From 911cc2145c80b8b0c0e3017747367eb496916c1c Mon Sep 17 00:00:00 2001 From: Morten Torkildsen Date: Wed, 2 Jul 2025 22:51:18 +0000 Subject: [PATCH 1/5] Blog with DRA updates in 1.34 --- .../blog/_posts/XXXX-XX-XX-dra-134-update.md | 92 +++++++++++++++++++ 1 file changed, 92 insertions(+) create mode 100644 content/en/blog/_posts/XXXX-XX-XX-dra-134-update.md diff --git a/content/en/blog/_posts/XXXX-XX-XX-dra-134-update.md b/content/en/blog/_posts/XXXX-XX-XX-dra-134-update.md new file mode 100644 index 0000000000000..9d865fcab632b --- /dev/null +++ b/content/en/blog/_posts/XXXX-XX-XX-dra-134-update.md @@ -0,0 +1,92 @@ +--- +layout: blog +title: "Kubernetes v1.34: DRA has graduated to GA" +slug: dra-134-updates +draft: true +date: XXXX-XX-XX +author: > + The DRA team +--- + +Kubernetes 1.34 is here, and it brings a huge wave of enhancements for Dynamic Resource Allocation (DRA)! This +release marks a major milestone with the Structured Parameters feature graduating to General Availability (GA), +unlocking the full potential of how you manage devices on Kubernetes. On top of that, several key features have +moved to beta, and a fresh batch of new alpha features promise even more expresiveness and flexibility. + +Let's dive into what's new for DRA in Kubernetes 1.34! + +### Structured Parameters is Now GA +The headline feature for DRA in this release is the graduation of Structured Parameters to General Availability. + +Kubernetes Dynamic Resource Allocation (DRA) provides a flexible framework for managing specialized hardware +resources such as GPUs and FPGAs. It provices a flexible API for letting workloads specify the properties of the +devices it needs, but leaving it to the scheduler to allocate actual devices, allowing increased reliability and +improved utilization of expensive hardware. + +With the graduation to GA, DRA is stable and will be part of Kubernetes for the long run. The community can still +expect a steady stream of new features being added to DRA over the next several Kubernetes releases, but they will +not make any breaking changes to DRA. So users and developers of DRA drivers can start adopting DRA with confidence. + +Starting with Kubernetes 1.34, DRA will be enabled by default, as will DRA features that have reached beta. + +### Features promoted to beta +Several powerful features have been promoted to beta, adding more control, flexibility, and observability to resource +management with DRA. + +[Admin Access](/docs/concepts/scheduling-eviction/dynamic-resource-allocation/#admin-access) has been updated so that +only users with access to a namespace with the resource.k8s.io/admin-access: "true" label are authorized to create +ResourceClaim or ResourceClaimTemplates objects with the adminAccess field within the namespace. This grants +administrators access to in-use devices and may enable additional permissions when making the device available in a +container. This ensures that non-admin users cannot misuse the feature. + +[Prioritized List](/docs/concepts/scheduling-eviction/dynamic-resource-allocation/#prioritized-list) lets users specify +a list of acceptable devices for their workloads, rather than just a single type of device. So while the workload +might run best on a single high-performance GPU, it might also be able to run on 2 mid-level GPUs. The scheduler will +attempt to satisfy the alternatives in the list in order, so the workload will be allocated the best set of devices +available in the cluster. + +The PodResources API has been updated to include resources allocated through DRA. This allows node monitoring agents +to know the allocated DRA resources for Pods on a node and makes it possible to use the DRA information in the PodResources API +to develop new features and integrations. + +### New alpha features +Kubernetes 1.34 also introduces several new alpha features that give us a glimpse into the future of resource management with DRA. + +[Extended Resource](/docs/concepts/scheduling-eviction/dynamic-resource-allocation/#extended-resource) support in DRA allow +cluster administrators to advertise DRA-managed resources as extended resources, allowing developers to consume them using +the familiar, simpler request syntax while still benefiting from dynamic allocation. This makes it possible for existing +workloads to start using DRA without modifications, simplifying the transition to DRA for both application developers and +cluster administrators. + +[Consumable Capacity](/docs/concepts/scheduling-eviction/dynamic-resource-allocation/#consumable-capacity) introduces a flexible +device sharing model where multiple, independent resource claims from unrelated +pods can each be allocated a share of the same underlying physical device. This new capability is managed through optional, +administrator-defined sharing policies that govern how a device's total capacity is divided and enforced by the platform for +each request. This allows for sharing of devices in scenarios where pre-defined partitions are not viable. + +[Binding Conditions](/docs/concepts/scheduling-eviction/dynamic-resource-allocation/#binding-conditions) improves scheduling +reliability for certain classes of devices by allowing the Kubernetes scheduler to delay binding a pod to a node until its +required external resources, such as attachable devices or FPGAs, are confirmed to be fully prepared. This prevents premature +pod assignments that could lead to failures and ensures more robust, predictable scheduling by explicitly modeling resource +readiness before the pod is committed to a node. + +Resource Health Status for DRA improves observability by exposing the health status of devices allocated to a Pod via Pod Status. +This works whether the device is allocated through DRA or Device Plugin. This makes it easier to understand the cause of an +unhealthy device and respond properly. + +### What’s next? + +While DRA got promoted to GA this cycle, the hard on DRA doesn't stop. There are several features in alpha and beta that +we plan to bring to GA in the next couple of releases and we are looking to continue to improve performance, scalability +and reliability of DRA. So expect an equally ambitious set of features in DRA for 1.35. + +### Getting involved + +A good starting point is joining the WG Device Management [Slack channel](https://kubernetes.slack.com/archives/C0409NGC1TK) and [meetings](https://docs.google.com/document/d/1qxI87VqGtgN7EAJlqVfxx86HGKEAc2A3SKru8nJHNkQ/edit?tab=t.0#heading=h.tgg8gganowxq), which happen at US/EU and EU/APAC friendly time slots. + +Not all enhancement ideas are tracked as issues yet, so come talk to us if you want to help or have some ideas yourself! We have work to do at all levels, from difficult core changes to usability enhancements in kubectl, which could be picked up by newcomers. + +### Acknowledgments + +A huge thanks to the new contributors to DRA this cycle: +* TODO From e33055e3cdf86f720a0304e4cae6732a398d7aed Mon Sep 17 00:00:00 2001 From: Morten Torkildsen Date: Thu, 7 Aug 2025 19:21:33 +0000 Subject: [PATCH 2/5] Addressed comments --- .../blog/_posts/XXXX-XX-XX-dra-134-update.md | 31 ++++++++++--------- 1 file changed, 17 insertions(+), 14 deletions(-) diff --git a/content/en/blog/_posts/XXXX-XX-XX-dra-134-update.md b/content/en/blog/_posts/XXXX-XX-XX-dra-134-update.md index 9d865fcab632b..b12fe8f46cff8 100644 --- a/content/en/blog/_posts/XXXX-XX-XX-dra-134-update.md +++ b/content/en/blog/_posts/XXXX-XX-XX-dra-134-update.md @@ -11,15 +11,15 @@ author: > Kubernetes 1.34 is here, and it brings a huge wave of enhancements for Dynamic Resource Allocation (DRA)! This release marks a major milestone with the Structured Parameters feature graduating to General Availability (GA), unlocking the full potential of how you manage devices on Kubernetes. On top of that, several key features have -moved to beta, and a fresh batch of new alpha features promise even more expresiveness and flexibility. +moved to beta, and a fresh batch of new alpha features promise even more expressiveness and flexibility. Let's dive into what's new for DRA in Kubernetes 1.34! ### Structured Parameters is Now GA -The headline feature for DRA in this release is the graduation of Structured Parameters to General Availability. +The headline feature of the v1.34 release is that the core of DRA has graduated to General Availability. Kubernetes Dynamic Resource Allocation (DRA) provides a flexible framework for managing specialized hardware -resources such as GPUs and FPGAs. It provices a flexible API for letting workloads specify the properties of the +and infrastructure resources, such as GPUs or FPGAs. DRA provides APIs that enable each workload to specify the properties of the devices it needs, but leaving it to the scheduler to allocate actual devices, allowing increased reliability and improved utilization of expensive hardware. @@ -27,33 +27,36 @@ With the graduation to GA, DRA is stable and will be part of Kubernetes for the expect a steady stream of new features being added to DRA over the next several Kubernetes releases, but they will not make any breaking changes to DRA. So users and developers of DRA drivers can start adopting DRA with confidence. -Starting with Kubernetes 1.34, DRA will be enabled by default, as will DRA features that have reached beta. +Starting with Kubernetes 1.34, DRA is enabled by default; DRA features that have reached beta are also enabled by default. +That's because the default API version for DRA is now the stable `v1` version, and not the earlier versions +(eg: `v1beta1` or `v1beta2`) that needed explicit opt in. ### Features promoted to beta Several powerful features have been promoted to beta, adding more control, flexibility, and observability to resource management with DRA. -[Admin Access](/docs/concepts/scheduling-eviction/dynamic-resource-allocation/#admin-access) has been updated so that -only users with access to a namespace with the resource.k8s.io/admin-access: "true" label are authorized to create -ResourceClaim or ResourceClaimTemplates objects with the adminAccess field within the namespace. This grants -administrators access to in-use devices and may enable additional permissions when making the device available in a -container. This ensures that non-admin users cannot misuse the feature. +[Admin access labelling](/docs/concepts/scheduling-eviction/dynamic-resource-allocation/#admin-access) has been updated. +In v1.34, you can restrict device support to people (or software) authorized to use it. This is meant +as a way to avoid privilege escalation through use of hardware devices that can bypass other security controls. +The restriction works by ensuring that only users with access to a namespace with the +`resource.k8s.io/admin-access: "true"` label are authorized to create +ResourceClaim or ResourceClaimTemplates objects with the `adminAccess` field set to true. This ensures that non-admin users cannot misuse the feature. [Prioritized List](/docs/concepts/scheduling-eviction/dynamic-resource-allocation/#prioritized-list) lets users specify a list of acceptable devices for their workloads, rather than just a single type of device. So while the workload might run best on a single high-performance GPU, it might also be able to run on 2 mid-level GPUs. The scheduler will attempt to satisfy the alternatives in the list in order, so the workload will be allocated the best set of devices -available in the cluster. +available on the node. -The PodResources API has been updated to include resources allocated through DRA. This allows node monitoring agents +The kubelet's API has been updated to report on Pod resources allocated through DRA. This allows node monitoring agents to know the allocated DRA resources for Pods on a node and makes it possible to use the DRA information in the PodResources API to develop new features and integrations. ### New alpha features Kubernetes 1.34 also introduces several new alpha features that give us a glimpse into the future of resource management with DRA. -[Extended Resource](/docs/concepts/scheduling-eviction/dynamic-resource-allocation/#extended-resource) support in DRA allow -cluster administrators to advertise DRA-managed resources as extended resources, allowing developers to consume them using +[Extended resource mapping](/docs/concepts/scheduling-eviction/dynamic-resource-allocation/#extended-resource) support in DRA allows +cluster administrators to advertise DRA-managed resources as _extended resources_, allowing developers to consume them using the familiar, simpler request syntax while still benefiting from dynamic allocation. This makes it possible for existing workloads to start using DRA without modifications, simplifying the transition to DRA for both application developers and cluster administrators. @@ -76,7 +79,7 @@ unhealthy device and respond properly. ### What’s next? -While DRA got promoted to GA this cycle, the hard on DRA doesn't stop. There are several features in alpha and beta that +While DRA got promoted to GA this cycle, the hard work on DRA doesn't stop. There are several features in alpha and beta that we plan to bring to GA in the next couple of releases and we are looking to continue to improve performance, scalability and reliability of DRA. So expect an equally ambitious set of features in DRA for 1.35. From b70d01837d9a73540245175aeea4c93697499cd7 Mon Sep 17 00:00:00 2001 From: Morten Torkildsen Date: Tue, 12 Aug 2025 16:25:50 +0000 Subject: [PATCH 3/5] Addressed more comments and added list of contributors --- .../blog/_posts/XXXX-XX-XX-dra-134-update.md | 31 ++++++++++++------- 1 file changed, 19 insertions(+), 12 deletions(-) diff --git a/content/en/blog/_posts/XXXX-XX-XX-dra-134-update.md b/content/en/blog/_posts/XXXX-XX-XX-dra-134-update.md index b12fe8f46cff8..d4d69f2f9c5ab 100644 --- a/content/en/blog/_posts/XXXX-XX-XX-dra-134-update.md +++ b/content/en/blog/_posts/XXXX-XX-XX-dra-134-update.md @@ -8,20 +8,20 @@ author: > The DRA team --- -Kubernetes 1.34 is here, and it brings a huge wave of enhancements for Dynamic Resource Allocation (DRA)! This +[Kubernetes 1.34](XXXXX) is here, and it brings a huge wave of enhancements for Dynamic Resource Allocation (DRA)! This release marks a major milestone with the Structured Parameters feature graduating to General Availability (GA), unlocking the full potential of how you manage devices on Kubernetes. On top of that, several key features have moved to beta, and a fresh batch of new alpha features promise even more expressiveness and flexibility. Let's dive into what's new for DRA in Kubernetes 1.34! -### Structured Parameters is Now GA +## Structured Parameters is now GA The headline feature of the v1.34 release is that the core of DRA has graduated to General Availability. -Kubernetes Dynamic Resource Allocation (DRA) provides a flexible framework for managing specialized hardware -and infrastructure resources, such as GPUs or FPGAs. DRA provides APIs that enable each workload to specify the properties of the -devices it needs, but leaving it to the scheduler to allocate actual devices, allowing increased reliability and -improved utilization of expensive hardware. +Kubernetes [Dynamic Resource Allocation (DRA)](/docs/concepts/scheduling-eviction/dynamic-resource-allocation/) provides +a flexible framework for managing specialized hardware and infrastructure resources, such as GPUs or FPGAs. DRA +provides APIs that enable each workload to specify the properties of the devices it needs, but leaving it to the +scheduler to allocate actual devices, allowing increased reliability and improved utilization of expensive hardware. With the graduation to GA, DRA is stable and will be part of Kubernetes for the long run. The community can still expect a steady stream of new features being added to DRA over the next several Kubernetes releases, but they will @@ -31,7 +31,7 @@ Starting with Kubernetes 1.34, DRA is enabled by default; DRA features that have That's because the default API version for DRA is now the stable `v1` version, and not the earlier versions (eg: `v1beta1` or `v1beta2`) that needed explicit opt in. -### Features promoted to beta +## Features promoted to beta Several powerful features have been promoted to beta, adding more control, flexibility, and observability to resource management with DRA. @@ -52,7 +52,7 @@ The kubelet's API has been updated to report on Pod resources allocated through to know the allocated DRA resources for Pods on a node and makes it possible to use the DRA information in the PodResources API to develop new features and integrations. -### New alpha features +## New alpha features Kubernetes 1.34 also introduces several new alpha features that give us a glimpse into the future of resource management with DRA. [Extended resource mapping](/docs/concepts/scheduling-eviction/dynamic-resource-allocation/#extended-resource) support in DRA allows @@ -77,19 +77,26 @@ Resource Health Status for DRA improves observability by exposing the health sta This works whether the device is allocated through DRA or Device Plugin. This makes it easier to understand the cause of an unhealthy device and respond properly. -### What’s next? +## What’s next? While DRA got promoted to GA this cycle, the hard work on DRA doesn't stop. There are several features in alpha and beta that we plan to bring to GA in the next couple of releases and we are looking to continue to improve performance, scalability and reliability of DRA. So expect an equally ambitious set of features in DRA for 1.35. -### Getting involved +## Getting involved A good starting point is joining the WG Device Management [Slack channel](https://kubernetes.slack.com/archives/C0409NGC1TK) and [meetings](https://docs.google.com/document/d/1qxI87VqGtgN7EAJlqVfxx86HGKEAc2A3SKru8nJHNkQ/edit?tab=t.0#heading=h.tgg8gganowxq), which happen at US/EU and EU/APAC friendly time slots. Not all enhancement ideas are tracked as issues yet, so come talk to us if you want to help or have some ideas yourself! We have work to do at all levels, from difficult core changes to usability enhancements in kubectl, which could be picked up by newcomers. -### Acknowledgments +## Acknowledgments A huge thanks to the new contributors to DRA this cycle: -* TODO +* Alay Patel ([alaypatel07](https://github.com/alaypatel07)) +* Gaurav Kumar Ghildiyal ([gauravkghildiyal](https://github.com/gauravkghildiyal)) +* JP ([Jpsassine](https://github.com/Jpsassine)) +* Kobayashi Daisuke ([KobayashiD27](https://github.com/KobayashiD27)) +* Laura Lorenz ([lauralorenz](https://github.com/lauralorenz)) +* Sunyanan Choochotkaew ([sunya-ch](https://github.com/sunya-ch)) +* Swati Gupta ([guptaNswati](https://github.com/guptaNswati)) +* Yu Liao ([yliaog](https://github.com/yliaog)) From f3c6c8b8a8093804ea63d1062e8e3ee9ce9e02c7 Mon Sep 17 00:00:00 2001 From: Morten Torkildsen Date: Wed, 13 Aug 2025 14:47:23 +0000 Subject: [PATCH 4/5] Added space between title and paragraph --- content/en/blog/_posts/XXXX-XX-XX-dra-134-update.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/content/en/blog/_posts/XXXX-XX-XX-dra-134-update.md b/content/en/blog/_posts/XXXX-XX-XX-dra-134-update.md index d4d69f2f9c5ab..90d0bffdf2491 100644 --- a/content/en/blog/_posts/XXXX-XX-XX-dra-134-update.md +++ b/content/en/blog/_posts/XXXX-XX-XX-dra-134-update.md @@ -16,6 +16,7 @@ moved to beta, and a fresh batch of new alpha features promise even more express Let's dive into what's new for DRA in Kubernetes 1.34! ## Structured Parameters is now GA + The headline feature of the v1.34 release is that the core of DRA has graduated to General Availability. Kubernetes [Dynamic Resource Allocation (DRA)](/docs/concepts/scheduling-eviction/dynamic-resource-allocation/) provides @@ -32,6 +33,7 @@ That's because the default API version for DRA is now the stable `v1` version, a (eg: `v1beta1` or `v1beta2`) that needed explicit opt in. ## Features promoted to beta + Several powerful features have been promoted to beta, adding more control, flexibility, and observability to resource management with DRA. @@ -53,6 +55,7 @@ to know the allocated DRA resources for Pods on a node and makes it possible to to develop new features and integrations. ## New alpha features + Kubernetes 1.34 also introduces several new alpha features that give us a glimpse into the future of resource management with DRA. [Extended resource mapping](/docs/concepts/scheduling-eviction/dynamic-resource-allocation/#extended-resource) support in DRA allows From 8c21e8423cd74fa9cf6fc26978dc987fc6cd8b30 Mon Sep 17 00:00:00 2001 From: Morten Torkildsen Date: Fri, 22 Aug 2025 15:47:05 +0000 Subject: [PATCH 5/5] Addressed more comments --- .../blog/_posts/XXXX-XX-XX-dra-134-update.md | 21 ++++++++++--------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/content/en/blog/_posts/XXXX-XX-XX-dra-134-update.md b/content/en/blog/_posts/XXXX-XX-XX-dra-134-update.md index 90d0bffdf2491..dde18c1b74333 100644 --- a/content/en/blog/_posts/XXXX-XX-XX-dra-134-update.md +++ b/content/en/blog/_posts/XXXX-XX-XX-dra-134-update.md @@ -8,14 +8,14 @@ author: > The DRA team --- -[Kubernetes 1.34](XXXXX) is here, and it brings a huge wave of enhancements for Dynamic Resource Allocation (DRA)! This -release marks a major milestone with the Structured Parameters feature graduating to General Availability (GA), +Kubernetes 1.34 is here, and it has brought a huge wave of enhancements for Dynamic Resource Allocation (DRA)! This +release marks a major milestone with many APIs in the `resource.k8s.io` group graduating to General Availability (GA), unlocking the full potential of how you manage devices on Kubernetes. On top of that, several key features have moved to beta, and a fresh batch of new alpha features promise even more expressiveness and flexibility. Let's dive into what's new for DRA in Kubernetes 1.34! -## Structured Parameters is now GA +## The core of DRA is now GA The headline feature of the v1.34 release is that the core of DRA has graduated to General Availability. @@ -28,7 +28,7 @@ With the graduation to GA, DRA is stable and will be part of Kubernetes for the expect a steady stream of new features being added to DRA over the next several Kubernetes releases, but they will not make any breaking changes to DRA. So users and developers of DRA drivers can start adopting DRA with confidence. -Starting with Kubernetes 1.34, DRA is enabled by default; DRA features that have reached beta are also enabled by default. +Starting with Kubernetes 1.34, DRA is enabled by default; the DRA features that have reached beta are **also** enabled by default. That's because the default API version for DRA is now the stable `v1` version, and not the earlier versions (eg: `v1beta1` or `v1beta2`) that needed explicit opt in. @@ -39,12 +39,13 @@ management with DRA. [Admin access labelling](/docs/concepts/scheduling-eviction/dynamic-resource-allocation/#admin-access) has been updated. In v1.34, you can restrict device support to people (or software) authorized to use it. This is meant -as a way to avoid privilege escalation through use of hardware devices that can bypass other security controls. +as a way to avoid privilege escalation if a DRA driver grants additional privileges when admin access is requested +and to avoid accessing devices which are in use by normal applications, potentially in another namespace. The restriction works by ensuring that only users with access to a namespace with the `resource.k8s.io/admin-access: "true"` label are authorized to create ResourceClaim or ResourceClaimTemplates objects with the `adminAccess` field set to true. This ensures that non-admin users cannot misuse the feature. -[Prioritized List](/docs/concepts/scheduling-eviction/dynamic-resource-allocation/#prioritized-list) lets users specify +[Prioritized list](/docs/concepts/scheduling-eviction/dynamic-resource-allocation/#prioritized-list) lets users specify a list of acceptable devices for their workloads, rather than just a single type of device. So while the workload might run best on a single high-performance GPU, it might also be able to run on 2 mid-level GPUs. The scheduler will attempt to satisfy the alternatives in the list in order, so the workload will be allocated the best set of devices @@ -64,19 +65,19 @@ the familiar, simpler request syntax while still benefiting from dynamic allocat workloads to start using DRA without modifications, simplifying the transition to DRA for both application developers and cluster administrators. -[Consumable Capacity](/docs/concepts/scheduling-eviction/dynamic-resource-allocation/#consumable-capacity) introduces a flexible +[Consumable capacity](/docs/concepts/scheduling-eviction/dynamic-resource-allocation/#consumable-capacity) introduces a flexible device sharing model where multiple, independent resource claims from unrelated pods can each be allocated a share of the same underlying physical device. This new capability is managed through optional, administrator-defined sharing policies that govern how a device's total capacity is divided and enforced by the platform for each request. This allows for sharing of devices in scenarios where pre-defined partitions are not viable. -[Binding Conditions](/docs/concepts/scheduling-eviction/dynamic-resource-allocation/#binding-conditions) improves scheduling +[Binding conditions](/docs/concepts/scheduling-eviction/dynamic-resource-allocation/#binding-conditions) improve scheduling reliability for certain classes of devices by allowing the Kubernetes scheduler to delay binding a pod to a node until its required external resources, such as attachable devices or FPGAs, are confirmed to be fully prepared. This prevents premature pod assignments that could lead to failures and ensures more robust, predictable scheduling by explicitly modeling resource readiness before the pod is committed to a node. -Resource Health Status for DRA improves observability by exposing the health status of devices allocated to a Pod via Pod Status. +_Resource health status_ for DRA improves observability by exposing the health status of devices allocated to a Pod via Pod Status. This works whether the device is allocated through DRA or Device Plugin. This makes it easier to understand the cause of an unhealthy device and respond properly. @@ -84,7 +85,7 @@ unhealthy device and respond properly. While DRA got promoted to GA this cycle, the hard work on DRA doesn't stop. There are several features in alpha and beta that we plan to bring to GA in the next couple of releases and we are looking to continue to improve performance, scalability -and reliability of DRA. So expect an equally ambitious set of features in DRA for 1.35. +and reliability of DRA. So expect an equally ambitious set of features in DRA for the 1.35 release. ## Getting involved