Permalink
Switch branches/tags
Find file Copy path
83ba7bf Dec 13, 2018
4 contributors

Users who have contributed to this file

@liggitt @marpaia @k8s-ci-robot @Pingan2017
1399 lines (1151 sloc) 181 KB

v1.13.1

Documentation

Downloads for v1.13.1

filename sha512 hash
kubernetes.tar.gz de3858357b2b4444bccc0599c7d0edd3e6ec1a80267ef96883ebcfb06c518ce467dd8720b48084644677a42b8e3ffad9a7d4745b40170ce9dfe5b43310979be1
kubernetes-src.tar.gz 7f0a8dbd3c7397cc5a5bc0297eb24b8e734c3c7b78e48fc794c525377c3895f4fd84fd0a2fa70c5513cc47ee5a174c22bab54796abc5a8f2b30687642c819a68

Client Binaries

filename sha512 hash
kubernetes-client-darwin-386.tar.gz 371028dba7a28ec3c8f10b861448cb1574dce25d32d847af254b76b7f158aa4fcda695972e2a08440faa4e16077f8021b07115d0da897bef79c33e702f3be95e
kubernetes-client-darwin-amd64.tar.gz 6aa7025308e9fb1eb4415e504e8aa9c7a0a20b09c500cb48df82bbd04443101664b2614fb284875b9670d4bb11e8f1a10190eaf1d54f81f3a9526053958b0802
kubernetes-client-linux-386.tar.gz 6453670bb61b4f5f7fe8ae78804864ecd52682b32592f6956faf3d2220884a64fb22ae2e668b63f28ea8fd354c50aa90ce61c60be327fb0b5fcfe2c7835ef559
kubernetes-client-linux-amd64.tar.gz ca00442f50b5d5627357dce97c90c17cb0126d746b887afdab2d4db9e0826532469fd1ee62f40eb6923761618f46752d10993578ca19c8b92c3a2aeb5102a318
kubernetes-client-linux-arm.tar.gz 5fa170cbe56b8f5d103f520e2493f911c5eb59b51a6afdbaa9c08196943f1235e533f0384ce7c01c73a020c6889cf8f03cc3642912d0953c74d1098e4b21f3a0
kubernetes-client-linux-arm64.tar.gz 710343ad067f0d642c43cd26871828275645b08b4f4c86bd555865318d8fe08b7f0a720174c04d58acffcb26faf563636dc13eef66a2813eac68bb8b994908f4
kubernetes-client-linux-ppc64le.tar.gz 0fa7ab255f0cba3adc754337c6184e6ec464aa5a4d6dd4d38aad8a0e2430a0044f4ed1ffcd7cc7c863190d3cda6b84abd12ca7536139d665ad61fe7704e63d30
kubernetes-client-linux-s390x.tar.gz 749a8dce5b81e2edbd315841acac64a0e5d17bb1ead8173560b6a4ccc28604bc8254051297ab51cb5df845495bd75a45137827b3386e3962295fec8601563eaa
kubernetes-client-windows-386.tar.gz cd4732fbe569009c426f963318d05ddcc7c63dc27ec9d2bf9c60d716195e3676aa5b0e6ccbde6298f621450d365d41a910ce3ced89bf2ae6d3e81ee2fed0bb16
kubernetes-client-windows-amd64.tar.gz 40f5b5d221b3a611511690d316539dc8fb3f4513e4f9eb141bffa17c9ddeee875a462f5bd45e62ce7c7535310fc3e48e3441614700ee9877584c5948ddbef19f

Server Binaries

filename sha512 hash
kubernetes-server-linux-amd64.tar.gz e0e48825c5fe33a3f82b1b74847d9bfb8c5716c4313c5e4e6f46be0580e20a1e396a669b8ca446cfa581e3eb75698813249bbfcfc79c8a90793880eb5c177921
kubernetes-server-linux-arm.tar.gz 7ff4856e7959cf14eba0e1ab274c0bf0d3193391e7034a936697f0c4813e81d8dda4a019d3185677bee9d1345a6433db3fd6e55f644a0f73d076e0b2014ed172
kubernetes-server-linux-arm64.tar.gz b8c2356002e675bd3de5ee9c2337a12e2a1bbfa2478f8e3b91065a578dfa8d50f596fd606d9f0232b06b8263867a7ca5cc7c04150718b8e40b49ae7d46001c30
kubernetes-server-linux-ppc64le.tar.gz 5d3a15b1241d849d8954894aa7f3fb12606f9966f73fc36aa15152038fc385153b0f0e967cc0bf410a5d5894d0269e54eac581d8e79003904d7bc29b33e98684
kubernetes-server-linux-s390x.tar.gz 78a9cccaf9d737b519db0866c2e80c472c7136bc723910d08649ece1c420ae7f6e56e610d65c436c56ccef8360c4da0f70e75d0cf47c0c8e739f5138cdc7b0d2

Node Binaries

filename sha512 hash
kubernetes-node-linux-amd64.tar.gz 3a7881a52885bebe5958f02dc54194cc8c330576b7cf5935189df4f0b754b958917b104e1d3358c0bc9277f13a8eef2176284548d664f27a36baa389fbcc7bea
kubernetes-node-linux-arm.tar.gz d0bfcff3ef7c0aa36005e7b111685438ebd0ea61d48dc68a7bd06eea3782b6eb224f9b651d80c955afa162f766c8b682976db43238562c293d6552cdadf9e934
kubernetes-node-linux-arm64.tar.gz 2e23bd00661aceb30fa37e24ab71315755bd93dfcc5ff361d78445a8e9ff99e7b3a56641112af3184e8b107545fba6573a6368a82bd0ce475c81cb53fd44da3b
kubernetes-node-linux-ppc64le.tar.gz 8d0fdb743c700d662886636fe67b52202cf9e6e57c2d7de5961b8189d8c03c91fda1d68c47033286efcc582e78be40846e2b1f5c589a0b94794fa2ce3c1ebfee
kubernetes-node-linux-s390x.tar.gz 70445038b4db62c3fc99540f5ddbb881387018244242f182332b8eaa7159ce1aa8929145010ab2befd4e101d39c24c61e430928235434c7d7eb54f113860a83a
kubernetes-node-windows-amd64.tar.gz a87ad43f5a6b8f66d1bbd64f9c91e8bcbdf4adc8de0ec3cd559adaa8c14a6fe078ffdf090e52627c0522b79209fcc37bf822b323895dd47b18c20026cb25e9f5

Changelog since v1.13.0

Other notable changes

  • Fix overlapping filenames in diff if multiple resources have the same name. (#71923, @apelisse)
  • Disable proxy to loopback and linklocal (#71980, @micahhausler)
  • kube-scheduler: restores ability to run without authentication configuration lookup permissions (#71755, @liggitt)
  • client-go: restores behavior of populating the BearerToken field in rest.Config objects constructed from kubeconfig files containing tokenFile config, or from in-cluster configuration. An additional BearerTokenFile field is now populated to enable constructed clients to periodically refresh tokens. (#71713, @liggitt)
  • apply: fix detection of non-dry-run enabled servers (#71854, @apelisse)
  • Scheduler only activates unschedulable pods if node's scheduling related properties change. (#71551, @mlmhl)
  • Fixes pod deletion when cleaning old cronjobs (#71802, @soltysh)
  • fix issue: vm sku restriction policy does not work in azure disk attach/detach (#71941, @andyzhangx)
  • Include CRD for BGPConfigurations, needed for calico 2.x to 3.x upgrade. (#71868, @satyasm)
  • UDP connections now support graceful termination in IPVS mode (#71515, @lbernail)
  • kubeadm: use kubeconfig flag instead of kubeconfig-dir on init phase bootstrap-token (#71803, @yagonobre)
  • On GCI, NPD starts to monitor kubelet, docker, containerd crashlooping, read-only filesystem and corrupt docker overlay2 issues. (#71522, @wangzhen127)
  • Fixes an issue where Portworx volumes cannot be mounted if 9001 port is already in use on the host and users remap 9001 to another port. (#70392, @harsh-px)
  • Only use the first IP address got from instance metadata. This is because Azure CNI would set up a list of IP addresses in instance metadata, while only the first one is the Node's IP. (#71736, @feiskyer)
  • kube-controller-manager: fixed issue display help for the deprecated insecure --port flag (#71601, @liggitt)
  • Update Cluster Autoscaler version in gce manifests to 1.13.1 (https://github.com/kubernetes/autoscaler/releases/tag/cluster-autoscaler-1.13.1) (#71842, @losipiuk)
  • kubectl: fixes regression in --sort-by behavior (#71805, @liggitt)
  • Fixes apiserver nil pointer panics when requesting v2beta1 autoscaling object metrics (#71744, @yue9944882)
  • Fix scheduling starvation of pods in cluster with large number of unschedulable pods. (#71488, @bsalamat)

v1.13.0

Documentation

Downloads for v1.13.0

filename sha512 hash
kubernetes.tar.gz 7b6a81c9f1b852b1e889c1b62281569a4b8853c79e5675b0910d941dfa7863c97f244f6d607aae3faf60bccd596dedb9d136b7fffeae199876e780904fd9f31e
kubernetes-src.tar.gz 844b9fbba21374dd190c8f12dd0e5b3303dd2cd7ad25f241d6f7e46f74adf6987afad021553521d4f479c19d87aa8d4d5be77ac7a6715d31a9187a5bab3b397b

Client Binaries

filename sha512 hash
kubernetes-client-darwin-386.tar.gz 0c010351acb660a75122feb876c9887d46ec2cb466872dd073b7f5b26fdadd96888a350e01606f2ae43606a5a4ab2d9309441f4357cee924b19688f9b02c55dc
kubernetes-client-darwin-amd64.tar.gz c2c40bd202900124f4e9458b067a1e1fc040030dc84ce9bcc6a5beb263de05892c16f3bdafb8d854e343e71f086207f390fd0b60f6e32e770c73294b053da6e4
kubernetes-client-linux-386.tar.gz 5f5449be103b103d72a4e2b1028ab014cf7f74781166327f2ae284e4f5ecb539f6b60f36b8f7c7be0ae43dfb30661b2672dd93a1fa7e26d6c67498672674bf12
kubernetes-client-linux-amd64.tar.gz 61a6cd3b1fb34507e0b762a45da09d88e34921985970a2ba594e0e5af737d94c966434b4e9f8e84fb73a0aeb5fa3e557344cd2eb902bf73c67d4b4bff33c6831
kubernetes-client-linux-arm.tar.gz dd5591e2b88c347759a138c4d2436a0f5252341d0e8c9fbab16b8f151e2744cbdd0c8583555a451425bc471f11b688ce568d9245caf8a278cbac2b343fdead89
kubernetes-client-linux-arm64.tar.gz 894ed30261598ebf3485f3575e95f85e3c353f4d834bf9a6ea53b265427704b43fba5403fbc4d522b3f02afb08e6afaae200af1fe57996291a7c74398ec2fe17
kubernetes-client-linux-ppc64le.tar.gz 6c26c807fc730ea736fda75dc57ac73395ba78bb828fffeee18b385be550d8f3ba2bbc27a52a8f15bcbbe68218c7945d9fb725e6759c117422bc0a632c110670
kubernetes-client-linux-s390x.tar.gz 41e6e972de77c0bde22fdd779ea64e731b60f32e97e78a024f33fc3e33a3b364b7f77ece7d3c64ad85b7f8fe7c8fc6d6892098a3362d1fe01ebf3d551fe2bf37
kubernetes-client-windows-386.tar.gz 442229e5030452901b924a94e7a879d4085597a4f201a5b3fc5ac9806cab5830c836cfa7a33e8f1693fe2e8badc4047bf227d7fb00c537fb1fb4cb7639de5455
kubernetes-client-windows-amd64.tar.gz a11a8e8e732e7292781b9cb1de6e3e41683f95fb3fefc2b1a7b5fb1f064a0d80c0833876d931675135778457d81de9ed2e81caee4b3eb27d9f23c7b722b17442

Server Binaries

filename sha512 hash
kubernetes-server-linux-amd64.tar.gz a8e3d457e5bcc1c09eeb66111e8dd049d6ba048c3c0fa90a61814291afdcde93f1c6dbb07beef090d1d8a9958402ff843e9af23ae9f069c17c0a7c6ce4034686
kubernetes-server-linux-arm.tar.gz 4e17494767000256775e4dd33c0a9b2d152bd4b5fba9f343b6dfeb5746ff34e400a8e0aaf2153476453225ef57e4bb1ae3635416ab18f9e4dabf4e5cc82f8aaa
kubernetes-server-linux-arm64.tar.gz 0ddd0cf0ff56cebfa89efb1972cc2bc6916e824c2af56cfd330ac5638c8918eaf3c60d05714b220dbf4f896160eded123beeba42f5be55fe434a43d04508d86a
kubernetes-server-linux-ppc64le.tar.gz b93828560224e812ed21b57fea5458fa8560745cfec96fc1677b258393c00e208ad9b99467b575e74e01699ffd75f03f5793675032e7306cba7208c1afb53c8d
kubernetes-server-linux-s390x.tar.gz 154d565329d5ba52cdb7c3d43d8854b7a9b8e34803c4df6b3e6ae74c1a6e255c78e6559b7546b9158df0e3f7931bbdaf43407d95cd875c79f5cce960bb9882dd

Node Binaries

filename sha512 hash
kubernetes-node-linux-amd64.tar.gz 9d18ba5f0c3b09edcf29397a496a1e908f4906087be3792989285630d7bcbaf6cd3bdd7b07dace439823885acc808637190f5eaa240b7b4580acf277b67bb553
kubernetes-node-linux-arm.tar.gz 959b04ff7b8690413e01bffeabaab2119794dedf06b7aae1743e49988f797cb7e6ff12e1a91af2d4c5f664414f3aa4bd9020521c6a21c1196c194d12a6f7fe08
kubernetes-node-linux-arm64.tar.gz b5c18e8c9e28cf276067c871446720d86b6f162e22c3a5e9343cdbc6857baa6961d09a6908b6acd1bbd132c2e2e526377676babf77b8d3bfb36f8711827c105a
kubernetes-node-linux-ppc64le.tar.gz 63e3504d3b115fdf3396968afafd1107b98e5a1a15b7c042a87f5a9cffbdc274f7b06b07ce90eb51876cfffd57cf7f20180bad7e9f9762af577e51f4f13d2f7a
kubernetes-node-linux-s390x.tar.gz 21c5c2721febf7fddeada9569f3ecbd059267e5d2cc325d98fb74faf1ae9e9e15899750225a1fc7c25feef96e7705b1456cb489f4882b9eb10e78bd0f590d019
kubernetes-node-windows-amd64.tar.gz 3e73d3ecff14b4c85a71bb6cf91b1ab7d9c3075c64bd5ce6863562ab17bf808b0cbc33ddd25346d25040649c1ad89745796afd218190886b54f1d8acc17896e4

Kubernetes 1.13 Release Notes

Security Content

  • CVE-2018-1002105, a critical security issue in the Kubernetes API Server, is resolved in v1.13.0 (and in v1.10.11, v1.11.5, and v1.12.3). We recommend all clusters running previous versions update to one of these releases immediately. See issue #71411 for details.

Urgent Upgrade Notes

(No, really, you MUST do this before you upgrade)

Before upgrading to Kubernetes 1.13, you must keep the following in mind:

  • kube-apiserver
    • The deprecated etcd2 storage backend has been removed. Before upgrading a kube-apiserver using --storage-backend=etcd2, etcd v2 data must be migrated to the v3 storage backend, and kube-apiserver invocations changed to use --storage-backend=etcd3. Please consult the installation procedure used to set up etcd for specific migration instructions. Backups prior to upgrade are always a good practice, but since the etcd2 to etcd3 migration is not reversible, an etcd backup prior to migration is essential.
    • The deprecated --etcd-quorum-read flag has been removed. Quorum reads are now always enabled when fetching data from etcd. Remove the --etcd-quorum-read flag from kube-apiserver invocations before upgrading.
  • kube-controller-manager
    • The deprecated --insecure-experimental-approve-all-kubelet-csrs-for-group flag has been removed.
  • kubelet
    • The deprecated --google-json-key flag has been removed. Remove the --google-json-key flag from kubelet invocations before upgrading. (#69354, @yujuhong)
    • DaemonSet pods now make use of scheduling features that require kubelets to be at 1.11 or above. Ensure all kubelets in the cluster are at 1.11 or above before upgrading kube-controller-manager to 1.13.
    • The schema for the alpha CSINodeInfo CRD has been split into spec and status fields, and new fields status.available and status.volumePluginMechanism added. Clusters using the previous alpha schema must delete and recreate the CRD using the new schema. (#70515, @davidz627)
  • kube-scheduler dropped support for configuration files with apiVersion componentconfig/v1alpha1. Ensure kube-scheduler is configured using command-line flags or a configuration file with apiVersion kubescheduler.config.k8s.io/v1alpha1 before upgrading to 1.13.
  • kubectl
    • The deprecated command run-container has been removed. Invocations should use kubectl run instead (#70728, @Pingan2017)
  • client-go releases will no longer have bootstrap (k8s.io/client-go/tools/bootstrap) related code. Any reference to it will break. Please redirect all references to k8s.io/bootstrap instead. (#67356, @yliaog)
  • Kubernetes cannot distinguish between GCE Zonal PDs and Regional PDs with the same name. To workaround this issue, precreate PDs with unique names. PDs that are dynamically provisioned do not encounter this issue. (#70716, @msau42)

Known Issues

  • If kubelet plugin registration for a driver fails, kubelet will not retry. The driver must delete and recreate the driver registration socket in order to force kubelet to attempt registration again. Restarting only the driver container may not be sufficient to trigger recreation of the socket, instead a pod restart may be required. (#71487)
  • In some cases, a Flex volume resize may leave a PVC with erroneous Resizing condition even after volume has been successfully expanded. Users may choose to delete the condition, but it is not required. (#71470)
  • The CSI driver-registrar external sidecar container v1.0.0-rc2 is known to take up to 1 minute to start in some cases. We expect this issue to be resolved in a future release of the sidecar container. For verification, please see the release notes of future releases of the external sidecar container. (#76)
  • When using IPV6-only, be sure to use proxy-mode=iptables as proxy-mode=ipvs is known to not work. (#68437)

Deprecations

  • kube-apiserver
    • The --service-account-api-audiences flag is deprecated in favor of --api-audiences. The old flag is accepted with a warning but will be removed in a future release. (#70105, @mikedanese)
    • The --experimental-encryption-provider-config flag is deprecated in favor of --encryption-provider-config. The old flag is accepted with a warning but will be removed in 1.14. (#71206, @stlaz)
    • As part of graduating the etcd encryption feature to beta, the configuration file referenced by --encryption-provider-config now uses kind: EncryptionConfiguration and apiVersion: apiserver.config.k8s.io/v1. Support for kind: EncryptionConfig and apiVersion: v1 is deprecated and will be removed in a future release. (#67383, @stlaz)
    • The --deserialization-cache-size flag is deprecated, and will be removed in a future release. The flag is inactive since the etcd2 storage backend was removed. (#69842, @liggitt)
    • The Node authorization mode no longer allows kubelets to delete their Node API objects (prior to 1.11, in rare circumstances related to cloudprovider node ID changes, kubelets would attempt to delete/recreate their Node object at startup) (#71021, @liggitt)
    • The built-in system:csi-external-provisioner and system:csi-external-attacher cluster roles are deprecated and will not be auto-created in a future release. CSI deployments should provide their own RBAC role definitions with required permissions. (#69868, @pohly)
    • The built-in system:aws-cloud-provider cluster role is deprecated and will not be auto-created in a future release. Deployments using the AWS cloud provider should grant required permissions to the aws-cloud-provider service account in the kube-system namespace as part of deployment. (#66635, @wgliang)
  • kubelet
    • Use of the beta plugin registration directory {kubelet_root_dir}/plugins/ for registration of external drivers via the kubelet plugin registration protocol is deprecated in favor of {kubelet_root_dir}/plugins_registry/. Support for the old directory is planned to be removed in v1.15. Device plugin and CSI storage drivers should switch to the new directory prior to v1.15. Only CSI storage drivers that support 0.x versions of the CSI API are allowed in the old directory. (#70494 by @RenaudWasTaken and #71314 by @saad-ali)
    • With the release of the CSI 1.0 API, support for CSI drivers using 0.3 and older releases of the CSI API is deprecated, and is planned to be removed in Kubernetes v1.15. CSI drivers should be updated to support the CSI 1.0 API, and deployed in the new kubelet plugin registration directory ({kubelet_root_dir}/plugins_registry/) once all nodes in the cluster are at 1.13 or higher (#71020 and #71314, both by @saad-ali)
    • Use of the --node-labels flag to set labels under the kubernetes.io/ and k8s.io/ prefix will be subject to restriction by the NodeRestriction admission plugin in future releases. See admission plugin documentation for allowed labels. (#68267, @liggitt)
  • kube-scheduler
    • The alpha critical pod annotation (scheduler.alpha.kubernetes.io/critical-pod) is deprecated. Pod priority should be used instead to mark pods as critical. (#70298, @bsalamat)
  • The following features are now GA, and the associated feature gates are deprecated and will be removed in a future release:
    • CSIPersistentVolume
    • GCERegionalPersistentDisk
    • KubeletPluginsWatcher
    • VolumeScheduling
  • kubeadm
    • The DynamicKubeletConfig feature gate is deprecated. The functionality is still accessible by using the kubeadm alpha kubelet enable-dynamic command.
    • The command kubeadm config print-defaults is deprecated in favor of kubeadm config print init-defaults and kubeadm config print join-defaults (#69617, @rosti)
    • support for the v1alpha3 configuration file format is deprecated and will be removed in 1.14. Use kubeadm config migrate to migrate v1alpha3 configuration files to v1beta1, which provides improvements in image repository management, addons configuration, and other areas. The documentation for v1beta1 can be found here: https://godoc.org/k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm/v1beta1
  • The node.status.volumes.attached.devicePath field is deprecated for CSI volumes and will not be set in future releases (#71095, @msau42)
  • kubectl
    • The kubectl convert command is deprecated and will be removed in a future release (#70820, @seans3)
  • Support for passing unknown provider names to the E2E test binaries is deprecated and will be removed in a future release. Use --provider=skeleton (no ssh access) or --provider=local (local cluster with ssh) instead. (#70141, @pohly)

Major Themes

SIG API Machinery

For the 1.13 release, SIG API Machinery is happy to announce that the dry-run functionality is now beta.

SIG Auth

With this release we've made several important enhancements to core SIG Auth areas. In the authorization category, we've further reduced Kubelet privileges by restricting node self-updates of labels to a whitelisted selection and by disallowing kubelets from deleting their Node API object. In authentication, we added alpha-level support for automounting improved service account tokens through projected volumes. We also enabled audience validation in TokenReview for the new tokens for improved scoping. Under audit logging, the new alpha-level "dynamic audit configuration" adds support for dynamically registering webhooks to receive a stream of audit events. Finally, we've enhanced secrets protection by graduating etcd encryption out of experimental.

SIG AWS

In v1.13 we worked on tighter integrations of Kubernetes API objects with AWS services. These include three out-of-tree alpha feature releases:

  1. Alpha for AWS ALB (Application Load Balancer) integration to Kubernetes Ingress resources.
  2. Alpha for CSI specification 0.3 integration to AWS EBS (Elastic Block Store)
  3. Alpha for the cloudprovider-aws cloud controller manager binary. Additionally we added aws-k8s-tester, deployer interface for kubetest, to the test-infra repository. This plugin allowed us to integrate Prow to the 3 subprojects defined above in order to provide CI signal for all 3 features. The CI signal is visible here under SIG-AWS.

For detailed release notes on the three alpha features from SIG AWS, please refer to the following Changelogs:

SIG Azure

For 1.13 SIG Azure was focused on adding additional Azure Disk support for Ultra SSD, Standard SSD, and Premium Azure Files. Azure Availability Zones and cross resource group nodes were also moved from Alpha to Beta in 1.13.

SIG Big Data

During the 1.13 release cycle, SIG Big Data has been focused on community engagements relating to 3rd-party project integrations with Kubernetes. There have been no impacts on the 1.13 release.

SIG CLI

Over the course of 1.13 release SIG CLI mostly focused on stabilizing the items we’ve been working on over the past releases such as server-side printing and its support in kubectl, as well as finishing kubectl diff which is based on server-side dry-run feature. We’ve continued separating kubectl code to prepare for extraction out of main repository. Finally, thanks to the awesome support and feedback from community we’ve managed to promote the new plugin mechanism to Beta.

SIG Cloud Provider

For v1.13, SIG Cloud Provider has been focused on stabilizing the common APIs and interfaces consumed by cloud providers today. This involved auditing the cloud provider APIs for anything that should be deprecated as well as adding changes where necessary. In addition, SIG Cloud Provider has begun exploratory work around having a “cloud provider” e2e test suite which can be used to test common cloud provider functionalities with resources such as nodes and load balancers.

We are also continuing our long running effort to extract all the existing cloud providers that live in k8s.io/kubernetes into their own respective repos. Along with this migration, we are slowly transitioning users to use the cloud-controller-manager for any cloud provider features instead of the kube-controller-manager.

SIG Cluster Lifecycle

For 1.13 SIG Cluster Lifecycle is pleased to announce the long awaited promotion of kubeadm to stable GA, and the promotion of kubeadm’s configuration API to v1beta1. In this release the SIG again focused on further improving the user experience on cluster creation and also fixing a number of bugs and other assorted improvements.

Some notable changes in kubeadm since Kubernetes 1.12:

  • kubeadm’s configuration API is now v1beta1. The new configuration format provides improvements in - image repository management, addons configuration, and other areas. We encourage v1alpha3 users to migrate to this configuration API using kubeadm config migrate, as v1alpha3 will be removed in 1.14. The documentation for v1beta1 can be found here: https://godoc.org/k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm/v1beta1
  • kubeadm has graduated kubeadm alpha phase commands to kubeadm init phase. This means that the phases of creating a control-plane node are now tightly integrated as part of the init command. Alpha features, not yet ready for GA are still kept under kubeadm alpha and we appreciate feedback on them.
  • kubeadm init and kubeadm init phase now have a --image-repository flag, improving support for environments with limited access to official kubernetes repository.
  • The DynamicKubeletConfig and SelfHosting functionality was moved outside of kubeadm init and feature gates and is now exposed under kubeadm alpha.
  • Kubeadm init phase certs now support the --csr-only option, simplifying custom CA creation.
  • kubeadm join --experimental-control-plane now automatically adds a new etcd member for local etcd mode, further simplifying required tasks for HA clusters setup.
  • Improvements were made to kubeadm reset related to cleaning etcd and notifying the user about the state of iptables.
  • kubeadm commands now print warnings if input YAML documents contain unknown or duplicate fields.
  • kubeadm now properly recognizes Docker 18.09.0 and newer, but still treats 18.06 as the default supported version.
  • kubeadm now automatically sets the --pod-infra-container-image flag when starting the kubelet.

SIG IBM Cloud

The IBM Cloud SIG was focused on defining its charter and working towards moving its cloud provider code to an external repository with a goal to have this work done by the end of Kubernetes 1.14 release cycle. In the SIG meetings, we also made sure to share updates on the latest Kubernetes developments in the IBM Cloud like the availability of Kubernetes v1.12.2 in the IBM Cloud Kubernetes Service (IKS). The SIG updates were provided in the Kubernetes community weekly call and at the KubeCon China 2018.

SIG Multicluster

Moving Federation v2 from Alpha towards Beta has been the focus of our effort over the past quarter. To this end we engaged with end users, and successfully enlisted additional contributors from companies including IBM, Amadeus, Cisco and others. Federation v2 provides a suite of decoupled API’s and re-usable components for building multi-cluster control planes. We plan to start releasing Beta components in late 2018. In addition, more minor updates were made to our cluster-registry and multi-cluster ingress sub-projects.

SIG Network

For 1.13, the areas of focus were in IPv6, DNS improvements and some smaller items: CoreDNS is now the default cluster DNS passing all of the scale/resource usage tests Node-local DNS cache feature is available in Alpha. This feature deploys a lightweight DNS caching Daemonset that avoids the conntrack and converts queries from UDP to more reliable TCP. PodReady++ feature now has kubectl CLI support.

Progress was made towards finalizing the IPv6 dual stack support KEP and support for topological routing of services.

SIG Node

SIG Node focused on stability and performance improvements in the 1.13 release. A new alpha feature is introduced to improve the mechanism that nodes heartbeat back to the control plane. The NodeLease feature results in the node using a Lease resource in the kube-node-lease namespace that is renewed periodically. The NodeStatus that was used previously to heartbeat back to the control plane is only updated when it changes. This reduces load on the control plane for large clusters. The Kubelet plugin registration mechanism, which enables automatic discovery of external plugins (including CSI and device plugins) has been promoted to stable in this release (introduced as alpha in 1.11 and promoted to beta in 1.12).

SIG Openstack

The major theme for the SIG OpenStack release is the work-in-progress for removing the in-tree provider. This work, being done in conjunction with SIG Cloud Provider, is focusing on moving internal APIs that the OpenStack (and other providers) depends upon to staging to guarantee API stability. This work also included abstracting the in-tree Cinder API and refactoring code to the external Cinder provider to remove additional Cinder volume provider code.

Additional work was also done to implement an OpenStack driver for the Cluster API effort lead by SIG Cluster Lifecycle. For the external Cloud-Provider-OpenStack code, the SIG largely focused on bug fixes and updates to match K8s 1.13 development.

SIG Scalability

SIG Scalability has mostly focused on stability and deflaking our tests, investing into framework for writing scalability tests (ClusterLoader v2) with a goal to migrate all tests to it by the end of 2018 and on the work towards extending definition of Kubernetes scalability by providing more/better user-friendly SLIs/SLOs.

SIG Scheduling

SIG Scheduling has mostly focused on stability in 1.13 and has postponed some of the major features to the next versions. There are still two notable changes: 1. TaintBasedEviction is moved to Beta and will be enabled by default. With this feature enabled, condition taints are automatically added to the nodes and pods can add tolerations for them if needed. 2. Pod critical annotation is deprecated. Pods should use pod priority instead of the annotation.

It is worth noting again that kube-scheduler will use apiVersion kubescheduler.config.k8s.io/v1alpha1 instead of componentconfig/v1alpha1 in its configuration files in 1.13.

SIG Service Catalog

The Service Plan Defaults feature is still under active development. We continue to improve the UX for the svcat CLI, specifically filling in gaps for the new Namespaced Service Broker feature.

SIG Storage

Over the last year, SIG Storage has been focused on adding support for the Container Storage Interface (CSI) to Kubernetes. The specification recently moved to 1.0, and on the heels of this achievement, Kubernetes v1.13 moves CSI support for PersistentVolumes to GA.

With CSI the Kubernetes volume layer becomes truly extensible, allowing third party storage developers to write drivers making their storage systems available in Kubernetes without having to touch the core code.

CSI was first introduction as alpha in Kubernetes v1.9 and moved to beta in Kubernetes v1.10.

You can find a list of sample and production drivers in the CSI Documentation.

SIG Storage also moves support for Block Volumes to beta (introduced as alpha in v1.9) and support for Topology Aware Volume Scheduling to stable (introduced as alpha in v1.9 and promoted to beta in 1.10).

SIG UI

The migration to the newest version of Angular is still under active development as it is most important thing on the roadmap at the moment. We are getting closer to to the new release. We continue fixing bugs and adding other improvements.

SIG VMWare

Major focus for SIG VMware for this release is the work on moving internal APIs that the vSphere provider depends upon to staging to guarantee API stability. This work is being done in conjunction with SIG Cloud Provider and includes the creation of a brand new vsphere-csi plugin to replace the current volume functionalities in-tree.

Additional work was also done to implement a vSphere provider for the Cluster API effort lead by SIG Cluster Lifecycle. For the out-of-tree vSphere cloud provider, the SIG largely focused on bug fixes and updates to match K8s 1.13 development.

SIG Windows

SIG Windows focused on improving reliability for Windows and Kubernetes support

New Features

  • kubelet: When node lease feature is enabled, kubelet reports node status to api server only if there is some change or it didn't report over last report interval. (#69753, @wangzhen127)
  • vSphereVolume implements Raw Block Volume Support (#68761, @fanzhangio)
  • CRD supports multi-version Schema, Subresources and AdditionalPrintColumns (NOTE that CRDs created prior to 1.13 populated the top-level additionalPrinterColumns field by default. To apply an updated that changes to per-version additionalPrinterColumns, the top-level additionalPrinterColumns field must be explicitly set to null). (#70211, @roycaihw)
  • New addon in addon manager that automatically installs CSI CRDs if CSIDriverRegistry or CSINodeInfo feature gates are true. (#70193, @saad-ali)
  • Delegated authorization can now allow unrestricted access for system:masters like the main kube-apiserver (#70671, @deads2k)
  • Added dns capabilities for Windows CNI plugins: (#67435, @feiskyer)
  • kube-apiserver: --audit-webhook-version and --audit-log-version now default to audit.k8s.io/v1 if unspecified (#70476, @charrywanganthony)
  • kubeadm: timeoutForControlPlane is introduced as part of the API Server config, that controls the timeout for the wait for control plane to be up. Default value is 4 minutes. (#70480, @rosti)
  • --api-audiences now defaults to the --service-account-issuer if the issuer is provided but the API audience is not. (#70308, @mikedanese)
  • Added support for projected volume in describe function (#70158, @WanLinghao)
  • kubeadm now automatically creates a new stacked etcd member when joining a new control plane node (does not applies to external etcd) (#69486, @fabriziopandini)
  • Display the usage of ephemeral-storage when using kubectl describe node (#70268, @Pingan2017)
  • Added functionality to enable br_netfilter and ip_forward for debian packages to improve kubeadm support for CRI runtime besides Docker. (#70152, @ashwanikhemani)
  • Added regions ap-northeast-3 and eu-west-3 to the list of well known AWS regions. (#70252, @nckturner)
  • kubeadm: Implemented preflight check to ensure that number of CPUs (#70048, @bart0sh)
  • CoreDNS is now the default DNS server in kube-up deployments. (#69883, @chrisohaver)
  • Opt out of chowning and chmoding from kubectl cp. (#69573, @bjhaid)
  • Failed to provision volume with StorageClass "azurefile-premium": failed to create share andy-mg1121-dynamic-pvc-1a7b2813-d1b7-11e8-9e96-000d3a03e16b in account f7228f99bcde411e8ba4900: failed to create file share, err: storage: service returned error: StatusCode=400, ErrorCode=InvalidHeaderValue, ErrorMessage=The value for one of the HTTP headers is not in the correct format. (#69718, @andyzhangx)
  • TaintBasedEvictions feature is promoted to beta. (#69824, @Huang-Wei)
  • Fixed https://github.com/kubernetes/client-go/issues/478 by adding support for JSON Patch in client-go/dynamic/fake (#69330, @vaikas-google)
  • Dry-run is promoted to Beta and will be enabled by default. (#69644, @apelisse)
  • kubectl get priorityclass now prints value column by default. (#69431, @Huang-Wei)
  • Added a new container based image for running e2e tests (#69368, @dims)
  • The LC_ALL and LC_MESSAGES env vars can now be used to set desired locale for kubectl while keeping LANG unchanged. (#69500, @m1kola)
  • NodeLifecycleController: Now node lease renewal is treated as the heartbeat signal from the node, in addition to NodeStatus Update. (#69241, @wangzhen127)
  • Added dynamic shared informers to write generic, non-generated controllers (#69308, @p0lyn0mial)
  • Upgraded to etcd 3.3 client (#69322, @jpbetz)
  • It is now possible to use named ports in the kubectl port-forward command (#69477, @m1kola)
  • kubectl wait now supports condition value checks other than true using --for condition=available=false (#69295, @deads2k)
  • Updated defaultbackend image to 1.5. Users should concentrate on updating scripts to the new version. (#69120, @aledbf)
  • Bumped Dashboard version to v1.10.0 (#68450, @jeefy)
  • Added env variables to control CPU requests of kube-controller-manager and kube-scheduler. (#68823, @loburm)
  • PodSecurityPolicy objects now support a MayRunAs rule for fsGroup and supplementalGroups options. This allows specifying ranges of allowed GIDs for pods/containers without forcing a default GID the way MustRunAs does. This means that a container to which such a policy applies to won't use any fsGroup/supplementalGroup GID if not explicitly specified, yet a specified GID must still fall in the GID range according to the policy. (#65135, @stlaz)
  • Upgrade Stackdriver Logging Agent addon image to 0.6-1.6.0-1 to use Fluentd v1.2. This provides nanoseconds timestamp granularity for logs. (#70954, @qingling128)
  • When the BoundServiceAccountTokenVolumes Alpha feature is enabled, ServiceAccount volumes now use a projected volume source and their names have the prefix "kube-api-access". (#69848, @mikedanese)
  • Raw block volume support is promoted to beta, and enabled by default. This is accessible via the volumeDevices container field in pod specs, and the volumeMode field in persistent volume and persistent volume claims definitions. (#71167, @msau42)
  • TokenReview now supports audience validation of tokens with audiences other than the kube-apiserver. (#62692, @mikedanese)
  • StatefulSet is supported in kubectl autoscale command (#71103, @Pingan2017)
  • Kubernetes v1.13 moves support for Container Storage Interface to GA. As part of this move Kubernetes now supports CSI v1.0.0 and deprecates support for CSI 0.3 and older releases. Older CSI drivers must be updated to CSI 1.0 and moved to the new kubelet plugin registration directory in order to work with Kubernetes 1.15+. (#71020, @saad-ali)
  • Added option to create CSRs instead of certificates for kubeadm init phase certs and kubeadm alpha certs renew (#70809, @liztio)
  • Added a kubelet socket which serves an grpc service containing the devices used by containers on the node. (#70508, @dashpole)
  • Added DynamicAuditing feature which allows for the configuration of audit webhooks through the use of an AuditSink API object. (#67257, @pbarker)
  • The kube-apiserver's healthz now takes in an optional query parameter which allows you to disable health checks from causing healthz failures. (#70676, @logicalhan)
  • Introduced support for running a nodelocal dns cache. It is disabled by default, can be enabled by setting KUBE_ENABLE_NODELOCAL_DNS=true (#70555, @prameshj)
  • Added readiness gates in extended output for pods (#70775, @freehan)
  • Added Ready column and improve human-readable output of Deployments and StatefulSets (#70466, @Pingan2017)
  • Added kubelet_container_log_size_bytes metric representing the log file size of a container. (#70749, @brancz)
  • NodeLifecycleController: When node lease feature is enabled, node lease will be deleted when the corresponding node is deleted. (#70034, @wangzhen127)
  • GCERegionalPersistentDisk feature is GA now! (#70716, @jingxu97)
  • Added secure port 10259 to the kube-scheduler (enabled by default) and deprecate old insecure port 10251. Without further flags self-signed certs are created on startup in memory. (#69663, @sttts)

Release Notes From SIGs

SIG API Machinery

  • The OwnerReferencesPermissionEnforcement admission plugin now checks authorization for the correct scope (namespaced or cluster-scoped) of the owner resource type. Previously, it always checked permissions at the same scope as the child resource. (#70389, @caesarxuchao)
  • OpenAPI spec now correctly marks delete request's body parameter as optional (#70032, @iamneha)
  • The rules for incrementing metadata.generation of custom resources changed: (#69059, @caesarxuchao)
    • If the custom resource participates the spec/status convention, the metadata.generation of the CR increments when there is any change, except for the changes to the metadata or the changes to the status.
    • If the custom resource does not participate the spec/status convention, the metadata.generation of the CR increments when there is any change to the CR, except for changes to the metadata.
    • A custom resource is considered to participate the spec/status convention if and only if the "CustomResourceSubresources" feature gate is turned on and the CRD has .spec.subresources.status={}.
  • Fixed patch/update operations on multi-version custom resources (#70087, @liggitt)
  • Reduced memory utilization of admission webhook metrics by removing resource related labels. (#69895, @jpbetz)
  • Kubelet can now parse PEM file containing both TLS certificate and key in arbitrary order. Previously key was always required to be first. (#69536, @awly)
  • Code-gen: Removed lowercasing for project imports (#68484, @jsturtevant)
  • Fixed client cert setup in delegating authentication logic (#69430, @DirectXMan12)
  • OpenAPI spec and API reference now reflect dryRun query parameter for POST/PUT/PATCH operations (#69359, @roycaihw)
  • Fixed the sample-apiserver so that its BanFlunder admission plugin can be used. (#68417, @MikeSpreitzer)
  • APIService availability related to networking glitches are corrected faster (#68678, @deads2k)
  • Fixed an issue with stuck connections handling error responses (#71412, @liggitt)
  • apiserver: fixed handling and logging of panics in REST handlers (#71076, @liggitt)
  • kube-controller-manager no longer removes ownerReferences from ResourceQuota objects (#70035, @liggitt)
  • "unfinished_work_microseconds" is added to the workqueue metrics; it can be used to detect stuck worker threads. (kube-controller-manager runs many workqueues.) (#70884, @lavalamp)
  • Timeouts set in ListOptions for clients are also be respected locally (#70998, @deads2k)
  • Added support for CRD conversion webhook (#67006, @mbohlool)
  • client-go: fixed sending oversized data frames to spdystreams in remotecommand.NewSPDYExecutor (#70999, @liggitt)
  • Fixed missing flags in -controller-manager --help. (#71298, @stewart-yu)
  • Fixed missing flags in kube-apiserver --help. (#70204, @imjching)
  • The caBundle and service fields in admission webhook API objects now correctly indicate they are optional (#70138, @liggitt)
  • Fixed an issue with stuck connections handling error responses (#71419, @liggitt)
  • kube-controller-manager and cloud-controller-manager now hold generated serving certificates in-memory unless a writeable location is specified with --cert-dir (#69884, @liggitt)
  • CCM server will not listen insecurely if secure port is specified (#68982, @aruneli)
  • List operations against the API now return internal server errors instead of partially complete lists when a value cannot be transformed from storage. The updated behavior is consistent with all other operations that require transforming data from storage such as watch and get. (#69399, @mikedanese)

SIG Auth

  • API Server can be configured to reject requests that cannot be audit-logged. (#65763, @x13n)
  • Go clients created from a kubeconfig that specifies a TokenFile now periodically reload the token from the specified file. (#70606, @mikedanese)
  • When --rotate-server-certificates is enabled, kubelet will no longer request a new certificate on startup if the current certificate on disk is satisfactory. (#69991, @agunnerson-ibm)
  • Added dynamic audit configuration api (#67547, @pbarker)
  • Added ability to control primary GID of containers through Pod Spec and PodSecurityPolicy (#67802, @krmayankk)
  • kube-apiserver: the NodeRestriction admission plugin now prevents kubelets from modifying Node labels prefixed with node-restriction.kubernetes.io/. The node-restriction.kubernetes.io/ label prefix is reserved for cluster administrators to use for labeling Node objects to target workloads to nodes in a way that kubelets cannot modify or spoof. (#68267, @liggitt)

SIG Autoscaling

SIG AWS

  • service.beta.kubernetes.io/aws-load-balancer-internal now supports true and false values, previously it only supported non-empty strings (#69436, @mcrute)
  • Added service.beta.kubernetes.io/aws-load-balancer-security-groups annotation to set the security groups to the AWS ELB to be the only ones specified in the annotation in case this is present (does not add 0.0.0.0/0). (#62774, @Raffo)

SIG Azure

  • Ensured orphan public IPs on Azure deleted when service recreated with the same name. (#70463, @feiskyer)
  • Improved Azure instance metadata handling by adding caches. (#70353, @feiskyer)
  • Corrected check for non-Azure managed nodes with the Azure cloud provider (#70135, @marc-sensenich)
  • Fixed azure disk attach/detach failed forever issue (#71377, @andyzhangx)
  • DisksAreAttached --> getNodeDataDisks--> GetDataDisks --> getVirtualMachine --> vmCache.Get (#71495, @andyzhangx)

SIG CLI

  • kubectl apply can now change a deployment strategy from rollout to recreate without explicitly clearing the rollout-related fields (#70436, @liggitt)
  • The kubectl plugin list command now displays discovered plugin paths in the same order as they are found in a user's PATH variable. (#70443, @juanvallejo)
  • kubectl get no longer exits before printing all of its results if an error is found (#70311, @juanvallejo)
  • Fixed a runtime error occuring when sorting the output of kubectl get with empty results (#70740, @mfpierre)
  • kubectl: support multiple arguments for cordon/uncordon and drain (#68655, @goodluckbot)
  • Fixed ability for admin/edit/view users to see controller revisions, needed for kubectl rollout commands (#70699, @liggitt)
  • kubectl rollout undo now returns errors when attempting to rollback a deployment to a non-existent revision (#70039, @liggitt)
  • kubectl run now generates apps/v1 deployments by default (#71006, @liggitt)
  • The "kubectl cp" command now supports path shortcuts (../) in remote paths. (#65189, @juanvallejo)
  • Fixed dry-run output in kubectl apply --prune (#69344, @zegl)
  • The kubectl wait command must handle when a watch returns an error vs closing by printing out the error and retrying the watch. (#69389, @smarterclayton)
  • kubectl: support multiple arguments for cordon/uncordon and drain (#68655, @goodluckbot)

SIG Cloud Provider

SIG Cluster Lifecycle

  • kubeadm: Updates version of CoreDNS to 1.2.6 (#70796, @detiber)
  • kubeadm: Validate kubeconfig files in case of external CA mode. (#70537, @yagonobre)
  • kubeadm: The writable config file option for extra volumes is renamed to readOnly with a reversed meaning. With readOnly defaulted to false (as in pod specs). (#70495, @rosti)
  • kubeadm: Multiple API server endpoints support upon join is removed as it is now redundant. (#69812, @rosti)
  • kubeadm reset now cleans up custom etcd data path (#70003, @yagonobre)
  • kubeadm: Fixed unnecessary upgrades caused by undefined order of Volumes and VolumeMounts in manifests (#70027, @bart0sh)
  • kubeadm: Fixed node join taints. (#69846, @andrewrynhard)
  • Fixed cluster autoscaler addon permissions so it can access batch/job. (#69858, @losipiuk)
  • kubeadm: JoinConfiguration now houses the discovery options in a nested Discovery structure, which in turn has a couple of other nested structures to house more specific options (BootstrapTokenDiscovery and FileDiscovery) (#67763, @rosti)
  • kubeadm: Fixed a possible scenario where kubeadm can pull much newer control-plane images (#69301, @neolit123)
  • kubeadm now allows mixing of init/cluster and join configuration in a single YAML file (although a warning gets printed in this case). (#69426, @rosti)
  • kubeadm: Added a v1beta1 API. (#69289, @fabriziopandini)
  • kubeadm init correctly uses --node-name and --cri-socket when --config option is also used (#71323, @bart0sh)
  • kubeadm: Always pass spec.nodeName as --hostname-override for kube-proxy (#71283, @Klaven)
  • kubeadm join correctly uses --node-name and --cri-socket when --config option is also used (#71270, @bart0sh)
  • kubeadm now supports the --image-repository flag for customizing what registry to pull images from (#71135, @luxas)
  • kubeadm: The writable config file option for extra volumes is renamed to readOnly with a reversed meaning. With readOnly defaulted to false (as in pod specs). (#70495, @rosti)
  • kubeadm: Multiple API server endpoints support upon join is removed as it is now redundant. (#69812, @rosti)
  • kubeadm: JoinConfiguration now houses the discovery options in a nested Discovery structure, which in turn has a couple of other nested structures to house more specific options (BootstrapTokenDiscovery and FileDiscovery) (#67763, @rosti)
  • kubeadm: Added a v1beta1 API. (#69289, @fabriziopandini)
  • kubeadm: Use advertise-client-urls instead of listen-client-urls as and etcd-servers options for apiserver. (#69827, @tomkukral)
  • Kubeadm now respects the custom image registry configuration across joins and upgrades. Kubeadm passes the custom registry to the kubelet for a custom pause container. (#70603, @chuckha)
  • kubeadm reset now outputs instructions about manual iptables rules cleanup. (#70874, @rdodev)
  • kubeadm: remove the AuditPolicyConfiguration feature gate (#70807, @Klaven)
  • kubeadm pre-pulls Etcd image only if external Etcd is not used and (#70743, @bart0sh)
  • kubeadm: UnifiedControlPlaneImage is replaced by UseHyperKubeImage boolean value. (#70793, @rosti)
  • For kube-up and derived configurations, CoreDNS will honor master taints, for consistency with kube-dns behavior. (#70868, @justinsb)
  • Recognize newer docker versions without -ce/-ee suffix: 18.09.0 (#71001, @thomas-riccardi)
  • Any external provider should be aware the cloud-provider interface should be imported from :- (#68310, @cheftako)
  • Fixed 'kubeadm upgrade' infinite loop waiting for pod restart (#69886, @bart0sh)
  • Bumped addon-manager to v8.8 (#69337, @MrHohn)
  • GCE: Filter out spammy audit logs from cluster autoscaler. (#70696, @loburm)
  • GCE: Enable by default audit logging truncating backend. (#68288, @loburm)
  • Bumped cluster-proportional-autoscaler to 1.3.0 (#69338, @MrHohn)
  • Updated defaultbackend to v1.5 (#69334, @bowei)

SIG GCP

  • Added tolerations for Stackdriver Logging and Metadata Agents. (#69737, @qingling128)
  • Enabled insertId generation, and updated Stackdriver Logging Agent image to 0.5-1.5.36-1-k8s. This help reduce log duplication and guarantee log order. (#68920, @qingling128)
  • Updated crictl to v1.12.0 (#69033, @feiskyer)

SIG Network

  • Corrected family type (inet6) for ipsets in ipv6-only clusters (#68436, @uablrek)
  • kube-proxy argument hostname-override can be used to override hostname defined in the configuration file (#69340, @stevesloka)
  • CoreDNS correctly implements DNS spec for Services with externalNames that look like IP addresses. Kube-dns does not follow the spec for the same case, resulting in a behavior change when moving from Kube-dns to CoreDNS. See: coredns/coredns#2324
  • IPVS proxier now set net/ipv4/vs/conn_reuse_mode to 0 by default, which will highly improve IPVS proxier performance. (#71114, @Lion-Wei)
  • CoreDNS is now version 1.2.6 (#70799, @rajansandeep)
  • Addon configuration is introduced in the kubeadm config API, while feature flag CoreDNS is now deprecated. (#70024, @fabriziopandini)

SIG Node

  • Fixed a bug in previous releases where a pod could be placed inside another pod's cgroup when specifying --cgroup-root (#70678, @dashpole)
  • Optimized calculating stats when only CPU and Memory stats are returned from Kubelet stats/summary http endpoint. (#68841, @krzysztof-jastrzebski)
  • kubelet now supports log-file option to write logs directly to a specific file (#70917, @dims)
  • Do not detach volume if mount in progress (#71145, @gnufied)
  • The runtimeHandler field on the RuntimeClass resource now accepts the empty string. (#69550, @tallclair)
  • kube-apiserver: fixes procMount field incorrectly being marked as required in openapi schema (#69694, @jessfraz)

SIG OpenStack

  • Fixed cloud-controller-manager crash when using OpenStack provider and PersistentVolume initializing controller (#70459, @mvladev)

SIG Release

  • Use debian-base instead of busybox as base image for server images (#70245, @ixdy)
  • Images for cloud-controller-manager, kube-apiserver, kube-controller-manager, and kube-scheduler now contain a minimal /etc/nsswitch.conf and should respect /etc/hosts for lookups (#69238, @BenTheElder)

SIG Scheduling

  • Added metrics for volume scheduling operations (#59529, @wackxu)
  • Improved memory use and performance when processing large numbers of pods containing tolerations (#65350, @liggitt)
  • Fixed a bug in the scheduler that could cause the scheduler to go to an infinite loop when all nodes in a zone are removed. (#69758, @bsalamat)
  • Clear pod binding cache on bind error to make sure stale pod binding cache will not be used. (#71212, @cofyc)
  • Fixed a scheduler panic due to internal cache inconsistency (#71063, @Huang-Wei)
  • Report kube-scheduler unhealthy if leader election is deadlocked. (#71085, @bsalamat)
  • Fixed a potential bug that scheduler preempts unnecessary pods. (#70898, @Huang-Wei)

SIG Storage

  • Fixed CSI volume limits not showing up in node's capacity and allocatable (#70540, @gnufied)
  • CSI drivers now have access to mountOptions defined on the storage class when attaching volumes. (#67898, @bswartz)
  • change default azure file mount permission to 0777 (#69854, @andyzhangx)
  • Fixed subpath in containerized kubelet. (#69565, @jsafrane)
  • Fixed panic on iSCSI volume tear down. (#69140, @jsafrane)
  • CSIPersistentVolume feature, i.e. PersistentVolumes with CSIPersistentVolumeSource, is GA. (#69929, @jsafrane)
  • Fixed CSIDriver API object to allow missing fields. (#69331, @jsafrane)
  • Flex volume plugins now support expandvolume (to increase underlying volume capacity) and expanfs (resize filesystem) commands that Flex plugin authors can implement to support expanding in use Flex PersistentVolumes (#67851, @aniket-s-kulkarni)
  • Enabled AttachVolumeLimit feature (#69225, @gnufied)
  • The default storage class annotation for the storage addons has been changed to use the GA variant (#68345, @smelchior)
  • GlusterFS PersistentVolumes sources can now reference endpoints in any namespace using the spec.glusterfs.endpointsNamespace field. Ensure all kubelets are upgraded to 1.13+ before using this capability. (#60195, @humblec)
  • Fixed GetVolumeLimits log flushing issue (#69558, @andyzhangx)
  • The MountPropagation feature is unconditionally enabled in v1.13, and can no longer be disabled. (#68230, @bertinatto)

SIG Windows

  • kubelet --system-reserved and --kube-reserved are supported now on Windows nodes (#69960, @feiskyer)
  • Windows runtime endpoints is now switched to npipe:////./pipe/dockershim from tcp://localhost:3735. (#69516, @feiskyer)
  • Fixed service issues with named targetPort for Windows (#70076, @feiskyer)
  • Handle Windows named pipes in host mounts. (#69484, @ddebroy)
  • Fixed inconsistency in windows kernel proxy when updating HNS policy. (#68923, @delulu)

External Dependencies

  • Default etcd server is unchanged at v3.2.24 since Kubernetes 1.12. (#68318)
  • The list of validated docker versions remain unchanged at 1.11.1, 1.12.1, 1.13.1, 17.03, 17.06, 17.09, 18.06 since Kubernetes 1.12. (#68495)
  • The default Go version was updated to 1.11.2. (#70665)
  • The minimum supported Go version was updated to 1.11.2 (#69386)
  • CNI is unchanged at v0.6.0 since Kubernetes 1.10 (#51250)
  • CSI is updated to 1.0.0. Pre-1.0.0 API support is now deprecated. (#71020])
  • The dashboard add-on has been updated to v1.10.0. (#68450)
  • Heapster remains at v1.6.0-beta, but is now retired in Kubernetes 1.13 (#67074)
  • Cluster Autoscaler has been upgraded to v1.13.0 (#71513)
  • kube-dns is unchanged at v1.14.13 since Kubernetes 1.12 (#68900)
  • Influxdb is unchanged at v1.3.3 since Kubernetes 1.10 (#53319)
  • Grafana is unchanged at v4.4.3 since Kubernetes 1.10 (#53319)
  • Kibana has been upgraded to v6.3.2. (#67582)
  • CAdvisor has been updated to v0.32.0 (#70964)
  • fluentd-gcp-scaler has been updated to v0.5.0 (#68837)
  • Fluentd in fluentd-elasticsearch is unchanged at v1.2.4 since Kubernetes 1.11 (#67434)
  • fluentd-elasticsearch has been updated to v2.2.1 (#68012)
  • The fluent-plugin-kubernetes_metadata_filter plugin in fluentd-elasticsearch is unchanged at 2.0.0 since Kubernetes 1.12 (#67544)
  • fluentd-gcp has been updated to v3.2.0 (#70954)
  • OIDC authentication is unchanged at coreos/go-oidc v2 since Kubernetes 1.10 (#58544)
  • Calico was updated to v3.3.1 (#70932)
  • Upgraded crictl on GCE to v1.12.0 (#69033)
  • CoreDNS has been updated to v1.2.6 (#70799)
  • event-exporter has been updated to v0.2.3 (#67691)
  • Es-image remains unchanged at Elasticsearch 6.3.2 since Kubernetes 1.12 (#67484)
  • metrics-server remains unchanged at v0.3.1 since Kubernetes 1.12 (#68746)
  • GLBC remains unchanged at v1.2.3 since Kubernetes 1.12 (#66793)
  • Ingress-gce remains unchanged at v1.2.3 since Kubernetes 1.12 (#66793)
  • ip-masq-agen remains unchanged at v2.1.1 since Kubernetes 1.12 (#67916)

v1.13.0-rc.2

Documentation

Downloads for v1.13.0-rc.2

filename sha512 hash
kubernetes.tar.gz 12fbaf943ae72711cd93c9955719ec1773a229dbb8f86a44fcda179229beb82add4dc1a54ceb50b9f48fde48e2464ed0cd4b2e57d9689a7ae784cb052beb6751
kubernetes-src.tar.gz 8e94f0fe73909610e85c201bb1ba4f66fd55ca2b4ded77217a4dfad2874d402cc1cc94203ecc195f909126c186701e5e1e62890ad288895493a1759f88a190d0

Client Binaries

filename sha512 hash
kubernetes-client-darwin-386.tar.gz ac555f5d1e6b88fa4de1e06e0a1ebd372582f97c526c938334a8c63fbf17545607efbba9975d1767e147113e551e986d6523f6985ea41236cfbf7949df31f016
kubernetes-client-darwin-amd64.tar.gz 2eae428a0e4bcb2237343d7ac1e431ccfc1f7037622bb3131ad8d48a3af6f5ed34be899ec1ec32af7eb7d411cb0cda02a2413405479722ab868cdc816726c9df
kubernetes-client-linux-386.tar.gz 89e671679b4516f184f7fd5ea0fe2a9ab0245fab34447625786bf55841223124527d3aa2ee6fa2474333f37eea4e9a5ba6f3f4dc3698907fd24bedf522f53b40
kubernetes-client-linux-amd64.tar.gz 61f6513722e9c485300b822d6fc5998927bbffa18862d2d3f177a7c7cc0ee56c51ec169e3c8239e352c022094bb02124ed060d7d5c3cec9b67aae20ffd42f387
kubernetes-client-linux-arm.tar.gz ef0e5fd4bf2074dfd3cf54d45307550273695906baca3533a9d23424e7b693d706f6d1d3a09a34e2d1f84d9eddc6b62d96e5190b8c7145919e93f0ae75ec4d06
kubernetes-client-linux-arm64.tar.gz d34bb9ce9bfe2a5375fd58920e63b4eef818348719dba460f35838433af57a1a23fa659e53de52c8174fa212c94c4196ac5a02ce02ef714860488c77563b5821
kubernetes-client-linux-ppc64le.tar.gz 4dc4e4a5e166e63360ba86e1278bbe75212ac7c3f60ba30425a1c5654bf5a9b1164543fdc23d7dfd9d3aea7be38544c8dc535459e96c062db631e58c5c628762
kubernetes-client-linux-s390x.tar.gz d27675f4753469cd5e31faed13a1ea9654c25d38b0d96c1340215fd231050ffc66dc40c5103f8377339bacf00f1c99d386fe9c21fc68c5a21c10667f773d9d4b
kubernetes-client-windows-386.tar.gz 9d6e6de2d4a55eaeebd7fa6b861548e0768381d50838430722b56636428a3417b8f2bbc953bc365294a857d8f5b51d90807e5eafe874f37d9b726f48b5d04197
kubernetes-client-windows-amd64.tar.gz 30b2da5c015ef88b9efcf90bffe0498d367df7c126b65f2e878af263c5d62b8c93792dbf20511d0ff034c7a9e2c3fc93931860e1254ed158eddec34f407b9005

Server Binaries

filename sha512 hash
kubernetes-server-linux-amd64.tar.gz 8180f2b788249fe65f7f1d3ee431ac758ede29a6349db312afbee080ff2c24586fc468f11a9cbcb8d22842739974f29e10793778f5fd5c55d10129e97a1efce3
kubernetes-server-linux-arm.tar.gz e9165284a0b82a9ab88dad05f43bfe1bebecad3bb1c7118475c3426e0b6f9f91d340e1e6223d81df9337ab4cc9a96708443c025030127acf88437f0c327b750b
kubernetes-server-linux-arm64.tar.gz 03797c021ebed3b08835e72eed405c57aaacce972bbbbf88bf49310efbf8c7242f2f223d73b5d2ed4c21e5196e6e5fb7b2b811f08607db6dbe98f869bf28bedb
kubernetes-server-linux-ppc64le.tar.gz ceb49af22e3b518f3ba27c1e7de28e577e2735175e84a6d203f1f8766eceaa7c0424746ff71498d7847e98f538af5663b16cc306cb0adbb006d5d869766dfb9b
kubernetes-server-linux-s390x.tar.gz bee4752e8a52e217ae1ffcfbc263453c724de684b4d463d5ddb24a3a30a67fc8f78e6c0a8154c6b6581d17f1e168903bc18d0e56f02fce5933f673bb4c74a8cf

Node Binaries

filename sha512 hash
kubernetes-node-linux-amd64.tar.gz b368989bbb8ab4d29b51d5d4d71d073b0ceb39614c944859dcd14c3303c31475850f7012deaa8d5ba9c17edd728bce536fbd523ae7defc74a30f0878f05497bf
kubernetes-node-linux-arm.tar.gz 404b7b74a1e0d0fed9088a7e9461e02cfd9a6992c554baa125b7a361a6baa03d1e4622fbc4ec51836f00a7ac4f90167f345307678527f5781e06acdf526b9a45
kubernetes-node-linux-arm64.tar.gz fa531b1675a778c572a2175fb1bed00e78dc589f638f2096b3b5c9d3d691a5668787a43d69898678abd70c7b949e05cfebfb0783c0144a66bdff61fed6094582
kubernetes-node-linux-ppc64le.tar.gz a7ecc1f63e632c1b4f9b312babd6882ec966420bf4f8346edf80495fcf860d912729072c79d23cc071a07239783409b02c1f4a716a24e2597f2b490c9b3bb5b3
kubernetes-node-linux-s390x.tar.gz a7171ed95de943a0ac5a32da4458e8d4366eb1fadbe426bebc371d2bb6536636b14db9d2cd03952258b3cb1b99fdca2db07947b028cc6c7bb92f4281ba6f62f2
kubernetes-node-windows-amd64.tar.gz 8a3a71d142b99fb200c4c1c9c0fa4dc6a3b64a0b506dc37dc3d832a94a791619a09ae4b2c6f73802f6833234570633974547f7700c8bb6de71d91ba2c4ac4b54

Changelog since v1.13.0-rc.1

Other notable changes

v1.13.0-rc.1

Documentation

Downloads for v1.13.0-rc.1

filename sha512 hash
kubernetes.tar.gz 1c047e4edcf3553a568679e6e5083988b06df9d938f299a9193c72ad96a9c439a1f47f98b86f75d94746e8c1ae363b7a3de3c29dbdf7585b5e5e67b95f309d4a
kubernetes-src.tar.gz d2fd47c38abd29a2037b9e2a3a958ec250e2c6ae77532f6e935a6422bd626485fd720932b18fe2fdfcc7b17c6014a9da08cd9e6f9272f19f666ec52ffc02b564

Client Binaries

filename sha512 hash
kubernetes-client-darwin-386.tar.gz 44d0733359be5036953775e12fc1723e4c64452a24a8c3b522c8a624e0a132cf61483a120cafebe1370939b38ddf1809969dfc0daf0c087ce8a888aa98f2fa6f
kubernetes-client-darwin-amd64.tar.gz 2acd37ed234271b0ff9c30273261e4b127309a1bc91a006b7a07e1a948703fa550699cd7f44dceb4e7cc6be139f80785853ce4dedb3c3d3f0df85598d0488d56
kubernetes-client-linux-386.tar.gz 5fe07ea2f776086df0e9447b7e6b0863c5b3af71f5aff8e302087e242d78613278023a169f211be96feab5109d801c9e4f427a911221d039e4d9cadec3086ebf
kubernetes-client-linux-amd64.tar.gz 7541d5850d74156862e5fe00817bd954d2b49b2c0cf15abe5cde34406928b8ca34b6907eea51e79e005156964ea1269102f2663e667ccbb4223ea12edfc97c20
kubernetes-client-linux-arm.tar.gz 122121d3e469b6e33cc3fd910b32a5a94b9d3479f0367c54fbc4e7f13df7b097c061b0624b36c0e59f9a35dda7d021f04d400506e6f40eff657672ee53b91a69
kubernetes-client-linux-arm64.tar.gz 5e3d415db4239f27461c4ea404903cfc762084d5c1e84f9ed8bc0325d7fa845ac540a279e3bd67ac80d00fcad4860398166f55f76ba22c1060e0bc1c867b2464
kubernetes-client-linux-ppc64le.tar.gz 8651f4161569913b616695bdd1a41c4b177cbfb4773fbca649b3e97957f6c5f46f4fa84bfa92ba24abc34b90cc9543d3c0707962d28d701ef784c764ef49f407
kubernetes-client-linux-s390x.tar.gz 920b81f6bbc7e7d4fa2f9c61fbc6f529621f2f134dbbb0f407866ffd0ec47791484187c609cca3b615034a5393869ae8f156a7bd0001d0ef59f195d8aab7229d
kubernetes-client-windows-386.tar.gz 0d49277cb7c36e5538d4c1c0fd6e6a69da7cd73c226f5869b29fad1e5b9bf434ffc8423b72d807df67b6674541a370a5235881bccff1b9f390f175064020453a
kubernetes-client-windows-amd64.tar.gz 34ae587e2d439f925d1e324d2bbff3a751bb73b18e98b13c93e5742e7e16c00b4d9956b91721b4e06a00087dc00862248e6de167683a6bd1ccd14b1a6dcef753

Server Binaries

filename sha512 hash
kubernetes-server-linux-amd64.tar.gz 7030ef7463bef0871e524a5233d23c5f8aee18ac92e96555910ddc7a891772d451dac08b583f391132c654eaaea788f3bf29fb510a2f6f3b24b0ac79ca669f77
kubernetes-server-linux-arm.tar.gz ccd1f413ad357581a904d1ff67f3e376be7882bd72efb13657f8aa1191c4481691743016a1385b777b5e62fe9854c1695ffa847c3b4534459317d0d5b5baaf76
kubernetes-server-linux-arm64.tar.gz ff589f5b6c56713818edda8ae9b39b17dfbf34e881c09736f722de5d70e6dd1508b5fefc60f40547dfd4fddb32ddce2a4470e1d240b315db5840a0fba957d553
kubernetes-server-linux-ppc64le.tar.gz f748985751bf403bc7b1f9160ce937cd2915552b27c3c79764a66789dc39ef9e3069e6f25d21e15bfaf81c535e3ee3b195eb636965456467ee56c0167c526129
kubernetes-server-linux-s390x.tar.gz b3b0075948d72784defe94073dff251b79083aa46b4f29419026757665cac554356486948a41b59293904238651a733747a0e271f43a72228c6c83cf8f5634a7

Node Binaries

filename sha512 hash
kubernetes-node-linux-amd64.tar.gz 01907a104c043607985053571183b7bdccf655f847d1dd9d8991cd2c464ddf9953f25cacb255be3067c1b65f6168fe92a90162636e6c6b6ec33340926d537959
kubernetes-node-linux-arm.tar.gz dbf1801c456312698253767dd36b186fb4e503a03454cd16bba68a1ede9d29e14939591eb39516129bc8c88e64fba2a287ae6447b7e4ff4afcecd1fb50713403
kubernetes-node-linux-arm64.tar.gz 15f3259370f1419fcc372a28faa9a3caae5f2c89ee76286c14ea62d612fdca94ac7358a3cd76877736389080d28ba65237fc0aeffed2050bac4e342877351e51
kubernetes-node-linux-ppc64le.tar.gz 00dc7f5bd40d045baeb72d5dcfb302b8566aacc23cd7de1b877724e1160ee1608b3b121358d2c3b081d06deb1a8107d0437d3d1b20df88e4adcfd5f4a05964ee
kubernetes-node-linux-s390x.tar.gz 2b80e4dffa0b8bdc0305d1263c06320918541f3a7b6519123752b89be335a2c48965b7d16d814ffc02e304e9cf932db0c780fc316c99a080bebd880d55e3c939
kubernetes-node-windows-amd64.tar.gz 600b442a1665e39621fce03ad07b162e2353cc8bc982cad849dab7e1c2db34bde675ef12a4907a75f2ba82e62ae3126e189b3d69db7fcab71548bf6940351dda

Changelog since v1.13.0-beta.2

Other notable changes

v1.13.0-beta.2

Documentation

Downloads for v1.13.0-beta.2

filename sha512 hash
kubernetes.tar.gz e8607473e2b3946a3655fa895c2b7dee74818b4c2701047fee5343ab6b2f2aa3d97b19b11c7e7aeaca322a95bf99cbb5a7dafca187922fd40eaf24daaaf3bc8d
kubernetes-src.tar.gz 6ca15ad729a82b41587e1dbbd4e9ad5447e202e8e7ee8c01c411090031ee3feb83f0cc65e211e8634a01e7c52d5f1f7b47cd2ac601708542227853f312401e8f

Client Binaries

filename sha512 hash
kubernetes-client-darwin-386.tar.gz 5727218280ea7c68350aa5cf04e3d3c346f97d462e3f60f5196e27358f71841e19523b277a5b8fe9cea4b8fa323c54a820ae1956937922bcb24524612435e699
kubernetes-client-darwin-amd64.tar.gz 3e3975a41da08135dc654a40acb86ce862b1f56a9361e0c38c9c99c5b5bcad970f2271ae9a17e03c3d6e13ed03176e5e80313b39a8a02680a3b6d806e33f3a1b
kubernetes-client-linux-386.tar.gz 26cfa99fbe09b20ebe3d2aebb4d08f0f9f2661d5533b94daf6c8354701b1e4ddb8981c10323073c0d06e52eeb0f68839726b684e4e2222b1be7b940ff6017c72
kubernetes-client-linux-amd64.tar.gz 42204953b02af81bb5f695c957aca9fa382609447ada5e3a9701da3e8bbd54923084e0b28dd5be455f39ec0dd5c4bf4e81704542d1ce64d7292c17f0a9b04a32
kubernetes-client-linux-arm.tar.gz c680c94699b0b319b654a4c1c0a9b7fc387c44fb22744f30049142b17c3fabd3ba5358904cf8d5ccb077d0fb96d0360d222616980a13f91fc4a64ba2afce35b8
kubernetes-client-linux-arm64.tar.gz aa997b3428979ba2652fd251c4c5ece87043472ebe2ee15d8a179e69ddbefd47e8030e9392c4f6659b8207fcfb45b2effb69d9736af7c6c82f4217c5e3ac89e1
kubernetes-client-linux-ppc64le.tar.gz 684dfc462d84d3902e322535997e57f7874003ab17c41508c057bc7c6220062cf57d0486086d28940d9b4c0e8b5ebead5d4a64ad6e23895ecd2f8841844a8527
kubernetes-client-linux-s390x.tar.gz ff98b3a23dfe436a12843eb388be9568cbc29c9328648a1d166518aac40841bd8d855916918259cd92a0cc465e376ab1cb4c7b2b92c1eee454a76495772dc7e1
kubernetes-client-windows-386.tar.gz 6897a0f59fb409526dae9c86680702f3d2a1dc68d145504ed2e98b05d8f1dcc9b6a977c1af17277775b64501c86d5392e2f052aded8aec0c0640d6e78f609b87
kubernetes-client-windows-amd64.tar.gz 6ed67eecb2b79ace8d428cbd4d07ef7d52ba4e5b3b44eb59d46aff99a7a862f158573b4c2678cbdd31ba060a0acd695fa2d8a29ad0c4e22516622c23d017c5cb

Server Binaries

filename sha512 hash
kubernetes-server-linux-amd64.tar.gz 351292b217c1c49b5c0241da11b4be0929a5d1645bec7dd05051930df8a70090b130d3ceef2482657db16dd6e4f71013075bcd727e741b497143bc6db67c134a
kubernetes-server-linux-arm.tar.gz 88f166a7b5a3f9d9c19a5b911adb6e8e4cac1a3323b83d681f13aaf7bb285b0d016b147b4168c886efeccb3d9052c7512c1f61f7a0f59e2ba324e2827f802712
kubernetes-server-linux-arm64.tar.gz fb4868a939eca18de17e0b606d1ab127712e277e01c02ffa96138a53973cd583bfc28cf9c2967906896740665fdb02ed53f01ef4341cad9718a8770779d99431
kubernetes-server-linux-ppc64le.tar.gz 47a4e8e96c1e8a8cc37eabd19194b9d174fa93c3feaf1384895f89c5c6836511eb9f4ff3c91dd84c05398b7d0ce2d49fd5b43ddb518b7b9ed706f224a48b18fa
kubernetes-server-linux-s390x.tar.gz 4e0823d1da55a71f001fcb07511a7b3416641ea93bfbd56b1e1e435c0a78bafbcecc873ba43808985b66b01464cbf9b60e9ad057ec78fea5080de8a5f7684bab

Node Binaries

filename sha512 hash
kubernetes-node-linux-amd64.tar.gz e21964063b80f52e387cd35826f3081ad0a3b62608d182e008b8b76f572442905e4b0625839d3ff28a353f1d686f8dbd15104e6b27126e3c6a579704b2106154
kubernetes-node-linux-arm.tar.gz cb665911af59a1cf86e5d66a4cdc134dc412e9e479dd89fa0bbbaeb8324eb87d090ffb0985e31bb12b5e063bfe8c045ac797931cfb856287b05f63b53b26a524
kubernetes-node-linux-arm64.tar.gz c172126829aea38e2238af6b62035abad6ed08d041175b0bf99792b7c608a0b27dd7f80b5ad301843cbdfee7ed2825aee9ea52d69752759a79e1148529ad1999
kubernetes-node-linux-ppc64le.tar.gz 0367940078ea9b4d46778b8406840fd2925f612304b5fa5b675fc07d5457bea524ebaf0378691af27f97d0c0fe39fffc6ad75f6db10139f377e52d0d3888252a
kubernetes-node-linux-s390x.tar.gz 74382ed862ae099b91ce6056b85b7ee4f075fbdb4e737a8448c92e20fe3a0717047a138c23e13b0a8bda3e457f4299f412ca31768e8c87e57c9faf95b7f9adda
kubernetes-node-windows-amd64.tar.gz 9164c4eae920c727965caae046e1b2daabf4822e2dee2260697b22e5208a0d8c6e7ce152a5df7852e8203d4771e6dc6bf9f63159324facb1ab81ea8f212b55fb

Changelog since v1.13.0-beta.1

Other notable changes

  • Fix missing flags in kube-apiserver --help. (#70204, @imjching)
  • kubeadm init correctly uses --node-name and --cri-socket when --config option is also used (#71323, @bart0sh)
  • API server flag --experimental-encryption-provider-config was renamed to --encryption-provider-config. The old flag is accepted with a warning but will be removed in 1.14. (#71206, @stlaz)
  • Fix missing flags in *-controller-manager --help. (#71298, @stewart-yu)
  • Clear pod binding cache on bind error to make sure stale pod binding cache will not be used. (#71212, @cofyc)
  • kubeadm: always pass spec.nodeName as --hostname-override for kube-proxy (#71283, @Klaven)
  • kubeadm join correctly uses --node-name and --cri-socket when --config option is also used (#71270, @bart0sh)
  • apiserver can be configured to reject requests that cannot be audit-logged. (#65763, @x13n)
  • Kubelet Device Plugin Registration directory changed from from {kubelet_root_dir}/plugins/ to {kubelet_root_dir}/plugins_registry/. Any drivers (CSI or device plugin) that were using the old path must be updated to work with this version. (#70494, @RenaudWasTaken)
  • When the BoundServiceAccountTokenVolumes Alpha feature is enabled, ServiceAccount volumes now use a projected volume source and their names have the prefix "kube-api-access". (#69848, @mikedanese)

v1.13.0-beta.1

Documentation

Downloads for v1.13.0-beta.1

filename sha512 hash
kubernetes.tar.gz 78245b2357a5eeafd193d28f86655327edce7bbc4da142c826eba5f5c05a624cd30b2551f63da37f38e9ca3fcf6990d77a3a068cbfc9075ff19fcdb235db9acb
kubernetes-src.tar.gz 880c5a8b16215bc58b307922474703048020b38be1d41672425cd07bdcf0626a88f04a080eac13ebb63c42214454420063289ba147d0a6cdf8dc3fe942382964

Client Binaries

filename sha512 hash
kubernetes-client-darwin-386.tar.gz 0f804c77ef6122b4b6586a507179fe0f1a383752342b3e5575e09223fdda9731acd89631ad236969e19ba1016adb28cfdb62f5b7a2b594bd68c780a5066cf370
kubernetes-client-darwin-amd64.tar.gz 0bdbd8003bcbecb4494b4778411e7d057067e78a99a7e8e8e45a3982cbe476dab822bccdeb73b989dfc5222ab8a09554f25dfb1f3d48622a1db3a45088799e49
kubernetes-client-linux-386.tar.gz 522795df77ff8543251232863cb36fe2d501671e04a5279a112aa3ffa784de93f3f567af50fffa5367fd27793e595b3e6b8c66b0cfbc99ecadbfbb279fe9e9c1
kubernetes-client-linux-amd64.tar.gz b6481bae237e6971f7b9cc039d3b7e62d49ddd48d52dd979432fa0318a8e3e5bf1677298ffee5c3d9af07e32c50eb94948509218302f8ba966abcc27e391b282
kubernetes-client-linux-arm.tar.gz 45b8fa2557bb742a8ce16e0a69fa64fe898509418c6f9099a24bf1ab20c7d5de61f2e79f2de46c660c53eec78c45d5606a5ae5144f1f47dca54d71d353566596
kubernetes-client-linux-arm64.tar.gz 475b823a5e2c4c6e1bc49f35fbef45d1fc6e6279f5335762bad05d0f695fd033a3a81bd90ea854d8ee2c9b41f12b22f10606a2c058ea178f0b07ddb418a69499
kubernetes-client-linux-ppc64le.tar.gz bc289b249051e9918f8f842bb98bf4d0b8951709fe5b65c2185f04b78213ec0099973f3459ffb062342a0a01739f3919758bb2724566c5e24cb30546af68fad8
kubernetes-client-linux-s390x.tar.gz 0935e0ad23a61d570de087e72f22bc3da2a34c19bb5aea0ab342f91655b4a02ba781448c35b837e0174fcd1b5d9cfb5550a1b9271c10f67a93975088df737337
kubernetes-client-windows-386.tar.gz 4833425ff040983b841722a00edd2cfa56f85099658ae04890c4e2262931e3c74d7276f3e95a74fbdd6934f32bca41297e72209ffaa1c6192bc9b6866d78582e
kubernetes-client-windows-amd64.tar.gz 156a5328834055f7b9732c762cc917cfdbf2d2fc67dd80ba89ae7dcb9c2e7d271fc4fe2b2074f98fc308f2282138b10c86becaf6ed235de0d0d3e66a6d419c5a

Server Binaries

filename sha512 hash
kubernetes-server-linux-amd64.tar.gz 9435be5cced10252954be579408e2a253eb51dd7b649417f1e91679bce33f6ff735f1c24687994a133155b19453fbcfff4555938134001961ece419b746ecefe
kubernetes-server-linux-arm.tar.gz 8dc3d4a0c09830831efd77fdf193ed9ccc1247bd981b4811192cac38cf5ffd04042575632d4259af933959e6e774b10ac2f9e3a79903629f36dad616dd99b5d5
kubernetes-server-linux-arm64.tar.gz f2549f87f21ea44c5d776a706c59bb2ea61d7f2cca304850aa6ad5b09c4486b16ae1be19ab9f9166a2f9f9d2ffbef6d38676c54104d424a855ce445ca6252607
kubernetes-server-linux-ppc64le.tar.gz 0c0671eaf7cf7262c95411930311bb4610f89583431738149f0ee7f8f6a55b094322fc6717db1cdd496944c66216305ac4a5e3ea782ab1c2817e23a4bc32ff9f
kubernetes-server-linux-s390x.tar.gz ff24909b0b044924d241d6aeac9e9b4f0696c0ca7e973d56a874b02b613a45d00c30c5709326d3ad02f0e30742c1aa412e40a061e4c38631c1a538801273e565

Node Binaries

filename sha512 hash
kubernetes-node-linux-amd64.tar.gz 235b1c4348b5779ca71a5f63121ff6a162db02bb24b4d815ec73412afedbe0ce5f969a40569e709017fbaf8f51e952d6fbe740ab3daf5d6fc932d8fac3f74c07
kubernetes-node-linux-arm.tar.gz cd23813419a74983bdd3a3104e20684e947ef7302dcfa1802132439b21e7621ad129621c633094e74a50c2ef57a83685f425b345898e7f501f7b0b639d8ba215
kubernetes-node-linux-arm64.tar.gz fb6283dae828f8d9275a05c6a4ea27bc1136e8e8253b5ddac52c8254813b11e8e4373038bf145a51d9680bb14dc276f8c7852e87d553cead5811550bf21eab5a
kubernetes-node-linux-ppc64le.tar.gz f910922d422b65f6b6a8d7762a23048991695496c0fc07c3dc4f1a81e32d250d592851a2f5b19588f7ed65281495d4187e8ab61cb4711102f2d0c8766267bf5b
kubernetes-node-linux-s390x.tar.gz d895fed57caf038afe0087ff44d2adfdd8955d18135adad9935952702e9abf2bc07289e1a7545b30f4d9f7ab154c642b4c08d74070c66f5c917196cbb37b9692
kubernetes-node-windows-amd64.tar.gz 4bc09e54935d2cb4d2bad7db06831d040cc03906d8934575932ed6eab5f0bc9ab67cdb2720c919c89d8b29388bb61f228c10167c9bc9eec46bbdc10c6381500e

Changelog since v1.13.0-alpha.3

Action Required

  • ACTION REQUIRED: The Node.Status.Volumes.Attached.DevicePath fields is deprecated for CSI volumes and will be unset in a future release (#71095, @msau42)

Other notable changes

  • Raw block volume support is promoted to beta, and enabled by default. This is accessible via the volumeDevices container field in pod specs, and the volumeMode field in persistent volume and persistent volume claims definitions. (#71167, @msau42)
  • Fix a scheduler panic due to internal cache inconsistency (#71063, @Huang-Wei)
  • Fix a potential bug that scheduler preempts unnecessary pods. (#70898, @Huang-Wei)
  • The API server encryption configuration file format has graduated to stable and moved to apiVersion: apiserver.config.k8s.io/v1 and kind: EncryptionConfiguration. (#67383, @stlaz)
  • kubelet now supports log-file option to write logs directly to a specific file (#70917, @dims)
  • kubeadm now supports the --image-repository flag for customizing what registry to pull images from (#71135, @luxas)
  • timeouts set in ListOptions for clients will also be respected locally (#70998, @deads2k)
  • IPVS proxier now set net/ipv4/vs/conn_reuse_mode to 0 by default, which will highly improve IPVS proxier performance. (#71114, @Lion-Wei)
  • StatefulSet is supported in kubectl autoscale command (#71103, @Pingan2017)
  • Report kube-scheduler unhealthy if leader election is deadlocked. (#71085, @bsalamat)
  • apiserver: fixes handling and logging of panics in REST handlers (#71076, @liggitt)
  • kubelets are no longer allowed to delete their own Node API object. Prior to 1.11, in rare circumstances related to cloudprovider node ID changes, kubelets would attempt to delete/recreate their Node object at startup. Kubelets older than 1.11 are not supported running against a v1.13+ API server. If an unsupported legacy kubelet encounters this situation, a cluster admin can remove the Node object: (#71021, @liggitt) * kubectl delete node/<nodeName>
    • or grant self-deletion permission explicitly:
      • kubectl create clusterrole self-deleting-nodes --verb=delete --resource=nodes
      • kubectl create clusterrolebinding self-deleting-nodes --clusterrole=self-deleting-nodes --group=system:nodes
  • Kubernetes v1.13 moves support for Container Storage Interface to GA. As part of this move Kubernetes now supports CSI v1.0.0 and drops support for CSI 0.3 and older releases. Older CSI drivers must be updated to CSI 1.0 in order to work with Kubernetes 1.13+. (#71020, @saad-ali)
  • Remove deprecated kubectl command aliases 'run-container' (#70728, @Pingan2017)
  • kubeadm: enable strict unmarshaling of YAML configuration files and show warnings for unknown and duplicate fields. (#70901, @neolit123)
  • For kube-up and derived configurations, CoreDNS will honor master taints, for consistency with kube-dns behavior. (#70868, @justinsb)
  • CoreDNS is now version 1.2.6 (#70799, @rajansandeep)
  • kubeadm: Use advertise-client-urls instead of listen-client-urls as and etcd-servers options for apiserver. (#69827, @tomkukral)
  • Add option to create CSRs instead of certificates for kubeadm init phase certs and kubeadm alpha certs renew (#70809, @liztio)
  • Add a kubelet socket which serves an grpc service containing the devices used by containers on the node. (#70508, @dashpole)
  • kube-apiserver: the NodeRestriction admission plugin now prevents kubelets from modifying Node labels prefixed with node-restriction.kubernetes.io/. The node-restriction.kubernetes.io/ label prefix is reserved for cluster administrators to use for labeling Node objects to target workloads to nodes in a way that kubelets cannot modify or spoof. (#68267, @liggitt)
    • kubelet: it is now deprecated to use the --node-labels flag to set kubernetes.io/ and k8s.io/-prefixed labels other than the following labels:
      • kubernetes.io/hostname
      • kubernetes.io/instance-type
      • kubernetes.io/os
      • kubernetes.io/arch
      • beta.kubernetes.io/instance-type
      • beta.kubernetes.io/os
      • beta.kubernetes.io/arch
      • failure-domain.kubernetes.io/zone
      • failure-domain.kubernetes.io/region
      • failure-domain.beta.kubernetes.io/zone
      • failure-domain.beta.kubernetes.io/region
      • [*.]kubelet.kubernetes.io/*
      • [*.]node.kubernetes.io/*
    • Setting other kubernetes.io/- and k8s.io/-prefixed labels using the --node-labels flag will produce a warning in v1.13, and be disallowed in v1.15. Setting labels that are not prefixed with kubernetes.io/ or k8s.io/ is still permitted.
  • Adds DynamicAuditing feature which allows for the configuration of audit webhooks through the use of an AuditSink API object. (#67257, @pbarker)
  • The Kubelet plugin registration mechanism used by device plugins and CSI plugins is now GA (#70559, @vladimirvivien)
  • CSIPersistentVolume feature, i.e. PersistentVolumes with CSIPersistentVolumeSource, is GA. (#69929, @jsafrane)
    • CSIPersistentVolume feature gate is now deprecated and will be removed according to deprecation policy.
  • kubectl: support multiple arguments for cordon/uncordon and drain (#68655, @goodluckbot)
  • The kube-apiserver's healthz now takes in an optional query parameter which allows you to disable health checks from causing healthz failures. (#70676, @logicalhan)
  • client-go: fixes sending oversized data frames to spdystreams in remotecommand.NewSPDYExecutor (#70999, @liggitt)
  • kube-controller-manager no longer removes ownerReferences from ResourceQuota objects (#70035, @liggitt)
  • Introduces support for running a nodelocal dns cache. It is disabled by default, can be enabled by setting KUBE_ENABLE_NODELOCAL_DNS=true (#70555, @prameshj)
    • An ip address is required for the cache instance to listen for requests on, default is a link local ip address of value 169.254.20.10
  • Fix dry-run output in kubectl apply --prune (#69344, @zegl)
  • kubectl run now generates apps/v1 deployments by default (#71006, @liggitt)
  • kubeadm reset now outputs instructions about manual iptables rules cleanup. (#70874, @rdodev)
  • Recognize newer docker versions without -ce/-ee suffix: 18.09.0 (#71001, @thomas-riccardi)
  • "unfinished_work_microseconds" is added to the workqueue metrics; it can be used to detect stuck worker threads. (kube-controller-manager runs many workqueues.) (#70884, @lavalamp)
  • add readiness gates in extended output for pods (#70775, @freehan)
  • add Ready column and improve human-readable output of Deployments and StatefulSets (#70466, @Pingan2017)
  • Kubeadm now respects the custom image registry configuration across joins and upgrades. Kubeadm passes the custom registry to the kubelet for a custom pause container. (#70603, @chuckha)
  • kubeadm: deprecate the DynamicKubeletConfig feature gate. The functionality is still accessible by using the kubeadm alpha kubelet enable-dynamic command. (#70849, @yagonobre)
  • Add kubelet_container_log_size_bytes metric representing the log file size of a container. (#70749, @brancz)
  • kubeadm: remove the AuditPolicyConfiguration feature gate (#70807, @Klaven)
  • Kubeadm: attributes for join --control-plane workflow are now grouped into a dedicated JoinControlPlane struct (#70870, @fabriziopandini)
  • Addon configuration is introduced in the kubeadm config API, while feature flag CoreDNS is now deprecated. (#70024, @fabriziopandini)
  • Fixes ability for admin/edit/view users to see controller revisions, needed for kubectl rollout commands (#70699, @liggitt)
  • kubeadm pre-pulls Etcd image only if external Etcd is not used and (#70743, @bart0sh)
    • --etcd-upgrade=false is not specified
  • Add support for CRD conversion webhook (#67006, @mbohlool)
  • Delete node lease if the corresponding node is deleted (#70034, @wangzhen127)
  • In a future release the kubectl convert command will be deprecated. (#70820, @seans3)
  • kubeadm: UnifiedControlPlaneImage is replaced by UseHyperKubeImage boolean value. (#70793, @rosti)
  • kubeadm v1beta1 API: InitConfiguration.APIEndpoint has been renamed to .LocalAPIEndpoint (#70761, @luxas)
  • Breaking change: CSINodeInfo split into Spec and Status. New fields Available and VolumePluginMechanism added to CSINodeInfo csi-api object. CSIDriverInfo no longer deleted on Driver uninstallation, instead Available flag is set to false. (#70515, @davidz627)
  • GCERegionalPersistentDisk feature is GA now! (#70716, @jingxu97)
  • Add secure port 10259 to the kube-scheduler (enabled by default) and deprecate old insecure port 10251. Without further flags self-signed certs are created on startup in memory. (#69663, @sttts)
  • --feature-gates argument has been removed from the kubeadm join command. Feature gates will be retrieved from the cluster configuration during the join process. (#70755, @ereslibre)
  • [kubeadm] Updates version of CoreDNS to 1.2.6 (#70796, @detiber)
  • kubelet: When node lease feature is enabled, kubelet reports node status to api server only if there is some change or it didn't report over last report interval. (#69753, @wangzhen127)
  • Self hosted is no longer supported in the standard workflow. The feature flags have been removed and your self hosted cluster is no longer able to upgrade via kubeadm. (#69878, @Klaven)
  • vSphereVolume implements Raw Block Volume Support (#68761, @fanzhangio)
  • [GCE] Filter out spammy audit logs from cluster autoscaler. (#70696, @loburm)
  • CRD supports multi-version Schema, Subresources and AdditionalPrintColumns (NOTE that CRDs created prior to 1.13 populated the top-level additionalPrinterColumns field by default. To apply an update that changes to per-version additionalPrinterColumns, the top-level additionalPrinterColumns field must be explicitly set to null). (#70211, @roycaihw)
  • Fixes a bug in previous releases where a pod could be placed inside another pod's cgroup when specifying --cgroup-root (#70678, @dashpole)
  • Upgrade golang.org/x/net image to release-branch.go1.10 (#70663, @wenjiaswe)
  • New addon in addon manager that automatically installs CSI CRDs if CSIDriverRegistry or CSINodeInfo feature gates are true. (#70193, @saad-ali)
  • delegated authorization can now allow unrestricted access for system:masters like the main kube-apiserver (#70671, @deads2k)
  • Update to use go1.11.2 (#70665, @cblecker)
  • Add dns capabilities for Windows CNI plugins: (#67435, @feiskyer)
    • "dns" {
    • "servers": ["10.0.0.10"],
    • "searches": ["default.svc.cluster.local","svc.cluster.local","cluster.local"],
    • "options": []
    • }
  • The VolumeScheduling feature is GA. The VolumeScheduling feature gate is deprecated and will be removed in a future release. (#70673, @msau42)
  • Go clients created from a kubeconfig that specifies a TokenFile now periodically reload the token from the specified file. (#70606, @mikedanese)
  • kubeadm: validate kubeconfig files in case of external CA mode. (#70537, @yagonobre)
  • kube-apiserver: --audit-webhook-version and --audit-log-version now default to audit.k8s.io/v1 if unspecified (#70476, @charrywanganthony)
  • kubeadm: timeoutForControlPlane is introduced as part of the API Server config, that controls the timeout for the wait for control plane to be up. Default value is 4 minutes. (#70480, @rosti)
  • kubeadm: The writable config file option for extra volumes is renamed to readOnly with a reversed meaning. With readOnly defaulted to false (as in pod specs). (#70495, @rosti)
  • remove retry operation on attach/detach azure disk (#70568, @andyzhangx)
  • Fix CSI volume limits not showing up in node's capacity and allocatable (#70540, @gnufied)
  • Flex volume plugins now support expandvolume (to increase underlying volume capacity) and expanfs (resize filesystem) commands that Flex plugin authors can implement to support expanding in use Flex PersistentVolumes (#67851, @aniket-s-kulkarni)
  • kubeadm: Control plane component configs are separated into ClusterConfiguration sub-structs. (#70371, @rosti)
  • The MountPropagation feature is unconditionally enabled in v1.13, and can no longer be disabled. (#68230, @bertinatto)
  • add azure UltraSSD, StandardSSD disk type support (#70477, @andyzhangx)
  • The OwnerReferencesPermissionEnforcement admission plugin now checks authorization for the correct scope (namespaced or cluster-scoped) of the owner resource type. Previously, it always checked permissions at the same scope as the child resource. (#70389, @caesarxuchao)
  • Ensure orphan public IPs on Azure deleted when service recreated with the same name. (#70463, @feiskyer)
  • kubectl apply can now change a deployment strategy from rollout to recreate without explicitly clearing the rollout-related fields (#70436, @liggitt)
  • Fix cloud-controller-manager crash when using OpenStack provider and PersistentVolume initializing controller (#70459, @mvladev)

v1.13.0-alpha.3

Documentation

Downloads for v1.13.0-alpha.3

filename sha512 hash
kubernetes.tar.gz 1d50cfd34306ace7354516125c45f8c546bba3ca5081af2b21969b535967d302821c06e7d4d590ba05f3e1e89ba56cc3d890b2e5bf2e07456532ac28e7c6c4a8
kubernetes-src.tar.gz bf097b99d7b9af15bc1d592ee3782da1e811d8eb68dc9ae9d287589ce9174d3743beaf51422283c42ad03775e43839954bdeb44b1aa5707f73eebabed0cc199e

Client Binaries

filename sha512 hash
kubernetes-client-darwin-386.tar.gz 77778ae2887eda52ee716fb0e843c17b2705b1284a67cdf53f91292eb7f1055ef942be1ae0eac25ad9f4c9062c802fd57943e57578113f875f0d1f8a227bbb25
kubernetes-client-darwin-amd64.tar.gz b3399767df12b71ee4b7b30126bd8001a0c1396161eb7535d797fd5847c55bccc18fb475f1639c3bf8e5f5c484a61025108c01e35f71417a405e75580c3990f6
kubernetes-client-linux-386.tar.gz 5ef0d318ff8da28c332ae25164e5a441272d2ee8ef2ac26438a47fe3e7e645ed0b132325243f3f33c93a8681431a117f6207893f0e5270738aacfee16d8bbd32
kubernetes-client-linux-amd64.tar.gz 1f429eae5b0b1e39b1d4d30e3220a82d0ae6672a6f4b34a05246c3efc131a236f79e5876d7a98c56d98fbf243b96cfd8db5d1ab73905df9e000d7af2b710fcf3
kubernetes-client-linux-arm.tar.gz 5583aecdc9b4a54a4aa904fc1de66400f50628969e31b5a63ab1d3b6628e3c547a9cef9c2bc9e53a0eeb0155fa0f745f7ee47e92166ce66d0c79199ff20c41de
kubernetes-client-linux-arm64.tar.gz 2453b9100c06b11e8c424d59cfd1c5e111c22b596191a9cfb0b330d198abecd982e19eb2ac38d91c3d1ef226c9533c4f9a210b88295029985739e86363905de5
kubernetes-client-linux-ppc64le.tar.gz 4991ec4c19a82d50caed78bc8db51e7cdcd1f2896dfcaa45d84f347a72fe7ee0d0280c897af54afec93f548d2ce247cf70d2b439024752ff701b80b67c385913
kubernetes-client-linux-s390x.tar.gz c55f2802afb2e5d261bb26b6c396df8ebe6b95913ddab1e124cf177f59a00524a26cc9dd74cbf06cc7a6a2207ccba2d3a8585f20a37485214d9b1bebb27fdde7
kubernetes-client-windows-386.tar.gz df78465267e35ef078c3c0fd33f8898a9df26fbf411df3ed3283fbdc2e79380693abe2a2815d5a4d53742135db4b5a0a480ce301817ede5c0674b12ac9c9bac9
kubernetes-client-windows-amd64.tar.gz 5b93fdaaa931ef8e24196e53c484f91ef9e50b7d11e1053ccb61b2d6bdc8164767dd1d885cdc4949fdb7ed05cfbc7c9f7cc3468ad7affc22f849836b311d855f

Server Binaries

filename sha512 hash
kubernetes-server-linux-amd64.tar.gz 922a93ce677e686e594c11db75e1969c995b23062bba511bff4a43d3a530e21e1d15cbe9b38d06af407de5a6c141f3b10cf24f50b848ed6b36e701249cece2c3
kubernetes-server-linux-arm.tar.gz 5dd550b58dedf25df020e66f1526e80c50b46d2df3ddd241bd02b6ebf10308599e7739917cbd9a3d2d3e787078d1271c4e3333f7f343a8a754ac5c08dedba0c9
kubernetes-server-linux-arm64.tar.gz 3e1037e71d85a74cd5d40dd836bd442b2dcc457f8ccc8247e4537f3deca6f99d6805857c44b4fd69a7655308a3b0b4be43faaf74017cc3e26e8ba81e84968f33
kubernetes-server-linux-ppc64le.tar.gz a89c46b558613ad09efe44a81574ad18157a787d1e9c5d09c98d3911b499573cd9b9845b7a7526d4de5b93887267bedd96d043f79799552639b2168d3fea49ab
kubernetes-server-linux-s390x.tar.gz 47a68668e38ac1b8cb801f4bff3b15060cd88801f446ebfbf06125dbc9aef52be79faa94acee65af46b93512af6f15c1f9f598324a368b82996f5a0f9aca0d14

Node Binaries

filename sha512 hash
kubernetes-node-linux-amd64.tar.gz 74d5d46ac6ba336fa8aaf55d0a15860f6ebde2ff58d377ca93063593da12fbd4c758fe92c6b3285df0e4cc23c354ce5802ae3f7c38ad4e63f9d1eeaef41f2f2b
kubernetes-node-linux-arm.tar.gz 90372cb5270ffe6179d5d7efd3fff6aa029f73853805038fef1a6f92683399d692aee7790eacc3a59681f66e2bd21b76c3abd87bef6404382782ec82fb726d59
kubernetes-node-linux-arm64.tar.gz 09693303a1a8489d9599d32f7fbf549d18f31eb53671fa2ed342fe5089f2fba9322d8c52088b141da2414bb2b7f8352634cf84f0c72f3a58afd057629c3e8e5b
kubernetes-node-linux-ppc64le.tar.gz cbdb3b9ffd9be524ec0b38d72b0545b6dd1b3b789747f41a661fd7cbeffe942eb592c7e928a61e26152e7402b4894f5a74aad09cf2243d726b3b311d41cb0674
kubernetes-node-linux-s390x.tar.gz fc296b386bc03bf10773559118cd4a3d5be3d4c296f09748507fac812a1c791b435881b2ae425846632404f7f53f3f3bf54fc582fb8aa4895310186371dbacfd
kubernetes-node-windows-amd64.tar.gz ae79c62fcb0654a62606d65cf131188d93e4a10787a862e7b0363269942df19543b55fd119ec6ff73578b24db7774235611956103fe5e153eddf450750c4bbee

Changelog since v1.13.0-alpha.2

Other notable changes

  • kubelet --system-reserved and --kube-reserved are supported now on Windows nodes (#69960, @feiskyer)
  • CSI drivers now have access to mountOptions defined on the storage class when attaching volumes. (#67898, @bswartz)
  • The kubectl plugin list command will now display discovered plugin paths in the same order as they are found in a user's PATH variable. (#70443, @juanvallejo)
  • Handle Windows named pipes in host mounts. (#69484, @ddebroy)
  • kubeadm: Multiple API server endpoints support upon join is removed as it is now redundant. (#69812, @rosti)
  • OpenAPI spec marks delete request's body parameter as optional (#70032, @iamneha)
  • kube-controller-manager and cloud-controller-manager now hold generated serving certificates in-memory unless a writeable location is specified with --cert-dir (#69884, @liggitt)
  • Scheduler only activates unschedulable pods if node's scheduling related properties change. (#70366, @mlmhl)
  • --api-audiences now defaults to the --service-account-issuer if the issuer is provided but the API audience is not. (#70308, @mikedanese)
  • Refactor scheduler_test.go to use a fake k8s client. (#70290, @tossmilestone)
  • kubectl rollout undo now returns errors when attempting to rollback a deployment to a non-existent revision (#70039, @liggitt)
    • kubectl rollout undo no longer uses the deprecated extensions/v1beta1 rollback API, which means that Events are no longer emitted when rolling back a deployment
    • The builtin system:csi-external-provisioner and system:csi-external-attacher cluster roles (#69868, @pohly)
      • are deprecated and will not be updated for deployments of CSI sidecar container versions >= 0.4.
      • Deployments with the current CSI sidecar containers have to provide their own RBAC
      • definitions. The reason is that the rules depend on how the sidecar containers are used,
      • which is defined by the deployment.
  • Use debian-base instead of busybox as base image for server images (#70245, @ixdy)
  • add support for projected volume in describe function (#70158, @WanLinghao)
  • Speedup process lookup in /proc (#66367, @cpuguy83)
  • Kubeadm reset now clean up custom etcd data path (#70003, @yagonobre)
  • We changed when the metadata.generation of a custom resource (CR) increments. (#69059, @caesarxuchao)
    • If the CR participates the spec/status convention, the metadata.generation of the CR increments when there is any change, except for the changes to the metadata or the changes to the status.
    • If the CR does not participate the spec/status convention, the metadata.generation of the CR increments when there is any change to the CR, except for changes to the metadata.
    • A CR is considered to participate the spec/status convention if and only if the "CustomResourceSubresources" feature gate is turned on and the CRD has .spec.subresources.status={}.
  • Improve Azure instance metadata handling by adding caches. (#70353, @feiskyer)
  • adding cn-northwest-1 for AWS China Ningxia region (#70155, @pahud)
  • "kubectl get" no longer exits before printing all of its results if an error is found (#70311, @juanvallejo)
  • kubeadm now automatically creates a new stacked etcd member when joining a new control plane node (does not applies to external etcd) (#69486, @fabriziopandini)
  • Critical pod annotation is deprecated. Pod priority should be used instead to mark pods as critical. (#70298, @bsalamat)
  • Display the usage of ephemeral-storage when using kubectl describe node (#70268, @Pingan2017)
  • Added functionality to enable br_netfilter and ip_forward for debian packages to improve kubeadm support for CRI runtime besides Docker. (#70152, @ashwanikhemani)
  • Add regions ap-northeast-3 and eu-west-3 to the list of well known AWS regions. (#70252, @nckturner)
  • Remove kube-controller-manager flag '--insecure-experimental-approve-all-kubelet-csrs-for-group'(deprecated in v1.7) (#69209, @Pingan2017)
  • GCE/GKE load balancer health check default interval changes from 2 seconds to 8 seconds, unhealthyThreshold to 3. (#70099, @grayluck)
    • Health check parameters are configurable to be bigger than default values.
  • The kubectl wait command must handle when a watch returns an error vs closing by printing out the error and retrying the watch. (#69389, @smarterclayton)
  • Updates to use debian-iptables v11.0, debian-hyperkube-base 0.12.0, and kube-addon-manager:v8.9. (#70209, @ixdy)
  • Fixed patch/update operations on multi-version custom resources (#70087, @liggitt)
  • When --rotate-server-certificates is enabled, kubelet will no longer request a new certificate on startup if the current certificate on disk is satisfactory. (#69991, @agunnerson-ibm)
    • Support for passing unknown provider names to the E2E test binaries is going to be deprecated. Use --provider=skeleton (no ssh access) or --provider=local (local cluster with ssh) instead. (#70141, @pohly)
  • Add scheduler benchmark tests for PodAffinity and NodeAffinity. (#69898, @Huang-Wei)
  • fix azure disk attachment error on Linux (#70002, @andyzhangx)

v1.13.0-alpha.2

Documentation

Downloads for v1.13.0-alpha.2

filename sha512 hash
kubernetes.tar.gz cbe7ef29c7e7bbed82e173289f5f84d7a85ee4965cc5b7ccd16cf8236a3b8171bb8f52011d00ea4dd1119cfeee32a3326260e968038431f2834f194e84f6f070
kubernetes-src.tar.gz 8b0b8e1b635cd849c2974d755fe174f0ce8fe8c690721d8ac6312683bbd2ca2c6f7eada38e4e470d3a0172138b10a994fa3bebc01abd76d835431660247e8a71

Client Binaries

filename sha512 hash
kubernetes-client-darwin-386.tar.gz fca661a5001e7f368374d0805f20910be24baa485bf4ae5d993185b974f70ff7241497e7a130658dca69abf335fd581c0f5be22de4f9937f32e9fb20fbd0f1e9
kubernetes-client-darwin-amd64.tar.gz d31dfea475981c7f7b758c7f201aa5b866db48d87942c79d0a12d464b7cdf501dba2255282c72b53928ccac215282fc8c0a9069a7443e9683bbf39a59814d8c3
kubernetes-client-linux-386.tar.gz fecf8362c572fff48952fd2748ddcb9d375462cb484670cda4fda1387eb692713be0a323e93746bb1845a4ef3b15df288430c8b4a5e4f2892c388bb84a66ec9a
kubernetes-client-linux-amd64.tar.gz 136cb82ac94bcd791d56e997a948a7e1bee4af03bcc69ce9c835895cdda75524f5916756c778ff8aa693624289824eaee4aff1e62a6d95d18f9b69a7473a3fe9
kubernetes-client-linux-arm.tar.gz e561c37895edef44614ecd59f497d393275ee62455b6269b169a891873d661d46cbf68e6148447f142ebdddb45bd5c01f6927d8463e2e1c4072358fec205e53e
kubernetes-client-linux-arm64.tar.gz c0d5eb49763e8bf50b5e8e3785c7889fecbd8bf7c0b3c18250fa894a1c5e58a14f796f7526279dbf41d5d47e69114d39e37a62403ff4abb1cc0cd20bd48c1c5a
kubernetes-client-linux-ppc64le.tar.gz a5a8c150af163e7c726662eeddfc3de8e43f123daaa100b8e82c9bc786313a5ce8135cbaadd41ebbb6c2307aeebdadf43fc84037a5ac9d3c5d6e9052b7fc615b
kubernetes-client-linux-s390x.tar.gz fd162e0244e107f1892d79029f3452cdba84d8616ad1b15eebe197afb3b536328cd8cba9c73c0ce1cd8ac6faed9e0a4613d487bf07b45341fadf0d940062bafa
kubernetes-client-windows-386.tar.gz e01fedec8f700e037bc43cb13bc916b85601cd1c9361a0f63fd27092640f89d2faaff4a6157638af8af52538c5f7fa75d9c7674477a45e0215fd505095a62f21
kubernetes-client-windows-amd64.tar.gz d2601efcfa6a4ba8a017e9cac571fb454b21b7700a7b3f8e2fbabdd5301545ef2459da93eca3684c1aa73ea6a6d87bae0e27fffc8b05ed93729004ebbb9e3879

Server Binaries

filename sha512 hash
kubernetes-server-linux-amd64.tar.gz 4dda298d44bc309f250c067e9282eea37903838a140cf5abf6f861dca624d5a055ba1c43129454ae9abc8350f1fffb224677e34ef4268f7eb43c96fe48b28d78
kubernetes-server-linux-arm.tar.gz e9c3bdf60272399bc6f85a15bbc55cd69db389c223b275661ddcab4ae8c3afcd2171ec3c35a53df2420376f8c6294af791776e16dc07a27438aaa3220d6c94a3
kubernetes-server-linux-arm64.tar.gz d0a1701a34365f939799b6ea676129acdcfa1582bcf50e82a9751d9aafc73ebffd0fc0365fe352755caa9a2b791c4195d7eb04fbb1ce660f107cb5257d57a967
kubernetes-server-linux-ppc64le.tar.gz 1a23473960aaaa639e796020741b63c11dad8a93903926e80c871814b8209166ef06f5205172cd9b2438f8c8e9c9fb50b96d983f56737ab252530112f816b2d6
kubernetes-server-linux-s390x.tar.gz 293d0eb93e2ed641d0c1e26d58423670c04c307dddb034a9fc252043abe5694f63e772d4dfe2bf505fc0b68c41f9d87800d867b87c7697dd6249b11c0efbc580

Node Binaries

filename sha512 hash
kubernetes-node-linux-amd64.tar.gz e3cba71c2b2d151cdcc44937c1bea083ee0ceb829e7feb25cd37edd4d0bd7adac0a166144bd33f9aa616d730785d52c3fee70f0db272d892e79c38eb544cfd22
kubernetes-node-linux-arm.tar.gz 28d7f1cf4fecdc72da7f5f19836cc06bb08182f8e8fb1641dc01e9299247905e305b04c676efa9afbdb8b1ed649542148406b110b75b1e87c1daca7ffed6018c
kubernetes-node-linux-arm64.tar.gz cfe22b11502cd857f0e277e7c1af08e6202f7ffc36f852c6154159bdd67bb330ffd18e5f768cf6968f0524aa80ffba6b7012207831ba94dec4084f1ce38a5289
kubernetes-node-linux-ppc64le.tar.gz 195a6785c49af419361a8901c99bb6613a6578a8eac5e8f08ec28077645be18c6d04c9afc2839d07de27b15595584f6dff5e5f9e78001fc2c6a3249e99b82247
kubernetes-node-linux-s390x.tar.gz 51f5b5ed47b50f5188d9e2f57b03555492d3e490494842247fa04fe81ea350c6694a52caa46ea50578ca07e48212f4f714b8614d8b1eb8924b424eaed73a8d24
kubernetes-node-windows-amd64.tar.gz d2690d57cd485c0c7ebe425464ad59f2c7722870abd6f264ea7fae65a4e403c89446373ba9cd23cd43e8316902637aa9e0b23d571b0ac890c35ff8e9c3ff3c3b

Changelog since v1.13.0-alpha.1

Other notable changes

  • Corrected family type (inet6) for ipsets in ipv6-only clusters (#68436, @uablrek)
  • Corrects check for non-Azure managed nodes with the Azure cloud provider (#70135, @marc-sensenich)
  • Windows runtime endpoints is now switched to 'npipe:////./pipe/dockershim' from 'tcp://localhost:3735'. (#69516, @feiskyer)
  • The caBundle and service fields in admission webhook API objects now correctly indicate they are optional (#70138, @liggitt)
  • The --service-account-api-audiences on kube-apiserver is deprecated in favor of --api-audiences. (#70105, @mikedanese)
  • kubeadm: fix unnecessary upgrades caused by undefined order of Volumes and VolumeMounts in manifests (#70027, @bart0sh)
  • kubeadm: Implemented preflight check to ensure that number of CPUs (#70048, @bart0sh)
    • on the master node is not less than required.
  • Reduce memory utilization of admission webhook metrics by removing resource related labels. (#69895, @jpbetz)
  • kubeadm: Introduce config print init/join-defaults that deprecate config print-defaults by decoupling init and join configs. (#69617, @rosti)
  • Images based on debian-base no longer include the libsystemd0 package. This should have no user-facing impact. (#69995, @ixdy)
    • Additionally, the addon-manager image is updated to use kubectl v1.11.3.
  • fix 'kubeadm upgrade' infinite loop waiting for pod restart (#69886, @bart0sh)
  • add more logging for azure disk diagnostics (#70012, @andyzhangx)
  • Fluentd: concatenate long logs (#68012, @desaintmartin)
  • CoreDNS is now the default DNS server in kube-up deployments. (#69883, @chrisohaver)
  • Optimizes calculating stats when only CPU and Memory stats are returned from Kubelet stats/summary http endpoint. (#68841, @krzysztof-jastrzebski)
  • kubeadm: Fix node join taints. (#69846, @andrewrynhard)
  • Opt out of chowning and chmoding from kubectl cp. (#69573, @bjhaid)
  • support Azure premium file for azure file plugin (#69718, @andyzhangx)
  • TaintBasedEvictions feature is promoted to beta. (#69824, @Huang-Wei)
  • improves memory use and performance when processing large numbers of pods containing tolerations (#65350, @liggitt)
  • Add dynamic audit configuration api (#67547, @pbarker)
  • Promote resource limits priority function to beta (#69437, @ravisantoshgudimetla)
  • Fix cluster autoscaler addon permissions so it can access batch/job. (#69858, @losipiuk)
  • change default azure file mount permission to 0777 (#69854, @andyzhangx)
  • kubeadm: JoinConfiguration now houses the discovery options in a nested Discovery structure, which in turn has a couple of other nested structures to house more specific options (BootstrapTokenDiscovery and FileDiscovery) (#67763, @rosti)
  • Fix tests to use fsync instead of sync (#69755, @mrunalp)
  • kube-proxy argument hostname-override can be used to override hostname defined in the configuration file (#69340, @stevesloka)
  • kube-apiserver: the --deserialization-cache-size flag is no longer used, is deprecated, and will be removed in a future release (#69842, @liggitt)
  • Add support for JSON patch in fake client (#69330, @vaikas-google)

v1.13.0-alpha.1

Documentation

Downloads for v1.13.0-alpha.1

filename sha512 hash
kubernetes.tar.gz 9f8a34b54a22ea4d7925c2f8d0e0cb2e2005486b1ed89e594bc0100ec7202fc247b89c5cbde5dc50c1f9d9f27e4f92aa0ca71fdffb9d079f63751bb1859d5bb4
kubernetes-src.tar.gz a27a7c254d3677c823bd6fd1d0d5f9b1e78ccf807837173669a0079b0812a23444d646d80c2433c167ae50bf1a0e2a4b1d7cbd7457a505fc666464b069bd1e5f

Client Binaries

filename sha512 hash
kubernetes-client-darwin-386.tar.gz d77d33c6d6357b99089f65e1c9ec3cabdcf526ec56e87bdee6b09a8c1b1f1b8f6f0ed6d32f2d3b352391da848afc945e5bb6bfc4c05d90fb4ba429e2d2c3ec0f
kubernetes-client-darwin-amd64.tar.gz 5b4a586defa2ba0ea7c8893dedfe48cae52a2cd324bcb311a3877e27493abb6cb76550e8201a9cac488cde9f83e0d30e6569b95641e8098fd9ec5df9c9e027b2
kubernetes-client-linux-386.tar.gz d50572fbb716393004ad2984a15043d2dfadedd16ae03a73fc85653266ae389071fd2c993923fbe9ea7fbd6b8cbeb6680ef147245e20f334969184d4b571509b
kubernetes-client-linux-amd64.tar.gz 12ab709e574228f170a2ee2686e18dcbfcf59f64599b2ab9047c2ed63f4bd23d6c9fc48104431c9fa616e0ba30041e1c44fb3994ab54c5c98c0c4a94c5ea4b80
kubernetes-client-linux-arm.tar.gz 3a8c75b62cf9e6476417246d4aaeda5a13b74bc073444fc3649198b9d5dc1e7a62aa6b914c7da5a42bcd6164a8f63aa8b256b3579979b6465afe5aa5533ce501
kubernetes-client-linux-arm64.tar.gz 0f5b5956850f11a826d59d226b6a22645ca1f63893cd33c17dfe004bd316f2704d800beb0b9c91a204efc125241825243c9e89b86c01e523bd07636ef925772e
kubernetes-client-linux-ppc64le.tar.gz 06c60dd2e4e8d1ab45474a5b85345b4f644d0c1c66e167596c6c91bd607f957b68121fdb7efed362cb6799e7bcf14752b01f8bea0c929deb85311180f11469be
kubernetes-client-linux-s390x.tar.gz 4630e9e523beb02d8d3900c71b3306561c2d119d588399c93d578184eb1a53601ceefe15a600740c13d565eaf24a679f17e371e2b19a70f77bbceab84acb58b3
kubernetes-client-windows-386.tar.gz 0c0fcc9c492aceb00ff7fd3c10ba228c7bb10d6139b75ceecd8f85532797c5dc1162b39d94ebae5fa6b4c26f2b2a81630371617426f7537d9d11456943c7d50c
kubernetes-client-windows-amd64.tar.gz 3548a6d8618c6c7c8042ae8c3eb69654314392c46f839de24ab72d9faa79993a6cf989f6ac619e418e817300081742c9928c8c2dd82cffc74f7c0e532e42288d

Server Binaries

filename sha512 hash
kubernetes-server-linux-amd64.tar.gz 9dbf2343ef9539b7d4d73949bcd9eef6f46ece59e97fa3390a0e695d0cb2eacbbbae17e3ed53432a8018f55e6db2421a58739aacbc163776d8b2fe774ad62c34
kubernetes-server-linux-arm.tar.gz a985f3c302246df9bff4b927a2596d209c19fb2f245aa5cb5de189b6a9d247d6fd0234edd45968a691f1a2714a0b72ffba2df1aebf361ba1a3461ab7e5fda2ff
kubernetes-server-linux-arm64.tar.gz 80d20df07e6a29b7aedccbd4e26c1c0565b2a1c3146e1a5bb2ebd2e8cf9ab063db137389a498fd6a6c3c42da43486186af6f65fba399b332e4cae134badd7ab0
kubernetes-server-linux-ppc64le.tar.gz 7d45ed3aa8b36e9e666b334ff3ed3de238caea34b4a92b5e1a61a6e7223ae8581bafff43a5b72447a43e118ad4b2c5c15aa0d6faab9a6a72a8fcf99abf340a1e
kubernetes-server-linux-s390x.tar.gz 30698478fab2fe7daccac97917b0b21b018c194ec39b005728f8cddf77f889aa3e1a520e0d1d681f9d8b7889a887aa6eb98c33cb04a8bf52b9a40bb8589aa34f

Node Binaries

filename sha512 hash
kubernetes-node-linux-amd64.tar.gz 4497d14ac81677b43f0b75a457890c1f3bb8745a39875f58d53c734bec1947c37388228e0c952ca87f22d74af101a9263546db07bf1a021d59cba3cea1d5e5b9
kubernetes-node-linux-arm.tar.gz a3b0357db50e0dec7b0474816fec287388adabc76cc309a40dee9bc73771c951e4526a06145a8b332d72e5999dabb5e467d00d7c47035559a79e56f863def2f7
kubernetes-node-linux-arm64.tar.gz 43af8ec4c5f2a1e2baa8cd13817e127fb6a3576dd811a30c4cc5f04d8a9a8bb2267eb5c42e0a895cf2ec0e3260b73c818249296c957625f4048e13102606680a
kubernetes-node-linux-ppc64le.tar.gz 840354219b3e59ed05b5b44cbbf4d45ccc4c0d74044e28c8a557ca75d12e509b091eb10d9bed81e300cb484b0a0f735424383c8b266fbb3e2aa7a2d50dceaf9e
kubernetes-node-linux-s390x.tar.gz 796ca2e6855bd942a9a63d93f847ae62c5ee74195e041b60b89ee7d0e5a75643a8809bfaa36898daa176bccf140a8e5e858f5cb74e457d8bbb0a650600628ceb
kubernetes-node-windows-amd64.tar.gz 96d666e8446d09088bdcb440559035118dce07a2d9f5718856192fd807b61840d2d6cee2a808eb13f2e947784300edc1ac41ade14dc3536c044e4d08982f0fdd

Changelog since v1.12.0

Action Required

  • kube-apiserver: the deprecated --etcd-quorum-read flag has been removed, and quorum reads are always enabled when fetching data from etcd. (#69527, @liggitt)
  • Moved staging/src/k8s.io/client-go/tools/bootstrap to staging/src/k8s… (#67356, @yliaog)
  • [action required] kubeadm: The v1alpha2 config API has been removed. (#69055, @fabriziopandini)
    • Please convert your v1alpha2 configuration files to v1alpha3 using the
    • kubeadm config migrate command of kubeadm v1.12.x

Other notable changes

  • Refactor factory_test.go to use a fake k8s client. (#69412, @tossmilestone)
  • kubeadm: fix a case where fetching a kubernetesVersion from the internet still happened even if some commands don't need it. (#69645, @neolit123)
  • Add tolerations for Stackdriver Logging and Metadata Agents. (#69737, @qingling128)
  • Fix a bug in the scheduler that could cause the scheduler to go to an infinite loop when all nodes in a zone are removed. (#69758, @bsalamat)
  • Dry-run is promoted to Beta and will be enabled by default. (#69644, @apelisse)
  • kubectl get priorityclass now prints value column by default. (#69431, @Huang-Wei)
  • Added a new container based image for running e2e tests (#69368, @dims)
  • Remove the deprecated --google-json-key flag from kubelet. (#69354, @yujuhong)
  • kube-apiserver: fixes procMount field incorrectly being marked as required in openapi schema (#69694, @jessfraz)
  • The LC_ALL and LC_MESSAGES env vars can now be used to set desired locale for kubectl while keeping LANG unchanged. (#69500, @m1kola)
  • Add ability to control primary GID of containers through Pod Spec and PodSecurityPolicy (#67802, @krmayankk)
  • NodeLifecycleController: Now node lease renewal is treated as the heartbeat signal from the node, in addition to NodeStatus Update. (#69241, @wangzhen127)
  • [GCE] Enable by default audit logging truncating backend. (#68288, @loburm)
  • Enable insertId generation, and update Stackdriver Logging Agent image to 0.5-1.5.36-1-k8s. This help reduce log duplication and guarantee log order. (#68920, @qingling128)
  • Move NodeInfo utils into pkg/scheduler/cache. (#69495, @wgliang)
  • adds dynamic shared informers to write generic, non-generated controllers (#69308, @p0lyn0mial)
  • Move CacheComparer to pkg/scheduler/internal/cache/comparer. (#69317, @wgliang)
  • Updating OWNERS list for vSphere Cloud Provider. (#69187, @SandeepPissay)
  • The default storage class annotation for the storage addons has been changed to use the GA variant (#68345, @smelchior)
  • Upgrade to etcd 3.3 client (#69322, @jpbetz)
  • fix GetVolumeLimits log flushing issue (#69558, @andyzhangx)
  • It is now possible to use named ports in the kubectl port-forward command (#69477, @m1kola)
  • kubeadm: fix a possible scenario where kubeadm can pull much newer control-plane images (#69301, @neolit123)
  • test/e2e/e2e.test: (#69105, @pohly) * -viper-config can be used to set also the options defined by command line flags * the default config file is "e2e.yaml/toml/json/..." and the test starts when no such config is found (as before) but if -viper-config is used, the config file must exist * -viper-config can be used to select a file with full path, with or without file suffix * the csiImageVersion/Registry flags were renamed to storage.csi.imageVersion/Registry
  • Move FakeCache to pkg/scheduler/internal/cache/fake. (#69318, @wgliang)
  • The "kubectl cp" command now supports path shortcuts (../) in remote paths. (#65189, @juanvallejo)
  • Fixed subpath in containerized kubelet. (#69565, @jsafrane)
  • The runtimeHandler field on the RuntimeClass resource now accepts the empty string. (#69550, @tallclair)
  • Kubelet can now parse PEM file containing both TLS certificate and key in arbitrary order. Previously key was always required to be first. (#69536, @awly)
  • Scheduling conformance tests related to daemonsets should set the annotation that relaxes node selection restrictions, if any are set. This ensures conformance tests can run on a wider array of clusters. (#68793, @aveshagarwal)
  • Replace Parallelize with function ParallelizeUntil and formally deprecate the Parallelize. (#68403, @wgliang)
  • Move scheduler cache interface and implementation to pkg/scheduler/internal/cache. (#68968, @wgliang)
  • Update to use go1.11.1 (#69386, @cblecker)
  • Any external provider should be aware the cloud-provider interface should be imported from :- (#68310, @cheftako)
    • cloudprovider "k8s.io/cloud-provider"
  • kubeadm: Fix a crash if the etcd local alpha phase is called when the configuration contains an external etcd cluster (#69420, @ereslibre)
  • kubeadm now allows mixing of init/cluster and join configuration in a single YAML file (although a warning gets printed in this case). (#69426, @rosti)
  • Code-gen: Remove lowercasing for project imports (#68484, @jsturtevant)
  • Fix client cert setup in delegating authentication logic (#69430, @DirectXMan12)
  • service.beta.kubernetes.io/aws-load-balancer-internal now supports true and false values, previously it only supported non-empty strings (#69436, @mcrute)
  • OpenAPI spec and API reference now reflect dryRun query parameter for POST/PUT/PATCH operations (#69359, @roycaihw)
  • kubeadm: Add a v1beta1 API. (#69289, @fabriziopandini)
  • kube-apiserver has removed support for the etcd2 storage backend (deprecated since v1.9). Existing clusters must migrate etcd v2 data to etcd v3 storage before upgrading to v1.13. (#69310, @liggitt)
  • List operations against the API now return internal server errors instead of partially complete lists when a value cannot be transformed from storage. The updated behavior is consistent with all other operations that require transforming data from storage such as watch and get. (#69399, @mikedanese)
  • kubectl wait now supports condition value checks other than true using --for condition=available=false (#69295, @deads2k)
  • CCM server will not listen insecurely if secure port is specified (#68982, @aruneli)
  • Bump cluster-proportional-autoscaler to 1.3.0 (#69338, @MrHohn)
      • Rebase docker image on scratch.
  • fix inconsistency in windows kernel proxy when updating HNS policy. (#68923, @delulu)
  • Fixes the sample-apiserver so that its BanFlunder admission plugin can be used. (#68417, @MikeSpreitzer)
  • Fixed CSIDriver API object to allow missing fields. (#69331, @jsafrane)
  • Bump addon-manager to v8.8 (#69337, @MrHohn)
      • Rebase docker image on debian-base:0.3.2.
  • Update defaultbackend image to 1.5. Users should concentrate on updating scripts to the new version. (#69120, @aledbf)
  • Bump Dashboard version to v1.10.0 (#68450, @jeefy)
  • Fixed panic on iSCSI volume tear down. (#69140, @jsafrane)
  • Update defaultbackend to v1.5 (#69334, @bowei)
  • Remove unused chaosclient. (#68409, @wgliang)
  • Enable AttachVolumeLimit feature (#69225, @gnufied)
  • Update crictl to v1.12.0 (#69033, @feiskyer)
  • Wait for pod failed event in subpath test. (#69300, @mrunalp)
  • [GCP] Added env variables to control CPU requests of kube-controller-manager and kube-scheduler. (#68823, @loburm)
  • Bump up pod short start timeout to 2 minutes. (#69291, @mrunalp)
  • Use the mounted "/var/run/secrets/kubernetes.io/serviceaccount/token" as the token file for running in-cluster based e2e testing. (#69273, @dims)
  • apiservice availability related to networking glitches are corrected faster (#68678, @deads2k)
  • extract volume attachment status checking operation as a common function when attaching a CSI volume (#68931, @mlmhl)
  • PodSecurityPolicy objects now support a MayRunAs rule for fsGroup and supplementalGroups options. This allows specifying ranges of allowed GIDs for pods/containers without forcing a default GID the way MustRunAs does. This means that a container to which such a policy applies to won't use any fsGroup/supplementalGroup GID if not explicitly specified, yet a specified GID must still fall in the GID range according to the policy. (#65135, @stlaz)
  • Images for cloud-controller-manager, kube-apiserver, kube-controller-manager, and kube-scheduler now contain a minimal /etc/nsswitch.conf and should respect /etc/hosts for lookups (#69238, @BenTheElder)
  • add deprecation warning for all cloud providers (#69171, @andrewsykim)
  • IPVS proxier mode now support connection based graceful termination. (#66012, @Lion-Wei)
  • Fix panic in kubectl rollout commands (#69150, @soltysh)
  • Add fallbacks to ARM API when getting empty node IP from Azure IMDS (#69077, @feiskyer)
  • Deduplicate PATH items when reading plugins. (#69089, @soltysh)
  • Adds permissions for startup of an on-cluster kube-controller-manager (#69062, @dghubble)
  • Fixes issue [#68899](https://github.com/kubernetes/kubernetes/issues/68899) where pods might schedule on an unschedulable node. (#68984, @k82cn)
  • Returns error if NodeGetInfo fails. (#68979, @xing-yang)
  • Pod disruption budgets shouldn't be checked for terminal pods while evicting (#68892, @ravisantoshgudimetla)
  • Fix scheduler crashes when Prioritize Map function returns error. (#68563, @DylanBLE)
  • kubeadm: create control plane with ClusterFirstWithHostNet DNS policy (#68890, @andrewrynhard)
  • Reduced excessive logging from fluentd-gcp-scaler. (#68837, @x13n)
  • adds dynamic lister (#68748, @p0lyn0mial)
  • kubectl: add the --no-headers flag to kubectl top ... (#67890, @WanLinghao)
  • Restrict redirect following from the apiserver to same-host redirects, and ignore redirects in some cases. (#66516, @tallclair)
  • Fixed pod cleanup when /var/lib/kubelet is a symlink. (#68741, @jsafrane)
  • Add "only_cpu_and_memory" GET parameter to /stats/summary http handler in kubelet. If parameter is true then only cpu and memory will be present in response. (#67829, @krzysztof-jastrzebski)
  • Start synchronizing pods after network is ready. (#68752, @krzysztof-jastrzebski)
  • kubectl has gained new --profile and --profile-output options to output go profiles (#68681, @dlespiau)
  • Provides FSGroup capability on FlexVolume driver. It allows to disable the VolumeOwnership operation when volume is mounted (#68680, @benoitf)
  • Apply _netdev mount option on bind mount (#68626, @gnufied)
  • fix UnmountDevice failure on Windows (#68608, @andyzhangx)
  • Allows changing nodeName in endpoint update. (#68575, @prameshj)
  • kube-apiserver would return 400 Bad Request when it couldn't decode a json patch. (#68346, @CaoShuFeng)
    • kube-apiserver would return 422 Unprocessable Entity when a json patch couldn't be applied to one object.
  • remove unused ReplicasetControllerOptions (#68121, @dixudx)
  • Pass signals to fluentd process (#68064, @gianrubio)
  • Flex drivers by default do not produce metrics. Flex plugins can enable metrics collection by setting the capability 'supportsMetrics' to true. Make sure the file system can support fs stat to produce metrics in this case. (#67508, @brahmaroutu)
  • Use monotonically increasing generation to prevent scheduler equivalence cache race. (#67308, @cofyc)
  • Fix kubelet service file permission warning (#66669, @daixiang0)
  • Add prometheus metric for scheduling throughput. (#64526, @misterikkit)
  • Get public IP for Azure vmss nodes. (#68498, @feiskyer)
  • test/integration: add a basic test for covering CronJobs (#66937, @mortent)
  • Make service environment variables optional (#68754, @bradhoekstra)