From edbcd479ed6d996de7267d4354d38a980dcb6a4c Mon Sep 17 00:00:00 2001 From: Saurabh Kumar Singh Date: Sat, 18 Apr 2026 14:35:59 +0530 Subject: [PATCH] Release Notes draft for k/k v1.36.0-rc.1 Signed-off-by: Saurabh Kumar Singh --- .../release-notes/maps/pr-138244-map.yaml | 15 +++ .../release-notes/maps/pr-138299-map.yaml | 13 ++ .../release-notes/release-notes-draft.json | 124 +++++++++++++----- .../release-notes/release-notes-draft.md | 15 ++- .../sessions/maps-1776500320.json | 19 +++ 5 files changed, 146 insertions(+), 40 deletions(-) create mode 100644 releases/release-1.36/release-notes/maps/pr-138244-map.yaml create mode 100644 releases/release-1.36/release-notes/maps/pr-138299-map.yaml create mode 100644 releases/release-1.36/release-notes/sessions/maps-1776500320.json diff --git a/releases/release-1.36/release-notes/maps/pr-138244-map.yaml b/releases/release-1.36/release-notes/maps/pr-138244-map.yaml new file mode 100644 index 00000000000..df058553ac7 --- /dev/null +++ b/releases/release-1.36/release-notes/maps/pr-138244-map.yaml @@ -0,0 +1,15 @@ +pr: 138244 +releasenote: + text: Fixed a kubelet device manager bug where topology hint computation enumerated + O(2^n) NUMA node combinations using all machine NUMA nodes. On systems with many + NUMA nodes that carry no devices (e.g. NVIDIA GB200 with 36 NUMA nodes), this + caused kubelet to stall indefinitely during pod admission. The device manager + now restricts iteration to NUMA nodes that actually host devices for the requested + resource, reducing the search space to O(2^k) where k is typically 1–2. + sigs: + - node + kinds: + - bug + areas: + - kubelet +pr_body: "" diff --git a/releases/release-1.36/release-notes/maps/pr-138299-map.yaml b/releases/release-1.36/release-notes/maps/pr-138299-map.yaml new file mode 100644 index 00000000000..704ac50d0e8 --- /dev/null +++ b/releases/release-1.36/release-notes/maps/pr-138299-map.yaml @@ -0,0 +1,13 @@ +pr: 138299 +releasenote: + text: |- + Kubernetes is now built using Go `v1.26.2`. + sigs: + - release + - testing + kinds: + - feature + areas: + - test + - release-eng +pr_body: "" diff --git a/releases/release-1.36/release-notes/release-notes-draft.json b/releases/release-1.36/release-notes/release-notes-draft.json index 6f55d01eb95..bd93127342c 100644 --- a/releases/release-1.36/release-notes/release-notes-draft.json +++ b/releases/release-1.36/release-notes/release-notes-draft.json @@ -119,8 +119,7 @@ "sigs": [ "node" ], - "do_not_publish": true, - "pr_body": "\r\n\r\n\u003c!-- Thanks for sending a pull request! Here are some tips for you:\r\n\r\n1. If this is your first time, please read our contributor guidelines: https://git.k8s.io/community/contributors/guide/first-contribution.md#your-first-contribution and developer guide https://git.k8s.io/community/contributors/devel/development.md#development-guide\r\n2. Please label this pull request according to what type of issue you are addressing, especially if this is a release targeted pull request. For reference on required PR/issue labels, read here:\r\nhttps://git.k8s.io/community/contributors/devel/sig-release/release.md#issuepr-kind-label\r\n3. Ensure you have added or ran the appropriate tests for your PR: https://git.k8s.io/community/contributors/devel/sig-testing/testing.md\r\n4. If you want *faster* PR reviews, read how: https://git.k8s.io/community/contributors/guide/pull-requests.md#best-practices-for-faster-reviews\r\n5. If the PR is unfinished, see how to mark it: https://git.k8s.io/community/contributors/guide/pull-requests.md#marking-unfinished-pull-requests\r\n--\u003e\r\n\r\n#### What type of PR is this?\r\n/kind cleanup\r\n\u003c!--\r\nAdd one of the following kinds:\r\n/kind bug\r\n/kind cleanup\r\n/kind documentation\r\n/kind feature\r\n\r\nOptionally add one or more of the following kinds if applicable:\r\n/kind api-change\r\n/kind deprecation\r\n/kind failing-test\r\n/kind flake\r\n/kind regression\r\n--\u003e\r\n\r\n#### What this PR does / why we need it:\r\nAdjust the expected and actual parameters of the unit test Equal function to the correct order\r\n#### Which issue(s) this PR fixes:\r\n\u003c!--\r\n*Automatically closes linked issue when PR is merged.\r\nUsage: `Fixes #\u003cissue number\u003e`, or `Fixes (paste link of issue)`.\r\n_If PR is about `failing-tests or flakes`, please post the related issues/tests in a comment and do not use `Fixes`_*\r\n--\u003e\r\nFixes #\r\n\r\n#### Special notes for your reviewer:\r\n\r\n#### Does this PR introduce a user-facing change?\r\n\u003c!--\r\nIf no, just write \"NONE\" in the release-note block below.\r\nIf yes, a release note is required:\r\nEnter your extended release note in the block below. If the PR requires additional action from users switching to the new release, include the string \"action required\".\r\n\r\nFor more information on release notes see: https://git.k8s.io/community/contributors/guide/release-notes.md\r\n--\u003e\r\n```release-note\r\n \"NONE\"\r\n```\r\n\r\n#### Additional documentation e.g., KEPs (Kubernetes Enhancement Proposals), usage docs, etc.:\r\n\r\n\u003c!--\r\nThis section can be blank if this pull request does not require a release note.\r\n\r\nWhen adding links which point to resources within git repositories, like\r\nKEPs or supporting documentation, please reference a specific commit and avoid\r\nlinking directly to the master branch. This ensures that links reference a\r\nspecific point in time, rather than a document that may change over time.\r\n\r\nSee here for guidance on getting permanent links to files: https://help.github.com/en/articles/getting-permanent-links-to-files\r\n\r\nPlease use the following format for linking documentation:\r\n- [KEP]: \u003clink\u003e\r\n- [Usage]: \u003clink\u003e\r\n- [Other doc]: \u003clink\u003e\r\n--\u003e\r\n```docs\r\n\r\n```\r\n" + "do_not_publish": true }, "131950": { "commit": "18cbbbd34e8ea009934198687de5a0dba23cb22f", @@ -652,8 +651,7 @@ "sigs": [ "architecture" ], - "do_not_publish": true, - "is_mapped": true + "do_not_publish": true }, "134867": { "commit": "9b8aa0b5850cbac7b4fbb48ac4c24e2537605e8e", @@ -669,8 +667,7 @@ "sigs": [ "architecture" ], - "do_not_publish": true, - "is_mapped": true + "do_not_publish": true }, "134937": { "commit": "6adb2afe557e066738389124cefa0db496a4d3c1", @@ -1827,8 +1824,7 @@ "testing" ], "duplicate": true, - "do_not_publish": true, - "is_mapped": true + "do_not_publish": true }, "135742": { "commit": "5262149cd6ffc83eb37f2ec6c670cd516d498359", @@ -2677,8 +2673,7 @@ ], "feature": true, "duplicate_kind": true, - "do_not_publish": true, - "is_mapped": true + "do_not_publish": true }, "136084": { "commit": "a221280c5389cf5f4008145145259116c58fd21b", @@ -3257,8 +3252,7 @@ ], "duplicate": true, "duplicate_kind": true, - "do_not_publish": true, - "is_mapped": true + "do_not_publish": true }, "136314": { "commit": "6c300757e80934ef07ed29a2fbf5e6db55e3005b", @@ -8153,28 +8147,6 @@ "duplicate": true, "is_mapped": true }, - "137715": { - "commit": "aa13dc5aa3825476c3857294c4a1a4ef14cca72f", - "text": "Writes to the ServiceCIDR main resource ignore status field changes in the request, consistent with all other Kubernetes APIs. The `ServiceCIDRStatusFieldWiping` feature gate can be disabled to restore the previous behavior; it will be locked to enabled in a future release.", - "markdown": "Writes to the ServiceCIDR main resource ignore status field changes in the request, consistent with all other Kubernetes APIs. The `ServiceCIDRStatusFieldWiping` feature gate can be disabled to restore the previous behavior; it will be locked to enabled in a future release. ([#137715](https://github.com/kubernetes/kubernetes/pull/137715), [@jpbetz](https://github.com/jpbetz)) [SIG API Machinery, Network and Testing]", - "author": "jpbetz", - "author_url": "https://github.com/jpbetz", - "pr_url": "https://github.com/kubernetes/kubernetes/pull/137715", - "pr_number": 137715, - "areas": [ - "test" - ], - "kinds": [ - "bug" - ], - "sigs": [ - "api-machinery", - "network", - "testing" - ], - "duplicate": true, - "is_mapped": true - }, "137719": { "commit": "c2a7819806ba6078330d495ac4ef274b2e2b3559", "text": "kubelet: Added tiered cgroup v2 memory protection for MemoryQoS: `memory.min` for Guaranteed pods and `memory.low` for Burstable pods, with node-level metrics and rollback reconciliation (KEP-2570).", @@ -8206,6 +8178,28 @@ ], "is_mapped": true }, + "137715": { + "commit": "aa13dc5aa3825476c3857294c4a1a4ef14cca72f", + "text": "Writes to the ServiceCIDR main resource ignore status field changes in the request, consistent with all other Kubernetes APIs. The `ServiceCIDRStatusFieldWiping` feature gate can be disabled to restore the previous behavior; it will be locked to enabled in a future release.", + "markdown": "Writes to the ServiceCIDR main resource ignore status field changes in the request, consistent with all other Kubernetes APIs. The `ServiceCIDRStatusFieldWiping` feature gate can be disabled to restore the previous behavior; it will be locked to enabled in a future release. ([#137715](https://github.com/kubernetes/kubernetes/pull/137715), [@jpbetz](https://github.com/jpbetz)) [SIG API Machinery, Network and Testing]", + "author": "jpbetz", + "author_url": "https://github.com/jpbetz", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/137715", + "pr_number": 137715, + "areas": [ + "test" + ], + "kinds": [ + "bug" + ], + "sigs": [ + "api-machinery", + "network", + "testing" + ], + "duplicate": true, + "is_mapped": true + }, "137753": { "commit": "158b69d2234f2b07ba7b6c5e182fa9df417bdf73", "text": "The \"Failed to update lease optimistically\" log message may not be shown to users anymore, depending on the log level they have set.", @@ -8508,6 +8502,26 @@ "duplicate_kind": true, "is_mapped": true }, + "138244": { + "commit": "0275382260bc0d5279b703d21ec7ad4db35b8d78", + "text": "Fixed a kubelet device manager bug where topology hint computation enumerated O(2^n) NUMA node combinations using all machine NUMA nodes. On systems with many NUMA nodes that carry no devices (e.g. NVIDIA GB200 with 36 NUMA nodes), this caused kubelet to stall indefinitely during pod admission. The device manager now restricts iteration to NUMA nodes that actually host devices for the requested resource, reducing the search space to O(2^k) where k is typically 1–2.", + "markdown": "Fixed a kubelet device manager bug where topology hint computation enumerated O(2^n) NUMA node combinations using all machine NUMA nodes. On systems with many NUMA nodes that carry no devices (e.g. NVIDIA GB200 with 36 NUMA nodes), this caused kubelet to stall indefinitely during pod admission. The device manager now restricts iteration to NUMA nodes that actually host devices for the requested resource, reducing the search space to O(2^k) where k is typically 1–2. ([#138244](https://github.com/kubernetes/kubernetes/pull/138244), [@fanzhangio](https://github.com/fanzhangio)) [SIG Node]", + "author": "fanzhangio", + "author_url": "https://github.com/fanzhangio", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/138244", + "pr_number": 138244, + "areas": [ + "kubelet" + ], + "kinds": [ + "bug" + ], + "sigs": [ + "node" + ], + "do_not_publish": true, + "is_mapped": true + }, "138261": { "commit": "6e753bd2b4793152b55ad9cefd3130169fb1a749", "text": "Kubernetes is now built using Go `v1.26.2`.", @@ -8525,5 +8539,47 @@ ], "duplicate": true, "is_mapped": true + }, + "138299": { + "commit": "f5c7b422749303542baa17f1322d95250df9b0b5", + "text": "Kubernetes is now built using Go `v1.26.2`.", + "markdown": "Kubernetes is now built using Go `v1.26.2`. ([#138299](https://github.com/kubernetes/kubernetes/pull/138299), [@xmudrii](https://github.com/xmudrii)) [SIG Release and Testing]", + "author": "xmudrii", + "author_url": "https://github.com/xmudrii", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/138299", + "pr_number": 138299, + "areas": [ + "test", + "release-eng" + ], + "kinds": [ + "feature" + ], + "sigs": [ + "release", + "testing" + ], + "feature": true, + "duplicate": true + }, + "138318": { + "commit": "462e759d1995c143fda094cd7f591b10fd8cdee6", + "text": "Fixed running of DRA e2e tests in air-gapped clusters or with test images in private registries.", + "markdown": "Fixed running of DRA e2e tests in air-gapped clusters or with test images in private registries. ([#138318](https://github.com/kubernetes/kubernetes/pull/138318), [@jsafrane](https://github.com/jsafrane)) [SIG Node and Testing]", + "author": "jsafrane", + "author_url": "https://github.com/jsafrane", + "pr_url": "https://github.com/kubernetes/kubernetes/pull/138318", + "pr_number": 138318, + "areas": [ + "test" + ], + "kinds": [ + "bug" + ], + "sigs": [ + "node", + "testing" + ], + "duplicate": true } } \ No newline at end of file diff --git a/releases/release-1.36/release-notes/release-notes-draft.md b/releases/release-1.36/release-notes/release-notes-draft.md index f584abbf965..5da9501ba28 100644 --- a/releases/release-1.36/release-notes/release-notes-draft.md +++ b/releases/release-1.36/release-notes/release-notes-draft.md @@ -35,6 +35,10 @@ - Added alpha support (behind the `PersistentVolumeClaimUnusedSinceTime` feature gate) for tracking PersistentVolumeClaim unused status via a new `Unused` condition on PersistentVolumeClaimStatus. When enabled, the PVC protection controller sets `Unused=True` with a `lastTransitionTime` when no non-terminal Pods reference the PersistentVolumeClaim. ([#137862](https://github.com/kubernetes/kubernetes/pull/137862), [@gnufied](https://github.com/gnufied)) [SIG Apps, Auth, Storage and Testing] - Added alpha support for manifest-based admission control configuration (KEP-5793). When the `ManifestBasedAdmissionControlConfig` feature gate is enabled, admission webhooks and CEL-based policies can be loaded from static manifest files on disk via the `staticManifestsDir` field in `AdmissionConfiguration`. These policies are active from API server startup, survive `etcd` unavailability, and can protect API-based admission resources from modification. ([#137346](https://github.com/kubernetes/kubernetes/pull/137346), [@aramase](https://github.com/aramase)) [SIG API Machinery, Apps, Architecture, Auth, Autoscaling, CLI, Cloud Provider, Cluster Lifecycle, Instrumentation, Network, Node, Release, Scheduling, Storage, Testing and Windows] - Added an admission plugin that validates PodGroup resources reference an existing Workload and match the declared PodGroupTemplate spec. ([#137464](https://github.com/kubernetes/kubernetes/pull/137464), [@helayoty](https://github.com/helayoty)) [SIG API Machinery, Apps, Auth, CLI, Cloud Provider, Etcd, Node, Scheduling and Testing] +- Added list-type support for attributes in DRA (KEP-5491). The `DRAListTypeAttributes` feature gate (disabled by default) activates the following enhancements: + - DRA drivers can use list-type fields (`bools`/`ints`/`strings`/`versions`) for device attributes in ResourceSlice. The number of attribute values, including scalars and lists, per single device is limited to 48. + - The `matchAttribute`/`distinctAttribute` constraints in ResourceClaim now work on both scalar and list attributes. The `matchAttribute` constraint matches when the intersection of all list values among candidate devices is non-empty. The `distinctAttribute` constraint (behind the `ConsumableCapacity` feature gate) matches when all list values among candidate devices are pairwise disjoint. Scalar values are implicitly treated as a singleton set. + - Added a new CEL function `.includes` that works on both scalar and list attributes to test inclusion (e.g., `device.attributes["dra.example.com"].model.includes("model-a")`), supporting migration when a DRA driver changes an attribute value type from scalar to list or vice versa. ([#137190](https://github.com/kubernetes/kubernetes/pull/137190), [@everpeace](https://github.com/everpeace)) [SIG API Machinery, Node, Scheduling and Testing] - Added new `concurrent-node-status-updates` flag that is split from the `concurrent-node-syncs` flag. ([#136716](https://github.com/kubernetes/kubernetes/pull/136716), [@yonizxz](https://github.com/yonizxz)) [SIG Cloud Provider] - Added opt-in alpha support in the kubeletplugin framework for DRA drivers to publish DRA Device metadata in Pod CDI mounts. ([#137086](https://github.com/kubernetes/kubernetes/pull/137086), [@alaypatel07](https://github.com/alaypatel07)) [SIG Apps, Network, Node and Testing] - Added opt-in scheduling behavior for CSI volumes. ([#137343](https://github.com/kubernetes/kubernetes/pull/137343), [@gnufied](https://github.com/gnufied)) [SIG API Machinery, Scheduling and Storage] @@ -73,10 +77,6 @@ - HPA: Improved scaling to and from zero when the `HPAScaleToZero` feature gate is enabled. ([#135118](https://github.com/kubernetes/kubernetes/pull/135118), [@johanneswuerbach](https://github.com/johanneswuerbach)) [SIG Apps, Autoscaling and Testing] - Integrated Workload and PodGroup APIs with the Job controllers to support gang-scheduling. ([#137032](https://github.com/kubernetes/kubernetes/pull/137032), [@helayoty](https://github.com/helayoty)) [SIG API Machinery, Apps, Auth, CLI, Cloud Provider, Etcd, Instrumentation, Node, Scheduling and Testing] - Introduced `scheduling.k8s.io/v1alpha2` Workload and PodGroup API to express workload-level scheduling requirements and let `kube-scheduler` act on those. Removed `scheduling.k8s.io/v1alpha1` Workload API. ([#136976](https://github.com/kubernetes/kubernetes/pull/136976), [@tosi3k](https://github.com/tosi3k)) [SIG API Machinery, Apps, Auth, CLI, Cloud Provider, Etcd, Node, Scheduling, Storage and Testing] -- Added list-type support for attributes in DRA (KEP-5491). The `DRAListTypeAttributes` feature gate (disabled by default) activates the following enhancements: - - DRA drivers can use list-type fields (`bools`/`ints`/`strings`/`versions`) for device attributes in ResourceSlice. The number of attribute values, including scalars and lists, per single device is limited to 48. - - The `matchAttribute`/`distinctAttribute` constraints in ResourceClaim now work on both scalar and list attributes. The `matchAttribute` constraint matches when the intersection of all list values among candidate devices is non-empty. The `distinctAttribute` constraint (behind the `ConsumableCapacity` feature gate) matches when all list values among candidate devices are pairwise disjoint. Scalar values are implicitly treated as a singleton set. - - Added a new CEL function `.includes` that works on both scalar and list attributes to test inclusion (e.g., `device.attributes["dra.example.com"].model.includes("model-a")`), supporting migration when a DRA driver changes an attribute value type from scalar to list or vice versa. ([#137190](https://github.com/kubernetes/kubernetes/pull/137190), [@everpeace](https://github.com/everpeace)) [SIG API Machinery, Node, Scheduling and Testing] - Kube-apiserver: The `--audit-policy-file` config file now supports specifying `group: "*"` in resource rules to match all API groups. ([#135262](https://github.com/kubernetes/kubernetes/pull/135262), [@cmuuss](https://github.com/cmuuss)) [SIG API Machinery, Auth and Testing] - Kube-controller-manager: Added ALPHA gauge metric `informer_queued_items` for informer queue length, published as `informer_queued_items{name=kube-controller-manager,group=,resource=,version=} `. ([#135782](https://github.com/kubernetes/kubernetes/pull/135782), [@richabanker](https://github.com/richabanker)) [SIG API Machinery, Architecture, Instrumentation and Testing] - Kubelet: Added tiered cgroup v2 memory protection for MemoryQoS: `memory.min` for Guaranteed pods and `memory.low` for Burstable pods, with node-level metrics and rollback reconciliation (KEP-2570). ([#137719](https://github.com/kubernetes/kubernetes/pull/137719), [@sohankunkerkar](https://github.com/sohankunkerkar)) [SIG Node, Storage and Testing] @@ -178,10 +178,11 @@ - Kubeadm: Increased the timeout of the `kubeadm upgrade` `CreateJob` preflight check to 1 minute. This allows Windows worker nodes to have more time to run the preflight check. The check uses the `pause` image, so if you are experiencing slow pull times, you can either pre-pull the image on the worker using `kubeadm config images pull --kubernetes-version TARGET` or skip the preflight check with `--ignore-preflight-errors`. ([#136273](https://github.com/kubernetes/kubernetes/pull/136273), [@neolit123](https://github.com/neolit123)) [SIG Cluster Lifecycle] - Kubeadm: Promoted the `NodeLocalCRISocket` feature gate to GA and locked it to enabled. ([#135742](https://github.com/kubernetes/kubernetes/pull/135742), [@HirazawaUi](https://github.com/HirazawaUi)) [SIG Cluster Lifecycle] - Kubeadm: Removed the `ControlPlaneKubeletLocalMode` feature gate, which graduated to GA in `v1.35` and was locked to enabled. ([#135773](https://github.com/kubernetes/kubernetes/pull/135773), [@neolit123](https://github.com/neolit123)) [SIG Cluster Lifecycle] -- Kubeadm: When using `--v=1` or higher log verbosity, prints information about the CA certificate used for discovery when using `kubeadm join`. ([#137102](https://github.com/kubernetes/kubernetes/pull/137102), [@sivchari](https://github.com/sivchari)) [SIG Cluster Lifecycle] - Kubeadm: The preflight check `ContainerRuntimeVersion` validates if the installed container runtime supports the `RuntimeConfig` gRPC method. For older kubelet versions than `v1.37`, it will return a preflight warning. ([#136898](https://github.com/kubernetes/kubernetes/pull/136898), [@carlory](https://github.com/carlory)) [SIG Cluster Lifecycle] +- Kubeadm: When using `--v=1` or higher log verbosity, prints information about the CA certificate used for discovery when using `kubeadm join`. ([#137102](https://github.com/kubernetes/kubernetes/pull/137102), [@sivchari](https://github.com/sivchari)) [SIG Cluster Lifecycle] - Kubelet: Deferred the removal of deprecated kubelet configuration flags (and their related fallback behavior) from version 1.36 to 1.37, aligning with the end of containerd v1.7 support. ([#136846](https://github.com/kubernetes/kubernetes/pull/136846), [@carlory](https://github.com/carlory)) [SIG Node and Testing] - Kubelet: If the `--client-ca-file` is updated while `kubelet` is running, the updated root certificates are correctly used to advertise accepted authorities to TLS clients connecting to the `kubelet` endpoints. This behavior is guarded by the `ReloadKubeletClientCAFile` feature gate, which is enabled by default. ([#136762](https://github.com/kubernetes/kubernetes/pull/136762), [@HarshalNeelkamal](https://github.com/HarshalNeelkamal)) [SIG API Machinery, Auth, Node and Testing] +- Kubernetes is now built using Go `v1.26.2`. ([#138299](https://github.com/kubernetes/kubernetes/pull/138299), [@xmudrii](https://github.com/xmudrii)) [SIG Release and Testing] - Kubernetes is now built using Go `v1.26.0`. ([#137080](https://github.com/kubernetes/kubernetes/pull/137080), [@cpanato](https://github.com/cpanato)) [SIG Release and Testing] - Kubernetes is now built with Go `v1.25.6`. ([#136257](https://github.com/kubernetes/kubernetes/pull/136257), [@BenTheElder](https://github.com/BenTheElder)) [SIG Release] - Kubernetes is now built with Go `v1.25.6`. ([#136465](https://github.com/kubernetes/kubernetes/pull/136465), [@cpanato](https://github.com/cpanato)) [SIG Release and Testing] @@ -226,6 +227,7 @@ - Changed some error logs to info logs with verbosity level in `controller/resourcequota` and `controller/garbagecollector`. ([#136040](https://github.com/kubernetes/kubernetes/pull/136040), [@petern48](https://github.com/petern48)) [SIG API Machinery and Apps] - Changed the `nodeGetCapabilities` method of `csiDriverClient` to return `NewUncertainProgressError` when receiving a non-final gRPC error. This resolves residual global mount paths during rapid pod creation-deletion cycles. ([#135930](https://github.com/kubernetes/kubernetes/pull/135930), [@249043822](https://github.com/249043822)) [SIG Node and Storage] - Changed the behavior of default scheduler preemption plugin when preempting Pods that are in `WaitOnPermit` phase. They are now moved to the scheduler backoff queue instead of being marked as unschedulable. ([#135719](https://github.com/kubernetes/kubernetes/pull/135719), [@Argh4k](https://github.com/Argh4k)) [SIG Scheduling and Testing] +- Changed the runtime handlers list returned by the CRI runtime to be sorted, preventing unnecessary Node object updates when the order changes. ([#135358](https://github.com/kubernetes/kubernetes/pull/135358), [@harche](https://github.com/harche)) [SIG Node] - Client-go: Fixed an unlikely deadlock during informer startup. ([#136509](https://github.com/kubernetes/kubernetes/pull/136509), [@pohly](https://github.com/pohly)) [SIG API Machinery] - CustomResourceDefinitions: Fixed server-side apply field ownership tracking so that metadata ownership is correctly tracked for writes to the `/status` subresource. Custom Resources: Fixed server-side apply field ownership to not update metadata from the `/status` subresource since these writes are wiped for custom resources. ([#137689](https://github.com/kubernetes/kubernetes/pull/137689), [@jpbetz](https://github.com/jpbetz)) [SIG API Machinery, Network and Testing] @@ -263,6 +265,7 @@ - Fixed a bug where users could not update HPAv2 resources that use object metrics with `averageValue` via the v1 HPA API. ([#137856](https://github.com/kubernetes/kubernetes/pull/137856), [@adrianmoisey](https://github.com/adrianmoisey)) [SIG Autoscaling] - Fixed a bug where, after a `kubelet` restart, regular containers in a Pod with a sidecar (initContainer with `restartPolicy`: Always) and a `startupProbe` failed to restart after crashing. Affected Pods remained stuck with `RestartCount: 0` indefinitely. ([#137146](https://github.com/kubernetes/kubernetes/pull/137146), [@george-angel](https://github.com/george-angel)) [SIG Node and Testing] - Fixed a data race in the `PopulateRefs` function in `k8s.io/apiserver/pkg/cel/openapi/resolver` where concurrent goroutines could simultaneously modify shared pointer fields from a shallow-copied schema struct. ([#136802](https://github.com/kubernetes/kubernetes/pull/136802), [@pohly](https://github.com/pohly)) [SIG API Machinery, Node and Testing] +- Fixed a kubelet device manager bug where topology hint computation enumerated O(2^n) NUMA node combinations using all machine NUMA nodes. On systems with many NUMA nodes that carry no devices (e.g. NVIDIA GB200 with 36 NUMA nodes), this caused kubelet to stall indefinitely during pod admission. The device manager now restricts iteration to NUMA nodes that actually host devices for the requested resource, reducing the search space to O(2^k) where k is typically 1–2. ([#138244](https://github.com/kubernetes/kubernetes/pull/138244), [@fanzhangio](https://github.com/fanzhangio)) [SIG Node] - Fixed a loophole that allowed users to work around DRA extended resource quota set by system administrators. ([#135434](https://github.com/kubernetes/kubernetes/pull/135434), [@yliaog](https://github.com/yliaog)) [SIG API Machinery, Apps, Node, Scheduling and Testing] - Fixed a race condition in CEL admission policy compilation that could cause `kube-apiserver` to crash with a `concurrent map read and map write` error under high load. ([#135759](https://github.com/kubernetes/kubernetes/pull/135759), [@Abhigyan-Shekhar](https://github.com/Abhigyan-Shekhar)) [SIG API Machinery and CLI] - Fixed a race condition in Dynamic Resource Allocation (DRA) where the same device could be allocated twice for different `ResourceClaims` when scheduling many pods very rapidly. Depending on whether DRA drivers check for this during `NodePrepareResources` (they should, but not all may implement this properly), the second pod using the same device could fail to start until the first one is done or (worse) run in parallel. ([#136269](https://github.com/kubernetes/kubernetes/pull/136269), [@pohly](https://github.com/pohly)) [SIG Node, Scheduling and Testing] @@ -284,6 +287,7 @@ - Fixed queue hint for inter-pod anti-affinity in case deleted pod's anti-affinity matched the pending pod, which might have caused delays in scheduling. ([#135325](https://github.com/kubernetes/kubernetes/pull/135325), [@brejman](https://github.com/brejman)) [SIG Scheduling and Testing] - Fixed queue hint for the `interpodaffinity` plugin in case target pod labels change. ([#135394](https://github.com/kubernetes/kubernetes/pull/135394), [@brejman](https://github.com/brejman)) [SIG Scheduling] - Fixed redundant SSH command executions in the `etcd` failure e2e test. ([#137001](https://github.com/kubernetes/kubernetes/pull/137001), [@kairosci](https://github.com/kairosci)) [SIG API Machinery and Testing] +- Fixed running of DRA e2e tests in air-gapped clusters or with test images in private registries. ([#138318](https://github.com/kubernetes/kubernetes/pull/138318), [@jsafrane](https://github.com/jsafrane)) [SIG Node and Testing] - Fixed static pod status displaying `Init:0/1` when unable to retrieve init container status from container runtime. ([#131317](https://github.com/kubernetes/kubernetes/pull/131317), [@bitoku](https://github.com/bitoku)) [SIG Node and Testing] - Fixed the `lastTerminationStatus` to match the `RestartAllContainers` action if the container was restarted this way. ([#136964](https://github.com/kubernetes/kubernetes/pull/136964), [@yuanwang04](https://github.com/yuanwang04)) [SIG Node] - Fixed the total Pod resources computation. ([#137683](https://github.com/kubernetes/kubernetes/pull/137683), [@ndixita](https://github.com/ndixita)) [SIG CLI and Node] @@ -326,7 +330,6 @@ - Reflected the expected replica count in the output of the `kubectl scale` command. ([#136945](https://github.com/kubernetes/kubernetes/pull/136945), [@ardaguclu](https://github.com/ardaguclu)) [SIG CLI and Testing] - Removed `GuaranteedQoSPodCPUResize` from node declared features. ([#136759](https://github.com/kubernetes/kubernetes/pull/136759), [@pravk03](https://github.com/pravk03)) [SIG Node and Testing] - Removed `container_cpu_load_average_10s`, `container_cpu_load_d_average_10s`, and `cpu_tasks_state` metrics from being reported by cadvisor. This is done because the values were always 0, because a flag was not enabled in the kubelet. ([#134981](https://github.com/kubernetes/kubernetes/pull/134981), [@haircommander](https://github.com/haircommander)) [SIG Node and Testing] -- Changed the runtime handlers list returned by the CRI runtime to be sorted, preventing unnecessary Node object updates when the order changes. ([#135358](https://github.com/kubernetes/kubernetes/pull/135358), [@harche](https://github.com/harche)) [SIG Node] - The `k8s.io/client-go/transport` package automatically reloads certificate authority roots from disk when they are supplied via a file path. This functionality is enabled by default and can be disabled via the `ClientsAllowCARotation` feature gate. ([#132922](https://github.com/kubernetes/kubernetes/pull/132922), [@yt2985](https://github.com/yt2985)) [SIG API Machinery, Architecture, Auth, CLI, Cloud Provider, Instrumentation, Network, Node, Release, Scheduling and Testing] - The `k8s.io/client-go/transport` package garbage collects TLS cache entries and client certificate rotation goroutines when a transport is no longer used. This functionality is enabled by default and can be controlled via the `ClientsAllowTLSCacheGC` feature gate. Binaries embedding `k8s.io/client-go` but not wiring the feature gates can disable it by setting the `KUBE_FEATURE_ClientsAllowTLSCacheGC=false` environment variable. When the feature is disabled, the TLS cache can grow indefinitely and client certificate rotation goroutines are leaked. The new `rest_client_transport_cert_rotation_gc_calls_total{}` and `rest_client_transport_cache_gc_calls_total{result: deleted/skipped}` counter metrics can be used with the preexisting `rest_client_transport_*` metrics to help with debugging. ([#136355](https://github.com/kubernetes/kubernetes/pull/136355), [@enj](https://github.com/enj)) [SIG API Machinery, Architecture, Auth, Instrumentation, Node and Testing] - The `kubelet_pod_start_sli_duration_seconds_bucket` metric matches Pod startup latency SLI/SLO documentation. ([#131950](https://github.com/kubernetes/kubernetes/pull/131950), [@alimaazamat](https://github.com/alimaazamat)) [SIG Node] diff --git a/releases/release-1.36/release-notes/sessions/maps-1776500320.json b/releases/release-1.36/release-notes/sessions/maps-1776500320.json new file mode 100644 index 00000000000..aa17496a11c --- /dev/null +++ b/releases/release-1.36/release-notes/sessions/maps-1776500320.json @@ -0,0 +1,19 @@ +{ + "mail": "singh1203.ss@gmail.com", + "name": "Saurabh Kumar Singh", + "date": 1776500320, + "prs": [ + { + "nr": 138244, + "hash": "09505181a0de5585008fbf779f4160b52abb83f2" + }, + { + "nr": 138318, + "hash": "7ddd370e1330efe3dcf6d4fe02cda57902eebd1e" + }, + { + "nr": 138299, + "hash": "d6772cadd53a034083a9d93a4ba78b47cb9a0bb5" + } + ] +} \ No newline at end of file