PrevNext
search by keyword

Recent Pages

Documentation
Tencent Kubernetes Engine
    Documentation
    Download PDF

    TKE Kubernetes Revision Version History

    Last updated: 2021-12-17 11:37:56
    Download PDF

      TKE Kubernetes 1.20.6 Revisions

      Date Version Updates
      2021-07-19 v1.20.6-tke.3
      • When the TKE cluster adds the virtual node, it can perceive the remaining IPs in the subnet and schedule right number of Pods to the virtual node at the time of batch scheduling of Pods. (kube-scheduler)
      • Ports the modifications made by upstream to kubelet and cAdvisor, and fixes the issue of metrics collection and statistics when using cgroupv2. (kubelet)
      2021-06-21 v1.20.6-tke.2CSIMigration and CSIMigrationQcloudCbs are enabled by default, and CBS disks are mounted by CSI.
      2021-05-25 v1.20.6-tke.1
      • Reverts pr63066, which fixes the issues of LB health check and IPVS. (kube-proxy)
      • Merges pr90260, which fixes the issue of lack of containerd cluster network monitoring. (kubelet)
      • Fixes the issue where upgrading lxcfs in Ubuntu 16 causes pods to exit. (kubelet)
      • Merges pr72914, which fixes the issue where mounting might fail if you delete a pod, create a new one, and schedule it to the same node. (kube-controller-manager)
      • Fixes the issue where creating containers in CentOS results in cgroup leakage. (kubelet)
      • Merges pr98262, which allows kube-controller-manager to dynamically adjust the log level (kube-controller-manager).
      • Merges pr97752, which fixes the issue where NewReplicaSet is displayed as <none> when describing deployment.(kubectl)
      • Merges pr94833, which fixes the issue where the image tags in status do not match when Pod image has multiple tags. (kubelet).
      • Merges pr100060, which automatically deletes the volume directory left by orphaned Pod (kubelet).
      • The kube-controller-manager supports virtual nodes (kube-controller-manager).
      • The kube-scheduler supports retaining fixed number of local replicas when hybrid cloud adds virtual nodes. (kube-scheduler)
      • CBS CSI migration is supported. (kube-controller-manager, kubelet)
      • Merges pr93260, which fixes the issue that the node startup becomes slowly caused by AWS Credential Provider. (kubelet)
      • Adds the command line parameter eks-config-namespace for the scheduler. This parameter specifies the namespace where scaling of eks related configuration occurs. (kube-scheduler)
      • TKE supports hybrid cloud nodes. (kube-controller-manager)

      TKE kubernetes 1.18.4 revisions

      DateVersionUpdates
      2021-08-23v1.18.4-tke.14
      • When the TKE cluster adds virtual nodes, it supports static IP. (kube-scheduler)
      • When the TKE cluster adds virtual nodes, if EKS static IP is matched, other pre-selected policies are skipped. (kube-scheduler)
      • When the TKE cluster adds virtual nodes, EKS node resource awareness rescheduling is optimized for EKS node scheduling, and EKS node priority model scheduling and preference/pre-selection policy for EKS nodes are optimized. (kube-scheduler)
      • Records loaded IPVS kernel module to avoid kube-proxy crashes in IPVS mode. (kube-proxy)
      • Avoids panic when an error occurs at the time of writing into cpu manager status file. (kubelet)
      2021-07-22v1.18.4-tke.13Merges PR91859, which fixes the issue of kube-apiserver panic when the CRD type has only one letter. (kube-apiserver)
      2021-07-13v1.18.4-tke.12
      • When the TKE cluster adds virtual nodes, it can perceive the remaining IPs in the subnet and schedule right number of Pods to the virtual node at the time of batch scheduling of Pods. (kube-scheduler)
      • Supports collection of disk usage when Containerd is in operation. (kubelet)
      • You can specify the Pod at the time of scaling in. (kube-controller-manager)
      2021-06-05 v1.18.4-tke.11 TKE supports hybrid cloud node. (kube-controller-manager)
      2021-05-14 v1.18.4-tke.9
      • Ports pr93370 to support CronJobControllerV2. (kube-controller-manager)
      • Merges pr100376 to enable HTTP/2 health check, which prevents the issue that the underlying layer connection is closed but can still be used incorrectly. (kube-apiserver, kube-controller-manager, kube-scheduler, kubelet, kube-proxy, kubectl)
      • Merges pr100317, which fixes the issue where CVE-2021-25735 node updates might bypass the Validating Admission Webhook. (kube-apiserver)
      • When TKE cluster adds virtual nodes, ComputeResource, EKS ClusterIP, and HPA are supported. (kube-controller-manager, kube-scheduler)
      2021-04-02 v1.18.4-tke.8
      • Merges pr97752, which fixes the issue where NewReplicaSet is displayed as <none> when describing deployment. (kubectl)
      • Merges pr93808, which fixes the issue where unnecessary information is returned when kube-scheduler --version is executed. (kube-scheduler)
      • Merges pr91590, which fixes the issue of warning that the port has been allocated when using the multiprotocol service of NodePort type. (kube-apiserver)
      • Merges pr98262, which allows kube-controller-manager to dynamically adjust the log level. (kube-controller-manager)
      • Merges pr95154, which fixes the issue where kube-scheduler snapshot contains the nodes being deleted. (kube-scheduler)
      • Merges pr95711, which fixes the issue where kubectl drain command occupies too much CPU. (kubectl)
      • Merges pr96602, which fixes the issue where apiserver memory leaks before or after the time gaps. (kube-apiserver)
      • Merges pr97023, which deletes the related metadata directory when unmounting an emptyDir type volume (kubelet).
      • Merges pr97527, which fixes the issue where map access operations are not synchronized in cpumanager (kubelet).
      • Merges pr100190, which automatically deletes the volume directory left by orphaned Pod (kubelet).
      • Merges pr92614, when all containers of the Pod whose restart policy is RestartPolicyOnFailure exit successfully, no new sandbox will be created (kubelet).
      • Merges pr94833, which fixes the issue where the image tag does not match in status when Pod image has multiple tags (kubelet).
      2020-12-28 v1.18.4-tke.6 (ARM clusters are supported starting from this version)
      • Adds metrics to QcloudCbs (kube-controller-manager).
      • Fixes the issue where extra space exists in the value of serial when mounting CBS disk (Kubelet).
      2020-12-21 v1.18.4-tke.5
      • Merges pr94712, which fixes CVE-2020-8564 - fixes the issue when the file format is incorrect and logLevel >= 4, Docker configuration leaks. (kubelet)
      • Merges pr95316, which fixes CVE-2020-8565 - fixes the issue where incomplete fix for CVE-2019-11250 resulting in log token leak. (logLevel >= 9) (kube-apiserver, kubectl)
      • Merges pr95245, which fixes CVE-2020-8566 - fixes the issue where Ceph RBD adminSecrets is exposed in the log when loglevel >= 4. (kube-controller-manager)
      • Fixes the issue where restarting kubelet causes failure of Pod readiness check. (kubelet)
      • Merges pr90825, which fixes the issue where the pop operation of the fifo queue in client-go might be stuck due to race condition, which causes the pod to remain in the pending state (kubelet).
      • The scheduler supports virtual nodes (kube-scheduler).
      • kube-controller-manager supports virtual nodes (kube-controller-manager).
      • Sets the instance-type label based on the actual model of the node, instead of being fixed as QCLOUD (kubelet).
      • Adds the CBS to OpenAPI (kube-apiserver).
      • Merges pr91126, which fixes the issue where the scheduler cache is inconsistent when Pod has the same name but different UID (kube-scheduler).
      • Merges pr93387, which fixes the issue where the daemonset pod can not be scheduled to nodes due to the disorder of node cache information in the scheduler. (kube-scheduler)
      • Merges pr89465, which fixes the issue where the HPA based on Pod metrics incorrectly calculates the number of instances during rolling updates. (kube-controller-manager)
      October 13, 2020 v1.18.4-tke.3
      • Merges pr89629, which fixes the issue where the container that mounts the subpath would fail to restart after the configmap is changed (kubelet).
      • QcloudCbs supports BulkVolumeVerification (kube-controller-manager).
      • Merges pr94430, which fixes the issue where the client-go reflector could not detect the "Too large resource version" error (kubelet).
      2020-08-12 v1.18.4-tke.2
      • Merges pr93403, which removes the printed error information of pod condition irrelevant to the kubelet during kubelet update (kubelet).
      2020-08-04 v1.18.4-tke.1
      • Reverts pr63066, which fixes the issues of LB health check and IPVS (kube-proxy).
      • Merges pr72914, which fixes the issue where mounting might fail if you delete a pod, create a new one, and schedule it to the same node (kube-controller-manager).
      • Fixes the issue where creating containers in CentOS results in cgroup leakage (kubelet).
      • Fixes the issue where upgrading lxcfs in Ubuntu 16 causes pods to exit (kubelet).
      • metadata adds cache and timeout. cloud-provider now supports using node name as hostname (kubelet).
      • metadata adds local cache (kubelet).
      • Incorporates CBS and relevant fixing code (kubelet).
      • Merges pr90260, which fixes the issue of missing monitoring records for containerd cluster networks (kubelet).
      • TKE can perceive the maximum number of qcloudcbs that can be mounted to a single node. In 1.12 and later versions, the value is maxAttachCount-2. In version 1.10, the value is 18 by default (kube-scheduler).
      • Fixes the issue where CBS intree continues to unmount a non-existent disk, causing a large number of invalid requests (kubelet).
      • Merges pr2359, which fixes the issue with missing monitoring records when the system is unable to obtain docker root (kubelet).
      • kube-scheduler now supports dynamic logging level configuration (kube-scheduler).
      • Produces a workaround for the missing CBS device path (/dev/disk/by-id/virtio-xxx/...) issue that prevents some users from accessing CBS properly (kubelet).
      • TKE can perceive the maximum number of qcloudcbs that can be mounted to a single node. The kubelet side will not patch node (kubelet).
      • Merges pr89296, so that the log will not record whether the iptables random-fully parameter is enabled (kube-proxy).
      • Fixes the aws issue pr92162(kubelet).
      • Merges pr91277, which prevents the issue of large numbers of TLS handshake error logs generated by kube-apiserver as a result of CLB health checks (kube-apiserver).
      • Merges pr91500, which fixes the issue of missing environmental variables of KUBERNETES_SERVICE_HOST (kubelet).
      • Merges 92537, which fixes the issue where client-go reflector could not recover from the error "Too large resource version" (kube-apiserver, kube-controller-manager, kube-scheduler, kubelet, and kube-proxy).
      • Merges pr92969, which fixes the issue where CVE-2020-8559 privilege escalation from an invaded node results in invasion into other nodes (kube-apiserver).
      • Merges pr92921, which fixes the DOS attack issue where CVE-2020-8557 exhausts the disk space by writing into “/etc/hosts” (kubelet).

      TKE kubernetes 1.16.3 revisions

      DateVersionUpdates
      2021-09-03v1.16.3-tke.22Avoids panic when an error occurs at the time of writing into cpu manager status file. (kubelet)
      2021-08-17v1.16.3-tke.21
      • Optimizes EKS node resource awareness rescheduling for EKS node scheduling, optimizes EKS node priority model scheduling, and optimizes preference/pre-selection policy for EKS node. (kube-scheduler)
      • Ports 87692, which fixes the issue that there is no data for scheduler’s pending_pods and schedule_attempts_total metrics. (kube-scheduler)
      2021-07-19v1.16.3-tke.20
      • Ports 87688 and 87693, which optimizes Node Authorizer performance. (kube-apiserver)
      • When the TKE cluster adds virtual nodes, it can perceive the remaining IPs in the subnet and schedule right number of Pods to the virtual node at the time of batch scheduling of Pods. (kube-scheduler)
      • Merges pr88507, which fixes the issue that the podIP and podIPs are inconsistent when updating the Pod status. (kube-apiserver)
      2021-05-24 v1.16.3-tke.17
      • Portes pr93370 to support CronJobControllerV2. (kube-controller-manager)
      • When the TKE cluster adds the virtual node, the local replicas can be retained. (kube-scheduler)
      2021-05-06 v1.16.3-tke.16
      • Updates the launch method of running kube-proxy as an image, and automatically adapts to the iptables running mode of the node to support the operating system that uses the NF_TABLES mode to run iptables by default.
      2021-04-14 v1.16.3-tke.15
      • Merges pr97752, which fixes the issue where NewReplicaSet is displayed as <none> when describing deployment (kubectl).
      • Merges pr92614, when all containers of the Pod whose restart policy is RestartPolicyOnFailure exit successfully, no new sandbox will be created (kubelet).
      • Merges pr91590, which fixes the issue of warning that the port has been allocated when using the multiprotocol service of NodePort type (kube-apiserver).
      • Merges pr98262, which allows you to use kube-controller-manager to dynamically adjust the log level (kube-controller-manager).
      • Merges pr95301, which automatically deletes the volume directory left by orphaned Pod (kubelet).
      2020-12-28 v1.16.3-tke.14
      • Adds metrics to QcloudCbs (kube-controller-manager).
      • Fixes the issue where extra space exists in the value of serial when mounting CBS disk (Kubelet).
      2020-12-21 v1.16.3-tke.13
      • Merges pr94712, which fixes CVE-2020-8564 - fixes the issue when the file format is incorrect and logLevel >= 4, Docker configuration leaks (kubelet).
      • Merges pr95316, which fixes CVE-2020-8565 - fixes the issue where incomplete fix for CVE-2019-11250 resulting in log token leak (logLevel >= 9) (kube-apiserver, kubectl).
      • Merges pr95245, which fixes CVE-2020-8566 - fixes the issue where Ceph RBD adminSecrets is exposed in the log when loglevel >= 4 (kube-controller-manager).
      • Merges pr86191, which fixes the issue where Pod might be in the wrong state when the node is restarted (kubelet).
      • Merges pr86140, which fixes the issue where the Controller Manager does not handle the timeout error correctly, so that the expanded Pod could not be created (kube-controller-manager).
      • Merges pr90825, which fixes the issue where the pop operation of the fifo queue in client-go might be stuck due to race condition, which causes the Pod to remain in the pending state (kubelet).
      • The scheduler supports virtual nodes (kube-scheduler).
      • kube-controller-manager supports virtual nodes (kube-controller-manager).
      • Sets the instance-type label based on the actual model of the node, instead of being fixed as QCLOUD (kubelet).
      • Adds the CBS to OpenAPI (kube-apiserver).
      • Merges pr81344, which fixes the issue where the CPU Manager does not support SourcesReady (kubelet).
      • Merges pr91126, which fixes the issue where the scheduler cache is inconsistent when Pod has the same name but different UID (kube-scheduler).
      • Merges pr89224, which fixes the issue where kube-scheduler restarts abnormally because NodeInfo is not checked (kube-scheduler).
      • Merges pr89465, which fixes the issue where the HPA based on Pod metrics incorrectly calculates the number of instances during rolling updates (kube-controller-manager).
      October 13, 2020 v1.16.3-tke.11
      • Merges pr92971, which fixes the issue where CVE-2020-8559 privilege escalation from an invaded node results in invasion into other nodes (kube-apiserver).
      • Merges pr92924, which fixes the DOS attack issue where CVE-2020-8557 exhausts the disk space by writing into /etc/hosts (kubelet).
      • Merges pr93403, which removes the printed error information of pod condition irrelevant to the kubelet during kubelet update (kubelet).
      • Merges pr89629, which fixes the issue where the container that mounts the subpath would fail to restart after the configmap is changed (kubelet).
      • QcloudCbs supports BulkVolumeVerification (kube-controller-manager).
      • Merges pr84998, which resolves the issue where the corresponding node lease object might be rebuilt after the node is deleted and causes junk data (kubelet).
      2020-07-28 v1.16.3-tke.10
      • Incorporates pr91277, which prevents the issue of large numbers of TLS handshake error logs generating by kube-apiserver as a result of CLB health checks (kube-apiserver).
      • Incorporates pr91500, which fixes the issue of missing environmental variables of KUBERNETES_SERVICE_HOST (kubelet).
      2020-06-17 v1.16.3-tke.9 Temporarily fixes the AWS issuepr92162. AWS Credential Provider is no longer registered to prevent this issue from causing slow node launches.
      2020-06-11 v1.16.3-tke.8 Merges pr85993, which allows you to use CNI results to set kubenet gateway addresses.
      2020-06-10 v1.16.3-tke.7
      • Merges pr90260, which fixes the issue of missing monitoring records for containerd cluster networks.
      • Merges pr89515, which fixes the issue where HPA miscalculates the number of pods during rolling updates.
      • Merges pr91252, which ignores Pod Condition updates generated by other components to avoid unnecessary scheduling.
      • Merges pr89794, which clears kube-controller-manager error logs to avoid CVE-2020-8555 Half-Blind SSRF attacks.
      2020-05-18 v1.16.3-tke.6 TKE can perceive the maximum number of qcloudcbs that can be mounted to a single node. The max value cannot be dynamically obtained.
      2020-04-20 v1.16.3-tke.5 Merges pr69047, which fixes the node.Spec.Unschedulable backward compatibility issue. (This fix is overwritten when the in-tree cbs code is incorporated).
      2020-04-14 v1.16.3-tke.4
      • Merges pr87913, which fixes the CVE-2020-8551: Kubelet DoS attack issue.
      • Merges pr87669, which fixes the CVE-2020-8552: apiserver DoS attack issue.
      • TKE can perceive the maximum number of qcloudcbs that can be mounted to a single node. (In 1.12 and later versions, the value is maxAttachCount-2. In version 1.10, the value is 18 by default).
      • Merges pr87467, which fixes the issue of excessive CPU consumption by kubectl in parsing YAML files when an authorized user sends a malicious YAML file.
      2020-03-11 v1.16.3-tke.3
      • Fixes the issue where CBS intree continues to unmount a non-existent disk, which causes a large number of invalid requests.
      • Adds a local metadata cache.
      2020-02-14 v1.16.3-tke.2
      • Merges pr2359, which fixes the issue of missing monitoring records when the system is unable to obtain docker root.
      • Merges pr86583, which increases the logging level to reduce the amount of logs caused by the lack of support for random-fully in earlier versions of iptables.
      • kube-scheduler now supports dynamic logging level configuration.
      • Produces a workaround for the missing CBS device path (/dev/disk/by-id/virtio-xxx/...) issue that prevents some users from accessing CBS properly.
      • Merges pr86230, which skips assumed pod updates when pods are scheduled.
      January 06, 2020 v1.16.3-tke.1
      • Incorporates pr79036, which fixes the issue where upon being opened, the CPU Manager disables the CPU quota if the QoS setting of a pod is Guaranteed.
      • Incorporates pr84167, which fixes the issue where an incorrect Etcd key prefix causes an apiserver health check failure.
      • Reverts pr63066, which fixes the CLB health check and IPVS issues.
      • Incorporates pr72914, which fixes the issue where mounting may fail if you delete a pod, create a new one, and schedule it to the same node.
      • Fixes the issue where creating containers in CentOS results in cgroup leakage.
      • Fixes the issue where upgrading lxcfs in Ubuntu 16 causes pods to exit.
      • Adds metadata cache and timeout. cloud-provider now supports using node names as hostnames.
      • Reverts pr79036, which fixes the issue where upon being opened, the CPU Manager disables the CPU quota if the QoS setting of a pod is Guaranteed.
      • Produces a workaround for the missing CBS device path (/dev/disk/by-id/virtio-xxx/...) issue that prevents some users from accessing CBS properly.

      TKE kubernetes 1.14.3 revisions

      DateVersionUpdates
      2021-05-06 v1.14.3-tke.22 Updates the launch method of running kube-proxy as an image, and automatically adapts to the iptables running mode of the node to support the operating system that uses the NF_TABLES mode to run iptables by default.
      2021-04-14 v1.14.3-tke.21
      • Merges pr97752, which fixes the issue where NewReplicaSet is displayed as <none> when describing deployment (kubectl).
      • Merges pr78999, which fixes the issue of judging the case of the protocol during graceful close (kube-proxy).
      • Merges pr91590, which fixes the issue of warning that the port has been allocated when using the multiprotocol service of NodePort type (kube-apiserver).
      • Merges pr98262, which allows kube-controller-manager to dynamically adjust the log level (kube-controller-manager).
      • Merges pr95301, which automatically deletes the volume directory left by orphaned Pod (kubelet).
      2020-12-28 v1.14.3-tke.19
      • Adds metrics to QcloudCbs (kube-controller-manager).
      • Fixes the issue where extra space exists in the value of serial when mounting CBS disk (Kubelet).
      2020-12-21 v1.14.3-tke.18
      • Merges pr94712, which fixes CVE-2020-8564 - fixes the issue when the file format is incorrect and logLevel >= 4, Docker configuration leaks (kubelet).
      • Merges pr95316, which fixes CVE-2020-8565 - fixes the issue where incomplete fix for CVE-2019-11250 resulting in log token leak (logLevel >= 9) (kube-apiserver, kubectl).
      • Merges pr95245, which fixes CVE-2020-8566 - fixes the issue where Ceph RBD adminSecrets is exposed in the log when loglevel >= 4 (kube-controller-manager).
      • Merges pr86140, which fixes the issue where the Controller Manager does not handle the timeout error correctly, so that the expanded Pod could not be created (kube-controller-manager).
      • The scheduler supports virtual nodes (kube-scheduler).
      • kube-controller-manager supports virtual nodes (kube-controller-manager).
      • Sets the instance-type label based on the actual model of the node, instead of being fixed as QCLOUD (kubelet).
      • Merges pr79338, when both SupportPodPidsLimit and SupportNodePidsLimit are not enabled, the pids cgroup subsystem will not be enabled (kubelet).
      • Merges pr89224, which fixes the issue where kube-scheduler restarts abnormally because NodeInfo is not checked (kube-scheduler).
      • Merges pr89465, which fixes the issue where the HPA based on Pod metrics incorrectly calculates the number of instances during rolling updates (kube-controller-manager).
      October 13, 2020 v1.14.3-tke.17
      • Merges pr74781, which changes the default update strategy of ConfigMap and Secret from Cache to Watch (kubelet).
      • Merges pr93403, which removes the printed error information of pod condition irrelevant to the kubelet during kubelet update (kubelet).
      • Merges pr89629, which fixes the issue where the container that mounts the subpath would fail to restart after the configmap is changed (kubelet).
      • Merges pr80942, which fixes the issue where rules are not deleted after the service is deleted in ipvs mode (kube-proxy).
      • QcloudCbs supports BulkVolumeVerification (kube-controller-manager).
      2020-08-04 v1.14.3-tke.16 Merges pr78883, which fixes the bug where the default value for pod.spec.container.SecurityContext.ProcMount is added by default.
      2020-07-28 v1.14.3-tke.15
      • Incorporates pr76518 and pr82514, which limits the return size of http and exec probe to prevent occupation of large amounts of node memory (kubelet).
      • Incorporates pr91277, which prevents the issue of large numbers of TLS handshake error logs generated by kube-apiserver as a result of CLB health checks (kube-apiserver).
      • Incorporates pr91500, which fixes the issue of missing environmental variables of KUBERNETES_SERVICE_HOST (kubelet).
      • Incorporates pr77475, which fixes the issue of Cronjob scheduling failure when the number of jobs exceeds 500 (kube-controller-manager).
      2020-06-10 v1.14.3-tke.14
      • Merges pr85027, which fixes the issue where HPA miscalculates of the number of pods during rolling updates.
      • Merges pr79708, which uses spec.replicas to calculate the current number of replicas of HPA.
      • Merges pr91252, which ignores Pod Condition updates generated by other components to avoid unnecessary scheduling.
      • Merges pr89794, which clears kube-controller-manager error logs to avoid CVE-2020-8555 Half-Blind SSRF attacks.
      June 4, 2020 v1.14.3-tke.13
      • Merges pr90260, which fixes the issue of missing monitoring records for containerd cluster networks.
      • Merges pr79451, which fixes the issue where if restartPolicy is set to Never, kubelet does not try to create SandBox again after the first attempt fails.
      2020-05-18 v1.14.3-tke.12 TKE can perceive the maximum number of qcloudcbs that can be mounted to a single node. The max value cannot be dynamically obtained.
      2020-04-14 v1.14.3-tke.11
      • Merges pr75442, which changes the bandwidth unit from Kb to b.
      • Merges pr87669, which fixes the CVE-2020-8552: apiserver DoS attack issue.
      • TKE can perceive the maximum number of qcloudcbs that can be mounted to a single node. (In 1.12 and later versions, the value is maxAttachCount-2. In version 1.10, the value is 18 by default).
      2020-04-14 v1.14.3-tke.10 Fixes the issue where CBS intree continues to unmount a non-existent disk, which causes a large number of invalid requests.
      January 13, 2020 v1.14.3-tke.9
      • Merges pr2359, which fixes the issue of missing monitoring records when the system is unable to obtain docker root.
      • Merges pr86583, which increases the logging level to reduce the amount of logs caused by the lack of support for random-fully in earlier versions of iptables.
      • kube-scheduler now supports dynamic logging level configuration.
      • Produces a workaround for the missing CBS device path (/dev/disk/by-id/virtio-xxx/...) issue that prevents some users from accessing CBS properly.
      • Merges pr86230, which skips assumed pod updates when pods are scheduled.
      2019-12-23 v1.14.3-tke.8 Reverts pr79036, which fixes an issue where upon being opened, the CPU Manager disables the CPU quota if the QoS setting of a pod is Guaranteed.
      2019-12-17 v1.14.3-tke.7
      • Adds metadata cache and timeout.
      • Fixes the issue where upgrading lxcfs in Ubuntu 16 causes pods to exit.
      • Avoids the readiness state of “pod not ready” when kubelet is restarted.
      November 28, 2019 v1.14.3-tke.6 cloud-provider supports using node names as hostnames.
      2019-11-18 v1.14.3-tke.5
      • Merges pr83435, which fixes an issue that allows DoS attacks that use malicious YAML or JSON files to exhaust kube-apiserver CPU or memory resources, resulting in a loss of service.
      • Merges pr84167, which fixes an issue where an incorrect ETCD prefix causes apiserver health checks to fail.
      • Merges pr75622, which fixes an issue where, when there is a high sts (>2000) workload in a cluster, it takes too long to sync sts changes to pod (about 20s).
      2019-10-23 v1.14.3-tke.4 Merges pr79036, which fixes an issue where upon being opened, the CPU Manager disables the CPU quota if the QoS setting of a pod is Guaranteed.
      2019-09-10 v1.14.3-tke.3 Incorporates pr63066, which fixes the issue where CLB health checks fails in IPVS mode.
      2019-09-06 v1.14.3-tke.2
      • Fixes the cve-2019-9512&cve-2019-9514 HTTP/2 DDoS security issue.
      • Merges pr72914, which fixes an issue where deleting a Pod and then creating a new one and scheduling it to the same node could cause mounting a volume to fail.
      • Resolves the issue where creating containers in CentOS results in cgroup leakage.

      TKE kubernetes 1.12.4 revisions

      DateVersionUpdates
      2021-05-06 v1.12.4-tke.28 Updates the launch method of running kube-proxy as an image, and automatically adapts to the iptables running mode of the node to support the operating system that uses the NF_TABLES mode to run iptables by default.
      2020-12-28 v1.12.4-tke.27
      • Adds metrics to QcloudCbs (kube-controller-manager).
      • Fixes the issue where extra space exists in the value of serial when mounting CBS disk (Kubelet).
      2020-12-15 v1.12.4-tke.26 QcloudCbs supports BulkVolumeVerification (kube-controller-manager).
      November 17, 2020 v1.12.4-tke.25 Merges pr79495, which fixes the issue where the webhook call fails when there are multiple versions of CRD (kube-apiserver).
      October 13, 2020 v1.12.4-tke.24 Merges pr93403, which removes the printed error information of pod condition irrelevant to the kubelet during kubelet update (kubelet).
      2020-08-04 v1.12.4-tke.23 Merges pr78881, which fixes the bug where the default value for pod.spec.container.SecurityContext.ProcMount is added by default.
      2020-07-28 v1.12.4-tke.22
      • Incorporates pr91277, which prevents the issue of large numbers of TLS handshake error logs generated by kube-apiserver as a result of CLB health checks (kube-apiserver).
      • Incorporates pr91500, which fixes the issue of missing environmental variables of KUBERNETES_SERVICE_HOST (kubelet).
      2020-06-10 v1.12.4-tke.21
      • Merges pr73915, which prevents the watcher from receiving events before the watch is started.
      • Merges pr91252, which ignores Pod Condition updates generated by other components to avoid unnecessary scheduling.
      • Merges pr73915, which clears kube-controller-manager error logs to avoid CVE-2020-8555 Half-Blind SSRF attacks.
      June 4, 2020 v1.12.4-tke.20
      • Merges pr90260, which fixes the issue of missing monitoring records for containerd cluster networks.
      • Merges pr79451, which fixes the issue where if restartPolicy is set to Never, kubelet does not try to create SandBox again after the first attempt fails.
      2020-05-18 v1.12.4-tke.19
      • Merges pr77802, which disables graceful termination for UDP traffic.
      • Merges pr68741, which fixes the issue of when the soft link /var/lib/kubelet and subpath are used, the host fails to unmount after pod deletion, resulting in mount target leakage and the pod being stuck in terminating.
      • TKE can perceive the maximum number of qcloudcbs that can be mounted to a single node. The max value cannot be dynamically obtained.
      2020-04-14 v1.12.4-tke.18
      • Merges pr73401, pr73606, and pr76060, which deletes DaemonSet pods allocated to non-existent nodes.
      • Merges pr68619, which fixes the CPU Manager dirty data issue.
      • Merges pr87669, which fixes the CVE-2020-8552: apiserver DoS attack issue.
      • TKE can perceive the maximum number of qcloudcbs that can be mounted to a single node. (In 1.12 and later versions, the value is maxAttachCount-2. In version 1.10, the value is 18 by default).
      2020-02-14 v1.12.4-tke.17
      • Upgrades the CBS V2 interface to V3.
      • Fixes the issue where CBS intree continues to unmount a non-existent disk, which causes a large number of invalid requests.
      January 13, 2020 v1.12.4-tke.16
      • Merges pr2359 , which fixes the issue of missing monitoring records when docker root fails to be obtained.
      • Merges pr86583 , which increases the logging level to prevent excessive logs from being generated when iptables does not support random-fully.
      • kube-scheduler supports dynamic logging level configuration.
      • Produces a workaround for the missing CBS device path (/dev/disk/by-id/virtio-xxx/...) issue that prevents some users from accessing CBS properly.
      • Merges pr86230, which skips assumed pod updates when pods are scheduled.
      2019-12-23 v1.12.4-tke.15 Reverts pr79036, which fixes an issue where upon being opened, the CPU Manager disables the CPU quota if the QoS setting of a pod is Guaranteed.
      2019-12-17 v1.12.4-tke.14
      • Adds metadata cache and timeout.
      • Fixes the issue where upgrading lxcfs in Ubuntu 16 causes pods to exit.
      • Avoids the readiness state of “pod not ready” when kubelet is restarted.
      November 28, 2019 v1.12.4-tke.13 cloud-provider supports using node names as hostnames.
      2019-11-18 v1.12.4-tke.12 Merges pr75622, which fixes an issue where, when there is a high sts (>2000) workload, it takes too long to sync sts changes to pod (about 20s).
      2019-10-23 v1.12.4-tke.11
      • Merges pr79036, which fixes an issue where upon being opened, the CPU Manager disables the CPU quota if the QoS setting of a pod is Guaranteed.
      • Merges pr72868, which adds a new parameter--metrics-port to kube-proxy and addresses the issue where --metrics-bind-address does not recognize port numbers.
      2019-09-06 v1.12.4-tke.10
      • Fixes the cve-2019-9512&cve-2019-9514 HTTP/2 DDoS security issue.
      • Merges pr72914, which fixes an issue where deleting a Pod and then creating a new one and scheduling it to the same node could cause mounting a volume to fail.
      • Merges pr71834, which fixes an issue with IPVS load balancing where, if sessionAffinity is set to ClientIP, traffic is routed to an invalid real server.
      2019-08-09 v1.12.4-tke.9 Fixes the issue where creating containers in CentOS results in cgroup leakage.
      August 08, 2019 v1.12.4-tke.8 Incorporates pr72118, which fixes the issue where mounting fails if a CBS StatefulSet is rescheduled to the same node.
      2019-07-17 v1.12.4-tke.7 Merges pr75037, which fixes a security issue affecting the cp command in kubectl.
      2019-07-16 v1.12.4-tke.6 Fixes the compatibility issue between the TLinux kernel and IPVS and fixes the CLB health check failures in IPVS mode.
      2019-07-09 v1.12.4-tke.5 Incorporates pr72361, which fixes the kube-proxy deadlock issue.
      2019-06-25 v1.12.4-tke.4 Fixes the compatibility issue between the TLinux kernel and IPVS.
      2019-06-17 v1.12.4-tke.3 Merges pr71114, which fixes an IPVS throughput issue.
      2019-06-04 v1.12.4-tke.2
      • Merges pr74755, which fixes a hang/timeout issue when running large numbers of pods with unique configmap/secret references.
      • Merges pr69047, which fixes a backward compatibility issue with node.Spec.Unschedulable.

      TKE kubernetes 1.10.5 revisions

      DateVersionUpdates
      2021-05-06 v1.10.5-tke.20 Updates the launch method of running kube-proxy as an image, and automatically adapts to the iptables running mode of the node to support the operating system that uses the NF_TABLES mode to run iptables by default.
      2020-06-10 v1.10.5-tke.19
      • Merges pr90260, which fixes the issue of missing monitoring records for containerd cluster networks.
      • Merges pr91252, which ignores Pod Condition updates generated by other components to avoid unnecessary scheduling.
      • Merges pr89794, which clears kube-controller-manager error logs to avoid CVE-2020-8555 Half-Blind SSRF attacks.
      2020-05-18 v1.12.4-tke.19 Merges pr61549, which adds volumeSpec data for mountedPods cache and fixes the issue of deletion failure when multiple pods use the same volume.
      2020-04-29 v1.10.5-tke.17 Mergespr75622, which fixes the issue where, when a large number (>2000) of sts workloads exist in a cluster, it takes too long (about 20s) to synchronize sts changes to a Pod.
      2020-04-14 v1.10.5-tke.16
      • Merges pr68619, which fixes the CPU Manager dirty data issue.
      • Merges pr87669, which fixes the CVE-2020-8552: apiserver DoS attack issue.
      • TKE can perceive the maximum number of qcloudcbs that can be mounted to a single node. (In 1.12 and later versions, the value is maxAttachCount-2. In version 1.10, the value is 18 by default).
      2020-02-14 v1.10.5-tke.15
      • Upgrades the CBS V2 interface to V3.
      • Fixes the issue where CBS intree continues to unmount a non-existent disk, which causes a large number of invalid requests.
      January 13, 2020 v1.10.5-tke.14
      • Merges pr2359, which fixes the issue of missing monitoring records when docker root fails to be obtained.
      • Merges pr86583, which increases the logging level to prevent excessive logs from being generated when iptables does not support random-fully.
      • kube-scheduler supports dynamic logging level configuration.
      • Produces a workaround for the missing CBS device path (/dev/disk/by-id/virtio-xxx/...) issue that prevents some users from accessing CBS properly.
      • Merges pr86230, which skips assumed pod updates when pods are scheduled.
      2019-12-23 v1.10.5-tke.13 Reverts pr79036, which fixes an issue where upon being opened, the CPU Manager disables the CPU quota if the QoS setting of a pod is Guaranteed.
      2019-12-13 v1.10.5-tke.12
      • kubelet does not delete nodes when checking externalID.
      • Adds metadata cache and timeout.
      • Fixes an issue where upgrading lxcfs in Ubuntu 16 causes pods to exit.
      • Adds the ability to reboot kubelet to avoid pod not ready.
      2019-11-18 v1.10.5-tke.11 Removes the kube-controller-manager probe that sends heartbeats to kubelet.
      2019-10-23 v1.10.5-tke.10
      • Merges pr79036, which fixes an issue where upon being opened, the CPU Manager disables the CPU quota if the QoS setting of a pod is Guaranteed.
      • Merges pr72868, which adds a new parameter--metrics-port to kube-proxy and addresses the issue where --metrics-bind-address does not recognize port numbers.
      2019-09-06 v1.10.5-tke.9
      • Fixes the cve-2019-9512&cve-2019-9514 HTTP/2 DDoS security issue.
      • Merges pr72914, which fixes an issue where deleting a Pod and then creating a new one and scheduling it to the same node could cause mounting a volume to fail.
      • Merges 67430 to rollback the state if updateContainerCPUSet fails.
      August 08, 2019 v1.10.5-tke.8 Merges pr72118, which fixes an issue where, if kubelet mounts a device immediately after unmounting it, an error occurs with the message `resource name may not be empty`.
      2019-07-17 v1.10.5-tke.7 Merges pr75037, which fixes a security issue affecting the cp command in kubectl.
      2019-06-25 v1.10.5-tke.6 Fixes the compatibility issue between the TLinux kernel and IPVS.
      2019-06-17 v1.10.5-tke.5 Merges pr71114, which fixes an IPVS throughput issue.
      2019-03-19 v1.10.5-tke.4 Incorporates pr65092, which fixes the issue where apiserver would panic when handling specific requests.
      2019-02-19 v1.10.5-tke.3 Incorporates pr67288, which fixes the issue where apiserver does not close the other side of the connection immediately when proxying.
      2018-09-28 v1.10.5-tke.2 Moves the CLB creation logic from controller-manager to an independent service controller.
      2018-09-27 v1.10.5-tke.1 Backports pr63321, which fixes an issue where termination takes too long when there are multiple service containers in a pod.
      2018-09-21 v1.10.5-qcloud-rev1 If a kubelet status update times out, controller-manager probes the kubelet port.

      TKE kubernetes 1.8.13 revisions

      DateVersionUpdates
      January 13, 2020 v1.8.13-tke.7
      • Merges pr2359, which fixes the issue of missing monitoring records when the system is unable to obtain docker root.
      • Produces a workaround for the missing CBS device path (/dev/disk/by-id/virtio-xxx/...) issue that prevents some users from accessing CBS properly.
      2019-12-13 v1.8.13-tke.6
      • kubelet does not delete nodes when checking externalID.
      • Adds metadata cache and timeout.
      • Fixes an issue where upgrading lxcfs in Ubuntu 16 causes pods to exit.
      • Adds the ability to reboot kubelet to avoid pod not ready.
      2019-11-18 v1.8.13-tke.5
      • Removes the kube-controller-manager probe that sends heartbeats to kubelet.
      • Adds metrics to CBS PVC.
      2018-09-28 v1.8.13-tke.2 Moves the CLB creation logic from controller-manager to an independent service controller.
      2018-09-27 v1.8.13-tke.1
      • Disables kmem statistics to prevent cgroup numbers from leaking.
      • Reduces resourcequota conflicts caused by creating pods.
      2018-09-21 v1.8.13-qcloud-rev1 If a kubelet status update times out, controller-manager probes the kubelet port.

      TKE kubernetes 1.7.8 revisions

      DateVersionUpdates
      2019-12-17 v1.7.8-tke.4
      • kubelet does not delete nodes when checking externalID.
      • Adds metadata cache and timeout.
      • Fixes the issue where upgrading lxcfs in Ubuntu 16 causes pods to exit.
      • Avoids the readiness state of “pod not ready” when kubelet is restarted.
      2018-09-28 v1.7.8-tke.2 Fixes a conflict between controller-manager and an external service controller.
      2018-09-27 v1.7.8-tke.1 Moves the CLB creation logic from controller-manager to an independent service controller.
      2018-09-21 v1.7.8-qcloud-rev1 If a kubelet status update times out, controller-manager probes the kubelet port.
      tencent
      Copyright © 2013-2022 Tencent Cloud. All Rights Reserved.
      Privacy PolicyLegalCookie Policy