New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
draft release notes for kubernetes v1.4.0 #33410
Conversation
incorporates known issues from #33226 |
incorporates feature information based on kubernetes/features repo and feedback from #32332 |
cc @matchstick |
LGTM. @spiffxp thank you! |
/cc @kubernetes/features-maintainers |
cc/ @erictune on one more known backward compatibility issue for init container. Thanks! |
- [alpha] Container Image Policy allows an access controller to determine whether a pod may be scheduled based on a policy ([docs](http://kubernetes.io/docs/admin/admission-controllers/#imagepolicywebhook)) ([kubernetes/features#59](https://github.com/kubernetes/features/issues/59)) | ||
- [alpha] Access Review APIs expose authorization engine to external inquiries for delgation, inspection, and debugging ([docs](http://kubernetes.io/docs/admin/authorization/)) ([kubernetes/features#37](https://github.com/kubernetes/features/issues/37)) | ||
- **Cluster Lifecycle** | ||
- [alpha] Ensure critical cluster infrastructure pods (Heapster, DNS, etc.) can schedule by evicting regular pods when necessary to make the critical pods schedule. ([docs](http://kubernetes.io/docs/admin/rescheduler/#guaranteed-scheduling-of-critical-add-on-pods)) ([kubernetes/features#62](https://github.com/kubernetes/features/issues/62)) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Introducing a rescheduler component to ensure that critical cluster infrastructure pods (Heapster, DNS, etc.) can schedule by evicting regular pods when necessary.
- **Apps** | ||
- [alpha] Introducing 'ScheduledJobs', which allow running time based Jobs, namely once at a specified time or repeatedly at specified point in time. ([docs](http://kubernetes.io/docs/user-guide/scheduled-jobs/)) ([kubernetes/features#19](https://github.com/kubernetes/features/issues/19)) | ||
- **Auth** | ||
- [alpha] Container Image Policy allows an access controller to determine whether a pod may be scheduled based on a policy ([docs](http://kubernetes.io/docs/admin/admission-controllers/#imagepolicywebhook)) ([kubernetes/features#59](https://github.com/kubernetes/features/issues/59)) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
s/access/admission/
- [alpha] Introducing 'ScheduledJobs', which allow running time based Jobs, namely once at a specified time or repeatedly at specified point in time. ([docs](http://kubernetes.io/docs/user-guide/scheduled-jobs/)) ([kubernetes/features#19](https://github.com/kubernetes/features/issues/19)) | ||
- **Auth** | ||
- [alpha] Container Image Policy allows an access controller to determine whether a pod may be scheduled based on a policy ([docs](http://kubernetes.io/docs/admin/admission-controllers/#imagepolicywebhook)) ([kubernetes/features#59](https://github.com/kubernetes/features/issues/59)) | ||
- [alpha] Access Review APIs expose authorization engine to external inquiries for delegation, inspection, and debugging ([docs](http://kubernetes.io/docs/admin/authorization/)) ([kubernetes/features#37](https://github.com/kubernetes/features/issues/37)) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
API Server endpoints to perform access control checks and subject access checks without direct knowledge of the backing authorization engine.
(is there a clearer description than "subject access checks"?) cc @erictune
Can we include supported runtime information here? Something like this: "The following versions of Docker Engine are supported - v1.10 (#19720), v1.11(#23397) and v1.12(#28698). v1.12 is validated through the automated framework. Although v1.9 is still compatible, we recommend upgrading to one of the supported versions. All prior versions of docker will not be supported." cc/ @Random-Liu @matchstick |
cc/ @philips Any changes from rkt side? Like the support version and known issue? Or just simply include what we had from 1.3 release? |
|
||
## Action Required Before Upgrading | ||
|
||
- If you are using Kubernetes to manage `docker` containers, please be aware Kubernetes has been validated to work with docker 1.9.1, docker 1.11.2 (#23397), and docker 1.12.0 (#28698) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@dchen1107 docker engine info is here, it's definitely missing some of your info... should it be pulled out elsewhere?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I am ok to include docker engine info here. But please include v1.10 since openshift might still use that version here.
Then we can include each docker version's known issue separately in known issue above. Thanks!
Aaron this looks awesome thanks. Anirudh + Dawn thanks for doing a review pass. Can we merge this now? If needed we can do follow up PRs, but I would like to close the book on this so there are no blockers headed into the weekend. |
I agree we should merge now. I will send PR for my follow up comments. |
I had a couple of comments, but agreed that we should merge this as is now. I can send PR to address my comments. Thanks! |
Jenkins GCI Kubemark GCE e2e failed for commit cb732e2. Full PR test history. The magic incantation to run this job again is |
IIUC, we will keep editing these until it is time to release 1.4.0 |
thanks all |
@erictune @pwittrock this broke the submit queue |
@fejta @pwittrock submitted a fix after this, #33418 |
Sweet thanks! |
Blatantly ignoring the PR template, sorry
This is a handoff from draft release notes at https://gist.github.com/spiffxp/9c460230314527d759c21797f6821a9a
Generated via
Then:
if you're being /cc'ed here it's because I've been told you have something to finish, or know who to ask to finish it
if you haven't found any typos in this, somebody tell mavis beacon
/cc @pwittrock @foxish @matchstick @quinton-hoole @devin-donnelly
What needs to be done to finish this:
kubeadm
docsI'm left to believe that's it for my involvement, but do please ping me if this is not the case.
This change is