Knative Serving release v0.8.1
Pre-releaseMeta
This release is our first “release candidate” for Serving v1
We are burning down remaining issues here, but barring major issues we will declare 0.9 the “v1” release of knative/serving.
Istio minimum version is now 1.1.x
In order to support #4755 we have to officially remove support for Istio 1.0.x (which is end-of-life).
Route/Service Ready actually means Ready!
Route now only reports Ready if it is accessible from the Istio Ingress. This allows users to start using a Service/Route the moment it reports Ready.
Target Burst Capacity (TBC) support
The activator can now be used to shield user services at smaller scales (not just zero!), where it will buffer requests until adequate capacity is available. This is configurable on cluster and revision level; it is currently off by default.
Migrate to knative.dev/serving
import path
We have migrated github.com/knative/serving
import paths to use knative.dev/serving
.
Autoscaling
Target Burst Capacity (TBC) support #4443, #4516, #4580, #4758 (thanks @vagababov)
The activator can now be used to shield user services at smaller scales (not just zero!), where it will buffer requests until adequate capacity is available. This is configurable on cluster and revision level; it is currently off by default.
Activator HPA and performance improvements #4886, #4772 (thanks @yanweiguo)
With the activator on the dataplane more often (for TBC), several performance and scale problems popped up. We now horizontally scale the activator on CPU, and have made several latency improvements to its request handling.
Faster Scale Down to 0 #4883, #4949, #4938, etc (thanks @vagababov)
We will now elide the scale-to-zero “grace period” when the activator was already in the request path (this is now possible through the use of “target burst capacity”).
The scale-to-zero “grace period” is now computed from the time the activator was confirmed on the data path vs. a fixed duration.
Metrics Resource #4753, #4894, #4895, #4913, #4924 (thanks @markusthoemmes)
Autoscaling metrics are now full-fledged resources in Knative, this enables new autoscalers to plug in from out-of-process.
HPA is a separate controller now #4990 (thanks @markusthoemmes)
This proves that the metrics resource model enables a fully capable autoscaler outside of the main autoscaling controller.
Stability and performance (thanks to many):
- Improvements to test flakiness
- Better validation of annotation and config maps is performed
- Autoscaler will wait for a reasonable population of metrics to be collected before scaling user pods down after it has been restarted.
Core API
Readiness probe cold-start improvements #4148, #4649, #4667, #4668, #4731 (thanks @joshrider, @shashwathi)
The queue-proxy sidecar will now evaluate both user specified readiness probes and the (default) TCP probe. This enables us to much more aggressively probe the user-provided container for readiness (vs. K8s default second granularity).
The default periodSeconds
for the readinessProbe is now 0
which enables a system defined sub-second readiness check.
This contains a breaking change for users relying on the default periodSeconds
while specifying either timeoutSeconds
or failureThreshold
. Services using these values should remove them to enable the benefits of faster probing, or they should specify a periodSeconds
greater than 0
to restore previous behavior.
Enable specifying protocol without port number #4515 (thanks @tanzeeb)
Container ports can now be specified without a port number. This allows for specifying just a name (i.e. "http1", "h2c") to select the protocol.
Tag-to-digest resolution now works with AWS ECR #4084 (thanks @jonjonshonjr)
Knative has been updated to use the new AWS credential provider to enable pulling images from AWS ECR.
Revisions annotated with serving.knative.dev/creator
#4526 (thanks @nak3)
Annotation Validations #4560, #4656, #4669, #4888, #4879, #4763 (thanks @vagababov, @markusthoemmes, @savitaashture , @shashwathi)
System annotations (autoscaling.knative.dev/*
and serving.knative.dev/*
) are now validated by the webhook for correctness and immutability (where applicable). This improves visibility to errors in annotations, and ensures annotations on Knative objects are accurate and valid.
ServiceAccountName Validation #4733, #4919 (thanks @shashwathi)
Service account names are now validated to be a valid kubernetes identifier to improve the time to error and reduce potential impact of an incorrect identifier.
Fixes
- Tag resolution for schema 1 images #4432 (thanks @jonjohnsonjr )
- Don't display user-defined template for cluster-local #4615 (thanks @duglin)
- Fix error message when multiple containers are specified #4709 (thanks @nak3)
- Update observedGeneration even when Route fails #4594 (thanks @taragu)
Tests:
- Improved header test for 'Forwarded' header #4626 (thanks @markusthoemmes)
- Reduce number of test images #4687, #4677, #4679, #4720, #4721 (thanks @markusthoemmes, @dgerd)
- Replace test.options with functional options #4762 (thanks @markusthoemmes)
Docs:
- Remove misuse of RFC2119 keywords #4550 (thanks @duglin)
- Add links to conformance tests from Runtime Contract #4428 (thanks @dgerd)
- New API Specification document docs#1642 (thanks @dgerd)
Networking
Honest Route/Service Readiness (#1582, #3312) (thanks @JRBANCEL)
Route now only reports Ready if it is accessible from the Istio Ingress. This allows users to start using a Service or Route the moment it reports Ready.
Remove cluster scoping of ClusterIngress
(#4028) (thanks @wtam)
networking.internal.knative.dev/ClusterIngress
is now replaced by networking.internal.knative.dev/Ingress
, which is a cluster-scoped resource. The ClusterIngress
resource will be removed in 0.9.
Enable visibility settings for sub-Route (#3419) (thanks @andrew-su)
Each sub Route (tags) can have their own visibility setting by labelling the corresponding placeholder K8s Service.
Correct split percentage for inactive Revisions (#882, #4755) (thanks @tcnghia)
We no longer just route to the biggest inactive split, when there are more than one inactive traffic splits. To support this fix we now officially remove support for Istio 1.0 (which was announced to be EOL).
Integration with Gloo Ingress (thanks @scottweiss and Solo.io team)
Knative-on-Gloo now has its own continuous build to ensure good integration.
Gloo now officially supports networking.internal.knative.dev/Ingress
(see #4028).
Ambassador officially announces Knative support (thanks @richarddli and Ambassador team)
Fixes
- Fix activator crash due to trailing dot in resolv.conf (#4407) (thanks @tcnghia)
- Activator to wait for active requests to drain before terminating (#4654) (thanks @vagababov)
- Fix cluster-local Service URL (#4204) (thanks @duglin)
- Remove cert-manager controller from default serving.yaml install (#4120) (thanks @ZhiminXiang)
Monitoring
Automate cold-start timing collection #2495 (thanks @greghaynes)
Record the time spent broken down into components during cold-start including “how much time is spent before we ask our deployment to scale up” and “how much time is spent before our user application begins executing”.
Dash in controller name cause metrics to be dropped #4716 (thanks @JRBANCEL)
Fixed an issue where some controller metrics were not getting into Prometheus due to invalid characters in their component names,