What’s New in Cloud Native? Harbor Graduation, Kubernetes CVE, CloneSet & More
This roundup covers the CNCF Harbor graduation, a delayed Kubernetes 1.19 release, a critical kube‑controller‑manager SSRF vulnerability, the introduction of the CloneSet CRD, fixes for managed fields, packet‑unmarking in kubelet/kube‑proxy, topology‑aware scheduling, new accelerator metrics, plus highlights on Cilium and OpenYurt.
CNCF Announces Harbor Graduation
The Cloud Native Computing Foundation (CNCF) promoted Harbor to its 11th graduated project, recognizing its growing adoption, open governance, mature feature set, and strong community commitment.
Kubernetes 1.19 Release Delayed
Due to pandemic‑related disruptions, the Kubernetes 1.19 release has been postponed by three weeks, with the new target date set for August 25.
kube‑controller‑manager SSRF Vulnerability (CVE‑2020‑8555)
A server‑side request forgery (SSRF) flaw affecting kube‑controller‑manager allows authenticated attackers to issue unauthenticated requests from the master node and retrieve arbitrary cluster information. Affected versions include:
kube‑controller‑manager v1.16.0 – v1.16.8
kube‑controller‑manager < v1.15.11
OpenKruise Introduces CloneSet CRD
OpenKruise launches the production‑grade CloneSet custom resource definition, designed to address common issues with stateless Pods in Kubernetes.
Resetting Managed Fields and Fieldtype
A fix resolves regressions where older client update/patch requests caused the metadata.managedFields field to revert.
kubelet & kube‑proxy Packet Unmarking
Before performing masquerading, kubelet and kube‑proxy now unmark all packets, improving latency for clusters using VXLAN network plugins.
Topology‑Aware Resource Provisioning Daemon
A new daemon will report topology information, enabling the topology‑aware scheduler plugin to make more informed placement decisions.
Disable AcceleratorUsage Metrics Initial KEP
A forthcoming API change will let vendors provide accelerator metrics without tightly coupling to the Kubernetes core codebase.
Open Source Project Recommendation: Cilium
Cilium offers an observable networking solution that can replace the kube‑proxy component in Kubernetes clusters.
Reading Recommendation – Deep Dive into OpenYurt
The article introduces OpenYurt, an open‑source project that blends cloud‑native and edge‑computing paradigms, focusing on its edge‑autonomy design and the broader vision for unified cloud‑native edge architectures.
Signed-in readers can open the original source through BestHub's protected redirect.
This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactand we will review it promptly.
Alibaba Cloud Native
We publish cloud-native tech news, curate in-depth content, host regular events and live streams, and share Alibaba product and user case studies. Join us to explore and share the cloud-native insights you need.
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.