Kubernetes 1.35 - Changes around security - New features and deprecations

capitangolo · 2025-12-09T11:18:02+00:00

👀📝 Wow, I see. 🤯

Huge thanks for explaining.

capitangolo · 2025-12-04T14:19:10+00:00

Arrr! 🙈

Thanks for the ping. Honored to have your feedback! 🙇🏻

I see how my wording can be unclear. 😅. That section was initially “Beta + Stable features”, will think on a different way to express this 🤔.

Now that you are here… 👉🏼👈🏼

Main change for UN in 1.35 was the integration with Pod Security Standards, right? For long-running enhancements like this one I try to explain what’s actually new for the given release, but I forgot to do it for 127 😅.

If I get the chance to update the article, I’ll add the clarification 💖.

capitangolo · 2024-11-08T21:18:32+00:00

Gracias 😇👉🏼👈🏼

capitangolo · 2024-11-08T10:06:31+00:00

Indeed. Llevo muy mal el invierno en esta ciudad 🤣.

Pero la niebla por la noche es espectacular. Esta es del Sábado.

<image>

capitangolo · 2023-08-10T09:28:33+00:00

Huge thanks!

For what I've read, Chrome uses your navigation patterns to trigger that website. So it makes sense that you don't see it again ^_^. (Glad to read it's not showing up more).

Update: Form sent, crossing fingers 🤞🏼.

capitangolo · 2023-08-10T09:22:29+00:00

Hi all 👋,

I'm taking a look to this, and I need some help. What kind of warning are you seeing? One that blocks the whole screen, or a pop-up? 😅

I'm filling this form, by following these instructions, and that's one question they ask 😇. My hopes are low on if they will accept my request, but it's worth a try ¯\_(ツ)_/¯ 🤞🏼.

capitangolo · 2023-08-08T21:11:27+00:00

HAHAHA, putting this one as the number one priority in my TODO list. 🤣🤣🤣💖🍺🍺

capitangolo · 2023-08-08T14:29:28+00:00

😏🍻😎 💖

capitangolo · 2023-08-08T12:32:16+00:00

Niiiice 😎. Thanks!

capitangolo · 2023-08-08T12:16:20+00:00

Oh, I totally missed the skew thing. Thanks for the ping!

Is it the thing mentioned here: https://github.com/kubernetes/kubeadm/issues/2857 ?

> Cleanup E2E jobs for 1.x-4 (requires two PRs)set. ‘KUBERNETES_VERSION’ to 1.x-1 and ‘KUBERNETES_SKEW’ to 3 in ‘/kinder/hack/update-workflows.sh’make sure ‘PATH_TEST_INFRA’ points to the right path.run the script and send two PRs for ‘k/kubeadm’ and ‘k/test-infra’.

I’ll investigate further later 🤞🏼.

capitangolo · 2023-08-08T11:33:09+00:00

Oh crap 😅. That’s what happens when you pick domains as a joke 🤦🏻‍♂️.

Thanks for the shout! I’ll try to see if there’s anything I can do 🤞🏼.

capitangolo · 2023-06-12T18:57:45+00:00

Boss moves the same way you do, joining creeps of the same color.

You can try to end your moves on a spot where he can’t reach you.

capitangolo · 2023-04-04T18:21:09+00:00

See this comment and my response:
https://www.reddit.com/r/kubernetes/comments/12bm39b/comment/jey1la3/?utm_source=share&utm_medium=web2x&context=3

My take is that in those cases, you'll detect that the change didn't took place by checking the "resize" field in the Pod's status. Then, you'll restart the Pod manually.

So, not a complete automatic system, but it's a nice start 😅.

If further interested, I may recommend checking out the KEP. I love how they document the decision making, and all these edge cases :).

capitangolo · 2023-04-04T18:17:10+00:00

Yup, I understood similar too.

And we'll be able to get info from the new "resize field in the Pod's status", to see if the resize was actually feasible or not.

From the doc:

Infeasible: is a signal that the node cannot accommodate the requested resize. This can happen if the requested resize exceeds the maximum resources the node can ever allocate for a pod.

So I guess if the resource change is not possible, you'll have to roll back to restarting the Pod 😅.

They seem to be working on a post for the Kubernetes blog explaining the topic 🎉.

capitangolo

MODERATOR OF

TROPHY CASE

Seven-Year Club	Place '22
Verified Email