To install or upgrade to the old version, see installation doc.
Change log since v1.6.3
Key Features
- When CloneSet volumeClaimTemplates changed, always recreate pods and related volumes. (#1561, @ABNER-1)
- Bump K8s dependency to 1.28, and OpenKruise still works with Kubernetes Version >= 1.18. (#1598, @ABNER-1)
- SidecarSet support k8s 1.28 Sidecar Containers(initContainers[x].restartPolicy=Always), and significantly improves the lifecycle management of Sidecar containers,
refer to the community documentation for details. (#1613, @zmberg) - ImagePullJob support for credential provider plugin, e.g. aws. (#1383, @Kuromesi)
- Advanced StatefulSet support start ordinal. (#1643, @ABNER-1)
- Support webhook CA injection using external certification management tool, e.g. cert-manager. (#1665, @Kuromesi)
- Kruise-daemon support cri-docker.sock for kubernetes clusters that use docker runtime. (#1631, @BraceCY)
- Advanced StatefulSet add pod index label
statefulset.kubernetes.io/pod-index
. (#1667, @cr7258) - Add Structured logging support. (#1565, @MajLuu); (#1629, @jairuigou); (#1669, @AiRanthem)
Performance Enhancement
- Optimizing Pod SidecarSet webhook and controller performance when lots of namespace scoped sidecarSet exists (#1547, @ls-2018)
- Pod readiness controller use Patch instead of Update, thus reducing updating conflict when creating a large number of Pods. (#1560, @BruceAko)
Bug fixes
- Multi-domain Management
- Fixes workloadSpread validation message when using adaptive strategy type. (#1553, @voron)
- When feature-gate WorkloadSpread=false, the WorkloadSpread Controller is no longer started and the creation of workloadSpread CR is not allowed. (#1566, @ls-2018)
- Application Protection
- In some extreme scenarios, fix PodUnavailableBudget blocking KCM recycling Pods. (#1567, @Spground)
- Sidecar Container
- Fix SidecarSet invalid update status. (#1641, @Spground)
- Advanced Workload
- Fix potential nil panic in CloneSet validating webhook when Pod's controller owner ref is nil. (#1678, @Spground)
Misc (cleanup and Flake)
- Optimized Advanced StatefulSet code structure based on upstream community code(k8s 1.28). (#1648, @ABNER-1)
- Reduce github workflow action permission. (#1523, @furykerry)
- Bug fix for Makefile envtest failed. (#1548, @BH4AWS)
- Fix UT TestRevisionManage. (#1555, @furykerry)
- Upgrade opencontainers/runc (1.1.12) and controller-gen (0.14.0). (#1562, @ppbits)
- Remove vendor directory. (#1554, @liangyuanpeng)
- Add dependabot config for auto-update github-actions. (#1570, @liangyuanpeng)
- Add permission of security-events write for ghaction golangci-lint. (#1582, @liangyuanpeng)
- Fix vendor error while running command make docker-multiarch. (#1601, @MichaelRren)
- Change e2e centos image from 6.7 to 7, then e2e can work on arm node. (#1623, @Colvin-Y)
- Fix slice declarations that are not initialized with zero length. (#1628, @alingse)
- Fix UT TestMatchRegistryAuths failed. (#1583, @ABNER-1)
- Changes the scorecard badge link from old format to the Standard human-readable OpenSSF Scorecard Report. (#1657, @harshitasao)