What upgrades and enhancements does Alibaba Cloud Container Service ACK provide for Kubernetes v1.22?

Author: ACK

Version 1.22, the second Kubernetes release in 2021, includes 53 enhancements and is considered by the Kubernetes development team and community to bring Kubernetes to a new level.

As one of the first container services in the world to pass the Kubernetes conformance certification, Alibaba Cloud Container Service for Kubernetes (ACK) always strictly follows community consistency, and provides component upgrades, optimizations, and more enhancements for new versions in a timely manner to ensure user Provide reliable and seamless native and stable services. Let's quickly pass this FAQ together, and get a preliminary understanding of what upgrades and enhancements ACK provides for Kubernetes v1.22. Hurry up and collect them!

If you want to know the complete changes made by ACK for Kubernetes version 1.22, click to read the original text at the end of the article.

FAQ

[Q1] What new features are introduced in Kubernetes 1.22?

[A1] The new features introduced include:

• PersistentVolume Health Monitor Features
• Quality of Service guarantee feature for memory resources based on cgroups v2
• Features of Windows Privileged Containers Based on HostProcess Containers
• Workloads can use the node swap memory feature (Linux nodes only)
• Configure default seccomp configuration features for workloads (Linux nodes only)

[Q2] For Kubernetes version 1.22, which components have been upgraded and optimized by ACK?

[A2] The core components of this ACK upgrade and optimization include Kubernetes, etcd, CoreDNS, CRI, CSI, CNI, NVIDIA Container Runtime, Ingress Controller

[Q3] What new enhancements does ACK provide for Kubernetes 1.22?

【A3】Provide enhanced capabilities including:

• The indicator information of APIServer's access request is enriched, and the observability of APIServer is improved.
• For ACK Pro, ASK Pro, or Edge Pro clusters, the core metrics of the hosting surface components can be revealed, improving the observability of the core components of the hosting surface.

Stability

For all cluster types:

• Increase the protection of the storage layer and reduce the impact on etcd during cold start.
• According to the combination of the source, type or route of the request, the current limiting operation of the APIServer can be enabled to reduce the impact on the APIServer during cold start.

performance optimization

• Kubelet: When upgrading the kubelet in place, ensure that the container is not restarted to the greatest extent possible.
• KubeProxy: Compatible with Aliyun Linux 2 (kernel-4.19.91-23) and above. When enabling IPVS mode, do not set conn_reuse_mode to 0.
• ASK cluster: When the Virtual Node is not ready, the ECI Pod will not be actively expelled to reduce business losses.
• ACK Pro or Edge Pro: Scheduler enhancements that support Gang Scheduling, CPU topology awareness, GPU topology awareness and other scheduling enhancements.

[Q4] What are the precautions for upgrading Kubernetes version 1.22?

【A4】Some of the items to be paid attention to include:

Kubernetes version 1.22 deprecated a large number of beta versions of the API. Before operating a cluster upgrade, please note:

• Resources created through the beta API (resources that already exist in the cluster) are not affected by the upgrade. After the upgrade, you can use the stable version API to interact.
• Controllers or applications that interact with the API of the test version need to be adjusted before the cluster is upgraded to prevent the controllers or applications from working properly after the cluster is upgraded.

Dockershim has been deprecated since Kubernetes version 1.20 and is planned to be removed in Kubernetes version 1.24. It is still available. The transition suggestions are as follows:

• It is recommended that newly created nodes use ContainerD as the container runtime.
• Due to the limited functionality of ContainerD Windows, it is recommended that you continue to use Docker EE if you are using Windows containers.
• Before upgrading to version 1.24, make adjustments to the node runtime.

PodSecurityPolicy has been deprecated since Kubernetes 1.21 and is planned to be removed in Kubernetes 1.25, and is still available. It is recommended to use PodSecurity instead.

Click here to learn about the complete content of this upgrade.

Recently popular

Cloud Native and New Possibilities of the Cloud Future

Copy and go to the link below to download the eBook for free

https://developer.aliyun.com/topic/download?id=8265