Only a couple of days are left in the Kubernetes 10th anniversary year. This release, codenamed “Penelope”, celebrates Kubernetes’ 10th anniversary and reflects on the continuous weaving of its features, much like Penelope’s tapestry. Let’s take a look at its main features.
This release consists of 44 enhancements in total, specifically:
- 13 enhancements have graduated beta features to stable
- 12 enhancements have graduated alpha features to beta
- 19 enhancements have introduced new alpha-level features
In this blog post, we asked three of our engineers who are extensively involved in the Kubernetes project, to share their key highlights. For a complete overview of all the changes, we recommend you check out the official release announcement and the 1.32 changelog.
Marko Mudrinić is Tech Lead of SIG K8s Infra, a CNCF Ambassador and Kubernetes Release Engineering Subproject Lead -
“My highlight of the 1.32 release is the Single Process OOM Killing. This addition allows for more granular control over Out-Of-Memory (OOM) situations. With the singleProcessOOMKill flag, you can configure kubelet to only kill the single process exceeding memory limits within a container, preventing unnecessary disruptions to other processes in the same container.”
Koray Oksay is a CNCF Ambassador and part of SIG K8s Infra -
“The outstanding feature for me is Auto-remove PersistentVolumeClaims (PVCs) for StatefulSets. This feature simplifies storage management for StatefulSets. Kubernetes now automatically removes PVCs created by StatefulSets when they’re no longer needed. This ensures data persistence during updates and node maintenance while reducing the risk of orphaned PVCs cluttering your storage.”
Mario Fahlandt is a Co-Chair of SIG ContribEx, also part of SIG K8s Infra and a CNCF Ambassador -
“I will go with the enhancements to Dynamic Ressource Allocations - the whole topic is an ever present topic especially with more requirements for Kubernetes to work well on specific hardware. These improvements will increase the flexibility and efficiency of resource allocation for workloads that require specific hardware, such as GPUs, FPGAs, and network adapters. Structured Parameter Support, a key feature of Dynamic Resource Allocation (DRA), has been upgraded to beta. This improvement enables the kube-scheduler and Cluster Autoscaler to simulate resource claim allocations directly. They can predict if resource requests can be met based on the current cluster state without committing to allocations. By removing the need for a third-party driver for validation, this feature streamlines resource distribution planning and enhances scheduling and scaling efficiency.”
Beyond these highlights, v1.32 offers a range of other improvements, including:
Memory Manager Goes GA
The memory manager has officially been released for General Availability (GA). This feature will improve memory allocation for containerized applications. The GA release primarily includes bug fixes, internal refactoring, and improvements in observability, such as better metrics and logging.
Bound service account token improvement
This feature has graduated to stable. The node name is now included in the service account token claims, allowing users to use this information during authorization and admission (ValidatingAdmissionPolicy). This improvement further keeps service account credentials from being a privilege escalation path for nodes.
Support to size memory-backed volumes
This new feature allows the dynamic sizing of memory-backed volumes according to Pod resource limits, optimizing overall node resource utilization.
Structured authorization configuration
In Kubernetes 1.32, multiple authorizers can now be configured in the API server to allow for structured authorization decisions.
API removals
There was one API removal in Kubernetes 1.32. The flowcontrol.apiserver.k8s.io/v1beta3 API version of FlowSchema and PriorityLevelConfiguration has been removed.
To prepare for this, you can rewrite client software to use the flowcontrol.apiserver.k8s.io/v1 API version, which has been available since v1.29. All existing persisted objects are accessible via the new API. Notable changes in flowcontrol.apiserver.k8s.io/v1beta3 include that the PriorityLevelConfiguration spec.limited.nominalConcurrencyShares field only defaults to 30 when unspecified, and an explicit value of 0 is not changed to 30.
For more information, refer to the API deprecation guide.
Withdrawal of the old DRA implementation
In Kubernetes 1.32, the handling of DRA will be changed by removing the original implementation’s code. KEP #4381 will now be the “new” base functionality. This removal will allow Kubernetes to handle new hardware requirements and resource claims more predictably, bypassing the complexities of back-and-forth API calls to the kube-apiserver.
