Kubernetes 1 30 Features FAQ & Answers

Released April 17, 2024, codename 'Uwubernetes'. Notable for community-driven naming (internet culture reference). Supported until approximately April 2025 (standard 12-month support window).

Beta feature for Job controller (enabled by default). Allows specifying when failed Pods should be replaced. Two policies: (1) Failed (default): replace only terminated Pods, (2) TerminatingOrFailed: replace Pods as soon as termination begins. Reduces job completion time for long-terminating Pods.

ReadWriteOncePod (RWOP) graduated to stable (GA). Ensures PersistentVolume can be mounted read-write by single Pod only (stricter than ReadWriteOnce which allows single Node). Critical for StatefulSets requiring exclusive access. Example: databases preventing split-brain scenarios.

Common Expression Language (CEL) for Admission Control graduated to stable. Enables in-process validation without external webhooks. Example: validating resource limits, enforcing naming conventions, checking label requirements. Performance: 10-100x faster than webhook admission (no network call). Used in ValidatingAdmissionPolicy.

Beta feature allowing Pods to declare readiness for scheduling via .spec.schedulingGates. Scheduler won't consider Pod until all gates removed. Use cases: waiting for external resources (databases, queues), coordination with cluster autoscaler, preventing premature scheduling during bulk operations.

CPU Manager static policy enhancements (beta). Better NUMA-awareness for CPU allocation. Distributes CPUs across NUMA nodes to reduce cross-NUMA memory access. Improves performance for memory-intensive workloads by 15-30% on multi-NUMA systems. Requires topology-aware scheduling.

AppArmor support graduated to stable. Simplified API: use securityContext.appArmorProfile field instead of annotations. Example: {type: 'Localhost', localhostProfile: 'k8s-apparmor-profile'}. Provides mandatory access control for container processes. Reduces kernel exploit surface.

Beta feature for PodTopologySpread. Allows specifying minimum number of topology domains that should have Pods. Prevents concentration in few zones even when maxSkew allows it. Example: minDomains=3 ensures Pods spread across at least 3 availability zones for true HA.

VolumeAttributesClass (beta) enables modifying volume attributes post-creation. Change IOPS, throughput, performance tier without recreating volume. Supported on AWS EBS, Azure Disk. Example: upgrade gp3 volume from 3000 IOPS to 16000 IOPS dynamically. Requires CSI driver support.

DRA graduated to alpha. Framework for managing resources beyond CPU/memory (GPUs, FPGAs, network devices). Replaces device plugins with more flexible model. Enables resource sharing, fine-grained allocation, structured parameters. Critical for AI/ML workloads requiring heterogeneous accelerators.

kubectl events command graduated to stable. Replaces kubectl get events with better UX. Features: chronological ordering by default, --for flag for resource-specific events, --watch for streaming, better formatting. Example: kubectl events --for pod/nginx-xyz --watch.

Node log query API (beta) enables fetching node service logs via API. Access kubelet, container runtime logs without SSH. Example: kubectl get --raw /api/v1/nodes/my-node/proxy/logs/?query=kubelet. Improves observability for managed clusters where SSH unavailable.

Key removals: (1) v1beta1 FlowSchema and PriorityLevelConfiguration removed (migrated to v1), (2) Ceph RBD and CephFS in-tree drivers removed (use CSI), (3) Seccomp annotations removed (use securityContext.seccompProfile), (4) Several deprecated feature gates removed after graduation to stable.