Changelog for
kubernetes1.27-scheduler-1.27.15-lp156.32.1.x86_64.rpm :
* Wed Jun 26 2024 Priyanka Saggu
- Update to version 1.27.15:
* Bump images, dependencies and versions to go 1.21.11 and distroless iptables
* Don\'t fill in NodeToStatusMap with UnschedulableAndUnresolvable
* Revert \"scheduler: preallocation for NodeToStatusMap\"
* add an integration test when nodeAffinity specifies a non-existent node.
* base on allNodes when calculating nextStartNodeIndex
* backport
* Cherry pick #124618 to 1.27
* Fix NFS related issues on GCP/Ubuntu
* Updated & added visibility to apiserver x509 test certificates expiring this year
* Fri May 17 2024 Priyanka Saggu - Update to version 1.27.14:
* scheduler: preallocation for NodeToStatusMap
* add e2e test when a plugin (in-tree or out-of-tree) return non-existent/illegal nodes, the pod should be scheduled normally if suitable nodes exists
* test to catch illegal nodeNames returned by PreFilterResult
* add integration test for pod with pvc has node-affinity to non-existent/existent nodes
* hotfix when a plugin (in-tree or out-of-tree) return non-existent/illegal nodes, the pod scheduling flow will abort immediately.
* Fix PersistentVolumeLabel admission plugin on Azure
* cluster/gce: upgrade cos-97-lts -> cos-109-lts
* storage e2e: update hostpath and mock images
* gce: fix test for non-existing instance in cloud
* cloud-node-lifecycle controller: add fallback for empty providerID in shutdown
* Thu Apr 18 2024 Priyanka Saggu - Update to version 1.27.13:
* Add envFrom to serviceaccount admission plugin
* [go] Bump images, dependencies and versions to go 1.21.9 and distroless iptables
* [CVE-2023-45288] .
*: bump x/net to v0.23.0
* Use the right feature gate when updating uncertain volumes
* fix panic with SIGSEGV in kubeadm certs check-expiration
* hack/tools: bump to v0.4.6
* Serve watch without resourceVersion from cache and introduce a WatchFromStorageWithoutResourceVersion feature gate to allow serving watch from storage.
* Use DBG=1 for conformance verification
* build: use -trimpath in non-DBG mode- Update .spec file to bump go version build requirements:
* `BuildRequires: go >= 1.21.9`
* ref:
* Mon Apr 08 2024 Priyanka Saggu - update .spec file to set FORCE_HOST_GO env variable, to force k8s build scripts use the local GOTOOLCHAIN version from the build pipeline (i.e. GOTOOLCHAIN=\'auto\')
* ref:
* Mon Apr 08 2024 Update to version 1.27.12:
* keep existing PDB conditions when updating status
* remove --v arg from kubetest2-tester-ginkgo test args
* ci: bump kind to latest for kms jobs
* [go] Bump images, dependencies and versions to go 1.21.8 / distroless-iptables to v0.4.6
* [CVE-2024-24786] Bump v1.5.4, v1.33.0
* fix UT failure TestPrintIPAddressList
* e2e_node: replace `` with agnhost
* promote agnhost to v2.47
* fixing issue with GetCPUUsageNanoCores on Windows
* Fix cleanup of file subpaths
* etcd: Update to version 3.5.12
* build etcd image v3.5.12- Update .spec file to bump go version build requirements:
* `BuildRequires: go >= 1.21.8`
* ref:
* Mon Feb 26 2024 Update to version 1.27.11:
* [go] Bump images, dependencies and versions to go 1.21.7 / distroless-iptables to v0.4.5
* Revert \"kubeadm: fix a bug where the uploaded kubelet configuration in kube-system/kubelet-config ConfigMap does not respect user patch\"
* Add processStartTime in metrics/slis
* If a pvc has an empty storageclass name, don\'t try to assign a default StorageClass to it.
* Drop PendingChanges methods from change trackers, move into UpdateResults
* Squash some unnecessarily-chained methods in the change trackers- Update .spec file to bump go version build requirements:
* `BuildRequires: golang(API) = 1.21`
* Thu Feb 22 2024 Dominique Leuenberger - Use %patch -P N instead of deprecated %patchN.
* Wed Jan 24 2024 Priyanka Saggu - Update .spec file to remove go version build requirements:
* above build requirement causing build failures with following error: - `go: download go1.20.13 for linux/amd64: toolchain not available` - ref: Update to version 1.27.10:
* Revert \"Graduate Evented PLEG to Beta\"
* [go] Bump images, dependencies and versions to go 1.20.13 and distroless iptables to 0.2.9
* e2e framework: adapt unit test to Go 1.22
* Handle edge cases in seat demand stats
* .
*: bump to v0.16.1
* fix: 119921
* Use a separate function for checking if device was reconstructed
* Add tests for checking of uncertain device paths
* Fix device uncertain errors on reboot
* fix(scheduler): fix incorrect loop logic in MultiPoint to avoid a plugin being loaded multiple times
* etcd: Update to version 3.5.10
* fix: smb file share unavailable issue when it\'s deleted
* Wed Jan 24 2024 Update to version 1.27.9:
* run update-vendor script
* [go] Bump images, dependencies and versions to go 1.20.12
* pass GOTOOLCHAIN to build containers
* handle GOTOOLCHAIN in kube::golang::verify_go_version
* Move adding GroupVersion log until after an update is confirmed
* fix: requeue pods rejected by Extenders properly
* Bump distroless-iptables to 0.2.8 based on Go 1.20.11
* Make StatefulSet restart pods with phase Succeeded
* run hack scripts to update cyphar/filepath-securejoin to v0.2.4 correctly
* update filepath-securejoin dependency to 0.2.4 to fix security vulnerability
* Fix panic when process RunScorePlugins for cap out of range
* e2e: bootstrap vsphere tests earlier
* Fri Nov 24 2023 Priyanka Saggu - Update .spec file to bump go version build requirements:
* `BuildRequires: go >= 1.20.11`- Update to version 1.27.8:
* Use golang library instead of mklink
* [go] Bump images, dependencies and versions to go 1.20.11
* Fixing attempt to deploy past allocatable memory limits test on Windows
* bump to v1.56.3
* Add more test cases ensuring nextScheduleTimeDuration is never < 0
* Modify mostRecentScheduleTime to return more detailed information about missed schedules
* Fixing gmsa-webhook install steps for Windows GMSA full tests
* removing the import of \"\" because it was introduced after 1.28
* Fixing CurrentReplicas and CurrentRevision in completeRollingUpdate
* KCCM: fix GCP ILB by reintroducing readiness predicate for eTP:Local
* Use Patch instead of SSA for Pod Disruption condition
* service controller: improve node lifecycle updates
* Fix panic testing intree vSphere dynamic PV.
* Retry operations if CSI Driver Isn\'t Found by Treating this Error as Transient
* Thu Oct 26 2023 Priyanka Saggu - Update .spec file to bump go version build requirements:
* `BuildRequires: go >= 1.20.10`- Update to version 1.27.7:
* Release commit for Kubernetes v1.27.7
* Register UnauthenticatedHTTP2DOSMitigation into kube components
* Skip TestUnauthenticatedHTTP2ClientConnectionClose http1 tests
* Disable UnauthenticatedHTTP2DOSMitigation by default
* Prevent rapid reset http2 DOS on API server
* Fix concurrent write when filling PVC labels
* Modify test PVC to detect concurrent map write bug
* [go] Bump images, dependencies and versions to go 1.20.10
* Fix to honor PDB with an empty selector `{}`
* .: bump to v0.17.0
* Mark a volume as uncertain-attached after detach error
* Add nil checks for hpa object target type values
* [go] Bump images, versions and deps to use Go 1.20.9
* bump etcd cluster image to 3.5.9
* cronjob controller: ensure already existing jobs are added to Active list of cronjobs
* change rolling update logic to exclude sunsetting nodes
* vsphere: adapt to govmomi bump
* .: bump govmomi to v0.30.6
* move check for noop managed field timestamp updates
* mount-utils: fix flaky test \'TestFormat\'
* Increase range of job_sync_duration_seconds
* sync Service API status rest storage
* updating dependencies.yaml for etcd v3.5.9 version
* use upstream etcd github path instead of redirecting one
* update etcd version in to 3.5.9
* Update CHANGELOG/ for v1.27.6
* fixup patcher test to include field manager
* remove checks for fieldmanager from handlers
* include apiextensions types in apiextensions generated openapi
* fix scale not being given gvk in CRD openapi schemas
* add OpenAPIV3 config to tests and server options
* add error for attempting to initialize field manager with nil typeconverter
* supply deduced typeconverter to apiserver tests
* Throw error if OpenAPIV3 config is not provided
* e2e pods: fix WaitForPodsResponding retry
* scheduler: start scheduling attempt with clean UnschedulablePlugins
* Wed Sep 20 2023 Priyanka Saggu - fixes for bsc#1214406- update `Wants` directive in [Unit] section of `kubelet.service`:
* add: `containerd.service`
* remove: `docker.service`- updating container runtime prerequisites: (Refer:
* update `90-kubeadm.conf` to add below iptables rules: - net.bridge.bridge-nf-call-iptables = 1 - net.bridge.bridge-nf-call-ip6tables = 1
* update `kubeadm.conf` to add `overlay` kernel module
* update .spec file to: - add post-installation scriptlet for `kubeadm` package to enable iptables rules defined in `90-kubeadm.conf` using sysctl - add conditional checks to load kernel modules (br_netfilter, overlay) in `kubelet-common` package post-installation scriptlet - update `kubelet-common` post scriptlet to correctly update `KUBELET_VER` var in `/etc/sysconfig/kubelet` file based on fillup template- add below to `kubelet` subpackage to recommend installing correct version of package providing `kubernetes-kubelet-common` :
* `Recommends: kubernetes-kubelet-common = %{version}`- add below to `kubeadm` subpackage to recommend installing correct version of `kubelet` and `kubelet-common` packages:
* `Recommends: kubernetes%{baseversion}-kubelet`
* Wed Sep 20 2023 Priyanka Saggu - Update .spec file to bump go version build requirements:
* `BuildRequires: go >= 1.20.8`- Update to version 1.27.6:
* Release commit for Kubernetes v1.27.6
* [go] Bump images, versions and deps to use Go 1.20.8
* fix: concurrent map writes in e2e test
* Automated cherry pick of #119776: Fix a job quota related deadlock (#120320)
* Fix OpenAPI aggregation cleanup
* Fallback to legacy discovery on a wider range of conditions in aggregator
* apiextensions-apiserver: generate applyconfigurations
* TopologyAwareHints: Take lock in HasPopulatedHints
* Mark Job onPodConditions as optional in pod failure policy
* Update CHANGELOG/ for v1.27.5
* Incorporating feedback on 119341
* check for overflow
* Fix CEL cost handling of zero length replacement strings
* generate ReportingInstance and ReportingController in Event
* Pass Pinned field to kubecontainer.Image
* prep for go1.21: use -e in go list
* Skip apiserver_admission_webhook_request_total during context-canceled
* Ignore context canceled from validate and mutate webhook failopen metric
* kubeadm: fix nil pointer when etcd member is already removed
* update to golangci-lint v1.54.1 + go-ruleguard v0.4.0
* fix: when PreFilter returns UnschedulableAndUnresolvable, copy the state in all nodes in statusmap
* Fix a bug that PostFilter plugin may not function if previous PreFilter plugins return Skip
* Issue 4230: remove readiness check for cache exclusion
* add test for discoverability in openapi/v3
* update openapi
* expose into OpenAPIV3
* fix openapi/v3 non local apiservices aggregation
* node: devicemgr: topomgr: add logs
* e2e: node: add test to check device-requiring pods are cleaned up
* e2e: node: devices: improve the node reboot test
* e2e: node: devicemanager: update tests
* kubelet: devices: skip allocation for running pods
* Add test coverage of result size of string operations
* Bump cel-go to v0.12.7
* Tue Sep 12 2023 Update .spec file to bump go version build requirements:
* `BuildRequires: go >= 1.20.7`- Update to version 1.27.5:
* Use environment varaibles for parameters in Powershell
* Use env varaibles for passing path
* Avoid returning nil responseKind in v1beta1 aggregated discovery
* [release-1.27] releng/go: Bump images, versions and deps to use Go 1.20.7
* e2e_node: move getSampleDevicePluginPod to device_plugin_test.go
* fix \'pod\' in kubelet prober metrics
* priority & fairness: support dynamically configuring work estimator max seats
* Add mininumKubelet tag into ReadWriteOncePod test
* Include ignored pods when computing backoff delay for Job pod failures
* Adjust the algorithm for computing the pod finish time
* Rename updateReconstructedFromAPIServer
* Rename volumesNeedDevicePath
* Update volumesInUse after attachability is confirmed
* Add uncertain state of volume attach-ability
* Refactor FindAttachablePluginBySpec out of CSI code path
* kubeadm: backdate generated CAs by 5 minutes
* client-go: allow to set NotBefore in NewSelfSignedCACert()
* e2e: fix flaky test \'should contain OpenAPI V3 for Aggregated APIServer\'
* Fix a data race in TopologyCache
* Fix TopologyAwareHint not working when zone label is added after Node creation
* Tue Aug 01 2023 Egbert Eich - Restore the correct content of the kublet wrapper script (boo#1213829).
* Wed Jul 26 2023 Priyanka Saggu - Update: `BuildRequires: go >= 1.20.6`- Update to version 1.27.4:
* [release-1.27] releng/go: Bump images, versions and deps to use Go 1.20.6
* Fix the converts an empty string to nil.
* Add unit tests for parallel StatefulSet create & delete
* Parallel StatefulSet pod create & delete
* Refactor StatefulSet controller update logic
* Only declare job as finished after removing all finalizers
* Automated cherry pick of #118716 upstream release 1.27 (#118911)
* Hide numberOfMissedSchedules as an algorithm internal number
* Update schedule logic to properly calculate missed schedules
* Automated cherry pick of #118805: test comment should match the code in podgc (#118913)
* call ./hack/
* kubeadm: remove function pointer comparison in phase test
* CHANGELOG-1.27: Add note for AWS in-tree provider removal
* Updating the nodeAffinity of gated pods having nil affinity should be allowed
* fix the existing problem (0 SerialNumber in all certificate) as part of this PR in a separate commit
* update serial number to a valid non-zero number in ca certificate
* Delete CRDs created during field validation tests.
* kubectl explain should work for both cluster and namespace resources and without a GET method
* always execute condition for wait.PollUntilContextTimeout with immediate=true
* Review remarks to improve HandlePodCleanups in kubelet
* Fix the deletion of rejected pods
* Unset gated pod info timestamp in addToActiveQ
* deps: Bump to cAdvisor v0.47.2
* Make etcd component status consistent with health probes
* e2e storage: terminate worker quietly on test completion
* Fix flaky persistent volumes e2e test
* Set the node-ips annotation correctly with CloudDualStackNodeIPs
* Fix the git-repo test error caused by the correct use of loop variables
* dra scheduler plugin test: fix loopvar bug and \"reserve\" expected data
* Add node check to vSphere cloud provider
* Adding additional validations to queried endpoint list iteration.
* Wed Jun 21 2023 Priyanka Saggu - Update: `BuildRequires: go >= 1.20.5`- Update to version 1.27.3:
* Release commit for Kubernetes v1.27.3
* update-vendor: update vendored go.sums
* releng/go: Update images, dependencies and version to Go 1.20.5
* kube-proxy avoid race condition using LocalModeNodeCIDR
* Add ephemeralcontainer to imagepolicy securityaccount admission plugin
* supported version of etcd 3.5.7-0 for Kubernetes v1.27.0-rc.0
* e2e framework retry on Service unavailable errors
* e2e: apply timeout for CSI Storage Capacity test only to node
* Add DisruptionTarget condition when preempting for critical pod
* update webhook test to go 1.21
* Test APIService safe handling at startup
* Fix waiting for CRD sync at server start
* kubeadm: fix a bug where the static pod changes detection logic is inconsistent with kubelet
* kubeadm: Make etcd member removal idempotent
* kubeadm: Add etcd client unit tests
* kubeadm: Use internal etcd client through an interface
* Mon Jun 12 2023 Priyanka Saggu - Update: `BuildRequires: go >= 1.20.4`- Update to version 1.27.2:
* Release commit for Kubernetes v1.27.2
* OpenAPI V3 invalid document checks
* QueryParamVerifier falls back on invalid v3 document
* QueryParamVerifierV3 resilient to minimal OpenAPI V3 documents
* kubeadm: fix a bug where file copy(backup) could not be executed correctly on Windows platform during upgrade
* benchmark test to evaluate the overhead of podMatchesScopeFunc
* Fix incorrect calculation for ResourceQuota with PriorityClass as its scope
* Update podFailurePolicy comments from alpha-level to beta
* Disable NewVolumeManagerReconstruction feature gate
* releng/go: Update images, dependencies and version to Go 1.20.4
* Bump konnectivity-client to v0.1.2
* Kube-proxy/ipvs: accept access to healthCheckNodePort on LbIP
* node: device-plugin: e2e: Additional test cases
* node: device-plugin: add node reboot test scenario
* node: device-plugin: e2e: Capture pod admission failure
* node: device-mgr: e2e: adapt to sample device plugin refactoring
* node: device-mgr: e2e: Update the e2e test to reproduce issue:109595
* node: device-mgr: e2e: Implement End to end test
* node: device-mgr: Handle recovery by checking if healthy devices exist
* node: device-plugin: e2e: Add test case for kubelet restart
* node: device-plugin: e2e: Provide sleep intervals via constants
* node: device-plugin: e2e: Update test description to make it explicit
* node: device-plugin: e2e: Isolate test to pod restart scenario
* node: device-plugin: e2e: Annotate device check with error message
* node: device-plugins: e2e: s/devLen/expectedSampleDevsAmount
* node: device-plugins: e2e: Refactor parse log to return string and error
* Update kube-openapi to fix race
* Use absolute path instead requestURI in openapiv3 discovery
* proxy/ipvs: don\'t bind nodeips to the dummy device
* proxy/ipvs: add a GetAllLocalAddressesExcept() function
* Refactors discovery content-type and helper functions
* Fix scheduler performance regression after adding plugin metrics
* Update staging/src/
* Fix bug where CEL listOfString.join() results in unexpected error
* Fix directory mismatch for `volume.SetVolumeOwnership()`
* Fix stomping os env in kubectl e2e tests
* KCCM: add providerID predicate to service controller
* Re-work logic in shouldSyncUpdatedNode
* add log includes pod preemption details
* verifyVolumeNoStatusUpdateNeeded may cause flake and so only keep the last ones
* deflake: Add retry with timeout to wait for final conditions
* kubelet: Mark new terminal pods as non-finished in pod worker
* test: Add node e2e to restart kubelet while pod is terminating
* kubelet: Ensure pods that have not started track a pendingUpdate
* changelog: fix formatting issue with v1.27 change log
* Update CHANGELOG/ for v1.27.1
* use case-insensitive header keys for http probes
* kube-aggregator: correctly use client-go TLS cache with custom dialer
* api: encode NamespacedName with lower case in JSON
* Do not look at VPC-related resources outside the cluster\'s network
* Fix azure disk e2e after migration
* vendor: bump runc to 1.1.6
* CVE-2023-27561: Bump runc go module v1.1.4 -> v1.1.5
* fix: the volume is not detached after the pod and PVC objects are deleted
* Return error for localhost seccomp type with no localhost profile defined
* Fri Apr 28 2023 Priyanka Saggu - Update `Requires` in the \"kubernetes1.27-client\" pkg to:
* Requires: kubernetes%{baseversion}-client-common- Remove following `Obsoletes` from the \"kubernetes1.27-client-common\" pkg:
* Obsoletes: kubernetes%{baseversionminus1}-client-common
* Fri Apr 28 2023 Priyanka Saggu - Update to version 1.27.1:
* Release commit for Kubernetes v1.27.1
* fix: add the bug as a known issue o on the v1.26 release note
* Revert \"Optimization on running prePreEnqueuePlugins before adding pods into activeQ\"
* Revert \"Merge pull request #113151 from ncdc/refactor-crd-conversion\"
* Revert \"CR conversion: protect from converter input edits\"
* kubelet: Do not mutate pods in the pod manager
* Update CHANGELOG/ for v1.27.0
* Wed Apr 12 2023 Priyanka Saggu - update patches:
* kubeadm-opensuse-registry.patch
* revert-coredns-image-renaming.patch
* Wed Apr 12 2023 Priyanka Saggu - initial package for Kubernetes v1.27.0