{"id":320510,"date":"2021-08-10T15:32:25","date_gmt":"2021-08-10T12:32:25","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/whats-new-in-kubernetes-v1-22-cloudsavvy-it\/"},"modified":"2021-08-10T15:32:25","modified_gmt":"2021-08-10T12:32:25","slug":"whats-new-in-kubernetes-v1-22-cloudsavvy-it","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/whats-new-in-kubernetes-v1-22-cloudsavvy-it\/","title":{"rendered":"#What\u2019s New in Kubernetes v1.22? \u2013 CloudSavvy IT"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_84 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-6a2f7815c038a\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #dd3333;color:#dd3333\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #dd3333;color:#dd3333\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-6a2f7815c038a\" checked aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/buradabiliyorum.com\/en\/whats-new-in-kubernetes-v1-22-cloudsavvy-it\/#Server-Side_Apply\" >Server-Side Apply<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/buradabiliyorum.com\/en\/whats-new-in-kubernetes-v1-22-cloudsavvy-it\/#External_Credential_Providers\" >External Credential Providers<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/buradabiliyorum.com\/en\/whats-new-in-kubernetes-v1-22-cloudsavvy-it\/#Running_Without_Root\" >Running Without Root<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/buradabiliyorum.com\/en\/whats-new-in-kubernetes-v1-22-cloudsavvy-it\/#API_Removals\" >API Removals<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/buradabiliyorum.com\/en\/whats-new-in-kubernetes-v1-22-cloudsavvy-it\/#Other_Changes\" >Other Changes<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/buradabiliyorum.com\/en\/whats-new-in-kubernetes-v1-22-cloudsavvy-it\/#New_Release_Cadence\" >New Release Cadence<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/buradabiliyorum.com\/en\/whats-new-in-kubernetes-v1-22-cloudsavvy-it\/#Summary\" >Summary<\/a><\/li><\/ul><\/nav><\/div>\n<p><strong>&#8220;#What\u2019s New in Kubernetes v1.22? \u2013 CloudSavvy IT&#8221;<\/strong><\/p>\n<div id=\"article-content-area\">\n<img loading=\"lazy\" decoding=\"async\" class=\"type:primaryImage aligncenter size-full wp-image-9632\" srcset=\"https:\/\/www.cloudsavvyit.com\/p\/uploads\/2021\/02\/748108a6.jpg?width=398&amp;trim=1,1&amp;bg-color=000&amp;pad=1,1 400w, https:\/\/www.cloudsavvyit.com\/p\/uploads\/2021\/02\/748108a6.jpg?width=1198&amp;trim=1,1&amp;bg-color=000&amp;pad=1,1 1200w\" sizes=\"auto, 400w, 1200w\" src=\"https:\/\/www.cloudsavvyit.com\/p\/uploads\/2021\/02\/748108a6.jpg?width=1198&amp;trim=1,1&amp;bg-color=000&amp;pad=1,1\" alt=\"Graphic showing the Kubernetes logo\" width=\"1602\" height=\"902\" onload=\"pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\" onerror=\"this.onerror=null;pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\"\/><\/p>\n<p>Kubernetes v1.22 is a new feature release that <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/kubernetes.io\/blog\/2021\/08\/04\/kubernetes-1-22-release-announcement\">adds over 50 improvements<\/a> to the container orchestration platform. It also deprecates some capabilities and removes several APIs that have been superseded by replacement versions.<\/p>\n<p>Here\u2019s the lowdown on the most significant changes, starting with feature additions.<\/p>\n<h2 id=\"server-side-apply\"><span class=\"ez-toc-section\" id=\"Server-Side_Apply\"><\/span>Server-Side Apply<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Server-side <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/download-scripts-themes-apps\/\" data-internallinksmanager029f6b8e52c=\"9\" title=\"Download Scripts &amp; Themes &amp; Apps\" target=\"_blank\" rel=\"noopener\">App<\/a>ly is now out of beta and <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/general\/\" data-internallinksmanager029f6b8e52c=\"3\" title=\"General\" target=\"_blank\" rel=\"noopener\">general<\/a>ly available to all users. It\u2019s a new mechanism to facilitate declarative resource management <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/kubernetes.io\/docs\/reference\/using-api\/server-side-apply\">by users and cluster controllers<\/a>.<\/p>\n<p>Using Server-side Apply lets developers initiate resource changes by describing their intentions. The Kubernetes API server tracks changes to objects on a field-by-field basis. This <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/kubernetes.io\/docs\/reference\/using-api\/server-side-apply\/#conflicts\">\u201cfield management\u201d system<\/a> creates an ownership model where changes to a field added by another manager are automatically rejected. This prevents unintentionally reversing an operation started by another administrator.<\/p>\n<p>Before Server-side Apply, the logic for identifying resource fields needing an update was part of the client-side <code>kubectl apply<\/code> command. Now this is elevated to the server, making it easier for controllers to apply their own configuration changes and facilitating the new access control capabilities. Changes to individual fields are recorded, not just the last state applied by each user.<\/p>\n<p>Resources gain <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/kubernetes.io\/docs\/reference\/using-api\/server-side-apply\/#field-management\">a new <code>managedFields<\/code> property<\/a> when Server-side Apply with field management is active. It records each field, the data associated with it, and the time it was last updated. Manually editing <code>managedFields<\/code> is possible but strongly discouraged; it\u2019s intended that only the Kubernetes API server will write these values.<\/p>\n<p>Field management comes with support for conflict resolution and four different merge strategies. These let you tailor what happens when you try to edit a field that\u2019s already been changed by another user. You can force apply the changes if necessary, transferring ownership to the incoming user.<\/p>\n<h2 id=\"external-credential-providers\"><span class=\"ez-toc-section\" id=\"External_Credential_Providers\"><\/span>External Credential Providers<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>External credential providers have also made the jump to stable. These let you use plugins to obtain credentials such as authentication tokens and TLS certificates from outside your cluster.<\/p>\n<p>The feature lets you integrate Kubernetes access control with existing auth providers. Providers can authenticate you using OAuth2, LDAP, and SAML systems, so you can log in using your existing credentials for popular services.<\/p>\n<p>Providers <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/kubernetes.io\/docs\/reference\/access-authn-authz\/authentication\/#client-go-credential-plugins\">are implemented as<\/a> plugins with a server-side component running in the cluster. This uses a special webhook to convert client-specific tokens into a format that the Kubernetes API server can interpret.<\/p>\n<h2 id=\"running-without-root\"><span class=\"ez-toc-section\" id=\"Running_Without_Root\"><\/span>Running Without Root<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>High-security environments can gain increased protections by running the Kubernetes control plane as a non-root user. This is an alpha feature available for new cluster deployments. It helps mitigate the risks of a successful control plane compromise providing unlimited access to your host.<\/p>\n<p>Launching a cluster as a non-root user requires you to enable the <code>RootlessControlPlane<\/code> <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/kubernetes.io\/docs\/reference\/command-line-tools-reference\/feature-gates\">feature gate<\/a>. The control plane should then start without using <code>sudo<\/code>.<\/p>\n<p>There\u2019s similar support for running individual node-level components in a non-root environment. Kubelet, kube-proxy, and the container runtime <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/github.com\/kubernetes\/enhancements\/issues\/2033\">now have this ability<\/a>, helping you tighten your installation\u2019s security.<\/p>\n<h2 id=\"api-removals\"><span class=\"ez-toc-section\" id=\"API_Removals\"><\/span>API Removals<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>As a new minor release, v1.22 <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/github.com\/kubernetes\/kubernetes\/blob\/master\/CHANGELOG\/CHANGELOG-1.22.md#deprecation\">deprecates some<\/a> existing capabilities in various Kubernetes components. These are mostly commands, flags, and some authentication and storage plugins. The affected features remain available but could be dropped in the future.<\/p>\n<p>v1.22 also removes 12 previously deprecated APIs altogether. The removed APIs are all beta versions that have been superseded by newer stable alternatives.<\/p>\n<p>The list includes the <code>Ingress<\/code> and <code>IngressClass<\/code> resources used to expose services with routing rules. The <code>networking.k8s.io\/v1beta1<\/code> versions of these objects should be replaced with their <code>networking.k8s.io\/v1<\/code> counterparts which remain supported.<\/p>\n<p>Other removed APIs include the beta versions of <code>APIService<\/code>, <code>CertificateSigningRequest<\/code>, <code>CustomResourceDefinition<\/code>, and <code>Lease<\/code>, as well as several objects related to access control, storage, and scheduling. Review the <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/kubernetes.io\/blog\/2021\/08\/04\/kubernetes-1-22-release-announcement\/#other-updates\">migration guide<\/a> before applying the upgrade to your cluster. You\u2019ll need to change any resources using the removed APIs so they reference the new stable versions instead.<\/p>\n<p>The next Kubernetes release to include removals will be v1.25. This is currently scheduled to remove four beta APIs: <code>CronJob<\/code>, <code>EndpointSlice<\/code>, <code>Event<\/code>, and <code>PodDisruptionBudget<\/code>.<\/p>\n<h2 id=\"other-changes\"><span class=\"ez-toc-section\" id=\"Other_Changes\"><\/span>Other Changes<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>This release lands many other minor additions and improvements including alpha support for swap memory, an <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/github.com\/kubernetes-sigs\/sig-windows-dev-tools\">improved experience<\/a> when running Kubernetes on Windows, and the ability to use cgroups v2 <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/kubernetes.io\/docs\/tasks\/configure-pod-container\/quality-service-pod\">to set memory allocation<\/a> and isolation constraints on Pods.<\/p>\n<p>Etcd, the configuration store used by the Kubernetes API server, has been bumped to v3.5.0. This improves logging capabilities with a new structured format and integrated file rotation. The project\u2019s also delivered significant <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/etcd.io\/blog\/2021\/announcing-etcd-3.5\">performance improvements<\/a> to accelerate some common Kubernetes operations.<\/p>\n<p>Several beta APIs are now <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/kubernetes.io\/blog\/2021\/08\/04\/kubernetes-1-22-release-announcement\/#other-updates\">marked as stable<\/a>, including bound <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/github.com\/kubernetes\/enhancements\/issues\/542\">service account tokens<\/a> and the <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/github.com\/kubernetes\/enhancements\/issues\/85\"><code>PodDisruptionBudget<\/code><\/a> object for specifying minimum concurrent replica counts. Kubernetes has gained the ability to warn you when you use a deprecated API too, making it easier to stay on the stable path. You\u2019ll see these messages as you apply resources to your cluster.<\/p>\n<h2 id=\"new-release-cadence\"><span class=\"ez-toc-section\" id=\"New_Release_Cadence\"><\/span>New Release Cadence<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>v1.22 marks the start of a new regular release cadence for Kubernetes updates. Features will now land four times a year instead of three, creating a slightly longer development cycle that offers more chances to optimize and maintain release quality. It also offers more breathing room for cluster administrators who\u2019ve now got an extra month between migrations.<\/p>\n<p>In line with this schedule, Kubernetes v1.23 is <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/github.com\/kubernetes\/sig-release\/tree\/master\/releases\/release-1.23\">expected to arrive<\/a> in early December 2021. Each cycle has an estimated development time of 15 weeks. Regular patch updates will still be released on their <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/kubernetes.io\/releases\/patch-releases\">existing monthly cadence<\/a>, with critical bug fixes landing earlier when necessary.<\/p>\n<h2 id=\"summary\"><span class=\"ez-toc-section\" id=\"Summary\"><\/span>Summary<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Kubernetes v1.22 is a milestone update that sees the project move to a new release cadence. This will help cluster administrators plan for future upgrades, providing more migration time before the next one comes along.<\/p>\n<p>In terms of new features, the most significant addition is arguably Server-side Apply. This simplifies the use of declarative resource configurations, lifting logic from <code>kubectl<\/code> into your cluster. This is expected to eventually replace the original <code>kubectl apply<\/code> implementation altogether.<\/p>\n<p>Upgrading to v1.22 might require action if you\u2019re still using any of the removed beta APIs. You should be able to replace them with their stable versions, although this might mean modifying your resources in some cases. Taking the time now to address the <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/github.com\/kubernetes\/kubernetes\/blob\/master\/CHANGELOG\/CHANGELOG-1.22.md#deprecation\">new deprecations<\/a> in v1.22 will help you prepare for when v1.23 arrives, easing that release\u2019s migration process.\n<\/div>\n<blockquote><p><strong><span style=\"color: #ff6600;\">If you liked the article, do not forget to share it with your friends. Follow us on\u00a0<span style=\"color: #ff0000;\"><a style=\"color: #ff0000;\" href=\"https:\/\/news.google.com\/publications\/CAAqBwgKMLG0nwswvr63Aw\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\">For forums sites go to <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/forum.buradabiliyorum.com\/\" target=\"_blank\" rel=\"noopener\">Forum.BuradaBiliyorum.Com<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\"><strong>If you want to read more like this article, you can visit our <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/en.buradabiliyorum.com\/technology\/\" target=\"_blank\" rel=\"noopener\">Technology category.<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<p><span style=\"color: black;\"><a style=\"color: #ff9900;\" href=\"https:\/\/www.cloudsavvyit.com\/13688\/whats-new-in-kubernetes-v1-22\/\" target=\"_blank\" rel=\"noopener\">Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>&#8220;#What\u2019s New in Kubernetes v1.22? \u2013 CloudSavvy IT&#8221; Kubernetes v1.22 is a new feature release that adds over 50 improvements to the container orchestration platform. It also deprecates some capabilities and removes several APIs that have been superseded by replacement versions. Here\u2019s the lowdown on the most significant changes, starting with feature additions. Server-Side Apply&#8230;<\/p>\n","protected":false},"author":1,"featured_media":320511,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/www.cloudsavvyit.com\/p\/uploads\/2021\/02\/748108a6.jpg","fifu_image_alt":"","footnotes":""},"categories":[18],"tags":[],"class_list":["post-320510","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technology"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/320510","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=320510"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/320510\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media\/320511"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=320510"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=320510"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=320510"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}