Container Service for Kubernetes:(Discontinued) Kubernetes 1.16 release notes

Version upgrades

Version details

• Performance optimizations

  Compared with Kubernetes 1.14, Kubernetes 1.16.6 has the following performance optimizations:

  • Optimizes PodAffinity to improve performance by about 100%.

  • Optimizes serialization operations. Improves the performance of list operations on pods by 40% and improves the performance of list operations on nodes by 30%.

  • Improves the performance of processing apply requests that involve large map objects on the server side.

  • Improves the heartbeat solution based on node leases. Reduces 50,000 lease queries sent to the API server or etcd per minute in a cluster of 8,000 nodes.

  • Dramatically speeds up the pod creation process. When it comes to creating stateless pods, which does not involve mounting volumes such as ConfigMaps or Secrets to the pods, the following optimizations are provided:

    • Both Kubernetes 1.16.6 and 1.14 meet the service level agreements (SLAs) defined by Special Interest Group (SIG) Scalability. 99% of pods can be started within 5 seconds given that images are already pulled.

    • Based on the statistics of the 1% of pod creation processes that require the longest time, Kubernetes 1.14 requires nearly 5 seconds to create a pod whereas Kubernetes 1.16.6 requires only 3 seconds under the same conditions.

  Compared with previous versions, Docker 19.03.5 has the following optimizations:

  • Adds the built-in buildkit to speed up image builds.

  • Optimizes the systemd detection logic for the runC command-line tool. Accelerates the container startup process and reduces the memory consumption of containers.

  Docker 19.03.5 has the following improvements on runtime stability:

  • Fixes the issue where pods occasionally restart when health checks are performed by using exec probes.

  • Fixes vulnerability CVE-2018-15664, which is exposed by the docker cp command.

  • Fixes the issue where Docker does not respond when a rich container that runs multiple processes exits.

  • Fixes the handle leak issue in containerd.

• Feature upgrades

  Compared with Kubernetes 1.14, Kubernetes 1.16.6 has the following important changes.

  • By default, the following API versions are not supported: extensions/v1beta1, apps/v1beta1, and apps/v1beta2. apps/v1beta1 is replaced by apps/v1. The API version used by resources defined in apps/v1beta1 is replaced by apps/v1. The API version used by DaemonSets, Deployments, and ReplicaSets defined in extensions/v1beta1 is replaced by apps/v1. The API version used by NetworkPolicies defined in extensions/v1beta1 is replaced by networking.k8s.io/v1.

    Note

    To ensure compatibility with your workloads, ACK has added support for the preceding API versions in Kubernetes 1.16.6 and will end the support in Kubernetes 1.18. We recommend that you change the API versions as soon as possible.

  • The following kubelet security control parameters are deprecated and removed: AllowPrivileged, HostNetworkSources, HostPIDSources, and HostIPCSources. Access control parameters such as PodSecurityPolicy are added for enhanced security.

  • More features have been stabilized. For example, CustomResourceDefinitions (CRDs) and admission webhooks are in general availability.

Enhancements to Kubernetes 1.16.6

References

• CHANGELOG-1.16.md

• CHANGELOG-1.15.md