Kruise Versions Save

Automated management of large-scale applications on Kubernetes (incubating project under CNCF)

v1.6.2

3 weeks ago

To install or upgrade to the old version, see installation doc.

Change log since v1.6.1

CloneSet

  • Fix new version of Pods released by cloneSet that doesn't match spec.updateStrategy.partition. (#1549, @qswksp)

v1.5.4

3 weeks ago

To install or upgrade to the old version, see installation doc.

Change log since v1.5.3

CloneSet

  • Fix new version of Pods released by cloneSet that doesn't match spec.updateStrategy.partition. (#1549, @qswksp)

v1.4.2

3 weeks ago

To install or upgrade to the old version, see installation doc.

Change log since v1.4.1

CloneSet

  • Fix new version of Pods released by cloneSet that doesn't match spec.updateStrategy.partition. (#1549, @qswksp)

v1.6.1

1 month ago

To install or upgrade to the old version, see installation doc.

Change log since v1.6.0

Upgrade Notice

Advanced Workload

v1.5.3

1 month ago

To install or upgrade to the old version, see installation doc.

Change log since v1.5.2

Advanced Workload

v1.6.0

1 month ago

To install or upgrade to the old version, see installation doc.

Change log since v1.5.2

Upgrade Notice

No, really, you must read this before you upgrade

  • OpenKruise no longer supports Kubernetes versions 1.16, 1.17. However it's still possible to use OpenKruise with Kubernetes versions 1.16 and 1.17 as long as KruiseDaemon is not enabled(install/upgrade kruise charts with featureGates="KruiseDaemon=false")
  • OpenKruise leader election default to use leases mode. (#1407, dsxing) For users with OpenKruise version 1.3.0 or lower, please first upgrade your OpenKruise to version 1.4 or 1.5 before upgrading to 1.6.0, so as to avoid unexpected multiple leader problem during the installation.
  • Bump Kubernetes dependency to 1.26.10. (#1511, KaiShi)

Key Features

  • Fix WorkloadSpread incorrect subset allocation after workload rolling updating. (#1197, veophi)
  • ImagePullJob support force image pulling for images with the name as previous one. (#1384, ls-2018)
  • Job Sidecar Terminator reports correct pod phase for sidecar containers with non-zero exit code. (#1303, @diannaowa)
  • Support the deletion protection of service and ingress resources. (#1269, @kevin1689-cloud)

Performance Enhancement

  • Optimize PodProbeMarker performance. (#1430, ls-2018)
  • Optimize container launch priority performance. (#1490, FillZpp)

Other Changes

  • Enhanced Operation

    • PodProbeMarker: Container probe support Tcp probing. (#1474, KaiShi)
    • PodProbeMarker: Sync podCondition when probe message of probeStates changed. (#1479, chrisliu1995)
    • PersistentPodState: Fix the problem that PersistentPodState can't get spec.replicas from unstructured object. (#1462, 0xgj)
    • Fix PodProbeMarker feature gate dependency . (#1429, ls-2018)

  • Advanced Workload

    • Enforce Advanced DaemonSet spec.selector is immutable. (#1505, @hantmac)
    • Advanced StatefulSet maxUnavailable now counts unavailable pods with smaller ordinal in the update order during rolling upgrade. (#1480, @Yesphet)
    • Fix EphemeralJob event handler for deleting object. (#1401, FillZpp)

  • Sidecar Container

  • Application Protection

    • PodUnavailableBudget ignore deletion of not ready or inconsistent pods. (#1512, Spground)

  • Others

v1.5.2

3 months ago

To install or upgrade to the old version, see installation doc.

Change log since v1.5.1

CVE FIX: Enhance kruise-daemon security (#1482, veophi)

Start kruise-manager as a non-root user

We start kruise-manger with a non-root user to further enhance the security of kruise-manager. (#1491, @zmberg)

v1.5.1

4 months ago

To install or upgrade to the old version, see installation doc.

Change log since v1.5.0

In version 1.5.1, the focus was on enhancing UnitedDeployment and addressing various bug fixes:

  • Add the ability to plan the lower and upper bound of capacity to the subsets in UnitedDeployment (#1428, @veophi)

  • Fix unexpected job recreation by adding controller-revision-hash label for ImageListPullJob. (#1441, @veophi)

  • Add prometheus metrics for pub and deletion protection to enhance observability for pub & deletion protection (#1398, @zmberg)

  • Add enable pprof flag for kruise daemon, now you can disable the pprof of kruise daemon (#1416, @chengjoey)

  • Fix SidecarSet upgrade exception for UpdateExpectations to solve the problem of updating the image of the sidecar container (#1435, @zmberg])

  • add audit log for pub and deletion protection to enhance observability for pub & deletion protection (#1438, @zmberg])

v1.5.0

7 months ago

To install or upgrade to the old version, see installation doc.

Change log since v1.4.0

Upgrade Notice

No, really, you must read this before you upgrade

  • Disable following feature-gates by default: PreDownloadImageForInPlaceUpdate(#1244, @zmberg), ImagePullJobGate(#1357, @zmberg), DeletionProtectionForCRDCascadingGate(#1365, @zmberg), and ResourceDistributionGate(#1360, @zmberg)
  • Bump Kubernetes dependency to 1.24.16, Golang version to 1.19(#1354, Kuromesi)

Key Features: Enhanced Multi-Domain Management

  • WorkloadSpread:
    • Support any customized workloads that have scale sub-resource. (#1286, veophi)
    • Add validation for subset patch field. (#1237, chengleqi)
  • UnitedDeployment:

ImagePreDownload

  • ImageListPullJob:
    • Many users have the need for batch pre-download images, and the current approach, i.e., ImagePullJob, has a relatively high threshold for use, We added a new CRD ImageListPullJob to batch pre-download images. You just write a range of images in one ImageListPullJob CR, its controller will generate corresponding ImagePullJob CR for each image automatically. (1222, @diannaowa)
  • ImagePullJob:
    • Fix the matching logic for the imagePullSecret in ImagePullJob. (#1241, #1357)
    • Advanced Workload pre-download image support attach metadata in ImagePullJob. (#1246, YTGhost)

Advanced Workload

  • SidecarSet:
    • Add condition and event for not upgradable pods when updating. (#1309, MarkLux)
    • Take effect of shareVolumePolicy on initContainers. (#1229, y-ykcir)
    • Allow sidecar containers to mount serviceAccountToken type volume. (#1238, y-ykcir)
    • SidecarSet updateStrategy support priorityStrategy. (#1325, y-ykcir)
  • BroadcastJob:
  • CloneSet & StatefulSet:

Kruise Daemon

  • Connecting to Pouch runtime via CRI interface. (#1232, @zmberg)
  • Compatible with v1 and v1alpha2 CRI API version. (#1354, veophi)

ResourceProtection

And some bugs were fixed by (#1238, y-ykcir), (#1335, ls-2018), (#1301, wangwu50), (#1395, ywdxz), (#1304, kevin1689-cloud), (#1348, #1343, Colvin-Y), thanks!

v1.4.0

1 year ago

To install or upgrade to the old version, see installation doc.

Change log since v1.3.0

Upgrade Notice

No, really, you must read this before you upgrade

  • Enable following feature-gates by default: ResourcesDeletionProtection, WorkloadSpread, PodUnavailableBudgetDeleteGate, InPlaceUpdateEnvFromMetadata, StatefulSetAutoDeletePVC, PodProbeMarkerGate. (#1214, @zmberg)
  • Change Kruise leader election from configmap to configmapsleases, this is a smooth upgrade with no disruption to OpenKruise service. (#1184, @YTGhost)

New Feature: JobSidecarTerminator

In the Kubernetes world, it is challenging to use long-running sidecar containers for short-term job because there is no straightforward way to terminate the sidecar containers when the main container exits. For instance, when the main container in a Pod finishes its task and exits, it is expected that accompanying sidecars, such as a log collection sidecar, will also exit actively, so the Job Controller can accurately determine the completion status of the Pod. However most sidecar containers lack the ability to discovery the exit of main container.

For this scenario OpenKruise provides the JobSidecarTerminator capability, which can terminate sidecar containers once the main containers exit.

For more detail, please refer to its proposal.

Advanced Workloads

  • Optimized CloneSet Event handler to reduce unnecessary reconciliation. The feature is off by default and controlled by CloneSetEventHandlerOptimization feature-gate. (#1219, @veophi)
  • Avoid pod hang in PreparingUpdate state when rollback before update hook. (#1157, @shiyan2016)
  • Fix cloneSet update blocking when spec.scaleStrategy.maxUnavailable is not empty. (#1136, @ivanszl)
  • Add 'disablePVCReuse' field to enable recreation of PVCs when rebuilding pods, which can avoid Pod creation failure due to Node exceptions. (#1113, @willise)
  • CloneSet 'partition' field support float percent to improve precision. (#1124, @shiyan2016)
  • Add PreNormal Lifecycle Hook for CloneSet. (#1071, @veophi)
  • Allow to mutate PVCTemplate of Advanced StatefulSet & CloneSet. Note, Only works for new Pods, not for existing Pods. (#1118, @veophi)
  • Make ephemeralJob compatible with k8s version 1.20 & 1.21. (#1127, @veophi)
  • UnitedDeployment support advanced StatefulSet 'persistentVolumeClaimRetentionPolicy' field. (#1110, @yuexian1234)

ContainerRecreateRequest

  • Add 'forceRecreate' field to ensure the immediate recreation of the container even if the container is starting at that point. (#1182, @BH4AWS)

ImagePullJob

  • Support attach metadata in PullImage CRI interface during ImagePullJob. (#1190, @diannaowa)

SidecarSet

Others

  • Simplify some code, mainly comparison and variable declaration. (#1209, @hezhizhen)
  • Update k8s registry references from k8s.gcr.io to registry.k8s.io. (#1208, @asa3311)
  • Fix config/samples/apps_v1alpha1_uniteddeployment.yaml invalid image. (#1198, @chengleqi)
  • Change kruise base image to alpine. (#1166, @fengshunli)
  • PersistentPodState support custom workload (like statefulSet). (#1063, @baxiaoshi)