‚¤ãƒ³ãƒ—ãƒ¬ãƒ¼ã‚¹ãªPodã®ãƒªã‚µã‚¤ã‚ºæ©Ÿèƒ½ã®æ”¹å–„

ã‚¢ãƒ«ãƒ•ã‚¡ã®æ–°æ©Ÿèƒ½

mTLSèªè¨¼ã®ãŸã‚ã®Podã®è¨¼æ˜Žæ›¸

ã€Œåˆ¶é™ã€Podã®ã‚»ã‚­ãƒ¥ãƒªãƒ†ã‚£æ¨™æº–ã«ã‚ˆã‚‹Remote Probeã®ç¦æ­¢

Podé…ç½®ã‚’è¡¨ç¾ã™ã‚‹ãŸã‚ã®.status.nominatedNodeNameã®ä½¿ç”¨

ã‚¢ãƒ«ãƒ•ã‚¡ç‰ˆã®DRAæ©Ÿèƒ½

DRAã®ãƒªã‚½ãƒ¼ã‚¹ãƒ˜ãƒ«ã‚¹çŠ¶æ…‹

æ‹¡å¼µãƒªã‚½ãƒ¼ã‚¹ãƒžãƒƒãƒ”ãƒ³ã‚°

DRAã®æ¶ˆè²»å¯èƒ½ãªå®¹é‡

ãƒ‡ãƒã‚¤ã‚¹ã®ãƒã‚¤ãƒ³ãƒ‰æ¡ä»¶

ã‚³ãƒ³ãƒ†ãƒŠå†èµ·å‹•ãƒ«ãƒ¼ãƒ«

å®Ÿè¡Œæ™‚ã«ä½œæˆã•ã‚ŒãŸãƒ•ã‚¡ã‚¤ãƒ«ã‹ã‚‰ã®ç’°å¢ƒå¤‰æ•°ã®èª­ã¿è¾¼ã¿

v1.34ã§ã®æ˜‡æ ¼ã€éžæŽ¨å¥¨åŒ–ã€ãŠã‚ˆã³å‰Šé™¤

GAã¸ã®æ˜‡æ ¼

éžæŽ¨å¥¨åŒ–ã¨å‰Šé™¤

æ‰‹å‹•ã§ã®cgroupãƒ‰ãƒ©ã‚¤ãƒãƒ¼è¨­å®šã®éžæŽ¨å¥¨åŒ–

v1.36ã§ã®containerd 1.xã‚µãƒãƒ¼ãƒˆçµ‚äº†

PreferCloseãƒˆãƒ©ãƒ•ã‚£ãƒƒã‚¯åˆ†æ•£ã®éžæŽ¨å¥¨åŒ–

ãƒªãƒªãƒ¼ã‚¹ãƒŽãƒ¼ãƒˆ

å…¥æ‰‹æ–¹æ³•

ãƒªãƒªãƒ¼ã‚¹ãƒãƒ¼ãƒ

ãƒ—ãƒ­ã‚¸ã‚§ã‚¯ãƒˆã®æ´»å‹•çŠ¶æ³

ã‚¤ãƒ™ãƒ³ãƒˆæƒ…å ±

ã‚¦ã‚§ãƒ“ãƒŠãƒ¼ã®ã”æ¡ˆå†…

å‚åŠ æ–¹æ³•

Kubernetes v1.33: æ€ã„æã„ã¦ã„ãŸã¨ãŠã‚Šã«å‹•ä½œã™ã‚‹ã‚ˆã†ã«ãªã£ãŸImage Pull Policyï¼

æ€ã„æã„ã¦ã„ãŸã¨ãŠã‚Šã«å‹•ä½œã™ã‚‹ã‚ˆã†ã«ãªã£ãŸImage Pull Policyï¼

å‚™è€ƒ:

IfNotPresentã€ãŸã¨ãˆæœ¬æ¥æŒã¤ã¹ãã§ãªã„ã¨ã—ã¦ã‚‚

IfNotPresentã€ãŸã ã—æœ¬æ¥ã‚¢ã‚¯ã‚»ã‚¹æ¨©ãŒã‚ã‚‹å ´åˆã«é™ã‚‹

Never pullã€ãŸã ã—èªè¨¼ã•ã‚Œã¦ã„ã‚‹å ´åˆã«é™ã‚‹

Always pullã€ãŸã ã—èªè¨¼ã•ã‚Œã¦ã„ã‚‹å ´åˆã«é™ã‚‹

ä»•çµ„ã¿ã«ã¤ã„ã¦

è©¦ã—ã¦ã¿ã‚ˆã†

ä»Šå¾Œã®äºˆå®š

å‚åŠ ã™ã‚‹ã«ã¯

Kubernetes v1.33: HorizontalPodAutoscalerã®è¨­å®šå¯èƒ½ãªè¨±å®¹å€¤

ã“ã‚Œã¯ä½•ã§ã™ã‹ï¼Ÿ

ã©ã†ã‚„ã£ã¦ä½¿ã†ã®ã‹ï¼Ÿ

ã™ã¹ã¦ã®è©³ç´°ã‚’çŸ¥ã‚ŠãŸã„ï¼

Kubernetes v1.33: Endpointsã‹ã‚‰EndpointSliceã¸ã®ç¶™ç¶šçš„ãªç§»è¡Œã‚’é€²ã‚ã‚‹

Endpointsã‹ã‚‰EndpointSliceã¸ã®ç§»è¡Œã«é–¢ã™ã‚‹æ³¨æ„ç‚¹

ãƒªãƒªãƒ¼ã‚¹ã®ãƒ†ãƒ¼ãƒžã¨ãƒã‚´

ä¸»ãªã‚¢ãƒƒãƒ—ãƒ‡ãƒ¼ãƒˆæƒ…å ±

GA: DRAã®ã‚³ã‚¢æ©Ÿèƒ½

ãƒ™ãƒ¼ã‚¿: `kubelet`ã‚¤ãƒ¡ãƒ¼ã‚¸èªè¨¼ãƒ—ãƒãƒã‚¤ãƒ€ãƒ¼å‘ã‘ã®Projected ServiceAccountãƒˆãƒ¼ã‚¯ãƒ³

ã‚¢ãƒ«ãƒ•ã‚¡: KYAML(Kuberneteså‘ã‘ã«æœ€é©åŒ–ã•ã‚ŒãŸYAMLå½¢å¼)ã®ã‚µãƒãƒ¼ãƒˆ

GAã«æ˜‡æ ¼ã—ãŸæ©Ÿèƒ½

Jobã®ä»£æ›¿Podã®é…å»¶ä½œæˆ

ãƒœãƒªãƒ¥ãƒ¼ãƒ æ‹¡å¼µå¤±æ•—ã‹ã‚‰ã®å¾©æ—§

ãƒœãƒªãƒ¥ãƒ¼ãƒ å¤‰æ›´ã®ãŸã‚ã®VolumeAttributesClass

æ§‹é€ åŒ–ã•ã‚ŒãŸèªè¨¼è¨å®š

ã‚»ãƒ¬ã‚¯ã‚¿ãƒ¼ã«åŸºã¥ãç´°ã‹ã„èªå¯

ç´°ã‹ã„åˆ¶å¾¡ã«ã‚ˆã‚‹åŒ¿åãƒªã‚¯ã‚¨ã‚¹ãƒˆã®åˆ¶é™

ãƒ—ãƒ©ã‚°ã‚¤ãƒ³å›ºæœ‰ã®ã‚³ãƒ¼ãƒ«ãƒãƒƒã‚¯ã«ã‚ˆã‚‹åŠ¹çŽ‡çš„ãªå†ã‚ãƒ¥ãƒ¼ã‚¤ãƒ³ã‚°

é †åºä»˜ã‘ã‚‰ã‚ŒãŸNamespaceå‰Šé™¤

list å¿œç”ã®ã‚¹ãƒˆãƒªãƒ¼ãƒŸãƒ³ã‚°

å›žå¾©åŠ›ã®ã‚ã‚‹Watchã‚ãƒ£ãƒƒã‚·ãƒ¥ã®åˆæœŸåŒ–

DNSæ¤œç´¢ãƒ‘ã‚¹æ¤œè¨¼ã®ç·©å’Œ

Windows `kube-proxy`ã«ãŠã‘ã‚‹Direct Service Return(DSR)ã®ã‚µãƒãƒ¼ãƒˆ

ã‚³ãƒ³ãƒ†ãƒŠãƒ©ã‚¤ãƒ•ã‚µã‚¤ã‚¯ãƒ«ãƒ•ãƒƒã‚¯ã®Sleepã‚¢ã‚¯ã‚·ãƒ§ãƒ³

LinuxãƒŽãƒ¼ãƒ‰ã§ã®ã‚¹ãƒ¯ãƒƒãƒ—æ©Ÿèƒ½ã®ã‚µãƒãƒ¼ãƒˆ

ç’°å¢ƒå¤‰æ•°ã§ã®ç‰¹æ®Šæ–‡å—ã®è¨±å¯

Taintç®¡ç†ã®Nodeãƒ©ã‚¤ãƒ•ã‚µã‚¤ã‚¯ãƒ«ã‹ã‚‰ã®åˆ†é›¢

ãƒ™ãƒ¼ã‚¿ã®æ–°æ©Ÿèƒ½

Podãƒ¬ãƒ™ãƒ«ã®ãƒªã‚½ãƒ¼ã‚¹è¦æ±‚ã¨åˆ¶é™

`kubectl`å‘ã‘ãƒ¦ãƒ¼ã‚¶ãƒ¼è¨å®šã®ãŸã‚ã®`.kuberc`ãƒ•ã‚¡ã‚¤ãƒ«

å¤–éƒ¨ServiceAccountã®ãƒˆãƒ¼ã‚¯ãƒ³ç½²å

ãƒ™ãƒ¼ã‚¿ç‰ˆã®DRAæ©Ÿèƒ½

ã‚»ã‚ãƒ¥ã‚¢ãªãƒªã‚½ãƒ¼ã‚¹ãƒ¢ãƒ‹ã‚¿ãƒªãƒ³ã‚°ã®ãŸã‚ã®ç®¡ç†è€…ã‚¢ã‚¯ã‚»ã‚¹

ResourceClaimã¨ResourceClaimTemplateã«ãŠã‘ã‚‹å„ªå…ˆé †ä½ä»˜ãã®ä»£æ›¿æ¡ˆ

`kubelet`ã«ã‚ˆã‚‹å‰²ã‚Šå½“ã¦æ¸ˆã¿DRAãƒªã‚½ãƒ¼ã‚¹ã®å ±å‘Š

`kube-scheduler`ã®éžãƒ–ãƒãƒƒã‚ãƒ³ã‚°APIã‚³ãƒ¼ãƒ«

ã‚¹ãƒŠãƒƒãƒ—ã‚·ãƒ§ãƒƒãƒˆå¯èƒ½ãªAPIã‚µãƒ¼ãƒãƒ¼ã®ã‚ãƒ£ãƒƒã‚·ãƒ¥

Kubernetesãƒã‚¤ãƒ†ã‚£ãƒ–åž‹ã®å®£è¨€çš„æ¤œè¨¼ã®ãŸã‚ã®ãƒ„ãƒ¼ãƒ«

list ãƒªã‚¯ã‚¨ã‚¹ãƒˆç”¨ã®ã‚¹ãƒˆãƒªãƒ¼ãƒŸãƒ³ã‚°ã‚¤ãƒ³ãƒ•ã‚©ãƒ¼ãƒžãƒ¼

WindowsãƒŽãƒ¼ãƒ‰ã®å®‰å…¨ãªçµ‚äº†

ã‚¤ãƒ³ãƒ—ãƒ¬ãƒ¼ã‚¹ãªPodã®ãƒªã‚µã‚¤ã‚ºæ©Ÿèƒ½ã®æ”¹å–„

ã‚¢ãƒ«ãƒ•ã‚¡ã®æ–°æ©Ÿèƒ½

mTLSèªè¨¼ã®ãŸã‚ã®Podã®è¨¼æ˜Žæ›¸

ã€Œåˆ¶é™ã€Podã®ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£æ¨™æº–ã«ã‚ˆã‚‹Remote Probeã®ç¦æ¢

Podé…ç½®ã‚’è¡¨ç¾ã™ã‚‹ãŸã‚ã®`.status.nominatedNodeName`ã®ä½¿ç”¨

ã‚¢ãƒ«ãƒ•ã‚¡ç‰ˆã®DRAæ©Ÿèƒ½

DRAã®ãƒªã‚½ãƒ¼ã‚¹ãƒ˜ãƒ«ã‚¹çŠ¶æ…‹

DRAã®æ¶ˆè²»å¯èƒ½ãªå®¹é‡

ãƒ‡ãƒã‚¤ã‚¹ã®ãƒã‚¤ãƒ³ãƒ‰æ¡ä»¶

ã‚³ãƒ³ãƒ†ãƒŠå†èµ·å‹•ãƒ«ãƒ¼ãƒ«

å®Ÿè¡Œæ™‚ã«ä½œæˆã•ã‚ŒãŸãƒ•ã‚¡ã‚¤ãƒ«ã‹ã‚‰ã®ç’°å¢ƒå¤‰æ•°ã®èªã¿è¾¼ã¿

v1.34ã§ã®æ˜‡æ ¼ã€éžæŽ¨å¥¨åŒ–ã€ãŠã‚ˆã³å‰Šé™¤

GAã¸ã®æ˜‡æ ¼

éžæŽ¨å¥¨åŒ–ã¨å‰Šé™¤

æ‰‹å‹•ã§ã®cgroupãƒ‰ãƒ©ã‚¤ãƒãƒ¼è¨å®šã®éžæŽ¨å¥¨åŒ–

v1.36ã§ã®containerd 1.xã‚µãƒãƒ¼ãƒˆçµ‚äº†

`PreferClose`ãƒˆãƒ©ãƒ•ã‚£ãƒƒã‚¯åˆ†æ•£ã®éžæŽ¨å¥¨åŒ–

ãƒªãƒªãƒ¼ã‚¹ãƒãƒ¼ãƒ

ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã®æ´»å‹•çŠ¶æ³

ã‚¦ã‚§ãƒ“ãƒŠãƒ¼ã®ã”æ¡ˆå†…

å‚åŠ æ–¹æ³•

Kubernetes v1.33: æ€ã„æã„ã¦ã„ãŸã¨ãŠã‚Šã«å‹•ä½œã™ã‚‹ã‚ˆã†ã«ãªã£ãŸImage Pull Policyï¼

æ€ã„æã„ã¦ã„ãŸã¨ãŠã‚Šã«å‹•ä½œã™ã‚‹ã‚ˆã†ã«ãªã£ãŸImage Pull Policyï¼

IfNotPresentã€ãŸã¨ãˆæœ¬æ¥æŒã¤ã¹ãã§ãªã„ã¨ã—ã¦ã‚‚

IfNotPresentã€ãŸã ã—æœ¬æ¥ã‚¢ã‚¯ã‚»ã‚¹æ¨©ãŒã‚ã‚‹å ´åˆã«é™ã‚‹

Never pullã€ãŸã ã—èªè¨¼ã•ã‚Œã¦ã„ã‚‹å ´åˆã«é™ã‚‹

Always pullã€ãŸã ã—èªè¨¼ã•ã‚Œã¦ã„ã‚‹å ´åˆã«é™ã‚‹

ä»•çµ„ã¿ã«ã¤ã„ã¦

è©¦ã—ã¦ã¿ã‚ˆã†

ä»Šå¾Œã®äºˆå®š

å‚åŠ ã™ã‚‹ã«ã¯

Kubernetes v1.33: HorizontalPodAutoscalerã®è¨å®šå¯èƒ½ãªè¨±å®¹å€¤

ã“ã‚Œã¯ä½•ã§ã™ã‹ï¼Ÿ

ã©ã†ã‚„ã£ã¦ä½¿ã†ã®ã‹ï¼Ÿ

ã™ã¹ã¦ã®è©³ç´°ã‚’çŸ¥ã‚ŠãŸã„ï¼

Kubernetes v1.33: Endpointsã‹ã‚‰EndpointSliceã¸ã®ç¶™ç¶šçš„ãªç§»è¡Œã‚’é€²ã‚ã‚‹

Endpointsã‹ã‚‰EndpointSliceã¸ã®ç§»è¡Œã«é–¢ã™ã‚‹æ³¨æ„ç‚¹

EndpointSliceã‚’åˆ©ç”¨ã™ã‚‹

EndpointSliceã‚’ç”Ÿæˆã™ã‚‹

ãƒªãƒªãƒ¼ã‚¹ã®ãƒ†ãƒ¼ãƒžã¨ãƒã‚´

ä¸»ãªã‚¢ãƒƒãƒ—ãƒ‡ãƒ¼ãƒˆæƒ…å ±

ãƒ™ãƒ¼ã‚¿: Podã®åž‚ç›´ã‚¹ã‚±ãƒ¼ãƒªãƒ³ã‚°ã®ãŸã‚ã®ã‚¤ãƒ³ãƒ—ãƒ¬ãƒ¼ã‚¹ãªãƒªã‚½ãƒ¼ã‚¹ãƒªã‚µã‚¤ã‚º

ã‚¢ãƒ«ãƒ•ã‚¡: `.kuberc`ã«ã‚ˆã‚‹kubectlå‘ã‘ãƒ¦ãƒ¼ã‚¶ãƒ¼è¨å®šã®æ–°ã—ã„è¨˜è¿°ã‚ªãƒ—ã‚·ãƒ§ãƒ³

GAã«æ˜‡æ ¼ã—ãŸæ©Ÿèƒ½

ã‚¤ãƒ³ãƒ‡ãƒƒã‚¯ã‚¹ä»˜ãJobã®ã‚¤ãƒ³ãƒ‡ãƒƒã‚¯ã‚¹ã”ã¨ã®ãƒãƒƒã‚¯ã‚ªãƒ•åˆ¶é™