Knative
knative-v1.21.1Orchestration & ManagementKnative v1.21.1 is a patch release that rebuilds v1.21.0 with Kubernetes v1.25.7 and provides advance notice of upcoming security defaults changes in v1.22.
breakingTest workloads for v1.22 security changes now
The secure-pod-defaults will change from disabled to AllowRootBounded in v1.22. Test your workloads with this setting enabled now. If incompatible, explicitly set secure-pod-defaults to disabled in your configuration before upgrading to v1.22 to avoid service disruptions.
securityPrepare for enhanced pod security posture
Review your container images and workloads that run as root. The upcoming AllowRootBounded setting restricts root access while maintaining compatibility. Audit your applications now and consider migrating away from root execution where possible for better security alignment.
主な変更 (4)
- Rebuilt with Kubernetes v1.25.7 for compatibility and stability
- secure-pod-defaults remains disabled by default in v1.21.1
- Future v1.22 release will change secure-pod-defaults to AllowRootBounded by default
- AllowRootBounded setting provides better security while maintaining compatibility with root-requiring images