Changelog for
kubernetes1.18-kubelet-1.18.10-lp156.3.18.x86_64.rpm :
* Wed Jul 05 2023 Priyanka Saggu
- Update `Requires` in the \"kubernetes1.18-client\" pkg to:
* Remove: `Requires: kubernetes-client-common >= %{version}`
* Add: `Requires: kubernetes%{baseversion}-client-common`
* Wed May 24 2023 Priyanka Saggu - Security Patch Fix for CVE-2023-2727 (bsc#1211630) and CVE-2023-2728 (bsc#1211631)
* added patch: kube-apiserver-admission-plugin-policy.patch
* this new kube-apiserver component patch prevents ephemeral containers:
*
* from using an image that is restricted by ImagePolicyWebhook (CVE-2023-2727)
*
* from bypassing the mountable secrets policy enforced by the ServiceAccount admission plugin ( CVE-2023-2728)
* Tue Nov 24 2020 David Cassany - Adding a conflict on kubernetes client common to ensure there are no leftovers after migration from SP1 to SP2 on SLE15.
* Tue Nov 10 2020 David Cassany - Build only kubernetes client subpackages on SLE
* Thu Oct 15 2020 rbrownAATTsuse.com- Update to version 1.18.10:
* Fix reporting network_programming_latency metrics in kube-proxy
* Azure: fix node removal race condition on VMSS deletion
* make download-or-bust compatible with both sha512/sha1
* replace sha1 with sha512
* use more granular buckets for azure api calls
* avoid potential secret leaking while reading .dockercfg
* Mask Ceph RBD adminSecrets in logs when logLevel >= 4
* fix: azure disk resize error if source does not exist
* fix detach azure disk issue when vm not exist
* Fix UpdateSnapshot when Node is partially removed
* kubeadm: make the CP join handling of kubeconfig similar to \"init\"
* kubeadm: warn but do not error out on missing CA keys on CP join
* fix: detach azure disk broken on Azure Stack
* Handle nil elements when sorting, instead of panicking
* do not mutate endpoints in the apiserver
* Remove HeadlessService label in endpoints controller before comparing
* Update CHANGELOG/CHANGELOG-1.18.md for v1.18.9
* count of etcd object should be limited to the specified resource
* Track pods with required anti-affinity in scheduler NodeInfo and Snapshot.
* Ensure getPrimaryInterfaceID not panic when network interfaces for Azure VMSS are null
* Update staging/src/k8s.io/legacy-cloud-providers/azure/azure_loadbalancer_test.go
* Allow 404 error on lb deletion in azure
* chore: add diskclient.Update interface
* chore: add diskclient.ListByResourceGroup interface
* Fix doc for leader-elect-resource-lock flag
* Thu Sep 17 2020 rbrownAATTsuse.com- Update to version 1.18.9:
* e2e: backport regenerate namespace name if the name is already taken #90591
* Update CNI plugins to v0.8.7
* azure: use the parsed value from the configuration
* Cherry pick of #93908: Updating EndpointSlice controllers to return if error encountered
* Update snapshot controller to use k8s.gcr.io
* test(kuberuntime): deflake TestRemoveContainer
* kubectl describe pod: use ReportingController as an event source
* Fix an issue when rotated logs of dead containers are not removed.
* Append suffix \'i\' only if needed
* Fixed reflector not recovering from \"Too large resource version\" errors with API servers 1.17.0-1.18.5
* let panics propagate up when processLoop panic
* Add impersonated user to system:authenticated group
* cleanup: print warning message after timeout
* Revert \"cleanup: decrease log level from warn to v3\"
* cleanup: decrease log level from warn to v3
* Remove duplicate nodeSelector
* fix(azure): check error returned by scaleSet.getVMSS
* remove oom TestStartingWatcher \"\"unit\"\" test
* Ensuring EndpointSlice controller does not create EndpointSlices for Services that are being deleted.
* If firstTimestamp is not set use eventTime when printing event
* kubectl: fix the Scheduled eventTime is when use kubectl describe pod xxx
* Update json-patch to v4.9.0 tagged release
* Improve EndpointController\'s handling of headless services under dual-stack
* Improve EndpointController dual-stack testing
* Fix Endpoint/EndpointSlice pod change detection
* Updating EndpointSlice controller to wait for all caches to be synced
* Fix bug for inconsistent lists served from etcd
* test(kubelet): add a regression test to verify kubelet would not panic
* fix(kubelet): protect `containerCleanupInfos` from concurrent map writes
* Keep track of remaining pods when a node is deleted.
* add sjenning as kubelet approver
* Remove direct accesses to cache\'s node map
* Update CHANGELOG/CHANGELOG-1.18.md for v1.18.8
* Add tests for out of band attachments
* Update e2e csi images to k8s.gcr.io
* \"unbound immediate PersistentVolumeClaims\" should be UnschedulableAndUnresolvable error
* Make AttachDisk idempotent again
* Do not evict pods which tolerate all NoExecute taints
* Fix namespace controller cleanup orphaning
* Add labelSelector validation to Affinity/AntiAffinity score plugin
* Use NLB Subnet CIDRs instead of VPC CIDRs in updateInstanceSecurityGroupsForNLB
* Make nested /volume/ repo images overridable
* fix: update max azure disk max count
* Do not swallow NotFound error for DeletePod in dsc.manage
* Mon Sep 07 2020 Richard Brown - kubernetes%{baseversion}-kubeadm now obsoletes kubernetes%{baseversionminus1}-kubeadm
* Fri Aug 28 2020 Richard Brown - Introduce kubernetes$FOO-client-common package to make -client truely parralel installable
* Thu Aug 20 2020 Richard Brown - Harmonise macro names, use baseversionminus1 across all k8s packages for previous version number
* Thu Aug 20 2020 Jean-Philippe Evrard - Remove old macro on maxcriversion, with the new relaxed constraints
* Thu Aug 20 2020 Jean-Philippe Evrard - Relax constraints on kubeadm
* Tue Aug 18 2020 Richard Brown - Correct invalid use of %{_libexecdir} to ensure files should be in /usr/lib
* Tue Aug 18 2020 Dirk Mueller - update url
* Fri Aug 14 2020 rbrownAATTsuse.com- Update to version 1.18.8:
* [go1.13] Update to go1.13.15
* [go1.15] build: Update to k/repo-infraAATTv0.0.12 (supports go1.15.0)
* Update others OWNERS files from master
* Promote spiffxp to build/ approver
* build: Update Debian base images
* build: Remove Debian base image building
* Update to json-patch 4.8.0
* Revert \"Automated cherry pick of #89629: fix 68211: modified subpath configmap mount fails when\"
* Azure: per VMSS, incremental VMSS VMs cache
* Fix panic on /readyz
* add dashpole as kubelet approver
* Fix instance not found issues when an Azure Node is recreated in a short time
* Use local daemonset manifest for installing Nvidia drivers
* Fix scheduler issue with nodetree additions
* tests: Fixes Windows kubelet-stats test
* Fix a bug whereby reusable CPUs and devices were not being honored
* Simplify logic in devicemanager TopologyHint generation
* Add AnySet() to topologymanager bitmask API
* update e2e test
* autogen files update
* fix 68211: modified subpath configmap mount fails when container restart
* Fix ListZonesInRegion() after client BasePath change
* Update Golang to v1.13.14
* Add bazel_skylib_workspace to fix make bazel-test \'no matching toolchains found\' error
* Update repo-infra to v0.0.8 (to support go1.14.6 and go1.13.14)
* build: Update to repo-infraAATTv0.0.5 to support go1.14.3 and go1.13.11
* Update to repo-infra v0.0.4
* Update bazel to 2.2.0
* fix: initial delay in mounting azure disk/file
* Skip ensuring VMSS in pool for nodes which should be excluded from lb
* Update CHANGELOG/CHANGELOG-1.18.md for v1.18.6
* defaultpodtopologyspread: access listers in plugin instantiation
* Wed Jul 15 2020 dmuellerAATTsuse.com- Update to version 1.18.6:
* Don\'t return proxied redirects to the client
* Include pod /etc/hosts in ephemeral storage calculation for eviction
* Fix throttling issues when Azure VM computer name prefix is different from VMSS name
* kube-proxy ipvs masquerade hairpin traffic
* kubeadm: add --port=0 for kube-controller-manager and kube-scheduler
* Wait for all informers to sync in /readyz.
* Fix bug in reflector not recovering from \"Too large resource version\" errors
* Delete default load balancer source range (0.0.0.0/0) to prevent redundant network security rules.
* hyperkube: Use debian-hyperkube-baseAATTv1.1.1 image
* debian-hyperkube-base/Dockerfile: Add iproute2 package
* debian-hyperkube-base/Dockerfile: Cleanup spacing
* debian-hyperkube-base/Dockerfile: Alpha-sort packages
* test: add unit test
* fix: use force detach for azure disk
* Update CHANGELOG/CHANGELOG-1.18.md for v1.18.5
* Add tests covering startup probe without readiness
* Pods which have not \"started\" can not be \"ready\"
* add docu + fix copyright year
* fix: don\'t use docker config cache if it\'s empty
* fix#92167: GetLabelsForVolume panic issue for azure disk PV
* Fix DS expectations on recreate
* kubelet, kube-proxy: unmark packets before masquerading them
* kubeadm: don\'t re-add an etcd member if it already exists for \"join\"
* some tests for new function
* go-to-protobuf: fix rewrite of embedded struct fields
* Windows tests: Makes gMSA test more nanoserver friendly
* kubelet: fix `/stats/summary` endpoint on Windows when init-containers are present on the node
* Tue Jul 14 2020 dmuellerAATTsuse.com- Update to version 1.18.5:
* Update CHANGELOG/CHANGELOG-1.18.md for v1.18.5-rc.1
* hyperkube: Use debian-hyperkube-baseAATTv1.1.0 image
* hyperkube: Build debian-hyperkube-base v1.1.0 image
* Update CHANGELOG/CHANGELOG-1.18.md for v1.18.4
* kubeadm join: Wait longer for TLS bootstrapping
* CSI: Modify VolumeAttachment check to use Informer/Cache
* Fix log timestamps to be displayed in fixed width
* Tue Jul 14 2020 Dirk Mueller - move newest kubernetes-client to update-alternatives with kuberlr
* Mon Jun 22 2020 Dirk Mueller - avoid verbose diagnostic print on start of kubelet
* Thu Jun 18 2020 dmuellerAATTsuse.com- Update to version 1.18.4:
* enable floating IP for IPv6
* Extend AWS azToRegion method to support Local Zones and other partitions
* kubelet: block non-forwarded packets from crossing the localhost boundary
* Deflake port-forward e2e test
* Fix fieldType being dropped by older go-clients
* FieldManager: Reset if we receive nil or a list with one empty item
* set dest prefix and port for IPv6 sg rule
* fieldManager: Ignore and log all errors when updating managedFields
* Make kubectl tolerate other versions of the CSR API
* Changes to ManagedFields is not mutation for GC
* fix a number of unbounded dimensions in request metrics
* build: Use debian-hyperkube-baseAATTv1.0.0 image
* Check for GCE finalizer in GetLoadBalancer.
* Fix csi-provisioner image for pd csi driver
* hyperkube: Build v1.0.0 image
* build: Add dependency entries for debian-hyperkube-base
* Update CNI to v0.8.6
* Fix public IP not shown issues after assigning public IP to Azure VMs
* Skip Pod Conditions from scheduling queue updates
* add test for finalizers
* skip unnecessary scheduling attempt when pod\'s finalizers change
* Update CHANGELOG/CHANGELOG-1.18.md for v1.18.3
* Add back anti-affinity to kube-dns pods.
* Check for empty zone string
* Azure - do not use 0 zone or empty string for zone when creating PVs
* Fix client-ca dynamic reload in apiserver
* Fix exclusive CPU allocations being deleted at container restart
* Update strategy used to reuse CPUs from init containers in CPUManager
* Wed Jun 10 2020 Richard Brown - Remove %{?_smp_mflags} to make build more reliable [boo#1172744]
* Wed Jun 10 2020 Bernhard Wiedemann - Add reproducible-buildid.patch to make package build reproducible
* Tue Jun 09 2020 rbrownAATTsuse.com- Update to version 1.18.3:
* Move nfs-provisioner from quay.io/kubernetes_incubator to staging-csi
* Use staging-csi to work around quay.io availability
* Azure: support non-VMSS instances removal
* deps: Use debian-base:v2.1.0 and debian-iptables:v12.1.0
* build: Add build-image OWNERS to debian-{base,iptables} and pause dirs
* count no nodes scheduling failure as unschedulable instead of error
* kubeadm: fix flakes when performing etcd MemberAdd on slower setups
* base-images: Update to kube-cross:v1.13.9-5
* build: Alpha-sort dependencies.yaml
* fix: azure disk dangling attach issue
* kube-proxy: increase the session affinity timeout to ensure that the test passes in ipvs mode
* cluster: ipvs conntrack module vs kernel version
* allow k8s.io/kubernetes/third_party/forked/ipvs in e2e test framework import restrictions (transitive dep from pkg/kubemark)
* add license headers for third_party/forked/ipvs
* third_party/forked/ipvs: check the address family if the netlink address family attribute is not set
* run hack/update-vendor.sh to remove github.com/docker/libnetwork
* remove github.com/docker/libnetwork from go.mod
* update pkg/util/ipvs to use third_party/forked/ipvs
* move github.com/docker/libnetwork/ipvs to third_party/forked
* fix backoff manager timer initialization race
* fix: ACR auth fails in private azure clouds
* Restore cache-control header filter
* kube-scheduler: compatibility with ServerSideApply
* bugfix: initcontainer wasn\'t considered when calculate resource request
* fix: azure file csi migration failure
* Fix flaws in Azure CSI translation
* Revert \"stop defaulting kubeconfig to http://localhost:8080\"
* Update CHANGELOG/CHANGELOG-1.18.md for v1.18.2
* Fix Node initialization for GCP cloud provider
* Simplify unregistration of csiplugin
* Unregister csiplugin even if socket path is gone
* Move PSP tests behind a feature tag
* kube-openapi bump to release-1.18
* Preserve int/float distinction when decoding raw values
* Check Annotations map against nil for ConfigMapLock#Update()
* Fix CSINodeInfo startup
* Wait for APIServer \'ok\' forever during CSINode initialization during Kubelet init
* Mon Jun 08 2020 Richard Brown - Add ConditionPathExists=/var/lib/kubelet/config.yaml to kubelet.service [boo#1146372]
* Wed May 20 2020 Richard Brown - Run sysctl -a --system before kubelet to ensure sysctl parameters are correctly loaded [boo#1171770]
* Wed Apr 22 2020 rbrownAATTsuse.com- Update to version 1.18.2:
* Fix GCE ILB for large clusters
* Restore the ability to `kubectl apply --prune` without -n flag
* Fix client watch reestablishment handling of client-side timeouts
* Fix priorityClass typo, add numeric priority to static pods
* Update CHANGELOG/CHANGELOG-1.18.md for v1.18.1
* Test dropped round-trip annotations in HPA conversion
* Drop round-trip annotations in HPA conversion
* Skip updating cache on pod update if the node was deleted
* Thu Apr 16 2020 Richard Brown - kubelet-common: conflict with other instances of kubelet-common and require kubernetes-kubelet%{baseversion}
* Tue Apr 14 2020 rbrownAATTsuse.com- Update to version 1.18.1:
* Ensure Azure availability zone is always in lower cases
* Even with build error, kubectl apply should apply all valid resources
* fix: update max azure disk max count
* Ensure diff doesn\'t persist patches
* Fix permissions for endpointslice controller
* Clean up event messages for errors.
* Allow list-resources.sh to continue if a resource fails to list
* fix a bug where spn: prefix is unexpectedly added to kubeconfig apiserver-id setting
* Adds integration test for apply failures when applying multiple resources
* Fixes problem where kubectl apply stops after first error
* fix cpu resource metric type by changing to counter
* fix concurreny issue in lb creation
* Kubeadm: fix Ready condition check
* kubeadm: add missing RBAC for getting nodes on \"upgrade apply\"
* Check that ImageInspect pointer is not nil
* Fix bug about unintentional scale out during updating deployment.
* Update CHANGELOG/CHANGELOG-1.18.md for v1.18.0
* build/dependencies: Remove bazel WORKSPACE go_version check
* deps: Update to Golang 1.13.9
* build: Remove kube-cross image building
* Label Windows test as Serial.
* Fri Apr 03 2020 Richard Brown - Initial Packaging - see kubernetes changelog for historic logs