Skip to content

Latest commit

 

History

History
255 lines (225 loc) · 42.5 KB

CHANGELOG-1.19.md

File metadata and controls

255 lines (225 loc) · 42.5 KB

v1.19.0-alpha.1

Documentation

Downloads for v1.19.0-alpha.1

filename sha512 hash
kubernetes.tar.gz d5930e62f98948e3ae2bc0a91b2cb93c2009202657b9e798e43fcbf92149f50d991af34a49049b2640db729efc635d643d008f4b3dd6c093cac4426ee3d5d147
kubernetes-src.tar.gz 5d92125ec3ca26b6b0af95c6bb3289bb7cf60a4bad4e120ccdad06ffa523c239ca8e608015b7b5a1eb789bfdfcedbe0281518793da82a7959081fb04cf53c174

Client Binaries

filename sha512 hash
kubernetes-client-darwin-386.tar.gz 08d307dafdd8e1aa27721f97f038210b33261d1777ea173cc9ed4b373c451801988a7109566425fce32d38df70bdf0be6b8cfff69da768fbd3c303abd6dc13a5
kubernetes-client-darwin-amd64.tar.gz 08c3b722a62577d051e300ebc3c413ead1bd3e79555598a207c704064116087323215fb402bae7584b9ffd08590f36fa8a35f13f8fea1ce92e8f144e3eae3384
kubernetes-client-linux-386.tar.gz 0735978b4d4cb0601171eae3cc5603393c00f032998f51d79d3b11e4020f4decc9559905e9b02ddcb0b6c3f4caf78f779940ebc97996e3b96b98ba378fbe189d
kubernetes-client-linux-amd64.tar.gz ca55fc431d59c1a0bf1f1c248da7eab65215e438fcac223d4fc3a57fae0205869e1727b2475dfe9b165921417d68ac380a6e42bf7ea6732a34937ba2590931ce
kubernetes-client-linux-arm.tar.gz 4e1aa9e640d7cf0ccaad19377e4c3ca9a60203daa2ce0437d1d40fdea0e43759ef38797e948cdc3c676836b01e83f1bfde51effc0579bf832f6f062518f03f06
kubernetes-client-linux-arm64.tar.gz fca5df8c2919a9b3d99248120af627d9a1b5ddf177d9a10f04eb4e486c14d4e3ddb72e3abc4733b5078e0d27204a51e2f714424923fb92a5351137f82d87d6ea
kubernetes-client-linux-ppc64le.tar.gz 6a98a4f99aa8b72ec815397c5062b90d5c023092da28fa7bca1cdadf406e2d86e2fd3a0eeab28574064959c6926007423c413d9781461e433705452087430d57
kubernetes-client-linux-s390x.tar.gz 94724c17985ae2dbd3888e6896f300f95fec8dc2bf08e768849e98b05affc4381b322d802f41792b8e6da4708ce1ead2edcb8f4d5299be6267f6559b0d49e484
kubernetes-client-windows-386.tar.gz 5a076bf3a5926939c170a501f8292a38003552848c45c1f148a97605b7ac9843fb660ef81a46abe6d139f4c5eaa342d4b834a799ee7055d5a548d189b31d7124
kubernetes-client-windows-amd64.tar.gz 4b395894bfd9cfa0976512d1d58c0056a80bacefc798de294db6d3f363bd5581fd3ce2e4bdc1b902d46c8ce2ac87a98ced56b6b29544c86e8444fb8e9465faea

Server Binaries

filename sha512 hash
kubernetes-server-linux-amd64.tar.gz 6720d1b826dc20e56b0314e580403cd967430ff25bdbe08e8bf453fed339557d2a4ace114c2f524e6b6814ec9341ccdea870f784ebb53a52056ca3ab22e5cc36
kubernetes-server-linux-arm.tar.gz f09b295f5a95cc72494eb1c0e9706b237a8523eacda182778e9afdb469704c7eacd29614aff6d3d7aff3bc1783fb277d52ad56a1417f1bd973eeb9bdc8086695
kubernetes-server-linux-arm64.tar.gz 24787767abd1d67a4d0234433e1693ea3e1e906364265ee03e58ba203b66583b75d4ce0c4185756fc529997eb9a842d65841962cd228df9c182a469dbd72493d
kubernetes-server-linux-ppc64le.tar.gz a117e609729263d7bd58aac156efa33941f0f9aa651892d1abf32cfa0a984aa495fccd3be8385cae083415bfa8f81942648d5978f72e950103e42184fd0d7527
kubernetes-server-linux-s390x.tar.gz 19280a6dc20f019d23344934f8f1ec6aa17c3374b9c569d4c173535a8cd9e298b8afcabe06d232a146c9c7cb4bfe7d1d0e10aa2ab9184ace0b7987e36973aaef

Node Binaries

filename sha512 hash
kubernetes-node-linux-amd64.tar.gz c4b23f113ed13edb91b59a498d15de8b62ff1005243f2d6654a11468511c9d0ebaebb6dc02d2fa505f18df446c9221e77d7fc3147fa6704cde9bec5d6d80b5a3
kubernetes-node-linux-arm.tar.gz 8dcf5531a5809576049c455d3c5194f09ddf3b87995df1e8ca4543deff3ffd90a572539daff9aa887e22efafedfcada2e28035da8573e3733c21778e4440677a
kubernetes-node-linux-arm64.tar.gz 4b3f4dfee2034ce7d01fef57b8766851fe141fc72da0f9edeb39aca4c7a937e2dccd2c198a83fbb92db7911d81e50a98bd0a17b909645adbeb26e420197db2cd
kubernetes-node-linux-ppc64le.tar.gz df0e87f5e42056db2bbc7ef5f08ecda95d66afc3f4d0bc57f6efcc05834118c39ab53d68595d8f2bb278829e33b9204c5cce718d8bf841ce6cccbb86d0d20730
kubernetes-node-linux-s390x.tar.gz 3a6499b008a68da52f8ae12eb694885d9e10a8f805d98f28fc5f7beafea72a8e180df48b5ca31097b2d4779c61ff67216e516c14c2c812163e678518d95f22d6
kubernetes-node-windows-amd64.tar.gz c311373506cbfa0244ac92a709fbb9bddb46cbeb130733bdb689641ecee6b21a7a7f020eae4856a3f04a3845839dc5e0914cddc3478d55cd3d5af3d7804aa5ba

Changelog since v1.19.0-alpha.0

Urgent Upgrade Notes

(No, really, you MUST read this before you upgrade)

  • The StreamingProxyRedirects feature and --redirect-container-streaming flag are deprecated, and will be removed in a future release. The default behavior (proxy streaming requests through the kubelet) will be the only supported option. If you are setting --redirect-container-streaming=true, then you must migrate off this configuration. The flag will no longer be able to be enabled starting in v1.20. If you are not setting the flag, no action is necessary. (#88290, @tallclair) [SIG API Machinery and Node]

  • kubectl no longer defaults to http://localhost:8080. If you own one of these legacy clusters, you are *strongly- encouraged to secure your server. If you cannot secure your server, you can set KUBERNETES_MASTER if you were relying on that behavior and you're client-go user. Set --server, --kubeconfig or KUBECONFIG to make it work in kubectl. (#86173, @soltysh) [SIG API Machinery, CLI and Testing]

Changes by Kind

Deprecation

  • AlgorithmSource is removed from v1alpha2 Scheduler ComponentConfig (#87999, @damemi) [SIG Scheduling]
  • Azure service annotation service.beta.kubernetes.io/azure-load-balancer-disable-tcp-reset has been deprecated. Its support would be removed in a future release. (#88462, @feiskyer) [SIG Cloud Provider]
  • Kube-proxy: deprecate --healthz-port and --metrics-port flag, please use --healthz-bind-address and --metrics-bind-address instead (#88512, @SataQiu) [SIG Network]
  • Kubeadm: deprecate the usage of the experimental flag '--use-api' under the 'kubeadm alpha certs renew' command. (#88827, @neolit123) [SIG Cluster Lifecycle]
  • Kubernetes no longer supports building hyperkube images (#88676, @dims) [SIG Cluster Lifecycle and Release]

API Change

  • A new IngressClass resource has been added to enable better Ingress configuration. (#88509, @robscott) [SIG API Machinery, Apps, CLI, Network, Node and Testing]
  • API additions to apiserver types (#87179, @Jefftree) [SIG API Machinery, Cloud Provider and Cluster Lifecycle]
  • Add Scheduling Profiles to kubescheduler.config.k8s.io/v1alpha2 (#88087, @alculquicondor) [SIG Scheduling and Testing]
  • Added GenericPVCDataSource feature gate to enable using arbitrary custom resources as the data source for a PVC. (#88636, @bswartz) [SIG Apps and Storage]
  • Added support for multiple sizes huge pages on a container level (#84051, @bart0sh) [SIG Apps, Node and Storage]
  • Allow user to specify fsgroup permission change policy for pods (#88488, @gnufied) [SIG Apps and Storage]
  • AppProtocol is a new field on Service and Endpoints resources, enabled with the ServiceAppProtocol feature gate. (#88503, @robscott) [SIG Apps and Network]
  • BlockVolume and CSIBlockVolume features are now GA. (#88673, @jsafrane) [SIG Apps, Node and Storage]
  • Consumers of the 'certificatesigningrequests/approval' API must now grant permission to 'approve' CSRs for the 'signerName' specified on the CSR. More information on the new signerName field can be found at https://github.com/kubernetes/enhancements/blob/master/keps/sig-auth/20190607-certificates-api.md#signers (#88246, @munnerz) [SIG API Machinery, Apps, Auth, CLI, Node and Testing]
  • CustomResourceDefinition schemas that use x-kubernetes-list-map-keys to specify properties that uniquely identify list items must make those properties required or have a default value, to ensure those properties are present for all list items. See https://kubernetes.io/docs/reference/using-api/api-concepts/#merge-strategy for details. (#88076, @eloyekunle) [SIG API Machinery and Testing]
  • Fixed missing validation of uniqueness of list items in lists with x-kubernetes-list-type: map or x-kubernetes-list-type: set` in CustomResources. (#84920, @sttts) [SIG API Machinery]
  • Fixes a regression with clients prior to 1.15 not being able to update podIP in pod status, or podCIDR in node spec, against >= 1.16 API servers (#88505, @liggitt) [SIG Apps and Network]
  • Ingress: Add Exact and Prefix maching to Ingress PathTypes (#88587, @cmluciano) [SIG Apps, Cluster Lifecycle and Network]
  • Ingress: Add alternate backends via TypedLocalObjectReference (#88775, @cmluciano) [SIG Apps and Network]
  • Ingress: allow wildcard hosts in IngressRule (#88858, @cmluciano) [SIG Network]
  • Introduces optional --detect-local flag to kube-proxy. Currently the only supported value is "cluster-cidr", which is the default if not specified. (#87748, @satyasm) [SIG Cluster Lifecycle, Network and Scheduling]
  • Kube-controller-manager and kube-scheduler expose profiling by default to match the kube-apiserver. Use --enable-profiling=false to disable. (#88663, @deads2k) [SIG API Machinery, Cloud Provider and Scheduling]
  • Kube-scheduler can run more than one scheduling profile. Given a pod, the profile is selected by using its .spec.SchedulerName. (#88285, @alculquicondor) [SIG Apps, Scheduling and Testing]
  • Move TaintBasedEvictions feature gates to GA (#87487, @skilxn-go) [SIG API Machinery, Apps, Node, Scheduling and Testing]
  • Moving Windows RunAsUserName feature to GA (#87790, @marosset) [SIG Apps and Windows]
  • New flag --endpointslice-updates-batch-period in kube-controller-manager can be used to reduce number of endpointslice updates generated by pod changes. (#88745, @mborsz) [SIG API Machinery, Apps and Network]
  • New flag --show-hidden-metrics-for-version in kubelet can be used to show all hidden metrics that deprecated in the previous minor release. (#85282, @serathius) [SIG Node]
  • Removes ConfigMap as suggestion for IngressClass parameters (#89093, @robscott) [SIG Network]
  • Scheduler Extenders can now be configured in the v1alpha2 component config (#88768, @damemi) [SIG Release, Scheduling and Testing]
  • The apiserver/v1alph1#EgressSelectorConfiguration API is now beta. (#88502, @caesarxuchao) [SIG API Machinery]
  • The storage.k8s.io/CSIDriver has moved to GA, and is now available for use. (#84814, @huffmanca) [SIG API Machinery, Apps, Auth, Node, Scheduling, Storage and Testing]
  • VolumePVCDataSource moves to GA in 1.18 release (#88686, @j-griffith) [SIG Apps, CLI and Cluster Lifecycle]

Feature

  • deps: Update to Golang 1.13.9

  • Add --dry-run to kubectl delete, taint, replace (#88292, @julianvmodesto) [SIG CLI and Testing]

  • Add rest_client_rate_limiter_duration_seconds metric to component-base to track client side rate limiter latency in seconds. Broken down by verb and URL. (#88134, @jennybuckley) [SIG API Machinery, Cluster Lifecycle and Instrumentation]

  • Add huge page stats to Allocated resources in "kubectl describe node" (#80605, @odinuge) [SIG CLI]

  • Add support for pre allocated huge pages with different sizes, on node level (#89252, @odinuge) [SIG Apps and Node]

  • Adds support for NodeCIDR as an argument to --detect-local-mode (#88935, @satyasm) [SIG Network]

  • Allow user to specify resource using --filename flag when invoking kubectl exec (#88460, @soltysh) [SIG CLI and Testing]

  • Apiserver add a new flag --goaway-chance which is the fraction of requests that will be closed gracefully(GOAWAY) to prevent HTTP/2 clients from getting stuck on a single apiserver. After the connection closed(received GOAWAY), the client's other in-flight requests won't be affected, and the client will reconnect. The flag min value is 0 (off), max is .02 (1/50 requests); .001 (1/1000) is a recommended starting point. Clusters with single apiservers, or which don't use a load balancer, should NOT enable this. (#88567, @answer1991) [SIG API Machinery]

  • Azure Cloud Provider now supports using Azure network resources (Virtual Network, Load Balancer, Public IP, Route Table, Network Security Group, etc.) in different AAD Tenant and Subscription than those for the Kubernetes cluster. To use the feature, please reference https://github.com/kubernetes-sigs/cloud-provider-azure/blob/master/docs/cloud-provider-config.md#host-network-resources-in-different-aad-tenant-and-subscription. (#88384, @bowen5) [SIG Cloud Provider]

  • Azure: add support for single stack IPv6 (#88448, @aramase) [SIG Cloud Provider]

  • DefaultConstraints can be specified for the PodTopologySpread plugin in the component config (#88671, @alculquicondor) [SIG Scheduling]

  • EndpointSlice controller waits longer to retry failed sync. (#89438, @robscott) [SIG Apps and Network]

  • Feat: change azure disk api-version (#89250, @andyzhangx) [SIG Cloud Provider and Storage]

  • Feat: support Azure shared disk, added a new field(maxShares) in azure disk storage class:

    kind: StorageClass apiVersion: storage.k8s.io/v1 metadata: name: shared-disk provisioner: kubernetes.io/azure-disk parameters: skuname: Premium_LRS # Currently only available with premium SSDs. cachingMode: None # ReadOnly host caching is not available for premium SSDs with maxShares>1 maxShares: 2 (#89328, @andyzhangx) [SIG Cloud Provider and Storage]

  • Kube-apiserver, kube-scheduler and kube-controller manager now use SO_REUSEPORT socket option when listening on address defined by --bind-address and --secure-port flags, when running on Unix systems (Windows is NOT supported). This allows to run multiple instances of those processes on a single host with the same configuration, which allows to update/restart them in a graceful way, without causing downtime. (#88893, @invidian) [SIG API Machinery, Scheduling and Testing]

  • Kubeadm: The ClusterStatus struct present in the kubeadm-config ConfigMap is deprecated and will be removed on a future version. It is going to be maintained by kubeadm until it gets removed. The same information can be found on etcd and kube-apiserver pod annotations, kubeadm.kubernetes.io/etcd.advertise-client-urls and kubeadm.kubernetes.io/kube-apiserver.advertise-address.endpoint respectively. (#87656, @ereslibre) [SIG Cluster Lifecycle]

  • Kubeadm: add the experimental feature gate PublicKeysECDSA that can be used to create a cluster with ECDSA certificates from "kubeadm init". Renewal of existing ECDSA certificates is also supported using "kubeadm alpha certs renew", but not switching between the RSA and ECDSA algorithms on the fly or during upgrades. (#86953, @rojkov) [SIG API Machinery, Auth and Cluster Lifecycle]

  • Kubeadm: on kubeconfig certificate renewal, keep the embedded CA in sync with the one on disk (#88052, @neolit123) [SIG Cluster Lifecycle]

  • Kubeadm: support Windows specific kubelet flags in kubeadm-flags.env (#88287, @gab-satchi) [SIG Cluster Lifecycle and Windows]

  • Kubeadm: upgrade supports fallback to the nearest known etcd version if an unknown k8s version is passed (#88373, @SataQiu) [SIG Cluster Lifecycle]

  • Kubectl cluster-info dump changed to only display a message telling you the location where the output was written when the output is not standard output. (#88765, @brianpursley) [SIG CLI]

  • New flag --show-hidden-metrics-for-version in kube-scheduler can be used to show all hidden metrics that deprecated in the previous minor release. (#84913, @serathius) [SIG Instrumentation and Scheduling]

  • Print NotReady when pod is not ready based on its conditions. (#88240, @soltysh) [SIG CLI]

  • Scheduler Extender API is now located under k8s.io/kube-scheduler/extender (#88540, @damemi) [SIG Release, Scheduling and Testing]

  • Scheduler framework permit plugins now run at the end of the scheduling cycle, after reserve plugins. Waiting on permit will remain in the beginning of the binding cycle. (#88199, @mateuszlitwin) [SIG Scheduling]

  • Signatures on scale client methods have been modified to accept context.Context as a first argument. Signatures of Get, Update, and Patch methods have been updated to accept GetOptions, UpdateOptions and PatchOptions respectively. (#88599, @julianvmodesto) [SIG API Machinery, Apps, Autoscaling and CLI]

  • Signatures on the dynamic client methods have been modified to accept context.Context as a first argument. Signatures of Delete and DeleteCollection methods now accept DeleteOptions by value instead of by reference. (#88906, @liggitt) [SIG API Machinery, Apps, CLI, Cluster Lifecycle, Storage and Testing]

  • Signatures on the metadata client methods have been modified to accept context.Context as a first argument. Signatures of Delete and DeleteCollection methods now accept DeleteOptions by value instead of by reference. (#88910, @liggitt) [SIG API Machinery, Apps and Testing]

  • Support create or update VMSS asynchronously. (#89248, @nilo19) [SIG Cloud Provider]

  • The kubelet and the default docker runtime now support running ephemeral containers in the Linux process namespace of a target container. Other container runtimes must implement this feature before it will be available in that runtime. (#84731, @verb) [SIG Node]

  • Update etcd client side to v3.4.4 (#89169, @jingyih) [SIG API Machinery and Cloud Provider]

  • Upgrade to azure-sdk v40.2.0 (#89105, @andyzhangx) [SIG CLI, Cloud Provider, Cluster Lifecycle, Instrumentation, Storage and Testing]

  • Webhooks will have alpha support for network proxy (#85870, @Jefftree) [SIG API Machinery, Auth and Testing]

  • When client certificate files are provided, reload files for new connections, and close connections when a certificate changes. (#79083, @jackkleeman) [SIG API Machinery, Auth, Node and Testing]

  • When deleting objects using kubectl with the --force flag, you are no longer required to also specify --grace-period=0. (#87776, @brianpursley) [SIG CLI]

  • kubectl now contains a kubectl alpha debug command. This command allows attaching an ephemeral container to a running pod for the purposes of debugging. (#88004, @verb) [SIG CLI]

Documentation

Other (Bug, Cleanup or Flake)

  • A PV set from in-tree source will have ordered requirement values in NodeAffinity when converted to CSIPersistentVolumeSource (#88987, @jiahuif) [SIG Storage]

  • Add delays between goroutines for vm instance update (#88094, @aramase) [SIG Cloud Provider]

  • Add init containers log to cluster dump info. (#88324, @zhouya0) [SIG CLI]

  • Azure VMSS LoadBalancerBackendAddressPools updating has been improved with squential-sync + concurrent-async requests. (#88699, @feiskyer) [SIG Cloud Provider]

  • Azure auth module for kubectl now requests login after refresh token expires. (#86481, @tdihp) [SIG API Machinery and Auth]

  • AzureFile and CephFS use new Mount library that prevents logging of sensitive mount options. (#88684, @saad-ali) [SIG API Machinery, CLI, Cloud Provider, Cluster Lifecycle, Instrumentation and Storage]

  • Beta.kubernetes.io/arch is already deprecated since v1.14, are targeted for removal in v1.18 (#89462, @wawa0210) [SIG Testing]

  • Build: Enable kube-cross image-building on K8s Infra (#88562, @justaugustus) [SIG Release and Testing]

  • CPU limits are now respected for Windows containers. If a node is over-provisioned, no weighting is used - only limits are respected. (#86101, @PatrickLang) [SIG Node, Testing and Windows]

  • Client-go certificate manager rotation gained the ability to preserve optional intermediate chains accompanying issued certificates (#88744, @jackkleeman) [SIG API Machinery and Auth]

  • Cloud provider config CloudProviderBackoffMode has been removed since it won't be used anymore. (#88463, @feiskyer) [SIG Cloud Provider]

  • Conformance image now depends on stretch-slim instead of debian-hyperkube-base as that image is being deprecated and removed. (#88702, @dims) [SIG Cluster Lifecycle, Release and Testing]

  • Deprecate --generator flag from kubectl create commands (#88655, @soltysh) [SIG CLI]

  • Deprecate kubectl top flags related to heapster Drop support of heapster in kubectl top (#87498, @serathius) [SIG CLI]

  • EndpointSlice should not contain endpoints for terminating pods (#89056, @andrewsykim) [SIG Apps and Network]

  • Evictions due to pods breaching their ephemeral storage limits are now recorded by the kubelet_evictions metric and can be alerted on. (#87906, @smarterclayton) [SIG Node]

  • FIX: prevent apiserver from panicking when failing to load audit webhook config file (#88879, @JoshVanL) [SIG API Machinery and Auth]

  • Fix /readyz to return error immediately after a shutdown is initiated, before the --shutdown-delay-duration has elapsed. (#88911, @tkashem) [SIG API Machinery]

  • Fix a bug that didn't allow to use IPv6 addresses with leading zeros (#89341, @aojea) [SIG API Machinery, CLI, Cloud Provider, Cluster Lifecycle and Instrumentation]

  • Fix a bug where ExternalTrafficPolicy is not applied to service ExternalIPs. (#88786, @freehan) [SIG Network]

  • Fix a bug where kubenet fails to parse the tc output. (#83572, @chendotjs) [SIG Network]

  • Fix bug with xfs_repair from stopping xfs mount (#89444, @gnufied) [SIG API Machinery, CLI, Cloud Provider, Cluster Lifecycle, Instrumentation and Storage]

  • Fix describe ingress annotations not sorted. (#88394, @zhouya0) [SIG CLI]

  • Fix detection of SystemOOMs in which the victim is a container. (#88871, @dashpole) [SIG Node]

  • Fix handling of aws-load-balancer-security-groups annotation. Security-Groups assigned with this annotation are no longer modified by kubernetes which is the expected behaviour of most users. Also no unnecessary Security-Groups are created anymore if this annotation is used. (#83446, @Elias481) [SIG Cloud Provider]

  • Fix invalid VMSS updates due to incorrect cache (#89002, @ArchangelSDY) [SIG Cloud Provider]

  • Fix isCurrentInstance for Windows by removing the dependency of hostname. (#89138, @feiskyer) [SIG Cloud Provider]

  • Fix kube-apiserver startup to wait for APIServices to be installed into the HTTP handler before reporting readiness. (#89147, @sttts) [SIG API Machinery]

  • Fix kubectl create deployment image name (#86636, @zhouya0) [SIG CLI]

  • Fix missing "apiVersion" for "involvedObject" in Events for Nodes. (#87537, @uthark) [SIG Apps and Node]

  • Fix that prevents repeated fetching of PVC/PV objects by kubelet when processing of pod volumes fails. While this prevents hammering API server in these error scenarios, it means that some errors in processing volume(s) for a pod could now take up to 2-3 minutes before retry. (#88141, @tedyu) [SIG Node and Storage]

  • Fix the VMSS name and resource group name when updating Azure VMSS for LoadBalancer backendPools (#89337, @feiskyer) [SIG Cloud Provider]

  • Fix: add remediation in azure disk attach/detach (#88444, @andyzhangx) [SIG Cloud Provider]

  • Fix: azure file mount timeout issue (#88610, @andyzhangx) [SIG Cloud Provider and Storage]

  • Fix: check disk status before delete azure disk (#88360, @andyzhangx) [SIG Cloud Provider]

  • Fix: corrupted mount point in csi driver (#88569, @andyzhangx) [SIG Storage]

  • Fixed a bug in the TopologyManager. Previously, the TopologyManager would only guarantee alignment if container creation was serialized in some way. Alignment is now guaranteed under all scenarios of container creation. (#87759, @klueska) [SIG Node]

  • Fixed a data race in kubelet image manager that can cause static pod workers to silently stop working. (#88915, @roycaihw) [SIG Node]

  • Fixed an issue that could cause the kubelet to incorrectly run concurrent pod reconciliation loops and crash. (#89055, @tedyu) [SIG Node]

  • Fixed block CSI volume cleanup after timeouts. (#88660, @jsafrane) [SIG Node and Storage]

  • Fixed bug where a nonzero exit code was returned when initializing zsh completion even though zsh completion was successfully initialized (#88165, @brianpursley) [SIG CLI]

  • Fixed cleaning of CSI raw block volumes. (#87978, @jsafrane) [SIG Storage]

  • Fixes conversion error in multi-version custom resources that could cause metadata.generation to increment on no-op patches or updates of a custom resource. (#88995, @liggitt) [SIG API Machinery]

  • Fixes issue where you can't attach more than 15 GCE Persistent Disks to c2, n2, m1, m2 machine types. (#88602, @yuga711) [SIG Storage]

  • Fixes v1.18.0-rc.1 regression in kubectl port-forward when specifying a local and remote port (#89401, @liggitt) [SIG CLI]

  • For volumes that allow attaches across multiple nodes, attach and detach operations across different nodes are now executed in parallel. (#88678, @verult) [SIG Apps, Node and Storage]

  • Get-kube.sh uses the gcloud's current local GCP service account for auth when the provider is GCE or GKE instead of the metadata server default (#88383, @BenTheElder) [SIG Cluster Lifecycle]

  • Golang/x/net has been updated to bring in fixes for CVE-2020-9283 (#88381, @BenTheElder) [SIG API Machinery, CLI, Cloud Provider, Cluster Lifecycle and Instrumentation]

  • Hide kubectl.kubernetes.io/last-applied-configuration in describe command (#88758, @soltysh) [SIG Auth and CLI]

  • In GKE alpha clusters it will be possible to use the service annotation cloud.google.com/network-tier: Standard (#88487, @zioproto) [SIG Cloud Provider]

  • Ipvs: only attempt setting of sysctlconnreuse on supported kernels (#88541, @cmluciano) [SIG Network]

  • Kube-proxy: on dual-stack mode, if it is not able to get the IP Family of an endpoint, logs it with level InfoV(4) instead of Warning, avoiding flooding the logs for endpoints without addresses (#88934, @aojea) [SIG Network]

  • Kubeadm now includes CoreDNS version 1.6.7 (#86260, @rajansandeep) [SIG Cluster Lifecycle]

  • Kubeadm: fix the bug that 'kubeadm upgrade' hangs in single node cluster (#88434, @SataQiu) [SIG Cluster Lifecycle]

  • Kubelet: fix the bug that kubelet help information can not show the right type of flags (#88515, @SataQiu) [SIG Docs and Node]

  • Kubelets perform fewer unnecessary pod status update operations on the API server. (#88591, @smarterclayton) [SIG Node and Scalability]

  • Optimize kubectl version help info (#88313, @zhouya0) [SIG CLI]

  • Plugin/PluginConfig and Policy APIs are mutually exclusive when running the scheduler (#88864, @alculquicondor) [SIG Scheduling]

  • Removes the deprecated command kubectl rolling-update (#88057, @julianvmodesto) [SIG Architecture, CLI and Testing]

  • Resolved a regression in v1.18.0-rc.1 mounting windows volumes (#89319, @mboersma) [SIG API Machinery, CLI, Cloud Provider, Cluster Lifecycle, Instrumentation and Storage]

  • Scheduler PreScore plugins are not executed if there is one filtered node or less. (#89370, @ahg-g) [SIG Scheduling]

  • Specifying PluginConfig for the same plugin more than once fails scheduler startup.

    Specifying extenders and configuring .ignoredResources for the NodeResourcesFit plugin fails (#88870, @alculquicondor) [SIG Scheduling]

  • Support TLS Server Name overrides in kubeconfig file and via --tls-server-name in kubectl (#88769, @deads2k) [SIG API Machinery, Auth and CLI]

  • Terminating a restartPolicy=Never pod no longer has a chance to report the pod succeeded when it actually failed. (#88440, @smarterclayton) [SIG Node and Testing]

  • The EventRecorder from k8s.io/client-go/tools/events will now create events in the default namespace (instead of kube-system) when the related object does not have it set. (#88815, @enj) [SIG API Machinery]

  • The audit event sourceIPs list will now always end with the IP that sent the request directly to the API server. (#87167, @tallclair) [SIG API Machinery and Auth]

  • Update Cluster Autoscaler to 1.18.0; changelog: https://github.com/kubernetes/autoscaler/releases/tag/cluster-autoscaler-1.18.0 (#89095, @losipiuk) [SIG Autoscaling and Cluster Lifecycle]

  • Update to use golang 1.13.8 (#87648, @ialidzhikov) [SIG Release and Testing]

  • Validate kube-proxy flags --ipvs-tcp-timeout, --ipvs-tcpfin-timeout, --ipvs-udp-timeout (#88657, @chendotjs) [SIG Network]

  • Wait for all CRDs to show up in discovery endpoint before reporting readiness. (#89145, @sttts) [SIG API Machinery]

  • kubectl config view now redacts bearer tokens by default, similar to client certificates. The --raw flag can still be used to output full content. (#88985, @brianpursley) [SIG API Machinery and CLI]