Kubernetes v1.21.0 has been built and pushed using Golang version 1.16.1.
The release notes have been updated in CHANGELOG-1.21.md, with a pointer to them on GitHub:
filename | sha512 hash |
---|---|
kubernetes.tar.gz | 19bb76a3fa5ce4b9f043b2a3a77c32365ab1fcb902d8dd6678427fb8be8f49f64a5a03dc46aaef9c7dadee05501cf83412eda46f0edacbb8fc1ed0bf5fb79142 |
kubernetes-src.tar.gz | f942e6d6c10007a6e9ce21e94df597015ae646a7bc3e515caf1a3b79f1354efb9aff59c40f2553a8e3d43fe4a01742241f5af18b69666244906ed11a22e3bc49 |
filename | sha512 hash |
---|---|
kubernetes-client-darwin-amd64.tar.gz | be9d1440e418e5253fb8a3d8aba705ca8160746a9bd17325ad626a986b6da9f733af864155a651a32b7bca94b533b8d596005ddbe5248bdeea85db47a1b957ed |
kubernetes-client-darwin-arm64.tar.gz | eed0ddc81d104bb2d41ace13f737c490423d5df4ebddc7376e45c18ed66af35933c9376b912c1c3da105945b04056f6ca0870c156bee8a307cf4189ca5eb1dd1 |
kubernetes-client-linux-386.tar.gz | 8a2f30c4434199762f2a96141dab4241c1cce2711bea9ea39cc63c2c5e7d31719ed7f076efac1931604e3a94578d3bbf0cfa454965708c96f3cfb91789868746 |
kubernetes-client-linux-amd64.tar.gz | cd3cfa645fa31de3716f1f63506e31b73d2aa8d37bb558bb3b3e8c151f35b3d74d44e03cbd05be67e380f9a5d015aba460222afdac6677815cd99a85c2325cf0 |
kubernetes-client-linux-arm.tar.gz | 936042aa11cea0f6dfd2c30fc5dbe655420b34799bede036b1299a92d6831f589ca10290b73b9c9741560b603ae31e450ad024e273f2b4df5354bfac272691d8 |
kubernetes-client-linux-arm64.tar.gz | 42beb75364d7bf4bf526804b8a35bd0ab3e124b712e9d1f45c1b914e6be0166619b30695feb24b3eecef134991dacb9ab3597e788bd9e45cf35addddf20dd7f6 |
kubernetes-client-linux-ppc64le.tar.gz | 4baba2ed7046b28370eccc22e2378ae79e3ce58220d6f4f1b6791e8233bec8379e30200bb20b971456b83f2b791ea166fdfcf1ea56908bc1eea03590c0eda468 |
kubernetes-client-linux-s390x.tar.gz | 37fa0c4d703aef09ce68c10ef3e7362b0313c8f251ce38eea579cd18fae4023d3d2b70e0f31577cabe6958ab9cfc30e98d25a7c64e69048b423057c3cf728339 |
kubernetes-client-windows-386.tar.gz | 6900db36c1e3340edfd6dfd8d720575a904c932d39a8a7fa36401595e971a0235bd42111dbcc1cbb77e7374e47f1380a68c637997c18f96a0d9cdc9f3714c4c9 |
kubernetes-client-windows-amd64.tar.gz | 90de67f6f79fc63bcfdf35066e3d84501cc85433265ffad36fd1a7a428a31b446249f0644a1e97495ea8b2a08e6944df6ef30363003750339edaa2aceffe937c |
filename | sha512 hash |
---|---|
kubernetes-server-linux-amd64.tar.gz | 3941dcc2309ac19ec185603a79f5a086d8a198f98c04efa23f15a177e5e1f34946ea9392ba9f5d24d0d727839438f067fef1001fc6e88b27b8b01e35bbd962ca |
kubernetes-server-linux-arm.tar.gz | 6507abf6c2ec2b336901dc23269f6c577ec0049b8bad3c9dd6ad63f21aa10f09bfbbfa6e064c2466d250411d3e10f8672791a9e10942e38de7bfbaf7a8bcc9da |
kubernetes-server-linux-arm64.tar.gz | 5abe76f867ca6865344e957bf166b81766c049ec4eb183a8a5580c22a7f8474db1edf90fd901a5833e56128b6825811653a1d27f72fd34ce5b1287a8c10da05c |
kubernetes-server-linux-ppc64le.tar.gz | 62507b182ca25396a285d91241536860e58f54fac937e97cbdf91948c83bb41be97d33277400489bf50e85164d560205540b76e94e5d519892312bdc63df1067 |
kubernetes-server-linux-s390x.tar.gz | 04f2a1f7d1388e4a7d7d9f597f872a3da36f26839cfed16aad6df07021c03f4dca1df06b19cfda56df09d1c2d9a13ebd0af40ca1b9b6aecfaf427ab7712d88f3 |
filename | sha512 hash |
---|---|
kubernetes-node-linux-amd64.tar.gz | c1831c708109c31b3878e5a9327ea4b9e546504d0b6b00f3d43db78b5dd7d5114d32ac24a9a505f9cadbe61521f0419933348d2cd309ed8cfe3987d9ca8a7e2c |
kubernetes-node-linux-arm.tar.gz | b68dd5bcfc7f9ce2781952df40c8c3a64c29701beff6ac22f042d6f31d4de220e9200b7e8272ddf608114327770acdaf3cb9a34a0a5206e784bda717ea080e0f |
kubernetes-node-linux-arm64.tar.gz | 7fa84fc500c28774ed25ca34b6f7b208a2bea29d6e8379f84b9f57bd024aa8fe574418cee7ee26edd55310716d43d65ae7b9cbe11e40c995fe2eac7f66bdb423 |
kubernetes-node-linux-ppc64le.tar.gz | a4278b3f8e458e9581e01f0c5ba8443303c987988ee136075a8f2f25515d70ca549fbd2e4d10eefca816c75c381d62d71494bd70c47034ab47f8315bbef4ae37 |
kubernetes-node-linux-s390x.tar.gz | 8de2bc6f22f232ff534b45012986eac23893581ccb6c45bd637e40dbe808ce31d5a92375c00dc578bdbadec342b6e5b70c1b9f3d3a7bb26ccfde97d71f9bf84a |
kubernetes-node-windows-amd64.tar.gz | b82e94663d330cff7a117f99a7544f27d0bc92b36b5a283b3c23725d5b33e6f15e0ebf784627638f22f2d58c58c0c2b618ddfd226a64ae779693a0861475d355 |
PSP as an admission controller resource is being deprecated. Deployed PodSecurityPolicy's will keep working until version 1.25, their target removal from the codebase. A new feature, with a working title of "PSP replacement policy", is being developed in KEP-2579. To learn more, read PodSecurityPolicy Deprecation: Past, Present, and Future.
The API reference is now generated with gen-resourcesdocs
and it is moving to Kubernetes API
Kustomize version in kubectl had a jump from v2.0.3 to v4.0.5. Kustomize is now treated as a library and future updates will be less sporadic.
Pod with multiple containers can use kubectl.kubernetes.io/default-container
label to have a container preselected for kubectl commands. More can be read in KEP-2227.
Immutable Secrets and ConfigMaps graduates to GA. This feature allows users to specify that the contents of a particular Secret or ConfigMap is immutable for its object lifetime. For such instances, Kubelet will not watch/poll for changes and therefore reducing apiserver load.
Kubelet has adopted structured logging, thanks to community effort in accomplishing this within the release timeline. Structured logging in the project remains an ongoing effort -- for folks interested in participating, keep an eye / chime in to the mailing list discussion.
Traditionally, the Kubernetes scheduler was based on the assumptions that additional persistent storage is available everywhere in the cluster and has infinite capacity. Topology constraints addressed the first point, but up to now pod scheduling was still done without considering that the remaining storage capacity may not be enough to start a new pod. Storage capacity tracking addresses that by adding an API for a CSI driver to report storage capacity and uses that information in the Kubernetes scheduler when choosing a node for a pod. This feature serves as a stepping stone for supporting dynamic provisioning for local volumes and other volume types that are more capacity constrained.
Generic ephermeral volumes feature allows any existing storage driver that supports dynamic provisioning to be used as an ephemeral volume with the volume’s lifecycle bound to the Pod. It can be used to provide scratch storage that is different from the root disk, for example persistent memory, or a separate local disk on that node. All StorageClass parameters for volume provisioning are supported. All features supported with PersistentVolumeClaims are supported, such as storage capacity tracking, snapshots and restore, and volume resizing.
CSI Service Account Token feature moves to Beta in 1.21. This feature improves the security posture and allows CSI drivers to receive pods' bound service account tokens. This feature also provides a knob to re-publish volumes so that short-lived volumes can be refreshed.
The CSI health monitoring feature is being released as a second Alpha in Kubernetes 1.21. This feature enables CSI Drivers to share abnormal volume conditions from the underlying storage systems with Kubernetes so that they can be reported as events on PVCs or Pods. This feature serves as a stepping stone towards programmatic detection and resolution of individual volume health issues by Kubernetes.
TopologyAwareHints
feature falls back to default behaviorThe feature gate currently falls back to the default behavior in most cases. Enabling the feature gate will add hints to EndpointSlices
, but functional differences are only observed in non-dual stack kube-proxy implementation. The fix will be available in coming releases.
CSIMigrationXXComplete
flag and add alpha InTreePluginXXUnregister
flag. Deprecate CSIMigrationvSphereComplete
flag and it will be removed in v1.22. (#98243, @Jiawei0227)storage_operation_errors_total
, since we already have storage_operation_status_count
.And add new field status
for storage_operation_duration_seconds
, so that we can know about all status storage operation latency. (#98332, @JornShen) [SIG Instrumentation and Storage]storage_operation_errors_total
is not removed, but is marked deprecated, and the metric storage_operation_status_count
is marked deprecated. In both cases the storage_operation_duration_seconds
metric can be used to recover equivalent counts (using status=fail-unknown
in the case of storage_operations_errors_total
). (#99045, @mattcary)ServiceNodeExclusion
, NodeDisruptionExclusion
and LegacyNodeRoleBehavior
features have been promoted to GA. ServiceNodeExclusion
and NodeDisruptionExclusion
are now unconditionally enabled, while LegacyNodeRoleBehavior
is unconditionally disabled. To prevent control plane nodes from being added to load balancers automatically, upgrade users need to add "node.kubernetes.io/exclude-from-external-load-balancers" label to control plane nodes. (#97543, @pacoxu)Aborting the drain command in a list of nodes will be deprecated. The new behavior will make the drain command go through all nodes even if one or more nodes failed during the drain. For now, users can try such experience by enabling --ignore-errors flag. (#98203, @yuzhiquan)
Delete deprecated service.beta.kubernetes.io/azure-load-balancer-mixed-protocols
mixed procotol annotation in favor of the MixedProtocolLBService feature (#97096, @nilo19) [SIG Cloud Provider]
Deprecate the topologyKeys
field in Service. This capability will be replaced with upcoming work around Topology Aware Subsetting and Service Internal Traffic Policy. (#96736, @andrewsykim) [SIG Apps]
Kube-proxy: remove deprecated --cleanup-ipvs flag of kube-proxy, and make --cleanup flag always to flush IPVS (#97336, @maaoBit) [SIG Network]
Kubeadm: deprecated command "alpha selfhosting pivot" is now removed. (#97627, @knight42)
Kubeadm: graduate the command kubeadm alpha kubeconfig user
to kubeadm kubeconfig user
. The kubeadm alpha kubeconfig user
command is deprecated now. (#97583, @knight42) [SIG Cluster Lifecycle]
Kubeadm: the "kubeadm alpha certs" command is removed now, please use "kubeadm certs" instead. (#97706, @knight42) [SIG Cluster Lifecycle]
Kubeadm: the deprecated kube-dns is no longer supported as an option. If "ClusterConfiguration.dns.type" is set to "kube-dns" kubeadm will now throw an error. (#99646, @rajansandeep) [SIG Cluster Lifecycle]
Kubectl: The deprecated kubectl alpha debug
command is removed. Use kubectl debug
instead. (#98111, @pandaamanda) [SIG CLI]
Official support to build kubernetes with docker-machine / remote docker is removed. This change does not affect building kubernetes with docker locally. (#97935, @adeniyistephen) [SIG Release and Testing]
Remove deprecated --generator, --replicas, --service-generator, --service-overrides, --schedule
from kubectl run
Deprecate --serviceaccount, --hostport, --requests, --limits
in kubectl run
(#99732, @soltysh)
Remove the deprecated metrics "scheduling_algorithm_preemption_evaluation_seconds" and "binding_duration_seconds", suggest to use "scheduler_framework_extension_point_duration_seconds" instead. (#96447, @chendave) [SIG Cluster Lifecycle, Instrumentation, Scheduling and Testing]
Removing experimental windows container hyper-v support with Docker (#97141, @wawa0210) [SIG Node and Windows]
Rename metrics etcd_object_counts
to apiserver_storage_object_counts
and mark it as stable. The original etcd_object_counts
metrics name is marked as "Deprecated" and will be removed in the future. (#99785, @erain) [SIG API Machinery, Instrumentation and Testing]
The GA TokenRequest and TokenRequestProjection feature gates have been removed and are unconditionally enabled. Remove explicit use of those feature gates in CLI invocations. (#97148, @wawa0210) [SIG Node]
The PodSecurityPolicy API is deprecated in 1.21, and will no longer be served starting in 1.25. (#97171, @deads2k) [SIG Auth and CLI]
The batch/v2alpha1
CronJob type definitions and clients are deprecated and removed. (#96987, @soltysh) [SIG API Machinery, Apps, CLI and Testing]
The export
query parameter (inconsistently supported by API resources and deprecated in v1.14) is fully removed. Requests setting this query parameter will now receive a 400 status response. (#98312, @deads2k) [SIG API Machinery, Auth and Testing]
audit.k8s.io/v1beta1
and audit.k8s.io/v1alpha1
audit policy configuration and audit events are deprecated in favor of audit.k8s.io/v1
, available since v1.13. kube-apiserver invocations that specify alpha or beta policy configurations with --audit-policy-file
, or explicitly request alpha or beta audit events with --audit-log-version
/ --audit-webhook-version
must update to use audit.k8s.io/v1
and accept audit.k8s.io/v1
events prior to v1.24. (#98858, @carlory) [SIG Auth]
discovery.k8s.io/v1beta1
EndpointSlices are deprecated in favor of discovery.k8s.io/v1
, and will no longer be served in Kubernetes v1.25. (#100472, @liggitt)
diskformat
storage class parameter for in-tree vSphere volume plugin is deprecated as of v1.21 release. Please consider updating storageclass and remove diskformat
parameter. vSphere CSI Driver does not support diskformat storageclass parameter.
vSphere releases less than 67u3 are deprecated as of v1.21. Please consider upgrading vSphere to 67u3 or above. vSphere CSI Driver requires minimum vSphere 67u3.
VM Hardware version less than 15 is deprecated as of v1.21. Please consider upgrading the Node VM Hardware version to 15 or above. vSphere CSI Driver recommends Node VM's Hardware version set to at least vmx-15.
Multi vCenter support is deprecated as of v1.21. If you have a Kubernetes cluster spanning across multiple vCenter servers, please consider moving all k8s nodes to a single vCenter Server. vSphere CSI Driver does not support Kubernetes deployment spanning across multiple vCenter servers.
Support for these deprecations will be available till Kubernetes v1.24. (#98546, @divyenpatel)
.spec.completionMode
field to Job, with accepted values NonIndexed
(default) and Indexed
. This is an alpha field and is only honored by servers with the IndexedJob
feature gate enabled. (#98441, @alculquicondor) [SIG Apps and CLI]/debug/pprof
and /debug/flags/v
endpoint in kubelet by setting enableProfilingHandler
and enableDebugFlagsHandler
to false
in the Kubelet configuration file. Options enableProfilingHandler
and enableDebugFlagsHandler
can be set to true
only when enableDebuggingHandlers
is also set to true
. (#98458, @SaranBalaji90)kubectl exec
and kubectl portforward
won't be interrupted. (#97083, @knight42) [SIG API Machinery and CLI].spec.suspend
field that can be used to suspend and resume Jobs. This is an alpha field which is only honored by servers with the SuspendJob
feature gate enabled. (#98727, @adtac)kubernetes.io/metadata.name
label matching their metadata.name field to allow selecting any namespace by its name using a label selector. (#96968, @jayunit100) [SIG API Machinery, Apps, Cloud Provider, Storage and Testing]immutable
field in Secret or ConfigMap object to mark their contents as immutable. (#97615, @wojtek-t) [SIG Apps, Architecture, Node and Testing]FailedAndUnresolvableNodes
of ExtenderFilterResult
struct. Nodes in this map will be skipped in the preemption phase. (#92866, @cofyc) [SIG Scheduling]/var/run/secrets/kubernetes.io/serviceaccount/token
to be time-limited, auto-refreshed, and invalidated when the containing pod is deleted.k8s.io/client-go
version v11.0.0+ and v0.15.0+ reload tokens automatically.serviceaccount_stale_tokens_total
can be used to monitor for workloads that are depending on the extended lifetime and are continuing to use tokens even after a refreshed token is provided to the container. If that metric indicates no existing workloads are depending on extended lifetimes, injected token lifetime can be shortened to 1 hour by starting kube-apiserver
with --service-account-extend-token-expiration=false
. (#95667, @zshihang) [SIG API Machinery, Auth, Cluster Lifecycle and Testing]EndpointSliceController
will not populate the deprecatedTopology
field and will only provide topology information through the zone
and nodeName
fields. (#99870, @swetharepakula)endpoints.kubernetes.io/over-capacity
annotation to "warning" when an Endpoints resource contains more than 1000 addresses. In a future release, the controller will truncate Endpoints that exceed this limit. The EndpointSlice API can be used to support significantly larger number of addresses. (#99975, @robscott) [SIG Apps and Network]{}
) written to a policy/v1 PodDisruptionBudget now selects all pods in the namespace. The behavior of the policy/v1beta1 API remains unchanged. The policy/v1beta1 PodDisruptionBudget API is deprecated and will no longer be served in 1.25+. (#99290, @mortent) [SIG API Machinery, Apps, Auth, Autoscaling, CLI, Cloud Provider, Cluster Lifecycle, Instrumentation, Scheduling and Testing]EndpointSlice
API is now GA. The EndpointSlice
topology field has been removed from the GA API and will be replaced by a new per Endpoint Zone field. If the topology field was previously used, it will be converted into an annotation in the v1 Resource. The discovery.k8s.io/v1alpha1
API is removed. (#99662, @swetharepakula)controller.kubernetes.io/pod-deletion-cost
annotation can be set to offer a hint on the cost of deleting a Pod
compared to other pods belonging to the same ReplicaSet. Pods with lower deletion cost are deleted first. This is an alpha feature. (#99163, @ahg-g)managedFields
that got corrupted by a mutating admission controller. (#98074, @kwiesmueller)TopologyAwareHints
feature gate. (#99522, @robscott) [SIG API Machinery, Apps, Auth, Instrumentation, Network and Testing]kubectl.kubernetes.io/default-exec-container
annotation in a Pod to preselect container for kubectl commands. (#97099, @pacoxu) [SIG CLI]TTLAfterFinished
controller (#98676, @ahg-g)kubernetes.io/cluster/<clusterName>
tags. It also supports additional service annotation service.beta.kubernetes.io/aws-load-balancer-subnets
to manually configure the subnets. (#97431, @kishorj)kube-apiserver
to listen with SO_REUSEADDR
. While allowing to listen on wildcard IPs like 0.0.0.0 and specific IPs in parallel, it avoids waiting for the kernel to release socket in TIME_WAIT
state, and hence, considerably reducing kube-apiserver
restart times under certain conditions. (#93861, @sttts)csi_operations_seconds
metric on kubelet that exposes CSI operations duration and status for node CSI operations. (#98979, @Jiawei0227) [SIG Instrumentation and Storage]migrated
field into storage_operation_duration_seconds
metric (#99050, @Jiawei0227) [SIG Apps, Instrumentation and Storage]ephemeral_volume_controller_create[_failures]_total
counters to kube-controller-manager metrics (#99115, @pohly) [SIG API Machinery, Apps, Cluster Lifecycle, Instrumentation and Storage]arm64
node artifacts. (#99242, @liu-cong)VolumeCapacityPriority
which makes the scheduler prioritize nodes based on the best matching size of statically provisioned PVs across multiple topologies. (#96347, @cofyc) [SIG Apps, Network, Scheduling, Storage and Testing]NewDebuggingRoundTripper
function and DebugLevel
options in the k8s.io/client-go/transport package. (#98324, @atosatto)kubeadm init
and kubeadm join
, showing warnings on non-compliant names (#99194, @pacoxu)--use-protocol-buffers
flag to kubectl top pods and nodes. (#96655, @serathius)kubectl get
will omit managed fields by default now. Users could set --show-managed-fields
to true to show managedFields when the output format is either json
or yaml
. (#96878, @knight42) [SIG CLI and Testing]kubectl.kubernetes.io/default-container
annotation (#99833, @mengjiao-liu)kubectl get
(#98301, @phil9909)DenyServiceExternalIPs
is available. Clusters which do not need the Service externalIPs
feature should enable this controller and be more secure. (#97395, @thockin)PreferNominatedNode
will improve the performance of scheduling where preemption might frequently happen, but in theory, enable the feature of PreferNominatedNode
, the pod might not be scheduled to the best candidate node in the cluster. (#93179, @chendave) [SIG Scheduling and Testing]etcd_object_counts
to apiserver_storage_object_counts
and mark it as stable. The original etcd_object_counts
metrics name is marked as "Deprecated" and will be removed in the future. (#99785, @erain) [SIG API Machinery, Instrumentation and Testing]CronJobControllerV2
feature flag graduates to Beta and set to be enabled by default. (#98878, @soltysh)EndpointSlice
mirroring controller mirrors endpoints annotations and labels to the generated endpoint slices, it also ensures that updates on any of these fields are mirrored.
The well-known annotation endpoints.kubernetes.io/last-change-trigger-time
is skipped and not mirrored. (#98116, @aojea)RunAsGroup
feature has been promoted to GA in this release. (#94641, @krmayankk) [SIG Auth and Node]ServiceAccountIssuerDiscovery
feature has graduated to GA, and is unconditionally enabled. The ServiceAccountIssuerDiscovery
feature-gate will be removed in 1.22. (#98553, @mtaufen) [SIG API Machinery, Auth and Testing]TTLAfterFinished
feature flag is now beta and enabled by default (#98678, @ahg-g)ResolveBindAddress()
takes into consideration global IP addresses on loopback interfaces when 1) the host has default routes, or 2) there are no global IPs on those interfaces in order to support more complex network scenarios like BGP Unnumbered RFC 5549 (#95790, @aojea) [SIG Network]RootCAConfigMap
graduated to GA in v1.21 and therefore will be unconditionally enabled. This flag will be removed in v1.22 release. (#98033, @zshihang)v3.4.1
in kubelet and kubeadm for both Linux and Windows. (#98205, @pacoxu)65535:65535
. This implies the release of version 3.5 of the container images. (#97963, @saschagrunert) [SIG CLI, Cloud Provider, Cluster Lifecycle, Node, Release, Security and Testing]IPv6Dualstack
to Beta
and turns it on by default. New clusters or existing clusters are not be affected until an actor starts adding secondary Pods and service CIDRS CLI flags as described here: IPv4/IPv6 Dual-stack (#98969, @khenidak)kubectl.kubernetes.io/default-container
annotation in a Pod to preselect container for kubectl commands. (#99581, @mengjiao-liu) [SIG CLI]kubectl wait
ensures that observedGeneration >= generation to prevent stale state reporting. An example scenario can be found on CRD updates. (#97408, @KnicKnic)--volume-stats-agg-period
to negative value to disable volume calculations. (#96675, @pacoxu) [SIG Node][
, ]
and
that exist in vsphere windows path (#98830, @liyanhui1228) [SIG Storage and Windows]NodePort
Services where stale connection tracking entries may blackhole the traffic directed to the NodePort
(#98305, @aojea)KUBE_BUILD_CONFORMANCE=y
in package-tarballs
to reenable building the conformance tarballs. (#100571, @puerco)--volume-host-cidr-denylist
or --volume-host-allow-local-loopback
(#98436, @liggitt) [SIG Network and Storage]PodDisruptionBudget
leads to a nil pointer dereference that causes the Controller manager to crash loop. (#98750, @mortent)kube-proxy
logs on nodes with IPv6 disabled. (#99127, @danwinship)kubeadm upgrade plan
output has changed. If you have scripts or other automation that parses this output, please review these changes and update your scripts to account for the new output. (#98728, @stmcginnis) [SIG Cluster Lifecycle]--ignore-errors
is now honored by all containers, maintaining consistency with parallelConsumeRequest behavior. (#97686, @wzshiming)no kind "Ingress" is registered for version
error (#97754, @wzshiming)ipFamilyPolicy RequireDualStack
and will have entries in ipFamilies[]
for both IPv4 and IPv6. This is a change from alpha, but does not have any impact on the manually-specified Endpoints and EndpointSlices for the Service. (#99555, @thockin) [SIG Apps and Network]kubelet_containers_per_pod_count
buckets to only show metrics greater than 1. (#98169, @wawa0210)Failed to list *v1.Secret
or Failed to list *v1.ConfigMap
messages in kubelet logs. (#99538, @liggitt) [SIG Auth and Node]dockershim
as a runtime. (#99585, @Iceber)NoteLengthLimit
when the scheduler records an event for the pod that indicates the pod has failed to schedule. (#98715, @carlory)Containerd
on Windows, the C:\Windows\System32\drivers\etc\hosts
file will now be managed by kubelet. (#83730, @claudiubelu)VolumeBindingArgs
now allow BindTimeoutSeconds
to be set as zero, while the value zero indicates no waiting for the checking of volume binding operation. (#99835, @chendave) [SIG Scheduling and Storage]kubectl exec
and kubectl attach
now honor the --quiet
flag which suppresses output from the local binary that could be confused by a script with the remote command output (all non-failure output is hidden). In addition, print inline with exec and attach the list of alternate containers when we default to the first spec.container. (#99004, @smarterclayton) [SIG CLI]k8s.io/kubernetes/pkg/kubelet/apis
are now moved under k8s.io/kubelet/pkg/apis/
(#98931, @michaelbeaumont)service.beta.kubernetes.io/azure-load-balancer-mixed-protocols
mixed procotol annotation in favor of the MixedProtocolLBService feature (#97096, @nilo19) [SIG Cloud Provider]CSINodeIDMaxLength
from 128 bytes to 192 bytes. (#98753, @Jiawei0227)kubectl alpha debug
command is removed. Use kubectl debug
instead. (#98111, @pandaamanda) [SIG CLI]AttachVolumeLimit
feature gate (GA since v1.17) has been removed and now unconditionally enabled. (#96539, @ialidzhikov)CSINodeInfo
feature gate that is GA since v1.17 is unconditionally enabled, and can no longer be specified via the --feature-gates
argument. (#96561, @ialidzhikov) [SIG Apps, Auth, Scheduling, Storage and Testing]apiserver_request_total
metric is promoted to stable status and no longer has a content-type dimensions, so any alerts/charts which presume the existence of this will fail. This is however, unlikely to be the case since it was effectively an unbounded dimension in the first place. (#99788, @logicalhan)CSIDriverRegistry
, BlockVolume
and CSIBlockVolume
are now unconditionally enabled and can no longer be specified in component invocations. (#98021, @gavinfish) [SIG Storage]RotateKubeletClientCertificate
, AttachVolumeLimit
, VolumePVCDataSource
and EvenPodsSpread
are now unconditionally enabled and can no longer be specified in component invocations. (#97306, @gavinfish) [SIG Node, Scheduling and Storage]--allowed-not-ready-nodes=-1
when invoking the e2e.test program. This allows callers to run subsets of the e2e suite in scenarios other than perfectly healthy clusters. (#98781, @smarterclayton) [SIG Testing]WindowsGMSA
and WindowsRunAsUserName
that are GA since v1.18 are now removed. (#96531, @ialidzhikov) [SIG Node and Windows]-gce-zones
flag on the e2e.test
binary instructs tests that check for information about how the cluster interacts with the cloud to limit their queries to the provided zone list. If not specified, the current behavior of asking the cloud provider for all available zones in multi zone clusters is preserved. (#98787, @smarterclayton) [SIG API Machinery, Cluster Lifecycle and Testing]apiserver_storage_objects
(a newer version of etcd_object_counts
) is promoted and marked as stable. (#100082, @logicalhan)
Contributors, the
CHANGELOG-1.21.md has been bootstrapped with
v1.21.0 release notes and you may edit now as needed.
Published by your
Kubernetes Release
Managers.