filename | sha512 hash |
---|---|
kubernetes.tar.gz | 7af83386b4b35353f0aa1bdaf73599eb08b1d1ca11ecc2c606854aff754db69f3cd3dc761b6d7fc86f01052f615ca53185f33dbf9e53b2f926b0f02fc103fbd3 |
kubernetes-src.tar.gz | a14b02a0a0bde97795a836a8f5897b0ee6b43e010e13e43dd4cca80a5b962a1ef3704eedc7916fed1c38ec663a71db48c228c91e5daacba7d9370df98c7ddfb6 |
filename | sha512 hash |
---|---|
kubernetes-client-darwin-386.tar.gz | 427f214d47ded44519007de2ae87160c56c2920358130e474b768299751a9affcbc1b1f0f936c39c6138837bca2a97792a6700896976e98c4beee8a1944cfde1 |
kubernetes-client-darwin-amd64.tar.gz | 861fd81ac3bd45765575bedf5e002a2294aba48ef9e15980fc7d6783985f7d7fcde990ea0aef34690977a88df758722ec0a2e170d5dcc3eb01372e64e5439192 |
kubernetes-client-linux-386.tar.gz | 7d59b05d6247e2606a8321c72cd239713373d876dbb43b0fb7f1cb857fa6c998038b41eeed78d9eb67ce77b0b71776ceed428cce0f8d2203c5181b473e0bd86c |
kubernetes-client-linux-amd64.tar.gz | 7cdefb4e32bad9d2df5bb8e7e0a6f4dab2ae6b7afef5d801ac5c342d4effdeacd799081fa2dec699ecf549200786c7623c3176252010f12494a95240dd63311d |
kubernetes-client-linux-arm.tar.gz | 6212bbf0fa1d01ced77dcca2c4b76b73956cd3c6b70e0701c1fe0df5ff37160835f6b84fa2481e0e6979516551b14d8232d1c72764a559a3652bfe2a1e7488ff |
kubernetes-client-linux-arm64.tar.gz | 1f0d9990700510165ee471acb2f88222f1b80e8f6deb351ce14cf50a70a9840fb99606781e416a13231c74b2bd7576981b5348171aa33b628d2666e366cd4629 |
kubernetes-client-linux-ppc64le.tar.gz | 77e00ba12a32db81e96f8de84609de93f32c61bb3f53875a57496d213aa6d1b92c09ad5a6de240a78e1a5bf77fac587ff92874f34a10f8909ae08ca32fda45d2 |
kubernetes-client-linux-s390x.tar.gz | a39ec2044bed5a4570e9c83068e0fc0ce923ccffa44380f8bbc3247426beaff79c8a84613bcb58b05f0eb3afbc34c79fe3309aa2e0b81abcfd0aa04770e62e05 |
kubernetes-client-windows-386.tar.gz | 1a0ab88f9b7e34b60ab31d5538e97202a256ad8b7b7ed5070cae5f2f12d5d4edeae615db7a34ebbe254004b6393c6b2480100b09e30e59c9139492a3019a596a |
kubernetes-client-windows-amd64.tar.gz | 1966eb5dfb78c1bc33aaa6389f32512e3aa92584250a0164182f3566c81d901b59ec78ee4e25df658bc1dd221b5a9527d6ce3b6c487ca3e3c0b319a077caa735 |
filename | sha512 hash |
---|---|
kubernetes-server-linux-amd64.tar.gz | f814d6a3872e4572aa4da297c29def4c1fad8eba0903946780b6bf9788c72b99d71085c5aef9e12c01133b26fa4563c1766ba724ad2a8af2670a24397951a94d |
kubernetes-server-linux-arm.tar.gz | 56aa08225e546c92c2ff88ac57d3db7dd5e63640772ea72a429f080f7069827138cbc206f6f5fe3a0c01bfca043a9eda305ecdc1dcb864649114893e46b6dc84 |
kubernetes-server-linux-arm64.tar.gz | fb87128d905211ba097aa860244a376575ae2edbaca6e51402a24bc2964854b9b273e09df3d31a2bcffc91509f7eecb2118b183fb0e0eb544f33403fa235c274 |
kubernetes-server-linux-ppc64le.tar.gz | 6d21fbf39b9d3a0df9642407d6f698fabdc809aca83af197bceb58a81b25846072f407f8fb7caae2e02dc90912e3e0f5894f062f91bcb69f8c2329625d3dfeb7 |
kubernetes-server-linux-s390x.tar.gz | ddcda4dc360ca97705f71bf2a18ddacd7b7ddf77535b62e699e97a1b2dd24843751313351d0112e238afe69558e8271eba4d27ab77bb67b4b9e3fbde6eec85c9 |
filename | sha512 hash |
---|---|
kubernetes-node-linux-amd64.tar.gz | 78915a9bde35c70c67014f0cea8754849db4f6a84491a3ad9678fd3bc0203e43af5a63cfafe104ae1d56b05ce74893a87a6dcd008d7859e1af6b3bce65425b5d |
kubernetes-node-linux-arm.tar.gz | 3218e811abcb0cb09d80742def339be3916db5e9bbc62c0dc8e6d87085f7e3d9eeed79dea081906f1de78ddd07b7e3acdbd7765fdb838d262bb35602fd1df106 |
kubernetes-node-linux-arm64.tar.gz | fa22de9c4440b8fb27f4e77a5a63c5e1c8aa8aa30bb79eda843b0f40498c21b8c0ad79fff1d841bb9fef53fe20da272506de9a86f81a0b36d028dbeab2e482ce |
kubernetes-node-linux-ppc64le.tar.gz | bbda9b5cc66e8f13d235703b2a85e2c4f02fa16af047be4d27a3e198e11eb11706e4a0fbb6c20978c770b069cd4cd9894b661f09937df9d507411548c36576e0 |
kubernetes-node-linux-s390x.tar.gz | b2ed1eda013069adce2aac00b86d75b84e006cfce9bafac0b5a2bafcb60f8f2cb346b5ea44eafa72d777871abef1ea890eb3a2a05de28968f9316fa88886a8ed |
kubernetes-node-windows-amd64.tar.gz | bd8eb23dba711f31b5148257076b1bbe9629f2a75de213b2c779bd5b29279e9bf22f8bde32f4bc814f4c0cc49e19671eb8b24f4105f0fe2c1490c4b78ec3c704 |
- Bump golang/mock version to v1.3.1 (#87326, @wawa0210)
- fix a bug that orphan revision cannot be adopted and statefulset cannot be synced (#86801, @likakuli)
- Azure storage clients now suppress requests on throttling (#87306, @feiskyer)
- Introduce Alpha field
Immutable
in both Secret and ConfigMap objects to mark their contents as immutable. The implementation is hidden behind feature gateImmutableEphemeralVolumes
(currently in Alpha stage). (#86377, @wojtek-t) - EndpointSlices will now be enabled by default. A new
EndpointSliceProxying
feature gate determines if kube-proxy will use EndpointSlices, this is disabled by default. (#86137, @robscott) - kubeadm upgrades always persist the etcd backup for stacked (#86861, @SataQiu)
- Fix the bug PIP's DNS is deleted if no DNS label service annotation isn't set. (#87246, @nilo19)
- New flag
--show-hidden-metrics-for-version
in kube-controller-manager can be used to show all hidden metrics that deprecated in the previous minor release. (#85281, @RainbowMango) - Azure network and VM clients now suppress requests on throttling (#87122, @feiskyer)
kubectl apply -f <file> --prune -n <namespace>
should prune all resources not defined in the file in the cli specified namespace. (#85613, @MartinKaburu)- Fixes service account token admission error in clusters that do not run the service account token controller (#87029, @liggitt)
- CustomResourceDefinition status fields are no longer required for client validation when submitting manifests. (#87213, @hasheddan)
- All apiservers log request lines in a more greppable format. (#87203, @lavalamp)
- provider/azure: Network security groups can now be in a separate resource group. (#87035, @CecileRobertMichon)
- Cleaned up the output from
kubectl describe CSINode <name>
. (#85283, @huffmanca) - Fixed the following (#84265, @bhagwat070919)
-
- AWS Cloud Provider attempts to delete LoadBalancer security group it didn’t provision
-
- AWS Cloud Provider creates default LoadBalancer security group even if annotation [service.beta.kubernetes.io/aws-load-balancer-security-groups] is present
-
- kubelet: resource metrics endpoint
/metrics/resource/v1alpha1
as well as all metrics under this endpoint have been deprecated. (#86282, @RainbowMango)- Please convert to the following metrics emitted by endpoint
/metrics/resource
: -
- scrape_error --> scrape_error
-
- node_cpu_usage_seconds_total --> node_cpu_usage_seconds
-
- node_memory_working_set_bytes --> node_memory_working_set_bytes
-
- container_cpu_usage_seconds_total --> container_cpu_usage_seconds
-
- container_memory_working_set_bytes --> container_memory_working_set_bytes
-
- scrape_error --> scrape_error
- Please convert to the following metrics emitted by endpoint
- You can now pass "--node-ip ::" to kubelet to indicate that it should autodetect an IPv6 address to use as the node's primary address. (#85850, @danwinship)
- kubeadm: support automatic retry after failing to pull image (#86899, @SataQiu)
- TODO (#87044, @jennybuckley)
- Improved yaml parsing performance (#85458, @cjcullen)
- Fixed a bug which could prevent a provider ID from ever being set for node if an error occurred determining the provider ID when the node was added. (#87043, @zjs)
- fix a regression in kubenet that prevent pods to obtain ip addresses (#85993, @chendotjs)
- Bind kube-dns containers to linux nodes to avoid Windows scheduling (#83358, @wawa0210)
- The following features are unconditionally enabled and the corresponding
--feature-gates
flags have been removed:PodPriority
,TaintNodesByCondition
,ResourceQuotaScopeSelectors
andScheduleDaemonSetPods
(#86210, @draveness) - Bind dns-horizontal containers to linux nodes to avoid Windows scheduling on kubernetes cluster includes linux nodes and windows nodes (#83364, @wawa0210)
- fix kubectl annotate error when local=true is set (#86952, @zhouya0)
- Bug fixes: (#84163, @david-tigera)
- Make sure we include latest packages node #351 (@caseydavenport)
- fix kuebctl apply set-last-applied namespaces error (#86474, @zhouya0)
- Add VolumeBinder method to FrameworkHandle interface, which allows user to get the volume binder when implementing scheduler framework plugins. (#86940, @skilxn-go)
- elasticsearch supports automatically setting the advertise address (#85944, @SataQiu)
- If a serving certificates param specifies a name that is an IP for an SNI certificate, it will have priority for replying to server connections. (#85308, @deads2k)
- kube-proxy: Added dual-stack IPv4/IPv6 support to the iptables proxier. (#82462, @vllry)
- Azure VMSS/VMSSVM clients now suppress requests on throttling (#86740, @feiskyer)
- New metric kubelet_pleg_last_seen_seconds to aid diagnosis of PLEG not healthy issues. (#86251, @bboreham)
- For subprotocol negotiation, both client and server protocol is required now. (#86646, @tedyu)
- kubeadm: use bind-address option to configure the kube-controller-manager and kube-scheduler http probes (#86493, @aojea)
- Marked scheduler's metrics scheduling_algorithm_predicate_evaluation_seconds and (#86584, @xiaoanyunfei)
- scheduling_algorithm_priority_evaluation_seconds as deprecated. Those are replaced by framework_extension_point_duration_seconds[extenstion_point="Filter"] and framework_extension_point_duration_seconds[extenstion_point="Score"] respectively.
- Marked scheduler's scheduling_duration_seconds Summary metric as deprecated (#86586, @xiaoanyunfei)
- Add instructions about how to bring up e2e test cluster (#85836, @YangLu1031)
- If a required flag is not provided to a command, the user will only see the required flag error message, instead of the entire usage menu. (#86693, @sallyom)
- kubeadm: tolerate whitespace when validating certificate authority PEM data in kubeconfig files (#86705, @neolit123)
- kubeadm: add support for the "ci/k8s-master" version label as a replacement for "ci-cross/*", which no longer exists. (#86609, @Pensu)
- Fix EndpointSlice controller race condition and ensure that it handles external changes to EndpointSlices. (#85703, @robscott)
- Fix nil pointer dereference in azure cloud provider (#85975, @ldx)
- fix: azure disk could not mounted on Standard_DC4s/DC2s instances (#86612, @andyzhangx)
- Fixes v1.17.0 regression in --service-cluster-ip-range handling with IPv4 ranges larger than 65536 IP addresses (#86534, @liggitt)
- Adds back support for AlwaysCheckAllPredicates flag. (#86496, @ahg-g)
- Azure global rate limit is switched to per-client. A set of new rate limit configure options are introduced, including routeRateLimit, SubnetsRateLimit, InterfaceRateLimit, RouteTableRateLimit, LoadBalancerRateLimit, PublicIPAddressRateLimit, SecurityGroupRateLimit, VirtualMachineRateLimit, StorageAccountRateLimit, DiskRateLimit, SnapshotRateLimit, VirtualMachineScaleSetRateLimit and VirtualMachineSizeRateLimit. (#86515, @feiskyer)
- The original rate limit options would be default values for those new client's rate limiter.
- Fix issue #85805 about resource not found in azure cloud provider when lb specified in other resource group. (#86502, @levimm)
AlwaysCheckAllPredicates
is deprecated in scheduler Policy API. (#86369, @Huang-Wei)- Kubernetes KMS provider for data encryption now supports disabling the in-memory data encryption key (DEK) cache by setting cachesize to a negative value. (#86294, @enj)
- option
preConfiguredBackendPoolLoadBalancerTypes
is added to azure cloud provider for the pre-configured load balancers, possible values:""
,"internal"
, "external",
"all"` (#86338, @gossion) - Promote StartupProbe to beta for 1.18 release (#83437, @matthyx)
- Fixes issue where AAD token obtained by kubectl is incompatible with on-behalf-of flow and oidc. (#86412, @weinong)
- The audience claim before this fix has "spn:" prefix. After this fix, "spn:" prefix is omitted.
- change CounterVec to Counter about PLEGDiscardEvent (#86167, @yiyang5055)
- hollow-node do not use remote CRI anymore (#86425, @jkaniuk)
- hollow-node use fake CRI (#85879, @gongguan)
filename | sha512 hash |
---|---|
kubernetes.tar.gz | 0c4904efc7f4f1436119c91dc1b6c93b3bd9c7490362a394bff10099c18e1e7600c4f6e2fcbaeb2d342a36c4b20692715cf7aa8ada6dfac369f44cc9292529d7 |
kubernetes-src.tar.gz | 0a50fc6816c730ca5ae4c4f26d5ad7b049607d29f6a782a4e5b4b05ac50e016486e269dafcc6a163bd15e1a192780a9a987f1bb959696993641c603ed1e841c8 |
filename | sha512 hash |
---|---|
kubernetes-client-darwin-386.tar.gz | c6d75f7f3f20bef17fc7564a619b54e6f4a673d041b7c9ec93663763a1cc8dd16aecd7a2af70e8d54825a0eecb9762cf2edfdade840604c9a32ecd9cc2d5ac3c |
kubernetes-client-darwin-amd64.tar.gz | ca1f19db289933beace6daee6fc30af19b0e260634ef6e89f773464a05e24551c791be58b67da7a7e2a863e28b7cbcc7b24b6b9bf467113c26da76ac8f54fdb6 |
kubernetes-client-linux-386.tar.gz | af2e673653eb39c3f24a54efc68e1055f9258bdf6cf8fea42faf42c05abefc2da853f42faac3b166c37e2a7533020b8993b98c0d6d80a5b66f39e91d8ae0a3fb |
kubernetes-client-linux-amd64.tar.gz | 9009032c3f94ac8a78c1322a28e16644ce3b20989eb762685a1819148aed6e883ca8e1200e5ec37ec0853f115c67e09b5d697d6cf5d4c45f653788a2d3a2f84f |
kubernetes-client-linux-arm.tar.gz | afba9595b37a3f2eead6e3418573f7ce093b55467dce4da0b8de860028576b96b837a2fd942f9c276e965da694e31fbd523eeb39aefb902d7e7a2f169344d271 |
kubernetes-client-linux-arm64.tar.gz | 04fc3b2fe3f271807f0bc6c61be52456f26a1af904964400be819b7914519edc72cbab9afab2bb2e2ba1a108963079367cedfb253c9364c0175d1fcc64d52f5c |
kubernetes-client-linux-ppc64le.tar.gz | 04c7edab874b33175ff7bebfff5b3a032bc6eb088fcd7387ffcd5b3fa71395ca8c5f9427b7ddb496e92087dfdb09eaf14a46e9513071d3bd73df76c182922d38 |
kubernetes-client-linux-s390x.tar.gz | 499287dbbc33399a37b9f3b35e0124ff20b17b6619f25a207ee9c606ef261af61fa0c328dde18c7ce2d3dfb2eea2376623bc3425d16bc8515932a68b44f8bede |
kubernetes-client-windows-386.tar.gz | cf84aeddf00f126fb13c0436b116dd0464a625659e44c84bf863517db0406afb4eefd86807e7543c4f96006d275772fbf66214ae7d582db5865c84ac3545b3e6 |
kubernetes-client-windows-amd64.tar.gz | 69f20558ccd5cd6dbaccf29307210db4e687af21f6d71f68c69d3a39766862686ac1333ab8a5012010ca5c5e3c11676b45e498e3d4c38773da7d24bcefc46d95 |
filename | sha512 hash |
---|---|
kubernetes-server-linux-amd64.tar.gz | 3f29df2ce904a0f10db4c1d7a425a36f420867b595da3fa158ae430bfead90def2f2139f51425b349faa8a9303dcf20ea01657cb6ea28eb6ad64f5bb32ce2ed1 |
kubernetes-server-linux-arm.tar.gz | 4a21073b2273d721fbf062c254840be5c8471a010bcc0c731b101729e36e61f637cb7fcb521a22e8d24808510242f4fff8a6ca40f10e9acd849c2a47bf135f27 |
kubernetes-server-linux-arm64.tar.gz | 7f1cb6d721bedc90e28b16f99bea7e59f5ad6267c31ef39c14d34db6ad6aad87ee51d2acdd01b6903307c1c00b58ff6b785a03d5a491cc3f8a4df9a1d76d406c |
kubernetes-server-linux-ppc64le.tar.gz | 8f2b552030b5274b1c2c7c166eacd5a14b0c6ca0f23042f4c52efe87e22a167ba4460dcd66615a5ecd26d9e88336be1fb555548392e70efe59070dd2c314da98 |
kubernetes-server-linux-s390x.tar.gz | 8d9f2c96f66edafb7c8b3aa90960d29b41471743842aede6b47b3b2e61f4306fb6fc60b9ebc18820c547ee200bfedfe254c1cde962d447c791097dd30e79abdb |
filename | sha512 hash |
---|---|
kubernetes-node-linux-amd64.tar.gz | 84194cb081d1502f8ca68143569f9707d96f1a28fcf0c574ebd203321463a8b605f67bb2a365eaffb14fbeb8d55c8d3fa17431780b242fb9cba3a14426a0cd4a |
kubernetes-node-linux-arm.tar.gz | 0091e108ab94fd8683b89c597c4fdc2fbf4920b007cfcd5297072c44bc3a230dfe5ceed16473e15c3e6cf5edab866d7004b53edab95be0400cc60e009eee0d9d |
kubernetes-node-linux-arm64.tar.gz | b7e85682cc2848a35d52fd6f01c247f039ee1b5dd03345713821ea10a7fa9939b944f91087baae95eaa0665d11857c1b81c454f720add077287b091f9f19e5d3 |
kubernetes-node-linux-ppc64le.tar.gz | cd1f0849e9c62b5d2c93ff0cebf58843e178d8a88317f45f76de0db5ae020b8027e9503a5fccc96445184e0d77ecdf6f57787176ac31dbcbd01323cd0a190cbb |
kubernetes-node-linux-s390x.tar.gz | e1e697a34424c75d75415b613b81c8af5f64384226c5152d869f12fd7db1a3e25724975b73fa3d89e56e4bf78d5fd07e68a709ba8566f53691ba6a88addc79ea |
kubernetes-node-windows-amd64.tar.gz | c725a19a4013c74e22383ad3fb4cb799b3e161c4318fdad066daf806730a89bc3be3ff0f75678d02b3cbe52b2ef0c411c0639968e200b9df470be40bb2c015cc |
- action required (#85363, @immutableT)
-
- Currently, if users were to explicitly specify CacheSize of 0 for KMS provider, they would end-up with a provider that caches up to 1000 keys. This PR changes this behavior.
- Post this PR, when users supply 0 for CacheSize this will result in a validation error.
-
- CacheSize type was changed from int32 to *int32. This allows defaulting logic to differentiate between cases where users explicitly supplied 0 vs. not supplied any value.
-
- KMS Provider's endpoint (path to Unix socket) is now validated when the EncryptionConfiguration files is loaded. This used to be handled by the GRPCService.
-
- fix: azure data disk should use same key as os disk by default (#86351, @andyzhangx)
- New flag
--show-hidden-metrics-for-version
in kube-proxy can be used to show all hidden metrics that deprecated in the previous minor release. (#85279, @RainbowMango) - Remove cluster-monitoring addon (#85512, @serathius)
- Changed core_pattern on COS nodes to be an absolute path. (#86329, @mml)
- Track mount operations as uncertain if operation fails with non-final error (#82492, @gnufied)
- add kube-proxy flags --ipvs-tcp-timeout, --ipvs-tcpfin-timeout, --ipvs-udp-timeout to configure IPVS connection timeouts. (#85517, @andrewsykim)
- The sample-apiserver aggregated conformance test has updated to use the Kubernetes v1.17.0 sample apiserver (#84735, @liggitt)
- The underlying format of the
CPUManager
state file has changed. Upgrades should be seamless, but any third-party tools that rely on reading the previous format need to be updated. (#84462, @klueska) - kubernetes will try to acquire the iptables lock every 100 msec during 5 seconds instead of every second. This specially useful for environments using kube-proxy in iptables mode with a high churn rate of services. (#85771, @aojea)
- Fixed a panic in the kubelet cleaning up pod volumes (#86277, @tedyu)
- azure cloud provider cache TTL is configurable, list of the azure cloud provider is as following: (#86266, @zqingqing1)
-
- "availabilitySetNodesCacheTTLInSeconds"
-
- "vmssCacheTTLInSeconds"
-
- "vmssVirtualMachinesCacheTTLInSeconds"
-
- "vmCacheTTLInSeconds"
-
- "loadBalancerCacheTTLInSeconds"
-
- "nsgCacheTTLInSeconds"
-
- "routeTableCacheTTLInSeconds"
-
- Fixes kube-proxy when EndpointSlice feature gate is enabled on Windows. (#86016, @robscott)
- Fixes wrong validation result of NetworkPolicy PolicyTypes (#85747, @tnqn)
- Fixes an issue with kubelet-reported pod status on deleted/recreated pods. (#86320, @liggitt)
- kube-apiserver no longer serves the following deprecated APIs: (#85903, @liggitt)
* All resources under
apps/v1beta1
andapps/v1beta2
- useapps/v1
instead *daemonsets
,deployments
,replicasets
resources underextensions/v1beta1
- useapps/v1
instead *networkpolicies
resources underextensions/v1beta1
- usenetworking.k8s.io/v1
instead *podsecuritypolicies
resources underextensions/v1beta1
- usepolicy/v1beta1
instead - kubeadm: fix potential panic when executing "kubeadm reset" with a corrupted kubelet.conf file (#86216, @neolit123)
- Fix a bug in port-forward: named port not working with service (#85511, @oke-py)
- kube-proxy no longer modifies shared EndpointSlices. (#86092, @robscott)
- allow for configuration of CoreDNS replica count (#85837, @pickledrick)
- Fixed a regression where the kubelet would fail to update the ready status of pods. (#84951, @tedyu)
- Resolves performance regression in client-go discovery clients constructed using
NewDiscoveryClientForConfig
orNewDiscoveryClientForConfigOrDie
. (#86168, @liggitt) - Make error message and service event message more clear (#86078, @feiskyer)
- e2e-test-framework: add e2e test namespace dump if all tests succeed but the cleanup fails. (#85542, @schrodit)
- SafeSysctlWhitelist: add net.ipv4.ping_group_range (#85463, @AkihiroSuda)
- kubelet: the metric process_start_time_seconds be marked as with the ALPHA stability level. (#85446, @RainbowMango)
- API request throttling (due to a high rate of requests) is now reported in the kubelet (and other component) logs by default. The messages are of the form (#80649, @RobertKrawitz)
- Throttling request took 1.50705208s, request: GET:
- The presence of large numbers of these messages, particularly with long delay times, may indicate to the administrator the need to tune the cluster accordingly.
- Fix API Server potential memory leak issue in processing watch request. (#85410, @answer1991)
- Verify kubelet & kube-proxy can recover after being killed on Windows nodes (#84886, @YangLu1031)
- Fixed an issue that the scheduler only returns the first failure reason. (#86022, @Huang-Wei)
- kubectl/drain: add skip-wait-for-delete-timeout option. (#85577, @michaelgugino)
- If pod DeletionTimestamp older than N seconds, skip waiting for the pod. Seconds must be greater than 0 to skip.
- Following metrics have been turned off: (#83841, @RainbowMango)
-
- kubelet_pod_worker_latency_microseconds
-
- kubelet_pod_start_latency_microseconds
-
- kubelet_cgroup_manager_latency_microseconds
-
- kubelet_pod_worker_start_latency_microseconds
-
- kubelet_pleg_relist_latency_microseconds
-
- kubelet_pleg_relist_interval_microseconds
-
- kubelet_eviction_stats_age_microseconds
-
- kubelet_runtime_operations
-
- kubelet_runtime_operations_latency_microseconds
-
- kubelet_runtime_operations_errors
-
- kubelet_device_plugin_registration_count
-
- kubelet_device_plugin_alloc_latency_microseconds
-
- kubelet_docker_operations
-
- kubelet_docker_operations_latency_microseconds
-
- kubelet_docker_operations_errors
-
- kubelet_docker_operations_timeout
-
- network_plugin_operations_latency_microseconds
-
-
- Renamed Kubelet metric certificate_manager_server_expiration_seconds to certificate_manager_server_ttl_seconds and changed to report the second until expiration at read time rather than absolute time of expiry. (#85874, @sambdavidson)
-
- Improved accuracy of Kubelet metric rest_client_exec_plugin_ttl_seconds.
-
- Renamed Kubelet metric certificate_manager_server_expiration_seconds to certificate_manager_server_ttl_seconds and changed to report the second until expiration at read time rather than absolute time of expiry. (#85874, @sambdavidson)
- Bind metadata-agent containers to linux nodes to avoid Windows scheduling on kubernetes cluster includes linux nodes and windows nodes (#83363, @wawa0210)
- Bind metrics-server containers to linux nodes to avoid Windows scheduling on kubernetes cluster includes linux nodes and windows nodes (#83362, @wawa0210)
- During initialization phase (preflight), kubeadm now verifies the presence of the conntrack executable (#85857, @hnanni)
- VMSS cache is added so that less chances of VMSS GET throttling (#85885, @nilo19)
- Update go-winio module version from 0.4.11 to 0.4.14 (#85739, @wawa0210)
- Fix LoadBalancer rule checking so that no unexpected LoadBalancer updates are made (#85990, @feiskyer)
- kubectl drain node --dry-run will list pods that would be evicted or deleted (#82660, @sallyom)
- Windows nodes on GCE can use TPM-based authentication to the master. (#85466, @pjh)
- kubectl/drain: add disable-eviction option. (#85571, @michaelgugino)
- Force drain to use delete, even if eviction is supported. This will bypass checking PodDisruptionBudgets, and should be used with caution.
- kubeadm now errors out whenever a not supported component config version is supplied for the kubelet and kube-proxy (#85639, @rosti)
- Fixed issue with addon-resizer using deprecated extensions APIs (#85793, @bskiba)
- Includes FSType when describing CSI persistent volumes. (#85293, @huffmanca)
- kubelet now exports a "server_expiration_renew_failure" and "client_expiration_renew_failure" metric counter if the certificate rotations cannot be performed. (#84614, @rphillips)
- kubeadm: don't write the kubelet environment file on "upgrade apply" (#85412, @boluisa)
- fix azure file AuthorizationFailure (#85475, @andyzhangx)
- Resolved regression in admission, authentication, and authorization webhook performance in v1.17.0-rc.1 (#85810, @liggitt)
- kubeadm: uses the apiserver AdvertiseAddress IP family to choose the etcd endpoint IP family for non external etcd clusters (#85745, @aojea)
- kubeadm: Forward cluster name to the controller-manager arguments (#85817, @ereslibre)
- Fixed "requested device X but found Y" attach error on AWS. (#85675, @jsafrane)
- addons: elasticsearch discovery supports IPv6 (#85543, @SataQiu)
- kubeadm: retry
kubeadm-config
ConfigMap creation or mutation if the apiserver is not responding. This will improve resiliency when joining new control plane nodes. (#85763, @ereslibre) - Update Cluster Autoscaler to 1.17.0; changelog: https://github.com/kubernetes/autoscaler/releases/tag/cluster-autoscaler-1.17.0 (#85610, @losipiuk)
- Filter published OpenAPI schema by making nullable, required fields non-required in order to avoid kubectl to wrongly reject null values. (#85722, @sttts)
- kubectl set resources will no longer return an error if passed an empty change for a resource. (#85490, @sallyom)
- kubectl set subject will no longer return an error if passed an empty change for a resource.
- kube-apiserver: fixed a conflict error encountered attempting to delete a pod with gracePeriodSeconds=0 and a resourceVersion precondition (#85516, @michaelgugino)
- kubeadm: add a upgrade health check that deploys a Job (#81319, @neolit123)
- kubeadm: make sure images are pre-pulled even if a tag did not change but their contents changed (#85603, @bart0sh)
- kube-apiserver: Fixes a bug that hidden metrics can not be enabled by the command-line option
--show-hidden-metrics-for-version
. (#85444, @RainbowMango) - kubeadm now supports automatic calculations of dual-stack node cidr masks to kube-controller-manager. (#85609, @Arvinderpal)
- Fix bug where EndpointSlice controller would attempt to modify shared objects. (#85368, @robscott)
- Use context to check client closed instead of http.CloseNotifier in processing watch request which will reduce 1 goroutine for each request if proto is HTTP/2.x . (#85408, @answer1991)
- kubeadm: reset raises warnings if it cannot delete folders (#85265, @SataQiu)
- Wait for kubelet & kube-proxy to be ready on Windows node within 10s (#85228, @YangLu1031)