What’s new in Kubernetes 1.29: Storage improvements, Windows features, externalized cloud provider integrations
The Kubernetes project closed out 2023 with the release of Kubernetes 1.29, codenamed Mandala. This release brings a host of improvements to storage, including both alpha and newly stable features. It also gets a wee bit stricter about the externalization of cloud provider integrations—part of an ongoing process that many users will need to figure into their upgrade plans.
New defaults for cloud provider integrations
Breaking out provider-specific integrations has been a work-in-progress since 2018— part of the project’s overall effort to make vanilla Kubernetes as agnostic as possible to environment and tooling.
Some provider integrations have already been completely spun out into external components (i.e., AWS, OpenStack), but others remain compiled into the core Kubernetes source tree–specifically Azure, Google Cloud, and vSphere. Folks using these three providers and wishing to upgrade to v1.29 will need to make a choice:
Set the DisableCloudProviders and DisableKubeletCloudCredentialProviders feature gates to false. As you might expect, these feature gates switch off the in-tree provider integrations. In previous Kubernetes versions with these feature gates, false was the default; as of 1.29, the default is true. You can simply switch back to the previous behavior, but since in-tree integrations will be removed in the future, this is a short-term solution.
Alternatively, you can move to an external cloud controller manager. External components are available for Azure, Google Cloud, and vSphere (in addition to the previously mentioned AWS and OpenStack). This is the long-term solution and recommended, if possible. The Kubernetes docs provide helpful migration instructions.
Storage refinements
v1.29 brings some important storage features to General Availability, while some brand new features appear in alpha:
ReadWriteOncePod: This volume access mode in the PersistentVolumeClaim spec makes it possible to ensure that only one pod has write (and read) access to a persistent volume (PV)—crucial, in many cases, for data integrity. This mode has been available since Kubernetes v1.22, and now it has hit GA.
Authenticated storage volume resizing: Also hitting GA is the ability to resize CSI storage volumes in situations where the storage system in question requires permissions for the action. Kubernetes enables you to expand such a CSI storage node by providing a secret, and now this functionality has graduated.
VolumeAttributesClass: Sometimes, you might need to modify volume attributes in a predictable pattern. The new VolumeAttributesClass object enables you to define a set of standardized attributes that you can switch between by referencing the class in a PersistentVolumeClaim spec. This feature enters alpha with v1.29.
Improvements for Kubernetes on Windows
Kubernetes v1.29 brings improvements for Windows support including:
Pulling images according to runtime class: This alpha feature provides the ability to specify that pods should pull images according to the specified runtimeclass. This could be helpful for users running Windows Hyper-V containers in VMs.
In-place updates for Windows pod resources: It was already possible to change your resource limit and request specifications—without restarting the pod—for pods running Linux containers. Now Windows container users get the same privilege as an alpha feature.
That’s not it, of course. If you’d like to check out the rest of the changes in Kubernetes 1.29, check out the official release blog – and if you want to stay up-to-date on the latest Kubernetes news, sign up for our newsletter.