v3.9.0
smarterclayton
released this
30 Mar 23:30
·
13912 commits
to master
since this release
This is the official feature release of OpenShift Origin.
Changes
v3.9.0 (2018-03-30) Full Changelog
Component updates
- Updates to Kubernetes
- 51042: Allow passing request-timeout from NewRequest all the way down #13701
- 52324: Fix bug on kubelet failure to umount mount points. #18225
- 54530: api: validate container phase transitions #18792
- 56164: Split out a KUBE-EXTERNAL-SERVICES chain so we don't have to run KUBE-SERVICES from INPUT #18754
- 56288: Add list of pods that use a volume to multiattach events #18290
- 56315: Record volumeID in GlusterFS PV spec UPSTREAM: 56823: Add volID based delete() and resize() if volID is available in pv spec UPSTREAM: 57516: Add custom volume name based on SC parameter UPSTREAM: 58513: Add Namespace to glusterfs custom volume names UPSTREAM: 58626: Use correct pv annotation to fetch volume ID #18326
- 56432: e2e: test containers projected volume updates should not exit #18387
- 56846: Fix Cinder detach problems #18140
- 56872: Fix event generation #18442
- 57202: Fix format string in describers #18853
- 57336: Abstract some duplicated code in the iptables proxier #18754
- 57461: Don't create no-op iptables rules for services with no endpoints #18754
- 57480: Fix build and test errors from etcd 3.2.13 upgrade #18731
- 57854: fix bug of swallowing missing merge key error #18331
- 57967: Fixed TearDown of NFS with root squash. #18154
- 58177: Redesign and implement volume reconstruction work #18554
- 58316: set fsGroup by securityContext.fsGroup in azure file #18526
- 58375: Recheck if transformed data is stale when doing live lookup during update #18530
- 58415: Improve messaging on resize #18509
- 58439: Fix loading structured admission plugin config #18529
- 58439: Surface error loading admission plugin config #18529
- 58522: Clean up error messages for pre-bound PVCs #18284
- 58533: add suggestion to describe pod for container names #18178
- 58574: fixing array out of bound by checking initContainers instead of containers #18403
- 58617: Make ExpandVolumeDevice() idempotent if existing volume capacity meets the requested size #18432
- 58685: Fill size attribute for the OpenStack V3 API volumes #18237
- 58720: Ensure that the runtime mounts RO volumes read-only #18255
- 58739: Don't bind PVs and PVCs with different access modes #18284
- 58753: Fix kubectl explain for cronjobs #18268
- 58794: Resize mounted volumes #18421
- 58930: Don't wait for certificate rotation on Kubelet start #18322
- 58955: pkg: kubelet: do not assume anything about images names #18340
- 58977: Fix pod sandbox privilege. #18820
- 58991: restore original object on apply err #18337
- 58994: Race condition between listener and client in remote_runtime_test #18409
- 59170: Fix kubelet PVC stale metrics #18787
- 59279: nodelifecycle: set OutOfDisk unknown on node timeout #18417
- 59297: Improve error returned when fetching container logs during pod termination #18515
- 59350: Do not recycle volumes that are used by pods #18552
- 59365: Fix StatefulSet set-based selector bug #18824
- 59386: Scheduler - not able to read from config file if configmap is not found #18475
- 59449: Fix to register priority function ResourceLimitsPriority correctly. #18503
- 59506: fix --watch on multiple requests #18514
- 59569: Do not ignore errors from EC2::DescribeVolume in DetachDisk #18544
- 59767: kubelet: check for illegal phase transition #18585
- 59873: Fix DownwardAPI refresh race #18636
- 59923: Rework volume manager log levels #18636
- 60299: apiserver: fix testing etcd config for etcd 3.2.16 #18731
- 60301: Fix Deployment with Recreate strategy not to wait on Pods in terminal phase #18760
- 60306: Only run connection-rejecting rules on new connections #18754
- 60342: Fix nested volume mounts for read-only API data volumes #18789
- 60430: don't use storage cache during apiserver unit test #18731
- 60457: tests: e2e: empty msg from channel other than stdout should be non-fatal #18755
- 60490: Volume deletion should be idempotent #18878
- 61045: subpath fixes #18957
- 61107: Add atomic writer subpath e2e tests #18957
- 61107: Detect backsteps correctly in base path detection #18957
- 61193: bugfix(mount): lstat with abs path of parent instead of '/..' #18985
- : Remove write permissions on daemonsets from Kubernetes bootstrap policy #18977
- : Short-circuit HPA oapi/v1.DC #18380
- : hack in working autoscale reference for oc autoscale #18376
- : hack out the oapi for restmapping resources when more than one is present #18377
- : patch the upstream SA token controller and use it #18508
- Updates to docker/distribution
- UPSTREAM: docker/docker#36517: ensure hijackedConn implements CloseWrite function
Features
FEATURE DESCRIPTION
PARAGRAPH
- DESCRIPTION #PR
Other Features
- build: Issue 17941: Add
oc new-build --push-secret
option #18477 - deploy: Add support for deployments in oc status #18439, #18579
Bugs
- auth: Change Header used for impersonation scopes to match upstream #18378
- auth: Deprecate some policy commands #18102
- build: Adjust newapp/newbuild error messages (arg classification vs. actual … #18272
- build: Fix BuildConfigInstantiateFailed warning when lastVersion == 0 #17146
- cli: Add infos count to
oc status
#18422 - cli: Suppress project list on login if you have access to greater than 50 projects #18706
- diagnostic: Add an AppCreate diagnostic #16658
- diagnostic: AggregatedLogging ClusterRoleBindings false negative fix #18888
- diagnostic: Fix AnalyzeLogs to provide more clear debug message #18654
- image: Fix annotation trigger to reconcile on container image change #18513
- image: Preserve namespace on imagestreams server-side export #18487
- image: Prevent scheduled importer of images from advancing too quickly #18604
- image: Retry import without authentication if we get 401 error for public images #18012
- migrate: Add migrate command for legacy HPAs #18854
- network: Fix reassignment of egress IP after removal #18720
- network: Deal with auto-egress-ip mark conflicting with kube-proxy's masqueradeBit #18121
- network: Do not allow 'default' project to be isolated using 'oc adm pod-network' #18687
- network: Don't try to delete (nonexistent) OVS flows for headless/external services #18890
- network: Fix CNI IPAM data dir #18863
- network: Fix handleDeleteSubnet() to release network from subnet allocator #18819
- newapp:
--source-image
should count as a source input for new-app #18631 - node: Move pod-namespace calls out of process to prevent races between Go threads #18355
- node: Restart console container when config changes #18411
- node: Support
--write-flags
onopenshift start node
to support moving directly to kubelet #18322 - oauth: Enable osin internal error logging #18505
- router: Make oadm router and registry resiliant to missing client for use in scripts #18546
- router: Updating route TLS configuration will be possible with 'create' permissions on custom-host #18312
- security: ClusterResourceOverride plugin should not set CPU or memory minimums below the namespace quota minimum #18553
- server: Bug 1538389 - Allow node IP change to update Host IP in HostSubnet resource #18281
- server: Correctly handle newlines in serial files #18405
- server: Wait for lease acquisition that indicates the controllers and scheduler have successfully started #18338
- template: Make sure we can unbind a deleted templateinstance #18452
Release SHA256 Checksums
6ed2fb1579b14b4557e4450a807c97cd1b68a6c727cd1e12deedc5512907222e ./openshift-origin-client-tools-v3.9.0-191fece-linux-64bit.tar.gz
a616d50c0974d4b3d1f12f227883afa7e70028fe78c874fc233eb3466ee12fdf ./openshift-origin-server-v3.9.0-191fece-linux-64bit.tar.gz
32bdd9464866c8e93d8cf4a3a7718b0bc9fa0f2881f045b97997fa014b52a40b ./openshift-origin-client-tools-v3.9.0-191fece-mac.zip
705eb110587fdbd244fbb0f93146a643b24295cfe2410ff9fe67a0e880912663 ./openshift-origin-client-tools-v3.9.0-191fece-windows.zip