openkruise/kruise v1.7.0

on GitHub

To install or upgrade to the old version, see installation doc.

Change log since v1.6.3

Key Features

• When CloneSet volumeClaimTemplates changed, always recreate pods and related volumes. (#1561, @ABNER-1)
• Bump K8s dependency to 1.28, and OpenKruise still works with Kubernetes Version >= 1.18. (#1598, @ABNER-1)
• SidecarSet support k8s 1.28 Sidecar Containers(initContainers[x].restartPolicy=Always), and significantly improves the lifecycle management of Sidecar containers,
  refer to the community documentation for details. (#1613, @zmberg)
• ImagePullJob support for credential provider plugin, e.g. aws. (#1383, @Kuromesi)
• Advanced StatefulSet support start ordinal. (#1643, @ABNER-1)
• Support webhook CA injection using external certification management tool, e.g. cert-manager. (#1665, @Kuromesi)
• Kruise-daemon support cri-docker.sock for kubernetes clusters that use docker runtime. (#1631, @BraceCY)
• Advanced StatefulSet add pod index label statefulset.kubernetes.io/pod-index. (#1667, @cr7258)
• Add Structured logging support. (#1565, @MajLuu); (#1629, @jairuigou); (#1669, @AiRanthem)

Performance Enhancement

• Optimizing Pod SidecarSet webhook and controller performance when lots of namespace scoped sidecarSet exists (#1547, @ls-2018)
• Pod readiness controller use Patch instead of Update, thus reducing updating conflict when creating a large number of Pods. (#1560, @BruceAko)

Bug fixes

• Multi-domain Management
• Fixes workloadSpread validation message when using adaptive strategy type. (#1553, @voron)
• When feature-gate WorkloadSpread=false, the WorkloadSpread Controller is no longer started and the creation of workloadSpread CR is not allowed. (#1566, @ls-2018)
• Application Protection
• In some extreme scenarios, fix PodUnavailableBudget blocking KCM recycling Pods. (#1567, @Spground)
• Sidecar Container
• Fix SidecarSet invalid update status. (#1641, @Spground)
• Advanced Workload
• Fix potential nil panic in CloneSet validating webhook when Pod's controller owner ref is nil. (#1678, @Spground)

Misc (cleanup and Flake)

• Optimized Advanced StatefulSet code structure based on upstream community code(k8s 1.28). (#1648, @ABNER-1)
• Reduce github workflow action permission. (#1523, @furykerry)
• Bug fix for Makefile envtest failed. (#1548, @BH4AWS)
• Fix UT TestRevisionManage. (#1555, @furykerry)
• Upgrade opencontainers/runc (1.1.12) and controller-gen (0.14.0). (#1562, @ppbits)
• Remove vendor directory. (#1554, @liangyuanpeng)
• Add dependabot config for auto-update github-actions. (#1570, @liangyuanpeng)
• Add permission of security-events write for ghaction golangci-lint. (#1582, @liangyuanpeng)
• Fix vendor error while running command make docker-multiarch. (#1601, @MichaelRren)
• Change e2e centos image from 6.7 to 7, then e2e can work on arm node. (#1623, @Colvin-Y)
• Fix slice declarations that are not initialized with zero length. (#1628, @alingse)
• Fix UT TestMatchRegistryAuths failed. (#1583, @ABNER-1)
• Changes the scorecard badge link from old format to the Standard human-readable OpenSSF Scorecard Report. (#1657, @harshitasao)