Kubernetes continues its rapid evolution as the leading container orchestration platform, with each release bringing enhancements that refine its performance, security, and user experience. The latest version, Kubernetes v1.31, builds on this progress by introducing a series of removals, deprecations, and significant updates designed to streamline container management. In this post, we’ll explore the major changes in Kubernetes v1.31, comparing them with previous versions to highlight key updates, new features, and what’s been deprecated or removed. If you’re looking to stay ahead of the curve in Kubernetes developments, read on for everything you need to know about v1.31
- Deprecations and Removals: Complete phase-out of older storage plugins like CephFS and Ceph RBD in favor of CSI drivers; deprecation of APIs and security features such as SHA-1 signatures to enhance security.
- Enhanced Security: Transition to more robust cryptographic standards, aiming to strengthen the security infrastructure of Kubernetes clusters.
- Vendor-Neutral Cloud Integration: Final removal of all in-tree cloud provider integrations, supporting Kubernetes' goal to maintain a vendor-neutral platform.
Kubernetes v1.31 brings crucial updates that affect key components such as APIs, storage plugins, and cloud integrations. These changes are designed to enhance the platform’s scalability, security, and functionality. Staying informed about these updates is critical for maintaining a modern and efficient Kubernetes environment. In this post, we’ll highlight the most impactful changes in Kubernetes v1.31, comparing them with previous versions to help you plan for necessary upgrades, migrations, and optimizations
Kubernetes follows a strict deprecation policy to manage the lifecycle of its APIs and features.
- Stable (GA) APIs: These can be marked as deprecated only when a newer, stable version is available. Once deprecated, they remain functional for at least one year but will eventually be removed.
- Beta APIs: Supported for three releases after deprecation. If not promoted to stable, they will be removed.
- Alpha APIs: These can be removed at any time without prior deprecation.
- v1.30 and Earlier: The approach was similar, but v1.31 brings a stronger emphasis on the timely removal of deprecated APIs, ensuring Kubernetes evolves towards more efficient and secure implementations.
Kubernetes v1.31 sees several significant removals and deprecations. Here’s a closer look at these changes compared to v1.30:
- v1.30 and Earlier: This field was present but was recognized as unreliable since the kubelet lacked accurate information about kube-proxy versions.
- v1.31: The status.nodeInfo.kubeProxyVersion field has been deprecated and will be removed in future releases. The DisableNodeKubeProxyVersion feature gate is enabled by default to avoid setting this field. Impact: Users should stop relying on this field for monitoring or configuration.
- v1.30: Partial removal of in-tree cloud provider integrations, with the recommendation to use external integrations.
- v1.31: The final removal of all in-tree integrations marks the completion of this externalization process. Kubernetes aims to be a fully vendor-neutral platform. Action Required: Users must migrate to external cloud provider integrations, following Kubernetes' Cloud Provider Integrations guide.
- v1.30 and Earlier: This flag was deprecated for a long time (since 2017), but still existed.
- v1.31: The flag has been removed entirely. Impact: Users should ensure that their configurations do not depend on this flag. Further details can be found in the pull request #122082.
Storage management in Kubernetes is undergoing significant transformations with v1.31. The removal of non-CSI storage plugins and the push towards Container Storage Interface (CSI) drivers are central to this.
- v1.30 and Earlier: CephFS was marked as deprecated, but still functional.
- v1.31: CephFS is completely removed, making the type non-functional. Users must migrate to the CephFS CSI driver, a third-party storage solution. Action Required: Applications using CephFS need to be re-deployed using the new CSI driver.
- v1.30 and Earlier: Similar to CephFS, Ceph RBD was marked as deprecated.
- v1.31: Ceph RBD volume plugin and its CSI migration support have been removed. Migration to the RBD CSI driver is necessary. Impact: Clusters using Ceph RBD must reconfigure to use the updated storage solution.
- v1.30 and Earlier: Non-CSI plugins like AzureDiskLimits, CinderLimits, EBSLimits, GCEPDLimits were still part of the default scheduler plugins.
- v1.31: These plugins are deprecated. The NodeVolumeLimits plugin is recommended as it supports CSI functionality. Action Required: Replace deprecated plugins in the scheduler config with NodeVolumeLimits.
Kubernetes v1.31 introduces a critical security change regarding SHA-1 signatures:
- v1.30 and Earlier: SHA-1 support existed but was not recommended due to security vulnerabilities.
- v1.31: The support for SHA-1 is being deprecated, and it will be fully removed in Go 1.24, expected in 2025. Action Required: Migrate to stronger cryptographic standards. Check Kubernetes issue #125689 for more details.
Looking forward, Kubernetes v1.32 will continue the trend of refining and optimizing its APIs and integrations:
- FlowSchema and PriorityLevelConfiguration Removals: Users are encouraged to update their manifests to use the flowcontrol.apiserver.k8s.io/v1 API version, which has been available since v1.29.
- v1.31 and Earlier: Users should start transitioning to the newer API versions to avoid any service interruptions.
- v1.32: Removal of older APIs will require that all systems be updated to comply with the newer standards.
To ensure a smooth transition to Kubernetes v1.31, follow these steps:
Kubernetes v1.31 represents a major milestone in enhancing the platform’s security, functionality, and vendor neutrality. By adapting to these updates, such as API deprecations, storage changes, and security enhancements, Kubernetes users can continue to leverage a flexible and powerful container orchestration system. The proactive adoption of these improvements ensures that your infrastructure remains modern, secure, and optimized for the future. Stay ahead by continuously refining your Kubernetes environment, and embrace these changes to maintain a seamless and robust experience.
For more expert insights and the latest updates on Kubernetes, follow the Kloia Blog and stay informed on industry trends and best practices!
Major deprecations include the status.nodeInfo.kubeProxyVersion field, SHA-1 signature support, and several non-CSI volume limit plugins.
Refer to the official Kubernetes CSI documentation for steps on migrating from the CephFS volume plugin to the CSI driver.
Users should remove any dependencies on this flag, as it has been fully removed in v1.31.