Release notes (Rapid channel)

This page documents updates to releases in the Google Kubernetes Engine Rapid release channel. You can periodically check this page for announcements about new or updated features, bug fixes, known issues, and deprecated functionality. The overall release notes also include the information in this page.

For more detailed information about security-related known issues, see the security bulletin page.

To get the latest product updates delivered to you, add the URL of this page to your feed reader.

June 27, 2019

1.14.3-gke.9

This version contains a patch for recently discovered TCP vulnerabilities in the Linux kernel. See the associated security bulletin for more information.

June 4, 2019

v1.14.1-gke.5 is the default for new Rapid channel clusters. This version includes patched node images that address CVE-2019-11245.

GKE nodes running Kubernetes v1.14.2 are affected by CVE-2019-11245. Information about the impact and mitigation of this vulnerability is available in this Kubernetes issue report.i In addition to security concerns, this bug can cause Pods that must run as a specific UID to fail.

June 3, 2019

Corrections

The rollout dates for the May 28, 2019 releases are incorrect. Day 2 spanned May 29-30, day 3 is May 31, and day 4 is June 3.

May 28, 2019

v1.14.2-gke.2 is the default for new Rapid channel clusters, and includes the following changes:

GKE Sandbox is supported on v1.14.x clusters running v1.14.2-gke.2 or higher.

The node image for Container-Optimized OS (COS) is now cos-u-73-11647-182-0.

The node image for Ubuntu is now ubuntu-gke-1804-d1809-0-v20190517.

Node images have been updated to fix Microarchitectural Data Sampling (MDS) vulnerabilities announced by Intel. For more information, see the security bulletin.

The patch alone is not sufficient to mitigate exposure to this vulnerability. For more information, see the security bulletin.
Nodes using these images are now shielded VMs with the following properties:
- UEFI boot is enabled.
- SecureBoot is disabled.
- vTPM is enabled.
- Integrity Monitoring is enabled.

The following IP ranges have been added to default non-IP-masq iptables rules:

100.64.0.0/10
192.0.0.0/24
192.0.2.0/24
192.88.99.0/24
198.18.0.0/15
198.51.100.0/24
203.0.113.0/24
240.0.0.0/4

May 20, 2019

No v1.14.x versions this week.

New features

Stackdriver Kubernetes Engine Monitoring is now generally available for clusters using the following GKE versions:

1.12.x clusters v1.12.7-gke.17 and newer
1.13.x clusters v1.13.5-gke.10 and newer
1.14.x (Alpha) clusters v1.14.1-gke.5 and newer

Users of the legacy Stackdriver support are encouraged to migrate to Stackdriver Kubernetes Engine Monitoring before support for legacy Stackdriver is removed.

Rollout schedule

Date	Available zones	Available regions
2019-⁠05-⁠21	`europe-⁠west2-⁠a`, `us-⁠east1-⁠d`	`europe-⁠west3`, `us-⁠east1`
2019-⁠05-⁠22	`asia-⁠east1-⁠a`, `asia-⁠east2-⁠c`, `asia-⁠northeast1-⁠a`, `asia-⁠northeast2-⁠c`, `asia-⁠south1-⁠a`, `asia-⁠southeast1-⁠a`, `australia-⁠southeast1-⁠a`, `europe-⁠north1-⁠c`, `europe-⁠west1-⁠c`, `europe-⁠west3-⁠a`, `europe-⁠west4-⁠a`, `europe-⁠west6-⁠c`, `northamerica-⁠northeast1-⁠c`, `southamerica-⁠east1-⁠a`, `us-⁠central1-⁠b`, `us-⁠east4-⁠b`, `us-⁠west1-⁠a`, `us-⁠west2-⁠c`	`asia-⁠east1`, `asia-⁠southeast1`, `europe-⁠west6`, `northamerica-⁠northeast1`, `us-⁠east4`, `us-⁠west2`
2019-⁠05-⁠23	`asia-⁠east1-⁠c`, `asia-⁠east2-⁠b`, `asia-⁠northeast1-⁠b`, `asia-⁠northeast2-⁠b`, `asia-⁠south1-⁠b`, `asia-⁠southeast1-⁠b`, `australia-⁠southeast1-⁠b`, `europe-⁠north1-⁠b`, `europe-⁠west1-⁠b`, `europe-⁠west2-⁠b`, `europe-⁠west3-⁠b`, `europe-⁠west4-⁠c`, `europe-⁠west6-⁠b`, `northamerica-⁠northeast1-⁠b`, `southamerica-⁠east1-⁠b`, `us-⁠central1-⁠f`, `us-⁠east1-⁠c`, `us-⁠east4-⁠c`, `us-⁠west1-⁠b`, `us-⁠west2-⁠b`	`asia-⁠east2`, `asia-⁠northeast1`, `australia-⁠southeast1`, `europe-⁠west1`, `europe-⁠west2`, `southamerica-⁠east1`, `us-⁠west1`
2019-⁠05-⁠24	`asia-⁠east1-⁠b`, `asia-⁠east2-⁠a`, `asia-⁠northeast1-⁠c`, `asia-⁠northeast2-⁠a`, `asia-⁠south1-⁠c`, `asia-⁠southeast1-⁠c`, `australia-⁠southeast1-⁠c`, `europe-⁠north1-⁠a`, `europe-⁠west1-⁠d`, `europe-⁠west2-⁠c`, `europe-⁠west3-⁠c`, `europe-⁠west4-⁠b`, `europe-⁠west6-⁠a`, `northamerica-⁠northeast1-⁠a`, `southamerica-⁠east1-⁠c`, `us-⁠central1-⁠a`, `us-⁠central1-⁠c`, `us-⁠east1-⁠b`, `us-⁠east4-⁠a`, `us-⁠west1-⁠c`, `us-⁠west2-⁠a`	`asia-⁠northeast2`, `asia-⁠south1`, `europe-⁠north1`, `europe-⁠west4`, `us-⁠central1`

May 13, 2019

GKE v1.14.1-gke.5 (alpha) is now available for testing and validation in the Rapid release channel. For more details, refer to the release notes for Kubernetes v1.14.

Changes

GKE v1.14.x has the following differences from Kubernetes 1.14.1.

GKE v1.14.x uses kube-dns rather than core-dns.
GKE v1.14.x does not support Dramatically Simplify Kubernetes Cluster Creation, a sub-feature of kubeadm.
GKE v1.14.x does not support taint-based eviction.

You cannot yet create an alpha cluster running GKE v1.14.x. If you attempt to use the --enable-kubernetes-alpha flag, cluster creation fails.

¿Te ha resultado útil esta página? Enviar comentarios:

Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see our Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Última actualización: Junio 29, 2019.