“K8S Ecology Weekly” mainly contains some recommended weekly information related to K8S ecology that I have come into contact with. Welcome to subscribe zhihu column “K8S Ecology”.

Docker CE V19.03.6 is released

In the last weekly K8S ecological weekly | Docker v19.03.6 – rc2 release, I have introduced the Docker v19.03.6 contained in the main updated.

I’ll add an extra note here:

If you are using a single-core machine/VIRTUAL machine, there may be a task hang due to a bug in Containerd after v19.03.6

One of the more common things that can go wrong is using GitLab.com’s shared Runner (single-core VM). If you don’t specify a dIND (Docker In Docker) image as a specific version number, but instead use a tag like Docker: Dind, You may already have a problem with that. Docker :19.03.5-dind is recommended.

Containerd V1.2.13 will include this fix (which has not been released yet), or a temporary fix could be to temporarily degrade Containerd.

When a new version of Container is released, you can reinstall or upgrade Containerd to resolve this problem.

The Helm V3.1.0 is released

It has been three months since v3.0.0 was officially released at Helm on 13 November 2019, and the new feature version has finally arrived. V3.1.0 was released this week. There are a number of updates and fixes, notably the following:

  • for--all-namespacesAdded an alias that can be used-AAlternative;
  • helm lintYou can go straight to onetar.gzThe compressed package has been checked;
  • Add one--post-rendererHook, support the use of executable files to modify the rendered file;
  • Support rendering CRD to--output-dirSpecified directory;

The other is a lot of bugfixes, see ReleaseNote if you are interested in this release.

Kubernetes has released several versions

Kubernetes V1.17.3, V1.16.7, v1.15.10 and so on have been released, mainly to fix some bugs, among which the SIG Cloud Provider class is more.

I have a quick look at the release, but I don’t want to introduce it here. If you are interested, please refer to ReleaseNote v1.17.3 v1.16.7 v1.15.10.

Istio v1.4.4 release

Istio also released v1.4.4 this week, with one notable note:

CVE-2020-8595: Istio’s AuthenticationPolicy has a loophole in the path-matching logic that allows unauthorized JWT tokens to access resources without authorization.

Progress in the upstream

  • Implemented abackoff manager # 87829;
  • Repair thekubectl drainA logical error in thekubernetes/kubectl#803;

You can subscribe to my official account [MoeLove] through the following QR code, click to read the original article for a better reading experience.