Skip to content

Latest commit

 

History

History
282 lines (260 loc) · 43.7 KB

CHANGELOG-1.9.md

File metadata and controls

282 lines (260 loc) · 43.7 KB

v1.9.0-alpha.1

Documentation & Examples

Downloads for v1.9.0-alpha.1

filename sha256 hash
kubernetes.tar.gz e2dc3eebf79368c783b64f5b6642a287cc2fd777547d99f240a35cce1f620ffc
kubernetes-src.tar.gz ca8659187047f2d38a7c0ee313189c19ec35646c6ebaa8f59f2f098eca33dca0

Client Binaries

filename sha256 hash
kubernetes-client-darwin-386.tar.gz 51e0df7e6611ff4a9b3759b05e65c80555317bff03282ef39a9b53b27cdeff42
kubernetes-client-darwin-amd64.tar.gz c6c57cc92cc456a644c0965a6aa2bd260125807b450d69376e0edb6c98aaf4d7
kubernetes-client-linux-386.tar.gz 399c8cb448d76accb71edcb00bee474f172d416c8c4f5253994e4e2d71e0dece
kubernetes-client-linux-amd64.tar.gz fde75d7267592b34609299a93ee7e54b26a948e6f9a1f64ced666c0aae4455aa
kubernetes-client-linux-arm64.tar.gz b38810cf87735efb0af027b7c77e4e8c8f5821f235cf33ae9eee346e6d1a0b84
kubernetes-client-linux-arm.tar.gz a36427c2f2b81d42702a12392070f7dd3635b651bb04ae925d0bdf3ec50f83aa
kubernetes-client-linux-ppc64le.tar.gz 9dee0f636eef09bfec557a50e4f8f4b69e0588bbd0b77f6da50cc155e1679880
kubernetes-client-linux-s390x.tar.gz 4a6246d5de5c3957ed41b8943fa03e74fb646595346f7c72beaf7b030fe6872e
kubernetes-client-windows-386.tar.gz 1ee384f4bb02e614c86bf84cdfdc42faffa659aaba4a1c759ec26f03eb438149
kubernetes-client-windows-amd64.tar.gz e70d8935abefea0307780e899238bb10ec27c8f0d77702cf25de230b6abf7fb4

Server Binaries

filename sha256 hash
kubernetes-server-linux-amd64.tar.gz 7fff06370c4f37e1fe789cc160fce0c93535991f63d7fe7d001378f17027d9d8
kubernetes-server-linux-arm64.tar.gz 65cd60512ea0bf508aa65f8d22a6f3094db394f00b3cd6bd63fe02b795514ab2
kubernetes-server-linux-arm.tar.gz 0ecb341a047f1a9dface197f11f05f15853570cfb474c82538c7d61b40bd53ae
kubernetes-server-linux-ppc64le.tar.gz cea9eed4c24e7f29994ecc12674bff69d108692d3c9be3e8bd939b3c4f281892
kubernetes-server-linux-s390x.tar.gz 4d50799e5989de6d9ec316d2051497a3617b635e89fa44e01e64fed544d96e07

Node Binaries

filename sha256 hash
kubernetes-node-linux-amd64.tar.gz e956b9c1e5b47f800953ad0f82fae23774a2f43079dc02d98a90d5bfdca0bad6
kubernetes-node-linux-arm64.tar.gz ede6a85db555dd84e8d7180bdd58712933c38567ab6c97a80d0845be2974d968
kubernetes-node-linux-arm.tar.gz 4ac6a1784fa1e20be8a4e7fa0ff8b4defc725e6c058ff97068bf7bfa6a11c77d
kubernetes-node-linux-ppc64le.tar.gz 0d9c8c7e0892d7b678f3b4b7736087da91cb40c5f169e4302e9f4637c516207a
kubernetes-node-linux-s390x.tar.gz 2fdde192a84410c784e5d1e813985e9a19ce62e3d9bb2215481cbce9286329da
kubernetes-node-windows-amd64.tar.gz 543110cc69b57471f3824d96cbd16b003ac2cddaa19ca4bdefced0af61fd24f2

Changelog since v1.8.0-alpha.3

Action Required

  • New GCE or GKE clusters created with cluster/kube-up.sh will not enable the legacy ABAC authorizer by default. If you would like to enable the legacy ABAC authorizer, export ENABLE_LEGACY_ABAC=true before running cluster/kube-up.sh. (#51367, @cjcullen)
  • The OwnerReferencesPermissionEnforcement admission plugin now requires update permission on the finalizers subresource of the referenced owner in order to set blockOwnerDeletion on an owner reference. (#49133, @deads2k)
  • The deprecated alpha and beta initContainer annotations are no longer supported. Init containers must be specified using the initContainers field in the pod spec. (#51816, @liggitt)
  • Action required: validation rule on metadata.initializers.pending[x].name is tightened. The initializer name needs to contain at least three segments separated by dots. If you create objects with pending initializers, (i.e., not relying on apiserver adding pending initializers according to initializerconfiguration), you need to update the initializer name in existing objects and in configuration files to comply to the new validation rule. (#51283, @caesarxuchao)
  • Audit policy supports matching subresources and resource names, but the top level resource no longer matches the subresouce. For example "pods" no longer matches requests to the logs subresource of pods. Use "pods/logs" to match subresources. (#48836, @ericchiang)
  • Protobuf serialization does not distinguish between [] and null. (#45294, @liggitt)
    • API fields previously capable of storing and returning either [] and null via JSON API requests (for example, the Endpoints subsets field) can now store only null when created using the protobuf content-type or stored in etcd using protobuf serialization (the default in 1.6+). JSON API clients should tolerate null values for such fields, and treat null and [] as equivalent in meaning unless specifically documented otherwise for a particular field.

Other notable changes

  • PersistentVolumeLabel admission controller is now deprecated. (#52618, @dims)
  • Mark the LBaaS v1 of OpenStack cloud provider deprecated. (#52821, @FengyunPan)
  • NONE (#52819, @verult)
  • Mark image as deliberately optional in v1 Container struct. Many objects in the Kubernetes API inherit the container struct and only Pods require the field to be set. (#48406, @gyliu513)
  • [fluentd-gcp addon] Update Stackdriver plugin to version 0.6.7 (#52565, @crassirostris)
  • Remove duplicate proto errors in kubelet. (#52132, @adityadani)
  • [fluentd-gcp addon] Remove audit logs from the fluentd configuration (#52777, @crassirostris)
  • Set defaults for successfulJobsHistoryLimit (3) and failedJobsHistoryLimit (1) in batch/v1beta1.CronJobs (#52533, @soltysh)
  • Fix: update system spec to support Docker 17.03 (#52666, @yguo0905)
  • Fix panic in ControllerManager on GCE when it has a problem with creating external loadbalancer healthcheck (#52646, @gmarek)
  • PSP: add support for using * as a value in allowedCapabilities to allow to request any capabilities (#51337, @php-coder)
  • [fluentd-gcp addon] By default ingest apiserver audit logs written to file in JSON format. (#52541, @crassirostris)
  • The autoscaling/v2beta1 API group is now enabled by default. (#52549, @DirectXMan12)
  • Add CLUSTER_SIGNING_DURATION environment variable to cluster (#52497, @jcbsmpsn)
    • configuration scripts to allow configuration of signing duration of
    • certificates issued via the Certificate Signing Request API.
  • Introduce policy to allow the HPA to consume the metrics.k8s.io and custom.metrics.k8s.io API groups. (#52572, @DirectXMan12)
  • kubelet to master communication when doing node status updates now has a timeout to prevent indefinite hangs (#52176, @liggitt)
  • Introduced Metrics Server in version v0.2.0. For more details see https://github.com/kubernetes-incubator/metrics-server/releases/tag/v0.2.0. (#52548, @piosz)
  • Adds ROTATE_CERTIFICATES environment variable to kube-up.sh script for GCE (#52115, @jcbsmpsn)
    • clusters. When that var is set to true, the command line flag enabling kubelet
    • client certificate rotation will be added to the kubelet command line.
  • Make sure that resources being updated are handled correctly by Quota system (#52452, @gnufied)
  • WATCHLIST calls are now reported as WATCH verbs in prometheus for the apiserver_request_* series. A new "scope" label is added to all apiserver_request_* values that is either 'cluster', 'resource', or 'namespace' depending on which level the query is performed at. (#52237, @smarterclayton)
  • Fixed the webhook admission plugin so that it works even if the apiserver and the nodes are in two networks (e.g., in GKE). (#50476, @caesarxuchao)
    • Fixed the webhook admission plugin so that webhook author could use the DNS name of the service as the CommonName when generating the server cert for the webhook.
    • Action required:
    • Anyone who generated server cert for admission webhooks need to regenerate the cert. Previously, when generating server cert for the admission webhook, the CN value doesn't matter. Now you must set it to the DNS name of the webhook service, i.e., <service.Name>.<service.Namespace>.svc.
  • Ignore pods marked for deletion that exceed their grace period in ResourceQuota (#46542, @derekwaynecarr)
  • custom resources that use unconventional pluralization now work properly with kubectl and garbage collection (#50012, @deads2k)
  • [fluentd-gcp addon] Fluentd will trim lines exceeding 100KB instead of dropping them. (#52289, @crassirostris)
  • dockershim: check the error when syncing the checkpoint. (#52125, @yujuhong)
  • By default, clusters on GCE no longer sends RequestReceived audit event, if advanced audit is configured. (#52343, @crassirostris)
  • [BugFix] Soft Eviction timer works correctly (#52046, @dashpole)
  • Azuredisk mount on windows node (#51252, @andyzhangx)
  • [fluentd-gcp addon] Bug with event-exporter leaking memory on metrics in clusters with CA is fixed. (#52263, @crassirostris)
  • kubeadm: Enable kubelet client certificate rotation (#52196, @luxas)
  • Scheduler predicate developer should respect equivalence class cache (#52146, @resouer)
  • The kube-cloud-controller-manager flag --service-account-private-key-file was non-functional and is now deprecated. (#50289, @liggitt)
    • The kube-cloud-controller-manager flag --use-service-account-credentials is now honored consistently, regardless of whether --service-account-private-key-file was specified.
  • Fix credentials providers for docker sandbox image. (#51870, @feiskyer)
  • NONE (#52120, @abgworrall)
  • Fixed an issue looking up cronjobs when they existed in more than one API version (#52227, @liggitt)
  • Add priority-based preemption to the scheduler. (#50949, @bsalamat)
  • Add CLUSTER_SIGNING_DURATION environment variable to cluster configuration scripts (#51844, @jcbsmpsn)
    • to allow configuration of signing duration of certificates issued via the Certificate
    • Signing Request API.
  • Adding German translation for kubectl (#51867, @Steffen911)
  • The ScaleIO volume plugin can now read the SDC GUID value as node label scaleio.sdcGuid; if binary drv_cfg is not installed, the plugin will still work properly; if node label not found, it defaults to drv_cfg if installed. (#50780, @vladimirvivien)
  • A policy with 0 rules should return an error (#51782, @charrywanganthony)
  • Log a warning when --audit-policy-file not passed to apiserver (#52071, @CaoShuFeng)
  • Fixes an issue with upgrade requests made via pod/service/node proxy subresources sending a non-absolute HTTP request-uri to backends (#52065, @liggitt)
  • kubeadm: add kubeadm phase addons command (#51171, @andrewrynhard)
  • Fix for Nodes in vSphere lacking an InternalIP. (#48760) (#49202, @cbonte)
  • v2 of the autoscaling API group, including improvements to the HorizontalPodAutoscaler, has moved from alpha1 to beta1. (#50708, @DirectXMan12)
  • Fixed a bug where some alpha features were enabled by default. (#51839, @jennybuckley)
  • Implement StatsProvider interface using CRI stats (#51557, @yguo0905)
  • set AdvancedAuditing feature gate to true by default (#51943, @CaoShuFeng)
  • Migrate the metrics/v1alpha1 API to metrics/v1beta1. The HorizontalPodAutoscaler (#51653, @DirectXMan12)
    • controller REST client now uses that version. For v1beta1, the API is now known as
    • resource-metrics.metrics.k8s.io.
  • In GCE with COS, increase TasksMax for Docker service to raise cap on number of threads/processes used by containers. (#51986, @yujuhong)
  • Fixes an issue with APIService auto-registration affecting rolling HA apiserver restarts that add or remove API groups being served. (#51921, @liggitt)
  • Sharing a PID namespace between containers in a pod is disabled by default in 1.8. To enable for a node, use the --docker-disable-shared-pid=false kubelet flag. Note that PID namespace sharing requires docker >= 1.13.1. (#51634, @verb)
  • Build test targets for all server platforms (#51873, @luxas)
  • Add EgressRule to NetworkPolicy (#51351, @cmluciano)
  • Allow DNS resolution of service name for COS using containerized mounter. It fixed the issue with DNS resolution of NFS and Gluster services. (#51645, @jingxu97)
  • Fix journalctl leak on kubelet restart (#51751, @dashpole)
    • Fix container memory rss
    • Add hugepages monitoring support
    • Fix incorrect CPU usage metrics with 4.7 kernel
    • Add tmpfs monitoring support
  • Support for Huge pages in empty_dir volume plugin (#50072, @squall0gd)
    • Huge pages can now be used with empty dir volume plugin.
  • Alpha support for pre-allocated hugepages (#50859, @derekwaynecarr)
  • add support for client-side spam filtering of events (#47367, @derekwaynecarr)
  • Provide a way to omit Event stages in audit policy (#49280, @CaoShuFeng)
  • Introduced Metrics Server (#51792, @piosz)
  • Implement Controller for growing persistent volumes (#49727, @gnufied)
  • Kubernetes 1.8 supports docker version 1.11.x, 1.12.x and 1.13.x. And also supports overlay2. (#51845, @Random-Liu)
  • The Deployment, DaemonSet, and ReplicaSet kinds in the extensions/v1beta1 group version are now deprecated, as are the Deployment, StatefulSet, and ControllerRevision kinds in apps/v1beta1. As they will not be removed until after a GA version becomes available, you may continue to use these kinds in existing code. However, all new code should be developed against the apps/v1beta2 group version. (#51828, @kow3ns)
  • kubeadm: Detect kubelet readiness and error out if the kubelet is unhealthy (#51369, @luxas)
  • Fix providerID update validation (#51761, @karataliu)
  • Calico has been updated to v2.5, RBAC added, and is now automatically scaled when GCE clusters are resized. (#51237, @gunjan5)
  • Add backoff policy and failed pod limit for a job (#51153, @clamoriniere1A)
  • Adds a new alpha EventRateLimit admission control that is used to limit the number of event queries that are accepted by the API Server. (#50925, @staebler)
  • The OpenID Connect authenticator can now use a custom prefix, or omit the default prefix, for username and groups claims through the --oidc-username-prefix and --oidc-groups-prefix flags. For example, the authenticator can map a user with the username "jane" to "google:jane" by supplying the "google:" username prefix. (#50875, @ericchiang)
  • Implemented kubeadm upgrade plan for checking whether you can upgrade your cluster to a newer version (#48899, @luxas)
    • Implemented kubeadm upgrade apply for upgrading your cluster from one version to an other
  • Switch to audit.k8s.io/v1beta1 in audit. (#51719, @soltysh)
  • update QEMU version to v2.9.1 (#50597, @dixudx)
  • controllers backoff better in face of quota denial (#49142, @joelsmith)
  • The event table output under kubectl describe has been simplified to show only the most essential info. (#51748, @smarterclayton)
  • Use arm32v7|arm64v8 images instead of the deprecated armhf|aarch64 image organizations (#50602, @dixudx)
  • audit newest impersonated user info in the ResponseStarted, ResponseComplete audit stage (#48184, @CaoShuFeng)
  • Fixed bug in AWS provider to handle multiple IPs when using more than 1 network interface per ec2 instance. (#50112, @jlz27)
  • Add flag "--include-uninitialized" to kubectl annotate, apply, edit-last-applied, delete, describe, edit, get, label, set. "--include-uninitialized=true" makes kubectl commands apply to uninitialized objects, which by default are ignored if the names of the objects are not provided. "--all" also makes kubectl commands apply to uninitialized objects. Please see the initializer doc for more details. (#50497, @dixudx)
  • GCE: Service object now supports "Network Tiers" as an Alpha feature via annotations. (#51301, @yujuhong)
  • When using kube-up.sh on GCE, user could set env ENABLE_POD_PRIORITY=true to enable pod priority feature gate. (#51069, @MrHohn)
  • The names generated for ControllerRevision and ReplicaSet are consistent with the GenerateName functionality of the API Server and will not contain "bad words". (#51538, @kow3ns)
  • PersistentVolumeClaim metrics like "volume_stats_inodes" and "volume_stats_capacity_bytes" are now reported via kubelet prometheus (#51553, @wongma7)
  • When using IP aliases, use a secondary range rather than subnetwork to reserve cluster IPs. (#51690, @bowei)
  • IPAM controller unifies handling of node pod CIDR range allocation. (#51374, @bowei)
    • It is intended to supersede the logic that is currently in range_allocator
    • and cloud_cidr_allocator. (ALPHA FEATURE)
    • Note: for this change, the other allocators still exist and are the default.
    • It supports two modes:
      • CIDR range allocations done within the cluster that are then propagated out to the cloud provider.
      • Cloud provider managed IPAM that is then reflected into the cluster.
  • The Kubernetes API server now supports the ability to break large LIST calls into multiple smaller chunks. A client can specify a limit to the number of results to return, and if more results exist a token will be returned that allows the client to continue the previous list call repeatedly until all results are retrieved. The resulting list is identical to a list call that does not perform chunking thanks to capabilities provided by etcd3. This allows the server to use less memory and CPU responding with very large lists. This feature is gated as APIListChunking and is not enabled by default. The 1.9 release will begin using this by default from all informers. (#48921, @smarterclayton)
  • add reconcile command to kubectl auth (#51636, @deads2k)
  • Advanced audit allows logging failed login attempts (#51119, @soltysh)
  • kubeadm: Add support for using an external CA whose key is never stored in the cluster (#50832, @nckturner)
  • the custom metrics API (custom.metrics.k8s.io) has moved from v1alpha1 to v1beta1 (#50920, @DirectXMan12)
  • Add backoff policy and failed pod limit for a job (#48075, @clamoriniere1A)
  • Performs validation (when applying for example) against OpenAPI schema rather than Swagger 1.0. (#51364, @apelisse)
  • Make all e2e tests lookup image to use from a centralized place. In that centralized place, add support for multiple platforms. (#49457, @mkumatag)
  • kubelet has alpha support for mount propagation. It is disabled by default and it is there for testing only. This feature may be redesigned or even removed in a future release. (#46444, @jsafrane)
  • Add selfsubjectrulesreview API for allowing users to query which permissions they have in a given namespace. (#48051, @xilabao)
  • Kubelet re-binds /var/lib/kubelet directory with rshared mount propagation during startup if it is not shared yet. (#45724, @jsafrane)
  • Deviceplugin jiayingz (#51209, @jiayingz)
  • Make logdump support kubemark and support gke with 'use_custom_instance_list' (#51834, @shyamjvs)
  • add apps/v1beta2 conversion test (#49645, @dixudx)
  • Fixed an issue (#47800) where kubectl logs -f failed with unexpected stream type "". (#50381, @sczizzo)
  • GCE: Internal load balancer IPs are now reserved during service sync to prevent losing the address to another service. (#51055, @nicksardo)
  • Switch JSON marshal/unmarshal to json-iterator library. Performance should be close to previous with no generated code. (#48287, @thockin)
  • Adds optional group and version information to the discovery interface, so that if an endpoint uses non-default values, the proper value of "kind" can be determined. Scale is a common example. (#49971, @deads2k)
  • Fix security holes in GCE metadata proxy. (#51302, @ihmccreery)
  • #43077 introduced a condition where DaemonSet controller did not respect the TerminationGracePeriodSeconds of the Pods it created. This is now corrected. (#51279, @kow3ns)
  • Tainted nodes by conditions as following: (#49257, @k82cn) * 'node.kubernetes.io/network-unavailable=:NoSchedule' if NetworkUnavailable is true * 'node.kubernetes.io/disk-pressure=:NoSchedule' if DiskPressure is true * 'node.kubernetes.io/memory-pressure=:NoSchedule' if MemoryPressure is true * 'node.kubernetes.io/out-of-disk=:NoSchedule' if OutOfDisk is true
  • rbd: default image format to v2 instead of deprecated v1 (#51574, @dillaman)
  • Surface reasonable error when client detects connection closed. (#51381, @mengqiy)
  • Allow PSP's to specify a whitelist of allowed paths for host volume (#50212, @jhorwit2)
  • For Deployment, ReplicaSet, and DaemonSet, selectors are now immutable when updating via the new apps/v1beta2 API. For backward compatibility, selectors can still be changed when updating via apps/v1beta1 or extensions/v1beta1. (#50719, @crimsonfaith91)
  • Allows kubectl to use http caching mechanism for the OpenAPI schema. The cache directory can be configured through --cache-dir command line flag to kubectl. If set to empty string, caching will be disabled. (#50404, @apelisse)
  • Pod log attempts are now reported in apiserver prometheus metrics with verb CONNECT since they can run for very long periods of time. (#50123, @WIZARD-CXY)
  • The emptyDir.sizeLimit field is now correctly omitted from API requests and responses when unset. (#50163, @jingxu97)
  • Promote CronJobs to batch/v1beta1. (#51465, @soltysh)
  • Add local ephemeral storage support to LimitRange (#50757, @NickrenREN)
  • Add mount options field to StorageClass. The options listed there are automatically added to PVs provisioned using the class. (#51228, @wongma7)
  • Add 'kubectl set env' command for setting environment variables inside containers for resources embedding pod templates (#50998, @zjj2wry)
  • Implement IPVS-based in-cluster service load balancing (#46580, @dujun1990)
  • Release the kubelet client certificate rotation as beta. (#51045, @jcbsmpsn)
  • Adds --append-hash flag to kubectl create configmap/secret, which will append a short hash of the configmap/secret contents to the name during creation. (#49961, @mtaufen)
  • Add validation for CustomResources via JSON Schema. (#47263, @nikhita)
  • enqueue a sync task to wake up jobcontroller to check job ActiveDeadlineSeconds in time (#48454, @weiwei04)
  • Remove previous local ephemeral storage resource names: "ResourceStorageOverlay" and "ResourceStorageScratch" (#51425, @NickrenREN)
  • Add retainKeys to patchStrategy for v1 Volumes and extentions/v1beta1 DeploymentStrategy. (#50296, @mengqiy)
  • Add mount options field to PersistentVolume spec (#50919, @wongma7)
  • Use of the alpha initializers feature now requires enabling the Initializers feature gate. This feature gate is auto-enabled if the Initialzers admission plugin is enabled. (#51436, @liggitt)
  • Fix inconsistent Prometheus cAdvisor metrics (#51473, @bboreham)
  • Add local ephemeral storage to downward API (#50435, @NickrenREN)
  • kubectl zsh autocompletion will work with compinit (#50561, @cblecker)
  • [Experiment Only] When using kube-up.sh on GCE, user could set env KUBE_PROXY_DAEMONSET=true to run kube-proxy as a DaemonSet. kube-proxy is run as static pods by default. (#50705, @MrHohn)
  • Add --request-timeout to kube-apiserver to make global request timeout configurable. (#51415, @jpbetz)
  • Deprecate auto detecting cloud providers in kubelet. Auto detecting cloud providers go against the initiative for out-of-tree cloud providers as we'll now depend on cAdvisor integrations with cloud providers instead of the core repo. In the near future, --cloud-provider for kubelet will either be an empty string or external. (#51312, @andrewsykim)
  • Add local ephemeral storage support to Quota (#49610, @NickrenREN)
  • Kubelet updates default labels if those are deprecated (#47044, @mrIncompetent)
  • Add error count and time-taken metrics for storage operations such as mount and attach, per-volume-plugin. (#50036, @wongma7)
  • A new predicates, named 'CheckNodeCondition', was added to replace node condition filter. 'NetworkUnavailable', 'OutOfDisk' and 'NotReady' maybe reported as a reason when failed to schedule pods. (#51117, @k82cn)
  • Add support for configurable groups for bootstrap token authentication. (#50933, @mattmoyer)
  • Fix forbidden message format (#49006, @CaoShuFeng)
  • make volumesInUse sorted in node status updates (#49849, @dixudx)
  • Adds InstanceExists and InstanceExistsByProviderID to cloud provider interface for the cloud controller manager (#51087, @prydie)
  • Dynamic Flexvolume plugin discovery. Flexvolume plugins can now be discovered on the fly rather than only at system initialization time. (#50031, @verult)
  • add fieldSelector spec.schedulerName (#50582, @dixudx)
  • Change eviction manager to manage one single local ephemeral storage resource (#50889, @NickrenREN)
  • Cloud Controller Manager now sets Node.Spec.ProviderID (#50730, @andrewsykim)
  • Paramaterize session affinity timeout seconds in service API for Client IP based session affinity. (#49850, @m1093782566)
  • Changing scheduling part of the alpha feature 'LocalStorageCapacityIsolation' to manage one single local ephemeral storage resource (#50819, @NickrenREN)
  • set --audit-log-format default to json (#50971, @CaoShuFeng)
  • kubeadm: Implement a --dry-run mode and flag for kubeadm (#51122, @luxas)
  • kubectl rollout history, status, and undo subcommands now support StatefulSets. (#49674, @crimsonfaith91)
  • Add IPBlock to Network Policy (#50033, @cmluciano)
  • Adding Italian translation for kubectl (#50155, @lucab85)
  • Simplify capabilities handling in FlexVolume. (#51169, @MikaelCluseau)
  • NONE (#50669, @jiulongzaitian)
  • cloudprovider.Zones should support external cloud providers (#50858, @andrewsykim)
  • Finalizers are now honored on custom resources, and on other resources even when garbage collection is disabled via the apiserver flag --enable-garbage-collector=false (#51148, @ironcladlou)
  • Renamed the API server flag --experimental-bootstrap-token-auth to --enable-bootstrap-token-auth. The old value is accepted with a warning in 1.8 and will be removed in 1.9. (#51198, @mattmoyer)
  • Azure file persistent volumes can use a new secretNamespace field to reference a secret in a different namespace than the one containing their bound persistent volume claim. The azure file persistent volume provisioner honors a corresponding secretNamespace storage class parameter to determine where to place secrets containing the storage account key. (#47660, @rootfs)
  • Bumped gRPC version to 1.3.0 (#51154, @RenaudWasTaken)
  • Delete load balancers if the UIDs for services don't match. (#50539, @brendandburns)
  • Show events when describing service accounts (#51035, @mrogers950)
  • implement proposal 34058: hostPath volume type (#46597, @dixudx)
  • HostAlias is now supported for both non-HostNetwork Pods and HostNetwork Pods. (#50646, @rickypai)
  • CRDs support metadata.generation and implement spec/status split (#50764, @nikhita)
  • Allow attach of volumes to multiple nodes for vSphere (#51066, @BaluDontu)

Please see the Releases Page for older releases.

Release notes of older releases can be found in:

Analytics