Kubernetes 1.32 'Penelope' Introduces Key Innovations for Open Source Cloud Deployment

The last major update of the open source Kubernetes container orchestration platform for 2024 is now available, bringing with it a host of innovations for cloud-native deployments.

Kubernetes in recent years emerged as the de facto standard for cloud deployment and is supported on all three major public cloud providers' platforms as well as on private cloud and on-premises environments. Kubernetes is the flagship technology of the Cloud Native Computing Foundation (CNCF), which itself is part of the Linux Foundation. At the recent KubeCon 2024 event, the CNCF celebrated 10 years of Kubernetes, which has helped to spawn a large ecosystem of open source cloud-native technologies.

As with all recent Kubernetes releases, the code name has specific meaning. Kubernetes 1.31, which was released in August, was code-named Elli as a whimsical tribute to a cute dog. The new 1.32 release is code-named Penelope, paying homage to the Greek roots of the project name (Kubernetes means "pilot" in Greek) and the idea of a release cycle as a journey. 

"Penelope wove and unwove during 10 years, which seemed apropos for the last release of the year. Kubernetes turns 10 years old," Frederico Muñoz, release lead for Kubernetes 1.32, told ITPro Today. "We also add and remove features, so it seemed like a good choice for the release."

Related:How to Simplify Kubernetes Management

The new Kubernetes release was developed over a 14-week period, benefiting from the participation of 125 contributing companies and 559 individual contributors. Kubernetes 1.32 brings 44 enhancements across various stages of maturity, with 13 features graduating to stable status, 12 moving to beta, and 19 being new alpha features.

Among the key new features in the release are the following:

Conformance Testing Hits New Milestone in Kubernetes 1.32

The feature that Muñoz is particularly happy about is achieving 100% conformance testing coverage for the first time.

"The Kubernetes Conformance Test Suite checks if Kubernetes distributions meet the project's specifications, ensuring compatibility across different implementations," he said.

There are many different Kubernetes distributions from multiple vendors and cloud providers. Muñoz noted that the test suite covers various features like APIs, networking, storage, scheduling, and security. He added that passing the tests confirms proper implementation and promotes a consistent and portable container orchestration platform.

Related:Comparing Container Orchestration Tools: Kubernetes, Docker Swarm, Apache Mesos

Dynamic Resource Allocation Gets a Boost for AI

A foundational aspect of Kubernetes is its ability to scale to meet workload and traffic requirements.

One of the ways that Kubernetes enables efficient scaling is with dynamic resource allocation (DRA). There is a new implementation of DRA in Kubernetes 1.32 that Muñoz said will help position Kubernetes to better face increasingly demanding requirements, especially those that require the management of other resources that are not CPU or RAM, like GPUs and FPGA, which is becoming increasingly common due to AI workloads. 

The new DRA is also being celebrated by Kubernetes vendors, including Red Hat, which develops its own Kubernetes distribution known as OpenShift.

"We're very excited about the latest dynamic resource allocation changes in Kubernetes v1.32, which allows Kubernetes to handle new hardware requirements and resource claims more predictably," Ju Lim, senior manager, OpenShift product management and distinguished engineer at Red Hat, told ITPro Today. "This will drive and expand the use of Kubernetes for AI and edge workloads." 

Going a step further, Kubernetes 1.32 gains a new stable feature for memory-backed volume sizing.

"This KEP [Kubernetes Enhancement Proposal] improves the portability of pod definitions that use memory backed empty dir volumes by sizing an empty dir memory backed volume as the minimum of pod allocatable memory on a host and an optional explicit user provided value," KEP #1967 states.

Anonymous Authorization Gets Locked Down

On the security front there is one new addition that is now in beta: anonymous authentication control.

While Kubernetes has enabled anonymous access, it hasn't had quite the level of precision that some organizations have wanted, which is what the new feature helps to fix.

"This feature lets admins specify which endpoints are allowed for anonymous requests," the Kubernetes 1.32 release notes states. "For example, the admin can choose to only allow anonymous access to health endpoints like /healthz, /livez, and /readyz while making sure preventing anonymous access to other cluster endpoints or resources even if a user misconfigures RBAC."