v2.10.0

This release includes the following changes.

Deprecation / Removal

• rkt is no longer a supported container platform (#4671)
• kube-router deployment is no longer maintained and is considered unstable. Without a maintainer, it will be removed permanently.
• nginx_memory_requests has been renamed to loadbalancer_apiserver_memory_requests, nginx_cpu_requests to loadbalancer_apiserver_cpu_requests and nginx_kube_apiserver_port to loadbalancer_apiserver_port (#4480)

Major changes:

• Add support for Kubeadm experimental control plane (#4514)
• Non-master nodes no longer have label node-role.kubernetes.io/node (#4514)
• All tasks are validated by ansible-lint (#4411)
• Reworked liveness/readiness checks to speed up deploy (#4612)
• Nodelocaldns mode is enabled by default now (#4461)
• Add HAProxy as internal loadbalancer (#4480)
• Nodelocaldns was expecting to use TCP connections towards upstreams (#4492)
• Added generic CNI network plugin (#4322)

Applications

• Nginx ingress proxy now defaults to the label beta.kubernetes.io/os=linux
• Add support calico kubernetes datastore and typha (CURRENTLY NOT WORKING DUE TO #4727)
• Add an ability to provide oidc cert in base64
• Support Azure load balancer standard sku
• Install cri-tools on fedora
• Fix ipip: false in calico v3

Fixes

• Unmask Docker service in ClearLinux
• Avoid creating k8s cert dir on non-k8s nodes
• Fix runc absolute path
• Disable cloud-routes for non-cloud plugin

Component versions:

• Kubernetes v1.14.1
• Etcd 3.2.26
• Docker 18.06
• Cri-O 1.11.5
• Calico v3.4.0
• Cilium 1.3.0
• Contiv 1.2.1
• Flannel 0.11.0
• Kube-Router 0.2.5
• Multus 3.1-autoconf
• Weave 2.5.1
• CoreDNS 1.5.0
• Helm 2.13.1
• Kubernetes Dashboard v1.10.1
• Oracle OCI: v0.7.0

Known issues

• Non-master nodes can no longer set reserved labels (see kubernetes/kubernetes/#68267)
• Kube-router inter-node communication does not work
• Calico KDD does currently not work (see #4727)