File kubernetes1.18.changes of Package kubernetes1.18.30392
-------------------------------------------------------------------
Wed Jul 5 08:37:32 UTC 2023 - Priyanka Saggu <priyanka.saggu@suse.com>
- Update `Requires` in the "kubernetes1.18-client" pkg to:
* Remove: `Requires: kubernetes-client-common >= %{version}`
* Add: `Requires: kubernetes%{baseversion}-client-common`
-------------------------------------------------------------------
Wed May 24 08:23:05 UTC 2023 - Priyanka Saggu <priyanka.saggu@suse.com>
- Security Patch Fix for CVE-2023-2727 (bsc#1211630) and CVE-2023-2728 (bsc#1211631)
* added patch: kube-apiserver-admission-plugin-policy.patch
* this new kube-apiserver component patch prevents ephemeral containers:
** from using an image that is restricted by ImagePolicyWebhook (CVE-2023-2727)
** from bypassing the mountable secrets policy enforced by the ServiceAccount admission plugin ( CVE-2023-2728)
-------------------------------------------------------------------
Tue Nov 24 13:34:42 UTC 2020 - David Cassany <dcassany@suse.com>
- Adding a conflict on kubernetes client common to ensure there are no
leftovers after migration from SP1 to SP2 on SLE15.
-------------------------------------------------------------------
Tue Nov 10 08:56:41 UTC 2020 - David Cassany <dcassany@suse.com>
- Build only kubernetes client subpackages on SLE
-------------------------------------------------------------------
Thu Oct 15 19:32:42 UTC 2020 - rbrown@suse.com
- Update to version 1.18.10:
* Fix reporting network_programming_latency metrics in kube-proxy
* Azure: fix node removal race condition on VMSS deletion
* make download-or-bust compatible with both sha512/sha1
* replace sha1 with sha512
* use more granular buckets for azure api calls
* avoid potential secret leaking while reading .dockercfg
* Mask Ceph RBD adminSecrets in logs when logLevel >= 4
* fix: azure disk resize error if source does not exist
* fix detach azure disk issue when vm not exist
* Fix UpdateSnapshot when Node is partially removed
* kubeadm: make the CP join handling of kubeconfig similar to "init"
* kubeadm: warn but do not error out on missing CA keys on CP join
* fix: detach azure disk broken on Azure Stack
* Handle nil elements when sorting, instead of panicking
* do not mutate endpoints in the apiserver
* Remove HeadlessService label in endpoints controller before comparing
* Update CHANGELOG/CHANGELOG-1.18.md for v1.18.9
* count of etcd object should be limited to the specified resource
* Track pods with required anti-affinity in scheduler NodeInfo and Snapshot.
* Ensure getPrimaryInterfaceID not panic when network interfaces for Azure VMSS are null
* Update staging/src/k8s.io/legacy-cloud-providers/azure/azure_loadbalancer_test.go
* Allow 404 error on lb deletion in azure
* chore: add diskclient.Update interface
* chore: add diskclient.ListByResourceGroup interface
* Fix doc for leader-elect-resource-lock flag
-------------------------------------------------------------------
Thu Sep 17 09:06:00 UTC 2020 - rbrown@suse.com
- Update to version 1.18.9:
* e2e: backport regenerate namespace name if the name is already taken #90591
* Update CNI plugins to v0.8.7
* azure: use the parsed value from the configuration
* Cherry pick of #93908: Updating EndpointSlice controllers to return if error encountered
* Update snapshot controller to use k8s.gcr.io
* test(kuberuntime): deflake TestRemoveContainer
* kubectl describe pod: use ReportingController as an event source
* Fix an issue when rotated logs of dead containers are not removed.
* Append suffix 'i' only if needed
* Fixed reflector not recovering from "Too large resource version" errors with API servers 1.17.0-1.18.5
* let panics propagate up when processLoop panic
* Add impersonated user to system:authenticated group
* cleanup: print warning message after timeout
* Revert "cleanup: decrease log level from warn to v3"
* cleanup: decrease log level from warn to v3
* Remove duplicate nodeSelector
* fix(azure): check error returned by scaleSet.getVMSS
* remove oom TestStartingWatcher ""unit"" test
* Ensuring EndpointSlice controller does not create EndpointSlices for Services that are being deleted.
* If firstTimestamp is not set use eventTime when printing event
* kubectl: fix the Scheduled eventTime is <unknown> when use kubectl describe pod xxx
* Update json-patch to v4.9.0 tagged release
* Improve EndpointController's handling of headless services under dual-stack
* Improve EndpointController dual-stack testing
* Fix Endpoint/EndpointSlice pod change detection
* Updating EndpointSlice controller to wait for all caches to be synced
* Fix bug for inconsistent lists served from etcd
* test(kubelet): add a regression test to verify kubelet would not panic
* fix(kubelet): protect `containerCleanupInfos` from concurrent map writes
* Keep track of remaining pods when a node is deleted.
* add sjenning as kubelet approver
* Remove direct accesses to cache's node map
* Update CHANGELOG/CHANGELOG-1.18.md for v1.18.8
* Add tests for out of band attachments
* Update e2e csi images to k8s.gcr.io
* "unbound immediate PersistentVolumeClaims" should be UnschedulableAndUnresolvable error
* Make AttachDisk idempotent again
* Do not evict pods which tolerate all NoExecute taints
* Fix namespace controller cleanup orphaning
* Add labelSelector validation to Affinity/AntiAffinity score plugin
* Use NLB Subnet CIDRs instead of VPC CIDRs in updateInstanceSecurityGroupsForNLB
* Make nested /volume/ repo images overridable
* fix: update max azure disk max count
* Do not swallow NotFound error for DeletePod in dsc.manage
-------------------------------------------------------------------
Mon Sep 7 08:36:36 UTC 2020 - Richard Brown <rbrown@suse.com>
- kubernetes%{baseversion}-kubeadm now obsoletes kubernetes%{baseversionminus1}-kubeadm
-------------------------------------------------------------------
Fri Aug 28 13:01:23 UTC 2020 - Richard Brown <rbrown@suse.com>
- Introduce kubernetes$FOO-client-common package to make -client truely parralel installable
-------------------------------------------------------------------
Thu Aug 20 14:40:53 UTC 2020 - Richard Brown <rbrown@suse.com>
- Harmonise macro names, use baseversionminus1 across all k8s packages for previous version number
-------------------------------------------------------------------
Thu Aug 20 11:44:52 UTC 2020 - Jean-Philippe Evrard <jevrard@suse.com>
- Remove old macro on maxcriversion, with the new relaxed constraints
-------------------------------------------------------------------
Thu Aug 20 10:32:33 UTC 2020 - Jean-Philippe Evrard <jevrard@suse.com>
- Relax constraints on kubeadm
-------------------------------------------------------------------
Tue Aug 18 15:08:59 UTC 2020 - Richard Brown <rbrown@suse.com>
- Correct invalid use of %{_libexecdir} to ensure files should be in /usr/lib
-------------------------------------------------------------------
Tue Aug 18 07:42:55 UTC 2020 - Dirk Mueller <dmueller@suse.com>
- update url
-------------------------------------------------------------------
Fri Aug 14 15:17:55 UTC 2020 - rbrown@suse.com
- Update to version 1.18.8:
* [go1.13] Update to go1.13.15
* [go1.15] build: Update to k/repo-infra@v0.0.12 (supports go1.15.0)
* Update others OWNERS files from master
* Promote spiffxp to build/ approver
* build: Update Debian base images
* build: Remove Debian base image building
* Update to json-patch 4.8.0
* Revert "Automated cherry pick of #89629: fix 68211: modified subpath configmap mount fails when"
* Azure: per VMSS, incremental VMSS VMs cache
* Fix panic on /readyz
* add dashpole as kubelet approver
* Fix instance not found issues when an Azure Node is recreated in a short time
* Use local daemonset manifest for installing Nvidia drivers
* Fix scheduler issue with nodetree additions
* tests: Fixes Windows kubelet-stats test
* Fix a bug whereby reusable CPUs and devices were not being honored
* Simplify logic in devicemanager TopologyHint generation
* Add AnySet() to topologymanager bitmask API
* update e2e test
* autogen files update
* fix 68211: modified subpath configmap mount fails when container restart
* Fix ListZonesInRegion() after client BasePath change
* Update Golang to v1.13.14
* Add bazel_skylib_workspace to fix make bazel-test 'no matching toolchains found' error
* Update repo-infra to v0.0.8 (to support go1.14.6 and go1.13.14)
* build: Update to repo-infra@v0.0.5 to support go1.14.3 and go1.13.11
* Update to repo-infra v0.0.4
* Update bazel to 2.2.0
* fix: initial delay in mounting azure disk/file
* Skip ensuring VMSS in pool for nodes which should be excluded from lb
* Update CHANGELOG/CHANGELOG-1.18.md for v1.18.6
* defaultpodtopologyspread: access listers in plugin instantiation
-------------------------------------------------------------------
Wed Jul 15 21:02:48 UTC 2020 - dmueller@suse.com
- Update to version 1.18.6:
* Don't return proxied redirects to the client
* Include pod /etc/hosts in ephemeral storage calculation for eviction
* Fix throttling issues when Azure VM computer name prefix is different from VMSS name
* kube-proxy ipvs masquerade hairpin traffic
* kubeadm: add --port=0 for kube-controller-manager and kube-scheduler
* Wait for all informers to sync in /readyz.
* Fix bug in reflector not recovering from "Too large resource version" errors
* Delete default load balancer source range (0.0.0.0/0) to prevent redundant network security rules.
* hyperkube: Use debian-hyperkube-base@v1.1.1 image
* debian-hyperkube-base/Dockerfile: Add iproute2 package
* debian-hyperkube-base/Dockerfile: Cleanup spacing
* debian-hyperkube-base/Dockerfile: Alpha-sort packages
* test: add unit test
* fix: use force detach for azure disk
* Update CHANGELOG/CHANGELOG-1.18.md for v1.18.5
* Add tests covering startup probe without readiness
* Pods which have not "started" can not be "ready"
* add docu + fix copyright year
* fix: don't use docker config cache if it's empty
* fix#92167: GetLabelsForVolume panic issue for azure disk PV
* Fix DS expectations on recreate
* kubelet, kube-proxy: unmark packets before masquerading them
* kubeadm: don't re-add an etcd member if it already exists for "join"
* some tests for new function
* go-to-protobuf: fix rewrite of embedded struct fields
* Windows tests: Makes gMSA test more nanoserver friendly
* kubelet: fix `/stats/summary` endpoint on Windows when init-containers are present on the node
-------------------------------------------------------------------
Tue Jul 14 15:05:56 UTC 2020 - dmueller@suse.com
- Update to version 1.18.5:
* Update CHANGELOG/CHANGELOG-1.18.md for v1.18.5-rc.1
* hyperkube: Use debian-hyperkube-base@v1.1.0 image
* hyperkube: Build debian-hyperkube-base v1.1.0 image
* Update CHANGELOG/CHANGELOG-1.18.md for v1.18.4
* kubeadm join: Wait longer for TLS bootstrapping
* CSI: Modify VolumeAttachment check to use Informer/Cache
* Fix log timestamps to be displayed in fixed width
-------------------------------------------------------------------
Tue Jul 14 14:40:17 UTC 2020 - Dirk Mueller <dmueller@suse.com>
- move newest kubernetes-client to update-alternatives with kuberlr
-------------------------------------------------------------------
Mon Jun 22 14:07:10 UTC 2020 - Dirk Mueller <dmueller@suse.com>
- avoid verbose diagnostic print on start of kubelet
-------------------------------------------------------------------
Thu Jun 18 21:59:49 UTC 2020 - dmueller@suse.com
- Update to version 1.18.4:
* enable floating IP for IPv6
* Extend AWS azToRegion method to support Local Zones and other partitions
* kubelet: block non-forwarded packets from crossing the localhost boundary
* Deflake port-forward e2e test
* Fix fieldType being dropped by older go-clients
* FieldManager: Reset if we receive nil or a list with one empty item
* set dest prefix and port for IPv6 sg rule
* fieldManager: Ignore and log all errors when updating managedFields
* Make kubectl tolerate other versions of the CSR API
* Changes to ManagedFields is not mutation for GC
* fix a number of unbounded dimensions in request metrics
* build: Use debian-hyperkube-base@v1.0.0 image
* Check for GCE finalizer in GetLoadBalancer.
* Fix csi-provisioner image for pd csi driver
* hyperkube: Build v1.0.0 image
* build: Add dependency entries for debian-hyperkube-base
* Update CNI to v0.8.6
* Fix public IP not shown issues after assigning public IP to Azure VMs
* Skip Pod Conditions from scheduling queue updates
* add test for finalizers
* skip unnecessary scheduling attempt when pod's finalizers change
* Update CHANGELOG/CHANGELOG-1.18.md for v1.18.3
* Add back anti-affinity to kube-dns pods.
* Check for empty zone string
* Azure - do not use 0 zone or empty string for zone when creating PVs
* Fix client-ca dynamic reload in apiserver
* Fix exclusive CPU allocations being deleted at container restart
* Update strategy used to reuse CPUs from init containers in CPUManager
-------------------------------------------------------------------
Wed Jun 10 11:57:57 UTC 2020 - Richard Brown <rbrown@suse.com>
- Remove %{?_smp_mflags} to make build more reliable [boo#1172744]
-------------------------------------------------------------------
Wed Jun 10 03:52:54 UTC 2020 - Bernhard Wiedemann <bwiedemann@suse.com>
- Add reproducible-buildid.patch to make package build reproducible
-------------------------------------------------------------------
Tue Jun 09 14:41:32 UTC 2020 - rbrown@suse.com
- Update to version 1.18.3:
* Move nfs-provisioner from quay.io/kubernetes_incubator to staging-csi
* Use staging-csi to work around quay.io availability
* Azure: support non-VMSS instances removal
* deps: Use debian-base:v2.1.0 and debian-iptables:v12.1.0
* build: Add build-image OWNERS to debian-{base,iptables} and pause dirs
* count no nodes scheduling failure as unschedulable instead of error
* kubeadm: fix flakes when performing etcd MemberAdd on slower setups
* base-images: Update to kube-cross:v1.13.9-5
* build: Alpha-sort dependencies.yaml
* fix: azure disk dangling attach issue
* kube-proxy: increase the session affinity timeout to ensure that the test passes in ipvs mode
* cluster: ipvs conntrack module vs kernel version
* allow k8s.io/kubernetes/third_party/forked/ipvs in e2e test framework import restrictions (transitive dep from pkg/kubemark)
* add license headers for third_party/forked/ipvs
* third_party/forked/ipvs: check the address family if the netlink address family attribute is not set
* run hack/update-vendor.sh to remove github.com/docker/libnetwork
* remove github.com/docker/libnetwork from go.mod
* update pkg/util/ipvs to use third_party/forked/ipvs
* move github.com/docker/libnetwork/ipvs to third_party/forked
* fix backoff manager timer initialization race
* fix: ACR auth fails in private azure clouds
* Restore cache-control header filter
* kube-scheduler: compatibility with ServerSideApply
* bugfix: initcontainer wasn't considered when calculate resource request
* fix: azure file csi migration failure
* Fix flaws in Azure CSI translation
* Revert "stop defaulting kubeconfig to http://localhost:8080"
* Update CHANGELOG/CHANGELOG-1.18.md for v1.18.2
* Fix Node initialization for GCP cloud provider
* Simplify unregistration of csiplugin
* Unregister csiplugin even if socket path is gone
* Move PSP tests behind a feature tag
* kube-openapi bump to release-1.18
* Preserve int/float distinction when decoding raw values
* Check Annotations map against nil for ConfigMapLock#Update()
* Fix CSINodeInfo startup
* Wait for APIServer 'ok' forever during CSINode initialization during Kubelet init
-------------------------------------------------------------------
Mon Jun 8 15:33:30 UTC 2020 - Richard Brown <rbrown@suse.com>
- Add ConditionPathExists=/var/lib/kubelet/config.yaml to kubelet.service [boo#1146372]
-------------------------------------------------------------------
Wed May 20 11:15:04 UTC 2020 - Richard Brown <rbrown@suse.com>
- Run sysctl -a --system before kubelet to ensure sysctl parameters are correctly loaded [boo#1171770]
-------------------------------------------------------------------
Wed Apr 22 15:49:10 UTC 2020 - rbrown@suse.com
- Update to version 1.18.2:
* Fix GCE ILB for large clusters
* Restore the ability to `kubectl apply --prune` without -n flag
* Fix client watch reestablishment handling of client-side timeouts
* Fix priorityClass typo, add numeric priority to static pods
* Update CHANGELOG/CHANGELOG-1.18.md for v1.18.1
* Test dropped round-trip annotations in HPA conversion
* Drop round-trip annotations in HPA conversion
* Skip updating cache on pod update if the node was deleted
-------------------------------------------------------------------
Thu Apr 16 15:24:56 UTC 2020 - Richard Brown <rbrown@suse.com>
- kubelet-common: conflict with other instances of kubelet-common and require kubernetes-kubelet%{baseversion}
-------------------------------------------------------------------
Tue Apr 14 10:46:52 UTC 2020 - rbrown@suse.com
- Update to version 1.18.1:
* Ensure Azure availability zone is always in lower cases
* Even with build error, kubectl apply should apply all valid resources
* fix: update max azure disk max count
* Ensure diff doesn't persist patches
* Fix permissions for endpointslice controller
* Clean up event messages for errors.
* Allow list-resources.sh to continue if a resource fails to list
* fix a bug where spn: prefix is unexpectedly added to kubeconfig apiserver-id setting
* Adds integration test for apply failures when applying multiple resources
* Fixes problem where kubectl apply stops after first error
* fix cpu resource metric type by changing to counter
* fix concurreny issue in lb creation
* Kubeadm: fix Ready condition check
* kubeadm: add missing RBAC for getting nodes on "upgrade apply"
* Check that ImageInspect pointer is not nil
* Fix bug about unintentional scale out during updating deployment.
* Update CHANGELOG/CHANGELOG-1.18.md for v1.18.0
* build/dependencies: Remove bazel WORKSPACE go_version check
* deps: Update to Golang 1.13.9
* build: Remove kube-cross image building
* Label Windows test as Serial.
-------------------------------------------------------------------
Fri Apr 3 11:45:40 UTC 2020 - Richard Brown <rbrown@suse.com>
- Initial Packaging - see kubernetes changelog for historic logs
