tencent cloud

Feedback

TKE Kubernetes Revision Version History

Last updated: 2022-06-22 11:32:31

    TKE Kubernetes 1.20.6 Revisions

    Date Version Updates
    2022-04-22v1.20.6-tke.17
  • EKS: The sandbox feature is retained. (kube-scheduler)
  • Merged pr101093, which fixed the issue where `startupProbe` is no longer be implemented after the Pod is restarted. (kubelet)
  • 2022-03-24v1.20.6-tke.16Fixed the issue where the inline csi and ephemeral generic ephemeral volumes are unavailable after upgrading to v1.20. (kube-apiserver, kube-controller-manager, kube-scheduler, kubelet, kubectl)
    2022-03-18v1.20.6-tke.15
  • Supports specifying a Pod when scaling in. (kube-controller-manager)
  • Merges pr106906, which detects whether the network storage volume subpath has been deleted, preventing the Pod from being in terminating status all the time. (kubelet)
  • The EKS virtual nodes are ignored when the anti-affinity scheduling is performed based on the hostname. (kube-scheduler)
  • Supports upgrading tke1.18 to 1.20. (kube-apiserver,kube-controller-manager,kubelet)
  • Ports pr108325, which fixed the problem where panic is caused by the deletion of the sandbox container when the kubelet is launched. (kubelet)
  • Supports Prebind and Unreserve operations for extender schedulers. (kube-scheduler)
  • 2022-01-20v1.20.6-tke.12
  • EKS rescheduling optimization: Lower the score for virtual nodes that have been drained in the same availability zone. (kube-scheduler)
  • The apiserver supports integration of ExternalName type external services. (kube-apiserver)
  • Supports binding the LB addresses to the ipvs ENIs. (kube-proxy)
  • 2021-12-09v1.20.6-tke.9
  • Optimizes EKS virtual node scheduling and HPA. (kube-controller-manager, kube-scheduler)
  • Fixes the inconsistency between EKS and frontend when calculating CPU resources. (kube-scheduler)
  • 2021-12-02v1.20.6-tke.8
  • Optimizes gRPC logs to avoid printing too many logs when kubelet collects volume status. (kubelet)
  • Avoids scheduling Pods using CBS to external CHC nodes. (kube-scheduler)
  • 2021-11-26v1.20.6-tke.7
  • Supports customized installation of other CNIs for added external hybrid cloud nodes. (kube-controller-manager)
  • Avoids unnecessary processing of updates after a Pod is assumed. (kube-scheduler)
  • Merges pr99336 to improve the node information sync mechanism upon kubelet startup. (kubelet)
  • 2021-10-13v1.20.6-tke.6Merges 89465, which fixes the issue where the HPA based on Pod metrics incorrectly calculates the number of instances during rolling updates. (kube-controller-manager)
    2021-09-27v1.20.6-tke.5Supports collection of disk usage metrics of Containerd runtime. (kubelet)
    2021-09-23v1.20.6-tke.4
  • Fixes the issue where there is no data in the stored metrics when using cgroup v2. (kubelet)
  • Fixes CVE-2021-25741 to block unauthorized access to server files over soft links. (kubelet)
  • 2021-07-19 v1.20.6-tke.3
    • When the TKE cluster adds the virtual node, it can perceive the remaining IPs in the subnet and schedule right number of Pods to the virtual node at the time of batch scheduling of Pods. (kube-scheduler)
    • Ports the modifications made by upstream to kubelet and cAdvisor, and fixes the issue of metrics collection and statistics when using cgroupv2. (kubelet)
    2021-06-21 v1.20.6-tke.2CSIMigration and CSIMigrationQcloudCbs are enabled by default, and CBS disks are mounted by CSI.
    2021-05-25 v1.20.6-tke.1
    • Reverts pr63066, which fixes the issues of LB health check and IPVS. (kube-proxy)
    • Merges pr90260, which fixes the issue of lack of containerd cluster network monitoring. (kubelet)
    • Fixes the issue where upgrading lxcfs in Ubuntu 16 causes Pods to exit. (kubelet)
    • Merges pr72914, which fixes the issue where mounting might fail if you delete a pod, create a new one, and schedule it to the same node. (kube-controller-manager)
    • Fixes the issue where creating containers in CentOS results in cgroup leakage. (kubelet)
    • Merges pr98262, which allows you to use kube-controller-manager to dynamically adjust the log level. (kube-controller-manager)
    • Merges pr97752, which fixes the issue where NewReplicaSet is displayed as <none> when describing deployment. (kubectl)
    • Merges pr94833, which fixes the issue where the image tags in status do not match when Pod image has multiple tags. (kubelet)
    • Merges pr100060, which automatically deletes the volume directory left by orphaned Pod. (kubelet)
    • The kube-controller-manager supports virtual nodes. (kube-controller-manager)
    • The kube-scheduler supports retaining fixed number of local replicas when hybrid cloud adds virtual nodes. (kube-scheduler)
    • CBS CSI migration is supported. (kube-controller-manager, kubelet)
    • Merges pr93260, which fixes the issue that the node startup becomes slowly caused by AWS Credential Provider. (kubelet)
    • Adds the command line parameter eks-config-namespace for the scheduler. This parameter specifies the namespace where scaling of eks related configuration occurs. (kube-scheduler)
    • TKE supports hybrid cloud nodes. (kube-controller-manager)

    TKE kubernetes 1.18.4 revisions

    DateVersionUpdates
    2022-03-18v1.18.4-tke.23
  • Merges pr92878, which allows to print alarm information only when the Owership of ConfigMap/Secret volume is set to be more than 30 seconds, avoiding excessive log information. (kubelet)
  • Merges pr106906, which detects whether the network storage volume subpath has been deleted, preventing the Pod from being in terminating status all the time. (kubelet)
  • The EKS virtual nodes are ignored when the anti-affinity scheduling is performed based on the hostname. (kube-scheduler)
  • Merges pr93026, which fixed the problem where DefaultPodTopologySpread cannot obtain replicaset information. (kube-scheduler)
  • 2022-01-20v1.18.4-tke.20
  • EKS rescheduling optimization: Lower the score for virtual nodes that have been drained in the same availability zone. (kube-scheduler)
  • The apiserver supports integration of ExternalName 556 type external services. (kube-apiserver)
  • Supports binding the LB addresses to the ipvs ENIs. (kube-proxy)
  • 2021-12-09v1.18.4-tke.17
  • Fixes the issue where kube-controller-manager's access to api-server is restricted when there are a large number of volume attachment objects. (kube-controller-manager)
  • Merges PR95650, so that HPA ignores deleted Pods when counting replicas. (kube-controller-manager)
  • Fixes the inconsistency between EKS and frontend when calculating CPU resources. (kube-scheduler)
  • 2021-12-02v1.18.4-tke.16
  • Fixes the bug when scheduling to virtual nodes. (kube-scheduler)
  • Optimizes the virtual node scheduling algorithm. (kube-scheduler)
  • 2021-11-26v1.18.4-tke.15
    • Merges pr96444, so that if an error occurs during RBAC policy sync, the operation will be retried. (kube-apiserver)
    • Supports customized installation of other CNIs for added external hybrid cloud nodes. (kube-controller-manager)
    • Supports binding cores by group for Android containers in cloud games. (kubelet)
    • Supports extended scheduler Prebind and Unreserve operations. (kube-scheduler)
    • Merges pr99336 to improve the node information sync mechanism upon kubelet startup. (kubelet)
    • Fixes CVE-2021-25741 to block unauthorized access to server files over soft links. (kubelet)
    • Optimizes the error message when scheduling times out due to CBS disk creation failure. (kube-scheduler)
    • Optimizes gRPC logs to avoid printing too many logs when kubelet collects volume status. (kubelet)
    • Avoids scheduling Pods using CBS to external CHC nodes. (kube-scheduler)
    2021-08-23v1.18.4-tke.14
    • When the TKE cluster adds virtual nodes, it supports static IP. (kube-scheduler)
    • When the TKE cluster adds virtual nodes, if EKS static IP is matched, other pre-selected policies are skipped. (kube-scheduler)
    • When the TKE cluster adds virtual nodes, EKS node resource awareness rescheduling is optimized for EKS node scheduling, and EKS node priority model scheduling and preference/pre-selection policy for EKS nodes are optimized. (kube-scheduler)
    • Records loaded IPVS kernel module to avoid kube-proxy crashes in IPVS mode. (kube-proxy)
    • Avoids panic when an error occurs at the time of writing into cpu manager status file. (kubelet)
    2021-07-22v1.18.4-tke.13Merges PR91859, which fixes the issue of kube-apiserver panic when the CRD type has only one letter. (kube-apiserver)
    2021-07-13v1.18.4-tke.12
    • When the TKE cluster adds virtual nodes, it can perceive the remaining IPs in the subnet and schedule right number of Pods to the virtual node at the time of batch scheduling of the Pods. (kube-scheduler)
    • Supports collection of disk usage metrics of Containerd runtime. (kubelet)
    • You can specify the Pod at the time of scaling in. (kube-controller-manager)
    2021-06-05 v1.18.4-tke.11 TKE supports hybrid cloud nodes. (kube-controller-manager)
    2021-05-14 v1.18.4-tke.9
    • Ports pr93370 to support CronJobControllerV2. (kube-controller-manager)
    • Merges pr100376 to enable HTTP/2 health check, which prevents the issue that the underlying layer connection is closed but can still be used incorrectly. (kube-apiserver, kube-controller-manager, kube-scheduler, kubelet, kube-proxy, kubectl)
    • Merges pr100317, which fixes the issue where CVE-2021-25735 node updates might bypass the Validating Admission Webhook. (kube-apiserver)
    • When TKE cluster adds virtual nodes, ComputeResource, EKS ClusterIP, and HPA are supported. (kube-controller-manager, kube-scheduler)
    2021-04-02 v1.18.4-tke.8
    • Merges pr97752, which fixes the issue where NewReplicaSet is displayed as <none> when describing deployment (kubectl).
    • Merges pr93808, which fixes the issue where unnecessary information is returned when kube-scheduler --version is executed. (kube-scheduler)
    • Merges pr91590, which fixes the issue of warning that the port has been allocated when using the multiprotocol service of NodePort type (kube-apiserver).
    • Merges pr98262, which allows you to use kube-controller-manager to dynamically adjust the log level. (kube-controller-manager)
    • Merges pr95154, which fixes the issue where kube-scheduler snapshot contains the nodes being deleted. (kube-scheduler)
    • Merges pr95711, which fixes the issue where kubectl drain command occupies too much CPU. (kubectl)
    • Merges pr96602, which fixes the issue where apiserver memory leaks before or after the time gaps. (kube-apiserver)
    • Merges pr97023, which deletes the related metadata directory when unmounting an emptyDir type volume (kubelet).
    • Merges pr97527, which fixes the issue where map access operations are not synchronized in cpumanager (kubelet).
    • Merges pr100190, which automatically deletes the volume directory left by orphaned Pod (kubelet).
    • Merges pr92614, when all containers of the Pod whose restart policy is RestartPolicyOnFailure exit successfully, no new sandbox will be created (kubelet).
    • Merges pr94833, which fixes the issue where the image tag does not match in status when Pod image has multiple tags (kubelet).
    2020-12-28 v1.18.4-tke.6 (ARM clusters are supported starting from this version)
    • Adds metrics to QcloudCbs. (kube-controller-manager)
    • Fixes the issue where extra space exists in the value of serial when mounting CBS disk. (Kubelet)
    2020-12-21 v1.18.4-tke.5
    • Merges pr94712, which fixes CVE-2020-8564 - fixes the issue when the file format is incorrect and logLevel >= 4, Docker configuration leaks. (kubelet)
    • Merges pr95316, which fixes CVE-2020-8565 - fixes the issue where incomplete fix for CVE-2019-11250 resulting in log token leak. (logLevel >= 9) (kube-apiserver, kubectl)
    • Merges pr95245, which fixes CVE-2020-8566 - fixes the issue where Ceph RBD adminSecrets is exposed in the log when loglevel >= 4. (kube-controller-manager)
    • Fixes the issue where restarting kubelet causes failure of Pod readiness check. (kubelet)
    • Merges pr90825, which fixes the issue where the pop operation of the fifo queue in client-go might be stuck due to race condition, which causes the pod to remain in the pending state. (kubelet)
    • The scheduler supports virtual nodes. (kube-scheduler)
    • The kube-controller-manager supports virtual nodes. (kube-controller-manager)
    • Sets the instance-type label based on the actual model of the node, instead of being fixed as QCLOUD. (kubelet)
    • Adds the CBS to OpenAPI. (kube-apiserver)
    • Merges pr91126, which fixes the issue where the scheduler cache is inconsistent when Pod has the same name but different UID. (kube-scheduler)
    • Merges pr93387, which fixes the issue where the daemonset pod can not be scheduled to nodes due to the disorder of node cache information in the scheduler. (kube-scheduler)
    • Merges pr89465, which fixes the issue where the HPA based on Pod metrics incorrectly calculates the number of instances during rolling updates. (kube-controller-manager)
    October 13, 2020 v1.18.4-tke.3
    • Merges pr89629, which fixes the issue where the container that mounts the subpath would fail to restart after the configmap is changed. (kubelet)
    • QcloudCbs supports BulkVolumeVerification. (kube-controller-manager)
    • Merges pr94430, which fixes the issue where the client-go reflector could not detect the "Too large resource version" error (kubelet).
    2020-08-12 v1.18.4-tke.2
    • Merges pr93403, which removes the printed error information of pod condition irrelevant to the kubelet during kubelet update. (kubelet)
    2020-08-04 v1.18.4-tke.1
    • Reverts pr63066, which fixes the issues of LB health check and IPVS. (kube-proxy)
    • Merges pr72914, which fixes the issue where mounting might fail if you delete a pod, create a new one, and schedule it to the same node. (kube-controller-manager)
    • Fixes the issue where creating containers in CentOS results in cgroup leakage. (kubelet)
    • Fixes the issue where upgrading lxcfs in Ubuntu 16 causes pods to exit. (kubelet)
    • metadata adds cache and timeout. cloud-provider now supports using node name as hostname. (kubelet)
    • metadata adds local cache. (kubelet)
    • Incorporates CBS and relevant fixing code. (kubelet)
    • Merges pr90260, which fixes the issue of missing monitoring records for containerd cluster networks. (kubelet)
    • TKE can perceive the maximum number of qcloudcbs that can be mounted to a single node. In 1.12 and later versions, the value is maxAttachCount-2. In version 1.10, the value is 18 by default. (kube-scheduler)
    • Fixes the issue where CBS intree continues to unmount a non-existent disk, causing numerous invalid requests. (kubelet)
    • Merges pr2359, which fixes the issue with missing monitoring records when the system is unable to obtain docker root. (kubelet)
    • kube-scheduler now supports dynamic logging level configuration. (kube-scheduler)
    • Produces a workaround for the missing CBS device path (/dev/disk/by-id/virtio-xxx/...) issue that prevents some users from accessing CBS properly. (kubelet)
    • TKE can perceive the maximum number of qcloudcbs that can be mounted to a single node. The kubelet side will not patch node. (kubelet)
    • Merges pr89296, so that the log will not record whether the iptables random-fully parameter is enabled. (kube-proxy)
    • Fixes the aws issue, pr92162. (kubelet)
    • Merges pr91277, which prevents the issue of large numbers of TLS handshake error logs generated by kube-apiserver as a result of CLB health checks. (kube-apiserver)
    • Merges pr91500, which fixes the issue of missing environmental variables of KUBERNETES_SERVICE_HOST. (kubelet)
    • Merges 92537, which fixes the issue where client-go reflector could not recover from the error "Too large resource version". (kube-apiserver, kube-controller-manager, kube-scheduler, kubelet, and kube-proxy)
    • Merges pr92969, which fixes the issue where CVE-2020-8559 privilege escalation from an invaded node results in invasion into other nodes. (kube-apiserver)
    • Merges pr92921, which fixes the DOS attack issue where CVE-2020-8557 exhausts the disk space by writing into “/etc/hosts”. (kubelet)

    TKE kubernetes 1.16.3 revisions

    DateVersionUpdates
    2022-03-18v1.16.3-tke.27
  • Supports specifying a Pod when scaling in. (kube-controller-manager)
  • Optimization of virtual node scheduling algorithm. (kube-scheduler)
  • 2022-01-20v1.16.3-tke.25
  • Supports binding the LB addresses to the ipvs ENIs. (kube-proxy)
  • The apiserver supports integration of ExternalName type external services. (kube-apiserver)
  • Optimization of EKS scheduling. (kube-scheduler)
  • 2021-12-09v1.16.3-tke.24Fixes the issue where the EKS local replica quantity policy fails on StatefulSet Pods. (kube-scheduler)
    2021-12-02v1.16.3-tke.23
  • Supports extended scheduler Prebind and Unreserve operations. (kube-scheduler)
  • Avoids scheduling Pods using CBS to external CHC nodes. (kube-scheduler)
  • Fixes the bug when scheduling to virtual nodes. (kube-scheduler)
  • 2021-09-03v1.16.3-tke.22Avoids panic when an error occurs at the time of writing into cpu manager status file. (kubelet)
    2021-08-17v1.16.3-tke.21
    • Optimizes EKS node resource awareness rescheduling for EKS node scheduling, optimizes EKS node priority model scheduling, and optimizes preference/pre-selection policy for EKS node. (kube-scheduler)
    • Ports 87692, which fixes the issue that there is no data for scheduler’s pending_pods and schedule_attempts_total metrics. (kube-scheduler)
    2021-07-19v1.16.3-tke.20
    • Ports 87688 and 87693, which optimizes Node Authorizer performance. (kube-apiserver)
    • When the TKE cluster adds virtual nodes, it can perceive the remaining IPs in the subnet and schedule right number of Pods to the virtual node at the time of batch scheduling of Pods. (kube-scheduler)
    • Merges pr88507, which fixes the issue that the podIP and podIPs are inconsistent when updating the Pod status. (kube-apiserver)
    2021-05-24 v1.16.3-tke.17
    • Ports pr93370 to support CronJobControllerV2. (kube-controller-manager)
    • When the TKE cluster adds virtual nodes, the local replicas can be retained. (kube-scheduler)
    2021-05-06 v1.16.3-tke.16
    • Updates the launch method of running kube-proxy as an image, and automatically adapts to the iptables running mode of the node to support the operating system that uses the NF_TABLES mode to run iptables by default.
    2021-04-14 v1.16.3-tke.15
    • Merges pr97752, which fixes the issue where NewReplicaSet is displayed as <none> when describing deployment (kubectl).
    • Merges pr92614, when all containers of the Pod whose restart policy is RestartPolicyOnFailure exit successfully, no new sandbox will be created. (kubelet)
    • Merges pr91590, which fixes the issue of warning that the port has been allocated when using the multiprotocol service of NodePort type (kube-apiserver).
    • Merges pr98262, which allows you to use kube-controller-manager to dynamically adjust the log level. (kube-controller-manager)
    • Merges pr95301, which automatically deletes the volume directory left by orphaned Pod. (kubelet)
    2020-12-28 v1.16.3-tke.14
    • Adds metrics to QcloudCbs. (kube-controller-manager)
    • Fixes the issue where extra space exists in the value of serial when mounting CBS disk. (Kubelet)
    2020-12-21 v1.16.3-tke.13
    • Merges pr94712, which fixes CVE-2020-8564 - fixes the issue when the file format is incorrect and logLevel >= 4, Docker configuration leaks. (kubelet)
    • Merges pr95316, which fixes CVE-2020-8565 - fixes the issue where incomplete fix for CVE-2019-11250 resulting in log token leak (logLevel >= 9). (kube-apiserver, kubectl)
    • Merges pr95245, which fixes CVE-2020-8566 - fixes the issue where Ceph RBD adminSecrets is exposed in the log when loglevel >= 4. (kube-controller-manager)
    • Merges pr86191, which fixes the issue where Pod might be in the wrong state when the node is restarted. (kubelet)
    • Merges pr86140, which fixes the issue where the Controller Manager does not handle the timeout error correctly, so that the expanded Pod could not be created. (kube-controller-manager)
    • Merges pr90825, which fixes the issue where the pop operation of the fifo queue in client-go might be stuck due to race condition, which causes the Pod to remain in the pending state. (kubelet)
    • The scheduler supports virtual nodes. (kube-scheduler)
    • The kube-controller-manager supports virtual nodes. (kube-controller-manager)
    • Sets the instance-type label based on the actual model of the node, instead of being fixed as QCLOUD. (kubelet)
    • Adds the CBS to OpenAPI. (kube-apiserver)
    • Merges pr81344, which fixes the issue where the CPU Manager does not support SourcesReady. (kubelet)
    • Merges pr91126, which fixes the issue where the scheduler cache is inconsistent when Pod has the same name but different UID. (kube-scheduler)
    • Merges pr89224, which fixes the issue where kube-scheduler restarts abnormally because NodeInfo is not checked. (kube-scheduler)
    • Merges pr89465, which fixes the issue where the HPA based on Pod metrics incorrectly calculates the number of instances during rolling updates. (kube-controller-manager)
    October 13, 2020 v1.16.3-tke.11
    • Merges pr92971, which fixes the issue where CVE-2020-8559 privilege escalation from an invaded node results in invasion into other nodes. (kube-apiserver)
    • Merges pr92924, which fixes the DOS attack issue where CVE-2020-8557 exhausts the disk space by writing into /etc/hosts. (kubelet)
    • Merges pr93403, which removes the printed error information of pod condition irrelevant to the kubelet during kubelet update. (kubelet)
    • Merges pr89629, which fixes the issue where the container that mounts the subpath would fail to restart after the configmap is changed. (kubelet)
    • QcloudCbs supports BulkVolumeVerification. (kube-controller-manager)
    • Merges pr84998, which resolves the issue where the corresponding node lease object might be rebuilt after the node is deleted, and causes junk data. (kubelet)
    2020-07-28 v1.16.3-tke.10
    • Incorporates pr91277, which prevents the issue of large numbers of TLS handshake error logs generated by kube-apiserver as a result of CLB health checks. (kube-apiserver)
    • Incorporates pr91500, which fixes the issue of missing environmental variables of KUBERNETES_SERVICE_HOST. (kubelet)
    2020-06-17 v1.16.3-tke.9 Temporarily fixes the AWS issuepr92162. AWS Credential Provider is no longer registered to prevent this issue from causing slow node launches.
    2020-06-11 v1.16.3-tke.8 Merges pr85993, which allows you to use CNI results to set kubenet gateway addresses.
    2020-06-10 v1.16.3-tke.7
    • Merges pr90260, which fixes the issue of missing monitoring records for containerd cluster networks.
    • Merges pr89515, which fixes the issue where HPA miscalculates the number of pods during rolling updates.
    • Merges pr91252, which ignores Pod Condition updates generated by other components to avoid unnecessary scheduling.
    • Merges pr89794, which clears kube-controller-manager error logs to avoid CVE-2020-8555 Half-Blind SSRF attacks.
    2020-05-18 v1.16.3-tke.6 TKE can perceive the maximum number of qcloudcbs that can be mounted to a single node. The max value cannot be dynamically obtained.
    2020-04-20 v1.16.3-tke.5 Merges pr69047, which fixes the node.Spec.Unschedulable backward compatibility issue. (This fix is overwritten when the in-tree cbs code is incorporated).
    2020-04-14 v1.16.3-tke.4
    • Merges pr87913, which fixes the CVE-2020-8551: Kubelet DoS attack issue.
    • Merges pr87669, which fixes the CVE-2020-8552: apiserver DoS attack issue.
    • TKE can perceive the maximum number of qcloudcbs that can be mounted to a single node. (In 1.12 and later versions, the value is maxAttachCount-2. In version 1.10, the value is 18 by default).
    • Merges pr87467, which fixes the issue of excessive CPU consumption by kubectl in parsing YAML files when an authorized user sends a malicious YAML file.
    2020-03-11 v1.16.3-tke.3
    • Fixes the issue where CBS intree continues to unmount a non-existent disk, which causes a large number of invalid requests.
    • Adds a local metadata cache.
    2020-02-14 v1.16.3-tke.2
    • Merges pr2359, which fixes the issue of missing monitoring records when the system is unable to obtain docker root.
    • Merges pr86583, which increases the logging level to reduce the amount of logs caused by the lack of support for random-fully in earlier versions of iptables.
    • kube-scheduler now supports dynamic logging level configuration.
    • Produces a workaround for the missing CBS device path (/dev/disk/by-id/virtio-xxx/...) issue that prevents some users from accessing CBS properly.
    • Merges pr86230, which skips assumed pod updates when pods are scheduled.
    January 06, 2020 v1.16.3-tke.1
    • Incorporates pr79036, which fixes the issue where upon being opened, the CPU Manager disables the CPU quota if the QoS setting of a pod is Guaranteed.
    • Incorporates pr84167, which fixes the issue where an incorrect Etcd key prefix causes an apiserver health check failure.
    • Reverts pr63066, which fixes the CLB health check and IPVS issues.
    • Incorporates pr72914, which fixes the issue where mounting may fail if you delete a pod, create a new one, and schedule it to the same node.
    • Fixes the issue where creating containers in CentOS results in cgroup leakage.
    • Fixes the issue where upgrading lxcfs in Ubuntu 16 causes pods to exit.
    • Adds metadata cache and timeout. cloud-provider now supports using node names as hostnames.
    • Reverts pr79036, which fixes the issue where upon being opened, the CPU Manager disables the CPU quota if the QoS setting of a pod is Guaranteed.
    • Produces a workaround for the missing CBS device path (/dev/disk/by-id/virtio-xxx/...) issue that prevents some users from accessing CBS properly.

    TKE kubernetes 1.14.3 revisions

    DateVersionUpdates
    2022-04-13v1.14.3-tke.27Merges pr78428, which avoids writing a warning message when exporting the iptables rule, causing kube-proxy panic at the time of recovery. (kube-proxy)
    2022-03-18v1.14.3-tke.26
  • Supports specifying a Pod when scaling in. (kube-controller-manager)
  • Optimization of virtual node scheduling algorithm. (kube-scheduler)
  • Merges pr80851, which fixed CVE-2019-11247, avoiding the unauthorized access of CRD resources. (kube-apiserver)
  • 2022-01-20v1.14.3-tke.24
  • Supports binding the LB addresses to the ipvs ENIs. (kube-proxy)
  • The apiserver supports integration of ExternalName type external services. (kube-apiserver)
  • Optimization of EKS scheduling. (kube-scheduler)
  • 2021-12-02v1.14.3-tke.23
  • When the TKE cluster adds virtual nodes, it can perceive the remaining IPs in the subnet and schedule right number of Pods to the virtual node at the time of batch scheduling of the Pods. (kube-scheduler)
  • Optimizes EKS node resource awareness rescheduling for EKS node scheduling, optimizes EKS node priority model scheduling, and optimizes preference/pre-selection policy for EKS node. (kube-scheduler)
  • Supports extended scheduler Prebind and Unreserve operations. (kube-scheduler)
  • Avoids scheduling Pods using CBS to external CHC nodes. (kube-scheduler)
  • Fixes the bug when scheduling to virtual nodes. (kube-scheduler)
  • 2021-05-06 v1.14.3-tke.22 Updates the launch method of running kube-proxy as an image, and automatically adapts to the iptables running mode of the node to support the operating system that uses the NF_TABLES mode to run iptables by default.
    2021-04-14 v1.14.3-tke.21
    • Merges pr97752, which fixes the issue where NewReplicaSet is displayed as <none> when describing deployment (kubectl).
    • Merges pr78999, which fixes the issue of judging the case of the protocol during graceful close (kube-proxy).
    • Merges pr91590, which fixes the issue of warning that the port has been allocated when using the multiprotocol service of NodePort type (kube-apiserver).
    • Merges pr98262, which allows you to use kube-controller-manager to dynamically adjust the log level. (kube-controller-manager)
    • Merges pr95301, which automatically deletes the volume directory left by orphaned Pod. (kubelet)
    2020-12-28 v1.14.3-tke.19
    • Adds metrics to QcloudCbs. (kube-controller-manager)
    • Fixes the issue where extra space exists in the value of serial when mounting CBS disk. (Kubelet)
    2020-12-21 v1.14.3-tke.18
    • Merges pr94712, which fixes CVE-2020-8564 - fixes the issue when the file format is incorrect and logLevel >= 4, Docker configuration leaks. (kubelet)
    • Merges pr95316, which fixes CVE-2020-8565 - fixes the issue where incomplete fix for CVE-2019-11250 resulting in log token leak (logLevel >= 9). (kube-apiserver, kubectl)
    • Merges pr95245, which fixes CVE-2020-8566 - fixes the issue where Ceph RBD adminSecrets is exposed in the log when loglevel >= 4. (kube-controller-manager)
    • Merges pr86140, which fixes the issue where the Controller Manager does not handle the timeout error correctly, so that the expanded Pod could not be created. (kube-controller-manager)
    • The scheduler supports virtual nodes. (kube-scheduler)
    • The kube-controller-manager supports virtual nodes. (kube-controller-manager)
    • Sets the instance-type label based on the actual model of the node, instead of being fixed as QCLOUD. (kubelet)
    • Merges pr79338, when both SupportPodPidsLimit and SupportNodePidsLimit are not enabled, the pids cgroup subsystem will not be enabled. (kubelet)
    • Merges pr89224, which fixes the issue where kube-scheduler restarts abnormally because NodeInfo is not checked. (kube-scheduler)
    • Merges pr89465, which fixes the issue where the HPA based on Pod metrics incorrectly calculates the number of instances during rolling updates. (kube-controller-manager)
    October 13, 2020 v1.14.3-tke.17
    • Merges pr74781, which changes the default update strategy of ConfigMap and Secret from Cache to Watch. (kubelet)
    • Merges pr93403, which removes the printed error information of pod condition irrelevant to the kubelet during kubelet update. (kubelet)
    • Merges pr89629, which fixes the issue where the container that mounts the subpath would fail to restart after the configmap is changed. (kubelet)
    • Merges pr80942, which fixes the issue where rules are not deleted after the service is deleted in ipvs mode. (kube-proxy)
    • QcloudCbs supports BulkVolumeVerification. (kube-controller-manager)
    2020-08-04 v1.14.3-tke.16 Merges pr78883, which fixes the bug where the default value for pod.spec.container.SecurityContext.ProcMount is added by default.
    2020-07-28 v1.14.3-tke.15
    • Incorporates pr76518 and pr82514, which limits the return size of http and exec probe to prevent occupation of large amounts of node memory. (kubelet)
    • Incorporates pr91277, which prevents the issue of large numbers of TLS handshake error logs generated by kube-apiserver as a result of CLB health checks. (kube-apiserver)
    • Incorporates pr91500, which fixes the issue of missing environmental variables of KUBERNETES_SERVICE_HOST. (kubelet)
    • Incorporates pr77475, which fixes the issue of Cronjob scheduling failure when the number of jobs exceeds 500. (kube-controller-manager)
    2020-06-10 v1.14.3-tke.14
    • Merges pr85027, which fixes the issue where HPA miscalculates of the number of pods during rolling updates.
    • Merges pr79708, which uses spec.replicas to calculate the current number of replicas of HPA.
    • Merges pr91252, which ignores Pod Condition updates generated by other components to avoid unnecessary scheduling.
    • Merges pr89794, which clears kube-controller-manager error logs to avoid CVE-2020-8555 Half-Blind SSRF attacks.
    June 4, 2020 v1.14.3-tke.13
    • Merges pr90260, which fixes the issue of missing monitoring records for containerd cluster networks.
    • Merges pr79451, which fixes the issue where if restartPolicy is set to Never, kubelet does not try to create SandBox again after the first attempt fails.
    2020-05-18 v1.14.3-tke.12 TKE can perceive the maximum number of qcloudcbs that can be mounted to a single node. The max value cannot be dynamically obtained.
    2020-04-14 v1.14.3-tke.11
    • Merges pr75442, which changes the bandwidth unit from Kb to b.
    • Merges pr87669, which fixes the CVE-2020-8552: apiserver DoS attack issue.
    • TKE can perceive the maximum number of qcloudcbs that can be mounted to a single node. (In 1.12 and later versions, the value is maxAttachCount-2. In version 1.10, the value is 18 by default).
    2020-04-14 v1.14.3-tke.10 Fixes the issue where CBS intree continues to unmount a non-existent disk, which causes a large number of invalid requests.
    January 13, 2020 v1.14.3-tke.9
    • Merges pr2359, which fixes the issue of missing monitoring records when the system is unable to obtain docker root.
    • Merges pr86583, which increases the logging level to reduce the amount of logs caused by the lack of support for random-fully in earlier versions of iptables.
    • kube-scheduler now supports dynamic logging level configuration.
    • Produces a workaround for the missing CBS device path (/dev/disk/by-id/virtio-xxx/...) issue that prevents some users from accessing CBS properly.
    • Merges pr86230, which skips assumed pod updates when pods are scheduled.
    2019-12-23 v1.14.3-tke.8 Reverts pr79036, which fixes an issue where upon being opened, the CPU Manager disables the CPU quota if the QoS setting of a pod is Guaranteed.
    2019-12-17 v1.14.3-tke.7
    • Adds metadata cache and timeout.
    • Fixes the issue where upgrading lxcfs in Ubuntu 16 causes pods to exit.
    • Avoids the readiness state of “pod not ready” when kubelet is restarted.
    November 28, 2019 v1.14.3-tke.6 cloud-provider supports using node names as hostnames.
    2019-11-18 v1.14.3-tke.5
    • Merges pr83435, which fixes an issue that allows DoS attacks that use malicious YAML or JSON files to exhaust kube-apiserver CPU or memory resources, resulting in a loss of service.
    • Merges pr84167, which fixes an issue where an incorrect ETCD prefix causes apiserver health checks to fail.
    • Merges pr75622, which fixes an issue where, when there is a high sts (>2000) workload in a cluster, it takes too long to sync sts changes to pod (about 20s).
    2019-10-23 v1.14.3-tke.4 Merges pr79036, which fixes an issue where upon being opened, the CPU Manager disables the CPU quota if the QoS setting of a pod is Guaranteed.
    2019-09-10 v1.14.3-tke.3 Incorporates pr63066, which fixes the issue where CLB health checks fails in IPVS mode.
    2019-09-06 v1.14.3-tke.2
    • Fixes the cve-2019-9512&cve-2019-9514 HTTP/2 DDoS security issue.
    • Merges pr72914, which fixes an issue where deleting a Pod and then creating a new one and scheduling it to the same node could cause mounting a volume to fail.
    • Resolves the issue where creating containers in CentOS results in cgroup leakage.

    TKE kubernetes 1.12.4 revisions

    DateVersionUpdates
    2022-04-13v1.12.4-tke.31Merges pr78428, which avoids writing a warning message when exporting the iptables rule, causing kube-proxy panic at the time of recovery. (kube-proxy)
    2022-01-20v1.12.4-tke.30 The LB address can be bound to the ipvs ENI. (kube-proxy)
    2021-05-06 v1.12.4-tke.28 Updates the launch method of running kube-proxy as an image, and automatically adapts to the iptables running mode of the node to support the operating system that uses the NF_TABLES mode to run iptables by default.
    2020-12-28 v1.12.4-tke.27
    • Adds metrics to QcloudCbs. (kube-controller-manager)
    • Fixes the issue where extra space exists in the value of serial when mounting CBS disk. (Kubelet)
    2020-12-15 v1.12.4-tke.26 QcloudCbs supports BulkVolumeVerification. (kube-controller-manager)
    November 17, 2020 v1.12.4-tke.25 Merges pr79495, which fixes the issue where the webhook call fails when there are multiple versions of CRD. (kube-apiserver)
    October 13, 2020 v1.12.4-tke.24 Merges pr93403, which removes the printed error information of pod condition irrelevant to the kubelet during kubelet update. (kubelet)
    2020-08-04 v1.12.4-tke.23 Merges pr78881, which fixes the bug where the default value for pod.spec.container.SecurityContext.ProcMount is added by default.
    2020-07-28 v1.12.4-tke.22
    • Incorporates pr91277, which prevents the issue of large numbers of TLS handshake error logs generated by kube-apiserver as a result of CLB health checks. (kube-apiserver)
    • Incorporates pr91500, which fixes the issue of missing environmental variables of KUBERNETES_SERVICE_HOST. (kubelet)
    2020-06-10 v1.12.4-tke.21
    • Merges pr73915, which prevents the watcher from receiving events before the watch is started.
    • Merges pr91252, which ignores Pod Condition updates generated by other components to avoid unnecessary scheduling.
    • Merges pr73915, which clears kube-controller-manager error logs to avoid CVE-2020-8555 Half-Blind SSRF attacks.
    June 4, 2020 v1.12.4-tke.20
    • Merges pr90260, which fixes the issue of missing monitoring records for containerd cluster networks.
    • Merges pr79451, which fixes the issue where if restartPolicy is set to Never, kubelet does not try to create SandBox again after the first attempt fails.
    2020-05-18 v1.12.4-tke.19
    • Merges pr77802, which disables graceful termination for UDP traffic.
    • Merges pr68741, which fixes the issue of when the soft link /var/lib/kubelet and subpath are used, the host fails to unmount after pod deletion, resulting in mount target leakage and the pod being stuck in terminating.
    • TKE can perceive the maximum number of qcloudcbs that can be mounted to a single node. The max value cannot be dynamically obtained.
    2020-04-14 v1.12.4-tke.18
    • Merges pr73401, pr73606, and pr76060, which deletes DaemonSet pods allocated to non-existent nodes.
    • Merges pr68619, which fixes the CPU Manager dirty data issue.
    • Merges pr87669, which fixes the CVE-2020-8552: apiserver DoS attack issue.
    • TKE can perceive the maximum number of qcloudcbs that can be mounted to a single node. (In 1.12 and later versions, the value is maxAttachCount-2. In version 1.10, the value is 18 by default).
    2020-02-14 v1.12.4-tke.17
    • Upgrades the CBS V2 interface to V3.
    • Fixes the issue where CBS intree continues to unmount a non-existent disk, which causes a large number of invalid requests.
    January 13, 2020 v1.12.4-tke.16
    • Merges pr2359 , which fixes the issue of missing monitoring records when docker root fails to be obtained.
    • Merges pr86583 , which increases the logging level to prevent excessive logs from being generated when iptables does not support random-fully.
    • kube-scheduler supports dynamic logging level configuration.
    • Produces a workaround for the missing CBS device path (/dev/disk/by-id/virtio-xxx/...) issue that prevents some users from accessing CBS properly.
    • Merges pr86230, which skips assumed pod updates when pods are scheduled.
    2019-12-23 v1.12.4-tke.15 Reverts pr79036, which fixes an issue where upon being opened, the CPU Manager disables the CPU quota if the QoS setting of a pod is Guaranteed.
    2019-12-17 v1.12.4-tke.14
    • Adds metadata cache and timeout.
    • Fixes the issue where upgrading lxcfs in Ubuntu 16 causes pods to exit.
    • Avoids the readiness state of “pod not ready” when kubelet is restarted.
    November 28, 2019 v1.12.4-tke.13 cloud-provider supports using node names as hostnames.
    2019-11-18 v1.12.4-tke.12 Merges pr75622, which fixes an issue where, when there is a high sts (>2000) workload, it takes too long to sync sts changes to pod (about 20s).
    2019-10-23 v1.12.4-tke.11
    • Merges pr79036, which fixes an issue where upon being opened, the CPU Manager disables the CPU quota if the QoS setting of a pod is Guaranteed.
    • Merges pr72868, which adds a new parameter--metrics-port to kube-proxy and addresses the issue where --metrics-bind-address does not recognize port numbers.
    2019-09-06 v1.12.4-tke.10
    • Fixes the cve-2019-9512&cve-2019-9514 HTTP/2 DDoS security issue.
    • Merges pr72914, which fixes an issue where deleting a Pod and then creating a new one and scheduling it to the same node could cause mounting a volume to fail.
    • Merges pr71834, which fixes an issue with IPVS load balancing where, if sessionAffinity is set to ClientIP, traffic is routed to an invalid real server.
    2019-08-09 v1.12.4-tke.9 Fixes the issue where creating containers in CentOS results in cgroup leakage.
    August 08, 2019 v1.12.4-tke.8 Incorporates pr72118, which fixes the issue where mounting fails if a CBS StatefulSet is rescheduled to the same node.
    2019-07-17 v1.12.4-tke.7 Merges pr75037, which fixes a security issue affecting the cp command in kubectl.
    2019-07-16 v1.12.4-tke.6 Fixed the compatibility issue between the TLinux kernel and IPVS and fixed the CLB health check failures in IPVS mode.
    2019-07-09 v1.12.4-tke.5 Incorporates pr72361, which fixes the kube-proxy deadlock issue.
    2019-06-25 v1.12.4-tke.4 Fixes the compatibility issue between the TLinux kernel and IPVS.
    2019-06-17 v1.12.4-tke.3 Merges pr71114, which fixes an IPVS throughput issue.
    2019-06-04 v1.12.4-tke.2
    • Merges pr74755, which fixes a hang/timeout issue when running large numbers of pods with unique configmap/secret references.
    • Merges pr69047, which fixes a backward compatibility issue with node.Spec.Unschedulable.

    TKE kubernetes 1.10.5 revisions

    DateVersionUpdates
    2021-05-06 v1.10.5-tke.20 Updates the launch method of running kube-proxy as an image, and automatically adapts to the iptables running mode of the node to support the operating system that uses the NF_TABLES mode to run iptables by default.
    2020-06-10 v1.10.5-tke.19
    • Merges pr90260, which fixes the issue of missing monitoring records for containerd cluster networks.
    • Merges pr91252, which ignores Pod Condition updates generated by other components to avoid unnecessary scheduling.
    • Merges pr89794, which clears kube-controller-manager error logs to avoid CVE-2020-8555 Half-Blind SSRF attacks.
    2020-05-18 v1.12.4-tke.19 Merges pr61549, which adds volumeSpec data for mountedPods cache and fixes the issue of deletion failure when multiple pods use the same volume.
    2020-04-29 v1.10.5-tke.17 Mergespr75622, which fixes the issue where, when a large number (>2000) of sts workloads exist in a cluster, it takes too long (about 20s) to synchronize sts changes to a Pod.
    2020-04-14 v1.10.5-tke.16
    • Merges pr68619, which fixes the CPU Manager dirty data issue.
    • Merges pr87669, which fixes the CVE-2020-8552: apiserver DoS attack issue.
    • TKE can perceive the maximum number of qcloudcbs that can be mounted to a single node. (In 1.12 and later versions, the value is maxAttachCount-2. In version 1.10, the value is 18 by default).
    2020-02-14 v1.10.5-tke.15
    • Upgrades the CBS V2 interface to V3.
    • Fixes the issue where CBS intree continues to unmount a non-existent disk, which causes a large number of invalid requests.
    January 13, 2020 v1.10.5-tke.14
    • Merges pr2359, which fixes the issue of missing monitoring records when docker root fails to be obtained.
    • Merges pr86583, which increases the logging level to prevent excessive logs from being generated when iptables does not support random-fully.
    • kube-scheduler supports dynamic logging level configuration.
    • Produces a workaround for the missing CBS device path (/dev/disk/by-id/virtio-xxx/...) issue that prevents some users from accessing CBS properly.
    • Merges pr86230, which skips assumed pod updates when pods are scheduled.
    2019-12-23 v1.10.5-tke.13 Reverts pr79036, which fixes an issue where upon being opened, the CPU Manager disables the CPU quota if the QoS setting of a pod is Guaranteed.
    2019-12-13 v1.10.5-tke.12
    • kubelet does not delete nodes when checking externalID.
    • Adds metadata cache and timeout.
    • Fixes an issue where upgrading lxcfs in Ubuntu 16 causes pods to exit.
    • Adds the ability to reboot kubelet to avoid pod not ready.
    2019-11-18 v1.10.5-tke.11 Removes the kube-controller-manager probe that sends heartbeats to kubelet.
    2019-10-23 v1.10.5-tke.10
    • Merges pr79036, which fixes an issue where upon being opened, the CPU Manager disables the CPU quota if the QoS setting of a pod is Guaranteed.
    • Merges pr72868, which adds a new parameter--metrics-port to kube-proxy and addresses the issue where --metrics-bind-address does not recognize port numbers.
    2019-09-06 v1.10.5-tke.9
    • Fixes the cve-2019-9512&cve-2019-9514 HTTP/2 DDoS security issue.
    • Merges pr72914, which fixes an issue where deleting a Pod and then creating a new one and scheduling it to the same node could cause mounting a volume to fail.
    • Merges 67430 to rollback the state if updateContainerCPUSet fails.
    August 08, 2019 v1.10.5-tke.8 Merges pr72118, which fixes an issue where, if kubelet mounts a device immediately after unmounting it, an error occurs with the message `resource name may not be empty`.
    2019-07-17 v1.10.5-tke.7 Merges pr75037, which fixes a security issue affecting the cp command in kubectl.
    2019-06-25 v1.10.5-tke.6 Fixes the compatibility issue between the TLinux kernel and IPVS.
    2019-06-17 v1.10.5-tke.5 Merges pr71114, which fixes an IPVS throughput issue.
    2019-03-19 v1.10.5-tke.4 Incorporates pr65092, which fixes the issue where apiserver would panic when handling specific requests.
    2019-02-19 v1.10.5-tke.3 Incorporates pr67288, which fixes the issue where apiserver does not close the other side of the connection immediately when proxying.
    2018-09-28 v1.10.5-tke.2 Moves the CLB creation logic from controller-manager to an independent service controller.
    2018-09-27 v1.10.5-tke.1 Backports pr63321, which fixes an issue where termination takes too long when there are multiple service containers in a pod.
    2018-09-21 v1.10.5-qcloud-rev1 If a kubelet status update times out, controller-manager probes the kubelet port.

    TKE kubernetes 1.8.13 revisions

    DateVersionUpdates
    January 13, 2020 v1.8.13-tke.7
    • Merges pr2359, which fixes the issue of missing monitoring records when the system is unable to obtain docker root.
    • Produces a workaround for the missing CBS device path (/dev/disk/by-id/virtio-xxx/...) issue that prevents some users from accessing CBS properly.
    2019-12-13 v1.8.13-tke.6
    • kubelet does not delete nodes when checking externalID.
    • Adds metadata cache and timeout.
    • Fixes an issue where upgrading lxcfs in Ubuntu 16 causes pods to exit.
    • Adds the ability to reboot kubelet to avoid pod not ready.
    2019-11-18 v1.8.13-tke.5
    • Removes the kube-controller-manager probe that sends heartbeats to kubelet.
    • Adds metrics to CBS PVC.
    2018-09-28 v1.8.13-tke.2 Moves the CLB creation logic from controller-manager to an independent service controller.
    2018-09-27 v1.8.13-tke.1
    • Disables kmem statistics to prevent cgroup numbers from leaking.
    • Reduces resourcequota conflicts caused by creating pods.
    2018-09-21 v1.8.13-qcloud-rev1 If a kubelet status update times out, controller-manager probes the kubelet port.

    TKE kubernetes 1.7.8 revisions

    DateVersionUpdates
    2019-12-17 v1.7.8-tke.4
    • kubelet does not delete nodes when checking externalID.
    • Adds metadata cache and timeout.
    • Fixes the issue where upgrading lxcfs in Ubuntu 16 causes pods to exit.
    • Avoids the readiness state of “pod not ready” when kubelet is restarted.
    2018-09-28 v1.7.8-tke.2 Fixes a conflict between controller-manager and an external service controller.
    2018-09-27 v1.7.8-tke.1 Moves the CLB creation logic from controller-manager to an independent service controller.
    2018-09-21 v1.7.8-qcloud-rev1 If a kubelet status update times out, controller-manager probes the kubelet port.
    Contact Us

    Contact our sales team or business advisors to help your business.

    Technical Support

    Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

    7x24 Phone Support