Hacker News new | past | comments | ask | show | jobs | submit login

Shame they aren't updating anything older than 1.10. 1.09 was released just a year ago.

The commercial K8S vendors seem to be doing the patch all the way back. Smart move by them to signal to the enterprise the value of using a commercially supported K8S distribution over something like kops or kubeadm.




Kubernetes has a hard time defining itself sometimes, this behavior makes sense if you think of Kubernetes as a kernel. You either run directly on the kernel, or use a OS that adds features and LTS support to it.

I know however that there is a LTS-SIG that’s trying to figure out what Kubernetes is, and for how long old releases should be supported.


Yeah, that's a bit worrying, k8s needs to take security very seriously. if your k8s cluster get's compromised, it's all your machines & apps getting compromised at the exact time. This is worse than a typical remote exploit that might give access to one server or app.


If you're using something like kops or kubeadm, chances are you're on the latest anyway and updating will take you all of an hour and zero downtime.

The Kubernetes project is pretty explicit about only supporting 3 minor versions back, which gives you a full 3 quarters to figure out if the changes break anything you have deployed and fix those cases. If that's too fast, you're probably an Enterprise anyway and uncomfortable with anything but vendor support.


1.09 was released just a year ago.

Quite normal in this space, see Docker for example.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: