Kubernetes v1.15.3 releases, container cluster management system

Kubernetes vulnerability

Kubernetes is an open-source system for managing containerized applications across multiple hosts; providing basic mechanisms for deployment, maintenance, and scaling of applications.

Kubernetes builds upon a decade and a half of experience at Google running production workloads at scale using a system called Borg, combined with best-of-breed ideas and practices from the community.

Kubernetes is hosted by the Cloud Native Computing Foundation (CNCF). If you are a company that wants to help shape the evolution of technologies that are container-packaged, dynamically-scheduled and micro services-oriented, consider joining the CNCF. For details about who’s involved and how Kubernetes plays a role, read the CNCF announcement.


Changelog v1.15.3

Other notable changes

  • Update golang/x/net dependency to bring in fixes for CVE-2019-9512, CVE-2019-9514 (#81522@cblecker)
  • Update to use go 1.12.8 (#81390@cblecker)
  • Update to use go 1.12.9 (#81489@BenTheElder)
  • cpuUsageNanoCores is now reported in the Kubelet summary API on Windows nodes (#80176@liyanhui1228)
  • API: the metadata.selfLink field is deprecated in individual and list objects. It will no longer be returned starting in v1.20, and the field will be removed entirely in v1.21. (#80978@wojtek-t)
  • Fix Azure client requests stuck issues on http.StatusTooManyRequests (HTTP Code 429). (#81279@feiskyer)
  • Update the GCE windows node image to include hot fixes since July. (#81233@YangLu1031)
  • switch to VM Update call in attach/detach disk operation, original CreateOrUpdate call may lead to orphaned VMs or blocked resources (#81208@andyzhangx)
  • Fix conflicted cache when the requests are canceled by other Azure operations. (#81282@feiskyer)
  • update to use go 1.12.7 (#80134@tao12345666333)
  • Fix public IP not found issues for VMSS nodes (#80703@feiskyer)
  • Fixes validation of VolumeAttachment API objects created with inline volume sources. (#80945@tedyu)
  • Fix kubelet errors in AArch64 with huge page sizes smaller than 1MiB (#78495@odinuge)
  • kube-addon-manager has been updated to v9.0.2 to fix a bug in leader election (https://github.com/kubernetes/kubernetes/pull/80575) (#80861@mborsz)
  • Fix a bug that ListOptions.AllowWatchBookmarks wasn’t propagating correctly in kube-apiserver. (#80157@wojtek-t)
  • Pass-through volume MountOptions to global mount (NodeStageVolume) on the node for CSI (#80191@davidz627)
  • Fix error in kubeadm join --discovery-file when using discovery files with embedded credentials (#80675@fabriziopandini)
  • make node lease renew interval more heuristic based on node-status-update-frequency in kubelet (#80173@gaorong)
  • Bugfix: csi plugin supporting raw block that does not need attach mounted failed (#79920@cwdsuzhou)
  • Reduces GCE PD Node Attach Limits by 1 since the node boot disk is considered an attachable disk (#80923@davidz627)