Patch Version Release Notes
Version 1.29
Table 1 Release notes for the v1.29 patchCCE Cluster Patch Version | Kubernetes Version | Feature Updates | Optimization | Vulnerability Fixing |
---|
v1.29.2-r0 | v1.29.3 | CCE ingresses support traffic distribution based on custom HTTP headers. Scaling priority policies can be configured for third-party workloads. You can configure a security group for a pod using annotations. This feature is only available for CCE Turbo clusters. You can bind an existing EIP to a pod. This feature is only available for CCE Turbo clusters.
| An in-progress node drainage can be canceled. When updating a node pool, you can change its agency name, prefix, and suffix. Kubernetes labels and taints of a node are retained after the node is reset. Both the Kubernetes service account token volume projection and the load scaling controller can be configured.
| Fixed some security issues. |
v1.29.1-r0 | v1.29.1 | CCE clusters of v1.29 are released for the first time. For more information, see Kubernetes 1.29 Release Notes. | None | None |
Version 1.28
Table 2 Release notes for the v1.28 patchCCE Cluster Patch Version | Kubernetes Version | Feature Updates | Optimization | Vulnerability Fixing |
---|
v1.28.6-r0 | v1.28.8 | CCE ingresses support traffic distribution based on custom HTTP headers. Scaling priority policies can be configured for third-party workloads. You can configure a security group for a pod using annotations. This feature is only available for CCE Turbo clusters. You can bind an existing EIP to a pod. This feature is only available for CCE Turbo clusters.
| An in-progress node drainage can be canceled. When updating a node pool, you can change its agency name, prefix, and suffix. Kubernetes labels and taints of a node are retained after the node is reset. Both the Kubernetes service account token volume projection and the load scaling controller can be configured.
| Fixed some security issues. |
v1.28.3-r0 | v1.28.3 | LoadBalancer Services and ingresses allow you to: | None | Fixed some security issues. |
v1.28.2-r0 | v1.28.3 | | None | Fixed some security issues. |
v1.28.1-r4 | v1.28.3 | None | None | Fixed CVE-2024-21626 issues. |
v1.28.1-r0 | v1.28.3 | CCE clusters of v1.28 are released for the first time. For more information, see Kubernetes 1.28 Release Notes. The prefix and suffix of a node name can be customized in node pools. In CCE Turbo clusters, you can create container networks for workloads and specify pod subnets. LoadBalancer ingresses support gRPC. LoadBalancer Services allow you to specify a private IP address for a load balancer during Service creation using YAML.
| Accelerated the startup speed for creating a large number of Kata containers in a CCE Turbo cluster. Improved the stability when Kata containers are repeatedly created or deleted in a CCE Turbo cluster.
| None |
Version 1.27
Important
dockershim has been removed since Kubernetes v1.24, and Docker is not supported in v1.24 and later versions by default. Use containerd.
Table 3 Release notes for the v1.27 patchCCE Cluster Patch Version | Kubernetes Version | Feature Updates | Optimization | Vulnerability Fixing |
---|
v1.27.8-r0 | v1.27.12 | CCE ingresses support traffic distribution based on custom HTTP headers. Scaling priority policies can be configured for third-party workloads. You can configure a security group for a pod using annotations. This feature is only available for CCE Turbo clusters. You can bind an existing EIP to a pod. This feature is only available for CCE Turbo clusters.
| An in-progress node drainage can be canceled. When updating a node pool, you can change its agency name, prefix, and suffix. Kubernetes labels and taints of a node are retained after the node is reset. Both the Kubernetes service account token volume projection and the load scaling controller can be configured.
| Fixed some security issues. |
v1.27.5-r0 | v1.27.4 | LoadBalancer Services and ingresses allow you to: | None | Fixed some security issues. |
v1.27.3-r4 | v1.27.4 | None | None | Fixed CVE-2024-21626 issues. |
v1.27.2-r0 | v1.27.2 | | None | Fixed some security issues. |
v1.27.1-r10 | v1.27.2 | None | Optimized the events generated during node pool scaling. | Fixed some security issues. |
v1.27.1-r0 | v1.27.2 | CCE clusters of v1.27 are released for the first time. For more information, see Kubernetes 1.27 Release Notes. | None | None |
Version 1.25
Important
All nodes in the CCE clusters of version 1.25, except the ones running EulerOS 2.5, use containerd by default.
Table 4 Release notes for the v1.25 patchCCE Cluster Patch Version | Kubernetes Version | Feature Updates | Optimization | Vulnerability Fixing |
---|
v1.25.11-r0 | v1.25.16 | CCE ingresses support traffic distribution based on custom HTTP headers. Scaling priority policies can be configured for third-party workloads. You can configure a security group for a pod using annotations. This feature is only available for CCE Turbo clusters. You can bind an existing EIP to a pod. This feature is only available for CCE Turbo clusters.
| An in-progress node drainage can be canceled. When updating a node pool, you can change its agency name, prefix, and suffix. Kubernetes labels and taints of a node are retained after the node is reset. Both the Kubernetes service account token volume projection and the load scaling controller can be configured.
| Fixed some security issues. |
v1.25.8-r0 | v1.25.10 | LoadBalancer Services and ingresses allow you to: | None | Fixed some security issues. |
v1.25.6-r4 | v1.25.10 | None | None | Fixed CVE-2024-21626 issues. |
v1.25.5-r0 | v1.25.5 | | None | Fixed some security issues. |
v1.25.4-r10 | v1.25.5 | None | Optimized the events generated during node pool scaling. | Fixed some security issues. |
v1.25.4-r0 | v1.25.5 | | None | Fixed some security issues. |
v1.25.3-r10 | v1.25.5 | The timeout interval can be configured for a load balancer. | High-frequency parameters of kube-apiserver are configurable. | Fixed some security issues. |
v1.25.3-r0 | v1.25.5 | None | Enhanced network stability of CCE Turbo clusters when their specifications are modified. | Fixed some security issues. |
v1.25.1-r0 | v1.25.5 | CCE clusters of v1.25 are released for the first time. For more information, see Kubernetes 1.25 Release Notes. | None | None |
Version 1.23
Table 5 Release notes for the v1.23 patchCCE Cluster Patch Version | Kubernetes Version | Feature Updates | Optimization | Vulnerability Fixing |
---|
v1.23.16-r0 | v1.23.17 | CCE ingresses support traffic distribution based on custom HTTP headers. Scaling priority policies can be configured for third-party workloads. You can configure a security group for a pod using annotations. This feature is only available for CCE Turbo clusters. You can bind an existing EIP to a pod. This feature is only available for CCE Turbo clusters.
| An in-progress node drainage can be canceled. When updating a node pool, you can change its agency name, prefix, and suffix. Kubernetes labels and taints of a node are retained after the node is reset. Both the Kubernetes service account token volume projection and the load scaling controller can be configured.
| Fixed some security issues. |
v1.23.13-r0 | v1.23.17 | LoadBalancer Services and ingresses allow you to: | None | Fixed some security issues. |
v1.23.11-r4 | v1.23.17 | None | None | Fixed CVE-2024-21626 issues. |
v1.23.10-r0 | v1.23.11 | | None | Fixed some security issues. |
v1.23.9-r10 | v1.23.11 | None | Optimized the events generated during node pool scaling. | Fixed some security issues. |
v1.23.9-r0 | v1.23.11 | | None | Fixed some security issues. |
v1.23.8-r10 | v1.23.11 | The timeout interval can be configured for a load balancer. | High-frequency parameters of kube-apiserver are configurable. | Fixed some security issues. |
v1.23.8-r0 | v1.23.11 | None | | Fixed some security issues. |
v1.23.5-r0 | v1.23.11 | Fault detection and isolation are supported on GPU nodes. Security groups can be customized by cluster. CCE Turbo clusters support ENIs pre-binding by node. containerd is supported.
| Upgraded the etcd version of the master node to the Kubernetes version 3.5.6. Optimized scheduling so that pods are evenly distributed across AZs after pods are scaled in. Optimized the memory usage of kube-apiserver when CRDs are frequently updated.
| Fixed some security issues and the following CVE vulnerabilities: |
v1.23.1-r0 | v1.23.4 | CCE clusters of v1.23 are released for the first time. For more information, see Kubernetes 1.23 Release Notes. | None | None |
Version 1.21
Table 6 Release notes for the v1.21 patchCCE Cluster Patch Version | Kubernetes Version | Feature Updates | Optimization | Vulnerability Fixing |
---|
v1.21.14-r0 | v1.21.14 | A PVC can be used to dynamically create and mount an SFS Turbo subdirectory. | None | Fixed some security issues. |
v1.21.12-r4 | v1.21.14 | None | None | Fixed CVE-2024-21626 issues. |
v1.21.11-r20 | v1.21.14 | | None | Fixed some security issues. |
v1.21.11-r10 | v1.21.14 | None | Optimized the events generated during node pool scaling. | Fixed some security issues. |
v1.21.11-r0 | v1.21.14 | | None | Fixed some security issues. |
v1.21.10-r10 | v1.21.14 | The timeout interval can be configured for a load balancer. | High-frequency parameters of kube-apiserver are configurable. | Fixed some security issues. |
v1.21.10-r0 | v1.21.14 | None | Enhanced Docker reliability during upgrades. Optimized node time synchronization. Enhanced the stability of the Docker runtime for pulling images after nodes are restarted.
| Fixed some security issues. |
v1.21.7-r0 | v1.21.14 | Fault detection and isolation are supported on GPU nodes. Security groups can be customized by cluster. CCE Turbo clusters support ENIs pre-binding by node.
| Improved the stability of LoadBalancer Services/ingresses with a large number of connections. | Fixed some security issues and the following CVE vulnerabilities: |
v1.21.1-r0 | v1.21.7 | CCE clusters of v1.21 are released for the first time. For more information, see Kubernetes 1.21 Release Notes. | None | None |
Version 1.19
Table 7 Release notes for the v1.19 patchCCE Cluster Patch Version | Kubernetes Version | Feature Updates | Optimization | Vulnerability Fixing |
---|
1.19.16-r84 | v1.19.16 | None | None | Fixed CVE-2024-21626 issues. |
v1.19.16-r60 | v1.19.16 | | None | Fixed some security issues. |
v1.19.16-r50 | v1.19.16 | None | Optimized the events generated during node pool scaling. | Fixed some security issues. |
v1.19.16-r40 | v1.19.16 | | None | Fixed some security issues. |
v1.19.16-r30 | v1.19.16 | The timeout interval can be configured for a load balancer. | High-frequency parameters of kube-apiserver are configurable. | Fixed some security issues. |
v1.19.16-r20 | v1.19.16 | None | Cloud Native 2.0 Networks allow you to specify subnets for a namespace. Enhanced the stability of the Docker runtime for pulling images after nodes are restarted. Optimized the performance of CCE Turbo clusters in allocating ENIs if not all ENIs are pre-bound.
| Fixed some security issues. |
v1.19.16-r4 | v1.19.16 | Fault detection and isolation are supported on GPU nodes. Security groups can be customized by cluster. CCE Turbo clusters support ENIs pre-binding by node.
| Scheduling is optimized on taint nodes. Enhanced the long-term running stability of containerd when cores are bound. Improved the stability of LoadBalancer Services/ingresses with a large number of connections. Optimized the memory usage of kube-apiserver when CRDs are frequently updated.
| Fixed some security issues and the following CVE vulnerabilities: |
v1.19.16-r0 | v1.19.16 | None | Enhanced the stability in updating LoadBalancer Services when workloads are upgraded and nodes are scaled in or out. | Fixed some security issues and the following CVE vulnerabilities: |
v1.19.10-r0 | v1.19.10 | CCE clusters of v1.19 are released for the first time. For more information, see Kubernetes 1.19 Release Notes. | None | None |
last updated: 2024-12-13 13:16 UTC - commit: 637711c1b4cbb67ff8f1429f87a3eb6e1d7d78bc