Kubernetes v1.12.5 releases, container cluster management system
Kubernetes is an open source system for managing containerized applications across multiple hosts; providing basic mechanisms for deployment, maintenance, and scaling of applications.
Kubernetes builds upon a decade and a half of experience at Google running production workloads at scale using a system called Borg, combined with best-of-breed ideas and practices from the community.
Kubernetes is hosted by the Cloud Native Computing Foundation (CNCF). If you are a company that wants to help shape the evolution of technologies that are container-packaged, dynamically-scheduled and microservices-oriented, consider joining the CNCF. For details about who’s involved and how Kubernetes plays a role, read the CNCF announcement.
Other notable changes
- kubectl: fixed an issue with “too old resource version” errors continuously appearing when calling
kubectl delete(#72825, @liggitt)
- Update Cluster Autoscaler version to 1.12.2. Release notes: https://github.com/kubernetes/autoscaler/releases/tag/cluster-autoscaler-1.12.2 (#72882, @aleksandra-malinowska)
- Fix kube-proxy PodSecurityPolicy binding on GCE & GKE. This was only an issue when running kube-proxy as a DaemonSet, with PodSecurityPolicy enabled. (#72761, @tallclair)
- Fixes spurious 0-length API responses. (#72856, @liggitt)
- client-go: restores behavior of populating the BearerToken field in rest.Config objects constructed from kubeconfig files containing tokenFile config, or from in-cluster configuration. An additional BearerTokenFile field is now populated to enable constructed clients to periodically refresh tokens. (#71713, @liggitt)
- Fix AWS NLB security group updates where valid security group ports were incorrectly removed (#68422, @kellycampbell)
- when updating a service or when node changes occur.
- Fix scheduling starvation of pods in cluster with large number of unschedulable pods. (#72619, @everpeace)
- client-go: shortens refresh period for token files to 1 minute to ensure auto-rotated projected service account tokens are read frequently enough. (#72437, @liggitt)