TKE Kubernetes Revision Version History

Last updated: 2021-02-02 18:03:37

    TKE Kubernetes 1.18.4 Revisions

    DateVersionUpdates
    2020-12-28 v1.18.4-tke.6
    • Added metrics to QcloudCbs (kube-controller-manager).
    • Fixed the issue where extra space exists when viewing the value of serial when mounting CBS disk (Kubelet).
    2020-12-21 v1.18.4-tke.5
    • Merged pr94712, which fixed CVE-2020-8564 - fixed the issue when the file format was incorrect and logLevel >= 4, Docker configuration leaked (kubelet).
    • Merged pr95316, which fixed CVE-2020-8565 - fixed the issue where incomplete fix for CVE-2019-11250 resulting in log token leak (logLevel >= 9) (kube-apiserver, kubectl).
    • Merged pr95245, which fixed CVE-2020-8566 - fixed the issue where Ceph RBD adminSecrets was exposed in the log when loglevel >= 4 (kube-controller-manager).
    • Fixed the issue where restarting kubelet caused Pod readiness check failed (kubelet).
    • Merged pr90825, which fixed the issue where the pop operation of the fifo queue in client-go might be stuck due to race condition, which caused the pod to remain in the pending state (kubelet).
    • The scheduler supports virtual nodes (kube-scheduler).
    • kube-controller-manager supports virtual nodes (kube-controller-manager).
    • Set the instance-type label based on the actual model of the node, instead of being fixed as QCLOUD (kubelet).
    • Added the CBS to OpenAPI (kube-apiserver).
    • Merged pr91126, which fixed the issue where the scheduler cache was inconsistent when Pod had the same name but different UID (kube-scheduler).
    • Merged pr93387, which fixed the issue where the daemonset pod could not be scheduled to nodes due to the disorder of node cache information in the scheduler (kube-scheduler).
    • Merged pr89465, which fixed the issue where the HPA based on Pod metrics incorrectly calculated the number of instances during rolling updates (kube-controller-manager).
    2020-10-13 v1.18.4-tke.3
    • Merged pr89629, which fixed the issue where the container that mounted the subpath would fail to restart after the configmap is changed (kubelet).
    • QcloudCbs supports BulkVolumeVerification (kube-controller-manager).
    • Merged pr94430, which fixed the issue where the client-go reflector could not detect the "Too large resource version" error (kubelet).
    2020-08-12 v1.18.4-tke.2
    • Merged pr93403, which removed the printed error information of pod condition irrelevant to the kubelet during kubelet update (kubelet).
    2020-08-04 v1.18.4-tke.1
    • revert pr63066 Fixed the LB health check and IPVS issues (kube-proxy).
    • Merged pr72914, which fixed the issue where mounting might fail if you deleted a pod, created a new one, and scheduled it to the same node (kube-controller-manager)。
    • Fixed the issue where creating containers in CentOS resulted in cgroup leakage (kubelet).
    • Fixed the issue where upgrading lxcfs in Ubuntu 16 caused pods to exit (kubelet).
    • metadata added cache and timeout. cloud-provider now supports using node names as hostnames (kubelet).
    • metadata added local cache (kubelet).
    • Incorporated CBS and relevant fixing code (kubelet).
    • Merged pr90260, which fixed the issue of missing monitoring records for containerd cluster networks (kubelet).
    • TKE can perceive the maximum number of qcloudcbs that can be mounted to a single node. In 1.12 and later versions, the value is maxAttachCount-2. In version 1.10, the value is 18 by default (kube-scheduler).
    • Fixed the issue where CBS intree continued to unmount a non-existent disk, causing a large number of invalid requests (kubelet).
    • Merged pr2359, which fixed the issue with missing monitoring records when the system was unable to obtain docker root (kubelet).
    • kube-scheduler now supports dynamic logging level configuration (kube-scheduler).
    • Produced a workaround for the missing CBS device path (/dev/disk/by-id/virtio-xxx/...) issue that prevents some users from accessing CBS properly (kubelet).
    • TKE can perceive the maximum number of qcloudcbs that can be mounted to a single node. The kubelet side will not patch node (kubelet).
    • Merged pr89296, so that the log will not record whether the iptables random-fully parameter is enabled (kube-proxy).
    • Fixed the aws issue pr92162(kubelet).
    • Merged pr91277, which prevents the issue of large numbers of TLS handshake error logs generated by kube-apiserver as a result of CLB health checks (kube-apiserver).
    • Merged pr91500, which fixed the issue of missing environmental variables of KUBERNETES_SERVICE_HOST (kubelet).
    • Merged 92537, which fixed the issue where client-go reflector could not recover from the error "Too large resource version" (kube-apiserver, kube-controller-manager, kube-scheduler, kubelet, and kube-proxy).
    • Merged pr92969, which fixed the issue where CVE-2020-8559 privilege escalation from an invaded node resulted in invasion into other nodes (kube-apiserver).
    • Merged pr92921, which fixed the DOS attack issue where CVE-2020-8557 exhausted the disk space by writing into “/etc/hosts” (kubelet).

    TKE Kubernetes 1.16.3 Revisions

    DateVersionUpdates
    2020-12-28 v1.16.3-tke.14
    • Added metrics to QcloudCbs (kube-controller-manager).
    • Fixed the issue where extra space exists when viewing the value of serial when mounting CBS disk (Kubelet).
    2020-12-21 v1.16.3-tke.13
    • Merged pr94712, which fixed CVE-2020-8564 - fixed the issue when the file format was incorrect and logLevel >= 4, Docker configuration leaked (kubelet).
    • Merged pr95316, which fixed CVE-2020-8565 - fixed the issue where incomplete fix for CVE-2019-11250 resulting in log token leak (logLevel >= 9) (kube-apiserver, kubectl).
    • Merged pr95245, which fixed CVE-2020-8566 - fixed the issue where Ceph RBD adminSecrets was exposed in the log when loglevel >= 4 (kube-controller-manager).
    • Merged pr86191, which fixed the issue where Pod might be in the wrong state when the node was restarted (kubelet).
    • Merged pr86140, which fixed the issue where the Controller Manager did not handle the timeout error correctly, so that the expanded pod could not be created (kube-controller-manager).
    • Merged pr90825, which fixed the issue where the pop operation of the fifo queue in client-go might be stuck due to race condition, which caused the pod to remain in the pending state (kubelet).
    • The scheduler supports virtual nodes (kube-scheduler).
    • kube-controller-manager supports virtual nodes (kube-controller-manager).
    • Set the instance-type label based on the actual model of the node, instead of being fixed as QCLOUD (kubelet).
    • Added the CBS to OpenAPI (kube-apiserver).
    • Merged pr81344, which fixed the issue where the CPU Manager did not support SourcesReady (kubelet).
    • Merged pr91126, which fixed the issue where the scheduler cache was inconsistent when Pod had the same name but different UID (kube-scheduler).
    • Merged pr89224, which fixed the issue where kube-scheduler restarted abnormally because NodeInfo did not check (kube-scheduler).
    • Merged pr89465, which fixed the issue where the HPA based on Pod metrics incorrectly calculated the number of instances during rolling updates (kube-controller-manager).
    2020-10-13 v1.16.3-tke.11
    • Merged pr92971, which fixed the issue where CVE-2020-8559 privilege escalation from an invaded node resulted in invasion into other nodes (kube-apiserver).
    • Merged pr92924, which fixed the DOS attack issue where CVE-2020-8557 exhausted the disk space by writing into /etc/hosts (kubelet).
    • Merged pr93403, which removed the printed error information of pod condition irrelevant to the kubelet during kubelet update (kubelet).
    • Merged pr89629, which fixed the issue where the container that mounted the subpath would fail to restart after the configmap is changed (kubelet).
    • QcloudCbs supports BulkVolumeVerification (kube-controller-manager).
    • Merged pr84998, which resolved the issue where the corresponding node lease object might be rebuilt after the node was deleted and caused junk data (kubelet).
    2020-07-28 v1.16.3-tke.10
    • Incorporated pr91277, which prevents the issue of large numbers of TLS handshake error logs generated by kube-apiserver as a result of CLB health checks (kube-apiserver).
    • Incorporated pr91500, which fixed the issue of missing environmental variables of KUBERNETES_SERVICE_HOST (kubelet).
    2020-06-17 v1.16.3-tke.9 Temporarily fixes the AWS issuepr92162. AWS Credential Provider is no longer registered to prevent this issue from causing slow node launches.
    2020-06-11 v1.16.3-tke.8 Merges pr85993, which allows you to use CNI results to set kubenet gateway addresses.
    2020-06-10 v1.16.3-tke.7
    • Merges pr90260, which fixes the issue of missing monitoring records for containerd cluster networks.
    • Merges pr89515, which fixes the issue where HPA miscalculates the number of pods during rolling updates.
    • Merges pr91252, which ignores Pod Condition updates generated by other components to avoid unnecessary scheduling.
    • Merges pr89794, which clears kube-controller-manager error logs to avoid CVE-2020-8555 Half-Blind SSRF attacks.
    2020-05-18 v1.16.3-tke.6 TKE can perceive the maximum number of qcloudcbs that can be mounted to a single node. The max value cannot be dynamically obtained.
    2020-04-20 v1.16.3-tke.5 Merges pr69047, which fixes the node.Spec.Unschedulable backward compatibility issue. (This fix is overwritten when the in-tree cbs code is incorporated).
    2020-04-14 v1.16.3-tke.4
    • Merges pr87913, which fixes the CVE-2020-8551: Kubelet DoS attack issue.
    • Merges pr87669, which fixes the CVE-2020-8552: apiserver DoS attack issue.
    • TKE can perceive the maximum number of qcloudcbs that can be mounted to a single node. (In 1.12 and later versions, the value is maxAttachCount-2. In version 1.10, the value is 18 by default).
    • Merges pr87467, which fixes the issue of excessive CPU consumption by kubectl in parsing YAML files when an authorized user sends a malicious YAML file.
    2020-03-11 v1.16.3-tke.3
    • Fixed the issue where CBS intree continued to unmount a non-existent disk, which caused a large number of invalid requests.
    • Added a local metadata cache.
    2020-02-14 v1.16.3-tke.2
    • Merges pr2359, which fixes the issue of missing monitoring records when the system is unable to obtain docker root.
    • Merges pr86583, which increases the logging level to reduce the amount of logs caused by the lack of support for random-fully in earlier versions of iptables.
    • kube-scheduler now supports dynamic logging level configuration.
    • Produces a workaround for the missing CBS device path (/dev/disk/by-id/virtio-xxx/...) issue that prevents some users from accessing CBS properly.
    • Merges pr86230, which skips assumed pod updates when pods are scheduled.
    2020-01-06 v1.16.3-tke.1
    • Incorporates pr79036, which fixes the issue where upon being opened, the CPU Manager disables the CPU quota if the QoS setting of a pod is Guaranteed.
    • Incorporates pr84167, which fixes the issue where an incorrect Etcd key prefix causes an apiserver health check failure.
    • Reverts pr63066, which fixes the CLB health check and IPVS issues.
    • Incorporates pr72914, which fixes the issue where mounting may fail if you delete a pod, create a new one, and schedule it to the same node.
    • Fixes the issue where creating containers in CentOS results in cgroup leakage.
    • Fixes the issue where upgrading lxcfs in Ubuntu 16 causes pods to exit.
    • Adds metadata cache and timeout. cloud-provider now supports using node names as hostnames.
    • Reverts pr79036, which fixes the issue where upon being opened, the CPU Manager disables the CPU quota if the QoS setting of a pod is Guaranteed.
    • Produces a workaround for the missing CBS device path (/dev/disk/by-id/virtio-xxx/...) issue that prevents some users from accessing CBS properly.

    TKE Kubernetes 1.14.3 Revisions

    DateVersionRevisions
    2020-12-28 v1.14.3-tke.19
    • Added metrics to QcloudCbs (kube-controller-manager).
    • Fixed the issue where extra space exists when viewing the value of serial when mounting CBS disk (Kubelet).
    2020-12-21 v1.14.3-tke.18
    • Merged pr94712, which fixed CVE-2020-8564 - fixed the issue when the file format was incorrect and logLevel >= 4, Docker configuration leaked (kubelet).
    • Merged pr95316, which fixed CVE-2020-8565 - fixed the issue where incomplete fix for CVE-2019-11250 resulting in log token leak (logLevel >= 9) (kube-apiserver, kubectl).
    • Merged pr95245, which fixed CVE-2020-8566 - fixed the issue where Ceph RBD adminSecrets was exposed in the log when loglevel >= 4 (kube-controller-manager).
    • Merged pr86140, which fixed the issue where the Controller Manager did not handle the timeout error correctly, so that the expanded pod could not be created (kube-controller-manager).
    • The scheduler supports virtual nodes (kube-scheduler).
    • kube-controller-manager supports virtual nodes (kube-controller-manager).
    • Set the instance-type label based on the actual model of the node, instead of being fixed as QCLOUD (kubelet).
    • Merged pr79338, when both SupportPodPidsLimit and SupportNodePidsLimit are not enabled, the pids cgroup subsystem will not be enabled (kubelet).
    • Merged pr89224, which fixed the issue where kube-scheduler restarted abnormally because NodeInfo did not check (kube-scheduler).
    • Merged pr89465, which fixed the issue where the HPA based on Pod metrics incorrectly calculated the number of instances during rolling updates (kube-controller-manager).
    2020-10-13 v1.14.3-tke.17
    • Merged pr74781, which changed the default update strategy of ConfigMap and Secret from Cache to Watch (kubelet).
    • Merged pr93403, which removed the printed error information of pod condition irrelevant to the kubelet during kubelet update (kubelet).
    • Merged pr89629, which fixed the issue where the container that mounted the subpath would fail to restart after the configmap is changed (kubelet).
    • Merged pr80942, which fixed the issue where rules were not deleted after the service was deleted in ipvs mode (kube-proxy).
    • QcloudCbs supports BulkVolumeVerification (kube-controller-manager).
    2020-08-04 v1.14.3-tke.16 Merged pr78883, which fixed the bug where the default value for pod.spec.container.SecurityContext.ProcMount was added by default.
    2020-07-28 v1.14.3-tke.15
    • Incorporated pr76518 and pr82514, which limits the return size of http and exec probe to prevent occupation of large amounts of node memory (kubelet).
    • Incorporated pr91277, which prevents the issue of large numbers of TLS handshake error logs generated by kube-apiserver as a result of CLB health checks (kube-apiserver).
    • Incorporated pr91500, which fixed the issue of missing environmental variables of KUBERNETES_SERVICE_HOST (kubelet).
    • Incorporated pr77475, which fixed the issue of Cronjob scheduling failure when the number of jobs exceeded 500 (kube-controller-manager).
    2020-06-10 v1.14.3-tke.14
    • Merges pr85027, which fixes the issue where HPA miscalculates of the number of pods during rolling updates.
    • Merges pr79708, which uses spec.replicas to calculate the current number of replicas of HPA.
    • Merges pr91252, which ignores Pod Condition updates generated by other components to avoid unnecessary scheduling.
    • Merges pr89794, which clears kube-controller-manager error logs to avoid CVE-2020-8555 Half-Blind SSRF attacks.
    2020-06-04 v1.14.3-tke.13
    • Merges pr90260, which fixes the issue of missing monitoring records for containerd cluster networks.
    • Merges pr79451, which fixes the issue where if restartPolicy is set to Never, kubelet does not try to create SandBox again after the first attempt fails.
    2020-05-18 v1.14.3-tke.12 TKE can perceive the maximum number of qcloudcbs that can be mounted to a single node. The max value cannot be dynamically obtained.
    2020-04-14 v1.14.3-tke.11
    • Merges pr75442, which changes the bandwidth unit from Kb to b.
    • Merges pr87669, which fixes the CVE-2020-8552: apiserver DoS attack issue.
    • TKE can perceive the maximum number of qcloudcbs that can be mounted to a single node. (In 1.12 and later versions, the value is maxAttachCount-2. In version 1.10, the value is 18 by default).
    2020-04-14 v1.14.3-tke.10 Fixes the issue where CBS intree continues to unmount a non-existent disk, which causes a large number of invalid requests.
    2020-01-13 v1.14.3-tke.9
    • Merges pr2359, which fixes the issue of missing monitoring records when the system is unable to obtain docker root.
    • Merges pr86583, which increases the logging level to reduce the amount of logs caused by the lack of support for random-fully in earlier versions of iptables.
    • kube-scheduler now supports dynamic logging level configuration.
    • Produces a workaround for the missing CBS device path (/dev/disk/by-id/virtio-xxx/...) issue that prevents some users from accessing CBS properly.
    • Merges pr86230, which skips assumed pod updates when pods are scheduled.
    2019-12-23 v1.14.3-tke.8 Reverts pr79036, which fixes an issue where upon being opened, the CPU Manager disables the CPU quota if the QoS setting of a pod is Guaranteed.
    2019-12-17 v1.14.3-tke.7
    • Added metadata cache and timeout.
    • Fixed the issue where upgrading lxcfs in Ubuntu 16 caused pods to exit.
    • Avoided the readiness state of “pod not ready” when kubelet was restarted.
    2019-11-28 v1.14.3-tke.6 cloud-provider supports using node names as hostnames.
    2019-11-18 v1.14.3-tke.5
    • Merges pr83435, which fixes an issue that allows DoS attacks that use malicious YAML or JSON files to exhaust kube-apiserver CPU or memory resources, resulting in a loss of service.
    • Merges pr84167, which fixes an issue where an incorrect ETCD prefix causes apiserver health checks to fail.
    • Merges pr75622, which fixes an issue where, when there is a high sts (>2000) workload in a cluster, it takes too long to sync sts changes to pod (about 20s).
    2019-10-23 v1.14.3-tke.4 Merges pr79036, which fixes an issue where upon being opened, the CPU Manager disables the CPU quota if the QoS setting of a pod is Guaranteed.
    2019-09-10 v1.14.3-tke.3 Incorporated pr63066, which fixed the issue where CLB health checks failed in IPVS mode.
    2019-09-06 v1.14.3-tke.2
    • Fixes the cve-2019-9512&cve-2019-9514 HTTP/2 DDoS security issue.
    • Merges pr72914, which fixes an issue where deleting a Pod and then creating a new one and scheduling it to the same node could cause mounting a volume to fail.
    • Resolves the issue where creating containers in CentOS results in cgroup leakage.

    TKE Kubernetes 1.12.4 Revisions

    DateVersionRevisions
    2020-12-28 v1.12.4-tke.27
    • Added metrics to QcloudCbs (kube-controller-manager).
    • Fixed the issue where extra space exists when viewing the value of serial when mounting CBS disk (Kubelet).
    2020-12-15 v1.12.4-tke.26 QcloudCbs supports BulkVolumeVerification (kube-controller-manager).
    2020-11-17 v1.12.4-tke.25 Merged pr79495, which fixed the issue where the webhook call failed when there were multiple versions of CRD (kube-apiserver).
    2020-10-13 v1.12.4-tke.24 Merged pr93403, which removed the printed error information of pod condition irrelevant to the kubelet during kubelet update (kubelet).
    2020-08-04 v1.12.4-tke.23 Merged pr78881, which fixed the bug where the default value for pod.spec.container.SecurityContext.ProcMount was added by default.
    2020-07-28 v1.12.4-tke.22
    • Incorporated pr91277, which prevents the issue of large numbers of TLS handshake error logs generated by kube-apiserver as a result of CLB health checks (kube-apiserver).
    • Incorporated pr91500, which fixed the issue of missing environmental variables of KUBERNETES_SERVICE_HOST (kubelet).
    2020-06-10 v1.12.4-tke.21
    • Merges pr73915, which prevents the watcher from receiving events before the watch is started.
    • Merges pr91252, which ignores Pod Condition updates generated by other components to avoid unnecessary scheduling.
    • Merges pr73915, which clears kube-controller-manager error logs to avoid CVE-2020-8555 Half-Blind SSRF attacks.
    2020-06-04 v1.12.4-tke.20
    • Merges pr90260, which fixes the issue of missing monitoring records for containerd cluster networks.
    • Merges pr79451, which fixes the issue where if restartPolicy is set to Never, kubelet does not try to create SandBox again after the first attempt fails.
    2020-05-18 v1.12.4-tke.19
    • Merges pr77802, which disables graceful termination for UDP traffic.
    • Merges pr68741, which fixes the issue of when the soft link /var/lib/kubelet and subpath are used, the host fails to unmount after pod deletion, resulting in mount target leakage and the pod being stuck in terminating.
    • TKE can perceive the maximum number of qcloudcbs that can be mounted to a single node. The max value cannot be dynamically obtained.
    2020-04-14 v1.12.4-tke.18
    • Merges pr73401, pr73606, and pr76060, which deletes DaemonSet pods allocated to non-existent nodes.
    • Merges pr68619, which fixes the CPU Manager dirty data issue.
    • Merges pr87669, which fixes the CVE-2020-8552: apiserver DoS attack issue.
    • TKE can perceive the maximum number of qcloudcbs that can be mounted to a single node. (In 1.12 and later versions, the value is maxAttachCount-2. In version 1.10, the value is 18 by default).
    2020-02-14 v1.12.4-tke.17
    • Upgrades the CBS V2 interface to V3.
    • Fixes the issue where CBS intree continues to unmount a non-existent disk, which causes a large number of invalid requests.
    2020-01-13 v1.12.4-tke.16
    • Merges pr2359 , which fixes the issue of missing monitoring records when docker root fails to be obtained.
    • Merges pr86583 , which increases the logging level to prevent excessive logs from being generated when iptables does not support random-fully.
    • kube-scheduler supports dynamic logging level configuration.
    • Produces a workaround for the missing CBS device path (/dev/disk/by-id/virtio-xxx/...) issue that prevents some users from accessing CBS properly.
    • Merges pr86230, which skips assumed pod updates when pods are scheduled.
    2019-12-23 v1.12.4-tke.15 Reverted pr79036, which fixed the issue where the enabled CPU Manager disabled `cpu quota` if `QoS` of a pod was set to `Guaranteed`.
    2019-12-17 v1.12.4-tke.14
    • Added metadata cache and timeout.
    • Fixed the issue where upgrading lxcfs in Ubuntu 16 caused pods to exit.
    • Avoided the readiness state of “pod not ready” when kubelet was restarted.
    2019-11-28 v1.12.4-tke.13 cloud-provider supports using node names as hostnames.
    2019-11-18 v1.12.4-tke.12 Merges pr75622, which fixes an issue where, when there is a high sts (>2000) workload, it takes too long to sync sts changes to pod (about 20s).
    2019-10-23 v1.12.4-tke.11
    • Merges pr79036, which fixes an issue where upon being opened, the CPU Manager disables the CPU quota if the QoS setting of a pod is Guaranteed.
    • Merges pr72868, which adds a new parameter--metrics-port to kube-proxy and addresses the issue where --metrics-bind-address does not recognize port numbers.
    2019-09-06 v1.12.4-tke.10
    • Fixes the cve-2019-9512&cve-2019-9514 HTTP/2 DDoS security issue.
    • Merges pr72914, which fixes an issue where deleting a Pod and then creating a new one and scheduling it to the same node could cause mounting a volume to fail.
    • Merges pr71834, which fixes an issue with IPVS load balancing where, if sessionAffinity is set to ClientIP, traffic is routed to an invalid real server.
    2019-08-09 v1.12.4-tke.9 Fixed the issue where creating containers in CentOS resulted in cgroup leakage.
    2019-08-08 v1.12.4-tke.8 Incorporated pr72118, which fixed the issue where mounting failed if a CBS StatefulSet was rescheduled to the same node.
    2019-07-17 v1.12.4-tke.7 Incorporated pr75037, which resolved the security risks of the cp command in kubectl.
    2019-07-16 v1.12.4-tke.6 Fixed the compatibility issue between the TLinux kernel and IPVS and fixed CLB health check failures in IPVS mode.
    2019-07-09 v1.12.4-tke.5 Incorporated pr72361, which fixed the kube-proxy deadlock issue.
    2019-06-25 v1.12.4-tke.4 Fixes the compatibility issue between the TLinux kernel and IPVS.
    2019-06-17 v1.12.4-tke.3 Incorporated pr71114, which fixed the IPVS throughput issue.
    2019-06-04 v1.12.4-tke.2
    • Merges pr74755, which fixes a hang/timeout issue when running large numbers of pods with unique configmap/secret references.
    • Merges pr69047, which fixes a backward compatibility issue with node.Spec.Unschedulable.

    TKE Kubernetes 1.10.5 Revisions

    DateVersionRevisions
    2020-06-10 v1.10.5-tke.19
    • Merges pr90260, which fixes the issue of missing monitoring records for containerd cluster networks.
    • Merges pr91252, which ignores Pod Condition updates generated by other components to avoid unnecessary scheduling.
    • Merges pr89794, which clears kube-controller-manager error logs to avoid CVE-2020-8555 Half-Blind SSRF attacks.
    2020-05-18 v1.12.4-tke.19 Merges pr61549, which adds volumeSpec data for mountedPods cache and fixes the issue of deletion failure when multiple pods use the same volume.
    2020-04-29 v1.10.5-tke.17 Mergespr75622, which fixes the issue where, when a large number (>2000) of sts workloads exist in a cluster, it takes too long (about 20s) to synchronize sts changes to a pod.
    2020-04-14 v1.10.5-tke.16
    • Merges pr68619, which fixes the CPU Manager dirty data issue.
    • Merges pr87669, which fixes the CVE-2020-8552: apiserver DoS attack issue.
    • TKE can perceive the maximum number of qcloudcbs that can be mounted to a single node. (In 1.12 and later versions, the value is maxAttachCount-2. In version 1.10, the value is 18 by default).
    2020-02-14 v1.10.5-tke.15
    • Upgrades the CBS V2 interface to V3.
    • Fixes the issue where CBS intree continues to unmount a non-existent disk, which causes a large number of invalid requests.
    2020-01-13 v1.10.5-tke.14
    • Merges pr2359, which fixes the issue of missing monitoring records when docker root fails to be obtained.
    • Merges pr86583, which increases the logging level to prevent excessive logs from being generated when iptables does not support random-fully.
    • kube-scheduler supports dynamic logging level configuration.
    • Produces a workaround for the missing CBS device path (/dev/disk/by-id/virtio-xxx/...) issue that prevents some users from accessing CBS properly.
    • Merges pr86230, which skips assumed pod updates when pods are scheduled.
    2019-12-23 v1.10.5-tke.13 Reverted pr79036, which fixes an issue where cpumanager disables cpu quota when it opens if the QoS setting of a pod is Guaranteed.
    2019-12-13 v1.10.5-tke.12
    • kubelet does not delete nodes when checking externalID.
    • Added metadata cache and timeout.
    • Fixed the issue where upgrading lxcfs in Ubuntu 16 caused pods to exit.
    • Avoided the readiness state of “pod not ready” when kubelet was restarted.
    2019-11-18 v1.10.5-tke.11 Removes the kube-controller-manager probe that sends heartbeats to kubelet.
    2019-10-23 v1.10.5-tke.10
    • Merges pr79036, which fixes an issue where upon being opened, the CPU Manager disables the CPU quota if the QoS setting of a pod is Guaranteed.
    • Merges pr72868, which adds a new parameter--metrics-port to kube-proxy and addresses the issue where --metrics-bind-address does not recognize port numbers.
    2019-09-06 v1.10.5-tke.9
    • Fixes the cve-2019-9512&cve-2019-9514 HTTP/2 DDoS security issue.
    • Merges pr72914, which fixes an issue where deleting a Pod and then creating a new one and scheduling it to the same node could cause mounting a volume to fail.
    • Merges 67430 to rollback the state if updateContainerCPUSet fails.
    2019-08-08 v1.10.5-tke.8 Merges pr72118, which fixes an issue where, if kubelet mounts a device immediately after unmounting it, an error occurs with the message `resource name may not be empty`.
    2019-07-17 v1.10.5-tke.7 Merges pr75037, which fixes a security issue affecting the cp command in kubectl.
    2019-06-25 v1.10.5-tke.6 Fixed a Linux kernel and IPVS load balancing issue.
    2019-06-17 v1.10.5-tke.5 Merges pr71114, which fixes an issue with IPVS throughput.
    2019-03-19 v1.10.5-tke.4 Incorporated pr65092, which fixed the issue where apiserver would panic when handling specific requests.
    2019-02-19 v1.10.5-tke.3 Incorporated pr67288, which fixed the issue where apiserver did not close the other side of the connection immediately when proxying.
    2018-09-28 v1.10.5-tke.2 Moves the CLB creation logic from controller-manager to an independent service controller.
    2018-09-27 v1.10.5-tke.1 Backports pr63321, which fixes an issue where termination takes too long when there are multiple service containers in a pod.
    2018-09-21 v1.10.5-qcloud-rev1 If a kubelet status update times out, controller-manager probes the kubelet port.

    TKE Kubernetes 1.8.13 Revisions

    DateVersionRevisions
    2020-01-13 v1.8.13-tke.7
    • Merges pr2359, which fixes the issue of missing monitoring records when the system is unable to obtain docker root.
    • Produces a workaround for the missing CBS device path (/dev/disk/by-id/virtio-xxx/...) issue that prevents some users from accessing CBS properly.
    2019-12-13 v1.8.13-tke.6
    • kubelet does not delete nodes when checking externalID.
    • Adds metadata cache and timeout.
    • Fixes an issue where upgrading lxcfs in Ubuntu 16 causes pods to exit.
    • Adds the ability to reboot kubelet to avoid pod not ready.
    2019-11-18 v1.8.13-tke.5
    • Removes the kube-controller-manager probe that sends heartbeats to kubelet.
    • Adds metrics to CBS PVC.
    2018-09-28 v1.8.13-tke.2 Moved load balancing logic from controller-manager to independent service controllers.
    2018-09-27 v1.8.13-tke.1
    • Disables kmem statistics to prevent cgroup numbers from leaking.
    • Reduces resourcequota conflicts caused by creating pods.
    2018-09-21 v1.8.13-qcloud-rev1 If a kubelet state update times out, controller-manager probes kubelet port.

    TKE Kubernetes 1.7.8 Revisions

    DateVersionRevisions
    2019-12-17 v1.7.8-tke.4
    • kubelet does not delete nodes when checking externalID.
    • Added metadata cache and timeout.
    • Fixed the issue where upgrading lxcfs in Ubuntu 16 caused pods to exit.
    • Avoided the readiness state of “pod not ready” when kubelet was restarted.
    2018-09-28 v1.7.8-tke.2 Fixes a conflict between controller-manager and an external service controller.
    2018-09-27 v1.7.8-tke.1 Moves load balancing logic from controller-manager to an independent service controllers.
    2018-09-21 v1.7.8-qcloud-rev1 If a kubelet status update times out, controller-manager probes the kubelet port.

    Was this page helpful?

    Was this page helpful?

    • Not at all
    • Not very helpful
    • Somewhat helpful
    • Very helpful
    • Extremely helpful
    Send Feedback
    Help