Skip to content

Latest commit

 

History

History
523 lines (454 loc) · 74.8 KB

CHANGELOG-1.15.md

File metadata and controls

523 lines (454 loc) · 74.8 KB

v1.15.0-beta.1

Documentation

Downloads for v1.15.0-beta.1

filename sha512 hash
kubernetes.tar.gz c0dcbe90feaa665613a6a1ca99c1ab68d9174c5bcd3965ff9b8d9bad345dfa9e5eaa04a544262e3648438c852c5ce2c7ae34caecebefdb06091747a23098571c
kubernetes-src.tar.gz b79bc690792e0fbc380e47d6708250211a4e742d306fb433a1b6b50d5cea79227d4e836127f33791fb29c9a228171cd48e11bead624c8401818db03c6dc8b310

Client Binaries

filename sha512 hash
kubernetes-client-darwin-386.tar.gz b79ca71cf048515084cffd9459153e6ad4898f123fda1b6aa158e5b59033e97f3b4eb1a5563c0bfe4775d56a5dc58d651d5275710b9b250db18d60cc945ea992
kubernetes-client-darwin-amd64.tar.gz 699a76b03ad3d1a38bd7e1ffb7765526cc33fb40b0e7dc0a782de3e9473e0e0d8b61a876c0d4e724450c3f2a6c2e91287eefae1c34982c84b5c76a598fbbca2c
kubernetes-client-linux-386.tar.gz 5fa8bc2cbd6c9f6a8c9fe3fa96cad85f98e2d21132333ab7068b73d2c7cd27a7ebe1384fef22fdfdb755f635554efca850fe154f9f272e505a5f594f86ffadff
kubernetes-client-linux-amd64.tar.gz 3dfbd496cd8bf9348fd2532f4c0360fe58ddfaab9d751f81cfbf9d9ddb8a347e004a9af84578aaa69bb8ee1f8cfc7adc5fd1864a32261dff94dd5a59e5f94c00
kubernetes-client-linux-arm.tar.gz 4abcac1fa5c1ca5e9d245e87ca6f601f7013b6a7e9a9d8dae7b322e62c8332e94f0ab63db71c0c2a535eb45bf2da51055ca5311768b8e927a0766ad99f727a72
kubernetes-client-linux-arm64.tar.gz 22e2d6fc8eb1f64528215901c7cc8a016dda824557667199b9c9d5478f163962240426ef2a518e3981126be82a1da01cf585b1bf08d9fd2933a370beaef8d766
kubernetes-client-linux-ppc64le.tar.gz 8d6f283020d76382e00b9e96f1c880654196aead67f17285ad1faf7ca7d1d2c2776e30deb9b67cee516f0efa8c260026925924ea7655881f9d75e9e5a4b8a9b7
kubernetes-client-linux-s390x.tar.gz 3320edd26be88e9ba60b5fbb326a0e42934255bb8f1c2774eb2d309318e6dbd45d8f7162d741b7b8c056c1c0f2b943dd9939bcdde2ada80c6d9de3843e35aefe
kubernetes-client-windows-386.tar.gz 951d1c9b2e68615b6f26b85e27895a6dfea948b7e4c566e27b11fde8f32592f28de569bb9723136d830548f65018b9e9df8bf29823828778796568bff7f38c36
kubernetes-client-windows-amd64.tar.gz 2f049941d3902b2915bea5430a29254ac0936e4890c742162993ad13a6e6e3e5b6a40cd3fc4cfd406c55eba5112b55942e6c85e5f6a5aa83d0e85853ccccb130

Server Binaries

filename sha512 hash
kubernetes-server-linux-amd64.tar.gz 9049dc0680cb96245473422bb2c5c6ca8b1930d7e0256d993001f5de95f4c9980ded018d189b69d90c66a09af93152aa2823182ae0f3cbed72fb66a1e13a9d8c
kubernetes-server-linux-arm.tar.gz 38f08b9e78ea3cbe72b473cda1cd48352ee879ce0cd414c0decf2abce63bab6bdf8dc05639990c84c63faf215c581f580aadd1d73be4be233ff5c87b636184b9
kubernetes-server-linux-arm64.tar.gz 6cd0166162fc13c9d47cb441e8dd3ff21fae6d2417d3eb780b24ebcd615ac0841ec0602e746371dc62b8bddebf94989a7e075d96718c3989dc1c12adbe366cf9
kubernetes-server-linux-ppc64le.tar.gz 79570f97383f102be77478a4bc19d0d2c2551717c5f37e8aa159a0889590fc2ac0726d4899a0d9bc33e8c9e701290114222c468a76b755dc2604b113ab992ef3
kubernetes-server-linux-s390x.tar.gz 7e1371631373407c3a1b231d09610d1029d1981026f02206a11fd58471287400809523b91de578eb26ca77a7fe4a86dcc32e225c797642733188ad043600f82e

Node Binaries

filename sha512 hash
kubernetes-node-linux-amd64.tar.gz 819bc76079474791d468a2945c9d0858f066a54b54fcc8a84e3f9827707d6f52f9c2abcf9ea7a2dd3f68852f9bd483b8773b979c46c60e5506dc93baab3bb067
kubernetes-node-linux-arm.tar.gz 1054e793d5a38ac0616cc3e56c85053beda3f39bc3dad965d73397756e3d78ea07d1208b0fdd5f8e9e6a10f75da017100ef6b04fdb650983262eaad682d84c38
kubernetes-node-linux-arm64.tar.gz 8357b8ee1ff5b2705fea1f70fdb3a10cb09ed1e48ee0507032dbadfb68b44b3c11c0c796541e6e0bbf010b20040871ca91f8edb4756d6596999092ca4931a540
kubernetes-node-linux-ppc64le.tar.gz cf62d7a660dd16ee56717a786c04b457478bf51f262fefa2d1500035ccf5bb7cc605f16ef331852f5023671d61b7c3ef348c148288c5c41fb4e309679fa51265
kubernetes-node-linux-s390x.tar.gz 60f3eb8bfe3694f5def28661c62b67a56fb5d9efad7cfeb5dc7e76f8a15be625ac123e8ee0ac543a4464a400fca3851731d41418409d385ef8ff99156b816b0c
kubernetes-node-windows-amd64.tar.gz 66fb625fd68a9b754e63a3e1369a21e6d2116120b5dc5aae837896f21072ce4c03d96507b66e6a239f720abcf742adef6d06d85e19bebf935d4927cccdc6817d

Changelog since v1.15.0-alpha.3

Action Required

  • ACTION REQUIRED: Deprecated Kubelet security controls AllowPrivileged, HostNetworkSources, HostPIDSources, HostIPCSources have been removed. Enforcement of these restrictions should be done through admission control instead (e.g. PodSecurityPolicy). (#77820, @dims)
    • ACTION REQUIRED: The deprecated Kubelet flag --allow-privileged has been removed. Remove any use of --allow-privileged from your kubelet scripts or manifests.
  • Fix public IPs issues when multiple clusters are sharing the same resource group. (#77630, @feiskyer)
    • action required:
      • If the cluster is upgraded from old releases and the same resource group would be shared by multiple clusters, please recreate those LoadBalancer services or add a new tag 'kubernetes-cluster-name: ' manually for existing public IPs.
      • For multiple clusters sharing the same resource group, they should be configured with different cluster name by kube-controller-manager --cluster-name=<cluster-name>

Other notable changes

  • fix azure retry issue when return 2XX with error (#78298, @andyzhangx)
  • The dockershim container runtime now accepts the docker runtime handler from a RuntimeClass. (#78323, @tallclair)
  • GCE: Disable the Windows defender to work around a bug that could cause nodes to crash and reboot (#78272, @yujuhong)
  • The CustomResourcePublishOpenAPI feature is now beta and enabled by default. CustomResourceDefinitions with structural schemas now publish schemas in the OpenAPI document served at /openapi/v2. CustomResourceDefinitions with non-structural schemas have a NonStructuralSchema condition added with details about what needs to be corrected in the validation schema. (#77825, @roycaihw)
  • kubeadm's ignored pre-flight errors can now be configured via InitConfiguration and JoinConfiguration. (#75499, @marccarre)
  • Fix broken detection of non-root image user ID (#78261, @tallclair)
  • kubelet: fix fail to close kubelet->API connections on heartbeat failure when bootstrapping or client certificate rotation is disabled (#78016, @gaorong)
  • remove vmsizelist call in azure disk GetVolumeLimits which happens in kubelet finally (#77851, @andyzhangx)
  • reverts an aws-ebs volume provisioner optimization as we need to further discuss a viable optimization (#78200, @zhan849)
  • API changes and deprecating the use of special annotations for Windows GMSA support (version beta) (#75459, @wk8)
  • apiextensions: publish (only) structural OpenAPI schemas (#77554, @sttts)
  • Set selinux label at plugin socket directory (#73241, @vikaschoudhary16)
  • Fix a bug that causes DaemonSet rolling update to hang when its pod gets stuck at terminating. (#77773, @DaiHao)
  • Kubeadm: a new command kubeadm alpha certs check-expiration was created in order to help users in managing expiration for local PKI certificates (#77863, @fabriziopandini)
  • kubeadm: fix a bug related to volume unmount if the kubelet run directory is a symbolic link (#77507, @cuericlee)
  • n/a (#78059, @figo)
  • Add configuration options for the scheduling framework and its plugins. (#77501, @JieJhih)
  • Publish DeleteOptions parameters for deletecollection endpoints in OpenAPI spec (#77843, @roycaihw)
  • CoreDNS is now version 1.5.0 (#78030, @rajansandeep)
    • - A `ready` plugin has been included to report pod readiness
      
    • - The `proxy` plugin has been deprecated. The `forward` plugin is to be used instead.
      
    • - CoreDNS fixes the logging now that kubernetes’ client lib switched to klog from glog.
      
  • Upgrade Azure network API version to 2018-07-01, so that EnableTcpReset could be enabled on Azure standard loadbalancer (SLB). (#78012, @feiskyer)
  • Fixed a scheduler racing issue to ensure low priority pods to be unschedulable on the node(s) where high priority pods have NominatedNodeName set to the node(s). (#77990, @Huang-Wei)
  • Support starting Kubernetes on GCE using containerd in COS and Ubuntu with KUBE_CONTAINER_RUNTIME=containerd. (#77889, @Random-Liu)
  • DelayingQueue.ShutDown() is now able to be invoked multiple times without causing a closed channel panic. (#77170, @smarterclayton)
  • For admission webhooks registered for DELETE operations on k8s built APIs or CRDs, the apiserver now sends the existing object as admissionRequest.Request.OldObject to the webhook. (#76346, @caesarxuchao)
    • For custom apiservers they uses the generic registry in the apiserver library, they get this behavior automatically.
  • Expose CSI volume stats via kubelet volume metrics (#76188, @humblec)
  • Active watches of custom resources now terminate properly if the CRD is modified. (#78029, @liggitt)
  • Add CRD spec.preserveUnknownFields boolean, defaulting to true in v1beta1 and to false in v1 CRDs. If false, fields not specified in the validation schema will be removed when sent to the API server or when read from etcd. (#77333, @sttts)
  • Updates that remove remaining metadata.finalizers from an object that is pending deletion (non-nil metadata.deletionTimestamp) and has no graceful deletion pending (nil or 0 metadata.deletionGracePeriodSeconds) now results in immediate deletion of the object. (#77952, @liggitt)
  • Deprecates the kubeadm config upload command as it's replacement is now graduated. Please see kubeadm init phase upload-config (#77946, @Klaven)
  • k8s.io/client-go/dynamic/dynamicinformer.NewFilteredDynamicSharedInformerFactory now honours namespace argument (#77945, @michaelfig)
  • kubectl rollout restart now works for daemonsets and statefulsets. (#77423, @apelisse)
  • Fix incorrect azuredisk lun error (#77912, @andyzhangx)
  • Kubelet could be run with no Azure identity now. A sample cloud provider configure is: {"vmType": "vmss", "useInstanceMetadata": true} (#77906, @feiskyer)
  • client-go and kubectl no longer write cached discovery files with world-accessible file permissions (#77874, @yuchengwu)
  • kubeadm: expose the kubeadm reset command as phases (#77847, @yagonobre)
  • kubeadm: kubeadm alpha certs renew --csr-only now reads the current certificates as the authoritative source for certificates attributes (same as kubeadm alpha certs renew) (#77780, @fabriziopandini)
  • Support "queue-sort" extension point for scheduling framework (#77529, @draveness)
  • Allow init container to get its own field value as environment variable values(downwardAPI spport) (#75109, @yuchengwu)
  • The metric kube_proxy_sync_proxy_rules_last_timestamp_seconds is now available, indicating the last time that kube-proxy successfully applied proxying rules. (#74027, @squeed)
  • Fix panic logspam when running kubelet in standalone mode. (#77888, @tallclair)
  • consume the AWS region list from the AWS SDK instead of a hard-coded list in the cloud provider (#75990, @mcrute)
  • Add Option field to the admission webhook AdmissionReview API that provides the operation options (e.g. DeleteOption or CreateOption) for the operation being performed. (#77563, @jpbetz)
  • Fix bug where cloud-controller-manager initializes nodes multiple times (#75405, @tghartland)
  • Fixed a transient error API requests for custom resources could encounter while changes to the CustomResourceDefinition were being applied. (#77816, @liggitt)
  • Fix kubectl exec usage string (#77589, @soltysh)
  • CRD validation schemas should not specify metadata fields other than name and generateName. A schema will not be considered structural (and therefore ready for future features) if metadata is specified in any other way. (#77653, @sttts)
  • Implement Permit extension point of the scheduling framework. (#77559, @ahg-g)
  • Fixed a bug in the apiserver storage that could cause just-added finalizers to be ignored on an immediately following delete request, leading to premature deletion. (#77619, @caesarxuchao)
  • add operation name for vm/vmss update operations in prometheus metrics (#77491, @andyzhangx)
  • fix incorrect prometheus azure metrics (#77722, @andyzhangx)
  • Clients may now request that API objects are converted to the v1.Table and v1.PartialObjectMetadata forms for generic access to objects. (#77448, @smarterclayton)
  • ingress: Update in-tree Ingress controllers, examples, and clients to target networking.k8s.io/v1beta1 (#77617, @cmluciano)
  • util/initsystem: add support for the OpenRC init system (#73101, @oz123)
  • Signal handling is initialized within hyperkube commands that require it (apiserver, kubelet) (#76659, @S-Chan)
  • Fix some service tags not supported issues for Azure LoadBalancer service (#77719, @feiskyer)
  • Add Un-reserve extension point for the scheduling framework. (#77598, @danielqsj)
  • Once merged, legacy cloud providers unit tests will run as part of ci, just as they were before they move from ./pkg/cloudproviders/providers (#77704, @khenidak)
  • Check if container memory stats are available before accessing it (#77656, @yastij)
  • Add a field to store CSI volume expansion secrets (#77516, @gnufied)
  • Add a condition NonStructuralSchema to CustomResourceDefinition listing Structural Schema violations as defined in KEP https://github.com/kubernetes/enhancements/blob/master/keps/sig-api-machinery/20190425-structural-openapi.md. CRD authors should update their validation schemas to be structural in order to participate in future CRD features. (#77207, @sttts)
  • NONE (#74314, @oomichi)
  • Update to use go 1.12.5 (#77528, @cblecker)
  • Fix race conditions for Azure loadbalancer and route updates. (#77490, @feiskyer)
  • remove VM API call dep in azure disk WaitForAttach (#77483, @andyzhangx)
  • N/A (#77425, @figo)
  • Fix TestEventChannelFull random fail (#76603, @changyaowei)
  • aws-cloud-provider service account in the kube-system namespace need to be granted with list node permission with this optimization (#76976, @zhan849)
  • Remove hyperkube short aliases from source code, Because hyperkube docker image currently create these aliases. (#76953, @Rand01ph)
  • Allow to define kubeconfig file for OpenStack cloud provider. (#77415, @Fedosin)
  • API servers using the default Google Compute Engine bootstrapping scripts will have their insecure port (:8080) disabled by default. To enable the insecure port, set ENABLE_APISERVER_INSECURE_PORT=true in kube-env or as an environment variable. (#77447, @dekkagaijin)
  • GCE clusters will include some IP ranges that are not in used on the public Internet to the list of non-masq IPs. (#77458, @grayluck)
    • Bump ip-masq-agent version to v2.3.0 with flag nomasq-all-reserved-ranges turned on.
  • Implement un-reserve extension point for the scheduling framework. (#77457, @danielqsj)
  • If a pod has a running instance, the stats of its previously terminated instances will not show up in the kubelet summary stats any more for CRI runtimes like containerd and cri-o. (#77426, @Random-Liu)
    • This keeps the behavior consistent with Docker integration, and fixes an issue that some container Prometheus metrics don't work when there are summary stats for multiple instances of the same pod.
  • Limit use of tags when calling EC2 API to prevent API throttling for very large clusters (#76749, @mcrute)
  • When specifying an invalid value for a label, it was not always (#77144, @kenegozi)
    • clear which label the value was specified for. Starting with this release, the
    • label's key is included in such error messages, which makes debugging easier.

v1.15.0-alpha.3

Documentation

Downloads for v1.15.0-alpha.3

filename sha512 hash
kubernetes.tar.gz 88d9ced283324136e9230a0c92ad9ade10d1f52d095d5a3f9827a1ebe0cf87b5edf713cff9093cc5c61311282fe861b7c02d1da62a6ba74e2c19584e5d6084a6
kubernetes-src.tar.gz c6cfe656825da66e863cd08887b3ce4374e3dae0448e33c77f960aec168c1cbad46e2485ddb9dc00f0733b4464f1e8c6e20f333097f43848decc07576ffb8d69

Client Binaries

filename sha512 hash
kubernetes-client-darwin-386.tar.gz 9df574b99dd03b15c784afa0bf91e826d687c5a2c7279878ddc9489e5542b2b24da5dc876eb01da0182dd4dabfda3b427875dcde16a99478923e9f74233640c1
kubernetes-client-darwin-amd64.tar.gz bd8ac74d57e2c5dbfb36a8a3f79802a85393d914c0f513f83395f4b951a41d58ef23081d67edd1dacc039ef29bc761dcd17787b3315954f7460e15a15150dd5e
kubernetes-client-linux-386.tar.gz 8ffecc41f973564b18ee6ee0cf3d2c553e9f4649b13e99dc92f427a3861b04c599e94b14ecab8b3f6018cc1248dec72cd0318c41a5d51364961cf14c8667b89c
kubernetes-client-linux-amd64.tar.gz 8c62df3e8f02d0fe6388f82cf3af32c592783a012744b0595e5ae66097643dc6e28171322d69c1cd7e30c6b411f6f2b727728a503aec8f9d0c7cfdee44f307f5
kubernetes-client-linux-arm.tar.gz 6e411c605778e2a079971bfe6f066bd834dcaa13a6e1369d1a5064cc16a95aee8e6b07197522e4ef83d40692869dbd1b082a784102cad8168375202db773ce80
kubernetes-client-linux-arm64.tar.gz 52daf658b97c66bf67b24ad45adf27e70cf8e721e616250bef06c8d4d4b6e0820647b337c38eec2673d440c2578989ba1ca1d24b4babeb7c0e22834700c225d5
kubernetes-client-linux-ppc64le.tar.gz 0f2fe4d16518640a958166bc9e1963d594828e6edfa37c018778ccce79761561d0f9f8db206bd4ed122ce068d74e10cd25655bb6763fb0d53c881f0199db09bf
kubernetes-client-linux-s390x.tar.gz 58582b030c95160460f7061000c19da225d175249beff26d4a3f5d415670ff374781b4612e1b8e01e86d31772e4ab86cd41553885d514f013df9c01cbda4b7c2
kubernetes-client-windows-386.tar.gz d2898a2e2c6d28c9069479b7dfcf5dc640864e20090441c9bb101e3f6a1cbc28051135b60143dc6b8f1edaa896e8467d3c1b7bbd7b75a3f1fb3657da6eb7385d
kubernetes-client-windows-amd64.tar.gz 50fa515ba4be8a30739cb811d8750260f2746914b98de9989c58e9b100d07f59a9b701d83a06646ccf3ad53c74b8a7a35c9eb860fb0cff27178145f457921c1b

Server Binaries

filename sha512 hash
kubernetes-server-linux-amd64.tar.gz b124b2fa18935bbc15b9a3c0447df931314b41d36d2cd9a65bebd090dafec9bc8f3614bf0fca97504d9d5270580b0e5e3f8564a7c8d87fde57cd593b73a7697d
kubernetes-server-linux-arm.tar.gz cde20282adb8d43e350c932c5a52176c2e1accb80499631a46c6d6980c1967c324a77e295a14eb0e37702bcd26462980ac5fe5f1ee689386d974ac4c28d7b462
kubernetes-server-linux-arm64.tar.gz 657b24b24dddb475a737be8e65669caf3c41102de5feb990b8b0f29066f823130ff759b1579a6ddbb08fef1e75edca3621054934253ef9d636f4bbcc255093ea
kubernetes-server-linux-ppc64le.tar.gz 2373012c73109a38a6a2b64f1db716d62a65a4a64ccf246680f226dba96b598f9757ded4e2d3581ba4f499a28e7d8d89bbc0db98a09c812fdc7e12a014fb70ec
kubernetes-server-linux-s390x.tar.gz c2ce4362766bb08ffccea13893431c5f59d02f996fbb5fad1fe0014a9670440dca9e9ab4037116e19f090eeba9bdbb2ff8d2e80128afe29a86adb043a7c4e674

Node Binaries

filename sha512 hash
kubernetes-node-linux-amd64.tar.gz c26b0b2fff310d791c91e610252a86966df271b745a3ded8067328dab04fd3c1600bf1f67d728521472fbba067be2a2a52c927c6af4ae6cbabf237f74843b5dd
kubernetes-node-linux-arm.tar.gz 79e70e550a401435b0f3d06b60312bc0740924ca56607eae9cd0d12dce1a6ea1ade1a850145ba05fccec1f52eb6879767e901b6fe2e7b499cf4c632d9ebae017
kubernetes-node-linux-arm64.tar.gz 5f920cf9e169c863760a27022f3f0e1503cedcb6b84089a7e77a05d2d449a9a68f23f1ea48924acc8221e78f151e832e07cbb5586e6e652c56c2fd6ff6009551
kubernetes-node-linux-ppc64le.tar.gz 6037b555f484337e659b347ce0ca725e0a25e2e3034100a9ebc4c18668eb102093e8477cca8022cd99957a4532034ad0b7d1cf356c0bb6582f8acf9895e46423
kubernetes-node-linux-s390x.tar.gz a32a0a22ade7658e5fb924ca8b0ccca40e96f872d136062842c046fd3f17ecc056c22d6cfa3736cbbbac3b648299ef976ad6811ed942e13af3185d83e3440d97
kubernetes-node-windows-amd64.tar.gz 005120b6500ee9839a6914a08ec270ccd273b5dea863da17d4da5ab1e47a7dee5b174cf5d923870186d144b954778d26e3e4445dc997411f267b200001e13e03

Changelog since v1.15.0-alpha.2

Other notable changes

  • Adding ListMeta.RemainingItemCount. When responding a LIST request, if the server has more data available, and if the request does not contain label selectors or field selectors, the server sets the ListOptions.RemainingItemCount to the number of remaining objects. (#75993, @caesarxuchao)
  • This PR removes unused soak test cauldron (#77335, @loqutus)
  • N/A (#76966, @figo)
  • kubeadm: kubeadm alpha certs renew and kubeadm upgrade now supports renews of certificates embedded in KubeConfig files managed by kubeadm; this does not apply to certificates signed by external CAs. (#77180, @fabriziopandini)
  • As of Kubernetes 1.15, the SupportNodePidsLimit feature introduced as alpha in Kubernetes 1.14 is now beta, and the ability to utilize it is enabled by default. It is no longer necessary to set the feature gate SupportNodePidsLimit=true. In all other respects, this functionality behaves as it did in Kubernetes 1.14. (#76221, @RobertKrawitz)
  • Bump addon-manager to v9.0.1 (#77282, @MrHohn)
      • Rebase image on debian-base:v1.0.0
  • Fix kubectl describe CronJobs error of Successful Job History Limit. (#77347, @danielqsj)
  • Remove extra pod creation expections when daemonset fails to create pods in batches. (#74856, @draveness)
  • enhance the daemonset sync logic in clock-skew scenario (#77208, @DaiHao)
  • GCE-only flag cloud-provider-gce-lb-src-cidrs becomes optional for external cloud providers. (#76627, @timoreimann)
  • The GCERegionalPersistentDisk feature gate (GA in 1.13) can no longer be disabled. The feature gate will be removed in v1.17. (#77412, @liggitt)
  • API requests rejected by admission webhooks which specify an http status code < 400 are now assigned a 400 status code. (#77022, @liggitt)
  • kubeadm: Add ability to specify certificate encryption and decryption key for the upload/download certificates phases as part of the new v1beta2 kubeadm config format. (#77012, @rosti)
  • Fixes incorrect handling by kubectl of custom resources whose Kind is "Status" (#77368, @liggitt)
  • kubeadm: disable the kube-proxy DaemonSet on non-Linux nodes. This step is required to support Windows worker nodes. (#76327, @neolit123)
  • Add etag for NSG updates so as to fix nsg race condition (#77210, @feiskyer)
  • The series.state field in the events.k8s.io/v1beta1 Event API is deprecated and will be removed in v1.18 (#75987, @yastij)
  • API paging is now enabled by default in k8s.io/apiserver recommended options, and in k8s.io/sample-apiserver (#77278, @liggitt)
  • GCE/Windows: force kill Stackdriver logging processes when the service cannot be stopped (#77378, @yujuhong)
  • ingress objects are now persisted in etcd using the networking.k8s.io/v1beta1 version (#77139, @cmluciano)
  • [fluentd-gcp addon] Bump fluentd-gcp-scaler to v0.5.2 to pick up security fixes. (#76762, @serathius)
  • Add RuntimeClass restrictions & defaulting to PodSecurityPolicy. (#73795, @tallclair)
  • Promote meta.k8s.io/v1beta1 Table and PartialObjectMetadata to v1. (#77136, @smarterclayton)
  • Fix bug with block volume expansion (#77317, @gnufied)
  • Fixes spurious error messages about failing to clean up iptables rules when using iptables 1.8. (#77303, @danwinship)
  • Add TLS termination support for NLB (#74910, @M00nF1sh)
  • Preserves existing namespace information in manifests when running kubectl set ... --local commands (#77267, @liggitt)
  • fix issue that pull image failed from a cross-subscription Azure Container Registry when using MSI to authenticate (#77245, @norshtein)
  • Clean links handling in cp's tar code (#76788, @soltysh)
  • Implement and update interfaces and skeleton for the scheduling framework. (#75848, @bsalamat)
  • Fixes segmentation fault issue with Protobuf library when log entries are deeply nested. (#77224, @qingling128)
  • kubeadm: support sub-domain wildcards in certificate SANs (#76920, @sempr)
  • Fixes an error with stuck informers when an etcd watch receives update or delete events with missing data (#76675, @ryanmcnamara)

v1.15.0-alpha.2

Documentation

Downloads for v1.15.0-alpha.2

filename sha512 hash
kubernetes.tar.gz 88ca590c9bc2a095492310fee73bd191398375bc7f549e66e8978c48be8a9c0f9ad26e3881b84d5f2f2e49273333b3086dd99cc8c52de68e38464729f0d2828f
kubernetes-src.tar.gz f587073d7b58903a52beeaa911c932047294be54b6f395063c65b46a61113af1aeca37c0edc536525398f0051968708cc9bb17a2173edb8c2e8f3938ad91c0b0

Client Binaries

filename sha512 hash
kubernetes-client-darwin-386.tar.gz 1b944693f3813702e64f41fc11102af59beceb5ded52aac3109ebe39eb2e9103d10b26f29519337a36c86dec5c472d2b0dd5bb0264969a587345b6bb89142520
kubernetes-client-darwin-amd64.tar.gz 233bba8324f7570e527f7ef22a01552c28dbabc6eef658311668ed554923344791c2c9314678f205424a638fefebbbf67dd32be99cb70019cc77a08dbae08f4d
kubernetes-client-linux-386.tar.gz 1203729b3180328631d4192c5f4cfb09e3fea958be544fe4ee3e86826422a6242d7eae9d3efba055ada4e65dbc7a3020305da97223d24416dd40686271fb3537
kubernetes-client-linux-amd64.tar.gz ad0613c88d4f97b2a8f35fff607bf6168724b28838587218ccece14afb52b531f723ced372de3a4014ee76ae2c738f523790178395a2b59d4b5f53fc3451fd04
kubernetes-client-linux-arm.tar.gz e9d3905d306504838d417051df43431f724ea689fd3564e575f8235fc80d771b9bc72c98eae4641e9e3c5619fc93550b93634ff33d8db3b0058e348d7258ee3d
kubernetes-client-linux-arm64.tar.gz a426b27d0851d84b76d225b9366668521441539e7582b2439e973c98c84909fc0a236478d505c6cf50598c4ecb4796f3214ee5c80d42653ddb8e30d5ce7732be
kubernetes-client-linux-ppc64le.tar.gz be717777159b6f0c472754be704d543b80168cc02d76ca936f6559a55752530e061fe311df3906660dcaf7950a7cbea102232fb54bc4056384c11018d1dfff24
kubernetes-client-linux-s390x.tar.gz 4a4a08d23be247e1543c85895c211e9fee8e8fa276e5aa31ed012804fa0921eeb0e5828f8ef152742b41dc1db08658dec01c0287b2828c3d3b91f260243c2457
kubernetes-client-windows-386.tar.gz 8d16d655d7d4213a45a583f81b31056a02dd2100d06d8072a8ec77e255630bd9acfff062d7ab46946f94d667a8d73c611818445464638f3a3ef69c29e9aafda7
kubernetes-client-windows-amd64.tar.gz d4ece03464aaa9c2416d7acf9de7f94f3e01fa17f6f7469a9aedaefa90d4b0af193a1b78fb514fd9de0a55a45244a076e3897e62f9208581523690bbe0353357

Server Binaries

filename sha512 hash
kubernetes-server-linux-amd64.tar.gz 932557827bfcc329162fcf29510f40951bdd5da4890de62fd5c44d5290349b0942ffe07bb2b518ca0f21b4de4c27ec6cfa338ec2b40e938e3a9f6e3ab5db89c0
kubernetes-server-linux-arm.tar.gz e1c5349feab83ad458b9a5956026c48c7ce53f3becc09c537eda8984cea56bb254e7972d467e3b3349ad8e35cf70bebcb4b6a0ab98cbe43ab5f1238f0844d151
kubernetes-server-linux-arm64.tar.gz e8cfe09ff625b36b58d97440d82dbc06795d503729b45a8d077de7c73b70f350010747ad2c118ea75946e40cbf5cdfb1fdfa686c8cc714d4ec942f9bf2925664
kubernetes-server-linux-ppc64le.tar.gz 99770fe0abd0ec2d5f7e38d434a82fa323b2e25124e62aadf483dd68e763b07292e9303a2c8d96964bed91cab7050e0f5be02c76919c33dcc18b46d541677022
kubernetes-server-linux-s390x.tar.gz 3f0772f3b470d59330dd6b44a43af640a7ec42354d734a1aef491769d20a2dadaebda71cac6ad926082e03e967c6dd16ce9c440183d705c8c7c5a33f6d7b89be

Node Binaries

filename sha512 hash
kubernetes-node-linux-amd64.tar.gz 9c879a12174a8c69124a649a8e6d51a5d4c174741d743f68f9ccec349aa671ca085e33cf63ba6047e89c9e16c2122758bbcac01eba48864cd834d18ff6c6bd36
kubernetes-node-linux-arm.tar.gz 3ac31c7f6b01896da60028037f30f8b6f331b7cd989dcfabd5623dbfbbed8a60ff5911fc175d976e831075587f2cd79c97f50b5cfa73bac203746bd2f6b75cd1
kubernetes-node-linux-arm64.tar.gz 669376d5673534d53d2546bc7768f00a3add74da452061dbc2892f59efba28dc54835e4bc556c84ef54cb761f9e65f2b54e274f39faa0d609976da76fcdd87df
kubernetes-node-linux-ppc64le.tar.gz b1c7fb9fcafc216fa2bd9551399f11a592922556dfad4c56fa273a7c54426fbb63b786ecf44d71148f5c8bd08212f9915c0b784790661302b9953d6da44934d7
kubernetes-node-linux-s390x.tar.gz b93ae8cebd79d1ce0cb2aed66ded63b3541fcca23a1f879299c422774fb757ad3c30e782ccd7314480d247a5435c434014ed8a4cc3943b3078df0ef5b5a5b8f1
kubernetes-node-windows-amd64.tar.gz e99127789e045972d0c52c61902f00297c208851bb65e01d28766b6f9439f81a56e48f3fc1a20189c59ea76d3ba4ac3dd230ad054c8a2106ae8a19d4232137ba

Changelog since v1.15.0-alpha.1

Other notable changes

  • Kubemark scripts have been fixed for IKS clusters. (#76909, @Huang-Wei)
  • fix azure disk list corruption issue (#77187, @andyzhangx)
  • kubeadm: kubeadm upgrade now renews all the certificates used by one component before upgrading the component itself, with the exception of certificates signed by external CAs. User can eventually opt-out from certificate renewal during upgrades by setting the new flag --certificate-renewal to false. (#76862, @fabriziopandini)
  • kube-proxy: os exit when CleanupAndExit is set to true (#76732, @JieJhih)
  • kubectl exec now allows using resource name (e.g., deployment/mydeployment) to select a matching pod. (#73664, @prksu)
    • kubectl exec now allows using --pod-running-timeout flag to wait till at least one pod is running.
  • kubeadm: add optional ECDSA support. (#76390, @rojkov)
    • kubeadm still generates RSA keys when deploying a node, but also accepts ECDSA
    • keys if they exist already in the directory specified in --cert-dir option.
  • kube-proxy: HealthzBindAddress and MetricsBindAddress support ipv6 address. (#76320, @JieJhih)
  • Packets considered INVALID by conntrack are now dropped. In particular, this fixes (#74840, @anfernee)
    • a problem where spurious retransmits in a long-running TCP connection to a service
    • IP could result in the connection being closed with the error "Connection reset by
    • peer"
  • Introduce the v1beta2 config format to kubeadm. (#76710, @rosti)
  • kubeadm: bump the minimum supported Docker version to 1.13.1 (#77051, @chenzhiwei)
  • Rancher credential provider has now been removed (#77099, @dims)
  • Support print volumeMode using kubectl get pv/pvc -o wide (#76646, @cwdsuzhou)
  • Upgrade go-autorest to v11.1.2 (#77070, @feiskyer)
  • Fixes a bug where dry-run is not honored for pod/eviction sub-resource. (#76969, @apelisse)
  • Reduce event spam for AttachVolume storage operation (#75986, @mucahitkurt)
  • Report cp errors consistently (#77010, @soltysh)
  • specify azure file share name in azure file plugin (#76988, @andyzhangx)
  • Migrate oom watcher not relying on cAdviosr's API any more (#74942, @WanLinghao)
  • Validating admission webhooks are now properly called for CREATE operations on the following resources: tokenreviews, subjectaccessreviews, localsubjectaccessreviews, selfsubjectaccessreviews, selfsubjectrulesreviews (#76959, @sbezverk)
  • Fix OpenID Connect (OIDC) token refresh when the client secret contains a special character. (#76914, @tsuna)
  • kubeadm: Improve resiliency when it comes to updating the kubeadm-config config map upon new control plane joins or resets. This allows for safe multiple control plane joins and/or resets. (#76821, @ereslibre)
  • Validating admission webhooks are now properly called for CREATE operations on the following resources: pods/binding, pods/eviction, bindings (#76910, @liggitt)
  • Default TTL for DNS records in kubernetes zone is changed from 5s to 30s to keep consistent with old dnsmasq based kube-dns. The TTL can be customized with command kubectl edit -n kube-system configmap/coredns. (#76238, @Dieken)
  • Fixed a kubemark panic when hollow-node is morphed as proxy. (#76848, @Huang-Wei)
  • k8s-dns-node-cache image version v1.15.1 (#76640, @george-angel)
  • GCE/Windows: add support for stackdriver logging agent (#76850, @yujuhong)
  • Admission webhooks are now properly called for scale and deployments/rollback subresources (#76849, @liggitt)
  • Switch to instance-level update APIs for Azure VMSS loadbalancer operations (#76656, @feiskyer)
  • kubeadm: kubeadm alpha cert renew now ignores certificates signed by external CAs (#76865, @fabriziopandini)
  • Update to use go 1.12.4 (#76576, @cblecker)
  • [metrics-server addon] Restore connecting to nodes via IP addresses (#76819, @serathius)
  • fix detach azure disk back off issue which has too big lock in failure retry condition (#76573, @andyzhangx)
  • Updated klog to 0.3.0 (#76474, @vincepri)
  • kube-up.sh no longer supports "centos" and "local" providers (#76711, @dims)
  • Ensure the backend pools are set correctly for Azure SLB with multiple backend pools (e.g. outbound rules) (#76691, @feiskyer)
  • Windows nodes on GCE use a known-working 1809 image rather than the latest 1809 image. (#76722, @pjh)
  • The userspace proxy now respects the IPTables proxy's minSyncInterval parameter. (#71735, @dcbw)
  • Kubeadm will now include the missing certificate key if it is unable to find an expected key during kubeadm join when used with the --experimental-control-plane flow (#76636, @mdaniel)

v1.15.0-alpha.1

Documentation

Downloads for v1.15.0-alpha.1

filename sha512 hash
kubernetes.tar.gz e07246d1811bfcaf092a3244f94e4bcbfd050756aea1b56e8af54e9c016c16c9211ddeaaa08b8b398e823895dd7a8fc757e5674e11a86f1edc6f718b837cfe0c
kubernetes-src.tar.gz ebd902a1cfdde0d9a0062f3f21732eed76eb123da04a25f9f5c7cfce8a2926dc8331e6028c3cd27aa84aaa0bf069422a0a0b0a61e6e5f48be7fe4934e1e786fc

Client Binaries

filename sha512 hash
kubernetes-client-darwin-386.tar.gz 88ce20f3c1f914aebca3439b3f4b642c9c371970945a25e623730826168ebadc53706ac6f4422ea4295de86c7c6bff14ec96ad3cc8ae52d9920ecbdc9dab1729
kubernetes-client-darwin-amd64.tar.gz a5c1a43c7e3dbb27c1a4c7e4111596331887206f768072e3fb7671075c11f2ed7c26873eef291c048415247845e86ff58aa9946a89c4aede5d847677e871ccd5
kubernetes-client-linux-386.tar.gz cf7513ab821cd0c979b1421034ce50e9bc0f347c184551cf4a9b6beab06588adda19f1b53b073525c0e73b5961beb5c1fab913c040c911acaa36496e4386a70d
kubernetes-client-linux-amd64.tar.gz 964296e9289e12bc02ec05fb5ca9e6766654f81e1885989f8185ee8b47573ae07731e8b3cb69742b58ab1e795df8e47fd110d3226057a4c56a9ebeae162f8b35
kubernetes-client-linux-arm.tar.gz 3480209c2112315d81e9ac22bc2a5961a805621b82ad80dc04c7044b7a8d63b3515f77ebdfad632555468b784bab92d018aeb92c42e8b382d0ce9f358f397514
kubernetes-client-linux-arm64.tar.gz be7d5bb5fddfbbe95d32b354b6ed26831b1afc406dc78e9188eae3d957991ea4ceb04b434d729891d017081816125c61ea67ac10ce82773e25edb9f45b39f2d3
kubernetes-client-linux-ppc64le.tar.gz bfaeb3b8b0b2e2dde8900cd2910786cb68804ad7d173b6b52c15400041d7e8db30ff601a7de6a789a8788100eda496f0ff6d5cdcabef775d4b09117e002fe758
kubernetes-client-linux-s390x.tar.gz 653c99e3171f74e52903ac9101cf8280a5e9d82969c53e9d481a72e0cb5b4a22951f88305545c0916ba958ca609c39c249200780fed3f9bf88fa0b2d2438259c
kubernetes-client-windows-386.tar.gz 9b2862996eadf4e97d890f21bd4392beca80e356c7f94abaf5968b4ea3c2485f3391c89ce331c1de69ff9380de0c0b7be8635b079c79181e046b854b4c2530e6
kubernetes-client-windows-amd64.tar.gz 97d87fcbc0cd821b3ca5ebfbda0b38fdc9c5a5ec58e521936163fead936995c6b26b0f05b711fbc3d61315848b6733778cb025a34de837321cf2bb0a1cca76d0

Server Binaries

filename sha512 hash
kubernetes-server-linux-amd64.tar.gz ffa2db2c39676e39535bcee3f41f4d178b239ca834c1aa6aafb75fb58cc5909ab94b712f2be6c0daa27ff249de6e31640fb4e5cdc7bdae82fc5dd2ad9f659518
kubernetes-server-linux-arm.tar.gz a526cf7009fec5cd43da693127668006d3d6c4ebfb719e8c5b9b78bd5ad34887d337f25b309693bf844eedcc77c972c5981475ed3c00537d638985c6d6af71de
kubernetes-server-linux-arm64.tar.gz 4f9c8f85eebbf9f0023c9311560b7576cb5f4d2eac491e38aa4050c82b34f6a09b3702b3d8c1d7737d0f27fd2df82e8b0db5ab4600ca51efd5bd21ac38049062
kubernetes-server-linux-ppc64le.tar.gz bf95f15c3edd9a7f6c2911eedd55655a60da288c9df3fed4c5b2b7cc11d5e1da063546a44268d6c3cb7d48c48d566a0776b2536f847507bcbcd419dcc8643f49
kubernetes-server-linux-s390x.tar.gz a2588d8b3df5f7599cd84635e5772f9ba2c665287c54a6167784bb284eb09fb0e518e9acb0e295e18a77d48cc354c8918751b63f82504177a0b1838e9e89dfd3

Node Binaries

filename sha512 hash
kubernetes-node-linux-amd64.tar.gz b4e9faadd0e03d3d89de496b5248547b159a7fe0c26319d898a448f3da80eb7d7d346494ca52634e89850fbb8b2db1f996bc8e7efca6cff1d26370a77b669967
kubernetes-node-linux-arm.tar.gz bf6db10d15a97ae39e2fcdf32c11c6cd8afcd254dc2fbc1fc00c5c74d6179f4ed74c973f221b0f41a29ad2e7d03e5fdebf1ab927ca2e2dea010e7519badf39a9
kubernetes-node-linux-arm64.tar.gz e89b95a23e36164b10510492841d7d140a9bd1799846f4ee1e8fbd74e8f6c512093a412edfb93bd68da10718ccdbe826f4b6ffa80e868461e7b7880c1cc44346
kubernetes-node-linux-ppc64le.tar.gz 47f47c8b7fafc7d6ed0e55308ccb2a3b289e174d763c4a6415b7f1b7d2b81e4ee090a4c361eadd7cb9dd774638d0f0ad45d271ab21cc230a1b8564f06d9edae8
kubernetes-node-linux-s390x.tar.gz 8a0af4be530008bc8f120cd82ec592d08b09a85a2a558c10d712ff44867c4ef3369b3e4e2f5a5d0c2fa375c337472b1b2e67b01ef3615eb174d36fbfd80ec2ff
kubernetes-node-windows-amd64.tar.gz f48886bf8f965572b78baf9e02417a56fab31870124240cac02809615caa0bc9be214d182e041fc142240f83500fe69c063d807cbe5566e9d8b64854ca39104b

Changelog since v1.14.0

Action Required

  • client-go: The rest.AnonymousClientConfig(*rest.Config) *rest.Config helper method no longer copies custom Transport and WrapTransport fields, because those can be used to inject user credentials. (#75771, @liggitt)
  • ACTION REQUIRED: The Node.Status.Volumes.Attached.DevicePath field is now unset for CSI volumes. Update any external controllers that depend on this field. (#75799, @msau42)

Other notable changes

  • Remove the function Parallelize, please convert to use the function ParallelizeUntil. (#76595, @danielqsj)
  • StorageObjectInUseProtection admission plugin is additionally enabled by default. (#74610, @oomichi)
    • So default enabled admission plugins are now NamespaceLifecycle,LimitRanger,ServiceAccount,PersistentVolumeLabel,DefaultStorageClass,DefaultTolerationSeconds,MutatingAdmissionWebhook,ValidatingAdmissionWebhook,ResourceQuota,StorageObjectInUseProtection. Please note that if you previously had not set the --admission-control flag, your cluster behavior may change (to be more standard).
  • Juju provider source moved to the Charmed Kubernetes org (#76628, @kwmonroe)
  • improve kubectl auth can-i command by warning users when they try access resource out of scope (#76014, @WanLinghao)
  • Introduce API for watch bookmark events. (#74074, @wojtek-t)
    • Introduce Alpha field AllowWatchBookmarks in ListOptions for requesting watch bookmarks from apiserver. The implementation in apiserver is hidden behind feature gate WatchBookmark (currently in Alpha stage).
  • Override protocol between etcd server and kube-apiserver on master with HTTPS instead HTTP when mTLS is enabled in GCE (#74690, @wenjiaswe)
  • Fix issue in Portworx volume driver causing controller manager to crash (#76341, @harsh-px)
  • kubeadm: Fix a bug where if couple of CRIs are installed a user override of the CRI during join (via kubeadm join --cri-socket ...) is ignored and kubeadm bails out with an error (#76505, @rosti)
  • UpdateContainerResources is no longer recorded as a container_status operation. It now uses the label update_container (#75278, @Nessex)
  • Bump metrics-server to v0.3.2 (#76437, @brett-elliott)
  • The kubelet's /spec endpoint no longer provides cloud provider information (cloud_provider, instance_type, instance_id). (#76291, @dims)
  • Change kubelet probe metrics to counter type. (#76074, @danielqsj)
    • The metrics prober_probe_result is replaced by prober_probe_total.
  • Reduce GCE log rotation check from 1 hour to every 5 minutes. Rotation policy is unchanged (new day starts, log file size > 100MB). (#76352, @jpbetz)
  • Add ListPager.EachListItem utility function to client-go to enable incremental processing of chunked list responses (#75849, @jpbetz)
  • Added CNI_VERSION and CNI_SHA1 environment variables in kube-up.sh to configure CNI versions on GCE. (#76353, @Random-Liu)
  • Update cri-tools to v1.14.0 (#75658, @feiskyer)
  • 2X performance improvement on both required and preferred PodAffinity. (#76243, @Huang-Wei)
  • scheduler: add metrics to record number of pending pods in different queues (#75501, @Huang-Wei)
  • Create a new kubectl rollout restart command that does a rolling restart of a deployment. (#76062, @apelisse)
    • Added port configuration to Admission webhook configuration service reference. (#74855, @mbohlool)
        • Added port configuration to AuditSink webhook configuration service reference.
        • Added port configuration to CRD Conversion webhook configuration service reference.
        • Added port configuration to kube-aggregator service reference.
  • kubectl get -w now prints custom resource definitions with custom print columns (#76161, @liggitt)
  • Fixes bug in DaemonSetController causing it to stop processing some DaemonSets for 5 minutes after node removal. (#76060, @krzysztof-jastrzebski)
  • no (#75820, @YoubingLi)
  • Use stdlib to log stack trace when a panic occurs (#75853, @roycaihw)
  • Fixes a NPD bug on GCI, so that it disables glog writing to files for log-counter (#76211, @wangzhen127)
  • Tolerations with the same key and effect will be merged into one which has the value of the latest toleration for best effort pods. (#75985, @ravisantoshgudimetla)
  • Fix empty array expansion error in cluster/gce/util.sh (#76111, @kewu1992)
  • kube-proxy no longer automatically cleans up network rules created by running kube-proxy in other modes. If you are switching the mode that kube-proxy is in running in (EG: iptables to IPVS), you will need to run kube-proxy --cleanup, or restart the worker node (recommended) before restarting kube-proxy. (#76109, @vllry)
    • If you are not switching kube-proxy between different modes, this change should not require any action.
  • Adds a new "storage_operation_status_count" metric for kube-controller-manager and kubelet to count success and error statues. (#75750, @msau42)
  • GCE/Windows: disable stackdriver logging agent to prevent node startup failures (#76099, @yujuhong)
  • StatefulSet controllers no longer force a resync every 30 seconds when nothing has changed. (#75622, @jonsabo)
  • Ensures the conformance test image saves results before exiting when ginkgo returns non-zero value. (#76039, @johnSchnake)
  • Add --image-repository flag to "kubeadm config images". (#75866, @jmkeyes)
  • Paginate requests from the kube-apiserver watch cache to etcd in chunks. (#75389, @jpbetz)
    • Paginate reflector init and resync List calls that are not served by watch cache.
  • k8s.io/kubernetes and published components (like k8s.io/client-go and k8s.io/api) now publish go module files containing dependency version information. See http://git.k8s.io/client-go/INSTALL.md#go-modules for details on consuming k8s.io/client-go using go modules. (#74877, @liggitt)
  • give users the option to suppress detailed output in integration test (#76063, @Huang-Wei)
  • CSI alpha CRDs have been removed (#75747, @msau42)
  • Fixes a regression proxying responses from aggregated API servers which could cause watch requests to hang until the first event was received (#75887, @liggitt)
  • Support specify the Resource Group of Route Table when update Pod network route (Azure) (#75580, @suker200)
  • Support parsing more v1.Taint forms. key:effect, key=:effect- are now accepted. (#74159, @dlipovetsky)
  • Resource list requests for PartialObjectMetadata now correctly return list metadata like the resourceVersion and the continue token. (#75971, @smarterclayton)
  • StubDomains and Upstreamnameserver which contains a service name will be omitted while translating to the equivalent CoreDNS config. (#75969, @rajansandeep)
  • Count PVCs that are unbound towards attach limit (#73863, @gnufied)
  • Increased verbose level for local openapi aggregation logs to avoid flooding the log during normal operation (#75781, @roycaihw)
  • In the 'kubectl describe' output, the fields with names containing special characters are displayed as-is without any pretty formatting. (#75483, @gsadhani)
  • Support both JSON and YAML for scheduler configuration. (#75857, @danielqsj)
  • kubeadm: fix "upgrade plan" not defaulting to a "stable" version if no version argument is passed (#75900, @neolit123)
  • clean up func podTimestamp in queue (#75754, @denkensk)
  • The AWS credential provider can now obtain ECR credentials even without the AWS cloud provider or being on an EC2 instance. Additionally, AWS credential provider caching has been improved to honor the ECR credential timeout. (#75587, @tiffanyfay)
  • Add completed job status in Cronjob event. (#75712, @danielqsj)
  • kubeadm: implement deletion of multiple bootstrap tokens at once (#75646, @bart0sh)
  • GCE Windows nodes will rely solely on kubernetes and kube-proxy (and not the GCE agent) for network address management. (#75855, @pjh)
  • kubeadm: preflight checks on external etcd certificates are now skipped when joining a control-plane node with automatic copy of cluster certificates (--certificate-key) (#75847, @fabriziopandini)
  • [stackdriver addon] Bump prometheus-to-sd to v0.5.0 to pick up security fixes. (#75362, @serathius)
    • [fluentd-gcp addon] Bump fluentd-gcp-scaler to v0.5.1 to pick up security fixes.
    • [fluentd-gcp addon] Bump event-exporter to v0.2.4 to pick up security fixes.
    • [fluentd-gcp addon] Bump prometheus-to-sd to v0.5.0 to pick up security fixes.
    • [metatada-proxy addon] Bump prometheus-to-sd v0.5.0 to pick up security fixes.
  • Support describe pod with inline csi volumes (#75513, @cwdsuzhou)
  • Object count quota is now supported for namespaced custom resources using the count/. syntax. (#72384, @zhouhaibing089)
  • In case kubeadm can't access the current Kubernetes version remotely and fails to parse (#72454, @rojkov)
    • the git-based version it falls back to a static predefined value of
    • k8s.io/kubernetes/cmd/kubeadm/app/constants.CurrentKubernetesVersion.
  • Fixed a potential deadlock in resource quota controller (#74747, @liggitt) * Enabled recording partial usage info for quota objects specifying multiple resources, when only some of the resources' usage can be determined.
  • CRI API will now be available in the kubernetes/cri-api repository (#75531, @dims)
  • Support vSphere SAML token auth when using Zones (#75515, @dougm)
  • Transition service account controller clients to TokenRequest API (#72179, @WanLinghao)
  • kubeadm: reimplemented IPVS Proxy check that produced confusing warning message. (#75036, @bart0sh)
  • Allow to read OpenStack user credentials from a secret instead of a local config file. (#75062, @Fedosin)
  • watch can now be enabled for events using the flag --watch-cache-sizes on kube-apiserver (#74321, @yastij)
  • kubeadm: Support for deprecated old kubeadm v1alpha3 config is totally removed. (#75179, @rosti)
  • The Kubelet now properly requests protobuf objects where they are (#75602, @smarterclayton)
    • supported from the apiserver, reducing load in large clusters.
  • Add name validation for dynamic client methods in client-go (#75072, @lblackstone)
  • Users may now execute get-kube-binaries.sh to request a client for an OS/Arch unlike the one of the host on which the script is invoked. (#74889, @akutz)
  • Move config local to controllers in kube-controller-manager (#72800, @stewart-yu)
  • Fix some potential deadlocks and file descriptor leaking for inotify watches. (#75376, @cpuguy83)
  • [IPVS] Introduces flag ipvs-strict-arp to configure stricter ARP sysctls, defaulting to false to preserve existing behaviors. This was enabled by default in 1.13.0, which impacted a few CNI plugins. (#75295, @lbernail)
  • [IPVS] Allow for transparent kube-proxy restarts (#75283, @lbernail)
  • Replace *_admission_latencies_milliseconds_summary and *_admission_latencies_milliseconds metrics due to reporting wrong unit (was labelled milliseconds, but reported seconds), and multiple naming guideline violations (units should be in base units and "duration" is the best practice labelling to measure the time a request takes). Please convert to use *_admission_duration_seconds and *_admission_duration_seconds_summary, these now report the unit as described, and follow the instrumentation best practices. (#75279, @danielqsj)
  • Reset exponential backoff when storage operation changes (#75213, @gnufied)
  • Watch will now support converting response objects into Table or PartialObjectMetadata forms. (#71548, @smarterclayton)
  • N/A (#74974, @goodluckbot)
  • kubeadm: fix the machine readability of "kubeadm token create --print-join-command" (#75487, @displague)
  • Update Cluster Autoscaler to 1.14.0; changelog: https://github.com/kubernetes/autoscaler/releases/tag/cluster-autoscaler-1.14.0 (#75480, @losipiuk)