Kubernetes v1.27.2 is live!

109 views

Skip to first unread message

Jeremy Rickard

unread,

May 18, 2023, 11:26:12 AM5/18/23

to kubernetes-announce, dev

Kubernetes Community,

Kubernetes v1.27.2 has been built and pushed using Golang version 1.20.4.

The release notes have been updated in CHANGELOG-1.27.md, with a pointer to them on GitHub:

v1.27.2

Downloads for v1.27.2

Source Code

filename	sha512 hash
kubernetes.tar.gz	c46c9c1c4cdb0b1532630ce0e01295c7185f725e494d4fd190bae0540283c679b1c8b0a1ad1f0f5d320ddbf439e5fdd6f925700080cdf810158e1f41b8c5d9c9
kubernetes-src.tar.gz	b9be38a5506071a362864661b369c71b0a02e66df0a77a2afc68040fa9634751a189e3c6c94771aee3e17b50a73228ad992a08f31cf4b322ebd7003e7676d381

Client Binaries

filename	sha512 hash
kubernetes-client-darwin-amd64.tar.gz	7e4c0a207e505f6966999e0efb293c0e885d5975ad02f8e534b60ab1a94e0fdbcefd72c18fd536bb23e9356735098dd3fb85c6034e3ec07879f9511deb254f1b
kubernetes-client-darwin-arm64.tar.gz	41a51f588a9c19d0377921b66c21d7b406244aca4fbd32c0d7dcdd9b1cf80712c8f26a1134c2ae1d57612025b943e87a7bb55ee01c22838c0deb2754cf4a43cd
kubernetes-client-linux-386.tar.gz	729310d48d34fd21805869f849492227d3a74d1feafa4969d2aa5e0336c85d51f379865eda7b20c92b2f5122094884de5947a715f2fc9b6cb32e8a4e79dcd16c
kubernetes-client-linux-amd64.tar.gz	cc34cffb3ec65a1b29dc3998341c8317dd1bf34d45b230a2379b1676d4d9a600cb662cde7caa7c8253e4cf2320d40b9581f97c0a04ac81037643b4fd105c6103
kubernetes-client-linux-arm.tar.gz	b85927b9ff2f5871dac6814800c0fda43c4e69c27dd5c9d5cb3c73551c147ad2501675ffc5775cb70af4b643e88e784d034c3eec714de66c7ddf163a2ae4f500
kubernetes-client-linux-arm64.tar.gz	cdf09ad3150c702e84c22158e95f164cffcbfa5e06af65e33dafada0d0d00fd6c160f41eb72d7966b0659e49705f7197d92dc3dc7153cf907fcdf318071138bc
kubernetes-client-linux-ppc64le.tar.gz	7219c79d43cc57a0866c854183dbed2629866e4ce081b62eef6c3034094bf0d3143e9e2eb7cf819a2f49bd98566cf4ac56cc9f2989f4c49906a71e2df68767e4
kubernetes-client-linux-s390x.tar.gz	9a5c0d13732ebf2d69f714ee953cc57f1c7ca2a27cb26333336a0da225414a96976f6a383cbe89aee80bcdd47a59dc17784acce377f656a6f959ed65f638a82d
kubernetes-client-windows-386.tar.gz	7bad7610f5a000cf40f68451d4cf94395d43907271aa98132cb6a52eae541e25cce7f40b5dfb1b45c79da5bbf54ce49cfbcd04f819635e16d91e03c63b48b8f4
kubernetes-client-windows-amd64.tar.gz	3d1c4f023867e8289d19dba43d702d40f3a8d8583e2c436e447af43127da9b0e90b5ca4ac055c3256c92d8fcaaa3734f0a83039480b35a012aed86ecd377da59
kubernetes-client-windows-arm64.tar.gz	0b08b36d4869b6b1de0314bb365ae45f85719297088f12b723a535a61f7b2c648969c12a4e1ecbd29a6deb804551815ed21c3b8ae9ed6813aa26d625723a273e

Server Binaries

filename	sha512 hash
kubernetes-server-linux-amd64.tar.gz	53f1533aa8f493ebbdfb07ba59eaf971cf865c60d1ac9a5ad9f61e6d5f670e9d86e0dc70c6d3057953da2968d100de8d8bf50d5863ad2decb69c397aa6f185b9
kubernetes-server-linux-arm64.tar.gz	66466de2b1b5ad7ce09fba95da00d3451ae13b28b89755a64cc4e18e1254c5dfed290df5f8509f312396679bcc90eec98eb84e333ea9bd206ecb8bf00eeeba71
kubernetes-server-linux-ppc64le.tar.gz	283dd8c6391d62b1f11102ce3a252d78b1dd3268dd2b8c5f08276c9c764ced6f0f8e8056b5d302045c464efc063a81d815e6fc3f804b997770b40bc1b2a89f8c
kubernetes-server-linux-s390x.tar.gz	ea30de775e794eb738a3c10c730c0e291ae1460fdaba984d4eb00bf52b552f192608e8213b382ac8161f1f13486ddf13b7f20e4f5838a1e38f08da9288c01a3c

Node Binaries

filename	sha512 hash
kubernetes-node-linux-amd64.tar.gz	2a05c3ebcec8bce9ca2a7c835617f0b85dbf11a07d39c5b002b5389a45465807c437dd22d975c60e680ee34f3bc00e460d848927a8fa2c1543ec97fb66f50477
kubernetes-node-linux-arm64.tar.gz	9d6c45fb54c01ac9a106d356d8c9ed1c6564f4b86bb1ba55ced628bbbf5c4fb1f78d68a15c3055680c6dff6c85a32726300d09b7a85bdcb7ba263a434b148826
kubernetes-node-linux-ppc64le.tar.gz	b029fe744619f9649e42c80ca2f0bb14ae72c934d4687100ee7f041cbcd72cc5567ae01acef9e2c7b5c579228b2af9a419bdbf2af64420754a5f6049cdd391bb
kubernetes-node-linux-s390x.tar.gz	d3319d9a4a205cd1fa9da590407fe2be3b149c50e77422ff2b2f1e803c24e0d496fdc89d16c658fbef7a0bc59d1b0e295dfa5354ce3c3c5d9a6749e60e1580ee
kubernetes-node-windows-amd64.tar.gz	a745fe1b46ec6c3bd27e72c2774a01fd53c27361de6ad7281c2adeaf88ab59ec725d60dc99a4de5f3579428ef4e923860a85143f14b51590ce43bfdee7a36a10

Container Images

All container images are available as manifest lists and support the described architectures. It is also possible to pull a specific architecture directly by adding the "-$ARCH" suffix to the container image name.

name	architectures
registry.k8s.io/conformance:v1.27.2	amd64, arm64, ppc64le, s390x
registry.k8s.io/kube-apiserver:v1.27.2	amd64, arm64, ppc64le, s390x
registry.k8s.io/kube-controller-manager:v1.27.2	amd64, arm64, ppc64le, s390x
registry.k8s.io/kube-proxy:v1.27.2	amd64, arm64, ppc64le, s390x
registry.k8s.io/kube-scheduler:v1.27.2	amd64, arm64, ppc64le, s390x

Changelog since v1.27.1

Changes by Kind

API Change

Added error handling for seccomp localhost configurations that do not properly set a localhostProfile (#117020, @cji) [SIG API Machinery and Node]
Fixed an issue where kubelet does not set case-insensitive headers for http probes. (#117182, @dddddai) (#117324, @dddddai) [SIG API Machinery, Apps and Node]
Revised the comment about the feature-gate level for PodFailurePolicy from alpha to beta (#117815, @kerthcet) [SIG Apps]

Feature

Kubernetes is now built with Go 1.20.4 (#117773, @xmudrii) [SIG Release and Testing]

Failing Test

Allow Azure Disk e2es to use newer topology labels if available from nodes (#117216, @gnufied) [SIG Storage and Testing]

Bug or Regression

CVE-2023-27561 CVE-2023-25809 CVE-2023-28642: Bump fix runc v1.1.4 -> v1.1.5 (#117242, @haircommander) [SIG Node]
During device plugin allocation, resources requested by the pod can only be allocated if the device plugin has registered itself to kubelet AND healthy devices are present on the node to be allocated. If these conditions are not sattsfied, the pod would fail with UnexpectedAdmissionError error. (#117719, @swatisehgal) [SIG Node and Testing]
Fallback from OpenAPI V3 to V2 when the OpenAPI V3 document is invalid or incomplete. (#117980, @seans3) [SIG CLI]
Fix bug where listOfStrings.join() in CEL expressions resulted in an unexpected internal error. (#117596, @jpbetz) [SIG API Machinery]
Fix incorrect calculation for ResourceQuota with PriorityClass as its scope. (#117825, @Huang-Wei) [SIG API Machinery]
Fix performance regression in scheduler caused by frequent metric lookup on critical code path. (#117617, @tosi3k) [SIG Scheduling]
Fix: the volume is not detached after the pod and PVC objects are deleted (#117236, @cvvz) [SIG Storage]
Fixed a memory leak in the Kubernetes API server that occurs during APIService processing. (#117310, @enj) [SIG API Machinery]
Fixes a race condition serving OpenAPI content (#117708, @Jefftree) [SIG API Machinery, Architecture, Auth, CLI, Cloud Provider, Instrumentation and Node]
Fixes a regression in kubectl and client-go discovery when configured with a server URL other than the root of a server. (#117685, @ardaguclu) [SIG API Machinery]
Fixes bug where an incomplete OpenAPI V3 document can cause a nil-pointer crash. Ensures fallback to OpenAPI V2 endpoint for errors retrieving OpenAPI V3 document. (#117918, @seans3) [SIG CLI]
Kubeadm: fix a bug where file copy(backup) could not be executed correctly on Windows platform during upgrade (#117861, @SataQiu) [SIG Cluster Lifecycle]
Kubelet terminates pods correctly upon restart, fixing an issue where pods may have not been fully terminated if the kubelet was restarted during pod termination. (#117433, @bobbypage) [SIG Node and Testing]
Number of errors reported to the metric storage_operation_duration_seconds_count for emptyDir decreased significantly because previously one error was reported for each projected volume created. (#117022, @mpatlasov) [SIG Storage]
Resolves a spurious "Unknown discovery response content-type" error in client-go discovery requests by tolerating extra content-type parameters in API responses (#117637, @seans3) [SIG API Machinery]
Reverted NewVolumeManagerReconstruction and SELinuxMountReadWriteOncePod feature gates to disabled by default to resolve a regression of volume reconstruction on kubelet/node restart (#117752, @liggitt) [SIG Storage]
Static pods were taking extra time to be restarted after being updated. Static pods that are waiting to restart were not correctly counted in kubelet_working_pods. (#116995, @smarterclayton) [SIG Node]
[KCCM] service controller: change the cloud controller manager to make providerID a predicate when synchronizing nodes. This change allows load balancer integrations to ensure that the providerID is set when configuring load balancers and targets. (#117450, @alexanderConstantinescu) [SIG Cloud Provider and Network]

Other (Cleanup or Flake)

A v2-level info log will be added, which will output the details of the pod being preempted, including victim and preemptor (#117214, @HirazawaUi) [SIG Scheduling]
Structured logging of NamespacedName was inconsistent with klog.KObj. Now both use lower case field names and namespace is optional. (#117238, @pohly) [SIG API Machinery, Architecture and Instrumentation]

Dependencies

Added

Nothing has changed.

Changed

github.com/opencontainers/runc: v1.1.4 → v1.1.6
k8s.io/kube-openapi: 15aac26 → 8b0f38b
sigs.k8s.io/apiserver-network-proxy/konnectivity-client: v0.1.1 → v0.1.2

Removed

Nothing has changed.

Contributors, the CHANGELOG-1.27.md has been bootstrapped with v1.27.2 release notes and you may edit now as needed.