- v1.18.6
- v1.18.5
- v1.18.5-rc.1
- v1.18.4
- v1.18.3
- v1.18.2
- v1.18.1
- v1.18.0
- Downloads for v1.18.0
- Changelog since v1.17.0
- What’s New (Major Themes)
- Known Issues
- Urgent Upgrade Notes
- (No, really, you MUST read this before you upgrade)
- kube-apiserver:
- kubelet:
- kubectl:
- client-go:
- Changes by Kind
- Deprecation
- kube-apiserver:
- kube-controller-manager:
- kubelet:
- kube-proxy:
- kubeadm:
- kubectl:
- add-ons:
- kube-scheduler:
- Other deprecations:
- API Change
- New API types/versions:
- New API fields:
- Other API changes:
- Configuration file changes:
- kube-apiserver:
- kube-scheduler:
- kube-proxy:
- Features graduated to beta:
- Features graduated to GA:
- Feature
- Metrics:
- Other (Bug, Cleanup or Flake)
- Deprecation
- Dependencies
- (No, really, you MUST read this before you upgrade)
- v1.18.0-rc.1
- v1.18.0-beta.2
- v1.18.0-beta.1
- v1.18.0-alpha.1
filename | sha512 hash |
---|---|
kubernetes.tar.gz | f036e891ff8dd95df33722b4d13ea2dc36fd8cb0a18fe88654919eb180cadba7724da55b96ea9707a11aaa91021bd6478a0c6eae684034e030717beb4c94f018 |
kubernetes-src.tar.gz | 460551dcde2288a7f3b90ad0720cf479cd38d64e386fedf66d580c4cd547a0e1835437437bdfb8b28c6dd707164abf0ddf4ea761d9f110945b80800f71b953b0 |
filename | sha512 hash |
---|---|
kubernetes-client-darwin-386.tar.gz | 85c4d72f50965a1ecc3e67c02335ec5ae57d8c9617cc79a34a05e1ed3b84e8f80be2901f6f31185a383a85f63ea7fe638b07eb6851a3758b835bf319a5df852d |
kubernetes-client-darwin-amd64.tar.gz | b01c47bd6a16eed131245fb90abfb8b585c14953f9398f11a1ec402b808305ce1fbcabd215b253d805224f2fb41ddeb502239f67dd0634e648279e449fc0ea63 |
kubernetes-client-linux-386.tar.gz | 15262c62b8b9bf85c8dd8ead7ed0c384114e09ad3120d7e13956c99d93203b5f9561f923055451e46bcb2a4efa19db43e23ff4d2a9281114bd85a67a6269d841 |
kubernetes-client-linux-amd64.tar.gz | d061bc34c0df55e766d72c066ef366864c77eff5d0033d29869fc871d2e674d86322a6c5dc3f05ed2d95971ca0e6ea3dd1dc1f57bf1825c9bf834963385a3de6 |
kubernetes-client-linux-arm.tar.gz | 7eb961bff92146952d9cda2b741c8d349838ef66112c6b296f1426eeb79357b95d4e15d5520e8903a881c21bf629b58ce72d986a88620333120b786c415eba35 |
kubernetes-client-linux-arm64.tar.gz | bb863a4bf6d0fd400274536c6571cd35531d92fa40d38703ef126accc94d08a4e381f6c05840806e81d564161ebe08a99aa73d767ddf1a60b7a7062df704b920 |
kubernetes-client-linux-ppc64le.tar.gz | 71e0ac8298dca06be5aed01c3a2f12389405bfd1e3edff63a849b8663a7b118543e960dca0a920a598f649cce76f58ac2664ea1db9fd69e484e843f27bac4664 |
kubernetes-client-linux-s390x.tar.gz | 673161c816dfd2369609402461c645a3cc023a09fd9e1418c0fff601c1f5d71f72b43857ef66973af0ee4d8871a52cf914c533fa955f104d327bb28ad6e13ab9 |
kubernetes-client-windows-386.tar.gz | 017654b27b06afc219dcf5b590a63a917470f698611bd0348e5a27ea8e30c8178b47786a8491c70e1c3ba7559e7831fc77b636c092fb1946db795e9ec679c140 |
kubernetes-client-windows-amd64.tar.gz | d2f5bee260a135007185f8b68a11a6ea10f94e548feb4614dca9a428bbb7ad91a6fb4a58efc67b242e6348b5f0eb436f863cadad2e72cdc5fee4c0414ab54db3 |
filename | sha512 hash |
---|---|
kubernetes-server-linux-amd64.tar.gz | 73cfa5e458205ff81cfa6672c0f6ef10aadbad1244c81b259c3cf9c22c6c9e9272a69778b0417e2353fe9970bfeed23de8ad7dee223de7a487ba4bdf94cd8682 |
kubernetes-server-linux-arm.tar.gz | b8723379e26de43ae0bfe5a64d65beb0f79d4820c02a1b9aae4c80f2b1882b952d587fe1fb87cc202b618ec66f5c1392f6bf94acfad44b84f3b6f33994cd0af9 |
kubernetes-server-linux-arm64.tar.gz | 47dc425387f98028d32f40610124ecc70162132c339d97f578dbb8a6b7f98f25a20d356d12e6d04b40e62b6f8636bf20617735acddb482f9c4da24c928f31cb4 |
kubernetes-server-linux-ppc64le.tar.gz | b6fbb68288300ef28c710d65a8acd6bceda13ec4c5b156c1395b98310c74babe1dca44ebfccf33eebd8147a7f5f7276930721e1f38854a3b6c2ddbac28c51a83 |
kubernetes-server-linux-s390x.tar.gz | c77d6661461b230fe934c100a2eedf295e394d0c818bc5c21e0db496b08e10ada8a101bb9b402c5fed566cff39ca6be6766dcda7f536b7e9f671f2703da589c7 |
filename | sha512 hash |
---|---|
kubernetes-node-linux-amd64.tar.gz | f3d3cc4b38dff84a0c4e1b2364b8f7a000fa86395b7ccab22905f51c7b876c7524a9da61b5447bf761aba0e2015c557715abc573869340e46a616beca33d07c2 |
kubernetes-node-linux-arm.tar.gz | 63d2601741fe159b742141f3ff85293e328808ff056e87f81af502da817e4813e963c61121bce53c4fd19250392808ed36181ccd67c2a18b02317379a0d93c0f |
kubernetes-node-linux-arm64.tar.gz | 85d24d99e4408dfa00e306ff90eb4b86260feba40cf8e3770845838f0af319dce674b04b9bf8700d46765e620f84f4bf11463b46cf40ef118c2fd000156c7214 |
kubernetes-node-linux-ppc64le.tar.gz | 1cef745e18704c77f7c31514ca9bf0eb5be676b3fb80affa2cfc482089e7210f14e42c89cd7284f070d6d8a45ba253634294c2db5393d7ac74e8ce28e7395550 |
kubernetes-node-linux-s390x.tar.gz | 452fc8743c80e05ca0ad6d9267b6a133497bd7779ee74d5a96195d87e68e3e906dcc5a9d6154a9ecf70cc2a05f4e12ffb4a1d7874e979b2ed204facc0c0ff5b9 |
kubernetes-node-windows-amd64.tar.gz | 09113c05a14c34ac07ba4f635e152d983b6822ef95a7034df56a9fca3634388f90416076c6d8d64a02dd2e6188ed6529582b6093e441cef74dd8716f48fbdb16 |
- CVE-2020-8559 (Medium): Privilege escalation from compromised node to cluster. See kubernetes#92914 for more details. The API Server will no longer proxy non-101 responses for upgrade requests. This could break proxied backends (such as an extension API server) that respond to upgrade requests with a non-101 response code. (#92941, @tallclair) [SIG API Machinery]
- Fix bug in reflector that couldn't recover from "Too large resource version" errors (#92537, @wojtek-t) [SIG API Machinery]
-
CVE-2020-8557 (Medium): Node-local denial of service via container /etc/hosts file. See kubernetes#93032 for more details. (#92916, @joelsmith) [SIG Node]
-
Containers which specify a
startupProbe
but not areadinessProbe
were previously considered "ready" before thestartupProbe
completed, but are now considered "not-ready". (#92196, @thockin) [SIG Node] -
Extend kube-apiserver /readyz with new "informer-sync" check ensuring that internal informers are synced. (#92644, @wojtek-t) [SIG API Machinery and Testing]
-
Fix throttling issues when Azure VM computer name prefix is different from VMSS name (#92793, @feiskyer) [SIG Cloud Provider]
-
Fix: GetLabelsForVolume panic issue for azure disk PV (#92166, @andyzhangx) [SIG Cloud Provider]
-
Fix: don't use docker config cache if it's empty (#92330, @andyzhangx) [SIG Cloud Provider]
-
Fix: use force detach for azure disk (#91948, @andyzhangx) [SIG Cloud Provider]
-
Fixes a problem with 63-second or 1-second connection delays with some VXLAN-based network plugins which was first widely noticed in 1.16 (though some users saw it earlier than that, possibly only with specific network plugins). If you were previously using ethtool to disable checksum offload on your primary network interface, you should now be able to stop doing that. (#92035, @danwinship) [SIG Network and Node]
-
Kubeadm: add the deprecated flag --port=0 to kube-controller-manager and kube-scheduler manifests to disable insecure serving. Without this flag the components by default serve (e.g. /metrics) insecurely on the default node interface (controlled by --address). Users that wish to override this behavior and enable insecure serving can pass a custom --port=X via kubeadm's "extraArgs" mechanic for these components. (#92720, @neolit123) [SIG Cluster Lifecycle]
-
Kubeadm: during "join", don't re-add an etcd member if it already exists in the cluster. (#92118, @neolit123) [SIG Cluster Lifecycle]
-
hyperkube: Use [email protected] image
Includes iproute2 to fix a regression in hyperkube images when using hyperkube as a kubelet (#92624, @justaugustus) [SIG Cluster Lifecycle, Network and Release]
Nothing has changed.
Nothing has changed.
Nothing has changed.
filename | sha512 hash |
---|---|
kubernetes.tar.gz | 1e414d955cdde67e1883be27cb47963a905b73e8454bd1b2e665395348c1a88c444136380584bac97b6e50a1f1eafa7d4e3d3a26c9c0bc6aee63fbbdd261489c |
kubernetes-src.tar.gz | 9ddcd8b517e3cf78113ef977c365d26f0f27fe9b7fd9410f0214fd38cd38c6de6f37d7fbe2bb398587caceb4ae484afc2fe7ae14b80b70fe728405f3d5bd4115 |
filename | sha512 hash |
---|---|
kubernetes-client-darwin-386.tar.gz | 197583cb641dab50d6ad9f1f9929ce45a59f98a3ebe315cf1d7edef8df7aba1e1838cf1fb9414423d81c8575820c27a0c20183bd6ce5fd5df85bd7692a6aff2a |
kubernetes-client-darwin-amd64.tar.gz | d0f54e949850c2321081e722367d7baa5c805e0ba1d8b2f651254e0d7b26bbd9c87c7c7f5ac7b8fd55a2a4c1af08f2f18ccef00d2c1c5c89d51b27903f024155 |
kubernetes-client-linux-386.tar.gz | 6d04e1aad657e60d3c2b28f0c9c5b0a63fff8c4a35f24f96feccd19ce1d1e65a942bbb5a5eb291297020e1334d67a4c6bea9b48510fd7f94aed70af61b7543a5 |
kubernetes-client-linux-amd64.tar.gz | 01e9c71d65c4513c03b22b2b036c3e92875fa4ebdb43b4909a6b21608093d280d9f71953f9656b3728019bdc8cb6bbf864de3c6a3eb94d807ec0330dbccfa005 |
kubernetes-client-linux-arm.tar.gz | b33f901d13bae3824938e0d0c98f50a50ec7335979d6f9e56c06209898619c40f49d0380b7101143484de635bee347cedc5b653a21ae0daab4f7f6a6b11d41c0 |
kubernetes-client-linux-arm64.tar.gz | ae2f4e5fec58ff47ca2bf91290684c969160ffb89b2574f57f0818fef4d63c4d9b3ea1f8c6a34f4d83acd907b82e3668cdf31dc38042d75ee12afc695a8a2a4a |
kubernetes-client-linux-ppc64le.tar.gz | 9ebc84fa31184a9d07cbc98abb608c4b48414fb80021b4a4431929baf4c34bcccad9a2f9320cebfc7e662c6ab315bd497a56b5dac7954e0ce1727d493b24cbb8 |
kubernetes-client-linux-s390x.tar.gz | bbe07152faedb0dc91e6786f4b63eaa79f4bca41b1c9125f70b90e319fda8a7e95033b080f7eb02d55bee39a96192bf3935f935981305340245ab84f3fece4e8 |
kubernetes-client-windows-386.tar.gz | 2fdf489d8ce8ee5336f953e268e538bfe6748e7afd805031bc3e525e4b823033e8121c119ef23ef3afc73199ece36fc51cb75871c312bb7ccac1ddaf3c1b245f |
kubernetes-client-windows-amd64.tar.gz | 4894700a4406273dff08f36012780216b5c822180944c6e7161c8564c07f4a77f0d798f947b2e6f617ae60073834c9ff546045d98dc51c166fbc4c998ea2a00b |
filename | sha512 hash |
---|---|
kubernetes-server-linux-amd64.tar.gz | 40ed152be522f9793d61721f352ab30db072882512fdf7b9c2d42f057cc30b0ae1ca46e52a98da09f4b66b266a04b4bbcf257e3174eba653ca9cef5fbc052ef7 |
kubernetes-server-linux-arm.tar.gz | 8483f12ba4d5263e3029fe658e965da4be62479eb48a6c6d5aa72cf6c344bed3350b3a506a6a23fdf9bf86287930d9329f24b28a3d39628f7224afaf00a2cefa |
kubernetes-server-linux-arm64.tar.gz | b7bb94940fcc16f777321289ef865d8689a630311e6fd0ccc945e1195c805e2b32343a7ee11a65a6f49e5c3b3264321cdfbc7c18265e0e39878b660488d6ead2 |
kubernetes-server-linux-ppc64le.tar.gz | 1c82fd55ff1d1496ae2281f9c6df391c3161665e828560efafd3a5269d0745ad14e210b05108e0b32e167a141f58ff08da917ef5eebb47c19d64039a004ed81a |
kubernetes-server-linux-s390x.tar.gz | 99f29e8159a79655d8f86b41a89e868127a18086519786a3724fc2bbc83734613716d76fa524f563fd17231496759b224d208dcafdcebf8475b04fb556a5ea8a |
filename | sha512 hash |
---|---|
kubernetes-node-linux-amd64.tar.gz | 3bb05fe8e3f3aa52f7290cc33b606125d4ed666583d3265bac019486e8e7e5956e68a8adba849f5bf57e37ae1f784ecae42b53ae8a0e820575f6ac7553044067 |
kubernetes-node-linux-arm.tar.gz | c16db681b24e3094f09b51971c94bf5f8d8347decf0e6e9fab0902b3f17e5d78f9d0908b840fcc5c29bfa38d0ffdb7ca7dbbe7e48fc3b406e748fe6de9f3f092 |
kubernetes-node-linux-arm64.tar.gz | ddccd9b3844bec9d237373c64f27f4e9c065d70ba0633fafb5ffd9abffd510358d08c7f5d70dd0aa9b1ef7d4e0e20e9c94e8e389b968e5d6c18a9f98723ccb10 |
kubernetes-node-linux-ppc64le.tar.gz | f36dd5017eecc6abfdaabf8ec3e91f050a0e5afb82575dbc8f37aa0fdfcb83dab144e649b5381ac8e8ec7e2fd8b50eec1044d8e342b6cbfd2bebcd92cd962171 |
kubernetes-node-linux-s390x.tar.gz | 797b1dae35931cc350a500095806980af3ad4381069c80d8a367a62c6e9dda27ffafd7078feafd5f12e1161825cd44fbaa481ef1982a061e25322df6850f5a8d |
kubernetes-node-windows-amd64.tar.gz | d784fc4986e03d925a7e855d6f9ce287405133a181a27d12d5495ca6ef3061d106c8eff62a662275d4477a10825fbbf3300c3a77ba8eb499a25a310c12df15c3 |
- Fixed: log timestamps now include trailing zeros to maintain a fixed width (#91207, @iamchuckss) [SIG Apps and Node]
-
Fixes CSI volume attachment scaling issue by using informers. (#91307, @yuga711) [SIG API Machinery, Apps, Node, Storage and Testing]
-
Kubeadm increased to 5 minutes its timeout for the TLS bootstrapping process to complete upon join (#89735, @rosti) [SIG Cluster Lifecycle]
-
hyperkube: Use [email protected] image
A previous release built hyperkube using the [email protected], which was updated to address a CVE in the CNI plugins.
A side-effect of using this new image was that the networking packages (namely
iptables
) drifted from the versions used in the kube-proxy images.The following issues were filed on kube-proxy failures when using hyperkube:
To address this, the new debian-hyperkube-base image (v1.1.0) uses the debian-iptables base image (v12.1.0), which includes iptables-wrapper, a script used to determine the correct iptables mode to run in. (#92493, @justaugustus) [SIG Cluster Lifecycle and Release]
Nothing has changed.
Nothing has changed.
Nothing has changed.
filename | sha512 hash |
---|---|
kubernetes.tar.gz | eab1264657dd76babb4159edb6ff2e85c1e4d2baaea053bd479426c8ee0ad544c4be18e1bbec5948ea4a649adb5f42bc87b15afd5e1818859d4bc61287a7ad08 |
kubernetes-src.tar.gz | 48f16d0a9eada28eacbc90da224d64e2d8a1f1b47dd4be8baaca8a386834a7e0413a40f4938c086c1a17c44e6a87fc16cb7dc8e7ebcfbf7e34e1f71c7deb730b |
filename | sha512 hash |
---|---|
kubernetes-client-darwin-386.tar.gz | a079b71c22b6b4893aeb9289354872f07c79e823c26a9a89ea4c72608ff5770356f5c6fb4289a72c2ef0d4bc8d835ba96074f4c188566f5aa51b32ea4a13ee4e |
kubernetes-client-darwin-amd64.tar.gz | 4cb738c285226faa885d92495e7b3a2ad2b89fae70dc617bac7e6e2962f0c0c5fcf42c61efcac5a51b0f1c232b015cead2e3ee7f8237e27659ddedf2fe657481 |
kubernetes-client-linux-386.tar.gz | 1f9c1bfbb68ffb19297990bc8d186761e0f40714862939a9b511de770e9c2227acd24fd584986d1bf4d7e518ef0ded6dc6b8ebe8cb5e32d81484f1274ec3cfc1 |
kubernetes-client-linux-amd64.tar.gz | 70afde567009acc60e2c349096aca1498bbd0b65688ca9cc0e5ef1b847bb297a6c22020a2e7b3ca6832677d1a54be50b5add9b738ba15ef3716a124508517fc8 |
kubernetes-client-linux-arm.tar.gz | 9dbabf46ba83b8ac08511b11685f8dd447b7d649db72315674df1ae31c663ed0f36a1cae1895765e396cfb86b1ee5d719976712d6cc4bd57cba1ff35303e3177 |
kubernetes-client-linux-arm64.tar.gz | a8f0ad8429c1e483471e247f79899874f8168ebc316a5b811f9dc74b562c9e227f252177572230a233a852b867f4510d257f61ebc67f0db713aac26c66151715 |
kubernetes-client-linux-ppc64le.tar.gz | 2d81d1eecf2cdb14fe44334271cb53466691948268143b6c22e0b852febbee88d1a06ffadd81a4dfc39a27cbec9781d6e861d5d99b99e2895fe358c10c2811e8 |
kubernetes-client-linux-s390x.tar.gz | d8efbc345e7b0833ca010598d915cc3246a01ef940cf5ee7b051929a8e212a530b1a2a27a0bcfa5721cc7823ef286a9ac93c39c005b5d86c4bfd27babc87c4dc |
kubernetes-client-windows-386.tar.gz | 71a4756ea4c4ccb19ad9103080d724bebc5993f973e5e33a25d3b020b2c3be0e3d06d9b29befc13397220e5815a42e253be12789d3236e9dceef555c85e95d01 |
kubernetes-client-windows-amd64.tar.gz | 30d0fb3b83222ad90fb78574b63a2de5438f06d918eff13894d34ac70946f9b06618164c7acc1e1380954f8000b9ad3d114be6c39ba19dae40a61ea8d136c9aa |
filename | sha512 hash |
---|---|
kubernetes-server-linux-amd64.tar.gz | 19c78e05023b9d41acda812f87c2588dc0297583254049324d9cd2c0a2d79997ccfa4e8c54fa19c16bd4f32f943541bedab9d5be974b4078bcf29050d849c2ef |
kubernetes-server-linux-arm.tar.gz | bacec0b0dcbf7d59e78969c22235e0111e95367bd288482110c22a5d41d6a4c31f82ecf81ff09c3746981f9efbaedd3d60fede4d3129a84d9aaedd9e14a63c26 |
kubernetes-server-linux-arm64.tar.gz | 05531280837cbd03dc77d9a726ed1543977d96adcd8e2728e3ef6ee3966e1df7ec2dee1118acb9e449ff6a73ec27b85cb34c6f6c9c65a5c71b814726ebbaf83b |
kubernetes-server-linux-ppc64le.tar.gz | 32762d89c48eb851079c9e6c67dcbb02b04bfb7c63b04a50bfac66ea8ee6b53a41424e8f2ddddd377564e81866d10fc568bc7f2853cfd85a50a828e7206d5254 |
kubernetes-server-linux-s390x.tar.gz | d28ecd106e103273949e09ab1d15027ccebb6d9540c199fdb11f130c84209c6f7116acc24a34c9169c7786f20f2d0101438c3652a23925a4ed857f148c01ff6d |
filename | sha512 hash |
---|---|
kubernetes-node-linux-amd64.tar.gz | 1b7eeb2374bfdd3e6baff854b834985ea5cb73774322688ccdc1de0e138e64c643e512bf4326f5d772ceb86acbf05f48e06a354a1bbacae945d638aab51bf73e |
kubernetes-node-linux-arm.tar.gz | c5d75e3db341d1a909d6acb14ad7a9c64beaae793d0af80971cd33b1f9b9361f3eceb740f78392cd42d40d7d1989edebab23ec40fb5593ec5300dd2cc72c3d36 |
kubernetes-node-linux-arm64.tar.gz | 98b8a5c6b8fa2958c8a63e2cd0fff3f947545c80474ceaa7d696910ab1cfaacb4fc520dd67db094573eb6f40012a947768e48ce709a51d02a657ae8c26e74b16 |
kubernetes-node-linux-ppc64le.tar.gz | ca479f42ae58f614b077f984984de76cfe8105124d7f20f0be9707007a17ba35ea06d92f3de2c4118d94cd7d10e971cd6f1477c164ca0204fcfd527d123be05e |
kubernetes-node-linux-s390x.tar.gz | e5c85afdb8d2ffcf80c07b8d53ee2bdd5f559d2b0cb18062c9e63dcfc52ce245e91c7e101bbc79e1cce9010ac0d08d38b6eb286f86dd9bbc495197e4e6ca803b |
kubernetes-node-windows-amd64.tar.gz | 929f3e575dc02fa2b229ecb369a07972536811f55823fc743002f503caee7ad2ec7b39bae08b578eb7cd709910666ba0fd345247d79a36ebb3cb99f17d68772d |
- Fixed: log timestamps now include trailing zeros to maintain a fixed width (#91207, @iamchuckss) [SIG Apps and Node]
-
Fixes CSI volume attachment scaling issue by using informers. (#91307, @yuga711) [SIG API Machinery, Apps, Node, Storage and Testing]
-
Kubeadm increased to 5 minutes its timeout for the TLS bootstrapping process to complete upon join (#89735, @rosti) [SIG Cluster Lifecycle]
-
hyperkube: Use [email protected] image
A previous release built hyperkube using the [email protected], which was updated to address a CVE in the CNI plugins.
A side-effect of using this new image was that the networking packages (namely
iptables
) drifted from the versions used in the kube-proxy images.The following issues were filed on kube-proxy failures when using hyperkube:
To address this, the new debian-hyperkube-base image (v1.1.0) uses the debian-iptables base image (v12.1.0), which includes iptables-wrapper, a script used to determine the correct iptables mode to run in. (#92493, @justaugustus) [SIG Cluster Lifecycle and Release]
Nothing has changed.
Nothing has changed.
Nothing has changed.
filename | sha512 hash |
---|---|
kubernetes.tar.gz | 8d2cec9d026bbed016f004c23e205e234bcd40072cda81e805ecebe6e8cc8e4b5f1685c9dc57640edc3c5c67e09ac362bfa9bae1b654fcf425d3e4e184b5b46f |
kubernetes-src.tar.gz | 04a0180addc8c03815652b2cda14608022f0679466028eae475d88661369441f46d6f7be544d88b461508ca8c89410da1f43f51fde246cb8c8470d9c22973f0f |
filename | sha512 hash |
---|---|
kubernetes-client-darwin-386.tar.gz | 60e5e7b72570c927915a5d9b29bc06c0efbd1f80fbf2e14ccc8811b2962263de4a22b8fc2d3645888bd56b16f21093d6e8dd346bb62ffac50f6a20ed9e1516db |
kubernetes-client-darwin-amd64.tar.gz | 189430f4b19cb7a147e9974268874564584ac0e91aa16864e2fe9c2428e5b08f283c7d48d31bb9f05743db979f7414abace2fc4a9d6b8afc04fba2f7874ebd57 |
kubernetes-client-linux-386.tar.gz | 078cff6c8c5b902fc3326026894c68c9e8db49c1e247dafff73ed53c61547179537e60a6839ca34c4ac8632518988834427d336b71f4cbfc2dd878a6cbe48718 |
kubernetes-client-linux-amd64.tar.gz | 69344ab18d8f9608374cd4994ffbd878a9738b14793a41a25dfbedb0bf9a6174605507f92e7032930700c79ccc12ca899570a099d9db624d4c65580aefedbe0c |
kubernetes-client-linux-arm.tar.gz | ae202fa504f9f10a9e6e8d6eb2e5407729dbcc3fbde34ecb7814994a45b7e80446cc81845d4cde661d9937fcd1b6914820ce9f1bdf30a27a72f5f96fa3483dbf |
kubernetes-client-linux-arm64.tar.gz | 7ee7d1e493b399e3767e526d5a80b94d099c48798f62fa8e9673f974ea87ec5461a793381d6bbfd461a32ac735f6d66faa223659ddcb825ef0a1f405a482e404 |
kubernetes-client-linux-ppc64le.tar.gz | f8f1c44843584aadacd851f3c33cdd3699ff35cff4503da40e4280586b4281af4a24736cdb6b635e486015b3476106065eb61abe06d8d9c51f70e7e6838e0536 |
kubernetes-client-linux-s390x.tar.gz | ff796f22edff24d84a8f8952490db78ea20570dc7752cabb60035e84368256c900d32c926a501fe70781c2bf682cca2daf920c22034c8b4d3f32679d659ea5d3 |
kubernetes-client-windows-386.tar.gz | aebf17c13b081eeeaf7608e89599441cbeed959f3895dc969beec20e2561b4a89a51d40575f01c9d6fb58d1a1057717349ad668d3bed89de77ab78396ffccad9 |
kubernetes-client-windows-amd64.tar.gz | 7eb3201320139379f095c9d425434edbe7e608499b04033a303e6aa3e205d2b6e7d585d2850d3d2431498f34e48c5ff49561b038f309d02439e9d5eb2e809563 |
filename | sha512 hash |
---|---|
kubernetes-server-linux-amd64.tar.gz | e85fbe9aa255cabcf58b4c18fa666d6a85effa0fc9c78d0d150abf3f89bfd13fcd55163caf02188b095310e01f49e1f32464c9e87f43cebe1043868436e0e751 |
kubernetes-server-linux-arm.tar.gz | 6d6befa922522b8c6155cdeea7d56e1f21dc175b71ce2285c87a5ef591abc9590a37a56ae21792c0763ccee690110b5b6db5953aef36d607d6b21920f22e9c7f |
kubernetes-server-linux-arm64.tar.gz | 8158bc2fdb3577816f709a15633a1740872083032962ae0cb42a0975b614e6307e3a75fe8e58b8753a162702ef789d9c5e51ba22d754198e55339da811b05889 |
kubernetes-server-linux-ppc64le.tar.gz | d1c799ccebdfce580510cd0c5f61b30e47629cc1f837c8c2fed8408b6289fc7ff27f07a006ca04db023bb8924f963b78e10aa8538f02cf0b5a1bdbc3ed7bf1d0 |
kubernetes-server-linux-s390x.tar.gz | 0b8b357757b3e16ca947ff774b89524a8d2a2be94b422483dbe7148891daabdd6a626ab173084dd09854d83fff6d3c1df853fdeaab89ba289d16b7515746f13b |
filename | sha512 hash |
---|---|
kubernetes-node-linux-amd64.tar.gz | b01c34c0303116a2c7a579fec5bcd19d76fa605c6ec9fa7c9885e669437911365cf63c8be381aebab666f833ff9099be024fb139d3ddc50e5f9b6702352b5a3c |
kubernetes-node-linux-arm.tar.gz | 21384a97bea7d4e97a24d660f7c1ba9b5577314f5c6602c6fa29e1501628a513489a1ce8472f6b5d0b4964625d5e9ff786ea2069a5add112eae3d28069ce3758 |
kubernetes-node-linux-arm64.tar.gz | 8158b7abd711a42b1ff4eb42ce49d9eeb04d8903f0daa48cd7528516dafaf6693669d8653b1360fe2630c95b78fa3552184423670fd919896411d1d25781d173 |
kubernetes-node-linux-ppc64le.tar.gz | 5fa9d1306790f8cb8b16b7e9521d46f8e56cc619acd90165180c9fb02ac9bf0908130f80a7c0fce046a4f15ab4e366ab0d9f4b18a5da8180607c343e9009433b |
kubernetes-node-linux-s390x.tar.gz | ccafa72087fc09e37206e73ff2b2198fd5b2a5d2e56dca31f77c12aabe42d766f877d77c6265ae7a4c180e8926ba53cb4c563bd7a4d3dca85012e7a664fa5762 |
kubernetes-node-windows-amd64.tar.gz | ee2f631d619ac436232db9eb4ea377526738a15ad3a88752e7a481e02cd09d848fbdf91ac8dba7905272766a3039cb1cd76afce9cf84352020eefaaaad739bf4 |
- Resolve regression in metadata.managedFields handling in update/patch requests submitted by older API clients (#92007, @apelisse) [SIG API Machinery and Testing]
- Azure: set dest prefix and port for IPv6 inbound security rule (#91831, @aramase) [SIG Cloud Provider]
- Fix public IP not shown issues after assigning public IP to Azure VMs (#90886, @feiskyer) [SIG Cloud Provider]
- Fixed a regression preventing garbage collection of RBAC role and binding objects (#90534, @apelisse) [SIG Auth]
- Fixes regression in CPUManager that caused freeing of exclusive CPUs at incorrect times (#90377, @cbf123) [SIG Cloud Provider and Node]
- Fixes regression in CPUManager that had the (rare) possibility to release exclusive CPUs in app containers inherited from init containers. (#90419, @klueska) [SIG Node]
- Pod Finalizers and Conditions updates are skipped for re-scheduling attempts (#91298, @alculquicondor) [SIG Scheduling]
- Resolve regression in metadata.managedFields handling in create/update/patch requests not using server-side apply (#91791, @apelisse) [SIG API Machinery and Testing]
- Resolves an issue using
kubectl certificate approve/deny
against a server serving the v1 CSR API (#91691, @liggitt) [SIG Auth and CLI]
- Build: Use [email protected] image (#91476, @justaugustus) [SIG Cluster Lifecycle, Network and Release]
- Content-type and verb for request metrics are now bounded to a known set. (#89451, @logicalhan) [SIG API Machinery and Instrumentation]
- Update CNI to v0.8.6 (#91387, @justaugustus) [SIG Cluster Lifecycle, Network, Release and Testing]
Nothing has changed.
Nothing has changed.
Nothing has changed.
filename | sha512 hash |
---|---|
kubernetes.tar.gz | 7d511c960f766f76bc087c00d706dc78ed403f661ea62ea6a2e84b9a0498826c0186f8705d18e1101ce148eecf7046f3e96e0a64aff7698a0976414a56056d4d |
kubernetes-src.tar.gz | 93b83acf5d15cab94e1d2866b2613d1aeed67c00a9eed064988c3bc4c700e34bd854fffac730c5ed6d8e138f15ce7750c17952f33bd4918771c7da358fbf5b53 |
filename | sha512 hash |
---|---|
kubernetes-client-darwin-386.tar.gz | cf6a22a453b88de6be0e09ad67e8bb3e364b702a86c9ba911540d4f4b2ae0872d3802f814cd471ef4ec0b2822b071489d59e21ece01f38fa567d3afd8718158f |
kubernetes-client-darwin-amd64.tar.gz | bd3c15726d44d083f48dbc1af0f55f2d2d0c82ad020ed583bf05460a4fc9073bdd0395c2e0e4bfc74b705f4427bfe76bee0c77eb4aea83247b6627fc15d8d3f9 |
kubernetes-client-linux-386.tar.gz | 6cb3d18086e275b78c3019a51de5795f5d112482ea6dc99a58e3985269e948e054a5e38457f837add606b83d86fb1c5b9044903f9dea964d9ea84c564a8ca6e5 |
kubernetes-client-linux-amd64.tar.gz | cfcb89a706eb8ddc7aa8225e3f0eb76a0d973faa1c82b1bec0a457cd8b44b7bd5c154b7ed1f7cdabfdee84af8a33fd7fff83970a6ee5a97d661a806b69da968b |
kubernetes-client-linux-arm.tar.gz | adbb0383ab50358e479438831168b6f3187a7cafcad84e8c22ff2ec52300be643bf535ffbe0c6ffc971120afb56703c206a64459db7b485ee67dd05d84393f5e |
kubernetes-client-linux-arm64.tar.gz | 32f5e6cc5a811f941faaa92667d236bb08bc245a103a2ab555569a5bf1bfd1926f30ce08635273fbea414f92c8764f8077b3e3be5ea52e90be4ed3ded9253452 |
kubernetes-client-linux-ppc64le.tar.gz | b0b2ade932e17aa4b88b147fcb6aeace81c65e795202e27c780e270a86f50fd7f863f41558b0fc37ece1196fa39047baf47568416ee6faed7946593ad35fba03 |
kubernetes-client-linux-s390x.tar.gz | db49113c3e5d727d6c66b17a0a5a3f7d383b7179630fb5680d278f34b35e4f3d5a1086489858a90a5417dafc42222d23ff2aacba7b7d571d3b2d9ced460877de |
kubernetes-client-windows-386.tar.gz | d2a8e6f6e93a3ce6af473372de1c52e039d14a443d93537001e1bc5e7b237768a25a9a1d891a40d50142c23df1e7d94f767d11adf949439e77328c7aafbc7a23 |
kubernetes-client-windows-amd64.tar.gz | 5f2739b862fbbab9f847b61f9373021b92c4d9188ff7f534125dc48d2d1e6ed51bd7bc5c987f26db3bf1d1f05a4c0f4c0ff7a0836a4ca14e56d2b12f406f1a72 |
filename | sha512 hash |
---|---|
kubernetes-server-linux-amd64.tar.gz | 5561483d796b124b8fe0e1cf5778ea03fec1e244ebc29f4b1b6c5ac93ab6bd10808d05da81b5f26426d51a3784c93ddf8b375ff971a78aebfd0ec7acac161365 |
kubernetes-server-linux-arm.tar.gz | 5e0e026fb93ac5452d1ddeb5fc016dbd44276d2340088ef59916bdd264b43ab02889beb645b6b8d9e5ee02bf2fe827327478b158f80b152c073b9ecaaba6fd0e |
kubernetes-server-linux-arm64.tar.gz | eb0b72f79e9d0c717995f7e52d24646daa8cbaf0e1502c0b27a15acebcfa5d61495bee49cc6ba4eb4ed8d4e1d9aae29170a86c70240da56f8fb9360dabb9ec7b |
kubernetes-server-linux-ppc64le.tar.gz | 52ef224a68d3ea50f320ca43b2ec98fedc07431b05db6fb00556b870bb8a533aa1ceb5f5ad90ea3d41f611045014a387ae84de5df8c51c6fbf8fa1e0d8c07d31 |
kubernetes-server-linux-s390x.tar.gz | eb4581d2419734c4835ebd2a91a40fa7e1180c8b8ff4088c9d1995c11787b7d6b7cb26cedfdce8c53affc648b106fe852ed53f165142f1089c27f9368570025d |
filename | sha512 hash |
---|---|
kubernetes-node-linux-amd64.tar.gz | 1027a6fccadd320f123894dc624db31539333deef0b3d51b4bd3efc9214f2d74a0a50c53dc28e5801426d3c9556f82f4e06042c824151fea9112df795976d158 |
kubernetes-node-linux-arm.tar.gz | 9dfd609692372660152c6fe6d08be082b0d20d4c70546d722ce5aa5565cc6d810bb0cdac6b98d9a9374382b9dcf8819e4e1d263481791e044cfef5d3980d0b13 |
kubernetes-node-linux-arm64.tar.gz | d0b0a8ac1f448df7c3bb2254000e0ca8567fafe1fd4e680c75a6c8d40dcc9d4b9ae34648532aef50a953be99d41d62464d704b516c33745fc169337684e7433b |
kubernetes-node-linux-ppc64le.tar.gz | b5f3a0e3b2b26d3ac5b8be808355233787c1d3663268da88096351b39b6ff6e58befff97dab109b6324ad050fe2a361ac6b35dbdab7f2dd85dc013d881baecf9 |
kubernetes-node-linux-s390x.tar.gz | 52c9cc8a09c5d5c9150dc023b759ebe77632121a54bf0936b96f4148b7e421964f39bdad4fcd1002f453c012a03d928888cc04520a10a96ea45d798a7cd2ca7b |
kubernetes-node-windows-amd64.tar.gz | f83802db06a86edd9ade8e737ed0e8a11ebeeaa69e102f9550b90f0d8a724e7864f6531f7f500ff70d4202168a774c5b328fea1ec0a95b9e275a0233a852f04f |
- An issue preventing GCP cloud-controller-manager running out-of-cluster to initialize new Nodes is now fixed. (#90057, @ialidzhikov) [SIG Apps and Cloud Provider]
- Avoid unnecessary scheduling churn when annotations are updated while Pods are being scheduled. (#90373, @fabiokung) [SIG Scheduling]
- Base-images: Update to kube-cross:v1.13.9-5 (#90964, @justaugustus) [SIG Release and Testing]
- CSINode initialization does not crash kubelet on startup when APIServer is not reachable or kubelet has not the right credentials yet. (#89589, @jsafrane) [SIG Storage]
- Fix IPVS compatiblity issue with older kernels (< 3.18) where the netlink address family attribute is not set (#90678, @andrewsykim) [SIG Cluster Lifecycle, Network and Testing]
- Fix flaws in Azure CSI translation (#90324, @andyzhangx) [SIG Cloud Provider]
- Fix: Init containers are now considered for the calculation of resource requests when scheduling (#90378, @alculquicondor) [SIG Scheduling]
- Fix: azure disk dangling attach issue which would cause API throttling (#90749, @andyzhangx) [SIG Cloud Provider]
- Fix: support removal of nodes backed by deleted non VMSS instances on Azure (#91184, @bpineau) [SIG Cloud Provider]
- Fixed a 1.18 regression in wait.Forever that skips the backoff period on the first repeat (#90476, @zhan849) [SIG API Machinery]
- Fixed a regression running kubectl commands with --local or --dry-run flags when no kubeconfig file is present (#90243, @soltysh) [SIG API Machinery, CLI and Testing]
- Fixes a bug defining a default value for a replicas field in a custom resource definition that has the scale subresource enabled (#90019, @liggitt) [SIG API Machinery, CLI, Cloud Provider, Cluster Lifecycle and Instrumentation]
- Fixes a regression in 1.17 that dropped cache-control headers on API requests (#90468, @liggitt) [SIG API Machinery and Testing]
- Kubeadm: increase robustness for "kubeadm join" when adding etcd members on slower setups (#90645, @neolit123) [SIG Cluster Lifecycle]
- Provides a fix to allow a cluster in a private Azure cloud to authenticate to ACR in the same cloud. (#90425, @DavidParks8) [SIG Cloud Provider]
- Scheduling failures due to no nodes available are now reported as unschedulable under
schedule_attempts_total
metric. (#90989, @ahg-g) [SIG Scheduling]
- base-images: Use debian-base:v2.1.0 (includes CVE fixes)
- base-images: Use debian-iptables:v12.1.0 (includes CVE fixes) (#90863, @justaugustus) [SIG API Machinery, Cluster Lifecycle and Release]
Nothing has changed.
- k8s.io/kube-openapi: bf4fb3b → 61e04a5
- github.com/docker/libnetwork: c8a5fca
filename | sha512 hash |
---|---|
kubernetes.tar.gz | 2f8e853bd59731410259d5357d9969425fbbbea378bbe6cdd0f7a9ddf5c25924838300924b03ec15d6b9030be86bea9d26bb9b63078bf2c150b0bbc0859419d7 |
kubernetes-src.tar.gz | 0915b658c53b9bad1b3913470cb6728bc51fd49e8ac7778d4653c7271642d56a51ae83e58b9a1829a8df8970e73411f02c5ab277f8a9ba4befc4ba933800a9c5 |
filename | sha512 hash |
---|---|
kubernetes-client-darwin-386.tar.gz | 0a0c94fe16819eb16ca7ef0110a2a45ad5368a5cb326ca48e1d72ef56488c5c273fcfa15e9704492dfb3188447800cf109bf434b6d646a2c01c833eccaa7ebbe |
kubernetes-client-darwin-amd64.tar.gz | 46a056b3bf9936498c1bbb78ca6d882c17271723676ec53409fe6fd67c7f8a9cb0ab00e286f8ab2231216fabbcfec72f943c29827068ab66d6029f585faccfcb |
kubernetes-client-linux-386.tar.gz | 58f137f3d13b213a153e7589d82040d5f1aee525368de974c134494c14d0f88526e4b1db9022dd728d47fe13ff1c4c97fba94e3b2ebc746ec537bebf41817d53 |
kubernetes-client-linux-amd64.tar.gz | ed36f49e19d8e0a98add7f10f981feda8e59d32a8cb41a3ac6abdfb2491b3b5b3b6e0b00087525aa8473ed07c0e8a171ad43f311ab041dcc40f72b36fa78af95 |
kubernetes-client-linux-arm.tar.gz | ae3b7a8f85d2f262b0f24d277602034cd6657aa0a0467768b87c379b821963c10e35cff8131f666038feb2a2e543725c0025ed84a7a254c6e96036b911988530 |
kubernetes-client-linux-arm64.tar.gz | 54b10261c354e99d3eeee862461f0c3f99ff0e3b603230da7a48e182fd5890e438ff5bc8daafc74a3be9411a873d9ed611cea99c038fff53aa9e57d8d7140662 |
kubernetes-client-linux-ppc64le.tar.gz | b9694a0cf9e42bc9299d923de79e61ec52419a1889605cfd2eb5e6f9277191a0a1c6b7ceaf251735e576ad4aa73465c1c6a48b977243e45b6449fe7017dad18b |
kubernetes-client-linux-s390x.tar.gz | 144861c7cfc28b63da11de4b847d68bb4a984b5eeb54ccbccf998bd87e0e2832d38d3610056cf2e5d3a59535a0f8213bebd9369f0f6c1fd947afad41fdcc8837 |
kubernetes-client-windows-386.tar.gz | 3fa6e6fdf88b7f9ae7dc8f95526977aea6e2fe65fdbb988c2ea40d160ba30342453ee9e0ce022c69d8635405ad92c6672d775e8e477cf3c937c1bbb7217fb279 |
kubernetes-client-windows-amd64.tar.gz | 733887310c94e70fb33c6fbea9c5e7d4a74b4c2402735ed7856eb2e009bb0ed2aab3abeb1d13b46681e876df6901bd2be6547a25061a8e8df442301179b82fc9 |
filename | sha512 hash |
---|---|
kubernetes-server-linux-amd64.tar.gz | f808e85a5e6f8dfed18ee3479691be8283c13c787ad5abb1a06f1c84aa7e7894af9028c6edcc4cdfe2cccf58e9c8394a6958facc92364d388a62ebf6aa9db2e8 |
kubernetes-server-linux-arm.tar.gz | 7ec6d47cda5f8f2cafaa82ac1179dc181d93562d1a2ad7687dca5dba8737498c0488275eb0ba33018c48e684550fa8612d03726251ed24fdebc893286528a401 |
kubernetes-server-linux-arm64.tar.gz | f5341be0c84cbf383662ed333bb2f9a4b83f80b6ebe77526ed2a407e3cd566f643be030c367606da4eb563523119f7bd8a9a7173b91cc5466602b5f9e1c34921 |
kubernetes-server-linux-ppc64le.tar.gz | 1c861320ddd63c9731781079fb00d9b0c80befe9b98103056f3abdd214cdd4974b1d79196491fb7c953d0126343fb6d7b9a6a7ca1684b8d8c5db686e1647106b |
kubernetes-server-linux-s390x.tar.gz | 5e57f536844d606873412a5ca46e85c4a6deae5e5dc415b3fbd0b20a58750cd0360265bc237102a8050db795c1293d6d7530cb5183e0ca25bc8e93f3f5fc650c |
filename | sha512 hash |
---|---|
kubernetes-node-linux-amd64.tar.gz | b342dbb9fce1c2667ed255e0b7457063e7f4827a74d4c946087bb471144a552e93e17e624075273fd72b1788fc9219ae46a8d8b1c247b2f26320e932143fef1b |
kubernetes-node-linux-arm.tar.gz | d74d6b9a0c05623fb5f3b7423517c3a8c03f6fd18525554cae5704cadc3676d70d42d0537de70f7b7619e31640a8c510b4321e0eeada49300d9c92cac2a9217a |
kubernetes-node-linux-arm64.tar.gz | d80716155df8ee997b4d81573ab713a04f64e91ec0e7c6c77af2e0031bbbe1f250cc463a7788e548217f6e7071caf458239869f2863737f3007a8cf79abff9cc |
kubernetes-node-linux-ppc64le.tar.gz | 89fe1dbbbefe36169232b46b564fc46b96cf6987bca8c1f9c61475d07a771c65f63cdf4c66168e9c515ec862f65b83d5a7668425e956a109e1aa60e0988d4a57 |
kubernetes-node-linux-s390x.tar.gz | 734e11c10c4e8dea9931ce0e832dac8495808acb7940ca2be4a13cedbea53b537973320e80b9f021c37c10c9510dcf328b0f975c40afebc301ea3d3937a3c36a |
kubernetes-node-windows-amd64.tar.gz | f121f7893c102ecd491189077ccbddd7aa0625cf2bfe855a7be00cfe615e6d397928cb5448092993626f33b216e89ac11bd0c09255847e1b6ba9a54a933eee53 |
- Client-go: resolves an issue with informers falling back to full list requests when timeouts are encountered, rather than re-establishing a watch. (#89975, @liggitt) [SIG API Machinery and Testing]
- Fix scheduler crash when removing node before its pods (#89908, @alculquicondor) [SIG Scheduling]
- Fixes conversion error for HorizontalPodAutoscaler objects with invalid annotations (#89965, @liggitt) [SIG Autoscaling]
- Fixes kubectl apply/prune in namespace other than default. (#90016, @seans3) [SIG CLI and Testing]
- For GCE cluster provider, fix bug of not being able to create internal type load balancer for clusters with more than 1000 nodes in a single zone. (#89902, @wojtek-t) [SIG Cloud Provider, Network and Scalability]
- Restores priority of static control plane pods in the cluster/gce/manifests control-plane manifests (#89970, @liggitt) [SIG Cluster Lifecycle and Node]
filename | sha512 hash |
---|---|
kubernetes.tar.gz | 460dcc0b27fdfd9b4a574287708c0fef22224bd4c1bc777654a69a76c7dafb37e6a37b028aeaa8d79e202c2265fe4b322af6a95515cd438e44de7d55dac176b3 |
kubernetes-src.tar.gz | adc6b3ccc9792794b97d2c8c7e5d582ac92aedfa83bb9cdfb782057ce4e80985e940eeb8f3e943b90919927fe8ce65863077e526b56e7675ee1d5d66760d08b6 |
filename | sha512 hash |
---|---|
kubernetes-client-darwin-386.tar.gz | fe7c496778172012504839175c48c69337afc7341c8c71d2858bf9319a2bb4673abeb95b1415ae4abaa2364f24b410edaada963beeb614b361f6d412bf4c9352 |
kubernetes-client-darwin-amd64.tar.gz | a62a894ae001cb3f245595488a46c8c8c5c52d15eb9eefc7b458df6c93399e58eba52d1ca0dc8df1ee74ea75ecea3ab4853eea4bf830dfb89be3b4d6a5d0d83c |
kubernetes-client-linux-386.tar.gz | 4cd898e86510f17d0a34c8721f942d81bdaafbf4d6513efde2710aad7dc44e89b6d986491c444f57ad9f183ac376031ecdb8e6dbee7dea76f7e4df116fb3998a |
kubernetes-client-linux-amd64.tar.gz | 37e664e40bb31765572215cf262a5c9bbc7748d158d0db58dbec2d5e593b54d71586af77296eda1cec2a2230b1d27260c51f6410b83afeeafc3c5354c308b4c4 |
kubernetes-client-linux-arm.tar.gz | 196977d4a09046abb168ea4c6cde261a90226cd391d74877ce1d9907bc8ba670d0365311980422493125a2cde8648ece0035ff1af6d9507975428129de603c83 |
kubernetes-client-linux-arm64.tar.gz | 675f27c170eb888f08db834f03b8123d19f0f2dd357c694c6c1cae59067c8d6b0b2db82b9cefc105dd16079ef6f7261e03fe9a73089c03dd3d53b1d68ed1cf68 |
kubernetes-client-linux-ppc64le.tar.gz | dd317cf29ed7cfa664a0f88651273565ca831138994cb37d8d53f5ba3993a6da529a377ded98d65c31450b31e1647fb87bc708f2aec6b2ef6a2bea9c73fb73fb |
kubernetes-client-linux-s390x.tar.gz | 57db3fcc952ad57d94f3b92022c1881b3852b321535501af7b2dfca9eb0acde03a34c5863aad6fe304fc4aaa922ff538d5dae7bc8c375a05956f892c265fbaf1 |
kubernetes-client-windows-386.tar.gz | ad52ae356e9d0156bdaa5ed4c77cd0226610fd715093e2caf7466c1bf87bb9bb2f21a48e9676f265c52de301bc416ce17cda5ac9fd7d379323c977c5f07ee9cd |
kubernetes-client-windows-amd64.tar.gz | efe66bb5ae58e06c7787b98fc69e191502dadecf719636788f25bff7bd0e50d7d170c5e729611406c304afd159b33b0048c436e823276b0fc9d4c07904ba7974 |
filename | sha512 hash |
---|---|
kubernetes-server-linux-amd64.tar.gz | 2183d1fcfca1370f75146797100801d7fbfec97789d1ca5eef4aff79bf66e01869ddaac51ab76abc073026682fe4d7ee658ffed99b5324ad285019c8dabcfea6 |
kubernetes-server-linux-arm.tar.gz | 8ca77be8dd999e0a31bb9de597f383628941b7d6537cec19ce3a77c8f4fc537c649e9ce0bd43ec4ecb387d224654804f6f4682c80c26ba7e97cab6aff5b57e21 |
kubernetes-server-linux-arm64.tar.gz | b1eacba21d8740bba785f94b66aea1fb9e4529bea9740d938cd52409acc970f0a93ec5c857059d3d3f555f9eb6cd4f799c42266ad493676b3fed7f1deaf5a878 |
kubernetes-server-linux-ppc64le.tar.gz | dc8426bd333aa2fe703003356a6237df760c6753c142e6fea28cbf13656e53eb26d99b862000813ba94fe2041fc073271217879b7036546a7bd4b848aa569f6b |
kubernetes-server-linux-s390x.tar.gz | 2398638d5724627573326b6820cb268d30d47f18afc913d367f518ba8cde8a419b0dc394b925be310c95aa0f3705f625ff0f628a11da38cdf94da4f493e9bb75 |
filename | sha512 hash |
---|---|
kubernetes-node-linux-amd64.tar.gz | 88a9b68c8cba77fe50751d998117ab632d1e8aa12a45f6bef71a24ee5a8fb6f559d00f129b8682f9d5838671edb6649e3c9caebdf9ce2a37f282f21316a522e0 |
kubernetes-node-linux-arm.tar.gz | 3b558a1743893a994ec061a86aaf343d90e800d7ccd69c771b92d8915fc14217046a2f4817829dbdbe025331fe733ae401dbf671b4345d7a88b0c6470fbd99e8 |
kubernetes-node-linux-arm64.tar.gz | 534b3db7e21f247189a484bb57958a3276bf74268d5943d712e68db50806afeeb1253acdc6a4c639c6ac08045e95ac4f9aaf95fa8192c85a19831329068bf5c6 |
kubernetes-node-linux-ppc64le.tar.gz | 0bb1c7ee23ce7dbee0614e2d8fb8d79e0a36615ea4ea39ef97acf4e907ca5a9b57ee3735afc7b5bce8dd5b15f104cf37e1d92168684bb4e5fd053ed3c35802e6 |
kubernetes-node-linux-s390x.tar.gz | e4529b0804696c8bae9430411d5b51087fa6c204bef37a1c6e30d01490c7e996367f1e9aa1d9c10ca2faf9d90c02459fc36c64b1790fa88b703bb134df54c1c1 |
kubernetes-node-windows-amd64.tar.gz | 7d976b1b22766cdd65b2b84602053b765e487d947966b4aaa3b169bb462d095e6a794154cd920b2c5e8a2d59695b75435ddb1237bc07404bba1273a0db01539e |
- deps: Update to Golang 1.13.9
- build: Remove kube-cross image building (#89398, @justaugustus) [SIG Release and Testing]
- Azure: fix concurreny issue in lb creation (#89604, @aramase) [SIG Cloud Provider]
- Ensure Azure availability zone is always in lower cases. (#89722, @feiskyer) [SIG Cloud Provider]
- Fix kubectl diff so it doesn't actually persist patches (#89795, @julianvmodesto) [SIG CLI and Testing]
- Fix: get attach disk error due to missing item in max count table (#89768, @andyzhangx) [SIG Cloud Provider and Storage]
- Fixed the EndpointSlice controller to run without error on a cluster with the OwnerReferencesPermissionEnforcement validating admission plugin enabled. (#89804, @marun) [SIG Auth and Network]
- Fixes kubectl to apply all validly built objects, instead of stopping on error. (#89864, @seans3) [SIG CLI and Testing]
- In the kubelet resource metrics endpoint at /metrics/resource, change the names of the following metrics:
- Kubeadm: during join when a check is performed that a Node with the same name already exists in the cluster, make sure the NodeReady condition is properly validated (#89602, @kvaps) [SIG Cluster Lifecycle]
- Kubeadm: fix a bug where post upgrade to 1.18.x, nodes cannot join the cluster due to missing RBAC (#89537, @neolit123) [SIG Cluster Lifecycle]
- Kubectl azure authentication: fixed a regression in 1.18.0 where "spn:" prefix was unexpectedly added to the
apiserver-id
configuration in the kubeconfig file (#89706, @weinong) [SIG API Machinery and Auth] - Kubectl: Fixes bug by aggregating 'apply' errors instead of failing after first error (#89607, @seans3) [SIG CLI and Testing]
- Reduce event spam during a volume operation error. (#89796, @msau42) [SIG Storage]
filename | sha512 hash |
---|---|
kubernetes.tar.gz | cd5b86a3947a4f2cea6d857743ab2009be127d782b6f2eb4d37d88918a5e433ad2c7ba34221c34089ba5ba13701f58b657f0711401e51c86f4007cb78744dee7 |
kubernetes-src.tar.gz | fb42cf133355ef18f67c8c4bb555aa1f284906c06e21fa41646e086d34ece774e9d547773f201799c0c703ce48d4d0e62c6ba5b2a4d081e12a339a423e111e52 |
filename | sha512 hash |
---|---|
kubernetes-client-darwin-386.tar.gz | 26df342ef65745df12fa52931358e7f744111b6fe1e0bddb8c3c6598faf73af997c00c8f9c509efcd7cd7e82a0341a718c08fbd96044bfb58e80d997a6ebd3c2 |
kubernetes-client-darwin-amd64.tar.gz | 803a0fed122ef6b85f7a120b5485723eaade765b7bc8306d0c0da03bd3df15d800699d15ea2270bb7797fa9ce6a81da90e730dc793ea4ed8c0149b63d26eca30 |
kubernetes-client-linux-386.tar.gz | 110844511b70f9f3ebb92c15105e6680a05a562cd83f79ce2d2e25c2dd70f0dbd91cae34433f61364ae1ce4bd573b635f2f632d52de8f72b54acdbc95a15e3f0 |
kubernetes-client-linux-amd64.tar.gz | 594ca3eadc7974ec4d9e4168453e36ca434812167ef8359086cd64d048df525b7bd46424e7cc9c41e65c72bda3117326ba1662d1c9d739567f10f5684fd85bee |
kubernetes-client-linux-arm.tar.gz | d3627b763606557a6c9a5766c34198ec00b3a3cd72a55bc2cb47731060d31c4af93543fb53f53791062bb5ace2f15cbaa8592ac29009641e41bd656b0983a079 |
kubernetes-client-linux-arm64.tar.gz | ba9056eff1452cbdaef699efbf88f74f5309b3f7808d372ebf6918442d0c9fea1653c00b9db3b7626399a460eef9b1fa9e29b827b7784f34561cbc380554e2ea |
kubernetes-client-linux-ppc64le.tar.gz | f80fb3769358cb20820ff1a1ce9994de5ed194aabe6c73fb8b8048bffc394d1b926de82c204f0e565d53ffe7562faa87778e97a3ccaaaf770034a992015e3a86 |
kubernetes-client-linux-s390x.tar.gz | a9b658108b6803d60fa3cd4e76d9e58bf75201017164fe54054b7ccadbb68c4ad7ba7800746940bc518d90475e6c0a96965a26fa50882f4f0e56df404f4ae586 |
kubernetes-client-windows-386.tar.gz | 18adffab5d1be146906fd8531f4eae7153576aac235150ce2da05aee5ae161f6bd527e8dec34ae6131396cd4b3771e0d54ce770c065244ad3175a1afa63c89e1 |
kubernetes-client-windows-amd64.tar.gz | 162396256429cef07154f817de2a6b67635c770311f414e38b1e2db25961443f05d7b8eb1f8da46dec8e31c5d1d2cd45f0c95dad1bc0e12a0a7278a62a0b9a6b |
filename | sha512 hash |
---|---|
kubernetes-server-linux-amd64.tar.gz | a92f8d201973d5dfa44a398e95fcf6a7b4feeb1ef879ab3fee1c54370e21f59f725f27a9c09ace8c42c96ac202e297fd458e486c489e05f127a5cade53b8d7c4 |
kubernetes-server-linux-arm.tar.gz | 62fbff3256bc0a83f70244b09149a8d7870d19c2c4b6dee8ca2714fc7388da340876a0f540d2ae9bbd8b81fdedaf4b692c72d2840674db632ba2431d1df1a37d |
kubernetes-server-linux-arm64.tar.gz | 842910a7013f61a60d670079716b207705750d55a9e4f1f93696d19d39e191644488170ac94d8740f8e3aa3f7f28f61a4347f69d7e93d149c69ac0efcf3688fe |
kubernetes-server-linux-ppc64le.tar.gz | 95c5b952ac1c4127a5c3b519b664972ee1fb5e8e902551ce71c04e26ad44b39da727909e025614ac1158c258dc60f504b9a354c5ab7583c2ad769717b30b3836 |
kubernetes-server-linux-s390x.tar.gz | a46522d2119a0fd58074564c1fa95dd8a929a79006b82ba3c4245611da8d2db9fd785c482e1b61a9aa361c5c9a6d73387b0e15e6a7a3d84fffb3f65db3b9deeb |
filename | sha512 hash |
---|---|
kubernetes-node-linux-amd64.tar.gz | f714f80feecb0756410f27efb4cf4a1b5232be0444fbecec9f25cb85a7ccccdcb5be588cddee935294f460046c0726b90f7acc52b20eeb0c46a7200cf10e351a |
kubernetes-node-linux-arm.tar.gz | 806000b5f6d723e24e2f12d19d1b9b3d16c74b855f51c7063284adf1fcc57a96554a3384f8c05a952c6f6b929a05ed12b69151b1e620c958f74c9600f3db0fcb |
kubernetes-node-linux-arm64.tar.gz | c207e9ab60587d135897b5366af79efe9d2833f33401e469b2a4e0d74ecd2cf6bb7d1e5bc18d80737acbe37555707f63dd581ccc6304091c1d98dafdd30130b7 |
kubernetes-node-linux-ppc64le.tar.gz | a542ed5ed02722af44ef12d1602f363fcd4e93cf704da2ea5d99446382485679626835a40ae2ba47a4a26dce87089516faa54479a1cfdee2229e8e35aa1c17d7 |
kubernetes-node-linux-s390x.tar.gz | 651e0db73ee67869b2ae93cb0574168e4bd7918290fc5662a6b12b708fa628282e3f64be2b816690f5a2d0f4ff8078570f8187e65dee499a876580a7a63d1d19 |
kubernetes-node-windows-amd64.tar.gz | d726ed904f9f7fe7e8831df621dc9094b87e767410a129aa675ee08417b662ddec314e165f29ecb777110fbfec0dc2893962b6c71950897ba72baaa7eb6371ed |
A complete changelog for the release notes is now hosted in a customizable format at https://relnotes.k8s.io. Check it out and please give us your feedback!
A beta feature of Kubernetes in release 1.18, the Topology Manager feature enables NUMA alignment of CPU and devices (such as SR-IOV VFs) that will allow your workload to run in an environment optimized for low-latency. Prior to the introduction of the Topology Manager, the CPU and Device Manager would make resource allocation decisions independent of each other. This could result in undesirable allocations on multi-socket systems, causing degraded performance on latency critical applications.
Server-side Apply was promoted to Beta in 1.16, but is now introducing a second Beta in 1.18. This new version will track and manage changes to fields of all new Kubernetes objects, allowing you to know what changed your resources and when.
In Kubernetes 1.18, there are two significant additions to Ingress: A new pathType
field and a new IngressClass
resource. The pathType
field allows specifying how paths should be matched. In addition to the default ImplementationSpecific
type, there are new Exact
and Prefix
path types.
The IngressClass
resource is used to describe a type of Ingress within a Kubernetes cluster. Ingresses can specify the class they are associated with by using a new ingressClassName
field on Ingresses. This new resource and field replace the deprecated kubernetes.io/ingress.class
annotation.
SIG CLI was debating the need for a debug utility for quite some time already. With the development of ephemeral containers, it became more obvious how we can support developers with tooling built on top of kubectl exec
. The addition of the kubectl debug
command (it is alpha but your feedback is more than welcome), allows developers to easily debug their Pods inside the cluster. We think this addition is invaluable. This command allows one to create a temporary container which runs next to the Pod one is trying to examine, but also attaches to the console for interactive troubleshooting.
With the release of Kubernetes 1.18, an alpha version of CSI Proxy for Windows is getting released. CSI proxy enables non-privileged (pre-approved) containers to perform privileged storage operations on Windows. CSI drivers can now be supported in Windows by leveraging CSI proxy. SIG Storage made a lot of progress in the 1.18 release. In particular, the following storage features are moving to GA in Kubernetes 1.18:
- Raw Block Support: Allow volumes to be surfaced as block devices inside containers instead of just mounted filesystems.
- Volume Cloning: Duplicate a PersistentVolumeClaim and underlying storage volume using the Kubernetes API via CSI.
- CSIDriver Kubernetes API Object: Simplifies CSI driver discovery and allows CSI Drivers to customize Kubernetes behavior.
SIG Storage is also introducing the following new storage features as alpha in Kubernetes 1.18:
- Windows CSI Support: Enabling containerized CSI node plugins in Windows via new CSIProxy
- Recursive Volume Ownership OnRootMismatch Option: Add a new “OnRootMismatch” policy that can help shorten the mount time for volumes that require ownership change and have many directories and files.
SIG Network is moving IPv6 to Beta in Kubernetes 1.18, after incrementing significantly the test coverage with new CI jobs.
NodeLocal DNSCache is an add-on that runs a dnsCache pod as a daemonset to improve clusterDNS performance and reliability. The feature has been in Alpha since 1.13 release. The SIG Network is announcing the GA graduation of Node Local DNSCache #1351
No Known Issues Reported
- in an
--encryption-provider-config
config file, an explicitcacheSize: 0
parameter previously silently defaulted to caching 1000 keys. In Kubernetes 1.18, this now returns a config validation error. To disable caching, you can specify a negative cacheSize value in Kubernetes 1.18+. - consumers of the 'certificatesigningrequests/approval' API must now have permission to 'approve' CSRs for the specific signer requested by the CSR. More information on the new signerName field and the required authorization can be found at https://kubernetes.io/docs/reference/access-authn-authz/certificate-signing-requests#authorization (#88246, @munnerz) [SIG API Machinery, Apps, Auth, CLI, Node and Testing]
- The following features are unconditionally enabled and the corresponding
--feature-gates
flags have been removed:PodPriority
,TaintNodesByCondition
,ResourceQuotaScopeSelectors
andScheduleDaemonSetPods
(#86210, @draveness) [SIG Apps and Scheduling]
--enable-cadvisor-endpoints
is now disabled by default. If you need access to the cAdvisor v1 Json API please enable it explicitly in the kubelet command line. Please note that this flag was deprecated in 1.15 and will be removed in 1.19. (#87440, @dims) [SIG Instrumentation, Node and Testing]- Promote CSIMigrationOpenStack to Beta (off by default since it requires installation of the OpenStack Cinder CSI Driver. The in-tree AWS OpenStack Cinder driver "kubernetes.io/cinder" was deprecated in 1.16 and will be removed in 1.20. Users should enable CSIMigration + CSIMigrationOpenStack features and install the OpenStack Cinder CSI Driver (https://github.com/kubernetes-sigs/cloud-provider-openstack) to avoid disruption to existing Pod and PVC objects at that time. Users should start using the OpenStack Cinder CSI Driver directly for any new volumes. (#85637, @dims) [SIG Cloud Provider]
kubectl
and k8s.io/client-go no longer default to a server address ofhttp://localhost:8080
. If you own one of these legacy clusters, you are strongly encouraged to secure your server. If you cannot secure your server, you can set the$KUBERNETES_MASTER
environment variable tohttp://localhost:8080
to continue defaulting the server address.kubectl
users can also set the server address using the--server
flag, or in a kubeconfig file specified via--kubeconfig
or$KUBECONFIG
. (#86173, @soltysh) [SIG API Machinery, CLI and Testing]kubectl run
has removed the previously deprecated generators, along with flags unrelated to creating pods.kubectl run
now only creates pods. See specifickubectl create
subcommands to create objects other than pods. (#87077, @soltysh) [SIG Architecture, CLI and Testing]- The deprecated command
kubectl rolling-update
has been removed (#88057, @julianvmodesto) [SIG Architecture, CLI and Testing]
-
Signatures on methods in generated clientsets, dynamic, metadata, and scale clients have been modified to accept
context.Context
as a first argument. Signatures of Create, Update, and Patch methods have been updated to accept CreateOptions, UpdateOptions and PatchOptions respectively. Signatures of Delete and DeleteCollection methods now accept DeleteOptions by value instead of by reference. Generated clientsets with the previous interface have been added in new "deprecated" packages to allow incremental migration to the new APIs. The deprecated packages will be removed in the 1.21 release. A tool is available at http://sigs.k8s.io/clientgofix to rewrite method invocations to the new signatures. -
The following deprecated metrics are removed, please convert to the corresponding metrics:
- The following replacement metrics are available from v1.14.0:
rest_client_request_latency_seconds
->rest_client_request_duration_seconds
scheduler_scheduling_latency_seconds
->scheduler_scheduling_duration_seconds
docker_operations
->docker_operations_total
docker_operations_latency_microseconds
->docker_operations_duration_seconds
docker_operations_errors
->docker_operations_errors_total
docker_operations_timeout
->docker_operations_timeout_total
network_plugin_operations_latency_microseconds
->network_plugin_operations_duration_seconds
kubelet_pod_worker_latency_microseconds
->kubelet_pod_worker_duration_seconds
kubelet_pod_start_latency_microseconds
->kubelet_pod_start_duration_seconds
kubelet_cgroup_manager_latency_microseconds
->kubelet_cgroup_manager_duration_seconds
kubelet_pod_worker_start_latency_microseconds
->kubelet_pod_worker_start_duration_seconds
kubelet_pleg_relist_latency_microseconds
->kubelet_pleg_relist_duration_seconds
kubelet_pleg_relist_interval_microseconds
->kubelet_pleg_relist_interval_seconds
kubelet_eviction_stats_age_microseconds
->kubelet_eviction_stats_age_seconds
kubelet_runtime_operations
->kubelet_runtime_operations_total
kubelet_runtime_operations_latency_microseconds
->kubelet_runtime_operations_duration_seconds
kubelet_runtime_operations_errors
->kubelet_runtime_operations_errors_total
kubelet_device_plugin_registration_count
->kubelet_device_plugin_registration_total
kubelet_device_plugin_alloc_latency_microseconds
->kubelet_device_plugin_alloc_duration_seconds
scheduler_e2e_scheduling_latency_microseconds
->scheduler_e2e_scheduling_duration_seconds
scheduler_scheduling_algorithm_latency_microseconds
->scheduler_scheduling_algorithm_duration_seconds
scheduler_scheduling_algorithm_predicate_evaluation
->scheduler_scheduling_algorithm_predicate_evaluation_seconds
scheduler_scheduling_algorithm_priority_evaluation
->scheduler_scheduling_algorithm_priority_evaluation_seconds
scheduler_scheduling_algorithm_preemption_evaluation
->scheduler_scheduling_algorithm_preemption_evaluation_seconds
scheduler_binding_latency_microseconds
->scheduler_binding_duration_seconds
kubeproxy_sync_proxy_rules_latency_microseconds
->kubeproxy_sync_proxy_rules_duration_seconds
apiserver_request_latencies
->apiserver_request_duration_seconds
apiserver_dropped_requests
->apiserver_dropped_requests_total
etcd_request_latencies_summary
->etcd_request_duration_seconds
apiserver_storage_transformation_latencies_microseconds
->apiserver_storage_transformation_duration_seconds
apiserver_storage_data_key_generation_latencies_microseconds
->apiserver_storage_data_key_generation_duration_seconds
apiserver_request_count
->apiserver_request_total
apiserver_request_latencies_summary
- The following replacement metrics are available from v1.15.0:
apiserver_storage_transformation_failures_total
->apiserver_storage_transformation_operations_total
(#76496, @danielqsj) [SIG API Machinery, Cluster Lifecycle, Instrumentation, Network, Node and Scheduling]
- The following replacement metrics are available from v1.14.0:
- the following deprecated APIs can no longer be served:
- All resources under
apps/v1beta1
andapps/v1beta2
- useapps/v1
instead daemonsets
,deployments
,replicasets
resources underextensions/v1beta1
- useapps/v1
insteadnetworkpolicies
resources underextensions/v1beta1
- usenetworking.k8s.io/v1
insteadpodsecuritypolicies
resources underextensions/v1beta1
- usepolicy/v1beta1
instead (#85903, @liggitt) [SIG API Machinery, Apps, Cluster Lifecycle, Instrumentation and Testing]
- All resources under
- Azure service annotation service.beta.kubernetes.io/azure-load-balancer-disable-tcp-reset has been deprecated. Its support would be removed in a future release. (#88462, @feiskyer) [SIG Cloud Provider]
- The StreamingProxyRedirects feature and
--redirect-container-streaming
flag are deprecated, and will be removed in a future release. The default behavior (proxy streaming requests through the kubelet) will be the only supported option. If you are setting--redirect-container-streaming=true
, then you must migrate off this configuration. The flag will no longer be able to be enabled starting in v1.20. If you are not setting the flag, no action is necessary. (#88290, @tallclair) [SIG API Machinery and Node] - resource metrics endpoint
/metrics/resource/v1alpha1
as well as all metrics under this endpoint have been deprecated. Please convert to the following metrics emitted by endpoint/metrics/resource
: - scrape_error --> scrape_error - node_cpu_usage_seconds_total --> node_cpu_usage_seconds - node_memory_working_set_bytes --> node_memory_working_set_bytes - container_cpu_usage_seconds_total --> container_cpu_usage_seconds - container_memory_working_set_bytes --> container_memory_working_set_bytes - scrape_error --> scrape_error (#86282, @RainbowMango) [SIG Node] - In a future release, kubelet will no longer create the CSI NodePublishVolume target directory, in accordance with the CSI specification. CSI drivers may need to be updated accordingly to properly create and process the target path. (#75535) [SIG Storage]
--healthz-port
and--metrics-port
flags are deprecated, please use--healthz-bind-address
and--metrics-bind-address
instead (#88512, @SataQiu) [SIG Network]- a new
EndpointSliceProxying
feature gate has been added to control the use of EndpointSlices in kube-proxy. The EndpointSlice feature gate that used to control this behavior no longer affects kube-proxy. This feature has been disabled by default. (#86137, @robscott)
- command line option "kubelet-version" for
kubeadm upgrade node
has been deprecated and will be removed in a future release. (#87942, @SataQiu) [SIG Cluster Lifecycle] - deprecate the usage of the experimental flag '--use-api' under the 'kubeadm alpha certs renew' command. (#88827, @neolit123) [SIG Cluster Lifecycle]
- kube-dns is deprecated and will not be supported in a future version (#86574, @SataQiu) [SIG Cluster Lifecycle]
- the
ClusterStatus
struct present in the kubeadm-config ConfigMap is deprecated and will be removed in a future version. It is going to be maintained by kubeadm until it gets removed. The same information can be found onetcd
andkube-apiserver
pod annotations,kubeadm.kubernetes.io/etcd.advertise-client-urls
andkubeadm.kubernetes.io/kube-apiserver.advertise-address.endpoint
respectively. (#87656, @ereslibre) [SIG Cluster Lifecycle]
- the boolean and unset values for the --dry-run flag are deprecated and a value --dry-run=server|client|none will be required in a future version. (#87580, @julianvmodesto) [SIG CLI]
kubectl apply --server-dry-run
is deprecated and replaced with --dry-run=server (#87580, @julianvmodesto) [SIG CLI]
- Remove cluster-monitoring addon (#85512, @serathius) [SIG Cluster Lifecycle, Instrumentation, Scalability and Testing]
- The
scheduling_duration_seconds
summary metric is deprecated (#86586, @xiaoanyunfei) [SIG Scheduling] - The
scheduling_algorithm_predicate_evaluation_seconds
andscheduling_algorithm_priority_evaluation_seconds
metrics are deprecated, replaced byframework_extension_point_duration_seconds[extension_point="Filter"]
andframework_extension_point_duration_seconds[extension_point="Score"]
. (#86584, @xiaoanyunfei) [SIG Scheduling] AlwaysCheckAllPredicates
is deprecated in scheduler Policy API. (#86369, @Huang-Wei) [SIG Scheduling]
- The k8s.io/node-api component is no longer updated. Instead, use the RuntimeClass types located within k8s.io/api, and the generated clients located within k8s.io/client-go (#87503, @liggitt) [SIG Node and Release]
- Removed the 'client' label from apiserver_request_total. (#87669, @logicalhan) [SIG API Machinery and Instrumentation]
- A new IngressClass resource has been added to enable better Ingress configuration. (#88509, @robscott) [SIG API Machinery, Apps, CLI, Network, Node and Testing]
- The CSIDriver API has graduated to storage.k8s.io/v1, and is now available for use. (#84814, @huffmanca) [SIG Storage]
- autoscaling/v2beta2 HorizontalPodAutoscaler added a
spec.behavior
field that allows scale behavior to be configured. Behaviors are specified separately for scaling up and down. In each direction a stabilization window can be specified as well as a list of policies and how to select amongst them. Policies can limit the absolute number of pods added or removed, or the percentage of pods added or removed. (#74525, @gliush) [SIG API Machinery, Apps, Autoscaling and CLI] - Ingress:
spec.ingressClassName
replaces the deprecatedkubernetes.io/ingress.class
annotation, and allows associating an Ingress object with a particular controller.- path definitions added a
pathType
field to allow indicating how the specified path should be matched against incoming requests. Valid values areExact
,Prefix
, andImplementationSpecific
(#88587, @cmluciano) [SIG Apps, Cluster Lifecycle and Network]
- The alpha feature
AnyVolumeDataSource
enables PersistentVolumeClaim objects to use the spec.dataSource field to reference a custom type as a data source (#88636, @bswartz) [SIG Apps and Storage] - The alpha feature
ConfigurableFSGroupPolicy
enables v1 Pods to specify a spec.securityContext.fsGroupChangePolicy policy to control how file permissions are applied to volumes mounted into the pod. (#88488, @gnufied) [SIG Storage] - The alpha feature
ServiceAppProtocol
enables setting anappProtocol
field in ServicePort and EndpointPort definitions. (#88503, @robscott) [SIG Apps and Network] - The alpha feature
ImmutableEphemeralVolumes
enables animmutable
field in both Secret and ConfigMap objects to mark their contents as immutable. (#86377, @wojtek-t) [SIG Apps, CLI and Testing]
- The beta feature
ServerSideApply
enables tracking and managing changed fields for all new objects, which means there will bemanagedFields
inmetadata
with the list of managers and their owned fields. - The alpha feature
ServiceAccountIssuerDiscovery
enables publishing OIDC discovery information and service account token verification keys at/.well-known/openid-configuration
and/openid/v1/jwks
endpoints by API servers configured to issue service account tokens. (#80724, @cceckman) [SIG API Machinery, Auth, Cluster Lifecycle and Testing] - CustomResourceDefinition schemas that use
x-kubernetes-list-map-keys
to specify properties that uniquely identify list items must make those properties required or have a default value, to ensure those properties are present for all list items. See https://kubernetes.io/docs/reference/using-api/api-concepts/#merge-strategy for details. (#88076, @eloyekunle) [SIG API Machinery and Testing] - CustomResourceDefinition schemas that use
x-kubernetes-list-type: map
orx-kubernetes-list-type: set
now enable validation that the list items in the corresponding custom resources are unique. (#84920, @sttts) [SIG API Machinery]
- The
--egress-selector-config-file
configuration file now accepts an apiserver.k8s.io/v1beta1 EgressSelectorConfiguration configuration object, and has been updated to allow specifying HTTP or GRPC connections to the network proxy (#87179, @Jefftree) [SIG API Machinery, Cloud Provider and Cluster Lifecycle]
- A kubescheduler.config.k8s.io/v1alpha2 configuration file version is now accepted, with support for multiple scheduling profiles (#87628, @alculquicondor) [SIG Scheduling]
- HardPodAffinityWeight moved from a top level ComponentConfig parameter to a PluginConfig parameter of InterPodAffinity Plugin in
kubescheduler.config.k8s.io/v1alpha2
(#88002, @alculquicondor) [SIG Scheduling and Testing] - Kube-scheduler can run more than one scheduling profile. Given a pod, the profile is selected by using its
.spec.schedulerName
. (#88285, @alculquicondor) [SIG Apps, Scheduling and Testing] - Scheduler Extenders can now be configured in the v1alpha2 component config (#88768, @damemi) [SIG Release, Scheduling and Testing]
- The PostFilter of scheduler framework is renamed to PreScore in kubescheduler.config.k8s.io/v1alpha2. (#87751, @skilxn-go) [SIG Scheduling and Testing]
- HardPodAffinityWeight moved from a top level ComponentConfig parameter to a PluginConfig parameter of InterPodAffinity Plugin in
- Added kube-proxy flags
--ipvs-tcp-timeout
,--ipvs-tcpfin-timeout
,--ipvs-udp-timeout
to configure IPVS connection timeouts. (#85517, @andrewsykim) [SIG Cluster Lifecycle and Network] - Added optional
--detect-local-mode
flag to kube-proxy. Valid values are "ClusterCIDR" (default matching previous behavior) and "NodeCIDR" (#87748, @satyasm) [SIG Cluster Lifecycle, Network and Scheduling] - Kube-controller-manager and kube-scheduler expose profiling by default to match the kube-apiserver. Use
--enable-profiling=false
to disable. (#88663, @deads2k) [SIG API Machinery, Cloud Provider and Scheduling] - Kubelet pod resources API now provides the information about active pods only. (#79409, @takmatsu) [SIG Node]
- New flag
--endpointslice-updates-batch-period
in kube-controller-manager can be used to reduce the number of endpointslice updates generated by pod changes. (#88745, @mborsz) [SIG API Machinery, Apps and Network] - New flag
--show-hidden-metrics-for-version
in kube-proxy, kubelet, kube-controller-manager, and kube-scheduler can be used to show all hidden metrics that are deprecated in the previous minor release. (#85279, @RainbowMango) [SIG Cluster Lifecycle and Network]
- VolumePVCDataSource (#88686, @j-griffith) [SIG Storage]
- TaintBasedEvictions (#87487, @skilxn-go) [SIG API Machinery, Apps, Node, Scheduling and Testing]
- BlockVolume and CSIBlockVolume (#88673, @jsafrane) [SIG Storage]
- Windows RunAsUserName (#87790, @marosset) [SIG Apps and Windows]
- The following feature gates are removed, because the associated features were unconditionally enabled in previous releases: CustomResourceValidation, CustomResourceSubresources, CustomResourceWebhookConversion, CustomResourcePublishOpenAPI, CustomResourceDefaulting (#87475, @liggitt) [SIG API Machinery]
- API request throttling (due to a high rate of requests) is now reported in client-go logs at log level 2. The messages are of the form:
Throttling request took 1.50705208s, request: GET:<URL>
The presence of these messages may indicate to the administrator the need to tune the cluster accordingly. (#87740, @jennybuckley) [SIG API Machinery] - Add support for mount options to the FC volume plugin (#87499, @ejweber) [SIG Storage]
- Added a config-mode flag in azure auth module to enable getting AAD token without spn: prefix in audience claim. When it's not specified, the default behavior doesn't change. (#87630, @weinong) [SIG API Machinery, Auth, CLI and Cloud Provider]
- Allow for configuration of CoreDNS replica count (#85837, @pickledrick) [SIG Cluster Lifecycle]
- Allow user to specify resource using --filename flag when invoking kubectl exec (#88460, @soltysh) [SIG CLI and Testing]
- Apiserver added a new flag --goaway-chance which is the fraction of requests that will be closed gracefully(GOAWAY) to prevent HTTP/2 clients from getting stuck on a single apiserver. (#88567, @answer1991) [SIG API Machinery]
- Azure Cloud Provider now supports using Azure network resources (Virtual Network, Load Balancer, Public IP, Route Table, Network Security Group, etc.) in different AAD Tenant and Subscription than those for the Kubernetes cluster. To use the feature, please reference https://github.com/kubernetes-sigs/cloud-provider-azure/blob/master/docs/cloud-provider-config.md#host-network-resources-in-different-aad-tenant-and-subscription. (#88384, @bowen5) [SIG Cloud Provider]
- Azure VMSS/VMSSVM clients now suppress requests on throttling (#86740, @feiskyer) [SIG Cloud Provider]
- Azure cloud provider cache TTL is configurable, list of the azure cloud provider is as following:
- "availabilitySetNodesCacheTTLInSeconds"
- "vmssCacheTTLInSeconds"
- "vmssVirtualMachinesCacheTTLInSeconds"
- "vmCacheTTLInSeconds"
- "loadBalancerCacheTTLInSeconds"
- "nsgCacheTTLInSeconds"
- "routeTableCacheTTLInSeconds" (#86266, @zqingqing1) [SIG Cloud Provider]
- Azure global rate limit is switched to per-client. A set of new rate limit configure options are introduced, including routeRateLimit, SubnetsRateLimit, InterfaceRateLimit, RouteTableRateLimit, LoadBalancerRateLimit, PublicIPAddressRateLimit, SecurityGroupRateLimit, VirtualMachineRateLimit, StorageAccountRateLimit, DiskRateLimit, SnapshotRateLimit, VirtualMachineScaleSetRateLimit and VirtualMachineSizeRateLimit. The original rate limit options would be default values for those new client's rate limiter. (#86515, @feiskyer) [SIG Cloud Provider]
- Azure network and VM clients now suppress requests on throttling (#87122, @feiskyer) [SIG Cloud Provider]
- Azure storage clients now suppress requests on throttling (#87306, @feiskyer) [SIG Cloud Provider]
- Azure: add support for single stack IPv6 (#88448, @aramase) [SIG Cloud Provider]
- DefaultConstraints can be specified for PodTopologySpread Plugin in the scheduler’s ComponentConfig (#88671, @alculquicondor) [SIG Scheduling]
- DisableAvailabilitySetNodes is added to avoid VM list for VMSS clusters. It should only be used when vmType is "vmss" and all the nodes (including control plane nodes) are VMSS virtual machines. (#87685, @feiskyer) [SIG Cloud Provider]
- Elasticsearch supports automatically setting the advertise address (#85944, @SataQiu) [SIG Cluster Lifecycle and Instrumentation]
- EndpointSlices will now be enabled by default. A new
EndpointSliceProxying
feature gate determines if kube-proxy will use EndpointSlices, this is disabled by default. (#86137, @robscott) [SIG Network] - Kube-proxy: Added dual-stack IPv4/IPv6 support to the iptables proxier. (#82462, @vllry) [SIG Network]
- Kubeadm now supports automatic calculations of dual-stack node cidr masks to kube-controller-manager. (#85609, @Arvinderpal) [SIG Cluster Lifecycle]
- Kubeadm: add a upgrade health check that deploys a Job (#81319, @neolit123) [SIG Cluster Lifecycle]
- Kubeadm: add the experimental feature gate PublicKeysECDSA that can be used to create a cluster with ECDSA certificates from "kubeadm init". Renewal of existing ECDSA certificates is also supported using "kubeadm alpha certs renew", but not switching between the RSA and ECDSA algorithms on the fly or during upgrades. (#86953, @rojkov) [SIG API Machinery, Auth and Cluster Lifecycle]
- Kubeadm: implemented structured output of 'kubeadm config images list' command in JSON, YAML, Go template and JsonPath formats (#86810, @bart0sh) [SIG Cluster Lifecycle]
- Kubeadm: on kubeconfig certificate renewal, keep the embedded CA in sync with the one on disk (#88052, @neolit123) [SIG Cluster Lifecycle]
- Kubeadm: reject a node joining the cluster if a node with the same name already exists (#81056, @neolit123) [SIG Cluster Lifecycle]
- Kubeadm: support Windows specific kubelet flags in kubeadm-flags.env (#88287, @gab-satchi) [SIG Cluster Lifecycle and Windows]
- Kubeadm: support automatic retry after failing to pull image (#86899, @SataQiu) [SIG Cluster Lifecycle]
- Kubeadm: upgrade supports fallback to the nearest known etcd version if an unknown k8s version is passed (#88373, @SataQiu) [SIG Cluster Lifecycle]
- Kubectl/drain: add disable-eviction option.Force drain to use delete, even if eviction is supported. This will bypass checking PodDisruptionBudgets, and should be used with caution. (#85571, @michaelgugino) [SIG CLI]
- Kubectl/drain: add skip-wait-for-delete-timeout option. If a pod’s
DeletionTimestamp
is older than N seconds, skip waiting for the pod. Seconds must be greater than 0 to skip. (#85577, @michaelgugino) [SIG CLI] - Option
preConfiguredBackendPoolLoadBalancerTypes
is added to azure cloud provider for the pre-configured load balancers, possible values:""
,"internal"
,"external"
,"all"
(#86338, @gossion) [SIG Cloud Provider] - PodTopologySpread plugin now excludes terminatingPods when making scheduling decisions. (#87845, @Huang-Wei) [SIG Scheduling]
- Provider/azure: Network security groups can now be in a separate resource group. (#87035, @CecileRobertMichon) [SIG Cloud Provider]
- SafeSysctlWhitelist: add net.ipv4.ping_group_range (#85463, @AkihiroSuda) [SIG Auth]
- Scheduler framework permit plugins now run at the end of the scheduling cycle, after reserve plugins. Waiting on permit will remain in the beginning of the binding cycle. (#88199, @mateuszlitwin) [SIG Scheduling]
- Scheduler: Add DefaultBinder plugin (#87430, @alculquicondor) [SIG Scheduling and Testing]
- Skip default spreading scoring plugin for pods that define TopologySpreadConstraints (#87566, @skilxn-go) [SIG Scheduling]
- The kubectl --dry-run flag now accepts the values 'client', 'server', and 'none', to support client-side and server-side dry-run strategies. The boolean and unset values for the --dry-run flag are deprecated and a value will be required in a future version. (#87580, @julianvmodesto) [SIG CLI]
- Support server-side dry-run in kubectl with --dry-run=server for commands including apply, patch, create, run, annotate, label, set, autoscale, drain, rollout undo, and expose. (#87714, @julianvmodesto) [SIG API Machinery, CLI and Testing]
- Add --dry-run=server|client to kubectl delete, taint, replace (#88292, @julianvmodesto) [SIG CLI and Testing]
- The feature PodTopologySpread (feature gate
EvenPodsSpread
) has been enabled by default in 1.18. (#88105, @Huang-Wei) [SIG Scheduling and Testing] - The kubelet and the default docker runtime now support running ephemeral containers in the Linux process namespace of a target container. Other container runtimes must implement support for this feature before it will be available for that runtime. (#84731, @verb) [SIG Node]
- The underlying format of the
CPUManager
state file has changed. Upgrades should be seamless, but any third-party tools that rely on reading the previous format need to be updated. (#84462, @klueska) [SIG Node and Testing] - Update CNI version to v0.8.5 (#78819, @justaugustus) [SIG API Machinery, Cluster Lifecycle, Network, Release and Testing]
- Webhooks have alpha support for network proxy (#85870, @Jefftree) [SIG API Machinery, Auth and Testing]
- When client certificate files are provided, reload files for new connections, and close connections when a certificate changes. (#79083, @jackkleeman) [SIG API Machinery, Auth, Node and Testing]
- When deleting objects using kubectl with the --force flag, you are no longer required to also specify --grace-period=0. (#87776, @brianpursley) [SIG CLI]
- Windows nodes on GCE can use virtual TPM-based authentication to the control plane. (#85466, @pjh) [SIG Cluster Lifecycle]
- You can now pass "--node-ip ::" to kubelet to indicate that it should autodetect an IPv6 address to use as the node's primary address. (#85850, @danwinship) [SIG Cloud Provider, Network and Node]
kubectl
now contains akubectl alpha debug
command. This command allows attaching an ephemeral container to a running pod for the purposes of debugging. (#88004, @verb) [SIG CLI]- TLS Server Name overrides can now be specified in a kubeconfig file and via --tls-server-name in kubectl (#88769, @deads2k) [SIG API Machinery, Auth and CLI]
- Add
rest_client_rate_limiter_duration_seconds
metric to component-base to track client side rate limiter latency in seconds. Broken down by verb and URL. (#88134, @jennybuckley) [SIG API Machinery, Cluster Lifecycle and Instrumentation] - Added two client certificate metrics for exec auth:
rest_client_certificate_expiration_seconds
a gauge reporting the lifetime of the current client certificate. Reports the time of expiry in seconds since January 1, 1970 UTC.rest_client_certificate_rotation_age
a histogram reporting the age of a just rotated client certificate in seconds. (#84382, @sambdavidson) [SIG API Machinery, Auth, Cluster Lifecycle and Instrumentation]
- Controller manager serve workqueue metrics (#87967, @zhan849) [SIG API Machinery]
- Following metrics have been turned off:
- kubelet_pod_worker_latency_microseconds
- kubelet_pod_start_latency_microseconds
- kubelet_cgroup_manager_latency_microseconds
- kubelet_pod_worker_start_latency_microseconds
- kubelet_pleg_relist_latency_microseconds
- kubelet_pleg_relist_interval_microseconds
- kubelet_eviction_stats_age_microseconds
- kubelet_runtime_operations
- kubelet_runtime_operations_latency_microseconds
- kubelet_runtime_operations_errors
- kubelet_device_plugin_registration_count
- kubelet_device_plugin_alloc_latency_microseconds
- kubelet_docker_operations
- kubelet_docker_operations_latency_microseconds
- kubelet_docker_operations_errors
- kubelet_docker_operations_timeout
- network_plugin_operations_latency_microseconds (#83841, @RainbowMango) [SIG Network and Node]
- Kube-apiserver metrics will now include request counts, latencies, and response sizes for /healthz, /livez, and /readyz requests. (#83598, @jktomer) [SIG API Machinery]
- Kubelet now exports a
server_expiration_renew_failure
andclient_expiration_renew_failure
metric counter if the certificate rotations cannot be performed. (#84614, @rphillips) [SIG API Machinery, Auth, CLI, Cloud Provider, Cluster Lifecycle, Instrumentation, Node and Release] - Kubelet: the metric process_start_time_seconds be marked as with the ALPHA stability level. (#85446, @RainbowMango) [SIG API Machinery, Cluster Lifecycle, Instrumentation and Node]
- New metric
kubelet_pleg_last_seen_seconds
to aid diagnosis of PLEG not healthy issues. (#86251, @bboreham) [SIG Node]
- Fixed a regression with clients prior to 1.15 not being able to update podIP in pod status, or podCIDR in node spec, against >= 1.16 API servers (#88505, @liggitt) [SIG Apps and Network]
- Fixed "kubectl describe statefulsets.apps" printing garbage for rolling update partition (#85846, @phil9909) [SIG CLI]
- Add a event to PV when filesystem on PV does not match actual filesystem on disk (#86982, @gnufied) [SIG Storage]
- Add azure disk WriteAccelerator support (#87945, @andyzhangx) [SIG Cloud Provider and Storage]
- Add delays between goroutines for vm instance update (#88094, @aramase) [SIG Cloud Provider]
- Add init containers log to cluster dump info. (#88324, @zhouya0) [SIG CLI]
- Addons: elasticsearch discovery supports IPv6 (#85543, @SataQiu) [SIG Cluster Lifecycle and Instrumentation]
- Adds "volume.beta.kubernetes.io/migrated-to" annotation to PV's and PVC's when they are migrated to signal external provisioners to pick up those objects for Provisioning and Deleting. (#87098, @davidz627) [SIG Storage]
- All api-server log request lines in a more greppable format. (#87203, @lavalamp) [SIG API Machinery]
- Azure VMSS LoadBalancerBackendAddressPools updating has been improved with sequential-sync + concurrent-async requests. (#88699, @feiskyer) [SIG Cloud Provider]
- Azure cloud provider now obtains AAD token who audience claim will not have spn: prefix (#87590, @weinong) [SIG Cloud Provider]
- AzureFile and CephFS use the new Mount library that prevents logging of sensitive mount options. (#88684, @saad-ali) [SIG Storage]
- Bind dns-horizontal containers to linux nodes to avoid Windows scheduling on kubernetes cluster includes linux nodes and windows nodes (#83364, @wawa0210) [SIG Cluster Lifecycle and Windows]
- Bind kube-dns containers to linux nodes to avoid Windows scheduling (#83358, @wawa0210) [SIG Cluster Lifecycle and Windows]
- Bind metadata-agent containers to linux nodes to avoid Windows scheduling on kubernetes cluster includes linux nodes and windows nodes (#83363, @wawa0210) [SIG Cluster Lifecycle, Instrumentation and Windows]
- Bind metrics-server containers to linux nodes to avoid Windows scheduling on kubernetes cluster includes linux nodes and windows nodes (#83362, @wawa0210) [SIG Cluster Lifecycle, Instrumentation and Windows]
- Bug fixes: Make sure we include latest packages node #351 (@caseydavenport) (#84163, @david-tigera) [SIG Cluster Lifecycle]
- CPU limits are now respected for Windows containers. If a node is over-provisioned, no weighting is used, only limits are respected. (#86101, @PatrickLang) [SIG Node, Testing and Windows]
- Changed core_pattern on COS nodes to be an absolute path. (#86329, @mml) [SIG Cluster Lifecycle and Node]
- Client-go certificate manager rotation gained the ability to preserve optional intermediate chains accompanying issued certificates (#88744, @jackkleeman) [SIG API Machinery and Auth]
- Cloud provider config CloudProviderBackoffMode has been removed since it won't be used anymore. (#88463, @feiskyer) [SIG Cloud Provider]
- Conformance image now depends on stretch-slim instead of debian-hyperkube-base as that image is being deprecated and removed. (#88702, @dims) [SIG Cluster Lifecycle, Release and Testing]
- Deprecate --generator flag from kubectl create commands (#88655, @soltysh) [SIG CLI]
- During initialization phase (preflight), kubeadm now verifies the presence of the conntrack executable (#85857, @hnanni) [SIG Cluster Lifecycle]
- EndpointSlice should not contain endpoints for terminating pods (#89056, @andrewsykim) [SIG Apps and Network]
- Evictions due to pods breaching their ephemeral storage limits are now recorded by the
kubelet_evictions
metric and can be alerted on. (#87906, @smarterclayton) [SIG Node] - Filter published OpenAPI schema by making nullable, required fields non-required in order to avoid kubectl to wrongly reject null values. (#85722, @sttts) [SIG API Machinery]
- Fix /readyz to return error immediately after a shutdown is initiated, before the --shutdown-delay-duration has elapsed. (#88911, @tkashem) [SIG API Machinery]
- Fix API Server potential memory leak issue in processing watch request. (#85410, @answer1991) [SIG API Machinery]
- Fix EndpointSlice controller race condition and ensure that it handles external changes to EndpointSlices. (#85703, @robscott) [SIG Apps and Network]
- Fix IPv6 addresses lost issue in pure ipv6 vsphere environment (#86001, @hubv) [SIG Cloud Provider]
- Fix LoadBalancer rule checking so that no unexpected LoadBalancer updates are made (#85990, @feiskyer) [SIG Cloud Provider]
- Fix a bug in kube-proxy that caused it to crash when using load balancers with a different IP family (#87117, @aojea) [SIG Network]
- Fix a bug in port-forward: named port not working with service (#85511, @oke-py) [SIG CLI]
- Fix a bug in the dual-stack IPVS proxier where stale IPv6 endpoints were not being cleaned up (#87695, @andrewsykim) [SIG Network]
- Fix a bug that orphan revision cannot be adopted and statefulset cannot be synced (#86801, @likakuli) [SIG Apps]
- Fix a bug where ExternalTrafficPolicy is not applied to service ExternalIPs. (#88786, @freehan) [SIG Network]
- Fix a bug where kubenet fails to parse the tc output. (#83572, @chendotjs) [SIG Network]
- Fix a regression in kubenet that prevent pods to obtain ip addresses (#85993, @chendotjs) [SIG Network and Node]
- Fix azure file AuthorizationFailure (#85475, @andyzhangx) [SIG Cloud Provider and Storage]
- Fix bug where EndpointSlice controller would attempt to modify shared objects. (#85368, @robscott) [SIG API Machinery, Apps and Network]
- Fix handling of aws-load-balancer-security-groups annotation. Security-Groups assigned with this annotation are no longer modified by kubernetes which is the expected behaviour of most users. Also no unnecessary Security-Groups are created anymore if this annotation is used. (#83446, @Elias481) [SIG Cloud Provider]
- Fix invalid VMSS updates due to incorrect cache (#89002, @ArchangelSDY) [SIG Cloud Provider]
- Fix isCurrentInstance for Windows by removing the dependency of hostname. (#89138, @feiskyer) [SIG Cloud Provider]
- Fix issue #85805 about a resource not found in azure cloud provider when LoadBalancer specified in another resource group. (#86502, @levimm) [SIG Cloud Provider]
- Fix kubectl annotate error when local=true is set (#86952, @zhouya0) [SIG CLI]
- Fix kubectl create deployment image name (#86636, @zhouya0) [SIG CLI]
- Fix
kubectl drain ignore
daemonsets and others. (#87361, @zhouya0) [SIG CLI] - Fix missing "apiVersion" for "involvedObject" in Events for Nodes. (#87537, @uthark) [SIG Apps and Node]
- Fix nil pointer dereference in azure cloud provider (#85975, @ldx) [SIG Cloud Provider]
- Fix regression in statefulset conversion which prevents applying a statefulset multiple times. (#87706, @liggitt) [SIG Apps and Testing]
- Fix route conflicted operations when updating multiple routes together (#88209, @feiskyer) [SIG Cloud Provider]
- Fix that prevents repeated fetching of PVC/PV objects by kubelet when processing of pod volumes fails. While this prevents hammering API server in these error scenarios, it means that some errors in processing volume(s) for a pod could now take up to 2-3 minutes before retry. (#88141, @tedyu) [SIG Node and Storage]
- Fix the bug PIP's DNS is deleted if no DNS label service annotation isn't set. (#87246, @nilo19) [SIG Cloud Provider]
- Fix control plane hosts rolling upgrade causing thundering herd of LISTs on etcd leading to control plane unavailability. (#86430, @wojtek-t) [SIG API Machinery, Node and Testing]
- Fix: add azure disk migration support for CSINode (#88014, @andyzhangx) [SIG Cloud Provider and Storage]
- Fix: add non-retriable errors in azure clients (#87941, @andyzhangx) [SIG Cloud Provider]
- Fix: add remediation in azure disk attach/detach (#88444, @andyzhangx) [SIG Cloud Provider]
- Fix: azure data disk should use same key as os disk by default (#86351, @andyzhangx) [SIG Cloud Provider]
- Fix: azure disk could not mounted on Standard_DC4s/DC2s instances (#86612, @andyzhangx) [SIG Cloud Provider and Storage]
- Fix: azure file mount timeout issue (#88610, @andyzhangx) [SIG Cloud Provider and Storage]
- Fix: check disk status before disk azure disk (#88360, @andyzhangx) [SIG Cloud Provider]
- Fix: corrupted mount point in csi driver (#88569, @andyzhangx) [SIG Storage]
- Fix: get azure disk lun timeout issue (#88158, @andyzhangx) [SIG Cloud Provider and Storage]
- Fix: update azure disk max count (#88201, @andyzhangx) [SIG Cloud Provider and Storage]
- Fixed "requested device X but found Y" attach error on AWS. (#85675, @jsafrane) [SIG Cloud Provider and Storage]
- Fixed NetworkPolicy validation that
Except
values are accepted when they are outside the CIDR range. (#86578, @tnqn) [SIG Network] - Fixed a bug in the TopologyManager. Previously, the TopologyManager would only guarantee alignment if container creation was serialized in some way. Alignment is now guaranteed under all scenarios of container creation. (#87759, @klueska) [SIG Node]
- Fixed a bug which could prevent a provider ID from ever being set for node if an error occurred determining the provider ID when the node was added. (#87043, @zjs) [SIG Apps and Cloud Provider]
- Fixed a data race in the kubelet image manager that can cause static pod workers to silently stop working. (#88915, @roycaihw) [SIG Node]
- Fixed a panic in the kubelet cleaning up pod volumes (#86277, @tedyu) [SIG Storage]
- Fixed a regression where the kubelet would fail to update the ready status of pods. (#84951, @tedyu) [SIG Node]
- Fixed an issue that could cause the kubelet to incorrectly run concurrent pod reconciliation loops and crash. (#89055, @tedyu) [SIG Node]
- Fixed block CSI volume cleanup after timeouts. (#88660, @jsafrane) [SIG Storage]
- Fixed cleaning of CSI raw block volumes. (#87978, @jsafrane) [SIG Storage]
- Fixed AWS Cloud Provider attempting to delete LoadBalancer security group it didn’t provision, and fixed AWS Cloud Provider creating a default LoadBalancer security group even if annotation
service.beta.kubernetes.io/aws-load-balancer-security-groups
is present because the intended behavior of aws-load-balancer-security-groups is to replace all security groups assigned to the load balancer. (#84265, @bhagwat070919) [SIG Cloud Provider] - Fixed two scheduler metrics (pending_pods and schedule_attempts_total) not being recorded (#87692, @everpeace) [SIG Scheduling]
- Fixes an issue with kubelet-reported pod status on deleted/recreated pods. (#86320, @liggitt) [SIG Node]
- Fixes conversion error in multi-version custom resources that could cause metadata.generation to increment on no-op patches or updates of a custom resource. (#88995, @liggitt) [SIG API Machinery]
- Fixes issue where AAD token obtained by kubectl is incompatible with on-behalf-of flow and oidc. The audience claim before this fix has "spn:" prefix. After this fix, "spn:" prefix is omitted. (#86412, @weinong) [SIG API Machinery, Auth and Cloud Provider]
- Fixes an issue where you can't attach more than 15 GCE Persistent Disks to c2, n2, m1, m2 machine types. (#88602, @yuga711) [SIG Storage]
- Fixes kube-proxy when EndpointSlice feature gate is enabled on Windows. (#86016, @robscott) [SIG Auth and Network]
- Fixes kubelet crash in client certificate rotation cases (#88079, @liggitt) [SIG API Machinery, Auth and Node]
- Fixes service account token admission error in clusters that do not run the service account token controller (#87029, @liggitt) [SIG Auth]
- Fixes v1.17.0 regression in --service-cluster-ip-range handling with IPv4 ranges larger than 65536 IP addresses (#86534, @liggitt) [SIG Network]
- Fixes wrong validation result of NetworkPolicy PolicyTypes (#85747, @tnqn) [SIG Network]
- For subprotocol negotiation, both client and server protocol is required now. (#86646, @tedyu) [SIG API Machinery and Node]
- For volumes that allow attaches across multiple nodes, attach and detach operations across different nodes are now executed in parallel. (#88678, @verult) [SIG Storage]
- Garbage collector now can correctly orphan ControllerRevisions when StatefulSets are deleted with orphan propagation policy. (#84984, @cofyc) [SIG Apps]
Get-kube.sh
uses the gcloud's current local GCP service account for auth when the provider is GCE or GKE instead of the metadata server default (#88383, @BenTheElder) [SIG Cluster Lifecycle]- Golang/x/net has been updated to bring in fixes for CVE-2020-9283 (#88381, @BenTheElder) [SIG API Machinery, CLI, Cloud Provider, Cluster Lifecycle and Instrumentation]
- If a serving certificate’s param specifies a name that is an IP for an SNI certificate, it will have priority for replying to server connections. (#85308, @deads2k) [SIG API Machinery]
- Improved yaml parsing performance (#85458, @cjcullen) [SIG API Machinery, CLI, Cloud Provider, Cluster Lifecycle, Instrumentation and Node]
- Improves performance of the node authorizer (#87696, @liggitt) [SIG Auth]
- In GKE alpha clusters it will be possible to use the service annotation
cloud.google.com/network-tier: Standard
(#88487, @zioproto) [SIG Cloud Provider] - Includes FSType when describing CSI persistent volumes. (#85293, @huffmanca) [SIG CLI and Storage]
- Iptables/userspace proxy: improve performance by getting local addresses only once per sync loop, instead of for every external IP (#85617, @andrewsykim) [SIG API Machinery, CLI, Cloud Provider, Cluster Lifecycle, Instrumentation and Network]
- Kube-aggregator: always sets unavailableGauge metric to reflect the current state of a service. (#87778, @p0lyn0mial) [SIG API Machinery]
- Kube-apiserver: fixed a conflict error encountered attempting to delete a pod with gracePeriodSeconds=0 and a resourceVersion precondition (#85516, @michaelgugino) [SIG API Machinery]
- Kube-proxy no longer modifies shared EndpointSlices. (#86092, @robscott) [SIG Network]
- Kube-proxy: on dual-stack mode, if it is not able to get the IP Family of an endpoint, logs it with level InfoV(4) instead of Warning, avoiding flooding the logs for endpoints without addresses (#88934, @aojea) [SIG Network]
- Kubeadm allows to configure single-stack clusters if dual-stack is enabled (#87453, @aojea) [SIG API Machinery, Cluster Lifecycle and Network]
- Kubeadm now includes CoreDNS version 1.6.7 (#86260, @rajansandeep) [SIG Cluster Lifecycle]
- Kubeadm upgrades always persist the etcd backup for stacked (#86861, @SataQiu) [SIG Cluster Lifecycle]
- Kubeadm: 'kubeadm alpha kubelet config download' has been removed, please use 'kubeadm upgrade node phase kubelet-config' instead (#87944, @SataQiu) [SIG Cluster Lifecycle]
- Kubeadm: Forward cluster name to the controller-manager arguments (#85817, @ereslibre) [SIG Cluster Lifecycle]
- Kubeadm: add support for the "ci/k8s-master" version label as a replacement for "ci-cross/*", which no longer exists. (#86609, @Pensu) [SIG Cluster Lifecycle]
- Kubeadm: apply further improvements to the tentative support for concurrent etcd member join. Fixes a bug where multiple members can receive the same hostname. Increase the etcd client dial timeout and retry timeout for add/remove/... operations. (#87505, @neolit123) [SIG Cluster Lifecycle]
- Kubeadm: don't write the kubelet environment file on "upgrade apply" (#85412, @boluisa) [SIG Cluster Lifecycle]
- Kubeadm: fix potential panic when executing "kubeadm reset" with a corrupted kubelet.conf file (#86216, @neolit123) [SIG Cluster Lifecycle]
- Kubeadm: fix the bug that 'kubeadm upgrade' hangs in single node cluster (#88434, @SataQiu) [SIG Cluster Lifecycle]
- Kubeadm: make sure images are pre-pulled even if a tag did not change but their contents changed (#85603, @bart0sh) [SIG Cluster Lifecycle]
- Kubeadm: remove 'kubeadm upgrade node config' command since it was deprecated in v1.15, please use 'kubeadm upgrade node phase kubelet-config' instead (#87975, @SataQiu) [SIG Cluster Lifecycle]
- Kubeadm: remove the deprecated CoreDNS feature-gate. It was set to "true" since v1.11 when the feature went GA. In v1.13 it was marked as deprecated and hidden from the CLI. (#87400, @neolit123) [SIG Cluster Lifecycle]
- Kubeadm: retry
kubeadm-config
ConfigMap creation or mutation if the apiserver is not responding. This will improve resiliency when joining new control plane nodes. (#85763, @ereslibre) [SIG Cluster Lifecycle] - Kubeadm: tolerate whitespace when validating certificate authority PEM data in kubeconfig files (#86705, @neolit123) [SIG Cluster Lifecycle]
- Kubeadm: use bind-address option to configure the kube-controller-manager and kube-scheduler http probes (#86493, @aojea) [SIG Cluster Lifecycle]
- Kubeadm: uses the api-server AdvertiseAddress IP family to choose the etcd endpoint IP family for non external etcd clusters (#85745, @aojea) [SIG Cluster Lifecycle]
- Kubectl cluster-info dump --output-directory=xxx now generates files with an extension depending on the output format. (#82070, @olivierlemasle) [SIG CLI]
Kubectl describe <type>
andkubectl top pod
will return a message saying"No resources found"
or"No resources found in <namespace> namespace"
if there are no results to display. (#87527, @brianpursley) [SIG CLI]Kubectl drain node --dry-run
will list pods that would be evicted or deleted (#82660, @sallyom) [SIG CLI]Kubectl set resources
will no longer return an error if passed an empty change for a resource.kubectl set subject
will no longer return an error if passed an empty change for a resource. (#85490, @sallyom) [SIG CLI]- Kubelet metrics gathered through metrics-server or prometheus should no longer timeout for Windows nodes running more than 3 pods. (#87730, @marosset) [SIG Node, Testing and Windows]
- Kubelet metrics have been changed to buckets. For example the
exec/{podNamespace}/{podID}/{containerName}
is now just exec. (#87913, @cheftako) [SIG Node] - Kubelets perform fewer unnecessary pod status update operations on the API server. (#88591, @smarterclayton) [SIG Node and Scalability]
- Kubernetes will try to acquire the iptables lock every 100 msec during 5 seconds instead of every second. This is especially useful for environments using kube-proxy in iptables mode with a high churn rate of services. (#85771, @aojea) [SIG Network]
- Limit number of instances in a single update to GCE target pool to 1000. (#87881, @wojtek-t) [SIG Cloud Provider, Network and Scalability]
- Make Azure clients only retry on specified HTTP status codes (#88017, @feiskyer) [SIG Cloud Provider]
- Make error message and service event message more clear (#86078, @feiskyer) [SIG Cloud Provider]
- Minimize AWS NLB health check timeout when externalTrafficPolicy set to Local (#73363, @kellycampbell) [SIG Cloud Provider]
- Pause image contains "Architecture" in non-amd64 images (#87954, @BenTheElder) [SIG Release]
- Pause image upgraded to 3.2 in kubelet and kubeadm. (#88173, @BenTheElder) [SIG CLI, Cluster Lifecycle, Node and Testing]
- Plugin/PluginConfig and Policy APIs are mutually exclusive when running the scheduler (#88864, @alculquicondor) [SIG Scheduling]
- Remove
FilteredNodesStatuses
argument fromPreScore
's interface. (#88189, @skilxn-go) [SIG Scheduling and Testing] - Resolved a performance issue in the node authorizer index maintenance. (#87693, @liggitt) [SIG Auth]
- Resolved regression in admission, authentication, and authorization webhook performance in v1.17.0-rc.1 (#85810, @liggitt) [SIG API Machinery and Testing]
- Resolves performance regression in
kubectl get all
and in client-go discovery clients constructed usingNewDiscoveryClientForConfig
orNewDiscoveryClientForConfigOrDie
. (#86168, @liggitt) [SIG API Machinery] - Reverted a kubectl azure auth module change where oidc claim spn: prefix was omitted resulting a breaking behavior with existing Azure AD OIDC enabled api-server (#87507, @weinong) [SIG API Machinery, Auth and Cloud Provider]
- Shared informers are now more reliable in the face of network disruption. (#86015, @squeed) [SIG API Machinery]
- Specifying PluginConfig for the same plugin more than once fails scheduler startup. Specifying extenders and configuring .ignoredResources for the NodeResourcesFit plugin fails (#88870, @alculquicondor) [SIG Scheduling]
- Terminating a restartPolicy=Never pod no longer has a chance to report the pod succeeded when it actually failed. (#88440, @smarterclayton) [SIG Node and Testing]
- The CSR signing cert/key pairs will be reloaded from disk like the kube-apiserver cert/key pairs (#86816, @deads2k) [SIG API Machinery, Apps and Auth]
- The EventRecorder from k8s.io/client-go/tools/events will now create events in the default namespace (instead of kube-system) when the related object does not have it set. (#88815, @enj) [SIG API Machinery]
- The audit event sourceIPs list will now always end with the IP that sent the request directly to the API server. (#87167, @tallclair) [SIG API Machinery and Auth]
- The sample-apiserver aggregated conformance test has updated to use the Kubernetes v1.17.0 sample apiserver (#84735, @liggitt) [SIG API Machinery, Architecture, CLI and Testing]
- To reduce chances of throttling, VM cache is set to nil when Azure node provisioning state is deleting (#87635, @feiskyer) [SIG Cloud Provider]
- VMSS cache is added so that less chances of VMSS GET throttling (#85885, @nilo19) [SIG Cloud Provider]
- Wait for kubelet & kube-proxy to be ready on Windows node within 10s (#85228, @YangLu1031) [SIG Cluster Lifecycle]
kubectl apply -f <file> --prune -n <namespace>
should prune all resources not defined in the file in the cli specified namespace. (#85613, @MartinKaburu) [SIG CLI]kubectl create clusterrolebinding
creates rbac.authorization.k8s.io/v1 object (#85889, @oke-py) [SIG CLI]kubectl diff
now returns 1 only on diff finding changes, and >1 on kubectl errors. The "exit status code 1" message has also been muted. (#87437, @apelisse) [SIG CLI and Testing]
- Update Calico to v3.8.4 (#84163, @david-tigera)[SIG Cluster Lifecycle]
- Update aws-sdk-go dependency to v1.28.2 (#87253, @SaranBalaji90)[SIG API Machinery and Cloud Provider]
- Update CNI version to v0.8.5 (#78819, @justaugustus)[SIG Release, Testing, Network, Cluster Lifecycle and API Machinery]
- Update cri-tools to v1.17.0 (#86305, @saschagrunert)[SIG Release and Cluster Lifecycle]
- Pause image upgraded to 3.2 in kubelet and kubeadm (#88173, @BenTheElder)[SIG CLI, Node, Testing and Cluster Lifecycle]
- Update CoreDNS version to 1.6.7 in kubeadm (#86260, @rajansandeep)[SIG Cluster Lifecycle]
- Update golang.org/x/crypto to fix CVE-2020-9283 (#8838, @BenTheElder)[SIG CLI, Instrumentation, API Machinery, CLuster Lifecycle and Cloud Provider]
- Update Go to 1.13.8 (#87648, @ialidzhikov)[SIG Release and Testing]
- Update Cluster-Autoscaler to 1.18.0 (#89095, @losipiuk)[SIG Autoscaling and Cluster Lifecycle]
filename | sha512 hash |
---|---|
kubernetes.tar.gz | c17231d5de2e0677e8af8259baa11a388625821c79b86362049f2edb366404d6f4b4587b8f13ccbceeb2f32c6a9fe98607f779c0f3e1caec438f002e3a2c8c21 |
kubernetes-src.tar.gz | e84ffad57c301f5d6e90f916b996d5abb0c987928c3ca6b1565f7b042588f839b994ca12c43fc36f0ffb63f9fabc15110eb08be253b8939f49cd951e956da618 |
filename | sha512 hash |
---|---|
kubernetes-client-darwin-386.tar.gz | 1aea99923d492436b3eb91aaecffac94e5d0aa2b38a0930d266fda85c665bbc4569745c409aa302247df3b578ce60324e7a489eb26240e97d4e65a67428ea3d1 |
kubernetes-client-darwin-amd64.tar.gz | 07fa7340a959740bd52b83ff44438bbd988e235277dad1e43f125f08ac85230a24a3b755f4e4c8645743444fa2b66a3602fc445d7da6d2fc3770e8c21ba24b33 |
kubernetes-client-linux-386.tar.gz | 48cebd26448fdd47aa36257baa4c716a98fda055bbf6a05230f2a3fe3c1b99b4e483668661415392190f3eebb9cb6e15c784626b48bb2541d93a37902f0e3974 |
kubernetes-client-linux-amd64.tar.gz | c3a5fedf263f07a07f59c01fea6c63c1e0b76ee8dc67c45b6c134255c28ed69171ccc2f91b6a45d6a8ec5570a0a7562e24c33b9d7b0d1a864f4dc04b178b3c04 |
kubernetes-client-linux-arm.tar.gz | a6b11a55bd38583bbaac14931a6862f8ce6493afe30947ba29e5556654a571593358278df59412bbeb6888fa127e9ae4c0047a9d46cb59394995010796df6b14 |
kubernetes-client-linux-arm64.tar.gz | 9e15331ac8010154a9b64f5488969fc8ee2f21059639896cb84c5cf4f05f4c9d1d8970cb6f9831de6b34013848227c1972c12a698d07aac1ecc056e972fe6f79 |
kubernetes-client-linux-ppc64le.tar.gz | f828fe6252678de9d4822e482f5873309ae9139b2db87298ab3273ce45d38aa07b6b9b42b76c140705f27ba71e101d58b43e59ac7259d7c08dc647ea809e207c |
kubernetes-client-linux-s390x.tar.gz | 19da4b45f0666c063934af616f3e7ed3caa99d4ee1e46d53efadc7a8a4d38e43a36ced7249acd7ad3dcc4b4f60d8451b4f7ec7727e478ee2fadd14d353228bce |
kubernetes-client-windows-386.tar.gz | 775c9afb6cb3e7c4ba53e9f48a5df2cf207234a33059bd74448bc9f177dd120fb3f9c58ab45048a566326acc43bc8a67e886e10ef99f20780c8f63bb17426ebd |
kubernetes-client-windows-amd64.tar.gz | 208d2595a5b57ac97aac75b4a2a6130f0c937f781a030bde1a432daf4bc51f2fa523fca2eb84c38798489c4b536ee90aad22f7be8477985d9691d51ad8e1c4dc |
filename | sha512 hash |
---|---|
kubernetes-server-linux-amd64.tar.gz | dcf832eae04f9f52ff473754ef5cfe697b35f4dc1a282622c94fa10943c8c35f4a8777a0c58c7de871c3c428c8973bf72d6bcd8751416d4c682125268b8fcefe |
kubernetes-server-linux-arm.tar.gz | a04e34bea28eb1c8b492e8b1dd3c0dd87ebee71a7dbbef72be10a335e553361af7e48296e504f9844496b04e66350871114d20cfac3f3b49550d8be60f324ba3 |
kubernetes-server-linux-arm64.tar.gz | a6af086b07a8c2e498f32b43e6511bf6a5e6baf358c572c6910c8df17cd6cae94f562f459714fcead1595767cb14c7f639c5735f1411173bbd38d5604c082a77 |
kubernetes-server-linux-ppc64le.tar.gz | 5a960ef5ba0c255f587f2ac0b028cd03136dc91e4efc5d1becab46417852e5524d18572b6f66259531ec6fea997da3c4d162ac153a9439672154375053fec6c7 |
kubernetes-server-linux-s390x.tar.gz | 0f32c7d9b14bc238b9a5764d8f00edc4d3bf36bcf06b340b81061424e6070768962425194a8c2025c3a7ffb97b1de551d3ad23d1591ae34dd4e3ba25ab364c33 |
filename | sha512 hash |
---|---|
kubernetes-node-linux-amd64.tar.gz | 27d8955d535d14f3f4dca501fd27e4f06fad84c6da878ea5332a5c83b6955667f6f731bfacaf5a3a23c09f14caa400f9bee927a0f269f5374de7f79cd1919b3b |
kubernetes-node-linux-arm.tar.gz | 0d56eccad63ba608335988e90b377fe8ae978b177dc836cdb803a5c99d99e8f3399a666d9477ca9cfe5964944993e85c416aec10a99323e3246141efc0b1cc9e |
kubernetes-node-linux-arm64.tar.gz | 79bb9be66f9e892d866b28e5cc838245818edb9706981fab6ccbff493181b341c1fcf6fe5d2342120a112eb93af413f5ba191cfba1ab4c4a8b0546a5ad8ec220 |
kubernetes-node-linux-ppc64le.tar.gz | 3e9e2c6f9a2747d828069511dce8b4034c773c2d122f005f4508e22518055c1e055268d9d86773bbd26fbd2d887d783f408142c6c2f56ab2f2365236fd4d2635 |
kubernetes-node-linux-s390x.tar.gz | 4f96e018c336fa13bb6df6f7217fe46a2b5c47f806f786499c429604ccba2ebe558503ab2c72f63250aa25b61dae2d166e4b80ae10f6ab37d714f87c1dcf6691 |
kubernetes-node-windows-amd64.tar.gz | ab110d76d506746af345e5897ef4f6993d5f53ac818ba69a334f3641047351aa63bfb3582841a9afca51dd0baff8b9010077d9c8ec85d2d69e4172b8d4b338b0 |
- EndpointSlice should not contain endpoints for terminating pods (#89056, @andrewsykim) [SIG Apps and Network]
- Fix a bug where ExternalTrafficPolicy is not applied to service ExternalIPs. (#88786, @freehan) [SIG Network]
- Fix invalid VMSS updates due to incorrect cache (#89002, @ArchangelSDY) [SIG Cloud Provider]
- Fix isCurrentInstance for Windows by removing the dependency of hostname. (#89138, @feiskyer) [SIG Cloud Provider]
- Fixed a data race in kubelet image manager that can cause static pod workers to silently stop working. (#88915, @roycaihw) [SIG Node]
- Fixed an issue that could cause the kubelet to incorrectly run concurrent pod reconciliation loops and crash. (#89055, @tedyu) [SIG Node]
- Kube-proxy: on dual-stack mode, if it is not able to get the IP Family of an endpoint, logs it with level InfoV(4) instead of Warning, avoiding flooding the logs for endpoints without addresses (#88934, @aojea) [SIG Network]
- Update Cluster Autoscaler to 1.18.0; changelog: https://github.com/kubernetes/autoscaler/releases/tag/cluster-autoscaler-1.18.0 (#89095, @losipiuk) [SIG Autoscaling and Cluster Lifecycle]
filename | sha512 hash |
---|---|
kubernetes.tar.gz | 3017430ca17f8a3523669b4a02c39cedfc6c48b07281bc0a67a9fbe9d76547b76f09529172cc01984765353a6134a43733b7315e0dff370bba2635dd2a6289af |
kubernetes-src.tar.gz | c5fd60601380a99efff4458b1c9cf4dc02195f6f756b36e590e54dff68f7064daf32cf63980dddee13ef9dec7a60ad4eeb47a288083fdbbeeef4bc038384e9ea |
filename | sha512 hash |
---|---|
kubernetes-client-darwin-386.tar.gz | 7e49ede167b9271d4171e477fa21d267b2fb35f80869337d5b323198dc12f71b61441975bf925ad6e6cd7b61cbf6372d386417dc1e5c9b3c87ae651021c37237 |
kubernetes-client-darwin-amd64.tar.gz | 3f5cdf0e85eee7d0773e0ae2df1c61329dea90e0da92b02dae1ffd101008dc4bade1c4951fc09f0cad306f0bcb7d16da8654334ddee43d5015913cc4ac8f3eda |
kubernetes-client-linux-386.tar.gz | b67b41c11bfecb88017c33feee21735c56f24cf6f7851b63c752495fc0fb563cd417a67a81f46bca091f74dc00fca1f296e483d2e3dfe2004ea4b42e252d30b9 |
kubernetes-client-linux-amd64.tar.gz | 1fef2197cb80003e3a5c26f05e889af9d85fbbc23e27747944d2997ace4bfa28f3670b13c08f5e26b7e274176b4e2df89c1162aebd8b9506e63b39b311b2d405 |
kubernetes-client-linux-arm.tar.gz | 84e5f4d9776490219ee94a84adccd5dfc7c0362eb330709771afcde95ec83f03d96fe7399eec218e47af0a1e6445e24d95e6f9c66c0882ef8233a09ff2022420 |
kubernetes-client-linux-arm64.tar.gz | ba613b114e0cca32fa21a3d10f845aa2f215d3af54e775f917ff93919f7dd7075efe254e4047a85a1f4b817fc2bd78006c2e8873885f1208cbc02db99e2e2e25 |
kubernetes-client-linux-ppc64le.tar.gz | 502a6938d8c4bbe04abbd19b59919d86765058ff72334848be4012cec493e0e7027c6cd950cf501367ac2026eea9f518110cb72d1c792322b396fc2f73d23217 |
kubernetes-client-linux-s390x.tar.gz | c24700e0ed2ef5c1d2dd282d638c88d90392ae90ea420837b39fd8e1cfc19525017325ccda71d8472fdaea174762208c09e1bba9bbc77c89deef6fac5e847ba2 |
kubernetes-client-windows-386.tar.gz | 0d4c5a741b052f790c8b0923c9586ee9906225e51cf4dc8a56fc303d4d61bb5bf77fba9e65151dec7be854ff31da8fc2dcd3214563e1b4b9951e6af4aa643da4 |
kubernetes-client-windows-amd64.tar.gz | 841ef2e306c0c9593f04d9528ee019bf3b667761227d9afc1d6ca8bf1aa5631dc25f5fe13ff329c4bf0c816b971fd0dec808f879721e0f3bf51ce49772b38010 |
filename | sha512 hash |
---|---|
kubernetes-server-linux-amd64.tar.gz | b373df2e6ef55215e712315a5508e85a39126bd81b7b93c6b6305238919a88c740077828a6f19bcd97141951048ef7a19806ef6b1c3e1772dbc45715c5fcb3af |
kubernetes-server-linux-arm.tar.gz | b8103cb743c23076ce8dd7c2da01c8dd5a542fbac8480e82dc673139c8ee5ec4495ca33695e7a18dd36412cf1e18ed84c8de05042525ddd8e869fbdfa2766569 |
kubernetes-server-linux-arm64.tar.gz | 8f8f05cf64fb9c8d80cdcb4935b2d3e3edc48bdd303231ae12f93e3f4d979237490744a11e24ba7f52dbb017ca321a8e31624dcffa391b8afda3d02078767fa0 |
kubernetes-server-linux-ppc64le.tar.gz | b313b911c46f2ec129537407af3f165f238e48caeb4b9e530783ffa3659304a544ed02bef8ece715c279373b9fb2c781bd4475560e02c4b98a6d79837bc81938 |
kubernetes-server-linux-s390x.tar.gz | a1b6b06571141f507b12e5ef98efb88f4b6b9aba924722b2a74f11278d29a2972ab8290608360151d124608e6e24da0eb3516d484cb5fa12ff2987562f15964a |
filename | sha512 hash |
---|---|
kubernetes-node-linux-amd64.tar.gz | 20e02ca327543cddb2568ead3d5de164cbfb2914ab6416106d906bf12fcfbc4e55b13bea4d6a515e8feab038e2c929d72c4d6909dfd7881ba69fd1e8c772ab99 |
kubernetes-node-linux-arm.tar.gz | ecd817ef05d6284f9c6592b84b0a48ea31cf4487030c9fb36518474b2a33dad11b9c852774682e60e4e8b074e6bea7016584ca281dddbe2994da5eaf909025c0 |
kubernetes-node-linux-arm64.tar.gz | 0020d32b7908ffd5055c8b26a8b3033e4702f89efcfffe3f6fcdb8a9921fa8eaaed4193c85597c24afd8c523662454f233521bb7055841a54c182521217ccc9d |
kubernetes-node-linux-ppc64le.tar.gz | e065411d66d486e7793449c1b2f5a412510b913bf7f4e728c0a20e275642b7668957050dc266952cdff09acc391369ae6ac5230184db89af6823ba400745f2fc |
kubernetes-node-linux-s390x.tar.gz | 082ee90413beaaea41d6cbe9a18f7d783a95852607f3b94190e0ca12aacdd97d87e233b87117871bfb7d0a4b6302fbc7688549492a9bc50a2f43a5452504d3ce |
kubernetes-node-windows-amd64.tar.gz | fb5aca0cc36be703f9d4033eababd581bac5de8399c50594db087a99ed4cb56e4920e960eb81d0132d696d094729254eeda2a5c0cb6e65e3abca6c8d61da579e |
kubectl
no longer defaults tohttp://localhost:8080
. If you own one of these legacy clusters, you are *strongly- encouraged to secure your server. If you cannot secure your server, you can setKUBERNETES_MASTER
if you were relying on that behavior and you're a client-go user. Set--server
,--kubeconfig
orKUBECONFIG
to make it work inkubectl
. (#86173, @soltysh) [SIG API Machinery, CLI and Testing]
- AlgorithmSource is removed from v1alpha2 Scheduler ComponentConfig (#87999, @damemi) [SIG Scheduling]
- Kube-proxy: deprecate
--healthz-port
and--metrics-port
flag, please use--healthz-bind-address
and--metrics-bind-address
instead (#88512, @SataQiu) [SIG Network] - Kubeadm: deprecate the usage of the experimental flag '--use-api' under the 'kubeadm alpha certs renew' command. (#88827, @neolit123) [SIG Cluster Lifecycle]
- A new IngressClass resource has been added to enable better Ingress configuration. (#88509, @robscott) [SIG API Machinery, Apps, CLI, Network, Node and Testing]
- Added GenericPVCDataSource feature gate to enable using arbitrary custom resources as the data source for a PVC. (#88636, @bswartz) [SIG Apps and Storage]
- Allow user to specify fsgroup permission change policy for pods (#88488, @gnufied) [SIG Apps and Storage]
- BlockVolume and CSIBlockVolume features are now GA. (#88673, @jsafrane) [SIG Apps, Node and Storage]
- CustomResourceDefinition schemas that use
x-kubernetes-list-map-keys
to specify properties that uniquely identify list items must make those properties required or have a default value, to ensure those properties are present for all list items. See https://kubernetes.io/docs/reference/using-api/api-concepts/#merge-strategy for details. (#88076, @eloyekunle) [SIG API Machinery and Testing] - Fixes a regression with clients prior to 1.15 not being able to update podIP in pod status, or podCIDR in node spec, against >= 1.16 API servers (#88505, @liggitt) [SIG Apps and Network]
- Ingress: Add Exact and Prefix maching to Ingress PathTypes (#88587, @cmluciano) [SIG Apps, Cluster Lifecycle and Network]
- Ingress: Add alternate backends via TypedLocalObjectReference (#88775, @cmluciano) [SIG Apps and Network]
- Ingress: allow wildcard hosts in IngressRule (#88858, @cmluciano) [SIG Network]
- Kube-controller-manager and kube-scheduler expose profiling by default to match the kube-apiserver. Use
--enable-profiling=false
to disable. (#88663, @deads2k) [SIG API Machinery, Cloud Provider and Scheduling] - Move TaintBasedEvictions feature gates to GA (#87487, @skilxn-go) [SIG API Machinery, Apps, Node, Scheduling and Testing]
- New flag --endpointslice-updates-batch-period in kube-controller-manager can be used to reduce number of endpointslice updates generated by pod changes. (#88745, @mborsz) [SIG API Machinery, Apps and Network]
- Scheduler Extenders can now be configured in the v1alpha2 component config (#88768, @damemi) [SIG Release, Scheduling and Testing]
- The apiserver/v1alph1#EgressSelectorConfiguration API is now beta. (#88502, @caesarxuchao) [SIG API Machinery]
- The storage.k8s.io/CSIDriver has moved to GA, and is now available for use. (#84814, @huffmanca) [SIG API Machinery, Apps, Auth, Node, Scheduling, Storage and Testing]
- VolumePVCDataSource moves to GA in 1.18 release (#88686, @j-griffith) [SIG Apps, CLI and Cluster Lifecycle]
- Add
rest_client_rate_limiter_duration_seconds
metric to component-base to track client side rate limiter latency in seconds. Broken down by verb and URL. (#88134, @jennybuckley) [SIG API Machinery, Cluster Lifecycle and Instrumentation] - Allow user to specify resource using --filename flag when invoking kubectl exec (#88460, @soltysh) [SIG CLI and Testing]
- Apiserver add a new flag --goaway-chance which is the fraction of requests that will be closed gracefully(GOAWAY) to prevent HTTP/2 clients from getting stuck on a single apiserver. After the connection closed(received GOAWAY), the client's other in-flight requests won't be affected, and the client will reconnect. The flag min value is 0 (off), max is .02 (1/50 requests); .001 (1/1000) is a recommended starting point. Clusters with single apiservers, or which don't use a load balancer, should NOT enable this. (#88567, @answer1991) [SIG API Machinery]
- Azure: add support for single stack IPv6 (#88448, @aramase) [SIG Cloud Provider]
- DefaultConstraints can be specified for the PodTopologySpread plugin in the component config (#88671, @alculquicondor) [SIG Scheduling]
- Kubeadm: support Windows specific kubelet flags in kubeadm-flags.env (#88287, @gab-satchi) [SIG Cluster Lifecycle and Windows]
- Kubectl cluster-info dump changed to only display a message telling you the location where the output was written when the output is not standard output. (#88765, @brianpursley) [SIG CLI]
- Print NotReady when pod is not ready based on its conditions. (#88240, @soltysh) [SIG CLI]
- Scheduler Extender API is now located under k8s.io/kube-scheduler/extender (#88540, @damemi) [SIG Release, Scheduling and Testing]
- Signatures on scale client methods have been modified to accept
context.Context
as a first argument. Signatures of Get, Update, and Patch methods have been updated to accept GetOptions, UpdateOptions and PatchOptions respectively. (#88599, @julianvmodesto) [SIG API Machinery, Apps, Autoscaling and CLI] - Signatures on the dynamic client methods have been modified to accept
context.Context
as a first argument. Signatures of Delete and DeleteCollection methods now accept DeleteOptions by value instead of by reference. (#88906, @liggitt) [SIG API Machinery, Apps, CLI, Cluster Lifecycle, Storage and Testing] - Signatures on the metadata client methods have been modified to accept
context.Context
as a first argument. Signatures of Delete and DeleteCollection methods now accept DeleteOptions by value instead of by reference. (#88910, @liggitt) [SIG API Machinery, Apps and Testing] - Webhooks will have alpha support for network proxy (#85870, @Jefftree) [SIG API Machinery, Auth and Testing]
- When client certificate files are provided, reload files for new connections, and close connections when a certificate changes. (#79083, @jackkleeman) [SIG API Machinery, Auth, Node and Testing]
- When deleting objects using kubectl with the --force flag, you are no longer required to also specify --grace-period=0. (#87776, @brianpursley) [SIG CLI]
kubectl
now contains akubectl alpha debug
command. This command allows attaching an ephemeral container to a running pod for the purposes of debugging. (#88004, @verb) [SIG CLI]
- Update Japanese translation for kubectl help (#86837, @inductor) [SIG CLI and Docs]
kubectl plugin
now prints a note how to install krew (#88577, @corneliusweig) [SIG CLI]
-
Azure VMSS LoadBalancerBackendAddressPools updating has been improved with squential-sync + concurrent-async requests. (#88699, @feiskyer) [SIG Cloud Provider]
-
AzureFile and CephFS use new Mount library that prevents logging of sensitive mount options. (#88684, @saad-ali) [SIG API Machinery, CLI, Cloud Provider, Cluster Lifecycle, Instrumentation and Storage]
-
Build: Enable kube-cross image-building on K8s Infra (#88562, @justaugustus) [SIG Release and Testing]
-
Client-go certificate manager rotation gained the ability to preserve optional intermediate chains accompanying issued certificates (#88744, @jackkleeman) [SIG API Machinery and Auth]
-
Conformance image now depends on stretch-slim instead of debian-hyperkube-base as that image is being deprecated and removed. (#88702, @dims) [SIG Cluster Lifecycle, Release and Testing]
-
Deprecate --generator flag from kubectl create commands (#88655, @soltysh) [SIG CLI]
-
FIX: prevent apiserver from panicking when failing to load audit webhook config file (#88879, @JoshVanL) [SIG API Machinery and Auth]
-
Fix /readyz to return error immediately after a shutdown is initiated, before the --shutdown-delay-duration has elapsed. (#88911, @tkashem) [SIG API Machinery]
-
Fix a bug where kubenet fails to parse the tc output. (#83572, @chendotjs) [SIG Network]
-
Fix describe ingress annotations not sorted. (#88394, @zhouya0) [SIG CLI]
-
Fix handling of aws-load-balancer-security-groups annotation. Security-Groups assigned with this annotation are no longer modified by kubernetes which is the expected behaviour of most users. Also no unnecessary Security-Groups are created anymore if this annotation is used. (#83446, @Elias481) [SIG Cloud Provider]
-
Fix kubectl create deployment image name (#86636, @zhouya0) [SIG CLI]
-
Fix missing "apiVersion" for "involvedObject" in Events for Nodes. (#87537, @uthark) [SIG Apps and Node]
-
Fix that prevents repeated fetching of PVC/PV objects by kubelet when processing of pod volumes fails. While this prevents hammering API server in these error scenarios, it means that some errors in processing volume(s) for a pod could now take up to 2-3 minutes before retry. (#88141, @tedyu) [SIG Node and Storage]
-
Fix: azure file mount timeout issue (#88610, @andyzhangx) [SIG Cloud Provider and Storage]
-
Fix: corrupted mount point in csi driver (#88569, @andyzhangx) [SIG Storage]
-
Fixed a bug in the TopologyManager. Previously, the TopologyManager would only guarantee alignment if container creation was serialized in some way. Alignment is now guaranteed under all scenarios of container creation. (#87759, @klueska) [SIG Node]
-
Fixed block CSI volume cleanup after timeouts. (#88660, @jsafrane) [SIG Node and Storage]
-
Fixes issue where you can't attach more than 15 GCE Persistent Disks to c2, n2, m1, m2 machine types. (#88602, @yuga711) [SIG Storage]
-
For volumes that allow attaches across multiple nodes, attach and detach operations across different nodes are now executed in parallel. (#88678, @verult) [SIG Apps, Node and Storage]
-
Hide kubectl.kubernetes.io/last-applied-configuration in describe command (#88758, @soltysh) [SIG Auth and CLI]
-
In GKE alpha clusters it will be possible to use the service annotation
cloud.google.com/network-tier: Standard
(#88487, @zioproto) [SIG Cloud Provider] -
Kubelets perform fewer unnecessary pod status update operations on the API server. (#88591, @smarterclayton) [SIG Node and Scalability]
-
Plugin/PluginConfig and Policy APIs are mutually exclusive when running the scheduler (#88864, @alculquicondor) [SIG Scheduling]
-
Specifying PluginConfig for the same plugin more than once fails scheduler startup.
Specifying extenders and configuring .ignoredResources for the NodeResourcesFit plugin fails (#88870, @alculquicondor) [SIG Scheduling]
-
Support TLS Server Name overrides in kubeconfig file and via --tls-server-name in kubectl (#88769, @deads2k) [SIG API Machinery, Auth and CLI]
-
Terminating a restartPolicy=Never pod no longer has a chance to report the pod succeeded when it actually failed. (#88440, @smarterclayton) [SIG Node and Testing]
-
The EventRecorder from k8s.io/client-go/tools/events will now create events in the default namespace (instead of kube-system) when the related object does not have it set. (#88815, @enj) [SIG API Machinery]
-
The audit event sourceIPs list will now always end with the IP that sent the request directly to the API server. (#87167, @tallclair) [SIG API Machinery and Auth]
-
Update to use golang 1.13.8 (#87648, @ialidzhikov) [SIG Release and Testing]
-
Validate kube-proxy flags --ipvs-tcp-timeout, --ipvs-tcpfin-timeout, --ipvs-udp-timeout (#88657, @chendotjs) [SIG Network]
filename | sha512 hash |
---|---|
kubernetes.tar.gz | 7c182ca905b3a31871c01ab5fdaf46f074547536c7975e069ff230af0d402dfc0346958b1d084bd2c108582ffc407484e6a15a1cd93e9affbe34b6e99409ef1f |
kubernetes-src.tar.gz | d104b8c792b1517bd730787678c71c8ee3b259de81449192a49a1c6e37a6576d28f69b05c2019cc4a4c40ddeb4d60b80138323df3f85db8682caabf28e67c2de |
filename | sha512 hash |
---|---|
kubernetes-client-darwin-386.tar.gz | bc337bb8f200a789be4b97ce99b9d7be78d35ebd64746307c28339dc4628f56d9903e0818c0888aaa9364357a528d1ac6fd34f74377000f292ec502fbea3837e |
kubernetes-client-darwin-amd64.tar.gz | 38dfa5e0b0cfff39942c913a6bcb2ad8868ec43457d35cffba08217bb6e7531720e0731f8588505f4c81193ce5ec0e5fe6870031cf1403fbbde193acf7e53540 |
kubernetes-client-linux-386.tar.gz | 8e63ec7ce29c69241120c037372c6c779e3f16253eabd612c7cbe6aa89326f5160eb5798004d723c5cd72d458811e98dac3574842eb6a57b2798ecd2bbe5bcf9 |
kubernetes-client-linux-amd64.tar.gz | c1be9f184a7c3f896a785c41cd6ece9d90d8cb9b1f6088bdfb5557d8856c55e455f6688f5f54c2114396d5ae7adc0361e34ebf8e9c498d0187bd785646ccc1d0 |
kubernetes-client-linux-arm.tar.gz | 8eab02453cfd9e847632a774a0e0cf3a33c7619fb4ced7f1840e1f71444e8719b1c8e8cbfdd1f20bb909f3abe39cdcac74f14cb9c878c656d35871b7c37c7cbe |
kubernetes-client-linux-arm64.tar.gz | f7df0ec02d2e7e63278d5386e8153cfe2b691b864f17b6452cc824a5f328d688976c975b076e60f1c6b3c859e93e477134fbccc53bb49d9e846fb038b34eee48 |
kubernetes-client-linux-ppc64le.tar.gz | 36dd5b10addca678a518e6d052c9d6edf473e3f87388a2f03f714c93c5fbfe99ace16cf3b382a531be20a8fe6f4160f8d891800dd2cff5f23c9ca12c2f4a151b |
kubernetes-client-linux-s390x.tar.gz | 5bdbb44b996ab4ccf3a383780270f5cfdbf174982c300723c8bddf0a48ae5e459476031c1d51b9d30ffd621d0a126c18a5de132ef1d92fca2f3e477665ea10cc |
kubernetes-client-windows-386.tar.gz | 5dea3d4c4e91ef889850143b361974250e99a3c526f5efee23ff9ccdcd2ceca4a2247e7c4f236bdfa77d2150157da5d676ac9c3ba26cf3a2f1e06d8827556f77 |
kubernetes-client-windows-amd64.tar.gz | db298e698391368703e6aea7f4345aec5a4b8c69f9d8ff6c99fb5804a6cea16d295fb01e70fe943ade3d4ce9200a081ad40da21bd331317ec9213f69b4d6c48f |
filename | sha512 hash |
---|---|
kubernetes-server-linux-amd64.tar.gz | c6284929dd5940e750b48db72ffbc09f73c5ec31ab3db283babb8e4e07cd8cbb27642f592009caae4717981c0db82c16312849ef4cbafe76acc4264c7d5864ac |
kubernetes-server-linux-arm.tar.gz | 6fc9552cf082c54cc0833b19876117c87ba7feb5a12c7e57f71b52208daf03eaef3ca56bd22b7bce2d6e81b5a23537cf6f5497a6eaa356c0aab1d3de26c309f9 |
kubernetes-server-linux-arm64.tar.gz | b794b9c399e548949b5bfb2fe71123e86c2034847b2c99aca34b6de718a35355bbecdae9dc2a81c49e3c82fb4b5862526a3f63c2862b438895e12c5ea884f22e |
kubernetes-server-linux-ppc64le.tar.gz | fddaed7a54f97046a91c29534645811c6346e973e22950b2607b8c119c2377e9ec2d32144f81626078cdaeca673129cc4016c1a3dbd3d43674aa777089fb56ac |
kubernetes-server-linux-s390x.tar.gz | 65951a534bb55069c7419f41cbcdfe2fae31541d8a3f9eca11fc2489addf281c5ad2d13719212657da0be5b898f22b57ac39446d99072872fbacb0a7d59a4f74 |
filename | sha512 hash |
---|---|
kubernetes-node-linux-amd64.tar.gz | 992059efb5cae7ed0ef55820368d854bad1c6d13a70366162cd3b5111ce24c371c7c87ded2012f055e08b2ff1b4ef506e1f4e065daa3ac474fef50b5efa4fb07 |
kubernetes-node-linux-arm.tar.gz | c63ae0f8add5821ad267774314b8c8c1ffe3b785872bf278e721fd5dfdad1a5db1d4db3720bea0a36bf10d9c6dd93e247560162c0eac6e1b743246f587d3b27a |
kubernetes-node-linux-arm64.tar.gz | 47adb9ddf6eaf8f475b89f59ee16fbd5df183149a11ad1574eaa645b47a6d58aec2ca70ba857ce9f1a5793d44cf7a61ebc6874793bb685edaf19410f4f76fd13 |
kubernetes-node-linux-ppc64le.tar.gz | a3bc4a165567c7b76a3e45ab7b102d6eb3ecf373eb048173f921a4964cf9be8891d0d5b8dafbd88c3af7b0e21ef3d41c1e540c3347ddd84b929b3a3d02ceb7b2 |
kubernetes-node-linux-s390x.tar.gz | 109ddf37c748f69584c829db57107c3518defe005c11fcd2a1471845c15aae0a3c89aafdd734229f4069ed18856cc650c80436684e1bdc43cfee3149b0324746 |
kubernetes-node-windows-amd64.tar.gz | a3a75d2696ad3136476ad7d811e8eabaff5111b90e592695e651d6111f819ebf0165b8b7f5adc05afb5f7f01d1e5fb64876cb696e492feb20a477a5800382b7a |
-
The StreamingProxyRedirects feature and
--redirect-container-streaming
flag are deprecated, and will be removed in a future release. The default behavior (proxy streaming requests through the kubelet) will be the only supported option. If you are setting--redirect-container-streaming=true
, then you must migrate off this configuration. The flag will no longer be able to be enabled starting in v1.20. If you are not setting the flag, no action is necessary. (#88290, @tallclair) [SIG API Machinery and Node] -
Yes.
Feature Name: Support using network resources (VNet, LB, IP, etc.) in different AAD Tenant and Subscription than those for the cluster.
Changes in Pull Request:
- Add properties
networkResourceTenantID
andnetworkResourceSubscriptionID
in cloud provider auth config section, which indicates the location of network resources. - Add function
GetMultiTenantServicePrincipalToken
to fetch multi-tenant service principal token, which will be used by Azure VM/VMSS Clients in this feature. - Add function
GetNetworkResourceServicePrincipalToken
to fetch network resource service principal token, which will be used by Azure Network Resource (Load Balancer, Public IP, Route Table, Network Security Group and their sub level resources) Clients in this feature. - Related unit tests.
None.
User Documentation: In PR kubernetes-sigs/cloud-provider-azure#301 (#88384, @bowen5) [SIG Cloud Provider]
- Add properties
- Azure service annotation service.beta.kubernetes.io/azure-load-balancer-disable-tcp-reset has been deprecated. Its support would be removed in a future release. (#88462, @feiskyer) [SIG Cloud Provider]
- API additions to apiserver types (#87179, @Jefftree) [SIG API Machinery, Cloud Provider and Cluster Lifecycle]
- Add Scheduling Profiles to kubescheduler.config.k8s.io/v1alpha2 (#88087, @alculquicondor) [SIG Scheduling and Testing]
- Added support for multiple sizes huge pages on a container level (#84051, @bart0sh) [SIG Apps, Node and Storage]
- AppProtocol is a new field on Service and Endpoints resources, enabled with the ServiceAppProtocol feature gate. (#88503, @robscott) [SIG Apps and Network]
- Fixed missing validation of uniqueness of list items in lists with
x-kubernetes-list-type: map
or x-kubernetes-list-type: set` in CustomResources. (#84920, @sttts) [SIG API Machinery] - Introduces optional --detect-local flag to kube-proxy. Currently the only supported value is "cluster-cidr", which is the default if not specified. (#87748, @satyasm) [SIG Cluster Lifecycle, Network and Scheduling]
- Kube-scheduler can run more than one scheduling profile. Given a pod, the profile is selected by using its
.spec.SchedulerName
. (#88285, @alculquicondor) [SIG Apps, Scheduling and Testing] - Moving Windows RunAsUserName feature to GA (#87790, @marosset) [SIG Apps and Windows]
- Add --dry-run to kubectl delete, taint, replace (#88292, @julianvmodesto) [SIG CLI and Testing]
- Add huge page stats to Allocated resources in "kubectl describe node" (#80605, @odinuge) [SIG CLI]
- Kubeadm: The ClusterStatus struct present in the kubeadm-config ConfigMap is deprecated and will be removed on a future version. It is going to be maintained by kubeadm until it gets removed. The same information can be found on
etcd
andkube-apiserver
pod annotations,kubeadm.kubernetes.io/etcd.advertise-client-urls
andkubeadm.kubernetes.io/kube-apiserver.advertise-address.endpoint
respectively. (#87656, @ereslibre) [SIG Cluster Lifecycle] - Kubeadm: add the experimental feature gate PublicKeysECDSA that can be used to create a cluster with ECDSA certificates from "kubeadm init". Renewal of existing ECDSA certificates is also supported using "kubeadm alpha certs renew", but not switching between the RSA and ECDSA algorithms on the fly or during upgrades. (#86953, @rojkov) [SIG API Machinery, Auth and Cluster Lifecycle]
- Kubeadm: on kubeconfig certificate renewal, keep the embedded CA in sync with the one on disk (#88052, @neolit123) [SIG Cluster Lifecycle]
- Kubeadm: upgrade supports fallback to the nearest known etcd version if an unknown k8s version is passed (#88373, @SataQiu) [SIG Cluster Lifecycle]
- New flag
--show-hidden-metrics-for-version
in kube-scheduler can be used to show all hidden metrics that deprecated in the previous minor release. (#84913, @serathius) [SIG Instrumentation and Scheduling] - Scheduler framework permit plugins now run at the end of the scheduling cycle, after reserve plugins. Waiting on permit will remain in the beginning of the binding cycle. (#88199, @mateuszlitwin) [SIG Scheduling]
- The kubelet and the default docker runtime now support running ephemeral containers in the Linux process namespace of a target container. Other container runtimes must implement this feature before it will be available in that runtime. (#84731, @verb) [SIG Node]
- Add delays between goroutines for vm instance update (#88094, @aramase) [SIG Cloud Provider]
- Add init containers log to cluster dump info. (#88324, @zhouya0) [SIG CLI]
- CPU limits are now respected for Windows containers. If a node is over-provisioned, no weighting is used - only limits are respected. (#86101, @PatrickLang) [SIG Node, Testing and Windows]
- Cloud provider config CloudProviderBackoffMode has been removed since it won't be used anymore. (#88463, @feiskyer) [SIG Cloud Provider]
- Evictions due to pods breaching their ephemeral storage limits are now recorded by the
kubelet_evictions
metric and can be alerted on. (#87906, @smarterclayton) [SIG Node] - Fix: add remediation in azure disk attach/detach (#88444, @andyzhangx) [SIG Cloud Provider]
- Fix: check disk status before disk azure disk (#88360, @andyzhangx) [SIG Cloud Provider]
- Fixed cleaning of CSI raw block volumes. (#87978, @jsafrane) [SIG Storage]
- Get-kube.sh uses the gcloud's current local GCP service account for auth when the provider is GCE or GKE instead of the metadata server default (#88383, @BenTheElder) [SIG Cluster Lifecycle]
- Golang/x/net has been updated to bring in fixes for CVE-2020-9283 (#88381, @BenTheElder) [SIG API Machinery, CLI, Cloud Provider, Cluster Lifecycle and Instrumentation]
- Kubeadm now includes CoreDNS version 1.6.7 (#86260, @rajansandeep) [SIG Cluster Lifecycle]
- Kubeadm: fix the bug that 'kubeadm upgrade' hangs in single node cluster (#88434, @SataQiu) [SIG Cluster Lifecycle]
- Optimize kubectl version help info (#88313, @zhouya0) [SIG CLI]
- Removes the deprecated command
kubectl rolling-update
(#88057, @julianvmodesto) [SIG Architecture, CLI and Testing]
filename | sha512 hash |
---|---|
kubernetes.tar.gz | 6452cac2b80721e9f577cb117c29b9ac6858812b4275c2becbf74312566f7d016e8b34019bd1bf7615131b191613bf9b973e40ad9ac8f6de9007d41ef2d7fd70 |
kubernetes-src.tar.gz | e41d9d4dd6910a42990051fcdca4bf5d3999df46375abd27ffc56aae9b455ae984872302d590da6aa85bba6079334fb5fe511596b415ee79843dee1c61c137da |
filename | sha512 hash |
---|---|
kubernetes-client-darwin-386.tar.gz | 5c95935863492b31d4aaa6be93260088dafea27663eb91edca980ca3a8485310e60441bc9050d4d577e9c3f7ffd96db516db8d64321124cec1b712e957c9fe1c |
kubernetes-client-darwin-amd64.tar.gz | 868faa578b3738604d8be62fae599ccc556799f1ce54807f1fe72599f20f8a1f98ad8152fac14a08a463322530b696d375253ba3653325e74b587df6e0510da3 |
kubernetes-client-linux-386.tar.gz | 76a89d1d30b476b47f8fb808e342f89608e5c1c1787c4c06f2d7e763f9482e2ae8b31e6ad26541972e2b9a3a7c28327e3150cdd355e8b8d8b050a801bbf08d49 |
kubernetes-client-linux-amd64.tar.gz | 07ad96a09b44d1c707d7c68312c5d69b101a3424bf1e6e9400b2e7a3fba78df04302985d473ddd640d8f3f0257be34110dbe1304b9565dd9d7a4639b7b7b85fd |
kubernetes-client-linux-arm.tar.gz | c04fed9fa370a75c1b8e18b2be0821943bb9befcc784d14762ea3278e73600332a9b324d5eeaa1801d20ad6be07a553c41dcf4fa7ab3eadd0730ab043d687c8c |
kubernetes-client-linux-arm64.tar.gz | 4199147dea9954333df26d34248a1cb7b02ebbd6380ffcd42d9f9ed5fdabae45a59215474dab3c11436c82e60bd27cbd03b3dde288bf611cd3e78b87c783c6a9 |
kubernetes-client-linux-ppc64le.tar.gz | 4f6d4d61d1c52d3253ca19031ebcd4bad06d19b68bbaaab5c8e8c590774faea4a5ceab1f05f2706b61780927e1467815b3479342c84d45df965aba78414727c4 |
kubernetes-client-linux-s390x.tar.gz | e2a454151ae5dd891230fb516a3f73f73ab97832db66fd3d12e7f1657a569f58a9fe2654d50ddd7d8ec88a5ff5094199323a4c6d7d44dcf7edb06cca11dd4de1 |
kubernetes-client-windows-386.tar.gz | 14b262ba3b71c41f545db2a017cf1746075ada5745a858d2a62bc9df7c5dc10607220375db85e2c4cb85307b09709e58bc66a407488e0961191e3249dc7742b0 |
kubernetes-client-windows-amd64.tar.gz | 26353c294755a917216664364b524982b7f5fc6aa832ce90134bb178df8a78604963c68873f121ea5f2626ff615bdbf2ffe54e00578739cde6df42ffae034732 |
filename | sha512 hash |
---|---|
kubernetes-server-linux-amd64.tar.gz | ba77e0e7c610f59647c1b2601f82752964a0f54b7ad609a89b00fcfd553d0f0249f6662becbabaa755bb769b36a2000779f08022c40fb8cc61440337481317a1 |
kubernetes-server-linux-arm.tar.gz | 45e87b3e844ea26958b0b489e8c9b90900a3253000850f5ff9e87ffdcafba72ab8fd17b5ba092051a58a4bc277912c047a85940ec7f093dff6f9e8bf6fed3b42 |
kubernetes-server-linux-arm64.tar.gz | 155e136e3124ead69c594eead3398d6cfdbb8f823c324880e8a7bbd1b570b05d13a77a69abd0a6758cfcc7923971cc6da4d3e0c1680fd519b632803ece00d5ce |
kubernetes-server-linux-ppc64le.tar.gz | 3fa0fb8221da19ad9d03278961172b7fa29a618b30abfa55e7243bb937dede8df56658acf02e6b61e7274fbc9395e237f49c62f2a83017eca2a69f67af31c01c |
kubernetes-server-linux-s390x.tar.gz | db3199c3d7ba0b326d71dc8b80f50b195e79e662f71386a3b2976d47d13d7b0136887cc21df6f53e70a3d733da6eac7bbbf3bab2df8a1909a3cee4b44c32dd0b |
filename | sha512 hash |
---|---|
kubernetes-node-linux-amd64.tar.gz | addcdfbad7f12647e6babb8eadf853a374605c8f18bf63f416fa4d3bf1b903aa206679d840433206423a984bb925e7983366edcdf777cf5daef6ef88e53d6dfa |
kubernetes-node-linux-arm.tar.gz | b2ac54e0396e153523d116a2aaa32c919d6243931e0104cd47a23f546d710e7abdaa9eae92d978ce63c92041e63a9b56f5dd8fd06c812a7018a10ecac440f768 |
kubernetes-node-linux-arm64.tar.gz | 7aab36f2735cba805e4fd109831a1af0f586a88db3f07581b6dc2a2aab90076b22c96b490b4f6461a8fb690bf78948b6d514274f0d6fb0664081de2d44dc48e1 |
kubernetes-node-linux-ppc64le.tar.gz | a579936f07ebf86f69f297ac50ba4c34caf2c0b903f73190eb581c78382b05ef36d41ade5bfd25d7b1b658cfcbee3d7125702a18e7480f9b09a62733a512a18a |
kubernetes-node-linux-s390x.tar.gz | 58fa0359ddd48835192fab1136a2b9b45d1927b04411502c269cda07cb8a8106536973fb4c7fedf1d41893a524c9fe2e21078fdf27bfbeed778273d024f14449 |
kubernetes-node-windows-amd64.tar.gz | 9086c03cd92b440686cea6d8c4e48045cc46a43ab92ae0e70350b3f51804b9e2aaae7178142306768bae00d9ef6dd938167972bfa90b12223540093f735a45db |
- Kubeadm: command line option "kubelet-version" for
kubeadm upgrade node
has been deprecated and will be removed in a future release. (#87942, @SataQiu) [SIG Cluster Lifecycle]
- Kubelet podresources API now provides the information about active pods only. (#79409, @takmatsu) [SIG Node]
- Remove deprecated fields from .leaderElection in kubescheduler.config.k8s.io/v1alpha2 (#87904, @alculquicondor) [SIG Scheduling]
- Signatures on generated clientset methods have been modified to accept
context.Context
as a first argument. Signatures of generated Create, Update, and Patch methods have been updated to accept CreateOptions, UpdateOptions and PatchOptions respectively. Clientsets that with the previous interface have been added in new "deprecated" packages to allow incremental migration to the new APIs. The deprecated packages will be removed in the 1.21 release. (#87299, @mikedanese) [SIG API Machinery, Apps, Auth, Autoscaling, CLI, Cloud Provider, Cluster Lifecycle, Instrumentation, Network, Node, Scheduling, Storage, Testing and Windows] - The k8s.io/node-api component is no longer updated. Instead, use the RuntimeClass types located within k8s.io/api, and the generated clients located within k8s.io/client-go (#87503, @liggitt) [SIG Node and Release]
- Add indexer for storage cacher (#85445, @shaloulcy) [SIG API Machinery]
- Add support for mount options to the FC volume plugin (#87499, @ejweber) [SIG Storage]
- Added a config-mode flag in azure auth module to enable getting AAD token without spn: prefix in audience claim. When it's not specified, the default behavior doesn't change. (#87630, @weinong) [SIG API Machinery, Auth, CLI and Cloud Provider]
- Introduced BackoffManager interface for backoff management (#87829, @zhan849) [SIG API Machinery]
- PodTopologySpread plugin now excludes terminatingPods when making scheduling decisions. (#87845, @Huang-Wei) [SIG Scheduling]
- Promote CSIMigrationOpenStack to Beta (off by default since it requires installation of the OpenStack Cinder CSI Driver) The in-tree AWS OpenStack Cinder "kubernetes.io/cinder" was already deprecated a while ago and will be removed in 1.20. Users should enable CSIMigration + CSIMigrationOpenStack features and install the OpenStack Cinder CSI Driver (https://github.com/kubernetes-sigs/cloud-provider-openstack) to avoid disruption to existing Pod and PVC objects at that time. Users should start using the OpenStack Cinder CSI Driver directly for any new volumes. (#85637, @dims) [SIG Cloud Provider]
- The scheduler Permit extension point doesn't return a boolean value in its Allow() and Reject() functions. (#87936, @Huang-Wei) [SIG Scheduling]
- Adds "volume.beta.kubernetes.io/migrated-to" annotation to PV's and PVC's when they are migrated to signal external provisioners to pick up those objects for Provisioning and Deleting. (#87098, @davidz627) [SIG Apps and Storage]
- Fix a bug in the dual-stack IPVS proxier where stale IPv6 endpoints were not being cleaned up (#87695, @andrewsykim) [SIG Network]
- Fix kubectl drain ignore daemonsets and others. (#87361, @zhouya0) [SIG CLI]
- Fix: add azure disk migration support for CSINode (#88014, @andyzhangx) [SIG Cloud Provider and Storage]
- Fix: add non-retriable errors in azure clients (#87941, @andyzhangx) [SIG Cloud Provider]
- Fixed NetworkPolicy validation that Except values are accepted when they are outside the CIDR range. (#86578, @tnqn) [SIG Network]
- Improves performance of the node authorizer (#87696, @liggitt) [SIG Auth]
- Iptables/userspace proxy: improve performance by getting local addresses only once per sync loop, instead of for every external IP (#85617, @andrewsykim) [SIG API Machinery, CLI, Cloud Provider, Cluster Lifecycle, Instrumentation and Network]
- Kube-aggregator: always sets unavailableGauge metric to reflect the current state of a service. (#87778, @p0lyn0mial) [SIG API Machinery]
- Kubeadm allows to configure single-stack clusters if dual-stack is enabled (#87453, @aojea) [SIG API Machinery, Cluster Lifecycle and Network]
- Kubeadm: 'kubeadm alpha kubelet config download' has been removed, please use 'kubeadm upgrade node phase kubelet-config' instead (#87944, @SataQiu) [SIG Cluster Lifecycle]
- Kubeadm: remove 'kubeadm upgrade node config' command since it was deprecated in v1.15, please use 'kubeadm upgrade node phase kubelet-config' instead (#87975, @SataQiu) [SIG Cluster Lifecycle]
- Kubectl describe and kubectl top pod will return a message saying "No resources found" or "No resources found in namespace" if there are no results to display. (#87527, @brianpursley) [SIG CLI]
- Kubelet metrics gathered through metrics-server or prometheus should no longer timeout for Windows nodes running more than 3 pods. (#87730, @marosset) [SIG Node, Testing and Windows]
- Kubelet metrics have been changed to buckets. For example the exec/{podNamespace}/{podID}/{containerName} is now just exec. (#87913, @cheftako) [SIG Node]
- Limit number of instances in a single update to GCE target pool to 1000. (#87881, @wojtek-t) [SIG Cloud Provider, Network and Scalability]
- Make Azure clients only retry on specified HTTP status codes (#88017, @feiskyer) [SIG Cloud Provider]
- Pause image contains "Architecture" in non-amd64 images (#87954, @BenTheElder) [SIG Release]
- Pods that are considered for preemption and haven't started don't produce an error log. (#87900, @alculquicondor) [SIG Scheduling]
- Prevent error message from being displayed when running kubectl plugin list and your path includes an empty string (#87633, @brianpursley) [SIG CLI]
kubectl create clusterrolebinding
creates rbac.authorization.k8s.io/v1 object (#85889, @oke-py) [SIG CLI]
Due to a tagging bug in our Release Engineering tooling during v1.18.0-alpha.3
, we needed to push a manual tag (v1.18.0-alpha.4
).
No binaries have been produced or will be provided for v1.18.0-alpha.4
.
The changelog for v1.18.0-alpha.4
is included as part of the [changelog since v1.18.0-alpha.3][#changelog-since-v1180-alpha3] section.
filename | sha512 hash |
---|---|
kubernetes.tar.gz | 60bf3bfc23b428f53fd853bac18a4a905b980fcc0bacd35ccd6357a89cfc26e47de60975ea6b712e65980e6b9df82a22331152d9f08ed4dba44558ba23a422d4 |
kubernetes-src.tar.gz | 8adf1016565a7c93713ab6fa4293c2d13b4f6e4e1ec4dcba60bd71e218b4dbe9ef5eb7dbb469006743f498fc7ddeb21865cd12bec041af60b1c0edce8b7aecd5 |
filename | sha512 hash |
---|---|
kubernetes-client-darwin-386.tar.gz | abb32e894e8280c772e96227b574da81cd1eac374b8d29158b7f222ed550087c65482eef4a9817dfb5f2baf0d9b85fcdfa8feced0fbc1aacced7296853b57e1f |
kubernetes-client-darwin-amd64.tar.gz | 5e4b1a993264e256ec1656305de7c306094cae9781af8f1382df4ce4eed48ce030827fde1a5e757d4ad57233d52075c9e4e93a69efbdc1102e4ba810705ccddc |
kubernetes-client-linux-386.tar.gz | 68da39c2ae101d2b38f6137ceda07eb0c2124794982a62ef483245dbffb0611c1441ca085fa3127e7a9977f45646788832a783544ff06954114548ea0e526e46 |
kubernetes-client-linux-amd64.tar.gz | dc236ffa8ad426620e50181419e9bebe3c161e953dbfb8a019f61b11286e1eb950b40d7cc03423bdf3e6974973bcded51300f98b55570c29732fa492dcde761d |
kubernetes-client-linux-arm.tar.gz | ab0a8bd6dc31ea160b731593cdc490b3cc03668b1141cf95310bd7060dcaf55c7ee9842e0acae81063fdacb043c3552ccdd12a94afd71d5310b3ce056fdaa06c |
kubernetes-client-linux-arm64.tar.gz | 159ea083c601710d0d6aea423eeb346c99ffaf2abd137d35a53e87a07f5caf12fca8790925f3196f67b768fa92a024f83b50325dbca9ccd4dde6c59acdce3509 |
kubernetes-client-linux-ppc64le.tar.gz | 16b0459adfa26575d13be49ab53ac7f0ffd05e184e4e13d2dfbfe725d46bb8ac891e1fd8aebe36ecd419781d4cc5cf3bd2aaaf5263cf283724618c4012408f40 |
kubernetes-client-linux-s390x.tar.gz | d5aa1f5d89168995d2797eb839a04ce32560f405b38c1c0baaa0e313e4771ae7bb3b28e22433ad5897d36aadf95f73eb69d8d411d31c4115b6b0adf5fe041f85 |
kubernetes-client-windows-386.tar.gz | 374e16a1e52009be88c94786f80174d82dff66399bf294c9bee18a2159c42251c5debef1109a92570799148b08024960c6c50b8299a93fd66ebef94f198f34e9 |
kubernetes-client-windows-amd64.tar.gz | 5a94c1068c19271f810b994adad8e62fae03b3d4473c7c9e6d056995ff7757ea61dd8d140c9267dd41e48808876673ce117826d35a3c1bb5652752f11a044d57 |
filename | sha512 hash |
---|---|
kubernetes-server-linux-amd64.tar.gz | a677bec81f0eba75114b92ff955bac74512b47e53959d56a685dae5edd527283d91485b1e86ad74ef389c5405863badf7eb22e2f0c9a568a4d0cb495c6a5c32f |
kubernetes-server-linux-arm.tar.gz | 2fb696f86ff13ebeb5f3cf2b254bf41303644c5ea84a292782eac6123550702655284d957676d382698c091358e5c7fe73f32803699c19be7138d6530fe413b6 |
kubernetes-server-linux-arm64.tar.gz | 738e95da9cfb8f1309479078098de1c38cef5e1dd5ee1129b77651a936a412b7cd0cf15e652afc7421219646a98846ab31694970432e48dea9c9cafa03aa59cf |
kubernetes-server-linux-ppc64le.tar.gz | 7a85bfcbb2aa636df60c41879e96e788742ecd72040cb0db2a93418439c125218c58a4cfa96d01b0296c295793e94c544e87c2d98d50b49bc4cb06b41f874376 |
kubernetes-server-linux-s390x.tar.gz | 1f1cdb2efa3e7cac857203d8845df2fdaa5cf1f20df764efffff29371945ec58f6deeba06f8fbf70b96faf81b0c955bf4cb84e30f9516cb2cc1ed27c2d2185a6 |
filename | sha512 hash |
---|---|
kubernetes-node-linux-amd64.tar.gz | 4ccfced3f5ba4adfa58f4a9d1b2c5bdb3e89f9203ab0e27d11eb1c325ac323ebe63c015d2c9d070b233f5d1da76cab5349da3528511c1cd243e66edc9af381c4 |
kubernetes-node-linux-arm.tar.gz | d695a69d18449062e4c129e54ec8384c573955f8108f4b78adc2ec929719f2196b995469c728dd6656c63c44cda24315543939f85131ebc773cfe0de689df55b |
kubernetes-node-linux-arm64.tar.gz | 21df1da88c89000abc22f97e482c3aaa5ce53ec9628d83dda2e04a1d86c4d53be46c03ed6f1f211df3ee5071bce39d944ff7716b5b6ada3b9c4821d368b0a898 |
kubernetes-node-linux-ppc64le.tar.gz | ff77e3aacb6ed9d89baed92ef542c8b5cec83151b6421948583cf608bca3b779dce41fc6852961e00225d5e1502f6a634bfa61a36efa90e1aee90dedb787c2d2 |
kubernetes-node-linux-s390x.tar.gz | 57d75b7977ec1a0f6e7ed96a304dbb3b8664910f42ca19aab319a9ec33535ff5901dfca4abcb33bf5741cde6d152acd89a5f8178f0efe1dc24430e0c1af5b98f |
kubernetes-node-windows-amd64.tar.gz | 63fdbb71773cfd73a914c498e69bb9eea3fc314366c99ffb8bd42ec5b4dae807682c83c1eb5cfb1e2feb4d11d9e49cc85ba644e954241320a835798be7653d61 |
- Remove all the generators from kubectl run. It will now only create pods. Additionally, deprecates all the flags that are not relevant anymore. (#87077, @soltysh) [SIG Architecture, SIG CLI, and SIG Testing]
- kubeadm: kube-dns is deprecated and will not be supported in a future version (#86574, @SataQiu) [SIG Cluster Lifecycle]
- Add kubescheduler.config.k8s.io/v1alpha2 (#87628, @alculquicondor) [SIG Scheduling]
- --enable-cadvisor-endpoints is now disabled by default. If you need access to the cAdvisor v1 Json API please enable it explicitly in the kubelet command line. Please note that this flag was deprecated in 1.15 and will be removed in 1.19. (#87440, @dims) [SIG Instrumentation, SIG Node, and SIG Testing]
- The following feature gates are removed, because the associated features were unconditionally enabled in previous releases: CustomResourceValidation, CustomResourceSubresources, CustomResourceWebhookConversion, CustomResourcePublishOpenAPI, CustomResourceDefaulting (#87475, @liggitt) [SIG API Machinery]
-
The aggregation API will have alpha support for network proxy (#87515, @Sh4d1) [SIG API Machinery]
-
API request throttling (due to a high rate of requests) is now reported in client-go logs at log level 2. The messages are of the form
Throttling request took 1.50705208s, request: GET:
The presence of these messages, may indicate to the administrator the need to tune the cluster accordingly. (#87740, @jennybuckley) [SIG API Machinery]
-
kubeadm: reject a node joining the cluster if a node with the same name already exists (#81056, @neolit123) [SIG Cluster Lifecycle]
-
disableAvailabilitySetNodes is added to avoid VM list for VMSS clusters. It should only be used when vmType is "vmss" and all the nodes (including masters) are VMSS virtual machines. (#87685, @feiskyer) [SIG Cloud Provider]
-
The kubectl --dry-run flag now accepts the values 'client', 'server', and 'none', to support client-side and server-side dry-run strategies. The boolean and unset values for the --dry-run flag are deprecated and a value will be required in a future version. (#87580, @julianvmodesto) [SIG CLI]
-
Add support for pre-allocated hugepages for more than one page size (#82820, @odinuge) [SIG Apps]
-
Update CNI version to v0.8.5 (#78819, @justaugustus) [SIG API Machinery, SIG Cluster Lifecycle, SIG Network, SIG Release, and SIG Testing]
-
Skip default spreading scoring plugin for pods that define TopologySpreadConstraints (#87566, @skilxn-go) [SIG Scheduling]
-
Added more details to taint toleration errors (#87250, @starizard) [SIG Apps, and SIG Scheduling]
-
Scheduler: Add DefaultBinder plugin (#87430, @alculquicondor) [SIG Scheduling, and SIG Testing]
-
Kube-apiserver metrics will now include request counts, latencies, and response sizes for /healthz, /livez, and /readyz requests. (#83598, @jktomer) [SIG API Machinery]
- Fix the masters rolling upgrade causing thundering herd of LISTs on etcd leading to control plane unavailability. (#86430, @wojtek-t) [SIG API Machinery, SIG Node, and SIG Testing]
kubectl diff
now returns 1 only on diff finding changes, and >1 on kubectl errors. The "exit status code 1" message as also been muted. (#87437, @apelisse) [SIG CLI, and SIG Testing]- To reduce chances of throttling, VM cache is set to nil when Azure node provisioning state is deleting (#87635, @feiskyer) [SIG Cloud Provider]
- Fix regression in statefulset conversion which prevented applying a statefulset multiple times. (#87706, @liggitt) [SIG Apps, and SIG Testing]
- fixed two scheduler metrics (pending_pods and schedule_attempts_total) not being recorded (#87692, @everpeace) [SIG Scheduling]
- Resolved a performance issue in the node authorizer index maintenance. (#87693, @liggitt) [SIG Auth]
- Removed the 'client' label from apiserver_request_total. (#87669, @logicalhan) [SIG API Machinery, and SIG Instrumentation]
(*"k8s.io/client-go/rest".Request).{Do,DoRaw,Stream,Watch}
now require callers to pass acontext.Context
as an argument. The context is used for timeout and cancellation signaling and to pass supplementary information to round trippers in the wrapped transport chain. If you don't need any of this functionality, it is sufficient to pass a context created withcontext.Background()
to these functions. The(*"k8s.io/client-go/rest".Request).Context
method is removed now that all methods that execute a request accept a context directly. (#87597, @mikedanese) [SIG API Machinery, SIG Apps, SIG Auth, SIG Autoscaling, SIG CLI, SIG Cloud Provider, SIG Cluster Lifecycle, SIG Instrumentation, SIG Network, SIG Node, SIG Scheduling, SIG Storage, and SIG Testing]- For volumes that allow attaches across multiple nodes, attach and detach operations across different nodes are now executed in parallel. (#87258, @verult) [SIG Apps, SIG Node, and SIG Storage]
- kubeadm: apply further improvements to the tentative support for concurrent etcd member join. Fixes a bug where multiple members can receive the same hostname. Increase the etcd client dial timeout and retry timeout for add/remove/... operations. (#87505, @neolit123) [SIG Cluster Lifecycle]
- Reverted a kubectl azure auth module change where oidc claim spn: prefix was omitted resulting a breaking behavior with existing Azure AD OIDC enabled api-server (#87507, @weinong) [SIG API Machinery, SIG Auth, and SIG Cloud Provider]
- Update cri-tools to v1.17.0 (#86305, @saschagrunert) [SIG Cluster Lifecycle, and SIG Release]
- kubeadm: remove the deprecated CoreDNS feature-gate. It was set to "true" since v1.11 when the feature went GA. In v1.13 it was marked as deprecated and hidden from the CLI. (#87400, @neolit123) [SIG Cluster Lifecycle]
- Shared informers are now more reliable in the face of network disruption. (#86015, @squeed) [SIG API Machinery]
- the CSR signing cert/key pairs will be reloaded from disk like the kube-apiserver cert/key pairs (#86816, @deads2k) [SIG API Machinery, SIG Apps, and SIG Auth]
- "kubectl describe statefulsets.apps" prints garbage for rolling update partition (#85846, @phil9909) [SIG CLI]
filename | sha512 hash |
---|---|
kubernetes.tar.gz | 7af83386b4b35353f0aa1bdaf73599eb08b1d1ca11ecc2c606854aff754db69f3cd3dc761b6d7fc86f01052f615ca53185f33dbf9e53b2f926b0f02fc103fbd3 |
kubernetes-src.tar.gz | a14b02a0a0bde97795a836a8f5897b0ee6b43e010e13e43dd4cca80a5b962a1ef3704eedc7916fed1c38ec663a71db48c228c91e5daacba7d9370df98c7ddfb6 |
filename | sha512 hash |
---|---|
kubernetes-client-darwin-386.tar.gz | 427f214d47ded44519007de2ae87160c56c2920358130e474b768299751a9affcbc1b1f0f936c39c6138837bca2a97792a6700896976e98c4beee8a1944cfde1 |
kubernetes-client-darwin-amd64.tar.gz | 861fd81ac3bd45765575bedf5e002a2294aba48ef9e15980fc7d6783985f7d7fcde990ea0aef34690977a88df758722ec0a2e170d5dcc3eb01372e64e5439192 |
kubernetes-client-linux-386.tar.gz | 7d59b05d6247e2606a8321c72cd239713373d876dbb43b0fb7f1cb857fa6c998038b41eeed78d9eb67ce77b0b71776ceed428cce0f8d2203c5181b473e0bd86c |
kubernetes-client-linux-amd64.tar.gz | 7cdefb4e32bad9d2df5bb8e7e0a6f4dab2ae6b7afef5d801ac5c342d4effdeacd799081fa2dec699ecf549200786c7623c3176252010f12494a95240dd63311d |
kubernetes-client-linux-arm.tar.gz | 6212bbf0fa1d01ced77dcca2c4b76b73956cd3c6b70e0701c1fe0df5ff37160835f6b84fa2481e0e6979516551b14d8232d1c72764a559a3652bfe2a1e7488ff |
kubernetes-client-linux-arm64.tar.gz | 1f0d9990700510165ee471acb2f88222f1b80e8f6deb351ce14cf50a70a9840fb99606781e416a13231c74b2bd7576981b5348171aa33b628d2666e366cd4629 |
kubernetes-client-linux-ppc64le.tar.gz | 77e00ba12a32db81e96f8de84609de93f32c61bb3f53875a57496d213aa6d1b92c09ad5a6de240a78e1a5bf77fac587ff92874f34a10f8909ae08ca32fda45d2 |
kubernetes-client-linux-s390x.tar.gz | a39ec2044bed5a4570e9c83068e0fc0ce923ccffa44380f8bbc3247426beaff79c8a84613bcb58b05f0eb3afbc34c79fe3309aa2e0b81abcfd0aa04770e62e05 |
kubernetes-client-windows-386.tar.gz | 1a0ab88f9b7e34b60ab31d5538e97202a256ad8b7b7ed5070cae5f2f12d5d4edeae615db7a34ebbe254004b6393c6b2480100b09e30e59c9139492a3019a596a |
kubernetes-client-windows-amd64.tar.gz | 1966eb5dfb78c1bc33aaa6389f32512e3aa92584250a0164182f3566c81d901b59ec78ee4e25df658bc1dd221b5a9527d6ce3b6c487ca3e3c0b319a077caa735 |
filename | sha512 hash |
---|---|
kubernetes-server-linux-amd64.tar.gz | f814d6a3872e4572aa4da297c29def4c1fad8eba0903946780b6bf9788c72b99d71085c5aef9e12c01133b26fa4563c1766ba724ad2a8af2670a24397951a94d |
kubernetes-server-linux-arm.tar.gz | 56aa08225e546c92c2ff88ac57d3db7dd5e63640772ea72a429f080f7069827138cbc206f6f5fe3a0c01bfca043a9eda305ecdc1dcb864649114893e46b6dc84 |
kubernetes-server-linux-arm64.tar.gz | fb87128d905211ba097aa860244a376575ae2edbaca6e51402a24bc2964854b9b273e09df3d31a2bcffc91509f7eecb2118b183fb0e0eb544f33403fa235c274 |
kubernetes-server-linux-ppc64le.tar.gz | 6d21fbf39b9d3a0df9642407d6f698fabdc809aca83af197bceb58a81b25846072f407f8fb7caae2e02dc90912e3e0f5894f062f91bcb69f8c2329625d3dfeb7 |
kubernetes-server-linux-s390x.tar.gz | ddcda4dc360ca97705f71bf2a18ddacd7b7ddf77535b62e699e97a1b2dd24843751313351d0112e238afe69558e8271eba4d27ab77bb67b4b9e3fbde6eec85c9 |
filename | sha512 hash |
---|---|
kubernetes-node-linux-amd64.tar.gz | 78915a9bde35c70c67014f0cea8754849db4f6a84491a3ad9678fd3bc0203e43af5a63cfafe104ae1d56b05ce74893a87a6dcd008d7859e1af6b3bce65425b5d |
kubernetes-node-linux-arm.tar.gz | 3218e811abcb0cb09d80742def339be3916db5e9bbc62c0dc8e6d87085f7e3d9eeed79dea081906f1de78ddd07b7e3acdbd7765fdb838d262bb35602fd1df106 |
kubernetes-node-linux-arm64.tar.gz | fa22de9c4440b8fb27f4e77a5a63c5e1c8aa8aa30bb79eda843b0f40498c21b8c0ad79fff1d841bb9fef53fe20da272506de9a86f81a0b36d028dbeab2e482ce |
kubernetes-node-linux-ppc64le.tar.gz | bbda9b5cc66e8f13d235703b2a85e2c4f02fa16af047be4d27a3e198e11eb11706e4a0fbb6c20978c770b069cd4cd9894b661f09937df9d507411548c36576e0 |
kubernetes-node-linux-s390x.tar.gz | b2ed1eda013069adce2aac00b86d75b84e006cfce9bafac0b5a2bafcb60f8f2cb346b5ea44eafa72d777871abef1ea890eb3a2a05de28968f9316fa88886a8ed |
kubernetes-node-windows-amd64.tar.gz | bd8eb23dba711f31b5148257076b1bbe9629f2a75de213b2c779bd5b29279e9bf22f8bde32f4bc814f4c0cc49e19671eb8b24f4105f0fe2c1490c4b78ec3c704 |
- Bump golang/mock version to v1.3.1 (#87326, @wawa0210)
- fix a bug that orphan revision cannot be adopted and statefulset cannot be synced (#86801, @likakuli)
- Azure storage clients now suppress requests on throttling (#87306, @feiskyer)
- Introduce Alpha field
Immutable
in both Secret and ConfigMap objects to mark their contents as immutable. The implementation is hidden behind feature gateImmutableEphemeralVolumes
(currently in Alpha stage). (#86377, @wojtek-t) - EndpointSlices will now be enabled by default. A new
EndpointSliceProxying
feature gate determines if kube-proxy will use EndpointSlices, this is disabled by default. (#86137, @robscott) - kubeadm upgrades always persist the etcd backup for stacked (#86861, @SataQiu)
- Fix the bug PIP's DNS is deleted if no DNS label service annotation isn't set. (#87246, @nilo19)
- New flag
--show-hidden-metrics-for-version
in kube-controller-manager can be used to show all hidden metrics that deprecated in the previous minor release. (#85281, @RainbowMango) - Azure network and VM clients now suppress requests on throttling (#87122, @feiskyer)
kubectl apply -f <file> --prune -n <namespace>
should prune all resources not defined in the file in the cli specified namespace. (#85613, @MartinKaburu)- Fixes service account token admission error in clusters that do not run the service account token controller (#87029, @liggitt)
- CustomResourceDefinition status fields are no longer required for client validation when submitting manifests. (#87213, @hasheddan)
- All apiservers log request lines in a more greppable format. (#87203, @lavalamp)
- provider/azure: Network security groups can now be in a separate resource group. (#87035, @CecileRobertMichon)
- Cleaned up the output from
kubectl describe CSINode <name>
. (#85283, @huffmanca) - Fixed the following (#84265, @bhagwat070919)
-
- AWS Cloud Provider attempts to delete LoadBalancer security group it didn’t provision
-
- AWS Cloud Provider creates default LoadBalancer security group even if annotation [service.beta.kubernetes.io/aws-load-balancer-security-groups] is present
-
- kubelet: resource metrics endpoint
/metrics/resource/v1alpha1
as well as all metrics under this endpoint have been deprecated. (#86282, @RainbowMango)- Please convert to the following metrics emitted by endpoint
/metrics/resource
: -
- scrape_error --> scrape_error
-
- node_cpu_usage_seconds_total --> node_cpu_usage_seconds
-
- node_memory_working_set_bytes --> node_memory_working_set_bytes
-
- container_cpu_usage_seconds_total --> container_cpu_usage_seconds
-
- container_memory_working_set_bytes --> container_memory_working_set_bytes
-
- scrape_error --> scrape_error
- Please convert to the following metrics emitted by endpoint
- You can now pass "--node-ip ::" to kubelet to indicate that it should autodetect an IPv6 address to use as the node's primary address. (#85850, @danwinship)
- kubeadm: support automatic retry after failing to pull image (#86899, @SataQiu)
- TODO (#87044, @jennybuckley)
- Improved yaml parsing performance (#85458, @cjcullen)
- Fixed a bug which could prevent a provider ID from ever being set for node if an error occurred determining the provider ID when the node was added. (#87043, @zjs)
- fix a regression in kubenet that prevent pods to obtain ip addresses (#85993, @chendotjs)
- Bind kube-dns containers to linux nodes to avoid Windows scheduling (#83358, @wawa0210)
- The following features are unconditionally enabled and the corresponding
--feature-gates
flags have been removed:PodPriority
,TaintNodesByCondition
,ResourceQuotaScopeSelectors
andScheduleDaemonSetPods
(#86210, @draveness) - Bind dns-horizontal containers to linux nodes to avoid Windows scheduling on kubernetes cluster includes linux nodes and windows nodes (#83364, @wawa0210)
- fix kubectl annotate error when local=true is set (#86952, @zhouya0)
- Bug fixes: (#84163, @david-tigera)
- Make sure we include latest packages node #351 (@caseydavenport)
- fix kuebctl apply set-last-applied namespaces error (#86474, @zhouya0)
- Add VolumeBinder method to FrameworkHandle interface, which allows user to get the volume binder when implementing scheduler framework plugins. (#86940, @skilxn-go)
- elasticsearch supports automatically setting the advertise address (#85944, @SataQiu)
- If a serving certificates param specifies a name that is an IP for an SNI certificate, it will have priority for replying to server connections. (#85308, @deads2k)
- kube-proxy: Added dual-stack IPv4/IPv6 support to the iptables proxier. (#82462, @vllry)
- Azure VMSS/VMSSVM clients now suppress requests on throttling (#86740, @feiskyer)
- New metric kubelet_pleg_last_seen_seconds to aid diagnosis of PLEG not healthy issues. (#86251, @bboreham)
- For subprotocol negotiation, both client and server protocol is required now. (#86646, @tedyu)
- kubeadm: use bind-address option to configure the kube-controller-manager and kube-scheduler http probes (#86493, @aojea)
- Marked scheduler's metrics scheduling_algorithm_predicate_evaluation_seconds and (#86584, @xiaoanyunfei)
- scheduling_algorithm_priority_evaluation_seconds as deprecated. Those are replaced by framework_extension_point_duration_seconds[extenstion_point="Filter"] and framework_extension_point_duration_seconds[extenstion_point="Score"] respectively.
- Marked scheduler's scheduling_duration_seconds Summary metric as deprecated (#86586, @xiaoanyunfei)
- Add instructions about how to bring up e2e test cluster (#85836, @YangLu1031)
- If a required flag is not provided to a command, the user will only see the required flag error message, instead of the entire usage menu. (#86693, @sallyom)
- kubeadm: tolerate whitespace when validating certificate authority PEM data in kubeconfig files (#86705, @neolit123)
- kubeadm: add support for the "ci/k8s-master" version label as a replacement for "ci-cross/*", which no longer exists. (#86609, @Pensu)
- Fix EndpointSlice controller race condition and ensure that it handles external changes to EndpointSlices. (#85703, @robscott)
- Fix nil pointer dereference in azure cloud provider (#85975, @ldx)
- fix: azure disk could not mounted on Standard_DC4s/DC2s instances (#86612, @andyzhangx)
- Fixes v1.17.0 regression in --service-cluster-ip-range handling with IPv4 ranges larger than 65536 IP addresses (#86534, @liggitt)
- Adds back support for AlwaysCheckAllPredicates flag. (#86496, @ahg-g)
- Azure global rate limit is switched to per-client. A set of new rate limit configure options are introduced, including routeRateLimit, SubnetsRateLimit, InterfaceRateLimit, RouteTableRateLimit, LoadBalancerRateLimit, PublicIPAddressRateLimit, SecurityGroupRateLimit, VirtualMachineRateLimit, StorageAccountRateLimit, DiskRateLimit, SnapshotRateLimit, VirtualMachineScaleSetRateLimit and VirtualMachineSizeRateLimit. (#86515, @feiskyer)
- The original rate limit options would be default values for those new client's rate limiter.
- Fix issue #85805 about resource not found in azure cloud provider when lb specified in other resource group. (#86502, @levimm)
AlwaysCheckAllPredicates
is deprecated in scheduler Policy API. (#86369, @Huang-Wei)- Kubernetes KMS provider for data encryption now supports disabling the in-memory data encryption key (DEK) cache by setting cachesize to a negative value. (#86294, @enj)
- option
preConfiguredBackendPoolLoadBalancerTypes
is added to azure cloud provider for the pre-configured load balancers, possible values:""
,"internal"
, "external",
"all"` (#86338, @gossion) - Promote StartupProbe to beta for 1.18 release (#83437, @matthyx)
- Fixes issue where AAD token obtained by kubectl is incompatible with on-behalf-of flow and oidc. (#86412, @weinong)
- The audience claim before this fix has "spn:" prefix. After this fix, "spn:" prefix is omitted.
- change CounterVec to Counter about PLEGDiscardEvent (#86167, @yiyang5055)
- hollow-node do not use remote CRI anymore (#86425, @jkaniuk)
- hollow-node use fake CRI (#85879, @gongguan)
filename | sha512 hash |
---|---|
kubernetes.tar.gz | 0c4904efc7f4f1436119c91dc1b6c93b3bd9c7490362a394bff10099c18e1e7600c4f6e2fcbaeb2d342a36c4b20692715cf7aa8ada6dfac369f44cc9292529d7 |
kubernetes-src.tar.gz | 0a50fc6816c730ca5ae4c4f26d5ad7b049607d29f6a782a4e5b4b05ac50e016486e269dafcc6a163bd15e1a192780a9a987f1bb959696993641c603ed1e841c8 |
filename | sha512 hash |
---|---|
kubernetes-client-darwin-386.tar.gz | c6d75f7f3f20bef17fc7564a619b54e6f4a673d041b7c9ec93663763a1cc8dd16aecd7a2af70e8d54825a0eecb9762cf2edfdade840604c9a32ecd9cc2d5ac3c |
kubernetes-client-darwin-amd64.tar.gz | ca1f19db289933beace6daee6fc30af19b0e260634ef6e89f773464a05e24551c791be58b67da7a7e2a863e28b7cbcc7b24b6b9bf467113c26da76ac8f54fdb6 |
kubernetes-client-linux-386.tar.gz | af2e673653eb39c3f24a54efc68e1055f9258bdf6cf8fea42faf42c05abefc2da853f42faac3b166c37e2a7533020b8993b98c0d6d80a5b66f39e91d8ae0a3fb |
kubernetes-client-linux-amd64.tar.gz | 9009032c3f94ac8a78c1322a28e16644ce3b20989eb762685a1819148aed6e883ca8e1200e5ec37ec0853f115c67e09b5d697d6cf5d4c45f653788a2d3a2f84f |
kubernetes-client-linux-arm.tar.gz | afba9595b37a3f2eead6e3418573f7ce093b55467dce4da0b8de860028576b96b837a2fd942f9c276e965da694e31fbd523eeb39aefb902d7e7a2f169344d271 |
kubernetes-client-linux-arm64.tar.gz | 04fc3b2fe3f271807f0bc6c61be52456f26a1af904964400be819b7914519edc72cbab9afab2bb2e2ba1a108963079367cedfb253c9364c0175d1fcc64d52f5c |
kubernetes-client-linux-ppc64le.tar.gz | 04c7edab874b33175ff7bebfff5b3a032bc6eb088fcd7387ffcd5b3fa71395ca8c5f9427b7ddb496e92087dfdb09eaf14a46e9513071d3bd73df76c182922d38 |
kubernetes-client-linux-s390x.tar.gz | 499287dbbc33399a37b9f3b35e0124ff20b17b6619f25a207ee9c606ef261af61fa0c328dde18c7ce2d3dfb2eea2376623bc3425d16bc8515932a68b44f8bede |
kubernetes-client-windows-386.tar.gz | cf84aeddf00f126fb13c0436b116dd0464a625659e44c84bf863517db0406afb4eefd86807e7543c4f96006d275772fbf66214ae7d582db5865c84ac3545b3e6 |
kubernetes-client-windows-amd64.tar.gz | 69f20558ccd5cd6dbaccf29307210db4e687af21f6d71f68c69d3a39766862686ac1333ab8a5012010ca5c5e3c11676b45e498e3d4c38773da7d24bcefc46d95 |
filename | sha512 hash |
---|---|
kubernetes-server-linux-amd64.tar.gz | 3f29df2ce904a0f10db4c1d7a425a36f420867b595da3fa158ae430bfead90def2f2139f51425b349faa8a9303dcf20ea01657cb6ea28eb6ad64f5bb32ce2ed1 |
kubernetes-server-linux-arm.tar.gz | 4a21073b2273d721fbf062c254840be5c8471a010bcc0c731b101729e36e61f637cb7fcb521a22e8d24808510242f4fff8a6ca40f10e9acd849c2a47bf135f27 |
kubernetes-server-linux-arm64.tar.gz | 7f1cb6d721bedc90e28b16f99bea7e59f5ad6267c31ef39c14d34db6ad6aad87ee51d2acdd01b6903307c1c00b58ff6b785a03d5a491cc3f8a4df9a1d76d406c |
kubernetes-server-linux-ppc64le.tar.gz | 8f2b552030b5274b1c2c7c166eacd5a14b0c6ca0f23042f4c52efe87e22a167ba4460dcd66615a5ecd26d9e88336be1fb555548392e70efe59070dd2c314da98 |
kubernetes-server-linux-s390x.tar.gz | 8d9f2c96f66edafb7c8b3aa90960d29b41471743842aede6b47b3b2e61f4306fb6fc60b9ebc18820c547ee200bfedfe254c1cde962d447c791097dd30e79abdb |
filename | sha512 hash |
---|---|
kubernetes-node-linux-amd64.tar.gz | 84194cb081d1502f8ca68143569f9707d96f1a28fcf0c574ebd203321463a8b605f67bb2a365eaffb14fbeb8d55c8d3fa17431780b242fb9cba3a14426a0cd4a |
kubernetes-node-linux-arm.tar.gz | 0091e108ab94fd8683b89c597c4fdc2fbf4920b007cfcd5297072c44bc3a230dfe5ceed16473e15c3e6cf5edab866d7004b53edab95be0400cc60e009eee0d9d |
kubernetes-node-linux-arm64.tar.gz | b7e85682cc2848a35d52fd6f01c247f039ee1b5dd03345713821ea10a7fa9939b944f91087baae95eaa0665d11857c1b81c454f720add077287b091f9f19e5d3 |
kubernetes-node-linux-ppc64le.tar.gz | cd1f0849e9c62b5d2c93ff0cebf58843e178d8a88317f45f76de0db5ae020b8027e9503a5fccc96445184e0d77ecdf6f57787176ac31dbcbd01323cd0a190cbb |
kubernetes-node-linux-s390x.tar.gz | e1e697a34424c75d75415b613b81c8af5f64384226c5152d869f12fd7db1a3e25724975b73fa3d89e56e4bf78d5fd07e68a709ba8566f53691ba6a88addc79ea |
kubernetes-node-windows-amd64.tar.gz | c725a19a4013c74e22383ad3fb4cb799b3e161c4318fdad066daf806730a89bc3be3ff0f75678d02b3cbe52b2ef0c411c0639968e200b9df470be40bb2c015cc |
- action required (#85363, @immutableT)
-
- Currently, if users were to explicitly specify CacheSize of 0 for KMS provider, they would end-up with a provider that caches up to 1000 keys. This PR changes this behavior.
- Post this PR, when users supply 0 for CacheSize this will result in a validation error.
-
- CacheSize type was changed from int32 to *int32. This allows defaulting logic to differentiate between cases where users explicitly supplied 0 vs. not supplied any value.
-
- KMS Provider's endpoint (path to Unix socket) is now validated when the EncryptionConfiguration files is loaded. This used to be handled by the GRPCService.
-
- fix: azure data disk should use same key as os disk by default (#86351, @andyzhangx)
- New flag
--show-hidden-metrics-for-version
in kube-proxy can be used to show all hidden metrics that deprecated in the previous minor release. (#85279, @RainbowMango) - Remove cluster-monitoring addon (#85512, @serathius)
- Changed core_pattern on COS nodes to be an absolute path. (#86329, @mml)
- Track mount operations as uncertain if operation fails with non-final error (#82492, @gnufied)
- add kube-proxy flags --ipvs-tcp-timeout, --ipvs-tcpfin-timeout, --ipvs-udp-timeout to configure IPVS connection timeouts. (#85517, @andrewsykim)
- The sample-apiserver aggregated conformance test has updated to use the Kubernetes v1.17.0 sample apiserver (#84735, @liggitt)
- The underlying format of the
CPUManager
state file has changed. Upgrades should be seamless, but any third-party tools that rely on reading the previous format need to be updated. (#84462, @klueska) - kubernetes will try to acquire the iptables lock every 100 msec during 5 seconds instead of every second. This specially useful for environments using kube-proxy in iptables mode with a high churn rate of services. (#85771, @aojea)
- Fixed a panic in the kubelet cleaning up pod volumes (#86277, @tedyu)
- azure cloud provider cache TTL is configurable, list of the azure cloud provider is as following: (#86266, @zqingqing1)
-
- "availabilitySetNodesCacheTTLInSeconds"
-
- "vmssCacheTTLInSeconds"
-
- "vmssVirtualMachinesCacheTTLInSeconds"
-
- "vmCacheTTLInSeconds"
-
- "loadBalancerCacheTTLInSeconds"
-
- "nsgCacheTTLInSeconds"
-
- "routeTableCacheTTLInSeconds"
-
- Fixes kube-proxy when EndpointSlice feature gate is enabled on Windows. (#86016, @robscott)
- Fixes wrong validation result of NetworkPolicy PolicyTypes (#85747, @tnqn)
- Fixes an issue with kubelet-reported pod status on deleted/recreated pods. (#86320, @liggitt)
- kube-apiserver no longer serves the following deprecated APIs: (#85903, @liggitt)
* All resources under
apps/v1beta1
andapps/v1beta2
- useapps/v1
instead *daemonsets
,deployments
,replicasets
resources underextensions/v1beta1
- useapps/v1
instead *networkpolicies
resources underextensions/v1beta1
- usenetworking.k8s.io/v1
instead *podsecuritypolicies
resources underextensions/v1beta1
- usepolicy/v1beta1
instead - kubeadm: fix potential panic when executing "kubeadm reset" with a corrupted kubelet.conf file (#86216, @neolit123)
- Fix a bug in port-forward: named port not working with service (#85511, @oke-py)
- kube-proxy no longer modifies shared EndpointSlices. (#86092, @robscott)
- allow for configuration of CoreDNS replica count (#85837, @pickledrick)
- Fixed a regression where the kubelet would fail to update the ready status of pods. (#84951, @tedyu)
- Resolves performance regression in client-go discovery clients constructed using
NewDiscoveryClientForConfig
orNewDiscoveryClientForConfigOrDie
. (#86168, @liggitt) - Make error message and service event message more clear (#86078, @feiskyer)
- e2e-test-framework: add e2e test namespace dump if all tests succeed but the cleanup fails. (#85542, @schrodit)
- SafeSysctlWhitelist: add net.ipv4.ping_group_range (#85463, @AkihiroSuda)
- kubelet: the metric process_start_time_seconds be marked as with the ALPHA stability level. (#85446, @RainbowMango)
- API request throttling (due to a high rate of requests) is now reported in the kubelet (and other component) logs by default. The messages are of the form (#80649, @RobertKrawitz)
- Throttling request took 1.50705208s, request: GET:
- The presence of large numbers of these messages, particularly with long delay times, may indicate to the administrator the need to tune the cluster accordingly.
- Fix API Server potential memory leak issue in processing watch request. (#85410, @answer1991)
- Verify kubelet & kube-proxy can recover after being killed on Windows nodes (#84886, @YangLu1031)
- Fixed an issue that the scheduler only returns the first failure reason. (#86022, @Huang-Wei)
- kubectl/drain: add skip-wait-for-delete-timeout option. (#85577, @michaelgugino)
- If pod DeletionTimestamp older than N seconds, skip waiting for the pod. Seconds must be greater than 0 to skip.
- Following metrics have been turned off: (#83841, @RainbowMango)
-
- kubelet_pod_worker_latency_microseconds
-
- kubelet_pod_start_latency_microseconds
-
- kubelet_cgroup_manager_latency_microseconds
-
- kubelet_pod_worker_start_latency_microseconds
-
- kubelet_pleg_relist_latency_microseconds
-
- kubelet_pleg_relist_interval_microseconds
-
- kubelet_eviction_stats_age_microseconds
-
- kubelet_runtime_operations
-
- kubelet_runtime_operations_latency_microseconds
-
- kubelet_runtime_operations_errors
-
- kubelet_device_plugin_registration_count
-
- kubelet_device_plugin_alloc_latency_microseconds
-
- kubelet_docker_operations
-
- kubelet_docker_operations_latency_microseconds
-
- kubelet_docker_operations_errors
-
- kubelet_docker_operations_timeout
-
- network_plugin_operations_latency_microseconds
-
-
- Renamed Kubelet metric certificate_manager_server_expiration_seconds to certificate_manager_server_ttl_seconds and changed to report the second until expiration at read time rather than absolute time of expiry. (#85874, @sambdavidson)
-
- Improved accuracy of Kubelet metric rest_client_exec_plugin_ttl_seconds.
-
- Renamed Kubelet metric certificate_manager_server_expiration_seconds to certificate_manager_server_ttl_seconds and changed to report the second until expiration at read time rather than absolute time of expiry. (#85874, @sambdavidson)
- Bind metadata-agent containers to linux nodes to avoid Windows scheduling on kubernetes cluster includes linux nodes and windows nodes (#83363, @wawa0210)
- Bind metrics-server containers to linux nodes to avoid Windows scheduling on kubernetes cluster includes linux nodes and windows nodes (#83362, @wawa0210)
- During initialization phase (preflight), kubeadm now verifies the presence of the conntrack executable (#85857, @hnanni)
- VMSS cache is added so that less chances of VMSS GET throttling (#85885, @nilo19)
- Update go-winio module version from 0.4.11 to 0.4.14 (#85739, @wawa0210)
- Fix LoadBalancer rule checking so that no unexpected LoadBalancer updates are made (#85990, @feiskyer)
- kubectl drain node --dry-run will list pods that would be evicted or deleted (#82660, @sallyom)
- Windows nodes on GCE can use TPM-based authentication to the master. (#85466, @pjh)
- kubectl/drain: add disable-eviction option. (#85571, @michaelgugino)
- Force drain to use delete, even if eviction is supported. This will bypass checking PodDisruptionBudgets, and should be used with caution.
- kubeadm now errors out whenever a not supported component config version is supplied for the kubelet and kube-proxy (#85639, @rosti)
- Fixed issue with addon-resizer using deprecated extensions APIs (#85793, @bskiba)
- Includes FSType when describing CSI persistent volumes. (#85293, @huffmanca)
- kubelet now exports a "server_expiration_renew_failure" and "client_expiration_renew_failure" metric counter if the certificate rotations cannot be performed. (#84614, @rphillips)
- kubeadm: don't write the kubelet environment file on "upgrade apply" (#85412, @boluisa)
- fix azure file AuthorizationFailure (#85475, @andyzhangx)
- Resolved regression in admission, authentication, and authorization webhook performance in v1.17.0-rc.1 (#85810, @liggitt)
- kubeadm: uses the apiserver AdvertiseAddress IP family to choose the etcd endpoint IP family for non external etcd clusters (#85745, @aojea)
- kubeadm: Forward cluster name to the controller-manager arguments (#85817, @ereslibre)
- Fixed "requested device X but found Y" attach error on AWS. (#85675, @jsafrane)
- addons: elasticsearch discovery supports IPv6 (#85543, @SataQiu)
- kubeadm: retry
kubeadm-config
ConfigMap creation or mutation if the apiserver is not responding. This will improve resiliency when joining new control plane nodes. (#85763, @ereslibre) - Update Cluster Autoscaler to 1.17.0; changelog: https://github.com/kubernetes/autoscaler/releases/tag/cluster-autoscaler-1.17.0 (#85610, @losipiuk)
- Filter published OpenAPI schema by making nullable, required fields non-required in order to avoid kubectl to wrongly reject null values. (#85722, @sttts)
- kubectl set resources will no longer return an error if passed an empty change for a resource. (#85490, @sallyom)
- kubectl set subject will no longer return an error if passed an empty change for a resource.
- kube-apiserver: fixed a conflict error encountered attempting to delete a pod with gracePeriodSeconds=0 and a resourceVersion precondition (#85516, @michaelgugino)
- kubeadm: add a upgrade health check that deploys a Job (#81319, @neolit123)
- kubeadm: make sure images are pre-pulled even if a tag did not change but their contents changed (#85603, @bart0sh)
- kube-apiserver: Fixes a bug that hidden metrics can not be enabled by the command-line option
--show-hidden-metrics-for-version
. (#85444, @RainbowMango) - kubeadm now supports automatic calculations of dual-stack node cidr masks to kube-controller-manager. (#85609, @Arvinderpal)
- Fix bug where EndpointSlice controller would attempt to modify shared objects. (#85368, @robscott)
- Use context to check client closed instead of http.CloseNotifier in processing watch request which will reduce 1 goroutine for each request if proto is HTTP/2.x . (#85408, @answer1991)
- kubeadm: reset raises warnings if it cannot delete folders (#85265, @SataQiu)
- Wait for kubelet & kube-proxy to be ready on Windows node within 10s (#85228, @YangLu1031)