From ab2e424f4706d44229df419a3118063412445300 Mon Sep 17 00:00:00 2001 From: Sepideh Date: Thu, 1 Aug 2024 15:14:59 -0400 Subject: [PATCH] Release Notes draft for k/k v1.31.0-rc.0 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Sepideh Update releases/release-1.31/release-notes/maps/pr-120611-map.yaml Co-authored-by: Nina Polshakova Update releases/release-1.31/release-notes/maps/pr-124958-map.yaml Co-authored-by: Nina Polshakova Update releases/release-1.31/release-notes/maps/pr-125488-map.yaml Co-authored-by: Nina Polshakova Update releases/release-1.31/release-notes/release-notes-draft.md Co-authored-by: Nina Polshakova Update releases/release-1.31/release-notes/release-notes-draft.md Co-authored-by: Nina Polshakova Update releases/release-1.31/release-notes/release-notes-draft.md Co-authored-by: Nina Polshakova Update releases/release-1.31/release-notes/release-notes-draft.md Co-authored-by: Nina Polshakova Update releases/release-1.31/release-notes/release-notes-draft.md Co-authored-by: Nina Polshakova Update releases/release-1.31/release-notes/release-notes-draft.md Co-authored-by: Nina Polshakova Update releases/release-1.31/release-notes/release-notes-draft.md Co-authored-by: Nina Polshakova Update releases/release-1.31/release-notes/release-notes-draft.md Co-authored-by: Nina Polshakova Update releases/release-1.31/release-notes/release-notes-draft.md Co-authored-by: Nina Polshakova Update releases/release-1.31/release-notes/release-notes-draft.md Co-authored-by: Nina Polshakova Update releases/release-1.31/release-notes/release-notes-draft.md Co-authored-by: Nina Polshakova Update releases/release-1.31/release-notes/release-notes-draft.md Co-authored-by: Nina Polshakova Update releases/release-1.31/release-notes/release-notes-draft.md Co-authored-by: Nina Polshakova Apply suggestions from code review Co-authored-by: Nina Polshakova Apply suggestions from code review Co-authored-by: Nina Polshakova Update releases/release-1.31/release-notes/release-notes-draft.json Co-authored-by: Nina Polshakova Update releases/release-1.31/release-notes/release-notes-draft.md Co-authored-by: Nina Polshakova Update releases/release-1.31/release-notes/maps/pr-126237-map.yaml Co-authored-by: Nina Polshakova Apply suggestions from code review Apply suggestions from code review Co-authored-by: Tim Bannister Co-authored-by: Amit Dsouza Apply suggestions from code review Co-authored-by: Tim Bannister Apply suggestions from code review Co-authored-by: Mélony QIN <4621560+cloudmelon@users.noreply.github.com> Co-authored-by: Tim Bannister Apply suggestions from code review Co-authored-by: bells17 Update releases/release-1.31/release-notes/maps/pr-125488-map.yaml Update releases/release-1.31/release-notes/maps/pr-126205-map.yaml --- .../release-notes/maps/pr-120611-map.yaml | 6 + .../release-notes/maps/pr-122628-map.yaml | 5 + .../release-notes/maps/pr-124012-map.yaml | 7 + .../release-notes/maps/pr-124101-map.yaml | 5 + .../release-notes/maps/pr-124430-map.yaml | 5 + .../release-notes/maps/pr-124530-map.yaml | 6 + .../release-notes/maps/pr-124819-map.yaml | 5 + .../release-notes/maps/pr-124884-map.yaml | 5 + .../release-notes/maps/pr-124958-map.yaml | 6 + .../release-notes/maps/pr-124959-map.yaml | 6 + .../release-notes/maps/pr-124961-map.yaml | 6 + .../release-notes/maps/pr-125163-map.yaml | 6 + .../release-notes/maps/pr-125257-map.yaml | 5 + .../release-notes/maps/pr-125259-map.yaml | 4 + .../release-notes/maps/pr-125374-map.yaml | 6 + .../release-notes/maps/pr-125470-map.yaml | 5 + .../release-notes/maps/pr-125488-map.yaml | 4 + .../release-notes/maps/pr-125571-map.yaml | 7 + .../release-notes/maps/pr-125656-map.yaml | 5 + .../release-notes/maps/pr-125660-map.yaml | 5 + .../release-notes/maps/pr-125661-map.yaml | 4 + .../release-notes/maps/pr-125782-map.yaml | 6 + .../release-notes/maps/pr-125813-map.yaml | 8 + .../release-notes/maps/pr-125929-map.yaml | 5 + .../release-notes/maps/pr-126014-map.yaml | 6 + .../release-notes/maps/pr-126031-map.yaml | 4 + .../release-notes/maps/pr-126047-map.yaml | 4 + .../release-notes/maps/pr-126067-map.yaml | 9 + .../release-notes/maps/pr-126072-map.yaml | 5 + .../release-notes/maps/pr-126073-map.yaml | 4 + .../release-notes/maps/pr-126108-map.yaml | 10 + .../release-notes/maps/pr-126125-map.yaml | 4 + .../release-notes/maps/pr-126139-map.yaml | 4 + .../release-notes/maps/pr-126145-map.yaml | 6 + .../release-notes/maps/pr-126163-map.yaml | 6 + .../release-notes/maps/pr-126165-map.yaml | 5 + .../release-notes/maps/pr-126167-map.yaml | 5 + .../release-notes/maps/pr-126174-map.yaml | 4 + .../release-notes/maps/pr-126191-map.yaml | 5 + .../release-notes/maps/pr-126205-map.yaml | 5 + .../release-notes/maps/pr-126227-map.yaml | 5 + .../release-notes/maps/pr-126237-map.yaml | 4 + .../release-notes/maps/pr-126243-map.yaml | 5 + .../release-notes/maps/pr-126330-map.yaml | 4 + .../release-notes/maps/pr-126335-map.yaml | 5 + .../release-notes/maps/pr-126355-map.yaml | 5 + .../release-notes/maps/pr-126441-map.yaml | 9 + .../release-notes/release-notes-draft.json | 2349 ++++++++++++++--- .../release-notes/release-notes-draft.md | 572 ++-- .../sessions/maps-1722538475.json | 279 ++ 50 files changed, 2876 insertions(+), 579 deletions(-) create mode 100644 releases/release-1.31/release-notes/maps/pr-120611-map.yaml create mode 100644 releases/release-1.31/release-notes/maps/pr-122628-map.yaml create mode 100644 releases/release-1.31/release-notes/maps/pr-124012-map.yaml create mode 100644 releases/release-1.31/release-notes/maps/pr-124101-map.yaml create mode 100644 releases/release-1.31/release-notes/maps/pr-124430-map.yaml create mode 100644 releases/release-1.31/release-notes/maps/pr-124530-map.yaml create mode 100644 releases/release-1.31/release-notes/maps/pr-124819-map.yaml create mode 100644 releases/release-1.31/release-notes/maps/pr-124884-map.yaml create mode 100644 releases/release-1.31/release-notes/maps/pr-124958-map.yaml create mode 100644 releases/release-1.31/release-notes/maps/pr-124959-map.yaml create mode 100644 releases/release-1.31/release-notes/maps/pr-124961-map.yaml create mode 100644 releases/release-1.31/release-notes/maps/pr-125163-map.yaml create mode 100644 releases/release-1.31/release-notes/maps/pr-125257-map.yaml create mode 100644 releases/release-1.31/release-notes/maps/pr-125259-map.yaml create mode 100644 releases/release-1.31/release-notes/maps/pr-125374-map.yaml create mode 100644 releases/release-1.31/release-notes/maps/pr-125470-map.yaml create mode 100644 releases/release-1.31/release-notes/maps/pr-125488-map.yaml create mode 100644 releases/release-1.31/release-notes/maps/pr-125571-map.yaml create mode 100644 releases/release-1.31/release-notes/maps/pr-125656-map.yaml create mode 100644 releases/release-1.31/release-notes/maps/pr-125660-map.yaml create mode 100644 releases/release-1.31/release-notes/maps/pr-125661-map.yaml create mode 100644 releases/release-1.31/release-notes/maps/pr-125782-map.yaml create mode 100644 releases/release-1.31/release-notes/maps/pr-125813-map.yaml create mode 100644 releases/release-1.31/release-notes/maps/pr-125929-map.yaml create mode 100644 releases/release-1.31/release-notes/maps/pr-126014-map.yaml create mode 100644 releases/release-1.31/release-notes/maps/pr-126031-map.yaml create mode 100644 releases/release-1.31/release-notes/maps/pr-126047-map.yaml create mode 100644 releases/release-1.31/release-notes/maps/pr-126067-map.yaml create mode 100644 releases/release-1.31/release-notes/maps/pr-126072-map.yaml create mode 100644 releases/release-1.31/release-notes/maps/pr-126073-map.yaml create mode 100644 releases/release-1.31/release-notes/maps/pr-126108-map.yaml create mode 100644 releases/release-1.31/release-notes/maps/pr-126125-map.yaml create mode 100644 releases/release-1.31/release-notes/maps/pr-126139-map.yaml create mode 100644 releases/release-1.31/release-notes/maps/pr-126145-map.yaml create mode 100644 releases/release-1.31/release-notes/maps/pr-126163-map.yaml create mode 100644 releases/release-1.31/release-notes/maps/pr-126165-map.yaml create mode 100644 releases/release-1.31/release-notes/maps/pr-126167-map.yaml create mode 100644 releases/release-1.31/release-notes/maps/pr-126174-map.yaml create mode 100644 releases/release-1.31/release-notes/maps/pr-126191-map.yaml create mode 100644 releases/release-1.31/release-notes/maps/pr-126205-map.yaml create mode 100644 releases/release-1.31/release-notes/maps/pr-126227-map.yaml create mode 100644 releases/release-1.31/release-notes/maps/pr-126237-map.yaml create mode 100644 releases/release-1.31/release-notes/maps/pr-126243-map.yaml create mode 100644 releases/release-1.31/release-notes/maps/pr-126330-map.yaml create mode 100644 releases/release-1.31/release-notes/maps/pr-126335-map.yaml create mode 100644 releases/release-1.31/release-notes/maps/pr-126355-map.yaml create mode 100644 releases/release-1.31/release-notes/maps/pr-126441-map.yaml create mode 100644 releases/release-1.31/release-notes/sessions/maps-1722538475.json diff --git a/releases/release-1.31/release-notes/maps/pr-120611-map.yaml b/releases/release-1.31/release-notes/maps/pr-120611-map.yaml new file mode 100644 index 0000000000..32d4758048 --- /dev/null +++ b/releases/release-1.31/release-notes/maps/pr-120611-map.yaml @@ -0,0 +1,6 @@ +pr: 120611 +releasenote: + text: 'Dynamic Resource Allocation (DRA): Added a feature so the number of ResourceClaim objects can be limited + per namespace and by the number of devices requested through a specific class + via the v1.ResourceQuota mechanism.' +pr_body: "" diff --git a/releases/release-1.31/release-notes/maps/pr-122628-map.yaml b/releases/release-1.31/release-notes/maps/pr-122628-map.yaml new file mode 100644 index 0000000000..944549c581 --- /dev/null +++ b/releases/release-1.31/release-notes/maps/pr-122628-map.yaml @@ -0,0 +1,5 @@ +pr: 122628 +releasenote: + text: Implemented new cluster events UpdatePodScaleDown and UpdatePodLabel for scheduler + plugins. +pr_body: "" diff --git a/releases/release-1.31/release-notes/maps/pr-124012-map.yaml b/releases/release-1.31/release-notes/maps/pr-124012-map.yaml new file mode 100644 index 0000000000..9ece3f99b0 --- /dev/null +++ b/releases/release-1.31/release-notes/maps/pr-124012-map.yaml @@ -0,0 +1,7 @@ +pr: 124012 +releasenote: + text: Added Coordinated Leader Election as Alpha under the `CoordinatedLeaderElection` + feature gate. With the feature enabled, the control plane can use LeaseCandidate + objects (coordination.k8s.io/v1alpha1 API group) to participate in a leader election + and let the kube-apiserver select the best instance according to some strategy. +pr_body: "" diff --git a/releases/release-1.31/release-notes/maps/pr-124101-map.yaml b/releases/release-1.31/release-notes/maps/pr-124101-map.yaml new file mode 100644 index 0000000000..024ec7f229 --- /dev/null +++ b/releases/release-1.31/release-notes/maps/pr-124101-map.yaml @@ -0,0 +1,5 @@ +pr: 124101 +releasenote: + text: Fixed a bug where the Kubelet miscalculated the process usage of pods, + causing pods to never get evicted for PID usage. +pr_body: "" diff --git a/releases/release-1.31/release-notes/maps/pr-124430-map.yaml b/releases/release-1.31/release-notes/maps/pr-124430-map.yaml new file mode 100644 index 0000000000..4a795f7248 --- /dev/null +++ b/releases/release-1.31/release-notes/maps/pr-124430-map.yaml @@ -0,0 +1,5 @@ +pr: 124430 +releasenote: + text: Fixed node reporting "notReady" with the reason 'container runtime status check may + not have completed yet' after kubelet restart. +pr_body: "" diff --git a/releases/release-1.31/release-notes/maps/pr-124530-map.yaml b/releases/release-1.31/release-notes/maps/pr-124530-map.yaml new file mode 100644 index 0000000000..1f0f9d98ef --- /dev/null +++ b/releases/release-1.31/release-notes/maps/pr-124530-map.yaml @@ -0,0 +1,6 @@ +pr: 124530 +releasenote: + text: Finished initial generic controlplane refactor of kube-apiserver, providing + a sample binary building a Kubernetes-like control plane, but without container orchestration + resources. +pr_body: "" diff --git a/releases/release-1.31/release-notes/maps/pr-124819-map.yaml b/releases/release-1.31/release-notes/maps/pr-124819-map.yaml new file mode 100644 index 0000000000..05cf276c88 --- /dev/null +++ b/releases/release-1.31/release-notes/maps/pr-124819-map.yaml @@ -0,0 +1,5 @@ +pr: 124819 +releasenote: + text: Added a warning when creating or updating a PersistentVolume (PV) with the + deprecated annotation `volume.beta.kubernetes.io/mount-options`. +pr_body: "" diff --git a/releases/release-1.31/release-notes/maps/pr-124884-map.yaml b/releases/release-1.31/release-notes/maps/pr-124884-map.yaml new file mode 100644 index 0000000000..71b00c5c68 --- /dev/null +++ b/releases/release-1.31/release-notes/maps/pr-124884-map.yaml @@ -0,0 +1,5 @@ +pr: 124884 +releasenote: + text: Added a feature to report an event about a Pod if kubelet observes a failed attach + operation, even if the kubelet is running with `--enable-controller-attach-detach=false`. +pr_body: "" diff --git a/releases/release-1.31/release-notes/maps/pr-124958-map.yaml b/releases/release-1.31/release-notes/maps/pr-124958-map.yaml new file mode 100644 index 0000000000..5cd59bc31f --- /dev/null +++ b/releases/release-1.31/release-notes/maps/pr-124958-map.yaml @@ -0,0 +1,6 @@ +pr: 124958 +releasenote: + text: |- + The kube-scheduler added support for scheduling hints for the StorageClass resource within the VolumeBinding plugin. + The scheduling hints allowed the scheduler to retry scheduling a Pod that was previously rejected by the VolumeBinding plugin only if a new resource referenced by the plugin was created or an existing resource referenced by the plugin was updated. +pr_body: "" diff --git a/releases/release-1.31/release-notes/maps/pr-124959-map.yaml b/releases/release-1.31/release-notes/maps/pr-124959-map.yaml new file mode 100644 index 0000000000..f6b6b76c3c --- /dev/null +++ b/releases/release-1.31/release-notes/maps/pr-124959-map.yaml @@ -0,0 +1,6 @@ +pr: 124959 +releasenote: + text: |- + The kube-scheduler added support for scheduling hints for the PersistentVolumeClaim resource within the VolumeBinding plugin. + The scheduling hints allowed the scheduler to retry scheduling a Pod that was previously rejected by the VolumeBinding plugin only if a new resource referenced by the plugin was created or an existing resource referenced by the plugin was updated. +pr_body: "" diff --git a/releases/release-1.31/release-notes/maps/pr-124961-map.yaml b/releases/release-1.31/release-notes/maps/pr-124961-map.yaml new file mode 100644 index 0000000000..b2fa9439e8 --- /dev/null +++ b/releases/release-1.31/release-notes/maps/pr-124961-map.yaml @@ -0,0 +1,6 @@ +pr: 124961 +releasenote: + text: |- + The kube-scheduler added support for scheduling hints for the CSIStorageCapacity resource within the VolumeBinding plugin. + The scheduling hints allowed the scheduler to retry scheduling a Pod that was previously rejected by the VolumeBinding plugin only if a new resource referenced by the plugin was created or an existing resource referenced by the plugin was updated. +pr_body: "" diff --git a/releases/release-1.31/release-notes/maps/pr-125163-map.yaml b/releases/release-1.31/release-notes/maps/pr-125163-map.yaml new file mode 100644 index 0000000000..2150274ded --- /dev/null +++ b/releases/release-1.31/release-notes/maps/pr-125163-map.yaml @@ -0,0 +1,6 @@ +pr: 125163 +releasenote: + text: 'ACTION REQUIRED: The Dynamic Resource Allocation (DRA) driver's DaemonSet must be deployed + with a service account that enables writing ResourceSlice and reading ResourceClaim + objects.' +pr_body: "" diff --git a/releases/release-1.31/release-notes/maps/pr-125257-map.yaml b/releases/release-1.31/release-notes/maps/pr-125257-map.yaml new file mode 100644 index 0000000000..84849e182e --- /dev/null +++ b/releases/release-1.31/release-notes/maps/pr-125257-map.yaml @@ -0,0 +1,5 @@ +pr: 125257 +releasenote: + text: Graduated Kubernetes' support for AppArmor to GA. You now cannot disable the `AppArmor` + feature gate. +pr_body: "" diff --git a/releases/release-1.31/release-notes/maps/pr-125259-map.yaml b/releases/release-1.31/release-notes/maps/pr-125259-map.yaml new file mode 100644 index 0000000000..d8303c3aaf --- /dev/null +++ b/releases/release-1.31/release-notes/maps/pr-125259-map.yaml @@ -0,0 +1,4 @@ +pr: 125259 +releasenote: + text: Promoted the `ProcMountType` feature gate to beta. +pr_body: "" diff --git a/releases/release-1.31/release-notes/maps/pr-125374-map.yaml b/releases/release-1.31/release-notes/maps/pr-125374-map.yaml new file mode 100644 index 0000000000..9187584879 --- /dev/null +++ b/releases/release-1.31/release-notes/maps/pr-125374-map.yaml @@ -0,0 +1,6 @@ +pr: 125374 +releasenote: + text: Promoted `StatefulSetStartOrdinal` to stable. This means `--feature-gates=StatefulSetStartOrdinal=true` + are not needed on kube-apiserver and kube-controller-manager binaries and they'll + be removed soon following policy at https://kubernetes.io/docs/reference/using-api/deprecation-policy/#deprecation. +pr_body: "" diff --git a/releases/release-1.31/release-notes/maps/pr-125470-map.yaml b/releases/release-1.31/release-notes/maps/pr-125470-map.yaml new file mode 100644 index 0000000000..a6d2578e91 --- /dev/null +++ b/releases/release-1.31/release-notes/maps/pr-125470-map.yaml @@ -0,0 +1,5 @@ +pr: 125470 +releasenote: + text: Added a `.status.features.supplementalGroupsPolicy` field to Nodes. The field is + true when the feature is implemented in the CRI implementation (KEP-3619). +pr_body: "" diff --git a/releases/release-1.31/release-notes/maps/pr-125488-map.yaml b/releases/release-1.31/release-notes/maps/pr-125488-map.yaml new file mode 100644 index 0000000000..36a786aad7 --- /dev/null +++ b/releases/release-1.31/release-notes/maps/pr-125488-map.yaml @@ -0,0 +1,4 @@ +pr: 125488 +releasenote: + text: 'Enhanced the Dynamic Resource Allocation (DRA) with an updated version of the resource.k8s.io API group. The primary user-facing type remains the ResourceClaim, however significant changes have been made, resulting in the new version, v1alpha3, which is not compatible with the previous version.' +pr_body: "" diff --git a/releases/release-1.31/release-notes/maps/pr-125571-map.yaml b/releases/release-1.31/release-notes/maps/pr-125571-map.yaml new file mode 100644 index 0000000000..83a70ebc70 --- /dev/null +++ b/releases/release-1.31/release-notes/maps/pr-125571-map.yaml @@ -0,0 +1,7 @@ +pr: 125571 +releasenote: + text: |- + kube-apiserver: Added Alpha features to allow API server authz to check the context of requests: + - The `AuthorizeWithSelectors` feature gate enables including field and label selector information from requests in webhook authorization calls. + - The `AuthorizeNodeWithSelectors` feature gate changes node authorizer behavior to limit requests from node API clients, so that each Node can only get / list / watch its own Node API object, and can also only get / list / watch Pod API objects bound to that node. Clients using kubelet credentials to read other nodes or unrelated pods must change their authentication credentials (recommended), adjust their usage, or obtain broader read access independent of the node authorizer. +pr_body: "" diff --git a/releases/release-1.31/release-notes/maps/pr-125656-map.yaml b/releases/release-1.31/release-notes/maps/pr-125656-map.yaml new file mode 100644 index 0000000000..6ecb0d9aba --- /dev/null +++ b/releases/release-1.31/release-notes/maps/pr-125656-map.yaml @@ -0,0 +1,5 @@ +pr: 125656 +releasenote: + text: 'kubelet/stats: set INFO log level for stats not found in cadvisor memory + cache error.' +pr_body: "" diff --git a/releases/release-1.31/release-notes/maps/pr-125660-map.yaml b/releases/release-1.31/release-notes/maps/pr-125660-map.yaml new file mode 100644 index 0000000000..b180d64ed0 --- /dev/null +++ b/releases/release-1.31/release-notes/maps/pr-125660-map.yaml @@ -0,0 +1,5 @@ +pr: 125660 +releasenote: + text: Revised the Pod API with Alpha support for volumes derived from OCI artifacts. + This feature is behind the `ImageVolume` feature gate. +pr_body: "" diff --git a/releases/release-1.31/release-notes/maps/pr-125661-map.yaml b/releases/release-1.31/release-notes/maps/pr-125661-map.yaml new file mode 100644 index 0000000000..a3c04e01b6 --- /dev/null +++ b/releases/release-1.31/release-notes/maps/pr-125661-map.yaml @@ -0,0 +1,4 @@ +pr: 125661 +releasenote: + text: Cleaned deprecated `context.StopCh` in favor of ctx. +pr_body: "" diff --git a/releases/release-1.31/release-notes/maps/pr-125782-map.yaml b/releases/release-1.31/release-notes/maps/pr-125782-map.yaml new file mode 100644 index 0000000000..932b473358 --- /dev/null +++ b/releases/release-1.31/release-notes/maps/pr-125782-map.yaml @@ -0,0 +1,6 @@ +pr: 125782 +releasenote: + text: |- + Fixed the documentation for the default value of the `procMount` entry in `securityContext` within a Pod. + The documentation was previously using the name of the internal variable `DefaultProcMount`, rather than the actual value, "Default". +pr_body: "" diff --git a/releases/release-1.31/release-notes/maps/pr-125813-map.yaml b/releases/release-1.31/release-notes/maps/pr-125813-map.yaml new file mode 100644 index 0000000000..0315909582 --- /dev/null +++ b/releases/release-1.31/release-notes/maps/pr-125813-map.yaml @@ -0,0 +1,8 @@ +pr: 125813 +releasenote: + text: Enforced kubelet to request serving certificates only once it has at least + one IP address in the `.status.addresses` of its associated Node object. This + avoids requesting DNS-only serving certificates before externally set addresses + are in place. Until 1.33, the previous behavior can be opted back into by setting + the deprecated `AllowDNSOnlyNodeCSR` feature gate to true in the kubelet. +pr_body: "" diff --git a/releases/release-1.31/release-notes/maps/pr-125929-map.yaml b/releases/release-1.31/release-notes/maps/pr-125929-map.yaml new file mode 100644 index 0000000000..3072304d59 --- /dev/null +++ b/releases/release-1.31/release-notes/maps/pr-125929-map.yaml @@ -0,0 +1,5 @@ +pr: 125929 +releasenote: + text: Implemented `event_handling_duration_seconds` metric, which is the time the + scheduler takes to handle each kind of events. +pr_body: "" diff --git a/releases/release-1.31/release-notes/maps/pr-126014-map.yaml b/releases/release-1.31/release-notes/maps/pr-126014-map.yaml new file mode 100644 index 0000000000..88edd0322c --- /dev/null +++ b/releases/release-1.31/release-notes/maps/pr-126014-map.yaml @@ -0,0 +1,6 @@ +pr: 126014 +releasenote: + text: Promoted `LocalStorageCapacityIsolation` to beta; the behaviour is enabled by default. + Within the kubelet, storage capacity isolation is active if the feature gate + is enabled and the specific Pod is using a user namespace. +pr_body: "" diff --git a/releases/release-1.31/release-notes/maps/pr-126031-map.yaml b/releases/release-1.31/release-notes/maps/pr-126031-map.yaml new file mode 100644 index 0000000000..577be414b5 --- /dev/null +++ b/releases/release-1.31/release-notes/maps/pr-126031-map.yaml @@ -0,0 +1,4 @@ +pr: 126031 +releasenote: + text: Introduced a new boolean kubelet flag `--fail-cgroupv1`. +pr_body: "" diff --git a/releases/release-1.31/release-notes/maps/pr-126047-map.yaml b/releases/release-1.31/release-notes/maps/pr-126047-map.yaml new file mode 100644 index 0000000000..9cbcf60c3d --- /dev/null +++ b/releases/release-1.31/release-notes/maps/pr-126047-map.yaml @@ -0,0 +1,4 @@ +pr: 126047 +releasenote: + text: Updated kubernetes to build with Go 1.23rc2. +pr_body: "" diff --git a/releases/release-1.31/release-notes/maps/pr-126067-map.yaml b/releases/release-1.31/release-notes/maps/pr-126067-map.yaml new file mode 100644 index 0000000000..149af85a1f --- /dev/null +++ b/releases/release-1.31/release-notes/maps/pr-126067-map.yaml @@ -0,0 +1,9 @@ +pr: 126067 +releasenote: + text: |- + Graduated the Job `successPolicy` field to beta. + + The new reason label, "SuccessPolicy" and "CompletionsReached" are added to the "jobs_finished_total" metric. + Additionally, if you enable the `JobSuccessPolicy` feature gate, the Job gets "CompletionsReached" reason for the "SuccessCriteriaMet" and "Complete" condition type + when the number of succeeded Job Pods (`.status.succeeded`) reached the desired completions (`.spec.completions`). +pr_body: "" diff --git a/releases/release-1.31/release-notes/maps/pr-126072-map.yaml b/releases/release-1.31/release-notes/maps/pr-126072-map.yaml new file mode 100644 index 0000000000..48b9ca9d12 --- /dev/null +++ b/releases/release-1.31/release-notes/maps/pr-126072-map.yaml @@ -0,0 +1,5 @@ +pr: 126072 +releasenote: + text: Made kube-proxy Windows service control manager integration (`--windows-service`) + configurable in v1alpha1 component configuration via `windowsRunAsService` field. +pr_body: "" diff --git a/releases/release-1.31/release-notes/maps/pr-126073-map.yaml b/releases/release-1.31/release-notes/maps/pr-126073-map.yaml new file mode 100644 index 0000000000..91228b36cd --- /dev/null +++ b/releases/release-1.31/release-notes/maps/pr-126073-map.yaml @@ -0,0 +1,4 @@ +pr: 126073 +releasenote: + text: Fixed fake clientset ApplyScale subresource from `status` to `scale`. +pr_body: "" diff --git a/releases/release-1.31/release-notes/maps/pr-126108-map.yaml b/releases/release-1.31/release-notes/maps/pr-126108-map.yaml new file mode 100644 index 0000000000..3f98622f8e --- /dev/null +++ b/releases/release-1.31/release-notes/maps/pr-126108-map.yaml @@ -0,0 +1,10 @@ +pr: 126108 +releasenote: + text: |- + Reduced state change noise when volume expansion fails. Also mark certain failures as infeasible. + + ACTION REQUIRED: If you are using the `RecoverVolumeExpansionFailure` alpha feature gate + then after upgrading to this release, you need to update some objects. + For any existing PersistentVolumeClaimss with `status.allocatedResourceStatus` set to either + "ControllerResizeFailed" or "NodeResizeFailed", clear the `status.allocatedResourceStatus`. +pr_body: "" diff --git a/releases/release-1.31/release-notes/maps/pr-126125-map.yaml b/releases/release-1.31/release-notes/maps/pr-126125-map.yaml new file mode 100644 index 0000000000..ea3fad1c0e --- /dev/null +++ b/releases/release-1.31/release-notes/maps/pr-126125-map.yaml @@ -0,0 +1,4 @@ +pr: 126125 +releasenote: + text: Allowed calling Stop multiple times on RetryWatcher without panicking. +pr_body: "" diff --git a/releases/release-1.31/release-notes/maps/pr-126139-map.yaml b/releases/release-1.31/release-notes/maps/pr-126139-map.yaml new file mode 100644 index 0000000000..439d150c38 --- /dev/null +++ b/releases/release-1.31/release-notes/maps/pr-126139-map.yaml @@ -0,0 +1,4 @@ +pr: 126139 +releasenote: + text: Reverted a [change](https://github.com/kubernetes/kubernetes/pull/123513) where `ConsistentListFromCache` was moved to beta and enabled by default. +pr_body: "" diff --git a/releases/release-1.31/release-notes/maps/pr-126145-map.yaml b/releases/release-1.31/release-notes/maps/pr-126145-map.yaml new file mode 100644 index 0000000000..1d8ae73202 --- /dev/null +++ b/releases/release-1.31/release-notes/maps/pr-126145-map.yaml @@ -0,0 +1,6 @@ +pr: 126145 +releasenote: + text: |- + Promoted feature-gate `VolumeAttributesClass` to beta (disabled by default). Users need to enable the feature gate and the `storage.k8s.io/v1beta1` API group to use this feature. + Promoted the VolumeAttributesClass API to beta. +pr_body: "" diff --git a/releases/release-1.31/release-notes/maps/pr-126163-map.yaml b/releases/release-1.31/release-notes/maps/pr-126163-map.yaml new file mode 100644 index 0000000000..7ad89650f8 --- /dev/null +++ b/releases/release-1.31/release-notes/maps/pr-126163-map.yaml @@ -0,0 +1,6 @@ +pr: 126163 +releasenote: + text: 'kube-apiserver: when the Alpha `UserNamespacesPodSecurityStandards` feature + gate is enabled, Pod Security Admission enforcement of the baseline policy now + allows `procMount: Unmasked` for user namespace pods that set `hostUsers: false`.' +pr_body: "" diff --git a/releases/release-1.31/release-notes/maps/pr-126165-map.yaml b/releases/release-1.31/release-notes/maps/pr-126165-map.yaml new file mode 100644 index 0000000000..68eda9f805 --- /dev/null +++ b/releases/release-1.31/release-notes/maps/pr-126165-map.yaml @@ -0,0 +1,5 @@ +pr: 126165 +releasenote: + text: Starting in 1.31, `container_engine_t` was added to the list of allowed SELinux + types in the baseline Pod Security Standard. +pr_body: "" diff --git a/releases/release-1.31/release-notes/maps/pr-126167-map.yaml b/releases/release-1.31/release-notes/maps/pr-126167-map.yaml new file mode 100644 index 0000000000..567ce5ce5a --- /dev/null +++ b/releases/release-1.31/release-notes/maps/pr-126167-map.yaml @@ -0,0 +1,5 @@ +pr: 126167 +releasenote: + text: 'kube-apiserver: fixed a potential crash serving CustomResourceDefinitions + that combine an invalid schema and CEL validation rules.' +pr_body: "" diff --git a/releases/release-1.31/release-notes/maps/pr-126174-map.yaml b/releases/release-1.31/release-notes/maps/pr-126174-map.yaml new file mode 100644 index 0000000000..566692678f --- /dev/null +++ b/releases/release-1.31/release-notes/maps/pr-126174-map.yaml @@ -0,0 +1,4 @@ +pr: 126174 +releasenote: + text: 'mount-utils: treated syscall.ENODEV as corrupted mount.' +pr_body: "" diff --git a/releases/release-1.31/release-notes/maps/pr-126191-map.yaml b/releases/release-1.31/release-notes/maps/pr-126191-map.yaml new file mode 100644 index 0000000000..72cc19d5ee --- /dev/null +++ b/releases/release-1.31/release-notes/maps/pr-126191-map.yaml @@ -0,0 +1,5 @@ +pr: 126191 +releasenote: + text: Reverted "Graduates the `WatchList` feature gate to beta for kube-apiserver + and enables `WatchListClient` for kube-controller-manager (KCM)". +pr_body: "" diff --git a/releases/release-1.31/release-notes/maps/pr-126205-map.yaml b/releases/release-1.31/release-notes/maps/pr-126205-map.yaml new file mode 100644 index 0000000000..cf88d49544 --- /dev/null +++ b/releases/release-1.31/release-notes/maps/pr-126205-map.yaml @@ -0,0 +1,5 @@ +pr: 126205 +releasenote: + text: The `KubeletSeparateDiskGC` feature gate is now beta. This split image filesystem feature enables kubelet to perform garbage collection of images (read-only layers) and/or containers (writeable layers) deployed on separate filesystems. + gate is now beta. +pr_body: "" diff --git a/releases/release-1.31/release-notes/maps/pr-126227-map.yaml b/releases/release-1.31/release-notes/maps/pr-126227-map.yaml new file mode 100644 index 0000000000..b11bdae832 --- /dev/null +++ b/releases/release-1.31/release-notes/maps/pr-126227-map.yaml @@ -0,0 +1,5 @@ +pr: 126227 +releasenote: + text: Implemented `queueing_hint_execution_duration_seconds` metric, which is the + time the QueueingHint function takes. +pr_body: "" diff --git a/releases/release-1.31/release-notes/maps/pr-126237-map.yaml b/releases/release-1.31/release-notes/maps/pr-126237-map.yaml new file mode 100644 index 0000000000..300b5c4cab --- /dev/null +++ b/releases/release-1.31/release-notes/maps/pr-126237-map.yaml @@ -0,0 +1,4 @@ +pr: 126237 +releasenote: + text: Promoted the metrics for both ValidatingAdmissionPolicy (VAP) and CustomResourceDefinition (CRD) validation rules to beta. +pr_body: "" diff --git a/releases/release-1.31/release-notes/maps/pr-126243-map.yaml b/releases/release-1.31/release-notes/maps/pr-126243-map.yaml new file mode 100644 index 0000000000..373f7f134e --- /dev/null +++ b/releases/release-1.31/release-notes/maps/pr-126243-map.yaml @@ -0,0 +1,5 @@ +pr: 126243 +releasenote: + text: Added an `allocatedResourcesStatus` to each container status to indicate the + health status of devices exposed by the device plugin. +pr_body: "" diff --git a/releases/release-1.31/release-notes/maps/pr-126330-map.yaml b/releases/release-1.31/release-notes/maps/pr-126330-map.yaml new file mode 100644 index 0000000000..a6a0a52c0a --- /dev/null +++ b/releases/release-1.31/release-notes/maps/pr-126330-map.yaml @@ -0,0 +1,4 @@ +pr: 126330 +releasenote: + text: Updated kubernetes to build with Go 1.22.5. +pr_body: "" diff --git a/releases/release-1.31/release-notes/maps/pr-126335-map.yaml b/releases/release-1.31/release-notes/maps/pr-126335-map.yaml new file mode 100644 index 0000000000..5315a74468 --- /dev/null +++ b/releases/release-1.31/release-notes/maps/pr-126335-map.yaml @@ -0,0 +1,5 @@ +pr: 126335 +releasenote: + text: Fixed bug in kubelet if the `SplitImageFilesystem` feature gate is turned on but the container runtime is + not configured. +pr_body: "" diff --git a/releases/release-1.31/release-notes/maps/pr-126355-map.yaml b/releases/release-1.31/release-notes/maps/pr-126355-map.yaml new file mode 100644 index 0000000000..7430f56fc3 --- /dev/null +++ b/releases/release-1.31/release-notes/maps/pr-126355-map.yaml @@ -0,0 +1,5 @@ +pr: 126355 +releasenote: + text: Set `LocalStorageCapacityIsolationFSQuotaMonitoring` to false by default, to + match `UserNamespacesSupport` (which the feature relies on). +pr_body: "" diff --git a/releases/release-1.31/release-notes/maps/pr-126441-map.yaml b/releases/release-1.31/release-notes/maps/pr-126441-map.yaml new file mode 100644 index 0000000000..3be4c184cf --- /dev/null +++ b/releases/release-1.31/release-notes/maps/pr-126441-map.yaml @@ -0,0 +1,9 @@ +pr: 126441 +releasenote: + text: Ensured that the Node Admission plugin to reject CSR requests created by a + node identity for the signers `kubernetes.io/kubelet-serving` or `kubernetes.io/kube-apiserver-client-kubelet` + with a CN starting with `system:node:`, but where the CN is not `system:node:${node-name}`. + The feature gate `AllowInsecureKubeletCertificateSigningRequests` defaults to + `false`, but can be enabled to revert to the previous behavior. This feature gate + will be removed in Kubernetes v1.33. +pr_body: "" diff --git a/releases/release-1.31/release-notes/release-notes-draft.json b/releases/release-1.31/release-notes/release-notes-draft.json index f41674869b..8dd4658d96 100644 --- a/releases/release-1.31/release-notes/release-notes-draft.json +++ b/releases/release-1.31/release-notes/release-notes-draft.json @@ -39,8 +39,8 @@ }, "117842": { "commit": "552fd7e85084b4cbd3ae8e81ff13433e28dc8327", - "text": "Support fine-grained supplemental groups policy (KEP-3619), which enables fine-grained control for supplementary groups in the first container processes. You can choose whether to include groups defined in the container image(/etc/groups) for the container's primary uid or not.", - "markdown": "Support fine-grained supplemental groups policy (KEP-3619), which enables fine-grained control for supplementary groups in the first container processes. You can choose whether to include groups defined in the container image(/etc/groups) for the container's primary uid or not. ([#117842](https://github.com/kubernetes/kubernetes/pull/117842), [@everpeace](https://github.com/everpeace)) [SIG API Machinery, Apps and Node]", + "text": "Supported fine-grained supplemental groups policy (KEP-3619), which enabled\nfine-grained control for supplementary groups in the first container processes.\nThis allows you to choose whether to include groups defined in the container image (/etc/groups)\nfor the container's primary UID or not.", + "markdown": "Supported fine-grained supplemental groups policy (KEP-3619), which enabled\n fine-grained control for supplementary groups in the first container processes.\n This allows you to choose whether to include groups defined in the container image (/etc/groups)\n for the container's primary UID or not. ([#117842](https://github.com/kubernetes/kubernetes/pull/117842), [@everpeace](https://github.com/everpeace)) [SIG API Machinery, Apps and Node]", "documentation": [ { "description": "[KEP]", @@ -72,8 +72,8 @@ }, "118148": { "commit": "957c9538670b5f7ead2c9ba9ceb9de081d66caa4", - "text": "The kube-scheduler exposes /livez and /readz for health checks that are in compliance with https://kubernetes.io/docs/reference/using-api/health-checks/#api-endpoints-for-health", - "markdown": "The kube-scheduler exposes /livez and /readz for health checks that are in compliance with https://kubernetes.io/docs/reference/using-api/health-checks/#api-endpoints-for-health ([#118148](https://github.com/kubernetes/kubernetes/pull/118148), [@linxiulei](https://github.com/linxiulei)) [SIG API Machinery, Scheduling and Testing]", + "text": "Exposed the kube-scheduler \"/livez\" and \"/readz\" endpoints for health checks that are in compliance with https://kubernetes.io/docs/reference/using-api/health-checks/#api-endpoints-for-health.", + "markdown": "Exposed the kube-scheduler \"/livez\" and \"/readz\" endpoints for health checks that are in compliance with https://kubernetes.io/docs/reference/using-api/health-checks/#api-endpoints-for-health. ([#118148](https://github.com/kubernetes/kubernetes/pull/118148), [@linxiulei](https://github.com/linxiulei)) [SIG API Machinery, Scheduling and Testing]", "author": "linxiulei", "author_url": "https://github.com/linxiulei", "pr_url": "https://github.com/kubernetes/kubernetes/pull/118148", @@ -95,8 +95,8 @@ }, "119589": { "commit": "d1b2490c80fd5c3e0d90598477f62a70d8099bb2", - "text": "kubectl support both:\n- kubectl create secret docker-registry \u003cNAME\u003e --from-file=\u003cpath/to/.docker/config.json\u003e\n- kubectl create secret docker-registry \u003cNAME\u003e --from-file=.dockerconfigjson=\u003cpath/to/.docker/config.json\u003e", - "markdown": "Kubectl support both:\n - kubectl create secret docker-registry \u003cNAME\u003e --from-file=\u003cpath/to/.docker/config.json\u003e\n - kubectl create secret docker-registry \u003cNAME\u003e --from-file=.dockerconfigjson=\u003cpath/to/.docker/config.json\u003e ([#119589](https://github.com/kubernetes/kubernetes/pull/119589), [@carlory](https://github.com/carlory)) [SIG CLI]", + "text": "Added kubectl support for:\n- kubectl create secret docker-registry \u003cNAME\u003e --from-file=\u003cpath/to/.docker/config.json\u003e\n- kubectl create secret docker-registry \u003cNAME\u003e --from-file=.dockerconfigjson=\u003cpath/to/.docker/config.json\u003e", + "markdown": "Added kubectl support for:\n - kubectl create secret docker-registry \u003cNAME\u003e --from-file=\u003cpath/to/.docker/config.json\u003e\n - kubectl create secret docker-registry \u003cNAME\u003e --from-file=.dockerconfigjson=\u003cpath/to/.docker/config.json\u003e ([#119589](https://github.com/kubernetes/kubernetes/pull/119589), [@carlory](https://github.com/carlory)) [SIG CLI]", "author": "carlory", "author_url": "https://github.com/carlory", "pr_url": "https://github.com/kubernetes/kubernetes/pull/119589", @@ -112,6 +112,49 @@ ], "is_mapped": true }, + "120611": { + "commit": "05bb5f71f86428c07a94d50bdf2a9e26b29e1f6a", + "text": "DRA: Added a feature so the number of ResourceClaim objects can be limited per namespace and by the number of devices requested through a specific class via the v1.ResourceQuota mechanism.", + "markdown": "DRA: Added a feature so the number of ResourceClaim objects can be limited per namespace and by the number of devices requested through a specific class via the v1.ResourceQuota mechanism. ([#120611](https://github.com/kubernetes/kubernetes/pull/120611), [@pohly](https://github.com/pohly)) [SIG API Machinery, Apps, Auth, CLI, Etcd, Node, Release, Scheduling and Testing]", + "documentation": [ + { + "description": "[KEP]", + "url": "https://github.com/kubernetes/enhancements/issues/3063", + "type": "KEP" + } + ], + "author": "pohly", + "author_url": "https://github.com/pohly", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/120611", + "pr_number": 120611, + "areas": [ + "test", + "kubelet", + "apiserver", + "kubectl", + "release-eng", + "code-generation" + ], + "kinds": [ + "api-change", + "feature" + ], + "sigs": [ + "api-machinery", + "apps", + "auth", + "cli", + "etcd", + "node", + "release", + "scheduling", + "testing" + ], + "feature": true, + "duplicate": true, + "duplicate_kind": true, + "is_mapped": true + }, "120696": { "commit": "fd8239ce8fa6ef1d167b19881f4938e7ef15de4c", "text": "component-base/logs: when compiled with Go \u003e= 1.21, component-base will automatically configure the slog default logger together with initializing klog.", @@ -170,8 +213,8 @@ }, "121508": { "commit": "5722db7aa3e79bdf2a71f38d22a818a25cfb8091", - "text": "kube-scheduler implements scheduling hints for the CSILimit plugin.\nThe scheduling hints allow the scheduler to retry scheduling a Pod that was previously rejected by the CSILimit plugin if a deleted pod has a PVC from the same driver.", - "markdown": "Kube-scheduler implements scheduling hints for the CSILimit plugin.\n The scheduling hints allow the scheduler to retry scheduling a Pod that was previously rejected by the CSILimit plugin if a deleted pod has a PVC from the same driver. ([#121508](https://github.com/kubernetes/kubernetes/pull/121508), [@utam0k](https://github.com/utam0k)) [SIG Scheduling and Storage]", + "text": "kube-scheduler implemented scheduling hints for the CSILimit plugin.\nThe scheduling hints allow the scheduler to retry scheduling a Pod that was previously rejected by the CSILimit plugin if a deleted pod has a PersistantVolumeClaim (PVC) from the same driver.", + "markdown": "Kube-scheduler implemented scheduling hints for the CSILimit plugin.\n The scheduling hints allow the scheduler to retry scheduling a Pod that was previously rejected by the CSILimit plugin if a deleted pod has a PersistantVolumeClaim (PVC) from the same driver. ([#121508](https://github.com/kubernetes/kubernetes/pull/121508), [@utam0k](https://github.com/utam0k)) [SIG Scheduling and Storage]", "author": "utam0k", "author_url": "https://github.com/utam0k", "pr_url": "https://github.com/kubernetes/kubernetes/pull/121508", @@ -189,8 +232,8 @@ }, "121770": { "commit": "3fda574e5e87368d569d1fd46f05a0750c6c15ab", - "text": "This PR adds tracing support to the kubelet's read-only endpoint, which currently does not have tracing. It makes use the WithPublicEndpoint option to prevent callers from influencing sampling decisions.", - "markdown": "This PR adds tracing support to the kubelet's read-only endpoint, which currently does not have tracing. It makes use the WithPublicEndpoint option to prevent callers from influencing sampling decisions. ([#121770](https://github.com/kubernetes/kubernetes/pull/121770), [@frzifus](https://github.com/frzifus)) [SIG Node]", + "text": "This PR added tracing support to the kubelet's read-only endpoint, which currently\ndoes not have tracing. It makes use of the `WithPublicEndpoint` option to prevent callers\nfrom influencing sampling decisions.", + "markdown": "This PR added tracing support to the kubelet's read-only endpoint, which currently\n does not have tracing. It makes use of the `WithPublicEndpoint` option to prevent callers\n from influencing sampling decisions. ([#121770](https://github.com/kubernetes/kubernetes/pull/121770), [@frzifus](https://github.com/frzifus))", "author": "frzifus", "author_url": "https://github.com/frzifus", "pr_url": "https://github.com/kubernetes/kubernetes/pull/121770", @@ -207,10 +250,40 @@ "feature": true, "is_mapped": true }, + "121902": { + "commit": "a00181d4d47ebad54e930aa64daed0f3e6fc3a90", + "text": "If the feature-gate VolumeAttributesClass is enabled, when finding a suitable persistent volume for a claim, the kube-controller-manager will be aware of the `volumeAttributesClassName` field of PVC and PV objects. The `volumeAttributesClassName` field is a reference to a VolumeAttributesClass object, which contains a set of key-value pairs that present mutable attributes of the volume. It's forbidden to change the `volumeAttributesClassName` field of a PVC object until the PVC is bound to a PV object. During the binding process, if a PVC has a `volumeAttributesClassName` field set, the controller will only consider volumes that have the same `volumeAttributesClassName` as the PVC. If the `volumeAttributesClassName` field is not set or set to an empty string, only volumes with empty `volumeAttributesClassName` will be considered.", + "markdown": "If the feature-gate VolumeAttributesClass is enabled, when finding a suitable persistent volume for a claim, the kube-controller-manager will be aware of the `volumeAttributesClassName` field of PVC and PV objects. The `volumeAttributesClassName` field is a reference to a VolumeAttributesClass object, which contains a set of key-value pairs that present mutable attributes of the volume. It's forbidden to change the `volumeAttributesClassName` field of a PVC object until the PVC is bound to a PV object. During the binding process, if a PVC has a `volumeAttributesClassName` field set, the controller will only consider volumes that have the same `volumeAttributesClassName` as the PVC. If the `volumeAttributesClassName` field is not set or set to an empty string, only volumes with empty `volumeAttributesClassName` will be considered. ([#121902](https://github.com/kubernetes/kubernetes/pull/121902), [@carlory](https://github.com/carlory)) [SIG Apps, Scheduling, Storage and Testing]", + "documentation": [ + { + "description": "[KEP]", + "url": "https://github.com/kubernetes/enhancements/issues/3751", + "type": "KEP" + } + ], + "author": "carlory", + "author_url": "https://github.com/carlory", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/121902", + "pr_number": 121902, + "areas": [ + "test" + ], + "kinds": [ + "feature" + ], + "sigs": [ + "apps", + "scheduling", + "storage", + "testing" + ], + "feature": true, + "duplicate": true + }, "121970": { "commit": "d35ba3635b0fe9cee75e2376e6445113d50437b7", - "text": "k8s.io/apimachinery/pkg/util/runtime: new calls support handling panics and errors in the context where they occur. `PanicHandlers` and `ErrorHandlers` now must accept a context parameter for that. Log output is structured instead of unstructured.", - "markdown": "K8s.io/apimachinery/pkg/util/runtime: new calls support handling panics and errors in the context where they occur. `PanicHandlers` and `ErrorHandlers` now must accept a context parameter for that. Log output is structured instead of unstructured. ([#121970](https://github.com/kubernetes/kubernetes/pull/121970), [@pohly](https://github.com/pohly)) [SIG API Machinery and Instrumentation]", + "text": "k8s.io/apimachinery/pkg/util/runtime: Added support for new calls to handle panics and errors in the context where they occur. `PanicHandlers` and `ErrorHandlers` now must accept a context parameter for that. Log output is structured instead of unstructured.", + "markdown": "K8s.io/apimachinery/pkg/util/runtime: Added support for new calls to handle panics and errors in the context where they occur. `PanicHandlers` and `ErrorHandlers` now must accept a context parameter for that. Log output is structured instead of unstructured. ([#121970](https://github.com/kubernetes/kubernetes/pull/121970), [@pohly](https://github.com/pohly)) [SIG API Machinery and Instrumentation]", "author": "pohly", "author_url": "https://github.com/pohly", "pr_url": "https://github.com/kubernetes/kubernetes/pull/121970", @@ -233,8 +306,8 @@ }, "122025": { "commit": "58c44005cdaec53fe3cb49b2d7a308df3af2d081", - "text": "lastSuccessfullTime in cronjobs will now be set reliably", - "markdown": "LastSuccessfullTime in cronjobs will now be set reliably ([#122025](https://github.com/kubernetes/kubernetes/pull/122025), [@lukashankeln](https://github.com/lukashankeln)) [SIG Apps]", + "text": "`lastSuccessfullTime` in cronjobs will now be set reliably.", + "markdown": "`lastSuccessfullTime` in cronjobs will now be set reliably. ([#122025](https://github.com/kubernetes/kubernetes/pull/122025), [@lukashankeln](https://github.com/lukashankeln)) [SIG Apps]", "documentation": [ { "description": "[Other doc]", @@ -277,8 +350,8 @@ }, "122047": { "commit": "d40676c227c762e9c6f39682377aaf2e113915e3", - "text": "KEP-1880: Users of the new feature to add multiple service CIDR will use by default a dual-write strategy on the new ClusterIP allocators to avoid the problem of possible duplicate IPs allocated to Services when running skewed kube-apiservers using different allocators. They can opt-out of this behavior by enabled the feature gate DisableAllocatorDualWrite", - "markdown": "KEP-1880: Users of the new feature to add multiple service CIDR will use by default a dual-write strategy on the new ClusterIP allocators to avoid the problem of possible duplicate IPs allocated to Services when running skewed kube-apiservers using different allocators. They can opt-out of this behavior by enabled the feature gate DisableAllocatorDualWrite ([#122047](https://github.com/kubernetes/kubernetes/pull/122047), [@aojea](https://github.com/aojea)) [SIG API Machinery, Apps, Instrumentation and Testing]", + "text": "KEP-1880: Users of the new feature to add multiple service CIDR will use by default a dual-write strategy on the new ClusterIP allocators to avoid the problem of possible duplicate IPs allocated to Services when running skewed kube-apiservers using different allocators. They can opt-out of this behavior by enabled the feature gate DisableAllocatorDualWrite.", + "markdown": "KEP-1880: Users of the new feature to add multiple service CIDR will use by default a dual-write strategy on the new ClusterIP allocators to avoid the problem of possible duplicate IPs allocated to Services when running skewed kube-apiservers using different allocators. They can opt-out of this behavior by enabled the feature gate DisableAllocatorDualWrite. ([#122047](https://github.com/kubernetes/kubernetes/pull/122047), [@aojea](https://github.com/aojea)) [SIG API Machinery, Apps, Instrumentation and Testing]", "author": "aojea", "author_url": "https://github.com/aojea", "pr_url": "https://github.com/kubernetes/kubernetes/pull/122047", @@ -329,8 +402,8 @@ }, "122176": { "commit": "dfcb44758a634ca68cc0cf733e83503d22f241c8", - "text": "kube-apiserver: http/2 serving can be disabled with a `--disable-http2-serving` flag", - "markdown": "Kube-apiserver: http/2 serving can be disabled with a `--disable-http2-serving` flag ([#122176](https://github.com/kubernetes/kubernetes/pull/122176), [@slashpai](https://github.com/slashpai)) [SIG API Machinery]", + "text": "kube-apiserver: Added support to disable http/2 serving with a `--disable-http2-serving` flag.\n", + "markdown": "Kube-apiserver: Added support to disable http/2 serving with a `--disable-http2-serving` flag.\n ([#122176](https://github.com/kubernetes/kubernetes/pull/122176), [@slashpai](https://github.com/slashpai)) [SIG API Machinery]", "author": "slashpai", "author_url": "https://github.com/slashpai", "pr_url": "https://github.com/kubernetes/kubernetes/pull/122176", @@ -349,8 +422,8 @@ }, "122234": { "commit": "9c8c61aee4966d153fba0b9c365c7d03c602b4fc", - "text": "The scheduler starts to use QueueingHint registered for Pod/Updated event to determine whether unschedulable Pods update make them schedulable, when the feature gate `SchedulerQueueingHints` is enabled.\nPreviously, when unschedulable Pods are updated, the scheduler always put Pods back to activeQ/backoffQ. But, actually not all updates to Pods make Pods schedulable, especially considering many scheduling constraints nowadays are immutable.\nNow, when unschedulable Pods are updated, the scheduling queue checks with QueueingHint(s) whether the update may make the pods schedulable, and requeues them to activeQ/backoffQ **only when** at least one QueueingHint(s) return Queue. \n\nAction required for custom scheduler plugin developers:\nPlugins **have to** implement a QueueingHint for Pod/Update event if the rejection from them could be resolved by updating unscheduled Pods themselves.\nExample: suppose you develop a custom plugin that denies Pods that have a `schedulable=false` label. \nGiven Pods with a `schedulable=false` label will be schedulable if the `schedulable=false` label is removed, this plugin would implement QueueingHint for Pod/Update event that returns Queue when such label changes are made in unscheduled Pods.", - "markdown": "The scheduler starts to use QueueingHint registered for Pod/Updated event to determine whether unschedulable Pods update make them schedulable, when the feature gate `SchedulerQueueingHints` is enabled.\n Previously, when unschedulable Pods are updated, the scheduler always put Pods back to activeQ/backoffQ. But, actually not all updates to Pods make Pods schedulable, especially considering many scheduling constraints nowadays are immutable.\n Now, when unschedulable Pods are updated, the scheduling queue checks with QueueingHint(s) whether the update may make the pods schedulable, and requeues them to activeQ/backoffQ **only when** at least one QueueingHint(s) return Queue. \n \n Action required for custom scheduler plugin developers:\n Plugins **have to** implement a QueueingHint for Pod/Update event if the rejection from them could be resolved by updating unscheduled Pods themselves.\n Example: suppose you develop a custom plugin that denies Pods that have a `schedulable=false` label. \n Given Pods with a `schedulable=false` label will be schedulable if the `schedulable=false` label is removed, this plugin would implement QueueingHint for Pod/Update event that returns Queue when such label changes are made in unscheduled Pods. ([#122234](https://github.com/kubernetes/kubernetes/pull/122234), [@AxeZhan](https://github.com/AxeZhan)) [SIG Scheduling and Testing]", + "text": "Added support to the scheduler to start using QueueingHint registered for Pod/Updated event to determine whether unschedulable Pods update make them schedulable, when the feature gate `SchedulerQueueingHints` is enabled.\nPreviously, when unschedulable Pods are updated, the scheduler always put Pods back to activeQ/backoffQ. But, actually not all updates to Pods make Pods schedulable, especially considering many scheduling constraints nowadays are immutable.\nNow, when unschedulable Pods are updated, the scheduling queue checks with QueueingHint(s) whether the update may make the pods schedulable, and requeues them to activeQ/backoffQ **only when** at least one QueueingHint(s) return Queue. \n\nAction required for custom scheduler plugin developers:\nPlugins **have to** implement a QueueingHint for Pod/Update event if the rejection from them could be resolved by updating unscheduled Pods themselves.\nExample: suppose you develop a custom plugin that denies Pods that have a `schedulable=false` label. \nGiven Pods with a `schedulable=false` label will be schedulable if the `schedulable=false` label is removed, this plugin would implement QueueingHint for Pod/Update event that returns Queue when such label changes are made in unscheduled Pods.", + "markdown": "Added support to the scheduler to start using QueueingHint registered for Pod/Updated event to determine whether unschedulable Pods update make them schedulable, when the feature gate `SchedulerQueueingHints` is enabled.\n Previously, when unschedulable Pods are updated, the scheduler always put Pods back to activeQ/backoffQ. But, actually not all updates to Pods make Pods schedulable, especially considering many scheduling constraints nowadays are immutable.\n Now, when unschedulable Pods are updated, the scheduling queue checks with QueueingHint(s) whether the update may make the pods schedulable, and requeues them to activeQ/backoffQ **only when** at least one QueueingHint(s) return Queue. \n \n Action required for custom scheduler plugin developers:\n Plugins **have to** implement a QueueingHint for Pod/Update event if the rejection from them could be resolved by updating unscheduled Pods themselves.\n Example: suppose you develop a custom plugin that denies Pods that have a `schedulable=false` label. \n Given Pods with a `schedulable=false` label will be schedulable if the `schedulable=false` label is removed, this plugin would implement QueueingHint for Pod/Update event that returns Queue when such label changes are made in unscheduled Pods. ([#122234](https://github.com/kubernetes/kubernetes/pull/122234), [@AxeZhan](https://github.com/AxeZhan)) [SIG Scheduling and Testing]", "documentation": [ { "url": "https://github.com/kubernetes/enhancements/issues/4247", @@ -398,8 +471,8 @@ }, "122363": { "commit": "96ad82583f4ecc007ec25e234f4f17f5328ddfb2", - "text": "Kubelet flags `--iptables-masquerade-bit` and `--iptables-drop-bit` were deprecated in v1.28 and have now been removed entirely.", - "markdown": "Kubelet flags `--iptables-masquerade-bit` and `--iptables-drop-bit` were deprecated in v1.28 and have now been removed entirely. ([#122363](https://github.com/kubernetes/kubernetes/pull/122363), [@carlory](https://github.com/carlory)) [SIG Network and Node]", + "text": "Removed Kubelet flags `--iptables-masquerade-bit` and `--iptables-drop-bit` as they were deprecated in v1.28. in v1.28 and have now been removed entirely.", + "markdown": "Removed Kubelet flags `--iptables-masquerade-bit` and `--iptables-drop-bit` as they were deprecated in v1.28. in v1.28 and have now been removed entirely. ([#122363](https://github.com/kubernetes/kubernetes/pull/122363), [@carlory](https://github.com/carlory)) [SIG Network and Node]", "documentation": [ { "description": "[KEP]", @@ -426,8 +499,8 @@ }, "122471": { "commit": "2c6d5fae7a68ae94edd848c40dc47c9077c7818e", - "text": "kube-scheduler implements scheduling hints for the InterPodAffinity plugin.\nThe scheduling hints allow the scheduler to retry scheduling a Pod\nthat was previously rejected by the InterPodAffinity plugin if create/delete/update a related Pod or a node which matches the pod affinity.", - "markdown": "Kube-scheduler implements scheduling hints for the InterPodAffinity plugin.\n The scheduling hints allow the scheduler to retry scheduling a Pod\n that was previously rejected by the InterPodAffinity plugin if create/delete/update a related Pod or a node which matches the pod affinity. ([#122471](https://github.com/kubernetes/kubernetes/pull/122471), [@nayihz](https://github.com/nayihz)) [SIG Scheduling and Testing]", + "text": "The kube-scheduler added scheduling hints for the InterPodAffinity plugin.\nThese hints allow the scheduler to retry scheduling a Pod\nthat was previously rejected by the InterPodAffinity plugin if there are changes (create, delete, or update) to a related Pod or a node that matches the pod affinity criteria.", + "markdown": "The kube-scheduler added scheduling hints for the InterPodAffinity plugin.\n These hints allow the scheduler to retry scheduling a Pod\n that was previously rejected by the InterPodAffinity plugin if there are changes (create, delete, or update) to a related Pod or a node that matches the pod affinity criteria. ([#122471](https://github.com/kubernetes/kubernetes/pull/122471), [@nayihz](https://github.com/nayihz)) [SIG Scheduling and Testing]", "author": "nayihz", "author_url": "https://github.com/nayihz", "pr_url": "https://github.com/kubernetes/kubernetes/pull/122471", @@ -448,8 +521,8 @@ }, "122499": { "commit": "c6b5191c37f939d2d61e76de222a96ae5f5d9558", - "text": "StatefulSet autodelete will respect controlling owners on PVC claims as described in https://github.com/kubernetes/enhancements/pull/4375", - "markdown": "StatefulSet autodelete will respect controlling owners on PVC claims as described in https://github.com/kubernetes/enhancements/pull/4375 ([#122499](https://github.com/kubernetes/kubernetes/pull/122499), [@mattcary](https://github.com/mattcary)) [SIG Apps and Testing]", + "text": "StatefulSet autodelete respected controlling owners on PVC claims as described in https://github.com/kubernetes/enhancements/pull/4375.", + "markdown": "StatefulSet autodelete respected controlling owners on PVC claims as described in https://github.com/kubernetes/enhancements/pull/4375. ([#122499](https://github.com/kubernetes/kubernetes/pull/122499), [@mattcary](https://github.com/mattcary)) [SIG Apps and Testing]", "author": "mattcary", "author_url": "https://github.com/mattcary", "pr_url": "https://github.com/kubernetes/kubernetes/pull/122499", @@ -487,10 +560,27 @@ ], "duplicate": true }, + "122628": { + "commit": "39a80796b641d75423c4156000808ae5810094a2", + "text": "Implemented new cluster events UpdatePodScaleDown and UpdatePodLabel for scheduler plugins.", + "markdown": "Implemented new cluster events UpdatePodScaleDown and UpdatePodLabel for scheduler plugins. ([#122628](https://github.com/kubernetes/kubernetes/pull/122628), [@sanposhiho](https://github.com/sanposhiho))", + "author": "sanposhiho", + "author_url": "https://github.com/sanposhiho", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/122628", + "pr_number": 122628, + "kinds": [ + "feature" + ], + "sigs": [ + "scheduling" + ], + "feature": true, + "is_mapped": true + }, "122636": { "commit": "b616d916752ec0b4f506bf2d35dd66ef2d974d97", - "text": "Fix null lastTransitionTime in Pod condition when setting scheduling gate.", - "markdown": "Fix null lastTransitionTime in Pod condition when setting scheduling gate. ([#122636](https://github.com/kubernetes/kubernetes/pull/122636), [@lianghao208](https://github.com/lianghao208)) [SIG Node and Scheduling]", + "text": "Fixed null `lastTransitionTime` in Pod condition when setting the scheduling gate.", + "markdown": "Fixed null `lastTransitionTime` in Pod condition when setting the scheduling gate. ([#122636](https://github.com/kubernetes/kubernetes/pull/122636), [@lianghao208](https://github.com/lianghao208)) [SIG Node and Scheduling]", "author": "lianghao208", "author_url": "https://github.com/lianghao208", "pr_url": "https://github.com/kubernetes/kubernetes/pull/122636", @@ -507,8 +597,8 @@ }, "122657": { "commit": "78533415e06199d13f81e78acf9ff2e0f7460801", - "text": "Add the` WatchList` method to the `rest client` in `client-go`. When used, it establishes a stream to obtain a consistent snapshot of data from the server. This method is meant to be used by the generated client.", - "markdown": "Add the` WatchList` method to the `rest client` in `client-go`. When used, it establishes a stream to obtain a consistent snapshot of data from the server. This method is meant to be used by the generated client. ([#122657](https://github.com/kubernetes/kubernetes/pull/122657), [@p0lyn0mial](https://github.com/p0lyn0mial)) [SIG API Machinery]", + "text": "Added the `WatchList` method to the `rest client` in `client-go`. When used,\nit establishes a stream to obtain a consistent snapshot of data from the server.\nThis method is meant to be used by the generated client.", + "markdown": "Added the `WatchList` method to the `rest client` in `client-go`. When used,\n it establishes a stream to obtain a consistent snapshot of data from the server.\n This method is meant to be used by the generated client. ([#122657](https://github.com/kubernetes/kubernetes/pull/122657), [@p0lyn0mial](https://github.com/p0lyn0mial)) [SIG API Machinery]", "documentation": [ { "description": "[KEP]", @@ -531,8 +621,8 @@ }, "122791": { "commit": "8c1983ffc0b6fe2293fc721cef8d961d79aafc53", - "text": "Removes `ENABLE_CLIENT_GO_WATCH_LIST_ALPHA` environmental variable from the reflector.\nTo activate the feature set `KUBE_FEATURE_WatchListClient` environmental variable or a corresponding command line option (this works only binaries that explicitly expose it).", - "markdown": "Removes `ENABLE_CLIENT_GO_WATCH_LIST_ALPHA` environmental variable from the reflector.\n To activate the feature set `KUBE_FEATURE_WatchListClient` environmental variable or a corresponding command line option (this works only binaries that explicitly expose it). ([#122791](https://github.com/kubernetes/kubernetes/pull/122791), [@p0lyn0mial](https://github.com/p0lyn0mial)) [SIG API Machinery and Testing]", + "text": "Removed `ENABLE_CLIENT_GO_WATCH_LIST_ALPHA` environment variable from the reflector.\nTo activate the feature set `KUBE_FEATURE_WatchListClient` environment variable or a corresponding command line option (this works only with binaries that explicitly expose it).", + "markdown": "Removed `ENABLE_CLIENT_GO_WATCH_LIST_ALPHA` environment variable from the reflector.\n To activate the feature set `KUBE_FEATURE_WatchListClient` environment variable or a corresponding command line option (this works only with binaries that explicitly expose it). ([#122791](https://github.com/kubernetes/kubernetes/pull/122791), [@p0lyn0mial](https://github.com/p0lyn0mial)) [SIG API Machinery and Testing]", "documentation": [ { "description": "[KEP]", @@ -564,8 +654,8 @@ }, "122812": { "commit": "de9a932a14553239e297e0d5350947216393c9ae", - "text": "The iptables mode of kube-proxy now tracks packets that are wrongfully marked invalid by conntrack and subsequently dropped by introducing `kubeproxy_iptables_ct_state_invalid_dropped_packets_total` metric", - "markdown": "The iptables mode of kube-proxy now tracks packets that are wrongfully marked invalid by conntrack and subsequently dropped by introducing `kubeproxy_iptables_ct_state_invalid_dropped_packets_total` metric ([#122812](https://github.com/kubernetes/kubernetes/pull/122812), [@aroradaman](https://github.com/aroradaman)) [SIG Instrumentation, Network and Testing]", + "text": "Added support for kube-proxy iptables mode to track packets that were wrongfully marked invalid by conntrack and subsequently dropped by introducing `kubeproxy_iptables_ct_state_invalid_dropped_packets_total` metric.", + "markdown": "Added support for kube-proxy iptables mode to track packets that were wrongfully marked invalid by conntrack and subsequently dropped by introducing `kubeproxy_iptables_ct_state_invalid_dropped_packets_total` metric. ([#122812](https://github.com/kubernetes/kubernetes/pull/122812), [@aroradaman](https://github.com/aroradaman)) [SIG Instrumentation, Network and Testing]", "author": "aroradaman", "author_url": "https://github.com/aroradaman", "pr_url": "https://github.com/kubernetes/kubernetes/pull/122812", @@ -614,6 +704,29 @@ "duplicate": true, "is_mapped": true }, + "122922": { + "commit": "601eb7e9cf71eebb375d4a32c364b56dfbfd365d", + "text": "Fixed a missing behavior where Windows nodes did not implement memory-pressure eviction.", + "markdown": "Fixed a missing behavior where Windows nodes did not implement memory-pressure eviction. ([#122922](https://github.com/kubernetes/kubernetes/pull/122922), [@marosset](https://github.com/marosset)) [SIG Node, Testing and Windows]", + "author": "marosset", + "author_url": "https://github.com/marosset", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/122922", + "pr_number": 122922, + "areas": [ + "test", + "kubelet" + ], + "kinds": [ + "feature" + ], + "sigs": [ + "node", + "testing", + "windows" + ], + "feature": true, + "duplicate": true + }, "122979": { "commit": "8dd9d1a6bb85fe83c803e33cad8b18d15057a7f3", "text": "Migrated the pkg/proxy to use [contextual logging](https://k8s.io/docs/concepts/cluster-administration/system-logs/#contextual-logging).", @@ -664,8 +777,8 @@ }, "123105": { "commit": "b2c32fb0151cb56fa30a9cc60b0835ed5c8dfcd5", - "text": "The kube-proxy nodeportAddresses / --nodeport-addresses option now\naccepts the value \"primary\", meaning to only listen for NodePort connections\non the node's primary IPv4 and/or IPv6 address (according to the Node object).\nThis is strongly recommended, if you were not previously using\n--nodeport-addresses, to avoid surprising behavior.\n\n(This behavior is enabled by default with the nftables backend; you would\nneed to explicitly request `--nodeport-addresses 0.0.0.0/0,::/0` there to get\nthe traditional \"listen on all interfaces\" behavior.)", - "markdown": "The kube-proxy nodeportAddresses / --nodeport-addresses option now\n accepts the value \"primary\", meaning to only listen for NodePort connections\n on the node's primary IPv4 and/or IPv6 address (according to the Node object).\n This is strongly recommended, if you were not previously using\n --nodeport-addresses, to avoid surprising behavior.\n \n (This behavior is enabled by default with the nftables backend; you would\n need to explicitly request `--nodeport-addresses 0.0.0.0/0,::/0` there to get\n the traditional \"listen on all interfaces\" behavior.) ([#123105](https://github.com/kubernetes/kubernetes/pull/123105), [@danwinship](https://github.com/danwinship)) [SIG API Machinery, Network and Windows]", + "text": "Added support to the kube-proxy nodePortAddresses / --nodeport-addresses option to\naccept the value \"primary\", meaning to only listen for NodePort connections\non the node's primary IPv4 and/or IPv6 address (according to the Node object).\nThis is strongly recommended, if you were not previously using\n--nodeport-addresses, to avoid surprising behavior.\n(This behavior is enabled by default with the nftables backend; you would\nneed to explicitly request `--nodeport-addresses 0.0.0.0/0,::/0` there to get\nthe traditional \"listen on all interfaces\" behavior.)", + "markdown": "Added support to the kube-proxy nodePortAddresses / --nodeport-addresses option to\n accept the value \"primary\", meaning to only listen for NodePort connections\n on the node's primary IPv4 and/or IPv6 address (according to the Node object).\n This is strongly recommended, if you were not previously using\n --nodeport-addresses, to avoid surprising behavior.\n (This behavior is enabled by default with the nftables backend; you would\n need to explicitly request `--nodeport-addresses 0.0.0.0/0,::/0` there to get\n the traditional \"listen on all interfaces\" behavior.) ([#123105](https://github.com/kubernetes/kubernetes/pull/123105), [@danwinship](https://github.com/danwinship)) [SIG API Machinery, Network and Windows]", "author": "danwinship", "author_url": "https://github.com/danwinship", "pr_url": "https://github.com/kubernetes/kubernetes/pull/123105", @@ -712,8 +825,8 @@ }, "123149": { "commit": "6d4250ed413223c2f0a1ab8c253780bf43747bb6", - "text": "Add `--keep-*` flags to `kubectl debug`, which enables to control the removal of probes, labels, annotations and initContainers from copy pod.", - "markdown": "Add `--keep-*` flags to `kubectl debug`, which enables to control the removal of probes, labels, annotations and initContainers from copy pod. ([#123149](https://github.com/kubernetes/kubernetes/pull/123149), [@mochizuki875](https://github.com/mochizuki875)) [SIG CLI and Testing]", + "text": "Added `--keep-*` flags to `kubectl debug`, which enables to control the removal\nof probes, labels, annotations and initContainers from copy pod.", + "markdown": "Added `--keep-*` flags to `kubectl debug`, which enables to control the removal\n of probes, labels, annotations and initContainers from copy pod. ([#123149](https://github.com/kubernetes/kubernetes/pull/123149), [@mochizuki875](https://github.com/mochizuki875)) [SIG CLI and Testing]", "author": "mochizuki875", "author_url": "https://github.com/mochizuki875", "pr_url": "https://github.com/kubernetes/kubernetes/pull/123149", @@ -735,8 +848,8 @@ }, "123233": { "commit": "5cd78a1e9d928be0390b0fe4cae2966282a1babc", - "text": "Ensure daemonset controller to count old unhealthy pods towards max unavailable budget", - "markdown": "Ensure daemonset controller to count old unhealthy pods towards max unavailable budget ([#123233](https://github.com/kubernetes/kubernetes/pull/123233), [@marshallbrekka](https://github.com/marshallbrekka)) [SIG Apps]", + "text": "Ensured daemonset controller counts old unhealthy pods towards max unavailable budget.", + "markdown": "Ensured daemonset controller counts old unhealthy pods towards max unavailable budget. ([#123233](https://github.com/kubernetes/kubernetes/pull/123233), [@marshallbrekka](https://github.com/marshallbrekka)) [SIG Apps]", "author": "marshallbrekka", "author_url": "https://github.com/marshallbrekka", "pr_url": "https://github.com/kubernetes/kubernetes/pull/123233", @@ -751,8 +864,8 @@ }, "123315": { "commit": "72226c75115aaeb6090b40c34af323c3334f7065", - "text": "Graduated support for CDI device IDs to general availability. The `DevicePluginCDIDevices` feature gate is now enabled unconditionally.", - "markdown": "Graduated support for CDI device IDs to general availability. The `DevicePluginCDIDevices` feature gate is now enabled unconditionally. ([#123315](https://github.com/kubernetes/kubernetes/pull/123315), [@bart0sh](https://github.com/bart0sh)) [SIG Node]", + "text": "Graduated support for Container Device Interface (CDI) device IDs to general availability. The `DevicePluginCDIDevices` feature gate is now enabled unconditionally.", + "markdown": "Graduated support for Container Device Interface (CDI) device IDs to general availability. The `DevicePluginCDIDevices` feature gate is now enabled unconditionally. ([#123315](https://github.com/kubernetes/kubernetes/pull/123315), [@bart0sh](https://github.com/bart0sh)) [SIG Node]", "author": "bart0sh", "author_url": "https://github.com/bart0sh", "pr_url": "https://github.com/kubernetes/kubernetes/pull/123315", @@ -787,8 +900,8 @@ }, "123398": { "commit": "1fd835ce59a3ade6290d13c4ff6b52d2875b6042", - "text": "the kubelet is no longer able to recover from device manager state file older than 1.20. If the proper recommended upgrade flow is followed, there should be no issue.", - "markdown": "The kubelet is no longer able to recover from device manager state file older than 1.20. If the proper recommended upgrade flow is followed, there should be no issue. ([#123398](https://github.com/kubernetes/kubernetes/pull/123398), [@ffromani](https://github.com/ffromani)) [SIG Node and Testing]", + "text": "Kubelet is no longer able to recover from device manager state file older than 1.20. If the proper recommended upgrade flow is followed, there should be no issue.", + "markdown": "Kubelet is no longer able to recover from device manager state file older than 1.20. If the proper recommended upgrade flow is followed, there should be no issue. ([#123398](https://github.com/kubernetes/kubernetes/pull/123398), [@ffromani](https://github.com/ffromani)) [SIG Node and Testing]", "author": "ffromani", "author_url": "https://github.com/ffromani", "pr_url": "https://github.com/kubernetes/kubernetes/pull/123398", @@ -840,8 +953,8 @@ }, "123513": { "commit": "bc3b8f6c6bc85c21aebc3f5d3ebf507cc7f38f9b", - "text": "Move ConsistentListFromCache feature flag to Beta and enable it by default", - "markdown": "Move ConsistentListFromCache feature flag to Beta and enable it by default ([#123513](https://github.com/kubernetes/kubernetes/pull/123513), [@serathius](https://github.com/serathius)) [SIG API Machinery and Testing]", + "text": "Moved `ConsistentListFromCache` feature flag to beta and enabled it by default.", + "markdown": "Moved `ConsistentListFromCache` feature flag to beta and enabled it by default. ([#123513](https://github.com/kubernetes/kubernetes/pull/123513), [@serathius](https://github.com/serathius)) [SIG API Machinery and Testing]", "author": "serathius", "author_url": "https://github.com/serathius", "pr_url": "https://github.com/kubernetes/kubernetes/pull/123513", @@ -863,8 +976,8 @@ }, "123545": { "commit": "501cfb7482317d7c8da7eaddf11f71820730824d", - "text": "Updated description of default values for --healthz-bind-address and --metrics-bind-address parameters", - "markdown": "Updated description of default values for --healthz-bind-address and --metrics-bind-address parameters ([#123545](https://github.com/kubernetes/kubernetes/pull/123545), [@yangjunmyfm192085](https://github.com/yangjunmyfm192085)) [SIG Network]", + "text": "Updated description of default values for `--healthz-bind-address` and `--metrics-bind-address` parameters.", + "markdown": "Updated description of default values for `--healthz-bind-address` and `--metrics-bind-address` parameters. ([#123545](https://github.com/kubernetes/kubernetes/pull/123545), [@yangjunmyfm192085](https://github.com/yangjunmyfm192085)) [SIG Network]", "author": "yangjunmyfm192085", "author_url": "https://github.com/yangjunmyfm192085", "pr_url": "https://github.com/kubernetes/kubernetes/pull/123545", @@ -882,8 +995,8 @@ }, "123572": { "commit": "6f6ba4ae7fd77b2022970c796c6b6ef8fb915c68", - "text": "CEL: add name formats library", - "markdown": "CEL: add name formats library ([#123572](https://github.com/kubernetes/kubernetes/pull/123572), [@alexzielenski](https://github.com/alexzielenski)) [SIG API Machinery]", + "text": "CEL: added name formats library.", + "markdown": "CEL: added name formats library. ([#123572](https://github.com/kubernetes/kubernetes/pull/123572), [@alexzielenski](https://github.com/alexzielenski)) [SIG API Machinery]", "documentation": [ { "description": "[KEP]", @@ -909,8 +1022,8 @@ }, "123587": { "commit": "b38cce123d79980b9dfbf873f2d073f2c2ced733", - "text": "Fix \"-kube-test-repo-list\" e2e flag may not take effect", - "markdown": "Fix \"-kube-test-repo-list\" e2e flag may not take effect ([#123587](https://github.com/kubernetes/kubernetes/pull/123587), [@huww98](https://github.com/huww98)) [SIG API Machinery, Apps, Autoscaling, CLI, Network, Node, Scheduling, Storage, Testing and Windows]", + "text": "Fixed \"-kube-test-repo-list\" e2e flag may not take effect.", + "markdown": "Fixed \"-kube-test-repo-list\" e2e flag may not take effect. ([#123587](https://github.com/kubernetes/kubernetes/pull/123587), [@huww98](https://github.com/huww98)) [SIG API Machinery, Apps, Autoscaling, CLI, Network, Node, Scheduling, Storage, Testing and Windows]", "author": "huww98", "author_url": "https://github.com/huww98", "pr_url": "https://github.com/kubernetes/kubernetes/pull/123587", @@ -939,8 +1052,8 @@ }, "123597": { "commit": "9d945ba5a520438ac8cf7a77200ae6a8d2d8bd4b", - "text": "Added an extra line between two different key value pairs under data when running kubectl describe configmap", - "markdown": "Added an extra line between two different key value pairs under data when running kubectl describe configmap ([#123597](https://github.com/kubernetes/kubernetes/pull/123597), [@siddhantvirus](https://github.com/siddhantvirus)) [SIG CLI]", + "text": "Added an extra line between two different key value pairs under data when running `kubectl describe configmap`.", + "markdown": "Added an extra line between two different key value pairs under data when running `kubectl describe configmap`. ([#123597](https://github.com/kubernetes/kubernetes/pull/123597), [@siddhantvirus](https://github.com/siddhantvirus)) [SIG CLI]", "author": "siddhantvirus", "author_url": "https://github.com/siddhantvirus", "pr_url": "https://github.com/kubernetes/kubernetes/pull/123597", @@ -958,8 +1071,8 @@ }, "123620": { "commit": "5cb71ec2e4c506078449b6a3bbaac44ab03909ce", - "text": "Fixed a bug in the JSON frame reader that could cause it to retain a reference to the underlying array of the byte slice passed to Read.", - "markdown": "Fixed a bug in the JSON frame reader that could cause it to retain a reference to the underlying array of the byte slice passed to Read. ([#123620](https://github.com/kubernetes/kubernetes/pull/123620), [@benluddy](https://github.com/benluddy)) [SIG API Machinery]", + "text": "Fixed a bug in the JSON frame reader that could cause it to retain a reference to the underlying array of the byte slice passed to read.", + "markdown": "Fixed a bug in the JSON frame reader that could cause it to retain a reference to the underlying array of the byte slice passed to read. ([#123620](https://github.com/kubernetes/kubernetes/pull/123620), [@benluddy](https://github.com/benluddy)) [SIG API Machinery]", "author": "benluddy", "author_url": "https://github.com/benluddy", "pr_url": "https://github.com/kubernetes/kubernetes/pull/123620", @@ -974,8 +1087,8 @@ }, "123638": { "commit": "8ac9d949730a57a41a1a44f8964bd84ab8ab2667", - "text": "Graduate MatchLabelKeys/MismatchLabelKeys feature in PodAffinity/PodAntiAffinity to Beta", - "markdown": "Graduate MatchLabelKeys/MismatchLabelKeys feature in PodAffinity/PodAntiAffinity to Beta ([#123638](https://github.com/kubernetes/kubernetes/pull/123638), [@sanposhiho](https://github.com/sanposhiho)) [SIG API Machinery, Apps, Scheduling and Testing]", + "text": "Graduated MatchLabelKeys/MismatchLabelKeys feature in PodAffinity/PodAntiAffinity to Beta.", + "markdown": "Graduated MatchLabelKeys/MismatchLabelKeys feature in PodAffinity/PodAntiAffinity to Beta. ([#123638](https://github.com/kubernetes/kubernetes/pull/123638), [@sanposhiho](https://github.com/sanposhiho)) [SIG API Machinery, Apps, Scheduling and Testing]", "documentation": [ { "description": "[KEP]", @@ -1095,8 +1208,8 @@ }, "123809": { "commit": "85d55b67371bae83aa73a3a65b23520e0f22a74b", - "text": "Emition of RecreatingFailedPod and RecreatingTerminatedPod events has been removed from stateful set lifecycle.", - "markdown": "Emition of RecreatingFailedPod and RecreatingTerminatedPod events has been removed from stateful set lifecycle. ([#123809](https://github.com/kubernetes/kubernetes/pull/123809), [@atiratree](https://github.com/atiratree)) [SIG Apps and Testing]", + "text": "The emission of RecreatingFailedPod and RecreatingTerminatedPod events has been\nremoved from the StatefulSet lifecycle.", + "markdown": "The emission of RecreatingFailedPod and RecreatingTerminatedPod events has been\n removed from the StatefulSet lifecycle. ([#123809](https://github.com/kubernetes/kubernetes/pull/123809), [@atiratree](https://github.com/atiratree)) [SIG Apps and Testing]", "author": "atiratree", "author_url": "https://github.com/atiratree", "pr_url": "https://github.com/kubernetes/kubernetes/pull/123809", @@ -1117,8 +1230,8 @@ }, "123822": { "commit": "d9d698694862718813294c8672a046cb91cdb759", - "text": "Fixes a missing `status.` prefix on custom resource validation error messages.", - "markdown": "Fixes a missing `status.` prefix on custom resource validation error messages. ([#123822](https://github.com/kubernetes/kubernetes/pull/123822), [@JoelSpeed](https://github.com/JoelSpeed)) [SIG API Machinery]", + "text": "Fixed a missing status prefix in custom resource validation error messages.", + "markdown": "Fixed a missing status prefix in custom resource validation error messages. ([#123822](https://github.com/kubernetes/kubernetes/pull/123822), [@JoelSpeed](https://github.com/JoelSpeed))", "author": "JoelSpeed", "author_url": "https://github.com/JoelSpeed", "pr_url": "https://github.com/kubernetes/kubernetes/pull/123822", @@ -1192,8 +1305,8 @@ }, "123905": { "commit": "534d7cbc1a6c628e78e28a61a5c37e86f18077bf", - "text": "Services implement a field selector for the ClusterIP and Type fields.\nKubelet uses the fieldselector on Services to avoid watching for Headless Services and reduce the memory consumption.", - "markdown": "Services implement a field selector for the ClusterIP and Type fields.\n Kubelet uses the fieldselector on Services to avoid watching for Headless Services and reduce the memory consumption. ([#123905](https://github.com/kubernetes/kubernetes/pull/123905), [@aojea](https://github.com/aojea)) [SIG Apps, Node and Testing]", + "text": "Services implemented a field selector for the ClusterIP and Type fields.\nThe Kubelet uses this field selector to avoid monitoring Headless Services, which helps reduce memory consumption.", + "markdown": "Services implemented a field selector for the ClusterIP and Type fields.\n The Kubelet uses this field selector to avoid monitoring Headless Services, which helps reduce memory consumption. ([#123905](https://github.com/kubernetes/kubernetes/pull/123905), [@aojea](https://github.com/aojea)) [SIG Apps, Node and Testing]", "author": "aojea", "author_url": "https://github.com/aojea", "pr_url": "https://github.com/kubernetes/kubernetes/pull/123905", @@ -1216,8 +1329,8 @@ }, "123919": { "commit": "39c6bc31363ddce17edcc85fe6e3a15d5bf928e6", - "text": "Add apiserver.latency.k8s.io/apf-queue-wait annotation to the audit log to record the time spent waiting in apf queue", - "markdown": "Add apiserver.latency.k8s.io/apf-queue-wait annotation to the audit log to record the time spent waiting in apf queue ([#123919](https://github.com/kubernetes/kubernetes/pull/123919), [@hakuna-matatah](https://github.com/hakuna-matatah)) [SIG API Machinery]", + "text": "Added apiserver.latency.k8s.io/apf-queue-wait annotation to the audit log\nto record the time spent waiting in APF queue.", + "markdown": "Added apiserver.latency.k8s.io/apf-queue-wait annotation to the audit log\n to record the time spent waiting in APF queue. ([#123919](https://github.com/kubernetes/kubernetes/pull/123919), [@hakuna-matatah](https://github.com/hakuna-matatah)) [SIG API Machinery]", "author": "hakuna-matatah", "author_url": "https://github.com/hakuna-matatah", "pr_url": "https://github.com/kubernetes/kubernetes/pull/123919", @@ -1234,10 +1347,46 @@ "feature": true, "is_mapped": true }, + "124012": { + "commit": "5f5c02da51cd3146f30c6ee56013c983f4999d9c", + "text": "Added Coordinated Leader Election as Alpha under the `CoordinatedLeaderElection` feature gate. With the feature enabled, the control plane can use LeaseCandidate objects (coordination.k8s.io/v1alpha1 API group) to participate in a leader election and let the kube-apiserver select the best instance according to some strategy.", + "markdown": "Added Coordinated Leader Election as Alpha under the `CoordinatedLeaderElection` feature gate. With the feature enabled, the control plane can use LeaseCandidate objects (coordination.k8s.io/v1alpha1 API group) to participate in a leader election and let the kube-apiserver select the best instance according to some strategy. ([#124012](https://github.com/kubernetes/kubernetes/pull/124012), [@Jefftree](https://github.com/Jefftree)) [SIG API Machinery, Apps, Auth, Cloud Provider, Etcd, Node, Release, Scheduling and Testing]", + "author": "Jefftree", + "author_url": "https://github.com/Jefftree", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/124012", + "pr_number": 124012, + "areas": [ + "test", + "apiserver", + "provider/gcp", + "release-eng", + "code-generation", + "dependency" + ], + "kinds": [ + "api-change", + "feature" + ], + "sigs": [ + "api-machinery", + "apps", + "auth", + "cloud-provider", + "etcd", + "node", + "release", + "scheduling", + "testing" + ], + "feature": true, + "duplicate": true, + "duplicate_kind": true, + "is_mapped": true + }, "124017": { "commit": "1ff1207d22ab5cf442c8dafdf5bded1e32519873", - "text": "kube-controller-manager removes deprecated command flags: --volume-host-cidr-denylist and --volume-host-allow-local-loopback", - "markdown": "Kube-controller-manager removes deprecated command flags: --volume-host-cidr-denylist and --volume-host-allow-local-loopback ([#124017](https://github.com/kubernetes/kubernetes/pull/124017), [@carlory](https://github.com/carlory)) [SIG API Machinery, Apps, Cloud Provider and Storage]", + "text": "Removed deprecated command flags --volume-host-cidr-denylist\nand --volume-host-allow-local-loopback from kube-controller-manager.\n", + "markdown": "Removed deprecated command flags --volume-host-cidr-denylist\n and --volume-host-allow-local-loopback from kube-controller-manager.\n ([#124017](https://github.com/kubernetes/kubernetes/pull/124017), [@carlory](https://github.com/carlory)) [SIG API Machinery, Apps, Cloud Provider and Storage]", "author": "carlory", "author_url": "https://github.com/carlory", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124017", @@ -1262,8 +1411,8 @@ }, "124025": { "commit": "80212923db1a49fc2954294ca045ba0a251f00e4", - "text": "Continue streaming kubelet logs when the CRI server of the runtime is unavailable.", - "markdown": "Continue streaming kubelet logs when the CRI server of the runtime is unavailable. ([#124025](https://github.com/kubernetes/kubernetes/pull/124025), [@saschagrunert](https://github.com/saschagrunert)) [SIG Node]", + "text": "Continued streaming kubelet logs when the CRI server of the runtime was unavailable.", + "markdown": "Continued streaming kubelet logs when the CRI server of the runtime was unavailable. ([#124025](https://github.com/kubernetes/kubernetes/pull/124025), [@saschagrunert](https://github.com/saschagrunert)) [SIG Node]", "author": "saschagrunert", "author_url": "https://github.com/saschagrunert", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124025", @@ -1282,8 +1431,8 @@ }, "124026": { "commit": "c67ea2f7794bd933c806799555e1b2eb8f0e11db", - "text": "Build etcd image v3.5.13", - "markdown": "Build etcd image v3.5.13 ([#124026](https://github.com/kubernetes/kubernetes/pull/124026), [@liangyuanpeng](https://github.com/liangyuanpeng)) [SIG API Machinery and Etcd]", + "text": "Built etcd image v3.5.13.", + "markdown": "Built etcd image v3.5.13. ([#124026](https://github.com/kubernetes/kubernetes/pull/124026), [@liangyuanpeng](https://github.com/liangyuanpeng)) [SIG API Machinery and Etcd]", "author": "liangyuanpeng", "author_url": "https://github.com/liangyuanpeng", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124026", @@ -1303,8 +1452,8 @@ }, "124027": { "commit": "695a984f569bec2835bcb3ac8474cebefd020994", - "text": "etcd: Update to v3.5.13", - "markdown": "Etcd: Update to v3.5.13 ([#124027](https://github.com/kubernetes/kubernetes/pull/124027), [@liangyuanpeng](https://github.com/liangyuanpeng)) [SIG API Machinery, Cloud Provider, Cluster Lifecycle, Etcd and Testing]", + "text": "etcd: Updated to v3.5.13.", + "markdown": "Etcd: Updated to v3.5.13. ([#124027](https://github.com/kubernetes/kubernetes/pull/124027), [@liangyuanpeng](https://github.com/liangyuanpeng)) [SIG API Machinery, Cloud Provider, Cluster Lifecycle, Etcd and Testing]", "author": "liangyuanpeng", "author_url": "https://github.com/liangyuanpeng", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124027", @@ -1329,8 +1478,8 @@ }, "124038": { "commit": "f3e7e008a4848497e96db115dc0e22e4e7c7288c", - "text": "kubeadm: stop storing the ResolverConfig in the global KubeletConfiguration and instead set it dynamically for each node", - "markdown": "Kubeadm: stop storing the ResolverConfig in the global KubeletConfiguration and instead set it dynamically for each node ([#124038](https://github.com/kubernetes/kubernetes/pull/124038), [@SataQiu](https://github.com/SataQiu)) [SIG Cluster Lifecycle]", + "text": "'kubeadm: Stopped storing the ResolverConfig in the global KubeletConfiguration\nand sets it dynamically for each node instead.'", + "markdown": "'kubeadm: Stopped storing the ResolverConfig in the global KubeletConfiguration\n and sets it dynamically for each node instead.' ([#124038](https://github.com/kubernetes/kubernetes/pull/124038), [@SataQiu](https://github.com/SataQiu)) [SIG Cluster Lifecycle]", "author": "SataQiu", "author_url": "https://github.com/SataQiu", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124038", @@ -1350,8 +1499,8 @@ }, "124055": { "commit": "846e282d0523fdb23522e6b318186aa80593c594", - "text": "\"NONE\"", - "markdown": "\"NONE\" ([#124055](https://github.com/kubernetes/kubernetes/pull/124055), [@yangjunmyfm192085](https://github.com/yangjunmyfm192085)) [SIG Scheduling]", + "text": "Optimized log output to avoid printing out redundant information of the pod.", + "markdown": "Optimized log output to avoid printing out redundant information of the pod. ([#124055](https://github.com/kubernetes/kubernetes/pull/124055), [@yangjunmyfm192085](https://github.com/yangjunmyfm192085)) [SIG Scheduling]", "author": "yangjunmyfm192085", "author_url": "https://github.com/yangjunmyfm192085", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124055", @@ -1365,10 +1514,30 @@ "do_not_publish": true, "is_mapped": true }, + "124061": { + "commit": "04d2f336419b5a824cb96cb88462ef18a90d619d", + "text": "CustomResourceDefinition objects created with non-empty `caBundle` fields which are invalid or do not contain any certificates will not appear in discovery or serve endpoints until a valid `caBundle` is provided. Updates to CustomResourceDefinition are no longer allowed to transition a valid `caBundle` field to an invalid `caBundle` field, because this breaks serving of the existing CustomResourceDefinition.", + "markdown": "CustomResourceDefinition objects created with non-empty `caBundle` fields which are invalid or do not contain any certificates will not appear in discovery or serve endpoints until a valid `caBundle` is provided. Updates to CustomResourceDefinition are no longer allowed to transition a valid `caBundle` field to an invalid `caBundle` field, because this breaks serving of the existing CustomResourceDefinition. ([#124061](https://github.com/kubernetes/kubernetes/pull/124061), [@Jefftree](https://github.com/Jefftree)) [SIG API Machinery]", + "author": "Jefftree", + "author_url": "https://github.com/Jefftree", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/124061", + "pr_number": 124061, + "areas": [ + "apiserver" + ], + "kinds": [ + "bug", + "api-change" + ], + "sigs": [ + "api-machinery" + ], + "duplicate_kind": true + }, "124063": { "commit": "a7ece470e56f0479573db2632031d274867d96b1", - "text": "Fixes a bug where hard evictions due to resource pressure would let the pod have the full termination grace period, instead of shutting down instantly. This bug also affected force deleted pods. Both cases now get a termination grace period of 1 second.", - "markdown": "Fixes a bug where hard evictions due to resource pressure would let the pod have the full termination grace period, instead of shutting down instantly. This bug also affected force deleted pods. Both cases now get a termination grace period of 1 second. ([#124063](https://github.com/kubernetes/kubernetes/pull/124063), [@olyazavr](https://github.com/olyazavr)) [SIG Node]", + "text": "Fixed a bug where hard evictions due to resource pressure allowed pods\nto use the full termination grace period instead of shutting down instantly. \nThis bug also affected force deleted pods. Both cases now receive a termination grace period of 1 second.", + "markdown": "Fixed a bug where hard evictions due to resource pressure allowed pods\n to use the full termination grace period instead of shutting down instantly. \n This bug also affected force deleted pods. Both cases now receive a termination grace period of 1 second. ([#124063](https://github.com/kubernetes/kubernetes/pull/124063), [@olyazavr](https://github.com/olyazavr)) [SIG Node]", "author": "olyazavr", "author_url": "https://github.com/olyazavr", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124063", @@ -1386,8 +1555,8 @@ }, "124075": { "commit": "62895895094cbb59fe39176afd484ce3d2505b61", - "text": "DRA: client-side validation of a ResourceHandle would have accepted a missing DriverName, whereas server-side validation then would have raised an error.", - "markdown": "DRA: client-side validation of a ResourceHandle would have accepted a missing DriverName, whereas server-side validation then would have raised an error. ([#124075](https://github.com/kubernetes/kubernetes/pull/124075), [@pohly](https://github.com/pohly)) [SIG Apps]", + "text": "Dynamic Resource Allocation (DRA): client-side validation of a ResourceHandle would have accepted a missing DriverName, whereas server-side validation then would have raised an error.", + "markdown": "Dynamic Resource Allocation (DRA): client-side validation of a ResourceHandle would have accepted a missing DriverName, whereas server-side validation then would have raised an error. ([#124075](https://github.com/kubernetes/kubernetes/pull/124075), [@pohly](https://github.com/pohly)) [SIG Apps]", "author": "pohly", "author_url": "https://github.com/pohly", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124075", @@ -1407,8 +1576,8 @@ }, "124091": { "commit": "bbfd2145dee670458d623800567facca13e27cc3", - "text": "kubelet no longer crashes when a DRA driver returns a nil as part of the Node(Un)PrepareResources response instead of an empty struct (did not affect drivers written in Go, first showed up with a driver written in Rust).", - "markdown": "Kubelet no longer crashes when a DRA driver returns a nil as part of the Node(Un)PrepareResources response instead of an empty struct (did not affect drivers written in Go, first showed up with a driver written in Rust). ([#124091](https://github.com/kubernetes/kubernetes/pull/124091), [@bitoku](https://github.com/bitoku)) [SIG Node]", + "text": "Fixed kubelet so it would no longer crash when a DRA(Dynamic Resource Allocation) driver returns a nil as part of the Node(Un)PrepareResources response instead of an empty struct (Did not affect drivers written in Go, first showed up with a driver written in Rust). returns a nil as part of the Node(Un)PrepareResources response instead of an empty struct (did not affect drivers written in Go, first showed up with a driver written in Rust).", + "markdown": "Fixed kubelet so it would no longer crash when a DRA(Dynamic Resource Allocation) driver returns a nil as part of the Node(Un)PrepareResources response instead of an empty struct (Did not affect drivers written in Go, first showed up with a driver written in Rust). returns a nil as part of the Node(Un)PrepareResources response instead of an empty struct (did not affect drivers written in Go, first showed up with a driver written in Rust). ([#124091](https://github.com/kubernetes/kubernetes/pull/124091), [@bitoku](https://github.com/bitoku)) [SIG Node]", "author": "bitoku", "author_url": "https://github.com/bitoku", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124091", @@ -1446,10 +1615,32 @@ "duplicate": true, "is_mapped": true }, + "124101": { + "commit": "e9d9a82839bfe4f159e5bc101d39f7c568699f80", + "text": "Fixed a bug where the Kubelet didn't calculate the process usage of pods correctly, leading to pods never getting evicted for PID use.", + "markdown": "Fixed a bug where the Kubelet didn't calculate the process usage of pods correctly, leading to pods never getting evicted for PID use. ([#124101](https://github.com/kubernetes/kubernetes/pull/124101), [@haircommander](https://github.com/haircommander)) [SIG Node and Testing]", + "author": "haircommander", + "author_url": "https://github.com/haircommander", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/124101", + "pr_number": 124101, + "areas": [ + "test", + "kubelet" + ], + "kinds": [ + "bug" + ], + "sigs": [ + "node", + "testing" + ], + "duplicate": true, + "is_mapped": true + }, "124116": { "commit": "3261821fbcb99a34f7f442ff80e8f706734ee322", - "text": "Fix Deep Copy issue in getting controller reference", - "markdown": "Fix Deep Copy issue in getting controller reference ([#124116](https://github.com/kubernetes/kubernetes/pull/124116), [@HiranmoyChowdhury](https://github.com/HiranmoyChowdhury)) [SIG API Machinery and Release]", + "text": "Fixed a deep copy issue when retrieving the controller reference.", + "markdown": "Fixed a deep copy issue when retrieving the controller reference. ([#124116](https://github.com/kubernetes/kubernetes/pull/124116), [@HiranmoyChowdhury](https://github.com/HiranmoyChowdhury)) [SIG API Machinery and Release]", "author": "HiranmoyChowdhury", "author_url": "https://github.com/HiranmoyChowdhury", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124116", @@ -1471,8 +1662,8 @@ }, "124123": { "commit": "ca4a864336bdb1d61bc19e90a9c81ac6c661e6d7", - "text": "Make kubectl find `kubectl-create-subcommand` plugins also when positional arguments exists, e.g. `kubectl create subcommand arg`.", - "markdown": "Make kubectl find `kubectl-create-subcommand` plugins also when positional arguments exists, e.g. `kubectl create subcommand arg`. ([#124123](https://github.com/kubernetes/kubernetes/pull/124123), [@sttts](https://github.com/sttts)) [SIG CLI]", + "text": "Enabled kubectl to find `kubectl-create-subcommand` plugins when positional\narguments exists, e.g. `kubectl create subcommand arg`.", + "markdown": "Enabled kubectl to find `kubectl-create-subcommand` plugins when positional\n arguments exists, e.g. `kubectl create subcommand arg`. ([#124123](https://github.com/kubernetes/kubernetes/pull/124123), [@sttts](https://github.com/sttts)) [SIG CLI]", "author": "sttts", "author_url": "https://github.com/sttts", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124123", @@ -1490,8 +1681,8 @@ }, "124131": { "commit": "d83cd48e5ebbb1b073164a574ef9aa5a68569d9c", - "text": "Endpointslices mirrored from Endpoints by the EndpointSliceMirroring controller were not reconciled if modified", - "markdown": "Endpointslices mirrored from Endpoints by the EndpointSliceMirroring controller were not reconciled if modified ([#124131](https://github.com/kubernetes/kubernetes/pull/124131), [@zyjhtangtang](https://github.com/zyjhtangtang)) [SIG Apps and Network]", + "text": "Fixed the bug where if Endpointslices mirrored from Endpoints by the EndpointSliceMirroring controller they would not reconcile if modified. were not reconciled if modified", + "markdown": "Fixed the bug where if Endpointslices mirrored from Endpoints by the EndpointSliceMirroring controller they would not reconcile if modified. were not reconciled if modified ([#124131](https://github.com/kubernetes/kubernetes/pull/124131), [@zyjhtangtang](https://github.com/zyjhtangtang)) [SIG Apps and Network]", "author": "zyjhtangtang", "author_url": "https://github.com/zyjhtangtang", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124131", @@ -1508,8 +1699,8 @@ }, "124147": { "commit": "7196c749f27e995b307b584cbf3b50a7056f3fc4", - "text": "Kubemark: adds two flags, `--kube-api-qps` and `--kube-api-burst`", - "markdown": "Kubemark: adds two flags, `--kube-api-qps` and `--kube-api-burst` ([#124147](https://github.com/kubernetes/kubernetes/pull/124147), [@devincd](https://github.com/devincd)) [SIG Scalability]", + "text": "Kubemark: added two flags, `--kube-api-qps` which indicates the maximum QPS to the apiserver, and `--kube-api-burst` which indicates maximum burst for throttle to the apiserver.", + "markdown": "Kubemark: added two flags, `--kube-api-qps` which indicates the maximum QPS to the apiserver, and `--kube-api-burst` which indicates maximum burst for throttle to the apiserver. ([#124147](https://github.com/kubernetes/kubernetes/pull/124147), [@devincd](https://github.com/devincd)) [SIG Scalability]", "author": "devincd", "author_url": "https://github.com/devincd", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124147", @@ -1630,8 +1821,8 @@ }, "124220": { "commit": "dad8fe71f2b2b942b125b3bbbab60e5f2bb5fa1f", - "text": "Kubelet will not restart the container when fields other than image in the pod spec change.", - "markdown": "Kubelet will not restart the container when fields other than image in the pod spec change. ([#124220](https://github.com/kubernetes/kubernetes/pull/124220), [@HirazawaUi](https://github.com/HirazawaUi)) [SIG Node]", + "text": "Kubelet would not restart the container when fields other than image in the Pod spec change. pod spec change.", + "markdown": "Kubelet would not restart the container when fields other than image in the Pod spec change. pod spec change. ([#124220](https://github.com/kubernetes/kubernetes/pull/124220), [@HirazawaUi](https://github.com/HirazawaUi)) [SIG Node]", "author": "HirazawaUi", "author_url": "https://github.com/HirazawaUi", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124220", @@ -1650,8 +1841,8 @@ }, "124221": { "commit": "b2a8ac15a0db0d3f2c7ae6c221ed56e2e3cde7fb", - "text": "Fixed a typo in the help text for the pod_scheduling_sli_duration_seconds metric in kube-scheduler", - "markdown": "Fixed a typo in the help text for the pod_scheduling_sli_duration_seconds metric in kube-scheduler ([#124221](https://github.com/kubernetes/kubernetes/pull/124221), [@arturhoo](https://github.com/arturhoo)) [SIG Instrumentation, Scheduling and Testing]", + "text": "Fixed a typo in the help text for the pod_scheduling_sli_duration_seconds metric in kube-scheduler.", + "markdown": "Fixed a typo in the help text for the pod_scheduling_sli_duration_seconds metric in kube-scheduler. ([#124221](https://github.com/kubernetes/kubernetes/pull/124221), [@arturhoo](https://github.com/arturhoo)) [SIG Instrumentation, Scheduling and Testing]", "author": "arturhoo", "author_url": "https://github.com/arturhoo", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124221", @@ -1673,8 +1864,8 @@ }, "124281": { "commit": "4878acc5e58268c2c59054dc25c8f53c6a861501", - "text": "allow parameter to be set along with proto file path", - "markdown": "Allow parameter to be set along with proto file path ([#124281](https://github.com/kubernetes/kubernetes/pull/124281), [@fulviodenza](https://github.com/fulviodenza)) [SIG API Machinery]", + "text": "Allowed parameter to be set along with proto file path.", + "markdown": "Allowed parameter to be set along with proto file path. ([#124281](https://github.com/kubernetes/kubernetes/pull/124281), [@fulviodenza](https://github.com/fulviodenza)) [SIG API Machinery]", "author": "fulviodenza", "author_url": "https://github.com/fulviodenza", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124281", @@ -1692,8 +1883,8 @@ }, "124287": { "commit": "b27608875c45218f7a9fa6e9cfdfe17f15328bb2", - "text": "The scheduler implements QueueingHint in TaintToleration plugin, which enhances the throughput of scheduling.", - "markdown": "The scheduler implements QueueingHint in TaintToleration plugin, which enhances the throughput of scheduling. ([#124287](https://github.com/kubernetes/kubernetes/pull/124287), [@sanposhiho](https://github.com/sanposhiho)) [SIG Scheduling and Testing]", + "text": "The scheduler implemented QueueingHint in the TaintToleration plugin, enhancing the throughput of scheduling.", + "markdown": "The scheduler implemented QueueingHint in the TaintToleration plugin, enhancing the throughput of scheduling. ([#124287](https://github.com/kubernetes/kubernetes/pull/124287), [@sanposhiho](https://github.com/sanposhiho)) [SIG Scheduling and Testing]", "author": "sanposhiho", "author_url": "https://github.com/sanposhiho", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124287", @@ -1730,8 +1921,8 @@ }, "124316": { "commit": "5a71f37805246db1f7f681c4ee7da508054cc429", - "text": "ACTION-REQUIRED: DRA drivers using the v1alpha2 kubelet gRPC API are no longer supported and need to be updated.", - "markdown": "ACTION-REQUIRED: DRA drivers using the v1alpha2 kubelet gRPC API are no longer supported and need to be updated. ([#124316](https://github.com/kubernetes/kubernetes/pull/124316), [@pohly](https://github.com/pohly)) [SIG Node and Testing]", + "text": "ACTION-REQUIRED: Dynamic Resource Allocation (DRA) drivers using the v1alpha2 kubelet gRPC API are no longer supported and need to be updated.", + "markdown": "ACTION-REQUIRED: Dynamic Resource Allocation (DRA) drivers using the v1alpha2 kubelet gRPC API are no longer supported and need to be updated. ([#124316](https://github.com/kubernetes/kubernetes/pull/124316), [@pohly](https://github.com/pohly)) [SIG Node and Testing]", "documentation": [ { "description": "[KEP]", @@ -1774,13 +1965,12 @@ "storage" ], "duplicate": true, - "do_not_publish": true, - "is_mapped": true + "do_not_publish": true }, "124328": { "commit": "16a594f907d0d4a6224dab2d0704793d5e7898f6", - "text": "The name of CEL optional type has been changed from `optional` to `optional_type`.", - "markdown": "The name of CEL optional type has been changed from `optional` to `optional_type`. ([#124328](https://github.com/kubernetes/kubernetes/pull/124328), [@jiahuif](https://github.com/jiahuif)) [SIG API Machinery, Architecture, Auth, CLI, Cloud Provider, Network and Node]", + "text": "The name of CEL(Common Expression Language) optional type has been changed from `optional` to `optional_type`.", + "markdown": "The name of CEL(Common Expression Language) optional type has been changed from `optional` to `optional_type`. ([#124328](https://github.com/kubernetes/kubernetes/pull/124328), [@jiahuif](https://github.com/jiahuif)) [SIG API Machinery, Architecture, Auth, CLI, Cloud Provider, Network and Node]", "author": "jiahuif", "author_url": "https://github.com/jiahuif", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124328", @@ -1824,10 +2014,31 @@ ], "is_mapped": true }, + "124342": { + "commit": "52c0ed4673b30c2cb80d7ee680b6b8336fb1c488", + "text": "```\n\n#### Additional documentation e.g., KEPs (Kubernetes Enhancement Proposals), usage docs, etc.:\n\n\u003c!--\nThis section can be blank if this pull request does not require a release note.\n\nWhen adding links which point to resources within git repositories, like\nKEPs or supporting documentation, please reference a specific commit and avoid\nlinking directly to the master branch. This ensures that links reference a\nspecific point in time, rather than a document that may change over time.\n\nSee here for guidance on getting permanent links to files: https://help.github.com/en/articles/getting-permanent-links-to-files\n\nPlease use the following format for linking documentation:\n- [KEP]: \u003clink\u003e\n- [Usage]: \u003clink\u003e\n- [Other doc]: \u003clink\u003e\n--\u003e", + "markdown": "```\n \n #### Additional documentation e.g., KEPs (Kubernetes Enhancement Proposals), usage docs, etc.:\n \n \u003c!--\n This section can be blank if this pull request does not require a release note.\n \n When adding links which point to resources within git repositories, like\n KEPs or supporting documentation, please reference a specific commit and avoid\n linking directly to the master branch. This ensures that links reference a\n specific point in time, rather than a document that may change over time.\n \n See here for guidance on getting permanent links to files: https://help.github.com/en/articles/getting-permanent-links-to-files\n \n Please use the following format for linking documentation:\n - [KEP]: \u003clink\u003e\n - [Usage]: \u003clink\u003e\n - [Other doc]: \u003clink\u003e\n --\u003e ([#124342](https://github.com/kubernetes/kubernetes/pull/124342), [@zhifei92](https://github.com/zhifei92)) [SIG Node]", + "author": "zhifei92", + "author_url": "https://github.com/zhifei92", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/124342", + "pr_number": 124342, + "areas": [ + "kubelet" + ], + "kinds": [ + "bug", + "cleanup" + ], + "sigs": [ + "node" + ], + "duplicate_kind": true, + "do_not_publish": true + }, "124344": { "commit": "0b15f8cbfc611889f703495ee845b3c54bdd759d", - "text": "Fix a race condition in transforming informer happening when objects were accessed during Resync operation", - "markdown": "Fix a race condition in transforming informer happening when objects were accessed during Resync operation ([#124344](https://github.com/kubernetes/kubernetes/pull/124344), [@wojtek-t](https://github.com/wojtek-t)) [SIG API Machinery]", + "text": "Fixed a race condition in the transforming informer that occurred when objects were accessed during the Resync operation.", + "markdown": "Fixed a race condition in the transforming informer that occurred when objects were accessed during the Resync operation. ([#124344](https://github.com/kubernetes/kubernetes/pull/124344), [@wojtek-t](https://github.com/wojtek-t)) [SIG API Machinery]", "author": "wojtek-t", "author_url": "https://github.com/wojtek-t", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124344", @@ -1862,8 +2073,8 @@ }, "124352": { "commit": "bc05bef903c063423ac009569974ccbc81138d66", - "text": "Fix a race condition in kube-controller-manager and scheduler caused by a bug in transforming informer happening when objects were accessed during Resync operation by making the transforming function idempotent.", - "markdown": "Fix a race condition in kube-controller-manager and scheduler caused by a bug in transforming informer happening when objects were accessed during Resync operation by making the transforming function idempotent. ([#124352](https://github.com/kubernetes/kubernetes/pull/124352), [@wojtek-t](https://github.com/wojtek-t)) [SIG API Machinery and Scheduling]", + "text": "Fixed a race condition in kube-controller-manager and the scheduler, caused by\na bug in the transforming informer during the Resync operation, \nby making the transforming function idempotent.", + "markdown": "Fixed a race condition in kube-controller-manager and the scheduler, caused by\n a bug in the transforming informer during the Resync operation, \n by making the transforming function idempotent. ([#124352](https://github.com/kubernetes/kubernetes/pull/124352), [@wojtek-t](https://github.com/wojtek-t)) [SIG API Machinery and Scheduling]", "author": "wojtek-t", "author_url": "https://github.com/wojtek-t", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124352", @@ -1880,8 +2091,8 @@ }, "124361": { "commit": "e6efba3380c87503f918053c0511587485a2f828", - "text": "kubeadm: don't mount /etc/pki in kube-apisever and kube-controller-manager pods as an additional Linux system CA location. Mount /etc/pki/ca-trust and /etc/pki/tls/certs instead. /etc/ca-certificate, /usr/share/ca-certificates, /usr/local/share/ca-certificates and /etc/ssl/certs continue to be mounted.", - "markdown": "Kubeadm: don't mount /etc/pki in kube-apisever and kube-controller-manager pods as an additional Linux system CA location. Mount /etc/pki/ca-trust and /etc/pki/tls/certs instead. /etc/ca-certificate, /usr/share/ca-certificates, /usr/local/share/ca-certificates and /etc/ssl/certs continue to be mounted. ([#124361](https://github.com/kubernetes/kubernetes/pull/124361), [@neolit123](https://github.com/neolit123)) [SIG Cluster Lifecycle]", + "text": "kubeadm: Removed support for mounting /etc/pki as an additional Linux system CA location\nin kube-apisever and kube-controller-manager pods. Instead, it shifted to supporting the\nmounting of /etc/pki/ca-trust and /etc/pki/tls/certs. The locations /etc/ca-certificate,\n/usr/share/ca-certificates, /usr/local/share/ca-certificates, and /etc/ssl/certs continued\nto be supported.", + "markdown": "Kubeadm: Removed support for mounting /etc/pki as an additional Linux system CA location\n in kube-apisever and kube-controller-manager pods. Instead, it shifted to supporting the\n mounting of /etc/pki/ca-trust and /etc/pki/tls/certs. The locations /etc/ca-certificate,\n /usr/share/ca-certificates, /usr/local/share/ca-certificates, and /etc/ssl/certs continued\n to be supported. ([#124361](https://github.com/kubernetes/kubernetes/pull/124361), [@neolit123](https://github.com/neolit123)) [SIG Cluster Lifecycle]", "author": "neolit123", "author_url": "https://github.com/neolit123", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124361", @@ -1923,8 +2134,8 @@ }, "124373": { "commit": "6bb968c4d2097e12b90ac196bd1ef28d9bc467b4", - "text": "kubeadm: remove the deprecated and NO-OP \"kubeadm join control-plane-join update-status\" phase.", - "markdown": "Kubeadm: remove the deprecated and NO-OP \"kubeadm join control-plane-join update-status\" phase. ([#124373](https://github.com/kubernetes/kubernetes/pull/124373), [@neolit123](https://github.com/neolit123)) [SIG Cluster Lifecycle]", + "text": "kubeadm: removed the deprecated and NO-OP \"kubeadm join control-plane-join update-status\" phase.", + "markdown": "Kubeadm: removed the deprecated and NO-OP \"kubeadm join control-plane-join update-status\" phase. ([#124373](https://github.com/kubernetes/kubernetes/pull/124373), [@neolit123](https://github.com/neolit123)) [SIG Cluster Lifecycle]", "author": "neolit123", "author_url": "https://github.com/neolit123", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124373", @@ -1942,8 +2153,8 @@ }, "124374": { "commit": "c4bce63d9886e5f1fc00f8c3b5a13ea0d2bdf772", - "text": "kubeadm: remove the EXPERIMENTAL tag from the phase \"kubeadm join control-plane-prepare download-certs\".", - "markdown": "Kubeadm: remove the EXPERIMENTAL tag from the phase \"kubeadm join control-plane-prepare download-certs\". ([#124374](https://github.com/kubernetes/kubernetes/pull/124374), [@neolit123](https://github.com/neolit123)) [SIG Cluster Lifecycle]", + "text": "kubeadm: removed the EXPERIMENTAL tag from the phase \"kubeadm join control-plane-prepare download-certs\".", + "markdown": "Kubeadm: removed the EXPERIMENTAL tag from the phase \"kubeadm join control-plane-prepare download-certs\". ([#124374](https://github.com/kubernetes/kubernetes/pull/124374), [@neolit123](https://github.com/neolit123)) [SIG Cluster Lifecycle]", "author": "neolit123", "author_url": "https://github.com/neolit123", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124374", @@ -1961,8 +2172,8 @@ }, "124375": { "commit": "0e39ca84dc0224edf6b399772d6f4072b4fe8b9b", - "text": "kubeadm: the global --rootfs flag is now considered non-experimental.", - "markdown": "Kubeadm: the global --rootfs flag is now considered non-experimental. ([#124375](https://github.com/kubernetes/kubernetes/pull/124375), [@neolit123](https://github.com/neolit123)) [SIG Cluster Lifecycle]", + "text": "kubeadm: The global --rootfs flag considered non-experimental.", + "markdown": "Kubeadm: The global --rootfs flag considered non-experimental. ([#124375](https://github.com/kubernetes/kubernetes/pull/124375), [@neolit123](https://github.com/neolit123)) [SIG Cluster Lifecycle]", "author": "neolit123", "author_url": "https://github.com/neolit123", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124375", @@ -1980,8 +2191,8 @@ }, "124381": { "commit": "5d88b0e08f26055290ca808db061efc841494f93", - "text": "CEL expressions and `additionalProperties` are now allowed to be used under nested quantifiers in CRD schemas", - "markdown": "CEL expressions and `additionalProperties` are now allowed to be used under nested quantifiers in CRD schemas ([#124381](https://github.com/kubernetes/kubernetes/pull/124381), [@alexzielenski](https://github.com/alexzielenski)) [SIG API Machinery]", + "text": "Added support for CEL(Common Expression Language) expressions and `additionalProperties` to be used under nested quantifiers in CRD schemas.", + "markdown": "Added support for CEL(Common Expression Language) expressions and `additionalProperties` to be used under nested quantifiers in CRD schemas. ([#124381](https://github.com/kubernetes/kubernetes/pull/124381), [@alexzielenski](https://github.com/alexzielenski)) [SIG API Machinery]", "documentation": [ { "description": "[KEP]", @@ -2004,8 +2215,8 @@ }, "124383": { "commit": "bf07ef3950d80256cb366b035712b6d60b8a3f4c", - "text": "kube-proxy's nftables mode (--proxy-mode=nftables) is now beta and available by default.\n\nFIXME ADD MORE HERE BEFORE THE RELEASE, DOCS LINKS AND STUFF", - "markdown": "Kube-proxy's nftables mode (--proxy-mode=nftables) is now beta and available by default.\n \n FIXME ADD MORE HERE BEFORE THE RELEASE, DOCS LINKS AND STUFF ([#124383](https://github.com/kubernetes/kubernetes/pull/124383), [@danwinship](https://github.com/danwinship)) [SIG Cloud Provider and Network]", + "text": "kube-proxy's nftables mode (--proxy-mode=nftables) is now beta and available by default.", + "markdown": "Kube-proxy's nftables mode (--proxy-mode=nftables) is now beta and available by default. ([#124383](https://github.com/kubernetes/kubernetes/pull/124383), [@danwinship](https://github.com/danwinship)) [SIG Cloud Provider and Network]", "documentation": [ { "description": "[KEP]", @@ -2034,8 +2245,8 @@ }, "124393": { "commit": "f39ece24b27062a8d9eb791ffebc252ea1449734", - "text": "kubeadm: mark the flag \"--experimental-output' as deprecated (it will be removed in a future release) and add a new flag '--output\" that serves the same purpose. Affected commands are - \"kubeadm config images list\", \"kubeadm token list\", \"kubeadm upgade plan\", \"kubeadm certs check-expiration\".", - "markdown": "Kubeadm: mark the flag \"--experimental-output' as deprecated (it will be removed in a future release) and add a new flag '--output\" that serves the same purpose. Affected commands are - \"kubeadm config images list\", \"kubeadm token list\", \"kubeadm upgade plan\", \"kubeadm certs check-expiration\". ([#124393](https://github.com/kubernetes/kubernetes/pull/124393), [@carlory](https://github.com/carlory)) [SIG Cluster Lifecycle]", + "text": "'kubeadm: marked the flag \"--experimental-output'' as deprecated (it will\nbe removed in a future release) and added a new flag ''--output\" that serves the\nsame purpose. Affected commands are - \"kubeadm config images list\", \"kubeadm token\nlist\", \"kubeadm upgrade plan\", \"kubeadm certs check-expiration\".'", + "markdown": "'kubeadm: marked the flag \"--experimental-output'' as deprecated (it will\n be removed in a future release) and added a new flag ''--output\" that serves the\n same purpose. Affected commands are - \"kubeadm config images list\", \"kubeadm token\n list\", \"kubeadm upgrade plan\", \"kubeadm certs check-expiration\".' ([#124393](https://github.com/kubernetes/kubernetes/pull/124393), [@carlory](https://github.com/carlory)) [SIG Cluster Lifecycle]", "author": "carlory", "author_url": "https://github.com/carlory", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124393", @@ -2054,8 +2265,8 @@ }, "124417": { "commit": "74877bb43bc88e21b7304382cf039947a7d90069", - "text": "The feature gate \"DefaultHostNetworkHostPortsInPodTemplates\" has been removed. This behavior was deprecated in v1.28, and has had no reports of trouble since.", - "markdown": "The feature gate \"DefaultHostNetworkHostPortsInPodTemplates\" has been removed. This behavior was deprecated in v1.28, and has had no reports of trouble since. ([#124417](https://github.com/kubernetes/kubernetes/pull/124417), [@thockin](https://github.com/thockin)) [SIG Apps]", + "text": "The feature gate \"DefaultHostNetworkHostPortsInPodTemplates\" has been removed. This behavior was deprecated in v1.28, and has had no reports of issues since.", + "markdown": "The feature gate \"DefaultHostNetworkHostPortsInPodTemplates\" has been removed. This behavior was deprecated in v1.28, and has had no reports of issues since. ([#124417](https://github.com/kubernetes/kubernetes/pull/124417), [@thockin](https://github.com/thockin)) [SIG Apps]", "author": "thockin", "author_url": "https://github.com/thockin", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124417", @@ -2070,8 +2281,8 @@ }, "124419": { "commit": "ba05a8deb3cfcc52a9f80bf4e2303cd552fc582b", - "text": "kubeadm: mark the sub-phase of 'init kubelet-finilize' called 'experimental-cert-rotation' as deprecated and print a warning if it is used directly; it will be removed in a future release. Add a replacement sub-phase 'enable-client-cert-rotation'.", - "markdown": "Kubeadm: mark the sub-phase of 'init kubelet-finilize' called 'experimental-cert-rotation' as deprecated and print a warning if it is used directly; it will be removed in a future release. Add a replacement sub-phase 'enable-client-cert-rotation'. ([#124419](https://github.com/kubernetes/kubernetes/pull/124419), [@neolit123](https://github.com/neolit123)) [SIG Cluster Lifecycle]", + "text": "'kubeadm: marked the sub-phase of ''init kubelet-finilize'' called ''experimental-cert-rotation''\nas deprecated and print a warning if it is used directly; it will be removed in\na future release. Add a replacement sub-phase ''enable-client-cert-rotation''.'", + "markdown": "'kubeadm: marked the sub-phase of ''init kubelet-finilize'' called ''experimental-cert-rotation''\n as deprecated and print a warning if it is used directly; it will be removed in\n a future release. Add a replacement sub-phase ''enable-client-cert-rotation''.' ([#124419](https://github.com/kubernetes/kubernetes/pull/124419), [@neolit123](https://github.com/neolit123)) [SIG Cluster Lifecycle]", "author": "neolit123", "author_url": "https://github.com/neolit123", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124419", @@ -2091,8 +2302,8 @@ }, "124428": { "commit": "74ae6d1b4b31db5588fea61253f4ade5b5ff1660", - "text": "[sig-network] DNS should resolve hostname and hostNetwork for a Pod [Conformance] [sig-network, Conformance]\nk8s.io/kubernetes/test/e2e/network/dns.go:132\n STEP: Creating a kubernetes client @ 04/21/24 07:33:32.982\n I0421 07:33:32.982058 3814322 util.go:506] \u003e\u003e\u003e kubeConfig: /home/syash/.kube/kind-test-config\n I0421 07:33:32.982505 3814322 util.go:515] \u003e\u003e\u003e kubeContext: kind-kind\n STEP: Building a namespace api object, basename dns @ 04/21/24 07:33:32.982\n STEP: Waiting for a default service account to be provisioned in namespace @ 04/21/24 07:33:32.991\n STEP: Waiting for kube-root-ca.crt to be provisioned in namespace @ 04/21/24 07:33:32.992\n STEP: Creating a pod by setting hostname @ 04/21/24 07:33:32.994\n I0421 07:33:32.994520 3814322 resource.go:361] Creating new exec pod\n I0421 07:33:35.003946 3814322 dns.go:138] Setting up hostname to: dns-querier-1\n I0421 07:33:35.004077 3814322 builder.go:121] Running '/usr/bin/kubectl --server=https://127.0.0.1:43529 --kubeconfig=/home/syash/.kube/kind-test-config --context=kind-kind --namespace=dns-319 exec dns-querier-1x\n5hqm -- /bin/sh -x -c hostname'\n I0421 07:33:35.109971 3814322 builder.go:146] stderr: \"+ hostname\\n\"\n I0421 07:33:35.110020 3814322 builder.go:147] stdout: \"dns-querier-1x5hqm\\n\"\n I0421 07:33:35.110042 3814322 dns.go:145] The spec.hostname is not same as container hostname, expected to contain: dns-querier-1, got: dns-querier-1x5hqm\n\n STEP: Updating the pod spec.hostNetwork to true @ 04/21/24 07:33:35.11\n I0421 07:33:35.110085 3814322 dns.go:149] Setting up hostNetwork to: true\n I0421 07:33:35.110128 3814322 builder.go:121] Running '/usr/bin/kubectl --server=https://127.0.0.1:43529 --kubeconfig=/home/syash/.kube/kind-test-config --context=kind-kind --namespace=dns-319 exec dns-querier-1x\n5hqm -- /bin/sh -x -c hostname'\n I0421 07:33:35.222393 3814322 builder.go:146] stderr: \"+ hostname\\n\"\n I0421 07:33:35.222448 3814322 builder.go:147] stdout: \"dns-querier-1x5hqm\\n\"\n I0421 07:33:35.222472 3814322 dns.go:157] The hostname and pod metadata are same: dns-querier-1x5hqm, got: dns-querier-1x5hqm\n\n I0421 07:33:35.222564 3814322 helper.go:121] Waiting up to 7m0s for all (but 0) nodes to be ready\n STEP: Destroying namespace \"dns-319\" for this suite. @ 04/21/24 07:33:35.225\n• [2.247 seconds]", - "markdown": "[sig-network] DNS should resolve hostname and hostNetwork for a Pod [Conformance] [sig-network, Conformance]\n k8s.io/kubernetes/test/e2e/network/dns.go:132\n STEP: Creating a kubernetes client @ 04/21/24 07:33:32.982\n I0421 07:33:32.982058 3814322 util.go:506] \u003e\u003e\u003e kubeConfig: /home/syash/.kube/kind-test-config\n I0421 07:33:32.982505 3814322 util.go:515] \u003e\u003e\u003e kubeContext: kind-kind\n STEP: Building a namespace api object, basename dns @ 04/21/24 07:33:32.982\n STEP: Waiting for a default service account to be provisioned in namespace @ 04/21/24 07:33:32.991\n STEP: Waiting for kube-root-ca.crt to be provisioned in namespace @ 04/21/24 07:33:32.992\n STEP: Creating a pod by setting hostname @ 04/21/24 07:33:32.994\n I0421 07:33:32.994520 3814322 resource.go:361] Creating new exec pod\n I0421 07:33:35.003946 3814322 dns.go:138] Setting up hostname to: dns-querier-1\n I0421 07:33:35.004077 3814322 builder.go:121] Running '/usr/bin/kubectl --server=https://127.0.0.1:43529 --kubeconfig=/home/syash/.kube/kind-test-config --context=kind-kind --namespace=dns-319 exec dns-querier-1x\n 5hqm -- /bin/sh -x -c hostname'\n I0421 07:33:35.109971 3814322 builder.go:146] stderr: \"+ hostname\\n\"\n I0421 07:33:35.110020 3814322 builder.go:147] stdout: \"dns-querier-1x5hqm\\n\"\n I0421 07:33:35.110042 3814322 dns.go:145] The spec.hostname is not same as container hostname, expected to contain: dns-querier-1, got: dns-querier-1x5hqm\n \n STEP: Updating the pod spec.hostNetwork to true @ 04/21/24 07:33:35.11\n I0421 07:33:35.110085 3814322 dns.go:149] Setting up hostNetwork to: true\n I0421 07:33:35.110128 3814322 builder.go:121] Running '/usr/bin/kubectl --server=https://127.0.0.1:43529 --kubeconfig=/home/syash/.kube/kind-test-config --context=kind-kind --namespace=dns-319 exec dns-querier-1x\n 5hqm -- /bin/sh -x -c hostname'\n I0421 07:33:35.222393 3814322 builder.go:146] stderr: \"+ hostname\\n\"\n I0421 07:33:35.222448 3814322 builder.go:147] stdout: \"dns-querier-1x5hqm\\n\"\n I0421 07:33:35.222472 3814322 dns.go:157] The hostname and pod metadata are same: dns-querier-1x5hqm, got: dns-querier-1x5hqm\n \n I0421 07:33:35.222564 3814322 helper.go:121] Waiting up to 7m0s for all (but 0) nodes to be ready\n STEP: Destroying namespace \"dns-319\" for this suite. @ 04/21/24 07:33:35.225\n • [2.247 seconds] ([#124428](https://github.com/kubernetes/kubernetes/pull/124428), [@yashsingh74](https://github.com/yashsingh74)) [SIG Architecture, Network and Testing]", + "text": "Added a testcase to check hostname and hostNetwork.", + "markdown": "Added a testcase to check hostname and hostNetwork. ([#124428](https://github.com/kubernetes/kubernetes/pull/124428), [@yashsingh74](https://github.com/yashsingh74)) [SIG Architecture, Network and Testing]", "author": "yashsingh74", "author_url": "https://github.com/yashsingh74", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124428", @@ -2113,6 +2324,25 @@ "do_not_publish": true, "is_mapped": true }, + "124430": { + "commit": "57d197fb890a50a508c4e9e485da5076a6d1b055", + "text": "Fixed node report notReady with reason 'container runtime status check may not have completed yet' after kubelet restart.", + "markdown": "Fixed node report notReady with reason 'container runtime status check may not have completed yet' after kubelet restart. ([#124430](https://github.com/kubernetes/kubernetes/pull/124430), [@AllenXu93](https://github.com/AllenXu93))", + "author": "AllenXu93", + "author_url": "https://github.com/AllenXu93", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/124430", + "pr_number": 124430, + "areas": [ + "kubelet" + ], + "kinds": [ + "bug" + ], + "sigs": [ + "node" + ], + "is_mapped": true + }, "124444": { "commit": "159d4b837afd17e2d331c6d3b2561d02c47803d6", "text": "Fixed issue where following Windows container logs would prevent container log rotation.", @@ -2171,8 +2401,8 @@ }, "124464": { "commit": "3c323f8546b49aac56ff9fc970b4cdfea461dbdf", - "text": "kubeadm: use output/v1alpha3 to print structural output for the commands \"kubeadm config images list\" and \"kubeadm token list\".", - "markdown": "Kubeadm: use output/v1alpha3 to print structural output for the commands \"kubeadm config images list\" and \"kubeadm token list\". ([#124464](https://github.com/kubernetes/kubernetes/pull/124464), [@carlory](https://github.com/carlory)) [SIG Cluster Lifecycle]", + "text": "kubeadm: Used output/v1alpha3 to print structural output for the commands \"kubeadm config images list\" and \"kubeadm token list\".", + "markdown": "Kubeadm: Used output/v1alpha3 to print structural output for the commands \"kubeadm config images list\" and \"kubeadm token list\". ([#124464](https://github.com/kubernetes/kubernetes/pull/124464), [@carlory](https://github.com/carlory)) [SIG Cluster Lifecycle]", "author": "carlory", "author_url": "https://github.com/carlory", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124464", @@ -2191,8 +2421,8 @@ }, "124465": { "commit": "44c45484e00b0cdd8e44a5098dab097c1a1b47e2", - "text": "kubeadm: switch to using the new etcd endpoints introduced in 3.5.11 - /livez (for liveness probe) and /readyz (for readyness and startup probe). With this change it is no longer possible to deploy a custom etcd version older than 3.5.11 with kubeadm 1.31. If so, please upgrade.", - "markdown": "Kubeadm: switch to using the new etcd endpoints introduced in 3.5.11 - /livez (for liveness probe) and /readyz (for readyness and startup probe). With this change it is no longer possible to deploy a custom etcd version older than 3.5.11 with kubeadm 1.31. If so, please upgrade. ([#124465](https://github.com/kubernetes/kubernetes/pull/124465), [@neolit123](https://github.com/neolit123)) [SIG Cluster Lifecycle]", + "text": "kubeadm: Switched to using the new etcd endpoints introduced in 3.5.11 - /livez (for liveness probe) and /readyz (for readyness and startup probe). With this change it is no longer possible to deploy a custom etcd version older than 3.5.11 with kubeadm 1.31. If so, please upgrade etcd to a supported version.", + "markdown": "Kubeadm: Switched to using the new etcd endpoints introduced in 3.5.11 - /livez (for liveness probe) and /readyz (for readyness and startup probe). With this change it is no longer possible to deploy a custom etcd version older than 3.5.11 with kubeadm 1.31. If so, please upgrade etcd to a supported version. ([#124465](https://github.com/kubernetes/kubernetes/pull/124465), [@neolit123](https://github.com/neolit123)) [SIG Cluster Lifecycle]", "author": "neolit123", "author_url": "https://github.com/neolit123", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124465", @@ -2211,8 +2441,8 @@ }, "124480": { "commit": "646fbe6d0a3fa1a100d90a429f039324de9c8138", - "text": "kubeadm: fix a regression where the KubeletConfiguration is not properly downloaded during \"kubeadm upgrade\" commands from the kube-system/kubelet-config ConfigMap, resulting in the local '/var/lib/kubelet/config.yaml' file being written as a defaulted config.", - "markdown": "Kubeadm: fix a regression where the KubeletConfiguration is not properly downloaded during \"kubeadm upgrade\" commands from the kube-system/kubelet-config ConfigMap, resulting in the local '/var/lib/kubelet/config.yaml' file being written as a defaulted config. ([#124480](https://github.com/kubernetes/kubernetes/pull/124480), [@neolit123](https://github.com/neolit123)) [SIG Cluster Lifecycle]", + "text": "'kubeadm: fixed a regression where the KubeletConfiguration is not properly\ndownloaded during \"kubeadm upgrade\" command from the kube-system/kubelet-config\nConfigMap, resulting in the local ''/var/lib/kubelet/config.yaml'' file being\nwritten as a defaulted config.'", + "markdown": "'kubeadm: fixed a regression where the KubeletConfiguration is not properly\n downloaded during \"kubeadm upgrade\" command from the kube-system/kubelet-config\n ConfigMap, resulting in the local ''/var/lib/kubelet/config.yaml'' file being\n written as a defaulted config.' ([#124480](https://github.com/kubernetes/kubernetes/pull/124480), [@neolit123](https://github.com/neolit123)) [SIG Cluster Lifecycle]", "author": "neolit123", "author_url": "https://github.com/neolit123", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124480", @@ -2232,8 +2462,8 @@ }, "124496": { "commit": "17854f0e0a153b06f9d0db096e2cd8ab2fa89c11", - "text": "kubeadm: removed the deprecated output.kubeadm.k8s.io/v1alpha2 API for structured output. Please use v1alpha3 instead.", - "markdown": "Kubeadm: removed the deprecated output.kubeadm.k8s.io/v1alpha2 API for structured output. Please use v1alpha3 instead. ([#124496](https://github.com/kubernetes/kubernetes/pull/124496), [@carlory](https://github.com/carlory)) [SIG Cluster Lifecycle]", + "text": "kubeadm: removed the deprecated `output.kubeadm.k8s.io/v1alpha2` API for structured output. Please use v1alpha3 instead.", + "markdown": "Kubeadm: removed the deprecated `output.kubeadm.k8s.io/v1alpha2` API for structured output. Please use v1alpha3 instead. ([#124496](https://github.com/kubernetes/kubernetes/pull/124496), [@carlory](https://github.com/carlory)) [SIG Cluster Lifecycle]", "author": "carlory", "author_url": "https://github.com/carlory", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124496", @@ -2271,8 +2501,8 @@ }, "124503": { "commit": "bae83009d36fc9729482404dddc3b03ab751f08e", - "text": "kubeadm: during the preflight check \"CreateJob\" of \"kubeadm upgrade\", check if there are no nodes where a Pod can schedule. If there are none, show a warning and skip this preflight check. This can happen in single node clusters where the only node was drained.", - "markdown": "Kubeadm: during the preflight check \"CreateJob\" of \"kubeadm upgrade\", check if there are no nodes where a Pod can schedule. If there are none, show a warning and skip this preflight check. This can happen in single node clusters where the only node was drained. ([#124503](https://github.com/kubernetes/kubernetes/pull/124503), [@neolit123](https://github.com/neolit123)) [SIG Cluster Lifecycle]", + "text": "kubeadm: Added support during the preflight check \"CreateJob\" of \"kubeadm upgrade\" to check if there are no nodes where a Pod can be scheduled. If there are none, show a warning and skip this preflight check. This can happen in single node clusters where the only node was drained.", + "markdown": "Kubeadm: Added support during the preflight check \"CreateJob\" of \"kubeadm upgrade\" to check if there are no nodes where a Pod can be scheduled. If there are none, show a warning and skip this preflight check. This can happen in single node clusters where the only node was drained. ([#124503](https://github.com/kubernetes/kubernetes/pull/124503), [@neolit123](https://github.com/neolit123)) [SIG Cluster Lifecycle]", "author": "neolit123", "author_url": "https://github.com/neolit123", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124503", @@ -2292,8 +2522,8 @@ }, "124505": { "commit": "3d24b962bef80a1f5b7aaae42e6fc841628ee4ac", - "text": "Removed admission plugin PersistentVolumeLabel. Please use https://github.com/kubernetes-sigs/cloud-pv-admission-labeler instead if you need a similar functionality.", - "markdown": "Removed admission plugin PersistentVolumeLabel. Please use https://github.com/kubernetes-sigs/cloud-pv-admission-labeler instead if you need a similar functionality. ([#124505](https://github.com/kubernetes/kubernetes/pull/124505), [@jsafrane](https://github.com/jsafrane)) [SIG API Machinery, Auth and Storage]", + "text": "Removed admission plugin `PersistentVolumeLabel`. Please use https://github.com/kubernetes-sigs/cloud-pv-admission-labeler instead if you need a similar functionality.", + "markdown": "Removed admission plugin `PersistentVolumeLabel`. Please use https://github.com/kubernetes-sigs/cloud-pv-admission-labeler instead if you need a similar functionality. ([#124505](https://github.com/kubernetes/kubernetes/pull/124505), [@jsafrane](https://github.com/jsafrane)) [SIG API Machinery, Auth and Storage]", "author": "jsafrane", "author_url": "https://github.com/jsafrane", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124505", @@ -2344,7 +2574,7 @@ "124514": { "commit": "f281a02d236d1112009c54062b99972ea6e4e731", "text": "Fixed bug where kubectl get with --sort-by flag does not sort strings alphanumerically.", - "markdown": "Fixed bug where kubectl get with --sort-by flag does not sort strings alphanumerically. ([#124514](https://github.com/kubernetes/kubernetes/pull/124514), [@brianpursley](https://github.com/brianpursley)) [SIG CLI]", + "markdown": "Fixed bug where kubectl get with --sort-by flag does not sort strings alphanumerically. ([#124514](https://github.com/kubernetes/kubernetes/pull/124514), [@brianpursley](https://github.com/brianpursley)) [SIG CLI]"", "author": "brianpursley", "author_url": "https://github.com/brianpursley", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124514", @@ -2384,8 +2614,8 @@ }, "124519": { "commit": "4d17d30029aaddc2132d65c019e30d1c153bf4d1", - "text": "Removing the last remaining in-tree gcp cloud provider and credential provider. Please use the external cloud provider and credential provider from https://github.com/kubernetes/cloud-provider-gcp instead.", - "markdown": "Removing the last remaining in-tree gcp cloud provider and credential provider. Please use the external cloud provider and credential provider from https://github.com/kubernetes/cloud-provider-gcp instead. ([#124519](https://github.com/kubernetes/kubernetes/pull/124519), [@dims](https://github.com/dims)) [SIG API Machinery, Apps, Auth, Autoscaling, Cloud Provider, Instrumentation, Network, Node, Scheduling, Storage and Testing]", + "text": "Removed the last remaining in-tree gcp cloud provider and credential provider.\nPlease use the external cloud provider and credential provider from https://github.com/kubernetes/cloud-provider-gcp\ninstead.", + "markdown": "Removed the last remaining in-tree gcp cloud provider and credential provider.\n Please use the external cloud provider and credential provider from https://github.com/kubernetes/cloud-provider-gcp\n instead. ([#124519](https://github.com/kubernetes/kubernetes/pull/124519), [@dims](https://github.com/dims)) [SIG API Machinery, Apps, Auth, Autoscaling, Cloud Provider, Instrumentation, Network, Node, Scheduling, Storage and Testing]", "author": "dims", "author_url": "https://github.com/dims", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124519", @@ -2417,6 +2647,35 @@ "duplicate": true, "is_mapped": true }, + "124530": { + "commit": "e83fca8dd9bd6636d4956836082b250bbe939109", + "text": "Finished initial generic controlplane refactor of kube-apiserver, providing a sample binariy building a kube-like controlplane without contrainer orchestration resources.", + "markdown": "Finished initial generic controlplane refactor of kube-apiserver, providing a sample binariy building a kube-like controlplane without contrainer orchestration resources. ([#124530](https://github.com/kubernetes/kubernetes/pull/124530), [@sttts](https://github.com/sttts)) [SIG API Machinery, Apps, Cloud Provider, Network, Node and Testing]", + "author": "sttts", + "author_url": "https://github.com/sttts", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/124530", + "pr_number": 124530, + "areas": [ + "test", + "kubelet", + "apiserver", + "cloudprovider", + "e2e-test-framework" + ], + "kinds": [ + "cleanup" + ], + "sigs": [ + "api-machinery", + "apps", + "cloud-provider", + "network", + "node", + "testing" + ], + "duplicate": true, + "is_mapped": true + }, "124544": { "commit": "59ba132f16ef92c9f7278b9466cf9cc7a479226c", "text": "CephFS volume plugin ( `kubernetes.io/cephfs`) was removed in this release and the `cephfs` volume type became non-functional. Alternative is to use CephFS CSI driver (https://github.com/ceph/ceph-csi/) in your Kubernetes Cluster. A re-deployment of your application is required to use the new driver if you were using `kubernetes.io/cephfs` volume plugin before upgrading cluster version to 1.31+.", @@ -2476,8 +2735,8 @@ }, "124553": { "commit": "8dbeaa5786bab14772873cc90af70ccb9b06b4c1", - "text": "Fixes a 1.30.0 regression in openapi descriptions of imagePullSecrets and hostAliases fields to mark the fields used as keys in those lists as either defaulted or required.", - "markdown": "Fixes a 1.30.0 regression in openapi descriptions of imagePullSecrets and hostAliases fields to mark the fields used as keys in those lists as either defaulted or required. ([#124553](https://github.com/kubernetes/kubernetes/pull/124553), [@pmalek](https://github.com/pmalek)) [SIG API Machinery]", + "text": "Fixed a 1.30.0 regression in OpenAPI descriptions of the `imagePullSecrets` and \n`hostAliases` fields to mark the fields used as keys in those lists as either defaulted\nor required.", + "markdown": "Fixed a 1.30.0 regression in OpenAPI descriptions of the `imagePullSecrets` and \n `hostAliases` fields to mark the fields used as keys in those lists as either defaulted\n or required. ([#124553](https://github.com/kubernetes/kubernetes/pull/124553), [@pmalek](https://github.com/pmalek)) [SIG API Machinery]", "author": "pmalek", "author_url": "https://github.com/pmalek", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124553", @@ -2498,8 +2757,8 @@ }, "124557": { "commit": "ae8474adcdb5957ebaef82de55fbabdf2433356a", - "text": "The nftables kube-proxy mode now has its own metrics rather than reporting\nmetrics with \"iptables\" in their names.", - "markdown": "The nftables kube-proxy mode now has its own metrics rather than reporting\n metrics with \"iptables\" in their names. ([#124557](https://github.com/kubernetes/kubernetes/pull/124557), [@danwinship](https://github.com/danwinship)) [SIG Network and Windows]", + "text": "Added metrics for the nftables kube-proxy mode rather than it reporting\nmetrics with \"iptables\" in their names.", + "markdown": "Added metrics for the nftables kube-proxy mode rather than it reporting\n metrics with \"iptables\" in their names. ([#124557](https://github.com/kubernetes/kubernetes/pull/124557), [@danwinship](https://github.com/danwinship)) [SIG Network and Windows]", "author": "danwinship", "author_url": "https://github.com/danwinship", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124557", @@ -2520,10 +2779,30 @@ "duplicate_kind": true, "is_mapped": true }, + "124568": { + "commit": "130414950fbb0881792aede383f53a9d6d9d721d", + "text": "Fixed a bug in the API server where empty collections of ValidatingAdmissionPolicies did not have an `items` field.", + "markdown": "Fixed a bug in the API server where empty collections of ValidatingAdmissionPolicies did not have an `items` field. ([#124568](https://github.com/kubernetes/kubernetes/pull/124568), [@xyz-li](https://github.com/xyz-li)) [SIG API Machinery]", + "author": "xyz-li", + "author_url": "https://github.com/xyz-li", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/124568", + "pr_number": 124568, + "areas": [ + "code-generation" + ], + "kinds": [ + "bug", + "api-change" + ], + "sigs": [ + "api-machinery" + ], + "duplicate_kind": true + }, "124574": { "commit": "e702c2e0b6aa746d07afed1dcb4bcdc352267d53", - "text": "kubelet server can now dynamically load certificate files", - "markdown": "Kubelet server can now dynamically load certificate files ([#124574](https://github.com/kubernetes/kubernetes/pull/124574), [@zhangweikop](https://github.com/zhangweikop)) [SIG Auth and Node]", + "text": "Added the ability to the kubelet server to dynamically load certificate files.", + "markdown": "Added the ability to the kubelet server to dynamically load certificate files. ([#124574](https://github.com/kubernetes/kubernetes/pull/124574), [@zhangweikop](https://github.com/zhangweikop)) [SIG Auth and Node]", "author": "zhangweikop", "author_url": "https://github.com/zhangweikop", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124574", @@ -2560,8 +2839,8 @@ }, "124589": { "commit": "fdefcb43d105ab2e1e12019da9f0fcd1625f0447", - "text": "Fix: the resourceclaim controller forgot to wait for podSchedulingSynced and templatesSynced", - "markdown": "Fix: the resourceclaim controller forgot to wait for podSchedulingSynced and templatesSynced ([#124589](https://github.com/kubernetes/kubernetes/pull/124589), [@carlory](https://github.com/carlory)) [SIG Apps and Node]", + "text": "\"Fixed the ResourceClaim controller forgetting to wait for `podSchedulingSynced` \nand `templatesSynced`.\"", + "markdown": "\"Fixed the ResourceClaim controller forgetting to wait for `podSchedulingSynced` \n and `templatesSynced`.\" ([#124589](https://github.com/kubernetes/kubernetes/pull/124589), [@carlory](https://github.com/carlory)) [SIG Apps and Node]", "author": "carlory", "author_url": "https://github.com/carlory", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124589", @@ -2578,8 +2857,8 @@ }, "124592": { "commit": "0590bb1ac495ae8af2a573f879408e48800da2c5", - "text": "Adds completion for `kubectl set image`.", - "markdown": "Adds completion for `kubectl set image`. ([#124592](https://github.com/kubernetes/kubernetes/pull/124592), [@ah8ad3](https://github.com/ah8ad3)) [SIG CLI]", + "text": "Added completion for `kubectl set image`.", + "markdown": "Added completion for `kubectl set image`. ([#124592](https://github.com/kubernetes/kubernetes/pull/124592), [@ah8ad3](https://github.com/ah8ad3)) [SIG CLI]", "author": "ah8ad3", "author_url": "https://github.com/ah8ad3", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124592", @@ -2598,8 +2877,8 @@ }, "124595": { "commit": "8c478a06d897638ba0f48a01ae83734e3583a9c0", - "text": "DRA: fix some small, unlikely race condition during pod scheduling", - "markdown": "DRA: fix some small, unlikely race condition during pod scheduling ([#124595](https://github.com/kubernetes/kubernetes/pull/124595), [@pohly](https://github.com/pohly)) [SIG Node, Scheduling and Testing]", + "text": "Dynamic Resource Allocation (DRA): fixed some small, unlikely race condition during pod scheduling.", + "markdown": "Dynamic Resource Allocation (DRA): fixed some small, unlikely race condition during pod scheduling. ([#124595](https://github.com/kubernetes/kubernetes/pull/124595), [@pohly](https://github.com/pohly)) [SIG Node, Scheduling and Testing]", "author": "pohly", "author_url": "https://github.com/pohly", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124595", @@ -2620,8 +2899,8 @@ }, "124598": { "commit": "44bd04c0cbddde69aaeb7a90d3bd3de4e417f27f", - "text": "kubectl describe service and ingress will now use endpointslices instead of endpoints", - "markdown": "Kubectl describe service and ingress will now use endpointslices instead of endpoints ([#124598](https://github.com/kubernetes/kubernetes/pull/124598), [@aroradaman](https://github.com/aroradaman)) [SIG CLI and Network]", + "text": "\"`kubectl describe service`\" and \"`kubectl describe ingress`\" will now use endpointslices instead of endpoints.\n", + "markdown": "\"`kubectl describe service`\" and \"`kubectl describe ingress`\" will now use endpointslices instead of endpoints.\n ([#124598](https://github.com/kubernetes/kubernetes/pull/124598), [@aroradaman](https://github.com/aroradaman)) [SIG CLI and Network]", "author": "aroradaman", "author_url": "https://github.com/aroradaman", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124598", @@ -2641,8 +2920,8 @@ }, "124612": { "commit": "d8ed461ba19fce6fc64991a8e0e7e47167596fba", - "text": "Checking etcd version to warn about deprecated etcd versions if `ConsistentListFromCache` is enabled.", - "markdown": "Checking etcd version to warn about deprecated etcd versions if `ConsistentListFromCache` is enabled. ([#124612](https://github.com/kubernetes/kubernetes/pull/124612), [@ah8ad3](https://github.com/ah8ad3)) [SIG API Machinery]", + "text": "Added check for etcd version to warn about deprecated etcd versions if `ConsistentListFromCache` is enabled.", + "markdown": "Added check for etcd version to warn about deprecated etcd versions if `ConsistentListFromCache` is enabled. ([#124612](https://github.com/kubernetes/kubernetes/pull/124612), [@ah8ad3](https://github.com/ah8ad3)) [SIG API Machinery]", "author": "ah8ad3", "author_url": "https://github.com/ah8ad3", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124612", @@ -2678,8 +2957,8 @@ }, "124618": { "commit": "db82fd1604ebf327ab74cde0a7158a8d95d46202", - "text": "Improved scheduling latency when many gated pods", - "markdown": "Improved scheduling latency when many gated pods ([#124618](https://github.com/kubernetes/kubernetes/pull/124618), [@gabesaba](https://github.com/gabesaba)) [SIG Scheduling and Testing]", + "text": "Improved scheduling latency when there are many gated pods and events that trigger requeueing from the unschedulable pool.", + "markdown": "Improved scheduling latency when there are many gated pods and events that trigger requeueing from the unschedulable pool. ([#124618](https://github.com/kubernetes/kubernetes/pull/124618), [@gabesaba](https://github.com/gabesaba)) [SIG Scheduling and Testing]", "author": "gabesaba", "author_url": "https://github.com/gabesaba", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124618", @@ -2725,8 +3004,8 @@ }, "124635": { "commit": "f4ea903712482c4a0021cc9c8d742673a213833e", - "text": "client-go/tools/record.Broadcaster: fixed automatic shutdown on WithContext cancellation", - "markdown": "Client-go/tools/record.Broadcaster: fixed automatic shutdown on WithContext cancellation ([#124635](https://github.com/kubernetes/kubernetes/pull/124635), [@pohly](https://github.com/pohly)) [SIG API Machinery]", + "text": "client-go/tools/record.Broadcaster: Fixed automatic shutdown on WithContext cancellation.", + "markdown": "Client-go/tools/record.Broadcaster: Fixed automatic shutdown on WithContext cancellation. ([#124635](https://github.com/kubernetes/kubernetes/pull/124635), [@pohly](https://github.com/pohly)) [SIG API Machinery]", "author": "pohly", "author_url": "https://github.com/pohly", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124635", @@ -2757,8 +3036,8 @@ }, "124665": { "commit": "201e6262c4158db23b8887a9c31e326d34d989d4", - "text": "kubeadm: improve the \"IsPriviledgedUser\" preflight check to not fail on certain Windows setups.", - "markdown": "Kubeadm: improve the \"IsPriviledgedUser\" preflight check to not fail on certain Windows setups. ([#124665](https://github.com/kubernetes/kubernetes/pull/124665), [@neolit123](https://github.com/neolit123)) [SIG Cluster Lifecycle]", + "text": "`kubeadm`: Improved the `IsPrivilegedUser` preflight check to not fail on certain Windows setups.", + "markdown": "`kubeadm`: Improved the `IsPrivilegedUser` preflight check to not fail on certain Windows setups. ([#124665](https://github.com/kubernetes/kubernetes/pull/124665), [@neolit123](https://github.com/neolit123)) [SIG Cluster Lifecycle]", "author": "neolit123", "author_url": "https://github.com/neolit123", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124665", @@ -2776,8 +3055,8 @@ }, "124667": { "commit": "44c1a0eec2a23e1d2e69dda061ffe6a8667b8aa8", - "text": "Improve memory usage of kube-apiserver by dropping the `.metadata.managedFields` field that self-requested informers of kube-apiserver doesn't need.", - "markdown": "Improve memory usage of kube-apiserver by dropping the `.metadata.managedFields` field that self-requested informers of kube-apiserver doesn't need. ([#124667](https://github.com/kubernetes/kubernetes/pull/124667), [@linxiulei](https://github.com/linxiulei)) [SIG API Machinery]", + "text": "Improved memory usage of kube-apiserver by dropping`.metadata.managedFields` field that self-requested informers of kube-apiserver didn't need.", + "markdown": "Improved memory usage of kube-apiserver by dropping`.metadata.managedFields` field that self-requested informers of kube-apiserver didn't need. ([#124667](https://github.com/kubernetes/kubernetes/pull/124667), [@linxiulei](https://github.com/linxiulei)) [SIG API Machinery]", "author": "linxiulei", "author_url": "https://github.com/linxiulei", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124667", @@ -2813,8 +3092,8 @@ }, "124675": { "commit": "119f9b3e7c7e773af3afa7479b64d4b5a6b1fed8", - "text": "Added the feature gates `StrictCostEnforcementForVAP` and `StrictCostEnforcementForWebhooks` to enforce the strct cost calculation for CEL extended libraries. It is strongly recommended to turn on the feature gates as early as possible.", - "markdown": "Added the feature gates `StrictCostEnforcementForVAP` and `StrictCostEnforcementForWebhooks` to enforce the strct cost calculation for CEL extended libraries. It is strongly recommended to turn on the feature gates as early as possible. ([#124675](https://github.com/kubernetes/kubernetes/pull/124675), [@cici37](https://github.com/cici37)) [SIG API Machinery, Auth, Node and Testing]", + "text": "Added the feature gates `StrictCostEnforcementForVAP` and `StrictCostEnforcementForWebhooks` to enforce the strict cost calculation for CEL extended libraries. It is strongly recommended to turn on the feature gates as early as possible.", + "markdown": "Added the feature gates `StrictCostEnforcementForVAP` and `StrictCostEnforcementForWebhooks` to enforce the strict cost calculation for CEL extended libraries. It is strongly recommended to turn on the feature gates as early as possible. ([#124675](https://github.com/kubernetes/kubernetes/pull/124675), [@cici37](https://github.com/cici37)) [SIG API Machinery, Auth, Node and Testing]", "author": "cici37", "author_url": "https://github.com/cici37", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124675", @@ -2840,8 +3119,8 @@ }, "124681": { "commit": "e6547701f1b2f76e79e9a3ce904c0187fad705d5", - "text": "Custom resource field selectors are now in beta and enabled by default. Check out https://github.com/kubernetes/enhancements/issues/4358 for more details.", - "markdown": "Custom resource field selectors are now in beta and enabled by default. Check out https://github.com/kubernetes/enhancements/issues/4358 for more details. ([#124681](https://github.com/kubernetes/kubernetes/pull/124681), [@jpbetz](https://github.com/jpbetz)) [SIG API Machinery, Auth and Testing]", + "text": "Added Custom resource field selectors in beta and enabled them by default. Check out https://github.com/kubernetes/enhancements/issues/4358 for more details.", + "markdown": "Added Custom resource field selectors in beta and enabled them by default. Check out https://github.com/kubernetes/enhancements/issues/4358 for more details. ([#124681](https://github.com/kubernetes/kubernetes/pull/124681), [@jpbetz](https://github.com/jpbetz)) [SIG API Machinery, Auth and Testing]", "author": "jpbetz", "author_url": "https://github.com/jpbetz", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124681", @@ -2863,8 +3142,8 @@ }, "124683": { "commit": "5e1a1db960660194a00f4ae7d6c9195b3c1715a6", - "text": "Added ports autocompletion for kubectl port-foward command", - "markdown": "Added ports autocompletion for kubectl port-foward command ([#124683](https://github.com/kubernetes/kubernetes/pull/124683), [@TessaIO](https://github.com/TessaIO)) [SIG CLI]", + "text": "Added ports autocompletion for kubectl port-foward command.", + "markdown": "Added ports autocompletion for kubectl port-foward command. ([#124683](https://github.com/kubernetes/kubernetes/pull/124683), [@TessaIO](https://github.com/TessaIO)) [SIG CLI]", "author": "TessaIO", "author_url": "https://github.com/TessaIO", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124683", @@ -2883,8 +3162,8 @@ }, "124685": { "commit": "3833d37b28095feabf3456286c4f315b062bf333", - "text": "kubeadm: switched kubeadm to start using the CRI client library instead of shelling out of the `crictl` binary\nfor actions against a CRI endpoint. The kubeadm deb/rpm packages will continue to install the `cri-tools`\npackage for one more release, but in you must adapt your scripts to install `crictl` manually from\nhttps://github.com/kubernetes-sigs/cri-tools/releases or a different location.\n\nThe `kubeadm` package will stop depending on the `cri-tools` package in Kubernetes 1.32, which means that\ninstalling `kubeadm` will no longer automatically ensure installation of `crictl`.", - "markdown": "Kubeadm: switched kubeadm to start using the CRI client library instead of shelling out of the `crictl` binary\n for actions against a CRI endpoint. The kubeadm deb/rpm packages will continue to install the `cri-tools`\n package for one more release, but in you must adapt your scripts to install `crictl` manually from\n https://github.com/kubernetes-sigs/cri-tools/releases or a different location.\n \n The `kubeadm` package will stop depending on the `cri-tools` package in Kubernetes 1.32, which means that\n installing `kubeadm` will no longer automatically ensure installation of `crictl`. ([#124685](https://github.com/kubernetes/kubernetes/pull/124685), [@saschagrunert](https://github.com/saschagrunert)) [SIG Cluster Lifecycle]", + "text": "kubeadm: Switched kubeadm to start using the CRI client library instead of shelling out of the `crictl` binary\nfor actions against a CRI endpoint. The kubeadm deb/rpm packages will continue to install the `cri-tools`\npackage for one more release, but in you must adapt your scripts to install `crictl` manually from\nhttps://github.com/kubernetes-sigs/cri-tools/releases or a different location.\n\nThe `kubeadm` package will stop depending on the `cri-tools` package in Kubernetes 1.32, which means that\ninstalling `kubeadm` will no longer automatically ensure installation of `crictl`.", + "markdown": "Kubeadm: Switched kubeadm to start using the CRI client library instead of shelling out of the `crictl` binary\n for actions against a CRI endpoint. The kubeadm deb/rpm packages will continue to install the `cri-tools`\n package for one more release, but in you must adapt your scripts to install `crictl` manually from\n https://github.com/kubernetes-sigs/cri-tools/releases or a different location.\n \n The `kubeadm` package will stop depending on the `cri-tools` package in Kubernetes 1.32, which means that\n installing `kubeadm` will no longer automatically ensure installation of `crictl`. ([#124685](https://github.com/kubernetes/kubernetes/pull/124685), [@saschagrunert](https://github.com/saschagrunert)) [SIG Cluster Lifecycle]", "author": "saschagrunert", "author_url": "https://github.com/saschagrunert", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124685", @@ -2903,8 +3182,8 @@ }, "124688": { "commit": "529896474f2fad03156b78e097717dab1649a934", - "text": "kubeadm: during \"upgrade\" , if the \"etcd.yaml\" static pod does not need upgrade, still consider rotating the etcd certificates and restarting the etcd static pod if the \"kube-apiserver.yaml\" manifest is to be upgraded and if certificate renewal is not disabled.", - "markdown": "Kubeadm: during \"upgrade\" , if the \"etcd.yaml\" static pod does not need upgrade, still consider rotating the etcd certificates and restarting the etcd static pod if the \"kube-apiserver.yaml\" manifest is to be upgraded and if certificate renewal is not disabled. ([#124688](https://github.com/kubernetes/kubernetes/pull/124688), [@neolit123](https://github.com/neolit123)) [SIG Cluster Lifecycle]", + "text": "kubeadm: Ensured that during \"upgrade\" , if the \"etcd.yaml\" static pod did not need upgrade, still consider rotating the etcd certificates and restarting the etcd static pod if the \"kube-apiserver.yaml\" manifest was to be upgraded and if certificate renewal was not disabled.", + "markdown": "Kubeadm: Ensured that during \"upgrade\" , if the \"etcd.yaml\" static pod did not need upgrade, still consider rotating the etcd certificates and restarting the etcd static pod if the \"kube-apiserver.yaml\" manifest was to be upgraded and if certificate renewal was not disabled. ([#124688](https://github.com/kubernetes/kubernetes/pull/124688), [@neolit123](https://github.com/neolit123)) [SIG Cluster Lifecycle]", "author": "neolit123", "author_url": "https://github.com/neolit123", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124688", @@ -2923,8 +3202,8 @@ }, "124714": { "commit": "e798b9c269627a10291f36a88b4fa13f034ab57f", - "text": "Fix throughput when scheduling daemonset pods to reach 300 pods/s, if the configured qps allows it.", - "markdown": "Fix throughput when scheduling daemonset pods to reach 300 pods/s, if the configured qps allows it. ([#124714](https://github.com/kubernetes/kubernetes/pull/124714), [@sanposhiho](https://github.com/sanposhiho)) [SIG Scheduling]", + "text": "Fixed throughput when scheduling DaemonSet pods to reach 300 pods/s, if the configured QPS allows it.", + "markdown": "Fixed throughput when scheduling DaemonSet pods to reach 300 pods/s, if the configured QPS allows it. ([#124714](https://github.com/kubernetes/kubernetes/pull/124714), [@sanposhiho](https://github.com/sanposhiho)) [SIG Scheduling]", "author": "sanposhiho", "author_url": "https://github.com/sanposhiho", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124714", @@ -2941,8 +3220,8 @@ }, "124715": { "commit": "78bc18dcb0b554d75bdcf61fb7abecffd5384de2", - "text": "kubeadm: the deprecated `UpgradeAddonsBeforeControlPlane` featuregate has been removed, upgrade of the CoreDNS and kube-proxy addons will not be triggered until all the control plane instances have been upgraded.", - "markdown": "Kubeadm: the deprecated `UpgradeAddonsBeforeControlPlane` featuregate has been removed, upgrade of the CoreDNS and kube-proxy addons will not be triggered until all the control plane instances have been upgraded. ([#124715](https://github.com/kubernetes/kubernetes/pull/124715), [@SataQiu](https://github.com/SataQiu)) [SIG Cluster Lifecycle]", + "text": "kubeadm: Removed the deprecated `UpgradeAddonsBeforeControlPlane` feature gate; Ensured that the upgrade of the CoreDNS and kube-proxy addons would not be triggered until all the control plane instances were upgraded.", + "markdown": "Kubeadm: Removed the deprecated `UpgradeAddonsBeforeControlPlane` feature gate; Ensured that the upgrade of the CoreDNS and kube-proxy addons would not be triggered until all the control plane instances were upgraded. ([#124715](https://github.com/kubernetes/kubernetes/pull/124715), [@SataQiu](https://github.com/SataQiu)) [SIG Cluster Lifecycle]", "author": "SataQiu", "author_url": "https://github.com/SataQiu", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124715", @@ -3000,8 +3279,8 @@ }, "124738": { "commit": "132c49c40b5ef7d3b9ca822774b0c56d12e2d14f", - "text": "Remove GA ServiceNodePortStaticSubrange feature gate", - "markdown": "Remove GA ServiceNodePortStaticSubrange feature gate ([#124738](https://github.com/kubernetes/kubernetes/pull/124738), [@xuzhenglun](https://github.com/xuzhenglun)) [SIG Network]", + "text": "Removed GA ServiceNodePortStaticSubrange feature gate.", + "markdown": "Removed GA ServiceNodePortStaticSubrange feature gate. ([#124738](https://github.com/kubernetes/kubernetes/pull/124738), [@xuzhenglun](https://github.com/xuzhenglun)) [SIG Network]", "author": "xuzhenglun", "author_url": "https://github.com/xuzhenglun", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124738", @@ -3016,8 +3295,8 @@ }, "124767": { "commit": "57b406a18afc54c84725488e0ca3d4b4cabd61db", - "text": "Remove k8s.io/legacy-cloud-providers from staging", - "markdown": "Remove k8s.io/legacy-cloud-providers from staging ([#124767](https://github.com/kubernetes/kubernetes/pull/124767), [@carlory](https://github.com/carlory)) [SIG API Machinery, Cloud Provider and Release]", + "text": "Removed k8s.io/legacy-cloud-providers from staging.", + "markdown": "Removed k8s.io/legacy-cloud-providers from staging. ([#124767](https://github.com/kubernetes/kubernetes/pull/124767), [@carlory](https://github.com/carlory)) [SIG API Machinery, Cloud Provider and Release]", "author": "carlory", "author_url": "https://github.com/carlory", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124767", @@ -3042,8 +3321,8 @@ }, "124779": { "commit": "8339711e1f57936b9bc7283d08bb7b536f10562d", - "text": "CEL default compatibility environment version to updated to 1.30 so that the extended libraries added before 1.30 is available to use.", - "markdown": "CEL default compatibility environment version to updated to 1.30 so that the extended libraries added before 1.30 is available to use. ([#124779](https://github.com/kubernetes/kubernetes/pull/124779), [@cici37](https://github.com/cici37)) [SIG API Machinery]", + "text": "Updated the CEL default compatibility environment version to 1.30, ensuring that extended libraries added before version 1.30 are available for use.", + "markdown": "Updated the CEL default compatibility environment version to 1.30, ensuring that extended libraries added before version 1.30 are available for use. ([#124779](https://github.com/kubernetes/kubernetes/pull/124779), [@cici37](https://github.com/cici37)) [SIG API Machinery]", "author": "cici37", "author_url": "https://github.com/cici37", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124779", @@ -3062,8 +3341,8 @@ }, "124793": { "commit": "2a003648b026abcb6371f7da00740561c393a9a5", - "text": "Fix the comment for the Job's managedBy field", - "markdown": "Fix the comment for the Job's managedBy field ([#124793](https://github.com/kubernetes/kubernetes/pull/124793), [@mimowo](https://github.com/mimowo)) [SIG API Machinery and Apps]", + "text": "Fixed the comment for the Job's managedBy field.", + "markdown": "Fixed the comment for the Job's managedBy field. ([#124793](https://github.com/kubernetes/kubernetes/pull/124793), [@mimowo](https://github.com/mimowo)) [SIG API Machinery and Apps]", "author": "mimowo", "author_url": "https://github.com/mimowo", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124793", @@ -3104,10 +3383,43 @@ "duplicate": true, "is_mapped": true }, + "124815": { + "commit": "2171bcb78966539a0c66b5ae8d9a96f9277a7e82", + "text": "Removed the following feature gates:\n- `InTreePluginAWSUnregister`\n- `InTreePluginAzureDiskUnregister`\n- `InTreePluginAzureFileUnregister`\n- `InTreePluginGCEUnregister`\n- `InTreePluginOpenStackUnregister`\n- `InTreePluginvSphereUnregister`", + "markdown": "Removed the following feature gates:\n - `InTreePluginAWSUnregister`\n - `InTreePluginAzureDiskUnregister`\n - `InTreePluginAzureFileUnregister`\n - `InTreePluginGCEUnregister`\n - `InTreePluginOpenStackUnregister`\n - `InTreePluginvSphereUnregister` ([#124815](https://github.com/kubernetes/kubernetes/pull/124815), [@carlory](https://github.com/carlory)) [SIG Storage]", + "author": "carlory", + "author_url": "https://github.com/carlory", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/124815", + "pr_number": 124815, + "kinds": [ + "cleanup" + ], + "sigs": [ + "storage" + ] + }, + "124819": { + "commit": "13d9d7c689b86939191c24f4096286c68549c3b7", + "text": "Added a warning when creating or updating a PersistentVolume (PV) with the deprecated annotation `volume.beta.kubernetes.io/mount-options`.", + "markdown": "Added a warning when creating or updating a PersistentVolume (PV) with the deprecated annotation `volume.beta.kubernetes.io/mount-options`. ([#124819](https://github.com/kubernetes/kubernetes/pull/124819), [@carlory](https://github.com/carlory))", + "author": "carlory", + "author_url": "https://github.com/carlory", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/124819", + "pr_number": 124819, + "kinds": [ + "cleanup", + "deprecation" + ], + "sigs": [ + "storage" + ], + "duplicate_kind": true, + "is_mapped": true + }, "124820": { "commit": "22f3ce5e5ebfb62a6b86ab95bf0ef05588b8d297", - "text": "kubeadm: enhance the \"patches\" functionality to be able to patch coredns deployment. The new patch target is called \"corednsdeployment\" (e.g. patch file \"corednsdeployment+json.json\"). This makes it possible to apply custom patches to coredns deployment during \"init\" and \"upgrade\".", - "markdown": "Kubeadm: enhance the \"patches\" functionality to be able to patch coredns deployment. The new patch target is called \"corednsdeployment\" (e.g. patch file \"corednsdeployment+json.json\"). This makes it possible to apply custom patches to coredns deployment during \"init\" and \"upgrade\". ([#124820](https://github.com/kubernetes/kubernetes/pull/124820), [@SataQiu](https://github.com/SataQiu)) [SIG Cluster Lifecycle]", + "text": "'kubeadm: enhanced the \"patches\" functionality to be able to patch coredns\ndeployment. The new patch target is called \"corednsdeployment\" (e.g. patch file\n\"corednsdeployment+json.json\"). This makes it possible to apply custom patches\nto coredns deployment during \"init\" and \"upgrade\".'", + "markdown": "'kubeadm: enhanced the \"patches\" functionality to be able to patch coredns\n deployment. The new patch target is called \"corednsdeployment\" (e.g. patch file\n \"corednsdeployment+json.json\"). This makes it possible to apply custom patches\n to coredns deployment during \"init\" and \"upgrade\".' ([#124820](https://github.com/kubernetes/kubernetes/pull/124820), [@SataQiu](https://github.com/SataQiu)) [SIG Cluster Lifecycle]", "author": "SataQiu", "author_url": "https://github.com/SataQiu", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124820", @@ -3126,8 +3438,8 @@ }, "124828": { "commit": "12439834f402f6960cc4f9e161bd682aaa130db4", - "text": "Kubernetes is now built with go 1.22.3", - "markdown": "Kubernetes is now built with go 1.22.3 ([#124828](https://github.com/kubernetes/kubernetes/pull/124828), [@cpanato](https://github.com/cpanato)) [SIG Release and Testing]", + "text": "Built Kubernetes with Go 1.22.3.", + "markdown": "Built Kubernetes with Go 1.22.3. ([#124828](https://github.com/kubernetes/kubernetes/pull/124828), [@cpanato](https://github.com/cpanato)) [SIG Release and Testing]", "author": "cpanato", "author_url": "https://github.com/cpanato", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124828", @@ -3178,8 +3490,8 @@ }, "124864": { "commit": "0df6f451aea35483746c415083268a282e96f7f3", - "text": "Revert \"remove legacycloudproviders from staging\"", - "markdown": "Revert \"remove legacycloudproviders from staging\" ([#124864](https://github.com/kubernetes/kubernetes/pull/124864), [@carlory](https://github.com/carlory)) [SIG Release]", + "text": "Reverted remove legacycloudproviders from staging.", + "markdown": "Reverted remove legacycloudproviders from staging. ([#124864](https://github.com/kubernetes/kubernetes/pull/124864), [@carlory](https://github.com/carlory)) [SIG Release]", "author": "carlory", "author_url": "https://github.com/carlory", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124864", @@ -3223,8 +3535,8 @@ }, "124883": { "commit": "466b10fcabd92cf1c1f250522c6e2c5d1045747c", - "text": "Drop additional rule requirement (cronjobs/finalizers) in the roles who use kubectl create cronjobs to be backwards compatible", - "markdown": "Drop additional rule requirement (cronjobs/finalizers) in the roles who use kubectl create cronjobs to be backwards compatible ([#124883](https://github.com/kubernetes/kubernetes/pull/124883), [@ardaguclu](https://github.com/ardaguclu)) [SIG CLI]", + "text": "Dropped the additional rule requirement (cronjobs/finalizers) for roles\nusing kubectl create cronjobs to ensure backward compatibility.", + "markdown": "Dropped the additional rule requirement (cronjobs/finalizers) for roles\n using kubectl create cronjobs to ensure backward compatibility. ([#124883](https://github.com/kubernetes/kubernetes/pull/124883), [@ardaguclu](https://github.com/ardaguclu))", "author": "ardaguclu", "author_url": "https://github.com/ardaguclu", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124883", @@ -3240,10 +3552,30 @@ ], "is_mapped": true }, + "124884": { + "commit": "d7194eb3700cf4f5f075e06ba53811924efb9509", + "text": "Added a feature to report an event to pod if kubelet does `attach operation failed` when kubelet is running with `--enable-controller-attach-detach=false`.", + "markdown": "Added a feature to report an event to pod if kubelet does `attach operation failed` when kubelet is running with `--enable-controller-attach-detach=false`. ([#124884](https://github.com/kubernetes/kubernetes/pull/124884), [@carlory](https://github.com/carlory))", + "author": "carlory", + "author_url": "https://github.com/carlory", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/124884", + "pr_number": 124884, + "areas": [ + "kubelet" + ], + "kinds": [ + "feature" + ], + "sigs": [ + "storage" + ], + "feature": true, + "is_mapped": true + }, "124886": { "commit": "1772e3fb5dc76a9a35438530d525ade4fe0d9f3e", - "text": "Removed legacy cloud provider integration code (undoing a previous reverted commit)", - "markdown": "Removed legacy cloud provider integration code (undoing a previous reverted commit) ([#124886](https://github.com/kubernetes/kubernetes/pull/124886), [@carlory](https://github.com/carlory)) [SIG Cloud Provider and Release]", + "text": "Removed legacy cloud provider integration code (undoing a previous reverted commit).", + "markdown": "Removed legacy cloud provider integration code (undoing a previous reverted commit). ([#124886](https://github.com/kubernetes/kubernetes/pull/124886), [@carlory](https://github.com/carlory)) [SIG Cloud Provider and Release]", "author": "carlory", "author_url": "https://github.com/carlory", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124886", @@ -3267,8 +3599,8 @@ }, "124906": { "commit": "0aa01be4246cef38641544b2bc2dc8bc068405f0", - "text": "kube-apiserver: fixes a 1.28 regression printing pods with invalid initContainer status", - "markdown": "Kube-apiserver: fixes a 1.28 regression printing pods with invalid initContainer status ([#124906](https://github.com/kubernetes/kubernetes/pull/124906), [@liggitt](https://github.com/liggitt)) [SIG Node]", + "text": "kube-apiserver: fixed a 1.28 regression printing pods with invalid initContainer status.", + "markdown": "Kube-apiserver: fixed a 1.28 regression printing pods with invalid initContainer status. ([#124906](https://github.com/kubernetes/kubernetes/pull/124906), [@liggitt](https://github.com/liggitt)) [SIG Node]", "author": "liggitt", "author_url": "https://github.com/liggitt", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124906", @@ -3362,8 +3694,8 @@ }, "124931": { "commit": "eb66365bc4a84eca9b7f4ca6436535bc78d46648", - "text": "DRA: using structured parameters with a claim that gets reused between pods may have led to a claim with an invalid state (allocated without a finalizer) which then caused scheduling of pods using the claim to stop.", - "markdown": "DRA: using structured parameters with a claim that gets reused between pods may have led to a claim with an invalid state (allocated without a finalizer) which then caused scheduling of pods using the claim to stop. ([#124931](https://github.com/kubernetes/kubernetes/pull/124931), [@pohly](https://github.com/pohly)) [SIG Node and Scheduling]", + "text": "Dynamic Resource Allocation (DRA): using structured parameters with a claim that gets reused between pods may have led to a claim with an invalid state (allocated without a finalizer) which then caused scheduling of pods using the claim to stop.", + "markdown": "Dynamic Resource Allocation (DRA): using structured parameters with a claim that gets reused between pods may have led to a claim with an invalid state (allocated without a finalizer) which then caused scheduling of pods using the claim to stop. ([#124931](https://github.com/kubernetes/kubernetes/pull/124931), [@pohly](https://github.com/pohly)) [SIG Node and Scheduling]", "author": "pohly", "author_url": "https://github.com/pohly", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124931", @@ -3403,8 +3735,8 @@ }, "124942": { "commit": "cfd949e321869b8f7228f3b8e391571c07d76a52", - "text": "The sidecar finish time will be accounted when calculating the job's finish time.", - "markdown": "The sidecar finish time will be accounted when calculating the job's finish time. ([#124942](https://github.com/kubernetes/kubernetes/pull/124942), [@AxeZhan](https://github.com/AxeZhan)) [SIG Apps]", + "text": "The sidecars' finish time will now be accounted for when calculating the job's finish time.", + "markdown": "The sidecars' finish time will now be accounted for when calculating the job's finish time. ([#124942](https://github.com/kubernetes/kubernetes/pull/124942), [@AxeZhan](https://github.com/AxeZhan)) [SIG Apps]", "documentation": [ { "description": "[KEP]: \u003c", @@ -3427,8 +3759,8 @@ }, "124948": { "commit": "ef39aa896a884fa4a57b5015d0eea3e75cf23c96", - "text": "kube-controller-manager: the `horizontal-pod-autoscaler-upscale-delay` and `horizontal-pod-autoscaler-downscale-delay` flags have been removed (deprecated and non-functional since v1.12)", - "markdown": "Kube-controller-manager: the `horizontal-pod-autoscaler-upscale-delay` and `horizontal-pod-autoscaler-downscale-delay` flags have been removed (deprecated and non-functional since v1.12) ([#124948](https://github.com/kubernetes/kubernetes/pull/124948), [@SataQiu](https://github.com/SataQiu)) [SIG API Machinery, Apps and Autoscaling]", + "text": "kube-controller-manager: the `horizontal-pod-autoscaler-upscale-delay` and `horizontal-pod-autoscaler-downscale-delay` flags have been removed (deprecated and non-functional since v1.12).", + "markdown": "Kube-controller-manager: the `horizontal-pod-autoscaler-upscale-delay` and `horizontal-pod-autoscaler-downscale-delay` flags have been removed (deprecated and non-functional since v1.12). ([#124948](https://github.com/kubernetes/kubernetes/pull/124948), [@SataQiu](https://github.com/SataQiu)) [SIG API Machinery, Apps and Autoscaling]", "author": "SataQiu", "author_url": "https://github.com/SataQiu", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124948", @@ -3449,16 +3781,73 @@ "duplicate_kind": true, "is_mapped": true }, - "124969": { - "commit": "108055430774959198d1b8a6917d03455250098d", - "text": "PersistentVolumeLastPhaseTransitionTime feature is stable and enabled by default.", - "markdown": "PersistentVolumeLastPhaseTransitionTime feature is stable and enabled by default. ([#124969](https://github.com/kubernetes/kubernetes/pull/124969), [@RomanBednar](https://github.com/RomanBednar)) [SIG API Machinery, Apps, Storage and Testing]", - "documentation": [ - { - "description": "[KEP]", - "url": "https://github.com/kubernetes/enhancements/issues/3762", - "type": "KEP" - } + "124958": { + "commit": "89283e0219d5d2df8c22b0de01756a79c8c7790c", + "text": "kube-scheduler implementedscheduling hints for the VolumeBinding plugin.\nThe scheduling hints allow the scheduler to retry scheduling a Pod that was previously rejected by the VolumeBinding plugin only if a new resource referenced by the plugin was created or an existing resource referenced by the plugin was updated.", + "markdown": "Kube-scheduler implementedscheduling hints for the VolumeBinding plugin.\n The scheduling hints allow the scheduler to retry scheduling a Pod that was previously rejected by the VolumeBinding plugin only if a new resource referenced by the plugin was created or an existing resource referenced by the plugin was updated. ([#124958](https://github.com/kubernetes/kubernetes/pull/124958), [@bells17](https://github.com/bells17)) [SIG Scheduling and Storage]", + "author": "bells17", + "author_url": "https://github.com/bells17", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/124958", + "pr_number": 124958, + "kinds": [ + "feature" + ], + "sigs": [ + "scheduling", + "storage" + ], + "feature": true, + "duplicate": true, + "is_mapped": true + }, + "124959": { + "commit": "9247a21be6a0c1aa81d10dea4e2536eaaa66837b", + "text": "kube-scheduler implemented scheduling hints for the VolumeBinding plugin.\nThe scheduling hints allow the scheduler to retry scheduling a Pod that was previously rejected by the VolumeBinding plugin only if a new resource referenced by the plugin was created or an existing resource referenced by the plugin was updated.", + "markdown": "Kube-scheduler implemented scheduling hints for the VolumeBinding plugin.\n The scheduling hints allow the scheduler to retry scheduling a Pod that was previously rejected by the VolumeBinding plugin only if a new resource referenced by the plugin was created or an existing resource referenced by the plugin was updated. ([#124959](https://github.com/kubernetes/kubernetes/pull/124959), [@bells17](https://github.com/bells17)) [SIG Scheduling and Storage]", + "author": "bells17", + "author_url": "https://github.com/bells17", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/124959", + "pr_number": 124959, + "kinds": [ + "feature" + ], + "sigs": [ + "scheduling", + "storage" + ], + "feature": true, + "duplicate": true, + "is_mapped": true + }, + "124961": { + "commit": "e1aa8197eddd277fb82be0b8bbc2ba2b4ca67af7", + "text": "kube-scheduler implemented scheduling hints for the VolumeBinding plugin.\nThe scheduling hints allow the scheduler to retry scheduling a Pod that was previously rejected by the VolumeBinding plugin only if a new resource referenced by the plugin was created or an existing resource referenced by the plugin was updated.", + "markdown": "Kube-scheduler implemented scheduling hints for the VolumeBinding plugin.\n The scheduling hints allow the scheduler to retry scheduling a Pod that was previously rejected by the VolumeBinding plugin only if a new resource referenced by the plugin was created or an existing resource referenced by the plugin was updated. ([#124961](https://github.com/kubernetes/kubernetes/pull/124961), [@bells17](https://github.com/bells17)) [SIG Scheduling and Storage]", + "author": "bells17", + "author_url": "https://github.com/bells17", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/124961", + "pr_number": 124961, + "kinds": [ + "feature" + ], + "sigs": [ + "scheduling", + "storage" + ], + "feature": true, + "duplicate": true, + "is_mapped": true + }, + "124969": { + "commit": "108055430774959198d1b8a6917d03455250098d", + "text": "PersistentVolumeLastPhaseTransitionTime feature is stable and enabled by default.", + "markdown": "PersistentVolumeLastPhaseTransitionTime feature is stable and enabled by default. ([#124969](https://github.com/kubernetes/kubernetes/pull/124969), [@RomanBednar](https://github.com/RomanBednar)) [SIG API Machinery, Apps, Storage and Testing]", + "documentation": [ + { + "description": "[KEP]", + "url": "https://github.com/kubernetes/enhancements/issues/3762", + "type": "KEP" + } ], "author": "RomanBednar", "author_url": "https://github.com/RomanBednar", @@ -3480,12 +3869,13 @@ ], "feature": true, "duplicate": true, - "duplicate_kind": true + "duplicate_kind": true, + "is_mapped": true }, "124994": { "commit": "7ec344dcef9a04920578aabe4e122bc0b3404afe", - "text": "Added namespace autocompletion for kubectl config set-context command", - "markdown": "Added namespace autocompletion for kubectl config set-context command ([#124994](https://github.com/kubernetes/kubernetes/pull/124994), [@TessaIO](https://github.com/TessaIO)) [SIG CLI]", + "text": "Added namespace autocompletion for `kubectl config set-context` command.", + "markdown": "Added namespace autocompletion for `kubectl config set-context` command. ([#124994](https://github.com/kubernetes/kubernetes/pull/124994), [@TessaIO](https://github.com/TessaIO)) [SIG CLI]", "author": "TessaIO", "author_url": "https://github.com/TessaIO", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124994", @@ -3523,8 +3913,8 @@ }, "124997": { "commit": "25b3912c0dadb14403f80a144f858a751d0c743e", - "text": "kubeadm: deprecated the kubeadm `RootlessControlPlane` feature gate (previously alpha), given that the core K8s `UserNamespacesSupport` feature gate graduated to Beta in 1.30.\nOnce core Kubernetes support for user namespaces is generally available and kubeadm has started to support running the control plane in userns pods, the kubeadm `RootlessControlPlane` feature gate will be removed entirely.\nUntil kubeadm supports the userns functionality out of the box, users can continue using the deprecated `RootlessControlPlane` feature gate, or opt-in `UserNamespacesSupport` by using kubeadm patches on the static pod manifests.", - "markdown": "Kubeadm: deprecated the kubeadm `RootlessControlPlane` feature gate (previously alpha), given that the core K8s `UserNamespacesSupport` feature gate graduated to Beta in 1.30.\n Once core Kubernetes support for user namespaces is generally available and kubeadm has started to support running the control plane in userns pods, the kubeadm `RootlessControlPlane` feature gate will be removed entirely.\n Until kubeadm supports the userns functionality out of the box, users can continue using the deprecated `RootlessControlPlane` feature gate, or opt-in `UserNamespacesSupport` by using kubeadm patches on the static pod manifests. ([#124997](https://github.com/kubernetes/kubernetes/pull/124997), [@neolit123](https://github.com/neolit123)) [SIG Cluster Lifecycle]", + "text": "kubeadm: deprecated the kubeadm `RootlessControlPlane` feature gate (previously alpha), given that the core K8s `UserNamespacesSupport` feature gate graduated to beta in 1.30.\nOnce core Kubernetes support for user namespaces is generally available and kubeadm has started to support running the control plane in userns pods, the kubeadm `RootlessControlPlane` feature gate will be removed entirely.\nUntil kubeadm supports the userns functionality out of the box, users can continue using the deprecated `RootlessControlPlane` feature gate, or opt-in `UserNamespacesSupport` by using kubeadm patches on the static pod manifests.", + "markdown": "Kubeadm: deprecated the kubeadm `RootlessControlPlane` feature gate (previously alpha), given that the core K8s `UserNamespacesSupport` feature gate graduated to beta in 1.30.\n Once core Kubernetes support for user namespaces is generally available and kubeadm has started to support running the control plane in userns pods, the kubeadm `RootlessControlPlane` feature gate will be removed entirely.\n Until kubeadm supports the userns functionality out of the box, users can continue using the deprecated `RootlessControlPlane` feature gate, or opt-in `UserNamespacesSupport` by using kubeadm patches on the static pod manifests. ([#124997](https://github.com/kubernetes/kubernetes/pull/124997), [@neolit123](https://github.com/neolit123)) [SIG Cluster Lifecycle]", "author": "neolit123", "author_url": "https://github.com/neolit123", "pr_url": "https://github.com/kubernetes/kubernetes/pull/124997", @@ -3603,8 +3993,8 @@ }, "125016": { "commit": "b3db54ea72a4f7441260982b4d2941f856401c9a", - "text": "The feature-gate CSIMigrationPortworx was promoted to beta in Kubernetes 1.25, but turn it off by default. In 1.31, it was turned on by default. Before upgrading to 1.31, please make sure that the corresponding portworx csi driver is installed if you are using Portworx.", - "markdown": "The feature-gate CSIMigrationPortworx was promoted to beta in Kubernetes 1.25, but turn it off by default. In 1.31, it was turned on by default. Before upgrading to 1.31, please make sure that the corresponding portworx csi driver is installed if you are using Portworx. ([#125016](https://github.com/kubernetes/kubernetes/pull/125016), [@carlory](https://github.com/carlory)) [SIG Storage]", + "text": "The feature-gate CSIMigrationPortworx was promoted to beta in Kubernetes 1.25, but turned off by default. In 1.31, it was turned on by default. Before upgrading to 1.31, please make sure that the corresponding portworx csi driver is installed if you are using Portworx.", + "markdown": "The feature-gate CSIMigrationPortworx was promoted to beta in Kubernetes 1.25, but turned off by default. In 1.31, it was turned on by default. Before upgrading to 1.31, please make sure that the corresponding portworx csi driver is installed if you are using Portworx. ([#125016](https://github.com/kubernetes/kubernetes/pull/125016), [@carlory](https://github.com/carlory)) [SIG Storage]", "documentation": [ { "description": "[KEP]", @@ -3627,8 +4017,8 @@ }, "125021": { "commit": "93d56511e684369479f23aae15617e483cda5719", - "text": "Update the feature MultiCIDRServiceAllocator to beta (disabled by default). Users need to enable the feature gate and the networking v1beta1 group to be able to use this new feature, that allows to dynamically reconfigure Service CIDR ranges.", - "markdown": "Update the feature MultiCIDRServiceAllocator to beta (disabled by default). Users need to enable the feature gate and the networking v1beta1 group to be able to use this new feature, that allows to dynamically reconfigure Service CIDR ranges. ([#125021](https://github.com/kubernetes/kubernetes/pull/125021), [@aojea](https://github.com/aojea)) [SIG API Machinery, Apps, CLI, Etcd, Instrumentation, Network and Testing]", + "text": "Updated the feature MultiCIDRServiceAllocator to beta (disabled by default). Users need to enable the feature gate and the networking v1beta1 group to be able to use this new feature, that allows to dynamically reconfigure Service CIDR ranges.", + "markdown": "Updated the feature MultiCIDRServiceAllocator to beta (disabled by default). Users need to enable the feature gate and the networking v1beta1 group to be able to use this new feature, that allows to dynamically reconfigure Service CIDR ranges. ([#125021](https://github.com/kubernetes/kubernetes/pull/125021), [@aojea](https://github.com/aojea)) [SIG API Machinery, Apps, CLI, Etcd, Instrumentation, Network and Testing]", "documentation": [ { "description": "[KEP]", @@ -3687,8 +4077,8 @@ }, "125040": { "commit": "b2817dc4321beb9384badff71caaab2d756cf85a", - "text": "Fix kubelet on Windows fails if a pod has SecurityContext with RunAsUser", - "markdown": "Fix kubelet on Windows fails if a pod has SecurityContext with RunAsUser ([#125040](https://github.com/kubernetes/kubernetes/pull/125040), [@carlory](https://github.com/carlory)) [SIG Storage, Testing and Windows]", + "text": "Fixed an issue where kubelet on Windows would fail if a pod had a SecurityContext with `RunAsUser`.", + "markdown": "Fixed an issue where kubelet on Windows would fail if a pod had a SecurityContext with `RunAsUser`. ([#125040](https://github.com/kubernetes/kubernetes/pull/125040), [@carlory](https://github.com/carlory)) [SIG Storage, Testing and Windows]", "author": "carlory", "author_url": "https://github.com/carlory", "pr_url": "https://github.com/kubernetes/kubernetes/pull/125040", @@ -3709,8 +4099,8 @@ }, "125067": { "commit": "5a121aad53a819c3c9b26a6b5866b1ea8c686f5b", - "text": "pause: add a -v flag to the Windows variant of the pause binary, which prints the version of pause and exits. The Linux pause already has the flag.", - "markdown": "Pause: add a -v flag to the Windows variant of the pause binary, which prints the version of pause and exits. The Linux pause already has the flag. ([#125067](https://github.com/kubernetes/kubernetes/pull/125067), [@neolit123](https://github.com/neolit123)) [SIG Windows]", + "text": "`pause`: Added a `-v` flag to the Windows variant of the pause binary, which\nprints the version of pause and exits. The Linux pause binary already has this flag.", + "markdown": "`pause`: Added a `-v` flag to the Windows variant of the pause binary, which\n prints the version of pause and exits. The Linux pause binary already has this flag. ([#125067](https://github.com/kubernetes/kubernetes/pull/125067), [@neolit123](https://github.com/neolit123)) [SIG Windows]", "author": "neolit123", "author_url": "https://github.com/neolit123", "pr_url": "https://github.com/kubernetes/kubernetes/pull/125067", @@ -3771,8 +4161,8 @@ }, "125112": { "commit": "e0e6c9633d5f9a388cbf9c7757c789afaec11c34", - "text": "dependencies: start using registry.k8s.io/pause:3.10", - "markdown": "Dependencies: start using registry.k8s.io/pause:3.10 ([#125112](https://github.com/kubernetes/kubernetes/pull/125112), [@neolit123](https://github.com/neolit123)) [SIG CLI, Cloud Provider, Cluster Lifecycle, Node, Release, Testing and Windows]", + "text": "dependencies: started using registry.k8s.io/pause:3.10.", + "markdown": "Dependencies: started using registry.k8s.io/pause:3.10. ([#125112](https://github.com/kubernetes/kubernetes/pull/125112), [@neolit123](https://github.com/neolit123)) [SIG CLI, Cloud Provider, Cluster Lifecycle, Node, Release, Testing and Windows]", "author": "neolit123", "author_url": "https://github.com/neolit123", "pr_url": "https://github.com/kubernetes/kubernetes/pull/125112", @@ -3802,8 +4192,8 @@ }, "125113": { "commit": "4c0afd74c3d90a5f13c7edf94911b4a4eb633865", - "text": "Update CNI Plugins to v1.5.0", - "markdown": "Update CNI Plugins to v1.5.0 ([#125113](https://github.com/kubernetes/kubernetes/pull/125113), [@bzsuni](https://github.com/bzsuni)) [SIG Cloud Provider, Network, Node and Testing]", + "text": "Updated CNI Plugins to v1.5.0.", + "markdown": "Updated CNI Plugins to v1.5.0. ([#125113](https://github.com/kubernetes/kubernetes/pull/125113), [@bzsuni](https://github.com/bzsuni)) [SIG Cloud Provider, Network, Node and Testing]", "author": "bzsuni", "author_url": "https://github.com/bzsuni", "pr_url": "https://github.com/kubernetes/kubernetes/pull/125113", @@ -3826,8 +4216,8 @@ }, "125116": { "commit": "ac9aec9f9b1229c1560d682475dc5c6f38f6beb3", - "text": "DRA: in the `pod.spec.recourceClaims` array, the `source` indirection is no longer necessary. Instead of e.g. `source: resourceClaimTemplateName: my-template`, one can write `resourceClaimTemplateName: my-template`.", - "markdown": "DRA: in the `pod.spec.recourceClaims` array, the `source` indirection is no longer necessary. Instead of e.g. `source: resourceClaimTemplateName: my-template`, one can write `resourceClaimTemplateName: my-template`. ([#125116](https://github.com/kubernetes/kubernetes/pull/125116), [@pohly](https://github.com/pohly)) [SIG API Machinery, Apps, Auth, Node, Scheduling and Testing]", + "text": "Dynamic Resource Allocation (DRA): in the `pod.spec.recourceClaims` array, the `source` indirection is no longer necessary. Instead of e.g. `source: resourceClaimTemplateName: my-template`, one can write `resourceClaimTemplateName: my-template`.", + "markdown": "Dynamic Resource Allocation (DRA): in the `pod.spec.recourceClaims` array, the `source` indirection is no longer necessary. Instead of e.g. `source: resourceClaimTemplateName: my-template`, one can write `resourceClaimTemplateName: my-template`. ([#125116](https://github.com/kubernetes/kubernetes/pull/125116), [@pohly](https://github.com/pohly)) [SIG API Machinery, Apps, Auth, Node, Scheduling and Testing]", "author": "pohly", "author_url": "https://github.com/pohly", "pr_url": "https://github.com/kubernetes/kubernetes/pull/125116", @@ -3855,8 +4245,8 @@ }, "125117": { "commit": "59d90eb17e41f855e65f6ca4ac3d93d3709a3067", - "text": "`kubectl describe service` now shows internal traffic policy and ip mode of load balancer IP", - "markdown": "`kubectl describe service` now shows internal traffic policy and ip mode of load balancer IP ([#125117](https://github.com/kubernetes/kubernetes/pull/125117), [@tnqn](https://github.com/tnqn)) [SIG CLI and Network]", + "text": "`kubectl describe service` now shows internal traffic policy and ip mode of load balancer IP.", + "markdown": "`kubectl describe service` now shows internal traffic policy and ip mode of load balancer IP. ([#125117](https://github.com/kubernetes/kubernetes/pull/125117), [@tnqn](https://github.com/tnqn)) [SIG CLI and Network]", "author": "tnqn", "author_url": "https://github.com/tnqn", "pr_url": "https://github.com/kubernetes/kubernetes/pull/125117", @@ -3892,8 +4282,8 @@ }, "125145": { "commit": "3f9b79fc119d064d00939f91567b48d9ada7dc43", - "text": "kube-apiserver: fixes a 1.27+ regression watching a single namespace via the deprecated /api/v1/watch/namespaces/$name endpoint where watch events were not delivered after the watch was established", - "markdown": "Kube-apiserver: fixes a 1.27+ regression watching a single namespace via the deprecated /api/v1/watch/namespaces/$name endpoint where watch events were not delivered after the watch was established ([#125145](https://github.com/kubernetes/kubernetes/pull/125145), [@xyz-li](https://github.com/xyz-li)) [SIG API Machinery, Node and Testing]", + "text": "kube-apiserver: fixed a 1.27+ regression watching a single namespace via the deprecated /api/v1/watch/namespaces/$name endpoint where watch events were not delivered after the watch was established.", + "markdown": "Kube-apiserver: fixed a 1.27+ regression watching a single namespace via the deprecated /api/v1/watch/namespaces/$name endpoint where watch events were not delivered after the watch was established. ([#125145](https://github.com/kubernetes/kubernetes/pull/125145), [@xyz-li](https://github.com/xyz-li)) [SIG API Machinery, Node and Testing]", "author": "xyz-li", "author_url": "https://github.com/xyz-li", "pr_url": "https://github.com/kubernetes/kubernetes/pull/125145", @@ -3918,8 +4308,8 @@ }, "125150": { "commit": "2c46fafa2377363728797b43e2bef213753e4fc9", - "text": "CSI spec support has been lifted to v1.9.0 in this release", - "markdown": "CSI spec support has been lifted to v1.9.0 in this release ([#125150](https://github.com/kubernetes/kubernetes/pull/125150), [@humblec](https://github.com/humblec)) [SIG Storage and Testing]", + "text": "Container Storage Interface (CSI) spec support has been lifted to v1.9.0 in this release.", + "markdown": "Container Storage Interface (CSI) spec support has been lifted to v1.9.0 in this release. ([#125150](https://github.com/kubernetes/kubernetes/pull/125150), [@humblec](https://github.com/humblec)) [SIG Storage and Testing]", "author": "humblec", "author_url": "https://github.com/humblec", "pr_url": "https://github.com/kubernetes/kubernetes/pull/125150", @@ -3940,8 +4330,8 @@ }, "125157": { "commit": "548d50da98f086714bebbf54b1cd578d594c7aa6", - "text": "kubeadm: improve the warning message about the NodeSwap check which kubeadm performs on preflight.", - "markdown": "Kubeadm: improve the warning message about the NodeSwap check which kubeadm performs on preflight. ([#125157](https://github.com/kubernetes/kubernetes/pull/125157), [@carlory](https://github.com/carlory)) [SIG Cluster Lifecycle]", + "text": "`kubeadm`: The `NodeSwap` check that kubeadm performs during preflight, has a new warning to verify if swap has been configured correctly.", + "markdown": "`kubeadm`: The `NodeSwap` check that kubeadm performs during preflight, has a new warning to verify if swap has been configured correctly. ([#125157](https://github.com/kubernetes/kubernetes/pull/125157), [@carlory](https://github.com/carlory)) [SIG Cluster Lifecycle]", "author": "carlory", "author_url": "https://github.com/carlory", "pr_url": "https://github.com/kubernetes/kubernetes/pull/125157", @@ -3959,8 +4349,8 @@ }, "125162": { "commit": "2c6daa41deff0eb7d705c85b5672cde79ea82517", - "text": "Fix code-generator client-gen to work with `api/v1`-like package structure.", - "markdown": "Fix code-generator client-gen to work with `api/v1`-like package structure. ([#125162](https://github.com/kubernetes/kubernetes/pull/125162), [@sttts](https://github.com/sttts)) [SIG API Machinery and Apps]", + "text": "Fixed code-generator client-gen to work with `api/v1`-like package structure.", + "markdown": "Fixed code-generator client-gen to work with `api/v1`-like package structure. ([#125162](https://github.com/kubernetes/kubernetes/pull/125162), [@sttts](https://github.com/sttts)) [SIG API Machinery and Apps]", "author": "sttts", "author_url": "https://github.com/sttts", "pr_url": "https://github.com/kubernetes/kubernetes/pull/125162", @@ -3980,10 +4370,49 @@ "duplicate_kind": true, "is_mapped": true }, + "125163": { + "commit": "f2428d66cc2256fcbe2a486b1403603530f46c6f", + "text": "DRA: The Dynamic Resource Allocation (DRA) driver's daemonset must be deployed with a service account that enables writing ResourceSlice and reading ResourceClaim objects.", + "markdown": "DRA: The Dynamic Resource Allocation (DRA) driver's daemonset must be deployed with a service account that enables writing ResourceSlice and reading ResourceClaim objects. ([#125163](https://github.com/kubernetes/kubernetes/pull/125163), [@pohly](https://github.com/pohly)) [SIG Auth, Node and Testing]", + "documentation": [ + { + "description": "[KEP]", + "url": "https://github.com/kubernetes/enhancements/issues/4381", + "type": "KEP" + }, + { + "description": "[Docs]", + "url": "https://github.com/kubernetes/enhancements/pull/4667", + "type": "KEP" + } + ], + "author": "pohly", + "author_url": "https://github.com/pohly", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/125163", + "pr_number": 125163, + "areas": [ + "test", + "kubelet", + "e2e-test-framework" + ], + "kinds": [ + "api-change", + "feature" + ], + "sigs": [ + "auth", + "node", + "testing" + ], + "feature": true, + "duplicate": true, + "duplicate_kind": true, + "is_mapped": true + }, "125168": { "commit": "d8b33e32b16a8e393f9e174af92b19302c729a98", - "text": "job-controller: the `JobReadyPods` feature flag has been removed (deprecated since v1.31)", - "markdown": "Job-controller: the `JobReadyPods` feature flag has been removed (deprecated since v1.31) ([#125168](https://github.com/kubernetes/kubernetes/pull/125168), [@kaisoz](https://github.com/kaisoz)) [SIG Apps]", + "text": "job-controller: the `JobReadyPods` feature flag has been removed (deprecated since v1.31).", + "markdown": "Job-controller: the `JobReadyPods` feature flag has been removed (deprecated since v1.31). ([#125168](https://github.com/kubernetes/kubernetes/pull/125168), [@kaisoz](https://github.com/kaisoz)) [SIG Apps]", "documentation": [ { "description": "[KEP]", @@ -4005,8 +4434,8 @@ }, "125175": { "commit": "c49b140c45e0e9b7e47da4bbe81d32829008c06d", - "text": ".status.terminating field now gets tracked faster when active Pods are deleted, specifically when Job is failed, gets suspended or has too many active pods", - "markdown": ".status.terminating field now gets tracked faster when active Pods are deleted, specifically when Job is failed, gets suspended or has too many active pods ([#125175](https://github.com/kubernetes/kubernetes/pull/125175), [@dejanzele](https://github.com/dejanzele)) [SIG Apps and Testing]", + "text": ".status.terminating field now gets tracked faster when active Pods are deleted, specifically when Job is failed, gets suspended or has too many active pods.", + "markdown": ".status.terminating field now gets tracked faster when active Pods are deleted, specifically when Job is failed, gets suspended or has too many active pods. ([#125175](https://github.com/kubernetes/kubernetes/pull/125175), [@dejanzele](https://github.com/dejanzele)) [SIG Apps and Testing]", "documentation": [ { "description": "[KEP]", @@ -4049,8 +4478,8 @@ }, "125179": { "commit": "83c2db067ed04401bbeca9193bfac888c18c77b8", - "text": "kubeadm: only enable the klog flags that are still supported for kubeadm, rather than hiding the unwanted flags. This means that the previously unrecommended hidden flags about klog (including `--alsologtostderr`, `--log-backtrace-at`, `--log-dir`, `--logtostderr`, `--log-file`, `--log-file-max-size`, `--one-output`, `--skip-log-headers`, `--stderrthreshold` and `--vmodule`) are no longer allowed to be used.", - "markdown": "Kubeadm: only enable the klog flags that are still supported for kubeadm, rather than hiding the unwanted flags. This means that the previously unrecommended hidden flags about klog (including `--alsologtostderr`, `--log-backtrace-at`, `--log-dir`, `--logtostderr`, `--log-file`, `--log-file-max-size`, `--one-output`, `--skip-log-headers`, `--stderrthreshold` and `--vmodule`) are no longer allowed to be used. ([#125179](https://github.com/kubernetes/kubernetes/pull/125179), [@SataQiu](https://github.com/SataQiu)) [SIG Cluster Lifecycle]", + "text": "kubeadm: Strictly enabled only the supported klog flags, disallowing previously available but unrecommended options. This means that hidden flags about klog (including `--alsologtostderr`, `--log-backtrace-at`, `--log-dir`, `--logtostderr`, `--log-file`, `--log-file-max-size`, `--one-output`, `--skip-log-headers`, `--stderrthreshold` and `--vmodule`) are no longer allowed to be used.", + "markdown": "Kubeadm: Strictly enabled only the supported klog flags, disallowing previously available but unrecommended options. This means that hidden flags about klog (including `--alsologtostderr`, `--log-backtrace-at`, `--log-dir`, `--logtostderr`, `--log-file`, `--log-file-max-size`, `--one-output`, `--skip-log-headers`, `--stderrthreshold` and `--vmodule`) are no longer allowed to be used. ([#125179](https://github.com/kubernetes/kubernetes/pull/125179), [@SataQiu](https://github.com/SataQiu)) [SIG Cluster Lifecycle]", "author": "SataQiu", "author_url": "https://github.com/SataQiu", "pr_url": "https://github.com/kubernetes/kubernetes/pull/125179", @@ -4068,8 +4497,8 @@ }, "125197": { "commit": "8bd36c60bda712fb8146ee946920f572a77c185e", - "text": "Improved scheduling performance when many nodes, and prefilter returns 1-2 nodes (e.g. daemonset)\n\nFor developers of out-of-tree PostFilter plugins, note that the semantics of NodeToStatusMap are changing: A node with an absent value in the NodeToStatusMap should be interpreted as having an UnschedulableAndUnresolvable status", - "markdown": "Improved scheduling performance when many nodes, and prefilter returns 1-2 nodes (e.g. daemonset)\n \n For developers of out-of-tree PostFilter plugins, note that the semantics of NodeToStatusMap are changing: A node with an absent value in the NodeToStatusMap should be interpreted as having an UnschedulableAndUnresolvable status ([#125197](https://github.com/kubernetes/kubernetes/pull/125197), [@gabesaba](https://github.com/gabesaba)) [SIG Scheduling]", + "text": "Improved scheduling performance when many nodes, and prefilter returned 1-2 nodes (e.g. daemonset)\n\nFor developers of out-of-tree PostFilter plugins, note that the semantics of NodeToStatusMap are changing: A node with an absent value in the NodeToStatusMap should be interpreted as having an UnschedulableAndUnresolvable status.", + "markdown": "Improved scheduling performance when many nodes, and prefilter returned 1-2 nodes (e.g. daemonset)\n \n For developers of out-of-tree PostFilter plugins, note that the semantics of NodeToStatusMap are changing: A node with an absent value in the NodeToStatusMap should be interpreted as having an UnschedulableAndUnresolvable status. ([#125197](https://github.com/kubernetes/kubernetes/pull/125197), [@gabesaba](https://github.com/gabesaba)) [SIG Scheduling]", "author": "gabesaba", "author_url": "https://github.com/gabesaba", "pr_url": "https://github.com/kubernetes/kubernetes/pull/125197", @@ -4088,8 +4517,8 @@ }, "125218": { "commit": "ba28796e778731bdb8dfeaa9a85454ff28306c1a", - "text": "DRA: enhance validation for the ResourceClaimParametersReference and ResourceClassParametersReference with the following rules:\n\n1. `apiGroup`: If set, it must be a valid DNS subdomain (e.g. 'example.com').\n2. `kind` and `name`: It must be valid path segment name. It may not be '.' or '..' and it may not contain '/' and '%' characters.", - "markdown": "DRA: enhance validation for the ResourceClaimParametersReference and ResourceClassParametersReference with the following rules:\n \n 1. `apiGroup`: If set, it must be a valid DNS subdomain (e.g. 'example.com').\n 2. `kind` and `name`: It must be valid path segment name. It may not be '.' or '..' and it may not contain '/' and '%' characters. ([#125218](https://github.com/kubernetes/kubernetes/pull/125218), [@carlory](https://github.com/carlory)) [SIG Node]", + "text": "Dynamic Resource Allocator (DRA): Enhanced validation for the ResourceClaimParametersReference and ResourceClassParametersReference with the following rules:\n\n1. `apiGroup`: If set, it must be a valid DNS subdomain (e.g. 'example.com').\n2. `kind` and `name`: It must be valid path segment name. It may not be '.' or '..' and it may not contain '/' and '%' characters.", + "markdown": "Dynamic Resource Allocator (DRA): Enhanced validation for the ResourceClaimParametersReference and ResourceClassParametersReference with the following rules:\n \n 1. `apiGroup`: If set, it must be a valid DNS subdomain (e.g. 'example.com').\n 2. `kind` and `name`: It must be valid path segment name. It may not be '.' or '..' and it may not contain '/' and '%' characters. ([#125218](https://github.com/kubernetes/kubernetes/pull/125218), [@carlory](https://github.com/carlory)) [SIG Node]", "author": "carlory", "author_url": "https://github.com/carlory", "pr_url": "https://github.com/kubernetes/kubernetes/pull/125218", @@ -4104,8 +4533,8 @@ }, "125225": { "commit": "6938c29a38e2b55b1a93f63af8c9a98aaeb5c026", - "text": "The Service LoadBalancer controller was not correctly considering the service.Status new IPMode field and excluding the Ports when comparing if the status has changed, causing that changes in these fields may not update the service.Status correctly", - "markdown": "The Service LoadBalancer controller was not correctly considering the service.Status new IPMode field and excluding the Ports when comparing if the status has changed, causing that changes in these fields may not update the service.Status correctly ([#125225](https://github.com/kubernetes/kubernetes/pull/125225), [@aojea](https://github.com/aojea)) [SIG Apps, Cloud Provider and Network]", + "text": "Fixed an issue where the Service LoadBalancer controller was not correctly considering the `service.Status new IPMode` field and excluding the Ports when checking if the status was changed, resulting in the changed field potentially not to update the `service.Status` correctly.", + "markdown": "Fixed an issue where the Service LoadBalancer controller was not correctly considering the `service.Status new IPMode` field and excluding the Ports when checking if the status was changed, resulting in the changed field potentially not to update the `service.Status` correctly. ([#125225](https://github.com/kubernetes/kubernetes/pull/125225), [@aojea](https://github.com/aojea)) [SIG Apps, Cloud Provider and Network]", "author": "aojea", "author_url": "https://github.com/aojea", "pr_url": "https://github.com/kubernetes/kubernetes/pull/125225", @@ -4128,8 +4557,8 @@ }, "125235": { "commit": "2f0cf23645876d39a6554f0cf6578a851c0a4891", - "text": "Build etcd image v3.5.14", - "markdown": "Build etcd image v3.5.14 ([#125235](https://github.com/kubernetes/kubernetes/pull/125235), [@humblec](https://github.com/humblec)) [SIG API Machinery]", + "text": "Built etcd image v3.5.14.", + "markdown": "Built etcd image v3.5.14. ([#125235](https://github.com/kubernetes/kubernetes/pull/125235), [@humblec](https://github.com/humblec)) [SIG API Machinery]", "author": "humblec", "author_url": "https://github.com/humblec", "pr_url": "https://github.com/kubernetes/kubernetes/pull/125235", @@ -4147,8 +4576,8 @@ }, "125238": { "commit": "790dfdbe386e4a115f41d38058c127d2dd0e6f44", - "text": "Allow creating ServiceAccount tokens bound to Node objects.\nThis allows users to bind a service account token's validity to a named Node object, similar to Pod bound tokens.\nUse with `kubectl create token \u003cserviceaccount-name\u003e --bound-object-kind=Node --bound-object-node=\u003cnode-name\u003e`.", - "markdown": "Allow creating ServiceAccount tokens bound to Node objects.\n This allows users to bind a service account token's validity to a named Node object, similar to Pod bound tokens.\n Use with `kubectl create token \u003cserviceaccount-name\u003e --bound-object-kind=Node --bound-object-node=\u003cnode-name\u003e`. ([#125238](https://github.com/kubernetes/kubernetes/pull/125238), [@munnerz](https://github.com/munnerz)) [SIG Auth and CLI]", + "text": "Allowed creating ServiceAccount tokens bound to Node objects.\nThis allows users to bind a service account token's validity to a named Node object, similar to Pod bound tokens.\nUse with `kubectl create token \u003cserviceaccount-name\u003e --bound-object-kind=Node --bound-object-node=\u003cnode-name\u003e`.", + "markdown": "Allowed creating ServiceAccount tokens bound to Node objects.\n This allows users to bind a service account token's validity to a named Node object, similar to Pod bound tokens.\n Use with `kubectl create token \u003cserviceaccount-name\u003e --bound-object-kind=Node --bound-object-node=\u003cnode-name\u003e`. ([#125238](https://github.com/kubernetes/kubernetes/pull/125238), [@munnerz](https://github.com/munnerz)) [SIG Auth and CLI]", "documentation": [ { "description": "[KEP]", @@ -4174,10 +4603,57 @@ "duplicate": true, "is_mapped": true }, + "125257": { + "commit": "7590cb7adffb25b687e629d2c93dcb1eaa539301", + "text": "Graduated Kubernetes' support for AppArmor to GA.", + "markdown": "Graduated Kubernetes' support for AppArmor to GA. ([#125257](https://github.com/kubernetes/kubernetes/pull/125257), [@vinayakankugoyal](https://github.com/vinayakankugoyal)) [SIG Apps, Node and Testing]", + "author": "vinayakankugoyal", + "author_url": "https://github.com/vinayakankugoyal", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/125257", + "pr_number": 125257, + "areas": [ + "test" + ], + "kinds": [ + "feature" + ], + "sigs": [ + "apps", + "node", + "testing" + ], + "feature": true, + "duplicate": true, + "is_mapped": true + }, + "125259": { + "commit": "a8110d7174e062a26aee19d7d4e2db622779fab8", + "text": "Promoted ProcMountType feature to Beta.", + "markdown": "Promoted ProcMountType feature to Beta. ([#125259](https://github.com/kubernetes/kubernetes/pull/125259), [@sohankunkerkar](https://github.com/sohankunkerkar))", + "documentation": [ + { + "description": "[KEP]", + "url": "https://github.com/kubernetes/enhancements/tree/master/keps/sig-node/4265-proc-mount", + "type": "KEP" + } + ], + "author": "sohankunkerkar", + "author_url": "https://github.com/sohankunkerkar", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/125259", + "pr_number": 125259, + "kinds": [ + "feature" + ], + "sigs": [ + "node" + ], + "feature": true, + "is_mapped": true + }, "125263": { "commit": "34dd2007cb91eda0828ae50aebf70fc2a02186f2", - "text": "Fix bug where Server Side Apply causes spurious resourceVersion bumps on no-op patches to custom resources.", - "markdown": "Fix bug where Server Side Apply causes spurious resourceVersion bumps on no-op patches to custom resources. ([#125263](https://github.com/kubernetes/kubernetes/pull/125263), [@jpbetz](https://github.com/jpbetz)) [SIG API Machinery and Testing]", + "text": "Fixed bug where Server Side Apply causes spurious resourceVersion bumps on no-op patches to custom resources.", + "markdown": "Fixed bug where Server Side Apply causes spurious resourceVersion bumps on no-op patches to custom resources. ([#125263](https://github.com/kubernetes/kubernetes/pull/125263), [@jpbetz](https://github.com/jpbetz)) [SIG API Machinery and Testing]", "author": "jpbetz", "author_url": "https://github.com/jpbetz", "pr_url": "https://github.com/kubernetes/kubernetes/pull/125263", @@ -4198,8 +4674,8 @@ }, "125265": { "commit": "2d8a3ad5728cb6ff00f9721303c18e942ccfbfc8", - "text": "kubeadm: during kubelet health checks, respect the healthz address:port configured in the KubeletConfiguration instead of hardcoding localhost:10248.", - "markdown": "Kubeadm: during kubelet health checks, respect the healthz address:port configured in the KubeletConfiguration instead of hardcoding localhost:10248. ([#125265](https://github.com/kubernetes/kubernetes/pull/125265), [@neolit123](https://github.com/neolit123)) [SIG Cluster Lifecycle]", + "text": "kubeadm: The healthz address:port configured in the KubeletConfiguration was used during kubelet health checks, instead of hardcoding localhost:10248.", + "markdown": "Kubeadm: The healthz address:port configured in the KubeletConfiguration was used during kubelet health checks, instead of hardcoding localhost:10248. ([#125265](https://github.com/kubernetes/kubernetes/pull/125265), [@neolit123](https://github.com/neolit123)) [SIG Cluster Lifecycle]", "author": "neolit123", "author_url": "https://github.com/neolit123", "pr_url": "https://github.com/kubernetes/kubernetes/pull/125265", @@ -4232,10 +4708,39 @@ "do_not_publish": true, "is_mapped": true }, + "125277": { + "commit": "f458a749e794de9169bbc7a7249afd4742f795cc", + "text": "Changed Linux swap handling to restrict access to swap for containers in high priority Pods.\nNew Pods that have a node- or cluster-critical priority are prohibited from accessing swap on Linux,\neven if your cluster and node configuration could otherwise allow this.", + "markdown": "Changed Linux swap handling to restrict access to swap for containers in high priority Pods.\n New Pods that have a node- or cluster-critical priority are prohibited from accessing swap on Linux,\n even if your cluster and node configuration could otherwise allow this. ([#125277](https://github.com/kubernetes/kubernetes/pull/125277), [@iholder101](https://github.com/iholder101)) [SIG Node and Testing]", + "documentation": [ + { + "description": "KEP", + "url": "https://github.com/kubernetes/enhancements/tree/master/keps/sig-node/2400-node-swap", + "type": "KEP" + } + ], + "author": "iholder101", + "author_url": "https://github.com/iholder101", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/125277", + "pr_number": 125277, + "areas": [ + "test", + "kubelet" + ], + "kinds": [ + "feature" + ], + "sigs": [ + "node", + "testing" + ], + "feature": true, + "duplicate": true + }, "125279": { "commit": "a008776ec9527d2a8d89e7e7b65087ea2b131bfb", - "text": "kube-scheduler implements scheduling hints for the VolumeRestriction plugin.\nScheduling hints allow the scheduler to retry scheduling Pods that were previously rejected by the VolumeRestriction plugin if the Pod is deleted and the deleted Pod conflicts with the existing volumes of the current Pod.", - "markdown": "Kube-scheduler implements scheduling hints for the VolumeRestriction plugin.\n Scheduling hints allow the scheduler to retry scheduling Pods that were previously rejected by the VolumeRestriction plugin if the Pod is deleted and the deleted Pod conflicts with the existing volumes of the current Pod. ([#125279](https://github.com/kubernetes/kubernetes/pull/125279), [@HirazawaUi](https://github.com/HirazawaUi)) [SIG Scheduling and Storage]", + "text": "kube-scheduler implemented scheduling hints for the VolumeRestriction plugin.\nScheduling hints allow the scheduler to retry scheduling Pods that were previously rejected by the VolumeRestriction plugin if the Pod is deleted and the deleted Pod conflicts with the existing volumes of the current Pod.", + "markdown": "Kube-scheduler implemented scheduling hints for the VolumeRestriction plugin.\n Scheduling hints allow the scheduler to retry scheduling Pods that were previously rejected by the VolumeRestriction plugin if the Pod is deleted and the deleted Pod conflicts with the existing volumes of the current Pod. ([#125279](https://github.com/kubernetes/kubernetes/pull/125279), [@HirazawaUi](https://github.com/HirazawaUi)) [SIG Scheduling and Storage]", "author": "HirazawaUi", "author_url": "https://github.com/HirazawaUi", "pr_url": "https://github.com/kubernetes/kubernetes/pull/125279", @@ -4313,8 +4818,8 @@ }, "125328": { "commit": "5a99930ab57b2c7837960b21d2c92e958db8c377", - "text": "Add a warning log, an event for cgroup v1 usage and a metric for cgroup version.", - "markdown": "Add a warning log, an event for cgroup v1 usage and a metric for cgroup version. ([#125328](https://github.com/kubernetes/kubernetes/pull/125328), [@harche](https://github.com/harche)) [SIG Node]", + "text": "Added a warning log, an event for cgroup v1 usage and a metric for cgroup version.", + "markdown": "Added a warning log, an event for cgroup v1 usage and a metric for cgroup version. ([#125328](https://github.com/kubernetes/kubernetes/pull/125328), [@harche](https://github.com/harche)) [SIG Node]", "documentation": [ { "url": "https://github.com/kubernetes/enhancements/tree/master/keps/sig-node/4569-cgroup-v1-maintenance-mode#implementing-a-warning-log-and-an-event-for-cgroup-v1-usage", @@ -4339,8 +4844,8 @@ }, "125333": { "commit": "c20aa764d787d5710935b573571c0574b2e13e47", - "text": "--custom flag in kubectl debug will be enabled by default and yaml support is added", - "markdown": "--custom flag in kubectl debug will be enabled by default and yaml support is added ([#125333](https://github.com/kubernetes/kubernetes/pull/125333), [@ardaguclu](https://github.com/ardaguclu)) [SIG CLI and Testing]", + "text": "`--custom` flag in `kubectl debug` will be enabled by default and yaml support is added.", + "markdown": "`--custom` flag in `kubectl debug` will be enabled by default and yaml support is added. ([#125333](https://github.com/kubernetes/kubernetes/pull/125333), [@ardaguclu](https://github.com/ardaguclu)) [SIG CLI and Testing]", "documentation": [ { "description": "[KEP]", @@ -4369,8 +4874,8 @@ }, "125359": { "commit": "fb6bbc9781d11a87688c398778525c4e1dcb0f08", - "text": "Fix: during the kube-controller-manager restart, when the corresponding Endpoints resource was manually deleted and recreated, causing the endpointslice to fail to be created normally.", - "markdown": "Fix: during the kube-controller-manager restart, when the corresponding Endpoints resource was manually deleted and recreated, causing the endpointslice to fail to be created normally. ([#125359](https://github.com/kubernetes/kubernetes/pull/125359), [@yangjunmyfm192085](https://github.com/yangjunmyfm192085)) [SIG Apps and Network]", + "text": "Fixed: during the kube-controller-manager restart, when the corresponding Endpoints resource was manually deleted and recreated, causing the endpointslice to fail to be created normally.", + "markdown": "Fixed: during the kube-controller-manager restart, when the corresponding Endpoints resource was manually deleted and recreated, causing the endpointslice to fail to be created normally. ([#125359](https://github.com/kubernetes/kubernetes/pull/125359), [@yangjunmyfm192085](https://github.com/yangjunmyfm192085)) [SIG Apps and Network]", "author": "yangjunmyfm192085", "author_url": "https://github.com/yangjunmyfm192085", "pr_url": "https://github.com/kubernetes/kubernetes/pull/125359", @@ -4387,8 +4892,8 @@ }, "125360": { "commit": "96827ea6bf4f371bf6be17e6e1f9094c82cf5781", - "text": "scheduler framework: PreBind implementations are now allowed to return Pending and Unschedulable status codes.", - "markdown": "Scheduler framework: PreBind implementations are now allowed to return Pending and Unschedulable status codes. ([#125360](https://github.com/kubernetes/kubernetes/pull/125360), [@pohly](https://github.com/pohly)) [SIG Scheduling]", + "text": "scheduler framework: Allowed PreBind implementations to return Pending and Unschedulable status codes.", + "markdown": "Scheduler framework: Allowed PreBind implementations to return Pending and Unschedulable status codes. ([#125360](https://github.com/kubernetes/kubernetes/pull/125360), [@pohly](https://github.com/pohly)) [SIG Scheduling]", "author": "pohly", "author_url": "https://github.com/pohly", "pr_url": "https://github.com/kubernetes/kubernetes/pull/125360", @@ -4403,8 +4908,8 @@ }, "125363": { "commit": "a7ca13ea29ba5b3c91fd293cdbaec8fb5b30cee2", - "text": "Kubernetes is now built with go 1.22.4", - "markdown": "Kubernetes is now built with go 1.22.4 ([#125363](https://github.com/kubernetes/kubernetes/pull/125363), [@cpanato](https://github.com/cpanato)) [SIG Architecture, Cloud Provider, Release, Storage and Testing]", + "text": "Built Kubernetes with Go 1.22.4.", + "markdown": "Built Kubernetes with Go 1.22.4. ([#125363](https://github.com/kubernetes/kubernetes/pull/125363), [@cpanato](https://github.com/cpanato)) [SIG Architecture, Cloud Provider, Release, Storage and Testing]", "author": "cpanato", "author_url": "https://github.com/cpanato", "pr_url": "https://github.com/kubernetes/kubernetes/pull/125363", @@ -4450,13 +4955,38 @@ "testing" ], "duplicate": true, - "do_not_publish": true, + "do_not_publish": true + }, + "125374": { + "commit": "6e52e705d0c0a962fcfe0fc98b1015e517f16844", + "text": "Promoted StatefulSetStartOrdinal to stable. This means `--feature-gates=StatefulSetStartOrdinal=true` are not needed on kube-apiserver and kube-controller-manager binaries and they'll be removed soon following policy at https://kubernetes.io/docs/reference/using-api/deprecation-policy/#deprecation.", + "markdown": "Promoted StatefulSetStartOrdinal to stable. This means `--feature-gates=StatefulSetStartOrdinal=true` are not needed on kube-apiserver and kube-controller-manager binaries and they'll be removed soon following policy at https://kubernetes.io/docs/reference/using-api/deprecation-policy/#deprecation. ([#125374](https://github.com/kubernetes/kubernetes/pull/125374), [@pwschuurman](https://github.com/pwschuurman)) [SIG API Machinery, Apps and Testing]", + "author": "pwschuurman", + "author_url": "https://github.com/pwschuurman", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/125374", + "pr_number": 125374, + "areas": [ + "test", + "code-generation" + ], + "kinds": [ + "api-change", + "feature" + ], + "sigs": [ + "api-machinery", + "apps", + "testing" + ], + "feature": true, + "duplicate": true, + "duplicate_kind": true, "is_mapped": true }, "125377": { "commit": "6ba9fa89fb5889550649bfde847c742a55d3d29c", - "text": "Expose apiserver_watch_cache_resource_version metric to simplify debugging problems with watchcache.", - "markdown": "Expose apiserver_watch_cache_resource_version metric to simplify debugging problems with watchcache. ([#125377](https://github.com/kubernetes/kubernetes/pull/125377), [@wojtek-t](https://github.com/wojtek-t)) [SIG API Machinery and Instrumentation]", + "text": "Exposed the `apiserver_watch_cache_resource_version` metric to simplify debugging problems with watchcache.", + "markdown": "Exposed the `apiserver_watch_cache_resource_version` metric to simplify debugging problems with watchcache. ([#125377](https://github.com/kubernetes/kubernetes/pull/125377), [@wojtek-t](https://github.com/wojtek-t)) [SIG API Machinery and Instrumentation]", "author": "wojtek-t", "author_url": "https://github.com/wojtek-t", "pr_url": "https://github.com/kubernetes/kubernetes/pull/125377", @@ -4476,8 +5006,8 @@ }, "125388": { "commit": "c77d954273400a3f33150de499a09b57992e1741", - "text": "kubeadm: fixed a bug where the PublicKeysECDSA feature gate was not respected when generating kubeconfig files.", - "markdown": "Kubeadm: fixed a bug where the PublicKeysECDSA feature gate was not respected when generating kubeconfig files. ([#125388](https://github.com/kubernetes/kubernetes/pull/125388), [@neolit123](https://github.com/neolit123)) [SIG Cluster Lifecycle]", + "text": "kubeadm: Fixed a bug where the PublicKeysECDSA feature gate was not respected when generating kubeconfig files.", + "markdown": "Kubeadm: Fixed a bug where the PublicKeysECDSA feature gate was not respected when generating kubeconfig files. ([#125388](https://github.com/kubernetes/kubernetes/pull/125388), [@neolit123](https://github.com/neolit123)) [SIG Cluster Lifecycle]", "author": "neolit123", "author_url": "https://github.com/neolit123", "pr_url": "https://github.com/kubernetes/kubernetes/pull/125388", @@ -4495,8 +5025,8 @@ }, "125396": { "commit": "6b73cccb07de30c7793370e1d5c3f8766d975d20", - "text": "kubeadm: allow 'kubeadm init phase certs sa' to accept the '--config' flag.", - "markdown": "Kubeadm: allow 'kubeadm init phase certs sa' to accept the '--config' flag. ([#125396](https://github.com/kubernetes/kubernetes/pull/125396), [@Kavinraja-G](https://github.com/Kavinraja-G)) [SIG Cluster Lifecycle]", + "text": "`kubeadm`: Allowed the `kubeadm init phase certs sa` command to accept the `--config` flag.", + "markdown": "`kubeadm`: Allowed the `kubeadm init phase certs sa` command to accept the `--config` flag. ([#125396](https://github.com/kubernetes/kubernetes/pull/125396), [@Kavinraja-G](https://github.com/Kavinraja-G)) [SIG Cluster Lifecycle]", "author": "Kavinraja-G", "author_url": "https://github.com/Kavinraja-G", "pr_url": "https://github.com/kubernetes/kubernetes/pull/125396", @@ -4537,8 +5067,8 @@ }, "125429": { "commit": "02013fd12707da232a5d4290a2c63dfc0912a407", - "text": "Job: Fix a bug that the SuccessCriteriaMet could be added to the Job with successPolicy regardless of the featureGate enabling", - "markdown": "Job: Fix a bug that the SuccessCriteriaMet could be added to the Job with successPolicy regardless of the featureGate enabling ([#125429](https://github.com/kubernetes/kubernetes/pull/125429), [@tenzen-y](https://github.com/tenzen-y)) [SIG Apps]", + "text": "`Job`: Fixed a bug where `SuccessCriteriaMet` could be added to the Job with\n`successPolicy` regardless of the `featureGate` being enabled.", + "markdown": "`Job`: Fixed a bug where `SuccessCriteriaMet` could be added to the Job with\n `successPolicy` regardless of the `featureGate` being enabled. ([#125429](https://github.com/kubernetes/kubernetes/pull/125429), [@tenzen-y](https://github.com/tenzen-y)) [SIG Apps]", "documentation": [ { "url": "https://github.com/kubernetes/enhancements/tree/master/keps/sig-apps/3998-job-success-completion-policy", @@ -4561,8 +5091,8 @@ }, "125437": { "commit": "6f4e97e905e5553e75a5a8c042c9f5a29bd1b78d", - "text": "Removing deprecated kubectl exec [POD] [COMMAND]", - "markdown": "Removing deprecated kubectl exec [POD] [COMMAND] ([#125437](https://github.com/kubernetes/kubernetes/pull/125437), [@ardaguclu](https://github.com/ardaguclu)) [SIG CLI and Testing]", + "text": "\"Removed the ability to run `kubectl exec [POD] [COMMAND]` without a `--` separator.\nThe `--` separator has been recommended since the Kubernetes v1.18 release, which also deprecated the legacy way of invoking `kubectl exec`.\n\nThis change aligns with the deprecation of legacy `kubectl exec` command execution and enforces the use of `kubectl exec [POD] -- [COMMAND]` for improved compatibility and adherence to recommended practices.\"\n", + "markdown": "\"Removed the ability to run `kubectl exec [POD] [COMMAND]` without a `--` separator.\n The `--` separator has been recommended since the Kubernetes v1.18 release, which also deprecated the legacy way of invoking `kubectl exec`.\n \n This change aligns with the deprecation of legacy `kubectl exec` command execution and enforces the use of `kubectl exec [POD] -- [COMMAND]` for improved compatibility and adherence to recommended practices.\"\n ([#125437](https://github.com/kubernetes/kubernetes/pull/125437), [@ardaguclu](https://github.com/ardaguclu)) [SIG CLI and Testing]", "author": "ardaguclu", "author_url": "https://github.com/ardaguclu", "pr_url": "https://github.com/kubernetes/kubernetes/pull/125437", @@ -4583,8 +5113,8 @@ }, "125442": { "commit": "de00a3c894f17936b66bbd88ae1471f222826629", - "text": "Graduate JobPodFailurePolicy to GA and lock", - "markdown": "Graduate JobPodFailurePolicy to GA and lock ([#125442](https://github.com/kubernetes/kubernetes/pull/125442), [@mimowo](https://github.com/mimowo)) [SIG API Machinery, Apps, Scheduling and Testing]", + "text": "Graduated `JobPodFailurePolicy` to GA and locked it to it's default.", + "markdown": "Graduated `JobPodFailurePolicy` to GA and locked it to it's default. ([#125442](https://github.com/kubernetes/kubernetes/pull/125442), [@mimowo](https://github.com/mimowo)) [SIG API Machinery, Apps, Scheduling and Testing]", "documentation": [ { "url": "https://github.com/kubernetes/enhancements/tree/master/keps/sig-apps/3329-retriable-and-non-retriable-failures", @@ -4616,8 +5146,8 @@ }, "125450": { "commit": "4630bef3034366812c6a1c68aa68d919853320a9", - "text": "pkg k8s.io/apiserver/pkg/storage/cacher, method (*Cacher) Wait(context.Context) error", - "markdown": "Pkg k8s.io/apiserver/pkg/storage/cacher, method (*Cacher) Wait(context.Context) error ([#125450](https://github.com/kubernetes/kubernetes/pull/125450), [@mauri870](https://github.com/mauri870)) [SIG API Machinery]", + "text": "Introduced `Wait(context.Context) error` method in pkg k8s.io/apiserver/pkg/storage/cacher to improve watch cache initialization resilience.", + "markdown": "Introduced `Wait(context.Context) error` method in pkg k8s.io/apiserver/pkg/storage/cacher to improve watch cache initialization resilience. ([#125450](https://github.com/kubernetes/kubernetes/pull/125450), [@mauri870](https://github.com/mauri870)) [SIG API Machinery]", "documentation": [ { "description": "[Related KEP]", @@ -4645,8 +5175,8 @@ }, "125459": { "commit": "2c1aa2bfec3af3907fce0f4afec975ee7f09efbc", - "text": "LogarithmicScaleDown is now GA", - "markdown": "LogarithmicScaleDown is now GA ([#125459](https://github.com/kubernetes/kubernetes/pull/125459), [@MinpengJin](https://github.com/MinpengJin)) [SIG Apps and Scheduling]", + "text": "LogarithmicScaleDown is now GA.", + "markdown": "LogarithmicScaleDown is now GA. ([#125459](https://github.com/kubernetes/kubernetes/pull/125459), [@MinpengJin](https://github.com/MinpengJin)) [SIG Apps and Scheduling]", "documentation": [ { "description": "[KEP]", @@ -4701,10 +5231,45 @@ "duplicate": true, "duplicate_kind": true }, + "125470": { + "commit": "fc3abdaf2dbb11c84033635b1d26f12fe12ef001", + "text": "Added Node.Status.Features.SupplementalGroupsPolicy field which is set to true when the feature is implemented in the CRI implementation (KEP-3619).", + "markdown": "Added Node.Status.Features.SupplementalGroupsPolicy field which is set to true when the feature is implemented in the CRI implementation (KEP-3619). ([#125470](https://github.com/kubernetes/kubernetes/pull/125470), [@everpeace](https://github.com/everpeace)) [SIG API Machinery, Apps, Node and Testing]", + "documentation": [ + { + "description": "[KEP]", + "url": "https://github.com/kubernetes/enhancements/tree/master/keps/sig-node/3619-supplemental-groups-policy", + "type": "KEP" + } + ], + "author": "everpeace", + "author_url": "https://github.com/everpeace", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/125470", + "pr_number": 125470, + "areas": [ + "test", + "kubelet", + "code-generation" + ], + "kinds": [ + "api-change", + "feature" + ], + "sigs": [ + "api-machinery", + "apps", + "node", + "testing" + ], + "feature": true, + "duplicate": true, + "duplicate_kind": true, + "is_mapped": true + }, "125475": { "commit": "cd19796316b9504d92ba4776502290fbd35dc681", - "text": "KEP-3857: promote RecursiveReadOnlyMounts feature to beta", - "markdown": "KEP-3857: promote RecursiveReadOnlyMounts feature to beta ([#125475](https://github.com/kubernetes/kubernetes/pull/125475), [@AkihiroSuda](https://github.com/AkihiroSuda)) [SIG Node]", + "text": "KEP-3857: promoted RecursiveReadOnlyMounts feature to beta.", + "markdown": "KEP-3857: promoted RecursiveReadOnlyMounts feature to beta. ([#125475](https://github.com/kubernetes/kubernetes/pull/125475), [@AkihiroSuda](https://github.com/AkihiroSuda)) [SIG Node]", "documentation": [ { "description": "[KEP]", @@ -4732,8 +5297,8 @@ }, "125480": { "commit": "63bc33181436cf90c626efe90d0dd9dfb97aabc2", - "text": "kubeadm: fixed a regression where the JoinConfiguration.discovery.timeout was no longer respected and the value was always hardcoded to \"5m\" (5 minutes).", - "markdown": "Kubeadm: fixed a regression where the JoinConfiguration.discovery.timeout was no longer respected and the value was always hardcoded to \"5m\" (5 minutes). ([#125480](https://github.com/kubernetes/kubernetes/pull/125480), [@neolit123](https://github.com/neolit123)) [SIG Cluster Lifecycle]", + "text": "kubeadm: Fixed a regression where the JoinConfiguration.discovery.timeout was no longer respected and the value was always hardcoded to \"5m\" (5 minutes).", + "markdown": "Kubeadm: Fixed a regression where the JoinConfiguration.discovery.timeout was no longer respected and the value was always hardcoded to \"5m\" (5 minutes). ([#125480](https://github.com/kubernetes/kubernetes/pull/125480), [@neolit123](https://github.com/neolit123)) [SIG Cluster Lifecycle]", "author": "neolit123", "author_url": "https://github.com/neolit123", "pr_url": "https://github.com/kubernetes/kubernetes/pull/125480", @@ -4751,6 +5316,52 @@ "duplicate_kind": true, "is_mapped": true }, + "125488": { + "commit": "d21b17264e5a554724aa3ad032536630bcfd5b3f", + "text": "DRA: Added new API and several new features.", + "markdown": "DRA: Added new API and several new features. ([#125488](https://github.com/kubernetes/kubernetes/pull/125488), [@pohly](https://github.com/pohly)) [SIG API Machinery, Apps, Auth, CLI, Cluster Lifecycle, Etcd, Node, Release, Scheduling, Storage and Testing]", + "documentation": [ + { + "description": "[KEP]", + "url": "https://github.com/kubernetes/enhancements/issues/4381", + "type": "KEP" + } + ], + "author": "pohly", + "author_url": "https://github.com/pohly", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/125488", + "pr_number": 125488, + "areas": [ + "test", + "kubelet", + "apiserver", + "kubectl", + "release-eng", + "code-generation", + "e2e-test-framework" + ], + "kinds": [ + "api-change", + "feature" + ], + "sigs": [ + "api-machinery", + "apps", + "auth", + "cli", + "cluster-lifecycle", + "etcd", + "node", + "release", + "scheduling", + "storage", + "testing" + ], + "feature": true, + "duplicate": true, + "duplicate_kind": true, + "is_mapped": true + }, "125510": { "commit": "0a3330d6c995a5d69cafa9e15b3ab2adf3e93b84", "text": "Delay setting terminal Job conditions until all pods are terminal.\n\nAdditionally, the FailureTarget condition is also added to the Job object in the first Job\nstatus update as soon as the failure conditions are met (backoffLimit is exceeded, maxFailedIndexes, \nor activeDeadlineSeconds is exceeded).\n\nSimilarly, the SuccessCriteriaMet condition is added in the first update as soon as the expected number\nof pod completions is reached.\n\nAlso, introduce the following validation rules for Job status when JobManagedBy is enabled:\n1. the count of ready pods is less or equal than active\n2. when transitioning to terminal phase for Job, the number of terminating pods is 0\n3. terminal Job conditions (Failed and Complete) should be preceded by adding the corresponding interim conditions: FailureTarget and SuccessCriteriaMet", @@ -4782,8 +5393,8 @@ }, "125527": { "commit": "8c508c5480844682eab8a4172526b6db3476fdc0", - "text": "Fix a bug that Pods could stuck in the unschedulable pod pool \nif they're rejected by PreEnqueue plugins that could change its result by a change in resources apart from Pods.\n\nDRA plugin is the only plugin that meets the criteria of the bug in in-tree, \nand hence if you have `DynamicResourceAllocation` feature flag enabled, \nyour DRA Pods could be affected by this bug.", - "markdown": "Fix a bug that Pods could stuck in the unschedulable pod pool \n if they're rejected by PreEnqueue plugins that could change its result by a change in resources apart from Pods.\n \n DRA plugin is the only plugin that meets the criteria of the bug in in-tree, \n and hence if you have `DynamicResourceAllocation` feature flag enabled, \n your DRA Pods could be affected by this bug. ([#125527](https://github.com/kubernetes/kubernetes/pull/125527), [@sanposhiho](https://github.com/sanposhiho)) [SIG Scheduling and Testing]", + "text": "Fixed a bug that Pods could stuck in the unschedulable pod pool \nif they're rejected by PreEnqueue plugins that could change its result by a change in resources apart from Pods.\n\nDRA plugin is the only plugin that meets the criteria of the bug in in-tree, \nand hence if you have `DynamicResourceAllocation` feature flag enabled, \nyour DRA Pods could be affected by this bug.", + "markdown": "Fixed a bug that Pods could stuck in the unschedulable pod pool \n if they're rejected by PreEnqueue plugins that could change its result by a change in resources apart from Pods.\n \n DRA plugin is the only plugin that meets the criteria of the bug in in-tree, \n and hence if you have `DynamicResourceAllocation` feature flag enabled, \n your DRA Pods could be affected by this bug. ([#125527](https://github.com/kubernetes/kubernetes/pull/125527), [@sanposhiho](https://github.com/sanposhiho)) [SIG Scheduling and Testing]", "author": "sanposhiho", "author_url": "https://github.com/sanposhiho", "pr_url": "https://github.com/kubernetes/kubernetes/pull/125527", @@ -4803,8 +5414,8 @@ }, "125528": { "commit": "ef9965ebc66dafda37800bb04f5e284535bbba10", - "text": "Feature gates for PortForward (kubectl port-forward) over WebSockets are now enabled by default (Beta).\n- Server-side feature gate: PortForwardWebsocket\n- Client-side (kubectl) feature gate: PORT_FORWARD_WEBSOCKETS environment variable\n- To turn off PortForward over WebSockets for kubectl, the environment variable feature gate must be explicitly set - PORT_FORWARD_WEBSOCKETS=false", - "markdown": "Feature gates for PortForward (kubectl port-forward) over WebSockets are now enabled by default (Beta).\n - Server-side feature gate: PortForwardWebsocket\n - Client-side (kubectl) feature gate: PORT_FORWARD_WEBSOCKETS environment variable\n - To turn off PortForward over WebSockets for kubectl, the environment variable feature gate must be explicitly set - PORT_FORWARD_WEBSOCKETS=false ([#125528](https://github.com/kubernetes/kubernetes/pull/125528), [@seans3](https://github.com/seans3)) [SIG API Machinery and CLI]", + "text": "Enabled feature gates for PortForward (kubectl port-forward) over WebSockets by default (beta).\n - Server-side feature gate: PortForwardWebsocket\n - Client-side (kubectl) feature gate: PORT_FORWARD_WEBSOCKETS environment variable\n - To turn off PortForward over WebSockets for kubectl, the environment variable feature gate must be explicitly set - PORT_FORWARD_WEBSOCKETS=false", + "markdown": "Enabled feature gates for PortForward (kubectl port-forward) over WebSockets by default (beta).\n - Server-side feature gate: PortForwardWebsocket\n - Client-side (kubectl) feature gate: PORT_FORWARD_WEBSOCKETS environment variable\n - To turn off PortForward over WebSockets for kubectl, the environment variable feature gate must be explicitly set - PORT_FORWARD_WEBSOCKETS=false ([#125528](https://github.com/kubernetes/kubernetes/pull/125528), [@seans3](https://github.com/seans3)) [SIG API Machinery and CLI]", "author": "seans3", "author_url": "https://github.com/seans3", "pr_url": "https://github.com/kubernetes/kubernetes/pull/125528", @@ -4825,8 +5436,8 @@ }, "125536": { "commit": "8b727956214818a3a5846bca060426a13a578348", - "text": "This change improves documentation clarity, making it more understandable for new users and contributors.", - "markdown": "This change improves documentation clarity, making it more understandable for new users and contributors. ([#125536](https://github.com/kubernetes/kubernetes/pull/125536), [@this-is-yaash](https://github.com/this-is-yaash)) [SIG Release]", + "text": "Improved the documentation clarity for building Kubernetes in Docker Environment, making it more understandable for new users and contributors.", + "markdown": "Improved the documentation clarity for building Kubernetes in Docker Environment, making it more understandable for new users and contributors. ([#125536](https://github.com/kubernetes/kubernetes/pull/125536), [@this-is-yaash](https://github.com/this-is-yaash))", "author": "this-is-yaash", "author_url": "https://github.com/this-is-yaash", "pr_url": "https://github.com/kubernetes/kubernetes/pull/125536", @@ -4860,8 +5471,8 @@ }, "125546": { "commit": "95e16917f78310c16c81437c523d66abf716aeba", - "text": "Now the .status.ready field is tracked faster when active Pods are deleted, specifically when Job is failed, gets suspended or has too many active pods", - "markdown": "Now the .status.ready field is tracked faster when active Pods are deleted, specifically when Job is failed, gets suspended or has too many active pods ([#125546](https://github.com/kubernetes/kubernetes/pull/125546), [@dejanzele](https://github.com/dejanzele)) [SIG Apps]", + "text": "Now the .status.ready field is tracked faster when active Pods are deleted, specifically when Job is failed, gets suspended or has too many active pods.", + "markdown": "Now the .status.ready field is tracked faster when active Pods are deleted, specifically when Job is failed, gets suspended or has too many active pods. ([#125546](https://github.com/kubernetes/kubernetes/pull/125546), [@dejanzele](https://github.com/dejanzele)) [SIG Apps]", "author": "dejanzele", "author_url": "https://github.com/dejanzele", "pr_url": "https://github.com/kubernetes/kubernetes/pull/125546", @@ -4891,7 +5502,8 @@ "apps" ], "duplicate": true, - "duplicate_kind": true + "duplicate_kind": true, + "is_mapped": true }, "125552": { "commit": "fc786fc6e8d37ad58e326093856e69d1aa8237cc", @@ -4924,8 +5536,8 @@ }, "125560": { "commit": "d236a9127fe36317bb35854d63b275d7efdb399e", - "text": "Add field management support to the fake client-go typed client.\nUse `fake.NewClientset()` instead of `fake.NewSimpleClientset()` to create a clientset with managed field support.", - "markdown": "Add field management support to the fake client-go typed client.\n Use `fake.NewClientset()` instead of `fake.NewSimpleClientset()` to create a clientset with managed field support. ([#125560](https://github.com/kubernetes/kubernetes/pull/125560), [@jpbetz](https://github.com/jpbetz)) [SIG API Machinery, Auth, Instrumentation and Testing]", + "text": "Added field management support to the fake client-go typed client.\nUse `fake.NewClientset()` instead of `fake.NewSimpleClientset()` to create a clientset with managed field support.", + "markdown": "Added field management support to the fake client-go typed client.\n Use `fake.NewClientset()` instead of `fake.NewSimpleClientset()` to create a clientset with managed field support. ([#125560](https://github.com/kubernetes/kubernetes/pull/125560), [@jpbetz](https://github.com/jpbetz)) [SIG API Machinery, Auth, Instrumentation and Testing]", "author": "jpbetz", "author_url": "https://github.com/jpbetz", "pr_url": "https://github.com/kubernetes/kubernetes/pull/125560", @@ -4949,8 +5561,8 @@ }, "125566": { "commit": "7b359a2f9e1ff5cdc49cfcc4e350e9d796f502c0", - "text": "kubeadm: Added `--yes` flag to the list of allowed flags so that it can be mixed with `kubeadm upgrade apply --config`", - "markdown": "Kubeadm: Added `--yes` flag to the list of allowed flags so that it can be mixed with `kubeadm upgrade apply --config` ([#125566](https://github.com/kubernetes/kubernetes/pull/125566), [@xmudrii](https://github.com/xmudrii)) [SIG Cluster Lifecycle]", + "text": "kubeadm: Added `--yes` flag to the list of allowed flags so that it can be mixed with `kubeadm upgrade apply --config`.", + "markdown": "Kubeadm: Added `--yes` flag to the list of allowed flags so that it can be mixed with `kubeadm upgrade apply --config`. ([#125566](https://github.com/kubernetes/kubernetes/pull/125566), [@xmudrii](https://github.com/xmudrii)) [SIG Cluster Lifecycle]", "author": "xmudrii", "author_url": "https://github.com/xmudrii", "pr_url": "https://github.com/kubernetes/kubernetes/pull/125566", @@ -4966,6 +5578,39 @@ ], "is_mapped": true }, + "125571": { + "commit": "64ba17c605a41700f7f4c4e27dca3684b593b2b9", + "text": "kube-apiserver: Added Alpha features to allow API server authz to check the context of requests:\n- The `AuthorizeWithSelectors` feature gate enables including field and label selector information from requests in webhook authorization calls.\n- The `AuthorizeNodeWithSelectors` feature gate changes node authorizer behavior to limit requests from node API clients, so that each Node can only get / list / watch its own Node API object, and can also only get / list / watch Pod API objects bound to that node. Clients using kubelet credentials to read other nodes or unrelated pods must change their authentication credentials (recommended), adjust their usage, or obtain broader read access independent of the node authorizer.", + "markdown": "Kube-apiserver: Added Alpha features to allow API server authz to check the context of requests:\n - The `AuthorizeWithSelectors` feature gate enables including field and label selector information from requests in webhook authorization calls.\n - The `AuthorizeNodeWithSelectors` feature gate changes node authorizer behavior to limit requests from node API clients, so that each Node can only get / list / watch its own Node API object, and can also only get / list / watch Pod API objects bound to that node. Clients using kubelet credentials to read other nodes or unrelated pods must change their authentication credentials (recommended), adjust their usage, or obtain broader read access independent of the node authorizer. ([#125571](https://github.com/kubernetes/kubernetes/pull/125571), [@liggitt](https://github.com/liggitt)) [SIG API Machinery, Auth, Node, Scheduling and Testing]", + "documentation": [ + { + "description": "[KEP]", + "url": "https://github.com/kubernetes/enhancements/issues/4601", + "type": "KEP" + } + ], + "author": "liggitt", + "author_url": "https://github.com/liggitt", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/125571", + "pr_number": 125571, + "areas": [ + "test", + "apiserver", + "code-generation" + ], + "kinds": [ + "api-change" + ], + "sigs": [ + "api-machinery", + "auth", + "node", + "scheduling", + "testing" + ], + "duplicate": true, + "is_mapped": true + }, "125578": { "commit": "59673f0f379dc06e52866777482659485b57f3b0", "text": "When schedulingQueueHint is enabled, the scheduling queue doesn't update Pods being scheduled immediately.", @@ -5011,8 +5656,8 @@ }, "125584": { "commit": "fd74ad8e6d61acd5ebf2f4dff68a55e2c1608b3f", - "text": "Fix recursive LIST from watch cache returning object matching key", - "markdown": "Fix recursive LIST from watch cache returning object matching key ([#125584](https://github.com/kubernetes/kubernetes/pull/125584), [@serathius](https://github.com/serathius)) [SIG API Machinery and Testing]", + "text": "Fixed recursive LIST from watch cache returning object matching key.", + "markdown": "Fixed recursive LIST from watch cache returning object matching key. ([#125584](https://github.com/kubernetes/kubernetes/pull/125584), [@serathius](https://github.com/serathius)) [SIG API Machinery and Testing]", "author": "serathius", "author_url": "https://github.com/serathius", "pr_url": "https://github.com/kubernetes/kubernetes/pull/125584", @@ -5033,8 +5678,8 @@ }, "125591": { "commit": "d729af9446bf6621d3e916f44cbbc939fa0f9c6d", - "text": "Graduates the `WatchList` feature gate to Beta for kube-apiserver and enables `WatchListClient` for KCM.", - "markdown": "Graduates the `WatchList` feature gate to Beta for kube-apiserver and enables `WatchListClient` for KCM. ([#125591](https://github.com/kubernetes/kubernetes/pull/125591), [@p0lyn0mial](https://github.com/p0lyn0mial)) [SIG API Machinery and Testing]", + "text": "Graduated the `WatchList` feature gate to beta for kube-apiserver and enabled `WatchListClient` for kube-controller-manager (KCM).", + "markdown": "Graduated the `WatchList` feature gate to beta for kube-apiserver and enabled `WatchListClient` for kube-controller-manager (KCM). ([#125591](https://github.com/kubernetes/kubernetes/pull/125591), [@p0lyn0mial](https://github.com/p0lyn0mial)) [SIG API Machinery and Testing]", "author": "p0lyn0mial", "author_url": "https://github.com/p0lyn0mial", "pr_url": "https://github.com/kubernetes/kubernetes/pull/125591", @@ -5056,8 +5701,8 @@ }, "125641": { "commit": "437f6e92ece183f30fe88195d3c262b918b103ac", - "text": "$ kubectl ns -h\nView or set the current namespace\n\nUsage:\n kubectl ns [new-namespace] [flags]\n\nExamples:\n\n\t# view the current namespace in your KUBECONFIG\n\tkubectl ns\n\n\t# view all of the namespaces in use by contexts in your KUBECONFIG\n\tkubectl ns --list\n\n\t# switch your current-context to one that contains the desired namespace\n\tkubectl ns foo\n\nFlags:\n ...\n -h, --help help for kubectl ns", - "markdown": "$ kubectl ns -h\n View or set the current namespace\n \n Usage:\n kubectl ns [new-namespace] [flags]\n \n Examples:\n \n \t# view the current namespace in your KUBECONFIG\n \tkubectl ns\n \n \t# view all of the namespaces in use by contexts in your KUBECONFIG\n \tkubectl ns --list\n \n \t# switch your current-context to one that contains the desired namespace\n \tkubectl ns foo\n \n Flags:\n ...\n -h, --help help for kubectl ns ([#125641](https://github.com/kubernetes/kubernetes/pull/125641), [@nirs](https://github.com/nirs)) [SIG CLI]", + "text": "Fixed sample-cli-plugin help text to be consistent and always use `kubectl ns`.", + "markdown": "Fixed sample-cli-plugin help text to be consistent and always use `kubectl ns`. ([#125641](https://github.com/kubernetes/kubernetes/pull/125641), [@nirs](https://github.com/nirs)) [SIG CLI]", "author": "nirs", "author_url": "https://github.com/nirs", "pr_url": "https://github.com/kubernetes/kubernetes/pull/125641", @@ -5097,8 +5742,8 @@ }, "125650": { "commit": "2b122bc5faf51f939fdf0893f768097833941ef9", - "text": "Add Extra.DisableAvailableConditionController for Generic Control Plane setup in kube-aggregator", - "markdown": "Add Extra.DisableAvailableConditionController for Generic Control Plane setup in kube-aggregator ([#125650](https://github.com/kubernetes/kubernetes/pull/125650), [@mjudeikis](https://github.com/mjudeikis)) [SIG API Machinery]", + "text": "Added Extra.DisableAvailableConditionController for Generic Control Plane setup.", + "markdown": "Added Extra.DisableAvailableConditionController for Generic Control Plane setup. ([#125650](https://github.com/kubernetes/kubernetes/pull/125650), [@mjudeikis](https://github.com/mjudeikis)) [SIG API Machinery]", "author": "mjudeikis", "author_url": "https://github.com/mjudeikis", "pr_url": "https://github.com/kubernetes/kubernetes/pull/125650", @@ -5112,16 +5757,36 @@ "feature": true, "is_mapped": true }, - "125659": { - "commit": "d95de06fa7dedf9230d013f27a0413a08b127354", - "text": "Added OCI VolumeSource Container Runtime Interface API fields and types.", - "markdown": "Added OCI VolumeSource Container Runtime Interface API fields and types. ([#125659](https://github.com/kubernetes/kubernetes/pull/125659), [@saschagrunert](https://github.com/saschagrunert)) [SIG Node]", - "documentation": [ - { - "description": "KEP", - "url": "https://github.com/kubernetes/enhancements/issues/4639", - "type": "KEP" - } + "125656": { + "commit": "27fa59a8afe9c1709bce53edc5f51e1f082435a2", + "text": "kubelet/stats: set INFO log level for stats not found in cadvisor memory cache error.", + "markdown": "Kubelet/stats: set INFO log level for stats not found in cadvisor memory cache error. ([#125656](https://github.com/kubernetes/kubernetes/pull/125656), [@gyuho](https://github.com/gyuho))", + "author": "gyuho", + "author_url": "https://github.com/gyuho", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/125656", + "pr_number": 125656, + "areas": [ + "kubelet" + ], + "kinds": [ + "feature" + ], + "sigs": [ + "node" + ], + "feature": true, + "is_mapped": true + }, + "125659": { + "commit": "d95de06fa7dedf9230d013f27a0413a08b127354", + "text": "Added OCI VolumeSource Container Runtime Interface API fields and types.", + "markdown": "Added OCI VolumeSource Container Runtime Interface API fields and types. ([#125659](https://github.com/kubernetes/kubernetes/pull/125659), [@saschagrunert](https://github.com/saschagrunert)) [SIG Node]", + "documentation": [ + { + "description": "KEP", + "url": "https://github.com/kubernetes/enhancements/issues/4639", + "type": "KEP" + } ], "author": "saschagrunert", "author_url": "https://github.com/saschagrunert", @@ -5138,6 +5803,55 @@ ], "feature": true }, + "125660": { + "commit": "595927da21da34f5fed62e237e7a73d9635ac621", + "text": "Revised the Pod API with Alpha support for volumes derived from OCI artifacts. This feature is behind the `ImageVolume` feature gate.", + "markdown": "Revised the Pod API with Alpha support for volumes derived from OCI artifacts. This feature is behind the `ImageVolume` feature gate. ([#125660](https://github.com/kubernetes/kubernetes/pull/125660), [@saschagrunert](https://github.com/saschagrunert)) [SIG API Machinery, Apps and Node]", + "documentation": [ + { + "description": "KEP", + "url": "https://github.com/kubernetes/enhancements/issues/4639", + "type": "KEP" + } + ], + "author": "saschagrunert", + "author_url": "https://github.com/saschagrunert", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/125660", + "pr_number": 125660, + "areas": [ + "kubelet", + "code-generation" + ], + "kinds": [ + "api-change", + "feature" + ], + "sigs": [ + "api-machinery", + "apps", + "node" + ], + "feature": true, + "duplicate": true, + "duplicate_kind": true, + "is_mapped": true + }, + "125661": { + "commit": "bb350f711174670443e23aa3616606870a471bd7", + "text": "Cleaned deprecated context.StopCh in favor of ctx.", + "markdown": "Cleaned deprecated context.StopCh in favor of ctx. ([#125661](https://github.com/kubernetes/kubernetes/pull/125661), [@mjudeikis](https://github.com/mjudeikis))", + "author": "mjudeikis", + "author_url": "https://github.com/mjudeikis", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/125661", + "pr_number": 125661, + "kinds": [ + "cleanup" + ], + "sigs": [ + "api-machinery" + ], + "is_mapped": true + }, "125675": { "commit": "11c689b94587792185de1758fe3bd507c6b5dc29", "text": "Fix endpoints status out-of-sync when the pod state changes rapidly", @@ -5161,8 +5875,8 @@ }, "125751": { "commit": "cdcaea687c6367d77be37b6244e29d5903845ca2", - "text": "ElasticIndexedJob is graduated to GA", - "markdown": "ElasticIndexedJob is graduated to GA ([#125751](https://github.com/kubernetes/kubernetes/pull/125751), [@ahg-g](https://github.com/ahg-g)) [SIG Apps and Testing]", + "text": "`ElasticIndexedJob` is graduated to GA.", + "markdown": "`ElasticIndexedJob` is graduated to GA. ([#125751](https://github.com/kubernetes/kubernetes/pull/125751), [@ahg-g](https://github.com/ahg-g)) [SIG Apps and Testing]", "documentation": [ { "description": "[KEP]", @@ -5190,8 +5904,8 @@ }, "125758": { "commit": "41f21823f5c41528cbbe7cd39827afe25fa28c1e", - "text": "kubeadm: improve the warning/error messages of `validateSupportedVersion` to include the checked resource kind name.", - "markdown": "Kubeadm: improve the warning/error messages of `validateSupportedVersion` to include the checked resource kind name. ([#125758](https://github.com/kubernetes/kubernetes/pull/125758), [@SataQiu](https://github.com/SataQiu)) [SIG Cluster Lifecycle]", + "text": "kubeadm: improved the warning/error messages of `validateSupportedVersion` to include the checked resource kind name.", + "markdown": "Kubeadm: improved the warning/error messages of `validateSupportedVersion` to include the checked resource kind name. ([#125758](https://github.com/kubernetes/kubernetes/pull/125758), [@SataQiu](https://github.com/SataQiu)) [SIG Cluster Lifecycle]", "author": "SataQiu", "author_url": "https://github.com/SataQiu", "pr_url": "https://github.com/kubernetes/kubernetes/pull/125758", @@ -5227,8 +5941,8 @@ }, "125776": { "commit": "19d9e4fa7f990fc96b736e8a4fec923c235e7b9b", - "text": "kubelet now hard rejects pods with AppArmor if the node does not have AppArmor enabled.", - "markdown": "Kubelet now hard rejects pods with AppArmor if the node does not have AppArmor enabled. ([#125776](https://github.com/kubernetes/kubernetes/pull/125776), [@vinayakankugoyal](https://github.com/vinayakankugoyal)) [SIG Node]", + "text": "kubelet now hard rejects pods with AppArmor if the node does not have AppArmor.", + "markdown": "Kubelet now hard rejects pods with AppArmor if the node does not have AppArmor. ([#125776](https://github.com/kubernetes/kubernetes/pull/125776), [@vinayakankugoyal](https://github.com/vinayakankugoyal)) [SIG Node]", "author": "vinayakankugoyal", "author_url": "https://github.com/vinayakankugoyal", "pr_url": "https://github.com/kubernetes/kubernetes/pull/125776", @@ -5244,10 +5958,39 @@ ], "is_mapped": true }, + "125778": { + "commit": "0344f29e839cbd49cf743af27719ad7f72608891", + "text": "```\n\n#### Additional documentation e.g., KEPs (Kubernetes Enhancement Proposals), usage docs, etc.:\n\n\u003c!--\nThis section can be blank if this pull request does not require a release note.\n\nWhen adding links which point to resources within git repositories, like\nKEPs or supporting documentation, please reference a specific commit and avoid\nlinking directly to the master branch. This ensures that links reference a\nspecific point in time, rather than a document that may change over time.\n\nSee here for guidance on getting permanent links to files: https://help.github.com/en/articles/getting-permanent-links-to-files\n\nPlease use the following format for linking documentation:\n- [KEP]: \u003clink\u003e\n- [Usage]: \u003clink\u003e\n- [Other doc]: \u003clink\u003e\n--\u003e", + "markdown": "```\n \n #### Additional documentation e.g., KEPs (Kubernetes Enhancement Proposals), usage docs, etc.:\n \n \u003c!--\n This section can be blank if this pull request does not require a release note.\n \n When adding links which point to resources within git repositories, like\n KEPs or supporting documentation, please reference a specific commit and avoid\n linking directly to the master branch. This ensures that links reference a\n specific point in time, rather than a document that may change over time.\n \n See here for guidance on getting permanent links to files: https://help.github.com/en/articles/getting-permanent-links-to-files\n \n Please use the following format for linking documentation:\n - [KEP]: \u003clink\u003e\n - [Usage]: \u003clink\u003e\n - [Other doc]: \u003clink\u003e\n --\u003e ([#125778](https://github.com/kubernetes/kubernetes/pull/125778), [@haitch](https://github.com/haitch)) [SIG API Machinery and Scheduling]", + "documentation": [ + { + "description": "[KEP]", + "url": "https://github.com/kubernetes/enhancements/issues/4330", + "type": "KEP" + } + ], + "author": "haitch", + "author_url": "https://github.com/haitch", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/125778", + "pr_number": 125778, + "areas": [ + "apiserver" + ], + "kinds": [ + "feature" + ], + "sigs": [ + "api-machinery", + "scheduling" + ], + "feature": true, + "duplicate": true, + "do_not_publish": true + }, "125779": { "commit": "5e331569e4cd461baf19b9f2cc493af1f7f7a73f", - "text": "kubeadm: fix a bug where the path of the manifest can not be specified when `kubeadm upgrade diff` specified a config file, and the `--api-server-manifest`, `--controller-manager-manifest` and `--scheduler-manifest` flags of `kubeadm upgrade diff` are marked as deprecated and will be removed in a future release.", - "markdown": "Kubeadm: fix a bug where the path of the manifest can not be specified when `kubeadm upgrade diff` specified a config file, and the `--api-server-manifest`, `--controller-manager-manifest` and `--scheduler-manifest` flags of `kubeadm upgrade diff` are marked as deprecated and will be removed in a future release. ([#125779](https://github.com/kubernetes/kubernetes/pull/125779), [@SataQiu](https://github.com/SataQiu)) [SIG Cluster Lifecycle]", + "text": "kubeadm: fixed a bug where the path of the manifest can not be specified when `kubeadm upgrade diff` specified a config file, and the `--api-server-manifest`, `--controller-manager-manifest` and `--scheduler-manifest` flags of `kubeadm upgrade diff` are marked as deprecated and will be removed in a future release.", + "markdown": "Kubeadm: fixed a bug where the path of the manifest can not be specified when `kubeadm upgrade diff` specified a config file, and the `--api-server-manifest`, `--controller-manager-manifest` and `--scheduler-manifest` flags of `kubeadm upgrade diff` are marked as deprecated and will be removed in a future release. ([#125779](https://github.com/kubernetes/kubernetes/pull/125779), [@SataQiu](https://github.com/SataQiu)) [SIG Cluster Lifecycle]", "author": "SataQiu", "author_url": "https://github.com/SataQiu", "pr_url": "https://github.com/kubernetes/kubernetes/pull/125779", @@ -5263,6 +6006,29 @@ ], "is_mapped": true }, + "125782": { + "commit": "25935965c5774fadf3b9a06b811422503053c3dd", + "text": "Fixed the documentation for the default value of the procMount entry in the pod securityContext.\nThe documentation was previously using the name of the internal variable 'DefaultProcMount' rather than the actual value 'Default'.", + "markdown": "Fixed the documentation for the default value of the procMount entry in the pod securityContext.\n The documentation was previously using the name of the internal variable 'DefaultProcMount' rather than the actual value 'Default'. ([#125782](https://github.com/kubernetes/kubernetes/pull/125782), [@aborrero](https://github.com/aborrero)) [SIG Apps and Node]", + "author": "aborrero", + "author_url": "https://github.com/aborrero", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/125782", + "pr_number": 125782, + "areas": [ + "code-generation" + ], + "kinds": [ + "documentation", + "api-change" + ], + "sigs": [ + "apps", + "node" + ], + "duplicate": true, + "duplicate_kind": true, + "is_mapped": true + }, "125787": { "commit": "a9c156baefbd201f1ae6bfc8158e536dec7f99eb", "text": "kube-apiserver: the `--enable-logs-handler` flag and log-serving functionality which was already deprecated is now switched off by default and scheduled to be removed in v1.33.", @@ -5306,6 +6072,32 @@ "duplicate_kind": true, "is_mapped": true }, + "125813": { + "commit": "fa7fcde5a4b1be2162b85191dcdfa646facaf95c", + "text": "Enforced kubelet to request serving certificates only once it has at least one IP address in the `.status.addresses` of its associated Node object. This avoids requesting DNS-only serving certificates before externally set addresses are in place. Until 1.33, the previous behavior can be opted back into by setting the deprecated AllowDNSOnlyNodeCSR feature gate to true in the kubelet.", + "markdown": "Enforced kubelet to request serving certificates only once it has at least one IP address in the `.status.addresses` of its associated Node object. This avoids requesting DNS-only serving certificates before externally set addresses are in place. Until 1.33, the previous behavior can be opted back into by setting the deprecated AllowDNSOnlyNodeCSR feature gate to true in the kubelet. ([#125813](https://github.com/kubernetes/kubernetes/pull/125813), [@aojea](https://github.com/aojea)) [SIG Auth, Cloud Provider and Node]", + "author": "aojea", + "author_url": "https://github.com/aojea", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/125813", + "pr_number": 125813, + "areas": [ + "kubelet", + "cloudprovider" + ], + "kinds": [ + "bug", + "feature" + ], + "sigs": [ + "auth", + "cloud-provider", + "node" + ], + "feature": true, + "duplicate": true, + "duplicate_kind": true, + "is_mapped": true + }, "125828": { "commit": "e785ef8d21a01f6a344096f3dbac3b0cc65101e5", "text": "Bump the KubeletCgroupDriverFromCRI feature gate to beta and true by default. The kubelet will continue to use its KubeletConfiguration field as a fallback if the CRI implementation doesn't support this feature.", @@ -5378,8 +6170,7 @@ ], "sigs": [ "cli" - ], - "is_mapped": true + ] }, "125846": { "commit": "30ffa521e69197610dfcd8e0c0b1d1db73ccf071", @@ -5423,8 +6214,7 @@ ], "duplicate": true, "duplicate_kind": true, - "do_not_publish": true, - "is_mapped": true + "do_not_publish": true }, "125867": { "commit": "48eef1fc4ff789e76cf4132ae599227292037642", @@ -5445,8 +6235,7 @@ "testing" ], "duplicate": true, - "do_not_publish": true, - "is_mapped": true + "do_not_publish": true }, "125868": { "commit": "37f733a657ef71d66177d00f9b7d47ec507dedd3", @@ -5468,13 +6257,12 @@ "testing" ], "feature": true, - "duplicate": true, - "is_mapped": true + "duplicate": true }, "125894": { "commit": "6698fb7d2436df14b8c881f04b15d111878e592b", - "text": "Kubernetes is now built with go 1.22.5", - "markdown": "Kubernetes is now built with go 1.22.5 ([#125894](https://github.com/kubernetes/kubernetes/pull/125894), [@cpanato](https://github.com/cpanato)) [SIG Release and Testing]", + "text": "Kubernetes is now built with go 1.22.5.", + "markdown": "Kubernetes is now built with go 1.22.5. ([#125894](https://github.com/kubernetes/kubernetes/pull/125894), [@cpanato](https://github.com/cpanato)) [SIG Release and Testing]", "author": "cpanato", "author_url": "https://github.com/cpanato", "pr_url": "https://github.com/kubernetes/kubernetes/pull/125894", @@ -5494,6 +6282,68 @@ "duplicate": true, "is_mapped": true }, + "125929": { + "commit": "01eb9f47541156a38e4b28759977c06f07f08012", + "text": "Implemented `event_handling_duration_seconds` metric, which is the time the scheduler takes to handle each kind of events.", + "markdown": "Implemented `event_handling_duration_seconds` metric, which is the time the scheduler takes to handle each kind of events. ([#125929](https://github.com/kubernetes/kubernetes/pull/125929), [@sanposhiho](https://github.com/sanposhiho))", + "author": "sanposhiho", + "author_url": "https://github.com/sanposhiho", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/125929", + "pr_number": 125929, + "kinds": [ + "feature" + ], + "sigs": [ + "scheduling" + ], + "feature": true, + "is_mapped": true + }, + "125935": { + "commit": "fa4b8f32ac8503b2d736d29a9cf52cbe316b552b", + "text": "Fixed a bug that init containers with `Always` restartPolicy may not terminate gracefully if the pod hasn't initialized yet.", + "markdown": "Fixed a bug that init containers with `Always` restartPolicy may not terminate gracefully if the pod hasn't initialized yet. ([#125935](https://github.com/kubernetes/kubernetes/pull/125935), [@gjkim42](https://github.com/gjkim42)) [SIG Node and Testing]", + "author": "gjkim42", + "author_url": "https://github.com/gjkim42", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/125935", + "pr_number": 125935, + "areas": [ + "test", + "kubelet" + ], + "kinds": [ + "bug" + ], + "sigs": [ + "node", + "testing" + ], + "duplicate": true + }, + "125941": { + "commit": "ebdca538058d2265cb8dc528d0145faea0a6a7cf", + "text": "$ k logs wardle-server-65dbc6f5d-9pwv4 -n wardle\nDefaulted container \"wardle-server\" out of: wardle-server, etcd\nI0707 11:16:37.994750 1 registry.go:379] setting wardle:feature gate emulation version to 1.2\nI0707 11:16:37.997302 1 registry.go:379] setting kube:feature gate emulation version to 1.32\nI0707 11:16:37.997370 1 feature_gate.go:522] set feature gate emulationVersion to 1.32\nI0707 11:16:37.998443 1 plugins.go:83] \"Registered admission plugin\" plugin=\"BanFlunder\"\nE0707 11:16:38.001481 1 run.go:72] \"command failed\" err=\"emulation version 1.32 is not between [1.30, 1.31.0]\"", + "markdown": "$ k logs wardle-server-65dbc6f5d-9pwv4 -n wardle\n Defaulted container \"wardle-server\" out of: wardle-server, etcd\n I0707 11:16:37.994750 1 registry.go:379] setting wardle:feature gate emulation version to 1.2\n I0707 11:16:37.997302 1 registry.go:379] setting kube:feature gate emulation version to 1.32\n I0707 11:16:37.997370 1 feature_gate.go:522] set feature gate emulationVersion to 1.32\n I0707 11:16:37.998443 1 plugins.go:83] \"Registered admission plugin\" plugin=\"BanFlunder\"\n E0707 11:16:38.001481 1 run.go:72] \"command failed\" err=\"emulation version 1.32 is not between [1.30, 1.31.0]\" ([#125941](https://github.com/kubernetes/kubernetes/pull/125941), [@fxierh](https://github.com/fxierh)) [SIG API Machinery, Cluster Lifecycle and Testing]", + "author": "fxierh", + "author_url": "https://github.com/fxierh", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/125941", + "pr_number": 125941, + "areas": [ + "test" + ], + "kinds": [ + "bug", + "api-change" + ], + "sigs": [ + "api-machinery", + "cluster-lifecycle", + "testing" + ], + "duplicate": true, + "duplicate_kind": true, + "do_not_publish": true + }, "125961": { "commit": "ae1caa40a29c5476efe51e8ce2ce33812e1ce8ce", "text": "```\n\n#### Additional documentation e.g., KEPs (Kubernetes Enhancement Proposals), usage docs, etc.:\n\n\u003c!--\nThis section can be blank if this pull request does not require a release note.\n\nWhen adding links which point to resources within git repositories, like\nKEPs or supporting documentation, please reference a specific commit and avoid\nlinking directly to the master branch. This ensures that links reference a\nspecific point in time, rather than a document that may change over time.\n\nSee here for guidance on getting permanent links to files: https://help.github.com/en/articles/getting-permanent-links-to-files\n\nPlease use the following format for linking documentation:\n- [KEP]: \u003clink\u003e\n- [Usage]: \u003clink\u003e\n- [Other doc]: \u003clink\u003e\n--\u003e", @@ -5513,13 +6363,12 @@ "scheduling" ], "duplicate_kind": true, - "do_not_publish": true, - "is_mapped": true + "do_not_publish": true }, "125970": { "commit": "bb089b93746f364bdd8550f11868f460a43e3b81", - "text": "Add `/sys/devices/virtual/powercap` to default masked paths. It avoids the potential security risk that the ability to read these files may offer a power-based sidechannel attack against any workloads running on the same kernel.", - "markdown": "Add `/sys/devices/virtual/powercap` to default masked paths. It avoids the potential security risk that the ability to read these files may offer a power-based sidechannel attack against any workloads running on the same kernel. ([#125970](https://github.com/kubernetes/kubernetes/pull/125970), [@carlory](https://github.com/carlory)) [SIG Node]", + "text": "Added `/sys/devices/virtual/powercap` to default masked paths. It avoids the potential security risk that the ability to read these files may offer a power-based sidechannel attack against any workloads running on the same kernel.", + "markdown": "Added `/sys/devices/virtual/powercap` to default masked paths. It avoids the potential security risk that the ability to read these files may offer a power-based sidechannel attack against any workloads running on the same kernel. ([#125970](https://github.com/kubernetes/kubernetes/pull/125970), [@carlory](https://github.com/carlory)) [SIG Node]", "author": "carlory", "author_url": "https://github.com/carlory", "pr_url": "https://github.com/kubernetes/kubernetes/pull/125970", @@ -5537,8 +6386,8 @@ }, "126012": { "commit": "60862c98a4c0bcbc351b076714108d364883b5f7", - "text": "Stop using wmic on Windows to get uuid in the kubelet", - "markdown": "Stop using wmic on Windows to get uuid in the kubelet ([#126012](https://github.com/kubernetes/kubernetes/pull/126012), [@marosset](https://github.com/marosset)) [SIG Node and Windows]", + "text": "Stopped using wmic on Windows to get uuid in the kubelet.", + "markdown": "Stopped using wmic on Windows to get uuid in the kubelet. ([#126012](https://github.com/kubernetes/kubernetes/pull/126012), [@marosset](https://github.com/marosset)) [SIG Node and Windows]", "author": "marosset", "author_url": "https://github.com/marosset", "pr_url": "https://github.com/kubernetes/kubernetes/pull/126012", @@ -5556,6 +6405,71 @@ "duplicate": true, "is_mapped": true }, + "126014": { + "commit": "a4f9910c51ffd574736b548ac1c5771afcf928ae", + "text": "Promoted LocalStorageCapacityIsolation to Beta and enable if user namespace is enabled for the pod.", + "markdown": "Promoted LocalStorageCapacityIsolation to Beta and enable if user namespace is enabled for the pod. ([#126014](https://github.com/kubernetes/kubernetes/pull/126014), [@PannagaRao](https://github.com/PannagaRao)) [SIG Apps, Autoscaling, Node, Storage and Testing]", + "documentation": [ + { + "description": "[KEP]", + "url": "https://github.com/kubernetes/enhancements/tree/master/keps/sig-node/1029-ephemeral-storage-quotas", + "type": "KEP" + } + ], + "author": "PannagaRao", + "author_url": "https://github.com/PannagaRao", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/126014", + "pr_number": 126014, + "areas": [ + "test", + "kubelet", + "code-generation" + ], + "kinds": [ + "api-change" + ], + "sigs": [ + "apps", + "autoscaling", + "node", + "storage", + "testing" + ], + "duplicate": true, + "is_mapped": true + }, + "126031": { + "commit": "fbdfb9d8d90ac4d0a54f87c4944085d6727e25f4", + "text": "Introduced a new boolean kubelet flag `--fail-cgroupv1`.", + "markdown": "Introduced a new boolean kubelet flag `--fail-cgroupv1`. ([#126031](https://github.com/kubernetes/kubernetes/pull/126031), [@harche](https://github.com/harche)) [SIG API Machinery and Node]", + "documentation": [ + { + "description": "[KEP]", + "url": "https://github.com/kubernetes/enhancements/blob/7c97898249d1ec040610aead30d41bab18c3f9e4/keps/sig-node/4569-cgroup-v1-maintenance-mode/README.md#introduce-a-kubelet-flag-to-disable-cgroup-v1-support", + "type": "KEP" + } + ], + "author": "harche", + "author_url": "https://github.com/harche", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/126031", + "pr_number": 126031, + "areas": [ + "kubelet", + "code-generation" + ], + "kinds": [ + "api-change", + "feature" + ], + "sigs": [ + "api-machinery", + "node" + ], + "feature": true, + "duplicate": true, + "duplicate_kind": true, + "is_mapped": true + }, "126034": { "commit": "f36a821de828372a5f99528d21f309f75e17d043", "text": "Add UserNamespaces field to NodeRuntimeHandlerFeatures", @@ -5586,13 +6500,12 @@ ], "feature": true, "duplicate": true, - "duplicate_kind": true, - "is_mapped": true + "duplicate_kind": true }, "126046": { "commit": "d11e86027dcd1ed1b8a917cedec9cd084d6cc3e0", - "text": "Use omitempty for optional Job Pod Failure Policy fields", - "markdown": "Use omitempty for optional Job Pod Failure Policy fields ([#126046](https://github.com/kubernetes/kubernetes/pull/126046), [@mimowo](https://github.com/mimowo)) [SIG Apps]", + "text": "Use omitempty for optional Job Pod Failure Policy fields.", + "markdown": "Use omitempty for optional Job Pod Failure Policy fields. ([#126046](https://github.com/kubernetes/kubernetes/pull/126046), [@mimowo](https://github.com/mimowo)) [SIG Apps]", "documentation": [ { "url": "https://github.com/kubernetes/enhancements/tree/master/keps/sig-apps/3329-retriable-and-non-retriable-failures", @@ -5613,10 +6526,33 @@ "duplicate_kind": true, "is_mapped": true }, + "126047": { + "commit": "67c7e770441ab2ac2c7af28cb719d87aacad9f0d", + "text": "Built kubernetes with `Go 1.23rc2`.", + "markdown": "Built kubernetes with `Go 1.23rc2`. ([#126047](https://github.com/kubernetes/kubernetes/pull/126047), [@cpanato](https://github.com/cpanato)) [SIG Release and Testing]", + "author": "cpanato", + "author_url": "https://github.com/cpanato", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/126047", + "pr_number": 126047, + "areas": [ + "test", + "release-eng" + ], + "kinds": [ + "feature" + ], + "sigs": [ + "release", + "testing" + ], + "feature": true, + "duplicate": true, + "is_mapped": true + }, "126057": { "commit": "a87612b6676723b34a5b3d2d80ab4e04552221ae", - "text": "Fixes a 1.30.0 regression in openapi descriptions of PodIP.IP and HostIP.IP fields to mark the fields used as keys in those lists as required.", - "markdown": "Fixes a 1.30.0 regression in openapi descriptions of PodIP.IP and HostIP.IP fields to mark the fields used as keys in those lists as required. ([#126057](https://github.com/kubernetes/kubernetes/pull/126057), [@thockin](https://github.com/thockin)) [SIG API Machinery]", + "text": "Fixed a 1.30.0 regression in openapi descriptions of `PodIP.IP` and `HostIP.IP` fields to mark the fields used as keys in those lists as required.", + "markdown": "Fixed a 1.30.0 regression in openapi descriptions of `PodIP.IP` and `HostIP.IP` fields to mark the fields used as keys in those lists as required. ([#126057](https://github.com/kubernetes/kubernetes/pull/126057), [@thockin](https://github.com/thockin)) [SIG API Machinery]", "author": "thockin", "author_url": "https://github.com/thockin", "pr_url": "https://github.com/kubernetes/kubernetes/pull/126057", @@ -5633,5 +6569,694 @@ ], "duplicate_kind": true, "is_mapped": true + }, + "126067": { + "commit": "1854839ff08eba7434ebfa98ab84de2d3a62d4ce", + "text": "Graduated the Job SuccessPolicy to Beta.\n\nThe new reason label, \"SuccessPolicy\" and \"CompletionsReached\" are added to the \"jobs_finished_total\" metric.\nAdditionally, If we enable the \"JobSuccessPolicy\" feature gate, the Job gets \"CompletionsReached\" reason for the \"SuccessCriteriaMet\" and \"Complete\" condition type\nwhen the number of succeeded Job Pods (\".status.succeeded\") reached the desired completions (\".spec.completions\").", + "markdown": "Graduated the Job SuccessPolicy to Beta.\n \n The new reason label, \"SuccessPolicy\" and \"CompletionsReached\" are added to the \"jobs_finished_total\" metric.\n Additionally, If we enable the \"JobSuccessPolicy\" feature gate, the Job gets \"CompletionsReached\" reason for the \"SuccessCriteriaMet\" and \"Complete\" condition type\n when the number of succeeded Job Pods (\".status.succeeded\") reached the desired completions (\".spec.completions\"). ([#126067](https://github.com/kubernetes/kubernetes/pull/126067), [@tenzen-y](https://github.com/tenzen-y)) [SIG API Machinery, Apps and Testing]", + "documentation": [ + { + "url": "https://github.com/kubernetes/enhancements/tree/master/keps/sig-apps/3998-job-success-completion-policy", + "type": "KEP" + } + ], + "author": "tenzen-y", + "author_url": "https://github.com/tenzen-y", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/126067", + "pr_number": 126067, + "areas": [ + "test", + "code-generation", + "e2e-test-framework" + ], + "kinds": [ + "api-change", + "feature" + ], + "sigs": [ + "api-machinery", + "apps", + "testing" + ], + "feature": true, + "duplicate": true, + "duplicate_kind": true, + "is_mapped": true + }, + "126072": { + "commit": "8aff9d31929deed906856fbfaae5744c1b9ba868", + "text": "Made kube-proxy Windows service control manager integration(--windows-service) configurable in v1alpha1 component configuration via `WindowsRunAsService` field.", + "markdown": "Made kube-proxy Windows service control manager integration(--windows-service) configurable in v1alpha1 component configuration via `WindowsRunAsService` field. ([#126072](https://github.com/kubernetes/kubernetes/pull/126072), [@aroradaman](https://github.com/aroradaman)) [SIG Network and Scalability]", + "author": "aroradaman", + "author_url": "https://github.com/aroradaman", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/126072", + "pr_number": 126072, + "areas": [ + "kube-proxy", + "code-generation" + ], + "kinds": [ + "api-change", + "feature" + ], + "sigs": [ + "network", + "scalability" + ], + "feature": true, + "duplicate": true, + "duplicate_kind": true, + "is_mapped": true + }, + "126073": { + "commit": "d0545c8eb4ca5e8bb7704b5f51197b5082964e85", + "text": "Fixed fake clientset ApplyScale subresource from 'status' to 'scale'.", + "markdown": "Fixed fake clientset ApplyScale subresource from 'status' to 'scale'. ([#126073](https://github.com/kubernetes/kubernetes/pull/126073), [@a7i](https://github.com/a7i))", + "author": "a7i", + "author_url": "https://github.com/a7i", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/126073", + "pr_number": 126073, + "areas": [ + "code-generation" + ], + "kinds": [ + "bug" + ], + "sigs": [ + "api-machinery" + ], + "is_mapped": true + }, + "126107": { + "commit": "892acaa6a7e8d6d0b919e4929d362909eefcaaf3", + "text": "Fixed a bug in storage-version-migrator-controller that would cause migration attempts to fail if resources were deleted when the migration was in progress.", + "markdown": "Fixed a bug in storage-version-migrator-controller that would cause migration attempts to fail if resources were deleted when the migration was in progress. ([#126107](https://github.com/kubernetes/kubernetes/pull/126107), [@enj](https://github.com/enj)) [SIG API Machinery, Apps, Auth and Testing]", + "author": "enj", + "author_url": "https://github.com/enj", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/126107", + "pr_number": 126107, + "areas": [ + "test" + ], + "kinds": [ + "bug", + "flake" + ], + "sigs": [ + "api-machinery", + "apps", + "auth", + "testing" + ], + "duplicate": true, + "duplicate_kind": true + }, + "126108": { + "commit": "107f6214626c2c6c42aa11141e4572c02e4daff7", + "text": "Reduced state change noise when volume expansion fails. Also mark certain failures as infeasible.\n\nIf you are using the RecoverVolumeExpansionFailure Alpha feature, after upgrading to this release, existing PVCs with status.allocatedResourceStatus set to \"ControllerResizeFailed\" or \"NodeResizeFailed\" should have their status.allocatedResourceStatus cleared.", + "markdown": "Reduced state change noise when volume expansion fails. Also mark certain failures as infeasible.\n \n If you are using the RecoverVolumeExpansionFailure Alpha feature, after upgrading to this release, existing PVCs with status.allocatedResourceStatus set to \"ControllerResizeFailed\" or \"NodeResizeFailed\" should have their status.allocatedResourceStatus cleared. ([#126108](https://github.com/kubernetes/kubernetes/pull/126108), [@gnufied](https://github.com/gnufied)) [SIG Apps, Auth, Node, Storage and Testing]", + "author": "gnufied", + "author_url": "https://github.com/gnufied", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/126108", + "pr_number": 126108, + "areas": [ + "test", + "kubelet", + "code-generation" + ], + "kinds": [ + "api-change" + ], + "sigs": [ + "apps", + "auth", + "node", + "storage", + "testing" + ], + "duplicate": true, + "action_required": true, + "is_mapped": true + }, + "126113": { + "commit": "24fbb13eafec665e6f4b64961930774babd8b6d1", + "text": "ACTION REQUIRED for custom scheduler plugin developers:\n`EventsToRegister` in the `EnqueueExtensions` interface gets `ctx` in the parameters and `error` in the return values.\nPlease change your plugins' implementation accordingly.", + "markdown": "ACTION REQUIRED for custom scheduler plugin developers:\n `EventsToRegister` in the `EnqueueExtensions` interface gets `ctx` in the parameters and `error` in the return values.\n Please change your plugins' implementation accordingly. ([#126113](https://github.com/kubernetes/kubernetes/pull/126113), [@googs1025](https://github.com/googs1025)) [SIG Node, Scheduling, Storage and Testing]", + "author": "googs1025", + "author_url": "https://github.com/googs1025", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/126113", + "pr_number": 126113, + "areas": [ + "test" + ], + "kinds": [ + "cleanup", + "feature" + ], + "sigs": [ + "node", + "scheduling", + "storage", + "testing" + ], + "feature": true, + "duplicate": true, + "duplicate_kind": true, + "action_required": true + }, + "126124": { + "commit": "acaec0c23a7e5f76b98c519d91cdf66cbe4c0263", + "text": "The ValidatingAdmissionPolicy metrics have been redone to count and time all validations, including failures and admissions.", + "markdown": "The ValidatingAdmissionPolicy metrics have been redone to count and time all validations, including failures and admissions. ([#126124](https://github.com/kubernetes/kubernetes/pull/126124), [@cici37](https://github.com/cici37)) [SIG API Machinery and Instrumentation]", + "author": "cici37", + "author_url": "https://github.com/cici37", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/126124", + "pr_number": 126124, + "areas": [ + "apiserver" + ], + "kinds": [ + "cleanup" + ], + "sigs": [ + "api-machinery", + "instrumentation" + ], + "duplicate": true + }, + "126125": { + "commit": "fc03f3e74c3d891e62b347c518b3197b62e9532c", + "text": "Allowed calling Stop multiple times on RetryWatcher without panicking.", + "markdown": "Allowed calling Stop multiple times on RetryWatcher without panicking. ([#126125](https://github.com/kubernetes/kubernetes/pull/126125), [@mprahl](https://github.com/mprahl))", + "author": "mprahl", + "author_url": "https://github.com/mprahl", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/126125", + "pr_number": 126125, + "kinds": [ + "bug" + ], + "sigs": [ + "api-machinery" + ], + "is_mapped": true + }, + "126136": { + "commit": "8f265b63050739937cd939c05a98def37002f1e8", + "text": "Removed feature gate `CustomResourceValidationExpressions`.", + "markdown": "Removed feature gate `CustomResourceValidationExpressions`. ([#126136](https://github.com/kubernetes/kubernetes/pull/126136), [@cici37](https://github.com/cici37)) [SIG API Machinery, Cloud Provider and Testing]", + "author": "cici37", + "author_url": "https://github.com/cici37", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/126136", + "pr_number": 126136, + "areas": [ + "test", + "apiserver", + "provider/gcp", + "code-generation" + ], + "kinds": [ + "cleanup", + "api-change" + ], + "sigs": [ + "api-machinery", + "cloud-provider", + "testing" + ], + "duplicate": true, + "duplicate_kind": true + }, + "126139": { + "commit": "c3bcd4fff06566886f36d6e59536b3d00a69a637", + "text": "Reverted \"Move ConsistentListFromCache feature flag to Beta and enable it by default\".", + "markdown": "Reverted \"Move ConsistentListFromCache feature flag to Beta and enable it by default\". ([#126139](https://github.com/kubernetes/kubernetes/pull/126139), [@enj](https://github.com/enj))", + "author": "enj", + "author_url": "https://github.com/enj", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/126139", + "pr_number": 126139, + "areas": [ + "apiserver" + ], + "kinds": [ + "bug", + "api-change", + "regression" + ], + "sigs": [ + "api-machinery" + ], + "duplicate_kind": true, + "is_mapped": true + }, + "126145": { + "commit": "c2fdeca4ab81336daf20c91b810c9685918c3d58", + "text": "Promoted feature-gate `VolumeAttributesClass` to Beta (disabled by default). Users need to enable the feature gate and the storage v1beta1 group to use this new feature.\n- Promoted API `VolumeAttributesClass` and `VolumeAttributesClassList` to `storage.k8s.io/v1beta1`.", + "markdown": "Promoted feature-gate `VolumeAttributesClass` to Beta (disabled by default). Users need to enable the feature gate and the storage v1beta1 group to use this new feature.\n - Promoted API `VolumeAttributesClass` and `VolumeAttributesClassList` to `storage.k8s.io/v1beta1`. ([#126145](https://github.com/kubernetes/kubernetes/pull/126145), [@carlory](https://github.com/carlory)) [SIG API Machinery, Apps, CLI, Etcd, Storage and Testing]", + "documentation": [ + { + "description": "[KEP]", + "url": "https://github.com/kubernetes/enhancements/issues/3751", + "type": "KEP" + } + ], + "author": "carlory", + "author_url": "https://github.com/carlory", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/126145", + "pr_number": 126145, + "areas": [ + "test", + "apiserver", + "kubectl", + "code-generation" + ], + "kinds": [ + "api-change", + "feature" + ], + "sigs": [ + "api-machinery", + "apps", + "cli", + "etcd", + "storage", + "testing" + ], + "feature": true, + "duplicate": true, + "duplicate_kind": true, + "is_mapped": true + }, + "126163": { + "commit": "c01bc31fa2fb59c127c4c10215548033cd2e7a99", + "text": "kube-apiserver: when the Alpha `UserNamespacesPodSecurityStandards` feature gate is enabled, Pod Security Admission enforcement of the baseline policy now allows `procMount=Unmasked` for user namespace pods that set `hostUsers=false`.", + "markdown": "Kube-apiserver: when the Alpha `UserNamespacesPodSecurityStandards` feature gate is enabled, Pod Security Admission enforcement of the baseline policy now allows `procMount=Unmasked` for user namespace pods that set `hostUsers=false`. ([#126163](https://github.com/kubernetes/kubernetes/pull/126163), [@haircommander](https://github.com/haircommander))", + "documentation": [ + { + "description": "[KEP]", + "url": "https://github.com/kubernetes/enhancements/issues/4265", + "type": "KEP" + } + ], + "author": "haircommander", + "author_url": "https://github.com/haircommander", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/126163", + "pr_number": 126163, + "kinds": [ + "feature" + ], + "sigs": [ + "auth" + ], + "feature": true, + "is_mapped": true + }, + "126165": { + "commit": "8e175c688e37e4baf70c4015346b8b5615a84328", + "text": "Starting in 1.31, `container_engine_t` was added to the list of allowed SELinux types in the baseline Pod Security Standards profile.", + "markdown": "Starting in 1.31, `container_engine_t` was added to the list of allowed SELinux types in the baseline Pod Security Standards profile. ([#126165](https://github.com/kubernetes/kubernetes/pull/126165), [@haircommander](https://github.com/haircommander))", + "author": "haircommander", + "author_url": "https://github.com/haircommander", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/126165", + "pr_number": 126165, + "kinds": [ + "feature" + ], + "sigs": [ + "auth" + ], + "feature": true, + "is_mapped": true + }, + "126166": { + "commit": "16c2ad5b842f23eda3674d3cd908de359554d5dc", + "text": "Added `storage_class` and `volume_attributes_class` labels to `pv_collector_bound_pvc_count` and `pv_collector_unbound_pvc_count` metrics.", + "markdown": "Added `storage_class` and `volume_attributes_class` labels to `pv_collector_bound_pvc_count` and `pv_collector_unbound_pvc_count` metrics. ([#126166](https://github.com/kubernetes/kubernetes/pull/126166), [@AndrewSirenko](https://github.com/AndrewSirenko)) [SIG Apps, Instrumentation, Storage and Testing]", + "documentation": [ + { + "description": "[KEP]", + "url": "https://github.com/kubernetes/enhancements/issues/3751", + "type": "KEP" + } + ], + "author": "AndrewSirenko", + "author_url": "https://github.com/AndrewSirenko", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/126166", + "pr_number": 126166, + "areas": [ + "test", + "e2e-test-framework" + ], + "kinds": [ + "feature" + ], + "sigs": [ + "apps", + "instrumentation", + "storage", + "testing" + ], + "feature": true, + "duplicate": true + }, + "126167": { + "commit": "5420b2fe9a84af57cc24793c8f8ac8821b65f42f", + "text": "kube-apiserver: fixed a potential crash serving CustomResourceDefinitions that combine an invalid schema and CEL validation rules.", + "markdown": "Kube-apiserver: fixed a potential crash serving CustomResourceDefinitions that combine an invalid schema and CEL validation rules. ([#126167](https://github.com/kubernetes/kubernetes/pull/126167), [@cici37](https://github.com/cici37)) [SIG API Machinery and Testing]", + "author": "cici37", + "author_url": "https://github.com/cici37", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/126167", + "pr_number": 126167, + "areas": [ + "test" + ], + "kinds": [ + "bug" + ], + "sigs": [ + "api-machinery", + "testing" + ], + "duplicate": true, + "is_mapped": true + }, + "126174": { + "commit": "fa15f12fb509875a8466242d8f5fe643217ec502", + "text": "mount-utils: treated syscall.ENODEV as corrupted mount.", + "markdown": "Mount-utils: treated syscall.ENODEV as corrupted mount. ([#126174](https://github.com/kubernetes/kubernetes/pull/126174), [@dobsonj](https://github.com/dobsonj))", + "author": "dobsonj", + "author_url": "https://github.com/dobsonj", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/126174", + "pr_number": 126174, + "kinds": [ + "bug" + ], + "sigs": [ + "storage" + ], + "is_mapped": true + }, + "126188": { + "commit": "a48a92c72ec7d4e2a8da396309abff9360faae75", + "text": "To enhance usability and developer experience, CRD validation rules now support direct use of (CEL) reserved keywords as field names in object validation expressions for existing expressions in storage, will fully support runtime in next release for compatibility concern.", + "markdown": "To enhance usability and developer experience, CRD validation rules now support direct use of (CEL) reserved keywords as field names in object validation expressions for existing expressions in storage, will fully support runtime in next release for compatibility concern. ([#126188](https://github.com/kubernetes/kubernetes/pull/126188), [@cici37](https://github.com/cici37)) [SIG API Machinery and Testing]", + "documentation": [ + { + "description": "[CRD validation rule doc](", + "url": "https://kubernetes.io/docs/tasks/extend-kubernetes/custom-resources/custom-resource-definitions/#validation-rules)", + "type": "official" + }, + { + "description": "[CEL reserved keyword](", + "url": "https://github.com/google/cel-spec/blob/master/doc/langdef.md#syntax)", + "type": "external" + } + ], + "author": "cici37", + "author_url": "https://github.com/cici37", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/126188", + "pr_number": 126188, + "areas": [ + "test", + "apiserver" + ], + "kinds": [ + "api-change", + "feature" + ], + "sigs": [ + "api-machinery", + "testing" + ], + "feature": true, + "duplicate": true, + "duplicate_kind": true + }, + "126191": { + "commit": "dda657b5982e8f9102b8df5931344262b0793163", + "text": "Reverted `Graduates the `WatchList` feature gate to Beta for kube-apiserver and enables `WatchListClient` for kube-controller-manager (KCM)`.", + "markdown": "Reverted `Graduates the `WatchList` feature gate to Beta for kube-apiserver and enables `WatchListClient` for kube-controller-manager (KCM)`. ([#126191](https://github.com/kubernetes/kubernetes/pull/126191), [@p0lyn0mial](https://github.com/p0lyn0mial)) [SIG API Machinery and Testing]", + "author": "p0lyn0mial", + "author_url": "https://github.com/p0lyn0mial", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/126191", + "pr_number": 126191, + "areas": [ + "test", + "apiserver" + ], + "kinds": [ + "bug" + ], + "sigs": [ + "api-machinery", + "testing" + ], + "duplicate": true, + "is_mapped": true + }, + "126205": { + "commit": "fe24ebfe3308750531ea0d7f8be83804bc53318d", + "text": "Promoted KEP-4191 \"Split Image Filesystem\" to Beta.", + "markdown": "Promoted KEP-4191 \"Split Image Filesystem\" to Beta. ([#126205](https://github.com/kubernetes/kubernetes/pull/126205), [@kwilczynski](https://github.com/kwilczynski))", + "documentation": [ + { + "description": "[KEP]", + "url": "https://kep.k8s.io/4191", + "type": "external" + } + ], + "author": "kwilczynski", + "author_url": "https://github.com/kwilczynski", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/126205", + "pr_number": 126205, + "kinds": [ + "feature" + ], + "sigs": [ + "node" + ], + "feature": true, + "is_mapped": true + }, + "126207": { + "commit": "77e12aeca92c3c0fe2c1fc6ce7f0e17ba796c6fd", + "text": "Changed how the API server handles updates to `.spec.defaultBackend` of Ingress objects.\nServer-side apply now considers `.spec.defaultBackend` to be an atomic struct. This means that any field-owner who sets values in that struct (they are mutually exclusive) owns the whole struct. For almost all users this change has no impact; for controllers that want to change the default backend port from number to name (or vice-versa), this makes it easier.", + "markdown": "Changed how the API server handles updates to `.spec.defaultBackend` of Ingress objects.\n Server-side apply now considers `.spec.defaultBackend` to be an atomic struct. This means that any field-owner who sets values in that struct (they are mutually exclusive) owns the whole struct. For almost all users this change has no impact; for controllers that want to change the default backend port from number to name (or vice-versa), this makes it easier. ([#126207](https://github.com/kubernetes/kubernetes/pull/126207), [@thockin](https://github.com/thockin)) [SIG API Machinery]", + "author": "thockin", + "author_url": "https://github.com/thockin", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/126207", + "pr_number": 126207, + "areas": [ + "code-generation" + ], + "kinds": [ + "bug", + "api-change" + ], + "sigs": [ + "api-machinery" + ], + "duplicate_kind": true + }, + "126224": { + "commit": "b14769f2afe5ee1318d091ceb95b42012236762b", + "text": "kubeadm: fixed a bug on 'kubeadm join' where using patches with a kubeletconfiguration target was not respected when performing the local kubelet healthz check.", + "markdown": "Kubeadm: fixed a bug on 'kubeadm join' where using patches with a kubeletconfiguration target was not respected when performing the local kubelet healthz check. ([#126224](https://github.com/kubernetes/kubernetes/pull/126224), [@neolit123](https://github.com/neolit123)) [SIG Cluster Lifecycle]", + "author": "neolit123", + "author_url": "https://github.com/neolit123", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/126224", + "pr_number": 126224, + "areas": [ + "kubeadm" + ], + "kinds": [ + "bug" + ], + "sigs": [ + "cluster-lifecycle" + ] + }, + "126227": { + "commit": "43691598dab3c91717807ea9e4ab5ac8d27c4ea0", + "text": "Implemented `queueing_hint_execution_duration_seconds` metric, which is the time the QueueingHint function takes.", + "markdown": "Implemented `queueing_hint_execution_duration_seconds` metric, which is the time the QueueingHint function takes. ([#126227](https://github.com/kubernetes/kubernetes/pull/126227), [@sanposhiho](https://github.com/sanposhiho))", + "author": "sanposhiho", + "author_url": "https://github.com/sanposhiho", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/126227", + "pr_number": 126227, + "kinds": [ + "feature" + ], + "sigs": [ + "scheduling" + ], + "feature": true, + "is_mapped": true + }, + "126237": { + "commit": "887def08b66c31b2f8bc260ea74d6c94671d474e", + "text": "Promoted the metrics for both VAP and CRD validation rules to Beta.", + "markdown": "Promoted the metrics for both VAP and CRD validation rules to Beta. ([#126237](https://github.com/kubernetes/kubernetes/pull/126237), [@cici37](https://github.com/cici37)) [SIG API Machinery and Instrumentation]", + "author": "cici37", + "author_url": "https://github.com/cici37", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/126237", + "pr_number": 126237, + "areas": [ + "apiserver", + "stable-metrics" + ], + "kinds": [ + "feature" + ], + "sigs": [ + "api-machinery", + "instrumentation" + ], + "feature": true, + "duplicate": true, + "is_mapped": true + }, + "126243": { + "commit": "5af1710d90d2396f6305c73fdf7df3a1be0c2fd0", + "text": "Added an AllocatedResourcesStatus to each container status to indicate the health status of devices exposed by the device plugin.", + "markdown": "Added an AllocatedResourcesStatus to each container status to indicate the health status of devices exposed by the device plugin. ([#126243](https://github.com/kubernetes/kubernetes/pull/126243), [@SergeyKanzhelev](https://github.com/SergeyKanzhelev)) [SIG API Machinery, Apps, Node and Testing]", + "author": "SergeyKanzhelev", + "author_url": "https://github.com/SergeyKanzhelev", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/126243", + "pr_number": 126243, + "areas": [ + "test", + "kubelet", + "code-generation" + ], + "kinds": [ + "api-change", + "feature" + ], + "sigs": [ + "api-machinery", + "apps", + "node", + "testing" + ], + "feature": true, + "duplicate": true, + "duplicate_kind": true, + "is_mapped": true + }, + "126291": { + "commit": "ad805387e26a4e76ab53505d5eb552686368180b", + "text": "Set ProcMountType feature to disabled by default, to follow the lead of UserNamespacesSupport (which it relies on).", + "markdown": "Set ProcMountType feature to disabled by default, to follow the lead of UserNamespacesSupport (which it relies on). ([#126291](https://github.com/kubernetes/kubernetes/pull/126291), [@haircommander](https://github.com/haircommander)) [SIG Node]", + "documentation": [ + { + "description": "[KEP]", + "url": "https://github.com/kubernetes/enhancements/issues/4265", + "type": "KEP" + } + ], + "author": "haircommander", + "author_url": "https://github.com/haircommander", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/126291", + "pr_number": 126291, + "kinds": [ + "bug" + ], + "sigs": [ + "node" + ] + }, + "126293": { + "commit": "6834a1ef3d928f6f7e00e801a43c37bead75dbe9", + "text": "The kube-proxy command line flag `--proxy-port-range`, which was previously deprecated and non-functional, has now been removed.", + "markdown": "The kube-proxy command line flag `--proxy-port-range`, which was previously deprecated and non-functional, has now been removed. ([#126293](https://github.com/kubernetes/kubernetes/pull/126293), [@aroradaman](https://github.com/aroradaman)) [SIG Network]", + "author": "aroradaman", + "author_url": "https://github.com/aroradaman", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/126293", + "pr_number": 126293, + "areas": [ + "kube-proxy" + ], + "kinds": [ + "feature" + ], + "sigs": [ + "network" + ], + "feature": true + }, + "126330": { + "commit": "05934d6283a7f54ec9e4ef543d038ee479345c2f", + "text": "Built kubernetes with `Go 1.22.5`.", + "markdown": "Built kubernetes with `Go 1.22.5`. ([#126330](https://github.com/kubernetes/kubernetes/pull/126330), [@ArkaSaha30](https://github.com/ArkaSaha30)) [SIG Release and Testing]", + "author": "ArkaSaha30", + "author_url": "https://github.com/ArkaSaha30", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/126330", + "pr_number": 126330, + "areas": [ + "test", + "release-eng" + ], + "kinds": [ + "cleanup" + ], + "sigs": [ + "release", + "testing" + ], + "duplicate": true, + "is_mapped": true + }, + "126335": { + "commit": "df69a528d5a50d03f5865d8aeb7f8400cf48296b", + "text": "Fixed bug in KEP-4191 if feature gate is turned on but container runtime is not configured.", + "markdown": "Fixed bug in KEP-4191 if feature gate is turned on but container runtime is not configured. ([#126335](https://github.com/kubernetes/kubernetes/pull/126335), [@kannon92](https://github.com/kannon92))", + "author": "kannon92", + "author_url": "https://github.com/kannon92", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/126335", + "pr_number": 126335, + "areas": [ + "kubelet" + ], + "kinds": [ + "bug", + "failing-test" + ], + "sigs": [ + "node" + ], + "duplicate_kind": true, + "is_mapped": true + }, + "126355": { + "commit": "c853ca49c3d104ad559c4d4bdc802106d27deb52", + "text": "Set LocalStorageCapacityIsolationFSQuotaMonitoring to false by default, to match UserNamespacesSupport (which the feature relies on).", + "markdown": "Set LocalStorageCapacityIsolationFSQuotaMonitoring to false by default, to match UserNamespacesSupport (which the feature relies on). ([#126355](https://github.com/kubernetes/kubernetes/pull/126355), [@haircommander](https://github.com/haircommander))", + "author": "haircommander", + "author_url": "https://github.com/haircommander", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/126355", + "pr_number": 126355, + "kinds": [ + "cleanup" + ], + "sigs": [ + "node" + ], + "is_mapped": true + }, + "126441": { + "commit": "aab56e9b70b7d80f2a5a5f2907e172de257662b5", + "text": "Ensured that the Node Admission plugin to reject CSR requests created by a node identity for the signers `kubernetes.io/kubelet-serving` or `kubernetes.io/kube-apiserver-client-kubelet` with a CN starting with `system:node:`, but where the CN is not `system:node:${node-name}`. The feature gate `AllowInsecureKubeletCertificateSigningRequests` defaults to `false`, but can be enabled to revert to the previous behavior. This feature gate will be removed in Kubernetes v1.33.", + "markdown": "Ensured that the Node Admission plugin to reject CSR requests created by a node identity for the signers `kubernetes.io/kubelet-serving` or `kubernetes.io/kube-apiserver-client-kubelet` with a CN starting with `system:node:`, but where the CN is not `system:node:${node-name}`. The feature gate `AllowInsecureKubeletCertificateSigningRequests` defaults to `false`, but can be enabled to revert to the previous behavior. This feature gate will be removed in Kubernetes v1.33. ([#126441](https://github.com/kubernetes/kubernetes/pull/126441), [@micahhausler](https://github.com/micahhausler))", + "author": "micahhausler", + "author_url": "https://github.com/micahhausler", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/126441", + "pr_number": 126441, + "kinds": [ + "cleanup" + ], + "sigs": [ + "auth" + ], + "is_mapped": true } } \ No newline at end of file diff --git a/releases/release-1.31/release-notes/release-notes-draft.md b/releases/release-1.31/release-notes/release-notes-draft.md index 5d86cdf7c8..ba5e5359a0 100644 --- a/releases/release-1.31/release-notes/release-notes-draft.md +++ b/releases/release-1.31/release-notes/release-notes-draft.md @@ -2,8 +2,7 @@ ### (No, really, you MUST read this before you upgrade) -- Kubelet flag `--keep-terminated-pod-volumes` was removed. This flag was deprecated in 2017. ([#122082](https://github.com/kubernetes/kubernetes/pull/122082), [@carlory](https://github.com/carlory)) [SIG Apps, Node, Storage and Testing] - - The scheduler starts to use QueueingHint registered for Pod/Updated event to determine whether unschedulable Pods update make them schedulable, when the feature gate `SchedulerQueueingHints` is enabled. +- Added support to the scheduler to start using QueueingHint registered for Pod/Updated event to determine whether unschedulable Pods update make them schedulable, when the feature gate `SchedulerQueueingHints` is enabled. Previously, when unschedulable Pods are updated, the scheduler always put Pods back to activeQ/backoffQ. But, actually not all updates to Pods make Pods schedulable, especially considering many scheduling constraints nowadays are immutable. Now, when unschedulable Pods are updated, the scheduling queue checks with QueueingHint(s) whether the update may make the pods schedulable, and requeues them to activeQ/backoffQ **only when** at least one QueueingHint(s) return Queue. @@ -11,11 +10,19 @@ Plugins **have to** implement a QueueingHint for Pod/Update event if the rejection from them could be resolved by updating unscheduled Pods themselves. Example: suppose you develop a custom plugin that denies Pods that have a `schedulable=false` label. Given Pods with a `schedulable=false` label will be schedulable if the `schedulable=false` label is removed, this plugin would implement QueueingHint for Pod/Update event that returns Queue when such label changes are made in unscheduled Pods. ([#122234](https://github.com/kubernetes/kubernetes/pull/122234), [@AxeZhan](https://github.com/AxeZhan)) [SIG Scheduling and Testing] + - Kubelet flag `--keep-terminated-pod-volumes` was removed. This flag was deprecated in 2017. ([#122082](https://github.com/kubernetes/kubernetes/pull/122082), [@carlory](https://github.com/carlory)) [SIG Apps, Node, Storage and Testing] + - Reduced state change noise when volume expansion fails. Also mark certain failures as infeasible. + + If you are using the RecoverVolumeExpansionFailure Alpha feature, after upgrading to this release, existing PVCs with status.allocatedResourceStatus set to "ControllerResizeFailed" or "NodeResizeFailed" should have their status.allocatedResourceStatus cleared. ([#126108](https://github.com/kubernetes/kubernetes/pull/126108), [@gnufied](https://github.com/gnufied)) [SIG Apps, Auth, Node, Storage and Testing] ## Changes by Kind ### Deprecation +- 'kubeadm: marked the sub-phase of ''init kubelet-finilize'' called ''experimental-cert-rotation'' + as deprecated and print a warning if it is used directly; it will be removed in + a future release. Add a replacement sub-phase ''enable-client-cert-rotation''.' ([#124419](https://github.com/kubernetes/kubernetes/pull/124419), [@neolit123](https://github.com/neolit123)) [SIG Cluster Lifecycle] +- Added a warning when creating or updating a PersistentVolume (PV) with the deprecated annotation `volume.beta.kubernetes.io/mount-options`. ([#124819](https://github.com/kubernetes/kubernetes/pull/124819), [@carlory](https://github.com/carlory)) - CephFS volume plugin ( `kubernetes.io/cephfs`) was removed in this release and the `cephfs` volume type became non-functional. Alternative is to use CephFS CSI driver (https://github.com/ceph/ceph-csi/) in your Kubernetes Cluster. A re-deployment of your application is required to use the new driver if you were using `kubernetes.io/cephfs` volume plugin before upgrading cluster version to 1.31+. ([#124544](https://github.com/kubernetes/kubernetes/pull/124544), [@carlory](https://github.com/carlory)) [SIG Node, Scalability, Storage and Testing] - CephRBD volume plugin ( `kubernetes.io/rbd`) was removed in this release. And its csi migration support was also removed, so the `rbd` volume type became non-functional. Alternative is to use RBD CSI driver (https://github.com/ceph/ceph-csi/) in your Kubernetes Cluster. A re-deployment of your application is required to use the new driver if you were using `kubernetes.io/rbd` volume plugin before upgrading cluster version to 1.31+. ([#124546](https://github.com/kubernetes/kubernetes/pull/124546), [@carlory](https://github.com/carlory)) [SIG Node, Scalability, Scheduling, Storage and Testing] - Kube-scheduler deprecated all non-csi volumelimit plugins and removed those from defaults plugins. @@ -27,94 +34,152 @@ The NodeVolumeLimits plugin can handle the same functionality as the above plugins since the above volume types are migrated to CSI. Please remove those plugins and replace them with the NodeVolumeLimits plugin if you explicitly use those plugins in the scheduler config. Those plugins will be removed in the release 1.32. ([#124500](https://github.com/kubernetes/kubernetes/pull/124500), [@carlory](https://github.com/carlory)) [SIG Scheduling and Storage] -- Kubeadm: deprecated the kubeadm `RootlessControlPlane` feature gate (previously alpha), given that the core K8s `UserNamespacesSupport` feature gate graduated to Beta in 1.30. +- Kubeadm: deprecated the kubeadm `RootlessControlPlane` feature gate (previously alpha), given that the core K8s `UserNamespacesSupport` feature gate graduated to beta in 1.30. Once core Kubernetes support for user namespaces is generally available and kubeadm has started to support running the control plane in userns pods, the kubeadm `RootlessControlPlane` feature gate will be removed entirely. Until kubeadm supports the userns functionality out of the box, users can continue using the deprecated `RootlessControlPlane` feature gate, or opt-in `UserNamespacesSupport` by using kubeadm patches on the static pod manifests. ([#124997](https://github.com/kubernetes/kubernetes/pull/124997), [@neolit123](https://github.com/neolit123)) [SIG Cluster Lifecycle] -- Kubeadm: mark the sub-phase of 'init kubelet-finilize' called 'experimental-cert-rotation' as deprecated and print a warning if it is used directly; it will be removed in a future release. Add a replacement sub-phase 'enable-client-cert-rotation'. ([#124419](https://github.com/kubernetes/kubernetes/pull/124419), [@neolit123](https://github.com/neolit123)) [SIG Cluster Lifecycle] -- Remove k8s.io/legacy-cloud-providers from staging ([#124767](https://github.com/kubernetes/kubernetes/pull/124767), [@carlory](https://github.com/carlory)) [SIG API Machinery, Cloud Provider and Release] -- Removed legacy cloud provider integration code (undoing a previous reverted commit) ([#124886](https://github.com/kubernetes/kubernetes/pull/124886), [@carlory](https://github.com/carlory)) [SIG Cloud Provider and Release] +- Removed k8s.io/legacy-cloud-providers from staging. ([#124767](https://github.com/kubernetes/kubernetes/pull/124767), [@carlory](https://github.com/carlory)) [SIG API Machinery, Cloud Provider and Release] +- Removed legacy cloud provider integration code (undoing a previous reverted commit). ([#124886](https://github.com/kubernetes/kubernetes/pull/124886), [@carlory](https://github.com/carlory)) [SIG Cloud Provider and Release] ### API Change - Add UserNamespaces field to NodeRuntimeHandlerFeatures ([#126034](https://github.com/kubernetes/kubernetes/pull/126034), [@sohankunkerkar](https://github.com/sohankunkerkar)) [SIG API Machinery, Apps and Node] -- Added the feature gates `StrictCostEnforcementForVAP` and `StrictCostEnforcementForWebhooks` to enforce the strct cost calculation for CEL extended libraries. It is strongly recommended to turn on the feature gates as early as possible. ([#124675](https://github.com/kubernetes/kubernetes/pull/124675), [@cici37](https://github.com/cici37)) [SIG API Machinery, Auth, Node and Testing] +- Added Coordinated Leader Election as Alpha under the `CoordinatedLeaderElection` feature gate. With the feature enabled, the control plane can use LeaseCandidate objects (coordination.k8s.io/v1alpha1 API group) to participate in a leader election and let the kube-apiserver select the best instance according to some strategy. ([#124012](https://github.com/kubernetes/kubernetes/pull/124012), [@Jefftree](https://github.com/Jefftree)) [SIG API Machinery, Apps, Auth, Cloud Provider, Etcd, Node, Release, Scheduling and Testing] +- Added Node.Status.Features.SupplementalGroupsPolicy field which is set to true when the feature is implemented in the CRI implementation (KEP-3619). ([#125470](https://github.com/kubernetes/kubernetes/pull/125470), [@everpeace](https://github.com/everpeace)) [SIG API Machinery, Apps, Node and Testing] +- Added an AllocatedResourcesStatus to each container status to indicate the health status of devices exposed by the device plugin. ([#126243](https://github.com/kubernetes/kubernetes/pull/126243), [@SergeyKanzhelev](https://github.com/SergeyKanzhelev)) [SIG API Machinery, Apps, Node and Testing] +- Added support to the kube-proxy nodePortAddresses / --nodeport-addresses option to + accept the value "primary", meaning to only listen for NodePort connections + on the node's primary IPv4 and/or IPv6 address (according to the Node object). + This is strongly recommended, if you were not previously using + --nodeport-addresses, to avoid surprising behavior. + (This behavior is enabled by default with the nftables backend; you would + need to explicitly request `--nodeport-addresses 0.0.0.0/0,::/0` there to get + the traditional "listen on all interfaces" behavior.) ([#123105](https://github.com/kubernetes/kubernetes/pull/123105), [@danwinship](https://github.com/danwinship)) [SIG API Machinery, Network and Windows] +- Added the feature gates `StrictCostEnforcementForVAP` and `StrictCostEnforcementForWebhooks` to enforce the strict cost calculation for CEL extended libraries. It is strongly recommended to turn on the feature gates as early as possible. ([#124675](https://github.com/kubernetes/kubernetes/pull/124675), [@cici37](https://github.com/cici37)) [SIG API Machinery, Auth, Node and Testing] +- Changed how the API server handles updates to `.spec.defaultBackend` of Ingress objects. + Server-side apply now considers `.spec.defaultBackend` to be an atomic struct. This means that any field-owner who sets values in that struct (they are mutually exclusive) owns the whole struct. For almost all users this change has no impact; for controllers that want to change the default backend port from number to name (or vice-versa), this makes it easier. ([#126207](https://github.com/kubernetes/kubernetes/pull/126207), [@thockin](https://github.com/thockin)) [SIG API Machinery] - Component-base/logs: when compiled with Go >= 1.21, component-base will automatically configure the slog default logger together with initializing klog. ([#120696](https://github.com/kubernetes/kubernetes/pull/120696), [@pohly](https://github.com/pohly)) [SIG API Machinery, Architecture, Auth, CLI, Cloud Provider, Cluster Lifecycle, Instrumentation, Network, Storage and Testing] -- DRA: client-side validation of a ResourceHandle would have accepted a missing DriverName, whereas server-side validation then would have raised an error. ([#124075](https://github.com/kubernetes/kubernetes/pull/124075), [@pohly](https://github.com/pohly)) [SIG Apps] -- DRA: in the `pod.spec.recourceClaims` array, the `source` indirection is no longer necessary. Instead of e.g. `source: resourceClaimTemplateName: my-template`, one can write `resourceClaimTemplateName: my-template`. ([#125116](https://github.com/kubernetes/kubernetes/pull/125116), [@pohly](https://github.com/pohly)) [SIG API Machinery, Apps, Auth, Node, Scheduling and Testing] -- Fix Deep Copy issue in getting controller reference ([#124116](https://github.com/kubernetes/kubernetes/pull/124116), [@HiranmoyChowdhury](https://github.com/HiranmoyChowdhury)) [SIG API Machinery and Release] -- Fix code-generator client-gen to work with `api/v1`-like package structure. ([#125162](https://github.com/kubernetes/kubernetes/pull/125162), [@sttts](https://github.com/sttts)) [SIG API Machinery and Apps] -- Fix the comment for the Job's managedBy field ([#124793](https://github.com/kubernetes/kubernetes/pull/124793), [@mimowo](https://github.com/mimowo)) [SIG API Machinery and Apps] +- CustomResourceDefinition objects created with non-empty `caBundle` fields which are invalid or do not contain any certificates will not appear in discovery or serve endpoints until a valid `caBundle` is provided. Updates to CustomResourceDefinition are no longer allowed to transition a valid `caBundle` field to an invalid `caBundle` field, because this breaks serving of the existing CustomResourceDefinition. ([#124061](https://github.com/kubernetes/kubernetes/pull/124061), [@Jefftree](https://github.com/Jefftree)) [SIG API Machinery] +- DRA: Added a feature so the number of ResourceClaim objects can be limited per namespace and by the number of devices requested through a specific class via the v1.ResourceQuota mechanism. ([#120611](https://github.com/kubernetes/kubernetes/pull/120611), [@pohly](https://github.com/pohly)) [SIG API Machinery, Apps, Auth, CLI, Etcd, Node, Release, Scheduling and Testing] +- DRA: Added new API and several new features. ([#125488](https://github.com/kubernetes/kubernetes/pull/125488), [@pohly](https://github.com/pohly)) [SIG API Machinery, Apps, Auth, CLI, Cluster Lifecycle, Etcd, Node, Release, Scheduling, Storage and Testing] +- DRA: The Dynamic Resource Allocation (DRA) driver's daemonset must be deployed with a service account that enables writing ResourceSlice and reading ResourceClaim objects. ([#125163](https://github.com/kubernetes/kubernetes/pull/125163), [@pohly](https://github.com/pohly)) [SIG Auth, Node and Testing] +- Dynamic Resource Allocation (DRA): client-side validation of a ResourceHandle would have accepted a missing DriverName, whereas server-side validation then would have raised an error. ([#124075](https://github.com/kubernetes/kubernetes/pull/124075), [@pohly](https://github.com/pohly)) +- Dynamic Resource Allocation (DRA): in the `pod.spec.recourceClaims` array, the `source` indirection is no longer necessary. Instead of e.g. `source: resourceClaimTemplateName: my-template`, one can write `resourceClaimTemplateName: my-template`. ([#125116](https://github.com/kubernetes/kubernetes/pull/125116), [@pohly](https://github.com/pohly)) [SIG API Machinery, Apps, Auth, Node, Scheduling and Testing] +- Fixed a 1.30.0 regression in OpenAPI descriptions of the `imagePullSecrets` and + `hostAliases` fields to mark the fields used as keys in those lists as either defaulted + or required. ([#124553](https://github.com/kubernetes/kubernetes/pull/124553), [@pmalek](https://github.com/pmalek)) +- Fixed a 1.30.0 regression in openapi descriptions of `PodIP.IP` and `HostIP.IP` fields to mark the fields used as keys in those lists as required. ([#126057](https://github.com/kubernetes/kubernetes/pull/126057), [@thockin](https://github.com/thockin)) +- Fixed a bug in the API server where empty collections of ValidatingAdmissionPolicies did not have an `items` field. ([#124568](https://github.com/kubernetes/kubernetes/pull/124568), [@xyz-li](https://github.com/xyz-li)) [SIG API Machinery] +- Fixed a deep copy issue when retrieving the controller reference. ([#124116](https://github.com/kubernetes/kubernetes/pull/124116), [@HiranmoyChowdhury](https://github.com/HiranmoyChowdhury)) [SIG API Machinery and Release] +- Fixed code-generator client-gen to work with `api/v1`-like package structure. ([#125162](https://github.com/kubernetes/kubernetes/pull/125162), [@sttts](https://github.com/sttts)) [SIG API Machinery and Apps] - Fixed incorrect "v1 Binding is deprecated in v1.6+" warning in kube-scheduler log. ([#125540](https://github.com/kubernetes/kubernetes/pull/125540), [@pohly](https://github.com/pohly)) [SIG API Machinery] -- Fixes a 1.30.0 regression in openapi descriptions of PodIP.IP and HostIP.IP fields to mark the fields used as keys in those lists as required. ([#126057](https://github.com/kubernetes/kubernetes/pull/126057), [@thockin](https://github.com/thockin)) [SIG API Machinery] -- Fixes a 1.30.0 regression in openapi descriptions of imagePullSecrets and hostAliases fields to mark the fields used as keys in those lists as either defaulted or required. ([#124553](https://github.com/kubernetes/kubernetes/pull/124553), [@pmalek](https://github.com/pmalek)) [SIG API Machinery] -- Graduate JobPodFailurePolicy to GA and lock ([#125442](https://github.com/kubernetes/kubernetes/pull/125442), [@mimowo](https://github.com/mimowo)) [SIG API Machinery, Apps, Scheduling and Testing] -- Graduate MatchLabelKeys/MismatchLabelKeys feature in PodAffinity/PodAntiAffinity to Beta ([#123638](https://github.com/kubernetes/kubernetes/pull/123638), [@sanposhiho](https://github.com/sanposhiho)) [SIG API Machinery, Apps, Scheduling and Testing] +- Fixed the comment for the Job's managedBy field. ([#124793](https://github.com/kubernetes/kubernetes/pull/124793), [@mimowo](https://github.com/mimowo)) [SIG API Machinery and Apps] +- Fixed the documentation for the default value of the procMount entry in the pod securityContext. + The documentation was previously using the name of the internal variable 'DefaultProcMount' rather than the actual value 'Default'. ([#125782](https://github.com/kubernetes/kubernetes/pull/125782), [@aborrero](https://github.com/aborrero)) [SIG Apps and Node] - Graduate PodDisruptionConditions to GA and lock ([#125461](https://github.com/kubernetes/kubernetes/pull/125461), [@mimowo](https://github.com/mimowo)) [SIG Apps, Node, Scheduling and Testing] +- Graduated MatchLabelKeys/MismatchLabelKeys feature in PodAffinity/PodAntiAffinity to Beta. ([#123638](https://github.com/kubernetes/kubernetes/pull/123638), [@sanposhiho](https://github.com/sanposhiho)) [SIG API Machinery, Apps, Scheduling and Testing] +- Graduated `JobPodFailurePolicy` to GA and locked it to it's default. ([#125442](https://github.com/kubernetes/kubernetes/pull/125442), [@mimowo](https://github.com/mimowo)) [SIG API Machinery, Apps, Scheduling and Testing] +- Graduated the Job SuccessPolicy to Beta. + + The new reason label, "SuccessPolicy" and "CompletionsReached" are added to the "jobs_finished_total" metric. + Additionally, If we enable the "JobSuccessPolicy" feature gate, the Job gets "CompletionsReached" reason for the "SuccessCriteriaMet" and "Complete" condition type + when the number of succeeded Job Pods (".status.succeeded") reached the desired completions (".spec.completions"). ([#126067](https://github.com/kubernetes/kubernetes/pull/126067), [@tenzen-y](https://github.com/tenzen-y)) [SIG API Machinery, Apps and Testing] - Graduated the `DisableNodeKubeProxyVersion` feature gate to beta. By default, the kubelet no longer attempts to set the `.status.kubeProxyVersion` field for its associated Node. ([#123845](https://github.com/kubernetes/kubernetes/pull/123845), [@HirazawaUi](https://github.com/HirazawaUi)) [SIG API Machinery, Cloud Provider, Network, Node and Testing] -- Improved scheduling performance when many nodes, and prefilter returns 1-2 nodes (e.g. daemonset) +- Improved scheduling performance when many nodes, and prefilter returned 1-2 nodes (e.g. daemonset) - For developers of out-of-tree PostFilter plugins, note that the semantics of NodeToStatusMap are changing: A node with an absent value in the NodeToStatusMap should be interpreted as having an UnschedulableAndUnresolvable status ([#125197](https://github.com/kubernetes/kubernetes/pull/125197), [@gabesaba](https://github.com/gabesaba)) [SIG Scheduling] -- K8s.io/apimachinery/pkg/util/runtime: new calls support handling panics and errors in the context where they occur. `PanicHandlers` and `ErrorHandlers` now must accept a context parameter for that. Log output is structured instead of unstructured. ([#121970](https://github.com/kubernetes/kubernetes/pull/121970), [@pohly](https://github.com/pohly)) [SIG API Machinery and Instrumentation] -- KEP-1880: Users of the new feature to add multiple service CIDR will use by default a dual-write strategy on the new ClusterIP allocators to avoid the problem of possible duplicate IPs allocated to Services when running skewed kube-apiservers using different allocators. They can opt-out of this behavior by enabled the feature gate DisableAllocatorDualWrite ([#122047](https://github.com/kubernetes/kubernetes/pull/122047), [@aojea](https://github.com/aojea)) [SIG API Machinery, Apps, Instrumentation and Testing] + For developers of out-of-tree PostFilter plugins, note that the semantics of NodeToStatusMap are changing: A node with an absent value in the NodeToStatusMap should be interpreted as having an UnschedulableAndUnresolvable status. ([#125197](https://github.com/kubernetes/kubernetes/pull/125197), [@gabesaba](https://github.com/gabesaba)) +- Introduced a new boolean kubelet flag `--fail-cgroupv1`. ([#126031](https://github.com/kubernetes/kubernetes/pull/126031), [@harche](https://github.com/harche)) [SIG API Machinery and Node] +- K8s.io/apimachinery/pkg/util/runtime: Added support for new calls to handle panics and errors in the context where they occur. `PanicHandlers` and `ErrorHandlers` now must accept a context parameter for that. Log output is structured instead of unstructured. ([#121970](https://github.com/kubernetes/kubernetes/pull/121970), [@pohly](https://github.com/pohly)) [SIG API Machinery and Instrumentation] +- KEP-1880: Users of the new feature to add multiple service CIDR will use by default a dual-write strategy on the new ClusterIP allocators to avoid the problem of possible duplicate IPs allocated to Services when running skewed kube-apiservers using different allocators. They can opt-out of this behavior by enabled the feature gate DisableAllocatorDualWrite. ([#122047](https://github.com/kubernetes/kubernetes/pull/122047), [@aojea](https://github.com/aojea)) [SIG API Machinery, Apps, Instrumentation and Testing] +- Kube-apiserver: Added Alpha features to allow API server authz to check the context of requests: + - The `AuthorizeWithSelectors` feature gate enables including field and label selector information from requests in webhook authorization calls. + - The `AuthorizeNodeWithSelectors` feature gate changes node authorizer behavior to limit requests from node API clients, so that each Node can only get / list / watch its own Node API object, and can also only get / list / watch Pod API objects bound to that node. Clients using kubelet credentials to read other nodes or unrelated pods must change their authentication credentials (recommended), adjust their usage, or obtain broader read access independent of the node authorizer. ([#125571](https://github.com/kubernetes/kubernetes/pull/125571), [@liggitt](https://github.com/liggitt)) [SIG API Machinery, Auth, Node, Scheduling and Testing] - Kube-apiserver: ControllerRevision objects are now verified to contain valid JSON data in the `data` field. ([#125549](https://github.com/kubernetes/kubernetes/pull/125549), [@liggitt](https://github.com/liggitt)) [SIG API Machinery and Apps] - Kube-apiserver: the `--encryption-provider-config` file is now loaded with strict deserialization, which fails if the config file contains duplicate or unknown fields. This protects against accidentally running with config files that are malformed, mis-indented, or have typos in field names, and getting unexpected behavior. When `--encryption-provider-config-automatic-reload` is used, new encryption config files that contain typos after the kube-apiserver is running are treated as invalid and the last valid config is used. ([#124912](https://github.com/kubernetes/kubernetes/pull/124912), [@enj](https://github.com/enj)) [SIG API Machinery and Auth] -- Kube-controller-manager removes deprecated command flags: --volume-host-cidr-denylist and --volume-host-allow-local-loopback ([#124017](https://github.com/kubernetes/kubernetes/pull/124017), [@carlory](https://github.com/carlory)) [SIG API Machinery, Apps, Cloud Provider and Storage] -- Kube-controller-manager: the `horizontal-pod-autoscaler-upscale-delay` and `horizontal-pod-autoscaler-downscale-delay` flags have been removed (deprecated and non-functional since v1.12) ([#124948](https://github.com/kubernetes/kubernetes/pull/124948), [@SataQiu](https://github.com/SataQiu)) [SIG API Machinery, Apps and Autoscaling] +- Kube-controller-manager: the `horizontal-pod-autoscaler-upscale-delay` and `horizontal-pod-autoscaler-downscale-delay` flags have been removed (deprecated and non-functional since v1.12). ([#124948](https://github.com/kubernetes/kubernetes/pull/124948), [@SataQiu](https://github.com/SataQiu)) [SIG API Machinery, Apps and Autoscaling] +- Made kube-proxy Windows service control manager integration(--windows-service) configurable in v1alpha1 component configuration via `WindowsRunAsService` field. ([#126072](https://github.com/kubernetes/kubernetes/pull/126072), [@aroradaman](https://github.com/aroradaman)) [SIG Network and Scalability] - PersistentVolumeLastPhaseTransitionTime feature is stable and enabled by default. ([#124969](https://github.com/kubernetes/kubernetes/pull/124969), [@RomanBednar](https://github.com/RomanBednar)) [SIG API Machinery, Apps, Storage and Testing] -- Support fine-grained supplemental groups policy (KEP-3619), which enables fine-grained control for supplementary groups in the first container processes. You can choose whether to include groups defined in the container image(/etc/groups) for the container's primary uid or not. ([#117842](https://github.com/kubernetes/kubernetes/pull/117842), [@everpeace](https://github.com/everpeace)) [SIG API Machinery, Apps and Node] +- Promoted LocalStorageCapacityIsolation to Beta and enable if user namespace is enabled for the pod. ([#126014](https://github.com/kubernetes/kubernetes/pull/126014), [@PannagaRao](https://github.com/PannagaRao)) [SIG Apps, Autoscaling, Node, Storage and Testing] +- Promoted StatefulSetStartOrdinal to stable. This means `--feature-gates=StatefulSetStartOrdinal=true` are not needed on kube-apiserver and kube-controller-manager binaries and they'll be removed soon following policy at https://kubernetes.io/docs/reference/using-api/deprecation-policy/#deprecation. ([#125374](https://github.com/kubernetes/kubernetes/pull/125374), [@pwschuurman](https://github.com/pwschuurman)) [SIG API Machinery, Apps and Testing] +- Promoted feature-gate `VolumeAttributesClass` to Beta (disabled by default). Users need to enable the feature gate and the storage v1beta1 group to use this new feature. + - Promoted API `VolumeAttributesClass` and `VolumeAttributesClassList` to `storage.k8s.io/v1beta1`. ([#126145](https://github.com/kubernetes/kubernetes/pull/126145), [@carlory](https://github.com/carlory)) [SIG API Machinery, Apps, CLI, Etcd, Storage and Testing] +- Removed deprecated command flags --volume-host-cidr-denylist + and --volume-host-allow-local-loopback from kube-controller-manager. + ([#124017](https://github.com/kubernetes/kubernetes/pull/124017), [@carlory](https://github.com/carlory)) [SIG API Machinery, Apps, Cloud Provider and Storage] +- Removed feature gate `CustomResourceValidationExpressions`. ([#126136](https://github.com/kubernetes/kubernetes/pull/126136), [@cici37](https://github.com/cici37)) [SIG API Machinery, Cloud Provider and Testing] +- Reverted "Move ConsistentListFromCache feature flag to Beta and enable it by default". ([#126139](https://github.com/kubernetes/kubernetes/pull/126139), [@enj](https://github.com/enj)) +- Revised the Pod API with Alpha support for volumes derived from OCI artifacts. This feature is behind the `ImageVolume` feature gate. ([#125660](https://github.com/kubernetes/kubernetes/pull/125660), [@saschagrunert](https://github.com/saschagrunert)) [SIG API Machinery, Apps and Node] +- Supported fine-grained supplemental groups policy (KEP-3619), which enabled + fine-grained control for supplementary groups in the first container processes. + This allows you to choose whether to include groups defined in the container image (/etc/groups) + for the container's primary UID or not. ([#117842](https://github.com/kubernetes/kubernetes/pull/117842), [@everpeace](https://github.com/everpeace)) [SIG API Machinery, Apps and Node] - The (alpha) nftables mode of kube-proxy now requires version 1.0.1 or later of the nft command-line, and kernel 5.13 or later. (For testing/development purposes, you can use older kernels, as far back as 5.4, if you set the `nftables.skipKernelVersionCheck` option in the kube-proxy config, but this is not recommended in production since it may cause problems with other nftables users on the system.) ([#124152](https://github.com/kubernetes/kubernetes/pull/124152), [@danwinship](https://github.com/danwinship)) [SIG Network] -- The kube-proxy nodeportAddresses / --nodeport-addresses option now - accepts the value "primary", meaning to only listen for NodePort connections - on the node's primary IPv4 and/or IPv6 address (according to the Node object). - This is strongly recommended, if you were not previously using - --nodeport-addresses, to avoid surprising behavior. - - (This behavior is enabled by default with the nftables backend; you would - need to explicitly request `--nodeport-addresses 0.0.0.0/0,::/0` there to get - the traditional "listen on all interfaces" behavior.) ([#123105](https://github.com/kubernetes/kubernetes/pull/123105), [@danwinship](https://github.com/danwinship)) [SIG API Machinery, Network and Windows] -- Update the feature MultiCIDRServiceAllocator to beta (disabled by default). Users need to enable the feature gate and the networking v1beta1 group to be able to use this new feature, that allows to dynamically reconfigure Service CIDR ranges. ([#125021](https://github.com/kubernetes/kubernetes/pull/125021), [@aojea](https://github.com/aojea)) [SIG API Machinery, Apps, CLI, Etcd, Instrumentation, Network and Testing] -- Use omitempty for optional Job Pod Failure Policy fields ([#126046](https://github.com/kubernetes/kubernetes/pull/126046), [@mimowo](https://github.com/mimowo)) [SIG Apps] +- To enhance usability and developer experience, CRD validation rules now support direct use of (CEL) reserved keywords as field names in object validation expressions for existing expressions in storage, will fully support runtime in next release for compatibility concern. ([#126188](https://github.com/kubernetes/kubernetes/pull/126188), [@cici37](https://github.com/cici37)) [SIG API Machinery and Testing] +- Updated the feature MultiCIDRServiceAllocator to beta (disabled by default). Users need to enable the feature gate and the networking v1beta1 group to be able to use this new feature, that allows to dynamically reconfigure Service CIDR ranges. ([#125021](https://github.com/kubernetes/kubernetes/pull/125021), [@aojea](https://github.com/aojea)) [SIG API Machinery, Apps, CLI, Etcd, Instrumentation, Network and Testing] +- Use omitempty for optional Job Pod Failure Policy fields. ([#126046](https://github.com/kubernetes/kubernetes/pull/126046), [@mimowo](https://github.com/mimowo)) - User can choose a different static policy option `SpreadPhysicalCPUsPreferredOption` to spread cpus across physical cpus for some specific applications ([#123733](https://github.com/kubernetes/kubernetes/pull/123733), [@Jeffwan](https://github.com/Jeffwan)) [SIG Node] - When the featuregate AnonymousAuthConfigurableEndpoints is enabled users can update the AuthenticationConfig file with endpoints for with anonymous requests are alllowed. ([#124917](https://github.com/kubernetes/kubernetes/pull/124917), [@vinayakankugoyal](https://github.com/vinayakankugoyal)) [SIG API Machinery, Auth, Cloud Provider, Node and Testing] ### Feature -- --custom flag in kubectl debug will be enabled by default and yaml support is added ([#125333](https://github.com/kubernetes/kubernetes/pull/125333), [@ardaguclu](https://github.com/ardaguclu)) [SIG CLI and Testing] +- 'kubeadm: enhanced the "patches" functionality to be able to patch coredns + deployment. The new patch target is called "corednsdeployment" (e.g. patch file + "corednsdeployment+json.json"). This makes it possible to apply custom patches + to coredns deployment during "init" and "upgrade".' ([#124820](https://github.com/kubernetes/kubernetes/pull/124820), [@SataQiu](https://github.com/SataQiu)) [SIG Cluster Lifecycle] +- 'kubeadm: marked the flag "--experimental-output'' as deprecated (it will + be removed in a future release) and added a new flag ''--output" that serves the + same purpose. Affected commands are - "kubeadm config images list", "kubeadm token + list", "kubeadm upgrade plan", "kubeadm certs check-expiration".' ([#124393](https://github.com/kubernetes/kubernetes/pull/124393), [@carlory](https://github.com/carlory)) [SIG Cluster Lifecycle] +- ACTION REQUIRED for custom scheduler plugin developers: + `EventsToRegister` in the `EnqueueExtensions` interface gets `ctx` in the parameters and `error` in the return values. + Please change your plugins' implementation accordingly. ([#126113](https://github.com/kubernetes/kubernetes/pull/126113), [@googs1025](https://github.com/googs1025)) [SIG Node, Scheduling, Storage and Testing] - Add --for=create option to kubectl wait ([#125868](https://github.com/kubernetes/kubernetes/pull/125868), [@soltysh](https://github.com/soltysh)) [SIG CLI and Testing] -- Add Extra.DisableAvailableConditionController for Generic Control Plane setup in kube-aggregator ([#125650](https://github.com/kubernetes/kubernetes/pull/125650), [@mjudeikis](https://github.com/mjudeikis)) [SIG API Machinery] -- Add `--keep-*` flags to `kubectl debug`, which enables to control the removal of probes, labels, annotations and initContainers from copy pod. ([#123149](https://github.com/kubernetes/kubernetes/pull/123149), [@mochizuki875](https://github.com/mochizuki875)) [SIG CLI and Testing] - Add a TopologyManager policy option: max-allowable-numa-nodes to configures maxAllowableNUMANodes for kubelet. ([#124148](https://github.com/kubernetes/kubernetes/pull/124148), [@cyclinder](https://github.com/cyclinder)) [SIG Node and Testing] -- Add a warning log, an event for cgroup v1 usage and a metric for cgroup version. ([#125328](https://github.com/kubernetes/kubernetes/pull/125328), [@harche](https://github.com/harche)) [SIG Node] -- Add apiserver.latency.k8s.io/apf-queue-wait annotation to the audit log to record the time spent waiting in apf queue ([#123919](https://github.com/kubernetes/kubernetes/pull/123919), [@hakuna-matatah](https://github.com/hakuna-matatah)) [SIG API Machinery] -- Add field management support to the fake client-go typed client. - Use `fake.NewClientset()` instead of `fake.NewSimpleClientset()` to create a clientset with managed field support. ([#125560](https://github.com/kubernetes/kubernetes/pull/125560), [@jpbetz](https://github.com/jpbetz)) [SIG API Machinery, Auth, Instrumentation and Testing] -- Add the` WatchList` method to the `rest client` in `client-go`. When used, it establishes a stream to obtain a consistent snapshot of data from the server. This method is meant to be used by the generated client. ([#122657](https://github.com/kubernetes/kubernetes/pull/122657), [@p0lyn0mial](https://github.com/p0lyn0mial)) [SIG API Machinery] +- Added Custom resource field selectors in beta and enabled them by default. Check out https://github.com/kubernetes/enhancements/issues/4358 for more details. ([#124681](https://github.com/kubernetes/kubernetes/pull/124681), [@jpbetz](https://github.com/jpbetz)) [SIG API Machinery, Auth and Testing] +- Added Extra.DisableAvailableConditionController for Generic Control Plane setup. ([#125650](https://github.com/kubernetes/kubernetes/pull/125650), [@mjudeikis](https://github.com/mjudeikis)) [SIG API Machinery] - Added OCI VolumeSource Container Runtime Interface API fields and types. ([#125659](https://github.com/kubernetes/kubernetes/pull/125659), [@saschagrunert](https://github.com/saschagrunert)) [SIG Node] +- Added `--keep-*` flags to `kubectl debug`, which enables to control the removal + of probes, labels, annotations and initContainers from copy pod. ([#123149](https://github.com/kubernetes/kubernetes/pull/123149), [@mochizuki875](https://github.com/mochizuki875)) [SIG CLI and Testing] - Added `cri-client` staging repository. ([#123797](https://github.com/kubernetes/kubernetes/pull/123797), [@saschagrunert](https://github.com/saschagrunert)) [SIG API Machinery, Node, Release and Testing] +- Added `storage_class` and `volume_attributes_class` labels to `pv_collector_bound_pvc_count` and `pv_collector_unbound_pvc_count` metrics. ([#126166](https://github.com/kubernetes/kubernetes/pull/126166), [@AndrewSirenko](https://github.com/AndrewSirenko)) [SIG Apps, Instrumentation, Storage and Testing] +- Added a feature to report an event to pod if kubelet does `attach operation failed` when kubelet is running with `--enable-controller-attach-detach=false`. ([#124884](https://github.com/kubernetes/kubernetes/pull/124884), [@carlory](https://github.com/carlory)) +- Added a warning log, an event for cgroup v1 usage and a metric for cgroup version. ([#125328](https://github.com/kubernetes/kubernetes/pull/125328), [@harche](https://github.com/harche)) +- Added apiserver.latency.k8s.io/apf-queue-wait annotation to the audit log + to record the time spent waiting in APF queue. ([#123919](https://github.com/kubernetes/kubernetes/pull/123919), [@hakuna-matatah](https://github.com/hakuna-matatah)) +- Added check for etcd version to warn about deprecated etcd versions if `ConsistentListFromCache` is enabled. ([#124612](https://github.com/kubernetes/kubernetes/pull/124612), [@ah8ad3](https://github.com/ah8ad3)) [SIG API Machinery] +- Added completion for `kubectl set image`. ([#124592](https://github.com/kubernetes/kubernetes/pull/124592), [@ah8ad3](https://github.com/ah8ad3)) [SIG CLI] +- Added field management support to the fake client-go typed client. + Use `fake.NewClientset()` instead of `fake.NewSimpleClientset()` to create a clientset with managed field support. ([#125560](https://github.com/kubernetes/kubernetes/pull/125560), [@jpbetz](https://github.com/jpbetz)) [SIG API Machinery, Auth, Instrumentation and Testing] - Added flag to `kubectl logs` called `--all-pods` to get all pods from a object that uses a pod selector. ([#124732](https://github.com/kubernetes/kubernetes/pull/124732), [@cmwylie19](https://github.com/cmwylie19)) [SIG CLI and Testing] -- Added namespace autocompletion for kubectl config set-context command ([#124994](https://github.com/kubernetes/kubernetes/pull/124994), [@TessaIO](https://github.com/TessaIO)) [SIG CLI] -- Added ports autocompletion for kubectl port-foward command ([#124683](https://github.com/kubernetes/kubernetes/pull/124683), [@TessaIO](https://github.com/TessaIO)) [SIG CLI] +- Added namespace autocompletion for `kubectl config set-context` command. ([#124994](https://github.com/kubernetes/kubernetes/pull/124994), [@TessaIO](https://github.com/TessaIO)) [SIG CLI] +- Added ports autocompletion for kubectl port-foward command. ([#124683](https://github.com/kubernetes/kubernetes/pull/124683), [@TessaIO](https://github.com/TessaIO)) [SIG CLI] +- Added support for CEL(Common Expression Language) expressions and `additionalProperties` to be used under nested quantifiers in CRD schemas. ([#124381](https://github.com/kubernetes/kubernetes/pull/124381), [@alexzielenski](https://github.com/alexzielenski)) [SIG API Machinery] - Added support for building Windows kube-proxy container image. A container image for kube-proxy on Windows can now be built with the command `make release-images KUBE_BUILD_WINDOWS=y`. The Windows kube-proxy image can be used with Windows Host Process Containers. ([#109939](https://github.com/kubernetes/kubernetes/pull/109939), [@claudiubelu](https://github.com/claudiubelu)) [SIG Windows] -- Adds completion for `kubectl set image`. ([#124592](https://github.com/kubernetes/kubernetes/pull/124592), [@ah8ad3](https://github.com/ah8ad3)) [SIG CLI] -- Allow creating ServiceAccount tokens bound to Node objects. +- Added support for kube-proxy iptables mode to track packets that were wrongfully marked invalid by conntrack and subsequently dropped by introducing `kubeproxy_iptables_ct_state_invalid_dropped_packets_total` metric. ([#122812](https://github.com/kubernetes/kubernetes/pull/122812), [@aroradaman](https://github.com/aroradaman)) [SIG Instrumentation, Network and Testing] +- Added the `WatchList` method to the `rest client` in `client-go`. When used, + it establishes a stream to obtain a consistent snapshot of data from the server. + This method is meant to be used by the generated client. ([#122657](https://github.com/kubernetes/kubernetes/pull/122657), [@p0lyn0mial](https://github.com/p0lyn0mial)) [SIG API Machinery] +- Added the ability to the kubelet server to dynamically load certificate files. ([#124574](https://github.com/kubernetes/kubernetes/pull/124574), [@zhangweikop](https://github.com/zhangweikop)) [SIG Auth and Node] +- Allowed creating ServiceAccount tokens bound to Node objects. This allows users to bind a service account token's validity to a named Node object, similar to Pod bound tokens. Use with `kubectl create token --bound-object-kind=Node --bound-object-node=`. ([#125238](https://github.com/kubernetes/kubernetes/pull/125238), [@munnerz](https://github.com/munnerz)) [SIG Auth and CLI] +- Built Kubernetes with Go 1.22.3. ([#124828](https://github.com/kubernetes/kubernetes/pull/124828), [@cpanato](https://github.com/cpanato)) [SIG Release and Testing] +- Built Kubernetes with Go 1.22.4. ([#125363](https://github.com/kubernetes/kubernetes/pull/125363), [@cpanato](https://github.com/cpanato)) [SIG Architecture, Cloud Provider, Release, Storage and Testing] +- Built kubernetes with `Go 1.23rc2`. ([#126047](https://github.com/kubernetes/kubernetes/pull/126047), [@cpanato](https://github.com/cpanato)) [SIG Release and Testing] - Bump the KubeletCgroupDriverFromCRI feature gate to beta and true by default. The kubelet will continue to use its KubeletConfiguration field as a fallback if the CRI implementation doesn't support this feature. ([#125828](https://github.com/kubernetes/kubernetes/pull/125828), [@haircommander](https://github.com/haircommander)) [SIG Node] -- CEL default compatibility environment version to updated to 1.30 so that the extended libraries added before 1.30 is available to use. ([#124779](https://github.com/kubernetes/kubernetes/pull/124779), [@cici37](https://github.com/cici37)) [SIG API Machinery] -- CEL expressions and `additionalProperties` are now allowed to be used under nested quantifiers in CRD schemas ([#124381](https://github.com/kubernetes/kubernetes/pull/124381), [@alexzielenski](https://github.com/alexzielenski)) [SIG API Machinery] -- CEL: add name formats library ([#123572](https://github.com/kubernetes/kubernetes/pull/123572), [@alexzielenski](https://github.com/alexzielenski)) [SIG API Machinery] -- Checking etcd version to warn about deprecated etcd versions if `ConsistentListFromCache` is enabled. ([#124612](https://github.com/kubernetes/kubernetes/pull/124612), [@ah8ad3](https://github.com/ah8ad3)) [SIG API Machinery] +- CEL: added name formats library. ([#123572](https://github.com/kubernetes/kubernetes/pull/123572), [@alexzielenski](https://github.com/alexzielenski)) [SIG API Machinery] +- Changed Linux swap handling to restrict access to swap for containers in high priority Pods. + New Pods that have a node- or cluster-critical priority are prohibited from accessing swap on Linux, + even if your cluster and node configuration could otherwise allow this. ([#125277](https://github.com/kubernetes/kubernetes/pull/125277), [@iholder101](https://github.com/iholder101)) [SIG Node and Testing] - Client-go/reflector: warns when the bookmark event for initial events hasn't been received ([#124614](https://github.com/kubernetes/kubernetes/pull/124614), [@p0lyn0mial](https://github.com/p0lyn0mial)) [SIG API Machinery] -- Continue streaming kubelet logs when the CRI server of the runtime is unavailable. ([#124025](https://github.com/kubernetes/kubernetes/pull/124025), [@saschagrunert](https://github.com/saschagrunert)) [SIG Node] -- Custom resource field selectors are now in beta and enabled by default. Check out https://github.com/kubernetes/enhancements/issues/4358 for more details. ([#124681](https://github.com/kubernetes/kubernetes/pull/124681), [@jpbetz](https://github.com/jpbetz)) [SIG API Machinery, Auth and Testing] +- Continued streaming kubelet logs when the CRI server of the runtime was unavailable. ([#124025](https://github.com/kubernetes/kubernetes/pull/124025), [@saschagrunert](https://github.com/saschagrunert)) [SIG Node] - Delay setting terminal Job conditions until all pods are terminal. Additionally, the FailureTarget condition is also added to the Job object in the first Job @@ -128,15 +193,21 @@ 1. the count of ready pods is less or equal than active 2. when transitioning to terminal phase for Job, the number of terminating pods is 0 3. terminal Job conditions (Failed and Complete) should be preceded by adding the corresponding interim conditions: FailureTarget and SuccessCriteriaMet ([#125510](https://github.com/kubernetes/kubernetes/pull/125510), [@mimowo](https://github.com/mimowo)) [SIG Apps and Testing] -- Dependencies: start using registry.k8s.io/pause:3.10 ([#125112](https://github.com/kubernetes/kubernetes/pull/125112), [@neolit123](https://github.com/neolit123)) [SIG CLI, Cloud Provider, Cluster Lifecycle, Node, Release, Testing and Windows] -- ElasticIndexedJob is graduated to GA ([#125751](https://github.com/kubernetes/kubernetes/pull/125751), [@ahg-g](https://github.com/ahg-g)) [SIG Apps and Testing] -- Feature gates for PortForward (kubectl port-forward) over WebSockets are now enabled by default (Beta). - - Server-side feature gate: PortForwardWebsocket - - Client-side (kubectl) feature gate: PORT_FORWARD_WEBSOCKETS environment variable - - To turn off PortForward over WebSockets for kubectl, the environment variable feature gate must be explicitly set - PORT_FORWARD_WEBSOCKETS=false ([#125528](https://github.com/kubernetes/kubernetes/pull/125528), [@seans3](https://github.com/seans3)) [SIG API Machinery and CLI] -- Graduated support for CDI device IDs to general availability. The `DevicePluginCDIDevices` feature gate is now enabled unconditionally. ([#123315](https://github.com/kubernetes/kubernetes/pull/123315), [@bart0sh](https://github.com/bart0sh)) [SIG Node] -- Graduates the `WatchList` feature gate to Beta for kube-apiserver and enables `WatchListClient` for KCM. ([#125591](https://github.com/kubernetes/kubernetes/pull/125591), [@p0lyn0mial](https://github.com/p0lyn0mial)) [SIG API Machinery and Testing] -- Improve memory usage of kube-apiserver by dropping the `.metadata.managedFields` field that self-requested informers of kube-apiserver doesn't need. ([#124667](https://github.com/kubernetes/kubernetes/pull/124667), [@linxiulei](https://github.com/linxiulei)) [SIG API Machinery] +- Dependencies: started using registry.k8s.io/pause:3.10. ([#125112](https://github.com/kubernetes/kubernetes/pull/125112), [@neolit123](https://github.com/neolit123)) [SIG CLI, Cloud Provider, Cluster Lifecycle, Node, Release, Testing and Windows] +- Enabled feature gates for PortForward (kubectl port-forward) over WebSockets by default (beta). + - Server-side feature gate: PortForwardWebsocket + - Client-side (kubectl) feature gate: PORT_FORWARD_WEBSOCKETS environment variable + - To turn off PortForward over WebSockets for kubectl, the environment variable feature gate must be explicitly set - PORT_FORWARD_WEBSOCKETS=false ([#125528](https://github.com/kubernetes/kubernetes/pull/125528), [@seans3](https://github.com/seans3)) [SIG API Machinery and CLI] +- Enforced kubelet to request serving certificates only once it has at least one IP address in the `.status.addresses` of its associated Node object. This avoids requesting DNS-only serving certificates before externally set addresses are in place. Until 1.33, the previous behavior can be opted back into by setting the deprecated AllowDNSOnlyNodeCSR feature gate to true in the kubelet. ([#125813](https://github.com/kubernetes/kubernetes/pull/125813), [@aojea](https://github.com/aojea)) [SIG Auth, Cloud Provider and Node] +- Fixed a missing behavior where Windows nodes did not implement memory-pressure eviction. ([#122922](https://github.com/kubernetes/kubernetes/pull/122922), [@marosset](https://github.com/marosset)) [SIG Node, Testing and Windows] +- Graduated Kubernetes' support for AppArmor to GA. ([#125257](https://github.com/kubernetes/kubernetes/pull/125257), [@vinayakankugoyal](https://github.com/vinayakankugoyal)) [SIG Apps, Node and Testing] +- Graduated support for Container Device Interface (CDI) device IDs to general availability. The `DevicePluginCDIDevices` feature gate is now enabled unconditionally. ([#123315](https://github.com/kubernetes/kubernetes/pull/123315), [@bart0sh](https://github.com/bart0sh)) [SIG Node] +- Graduated the `WatchList` feature gate to beta for kube-apiserver and enabled `WatchListClient` for kube-controller-manager (KCM). ([#125591](https://github.com/kubernetes/kubernetes/pull/125591), [@p0lyn0mial](https://github.com/p0lyn0mial)) [SIG API Machinery and Testing] +- If the feature-gate VolumeAttributesClass is enabled, when finding a suitable persistent volume for a claim, the kube-controller-manager will be aware of the `volumeAttributesClassName` field of PVC and PV objects. The `volumeAttributesClassName` field is a reference to a VolumeAttributesClass object, which contains a set of key-value pairs that present mutable attributes of the volume. It's forbidden to change the `volumeAttributesClassName` field of a PVC object until the PVC is bound to a PV object. During the binding process, if a PVC has a `volumeAttributesClassName` field set, the controller will only consider volumes that have the same `volumeAttributesClassName` as the PVC. If the `volumeAttributesClassName` field is not set or set to an empty string, only volumes with empty `volumeAttributesClassName` will be considered. ([#121902](https://github.com/kubernetes/kubernetes/pull/121902), [@carlory](https://github.com/carlory)) [SIG Apps, Scheduling, Storage and Testing] +- Implemented `event_handling_duration_seconds` metric, which is the time the scheduler takes to handle each kind of events. ([#125929](https://github.com/kubernetes/kubernetes/pull/125929), [@sanposhiho](https://github.com/sanposhiho)) +- Implemented `queueing_hint_execution_duration_seconds` metric, which is the time the QueueingHint function takes. ([#126227](https://github.com/kubernetes/kubernetes/pull/126227), [@sanposhiho](https://github.com/sanposhiho)) +- Implemented new cluster events UpdatePodScaleDown and UpdatePodLabel for scheduler plugins. ([#122628](https://github.com/kubernetes/kubernetes/pull/122628), [@sanposhiho](https://github.com/sanposhiho)) +- Improved memory usage of kube-apiserver by dropping`.metadata.managedFields` field that self-requested informers of kube-apiserver didn't need. ([#124667](https://github.com/kubernetes/kubernetes/pull/124667), [@linxiulei](https://github.com/linxiulei)) [SIG API Machinery] - In the client-side apply on create, defining the null value as "delete the key associated with this value". ([#125646](https://github.com/kubernetes/kubernetes/pull/125646), [@HirazawaUi](https://github.com/HirazawaUi)) [SIG API Machinery, CLI and Testing] - Introduces new functionality to the client-go's `List` method, allowing users to enable API streaming. To activate this feature, users can set the `client-go.WatchListClient` feature gate. @@ -144,20 +215,23 @@ - Introduces new functionality to the dynamic client's `List` method, allowing users to enable API streaming. To activate this feature, users can set the `client-go.WatchListClient` feature gate. It is important to note that the server must support streaming for this feature to function properly. If streaming is not supported by the server, the client will revert to using the normal `LIST` method to obtain data. ([#125305](https://github.com/kubernetes/kubernetes/pull/125305), [@p0lyn0mial](https://github.com/p0lyn0mial)) [SIG API Machinery and Testing] -- KEP-3857: promote RecursiveReadOnlyMounts feature to beta ([#125475](https://github.com/kubernetes/kubernetes/pull/125475), [@AkihiroSuda](https://github.com/AkihiroSuda)) [SIG Node] -- Kube-apiserver: http/2 serving can be disabled with a `--disable-http2-serving` flag ([#122176](https://github.com/kubernetes/kubernetes/pull/122176), [@slashpai](https://github.com/slashpai)) [SIG API Machinery] -- Kube-proxy's nftables mode (--proxy-mode=nftables) is now beta and available by default. - - FIXME ADD MORE HERE BEFORE THE RELEASE, DOCS LINKS AND STUFF ([#124383](https://github.com/kubernetes/kubernetes/pull/124383), [@danwinship](https://github.com/danwinship)) [SIG Cloud Provider and Network] -- Kube-scheduler implements scheduling hints for the CSILimit plugin. - The scheduling hints allow the scheduler to retry scheduling a Pod that was previously rejected by the CSILimit plugin if a deleted pod has a PVC from the same driver. ([#121508](https://github.com/kubernetes/kubernetes/pull/121508), [@utam0k](https://github.com/utam0k)) [SIG Scheduling and Storage] -- Kube-scheduler implements scheduling hints for the InterPodAffinity plugin. - The scheduling hints allow the scheduler to retry scheduling a Pod - that was previously rejected by the InterPodAffinity plugin if create/delete/update a related Pod or a node which matches the pod affinity. ([#122471](https://github.com/kubernetes/kubernetes/pull/122471), [@nayihz](https://github.com/nayihz)) [SIG Scheduling and Testing] +- KEP-3857: promoted RecursiveReadOnlyMounts feature to beta. ([#125475](https://github.com/kubernetes/kubernetes/pull/125475), [@AkihiroSuda](https://github.com/AkihiroSuda)) [SIG Node] +- Kube-apiserver: Added support to disable http/2 serving with a `--disable-http2-serving` flag. + ([#122176](https://github.com/kubernetes/kubernetes/pull/122176), [@slashpai](https://github.com/slashpai)) [SIG API Machinery] +- Kube-apiserver: when the Alpha `UserNamespacesPodSecurityStandards` feature gate is enabled, Pod Security Admission enforcement of the baseline policy now allows `procMount=Unmasked` for user namespace pods that set `hostUsers=false`. ([#126163](https://github.com/kubernetes/kubernetes/pull/126163), [@haircommander](https://github.com/haircommander)) +- Kube-proxy's nftables mode (--proxy-mode=nftables) is now beta and available by default. ([#124383](https://github.com/kubernetes/kubernetes/pull/124383), [@danwinship](https://github.com/danwinship)) [SIG Cloud Provider and Network] +- Kube-scheduler implemented scheduling hints for the CSILimit plugin. + The scheduling hints allow the scheduler to retry scheduling a Pod that was previously rejected by the CSILimit plugin if a deleted pod has a PersistantVolumeClaim (PVC) from the same driver. ([#121508](https://github.com/kubernetes/kubernetes/pull/121508), [@utam0k](https://github.com/utam0k)) [SIG Scheduling and Storage] +- Kube-scheduler implemented scheduling hints for the VolumeBinding plugin. + The scheduling hints allow the scheduler to retry scheduling a Pod that was previously rejected by the VolumeBinding plugin only if a new resource referenced by the plugin was created or an existing resource referenced by the plugin was updated. ([#124959](https://github.com/kubernetes/kubernetes/pull/124959), [@bells17](https://github.com/bells17)) [SIG Scheduling and Storage] +- Kube-scheduler implemented scheduling hints for the VolumeBinding plugin. + The scheduling hints allow the scheduler to retry scheduling a Pod that was previously rejected by the VolumeBinding plugin only if a new resource referenced by the plugin was created or an existing resource referenced by the plugin was updated. ([#124961](https://github.com/kubernetes/kubernetes/pull/124961), [@bells17](https://github.com/bells17)) [SIG Scheduling and Storage] +- Kube-scheduler implemented scheduling hints for the VolumeRestriction plugin. + Scheduling hints allow the scheduler to retry scheduling Pods that were previously rejected by the VolumeRestriction plugin if the Pod is deleted and the deleted Pod conflicts with the existing volumes of the current Pod. ([#125279](https://github.com/kubernetes/kubernetes/pull/125279), [@HirazawaUi](https://github.com/HirazawaUi)) [SIG Scheduling and Storage] +- Kube-scheduler implementedscheduling hints for the VolumeBinding plugin. + The scheduling hints allow the scheduler to retry scheduling a Pod that was previously rejected by the VolumeBinding plugin only if a new resource referenced by the plugin was created or an existing resource referenced by the plugin was updated. ([#124958](https://github.com/kubernetes/kubernetes/pull/124958), [@bells17](https://github.com/bells17)) [SIG Scheduling and Storage] - Kube-scheduler implements scheduling hints for the VolumeRestriction plugin. Scheduling hints allow the scheduler to retry scheduling Pods that were previously rejected by the VolumeRestriction plugin if a new pvc added, and the pvc belongs to pod. ([#125280](https://github.com/kubernetes/kubernetes/pull/125280), [@HirazawaUi](https://github.com/HirazawaUi)) [SIG Scheduling and Storage] -- Kube-scheduler implements scheduling hints for the VolumeRestriction plugin. - Scheduling hints allow the scheduler to retry scheduling Pods that were previously rejected by the VolumeRestriction plugin if the Pod is deleted and the deleted Pod conflicts with the existing volumes of the current Pod. ([#125279](https://github.com/kubernetes/kubernetes/pull/125279), [@HirazawaUi](https://github.com/HirazawaUi)) [SIG Scheduling and Storage] - Kube-scheduler implements scheduling hints for the VolumeZone plugin. The scheduling hints allow the scheduler to only retry scheduling a Pod that was previously rejected by the VolemeZone plugin if addition/update of node, @@ -170,8 +244,17 @@ The scheduling hints allow the scheduler to only retry scheduling a Pod that was previously rejected by the VolemeZone plugin if addition/update of node, addition/update of PV, addition/update of PVC, or addition of SC matches pod's topology settings. ([#125001](https://github.com/kubernetes/kubernetes/pull/125001), [@Gekko0114](https://github.com/Gekko0114)) [SIG Scheduling and Storage] -- Kubeadm: added the ControlPlaneKubeletLocalMode feature gate. It can be used to tell kubeadm to use the local kube-apiserver endpoint for the kubelet when creating a cluster with "kubeadm init" or when joining control plane nodes with "kubeadm join". The "kubeadm join" workflow now includes two new experimental phases called "control-plane-join-etcd" and "kubelet-wait-bootstrap" which will be used when the feature gate is enabled. This phases will be marked as non-experimental when ControlPlaneKubeletLocalMode becomes GA. During "kubeadm upgrade" commands, if the feature gate is enabled, modify the "/etc/kubernetes/kubelet.conf " to use the local kube-apiserver endpoint. This upgrade mechanism will be removed once the feature gate goes GA and is hardcoded to true. ([#125582](https://github.com/kubernetes/kubernetes/pull/125582), [@chrischdi](https://github.com/chrischdi)) [SIG Cluster Lifecycle] -- Kubeadm: during "upgrade" , if the "etcd.yaml" static pod does not need upgrade, still consider rotating the etcd certificates and restarting the etcd static pod if the "kube-apiserver.yaml" manifest is to be upgraded and if certificate renewal is not disabled. ([#124688](https://github.com/kubernetes/kubernetes/pull/124688), [@neolit123](https://github.com/neolit123)) [SIG Cluster Lifecycle] +- Kubeadm: Ensured that during "upgrade" , if the "etcd.yaml" static pod did not need upgrade, still consider rotating the etcd certificates and restarting the etcd static pod if the "kube-apiserver.yaml" manifest was to be upgraded and if certificate renewal was not disabled. ([#124688](https://github.com/kubernetes/kubernetes/pull/124688), [@neolit123](https://github.com/neolit123)) +- Kubeadm: Switched kubeadm to start using the CRI client library instead of shelling out of the `crictl` binary + for actions against a CRI endpoint. The kubeadm deb/rpm packages will continue to install the `cri-tools` + package for one more release, but in you must adapt your scripts to install `crictl` manually from + https://github.com/kubernetes-sigs/cri-tools/releases or a different location. + + The `kubeadm` package will stop depending on the `cri-tools` package in Kubernetes 1.32, which means that + installing `kubeadm` will no longer automatically ensure installation of `crictl`. ([#124685](https://github.com/kubernetes/kubernetes/pull/124685), [@saschagrunert](https://github.com/saschagrunert)) +- Kubeadm: Switched to using the new etcd endpoints introduced in 3.5.11 - /livez (for liveness probe) and /readyz (for readyness and startup probe). With this change it is no longer possible to deploy a custom etcd version older than 3.5.11 with kubeadm 1.31. If so, please upgrade etcd to a supported version. ([#124465](https://github.com/kubernetes/kubernetes/pull/124465), [@neolit123](https://github.com/neolit123)) +- Kubeadm: Used output/v1alpha3 to print structural output for the commands "kubeadm config images list" and "kubeadm token list". ([#124464](https://github.com/kubernetes/kubernetes/pull/124464), [@carlory](https://github.com/carlory)) +- Kubeadm: added the ControlPlaneKubeletLocalMode feature gate. It can be used to tell kubeadm to use the local kube-apiserver endpoint for the kubelet when creating a cluster with "kubeadm init" or when joining control plane nodes with "kubeadm join". The "kubeadm join" workflow now includes two new experimental phases called "control-plane-join-etcd" and "kubelet-wait-bootstrap" which will be used when the feature gate is enabled. This phases will be marked as non-experimental when ControlPlaneKubeletLocalMode becomes GA. During "kubeadm upgrade" commands, if the feature gate is enabled, modify the "/etc/kubernetes/kubelet.conf " to use the local kube-apiserver endpoint. This upgrade mechanism will be removed once the feature gate goes GA and is hardcoded to true. ([#125582](https://github.com/kubernetes/kubernetes/pull/125582), [@chrischdi](https://github.com/chrischdi)) - Kubeadm: enabled the v1beta4 API. For a complete changelog since v1beta3 please see https://kubernetes.io/docs/reference/config-api/kubeadm-config.v1beta4/. The API does include a few breaking changes: @@ -181,166 +264,208 @@ Please use the command "kubeadm config migrate" to migrate your existing v1beta3 configuration to v1beta4. v1beta3 is now marked as deprecated but will continue to be supported until version 1.34 or later. - The storage configuration in the kube-system/kubeadm-config ConfigMap is now a v1beta4 ClusterConfiguration. ([#125029](https://github.com/kubernetes/kubernetes/pull/125029), [@neolit123](https://github.com/neolit123)) [SIG Cluster Lifecycle] -- Kubeadm: enhance the "patches" functionality to be able to patch coredns deployment. The new patch target is called "corednsdeployment" (e.g. patch file "corednsdeployment+json.json"). This makes it possible to apply custom patches to coredns deployment during "init" and "upgrade". ([#124820](https://github.com/kubernetes/kubernetes/pull/124820), [@SataQiu](https://github.com/SataQiu)) [SIG Cluster Lifecycle] -- Kubeadm: mark the flag "--experimental-output' as deprecated (it will be removed in a future release) and add a new flag '--output" that serves the same purpose. Affected commands are - "kubeadm config images list", "kubeadm token list", "kubeadm upgade plan", "kubeadm certs check-expiration". ([#124393](https://github.com/kubernetes/kubernetes/pull/124393), [@carlory](https://github.com/carlory)) [SIG Cluster Lifecycle] -- Kubeadm: switch to using the new etcd endpoints introduced in 3.5.11 - /livez (for liveness probe) and /readyz (for readyness and startup probe). With this change it is no longer possible to deploy a custom etcd version older than 3.5.11 with kubeadm 1.31. If so, please upgrade. ([#124465](https://github.com/kubernetes/kubernetes/pull/124465), [@neolit123](https://github.com/neolit123)) [SIG Cluster Lifecycle] -- Kubeadm: switched kubeadm to start using the CRI client library instead of shelling out of the `crictl` binary - for actions against a CRI endpoint. The kubeadm deb/rpm packages will continue to install the `cri-tools` - package for one more release, but in you must adapt your scripts to install `crictl` manually from - https://github.com/kubernetes-sigs/cri-tools/releases or a different location. - - The `kubeadm` package will stop depending on the `cri-tools` package in Kubernetes 1.32, which means that - installing `kubeadm` will no longer automatically ensure installation of `crictl`. ([#124685](https://github.com/kubernetes/kubernetes/pull/124685), [@saschagrunert](https://github.com/saschagrunert)) [SIG Cluster Lifecycle] -- Kubeadm: use output/v1alpha3 to print structural output for the commands "kubeadm config images list" and "kubeadm token list". ([#124464](https://github.com/kubernetes/kubernetes/pull/124464), [@carlory](https://github.com/carlory)) [SIG Cluster Lifecycle] -- Kubelet server can now dynamically load certificate files ([#124574](https://github.com/kubernetes/kubernetes/pull/124574), [@zhangweikop](https://github.com/zhangweikop)) [SIG Auth and Node] -- Kubelet will not restart the container when fields other than image in the pod spec change. ([#124220](https://github.com/kubernetes/kubernetes/pull/124220), [@HirazawaUi](https://github.com/HirazawaUi)) [SIG Node] + The storage configuration in the kube-system/kubeadm-config ConfigMap is now a v1beta4 ClusterConfiguration. ([#125029](https://github.com/kubernetes/kubernetes/pull/125029), [@neolit123](https://github.com/neolit123)) +- Kubelet would not restart the container when fields other than image in the Pod spec change. pod spec change. ([#124220](https://github.com/kubernetes/kubernetes/pull/124220), [@HirazawaUi](https://github.com/HirazawaUi)) +- Kubelet/stats: set INFO log level for stats not found in cadvisor memory cache error. ([#125656](https://github.com/kubernetes/kubernetes/pull/125656), [@gyuho](https://github.com/gyuho)) - Kubelet: warn instead of error for the unsupported options on Windows "CgroupsPerQOS" and "EnforceNodeAllocatable". ([#123137](https://github.com/kubernetes/kubernetes/pull/123137), [@neolit123](https://github.com/neolit123)) [SIG Node and Windows] -- Kubemark: adds two flags, `--kube-api-qps` and `--kube-api-burst` ([#124147](https://github.com/kubernetes/kubernetes/pull/124147), [@devincd](https://github.com/devincd)) [SIG Scalability] -- Kubernetes is now built with go 1.22.3 ([#124828](https://github.com/kubernetes/kubernetes/pull/124828), [@cpanato](https://github.com/cpanato)) [SIG Release and Testing] -- Kubernetes is now built with go 1.22.4 ([#125363](https://github.com/kubernetes/kubernetes/pull/125363), [@cpanato](https://github.com/cpanato)) [SIG Architecture, Cloud Provider, Release, Storage and Testing] -- Kubernetes is now built with go 1.22.5 ([#125894](https://github.com/kubernetes/kubernetes/pull/125894), [@cpanato](https://github.com/cpanato)) [SIG Release and Testing] -- LogarithmicScaleDown is now GA ([#125459](https://github.com/kubernetes/kubernetes/pull/125459), [@MinpengJin](https://github.com/MinpengJin)) [SIG Apps and Scheduling] -- Move ConsistentListFromCache feature flag to Beta and enable it by default ([#123513](https://github.com/kubernetes/kubernetes/pull/123513), [@serathius](https://github.com/serathius)) [SIG API Machinery and Testing] -- Pause: add a -v flag to the Windows variant of the pause binary, which prints the version of pause and exits. The Linux pause already has the flag. ([#125067](https://github.com/kubernetes/kubernetes/pull/125067), [@neolit123](https://github.com/neolit123)) [SIG Windows] +- Kubemark: added two flags, `--kube-api-qps` which indicates the maximum QPS to the apiserver, and `--kube-api-burst` which indicates maximum burst for throttle to the apiserver. ([#124147](https://github.com/kubernetes/kubernetes/pull/124147), [@devincd](https://github.com/devincd)) +- Kubernetes is now built with go 1.22.5. ([#125894](https://github.com/kubernetes/kubernetes/pull/125894), [@cpanato](https://github.com/cpanato)) [SIG Release and Testing] +- LogarithmicScaleDown is now GA. ([#125459](https://github.com/kubernetes/kubernetes/pull/125459), [@MinpengJin](https://github.com/MinpengJin)) [SIG Apps and Scheduling] +- Moved `ConsistentListFromCache` feature flag to beta and enabled it by default. ([#123513](https://github.com/kubernetes/kubernetes/pull/123513), [@serathius](https://github.com/serathius)) [SIG API Machinery and Testing] - Promote HonorPVReclaimPolicy to beta and enable the feature-gate by default ([#124842](https://github.com/kubernetes/kubernetes/pull/124842), [@carlory](https://github.com/carlory)) [SIG Apps, Storage and Testing] +- Promoted KEP-4191 "Split Image Filesystem" to Beta. ([#126205](https://github.com/kubernetes/kubernetes/pull/126205), [@kwilczynski](https://github.com/kwilczynski)) +- Promoted ProcMountType feature to Beta. ([#125259](https://github.com/kubernetes/kubernetes/pull/125259), [@sohankunkerkar](https://github.com/sohankunkerkar)) - Promoted `generateName` retries to beta, and made the `NameGenerationRetries` feature gate enabled by default. - You can read https://kep.k8s.io/4420 for more details. ([#124673](https://github.com/kubernetes/kubernetes/pull/124673), [@jpbetz](https://github.com/jpbetz)) [SIG API Machinery] -- Promoted the feature gate `KubeProxyDrainingTerminatingNodes` to stable ([#125082](https://github.com/kubernetes/kubernetes/pull/125082), [@alexanderConstantinescu](https://github.com/alexanderConstantinescu)) [SIG Network] -- Scheduler changes its logic of calculating `evaluatedNodes` from "contains the number of nodes that filtered out by PreFilterResult and Filter plugins" to "the number of nodes filtered out by Filter plugins only". ([#124735](https://github.com/kubernetes/kubernetes/pull/124735), [@AxeZhan](https://github.com/AxeZhan)) [SIG Scheduling] -- Services implement a field selector for the ClusterIP and Type fields. - Kubelet uses the fieldselector on Services to avoid watching for Headless Services and reduce the memory consumption. ([#123905](https://github.com/kubernetes/kubernetes/pull/123905), [@aojea](https://github.com/aojea)) [SIG Apps, Node and Testing] + You can read https://kep.k8s.io/4420 for more details. ([#124673](https://github.com/kubernetes/kubernetes/pull/124673), [@jpbetz](https://github.com/jpbetz)) +- Promoted the feature gate `KubeProxyDrainingTerminatingNodes` to stable ([#125082](https://github.com/kubernetes/kubernetes/pull/125082), [@alexanderConstantinescu](https://github.com/alexanderConstantinescu)) +- Promoted the metrics for both VAP and CRD validation rules to Beta. ([#126237](https://github.com/kubernetes/kubernetes/pull/126237), [@cici37](https://github.com/cici37)) [SIG API Machinery and Instrumentation] +- Scheduler changes its logic of calculating `evaluatedNodes` from "contains the number of nodes that filtered out by PreFilterResult and Filter plugins" to "the number of nodes filtered out by Filter plugins only". ([#124735](https://github.com/kubernetes/kubernetes/pull/124735), [@AxeZhan](https://github.com/AxeZhan)) +- Services implemented a field selector for the ClusterIP and Type fields. + The Kubelet uses this field selector to avoid monitoring Headless Services, which helps reduce memory consumption. ([#123905](https://github.com/kubernetes/kubernetes/pull/123905), [@aojea](https://github.com/aojea)) [SIG Apps, Node and Testing] +- Starting in 1.31, `container_engine_t` was added to the list of allowed SELinux types in the baseline Pod Security Standards profile. ([#126165](https://github.com/kubernetes/kubernetes/pull/126165), [@haircommander](https://github.com/haircommander)) - The PodDisruptionBudget `spec.unhealthyPodEvictionPolicy` field has graduated to GA. This field may be set to `AlwaysAllow` to always allow unhealthy pods covered by the PodDisruptionBudget to be evicted. ([#123428](https://github.com/kubernetes/kubernetes/pull/123428), [@atiratree](https://github.com/atiratree)) [SIG Apps, Auth, Node and Testing] - The Service trafficDistribution field has graduated to beta and is now available for configuration by default, without the need to enable any feature flag. Services that do not have the field configured will continue to operate with their existing behavior. Refer to the documentation https://kubernetes.io/docs/concepts/services-networking/service/#traffic-distribution for more details. ([#125838](https://github.com/kubernetes/kubernetes/pull/125838), [@gauravkghildiyal](https://github.com/gauravkghildiyal)) [SIG Network and Testing] -- The feature-gate CSIMigrationPortworx was promoted to beta in Kubernetes 1.25, but turn it off by default. In 1.31, it was turned on by default. Before upgrading to 1.31, please make sure that the corresponding portworx csi driver is installed if you are using Portworx. ([#125016](https://github.com/kubernetes/kubernetes/pull/125016), [@carlory](https://github.com/carlory)) [SIG Storage] +- The feature-gate CSIMigrationPortworx was promoted to beta in Kubernetes 1.25, but turned off by default. In 1.31, it was turned on by default. Before upgrading to 1.31, please make sure that the corresponding portworx csi driver is installed if you are using Portworx. ([#125016](https://github.com/kubernetes/kubernetes/pull/125016), [@carlory](https://github.com/carlory)) [SIG Storage] - The iptables mode of kube-proxy now tracks accepted packets that are destined for node-ports on localhost by introducing `kubeproxy_iptables_localhost_nodeports_accepted_packets_total` metric. This will help users to identify if they rely on iptables.localhostNodePorts feature and ulitmately help them to migrate from iptables to nftables. ([#125015](https://github.com/kubernetes/kubernetes/pull/125015), [@aroradaman](https://github.com/aroradaman)) [SIG Instrumentation, Network and Testing] -- The iptables mode of kube-proxy now tracks packets that are wrongfully marked invalid by conntrack and subsequently dropped by introducing `kubeproxy_iptables_ct_state_invalid_dropped_packets_total` metric ([#122812](https://github.com/kubernetes/kubernetes/pull/122812), [@aroradaman](https://github.com/aroradaman)) [SIG Instrumentation, Network and Testing] -- The name of CEL optional type has been changed from `optional` to `optional_type`. ([#124328](https://github.com/kubernetes/kubernetes/pull/124328), [@jiahuif](https://github.com/jiahuif)) [SIG API Machinery, Architecture, Auth, CLI, Cloud Provider, Network and Node] -- The scheduler implements QueueingHint in TaintToleration plugin, which enhances the throughput of scheduling. ([#124287](https://github.com/kubernetes/kubernetes/pull/124287), [@sanposhiho](https://github.com/sanposhiho)) [SIG Scheduling and Testing] +- The kube-proxy command line flag `--proxy-port-range`, which was previously deprecated and non-functional, has now been removed. ([#126293](https://github.com/kubernetes/kubernetes/pull/126293), [@aroradaman](https://github.com/aroradaman)) [SIG Network] +- The kube-scheduler added scheduling hints for the InterPodAffinity plugin. + These hints allow the scheduler to retry scheduling a Pod + that was previously rejected by the InterPodAffinity plugin if there are changes (create, delete, or update) to a related Pod or a node that matches the pod affinity criteria. ([#122471](https://github.com/kubernetes/kubernetes/pull/122471), [@nayihz](https://github.com/nayihz)) [SIG Scheduling and Testing] +- The name of CEL(Common Expression Language) optional type has been changed from `optional` to `optional_type`. ([#124328](https://github.com/kubernetes/kubernetes/pull/124328), [@jiahuif](https://github.com/jiahuif)) [SIG API Machinery, Architecture, Auth, CLI, Cloud Provider, Network and Node] +- The scheduler implemented QueueingHint in the TaintToleration plugin, enhancing the throughput of scheduling. ([#124287](https://github.com/kubernetes/kubernetes/pull/124287), [@sanposhiho](https://github.com/sanposhiho)) [SIG Scheduling and Testing] - The scheduler implements QueueingHint in VolumeBinding plugin's CSINode event, which enhances the throughput of scheduling. ([#125097](https://github.com/kubernetes/kubernetes/pull/125097), [@YamasouA](https://github.com/YamasouA)) [SIG Scheduling and Storage] -- The sidecar finish time will be accounted when calculating the job's finish time. ([#124942](https://github.com/kubernetes/kubernetes/pull/124942), [@AxeZhan](https://github.com/AxeZhan)) [SIG Apps] -- This PR adds tracing support to the kubelet's read-only endpoint, which currently does not have tracing. It makes use the WithPublicEndpoint option to prevent callers from influencing sampling decisions. ([#121770](https://github.com/kubernetes/kubernetes/pull/121770), [@frzifus](https://github.com/frzifus)) [SIG Node] +- The sidecars' finish time will now be accounted for when calculating the job's finish time. ([#124942](https://github.com/kubernetes/kubernetes/pull/124942), [@AxeZhan](https://github.com/AxeZhan)) [SIG Apps] +- This PR added tracing support to the kubelet's read-only endpoint, which currently + does not have tracing. It makes use of the `WithPublicEndpoint` option to prevent callers + from influencing sampling decisions. ([#121770](https://github.com/kubernetes/kubernetes/pull/121770), [@frzifus](https://github.com/frzifus)) [SIG Node] +- Updated the CEL default compatibility environment version to 1.30, ensuring that extended libraries added before version 1.30 are available for use. ([#124779](https://github.com/kubernetes/kubernetes/pull/124779), [@cici37](https://github.com/cici37)) - Users can traverse all the pods that are in the scheduler and waiting in the permit stage through method `IterateOverWaitingPods`. In other words, all waitingPods in scheduler can be obtained from any profiles. Before this commit, each profile could only obtain waitingPods within that profile. ([#124926](https://github.com/kubernetes/kubernetes/pull/124926), [@kerthcet](https://github.com/kerthcet)) [SIG Scheduling] - Windows Kubeproxy will use the update load balancer API for load balancer updates, instead of the previous delete and create APIs. - Deletion of remote endpoints will be triggered only for terminated endpoints (those present in the old endpoints map but not in the new endpoints map), whereas previously it was also done for terminating endpoints. ([#124092](https://github.com/kubernetes/kubernetes/pull/124092), [@princepereira](https://github.com/princepereira)) [SIG Network and Windows] +- `--custom` flag in `kubectl debug` will be enabled by default and yaml support is added. ([#125333](https://github.com/kubernetes/kubernetes/pull/125333), [@ardaguclu](https://github.com/ardaguclu)) [SIG CLI and Testing] +- `ElasticIndexedJob` is graduated to GA. ([#125751](https://github.com/kubernetes/kubernetes/pull/125751), [@ahg-g](https://github.com/ahg-g)) [SIG Apps and Testing] +- `pause`: Added a `-v` flag to the Windows variant of the pause binary, which + prints the version of pause and exits. The Linux pause binary already has this flag. ([#125067](https://github.com/kubernetes/kubernetes/pull/125067), [@neolit123](https://github.com/neolit123)) ### Failing Test +- Fixed bug in KEP-4191 if feature gate is turned on but container runtime is not configured. ([#126335](https://github.com/kubernetes/kubernetes/pull/126335), [@kannon92](https://github.com/kannon92)) - Fixed issue where following Windows container logs would prevent container log rotation. ([#124444](https://github.com/kubernetes/kubernetes/pull/124444), [@claudiubelu](https://github.com/claudiubelu)) [SIG Node, Testing and Windows] -- Pkg k8s.io/apiserver/pkg/storage/cacher, method (*Cacher) Wait(context.Context) error ([#125450](https://github.com/kubernetes/kubernetes/pull/125450), [@mauri870](https://github.com/mauri870)) [SIG API Machinery] -- Revert "remove legacycloudproviders from staging" ([#124864](https://github.com/kubernetes/kubernetes/pull/124864), [@carlory](https://github.com/carlory)) [SIG Release] +- Introduced `Wait(context.Context) error` method in pkg k8s.io/apiserver/pkg/storage/cacher to improve watch cache initialization resilience. ([#125450](https://github.com/kubernetes/kubernetes/pull/125450), [@mauri870](https://github.com/mauri870)) +- Reverted remove legacycloudproviders from staging. ([#124864](https://github.com/kubernetes/kubernetes/pull/124864), [@carlory](https://github.com/carlory)) ### Bug or Regression -- .status.terminating field now gets tracked faster when active Pods are deleted, specifically when Job is failed, gets suspended or has too many active pods ([#125175](https://github.com/kubernetes/kubernetes/pull/125175), [@dejanzele](https://github.com/dejanzele)) [SIG Apps and Testing] -- Add `/sys/devices/virtual/powercap` to default masked paths. It avoids the potential security risk that the ability to read these files may offer a power-based sidechannel attack against any workloads running on the same kernel. ([#125970](https://github.com/kubernetes/kubernetes/pull/125970), [@carlory](https://github.com/carlory)) [SIG Node] -- Added an extra line between two different key value pairs under data when running kubectl describe configmap ([#123597](https://github.com/kubernetes/kubernetes/pull/123597), [@siddhantvirus](https://github.com/siddhantvirus)) [SIG CLI] -- Allow parameter to be set along with proto file path ([#124281](https://github.com/kubernetes/kubernetes/pull/124281), [@fulviodenza](https://github.com/fulviodenza)) [SIG API Machinery] -- Cel: converting a quantity value into a quantity value failed. ([#123669](https://github.com/kubernetes/kubernetes/pull/123669), [@pohly](https://github.com/pohly)) [SIG API Machinery] -- Client-go/tools/record.Broadcaster: fixed automatic shutdown on WithContext cancellation ([#124635](https://github.com/kubernetes/kubernetes/pull/124635), [@pohly](https://github.com/pohly)) [SIG API Machinery] -- DRA: enhance validation for the ResourceClaimParametersReference and ResourceClassParametersReference with the following rules: - - 1. `apiGroup`: If set, it must be a valid DNS subdomain (e.g. 'example.com'). - 2. `kind` and `name`: It must be valid path segment name. It may not be '.' or '..' and it may not contain '/' and '%' characters. ([#125218](https://github.com/kubernetes/kubernetes/pull/125218), [@carlory](https://github.com/carlory)) [SIG Node] -- DRA: using structured parameters with a claim that gets reused between pods may have led to a claim with an invalid state (allocated without a finalizer) which then caused scheduling of pods using the claim to stop. ([#124931](https://github.com/kubernetes/kubernetes/pull/124931), [@pohly](https://github.com/pohly)) [SIG Node and Scheduling] +- "Fixed the ResourceClaim controller forgetting to wait for `podSchedulingSynced` + and `templatesSynced`." ([#124589](https://github.com/kubernetes/kubernetes/pull/124589), [@carlory](https://github.com/carlory)) [SIG Apps and Node] +- 'kubeadm: Stopped storing the ResolverConfig in the global KubeletConfiguration + and sets it dynamically for each node instead.' ([#124038](https://github.com/kubernetes/kubernetes/pull/124038), [@SataQiu](https://github.com/SataQiu)) +- 'kubeadm: fixed a regression where the KubeletConfiguration is not properly + downloaded during "kubeadm upgrade" command from the kube-system/kubelet-config + ConfigMap, resulting in the local ''/var/lib/kubelet/config.yaml'' file being + written as a defaulted config.' ([#124480](https://github.com/kubernetes/kubernetes/pull/124480), [@neolit123](https://github.com/neolit123)) +- .status.terminating field now gets tracked faster when active Pods are deleted, specifically when Job is failed, gets suspended or has too many active pods. ([#125175](https://github.com/kubernetes/kubernetes/pull/125175), [@dejanzele](https://github.com/dejanzele)) [SIG Apps and Testing] +- Added `/sys/devices/virtual/powercap` to default masked paths. It avoids the potential security risk that the ability to read these files may offer a power-based sidechannel attack against any workloads running on the same kernel. ([#125970](https://github.com/kubernetes/kubernetes/pull/125970), [@carlory](https://github.com/carlory)) +- Added an extra line between two different key value pairs under data when running `kubectl describe configmap`. ([#123597](https://github.com/kubernetes/kubernetes/pull/123597), [@siddhantvirus](https://github.com/siddhantvirus)) +- Added kubectl support for: + - kubectl create secret docker-registry --from-file= + - kubectl create secret docker-registry --from-file=.dockerconfigjson= ([#119589](https://github.com/kubernetes/kubernetes/pull/119589), [@carlory](https://github.com/carlory)) +- Added metrics for the nftables kube-proxy mode rather than it reporting + metrics with "iptables" in their names. ([#124557](https://github.com/kubernetes/kubernetes/pull/124557), [@danwinship](https://github.com/danwinship)) [SIG Network and Windows] +- Allowed calling Stop multiple times on RetryWatcher without panicking. ([#126125](https://github.com/kubernetes/kubernetes/pull/126125), [@mprahl](https://github.com/mprahl)) +- Allowed parameter to be set along with proto file path. ([#124281](https://github.com/kubernetes/kubernetes/pull/124281), [@fulviodenza](https://github.com/fulviodenza)) +- Cel: converting a quantity value into a quantity value failed. ([#123669](https://github.com/kubernetes/kubernetes/pull/123669), [@pohly](https://github.com/pohly)) +- Client-go/tools/record.Broadcaster: Fixed automatic shutdown on WithContext cancellation. ([#124635](https://github.com/kubernetes/kubernetes/pull/124635), [@pohly](https://github.com/pohly)) - Do not remove the "batch.kubernetes.io/job-tracking" finalizer from a Pod, in a corner case scenario, when the Pod is controlled by an API object which is not a batch Job (e.g. when the Pod is controlled by a custom CRD). ([#124798](https://github.com/kubernetes/kubernetes/pull/124798), [@mimowo](https://github.com/mimowo)) [SIG Apps and Testing] -- Drop additional rule requirement (cronjobs/finalizers) in the roles who use kubectl create cronjobs to be backwards compatible ([#124883](https://github.com/kubernetes/kubernetes/pull/124883), [@ardaguclu](https://github.com/ardaguclu)) [SIG CLI] -- Emition of RecreatingFailedPod and RecreatingTerminatedPod events has been removed from stateful set lifecycle. ([#123809](https://github.com/kubernetes/kubernetes/pull/123809), [@atiratree](https://github.com/atiratree)) [SIG Apps and Testing] -- Endpointslices mirrored from Endpoints by the EndpointSliceMirroring controller were not reconciled if modified ([#124131](https://github.com/kubernetes/kubernetes/pull/124131), [@zyjhtangtang](https://github.com/zyjhtangtang)) [SIG Apps and Network] -- Ensure daemonset controller to count old unhealthy pods towards max unavailable budget ([#123233](https://github.com/kubernetes/kubernetes/pull/123233), [@marshallbrekka](https://github.com/marshallbrekka)) [SIG Apps] -- Fix "-kube-test-repo-list" e2e flag may not take effect ([#123587](https://github.com/kubernetes/kubernetes/pull/123587), [@huww98](https://github.com/huww98)) [SIG API Machinery, Apps, Autoscaling, CLI, Network, Node, Scheduling, Storage, Testing and Windows] -- Fix a bug that Pods could stuck in the unschedulable pod pool - if they're rejected by PreEnqueue plugins that could change its result by a change in resources apart from Pods. +- Dropped the additional rule requirement (cronjobs/finalizers) for roles + using kubectl create cronjobs to ensure backward compatibility. ([#124883](https://github.com/kubernetes/kubernetes/pull/124883), [@ardaguclu](https://github.com/ardaguclu)) +- Dynamic Resource Allocation (DRA): using structured parameters with a claim that gets reused between pods may have led to a claim with an invalid state (allocated without a finalizer) which then caused scheduling of pods using the claim to stop. ([#124931](https://github.com/kubernetes/kubernetes/pull/124931), [@pohly](https://github.com/pohly)) [SIG Node and Scheduling] +- Dynamic Resource Allocator (DRA): Enhanced validation for the ResourceClaimParametersReference and ResourceClassParametersReference with the following rules: - DRA plugin is the only plugin that meets the criteria of the bug in in-tree, - and hence if you have `DynamicResourceAllocation` feature flag enabled, - your DRA Pods could be affected by this bug. ([#125527](https://github.com/kubernetes/kubernetes/pull/125527), [@sanposhiho](https://github.com/sanposhiho)) [SIG Scheduling and Testing] + 1. `apiGroup`: If set, it must be a valid DNS subdomain (e.g. 'example.com'). + 2. `kind` and `name`: It must be valid path segment name. It may not be '.' or '..' and it may not contain '/' and '%' characters. ([#125218](https://github.com/kubernetes/kubernetes/pull/125218), [@carlory](https://github.com/carlory)) +- Enabled kubectl to find `kubectl-create-subcommand` plugins when positional + arguments exists, e.g. `kubectl create subcommand arg`. ([#124123](https://github.com/kubernetes/kubernetes/pull/124123), [@sttts](https://github.com/sttts)) +- Ensured daemonset controller counts old unhealthy pods towards max unavailable budget. ([#123233](https://github.com/kubernetes/kubernetes/pull/123233), [@marshallbrekka](https://github.com/marshallbrekka)) - Fix a bug that when PodTopologySpread rejects Pods, they may be stuck in Pending state for 5 min in a worst case scenario. The same problem could happen with custom plugins which have Pod/Add or Pod/Update in EventsToRegister, which is also solved with this PR, but only when the feature flag SchedulerQueueingHints is enabled. ([#122627](https://github.com/kubernetes/kubernetes/pull/122627), [@sanposhiho](https://github.com/sanposhiho)) [SIG Scheduling and Testing] -- Fix a race condition in kube-controller-manager and scheduler caused by a bug in transforming informer happening when objects were accessed during Resync operation by making the transforming function idempotent. ([#124352](https://github.com/kubernetes/kubernetes/pull/124352), [@wojtek-t](https://github.com/wojtek-t)) [SIG API Machinery and Scheduling] -- Fix a race condition in transforming informer happening when objects were accessed during Resync operation ([#124344](https://github.com/kubernetes/kubernetes/pull/124344), [@wojtek-t](https://github.com/wojtek-t)) [SIG API Machinery] -- Fix bug where Server Side Apply causes spurious resourceVersion bumps on no-op patches to custom resources. ([#125263](https://github.com/kubernetes/kubernetes/pull/125263), [@jpbetz](https://github.com/jpbetz)) [SIG API Machinery and Testing] - Fix bug where Server Side Apply causing spurious resourceVersion bumps on no-op patches containing empty maps. ([#125317](https://github.com/kubernetes/kubernetes/pull/125317), [@jpbetz](https://github.com/jpbetz)) [SIG API Machinery and Testing] - Fix endpoints status out-of-sync when the pod state changes rapidly ([#125675](https://github.com/kubernetes/kubernetes/pull/125675), [@tnqn](https://github.com/tnqn)) [SIG Apps, Network and Testing] -- Fix kubelet on Windows fails if a pod has SecurityContext with RunAsUser ([#125040](https://github.com/kubernetes/kubernetes/pull/125040), [@carlory](https://github.com/carlory)) [SIG Storage, Testing and Windows] -- Fix null lastTransitionTime in Pod condition when setting scheduling gate. ([#122636](https://github.com/kubernetes/kubernetes/pull/122636), [@lianghao208](https://github.com/lianghao208)) [SIG Node and Scheduling] -- Fix recursive LIST from watch cache returning object matching key ([#125584](https://github.com/kubernetes/kubernetes/pull/125584), [@serathius](https://github.com/serathius)) [SIG API Machinery and Testing] - Fix the bug where PodIP field is temporarily removed for a terminal pod ([#125404](https://github.com/kubernetes/kubernetes/pull/125404), [@mimowo](https://github.com/mimowo)) [SIG Node and Testing] -- Fix throughput when scheduling daemonset pods to reach 300 pods/s, if the configured qps allows it. ([#124714](https://github.com/kubernetes/kubernetes/pull/124714), [@sanposhiho](https://github.com/sanposhiho)) [SIG Scheduling] -- Fix: during the kube-controller-manager restart, when the corresponding Endpoints resource was manually deleted and recreated, causing the endpointslice to fail to be created normally. ([#125359](https://github.com/kubernetes/kubernetes/pull/125359), [@yangjunmyfm192085](https://github.com/yangjunmyfm192085)) [SIG Apps and Network] -- Fix: the resourceclaim controller forgot to wait for podSchedulingSynced and templatesSynced ([#124589](https://github.com/kubernetes/kubernetes/pull/124589), [@carlory](https://github.com/carlory)) [SIG Apps and Node] +- Fixed "-kube-test-repo-list" e2e flag may not take effect. ([#123587](https://github.com/kubernetes/kubernetes/pull/123587), [@huww98](https://github.com/huww98)) [SIG API Machinery, Apps, Autoscaling, CLI, Network, Node, Scheduling, Storage, Testing and Windows] - Fixed EDITOR/KUBE_EDITOR with double-quoted paths with spaces when on Windows cmd.exe. ([#112104](https://github.com/kubernetes/kubernetes/pull/112104), [@oldium](https://github.com/oldium)) [SIG CLI and Windows] -- Fixed a bug in the JSON frame reader that could cause it to retain a reference to the underlying array of the byte slice passed to Read. ([#123620](https://github.com/kubernetes/kubernetes/pull/123620), [@benluddy](https://github.com/benluddy)) [SIG API Machinery] +- Fixed a bug in storage-version-migrator-controller that would cause migration attempts to fail if resources were deleted when the migration was in progress. ([#126107](https://github.com/kubernetes/kubernetes/pull/126107), [@enj](https://github.com/enj)) [SIG API Machinery, Apps, Auth and Testing] +- Fixed a bug in the JSON frame reader that could cause it to retain a reference to the underlying array of the byte slice passed to read. ([#123620](https://github.com/kubernetes/kubernetes/pull/123620), [@benluddy](https://github.com/benluddy)) - Fixed a bug in the scheduler where it would crash when prefilter returns a non-existent node. ([#124933](https://github.com/kubernetes/kubernetes/pull/124933), [@AxeZhan](https://github.com/AxeZhan)) [SIG Scheduling and Testing] +- Fixed a bug that Pods could stuck in the unschedulable pod pool + if they're rejected by PreEnqueue plugins that could change its result by a change in resources apart from Pods. + + DRA plugin is the only plugin that meets the criteria of the bug in in-tree, + and hence if you have `DynamicResourceAllocation` feature flag enabled, + your DRA Pods could be affected by this bug. ([#125527](https://github.com/kubernetes/kubernetes/pull/125527), [@sanposhiho](https://github.com/sanposhiho)) [SIG Scheduling and Testing] +- Fixed a bug that init containers with `Always` restartPolicy may not terminate gracefully if the pod hasn't initialized yet. ([#125935](https://github.com/kubernetes/kubernetes/pull/125935), [@gjkim42](https://github.com/gjkim42)) [SIG Node and Testing] - Fixed a bug where `kubectl describe` incorrectly displayed NetworkPolicy port ranges - (showing only the starting port). ([#123316](https://github.com/kubernetes/kubernetes/pull/123316), [@jcaamano](https://github.com/jcaamano)) [SIG CLI] + (showing only the starting port). ([#123316](https://github.com/kubernetes/kubernetes/pull/123316), [@jcaamano](https://github.com/jcaamano)) +- Fixed a bug where hard evictions due to resource pressure allowed pods + to use the full termination grace period instead of shutting down instantly. + This bug also affected force deleted pods. Both cases now receive a termination grace period of 1 second. ([#124063](https://github.com/kubernetes/kubernetes/pull/124063), [@olyazavr](https://github.com/olyazavr)) +- Fixed a bug where the Kubelet didn't calculate the process usage of pods correctly, leading to pods never getting evicted for PID use. ([#124101](https://github.com/kubernetes/kubernetes/pull/124101), [@haircommander](https://github.com/haircommander)) [SIG Node and Testing] +- Fixed a missing status prefix in custom resource validation error messages. ([#123822](https://github.com/kubernetes/kubernetes/pull/123822), [@JoelSpeed](https://github.com/JoelSpeed)) +- Fixed a race condition in kube-controller-manager and the scheduler, caused by + a bug in the transforming informer during the Resync operation, + by making the transforming function idempotent. ([#124352](https://github.com/kubernetes/kubernetes/pull/124352), [@wojtek-t](https://github.com/wojtek-t)) [SIG API Machinery and Scheduling] +- Fixed a race condition in the transforming informer that occurred when objects were accessed during the Resync operation. ([#124344](https://github.com/kubernetes/kubernetes/pull/124344), [@wojtek-t](https://github.com/wojtek-t)) - Fixed a regression where `kubelet --hostname-override` no longer worked - correctly with an external cloud provider. ([#124516](https://github.com/kubernetes/kubernetes/pull/124516), [@danwinship](https://github.com/danwinship)) [SIG Node] -- Fixed an issue that prevents the linking of trace spans for requests that are proxied through kube-aggregator. ([#124189](https://github.com/kubernetes/kubernetes/pull/124189), [@toddtreece](https://github.com/toddtreece)) [SIG API Machinery] -- Fixed bug where kubectl get with --sort-by flag does not sort strings alphanumerically. ([#124514](https://github.com/kubernetes/kubernetes/pull/124514), [@brianpursley](https://github.com/brianpursley)) [SIG CLI] -- Fixed the format of the error indicating that a user does not have permission on the object referenced by paramRef in ValidatingAdmissionPolicyBinding. ([#124653](https://github.com/kubernetes/kubernetes/pull/124653), [@m1kola](https://github.com/m1kola)) [SIG API Machinery] -- Fixes a bug where hard evictions due to resource pressure would let the pod have the full termination grace period, instead of shutting down instantly. This bug also affected force deleted pods. Both cases now get a termination grace period of 1 second. ([#124063](https://github.com/kubernetes/kubernetes/pull/124063), [@olyazavr](https://github.com/olyazavr)) [SIG Node] -- Fixes a missing `status.` prefix on custom resource validation error messages. ([#123822](https://github.com/kubernetes/kubernetes/pull/123822), [@JoelSpeed](https://github.com/JoelSpeed)) [SIG API Machinery] + correctly with an external cloud provider. ([#124516](https://github.com/kubernetes/kubernetes/pull/124516), [@danwinship](https://github.com/danwinship)) +- Fixed an issue that prevents the linking of trace spans for requests that are proxied through kube-aggregator. ([#124189](https://github.com/kubernetes/kubernetes/pull/124189), [@toddtreece](https://github.com/toddtreece)) +- Fixed an issue where kubelet on Windows would fail if a pod had a SecurityContext with `RunAsUser`. ([#125040](https://github.com/kubernetes/kubernetes/pull/125040), [@carlory](https://github.com/carlory)) [SIG Storage, Testing and Windows] +- Fixed an issue where the Service LoadBalancer controller was not correctly considering the `service.Status new IPMode` field and excluding the Ports when checking if the status was changed, resulting in the changed field potentially not to update the `service.Status` correctly. ([#125225](https://github.com/kubernetes/kubernetes/pull/125225), [@aojea](https://github.com/aojea)) [SIG Apps, Cloud Provider and Network] +- Fixed bug where Server Side Apply causes spurious resourceVersion bumps on no-op patches to custom resources. ([#125263](https://github.com/kubernetes/kubernetes/pull/125263), [@jpbetz](https://github.com/jpbetz)) [SIG API Machinery and Testing] +- Fixed bug where kubectl get with --sort-by flag does not sort strings alphanumerically. ([#124514](https://github.com/kubernetes/kubernetes/pull/124514), [@brianpursley](https://github.com/brianpursley)) +- Fixed fake clientset ApplyScale subresource from 'status' to 'scale'. ([#126073](https://github.com/kubernetes/kubernetes/pull/126073), [@a7i](https://github.com/a7i)) +- Fixed kubelet so it would no longer crash when a DRA(Dynamic Resource Allocation) driver returns a nil as part of the Node(Un)PrepareResources response instead of an empty struct (Did not affect drivers written in Go, first showed up with a driver written in Rust). returns a nil as part of the Node(Un)PrepareResources response instead of an empty struct (did not affect drivers written in Go, first showed up with a driver written in Rust). ([#124091](https://github.com/kubernetes/kubernetes/pull/124091), [@bitoku](https://github.com/bitoku)) +- Fixed node report notReady with reason 'container runtime status check may not have completed yet' after kubelet restart. ([#124430](https://github.com/kubernetes/kubernetes/pull/124430), [@AllenXu93](https://github.com/AllenXu93)) +- Fixed null `lastTransitionTime` in Pod condition when setting the scheduling gate. ([#122636](https://github.com/kubernetes/kubernetes/pull/122636), [@lianghao208](https://github.com/lianghao208)) [SIG Node and Scheduling] +- Fixed recursive LIST from watch cache returning object matching key. ([#125584](https://github.com/kubernetes/kubernetes/pull/125584), [@serathius](https://github.com/serathius)) [SIG API Machinery and Testing] +- Fixed sample-cli-plugin help text to be consistent and always use `kubectl ns`. ([#125641](https://github.com/kubernetes/kubernetes/pull/125641), [@nirs](https://github.com/nirs)) +- Fixed the bug where if Endpointslices mirrored from Endpoints by the EndpointSliceMirroring controller they would not reconcile if modified. were not reconciled if modified ([#124131](https://github.com/kubernetes/kubernetes/pull/124131), [@zyjhtangtang](https://github.com/zyjhtangtang)) [SIG Apps and Network] +- Fixed the format of the error indicating that a user does not have permission on the object referenced by paramRef in ValidatingAdmissionPolicyBinding. ([#124653](https://github.com/kubernetes/kubernetes/pull/124653), [@m1kola](https://github.com/m1kola)) +- Fixed throughput when scheduling DaemonSet pods to reach 300 pods/s, if the configured QPS allows it. ([#124714](https://github.com/kubernetes/kubernetes/pull/124714), [@sanposhiho](https://github.com/sanposhiho)) +- Fixed: during the kube-controller-manager restart, when the corresponding Endpoints resource was manually deleted and recreated, causing the endpointslice to fail to be created normally. ([#125359](https://github.com/kubernetes/kubernetes/pull/125359), [@yangjunmyfm192085](https://github.com/yangjunmyfm192085)) [SIG Apps and Network] - For statically provisioned PVs, if its volume source is CSI type or it has migrated annotation, when it's deleted, the PersisentVolume controller won't changes its phase to the Failed state. With this patch, the external provisioner can remove the finalizer in next reconcile loop. Unfortunately if the provious existing pv has the Failed state, this patch won't take effort. It requires users to remove finalizer. ([#125767](https://github.com/kubernetes/kubernetes/pull/125767), [@carlory](https://github.com/carlory)) [SIG Apps and Storage] -- Improved scheduling latency when many gated pods ([#124618](https://github.com/kubernetes/kubernetes/pull/124618), [@gabesaba](https://github.com/gabesaba)) [SIG Scheduling and Testing] -- Job: Fix a bug that the SuccessCriteriaMet could be added to the Job with successPolicy regardless of the featureGate enabling ([#125429](https://github.com/kubernetes/kubernetes/pull/125429), [@tenzen-y](https://github.com/tenzen-y)) [SIG Apps] -- Kube-apiserver: fixes a 1.27+ regression watching a single namespace via the deprecated /api/v1/watch/namespaces/$name endpoint where watch events were not delivered after the watch was established ([#125145](https://github.com/kubernetes/kubernetes/pull/125145), [@xyz-li](https://github.com/xyz-li)) [SIG API Machinery, Node and Testing] -- Kube-apiserver: fixes a 1.28 regression printing pods with invalid initContainer status ([#124906](https://github.com/kubernetes/kubernetes/pull/124906), [@liggitt](https://github.com/liggitt)) [SIG Node] +- Improved scheduling latency when there are many gated pods and events that trigger requeueing from the unschedulable pool. ([#124618](https://github.com/kubernetes/kubernetes/pull/124618), [@gabesaba](https://github.com/gabesaba)) [SIG Scheduling and Testing] +- Kube-apiserver: fixed a 1.27+ regression watching a single namespace via the deprecated /api/v1/watch/namespaces/$name endpoint where watch events were not delivered after the watch was established. ([#125145](https://github.com/kubernetes/kubernetes/pull/125145), [@xyz-li](https://github.com/xyz-li)) [SIG API Machinery, Node and Testing] +- Kube-apiserver: fixed a 1.28 regression printing pods with invalid initContainer status. ([#124906](https://github.com/kubernetes/kubernetes/pull/124906), [@liggitt](https://github.com/liggitt)) +- Kube-apiserver: fixed a potential crash serving CustomResourceDefinitions that combine an invalid schema and CEL validation rules. ([#126167](https://github.com/kubernetes/kubernetes/pull/126167), [@cici37](https://github.com/cici37)) [SIG API Machinery and Testing] - Kube-apiserver: timeouts configured for authorization webhooks in the --authorization-config file are now honored, and webhook timeouts are accurately reflected in webhook metrics with result=timeout ([#125552](https://github.com/kubernetes/kubernetes/pull/125552), [@liggitt](https://github.com/liggitt)) [SIG API Machinery, Auth and Testing] -- Kubeadm: Added `--yes` flag to the list of allowed flags so that it can be mixed with `kubeadm upgrade apply --config` ([#125566](https://github.com/kubernetes/kubernetes/pull/125566), [@xmudrii](https://github.com/xmudrii)) [SIG Cluster Lifecycle] -- Kubeadm: allow 'kubeadm init phase certs sa' to accept the '--config' flag. ([#125396](https://github.com/kubernetes/kubernetes/pull/125396), [@Kavinraja-G](https://github.com/Kavinraja-G)) [SIG Cluster Lifecycle] -- Kubeadm: don't mount /etc/pki in kube-apisever and kube-controller-manager pods as an additional Linux system CA location. Mount /etc/pki/ca-trust and /etc/pki/tls/certs instead. /etc/ca-certificate, /usr/share/ca-certificates, /usr/local/share/ca-certificates and /etc/ssl/certs continue to be mounted. ([#124361](https://github.com/kubernetes/kubernetes/pull/124361), [@neolit123](https://github.com/neolit123)) [SIG Cluster Lifecycle] -- Kubeadm: during kubelet health checks, respect the healthz address:port configured in the KubeletConfiguration instead of hardcoding localhost:10248. ([#125265](https://github.com/kubernetes/kubernetes/pull/125265), [@neolit123](https://github.com/neolit123)) [SIG Cluster Lifecycle] -- Kubeadm: during the preflight check "CreateJob" of "kubeadm upgrade", check if there are no nodes where a Pod can schedule. If there are none, show a warning and skip this preflight check. This can happen in single node clusters where the only node was drained. ([#124503](https://github.com/kubernetes/kubernetes/pull/124503), [@neolit123](https://github.com/neolit123)) [SIG Cluster Lifecycle] -- Kubeadm: during the validation of existing kubeconfig files on disk, handle cases where the "ca.crt" is a bundle and has intermediate certificates. Find a common trust anchor between the "ca.crt" bundle and the CA in the existing kubeconfig on disk instead of treating "ca.crt" as a file containing a single CA. ([#123102](https://github.com/kubernetes/kubernetes/pull/123102), [@astundzia](https://github.com/astundzia)) [SIG Cluster Lifecycle] -- Kubeadm: fix a bug where the path of the manifest can not be specified when `kubeadm upgrade diff` specified a config file, and the `--api-server-manifest`, `--controller-manager-manifest` and `--scheduler-manifest` flags of `kubeadm upgrade diff` are marked as deprecated and will be removed in a future release. ([#125779](https://github.com/kubernetes/kubernetes/pull/125779), [@SataQiu](https://github.com/SataQiu)) [SIG Cluster Lifecycle] -- Kubeadm: fix a regression where the KubeletConfiguration is not properly downloaded during "kubeadm upgrade" commands from the kube-system/kubelet-config ConfigMap, resulting in the local '/var/lib/kubelet/config.yaml' file being written as a defaulted config. ([#124480](https://github.com/kubernetes/kubernetes/pull/124480), [@neolit123](https://github.com/neolit123)) [SIG Cluster Lifecycle] -- Kubeadm: fixed a bug where the PublicKeysECDSA feature gate was not respected when generating kubeconfig files. ([#125388](https://github.com/kubernetes/kubernetes/pull/125388), [@neolit123](https://github.com/neolit123)) [SIG Cluster Lifecycle] -- Kubeadm: fixed a regression where the JoinConfiguration.discovery.timeout was no longer respected and the value was always hardcoded to "5m" (5 minutes). ([#125480](https://github.com/kubernetes/kubernetes/pull/125480), [@neolit123](https://github.com/neolit123)) [SIG Cluster Lifecycle] -- Kubeadm: improve the "IsPriviledgedUser" preflight check to not fail on certain Windows setups. ([#124665](https://github.com/kubernetes/kubernetes/pull/124665), [@neolit123](https://github.com/neolit123)) [SIG Cluster Lifecycle] -- Kubeadm: stop storing the ResolverConfig in the global KubeletConfiguration and instead set it dynamically for each node ([#124038](https://github.com/kubernetes/kubernetes/pull/124038), [@SataQiu](https://github.com/SataQiu)) [SIG Cluster Lifecycle] -- Kubeadm: the `--feature-gates` flag is deprecated and no-op for `kubeadm upgrade apply/plan`, and it will be removed in a future release. The upgrade workflow is not designed to reconfigure the cluster. Please edit the 'featureGates' field of ClusterConfiguration which is defined in the kube-system/kubeadm-config ConfigMap instead. ([#125797](https://github.com/kubernetes/kubernetes/pull/125797), [@SataQiu](https://github.com/SataQiu)) [SIG Cluster Lifecycle] -- Kubectl support both: - - kubectl create secret docker-registry --from-file= - - kubectl create secret docker-registry --from-file=.dockerconfigjson= ([#119589](https://github.com/kubernetes/kubernetes/pull/119589), [@carlory](https://github.com/carlory)) [SIG CLI] -- Kubectl: Show the Pod phase in the STATUS column as 'Failed' or 'Succeeded' when the Pod is terminated ([#122038](https://github.com/kubernetes/kubernetes/pull/122038), [@lowang-bh](https://github.com/lowang-bh)) [SIG CLI] -- Kubelet no longer crashes when a DRA driver returns a nil as part of the Node(Un)PrepareResources response instead of an empty struct (did not affect drivers written in Go, first showed up with a driver written in Rust). ([#124091](https://github.com/kubernetes/kubernetes/pull/124091), [@bitoku](https://github.com/bitoku)) [SIG Node] -- Kubelet now hard rejects pods with AppArmor if the node does not have AppArmor enabled. ([#125776](https://github.com/kubernetes/kubernetes/pull/125776), [@vinayakankugoyal](https://github.com/vinayakankugoyal)) [SIG Node] -- LastSuccessfullTime in cronjobs will now be set reliably ([#122025](https://github.com/kubernetes/kubernetes/pull/122025), [@lukashankeln](https://github.com/lukashankeln)) [SIG Apps] -- Make kubectl find `kubectl-create-subcommand` plugins also when positional arguments exists, e.g. `kubectl create subcommand arg`. ([#124123](https://github.com/kubernetes/kubernetes/pull/124123), [@sttts](https://github.com/sttts)) [SIG CLI] -- Now the .status.ready field is tracked faster when active Pods are deleted, specifically when Job is failed, gets suspended or has too many active pods ([#125546](https://github.com/kubernetes/kubernetes/pull/125546), [@dejanzele](https://github.com/dejanzele)) [SIG Apps] -- Removed admission plugin PersistentVolumeLabel. Please use https://github.com/kubernetes-sigs/cloud-pv-admission-labeler instead if you need a similar functionality. ([#124505](https://github.com/kubernetes/kubernetes/pull/124505), [@jsafrane](https://github.com/jsafrane)) [SIG API Machinery, Auth and Storage] -- StatefulSet autodelete will respect controlling owners on PVC claims as described in https://github.com/kubernetes/enhancements/pull/4375 ([#122499](https://github.com/kubernetes/kubernetes/pull/122499), [@mattcary](https://github.com/mattcary)) [SIG Apps and Testing] -- Stop using wmic on Windows to get uuid in the kubelet ([#126012](https://github.com/kubernetes/kubernetes/pull/126012), [@marosset](https://github.com/marosset)) [SIG Node and Windows] +- Kubeadm: Added `--yes` flag to the list of allowed flags so that it can be mixed with `kubeadm upgrade apply --config`. ([#125566](https://github.com/kubernetes/kubernetes/pull/125566), [@xmudrii](https://github.com/xmudrii)) +- Kubeadm: Added support during the preflight check "CreateJob" of "kubeadm upgrade" to check if there are no nodes where a Pod can be scheduled. If there are none, show a warning and skip this preflight check. This can happen in single node clusters where the only node was drained. ([#124503](https://github.com/kubernetes/kubernetes/pull/124503), [@neolit123](https://github.com/neolit123)) +- Kubeadm: Fixed a bug where the PublicKeysECDSA feature gate was not respected when generating kubeconfig files. ([#125388](https://github.com/kubernetes/kubernetes/pull/125388), [@neolit123](https://github.com/neolit123)) +- Kubeadm: Fixed a regression where the JoinConfiguration.discovery.timeout was no longer respected and the value was always hardcoded to "5m" (5 minutes). ([#125480](https://github.com/kubernetes/kubernetes/pull/125480), [@neolit123](https://github.com/neolit123)) +- Kubeadm: Removed support for mounting /etc/pki as an additional Linux system CA location + in kube-apisever and kube-controller-manager pods. Instead, it shifted to supporting the + mounting of /etc/pki/ca-trust and /etc/pki/tls/certs. The locations /etc/ca-certificate, + /usr/share/ca-certificates, /usr/local/share/ca-certificates, and /etc/ssl/certs continued + to be supported. ([#124361](https://github.com/kubernetes/kubernetes/pull/124361), [@neolit123](https://github.com/neolit123)) +- Kubeadm: The healthz address:port configured in the KubeletConfiguration was used during kubelet health checks, instead of hardcoding localhost:10248. ([#125265](https://github.com/kubernetes/kubernetes/pull/125265), [@neolit123](https://github.com/neolit123)) +- Kubeadm: during the validation of existing kubeconfig files on disk, handle cases where the "ca.crt" is a bundle and has intermediate certificates. Find a common trust anchor between the "ca.crt" bundle and the CA in the existing kubeconfig on disk instead of treating "ca.crt" as a file containing a single CA. ([#123102](https://github.com/kubernetes/kubernetes/pull/123102), [@astundzia](https://github.com/astundzia)) +- Kubeadm: fixed a bug on 'kubeadm join' where using patches with a kubeletconfiguration target was not respected when performing the local kubelet healthz check. ([#126224](https://github.com/kubernetes/kubernetes/pull/126224), [@neolit123](https://github.com/neolit123)) [SIG Cluster Lifecycle] +- Kubeadm: fixed a bug where the path of the manifest can not be specified when `kubeadm upgrade diff` specified a config file, and the `--api-server-manifest`, `--controller-manager-manifest` and `--scheduler-manifest` flags of `kubeadm upgrade diff` are marked as deprecated and will be removed in a future release. ([#125779](https://github.com/kubernetes/kubernetes/pull/125779), [@SataQiu](https://github.com/SataQiu)) +- Kubeadm: the `--feature-gates` flag is deprecated and no-op for `kubeadm upgrade apply/plan`, and it will be removed in a future release. The upgrade workflow is not designed to reconfigure the cluster. Please edit the 'featureGates' field of ClusterConfiguration which is defined in the kube-system/kubeadm-config ConfigMap instead. ([#125797](https://github.com/kubernetes/kubernetes/pull/125797), [@SataQiu](https://github.com/SataQiu)) +- Kubectl: Show the Pod phase in the STATUS column as 'Failed' or 'Succeeded' when the Pod is terminated ([#122038](https://github.com/kubernetes/kubernetes/pull/122038), [@lowang-bh](https://github.com/lowang-bh)) +- Kubelet now hard rejects pods with AppArmor if the node does not have AppArmor. ([#125776](https://github.com/kubernetes/kubernetes/pull/125776), [@vinayakankugoyal](https://github.com/vinayakankugoyal)) +- Mount-utils: treated syscall.ENODEV as corrupted mount. ([#126174](https://github.com/kubernetes/kubernetes/pull/126174), [@dobsonj](https://github.com/dobsonj)) +- Now the .status.ready field is tracked faster when active Pods are deleted, specifically when Job is failed, gets suspended or has too many active pods. ([#125546](https://github.com/kubernetes/kubernetes/pull/125546), [@dejanzele](https://github.com/dejanzele)) +- Removed admission plugin `PersistentVolumeLabel`. Please use https://github.com/kubernetes-sigs/cloud-pv-admission-labeler instead if you need a similar functionality. ([#124505](https://github.com/kubernetes/kubernetes/pull/124505), [@jsafrane](https://github.com/jsafrane)) [SIG API Machinery, Auth and Storage] +- Reverted `Graduates the `WatchList` feature gate to Beta for kube-apiserver and enables `WatchListClient` for kube-controller-manager (KCM)`. ([#126191](https://github.com/kubernetes/kubernetes/pull/126191), [@p0lyn0mial](https://github.com/p0lyn0mial)) [SIG API Machinery and Testing] +- Set ProcMountType feature to disabled by default, to follow the lead of UserNamespacesSupport (which it relies on). ([#126291](https://github.com/kubernetes/kubernetes/pull/126291), [@haircommander](https://github.com/haircommander)) [SIG Node] +- StatefulSet autodelete respected controlling owners on PVC claims as described in https://github.com/kubernetes/enhancements/pull/4375. ([#122499](https://github.com/kubernetes/kubernetes/pull/122499), [@mattcary](https://github.com/mattcary)) [SIG Apps and Testing] +- Stopped using wmic on Windows to get uuid in the kubelet. ([#126012](https://github.com/kubernetes/kubernetes/pull/126012), [@marosset](https://github.com/marosset)) [SIG Node and Windows] - The "fake" clients generated by `client-gen` now have the same semantics on error as the real clients; in particular, a failed Get(), Create(), etc, no longer returns `nil`. (It now returns a pointer to a zero-valued object, like the real clients do.) This will break some downstream unit tests that were testing `result == nil` rather than `err != nil`, and in some cases may expose bugs in the underlying code that were hidden by the incorrect unit tests. ([#122892](https://github.com/kubernetes/kubernetes/pull/122892), [@danwinship](https://github.com/danwinship)) [SIG API Machinery, Auth, Cloud Provider, Instrumentation and Storage] -- The Service LoadBalancer controller was not correctly considering the service.Status new IPMode field and excluding the Ports when comparing if the status has changed, causing that changes in these fields may not update the service.Status correctly ([#125225](https://github.com/kubernetes/kubernetes/pull/125225), [@aojea](https://github.com/aojea)) [SIG Apps, Cloud Provider and Network] -- The nftables kube-proxy mode now has its own metrics rather than reporting - metrics with "iptables" in their names. ([#124557](https://github.com/kubernetes/kubernetes/pull/124557), [@danwinship](https://github.com/danwinship)) [SIG Network and Windows] +- The emission of RecreatingFailedPod and RecreatingTerminatedPod events has been + removed from the StatefulSet lifecycle. ([#123809](https://github.com/kubernetes/kubernetes/pull/123809), [@atiratree](https://github.com/atiratree)) [SIG Apps and Testing] - The scheduler retries scheduling Pods rejected by PreFilterResult (PreFilter plugins) more appropriately; it now takes events registered in those rejector PreFilter plugins into consideration. ([#122251](https://github.com/kubernetes/kubernetes/pull/122251), [@olderTaoist](https://github.com/olderTaoist)) [SIG Scheduling and Testing] -- Updated description of default values for --healthz-bind-address and --metrics-bind-address parameters ([#123545](https://github.com/kubernetes/kubernetes/pull/123545), [@yangjunmyfm192085](https://github.com/yangjunmyfm192085)) [SIG Network] -- When schedulingQueueHint is enabled, the scheduling queue doesn't update Pods being scheduled immediately. ([#125578](https://github.com/kubernetes/kubernetes/pull/125578), [@nayihz](https://github.com/nayihz)) [SIG Scheduling] +- Updated description of default values for `--healthz-bind-address` and `--metrics-bind-address` parameters. ([#123545](https://github.com/kubernetes/kubernetes/pull/123545), [@yangjunmyfm192085](https://github.com/yangjunmyfm192085)) +- When schedulingQueueHint is enabled, the scheduling queue doesn't update Pods being scheduled immediately. ([#125578](https://github.com/kubernetes/kubernetes/pull/125578), [@nayihz](https://github.com/nayihz)) +- `Job`: Fixed a bug where `SuccessCriteriaMet` could be added to the Job with + `successPolicy` regardless of the `featureGate` being enabled. ([#125429](https://github.com/kubernetes/kubernetes/pull/125429), [@tenzen-y](https://github.com/tenzen-y)) +- ``` + + #### Additional documentation e.g., KEPs (Kubernetes Enhancement Proposals), usage docs, etc.: ([#125272](https://github.com/kubernetes/kubernetes/pull/125272), [@mauri870](https://github.com/mauri870)) +- `kubeadm`: Allowed the `kubeadm init phase certs sa` command to accept the `--config` flag. ([#125396](https://github.com/kubernetes/kubernetes/pull/125396), [@Kavinraja-G](https://github.com/Kavinraja-G)) +- `kubeadm`: Improved the `IsPrivilegedUser` preflight check to not fail on certain Windows setups. ([#124665](https://github.com/kubernetes/kubernetes/pull/124665), [@neolit123](https://github.com/neolit123)) +- `lastSuccessfullTime` in cronjobs will now be set reliably. ([#122025](https://github.com/kubernetes/kubernetes/pull/122025), [@lukashankeln](https://github.com/lukashankeln)) ### Other (Cleanup or Flake) -- ACTION-REQUIRED: DRA drivers using the v1alpha2 kubelet gRPC API are no longer supported and need to be updated. ([#124316](https://github.com/kubernetes/kubernetes/pull/124316), [@pohly](https://github.com/pohly)) [SIG Node and Testing] +- "Removed the ability to run `kubectl exec [POD] [COMMAND]` without a `--` separator. + The `--` separator has been recommended since the Kubernetes v1.18 release, which also deprecated the legacy way of invoking `kubectl exec`. + + This change aligns with the deprecation of legacy `kubectl exec` command execution and enforces the use of `kubectl exec [POD] -- [COMMAND]` for improved compatibility and adherence to recommended practices." + ([#125437](https://github.com/kubernetes/kubernetes/pull/125437), [@ardaguclu](https://github.com/ardaguclu)) [SIG CLI and Testing] +- "`kubectl describe service`" and "`kubectl describe ingress`" will now use endpointslices instead of endpoints. + ([#124598](https://github.com/kubernetes/kubernetes/pull/124598), [@aroradaman](https://github.com/aroradaman)) [SIG CLI and Network] +- ACTION-REQUIRED: Dynamic Resource Allocation (DRA) drivers using the v1alpha2 kubelet gRPC API are no longer supported and need to be updated. ([#124316](https://github.com/kubernetes/kubernetes/pull/124316), [@pohly](https://github.com/pohly)) [SIG Node and Testing] - API Priority and Fairness feature was promoted to GA in 1.29, the corresponding feature gate 'APIPriorityAndFairness' has been removed in 1.31. ([#125846](https://github.com/kubernetes/kubernetes/pull/125846), [@tkashem](https://github.com/tkashem)) [SIG API Machinery] -- Build etcd image v3.5.13 ([#124026](https://github.com/kubernetes/kubernetes/pull/124026), [@liangyuanpeng](https://github.com/liangyuanpeng)) [SIG API Machinery and Etcd] -- Build etcd image v3.5.14 ([#125235](https://github.com/kubernetes/kubernetes/pull/125235), [@humblec](https://github.com/humblec)) [SIG API Machinery] -- CSI spec support has been lifted to v1.9.0 in this release ([#125150](https://github.com/kubernetes/kubernetes/pull/125150), [@humblec](https://github.com/humblec)) [SIG Storage and Testing] -- DRA: fix some small, unlikely race condition during pod scheduling ([#124595](https://github.com/kubernetes/kubernetes/pull/124595), [@pohly](https://github.com/pohly)) [SIG Node, Scheduling and Testing] +- Added a testcase to check hostname and hostNetwork. ([#124428](https://github.com/kubernetes/kubernetes/pull/124428), [@yashsingh74](https://github.com/yashsingh74)) [SIG Architecture, Network and Testing] +- Built etcd image v3.5.13. ([#124026](https://github.com/kubernetes/kubernetes/pull/124026), [@liangyuanpeng](https://github.com/liangyuanpeng)) [SIG API Machinery and Etcd] +- Built etcd image v3.5.14. ([#125235](https://github.com/kubernetes/kubernetes/pull/125235), [@humblec](https://github.com/humblec)) +- Built kubernetes with `Go 1.22.5`. ([#126330](https://github.com/kubernetes/kubernetes/pull/126330), [@ArkaSaha30](https://github.com/ArkaSaha30)) [SIG Release and Testing] +- Cleaned deprecated context.StopCh in favor of ctx. ([#125661](https://github.com/kubernetes/kubernetes/pull/125661), [@mjudeikis](https://github.com/mjudeikis)) +- Container Storage Interface (CSI) spec support has been lifted to v1.9.0 in this release. ([#125150](https://github.com/kubernetes/kubernetes/pull/125150), [@humblec](https://github.com/humblec)) [SIG Storage and Testing] - Drop support for the deprecated and unsupported kubectl run flags: - filename - force @@ -351,39 +476,52 @@ - wait Drop support for the deprecated --delete-local-data from kubectl drain, users should use --delete-emptydir-data, instead. ([#125842](https://github.com/kubernetes/kubernetes/pull/125842), [@soltysh](https://github.com/soltysh)) [SIG CLI] -- E2e.test and e2e_node.test: tests which depend on alpha or beta feature gates now have `Feature:Alpha` or `Feature:Beta` as Ginkgo labels. The inline text is `[Alpha]` or `[Beta]`, as before. ([#124350](https://github.com/kubernetes/kubernetes/pull/124350), [@pohly](https://github.com/pohly)) [SIG Testing] -- Etcd: Update to v3.5.13 ([#124027](https://github.com/kubernetes/kubernetes/pull/124027), [@liangyuanpeng](https://github.com/liangyuanpeng)) [SIG API Machinery, Cloud Provider, Cluster Lifecycle, Etcd and Testing] -- Expose apiserver_watch_cache_resource_version metric to simplify debugging problems with watchcache. ([#125377](https://github.com/kubernetes/kubernetes/pull/125377), [@wojtek-t](https://github.com/wojtek-t)) [SIG API Machinery and Instrumentation] -- Fixed a typo in the help text for the pod_scheduling_sli_duration_seconds metric in kube-scheduler ([#124221](https://github.com/kubernetes/kubernetes/pull/124221), [@arturhoo](https://github.com/arturhoo)) [SIG Instrumentation, Scheduling and Testing] -- Job-controller: the `JobReadyPods` feature flag has been removed (deprecated since v1.31) ([#125168](https://github.com/kubernetes/kubernetes/pull/125168), [@kaisoz](https://github.com/kaisoz)) [SIG Apps] +- Dynamic Resource Allocation (DRA): fixed some small, unlikely race condition during pod scheduling. ([#124595](https://github.com/kubernetes/kubernetes/pull/124595), [@pohly](https://github.com/pohly)) [SIG Node, Scheduling and Testing] +- E2e.test and e2e_node.test: tests which depend on alpha or beta feature gates now have `Feature:Alpha` or `Feature:Beta` as Ginkgo labels. The inline text is `[Alpha]` or `[Beta]`, as before. ([#124350](https://github.com/kubernetes/kubernetes/pull/124350), [@pohly](https://github.com/pohly)) +- Ensured that the Node Admission plugin to reject CSR requests created by a node identity for the signers `kubernetes.io/kubelet-serving` or `kubernetes.io/kube-apiserver-client-kubelet` with a CN starting with `system:node:`, but where the CN is not `system:node:${node-name}`. The feature gate `AllowInsecureKubeletCertificateSigningRequests` defaults to `false`, but can be enabled to revert to the previous behavior. This feature gate will be removed in Kubernetes v1.33. ([#126441](https://github.com/kubernetes/kubernetes/pull/126441), [@micahhausler](https://github.com/micahhausler)) +- Etcd: Updated to v3.5.13. ([#124027](https://github.com/kubernetes/kubernetes/pull/124027), [@liangyuanpeng](https://github.com/liangyuanpeng)) [SIG API Machinery, Cloud Provider, Cluster Lifecycle, Etcd and Testing] +- Exposed the `apiserver_watch_cache_resource_version` metric to simplify debugging problems with watchcache. ([#125377](https://github.com/kubernetes/kubernetes/pull/125377), [@wojtek-t](https://github.com/wojtek-t)) [SIG API Machinery and Instrumentation] +- Exposed the kube-scheduler "/livez" and "/readz" endpoints for health checks that are in compliance with https://kubernetes.io/docs/reference/using-api/health-checks/#api-endpoints-for-health. ([#118148](https://github.com/kubernetes/kubernetes/pull/118148), [@linxiulei](https://github.com/linxiulei)) [SIG API Machinery, Scheduling and Testing] +- Finished initial generic controlplane refactor of kube-apiserver, providing a sample binariy building a kube-like controlplane without contrainer orchestration resources. ([#124530](https://github.com/kubernetes/kubernetes/pull/124530), [@sttts](https://github.com/sttts)) [SIG API Machinery, Apps, Cloud Provider, Network, Node and Testing] +- Fixed a typo in the help text for the pod_scheduling_sli_duration_seconds metric in kube-scheduler. ([#124221](https://github.com/kubernetes/kubernetes/pull/124221), [@arturhoo](https://github.com/arturhoo)) [SIG Instrumentation, Scheduling and Testing] +- Improved the documentation clarity for building Kubernetes in Docker Environment, making it more understandable for new users and contributors. ([#125536](https://github.com/kubernetes/kubernetes/pull/125536), [@this-is-yaash](https://github.com/this-is-yaash)) +- Job-controller: the `JobReadyPods` feature flag has been removed (deprecated since v1.31). ([#125168](https://github.com/kubernetes/kubernetes/pull/125168), [@kaisoz](https://github.com/kaisoz)) - Kube-apiserver: the `--enable-logs-handler` flag and log-serving functionality which was already deprecated is now switched off by default and scheduled to be removed in v1.33. ([#125787](https://github.com/kubernetes/kubernetes/pull/125787), [@dims](https://github.com/dims)) [SIG API Machinery, Network and Testing] -- Kubeadm: improve the warning message about the NodeSwap check which kubeadm performs on preflight. ([#125157](https://github.com/kubernetes/kubernetes/pull/125157), [@carlory](https://github.com/carlory)) [SIG Cluster Lifecycle] -- Kubeadm: improve the warning/error messages of `validateSupportedVersion` to include the checked resource kind name. ([#125758](https://github.com/kubernetes/kubernetes/pull/125758), [@SataQiu](https://github.com/SataQiu)) [SIG Cluster Lifecycle] -- Kubeadm: only enable the klog flags that are still supported for kubeadm, rather than hiding the unwanted flags. This means that the previously unrecommended hidden flags about klog (including `--alsologtostderr`, `--log-backtrace-at`, `--log-dir`, `--logtostderr`, `--log-file`, `--log-file-max-size`, `--one-output`, `--skip-log-headers`, `--stderrthreshold` and `--vmodule`) are no longer allowed to be used. ([#125179](https://github.com/kubernetes/kubernetes/pull/125179), [@SataQiu](https://github.com/SataQiu)) [SIG Cluster Lifecycle] -- Kubeadm: remove the EXPERIMENTAL tag from the phase "kubeadm join control-plane-prepare download-certs". ([#124374](https://github.com/kubernetes/kubernetes/pull/124374), [@neolit123](https://github.com/neolit123)) [SIG Cluster Lifecycle] -- Kubeadm: remove the deprecated and NO-OP "kubeadm join control-plane-join update-status" phase. ([#124373](https://github.com/kubernetes/kubernetes/pull/124373), [@neolit123](https://github.com/neolit123)) [SIG Cluster Lifecycle] -- Kubeadm: removed the deprecated output.kubeadm.k8s.io/v1alpha2 API for structured output. Please use v1alpha3 instead. ([#124496](https://github.com/kubernetes/kubernetes/pull/124496), [@carlory](https://github.com/carlory)) [SIG Cluster Lifecycle] -- Kubeadm: the deprecated `UpgradeAddonsBeforeControlPlane` featuregate has been removed, upgrade of the CoreDNS and kube-proxy addons will not be triggered until all the control plane instances have been upgraded. ([#124715](https://github.com/kubernetes/kubernetes/pull/124715), [@SataQiu](https://github.com/SataQiu)) [SIG Cluster Lifecycle] -- Kubeadm: the global --rootfs flag is now considered non-experimental. ([#124375](https://github.com/kubernetes/kubernetes/pull/124375), [@neolit123](https://github.com/neolit123)) [SIG Cluster Lifecycle] -- Kubectl describe service and ingress will now use endpointslices instead of endpoints ([#124598](https://github.com/kubernetes/kubernetes/pull/124598), [@aroradaman](https://github.com/aroradaman)) [SIG CLI and Network] -- Kubelet flags `--iptables-masquerade-bit` and `--iptables-drop-bit` were deprecated in v1.28 and have now been removed entirely. ([#122363](https://github.com/kubernetes/kubernetes/pull/122363), [@carlory](https://github.com/carlory)) [SIG Network and Node] +- Kubeadm: Removed the deprecated `UpgradeAddonsBeforeControlPlane` feature gate; Ensured that the upgrade of the CoreDNS and kube-proxy addons would not be triggered until all the control plane instances were upgraded. ([#124715](https://github.com/kubernetes/kubernetes/pull/124715), [@SataQiu](https://github.com/SataQiu)) +- Kubeadm: Strictly enabled only the supported klog flags, disallowing previously available but unrecommended options. This means that hidden flags about klog (including `--alsologtostderr`, `--log-backtrace-at`, `--log-dir`, `--logtostderr`, `--log-file`, `--log-file-max-size`, `--one-output`, `--skip-log-headers`, `--stderrthreshold` and `--vmodule`) are no longer allowed to be used. ([#125179](https://github.com/kubernetes/kubernetes/pull/125179), [@SataQiu](https://github.com/SataQiu)) +- Kubeadm: The global --rootfs flag considered non-experimental. ([#124375](https://github.com/kubernetes/kubernetes/pull/124375), [@neolit123](https://github.com/neolit123)) +- Kubeadm: improved the warning/error messages of `validateSupportedVersion` to include the checked resource kind name. ([#125758](https://github.com/kubernetes/kubernetes/pull/125758), [@SataQiu](https://github.com/SataQiu)) +- Kubeadm: removed the EXPERIMENTAL tag from the phase "kubeadm join control-plane-prepare download-certs". ([#124374](https://github.com/kubernetes/kubernetes/pull/124374), [@neolit123](https://github.com/neolit123)) +- Kubeadm: removed the deprecated `output.kubeadm.k8s.io/v1alpha2` API for structured output. Please use v1alpha3 instead. ([#124496](https://github.com/kubernetes/kubernetes/pull/124496), [@carlory](https://github.com/carlory)) +- Kubeadm: removed the deprecated and NO-OP "kubeadm join control-plane-join update-status" phase. ([#124373](https://github.com/kubernetes/kubernetes/pull/124373), [@neolit123](https://github.com/neolit123)) +- Kubelet is no longer able to recover from device manager state file older than 1.20. If the proper recommended upgrade flow is followed, there should be no issue. ([#123398](https://github.com/kubernetes/kubernetes/pull/123398), [@ffromani](https://github.com/ffromani)) [SIG Node and Testing] - Migrated the pkg/proxy to use [contextual logging](https://k8s.io/docs/concepts/cluster-administration/system-logs/#contextual-logging). ([#122979](https://github.com/kubernetes/kubernetes/pull/122979), [@fatsheep9146](https://github.com/fatsheep9146)) [SIG Network and Scalability] - Moved remote CRI implementation from kubelet to `k8s.io/cri-client` repository. ([#124634](https://github.com/kubernetes/kubernetes/pull/124634), [@saschagrunert](https://github.com/saschagrunert)) [SIG Node, Release and Testing] -- Remove GA ServiceNodePortStaticSubrange feature gate ([#124738](https://github.com/kubernetes/kubernetes/pull/124738), [@xuzhenglun](https://github.com/xuzhenglun)) [SIG Network] -- Removed generally available feature gate `CSINodeExpandSecret`. ([#124462](https://github.com/kubernetes/kubernetes/pull/124462), [@carlory](https://github.com/carlory)) [SIG Storage] -- Removed generally available feature gate `ConsistentHTTPGetHandlers`. ([#124463](https://github.com/kubernetes/kubernetes/pull/124463), [@carlory](https://github.com/carlory)) [SIG Node] -- Removed generally available feature gate `ReadWriteOncePod`. ([#124329](https://github.com/kubernetes/kubernetes/pull/124329), [@chrishenzie](https://github.com/chrishenzie)) [SIG Storage] -- Removes `ENABLE_CLIENT_GO_WATCH_LIST_ALPHA` environmental variable from the reflector. - To activate the feature set `KUBE_FEATURE_WatchListClient` environmental variable or a corresponding command line option (this works only binaries that explicitly expose it). ([#122791](https://github.com/kubernetes/kubernetes/pull/122791), [@p0lyn0mial](https://github.com/p0lyn0mial)) [SIG API Machinery and Testing] -- Removing deprecated kubectl exec [POD] [COMMAND] ([#125437](https://github.com/kubernetes/kubernetes/pull/125437), [@ardaguclu](https://github.com/ardaguclu)) [SIG CLI and Testing] -- Removing the last remaining in-tree gcp cloud provider and credential provider. Please use the external cloud provider and credential provider from https://github.com/kubernetes/cloud-provider-gcp instead. ([#124519](https://github.com/kubernetes/kubernetes/pull/124519), [@dims](https://github.com/dims)) [SIG API Machinery, Apps, Auth, Autoscaling, Cloud Provider, Instrumentation, Network, Node, Scheduling, Storage and Testing] -- Scheduler framework: PreBind implementations are now allowed to return Pending and Unschedulable status codes. ([#125360](https://github.com/kubernetes/kubernetes/pull/125360), [@pohly](https://github.com/pohly)) [SIG Scheduling] -- The feature gate "DefaultHostNetworkHostPortsInPodTemplates" has been removed. This behavior was deprecated in v1.28, and has had no reports of trouble since. ([#124417](https://github.com/kubernetes/kubernetes/pull/124417), [@thockin](https://github.com/thockin)) [SIG Apps] -- The feature gate "SkipReadOnlyValidationGCE" has been removed. This gate has been active for 2 releases with no reports of issues (and was such a niche thing, we didn't expect any). ([#124210](https://github.com/kubernetes/kubernetes/pull/124210), [@thockin](https://github.com/thockin)) [SIG Apps] -- The kube-scheduler exposes /livez and /readz for health checks that are in compliance with https://kubernetes.io/docs/reference/using-api/health-checks/#api-endpoints-for-health ([#118148](https://github.com/kubernetes/kubernetes/pull/118148), [@linxiulei](https://github.com/linxiulei)) [SIG API Machinery, Scheduling and Testing] -- The kubelet is no longer able to recover from device manager state file older than 1.20. If the proper recommended upgrade flow is followed, there should be no issue. ([#123398](https://github.com/kubernetes/kubernetes/pull/123398), [@ffromani](https://github.com/ffromani)) [SIG Node and Testing] -- This change improves documentation clarity, making it more understandable for new users and contributors. ([#125536](https://github.com/kubernetes/kubernetes/pull/125536), [@this-is-yaash](https://github.com/this-is-yaash)) [SIG Release] -- Update CNI Plugins to v1.5.0 ([#125113](https://github.com/kubernetes/kubernetes/pull/125113), [@bzsuni](https://github.com/bzsuni)) [SIG Cloud Provider, Network, Node and Testing] +- Optimized log output to avoid printing out redundant information of the pod. ([#124055](https://github.com/kubernetes/kubernetes/pull/124055), [@yangjunmyfm192085](https://github.com/yangjunmyfm192085)) +- Removed GA ServiceNodePortStaticSubrange feature gate. ([#124738](https://github.com/kubernetes/kubernetes/pull/124738), [@xuzhenglun](https://github.com/xuzhenglun)) +- Removed Kubelet flags `--iptables-masquerade-bit` and `--iptables-drop-bit` as they were deprecated in v1.28. in v1.28 and have now been removed entirely. ([#122363](https://github.com/kubernetes/kubernetes/pull/122363), [@carlory](https://github.com/carlory)) [SIG Network and Node] +- Removed `ENABLE_CLIENT_GO_WATCH_LIST_ALPHA` environment variable from the reflector. + To activate the feature set `KUBE_FEATURE_WatchListClient` environment variable or a corresponding command line option (this works only with binaries that explicitly expose it). ([#122791](https://github.com/kubernetes/kubernetes/pull/122791), [@p0lyn0mial](https://github.com/p0lyn0mial)) [SIG API Machinery and Testing] +- Removed generally available feature gate `CSINodeExpandSecret`. ([#124462](https://github.com/kubernetes/kubernetes/pull/124462), [@carlory](https://github.com/carlory)) +- Removed generally available feature gate `ConsistentHTTPGetHandlers`. ([#124463](https://github.com/kubernetes/kubernetes/pull/124463), [@carlory](https://github.com/carlory)) +- Removed generally available feature gate `ReadWriteOncePod`. ([#124329](https://github.com/kubernetes/kubernetes/pull/124329), [@chrishenzie](https://github.com/chrishenzie)) +- Removed the following feature gates: + - `InTreePluginAWSUnregister` + - `InTreePluginAzureDiskUnregister` + - `InTreePluginAzureFileUnregister` + - `InTreePluginGCEUnregister` + - `InTreePluginOpenStackUnregister` + - `InTreePluginvSphereUnregister` ([#124815](https://github.com/kubernetes/kubernetes/pull/124815), [@carlory](https://github.com/carlory)) [SIG Storage] +- Removed the last remaining in-tree gcp cloud provider and credential provider. + Please use the external cloud provider and credential provider from https://github.com/kubernetes/cloud-provider-gcp + instead. ([#124519](https://github.com/kubernetes/kubernetes/pull/124519), [@dims](https://github.com/dims)) [SIG API Machinery, Apps, Auth, Autoscaling, Cloud Provider, Instrumentation, Network, Node, Scheduling, Storage and Testing] +- Scheduler framework: Allowed PreBind implementations to return Pending and Unschedulable status codes. ([#125360](https://github.com/kubernetes/kubernetes/pull/125360), [@pohly](https://github.com/pohly)) +- Set LocalStorageCapacityIsolationFSQuotaMonitoring to false by default, to match UserNamespacesSupport (which the feature relies on). ([#126355](https://github.com/kubernetes/kubernetes/pull/126355), [@haircommander](https://github.com/haircommander)) +- The ValidatingAdmissionPolicy metrics have been redone to count and time all validations, including failures and admissions. ([#126124](https://github.com/kubernetes/kubernetes/pull/126124), [@cici37](https://github.com/cici37)) [SIG API Machinery and Instrumentation] +- The feature gate "DefaultHostNetworkHostPortsInPodTemplates" has been removed. This behavior was deprecated in v1.28, and has had no reports of issues since. ([#124417](https://github.com/kubernetes/kubernetes/pull/124417), [@thockin](https://github.com/thockin)) +- The feature gate "SkipReadOnlyValidationGCE" has been removed. This gate has been active for 2 releases with no reports of issues (and was such a niche thing, we didn't expect any). ([#124210](https://github.com/kubernetes/kubernetes/pull/124210), [@thockin](https://github.com/thockin)) +- Updated CNI Plugins to v1.5.0. ([#125113](https://github.com/kubernetes/kubernetes/pull/125113), [@bzsuni](https://github.com/bzsuni)) [SIG Cloud Provider, Network, Node and Testing] - Updated cni-plugins to v1.4.1. ([#123894](https://github.com/kubernetes/kubernetes/pull/123894), [@saschagrunert](https://github.com/saschagrunert)) [SIG Cloud Provider, Node and Testing] - Updated cri-tools to v1.30.0. ([#124364](https://github.com/kubernetes/kubernetes/pull/124364), [@saschagrunert](https://github.com/saschagrunert)) [SIG Cloud Provider, Node and Release] -- `kubectl describe service` now shows internal traffic policy and ip mode of load balancer IP ([#125117](https://github.com/kubernetes/kubernetes/pull/125117), [@tnqn](https://github.com/tnqn)) [SIG CLI and Network] \ No newline at end of file +- `kubeadm`: The `NodeSwap` check that kubeadm performs during preflight, has a new warning to verify if swap has been configured correctly. ([#125157](https://github.com/kubernetes/kubernetes/pull/125157), [@carlory](https://github.com/carlory)) +- `kubectl describe service` now shows internal traffic policy and ip mode of load balancer IP. ([#125117](https://github.com/kubernetes/kubernetes/pull/125117), [@tnqn](https://github.com/tnqn)) [SIG CLI and Network] \ No newline at end of file diff --git a/releases/release-1.31/release-notes/sessions/maps-1722538475.json b/releases/release-1.31/release-notes/sessions/maps-1722538475.json new file mode 100644 index 0000000000..d62b896a21 --- /dev/null +++ b/releases/release-1.31/release-notes/sessions/maps-1722538475.json @@ -0,0 +1,279 @@ +{ + "mail": "sepi.alavii@gmail.com", + "name": "Sepideh", + "date": 1722538475, + "prs": [ + { + "nr": 124012, + "hash": "9dc4b05c72987a58af306a29df3181dfafa8bbec" + }, + { + "nr": 124884, + "hash": "f28d3c3627f95358986f40b784875830cd93219e" + }, + { + "nr": 126224, + "hash": "31c29d91394263d9248d9223b68e8f150a238e06" + }, + { + "nr": 125929, + "hash": "6d3ce0143c7c07735e36b3ee26a2b1296b8ddede" + }, + { + "nr": 126139, + "hash": "33abc6c92dea504cce0b8eef61bc68421bf1c33d" + }, + { + "nr": 126047, + "hash": "cae17cb0e63acce7b36650ad1b5f8e4302027dff" + }, + { + "nr": 124815, + "hash": "a78f70d29c71e68a3ff4262eb5144959a7d293d4" + }, + { + "nr": 125374, + "hash": "643665e2c0666de4340e71b128ec3a09fc533b00" + }, + { + "nr": 125277, + "hash": "9c07973fcb7272b377729a419ee73fe29b21fc2f" + }, + { + "nr": 126207, + "hash": "bf7affa53dcb70d26c456a0f7360f5c1b0e67f92" + }, + { + "nr": 125941, + "hash": "e1b26cc7adf9dac18bc007eca33de46c2f7d73ca" + }, + { + "nr": 126330, + "hash": "2b117019f85c72098ab95ff4f06237d96644f3b6" + }, + { + "nr": 126145, + "hash": "02cf5481e09b6233d5e2221514ec99646a18d750" + }, + { + "nr": 126188, + "hash": "6606d352e5c679d0280d2dd97e3855a8a701a754" + }, + { + "nr": 126014, + "hash": "08242f1f1feda982a438c801e8c6622cf24f07cc" + }, + { + "nr": 122628, + "hash": "f8a6453a8220abd6450cf3a1ee4179c8299a3118" + }, + { + "nr": 126335, + "hash": "dba7004f7a890dd85bbfee5c0cc2a9cd8cb930a7" + }, + { + "nr": 126174, + "hash": "f99612f40c5392598a3873529e7da28fd19c7149" + }, + { + "nr": 124342, + "hash": "058d814c32d97c0df08d40acc2cd4fe20f81900d" + }, + { + "nr": 125163, + "hash": "994fbe04728b635fde84104b02c37eb8b95488df" + }, + { + "nr": 124430, + "hash": "803f4cfac3d5a4662ac0d170113dd1b0aefaf0de" + }, + { + "nr": 126355, + "hash": "947c6a32c119faf73371b05c49e6f447086dcf8b" + }, + { + "nr": 124530, + "hash": "63bd72069ae2d7f3c1de6c5c69826626a3131b55" + }, + { + "nr": 125257, + "hash": "ff6313efb4f3dc620eb5e57069501fb6ace59d09" + }, + { + "nr": 124959, + "hash": "85df6964c0a2d0333982944249d57d59b27d8e2a" + }, + { + "nr": 120611, + "hash": "112e30bef13bce38e6ef1fa3b74d5276a5b1cbd6" + }, + { + "nr": 126125, + "hash": "75c527b067c32c02d49e86ccaaea1d3cfb82326f" + }, + { + "nr": 125488, + "hash": "fc1c9a71019d608bc02bf6584d1ed20adc5205a6" + }, + { + "nr": 126124, + "hash": "c995a60dda5364c51deb17e3b107d459b3c4f9d8" + }, + { + "nr": 125782, + "hash": "8f669b959bd631996c9551ca9fbabdc8836e06bd" + }, + { + "nr": 125259, + "hash": "cb835dfcbdab9c1b3f497853d7796175472c6fef" + }, + { + "nr": 125813, + "hash": "f6b445207ab2b84d80b9a0141ab942f55f8d9f08" + }, + { + "nr": 125660, + "hash": "fd0fedce7893df9baa438e23e9fec94289a73fa7" + }, + { + "nr": 125935, + "hash": "662f0b6c338d97262ad315df370fe9127bb5c96f" + }, + { + "nr": 126163, + "hash": "bdff3fe7f1f06aa2ae447773c257021af7410bde" + }, + { + "nr": 126031, + "hash": "0adcff2c89d925b01e77e066ab541e497f3cbbf3" + }, + { + "nr": 125656, + "hash": "4b2b51afdd74a30d629168d35d2e9084ee81c75a" + }, + { + "nr": 124958, + "hash": "3ff1e3a1d733f09a1a1cfefa6e1e4b5d8d160265" + }, + { + "nr": 124101, + "hash": "f0c3ee06acdaac20a5cc16da951b9ec2b4dfa595" + }, + { + "nr": 126243, + "hash": "01cee0e00a5e15481e041521326d0c1f84fad8d7" + }, + { + "nr": 125661, + "hash": "10c2fb52626014ea434404ce3e7200ec1cf59ec5" + }, + { + "nr": 126107, + "hash": "617561f824d8fd1e02e6074f72b8a544d96bcd42" + }, + { + "nr": 126166, + "hash": "3acb60b8cf94ee569475aa0c39f29e7dae33ef1e" + }, + { + "nr": 126293, + "hash": "ec2e9a33134dc7d43bd574151ae0c3b1f4f67551" + }, + { + "nr": 126441, + "hash": "1ec8cb9ffe85a09b1cb27b2b71dd93a8bd20b936" + }, + { + "nr": 126108, + "hash": "199a7a2374958d34b0ee068a25ade03ac28bd42e" + }, + { + "nr": 126205, + "hash": "8242ece930798e77d1b2e3e5921ecbd2acfc1aad" + }, + { + "nr": 126237, + "hash": "54edd08a134dd15f8d64808485007e5d5894c407" + }, + { + "nr": 126291, + "hash": "cfe63b19624be2e9ff4e30523e560c3cdac277ad" + }, + { + "nr": 126191, + "hash": "6189d3f4de626456150ab5ee0702412fe9e77abf" + }, + { + "nr": 126072, + "hash": "1792a31f637d97256e83bccbd382b5dc0f48d03f" + }, + { + "nr": 126136, + "hash": "f96db3621ba0f964e5bdca8ba30ed548bab2854d" + }, + { + "nr": 124383, + "hash": "804611f5df6bff9b437c8c097a923b6d34b6c9b7" + }, + { + "nr": 122922, + "hash": "013c6ff4e49639ce759b529b75101e1f4609907a" + }, + { + "nr": 124568, + "hash": "00a10311b511d2153e5ff75a40f86fb46d542917" + }, + { + "nr": 125571, + "hash": "aecece7ccbba9d895165ae603f56173c607378ca" + }, + { + "nr": 124061, + "hash": "6252d8140c0b3fac9a276d3547dc280fe5a22dfb" + }, + { + "nr": 126067, + "hash": "a6fd700106fad583a49a9d38ef24a6c0e2138e62" + }, + { + "nr": 125470, + "hash": "769429c3d720fadfcd2a6700d18f56815245b7f9" + }, + { + "nr": 126227, + "hash": "c7a714caf73350fa1b91ad4d956218d30c3ea551" + }, + { + "nr": 121902, + "hash": "5bf9b530f6e8c81140d6d88dbb442c2c6140baf5" + }, + { + "nr": 126167, + "hash": "4e9d50eb7b5fcd55301c7485cff8af8f8c3cbb30" + }, + { + "nr": 126113, + "hash": "a8452e00b49dc79d07d4bd78cc3e3ccda9f0e183" + }, + { + "nr": 124819, + "hash": "e9d069d81803fab49437436ea6419b271640c5c4" + }, + { + "nr": 126165, + "hash": "5dc1e4a87b2e7d6345f982a42f12c1ac5be32be3" + }, + { + "nr": 124961, + "hash": "f8f280b6ce4b35f3ada3337cb0069825ac5e425c" + }, + { + "nr": 126073, + "hash": "0b193e287d11f315f4d8f98140e44a140988005e" + }, + { + "nr": 125778, + "hash": "eaed7555b070db57c61fd79f7676c6222e3423d1" + } + ] +} \ No newline at end of file