Skip to content

v0.3.0

Pre-release
Pre-release
Compare
Choose a tag to compare
@thomastaylor312 thomastaylor312 released this 17 Jun 22:58
v0.3.0
2ac8000
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

Krustlet v0.3.0 is the third release of Krustlet. This release was focused on refactoring, documentation, and TLS bootstrapping. For more details on what isn't implemented yet, see the Known Issues section.

Because this is pre-release software, there are no backwards compatibility guarantees for the Rust API or functionality. However, we will do our best to document any breaking changes in future releases.

Caveats

Please note that this is NOT production-ready software, but it is in a usable state. The WASI standard and wasmtime are still under heavy development, and because of this there are key features (like networking) that are missing; these will appear in the future. However, there is networking support available in wasCC.

Notable Features/Changes

  • TLS bootstrapping support has been added 🎉 Krustlet will now automatically request the proper client certificate credentials and the serving certificates for its API. See the bootstrapping docs for more details.
  • We now have support for using a config file and better documentation of our configuration options.
  • Improved error handling for the Kubelet API
  • The WASI provider now supports passing arguments in the pod spec
  • Graceful shutdown support has been added. This will try to evict all pods before shutting down

Breaking changes

  • We have moved away from using a .pfx certificate bundle for TLS in favor of a separate certificate and key. Because of this, the --pfx-password flag has been removed and the new flags for TLS are --cert-file and --private-key-file
  • The environment variables for configuring the certificate and key file locations have been standardized and renamed with the KRUSTLET_ prefix:
    • TLS_PRIVATE_KEY_FILE => KRUSTLET_PRIVATE_KEY_FILE
    • TLS_CERT_FILE => KRUSTLET_CERT_FILE
  • Many modules in the kubelet crate have shifted around. When upgrading your Providers to kubelet 0.3.0, note the following changes in your import paths:
    • kubelet::Provider -> kubelet::provider::Provider
    • kubelet::NodeBuilder -> kubelet::node::Builder
    • kubelet::Pod -> kubelet::pod::Pod
    • kubelet::module_store::ModuleStore -> kubelet::store::Store
    • kubelet::module_store::FileModuleStore -> kubelet::store::oci::FileStore
    • kubelet::handle::key_from_pod -> kubelet::pod::key_from_pod
    • kubelet::handle::pod_key -> kubelet::pod::pod_key
    • kubelet::handle::PodHandle -> kubelet::pod::Handle
    • kubelet::handle::RuntimeHandle -> kubelet::container::Handle
    • kubelet::status::update_pod_status -> kubelet::pod::update_status
    • kubelet::status::Phase -> kubelet::pod::Phase
    • kubelet::status::Status -> kubelet::pod::Status
    • kubelet::status::ContainerStatus -> kubelet::container::Status
    • kubelet::handle::Stop -> kubelet::handle::StopHandler
    • kubelet::volumes::VolumeRef -> kubelet::volume::Ref
    • kubelet::logs::LogOptions -> kubelet::log::Options
    • kubelet::logs::LogSender -> kubelet::log::Sender

Known Issues/Missing Features

  • Cloud volume mounting support
  • Init containers
  • Only linux and Darwin 64 bit architectures are supported. We hope to be adding ARM and other targets in the future. Right now, Windows is do-able, but we are trying to improve the developer process and testing before supporting it as a build target
  • Support for all pod phases/conditions (ContainerCreating, CrashLoopBackoff, etc.). However, please note that running and error conditions are supported, so you'll know if your pod is erroring
  • Unsupported workloads (such as those dropped automatically onto a node like kube-proxy) can get into an error loop. This is more of a nuisance that will cause some logging noise, but not impact the running of Krustlet
  • Modifying a bare pod's image is not implemented. Nothing will error, but Krustlet will not restart the "container"
  • TLS bootstrapping does not auto-renew certificates when they are close to expiry

What's next?

Our next anticipated version is 0.4.0 (although we will cut a 0.3.1 if necessary). You can see a full list of issues planned for 0.4 in the milestone.

Thanks

We also want to express a huge thanks to all of those in the community who contributed to this
release. We had a whole slew of new contributors and their work has been invaluable in improving
quality. We appreciate your efforts in making this project a success.

Contributors to 0.3

Installation

Download Krustlet 0.3.0:

Check out our installation
docs for information on how
to install Krustlet.

Assets 2