tencent cloud

PrevNext

Feedback

search by keyword

Recent Pages

Documentation
Tencent Kubernetes Engine
    Documentation
    Download PDF

    TKE Kubernetes Revision Version History

    Last updated: 2023-05-05 10:44:50
    Download PDF

      TKE Kubernetes 1.24.4 revisions

      Note

      In Kubernetes 1.24, support for Docker through Dockershim is removed. Use containerd for container runtime for new nodes. Images built by using Docker can still be used. For more information, see Dockershim Removal FAQ.

      DateVersionUpdates
      2022-12-08 v1.24.4-tke.3
    • Supports disk usage metrics of containerd runtime. (kubelet)
    • Supports extended scheduler Prebind and Unreserve operations. (kube-scheduler)
    • Supports TKE Serverless super nodes. (kube-controller-manager, kube-scheduler)
      		•
      2022-05-07 v1.24.4-tke.1
    • Updates the launch method of running kube-proxy as an image, and automatically adapts to the iptables running mode of the node to support the operating system that uses the NF_TABLES mode to run iptables by default. (kube-proxy)
    • Allows the special IP range used by TKE managed clusters (kube-apiserver).
    • Reverts pr63066, which fixes the issues of LB health check and IPVS (kube-proxy).
    • Incorporates PR112299, which optimizes the apiserver Gzip compression level.
      		•

      TKE Kubernetes 1.22.5 Revisions

      DateVersionUpdates
      2023-01-12 v1.22.5-tke.9
    • Supports the feature of enlarging native nodes. (kube-scheduler)
    • Adds the `delegated_to_storage` tag to the `list_too_many_objects_events_total` metric to indicate whether to pass through requests to etcd. (kube-apiserver)
      		•
      2023-01-05 v1.22.5-tke.8
    • Enhances the kube-apiserver priority and fairness features. (kube-apiserver)
        a. During rate limiting, consider the number of objects of the resource type requested by `list` requests. The higher the number of objects, the lower the concurrent QPS and the less resources occupied by APIServer, which effectively improves cluster stability and avoids crashes. If the service add-on sends a large number of `list` requests, the delay may increase after the upgrade, or APIServer may retry due to rate limiting.
        b. Supports rate limiting based on userAgent, supports token bucket rate limiting, and supports rate limiting and circuit breaking for add-ons of any type.
        c. Supports rate limiting for update requests related to watched objects to avoid generating too many update events at once.
    • DaemonSet pods can be run on super nodes when necessary. (kube-controller-manager)
    • Supports the `exec` and `logs` commands for DaemonSet Pods. (kube-apiserver)
    • Records the following metrics when list/watch too old, too large, and too many objects occur (kube-apiserver): watch_too_old_objects_events_total, list_too_large_objects_events_total, list_too_many_objects_events_total, watch_too_many_objects_events_total
    • Incorporates PR108754, which fixes the occasional "not registered" errors reported during ConfigMap/Secrets volume mounting. (kubelet)
    • Supports in-place update of Pod resources (kube-apiserver, kubelet).
      		•
      2022-12-08 v1.22.5-tke.7 Fixes the issue where the default name of a container ENI is set to eth1. (kubelet)
      2022-11-09 v1.22.5-tke.6
    • Optimizes the stability of cloud native nodes (kubelet).
    • Optimizes the scheduling of the number of local replicas on super nodes.
      		•
      2022-10-13 v1.22.5-tke.5
    • Supports DaemonSet for Serverless clusters (kube-apiserver).
    • Incorporates PR112299, which optimizes the apiserver Gzip compression level. (kube-apiserver)
    • Fixes CVE-2022-3172 (kube-apiserver).
    • Adds the `calling_webhook_timeout_error` metric (kube-apiserver).
    • Ignores the error in case of `TKEDefaultQuota` conflicts and increases the number of workers to fix the `resource quota evaluates timeout` error (kube-apiserver).
    • Incorporates PR110294, which fixes the issue where `Job activeDeadlineSeconds` doesn't take effect. (kube-controller-manager)
    • Incorporates PR111773, which fixes the memory leakage during scheduler preemption. (kube-scheduler)
    • Supports the containerd disk metric (kubelet).
    • Incorporates PR108831, which fixes the issue where creating multiple Pods at a time leads to kubelet panic. (kubelet)
    • Supports specifying the Pod during scale-in (kube-controller-manager).
    • Optimizes DaemonSet Pod scheduling performance. Only the assigned nodes are processed. (kube-scheduler)
    • Sets the CBS-CSI migration to the completed status (kube-controller-manager).
    • Supports extended scheduler Prebind and Unreserve operations. (kube-scheduler)
    • Optimizes the HPA of virtual nodes in Serverless clusters (kube-controller-manager).
      		•
      2022-05-07 v1.22.5-tke.1
    • Allows the special IP range used by TKE managed clusters (kube-apiserver).
    • Reverts pr63066, which fixes the issues of LB health check and IPVS. (kube-proxy)
    • Merges pr90260, which fixes the issue of missing monitoring records for containerd cluster networks. (kubelet)
    • Fixes the issue where upgrading lxcfs in Ubuntu 16 causes pods to exit. (kubelet)
    • Avoids scheduling Pods using CBS to external CHC nodes. (kube-scheduler)
    • Tencent Cloud CBS CSI migration is supported. (kube-controller-manager, kubelet)
    • Merges pr106906 to detect whether the subPath of the network storage volume has been deleted, thereby preventing Pods from being kept in **Terminating** status (kubelet).
    • Updates the launch method of running kube-proxy as an image, and automatically adapts to the iptables running mode of the node to support the operating system that uses the NF_TABLES mode to run iptables by default. (kube-proxy)
      •

      TKE Kubernetes 1.20.6 Revisions

      DateVersionUpdates
      2023-01-05 v1.20.6-tke.30
    • Incorporates PR104833, which optimizes the controller lock of API priority and fairness to a read/write lock. (kube-apiserver)
    • DaemonSet pods can be run on super nodes when necessary. (kube-controller-manager)
    • Incorporates PR102576, which stops using RemoveAll when a remaining Pod volume is deleted to avoid deleting data related to the volume. (kubelet)
    • Allows DaemonSet pods with specific annotations to be scheduled to super nodes. (kube-controller-manager)
    • Adds a switch for the local replica quantity policy for super nodes. (kube-scheduler)
    • Enhances the kube-apiserver priority and fairness features. (kube-apiserver)
        a. During rate limiting, consider the number of objects of the resource type requested by `list` requests. The higher the number of objects, the lower the concurrent QPS and the less resources occupied by APIServer, which effectively improves cluster stability and avoids crashes. If the service add-on sends a large number of `list` requests, the delay may increase after the upgrade, or APIServer may retry due to rate limiting.
        b. Supports rate limiting based on userAgent, supports token bucket rate limiting, and supports rate limiting and circuit breaking for add-ons of any type.
        c. Supports rate limiting for update requests related to watched objects to avoid generating too many update events at once.
    • Super nodes support static IPs. (kube-scheduler)
    • Adds switches to super node related features. (kube-scheduler)
    • Records the following metrics when list/watch too old, too large, and too many objects occur (kube-apiserver): watch_too_old_objects_events_total, list_too_large_objects_events_total, list_too_many_objects_events_total, watch_too_many_objects_events_total
    • Adds the watch cache capacity metric watch_cache_capacity. (kube-apiserver)
    • Uses ConfigMap Informer to optimize the scheduling performance of super nodes. (kube-scheduler)
    • Allows users to use the environment variable DEFAULT_LOWER_BOUND_CAPACITY to set the minimum value of the watch cache capacity. (kube-apiserver)
    • Adds the AllowLocalConnection switch. When the switch is enabled, local addresses can be accessed by external requests. (kubelet)
      		•
      2022-11-09 v1.20.6-tke.28
    • Optimizes the stability of cloud native nodes (kubelet).
    • Fixes the issue where kubelet exits unexpectedly during the in-place configuration adjustment of a native node (kubelet).
    • Optimizes the scheduling of the number of local replicas on super nodes.
      		•
      2022-10-13 v1.20.6-tke.27
    • Optimizes the scheduling policy for super node IP management (kube-scheduler).
    • Incorporates PR112299, which optimizes the apiserver Gzip compression level. (kube-apiserver)
    • Fixes CVE-2022-3172 (kube-apiserver).
    • Adds the `calling_webhook_timeout_error` metric (kube-apiserver).
    • Ignores the error in case of `TKEDefaultQuota` conflicts and increases the number of workers to fix the `resource quota evaluates timeout` error (kube-apiserver).
    • Optimizes the scheduling of the number of local replicas in Serverless clusters (kube-scheduler).
    • Cancels the forced scheduling of fixed EIPs to original super nodes (kube-scheduler).
    • Incorporates PR99324, which performs a reset immediately when the kube-controller-manager token becomes invalid. (kube-controller-manager)
    • Merges PR101155 to set multiple `ServiceAccount` token issuers (kube-apiserver).
    • Adds the `StatusDetaching` status for CBS disks (kube-controller-manager).
    • Increases the timeout period for resource update when static IPs are scheduled on super nodes, so as to avoid update failures during large-scale concurrency (kube-scheduler).
    • Supports DaemonSet for Serverless clusters (kube-apiserver).
      		•
      2022-09-07 v1.20.6-tke.24
    • Optimizes scheduler preemption to avoid a crash (kube-scheduler).
    • Optimizes the scheduling of super nodes. (kube-scheduler)
    • Supports in-place update of Pod resources (kube-apiserver, kubelet).
    • Allows kube-system pods to be scheduled to prepaid super nodes. (kube-scheduler)
    • Optimizes super node HPA (kube-controller-manager).
    • Merges PR110294, which fixes the issue where `Job activeDeadlineSeconds` doesn't take effect (kube-controller-manager).
    • Incorporates PR111773, which fixes the memory leakage during scheduler preemption. (kube-scheduler)
    • Merges PR97348, which fixes the issue where the number for scaling is incorrect when `StabilizationWindowSeconds` is set for HPA (kube-controller-manager).
    • Merges PR108831, which fixes the issue where creating multiple Pods at a time leads to kubelet panic (kubelet).
    • Fixes the issue where Pod creation fails when the Pod name/UID of CronJob is null (kube-controller-manager).
      		•
      2022-07-27 v1.20.6-tke.21
    • CBS supports native nodes. (kubelet)
    • Optimizes TKE Serverless virtual node HPA.
      		•
      2022-06-16 v1.20.6-tke.20
    • When using docker and overlay2, obtains disk usage through fs quota to improve performance. (kubelet)
    • Optimizes daemonset Pod scheduling performance. Only the assigned nodes are processed. (kube-scheduler)
    • Optimizes TKE Serverless scheduling (kube-scheduler).
    • EKS: You can mount the PVC after creating a Pod. (kube-scheduler)
    • The hugepages resource can be ignored through the feature switch when a Pod is scheduled to an TKE Serverless node. (kube-scheduler)
      		•
      2022-04-22v1.20.6-tke.17
    • EKS: The sandbox feature is retained. (kube-scheduler)
    • Merges pr101093, which fixed the issue where `startupProbe` is no longer be implemented after the Pod is restarted. (kubelet)
      • 2022-03-24v1.20.6-tke.16Fixed the issue where the inline csi and ephemeral generic ephemeral volumes are unavailable after upgrading to v1.20. (kube-apiserver, kube-controller-manager, kube-scheduler, kubelet, kubectl)
      2022-03-18v1.20.6-tke.15
    • Supports specifying a Pod when scaling in. (kube-controller-manager)
    • Merges pr106906, which detects whether the network storage volume subpath has been deleted, preventing the Pod from being in terminating status all the time. (kubelet)
    • The TKE Serverless super nodes are ignored when the anti-affinity scheduling is performed based on the hostname. (kube-scheduler)
    • Supports upgrading tke1.18 to 1.20. (kube-apiserver, kube-controller-manager, kubelet)
    • Ports pr108325, which fixed the problem where panic is caused by the deletion of the sandbox container when the kubelet is launched. (kubelet)
    • Supports Prebind and Unreserve operations for extender schedulers. (kube-scheduler)
      • 2022-01-20v1.20.6-tke.12
    • TKE Serverless rescheduling optimization: Lower the score for super nodes that have been drained in the same availability zone. (kube-scheduler)
    • The apiserver supports integration of ExternalName type external services. (kube-apiserver)
    • Supports binding the LB addresses to the IPVS ENIs. (kube-proxy)
      • 2021-12-09v1.20.6-tke.9
    • Optimizes TKE Serverless super node scheduling and HPA. (kube-controller-manager, kube-scheduler)
    • Fixes the inconsistency between TKE Serverless and frontend when calculating CPU resources. (kube-scheduler)
      • 2021-12-02v1.20.6-tke.8
    • Optimizes gRPC logs to avoid printing too many logs when kubelet collects volume status. (kubelet)
    • Avoids scheduling Pods using CBS to external CHC nodes. (kube-scheduler)
      • 2021-11-26v1.20.6-tke.7
    • Supports customized installation of other CNIs for added external hybrid cloud nodes. (kube-controller-manager)
    • Avoids unnecessary processing of updates after a Pod is assumed. (kube-scheduler)
    • Merges pr99336 to improve the node information sync mechanism upon kubelet startup. (kubelet)
      • 2021-10-13v1.20.6-tke.6Merges 89465, which fixes the issue where the HPA based on Pod metrics incorrectly calculates the number of instances during rolling updates. (kube-controller-manager)
      2021-09-27v1.20.6-tke.5Supports collection of disk usage metrics of Containerd runtime. (kubelet)
      2021-09-23v1.20.6-tke.4
    • Fixes the issue where there is no data in the stored metrics when using cgroup v2. (kubelet)
    • Fixes CVE-2021-25741 to block unauthorized access to server files over soft links. (kubelet)
      • 2021-07-19 v1.20.6-tke.3
    • When the TKE cluster adds nodes, it can perceive the remaining IPs in the subnet and schedule the right number of Pods to the super node at the time of batch scheduling of Pods. (kube-scheduler)
    • Ports the modifications made by upstream to kubelet and cAdvisor, and fixes the issue of metrics collection and statistics when using cgroupv2. (kubelet)
      • 2021-06-21 v1.20.6-tke.2CSIMigration and CSIMigrationQcloudCbs are enabled by default, and CBS disks are mounted by CSI.
      2021-05-25 v1.20.6-tke.1
    • Reverts pr63066, which fixes the issues of LB health check and IPVS. (kube-proxy)
    • Merges pr90260, which fixes the issue of lack of containerd cluster network monitoring. (kubelet)
    • Fixes the issue where upgrading lxcfs in Ubuntu 16 causes Pods to exit. (kubelet)
    • Merges pr72914, which fixes the issue where mounting might fail if you delete a pod, create a new one, and schedule it to the same node. (kube-controller-manager)
    • Fixes the issue where creating containers in CentOS results in cgroup leakage. (kubelet)
    • Merges pr98262, which allows you to use kube-controller-manager to dynamically adjust the log level. (kube-controller-manager)
    • Merges pr97752, which fixes the issue where NewReplicaSet is displayed as <none> when describing deployment. (kubectl)
    • Merges pr94833, which fixes the issue where the image tags in status do not match when Pod image has multiple tags. (kubelet)
    • Merges pr100060, which automatically deletes the volume directory left by orphaned Pod. (kubelet)
    • The kube-controller-manager supports super nodes. (kube-controller-manager)
    • The kube-scheduler supports retaining a fixed number of local replicas when TKE Serverless nodes are added on a hybrid cloud. (kube-scheduler)
    • CBS CSI migration is supported. (kube-controller-manager, kubelet)
    • Merges pr93260, which fixes the issue that the node startup becomes slowly caused by AWS Credential Provider. (kubelet)
    • Adds the command line parameter eks-config-namespace for the scheduler. This parameter specifies the namespace where scaling of TKE Serverless related configuration occurs. (kube-scheduler)
    • TKE supports hybrid cloud nodes. (kube-controller-manager)
      •

      TKE kubernetes 1.18.4 revisions

      DateVersionUpdates
      2023-01-05 v1.18.4-tke.34
    • DaemonSet pods can be run on super nodes when necessary. (kube-controller-manager)
    • Incorporates PR102576, which stops using RemoveAll when a remaining Pod volume is deleted to avoid deleting data related to the volume. (kubelet)
    • Allows users to reduce resource limits during in-place update. (kube-apiserver)
    • Fixes the issue where terminated containers are not deleted during log rotation. (kubelet)
    • Records the following metrics when list/watch too old, too large, and too many objects occur (kube-apiserver): watch_too_old_objects_events_total, list_too_large_objects_events_total, list_too_many_objects_events_total, watch_too_many_objects_events_total
      		•
      2022-11-09 v1.18.4-tke.33
    • Optimizes the scheduling of the number of local replicas on super nodes.
      		•
      2022-10-13 v1.18.4-tke.30
    • Incorporates PR112299, which optimizes the apiserver Gzip compression level. (kube-apiserver)
    • Fixes CVE-2022-3172 (kube-apiserver).
    • Adds the `calling_webhook_timeout_error` metric (kube-apiserver).
    • Ignores the error in case of `TKEDefaultQuota` conflicts and increases the number of workers to fix the `resource quota evaluates timeout` error (kube-apiserver).
    • Adds the `StatusDetaching` status for CBS disks (kube-controller-manager).
    • Supports DaemonSet for Serverless clusters (kube-apiserver).
      		•
      2022-09-07 v1.18.4-tke.28
    • Optimizes the list performance for large clusters (kube-apiserver).
    • Optimizes the scheduling of super nodes. (kube-scheduler)
    • Allows kube-system pods to be scheduled to prepaid super nodes. (kube-scheduler)
    • Optimizes super node HPA (kube-controller-manager).
    • Supports in-place update of Pod resources (kube-apiserver, kubelet).
    • Merges PR97348, which fixes the issue where the number for scaling is incorrect when `StabilizationWindowSeconds` is set for HPA (kube-controller-manager).
    • Merges PR108831, which fixes the issue where creating multiple Pods at a time leads to kubelet panic (kubelet).
      		•
      2022-07-27 v1.18.4-tke.26 CBS supports native nodes. (kubelet)
      2022-03-18v1.18.4-tke.23
    • Merges pr92878, which allows to print alarm information only when setting the ownership for ConfigMap/Secret volumes takes more than 30 seconds, avoiding excessive log information. (kubelet)
    • Merges pr106906, which detects whether the network storage volume subpath has been deleted, preventing the Pod from being in terminating status all the time. (kubelet)
    • The TKE Serverless super nodes are ignored when the anti-affinity scheduling is performed based on the hostname. (kube-scheduler)
    • Merges pr93026, which fixed the problem where DefaultPodTopologySpread cannot obtain replicaset information. (kube-scheduler)
      • 2022-01-20v1.18.4-tke.20
    • TKE Serverless rescheduling optimization: Lower the score for super nodes that have been drained in the same availability zone. (kube-scheduler)
    • The apiserver supports integration of ExternalName 556 type external services. (kube-apiserver)
    • Supports binding the LB addresses to the ipvs ENIs. (kube-proxy)
      • 2021-12-09v1.18.4-tke.17
    • Fixes the issue where kube-controller-manager's access to apiserver is restricted when there are a large number of volume attachment objects. (kube-controller-manager)
    • Merges PR95650, so that HPA ignores deleted Pods when counting replicas. (kube-controller-manager)
    • Fixes the inconsistency between TKE Serverless and frontend when calculating CPU resources. (kube-scheduler)
      • 2021-12-02v1.18.4-tke.16
    • Fixes the bug when scheduling to super nodes. (kube-scheduler)
    • Optimizes the super node scheduling algorithm. (kube-scheduler)
      • 2021-11-26v1.18.4-tke.15
      • Merges pr96444, so that if an error occurs during RBAC policy sync, the operation will be retried. (kube-apiserver)
      • Supports customized installation of other CNIs for added external hybrid cloud nodes. (kube-controller-manager)
      • Supports binding cores by group for Android containers in cloud games. (kubelet)
      • Supports extended scheduler Prebind and Unreserve operations. (kube-scheduler)
      • Merges pr99336 to improve the node information sync mechanism upon kubelet startup. (kubelet)
      • Fixes CVE-2021-25741 to block unauthorized access to server files over soft links. (kubelet)
      • Optimizes the error message when scheduling times out due to CBS disk creation failure. (kube-scheduler)
      • Optimizes gRPC logs to avoid printing too many logs when kubelet collects volume status. (kubelet)
      • Avoids scheduling Pods using CBS to external CHC nodes. (kube-scheduler)
      2021-08-23v1.18.4-tke.14
      • When the TKE cluster adds nodes, it supports static IP. (kube-scheduler)
      • When the TKE cluster adds nodes, if TKE Serverless static IP is matched, other pre-selected policies are skipped. (kube-scheduler)
      • When the TKE cluster adds nodes, TKE Serverless node resource awareness rescheduling is optimized for TKE Serverless node scheduling, and TKE Serverless node priority model scheduling and preference/pre-selection policy for TKE Serverless nodes are optimized. (kube-scheduler)
      • Records loaded IPVS kernel module to avoid kube-proxy crashes in IPVS mode. (kube-proxy)
      • Avoids panic when an error occurs at the time of writing into cpu manager status file. (kubelet)
      2021-07-22v1.18.4-tke.13Merges PR91859, which fixes the issue of kube-apiserver panic when the CRD type has only one letter. (kube-apiserver)
      2021-07-13v1.18.4-tke.12
      • When the TKE cluster adds nodes, it can perceive the remaining IPs in the subnet and schedule the right number of Pods to the super node at the time of batch scheduling of the Pods. (kube-scheduler)
      • Supports collection of disk usage metrics of Containerd runtime. (kubelet)
      • You can specify the Pod at the time of scaling in. (kube-controller-manager)
      2021-06-05 v1.18.4-tke.11 TKE supports hybrid cloud nodes. (kube-controller-manager)
      2021-05-14 v1.18.4-tke.9
      • Ports pr93370 to support CronJobControllerV2. (kube-controller-manager)
      • Merges pr100376 to enable HTTP/2 health check, which prevents the issue that the underlying layer connection is closed but can still be used incorrectly. (kube-apiserver, kube-controller-manager, kube-scheduler, kubelet, kube-proxy, kubectl)
      • Merges pr100317, which fixes the issue where CVE-2021-25735 node updates might bypass the Validating Admission Webhook. (kube-apiserver)
      • When TKE cluster adds nodes, ComputeResource, TKE Serverless ClusterIP, and HPA are supported. (kube-controller-manager, kube-scheduler)
      2021-04-02 v1.18.4-tke.8
      • Merges pr97752, which fixes the issue where NewReplicaSet is displayed as <none> when describing deployment (kubectl).
      • Merges pr93808, which fixes the issue where unnecessary information is returned when kube-scheduler --version is executed. (kube-scheduler)
      • Merges pr91590, which fixes the issue of warning that the port has been allocated when using the multiprotocol service of NodePort type (kube-apiserver).
      • Merges pr98262, which allows you to use kube-controller-manager to dynamically adjust the log level. (kube-controller-manager)
      • Merges pr95154, which fixes the issue where kube-scheduler snapshot contains the nodes being deleted. (kube-scheduler)
      • Merges pr95711, which fixes the issue where kubectl drain command occupies too much CPU. (kubectl)
      • Merges pr96602, which fixes the issue where apiserver memory leaks before or after the time gaps. (kube-apiserver)
      • Merges pr97023, which deletes the related metadata directory when unmounting an emptyDir type volume (kubelet).
      • Merges pr97527, which fixes the issue where map access operations are not synchronized in cpumanager (kubelet).
      • Merges pr100190, which automatically deletes the volume directory left by orphaned Pod (kubelet).
      • Merges pr92614, when all containers of the Pod whose restart policy is RestartPolicyOnFailure exit successfully, no new sandbox will be created (kubelet).
      • Merges pr94833, which fixes the issue where the image tag does not match in status when Pod image has multiple tags (kubelet).
      2020-12-28 v1.18.4-tke.6 (ARM clusters are supported starting from this version)
      • Adds metrics to QcloudCbs. (kube-controller-manager)
      • Fixes the issue where extra space exists in the value of serial when mounting CBS disk. (Kubelet)
      2020-12-21 v1.18.4-tke.5
      • Merges pr94712, which fixes CVE-2020-8564 - fixes the issue when the file format is incorrect and logLevel >= 4, Docker configuration leaks. (kubelet)
      • Merges pr95316, which fixes CVE-2020-8565 - fixes the issue where incomplete fix for CVE-2019-11250 resulting in log token leak. (logLevel >= 9) (kube-apiserver, kubectl)
      • Merges pr95245, which fixes CVE-2020-8566 - fixes the issue where Ceph RBD adminSecrets is exposed in the log when loglevel >= 4. (kube-controller-manager)
      • Fixes the issue where restarting kubelet causes failure of Pod readiness check. (kubelet)
      • Merges pr90825, which fixes the issue where the pop operation of the fifo queue in client-go might be stuck due to race condition, which causes the pod to remain in the pending state. (kubelet)
      • The scheduler supports super nodes. (kube-scheduler)
      • The kube-controller-manager supports super nodes. (kube-controller-manager)
      • Sets the instance-type label based on the actual model of the node, instead of being fixed as QCLOUD. (kubelet)
      • Adds the CBS to OpenAPI. (kube-apiserver)
      • Merges pr91126, which fixes the issue where the scheduler cache is inconsistent when Pod has the same name but different UID. (kube-scheduler)
      • Merges pr93387, which fixes the issue where the daemonset pod can not be scheduled to nodes due to the disorder of node cache information in the scheduler. (kube-scheduler)
      • Merges pr89465, which fixes the issue where the HPA based on Pod metrics incorrectly calculates the number of instances during rolling updates. (kube-controller-manager)
      2020-10-13 v1.18.4-tke.3
      • Merges pr89629, which fixes the issue where the container that mounts the subpath would fail to restart after the configmap is changed. (kubelet)
      • QcloudCbs supports BulkVolumeVerification. (kube-controller-manager)
      • Merges pr94430, which fixes the issue where the client-go reflector could not detect the "Too large resource version" error (kubelet).
      2020-08-12 v1.18.4-tke.2
      • Merges pr93403, which removes the printed error information of pod condition irrelevant to the kubelet during kubelet update. (kubelet)
      2020-08-04 v1.18.4-tke.1
      • Reverts pr63066, which fixes the issues of LB health check and IPVS. (kube-proxy)
      • Merges pr72914, which fixes the issue where mounting might fail if you delete a pod, create a new one, and schedule it to the same node. (kube-controller-manager)
      • Fixes the issue where creating containers in CentOS results in cgroup leakage. (kubelet)
      • Fixes the issue where upgrading lxcfs in Ubuntu 16 causes pods to exit. (kubelet)
      • metadata adds cache and timeout. cloud-provider now supports using node name as hostname. (kubelet)
      • metadata adds local cache. (kubelet)
      • Incorporates CBS and relevant fixing code. (kubelet)
      • Merges pr90260, which fixes the issue of missing monitoring records for containerd cluster networks. (kubelet)
      • TKE can perceive the maximum number of qcloudcbs that can be mounted to a single node. In 1.12 and later versions, the value is maxAttachCount-2. In version 1.10, the value is 18 by default. (kube-scheduler)
      • Fixes the issue where CBS intree continues to unmount a non-existent disk, causing numerous invalid requests. (kubelet)
      • Merges pr2359, which fixes the issue with missing monitoring records when the system is unable to obtain docker root. (kubelet)
      • kube-scheduler now supports dynamic logging level configuration. (kube-scheduler)
      • Produces a workaround for the missing CBS device path (/dev/disk/by-id/virtio-xxx/...) issue that prevents some users from accessing CBS properly. (kubelet)
      • TKE can perceive the maximum number of qcloudcbs that can be mounted to a single node. The kubelet side will not patch node. (kubelet)
      • Merges pr89296, so that the log will not record whether the iptables random-fully parameter is enabled. (kube-proxy)
      • Fixes the aws issue, pr92162. (kubelet)
      • Merges pr91277, which prevents the issue of large numbers of TLS handshake error logs generated by kube-apiserver as a result of CLB health checks. (kube-apiserver)
      • Merges pr91500, which fixes the issue of missing environmental variables of KUBERNETES_SERVICE_HOST. (kubelet)
      • Merges 92537, which fixes the issue where client-go reflector could not recover from the error "Too large resource version". (kube-apiserver, kube-controller-manager, kube-scheduler, kubelet, and kube-proxy)
      • Merges pr92969, which fixes the issue where CVE-2020-8559 privilege escalation from an invaded node results in invasion into other nodes. (kube-apiserver)
      • Merges pr92921, which fixes the DOS attack issue where CVE-2020-8557 exhausts the disk space by writing into “/etc/hosts”. (kubelet)

      (Discontinued) TKE Kubernetes 1.16.3 revisions

      DateVersionUpdates
      2022-10-13 v1.16.3-tke.32
    • Incorporates PR112299, which optimizes the apiserver Gzip compression level. (kube-apiserver)
    • Fixes CVE-2022-3172 (kube-apiserver).
    • Adds the `calling_webhook_timeout_error` metric (kube-apiserver).
    • Ignores the error in case of `TKEDefaultQuota` conflicts and increases the number of workers to fix the `resource quota evaluates timeout` error (kube-apiserver).
    • CPU Manager first clears terminated containers when handling Pods to avoid CPU allocation failure (kubelet).
    • Adds the `StatusDetaching` status for CBS disks (kube-controller-manager).
    • Supports DaemonSet for Serverless clusters (kube-apiserver).
    • Supports in-place update of Pod resources (kube-apiserver, kubelet).
      		•
      2022-07-27 v1.16.3-tke.28
    • TKE Serverless virtual nodes are ignored when anti-affinity scheduling is performed based on hostname. (kube-scheduler)
    • TKE Serverless: The sandbox feature is retained. (kube-scheduler)
    • CBS supports native nodes. (kubelet)
      		•
      2022-03-18v1.16.3-tke.27
    • Supports specifying a Pod when scaling in. (kube-controller-manager)
    • Optimization of super node scheduling algorithm. (kube-scheduler)
      • 2022-01-20v1.16.3-tke.25
    • Supports binding the LB addresses to the ipvs ENIs. (kube-proxy)
    • The apiserver supports integration of ExternalName type external services. (kube-apiserver)
    • Optimization of TKE Serverless scheduling. (kube-scheduler)
      • 2021-12-09v1.16.3-tke.24Fixes the issue where the TKE Serverless local replica quantity policy fails on StatefulSet Pods. (kube-scheduler)
      2021-12-02v1.16.3-tke.23
    • Supports extended scheduler Prebind and Unreserve operations. (kube-scheduler)
    • Avoids scheduling Pods using CBS to external CHC nodes. (kube-scheduler)
    • Fixes the bug when scheduling to super nodes. (kube-scheduler)
      • 2021-09-03v1.16.3-tke.22Avoids panic when an error occurs at the time of writing into cpu manager status file. (kubelet)
      2021-08-17v1.16.3-tke.21
      • Optimizes TKE Serverless node scheduling: optimizes TKE Serverless node resource awareness rescheduling, optimizes TKE Serverless node priority model scheduling, and optimizes preference/pre-selection policy for TKE Serverless nodes. (kube-scheduler)
      • Ports 87692, which fixes the issue that there is no data for scheduler’s pending_pods and schedule_attempts_total metrics. (kube-scheduler)
      2021-07-19v1.16.3-tke.20
      • Ports 87688 and 87693, which optimizes Node Authorizer performance. (kube-apiserver)
      • When the TKE cluster adds nodes, it can perceive the remaining IPs in the subnet and schedule the right number of Pods to the super node at the time of batch scheduling of Pods. (kube-scheduler)
      • Merges pr88507, which fixes the issue that the podIP and podIPs are inconsistent when updating the Pod status. (kube-apiserver)
      2021-05-24 v1.16.3-tke.17
      • Ports pr93370 to support CronJobControllerV2. (kube-controller-manager)
      • When the TKE cluster adds nodes, the local replicas can be retained. (kube-scheduler)
      2021-05-06 v1.16.3-tke.16
      • Updates the launch method of running kube-proxy as an image, and automatically adapts to the iptables running mode of the node to support the operating system that uses the NF_TABLES mode to run iptables by default.
      2021-04-14 v1.16.3-tke.15
      • Merges pr97752, which fixes the issue where NewReplicaSet is displayed as <none> when describing deployment (kubectl).
      • Merges pr92614, when all containers of the Pod whose restart policy is RestartPolicyOnFailure exit successfully, no new sandbox will be created. (kubelet)
      • Merges pr91590, which fixes the issue of warning that the port has been allocated when using the multiprotocol service of NodePort type (kube-apiserver).
      • Merges pr98262, which allows you to use kube-controller-manager to dynamically adjust the log level. (kube-controller-manager)
      • Merges pr95301, which automatically deletes the volume directory left by orphaned Pod. (kubelet)
      2020-12-28 v1.16.3-tke.14
      • Adds metrics to QcloudCbs. (kube-controller-manager)
      • Fixes the issue where extra space exists in the value of serial when mounting CBS disk. (Kubelet)
      2020-12-21 v1.16.3-tke.13
      • Merges pr94712, which fixes CVE-2020-8564 - fixes the issue when the file format is incorrect and logLevel >= 4, Docker configuration leaks. (kubelet)
      • Merges pr95316, which fixes CVE-2020-8565 - fixes the issue where incomplete fix for CVE-2019-11250 resulting in log token leak (logLevel >= 9). (kube-apiserver, kubectl)
      • Merges pr95245, which fixes CVE-2020-8566 - fixes the issue where Ceph RBD adminSecrets is exposed in the log when loglevel >= 4. (kube-controller-manager)
      • Merges pr86191, which fixes the issue where Pod might be in the wrong state when the node is restarted. (kubelet)
      • Merges pr86140, which fixes the issue where the Controller Manager does not handle the timeout error correctly, so that the expanded Pod could not be created. (kube-controller-manager)
      • Merges pr90825, which fixes the issue where the pop operation of the fifo queue in client-go might be stuck due to race condition, which causes the Pod to remain in the pending state. (kubelet)
      • The scheduler supports super nodes. (kube-scheduler)
      • The kube-controller-manager supports super nodes. (kube-controller-manager)
      • Sets the instance-type label based on the actual model of the node, instead of being fixed as QCLOUD. (kubelet)
      • Adds the CBS to OpenAPI. (kube-apiserver)
      • Merges pr81344, which fixes the issue where the CPU Manager does not support SourcesReady. (kubelet)
      • Merges pr91126, which fixes the issue where the scheduler cache is inconsistent when Pod has the same name but different UID. (kube-scheduler)
      • Merges pr89224, which fixes the issue where kube-scheduler restarts abnormally because NodeInfo is not checked. (kube-scheduler)
      • Merges pr89465, which fixes the issue where the HPA based on Pod metrics incorrectly calculates the number of instances during rolling updates. (kube-controller-manager)
      2020-10-13 v1.16.3-tke.11
      • Merges pr92971, which fixes the issue where CVE-2020-8559 privilege escalation from an invaded node results in invasion into other nodes. (kube-apiserver)
      • Merges pr92924, which fixes the DOS attack issue where CVE-2020-8557 exhausts the disk space by writing into /etc/hosts. (kubelet)
      • Merges pr93403, which removes the printed error information of pod condition irrelevant to the kubelet during kubelet update. (kubelet)
      • Merges pr89629, which fixes the issue where the container that mounts the subpath would fail to restart after the configmap is changed. (kubelet)
      • QcloudCbs supports BulkVolumeVerification. (kube-controller-manager)
      • Merges pr84998, which resolves the issue where the corresponding node lease object might be rebuilt after the node is deleted, and causes junk data. (kubelet)
      2020-07-28 v1.16.3-tke.10
      • Incorporates pr91277, which prevents the issue of large numbers of TLS handshake error logs generated by kube-apiserver as a result of CLB health checks. (kube-apiserver)
      • Incorporates pr91500, which fixes the issue of missing environmental variables of KUBERNETES_SERVICE_HOST. (kubelet)
      2020-06-17 v1.16.3-tke.9 Temporarily fixes the AWS issuepr92162. AWS Credential Provider is no longer registered to prevent this issue from causing slow node launches.
      2020-06-11 v1.16.3-tke.8 Merges pr85993, which allows you to use CNI results to set kubenet gateway addresses.
      2020-06-10 v1.16.3-tke.7
      • Merges pr90260, which fixes the issue of missing monitoring records for containerd cluster networks.
      • Merges pr89515, which fixes the issue where HPA miscalculates the number of pods during rolling updates.
      • Merges pr91252, which ignores Pod Condition updates generated by other components to avoid unnecessary scheduling.
      • Merges pr89794, which clears kube-controller-manager error logs to avoid CVE-2020-8555 Half-Blind SSRF attacks.
      2020-05-18 v1.16.3-tke.6 TKE can perceive the maximum number of qcloudcbs that can be mounted to a single node. The max value cannot be dynamically obtained.
      2020-04-20 v1.16.3-tke.5 Merges pr69047, which fixes the node.Spec.Unschedulable backward compatibility issue. (This fix is overwritten when the in-tree cbs code is incorporated).
      2020-04-14 v1.16.3-tke.4
      • Merges pr87913, which fixes the CVE-2020-8551: Kubelet DoS attack issue.
      • Merges pr87669, which fixes the CVE-2020-8552: apiserver DoS attack issue.
      • TKE can perceive the maximum number of qcloudcbs that can be mounted to a single node. (In 1.12 and later versions, the value is maxAttachCount-2. In version 1.10, the value is 18 by default).
      • Merges pr87467, which fixes the issue of excessive CPU consumption by kubectl in parsing YAML files when an authorized user sends a malicious YAML file.
      2020-03-11 v1.16.3-tke.3
      • Fixes the issue where CBS intree continues to unmount a non-existent disk, which causes a large number of invalid requests.
      • Adds a local metadata cache.
      2020-02-14 v1.16.3-tke.2
      • Merges pr2359, which fixes the issue of missing monitoring records when the system is unable to obtain docker root.
      • Merges pr86583, which increases the logging level to reduce the amount of logs caused by the lack of support for random-fully in earlier versions of iptables.
      • kube-scheduler now supports dynamic logging level configuration.
      • Produces a workaround for the missing CBS device path (/dev/disk/by-id/virtio-xxx/...) issue that prevents some users from accessing CBS properly.
      • Merges pr86230, which skips assumed pod updates when pods are scheduled.
      2020-01-06 v1.16.3-tke.1
      • Incorporates pr79036, which fixes the issue where upon being opened, the CPU Manager disables the CPU quota if the QoS setting of a pod is Guaranteed.
      • Incorporates pr84167, which fixes the issue where an incorrect Etcd key prefix causes an apiserver health check failure.
      • Reverts pr63066, which fixes the CLB health check and IPVS issues.
      • Incorporates pr72914, which fixes the issue where mounting may fail if you delete a pod, create a new one, and schedule it to the same node.
      • Fixes the issue where creating containers in CentOS results in cgroup leakage.
      • Fixes the issue where upgrading lxcfs in Ubuntu 16 causes pods to exit.
      • Adds metadata cache and timeout. cloud-provider now supports using node names as hostnames.
      • Reverts pr79036, which fixes the issue where upon being opened, the CPU Manager disables the CPU quota if the QoS setting of a pod is Guaranteed.
      • Produces a workaround for the missing CBS device path (/dev/disk/by-id/virtio-xxx/...) issue that prevents some users from accessing CBS properly.

      (Discontinued) TKE Kubernetes 1.14.3 revisions

      DateVersionUpdates
      2022-04-13v1.14.3-tke.27Merges pr78428, which avoids writing a warning message when exporting the iptables rule, causing kube-proxy panic at the time of recovery. (kube-proxy)
      2022-03-18v1.14.3-tke.26
    • Supports specifying a Pod when scaling in. (kube-controller-manager)
    • Optimization of super node scheduling algorithm. (kube-scheduler)
    • Merges pr80851, which fixed CVE-2019-11247, avoiding the unauthorized access of CRD resources. (kube-apiserver)
      • 2022-01-20v1.14.3-tke.24
    • Supports binding the LB addresses to the ipvs ENIs. (kube-proxy)
    • The apiserver supports integration of ExternalName type external services. (kube-apiserver)
    • Optimization of TKE Serverless scheduling. (kube-scheduler)
      • 2021-12-02v1.14.3-tke.23
    • When the TKE cluster adds nodes, it can perceive the remaining IPs in the subnet and schedule the right number of Pods to the super node at the time of batch scheduling of the Pods. (kube-scheduler)
    • Optimizes TKE Serverless node scheduling: optimizes TKE Serverless node resource awareness rescheduling, optimizes TKE Serverless node priority model scheduling, and optimizes preference/pre-selection policy for TKE Serverless nodes. (kube-scheduler)
    • Supports extended scheduler Prebind and Unreserve operations. (kube-scheduler)
    • Avoids scheduling Pods using CBS to external CHC nodes. (kube-scheduler)
    • Fixes the bug when scheduling to super nodes. (kube-scheduler)
      • 2021-05-06 v1.14.3-tke.22 Updates the launch method of running kube-proxy as an image, and automatically adapts to the iptables running mode of the node to support the operating system that uses the NF_TABLES mode to run iptables by default.
      2021-04-14 v1.14.3-tke.21
      • Merges pr97752, which fixes the issue where NewReplicaSet is displayed as <none> when describing deployment (kubectl).
      • Merges pr78999, which fixes the issue of judging the case of the protocol during graceful close (kube-proxy).
      • Merges pr91590, which fixes the issue of warning that the port has been allocated when using the multiprotocol service of NodePort type (kube-apiserver).
      • Merges pr98262, which allows you to use kube-controller-manager to dynamically adjust the log level. (kube-controller-manager)
      • Merges pr95301, which automatically deletes the volume directory left by orphaned Pod. (kubelet)
      2020-12-28 v1.14.3-tke.19
      • Adds metrics to QcloudCbs. (kube-controller-manager)
      • Fixes the issue where extra space exists in the value of serial when mounting CBS disk. (Kubelet)
      2020-12-21 v1.14.3-tke.18
      • Merges pr94712, which fixes CVE-2020-8564 - fixes the issue when the file format is incorrect and logLevel >= 4, Docker configuration leaks. (kubelet)
      • Merges pr95316, which fixes CVE-2020-8565 - fixes the issue where incomplete fix for CVE-2019-11250 resulting in log token leak (logLevel >= 9). (kube-apiserver, kubectl)
      • Merges pr95245, which fixes CVE-2020-8566 - fixes the issue where Ceph RBD adminSecrets is exposed in the log when loglevel >= 4. (kube-controller-manager)
      • Merges pr86140, which fixes the issue where the Controller Manager does not handle the timeout error correctly, so that the expanded Pod could not be created. (kube-controller-manager)
      • The scheduler supports super nodes. (kube-scheduler)
      • The kube-controller-manager supports super nodes. (kube-controller-manager)
      • Sets the instance-type label based on the actual model of the node, instead of being fixed as QCLOUD. (kubelet)
      • Merges pr79338, when both SupportPodPidsLimit and SupportNodePidsLimit are not enabled, the pids cgroup subsystem will not be enabled. (kubelet)
      • Merges pr89224, which fixes the issue where kube-scheduler restarts abnormally because NodeInfo is not checked. (kube-scheduler)
      • Merges pr89465, which fixes the issue where the HPA based on Pod metrics incorrectly calculates the number of instances during rolling updates. (kube-controller-manager)
      2020-10-13 v1.14.3-tke.17
      • Merges pr74781, which changes the default update strategy of ConfigMap and Secret from Cache to Watch. (kubelet)
      • Merges pr93403, which removes the printed error information of pod condition irrelevant to the kubelet during kubelet update. (kubelet)
      • Merges pr89629, which fixes the issue where the container that mounts the subpath would fail to restart after the configmap is changed. (kubelet)
      • Merges pr80942, which fixes the issue where rules are not deleted after the service is deleted in ipvs mode. (kube-proxy)
      • QcloudCbs supports BulkVolumeVerification. (kube-controller-manager)
      2020-08-04 v1.14.3-tke.16 Merges pr78883, which fixes the bug where the default value for pod.spec.container.SecurityContext.ProcMount is added by default.
      2020-07-28 v1.14.3-tke.15
      • Incorporates pr76518 and pr82514, which limits the return size of http and exec probe to prevent occupation of large amounts of node memory. (kubelet)
      • Incorporates pr91277, which prevents the issue of large numbers of TLS handshake error logs generated by kube-apiserver as a result of CLB health checks. (kube-apiserver)
      • Incorporates pr91500, which fixes the issue of missing environmental variables of KUBERNETES_SERVICE_HOST. (kubelet)
      • Incorporates pr77475, which fixes the issue of Cronjob scheduling failure when the number of jobs exceeds 500. (kube-controller-manager)
      2020-06-10 v1.14.3-tke.14
      • Merges pr85027, which fixes the issue where HPA miscalculates of the number of pods during rolling updates.
      • Merges pr79708, which uses spec.replicas to calculate the current number of replicas of HPA.
      • Merges pr91252, which ignores Pod Condition updates generated by other components to avoid unnecessary scheduling.
      • Merges pr89794, which clears kube-controller-manager error logs to avoid CVE-2020-8555 Half-Blind SSRF attacks.
      2020-06-04 v1.14.3-tke.13
      • Merges pr90260, which fixes the issue of missing monitoring records for containerd cluster networks.
      • Merges pr79451, which fixes the issue where if restartPolicy is set to Never, kubelet does not try to create SandBox again after the first attempt fails.
      2020-05-18 v1.14.3-tke.12 TKE can perceive the maximum number of qcloudcbs that can be mounted to a single node. The max value cannot be dynamically obtained.
      2020-04-14 v1.14.3-tke.11
      • Merges pr75442, which changes the bandwidth unit from Kb to b.
      • Merges pr87669, which fixes the CVE-2020-8552: apiserver DoS attack issue.
      • TKE can perceive the maximum number of qcloudcbs that can be mounted to a single node. (In 1.12 and later versions, the value is maxAttachCount-2. In version 1.10, the value is 18 by default).
      2020-04-14 v1.14.3-tke.10 Fixes the issue where CBS intree continues to unmount a non-existent disk, which causes a large number of invalid requests.
      2020-01-13 v1.14.3-tke.9
      • Merges pr2359, which fixes the issue of missing monitoring records when the system is unable to obtain docker root.
      • Merges pr86583, which increases the logging level to reduce the amount of logs caused by the lack of support for random-fully in earlier versions of iptables.
      • kube-scheduler now supports dynamic logging level configuration.
      • Produces a workaround for the missing CBS device path (/dev/disk/by-id/virtio-xxx/...) issue that prevents some users from accessing CBS properly.
      • Merges pr86230, which skips assumed pod updates when pods are scheduled.
      2019-12-23 v1.14.3-tke.8 Reverts pr79036, which fixes an issue where upon being opened, the CPU Manager disables the CPU quota if the QoS setting of a pod is Guaranteed.
      2019-12-17 v1.14.3-tke.7
      • Adds metadata cache and timeout.
      • Fixes the issue where upgrading lxcfs in Ubuntu 16 causes pods to exit.
      • Avoids the readiness state of “pod not ready” when kubelet is restarted.
      2019-11-28 v1.14.3-tke.6 cloud-provider supports using node names as hostnames.
      2019-11-18 v1.14.3-tke.5
      • Merges pr83435, which fixes an issue that allows DoS attacks that use malicious YAML or JSON files to exhaust kube-apiserver CPU or memory resources, resulting in a loss of service.
      • Merges pr84167, which fixes an issue where an incorrect ETCD prefix causes apiserver health checks to fail.
      • Merges pr75622, which fixes an issue where, when there is a high sts (>2000) workload in a cluster, it takes too long to sync sts changes to pod (about 20s).
      2019-10-23 v1.14.3-tke.4 Merges pr79036, which fixes an issue where upon being opened, the CPU Manager disables the CPU quota if the QoS setting of a pod is Guaranteed.
      2019-09-10 v1.14.3-tke.3 Incorporates pr63066, which fixes the issue where CLB health checks fails in IPVS mode.
      2019-09-06 v1.14.3-tke.2
      • Fixes the cve-2019-9512&cve-2019-9514 HTTP/2 DDoS security issue.
      • Merges pr72914, which fixes an issue where deleting a Pod and then creating a new one and scheduling it to the same node could cause mounting a volume to fail.
      • Resolves the issue where creating containers in CentOS results in cgroup leakage.

      (Discontinued) TKE Kubernetes 1.12.4 revisions

      DateVersionUpdates
      2022-04-13v1.12.4-tke.31Merges pr78428, which avoids writing a warning message when exporting the iptables rule, causing kube-proxy panic at the time of recovery. (kube-proxy)
      2022-01-20v1.12.4-tke.30 The LB address can be bound to the ipvs ENI. (kube-proxy)
      2021-05-06 v1.12.4-tke.28 Updates the launch method of running kube-proxy as an image, and automatically adapts to the iptables running mode of the node to support the operating system that uses the NF_TABLES mode to run iptables by default.
      2020-12-28 v1.12.4-tke.27
      • Adds metrics to QcloudCbs. (kube-controller-manager)
      • Fixes the issue where extra space exists in the value of serial when mounting CBS disk. (Kubelet)
      2020-12-15 v1.12.4-tke.26 QcloudCbs supports BulkVolumeVerification. (kube-controller-manager)
      2020-11-17 v1.12.4-tke.25 Merges pr79495, which fixes the issue where the webhook call fails when there are multiple versions of CRD. (kube-apiserver)
      2020-10-13 v1.12.4-tke.24 Merges pr93403, which removes the printed error information of pod condition irrelevant to the kubelet during kubelet update. (kubelet)
      2020-08-04 v1.12.4-tke.23 Merges pr78881, which fixes the bug where the default value for pod.spec.container.SecurityContext.ProcMount is added by default.
      2020-07-28 v1.12.4-tke.22
      • Incorporates pr91277, which prevents the issue of large numbers of TLS handshake error logs generated by kube-apiserver as a result of CLB health checks. (kube-apiserver)
      • Incorporates pr91500, which fixes the issue of missing environmental variables of KUBERNETES_SERVICE_HOST. (kubelet)
      2020-06-10 v1.12.4-tke.21
      • Merges pr73915, which prevents the watcher from receiving events before the watch is started.
      • Merges pr91252, which ignores Pod Condition updates generated by other components to avoid unnecessary scheduling.
      • Merges pr73915, which clears kube-controller-manager error logs to avoid CVE-2020-8555 Half-Blind SSRF attacks.
      2020-06-04 v1.12.4-tke.20
      • Merges pr90260, which fixes the issue of missing monitoring records for containerd cluster networks.
      • Merges pr79451, which fixes the issue where if restartPolicy is set to Never, kubelet does not try to create SandBox again after the first attempt fails.
      2020-05-18 v1.12.4-tke.19
      • Merges pr77802, which disables graceful termination for UDP traffic.
      • Merges pr68741, which fixes the issue of when the soft link /var/lib/kubelet and subpath are used, the host fails to unmount after pod deletion, resulting in mount target leakage and the pod being stuck in terminating.
      • TKE can perceive the maximum number of qcloudcbs that can be mounted to a single node. The max value cannot be dynamically obtained.
      2020-04-14 v1.12.4-tke.18
      • Merges pr73401, pr73606, and pr76060, which deletes DaemonSet pods allocated to non-existent nodes.
      • Merges pr68619, which fixes the CPU Manager dirty data issue.
      • Merges pr87669, which fixes the CVE-2020-8552: apiserver DoS attack issue.
      • TKE can perceive the maximum number of qcloudcbs that can be mounted to a single node. (In 1.12 and later versions, the value is maxAttachCount-2. In version 1.10, the value is 18 by default).
      2020-02-14 v1.12.4-tke.17
      • Upgrades the CBS V2 interface to V3.
      • Fixes the issue where CBS intree continues to unmount a non-existent disk, which causes a large number of invalid requests.
      2020-01-13 v1.12.4-tke.16
      • Merges pr2359 , which fixes the issue of missing monitoring records when docker root fails to be obtained.
      • Merges pr86583 , which increases the logging level to prevent excessive logs from being generated when iptables does not support random-fully.
      • kube-scheduler supports dynamic logging level configuration.
      • Produces a workaround for the missing CBS device path (/dev/disk/by-id/virtio-xxx/...) issue that prevents some users from accessing CBS properly.
      • Merges pr86230, which skips assumed pod updates when pods are scheduled.
      2019-12-23 v1.12.4-tke.15 Reverts pr79036, which fixes an issue where upon being opened, the CPU Manager disables the CPU quota if the QoS setting of a pod is Guaranteed.
      2019-12-17 v1.12.4-tke.14
      • Adds metadata cache and timeout.
      • Fixes the issue where upgrading lxcfs in Ubuntu 16 causes pods to exit.
      • Avoids the readiness state of “pod not ready” when kubelet is restarted.
      2019-11-28 v1.12.4-tke.13 cloud-provider supports using node names as hostnames.
      2019-11-18 v1.12.4-tke.12 Merges pr75622, which fixes an issue where, when there is a high sts (>2000) workload, it takes too long to sync sts changes to pod (about 20s).
      2019-10-23 v1.12.4-tke.11
      • Merges pr79036, which fixes an issue where upon being opened, the CPU Manager disables the CPU quota if the QoS setting of a pod is Guaranteed.
      • Merges pr72868, which adds a new parameter--metrics-port to kube-proxy and addresses the issue where --metrics-bind-address does not recognize port numbers.
      2019-09-06 v1.12.4-tke.10
      • Fixes the cve-2019-9512&cve-2019-9514 HTTP/2 DDoS security issue.
      • Merges pr72914, which fixes an issue where deleting a Pod and then creating a new one and scheduling it to the same node could cause mounting a volume to fail.
      • Merges pr71834, which fixes an issue with IPVS load balancing where, if sessionAffinity is set to ClientIP, traffic is routed to an invalid real server.
      2019-08-09 v1.12.4-tke.9 Fixes the issue where creating containers in CentOS results in cgroup leakage.
      August 8, 2019 v1.12.4-tke.8 Incorporates pr72118, which fixes the issue where mounting fails if a CBS StatefulSet is rescheduled to the same node.
      2019-07-17 v1.12.4-tke.7 Merges pr75037, which fixes a security issue affecting the cp command in kubectl.
      2019-07-16 v1.12.4-tke.6 Fixed the compatibility issue between the TLinux kernel and IPVS and fixed the CLB health check failures in IPVS mode.
      2019-07-09 v1.12.4-tke.5 Incorporates pr72361, which fixes the kube-proxy deadlock issue.
      2019-06-25 v1.12.4-tke.4 Fixes the compatibility issue between the TLinux kernel and IPVS.
      2019-06-17 v1.12.4-tke.3 Merges pr71114, which fixes an IPVS throughput issue.
      2019-06-04 v1.12.4-tke.2
      • Merges pr74755, which fixes a hang/timeout issue when running large numbers of pods with unique configmap/secret references.
      • Merges pr69047, which fixes a backward compatibility issue with node.Spec.Unschedulable.

      (Discontinued) TKE Kubernetes 1.10.5 revisions

      DateVersionUpdates
      2021-05-06 v1.10.5-tke.20 Updates the launch method of running kube-proxy as an image, and automatically adapts to the iptables running mode of the node to support the operating system that uses the NF_TABLES mode to run iptables by default.
      2020-06-10 v1.10.5-tke.19
      • Merges pr90260, which fixes the issue of missing monitoring records for containerd cluster networks.
      • Merges pr91252, which ignores Pod Condition updates generated by other components to avoid unnecessary scheduling.
      • Merges pr89794, which clears kube-controller-manager error logs to avoid CVE-2020-8555 Half-Blind SSRF attacks.
      2020-05-18 v1.12.4-tke.19 Merges pr61549, which adds volumeSpec data for mountedPods cache and fixes the issue of deletion failure when multiple pods use the same volume.
      2020-04-29 v1.10.5-tke.17 Mergespr75622, which fixes the issue where, when a large number (>2000) of sts workloads exist in a cluster, it takes too long (about 20s) to synchronize sts changes to a Pod.
      2020-04-14 v1.10.5-tke.16
      • Merges pr68619, which fixes the CPU Manager dirty data issue.
      • Merges pr87669, which fixes the CVE-2020-8552: apiserver DoS attack issue.
      • TKE can perceive the maximum number of qcloudcbs that can be mounted to a single node. (In 1.12 and later versions, the value is maxAttachCount-2. In version 1.10, the value is 18 by default).
      2020-02-14 v1.10.5-tke.15
      • Upgrades the CBS V2 interface to V3.
      • Fixes the issue where CBS intree continues to unmount a non-existent disk, which causes a large number of invalid requests.
      2020-01-13 v1.10.5-tke.14
      • Merges pr2359, which fixes the issue of missing monitoring records when docker root fails to be obtained.
      • Merges pr86583, which increases the logging level to prevent excessive logs from being generated when iptables does not support random-fully.
      • kube-scheduler supports dynamic logging level configuration.
      • Produces a workaround for the missing CBS device path (/dev/disk/by-id/virtio-xxx/...) issue that prevents some users from accessing CBS properly.
      • Merges pr86230, which skips assumed pod updates when pods are scheduled.
      2019-12-23 v1.10.5-tke.13 Reverts pr79036, which fixes an issue where upon being opened, the CPU Manager disables the CPU quota if the QoS setting of a pod is Guaranteed.
      2019-12-13 v1.10.5-tke.12
      • kubelet does not delete nodes when checking externalID.
      • Adds metadata cache and timeout.
      • Fixes an issue where upgrading lxcfs in Ubuntu 16 causes pods to exit.
      • Adds the ability to reboot kubelet to avoid pod not ready.
      2019-11-18 v1.10.5-tke.11 Removes the kube-controller-manager probe that sends heartbeats to kubelet.
      2019-10-23 v1.10.5-tke.10
      • Merges pr79036, which fixes an issue where upon being opened, the CPU Manager disables the CPU quota if the QoS setting of a pod is Guaranteed.
      • Merges pr72868, which adds a new parameter--metrics-port to kube-proxy and addresses the issue where --metrics-bind-address does not recognize port numbers.
      2019-09-06 v1.10.5-tke.9
      • Fixes the cve-2019-9512&cve-2019-9514 HTTP/2 DDoS security issue.
      • Merges pr72914, which fixes an issue where deleting a Pod and then creating a new one and scheduling it to the same node could cause mounting a volume to fail.
      • Merges 67430 to rollback the state if updateContainerCPUSet fails.
      August 8, 2019 v1.10.5-tke.8 Merges pr72118, which fixes an issue where, if kubelet mounts a device immediately after unmounting it, an error occurs with the message `resource name may not be empty`.
      2019-07-17 v1.10.5-tke.7 Merges pr75037, which fixes a security issue affecting the cp command in kubectl.
      2019-06-25 v1.10.5-tke.6 Fixes the compatibility issue between the TLinux kernel and IPVS.
      2019-06-17 v1.10.5-tke.5 Merges pr71114, which fixes an IPVS throughput issue.
      2019-03-19 v1.10.5-tke.4 Incorporates pr65092, which fixes the issue where apiserver would panic when handling specific requests.
      2019-02-19 v1.10.5-tke.3 Incorporates pr67288, which fixes the issue where apiserver does not close the other side of the connection immediately when proxying.
      2018-09-28 v1.10.5-tke.2 Moves the CLB creation logic from controller-manager to an independent service controller.
      2018-09-27 v1.10.5-tke.1 Backports pr63321, which fixes an issue where termination takes too long when there are multiple service containers in a pod.
      2018-09-21 v1.10.5-qcloud-rev1 If a kubelet status update times out, controller-manager probes the kubelet port.

      (Discontinued) TKE Kubernetes 1.8.13 revisions

      DateVersionUpdates
      2020-01-13 v1.8.13-tke.7
      • Merges pr2359, which fixes the issue of missing monitoring records when the system is unable to obtain docker root.
      • Produces a workaround for the missing CBS device path (/dev/disk/by-id/virtio-xxx/...) issue that prevents some users from accessing CBS properly.
      2019-12-13 v1.8.13-tke.6
      • kubelet does not delete nodes when checking externalID.
      • Adds metadata cache and timeout.
      • Fixes an issue where upgrading lxcfs in Ubuntu 16 causes pods to exit.
      • Adds the ability to reboot kubelet to avoid pod not ready.
      2019-11-18 v1.8.13-tke.5
      • Removes the kube-controller-manager probe that sends heartbeats to kubelet.
      • Adds metrics to CBS PVC.
      2018-09-28 v1.8.13-tke.2 Moves the CLB creation logic from controller-manager to an independent service controller.
      2018-09-27 v1.8.13-tke.1
      • Disables kmem statistics to prevent cgroup numbers from leaking.
      • Reduces resourcequota conflicts caused by creating pods.
      2018-09-21 v1.8.13-qcloud-rev1 If a kubelet status update times out, controller-manager probes the kubelet port.

      (Discontinued) TKE Kubernetes 1.7.8 revisions

      DateVersionUpdates
      2019-12-17 v1.7.8-tke.4
      • kubelet does not delete nodes when checking externalID.
      • Adds metadata cache and timeout.
      • Fixes the issue where upgrading lxcfs in Ubuntu 16 causes pods to exit.
      • Avoids the readiness state of “pod not ready” when kubelet is restarted.
      2018-09-28 v1.7.8-tke.2 Fixes a conflict between controller-manager and an external service controller.
      2018-09-27 v1.7.8-tke.1 Moves the CLB creation logic from controller-manager to an independent service controller.
      2018-09-21 v1.7.8-qcloud-rev1 If a kubelet status update times out, controller-manager probes the kubelet port.
      Contact Us

      Contact our sales team or business advisors to help your business.

      Contact Us
      Technical Support

      Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

      Submit a Ticket
      7x24 Phone Support
      Copyright © 2013-2024 Tencent Cloud. All Rights Reserved.
      Privacy PolicyLegalCookie Policy