\u6211\u603b\u7ed3\u4e86Kubernetes 1.28\u7248\u672c\u7684SIG-Network\u7f51\u7edc\u53d8\u66f4\u5185\u5bb9\u3002\u57281.28\u7248\u672c\u4e2d\uff0c\u5f15\u5165\u4e86\u9ed8\u8ba4\u542f\u7528\u7684\u529f\u80fd\uff0c\u5c06\u8282\u70b9\u7aef\u53e3\u7684\u52a8\u6001\u548c\u9759\u6001\u5206\u914d\u7684\u4f18\u5148\u8303\u56f4\u5206\u5f00\uff0c\u4ee5\u51cf\u5c11\u9759\u6001\u7aef\u53e3\u6307\u5b9a\u65f6\u7684\u51b2\u7a81\uff0c\u4ece\u800c\u63d0\u9ad8\u7a33\u5b9a\u6027\u3002<\/p>\n
\u5173\u4e8eServiceNodePortStaticSubrange\uff0c\u6211\u4eec\u5df2\u7ecf\u6574\u7406\u4e86\u4ee5\u4e0b\u5404\u4e2a\u5355\u72ec\u6587\u7ae0\u3002<\/p>\n
<\/p>\n \u4ee5\u4e0b\u662f\u6211\u5bf9Kubernetes v1.28\u7684\u53d8\u66f4\u65e5\u5fd7\u8fdb\u884c\u7684\u4e2d\u6587\u7ffb\u8bd1\u3002\u8fd9\u90e8\u5206\u662f\u6211\u7684\u8865\u5145\u8bf4\u660e\u3002<\/p>\n \u4f7f\u7528\u4ece Kubernetes API\uff08\/api\/\uff0c\/apis\/\uff09\u83b7\u53d6\u7684\u4fe1\u606f\uff0c\u6211\u4eec\u786e\u8ba4\u4e86 Kubernetes 1.27 \u548c 1.28 \u9ed8\u8ba4\u542f\u7528\u7684 API \u7684\u5dee\u5f02\u3002\u6b64\u6b21\u66f4\u6539\u53ea\u6dfb\u52a0\u4e86\u4e00\u4e2a API\u3002<\/p>\n authentication.k8s.io\/v1\/selfsubjectreview<\/p>\n kubectl auth whoami \u304c\u30c7\u30d5\u30a9\u30eb\u30c8\u3067\u4f7f\u3048\u308b\u3088\u3046\u306b<\/p>\n API \u306e\u524a\u9664: \u306a\u3057 \u7531\u4e8e\u6dfb\u52a0\u4e86 SelfSubjectReview v1 \u5e76\u9ed8\u8ba4\u542f\u7528\uff0c\u73b0\u5728\u53ef\u4ee5\u4f7f\u7528 kubectl auth whoami \u6765\u663e\u793a\u8bbf\u95ee\u7528\u6237\u7684\u4fe1\u606f\u3002(\u9700\u8981 kubectl v1.28.0 \u6216\u66f4\u9ad8\u7248\u672c\u624d\u53ef\u4f7f\u7528)<\/p>\n Kubernetes\u7684API\u7248\u672c\u517c\u5bb9\u6027\u8868\u4e5f\u5df2\u66f4\u65b0\u81f3Kubernetes 1.28\u7684\u6700\u65b0\u4fe1\u606f\u3002<\/p>\n <\/p>\n in-tree \u306e\u30dc\u30ea\u30e5\u30fc\u30e0\u30d7\u30e9\u30b0\u30a4\u30f3\u306e\u8106\u5f31\u6027\u5bfe\u5fdc(CVE-2020-8555) \u306e\u305f\u3081\u306b\u5165\u3063\u305f\u30d5\u30e9\u30b0\u3067\u3059\u304c\u3001\u73fe\u5728\u306f\u672a\u4f7f\u7528\u306e\u305f\u3081\u524a\u9664\u3055\u308c\u305f\u3088\u3046\u3067\u3059\u3002<\/p>\n \u53d6\u308a\u4e0b\u3052\u3068\u306a\u3063\u305f\u6a5f\u80fd NetworkPolicyStatus \u304c\u524a\u9664\u3055\u308c\u307e\u3057\u305f\u3002 (#115843, @rikatz)<\/p>\n \u3053\u308c\u306f KEP-2943: Network Policy Status subresource \u3067\u9032\u3081\u3089\u308c\u3066\u3044\u305f\u3001NetworkPolicy \u306b status \u30b5\u30d6\u30ea\u30bd\u30fc\u30b9\u3092\u8ffd\u52a0\u3059\u308b\u6a5f\u80fd\u3067\u3057\u305f\u3002\u3057\u304b\u3057 alpha \u306e\u307e\u307e\u53d6\u308a\u4e0b\u3052\u308b\u3053\u3068\u304c\u6c7a\u307e\u3063\u305f\u3088\u3046\u3067\u3059\u3002<\/p>\n \u3053\u306e\u30d5\u30a3\u30fc\u30eb\u30c9\u306b\u4f7f\u308f\u308c\u3066\u3044\u305f protobuf \u306e\u30d5\u30a3\u30fc\u30eb\u30c9\u756a\u53f7\u304c\u5c06\u6765\u306b\u6e21\u3063\u3066\u6b20\u756a\u306b\u306a\u308b\u3088\u3046\u306b Test_NetworkPolicyRemovedFieldProtobufNumberReservation \u3068\u3044\u3046\u30c6\u30b9\u30c8\u304c\u8ffd\u52a0\u3055\u308c\u3066\u3044\u307e\u3057\u305f\u3002<\/p>\n KEP-1860 Make Kubernetes aware of the LoadBalancer behaviour \u306e\u5b9f\u88c5\u3067\u3059\u3002<\/p>\n kube-proxy: \u69cb\u9020\u5316\u30ed\u30ae\u30f3\u30b0\u3092\u30b5\u30dd\u30fc\u30c8\u3059\u308b\u305f\u3081\u306e –logging-format \u30d5\u30e9\u30b0\u304c\u8ffd\u52a0\u3055\u308c\u307e\u3057\u305f\u3002(#117800, @cyclinder)<\/p>\n IPTablesOwnershipCleanup \u6a5f\u80fd (KEP-3178) \u306f GA \u3068\u306a\u308a\u3001kubelet \u306f KUBE-MARK-DROP \u30c1\u30a7\u30a4\u30f3(\u3053\u3053\u6570\u30ea\u30ea\u30fc\u30b9\u306e\u9593\u4f7f\u308f\u308c\u3066\u3044\u306a\u3044\u3082\u306e)\u3068 KUBE-MARK-MASQ \u30c1\u30a7\u30a4\u30f3(\u73fe\u5728 kube-proxy \u306e\u307f\u304c\u4f5c\u6210\u3059\u308b)\u3092\u4f5c\u6210\u3057\u306a\u304f\u306a\u308a\u307e\u3057\u305f\u3002(#119374, @danwinship)<\/p>\n \u30ce\u30fc\u30c9 IP \u306e\u30a2\u30ce\u30c6\u30fc\u30b7\u30e7\u30f3\u304c\u30c7\u30e5\u30a2\u30eb\u30b9\u30bf\u30c3\u30af\u306e\u3068\u304d\u306b alpha.kubernetes.io\/provided-node-ip \u30a2\u30ce\u30c6\u30fc\u30b7\u30e7\u30f3\u306b 1 \u3064\u306e IP \u30a2\u30c9\u30ec\u30b9\u3057\u304b\u8a2d\u5b9a\u3055\u308c\u3066\u3044\u306a\u3044\u3068\u3044\u3046\u554f\u984c\u306e\u4fee\u6b63\u3067\u3059<\/p>\n kube-proxy \u306f\u505c\u6b62\u4e2d\u306e EndpointSlice \u306e\u6761\u4ef6\u3092\u51e6\u7406\u3059\u308b\u3088\u3046\u306b\u306a\u308a\u3001ExternalTrafficPolicy=Local \u306e Service \u3067\u30bc\u30ed\u30c0\u30a6\u30f3\u30bf\u30a4\u30e0\u306e\u30c7\u30d7\u30ed\u30a4\u30e1\u30f3\u30c8\u304c\u53ef\u80fd\u306b\u306a\u308a\u307e\u3057\u305f\u3002author: @andrewsykim (#117718, @aojea) [SIG Network, Testing and Windows]<\/p>\n \u4ee5\u524d\u304b\u3089\u3042\u308b ProxyTerminatingEndpoints \u3068\u3044\u3046\u6a5f\u80fd\u3067\u3059\u304c GA \u3068\u306a\u308a\u307e\u3057\u305f<\/p>\n kube-proxy \u30b5\u30fc\u30d3\u30b9\u30d8\u30eb\u30b9\u306f\u30ed\u30fc\u30ab\u30eb\u30a8\u30f3\u30c9\u30dd\u30a4\u30f3\u30c8\u306e\u6570\u3092\u793a\u3059 HTTP \u30d8\u30c3\u30c0 X-Load-Balancing-Endpoint-Weight \u3092\u8fd4\u3059\u3088\u3046\u306b\u306a\u308a\u307e\u3057\u305f\u3002\u540c\u3058\u60c5\u5831\u306f\u30ec\u30b9\u30dd\u30f3\u30b9\u30dc\u30c7\u30a3\u306e JSON payload.LocalEndpoints \u3067\u3082\u5229\u7528\u53ef\u80fd\u3067\u3059\u3002(#118999, @cezarygerard)<\/p>\n pkg\/controller\/endpoint \u304c contextual \u30ed\u30ae\u30f3\u30b0\u306b\u79fb\u884c\u3057\u307e\u3057\u305f\u3002(#116755, @my-git9) kubernetes\/endpointslice \u3068\u3044\u3046\u30ea\u30dd\u30b8\u30c8\u30ea\u306b\u5206\u3051\u3089\u308c\u3001out-of-tree \u306e EndpointSlice \u30b3\u30f3\u30c8\u30ed\u30fc\u30e9\u304b\u3089\u30ed\u30b8\u30c3\u30af\u3092\u518d\u5229\u7528\u3067\u304d\u308b\u3088\u3046\u306b\u306a\u308a\u307e\u3057\u305f\u3002(KEP-3685: Move EndpointSlice Reconciler into Staging)<\/p>\n ServiceNodePortStaticSubrange \u30d5\u30a3\u30fc\u30c1\u30e3\u30fc\u30b2\u30fc\u30c8\u304c\u30d9\u30fc\u30bf\u306b\u6607\u683c\u3057\u3001\u30c7\u30d5\u30a9\u30eb\u30c8\u3067\u6709\u52b9\u306b\u306a\u308a\u307e\u3059 (#117877, @xuzhenglun)<\/p>\n \u500b\u5225\u8a18\u4e8b\u306b\u307e\u3068\u3081\u307e\u3057\u305f\u3002\u57fa\u672c\u7684\u306b ServiceIPStaticSubrange \u306e\u30ce\u30fc\u30c9\u30dd\u30fc\u30c8\u7248\u3067\u3059\u3002<\/p>\n ExpandedDNSConfig \u6a5f\u80fd\u304c GA \u3068\u306a\u308a\u307e\u3057\u305f\u3002ExpandedDNSConfig \u30d5\u30a3\u30fc\u30c1\u30e3\u30fc\u306f\u30c7\u30d5\u30a9\u30eb\u30c8\u5024\u306b\u56fa\u5b9a\u3055\u308c\u3001v1.30 \u3067\u524a\u9664\u3055\u308c\u307e\u3059\u3002\u3082\u3057\u3053\u306e\u30d5\u30a3\u30fc\u30c1\u30e3\u30fc\u30b2\u30fc\u30c8\u3092\u660e\u793a\u7684\u306b\u8a2d\u5b9a\u3057\u3066\u3044\u308b\u5834\u5408\u306f\u4eca\u3059\u3050\u524a\u9664\u3057\u3066\u304f\u3060\u3055\u3044\u3002(#116741, @gjkim42) [SIG Apps, Network and Node] KEP-3836: Kube-proxy improved ingress connectivity reliability \u306e\u5b9f\u88c5\u3067\u3059\u3002<\/p>\n klog \u306e\u30c6\u30ad\u30b9\u30c8\u51fa\u529b\u306f\u3001\u69cb\u9020\u4f53\u3001\u30de\u30c3\u30d7\u3001\u30b9\u30e9\u30a4\u30b9\u306b\u5bfe\u3059\u308b\u30a8\u30f3\u30b3\u30fc\u30c7\u30a3\u30f3\u30b0\u306b JSON \u3092\u4f7f\u3046\u3088\u3046\u306b\u306a\u308a\u307e\u3057\u305f\u3002(#117687, @pohly) WinProxy (Windows) \u306e\u307f\u306e\u8a71\u3067\u3059\u3002<\/p>\n Pod \u306e\u30b3\u30f3\u30c6\u30ca\u30dd\u30fc\u30c8\u306b\u5bfe\u3059\u308b\u66f4\u65b0\u30fb\u30d1\u30c3\u30c1\u3067\u30dd\u30fc\u30c8\u304c\u91cd\u8907\u3057\u3066\u3044\u308b\u5834\u5408\u306e\u8b66\u544a\u3092\u8ffd\u52a0\u3057\u307e\u3057\u305f\u3002(#113245, @pacoxu)<\/p>\n kubectl \u3067\u306f Warning: spec.containers[0].ports[1]: duplicate port definition with spec.containers[0].ports[0] \u306e\u3088\u3046\u306a Warning \u304c\u8868\u793a\u3055\u308c\u307e\u3059<\/p>\n TopologyCache \u3067 AddHints \u3068 SetNodes \u304c\u540c\u6642\u306b\u547c\u3070\u308c\u305f\u3068\u306e\u30c7\u30fc\u30bf\u7af6\u5408\u3092\u4fee\u6b63\u3057\u307e\u3057\u305f\u3002(#117249, @tnqn) [SIG Apps and Network] topology.kubernetes.io\/zone \u30e9\u30d9\u30eb\u304c\u30ce\u30fc\u30c9\u306e\u4f5c\u6210\u5f8c\u306b\u8ffd\u52a0\u3055\u308c\u305f\u5834\u5408\u306b\u3001Topology Aware Hints \u304c\u52d5\u4f5c\u3057\u306a\u3044\u554f\u984c\u3092\u4fee\u6b63\u3057\u307e\u3057\u305f\u3002(#117245, @tnqn) <\/p>\n kube-controller-manager \u5185\u3067\u547c\u3070\u308c\u308b podgc \u30b3\u30f3\u30c8\u30ed\u30fc\u30e9\u3068\u305d\u306e\u4ed6\u306e\u30ed\u30b0\u3092 contextual \u30ed\u30ae\u30f3\u30b0 \u3092\u4f7f\u3046\u3088\u3046\u306b\u3057\u307e\u3057\u305f\u3002kube-controller-manager \u306e\u5909\u66f4 (contextual \u30ed\u30ae\u30f3\u30b0\u79fb\u884c) \u306f\u5b8c\u5168\u306b\u7d42\u308f\u308a\u307e\u3057\u305f\u3002(#119250, @pohly) [SIG API Machinery, Apps, Cloud Provider, Instrumentation, Network, Storage and Testing] OpenAPI v2 \u306e\u30b9\u30da\u30c3\u30af\u3092 50% \u4ee5\u4e0a\u7e2e\u5c0f\u3057\u307e\u3057\u305f\u3002\u7279\u306b CPU \u306e\u30ea\u30bd\u30fc\u30b9\u6d88\u8cbb\u304c\u524a\u6e1b\u3055\u308c\u307e\u3059\u3002(#118204, @sttts)<\/p>\n \u53c2\u7167\u8a18\u6cd5 ($ref) \u3092\u4f7f\u3063\u3066\u91cd\u8907\u3057\u305f\u30d1\u30e9\u30e1\u30fc\u30bf\u3092\u7701\u7565\u3059\u308b\u3053\u3068\u3067\u5b9f\u73fe\u3057\u3066\u3044\u307e\u3059\u3002<\/p>\n OpenAPI v2 \u306e\u30b9\u30da\u30c3\u30af\u306f kubectl get –raw \/openapi\/v2 | jq . \u3067\u78ba\u8a8d\u3067\u304d\u307e\u3059<\/p>\n v1.21 \u3067\u5ec3\u6b62\u4e88\u5b9a\u3068\u306a\u3063\u305f NetworkPolicyLegacy \u30c6\u30b9\u30c8\u30b9\u30a4\u30fc\u30c8\u306f\u65b0\u3057\u3044\u30c6\u30fc\u30d6\u30eb\u30c9\u30ea\u30d6\u30f3\u306e e2e \u30c6\u30b9\u30c8\u306b\u7f6e\u304d\u63db\u3048\u3089\u308c\u6b63\u5f0f\u306b\u524a\u9664\u3055\u308c\u307e\u3057\u305f\u3002(#118915, @astoycos)<\/p>\n \u6211\u6765\u4ecb\u7ecd\u4e00\u4e0b\u5728SIG-Network\u4e2d\u6211\u4e2a\u4eba\u89c9\u5f97\u5f88\u6709\u610f\u601d\u7684\u8bdd\u9898\u3002<\/p>\n pod LifecycleHandler should support a sleep option #114465<\/p>\n Kubernetes \u3067\u5b89\u5168\u306b Pod \u3092\u7d42\u4e86\u3059\u308b\u3068\u304d\u306b\u5fc5\u8981\u306a sleep \u3092 LifecycleHandler \u306b\u7d44\u307f\u8fbc\u3080\u3068\u3044\u3046\u63d0\u6848\u3067\u3059<\/p>\n KEP \u306f\u30de\u30fc\u30b8\u3055\u308c\u307e\u3057\u305f\u305f\u304c \u5b9f\u88c5 PR \u306f\u30ec\u30d3\u30e5\u30fc\u4e2d\u3067\u3057\u305f<\/p>\n Service \u3067\u30d7\u30ed\u30c8\u30b3\u30eb\u304c\u9055\u3046\u304c\u30dd\u30fc\u30c8\u756a\u53f7\u304c\u91cd\u8907\u3057\u305f\u3068\u304d\u306b apply \u306e\u6319\u52d5\u304c\u304a\u304b\u3057\u3044\u554f\u984c<\/p>\n https:\/\/github.com\/kubernetes\/kubernetes\/issues\/118725 \u6211\u603b\u7ed3\u4e86Kubernetes 1.28\u7248\u672c\u7684SIG-Network\u7f51\u7edc\u53d8\u66f4\u5185\u5bb9\u3002\u57281.28\u7248\u672c\u4e2d\uff0c\u5f15\u5165\u4e86\u9ed8\u8ba4\u542f […]<\/p>\n","protected":false},"author":10,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-35469","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"yoast_head":"\n
\nKubernetes 1.26\uff1aSIG-Network\u7684\u53d8\u66f4\u5185\u5bb9
\nKubernetes 1.25\uff1aSIG-Network\u7684\u53d8\u66f4\u5185\u5bb9
\nKubernetes 1.24\uff1aSIG-Network\u7684\u53d8\u66f4\u5185\u5bb9
\nKubernetes 1.23\uff1aSIG-Network\u7684\u53d8\u66f4\u5185\u5bb9
\nKubernetes 1.22\uff1aSIG-Network\u7684\u53d8\u66f4\u5185\u5bb9
\nKubernetes 1.21\uff1aSIG-Network\u7684\u53d8\u66f4\u5185\u5bb9
\nKubernetes 1.20\uff1aSIG-Network\u7684\u53d8\u66f4\u5185\u5bb9
\nKubernetes 1.19\uff1aSIG-Network\u7684\u53d8\u66f4\u5185\u5bb9
\nKubernetes 1.18\uff1aSIG-Network\u7684\u53d8\u66f4\u5185\u5bb9
\nKubernetes 1.17\uff1aSIG-Network\u7684\u53d8\u66f4\u5185\u5bb9
\nKubernetes 1.16\uff1aSIG-Network\u7684\u53d8\u66f4\u5185\u5bb9
\nKubernetes 1.15\uff1aSIG-Network\u7684\u53d8\u66f4\u5185\u5bb9
\nKubernetes 1.14\uff1aSIG-Network\u7684\u53d8\u66f4\u5185\u5bb9<\/details>\nKubernetes 1.27 \u548c 1.28 \u7248\u672c\u7684 API \u5dee\u5f02<\/h2>\n
\n
API \u306e\u8ffd\u52a0:<\/ul>\n<\/li>\n<\/ul>\n
\nDeprecation \u306e\u6307\u5b9a: \u306a\u3057<\/p>\n$<\/span> kubectl auth whoami<\/span>\r\nATTRIBUTE VALUE\r\nUsername kubernetes-admin\r\nGroups [system:masters system:authenticated]\r\n<\/span><\/code><\/pre>\n\u5f03\u7528<\/h2>\n
\n
kube-controller-manager \u3067 –volume-host-cidr-denylist \u3068 –volume-host-allow-local-loopback \u306e\u30d5\u30e9\u30b0\u304c\u5ec3\u6b62\u4e88\u5b9a\u3068\u306a\u308a\u307e\u3057\u305f\u3002(#118128, @carlory) [SIG API Machinery, Apps, Network, Node, Storage and Testing]<\/ul>\n<\/li>\n<\/ul>\n
API\u53d8\u66f4<\/h2>\n
\n
loadbalancer status ingress \u306b IP mode \u30d5\u30a3\u30fc\u30eb\u30c9\u304c\u8ffd\u52a0\u3055\u308c\u307e\u3057\u305f\u3002(#118895, @RyanAoh)<\/ul>\n<\/li>\n<\/ul>\n
\u529f\u80fd\u65b0\u589e<\/h2>\n
\n
\u30a2\u30eb\u30d5\u30a1\u306e CloudDualStackNodeIPs \u6a5f\u80fd\u3092\u4fee\u6b63\u3057\u307e\u3057\u305f\u3002(#118329, @danwinship)<\/ul>\n<\/li>\n<\/ul>\n
\n\u30b3\u30f3\u30c8\u30ed\u30fc\u30e9\u95a2\u6570\u304c contextual \u30ed\u30ae\u30f3\u30b0\u3092\u4f7f\u7528\u3059\u308b\u3088\u3046\u306b\u79fb\u884c\u3057\u307e\u3057\u305f\u3002(#116930, @fatsheep9146) [SIG API Machinery, Apps, Network, Node, Storage and Testing]
\nkube-controller-manager \u306e EndpointSlice \u3068 EndpointSliceMirroring \u30b3\u30f3\u30c8\u30ed\u30fc\u30e9\u304c contextual \u30ed\u30ae\u30f3\u30b0\u3092\u4f7f\u7528\u3059\u308b\u3088\u3046\u306b\u79fb\u884c\u3057\u307e\u3057\u305f\u3002(#115295, @Namanl2001) [SIG API Machinery, Apps, Network and Testing]
\n\u65b0\u305f\u306b EndpointSlice reconciler \u306e\u305f\u3081\u306e\u30b9\u30c6\u30fc\u30b8\u30f3\u30b0\u30ea\u30dd\u30b8\u30c8\u30ea\u304c\u4f5c\u3089\u308c\u307e\u3057\u305f\u3002(#118953, @mskrocki)<\/p>\n
\n[kube-proxy]: \u505c\u6b62\u4e2d (terminating) \u306e\u30ce\u30fc\u30c9\u304b\u3089\u306e\u63a5\u7d9a\u306e\u30c9\u30ec\u30a4\u30f3 (connection draining) \u304c\u5b9f\u88c5\u3055\u308c\u307e\u3057\u305f\u3002(#116470, @alexanderConstantinescu)<\/p>\n
\niptables \u30e2\u30fc\u30c9\u306e kube-proxy \u306f\u65e2\u5b58\u306e sync_proxy_rules_duration_seconds \u306b\u52a0\u3048\u3066\u3001sync_full_proxy_rules_duration_seconds \u3068 sync_partial_proxy_rules_duration_seconds \u3092\u500b\u5225\u306b\u6301\u3064\u3088\u3046\u306b\u306a\u308a\u307e\u3059\u3002\u3053\u308c\u306b\u3088\u308a\u4e21\u65b9\u306e\u7a2e\u985e\u306e\u52a0\u91cd\u5e73\u5747\u3060\u3051\u3067\u306a\u304f\u3001\u5404\u540c\u671f\u3054\u3068\u306e\u6240\u8981\u6642\u9593\u304c\u63d0\u4f9b\u3055\u308c\u308b\u3088\u3046\u306b\u306a\u308a\u307e\u3059\u3002(#117787, @danwinship)<\/p>\n\u9519\u8bef\u6216\u56de\u5f52 (\u932f\u8aa4\u6216\u56de\u6b78)<\/h2>\n
\n
\u554f\u3044\u5408\u308f\u305b\u305f\u30a8\u30f3\u30c9\u30dd\u30a4\u30f3\u30c8\u306e\u30ea\u30b9\u30c8\u306e\u7e70\u308a\u8fd4\u3057\u51e6\u7406\u3067\u3001\u30a8\u30f3\u30c9\u30dd\u30a4\u30f3\u30c8\u306e IP \u8a2d\u5b9a\u306b\u5bfe\u3059\u308b\u8ffd\u52a0\u691c\u8a3c\u3092\u8ffd\u52a0\u3057\u307e\u3057\u305f\u3002(#116749, @princepereira)<\/ul>\n<\/li>\n<\/ul>\n
\nLocalModeNodeCIDR \u3092\u4f7f\u3063\u305f\u5834\u5408\u306e kube-proxy \u306e\u7af6\u5408\u72b6\u614b\u3092\u4fee\u6b63\u3057\u307e\u3057\u305f\u3002kube-proxy \u306e\u8d77\u52d5\u4e2d\u306b\u30ce\u30fc\u30c9\u30aa\u30d6\u30b8\u30a7\u30af\u30c8\u304c\u518d\u4f5c\u6210\u3055\u308c\u305f\u3068\u304d\u306b Service \u306e\u30c8\u30e9\u30d5\u30a3\u30c3\u30af\u304c\u30c9\u30ed\u30c3\u30d7\u3059\u308b\u3053\u3068\u3092\u907f\u3051\u3089\u308c\u308b\u3088\u3046\u306b\u306a\u308a\u307e\u3057\u305f\u3002 (#118499, @aojea)<\/p>\n
\nhttp (live-\/readiness)-probe \u3067\u30d8\u30c3\u30c0\u304c\u5c0f\u6587\u5b57\u3060\u3063\u305f\u5834\u5408\u306b\u3001\u610f\u56f3\u305b\u305a\u30ab\u30b9\u30bf\u30e0\u306e Accept \u30d8\u30c3\u30c0\u3092\u4e0a\u66f8\u304d\u3057\u3066\u3044\u305f\u30d0\u30b0\u3092\u4fee\u6b63\u3057\u307e\u3057\u305f\u3002(#114606, @tuunit)
\n\u30bf\u30a4\u30df\u30f3\u30b0\u30c8\u30ec\u30fc\u30b9\u306e\u8a18\u9332\u306b\u7af6\u5408\u72b6\u614b\u304c\u3042\u308a\u307e\u3057\u305f\u3002\u5b9f\u969b\u306e\u5f71\u97ff\u306f\u304a\u305d\u3089\u304f\u4f4e\u304b\u3063\u305f\u3067\u3059\u3002(#117139, @pohly) [SIG API Machinery, Architecture, Auth, CLI, Cloud Provider, Cluster Lifecycle, Instrumentation, Network, Node and Storage]
\nkube-proxy \u306e sync_proxy_rules_iptables_total \u30e1\u30c8\u30ea\u30c3\u30af\u306f\u30011.27 \u4ee5\u524d\u306e\u6319\u52d5\u306b\u623b\u308a\u307e\u3057\u305f\u3002\u3053\u308c\u306f kube-proxy \u304c\u8cac\u4efb\u3092\u6301\u3064 iptables \u306e\u30eb\u30fc\u30eb\u306e\u7dcf\u6570\u3092\u8ffd\u8de1\u3059\u308b\u3082\u306e\u3067\u3001\u6700\u5f8c\u306e\u540c\u671f\u3067\u518d\u540c\u671f\u3057\u305f\u30eb\u30fc\u30eb\u6570\u3060\u3051\u3092\u6570\u3048\u308b\u306e\u3067\u306f\u3042\u308a\u307e\u305b\u3093\u3002\u5f8c\u8005\u306e\u6570\u5b57\u306f\u65b0\u305f\u306b sync_proxy_rules_iptables_last \u30e1\u30c8\u30ea\u30c3\u30af\u304c\u63d0\u4f9b\u3055\u308c\u307e\u3059\u3002(#119140, @danwinship) [SIG Network]
\n[KCCM] service controller: \u30af\u30e9\u30a6\u30c9\u30b3\u30f3\u30c8\u30ed\u30fc\u30e9\u30de\u30cd\u30fc\u30b8\u30e3\u3092\u3001\u30ce\u30fc\u30c9\u306e\u540c\u671f\u6642\u306b providerID \u3092 predicate \u3068\u3059\u308b\u3088\u3046\u306b\u5909\u66f4\u3057\u307e\u3057\u305f\u3002\u3053\u306e\u5909\u66f4\u306b\u3088\u308a\u30ed\u30fc\u30c9\u30d0\u30e9\u30f3\u30b5\u306e\u7d71\u5408\u3067\u3001\u30ed\u30fc\u30c9\u30d0\u30e9\u30f3\u30b5\u3068\u30bf\u30fc\u30b2\u30c3\u30c8\u3092\u8a2d\u5b9a\u3059\u308b\u969b\u306b providerID \u304c\u8a2d\u5b9a\u3055\u308c\u3066\u3044\u308b\u3053\u3068\u3092\u4fdd\u8a3c\u3057\u307e\u3059\u3002(#117388, @alexanderConstantinescu) [SIG Cloud Provider and Network]<\/p>\n\u5176\u4ed6\uff08\u6e05\u6d01\u6216\u7247\u72b6\uff09(\u5176\u5b83)<\/h2>\n
\n
kube-proxy \u306f IP \u30d5\u30a1\u30df\u30ea\u306e\u8a2d\u5b9a\u306b\u77db\u76fe\u304c\u3042\u308b\u3068\u304d\u3001\u8d77\u52d5\u6642\u306b\u8b66\u544a\u3092\u51fa\u3059\u3088\u3046\u306b\u306a\u308a\u307e\u3057\u305f\u3002(\u4f8b\u3048\u3070 IPv4 \u306e\u30ce\u30fc\u30c9 IP \u3092\u6301\u3063\u3066\u3044\u3068\u304d\u306b –cluster-cidr \u304c IPv6 \u3067\u3042\u308b\u5834\u5408) (#119003, @danwinship) [SIG Network]<\/ul>\n<\/li>\n<\/ul>\n
\n
kube-proxy: \u30b3\u30f3\u30d5\u30a3\u30b0\u30d5\u30a1\u30a4\u30eb\u3092\u4f7f\u308f\u306a\u304b\u3063\u305f\u3068\u304d\u306e\u30ed\u30b0\u306e\u8b66\u544a\u3092\u524a\u9664\u3057\u307e\u3057\u305f\u3002(#118115, @TommyStarK) [SIG Network]<\/ul>\n<\/li>\n<\/ul>\n
\nGA \u3068\u306a\u3063\u305f\u30d5\u30a3\u30fc\u30c1\u30e3\u30fc\u30b2\u30fc\u30c8 MixedProtocolLBService, ServiceInternalTrafficPolicy, ServiceIPStaticSubrange, EndpointSliceTerminatingCondition \u3092\u524a\u9664\u3057\u307e\u3057\u305f\u3002(#117237, @yulng)<\/p>\n\u672a\u6765\u8bdd\u9898\u7684\u4ecb\u7ecd<\/h2>\n
\nhttps:\/\/github.com\/kubernetes\/kubernetes\/issues\/105610
\nhttps:\/\/github.com\/kubernetes\/kubernetes\/issues\/114402
\nhttps:\/\/github.com\/kubernetes\/kubernetes\/issues\/119126<\/p>\n","protected":false},"excerpt":{"rendered":"