2022-04-13 | v1.14.3-tke.27 | Merges pr78428, which avoids writing a warning message when exporting the iptables rule, causing kube-proxy panic at the time of recovery. (kube-proxy) |
2022-03-18 | v1.14.3-tke.26 | Supports specifying a Pod when scaling in. (kube-controller-manager) Optimization of virtual node scheduling algorithm. (kube-scheduler) Merges pr80851, which fixed CVE-2019-11247, avoiding the unauthorized access of CRD resources. (kube-apiserver) |
2022-01-20 | v1.14.3-tke.24 | Supports binding the LB addresses to the ipvs ENIs. (kube-proxy) The apiserver supports integration of ExternalName type external services. (kube-apiserver) Optimization of EKS scheduling. (kube-scheduler) |
2021-12-02 | v1.14.3-tke.23 | When the TKE cluster adds virtual nodes, it can perceive the remaining IPs in the subnet and schedule right number of Pods to the virtual node at the time of batch scheduling of the Pods. (kube-scheduler)Optimizes EKS node resource awareness rescheduling for EKS node scheduling, optimizes EKS node priority model scheduling, and optimizes preference/pre-selection policy for EKS node. (kube-scheduler) Supports extended scheduler Prebind and Unreserve operations. (kube-scheduler)Avoids scheduling Pods using CBS to external CHC nodes. (kube-scheduler) Fixes the bug when scheduling to virtual nodes. (kube-scheduler) |
2021-05-06 |
v1.14.3-tke.22 |
Updates the launch method of running kube-proxy as an image, and automatically adapts to the iptables running mode of the node to support the operating system that uses the NF_TABLES mode to run iptables by default. |
2021-04-14 |
v1.14.3-tke.21 |
- Merges pr97752, which fixes the issue where NewReplicaSet is displayed as
<none> when describing deployment (kubectl).
- Merges pr78999, which fixes the issue of judging the case of the protocol during graceful close (kube-proxy).
- Merges pr91590, which fixes the issue of warning that the port has been allocated when using the multiprotocol service of NodePort type (kube-apiserver).
- Merges pr98262, which allows you to use kube-controller-manager to dynamically adjust the log level. (kube-controller-manager)
- Merges pr95301, which automatically deletes the volume directory left by orphaned Pod. (kubelet)
|
2020-12-28 |
v1.14.3-tke.19 |
- Adds metrics to QcloudCbs. (kube-controller-manager)
- Fixes the issue where extra space exists in the value of serial when mounting CBS disk. (Kubelet)
|
2020-12-21 |
v1.14.3-tke.18 |
- Merges pr94712, which fixes CVE-2020-8564 - fixes the issue when the file format is incorrect and logLevel >= 4, Docker configuration leaks. (kubelet)
- Merges pr95316, which fixes CVE-2020-8565 - fixes the issue where incomplete fix for CVE-2019-11250 resulting in log token leak (logLevel >= 9). (kube-apiserver, kubectl)
- Merges pr95245, which fixes CVE-2020-8566 - fixes the issue where Ceph RBD adminSecrets is exposed in the log when loglevel >= 4. (kube-controller-manager)
- Merges pr86140, which fixes the issue where the Controller Manager does not handle the timeout error correctly, so that the expanded Pod could not be created. (kube-controller-manager)
- The scheduler supports virtual nodes. (kube-scheduler)
- The kube-controller-manager supports virtual nodes. (kube-controller-manager)
- Sets the instance-type label based on the actual model of the node, instead of being fixed as QCLOUD. (kubelet)
- Merges pr79338, when both SupportPodPidsLimit and SupportNodePidsLimit are not enabled, the pids cgroup subsystem will not be enabled. (kubelet)
- Merges pr89224, which fixes the issue where kube-scheduler restarts abnormally because NodeInfo is not checked. (kube-scheduler)
- Merges pr89465, which fixes the issue where the HPA based on Pod metrics incorrectly calculates the number of instances during rolling updates. (kube-controller-manager)
|
October 13, 2020 |
v1.14.3-tke.17 |
- Merges pr74781, which changes the default update strategy of ConfigMap and Secret from Cache to Watch. (kubelet)
- Merges pr93403, which removes the printed error information of pod condition irrelevant to the kubelet during kubelet update. (kubelet)
- Merges pr89629, which fixes the issue where the container that mounts the subpath would fail to restart after the configmap is changed. (kubelet)
- Merges pr80942, which fixes the issue where rules are not deleted after the service is deleted in ipvs mode. (kube-proxy)
- QcloudCbs supports BulkVolumeVerification. (kube-controller-manager)
|
2020-08-04 |
v1.14.3-tke.16 |
Merges pr78883, which fixes the bug where the default value for pod.spec.container.SecurityContext.ProcMount is added by default. |
2020-07-28 |
v1.14.3-tke.15 |
- Incorporates pr76518 and pr82514, which limits the return size of http and exec probe to prevent occupation of large amounts of node memory. (kubelet)
- Incorporates pr91277, which prevents the issue of large numbers of TLS handshake error logs generated by kube-apiserver as a result of CLB health checks. (kube-apiserver)
- Incorporates pr91500, which fixes the issue of missing environmental variables of KUBERNETES_SERVICE_HOST. (kubelet)
- Incorporates pr77475, which fixes the issue of Cronjob scheduling failure when the number of jobs exceeds 500. (kube-controller-manager)
|
2020-06-10 |
v1.14.3-tke.14 |
- Merges pr85027, which fixes the issue where HPA miscalculates of the number of pods during rolling updates.
- Merges pr79708, which uses spec.replicas to calculate the current number of replicas of HPA.
- Merges pr91252, which ignores Pod Condition updates generated by other components to avoid unnecessary scheduling.
- Merges pr89794, which clears kube-controller-manager error logs to avoid CVE-2020-8555 Half-Blind SSRF attacks.
|
June 4, 2020 |
v1.14.3-tke.13 |
- Merges pr90260, which fixes the issue of missing monitoring records for containerd cluster networks.
- Merges pr79451, which fixes the issue where if restartPolicy is set to Never, kubelet does not try to create SandBox again after the first attempt fails.
|
2020-05-18 |
v1.14.3-tke.12 |
TKE can perceive the maximum number of qcloudcbs that can be mounted to a single node. The max value cannot be dynamically obtained. |
2020-04-14 |
v1.14.3-tke.11 |
- Merges pr75442, which changes the bandwidth unit from Kb to b.
- Merges pr87669, which fixes the CVE-2020-8552: apiserver DoS attack issue.
- TKE can perceive the maximum number of qcloudcbs that can be mounted to a single node. (In 1.12 and later versions, the value is maxAttachCount-2. In version 1.10, the value is 18 by default).
|
2020-04-14 |
v1.14.3-tke.10 |
Fixes the issue where CBS intree continues to unmount a non-existent disk, which causes a large number of invalid requests. |
January 13, 2020 |
v1.14.3-tke.9 |
- Merges pr2359, which fixes the issue of missing monitoring records when the system is unable to obtain docker root.
- Merges pr86583, which increases the logging level to reduce the amount of logs caused by the lack of support for random-fully in earlier versions of iptables.
- kube-scheduler now supports dynamic logging level configuration.
- Produces a workaround for the missing CBS device path (/dev/disk/by-id/virtio-xxx/...) issue that prevents some users from accessing CBS properly.
- Merges pr86230, which skips assumed pod updates when pods are scheduled.
|
2019-12-23 |
v1.14.3-tke.8 |
Reverts pr79036, which fixes an issue where upon being opened, the CPU Manager disables the CPU quota if the QoS setting of a pod is Guaranteed. |
2019-12-17 |
v1.14.3-tke.7 |
- Adds metadata cache and timeout.
- Fixes the issue where upgrading lxcfs in Ubuntu 16 causes pods to exit.
- Avoids the readiness state of “pod not ready” when kubelet is restarted.
|
November 28, 2019 |
v1.14.3-tke.6 |
cloud-provider supports using node names as hostnames. |
2019-11-18 |
v1.14.3-tke.5 |
- Merges pr83435, which fixes an issue that allows DoS attacks that use malicious YAML or JSON files to exhaust kube-apiserver CPU or memory resources, resulting in a loss of service.
- Merges pr84167, which fixes an issue where an incorrect ETCD prefix causes apiserver health checks to fail.
- Merges pr75622, which fixes an issue where, when there is a high sts (>2000) workload in a cluster, it takes too long to sync sts changes to pod (about 20s).
|
2019-10-23 |
v1.14.3-tke.4 |
Merges pr79036, which fixes an issue where upon being opened, the CPU Manager disables the CPU quota if the QoS setting of a pod is Guaranteed. |
2019-09-10 |
v1.14.3-tke.3 |
Incorporates pr63066, which fixes the issue where CLB health checks fails in IPVS mode. |
2019-09-06 |
v1.14.3-tke.2 |
- Fixes the cve-2019-9512&cve-2019-9514 HTTP/2 DDoS security issue.
- Merges pr72914, which fixes an issue where deleting a Pod and then creating a new one and scheduling it to the same node could cause mounting a volume to fail.
- Resolves the issue where creating containers in CentOS results in cgroup leakage.
|
Was this page helpful?