Releases: knative/serving
Knative Serving release v0.5.1
Autoscaling
Bucketize autoscaling metrics by timeframe (#3289 - thanks @markusthoemmes)
Stats are averaged in each specific timeframe vs. averaged over the whole window. Fixes #2977.
Prevent double counting by the autoscaler (#3477 - thanks @hohaichi)
Let the queue report a concurrency metric for proxied requests, and the autoscaler discount this concurrency when making scaling decisions. Fixes bug (#3301).
Scrape queue-proxy metrics in autoscaler (#3149, thanks @yanweiguo)
Scrape queue-proxy metrics in autoscaler instead of pushing metrics from queue-proxy to autoscaler via websocket connection. Remove the websocket usage in queue-proxy. Fixes bugs #2203, #1927.
Bug Fixes / Cleanups
- Doc update for scale annotations lifetime (#3461 - thanks @yanweiguo) resolving bug (#2720)
- Surface events for all reconciliation failures (#3462 - thanks @mattmoor)---fixes #2941.
- Only add KPA label to a K8S service of a revision if KPA is used (#3498 - thanks @yanweiguo)---fixes #2606 (HPA and KPA controllers are getting wrong class PAs)
Core API
Surface events on reconciliation failures (thanks @mattmoor)
Changes boilerplate to surface reconciliation failures in addition to existing logging entries already in place. (#3462) which fixes bug (#2941).
Several Revision default values are now configurable (thanks @mattmoor)
A new ConfigMap in knative-serving called config-defaults enables the customization of the default CPU resource request and request timeout (#3546).
Add a url:
to Service/Route status (thanks @dgerd)
A new url:
field in the status.traffic
block of Service and Route is displayed to enable discovery of the generated URL for name:
sub-routes (#3526). This field is only present when name:
is used for a traffic target. See the url:
field for Route and Service in spec.md
More conformance tests:
- Validating user securityContext is reflected in container. (thanks @dgerd)
- This change also adds the group information to the runtime test image, but we do not validate this as 1. it is not currently part of the runtime contract and 2. Setting group is currently an alpha feature that does not work on many Kubernetes clusters. See kubernetes/enhancements#213 - (#3423)
- Validating that metadata.generateName can be used instead of metadata.name (thanks @brandone-mabey)
Bug Fixes / Cleanups:
- CPU requests is now defaulted in the webhook (thanks @mattmoor) (#3529)
- Fixed broken deploy.sh **(thanks @adrchunha) **(#3367)
- Dropped functional dependency on 'configurationMetadaraGeneration' Label **(thanks @pivotal-joshua-rider) **(#3325)
Networking
Define 'Certificate' CRD for Auto TLS (thanks @ZhiminXiang)
As part of work in #1964, define an internal CRD Certificate
to make TLS provision more pluggable by having the Certificate Controller request an SSL certificate according to the information in Certificate
object that is being created. (#3050)
Hide /quitquitquit
endpoint of queue-proxy #3279 (thanks @andrew-su)
We hide the /quitquitquit endpoint of queue-proxy, so that it can only be lameducked by the kubelet during shutdown.
GRPC streaming now works on cold start #3239 (thanks @mattmoor)
After a service is scaled-to-zero, a streaming gRPC request should return successfully.
Istio 1.0.7
Update Istio template to 1.0.7.
Health check on cold starts #2856 (thanks @mattmoor)
Activator avoids unnecessary retries by performing health-checking of Revision service after cold start.
Bug fixes / Cleanups:
- Fix the authority bug (affected GRPC) #3370 (thanks @tanzeeb)
- Eliminate the request size limit on cold start #3359 (thanks @mattmoor)
- Add Activator readiness probe for improved availability #2857 (thanks @mattmoor)
Monitoring
Write request logs from queue proxy #3561 (thanks @mdemirhan)
Queue proxy now has the ability to write request logs to stdout. This functionality already exists in Istio mesh and the reason for the duplication here is to move towards eliminating our dependency on Istio's mesh functionality.
Write request metrics from queue proxy #3596 (thanks @yanweiguo)
Queue proxy now has the ability to generate request count and latency metrics. This functionality already exists in Istio mesh and the reason for the duplication here is to move towards eliminating our dependency on Istio's mesh functionality.
Knative Serving release v0.5.0
Autoscaling
Bucketize autoscaling metrics by timeframe (#3289 - thanks @markusthoemmes)
Stats are averaged in each specific timeframe vs. averaged over the whole window. Fixes #2977.
Prevent double counting by the autoscaler (#3477 - thanks @hohaichi)
Let the queue report a concurrency metric for proxied requests, and the autoscaler discount this concurrency when making scaling decisions. Fixes bug (#3301).
Scrape queue-proxy metrics in autoscaler (#3149, thanks @yanweiguo)
Scrape queue-proxy metrics in autoscaler instead of pushing metrics from queue-proxy to autoscaler via websocket connection. Remove the websocket usage in queue-proxy. Fixes bugs #2203, #1927.
Bug Fixes / Cleanups
- Doc update for scale annotations lifetime (#3461 - thanks @yanweiguo) resolving bug (#2720)
- Surface events for all reconciliation failures (#3462 - thanks @mattmoor)---fixes #2941.
- Only add KPA label to a K8S service of a revision if KPA is used (#3498 - thanks @yanweiguo)---fixes #2606 (HPA and KPA controllers are getting wrong class PAs)
Core API
Surface events on reconciliation failures (thanks @mattmoor)
Changes boilerplate to surface reconciliation failures in addition to existing logging entries already in place. (#3462) which fixes bug (#2941).
Several Revision default values are now configurable (thanks @mattmoor)
A new ConfigMap in knative-serving called config-defaults enables the customization of the default CPU resource request and request timeout (#3546).
Add a url:
to Service/Route status (thanks @dgerd)
A new url:
field in the status.traffic
block of Service and Route is displayed to enable discovery of the generated URL for name:
sub-routes (#3526). This field is only present when name:
is used for a traffic target. See the url:
field for Route and Service in spec.md
More conformance tests:
- Validating user securityContext is reflected in container. (thanks @dgerd)
- This change also adds the group information to the runtime test image, but we do not validate this as 1. it is not currently part of the runtime contract and 2. Setting group is currently an alpha feature that does not work on many Kubernetes clusters. See kubernetes/enhancements#213 - (#3423)
- Validating that metadata.generateName can be used instead of metadata.name (thanks @brandone-mabey)
Bug Fixes / Cleanups:
- CPU requests is now defaulted in the webhook (thanks @mattmoor) (#3529)
- Fixed broken deploy.sh **(thanks @adrchunha) **(#3367)
- Dropped functional dependency on 'configurationMetadaraGeneration' Label **(thanks @pivotal-joshua-rider) **(#3325)
Networking
Define 'Certificate' CRD for Auto TLS (thanks @ZhiminXiang)
As part of work in #1964, define an internal CRD Certificate
to make TLS provision more pluggable by having the Certificate Controller request an SSL certificate according to the information in Certificate
object that is being created. (#3050)
Hide /quitquitquit
endpoint of queue-proxy #3279 (thanks @xtreme-andrew-su)
We hide the /quitquitquit endpoint of queue-proxy, so that it can only be lameducked by the kubelet during shutdown.
GRPC streaming now works on cold start #3239 (thanks @mattmoor)
After a service is scaled-to-zero, a streaming gRPC request should return successfully.
Istio 1.0.7
Update Istio template to 1.0.7.
Health check on cold starts #2856 (thanks @mattmoor)
Activator avoids unnecessary retries by performing health-checking of Revision service after cold start.
Bug fixes / Cleanups:
- Fix the authority bug (affected GRPC) #3370 (thanks @tanzeeb)
- Eliminate the request size limit on cold start #3359 (thanks @mattmoor)
- Add Activator readiness probe for improved availability #2857 (thanks @mattmoor)
Monitoring
Write request logs from queue proxy #3561 (thanks @mdemirhan)
Queue proxy now has the ability to write request logs to stdout. This functionality already exists in Istio mesh and the reason for the duplication here is to move towards eliminating our dependency on Istio's mesh functionality.
Write request metrics from queue proxy #3596 (thanks @yanweiguo)
Queue proxy now has the ability to generate request count and latency metrics. This functionality already exists in Istio mesh and the reason for the duplication here is to move towards eliminating our dependency on Istio's mesh functionality.
Knative Serving release v0.4.1
Meta
Support for ConfigMap and Secret Volumes (Sample)
We have expanded our ConfigMap and Secret support to also allow them to be mounted as volumes. This was one of one of the most commonly requested features.
HTTP2 / GRPC support (Sample)
Knative Service can now serve HTTP2 and gRPC/HTTP2. Users will need to name their container port ‘h2c’ in order to enable this feature. There is an outstanding issue with streaming RPC cold-starts (#3239), but folks are encouraged to try this out and give feedback.
Enable websocket upgrades (Sample)
We have plumbed through the various layers of Serving the ability to upgrade an inbound HTTP connection to support Websockets. (#2910, #3240)
Better preserve ConfigMap updates
Starting with this release, you should be able to simply kubectl apply -f serving.yaml
to update knative/serving. Previously this would cause problems for any ConfigMap resources customized via kubectl edit cm
, such as configuring a different default domain.
To address this large problem with updates, we have moved all of our default ConfigMap settings into our code. The ConfigMap will only contain a detailed _example: |
block outlining how to use each ConfigMap with (validated!) examples. To try this out, see kubectl edit cm -knative-serving config-autoscaler
.
Autoscaling
Cold-start improvements (thanks @greghaynes)
- Immediately send stats from activator to autoscaler (#2659)
- Immediately scale up when autoscaler gets stats from activator (#2961, #2963)
Add “throttling” to the activator (thanks @vvraskin)
The activator now throttles the traffic it sends to pods to respect the containerConcurrency
setting of the Revision. This is to avoid overloading a single pod with a low concurrency setting when a big burst of traffic is received when scaled to zero. (#3082, #3089)
Use actual pod counts in the autoscaler (thanks @yanweiguo)
This release starts using actual ready pods count to calculate scaling up rate instead of the observed pods count from queue-proxy metrics data.
Core API
Support for ConfigMap and Secret Volumes (thanks @mattmoor)
See above
Support creating Services in “release” mode (thanks @vagababov)
Starting in 0.4 you can use the sentinel string @latest
in “release” mode to send a designated portion of the main traffic to the latest ready revision stamped out by the Service’s Configuration (#2819)
Phase 2 of CRD sub-resources (thanks @dprotaso)
This release contains the second phase of CRD sub-resource adoption, which consists of three parts: start using generateName
for Revision names, stop incrementing spec.generation
on updates, and using metadata.generation
for the value of our Configuration generation label on Revisions. (#3179, knative/pkg#234, #3204)
Service captures author info in annotation (thanks @vagababov)
The email of a Service’s creator is now captured in serving.knative.dev/creator
and in subsequent updates serving.knative.dev/lastModifier
(#3213)
(Ongoing) Progress on implementing the Runtime Contract (thanks @dgerd)
We have triaged a significant backlog of issues related to Conformance (tracked here: https://github.com/knative/serving/projects/20), and started to close a number of the gaps in our Runtime Contract conformance and validation.
Build extensibility now uses “Aggregated Cluster Roles” (thanks @mattmoor)
We have split out the part of the ClusterRole that Serving defined to enable it to consume knative/build and changed Serving to use an aggregated cluster role to glue together the set of capabilities that it needs. To use
Bug Fixes / Cleanups
- Make Conditions with
Severity: Error
less scary (#3038) - Make our resources work properly when “finalizers” are present (#3036)
- Fix several “readiness” races (#2954, #2430, #2735)
- Strengthen our validation logic (#3034, #3019, #1299)
- Better support for on-cluster registries both with and without certificates (#2266)
- Consistently set
status.observedGeneration
on resource status (#3076)
Networking
Removed the Knative Istio IngressGateway (thanks @tcnghia)
This release removes the Knative Istio IngressGateway, for better compatibility with multiple versions of Istio and also reduce the number of needed LoadBalancer. Users upgrading from 0.3.0 needs to reconfigure their DNS to point to the istio-ingressgateway
Service IP address before upgrading, and remove the knative-ingressgateway
Service & Deployment.
HTTP2 / GRPC support (thanks @tanzeeb)
See above
Configurable default ClusterIngress controller (thanks @tcnghia)
This release adds an option in the config-network
ConfigMap to change the default ClusterIngress controller from Istio if another controller is available.
Default TCP ReadinessProbe for user container (thanks @markusthoemmes)
Due to Istio proxy intercepting TCP handshakes, users won’t be able to specify meaningful TCP readiness check. We folded this TCP handshake into queue-proxy health check so that even if users don’t specify any Readiness Probe, some basic TCP probe will be provided automatically.
Enable websocket upgrades (thanks @tcnghia)
See above
Bug Fixes
- More reliably clean up ClusterIngress resources (#2570)
- Support non-default cluster service domain (#2892)
- Change the Envoy
connectionTimeout
Istio uses to reduce 503s (#2988)
Monitoring
No changes in 0.4
Knative Serving release v0.4.0
Meta
Support for ConfigMap and Secret Volumes (Sample)
We have expanded our ConfigMap and Secret support to also allow them to be mounted as volumes. This was one of one of the most commonly requested features.
HTTP2 / GRPC support (Sample)
Knative Service can now serve HTTP2 and gRPC/HTTP2. Users will need to name their container port ‘h2c’ in order to enable this feature. There is an outstanding issue with streaming RPC cold-starts (#3239), but folks are encouraged to try this out and give feedback.
Enable websocket upgrades (Sample)
We have plumbed through the various layers of Serving the ability to upgrade an inbound HTTP connection to support Websockets. (#2910, #3240)
Better preserve ConfigMap updates
Starting with this release, you should be able to simply kubectl apply -f serving.yaml
to update knative/serving. Previously this would cause problems for any ConfigMap resources customized via kubectl edit cm
, such as configuring a different default domain.
To address this large problem with updates, we have moved all of our default ConfigMap settings into our code. The ConfigMap will only contain a detailed _example: |
block outlining how to use each ConfigMap with (validated!) examples. To try this out, see kubectl edit cm -knative-serving config-autoscaler
.
Autoscaling
Cold-start improvements (thanks @greghaynes)
- Immediately send stats from activator to autoscaler (#2659)
- Immediately scale up when autoscaler gets stats from activator (#2961, #2963)
Add “throttling” to the activator (thanks @vvraskin)
The activator now throttles the traffic it sends to pods to respect the containerConcurrency
setting of the Revision. This is to avoid overloading a single pod with a low concurrency setting when a big burst of traffic is received when scaled to zero. (#3082, #3089)
Use actual pod counts in the autoscaler (thanks @yanweiguo)
This release starts using actual ready pods count to calculate scaling up rate instead of the observed pods count from queue-proxy metrics data.
Core API
Support for ConfigMap and Secret Volumes (thanks @mattmoor)
See above
Support creating Services in “release” mode (thanks @vagababov)
Starting in 0.4 you can use the sentinel string @latest
in “release” mode to send a designated portion of the main traffic to the latest ready revision stamped out by the Service’s Configuration (#2819)
Phase 2 of CRD sub-resources (thanks @dprotaso)
This release contains the second phase of CRD sub-resource adoption, which consists of three parts: start using generateName
for Revision names, stop incrementing spec.generation
on updates, and using metadata.generation
for the value of our Configuration generation label on Revisions. (#3179, knative/pkg#234, #3204)
Service captures author info in annotation (thanks @vagababov)
The email of a Service’s creator is now captured in serving.knative.dev/creator
and in subsequent updates serving.knative.dev/lastModifier
(#3213)
(Ongoing) Progress on implementing the Runtime Contract (thanks @dgerd)
We have triaged a significant backlog of issues related to Conformance (tracked here: https://github.com/knative/serving/projects/20), and started to close a number of the gaps in our Runtime Contract conformance and validation.
Build extensibility now uses “Aggregated Cluster Roles” (thanks @mattmoor)
We have split out the part of the ClusterRole that Serving defined to enable it to consume knative/build and changed Serving to use an aggregated cluster role to glue together the set of capabilities that it needs. To use
Bug Fixes / Cleanups
- Make Conditions with
Severity: Error
less scary (#3038) - Make our resources work properly when “finalizers” are present (#3036)
- Fix several “readiness” races (#2954, #2430, #2735)
- Strengthen our validation logic (#3034, #3019, #1299)
- Better support for on-cluster registries both with and without certificates (#2266)
- Consistently set
status.observedGeneration
on resource status (#3076)
Networking
Removed the Knative Istio IngressGateway (thanks @tcnghia)
This release removes the Knative Istio IngressGateway, for better compatibility with multiple versions of Istio and also reduce the number of needed LoadBalancer. Users upgrading from 0.3.0 needs to reconfigure their DNS to point to the istio-ingressgateway
Service IP address before upgrading, and remove the knative-ingressgateway
Service & Deployment.
HTTP2 / GRPC support (thanks @tanzeeb)
See above
Configurable default ClusterIngress controller (thanks @tcnghia)
This release adds an option in the config-network
ConfigMap to change the default ClusterIngress controller from Istio if another controller is available.
Default TCP ReadinessProbe for user container (thanks @markusthoemmes)
Due to Istio proxy intercepting TCP handshakes, users won’t be able to specify meaningful TCP readiness check. We folded this TCP handshake into queue-proxy health check so that even if users don’t specify any Readiness Probe, some basic TCP probe will be provided automatically.
Enable websocket upgrades (thanks @tcnghia)
See above
Bug Fixes
- More reliably clean up ClusterIngress resources (#2570)
- Support non-default cluster service domain (#2892)
- Change the Envoy
connectionTimeout
Istio uses to reduce 503s (#2988)
Monitoring
No changes in 0.4
Knative Serving release v0.3.0
Meta
More regular releases
0.3 is the first release of our new schedule of releasing every 6 weeks.
This release is a smaller delta than 0.2 because of this shorter development cycle.
Kubernetes 1.11 is now required
We now use the Kubernetes /status
sub-resource support, which went Beta in K8s 1.11.
Autoscaling
More aggressive scale to zero
We will now scale Revisions down to zero pods after only 30 seconds of inactivity.
Support for HPA-class autoscaler (Kubecon Demo)
You may now opt to use the Kubernetes HPA for autoscaling Revisions, if you want to scale on CPU instead of request rate. HPA-class Revisions will not scale to zero.
Support target and window annotations for KPA-class autoscaler
You may now tune the default Knative autoscaler (KPA) with revision-level concurrency targets and different windows over which to calculate average concurrency.
Support mutable PodAutoscalers
You may now mutate PodAutoscaler specs in-place to adjust the scale bounds and other parameters. The changes will be picked up dynamically by KPA and HPA-class autoscalers.
Core API
Support of “resources” block (thanks @jszroberto)
You may now specify the resources section of a container spec to include reservations and limits on the resources your service may use. This also lets your Service gain access to GPUs, if available on your cluster.
Elide Builds for config-only changes
We will now skip the Build step of a deployment if only the configuration of a Revision changes (e.g. env var).
Revisions can now specify TimeoutSeconds
Requests that show no activity within the allotted timeout will be cancelled and respond with a 503.
Inactive isn’t failed!
Fixed an issue in 0.2 where Services, Configurations, and Revisions that were scaled to zero would appear to have failed. The “Active” condition is now treated as a purely informational condition.
A Container Port can now be specified for incoming traffic
You may now specify a single 'containerPort' to customize which port will receive request traffic. If unspecified, the default port (8080) will be assumed. As with previous releases, this value is available to the container through the environment variable '$PORT'.
More Global Resyncs
Editing the Serving ConfigMaps will now immediately trigger all existing resources to reconcile, and reflect any newly configured settings. This avoids the (up to 10 hour) delay that would otherwise exist waiting for the normal resync.
Networking
Use the default gateway istio-ingressgateway by default (@lichuqiang)
We have deprecated the Knative copy of the Istio ingress gateway.
Routes can be exposed to additional Gateways.
Routes without external domain are exposed only to local Gateways
Route that only have svc.cluster.local
domain suffix will not be exposed to Istio ingress gateway by default.
Users can set the label
serving.knative.dev/visibility=cluster-local
on a Route or Service to achieve the same effect.
Reconcile ClusterIngress' based on Ingress class annotation (@greghaynes)
ClusterIngress class annotation is taken into account when reconciling. The default ClusterIngress reconciler only reconcile when the type is Istio.
Bug fixes:
#2359 (@lichuqiang) Conflict between Routes having the same names causing issue.
#2582 (@markusthoemmes) Correct Revision Timeout meaning.
Monitoring
Metrics improvements
New metrics are added for Knative reconciler
Metric labels were renamed to be consistent across all Knative components
Knative control plane (reconciler, autoscaler & activator) metrics can now be exported to Stackdriver backend
Logging improvements
Commit id of the running build is added to the logs generated by Knative components
Knative Serving release v0.2.3
Cherry Picks
See: https://github.com/knative/serving/projects/6
Meta
Pluggability:
We have made significant progress “under the hood” encapsulating the major subsystems of knative/serving
in an effort to support pluggability (e.g. replace Istio). Our core resources now configure these subsystems: Networking, Autoscaling, and Caching via new internal APIs.
Looser Coupling:
We have spent considerable effort working to ensure that all knative components are usable in isolation, and splitting out our release artifacts into the smallest units we can. For instance, you can now install and use knative/serving
without knative/build
, and even plug in alternative Build
CRDs!
Our release now consists of:
serving.yaml
: just theknative/serving
components.build.yaml
: justknative/build
’s 0.2.0 releasemonitoring*.yaml
: a number of different configurations of our monitoring stack.istio*.yaml
: two configurations of our Istio stack, one with sidecar injection and one without.release*.yaml
: similar bundles to last release
Autoscaling
New shared autoscaler (special thanks to @glyn @markusthoemmes)
We have replaced the previous per-Revision
autoscalers with a single shared autoscaler. This autoscaler is based on the same logic as the previous autoscaler, but has evolved to be purely metrics driven (including 0->1->0
), eliminating the unnecessary Revision
servingState
field.
Introduced the ContainerConcurrency field
We have replaced ConcurrencyModel
(Single
or Multi
) with an integer ContainerConcurrency
field. This allows limiting concurrency to values other than 1 for certain use cases (e.g. limited thread pools).
- 1 is the new Single.
- 0 is the new Multi (no limit).
Example:
spec:
containerConcurrency: 1
container:
image: docker.io/{username}/helloworld-go
ContainerConcurrency
is now used to determine the autoscaler target concurrency.
Core API
Decoupled Build (special thanks to @imikushin)
Build
is no longer required to run Serving, unless you plan to use it. The old style of expressing builds inline is still supported when Build
is installed, but deprecated in favor of:
spec:
build:
apiVersion: build.knative.dev/v1alpha1
kind: Build
spec:
# What was previously directly under "build:"
In addition, alternative Build implementations may be plugged in, the only requirement is that those Build
resources indicate completion via:
status:
conditions:
- type: Succeeded
status: True | False | Unknown
Revision GC (special thanks to @greghaynes)
A Configuration
will now reclaim unroutable Revisions
based on a few criteria:
- Time since its creation
- Time since it was last observed to be routable (via
serving.knative.dev/lastPinned
annotation heartbeat) - Age (e.g. keep the last
N
) - Is it the LatestReadyRevision of the
Configuration
? - These knobs can be configured in
config/config-gc.yaml
.
Misc Features
- Service now supports the release and manual modes.
- Short names for Knative resources
- Custom columns in kubectl output (K8s 1.11+ only)
- Longer "resync" periods, with global resyncs on (some) configmap changes
- We now create
caching.internal.knative.dev/Image
resources to signal the images that are important to cache. Operators must install an extension to leverage these hints.
Networking
ClusterIngress abstraction (special thanks to @lichuqiang)
Route
no longer depends directly on VirtualService
, but an intermediate resource ClusterIngress
which could be reconciled differently for different network platforms.
Istio Updates
- Moved to Istio 1.0.2.
- Hacks & workarounds needed due to 0.8.0 bugs are removed.
- Cluster-local access to Route (through
route.ns.svc.cluster.local
name) no longer requires the istio sidecar.
Bug fixes
- #2276 Route status incorrect for named traffic targets having the same revision #2234 Activator headers getting forwarded prevent scaling from 0 (@trisberg, @scothis)
- #2046 Activator can activate the wrong Service (@markusthoemmes)
- #2043 Activator leaks metrics publicly (@scothis, @tanzeeb)
- #1931 Queue-proxy does not work with custom cluster domain (@cizixs,@arvtiwar)
- #1907 Activator retries its own requests (@markusthoemmes).
- #1637 Placeholder k8s service reconciliation doesn't take defaulter into account #1229 Activator should retry with backoff (@markusthoemmes).
- #837 Activator deal with multiple ports (@markusthoemmes).
Monitoring
The monitoring
namespace has changed to knative-monitoring
Bug fixes:
Knative Serving release v0.2.2
Cherry Picks
See: https://github.com/knative/serving/projects/6
Meta
Pluggability:
We have made significant progress “under the hood” encapsulating the major subsystems of knative/serving
in an effort to support pluggability (e.g. replace Istio). Our core resources now configure these subsystems: Networking, Autoscaling, and Caching via new internal APIs.
Looser Coupling:
We have spent considerable effort working to ensure that all knative components are usable in isolation, and splitting out our release artifacts into the smallest units we can. For instance, you can now install and use knative/serving
without knative/build
, and even plug in alternative Build
CRDs!
Our release now consists of:
serving.yaml
: just theknative/serving
components.build.yaml
: justknative/build
’s 0.2.0 releasemonitoring*.yaml
: a number of different configurations of our monitoring stack.istio*.yaml
: two configurations of our Istio stack, one with sidecar injection and one without.release*.yaml
: similar bundles to last release
Autoscaling
New shared autoscaler (special thanks to @glyn @markusthoemmes)
We have replaced the previous per-Revision
autoscalers with a single shared autoscaler. This autoscaler is based on the same logic as the previous autoscaler, but has evolved to be purely metrics driven (including 0->1->0
), eliminating the unnecessary Revision
servingState
field.
Introduced the ContainerConcurrency field
We have replaced ConcurrencyModel
(Single
or Multi
) with an integer ContainerConcurrency
field. This allows limiting concurrency to values other than 1 for certain use cases (e.g. limited thread pools).
- 1 is the new Single.
- 0 is the new Multi (no limit).
Example:
spec:
containerConcurrency: 1
container:
image: docker.io/{username}/helloworld-go
ContainerConcurrency
is now used to determine the autoscaler target concurrency.
Core API
Decoupled Build (special thanks to @imikushin)
Build
is no longer required to run Serving, unless you plan to use it. The old style of expressing builds inline is still supported when Build
is installed, but deprecated in favor of:
spec:
build:
apiVersion: build.knative.dev/v1alpha1
kind: Build
spec:
# What was previously directly under "build:"
In addition, alternative Build implementations may be plugged in, the only requirement is that those Build
resources indicate completion via:
status:
conditions:
- type: Succeeded
status: True | False | Unknown
Revision GC (special thanks to @greghaynes)
A Configuration
will now reclaim unroutable Revisions
based on a few criteria:
- Time since its creation
- Time since it was last observed to be routable (via
serving.knative.dev/lastPinned
annotation heartbeat) - Age (e.g. keep the last
N
) - Is it the LatestReadyRevision of the
Configuration
? - These knobs can be configured in
config/config-gc.yaml
.
Misc Features
- Service now supports the release and manual modes.
- Short names for Knative resources
- Custom columns in kubectl output (K8s 1.11+ only)
- Longer "resync" periods, with global resyncs on (some) configmap changes
- We now create
caching.internal.knative.dev/Image
resources to signal the images that are important to cache. Operators must install an extension to leverage these hints.
Networking
ClusterIngress abstraction (special thanks to @lichuqiang)
Route
no longer depends directly on VirtualService
, but an intermediate resource ClusterIngress
which could be reconciled differently for different network platforms.
Istio Updates
- Moved to Istio 1.0.2.
- Hacks & workarounds needed due to 0.8.0 bugs are removed.
- Cluster-local access to Route (through
route.ns.svc.cluster.local
name) no longer requires the istio sidecar.
Bug fixes
- #2276 Route status incorrect for named traffic targets having the same revision #2234 Activator headers getting forwarded prevent scaling from 0 (@trisberg, @scothis)
- #2046 Activator can activate the wrong Service (@markusthoemmes)
- #2043 Activator leaks metrics publicly (@scothis, @tanzeeb)
- #1931 Queue-proxy does not work with custom cluster domain (@cizixs,@arvtiwar)
- #1907 Activator retries its own requests (@markusthoemmes).
- #1637 Placeholder k8s service reconciliation doesn't take defaulter into account #1229 Activator should retry with backoff (@markusthoemmes).
- #837 Activator deal with multiple ports (@markusthoemmes).
Monitoring
The monitoring
namespace has changed to knative-monitoring
Bug fixes:
Knative Serving release v0.2.1
Cherry Picks
See: https://github.com/knative/serving/projects/6
Meta
Pluggability:
We have made significant progress “under the hood” encapsulating the major subsystems of knative/serving
in an effort to support pluggability (e.g. replace Istio). Our core resources now configure these subsystems: Networking, Autoscaling, and Caching via new internal APIs.
Looser Coupling:
We have spent considerable effort working to ensure that all knative components are usable in isolation, and splitting out our release artifacts into the smallest units we can. For instance, you can now install and use knative/serving
without knative/build
, and even plug in alternative Build
CRDs!
Our release now consists of:
serving.yaml
: just theknative/serving
components.build.yaml
: justknative/build
’s 0.2.0 releasemonitoring*.yaml
: a number of different configurations of our monitoring stack.istio*.yaml
: two configurations of our Istio stack, one with sidecar injection and one without.release*.yaml
: similar bundles to last release
Autoscaling
New shared autoscaler (special thanks to @glyn @markusthoemmes)
We have replaced the previous per-Revision
autoscalers with a single shared autoscaler. This autoscaler is based on the same logic as the previous autoscaler, but has evolved to be purely metrics driven (including 0->1->0
), eliminating the unnecessary Revision
servingState
field.
Introduced the ContainerConcurrency field
We have replaced ConcurrencyModel
(Single
or Multi
) with an integer ContainerConcurrency
field. This allows limiting concurrency to values other than 1 for certain use cases (e.g. limited thread pools).
- 1 is the new Single.
- 0 is the new Multi (no limit).
Example:
spec:
containerConcurrency: 1
container:
image: docker.io/{username}/helloworld-go
ContainerConcurrency
is now used to determine the autoscaler target concurrency.
Core API
Decoupled Build (special thanks to @imikushin)
Build
is no longer required to run Serving, unless you plan to use it. The old style of expressing builds inline is still supported when Build
is installed, but deprecated in favor of:
spec:
build:
apiVersion: build.knative.dev/v1alpha1
kind: Build
spec:
# What was previously directly under "build:"
In addition, alternative Build implementations may be plugged in, the only requirement is that those Build
resources indicate completion via:
status:
conditions:
- type: Succeeded
status: True | False | Unknown
Revision GC (special thanks to @greghaynes)
A Configuration
will now reclaim unroutable Revisions
based on a few criteria:
- Time since its creation
- Time since it was last observed to be routable (via
serving.knative.dev/lastPinned
annotation heartbeat) - Age (e.g. keep the last
N
) - Is it the LatestReadyRevision of the
Configuration
? - These knobs can be configured in
config/config-gc.yaml
.
Misc Features
- Service now supports the release and manual modes.
- Short names for Knative resources
- Custom columns in kubectl output (K8s 1.11+ only)
- Longer "resync" periods, with global resyncs on (some) configmap changes
- We now create
caching.internal.knative.dev/Image
resources to signal the images that are important to cache. Operators must install an extension to leverage these hints.
Networking
ClusterIngress abstraction (special thanks to @lichuqiang)
Route
no longer depends directly on VirtualService
, but an intermediate resource ClusterIngress
which could be reconciled differently for different network platforms.
Istio Updates
- Moved to Istio 1.0.2.
- Hacks & workarounds needed due to 0.8.0 bugs are removed.
- Cluster-local access to Route (through
route.ns.svc.cluster.local
name) no longer requires the istio sidecar.
Bug fixes
- #2276 Route status incorrect for named traffic targets having the same revision #2234 Activator headers getting forwarded prevent scaling from 0 (@trisberg, @scothis)
- #2046 Activator can activate the wrong Service (@markusthoemmes)
- #2043 Activator leaks metrics publicly (@scothis, @tanzeeb)
- #1931 Queue-proxy does not work with custom cluster domain (@cizixs,@arvtiwar)
- #1907 Activator retries its own requests (@markusthoemmes).
- #1637 Placeholder k8s service reconciliation doesn't take defaulter into account #1229 Activator should retry with backoff (@markusthoemmes).
- #837 Activator deal with multiple ports (@markusthoemmes).
Monitoring
The monitoring
namespace has changed to knative-monitoring
Bug fixes:
Knative Serving release v0.2.0
Meta
Pluggability:
We have made significant progress “under the hood” encapsulating the major subsystems of knative/serving
in an effort to support pluggability (e.g. replace Istio). Our core resources now configure these subsystems: Networking, Autoscaling, and Caching via new internal APIs.
Looser Coupling:
We have spent considerable effort working to ensure that all knative components are usable in isolation, and splitting out our release artifacts into the smallest units we can. For instance, you can now install and use knative/serving
without knative/build
, and even plug in alternative Build
CRDs!
Our release now consists of:
serving.yaml
: just theknative/serving
components.build.yaml
: justknative/build
’s 0.2.0 releasemonitoring*.yaml
: a number of different configurations of our monitoring stack.istio*.yaml
: two configurations of our Istio stack, one with sidecar injection and one without.release*.yaml
: similar bundles to last release
Autoscaling
New shared autoscaler (special thanks to @glyn @markusthoemmes)
We have replaced the previous per-Revision
autoscalers with a single shared autoscaler. This autoscaler is based on the same logic as the previous autoscaler, but has evolved to be purely metrics driven (including 0->1->0
), eliminating the unnecessary Revision
servingState
field.
Introduced the ContainerConcurrency field
We have replaced ConcurrencyModel
(Single
or Multi
) with an integer ContainerConcurrency
field. This allows limiting concurrency to values other than 1 for certain use cases (e.g. limited thread pools).
- 1 is the new Single.
- 0 is the new Multi (no limit).
Example:
spec:
containerConcurrency: 1
container:
image: docker.io/{username}/helloworld-go
ContainerConcurrency
is now used to determine the autoscaler target concurrency.
Core API
Decoupled Build (special thanks to @imikushin)
Build
is no longer required to run Serving, unless you plan to use it. The old style of expressing builds inline is still supported when Build
is installed, but deprecated in favor of:
spec:
build:
apiVersion: build.knative.dev/v1alpha1
kind: Build
spec:
# What was previously directly under "build:"
In addition, alternative Build implementations may be plugged in, the only requirement is that those Build
resources indicate completion via:
status:
conditions:
- type: Succeeded
status: True | False | Unknown
Revision GC (special thanks to @greghaynes)
A Configuration
will now reclaim unroutable Revisions
based on a few criteria:
- Time since its creation
- Time since it was last observed to be routable (via
serving.knative.dev/lastPinned
annotation heartbeat) - Age (e.g. keep the last
N
) - Is it the LatestReadyRevision of the
Configuration
? - These knobs can be configured in
config/config-gc.yaml
.
Misc Features
- Service now supports the release and manual modes.
- Short names for Knative resources
- Custom columns in kubectl output (K8s 1.11+ only)
- Longer "resync" periods, with global resyncs on (some) configmap changes
- We now create
caching.internal.knative.dev/Image
resources to signal the images that are important to cache. Operators must install an extension to leverage these hints.
Networking
ClusterIngress abstraction (special thanks to @lichuqiang)
Route
no longer depends directly on VirtualService
, but an intermediate resource ClusterIngress
which could be reconciled differently for different network platforms.
Istio Updates
- Moved to Istio 1.0.2.
- Hacks & workarounds needed due to 0.8.0 bugs are removed.
- Cluster-local access to Route (through
route.ns.svc.cluster.local
name) no longer requires the istio sidecar.
Bug fixes
- #2276 Route status incorrect for named traffic targets having the same revision #2234 Activator headers getting forwarded prevent scaling from 0 (@trisberg, @scothis)
- #2046 Activator can activate the wrong Service (@markusthoemmes)
- #2043 Activator leaks metrics publicly (@scothis, @tanzeeb)
- #1931 Queue-proxy does not work with custom cluster domain (@cizixs,@arvtiwar)
- #1907 Activator retries its own requests (@markusthoemmes).
- #1637 Placeholder k8s service reconciliation doesn't take defaulter into account #1229 Activator should retry with backoff (@markusthoemmes).
- #837 Activator deal with multiple ports (@markusthoemmes).
Monitoring
The monitoring
namespace has changed to knative-monitoring