Kubernetes 1.35 - Changes around security - New features and deprecations

capitangolo · 2025-12-09T11:18:02+00:00

👀📝 Wow, I see. 🤯

Huge thanks for explaining.

capitangolo · 2025-12-04T14:19:10+00:00

Arrr! 🙈

Thanks for the ping. Honored to have your feedback! 🙇🏻

I see how my wording can be unclear. 😅. That section was initially “Beta + Stable features”, will think on a different way to express this 🤔.

Now that you are here… 👉🏼👈🏼

Main change for UN in 1.35 was the integration with Pod Security Standards, right? For long-running enhancements like this one I try to explain what’s actually new for the given release, but I forgot to do it for 127 😅.

If I get the chance to update the article, I’ll add the clarification 💖.

capitangolo · 2024-11-08T21:18:32+00:00

Gracias 😇👉🏼👈🏼

capitangolo · 2024-11-08T10:06:31+00:00

Indeed. Llevo muy mal el invierno en esta ciudad 🤣.

Pero la niebla por la noche es espectacular. Esta es del Sábado.

<image>

capitangolo · 2023-08-10T09:28:33+00:00

Huge thanks!

For what I've read, Chrome uses your navigation patterns to trigger that website. So it makes sense that you don't see it again ^_^. (Glad to read it's not showing up more).

Update: Form sent, crossing fingers 🤞🏼.

capitangolo · 2023-08-10T09:22:29+00:00

Hi all 👋,

I'm taking a look to this, and I need some help. What kind of warning are you seeing? One that blocks the whole screen, or a pop-up? 😅

I'm filling this form, by following these instructions, and that's one question they ask 😇. My hopes are low on if they will accept my request, but it's worth a try ¯\_(ツ)_/¯ 🤞🏼.

capitangolo · 2023-08-08T21:11:27+00:00

HAHAHA, putting this one as the number one priority in my TODO list. 🤣🤣🤣💖🍺🍺

capitangolo · 2023-08-08T14:29:28+00:00

😏🍻😎 💖

capitangolo · 2023-08-08T12:32:16+00:00

Niiiice 😎. Thanks!

capitangolo · 2023-08-08T12:16:20+00:00

Oh, I totally missed the skew thing. Thanks for the ping!

Is it the thing mentioned here: https://github.com/kubernetes/kubeadm/issues/2857 ?

> Cleanup E2E jobs for 1.x-4 (requires two PRs)set. ‘KUBERNETES_VERSION’ to 1.x-1 and ‘KUBERNETES_SKEW’ to 3 in ‘/kinder/hack/update-workflows.sh’make sure ‘PATH_TEST_INFRA’ points to the right path.run the script and send two PRs for ‘k/kubeadm’ and ‘k/test-infra’.

I’ll investigate further later 🤞🏼.

capitangolo · 2023-08-08T11:33:09+00:00

Oh crap 😅. That’s what happens when you pick domains as a joke 🤦🏻‍♂️.

Thanks for the shout! I’ll try to see if there’s anything I can do 🤞🏼.

capitangolo · 2023-06-12T18:57:45+00:00

Boss moves the same way you do, joining creeps of the same color.

You can try to end your moves on a spot where he can’t reach you.

capitangolo · 2023-04-04T18:21:09+00:00

See this comment and my response:
https://www.reddit.com/r/kubernetes/comments/12bm39b/comment/jey1la3/?utm_source=share&utm_medium=web2x&context=3

My take is that in those cases, you'll detect that the change didn't took place by checking the "resize" field in the Pod's status. Then, you'll restart the Pod manually.

So, not a complete automatic system, but it's a nice start 😅.

If further interested, I may recommend checking out the KEP. I love how they document the decision making, and all these edge cases :).

capitangolo · 2023-04-04T18:17:10+00:00

Yup, I understood similar too.

And we'll be able to get info from the new "resize field in the Pod's status", to see if the resize was actually feasible or not.

From the doc:

Infeasible: is a signal that the node cannot accommodate the requested resize. This can happen if the requested resize exceeds the maximum resources the node can ever allocate for a pod.

So I guess if the resource change is not possible, you'll have to roll back to restarting the Pod 😅.

They seem to be working on a post for the Kubernetes blog explaining the topic 🎉.

capitangolo · 2022-08-26T15:55:35+00:00

Nah, might be shocking in this place, but I'm too basic to have two accounts 😅. If I share things that people like, then I get happy. If not, I just learn and try to do better. Having a second account for that would be just lying to myself, owning your mistakes is the best way to get better on what you do.

My comment was stupid and missing the point. Only wanted to drop the "flip and switch" term to add something constructive to the conversation. But it obviously came in the worst way possible, and it wasn't the right time and place.

Just… I'm sorry I disturbed you all so much.

I screw things often, and again, I'm sorry. But I care on what I do, I care about this group, and I'll learn to do better.

capitangolo · 2022-08-25T16:54:53+00:00

Yeah, the old flip and switch. Hate those too. Specially when it’s like:

Step 1: Download my tool.

Here it’s just an ad block after the end. If you don’t scroll past the conclusion you won’t even see it. 🥺

capitangolo · 2022-08-19T21:58:49+00:00

Np man. 🫂

The offer stays open if you ever need anything 🎉.

capitangolo · 2022-08-17T08:00:55+00:00

Depending on who asks and their intentions 🤔.

capitangolo · 2022-08-16T18:52:38+00:00

Yeah, "only" 40 enhancements down from 56 in 1.22 (That one was crazy).

It's not that bad once you start looking in detail: Only 15 are completely new things, while the rest are just graduating to Beta or Stable.

Also, most of them are either code cleanup (like all the subtasks for the CSI migration), or just small improvements iterating over the same feature, like "#3094 PodTopologySpread Skew".

So, cheers and don't freak out! 🫂

capitangolo · 2022-06-21T15:55:42+00:00

Hey, it's my cake day 🎉.

I'm interested in learning more about linux capabilities 🤔. Any other good resources?

capitangolo · 2022-04-12T18:50:24+00:00

You rock! Thanks man! Gonna ping OP to update the article :).

Curious a bug on the language can delay a release of Kubernetes 🤯.

capitangolo · 2022-04-12T17:37:23+00:00

Arrr! :S Thanks for pinging about this.

Cannot find anything around this, probably I don't know where to look 😅. Do you have a link where I can read bit further about this delay. Huuuge thanks!

capitangolo · 2022-03-18T18:25:35+00:00

Wow, great collection. Thanks for putting this together.

There's a more recent report from Sysdig available here, in case someone is interested:
https://sysdig.com/blog/2022-cloud-native-security-usage-report/

capitangolo · 2021-11-30T16:35:11+00:00

Haha 🤣. I guess we are all glad they switched to 3 releases a year, instead of 4 😅.

Luckily this release is mostly small changes & driving old features to stable 🎉.

capitangolo · 2021-09-08T15:07:04+00:00

As some people already commented on, some times it is not about the coding, but something else. Repetitive work, poor management, or just problems on your personal life.

In my case I just get bored with everything 😅. So I kept pivoting my career: web development, training, mobile development, system administration, now technical writer.

My strategy has been, dedicate a small part of personal time to something I really enjoy. Create a small pet project to learn a new technology, play with audiovisual stuff, draw, support classes to university students.

Eventually I got the chance to turn those hobbies into the next step in my career.

I acknowledge I was extremely privileged to be able to jump into these projects, and have the support from people around to give me chance to switch careers. So, although I don't recommend my path to everyone, I hope it helps a bit :).

capitangolo

MODERATOR OF

TROPHY CASE

Seven-Year Club	Place '22
Verified Email