add a blog to introduce about kubeadm v1beta4

Author: pacoxu

content/en/blog/_posts/2024-09-20-kubeadm-v1beta4.md

@@ -0,0 +1,99 @@
+---
+layout: blog
+title: 'Kubernetes v1.31: kubeadm v1beta4'
+date: 2024-09-20
+slug: kubernetes-1-31-kubeadm-v1beta4
+author: >
+   Paco Xu (DaoCloud),
+---
+
+The [`kubeadm`](/docs/reference/setup-tools/kubeadm/) configuration
+([v1beta4](/docs/reference/config-api/kubeadm-config.v1beta4/))
+is released with Kubernetes v1.31. v1beta3 is still supported,
+but is marked as deprecated. It will be removed after a minimum
+of 3 Kubernetes releases.
+
+This guide will walk you through key changes and update about the kubeadm v1beta4 configuration,
+and how to migrate from v1beta3 to v1beta4.
+
+Details about v1beta4 can be found in the
+[API doc]((/docs/reference/config-api/kubeadm-config.v1beta4/)).
+The documentation is maintained in the
+[code](https://github.com/kubernetes/kubernetes/blob/master/cmd/kubeadm/app/apis/kubeadm/v1beta4/doc.go)
+and generated for the kubernetes.io website.
+
+### A list of changes since v1beta3
+
+This version improves on the [v1beta3](/docs/reference/config-api/kubeadm-config.v1beta3/)
+format by fixing some minor issues and adding a few new fields.
+
+To put it simply,
+
+- Two new API types: ResetConfiguration and UpgradeConfiguration
+- For InitConfiguration and JoinConfiguration, `dryRun` mode and `NodeRegistration.ImagePullSerial` are supported
+- For ClusterConfiguration, we add field including `CertificateValidityPeriod`,
+`CACertificateValidityPeriod`, `EncryptionAlgorithm`, `DNS.Disabled` and `Proxy.Disabled`.
+- Support `ExtraEnvs` for all control plan components
+- `ExtraArgs` changed from a map to structured extra arguments for duplicates
+- Add a `Timeouts` structure for init, join, upgrade and reset.
+
+For details, you can see the official document below:
+
+- Support custom environment variables in control plane components under `ClusterConfiguration`.
+Use `APIServer.ExtraEnvs`, `ControllerManager.ExtraEnvs`, `Scheduler.ExtraEnvs`, `Etcd.Local.ExtraEnvs`.
+- The ResetConfiguration API type is now supported in v1beta4. Users are able to reset a node by passing
+a `--config` file to "kubeadm reset".
+- `dryRun` mode in is now configurable in InitConfiguration and JoinConfiguration.
+- Replace the existing string/string extra argument maps with structured extra arguments that support duplicates.
+The change applies to `ClusterConfiguration` - `APIServer.ExtraArgs`, `ControllerManager.ExtraArgs`,
+`Scheduler.ExtraArgs`, `Etcd.Local.ExtraArgs`. Also to `NodeRegistrationOptions.KubeletExtraArgs`.
+- Add `ClusterConfiguration.EncryptionAlgorithm` that can be used to set the asymmetric encryption algorithm
+used for this cluster's keys and certificates. Can be one of "RSA-2048" (default), "RSA-3072", "RSA-4096" or "ECDSA-P256".
+- Add `ClusterConfiguration.DNS.Disabled` and `ClusterConfiguration.Proxy.Disabled` that can be used to disable
+the CoreDNS and kube-proxy addons during cluster initialization. Skipping the related addons phases,
+during cluster creation will set the same fields to `false`.
+- Add the `NodeRegistration.ImagePullSerial` field in `InitConfiguration` and `JoinConfiguration`, which
+can be used to control if kubeadm pulls images serially or in parallel.
+- The UpgradeConfiguration kubeadm API is now supported in v1beta4 when passing --config to "kubeadm upgrade" subcommands.
+Usage of component configuration for kubelet and kube-proxy, InitConfiguration and ClusterConfiguration is deprecated
+and will be ignored when passing `--config` to upgrade subcommands.
+- Add a `Timeouts` structure to `InitConfiguration`, `JoinConfiguration`, `ResetConfiguration` and `UpgradeConfiguration`
+that can be used to configure various timeouts. The `ClusterConfiguration.TimeoutForControlPlane` field is replaced
+by `Timeouts.ControlPlaneComponentHealthCheck`. The `JoinConfiguration.Discovery.Timeout` is replaced by
+`Timeouts.Discovery`.
+- Add a `CertificateValidityPeriod` and `CACertificateValidityPeriod` fields to `ClusterConfiguration`. These fields
+can be used to control the validity period of certificates generated by kubeadm during sub-commands such as `init`,
+`join`, `upgrade` and `certs`. Default values continue to be 1 year for non-CA certificates and 10 years for CA
+certificates. Only non-CA certificates continue to be renewable by `kubeadm certs renew`.
+
+The aim of those changes can be summarized as making tools that use kubeadm easier to configure
+and make kubeadm easier to extend.
+
+### How to migrate v1beta3 configuration to v1beta4?
+
+If your configuration is not using the latest version it is **recommended** that you migrate using
+the [kubeadm config migrate](/docs/reference/setup-tools/kubeadm/kubeadm-config/#cmd-config-migrate) command.
+
+Read an older version of the kubeadm configuration API types from a file, and output the similar config object for the newer version
+
+Using kubeadm v1.31, run `kubeadm config migrate --old-config old-v1beta3.yaml --new-config new-v1beta4.yaml`
+
+## How do I get involved?
+
+Huge thank you to all the contributors who helped with the design, implementation,
+and review of this feature:
+
+- Lubomir I. Ivanov ([neolit123](https://github.com/neolit123))
+- Dave Chen([chendave](https://github.com/chendave))
+- Paco Xu ([pacoxu](https://github.com/pacoxu))
+- Sata Qiu([sataqiu](https://github.com/sataqiu))
+- Baofa Fan([carlory](https://github.com/carlory))
+- Calvin Chen([calvin0327](https://github.com/calvin0327))
+- Ruquan Zhao([ruquanzhao](https://github.com/ruquanzhao))
+
+For those interested in getting involved in future discussions on kubeadm configuration,
+you can reach out kubeadm or [SIG-cluster-lifecycle](https://github.com/kubernetes/community/blob/master/sig-cluster-lifecycle/README.md) by several means:
+
+- v1beta4 related items are tracked in https://github.com/kubernetes/kubeadm/issues/2890.
+- Slack: [#kubeadm](https://kubernetes.slack.com/messages/kubeadm) or [#sig-cluster-lifecycle](https://kubernetes.slack.com/messages/sig-cluster-lifecycle)
+- [Mailing list](https://groups.google.com/forum/#!forum/kubernetes-sig-cluster-lifecycle)