Kubernetes version 1.16 has removed several deprecated APIs that you’ll likely recognize and may use on a daily basis.
Kubernetes version 1.16 removed the deprecated APIs by default. However, Kubernetes providers had the option to temporarily keep the APIs enabled. IBM Cloud Kubernetes Service kept the community default and removed the APIs starting in version 1.16. On the other hand, Red Hat OpenShift on IBM Cloud version 4.3, which is based on Kubernetes version 1.16, kept these APIs enabled. Now, Red Hat OpenShift on IBM Cloud version 4.4, which is based on Kubernetes version 1.17, removes the APIs as well.
The apps/v1beta1 and apps/v1beta2 APIs have been completely removed. In addition, the extensions/v1beta1 API has been removed for select resources. Removal of these APIs impacts the following Kubernetes resources: NetworkPolicy, PodSecurityPolicy, DaemonSet, Deployment, StatefulSet, and ReplicaSet.
The good news is that replacement APIs are available now and have been for a long time. Every supported IBM Cloud Kubernetes Service and Red Hat OpenShift on IBM Cloud version supports the replacement APIs. So, if you haven’t started your transition, now is the time.
For more information, see the Kubernetes blog: “Deprecated APIs Removed In 1.16: Here’s What You Need To Know.”
Overview of the replacement APIs
- Use the
networking.k8s.io/v1API forNetworkPolicyresources. - Use the
policy/v1beta1API forPodSecurityPolicyresources. - Use the
apps/v1API forDaemonSet,Deployment,StatefulSet, andReplicaSetresources.
Some tips to help you with this transition
Review kubectl last applied configurations
The Kubernetes kubectl command provides a very useful resource annotation—kubectl.kubernetes.io/last-applied-configuration—that can help you find Kubernetes resources created or updated via kubectl using the removed APIs.
Run the following commands as a cluster administrator to find all resources last applied using the impacted APIs. Any resources found are likely backed by YAML that you or someone that you depend on needs to change. More on converting your YAML later:
Review Kubernetes API server usage metrics
The Kubernetes API server provides API usage metrics that can help you find clients using the removed APIs.
Run the following commands as a cluster administrator. The commands filter out the dashboard (i.e., Kubernetes Dashboard), hyperkube (Kubernetes master and worker node components), and kubectl clients since these clients will transition to the replacement APIs as part of the upgrade process. Since IBM Cloud Kubernetes Service and Red Hat OpenShift on IBM Cloud clusters have highly available (HA) masters, you will have to run these commands several times to ensure data is collected from all three Kubernetes API servers.
Review your dependencies
Even if your apps are ready for this transition, a review of the earlier command results may identify dependencies that are not.
Convert your YAML
From the Kubernetes blog referenced earlier, “You can use the kubectl convert command to automatically convert an existing object: kubectl convert -f <file> --output-version <group>/<version>. … Note that this may use non-ideal default values.” Be sure to review and test the results of the conversion.
Next steps
The Kubernetes blog “Deprecated APIs Removed In 1.16: Here’s What You Need To Know” and Kubernetes version 1.16 CHANGELOG identify other deprecated APIs that are targeted for removal in later releases.
Once you are ready for Kubernetes version 1.16, update your to-do list to include handling these future API removals. Also, please help get the message out and open issues so the entire Kubernetes community is ready for versions 1.16 and later.
Questions?
For general questions, engage our team via Slack by registering here, and join the discussion in the #general channel on our public IBM Cloud Kubernetes Service Slack.