| filename | sha256 hash |
|---|---|
| kubernetes.tar.gz | 8f352d4f44b0c539cfb4fb72a64098c155771916cff31642b131f1eb7879da20 |
| kubernetes-src.tar.gz | d2de8df039fd3bd997c992abedb0353e37691053bd927627c6438ad654055f80 |
| filename | sha256 hash |
|---|---|
| kubernetes-client-darwin-386.tar.gz | ca70a374de0c3be4897d913f6ad22e426c6336837be6debff3cbf5f3fcf4b3ae |
| kubernetes-client-darwin-amd64.tar.gz | d6e0e6f286ef20a54047038b337b8a47f6cbd105b69917137c5c30c8fbee006f |
| kubernetes-client-linux-386.tar.gz | 6e73e49fa99391e1474d63a102f3cf758ef84b781bc0c0de42f1e5d1cc89132b |
| kubernetes-client-linux-amd64.tar.gz | 1c0c7a7aefabcda0d0407dfadd2ee7e379b395ae4ad1671535d99305e72eb2ae |
| kubernetes-client-linux-arm.tar.gz | e6310653c31114efe32db29aa06c2c1530c285cda4cccc30edf4926d0417a3a6 |
| kubernetes-client-linux-arm64.tar.gz | 188312f25a53cf30f8375ab5727e64067ede4fba53823c3a4e2e4b768938244e |
| kubernetes-client-linux-ppc64le.tar.gz | 875f77e17c3236dde0d6e5f302c52a5193f1bf1d79d72115ae1c6de5f494b0a3 |
| kubernetes-client-linux-s390x.tar.gz | 18502d6bd9fb483c3a858d73e2d55e32b946cbb351e09788671aca6010e39ba8 |
| kubernetes-client-windows-386.tar.gz | f0e83868dd731365b8e3f95fe33622a59d0b67d97907089c2a1c56a8eca8ebf7 |
| kubernetes-client-windows-amd64.tar.gz | 571898fd6f612d75c9cfb248875cefbe9761155f3e8c7df48fce389606414028 |
| filename | sha256 hash |
|---|---|
| kubernetes-server-linux-amd64.tar.gz | 1f36c8bb40050d4371f0d8362e8fad9d60c39c5f7f9e5569ec70d0731c9dd438 |
| kubernetes-server-linux-arm.tar.gz | f503c149c1aaef2df9fea146524c4f2cb505a1946062959d1acf8bc399333437 |
| kubernetes-server-linux-arm64.tar.gz | 660d282c18e2988744d902cb2c9f3b962b3418cbfae3644e3ea854835ca19d32 |
| kubernetes-server-linux-ppc64le.tar.gz | 0682060c38c704c710cc42a887b40e26726fad9cb23368ef44236527c2a7858f |
| kubernetes-server-linux-s390x.tar.gz | 319337deee4e12e30da57ca484ef435f280a36792c2e2e3cd3515079b911281a |
| filename | sha256 hash |
|---|---|
| kubernetes-node-linux-amd64.tar.gz | 8d111b862d4cb3490d5ee2b97acd439e10408cba0c7f04c98a9f0470a4869e20 |
| kubernetes-node-linux-arm.tar.gz | e04a30445bdabc0b895e036497fdebd102c39a53660108e45c870ae7ebc6dced |
| kubernetes-node-linux-arm64.tar.gz | 5fea9ce404e76e7d32c06aa2e1fbf2520531901c16a2e5f0047712d0a9422e42 |
| kubernetes-node-linux-ppc64le.tar.gz | fc6e0568f5f72790d14260ff70fe0802490a3772ed9aef2723952d706ef0fa3d |
| kubernetes-node-linux-s390x.tar.gz | 54f97b09c5adb4657e48fda59a9f4657386b0aa4be787c188eef1ece41bd4eb8 |
| kubernetes-node-windows-amd64.tar.gz | 72dbc9c474b15cc70e7d806cd0f78f10af1f9a7b4a11f014167f1d47277154cf |
kubeadm upgrade plannow accepts a version which improves the UX nicer in air-gapped environments. (#63201, @chuckha)- kubectl now supports --field-selector for
delete,label, andannotate(#60717, @liggitt) - kube-apiserver:
--endpoint-reconciler-typenow defaults tolease. Themaster-countreconciler is deprecated and will be removed in 1.13. (#58474, @rphillips) - OpenStack cloudprovider: Fix deletion of orphaned routes (#62729, @databus23)
- Fix a bug that headless service without ports fails to have endpoint created. (#62497, @MrHohn)
- Fix panic for attaching AzureDisk to vmss nodes (#63275, @feiskyer)
kubectl api-resourcesnow supports filtering to resources supporting specific verbs, and can output fully qualified resource names suitable for combining with commands likekubectl get(#63254, @liggitt)- fix cephfs fuse mount bug when user is not admin (#61804, @zhangxiaoyu-zidif)
- StorageObjectInUseProtection feature is GA. (#62870, @pospispa)
- fixed spurious "unable to find api field" errors patching custom resources (#63146, @liggitt)
- KUBE_API_VERSIONS is no longer respected. It was used for testing, but runtime-config is the proper flag to set. (#63165, @deads2k)
- Added CheckNodePIDPressurePredicate to checks if a pod can be scheduled on (#60007, @k82cn)
- a node reporting pid pressure condition.
- Upgrade Azure Go SDK to stable version (v14.6.0) (#63063, @feiskyer)
- kubeadm: prompt the user for confirmation when resetting a master node (#59115, @alexbrand)
- add warnings on using pod-infra-container-image for remote container runtime (#62982, @dixudx)
- Deprecate kubectl rolling-update (#61285, @soltysh)
- client-go developers: the new dynamic client is easier to use and the old is deprecated, you must switch. (#62913, @deads2k)
- Fix issue where on re-registration of device plugin,
allocatablewas not getting updated. This issue makes devices invisible to the Kubelet if device plugin restarts. Only work-around, if this fix is not there, is to restart the kubelet and then start device plugin. (#63118, @vikaschoudhary16) - Remove METADATA_AGENT_VERSION configuration option. (#63000, @kawych)
- kubelets are no longer allowed to delete their own Node API object. Prior to 1.11, in rare circumstances related to cloudprovider node ID changes, kubelets would attempt to delete/recreate their Node object at startup. If a legacy kubelet encounters this situation, a cluster admin can remove the Node object: (#62818, @mikedanese)
*
kubectl delete node/<nodeName>- or grant self-deletion permission explicitly:
kubectl create clusterrole self-deleting-nodes --verb=delete --resource=nodeskubectl create clusterrolebinding self-deleting-nodes --clusterrole=self-deleting-nodes --group=system:nodes
- or grant self-deletion permission explicitly:
- kubeadm creates kube-proxy with a toleration to run on all nodes, no matter the taint. (#62390, @discordianfish)
- fix resultRun by resetting it to 0 on pod restart (#62853, @tony612)
- Mount additional paths required for a working CA root, for setups where /etc/ssl/certs doesn't contains certificates but just symlink. (#59122, @klausenbusk)
- Introduce truncating audit backend that can be enabled for existing backend to limit the size of individual audit events and batches of events. (#61711, @crassirostris)
- kubeadm upgrade no longer races leading to unexpected upgrade behavior on pod restarts (#62655, @stealthybox)
- kubeadm upgrade now successfully upgrades etcd and the controlplane to use TLS
- kubeadm upgrade now supports external etcd setups
- kubeadm upgrade can now rollback and restore etcd after an upgrade failure
- Add --ipvs-exclude-cidrs flag to kube-proxy. (#62083, @rramkumar1)
- Fix the liveness probe to use
/bin/bash -cinstead of/bin/bash c. (#63033, @bmoyles0117) - Added
MatchFieldstoNodeSelectorTerm; in 1.11, it only supportmetadata.name. (#62002, @k82cn) - Fix scheduler informers to receive events for all the pods in the cluster. (#63003, @bsalamat)
- removed unsafe double RLock in cpumanager (#62464, @choury)
- Fix in vSphere Cloud Provider to handle upgrades from kubernetes version less than v1.9.4 to v1.9.4 and above. (#62919, @abrarshivani)
- The
--bootstrap-kubeconfigargument to Kubelet previously created the first bootstrap client credentials in the certificates directory askubelet-client.keyandkubelet-client.crt. Subsequent certificates created by cert rotation were created in a combined PEM file that was atomically rotated askubelet-client-DATE.pemin that directory, which meant clients relying on thenode.kubeconfiggenerated by bootstrapping would never use a rotated cert. The initial bootstrap certificate is now generated into the cert directory as a PEM file and symlinked tokubelet-client-current.pemso that the generated kubeconfig remains valid after rotation. (#62152, @smarterclayton) - stop kubelet to cloud provider integration potentially wedging kubelet sync loop (#62543, @ingvagabund)
- Fix error where config map for Metadata Agent was not created by addon manager. (#62909, @kawych)
- Fixes the kubernetes.default.svc loopback service resolution to use a loopback configuration. (#62649, @liggitt)
- Code generated for CRDs now passes
go vet. (#62412, @bhcleek) - fix permissions to allow statefulset scaling for admins, editors, and viewers (#62336, @deads2k)
- Add support of standard LB to Azure vmss (#62707, @feiskyer)
- GCE: Fix for internal load balancer management resulting in backend services with outdated instance group links. (#62885, @nicksardo)
- The --experimental-qos-reserve kubelet flags is replaced by the alpha level --qos-reserved flag or QOSReserved field in the kubeletconfig and requires the QOSReserved feature gate to be enabled. (#62509, @sjenning)
- Set pod status to "Running" if there is at least one container still reporting as "Running" status and others are "Completed". (#62642, @ceshihao)
- Split PodPriority and PodPreemption feature gate (#62243, @resouer)
- Add support to resize Portworx volumes. (#62308, @harsh-px)
| filename | sha256 hash |
|---|---|
| kubernetes.tar.gz | 8e7f2b4c8f8fb948b4f7882038fd1bb3f2b967ee240d30d58347f40083ed199b |
| kubernetes-src.tar.gz | 62ab39d8fd02309c74c2a978402ef809c0fe4bb576f1366d6bb0cff26d62e2ff |
| filename | sha256 hash |
|---|---|
| kubernetes-client-darwin-386.tar.gz | 332fd9e243c9c37e31fd26d8fa1a7ccffba770a48a9b0ffe57403f028c6ad6f4 |
| kubernetes-client-darwin-amd64.tar.gz | 1703462ad564d2d52257fd59b0c8acab595fd08b41ea73fed9f6ccb4bfa074c7 |
| kubernetes-client-linux-386.tar.gz | 61073b7c5266624e0f7be323481b3111ee01511b6b96cf16468044d8a68068e3 |
| kubernetes-client-linux-amd64.tar.gz | 9a29117fa44ffc14a7004d55f4de97ad88d94076826cfc0bf9ec73c998c78f64 |
| kubernetes-client-linux-arm.tar.gz | 55114364aacd4eb6d080b818c859877dd5ce46b8f1e58e1469dfa9a50ade1cf9 |
| kubernetes-client-linux-arm64.tar.gz | 276fb16cf4aef7d1444ca754ec83365ff36184e1bc30104853f791a57934ee37 |
| kubernetes-client-linux-ppc64le.tar.gz | 8a9096dd1908b8f4004249daff7ae408e390dbc728cd237bc558192744f52116 |
| kubernetes-client-linux-s390x.tar.gz | 9297755244647b90c2d41ce9e04ee31fb158a69f011c0f4f1ec2310fa57234e7 |
| kubernetes-client-windows-386.tar.gz | 449562a4d6d82b5eb60151e6ff0b301f92b92f957e3a38b741a4c0d8b3c0611f |
| kubernetes-client-windows-amd64.tar.gz | ab97f150723614bcbacdf27c4ced8b45166425522a44e7de693d0e987c425f07 |
| filename | sha256 hash |
|---|---|
| kubernetes-server-linux-amd64.tar.gz | 4c2db4089271366933d0b63ea7fe8f0d9eb4af06fe91d6aac1b8240e2fbd62e1 |
| kubernetes-server-linux-arm.tar.gz | d5abdfe5aa28b23cf4f4f6be27db031f885f87e2defef680f2d5b92098b2d783 |
| kubernetes-server-linux-arm64.tar.gz | bd8a8d7c45108f4b0c2af81411c00e338e410b680abe4463f6b6d88e8adcc817 |
| kubernetes-server-linux-ppc64le.tar.gz | cb5341af600c82d391fc5ca726ff96c48e741f597360a56cc2ada0a0f9e7ec95 |
| kubernetes-server-linux-s390x.tar.gz | 91009df3801430afde03e888f1f13a83bcb9d00b7cd4194b085684cc11657549 |
| filename | sha256 hash |
|---|---|
| kubernetes-node-linux-amd64.tar.gz | 22bf846c692545e7c2655e2ebe06ffc61313d7c76e4f75716be4cec457b548ed |
| kubernetes-node-linux-arm.tar.gz | 351095bb0ec177ce1ba950d366516ed6154f6ce920eac39e2a26c48203a94e11 |
| kubernetes-node-linux-arm64.tar.gz | 947e6e9e362652db435903e9b40f14750a7ab3cc60622e78257797f6ed63b1ab |
| kubernetes-node-linux-ppc64le.tar.gz | 1a0a1d0b96c3e01bc0737245eed76ed3db970c8d80c42450072193f23a0e186b |
| kubernetes-node-linux-s390x.tar.gz | 6891b2e8f1f93b4f590981dccc6fd976a50a0aa5c425938fc5ca3a9c0742d16a |
| kubernetes-node-windows-amd64.tar.gz | 70daea86c14fcafbd46f3d1bb252db50148fb9aab3371dffc4a039791caebac5 |
- NONE (#62643, @xiangpengzhao)
- ACTION REQUIRED: Alpha annotation for PersistentVolume node affinity has been removed. Update your PersistentVolumes to use the beta PersistentVolume.nodeAffinity field before upgrading to this release (#61816, @wackxu)
- ACTION REQUIRED: In-place node upgrades to this release from versions 1.7.14, 1.8.9, and 1.9.4 are not supported if using subpath volumes with PVCs. Such pods should be drained from the node first. (#61373, @msau42)
- Make volume usage metrics available for Cinder (#62668, @zetaab)
- kubectl stops rendering List as suffix kind name for CRD resources (#62512, @dixudx)
- Removes --include-extended-apis which was deprecated back in kubernetes#32894 (#62803, @deads2k)
- Add write-config-to to scheduler (#62515, @resouer)
- Kubelets will no longer set
externalIDin their node spec. (#61877, @mikedanese) - kubeadm preflight: check CRI socket path if defined, otherwise check for Docker (#62481, @taharah)
- fix network setup in hack/local-up-cluster.sh (kubernetes#60431) (#60633, @pohly)
- better error diagnostics in hack/local-up-cluster.sh output
- Add prometheus cluster monitoring addon to kube-up (#62195, @serathius)
- Fix inter-pod anti-affinity check to consider a pod a match when all the anti-affinity terms match. (#62715, @bsalamat)
- GCE: Bump GLBC version to 1.1.1 - fixing an issue of handling multiple certs with identical certificates (#62751, @nicksardo)
- fixes configuration error when upgrading kubeadm from 1.9 to 1.10+ (#62568, @liztio)
- enforces kubeadm upgrading kubernetes from the same major and minor versions as the kubeadm binary.
- Allow user to scale l7 default backend deployment (#62685, @freehan)
- Pod affinity
nodeSelectorTerm.matchExpressionsmay now be empty, and works as previously documented: nil or emptymatchExpressionsmatches no objects in scheduler. (#62448, @k82cn) - Add @andrewsykim as an approver for CCM related code. (#62749, @andrewsykim)
- Fix an issue in inter-pod affinity predicate that cause affinity to self being processed incorrectly (#62591, @bsalamat)
- fix WaitForAttach failure issue for azure disk (#62612, @andyzhangx)
- Update kube-dns to Version 1.14.10. Major changes: (#62676, @MrHohn)
-
- Fix a bug in DNS resolution for externalName services
- and PTR records that need to query from upstream nameserver.
-
- Update version of Istio addon from 0.5.1 to 0.6.0. (#61911, @ostromart)
- See https://istio.io/about/notes/0.6.html for full Isto release notes.
- Phase
kubeadm alpha phase kubeletis added to support dynamic kubelet configuration in kubeadm. (#57224, @xiangpengzhao) kubeadm alpha phase kubeconfig usersupports groups (organizations) to be specified in client cert. (#62627, @xiangpengzhao)- Fix user visible files creation for windows (#62375, @feiskyer)
- remove deprecated initresource admission plugin (#58784, @wackxu)
- Fix machineID getting for vmss nodes when using instance metadata (#62611, @feiskyer)
- Fixes issue where PersistentVolume.NodeAffinity.NodeSelectorTerms were ANDed instead of ORed. (#62556, @msau42)
- Fix potential infinite loop that can occur when NFS PVs are recycled. (#62572, @joelsmith)
- Fix Forward chain default reject policy for IPVS proxier (#62007, @m1093782566)
- The kubeadm config option
API.ControlPlaneEndpointhas been extended to take an optional port which may differ from the apiserver's bind port. (#62314, @rjosephwright) - cluster/kube-up.sh now provisions a Kubelet config file for GCE via the metadata server. This file is installed by the corresponding GCE init scripts. (#62183, @mtaufen)
- Remove alpha functionality that allowed the controller manager to approve kubelet server certificates. (#62471, @mikedanese)
- gitRepo volumes in pods no longer require git 1.8.5 or newer, older git versions are supported too now. (#62394, @jsafrane)
- Default mount propagation has changed from "HostToContainer" ("rslave" in Linux terminology) to "None" ("private") to match the behavior in 1.9 and earlier releases. "HostToContainer" as a default caused regressions in some pods. (#62462, @jsafrane)
- improve performance of affinity/anti-affinity predicate of default scheduler significantly. (#62211, @bsalamat)
- fix nsenter GetFileType issue in containerized kubelet (#62467, @andyzhangx)
- Ensure expected load balancer is selected for Azure (#62450, @feiskyer)
- Resolves forbidden error when the
daemon-set-controllercluster role accesscontrollerrevisionsresources. (#62146, @frodenas) - Adds --cluster-name to kubeadm init for specifying the cluster name in kubeconfig. (#60852, @karan)
- Upgrade the default etcd server version to 3.2.18 (#61198, @jpbetz)
- [fluentd-gcp addon] Increase CPU limit for fluentd to 1 core to achieve 100kb/s throughput. (#62430, @bmoyles0117)
- GCE: Bump GLBC version to 1.1.0 - supporting multiple certificates and HTTP2 (#62427, @nicksardo)
- Fixed #731 kubeadm upgrade ignores HighAvailability feature gate (#62455, @fabriziopandini)
- Cluster Autoscaler 1.2.1 (release notes: https://github.com/kubernetes/autoscaler/releases/tag/cluster-autoscaler-1.2.1) (#62457, @mwielgus)
- Add generators for
apps/v1deployments. (#61288, @ayushpateria) - kubeadm: surface external etcd preflight validation errors (#60585, @alexbrand)
- kube-apiserver: oidc authentication now supports requiring specific claims with
--oidc-required-claim=<claim>=<value>(#62136, @rithujohn191) - Implements verbosity logging feature for kubeadm commands (#57661, @vbmade2000)
- Allow additionalProperties in CRD OpenAPI v3 specification for validation, mutually exclusive to properties. (#62333, @sttts)
- cinder volume plugin : (#61082, @wenlxie)
- When the cinder volume status is
error, controller will not doattachanddetachoperation
- When the cinder volume status is
- fix incompatible file type checking on Windows (#62154, @dixudx)
- fix local volume absolute path issue on Windows (#62018, @andyzhangx)
- Remove
ObjectMetaListOptionsDeleteOptionsfrom core api group. Please use that in meta/v1 (#61809, @hzxuzhonghu) - fix the issue that default azure disk fsypte(ext4) does not work on Windows (#62250, @andyzhangx)
- RBAC information is included in audit logs via audit.Event annotations: (#58807, @CaoShuFeng)
- authorization.k8s.io/decision = {allow, forbid}
- authorization.k8s.io/reason = human-readable reason for the decision
- Update kube-dns to Version 1.14.9 in kubeadm. (#61918, @MrHohn)
- Add support to ingest log entries to Stackdriver against new "k8s_container" and "k8s_node" resources. (#62076, @qingling128)
- remove deprecated --mode flag in check-network-mode (#60102, @satyasm)
- Schedule even if extender is not available when using extender (#61445, @resouer)
- Fixed column alignment when kubectl get is used with custom columns from OpenAPI schema (#56629, @luksa)
- Fixed bug in rbd-nbd utility when nbd is used. (#62168, @piontec)
- Extend the Stackdriver Metadata Agent by adding a new Deployment for ingesting unscheduled pods, and services. (#62043, @supriyagarg)
- Disabled CheckNodeMemoryPressure and CheckNodeDiskPressure predicates if TaintNodesByCondition enabled (#60398, @k82cn)
- kubeadm config can now override the Node CIDR Mask Size passed to kube-controller-manager. (#61705, @jstangroome)
- Add warnings that authors of aggregated API servers must not rely on authorization being done by the kube-apiserver. (#61349, @sttts)
- Support custom test configuration for IPAM performance integration tests (#61959, @satyasm)
- GCE: Updates GLBC version to 1.0.1 which includes a fix which prevents multi-cluster ingress objects from creating full load balancers. (#62075, @nicksardo)
- OIDC authentication now allows tokens without an "email_verified" claim when using the "email" claim. If an "email_verified" claim is present when using the "email" claim, it must be
true. (#61508, @rithujohn191) - fix local volume issue on Windows (#62012, @andyzhangx)
- kubeadm: Introduce join timeout that can be controlled via the discoveryTimeout config option (set to 5 minutes by default). (#60983, @rosti)
- Add e2e test for CRD Watch (#61025, @ayushpateria)
- Fix panic create/update CRD when mutating/validating webhook configured. (#61404, @hzxuzhonghu)
- Fix a bug that fluentd doesn't inject container logs for CRI container runtimes (containerd, cri-o etc.) into elasticsearch on GCE. (#61818, @Random-Liu)
- Support for "alpha.kubernetes.io/nvidia-gpu" resource which was deprecated in 1.10 is removed. Please use the resource exposed by DevicePlugins instead ("nvidia.com/gpu"). (#61498, @mindprince)
- Pods requesting resources prefixed with
*kubernetes.iowill remain unscheduled if there are no nodes exposing that resource. (#61860, @mindprince) - flexvolume: trigger plugin init only for the relevant plugin while probe (#58519, @linyouchong)
- Update to use go1.10.1 (#60597, @cblecker)
- Rev the Azure SDK for networking to 2017-06-01 (#61955, @brendandburns)
- Return error if get NodeStageSecret and NodePublishSecret failed in CSI volume plugin (#61096, @mlmhl)
- kubectl: improves compatibility with older servers when creating/updating API objects (#61949, @liggitt)
- kubernetes-master charm now supports metrics server for horizontal pod autoscaler. (#60174, @hyperbolic2346)
- fix scheduling policy on ConfigMap breaks without the --policy-configmap-namespace flag set (#61388, @zjj2wry)
- kubectl: restore the ability to show resource kinds when displaying multiple objects (#61985, @liggitt)
kubectl certificate approve|denywill not modify an already approved or denied CSR unless the--forceflag is provided. (#61971, @smarterclayton)- Kubelet now exposes a new endpoint /metrics/probes which exposes a Prometheus metric containing the liveness and/or readiness probe results for a container. (#61369, @rramkumar1)
- Balanced resource allocation priority in scheduler to include volume count on node (#60525, @ravisantoshgudimetla)
- new dhcp-domain parameter to be used for figuring out the hostname of a node (#61890, @dims)
- Fixed a panic in
kubectl run --attach ...when the api server failed to create the runtime object (due to name conflict, PSP restriction, etc.) (#61713, @mountkin) - Ensure reasons end up as comments in
kubectl edit. (#60990, @bmcstdio) - kube-scheduler has been fixed to use
--leader-electoption back to true (as it was in previous versions) (#59732, @dims) - Azure cloud provider now supports standard SKU load balancer and public IP. To use it, set cloud provider config with (#61884, @feiskyer)
- {
- "loadBalancerSku": "standard",
- "excludeMasterFromStandardLB": true,
- }
- If excludeMasterFromStandardLB is not set, it will be default to true, which means master nodes are excluded to the backend of standard LB.
- Also note standard load balancer doesn't work with annotation
service.beta.kubernetes.io/azure-load-balancer-mode. This is because all nodes (except master) are added as the LB backends.
- The node authorizer now automatically sets up rules for Node.Spec.ConfigSource when the DynamicKubeletConfig feature gate is enabled. (#60100, @mtaufen)
- Update kube-dns to Version 1.14.9. Major changes: (#61908, @MrHohn)
-
- Fix for kube-dns returns NXDOMAIN when not yet synced with apiserver.
-
- Don't generate empty record for externalName service.
-
- Add validation for upstreamNameserver port.
-
- Update go version to 1.9.3.
-
- CRI: define the mount behavior when host path does not exist: runtime should report error if the host path doesn't exist (#61460, @feiskyer)
- Fixed ingress issue with CDK and pre-1.9 versions of kubernetes. (#61859, @hyperbolic2346)
- Removed rknetes code, which was deprecated in 1.10. (#61432, @filbranden)
- Disable ipamperf integration tests as part of every PR verification. (#61863, @satyasm)
- Enable server-side print in kubectl by default, with the ability to turn it off with --server-print=false (#61477, @soltysh)
- Add ipset and udevadm to the hyperkube base image. (#61357, @rphillips)
- In a GCE cluster, the default HAIRPIN_MODE is now "hairpin-veth". (#60166, @rramkumar1)
- Deployment will stop adding pod-template-hash labels/selector to ReplicaSets and Pods it adopts. Resources created by Deployments are not affected (will still have pod-template-hash labels/selector). (#61615, @janetkuo)
- kubectl: fixes issue with
-o yamland-o jsonomitting kind and apiVersion when used with--dry-run(#61808, @liggitt) - Updated admission controller settings for Juju deployed Kubernetes clusters (#61427, @hyperbolic2346)
- Performance test framework and basic tests for the IPAM controller, to simulate behavior (#61143, @satyasm)
- of the four supported modes under lightly loaded and loaded conditions, where load is
- defined as the number of operations to perform as against the configured kubernetes
- API server QPS.
- kubernetes-master charm now properly clears the client-ca-file setting on the apiserver snap (#61479, @hyperbolic2346)
- Fix racy panics when using fake watches with ObjectTracker (#61195, @grantr)
- [fluentd-gcp addon] Update event-exporter image to have the latest base image. (#61727, @crassirostris)
- Use inline func to ensure unlock is executed (#61644, @resouer)
- `kubectl apply view/edit-last-applied support completion. (#60499, @superbrothers)
- Automatically add system critical priority classes at cluster boostrapping. (#60519, @bsalamat)
- Ensure cloudprovider.InstanceNotFound is reported when the VM is not found on Azure (#61531, @feiskyer)
- Azure cloud provider now supports specifying allowed service tags by annotation
service.beta.kubernetes.io/azure-allowed-service-tags(#61467, @feiskyer) - Add all kinds of resource objects' statuses in HPA description. (#59609, @zhangxiaoyu-zidif)
- Bound cloud allocator to 10 retries with 100 ms delay between retries. (#61375, @satyasm)
- Removed always pull policy from the template for ingress on CDK. (#61598, @hyperbolic2346)
- escape literal percent sign when formatting (#61523, @dixudx)
- Cluster Autoscaler 1.2.0 - release notes available here: https://github.com/kubernetes/autoscaler/releases (#61561, @mwielgus)
- Fix mounting of UNIX sockets(and other special files) in subpaths (#61480, @gnufied)
kubectl patchnow supports--dry-run. (#60675, @timoreimann)- fix sorting taints in case the sorting keys are equal (#61255, @dixudx)
- NetworkPolicies can now target specific pods in other namespaces by including both a namespaceSelector and a podSelector in the same peer element. (#60452, @danwinship)
- include node internal ip as additional information for kubectl (#57623, @dixudx)
- Add apiserver configuration option to choose audit output version. (#60056, @crassirostris)
make test-cmdnow works on OSX. (#61393, @totherme)- Remove kube-apiserver
--storage-versionflag, use--storage-versionsinstead. (#61453, @hzxuzhonghu) - Bump Heapster to v1.5.2 (#61396, @kawych)
- Conformance: ReplicaSet must be supported in the
apps/v1version. (#61367, @enisoc) - You can now use the
base64decodefunction in kubectl go templates to decode base64-encoded data, for examplekubectl get secret SECRET -o go-template='{{ .data.KEY | base64decode }}'. (#60755, @glb) - Remove 'system' prefix from Metadata Agent rbac configuration (#61394, @kawych)
- Remove
--tls-ca-fileflag. (#61386, @hzxuzhonghu) - fix sorting tolerations in case the keys are equal (#61252, @dixudx)
- respect fstype in Windows for azure disk (#61267, @andyzhangx)
--show-all(which only affected pods and only for human readable/non-API printers) is inert in v1.11, and will be removed in a future release. (#60793, @charrywanganthony)- Remove never used NewCronJobControllerFromClient method (#59471, @dmathieu)
- Support new NODE_OS_DISTRIBUTION 'custom' on GCE (#61235, @yguo0905)
- Fixed #61123 by triggering syncer.Update on all cases including when a syncer is created (#61124, @satyasm)
- on a new add event.
- Unready pods will no longer impact the number of desired replicas when using horizontal auto-scaling with external metrics or object metrics. (#60886, @mattjmcnaughton)
- include file name in the error when visiting files (#60919, @dixudx)
- Implement preemption for extender with a verb and new interface (#58717, @resouer)
kube-cloud-controller-managerflag--service-account-private-key-fileis removed in v1.11 (#60875, @charrywanganthony)- kubeadm: Add the writable boolean option to kubeadm config. The option works on a per-volume basis for *ExtraVolumes config keys. (#60428, @rosti)
- DaemonSet scheduling associated with the alpha ScheduleDaemonSetPods feature flag has been removed from the 1.10 release. See kubernetes/enhancements#548 for feature status. (#61411, @liggitt)
- Bugfix for erroneous upgrade needed messaging in kubernetes worker charm. (#60873, @wwwtyro)
- Fix data race in node lifecycle controller (#60831, @resouer)
- Nodes are not deleted from kubernetes anymore if node is shutdown in Openstack. (#59931, @zetaab)
- "beginPort+offset" format support for port range which affects kube-proxy only (#58731, @yue9944882)
- Added e2e test for watch (#60331, @jennybuckley)
- kubelet's --cni-bin-dir option now accepts multiple comma-separated CNI binary directory paths, which are search for CNI plugins in the given order. (#58714, @dcbw)