Knative Serving release v0.5.1

Autoscaling

Bucketize autoscaling metrics by timeframe (#3289 - thanks @markusthoemmes)

Stats are averaged in each specific timeframe vs. averaged over the whole window. Fixes #2977.

Prevent double counting by the autoscaler (#3477 - thanks @hohaichi)

Let the queue report a concurrency metric for proxied requests, and the autoscaler discount this concurrency when making scaling decisions. Fixes bug (#3301).

Scrape queue-proxy metrics in autoscaler (#3149, thanks @yanweiguo)

Scrape queue-proxy metrics in autoscaler instead of pushing metrics from queue-proxy to autoscaler via websocket connection. Remove the websocket usage in queue-proxy. Fixes bugs #2203, #1927.

Bug Fixes / Cleanups

• Doc update for scale annotations lifetime (#3461 - thanks @yanweiguo) resolving bug (#2720)
• Surface events for all reconciliation failures (#3462 - thanks @mattmoor)---fixes #2941.
• Only add KPA label to a K8S service of a revision if KPA is used (#3498 - thanks @yanweiguo)---fixes #2606 (HPA and KPA controllers are getting wrong class PAs)

Core API

Surface events on reconciliation failures (thanks @mattmoor)

Changes boilerplate to surface reconciliation failures in addition to existing logging entries already in place. (#3462) which fixes bug (#2941).

Several Revision default values are now configurable (thanks @mattmoor)

A new ConfigMap in knative-serving called config-defaults enables the customization of the default CPU resource request and request timeout (#3546).

Add a url: to Service/Route status (thanks @dgerd)

A new url: field in the status.traffic block of Service and Route is displayed to enable discovery of the generated URL for name: sub-routes (#3526). This field is only present when name: is used for a traffic target. See the url: field for Route and Service in spec.md

More conformance tests:

• Validating user securityContext is reflected in container. (thanks @dgerd)
  • This change also adds the group information to the runtime test image, but we do not validate this as 1. it is not currently part of the runtime contract and 2. Setting group is currently an alpha feature that does not work on many Kubernetes clusters. See kubernetes/enhancements#213 - (#3423)
• Validating that metadata.generateName can be used instead of metadata.name (thanks @brandone-mabey)
  • Add testing to ensure that metadata.generateName can be used instead of metadata.name to specify names for services, routes, and configurations. (#3292) fixing (#3183)

Bug Fixes / Cleanups:

• CPU requests is now defaulted in the webhook (thanks @mattmoor) (#3529)
• Fixed broken deploy.sh **(thanks @adrchunha) **(#3367)
• Dropped functional dependency on 'configurationMetadaraGeneration' Label **(thanks @pivotal-joshua-rider) **(#3325)

Networking

Define 'Certificate' CRD for Auto TLS (thanks @ZhiminXiang)

As part of work in #1964, define an internal CRD Certificate to make TLS provision more pluggable by having the Certificate Controller request an SSL certificate according to the information in Certificate object that is being created. (#3050)

Hide /quitquitquit endpoint of queue-proxy #3279 (thanks @andrew-su)

We hide the /quitquitquit endpoint of queue-proxy, so that it can only be lameducked by the kubelet during shutdown.

GRPC streaming now works on cold start #3239 (thanks @mattmoor)

After a service is scaled-to-zero, a streaming gRPC request should return successfully.

Istio 1.0.7

Update Istio template to 1.0.7.

Health check on cold starts #2856 (thanks @mattmoor)

Activator avoids unnecessary retries by performing health-checking of Revision service after cold start.

Bug fixes / Cleanups:

• Fix the authority bug (affected GRPC) #3370 (thanks @tanzeeb)
• Eliminate the request size limit on cold start #3359 (thanks @mattmoor)
• Add Activator readiness probe for improved availability #2857 (thanks @mattmoor)

Monitoring

Write request logs from queue proxy #3561 (thanks @mdemirhan)

Queue proxy now has the ability to write request logs to stdout. This functionality already exists in Istio mesh and the reason for the duplication here is to move towards eliminating our dependency on Istio's mesh functionality.

Write request metrics from queue proxy #3596 (thanks @yanweiguo)

Queue proxy now has the ability to generate request count and latency metrics. This functionality already exists in Istio mesh and the reason for the duplication here is to move towards eliminating our dependency on Istio's mesh functionality.

Knative Serving release v0.5.0

Autoscaling

Bucketize autoscaling metrics by timeframe (#3289 - thanks @markusthoemmes)

Stats are averaged in each specific timeframe vs. averaged over the whole window. Fixes #2977.

Prevent double counting by the autoscaler (#3477 - thanks @hohaichi)

Let the queue report a concurrency metric for proxied requests, and the autoscaler discount this concurrency when making scaling decisions. Fixes bug (#3301).

Scrape queue-proxy metrics in autoscaler (#3149, thanks @yanweiguo)

Scrape queue-proxy metrics in autoscaler instead of pushing metrics from queue-proxy to autoscaler via websocket connection. Remove the websocket usage in queue-proxy. Fixes bugs #2203, #1927.

Bug Fixes / Cleanups

• Doc update for scale annotations lifetime (#3461 - thanks @yanweiguo) resolving bug (#2720)
• Surface events for all reconciliation failures (#3462 - thanks @mattmoor)---fixes #2941.
• Only add KPA label to a K8S service of a revision if KPA is used (#3498 - thanks @yanweiguo)---fixes #2606 (HPA and KPA controllers are getting wrong class PAs)

Core API

Surface events on reconciliation failures (thanks @mattmoor)

Changes boilerplate to surface reconciliation failures in addition to existing logging entries already in place. (#3462) which fixes bug (#2941).

Several Revision default values are now configurable (thanks @mattmoor)

A new ConfigMap in knative-serving called config-defaults enables the customization of the default CPU resource request and request timeout (#3546).

Add a url: to Service/Route status (thanks @dgerd)

A new url: field in the status.traffic block of Service and Route is displayed to enable discovery of the generated URL for name: sub-routes (#3526). This field is only present when name: is used for a traffic target. See the url: field for Route and Service in spec.md

More conformance tests:

• Validating user securityContext is reflected in container. (thanks @dgerd)
  • This change also adds the group information to the runtime test image, but we do not validate this as 1. it is not currently part of the runtime contract and 2. Setting group is currently an alpha feature that does not work on many Kubernetes clusters. See kubernetes/enhancements#213 - (#3423)
• Validating that metadata.generateName can be used instead of metadata.name (thanks @brandone-mabey)
  • Add testing to ensure that metadata.generateName can be used instead of metadata.name to specify names for services, routes, and configurations. (#3292) fixing (#3183)

Bug Fixes / Cleanups:

• CPU requests is now defaulted in the webhook (thanks @mattmoor) (#3529)
• Fixed broken deploy.sh **(thanks @adrchunha) **(#3367)
• Dropped functional dependency on 'configurationMetadaraGeneration' Label **(thanks @pivotal-joshua-rider) **(#3325)

Networking

Define 'Certificate' CRD for Auto TLS (thanks @ZhiminXiang)

As part of work in #1964, define an internal CRD Certificate to make TLS provision more pluggable by having the Certificate Controller request an SSL certificate according to the information in Certificate object that is being created. (#3050)

Hide /quitquitquit endpoint of queue-proxy #3279 (thanks @xtreme-andrew-su)

We hide the /quitquitquit endpoint of queue-proxy, so that it can only be lameducked by the kubelet during shutdown.

GRPC streaming now works on cold start #3239 (thanks @mattmoor)

After a service is scaled-to-zero, a streaming gRPC request should return successfully.

Istio 1.0.7

Update Istio template to 1.0.7.

Health check on cold starts #2856 (thanks @mattmoor)

Activator avoids unnecessary retries by performing health-checking of Revision service after cold start.

Bug fixes / Cleanups:

• Fix the authority bug (affected GRPC) #3370 (thanks @tanzeeb)
• Eliminate the request size limit on cold start #3359 (thanks @mattmoor)
• Add Activator readiness probe for improved availability #2857 (thanks @mattmoor)

Monitoring

Write request logs from queue proxy #3561 (thanks @mdemirhan)

Queue proxy now has the ability to write request logs to stdout. This functionality already exists in Istio mesh and the reason for the duplication here is to move towards eliminating our dependency on Istio's mesh functionality.

Write request metrics from queue proxy #3596 (thanks @yanweiguo)

Queue proxy now has the ability to generate request count and latency metrics. This functionality already exists in Istio mesh and the reason for the duplication here is to move towards eliminating our dependency on Istio's mesh functionality.

Knative Serving release v0.4.1

Meta

Support for ConfigMap and Secret Volumes (Sample)

We have expanded our ConfigMap and Secret support to also allow them to be mounted as volumes. This was one of one of the most commonly requested features.

HTTP2 / GRPC support (Sample)

Knative Service can now serve HTTP2 and gRPC/HTTP2. Users will need to name their container port ‘h2c’ in order to enable this feature. There is an outstanding issue with streaming RPC cold-starts (#3239), but folks are encouraged to try this out and give feedback.

Enable websocket upgrades (Sample)

We have plumbed through the various layers of Serving the ability to upgrade an inbound HTTP connection to support Websockets. (#2910, #3240)

Better preserve ConfigMap updates

Starting with this release, you should be able to simply kubectl apply -f serving.yaml to update knative/serving. Previously this would cause problems for any ConfigMap resources customized via kubectl edit cm, such as configuring a different default domain.
To address this large problem with updates, we have moved all of our default ConfigMap settings into our code. The ConfigMap will only contain a detailed _example: | block outlining how to use each ConfigMap with (validated!) examples. To try this out, see kubectl edit cm -knative-serving config-autoscaler.

Autoscaling

Cold-start improvements (thanks @greghaynes)

• Immediately send stats from activator to autoscaler (#2659)
• Immediately scale up when autoscaler gets stats from activator (#2961, #2963)

Add “throttling” to the activator (thanks @vvraskin)

The activator now throttles the traffic it sends to pods to respect the containerConcurrency setting of the Revision. This is to avoid overloading a single pod with a low concurrency setting when a big burst of traffic is received when scaled to zero. (#3082, #3089)

Use actual pod counts in the autoscaler (thanks @yanweiguo)

This release starts using actual ready pods count to calculate scaling up rate instead of the observed pods count from queue-proxy metrics data.

Core API

Support for ConfigMap and Secret Volumes (thanks @mattmoor)

See above

Support creating Services in “release” mode (thanks @vagababov)

Starting in 0.4 you can use the sentinel string @latest in “release” mode to send a designated portion of the main traffic to the latest ready revision stamped out by the Service’s Configuration (#2819)

Phase 2 of CRD sub-resources (thanks @dprotaso)

This release contains the second phase of CRD sub-resource adoption, which consists of three parts: start using generateName for Revision names, stop incrementing spec.generation on updates, and using metadata.generation for the value of our Configuration generation label on Revisions. (#3179, knative/pkg#234, #3204)

Service captures author info in annotation (thanks @vagababov)

The email of a Service’s creator is now captured in serving.knative.dev/creator and in subsequent updates serving.knative.dev/lastModifier (#3213)

(Ongoing) Progress on implementing the Runtime Contract (thanks @dgerd)

We have triaged a significant backlog of issues related to Conformance (tracked here: https://github.com/knative/serving/projects/20), and started to close a number of the gaps in our Runtime Contract conformance and validation.

Build extensibility now uses “Aggregated Cluster Roles” (thanks @mattmoor)

We have split out the part of the ClusterRole that Serving defined to enable it to consume knative/build and changed Serving to use an aggregated cluster role to glue together the set of capabilities that it needs. To use

Bug Fixes / Cleanups

• Make Conditions with Severity: Error less scary (#3038)
• Make our resources work properly when “finalizers” are present (#3036)
• Fix several “readiness” races (#2954, #2430, #2735)
• Strengthen our validation logic (#3034, #3019, #1299)
• Better support for on-cluster registries both with and without certificates (#2266)
• Consistently set status.observedGeneration on resource status (#3076)

Networking

Removed the Knative Istio IngressGateway (thanks @tcnghia)

This release removes the Knative Istio IngressGateway, for better compatibility with multiple versions of Istio and also reduce the number of needed LoadBalancer. Users upgrading from 0.3.0 needs to reconfigure their DNS to point to the istio-ingressgateway Service IP address before upgrading, and remove the knative-ingressgateway Service & Deployment.

HTTP2 / GRPC support (thanks @tanzeeb)

See above

Configurable default ClusterIngress controller (thanks @tcnghia)

This release adds an option in the config-network ConfigMap to change the default ClusterIngress controller from Istio if another controller is available.

Default TCP ReadinessProbe for user container (thanks @markusthoemmes)

Due to Istio proxy intercepting TCP handshakes, users won’t be able to specify meaningful TCP readiness check. We folded this TCP handshake into queue-proxy health check so that even if users don’t specify any Readiness Probe, some basic TCP probe will be provided automatically.

Enable websocket upgrades (thanks @tcnghia)

See above

Bug Fixes

• More reliably clean up ClusterIngress resources (#2570)
• Support non-default cluster service domain (#2892)
• Change the Envoy connectionTimeout Istio uses to reduce 503s (#2988)

Monitoring

No changes in 0.4

Knative Serving release v0.4.0

Meta

Support for ConfigMap and Secret Volumes (Sample)

We have expanded our ConfigMap and Secret support to also allow them to be mounted as volumes. This was one of one of the most commonly requested features.

HTTP2 / GRPC support (Sample)

Knative Service can now serve HTTP2 and gRPC/HTTP2. Users will need to name their container port ‘h2c’ in order to enable this feature. There is an outstanding issue with streaming RPC cold-starts (#3239), but folks are encouraged to try this out and give feedback.

Enable websocket upgrades (Sample)

We have plumbed through the various layers of Serving the ability to upgrade an inbound HTTP connection to support Websockets. (#2910, #3240)

Better preserve ConfigMap updates

Starting with this release, you should be able to simply kubectl apply -f serving.yaml to update knative/serving. Previously this would cause problems for any ConfigMap resources customized via kubectl edit cm, such as configuring a different default domain.
To address this large problem with updates, we have moved all of our default ConfigMap settings into our code. The ConfigMap will only contain a detailed _example: | block outlining how to use each ConfigMap with (validated!) examples. To try this out, see kubectl edit cm -knative-serving config-autoscaler.

Autoscaling

Cold-start improvements (thanks @greghaynes)

• Immediately send stats from activator to autoscaler (#2659)
• Immediately scale up when autoscaler gets stats from activator (#2961, #2963)

Add “throttling” to the activator (thanks @vvraskin)

The activator now throttles the traffic it sends to pods to respect the containerConcurrency setting of the Revision. This is to avoid overloading a single pod with a low concurrency setting when a big burst of traffic is received when scaled to zero. (#3082, #3089)

Use actual pod counts in the autoscaler (thanks @yanweiguo)

This release starts using actual ready pods count to calculate scaling up rate instead of the observed pods count from queue-proxy metrics data.

Core API

Support for ConfigMap and Secret Volumes (thanks @mattmoor)

See above

Support creating Services in “release” mode (thanks @vagababov)

Starting in 0.4 you can use the sentinel string @latest in “release” mode to send a designated portion of the main traffic to the latest ready revision stamped out by the Service’s Configuration (#2819)

Phase 2 of CRD sub-resources (thanks @dprotaso)

This release contains the second phase of CRD sub-resource adoption, which consists of three parts: start using generateName for Revision names, stop incrementing spec.generation on updates, and using metadata.generation for the value of our Configuration generation label on Revisions. (#3179, knative/pkg#234, #3204)

Service captures author info in annotation (thanks @vagababov)

The email of a Service’s creator is now captured in serving.knative.dev/creator and in subsequent updates serving.knative.dev/lastModifier (#3213)

(Ongoing) Progress on implementing the Runtime Contract (thanks @dgerd)

We have triaged a significant backlog of issues related to Conformance (tracked here: https://github.com/knative/serving/projects/20), and started to close a number of the gaps in our Runtime Contract conformance and validation.

Build extensibility now uses “Aggregated Cluster Roles” (thanks @mattmoor)

We have split out the part of the ClusterRole that Serving defined to enable it to consume knative/build and changed Serving to use an aggregated cluster role to glue together the set of capabilities that it needs. To use

Bug Fixes / Cleanups

• Make Conditions with Severity: Error less scary (#3038)
• Make our resources work properly when “finalizers” are present (#3036)
• Fix several “readiness” races (#2954, #2430, #2735)
• Strengthen our validation logic (#3034, #3019, #1299)
• Better support for on-cluster registries both with and without certificates (#2266)
• Consistently set status.observedGeneration on resource status (#3076)

Networking

Removed the Knative Istio IngressGateway (thanks @tcnghia)

This release removes the Knative Istio IngressGateway, for better compatibility with multiple versions of Istio and also reduce the number of needed LoadBalancer. Users upgrading from 0.3.0 needs to reconfigure their DNS to point to the istio-ingressgateway Service IP address before upgrading, and remove the knative-ingressgateway Service & Deployment.

HTTP2 / GRPC support (thanks @tanzeeb)

See above

Configurable default ClusterIngress controller (thanks @tcnghia)

This release adds an option in the config-network ConfigMap to change the default ClusterIngress controller from Istio if another controller is available.

Default TCP ReadinessProbe for user container (thanks @markusthoemmes)

Due to Istio proxy intercepting TCP handshakes, users won’t be able to specify meaningful TCP readiness check. We folded this TCP handshake into queue-proxy health check so that even if users don’t specify any Readiness Probe, some basic TCP probe will be provided automatically.

Enable websocket upgrades (thanks @tcnghia)

See above

Bug Fixes

• More reliably clean up ClusterIngress resources (#2570)
• Support non-default cluster service domain (#2892)
• Change the Envoy connectionTimeout Istio uses to reduce 503s (#2988)

Monitoring

No changes in 0.4

Knative Serving release v0.3.0

Meta

More regular releases

0.3 is the first release of our new schedule of releasing every 6 weeks.
This release is a smaller delta than 0.2 because of this shorter development cycle.

Kubernetes 1.11 is now required

We now use the Kubernetes /status sub-resource support, which went Beta in K8s 1.11.

Autoscaling

More aggressive scale to zero

We will now scale Revisions down to zero pods after only 30 seconds of inactivity.

Support for HPA-class autoscaler (Kubecon Demo)

You may now opt to use the Kubernetes HPA for autoscaling Revisions, if you want to scale on CPU instead of request rate. HPA-class Revisions will not scale to zero.

Support target and window annotations for KPA-class autoscaler

You may now tune the default Knative autoscaler (KPA) with revision-level concurrency targets and different windows over which to calculate average concurrency.

Support mutable PodAutoscalers

You may now mutate PodAutoscaler specs in-place to adjust the scale bounds and other parameters. The changes will be picked up dynamically by KPA and HPA-class autoscalers.

Core API

Support of “resources” block (thanks @jszroberto)

You may now specify the resources section of a container spec to include reservations and limits on the resources your service may use. This also lets your Service gain access to GPUs, if available on your cluster.

Elide Builds for config-only changes

We will now skip the Build step of a deployment if only the configuration of a Revision changes (e.g. env var).

Revisions can now specify TimeoutSeconds

Requests that show no activity within the allotted timeout will be cancelled and respond with a 503.

Inactive isn’t failed!

Fixed an issue in 0.2 where Services, Configurations, and Revisions that were scaled to zero would appear to have failed. The “Active” condition is now treated as a purely informational condition.

A Container Port can now be specified for incoming traffic

You may now specify a single 'containerPort' to customize which port will receive request traffic. If unspecified, the default port (8080) will be assumed. As with previous releases, this value is available to the container through the environment variable '$PORT'.

More Global Resyncs

Editing the Serving ConfigMaps will now immediately trigger all existing resources to reconcile, and reflect any newly configured settings. This avoids the (up to 10 hour) delay that would otherwise exist waiting for the normal resync.

Networking

Use the default gateway istio-ingressgateway by default (@lichuqiang)

We have deprecated the Knative copy of the Istio ingress gateway.
Routes can be exposed to additional Gateways.

Routes without external domain are exposed only to local Gateways

Route that only have svc.cluster.local domain suffix will not be exposed to Istio ingress gateway by default.
Users can set the label
serving.knative.dev/visibility=cluster-local on a Route or Service to achieve the same effect.

Reconcile ClusterIngress' based on Ingress class annotation (@greghaynes)

ClusterIngress class annotation is taken into account when reconciling. The default ClusterIngress reconciler only reconcile when the type is Istio.

Bug fixes:

#2359 (@lichuqiang) Conflict between Routes having the same names causing issue.
#2582 (@markusthoemmes) Correct Revision Timeout meaning.

Monitoring

Metrics improvements

New metrics are added for Knative reconciler
Metric labels were renamed to be consistent across all Knative components
Knative control plane (reconciler, autoscaler & activator) metrics can now be exported to Stackdriver backend

Logging improvements

Commit id of the running build is added to the logs generated by Knative components

Knative Serving release v0.2.3

Cherry Picks

See: https://github.com/knative/serving/projects/6

Meta

Pluggability:

We have made significant progress “under the hood” encapsulating the major subsystems of knative/serving in an effort to support pluggability (e.g. replace Istio). Our core resources now configure these subsystems: Networking, Autoscaling, and Caching via new internal APIs.

Looser Coupling:

We have spent considerable effort working to ensure that all knative components are usable in isolation, and splitting out our release artifacts into the smallest units we can. For instance, you can now install and use knative/serving without knative/build, and even plug in alternative Build CRDs!

Our release now consists of:

• serving.yaml: just the knative/serving components.
• build.yaml: just knative/build’s 0.2.0 release
• monitoring*.yaml: a number of different configurations of our monitoring stack.
• istio*.yaml: two configurations of our Istio stack, one with sidecar injection and one without.
• release*.yaml: similar bundles to last release

Autoscaling

New shared autoscaler (special thanks to @glyn @markusthoemmes)

We have replaced the previous per-Revision autoscalers with a single shared autoscaler. This autoscaler is based on the same logic as the previous autoscaler, but has evolved to be purely metrics driven (including 0->1->0), eliminating the unnecessary Revision servingState field.

Introduced the ContainerConcurrency field

We have replaced ConcurrencyModel (Single or Multi) with an integer ContainerConcurrency field. This allows limiting concurrency to values other than 1 for certain use cases (e.g. limited thread pools).

• 1 is the new Single.
• 0 is the new Multi (no limit).

Example:

spec:
  containerConcurrency: 1
  container:
    image: docker.io/{username}/helloworld-go

ContainerConcurrency is now used to determine the autoscaler target concurrency.

Core API

Decoupled Build (special thanks to @imikushin)

Build is no longer required to run Serving, unless you plan to use it. The old style of expressing builds inline is still supported when Build is installed, but deprecated in favor of:

spec:
  build:
    apiVersion: build.knative.dev/v1alpha1
    kind: Build
    spec:
      # What was previously directly under "build:"

In addition, alternative Build implementations may be plugged in, the only requirement is that those Build resources indicate completion via:

status:
  conditions:
  - type: Succeeded
    status: True | False | Unknown

Revision GC (special thanks to @greghaynes)

A Configuration will now reclaim unroutable Revisions based on a few criteria:

• Time since its creation
• Time since it was last observed to be routable (via serving.knative.dev/lastPinned annotation heartbeat)
• Age (e.g. keep the last N)
• Is it the LatestReadyRevision of the Configuration?
• These knobs can be configured in config/config-gc.yaml.

Misc Features

• Service now supports the release and manual modes.
• Short names for Knative resources
• Custom columns in kubectl output (K8s 1.11+ only)
• Longer "resync" periods, with global resyncs on (some) configmap changes
• We now create caching.internal.knative.dev/Image resources to signal the images that are important to cache. Operators must install an extension to leverage these hints.

Networking

ClusterIngress abstraction (special thanks to @lichuqiang)

Route no longer depends directly on VirtualService, but an intermediate resource ClusterIngress which could be reconciled differently for different network platforms.

Istio Updates

• Moved to Istio 1.0.2.
• Hacks & workarounds needed due to 0.8.0 bugs are removed.
• Cluster-local access to Route (through route.ns.svc.cluster.local name) no longer requires the istio sidecar.

Bug fixes

• #2276 Route status incorrect for named traffic targets having the same revision #2234 Activator headers getting forwarded prevent scaling from 0 (@trisberg, @scothis)
• #2046 Activator can activate the wrong Service (@markusthoemmes)
• #2043 Activator leaks metrics publicly (@scothis, @tanzeeb)
• #1931 Queue-proxy does not work with custom cluster domain (@cizixs,@arvtiwar)
• #1907 Activator retries its own requests (@markusthoemmes).
• #1637 Placeholder k8s service reconciliation doesn't take defaulter into account #1229 Activator should retry with backoff (@markusthoemmes).
• #837 Activator deal with multiple ports (@markusthoemmes).

Monitoring

The monitoring namespace has changed to knative-monitoring

Bug fixes:

• #2255 Zipkin install without Elasticsearch
• #2201 Add service label to revisions (@pivotal-nader-ziada)
• #1474 Switch the fluentd configmap to one-per-Revision

Knative Serving release v0.2.2

Cherry Picks

See: https://github.com/knative/serving/projects/6

Meta

Pluggability:

We have made significant progress “under the hood” encapsulating the major subsystems of knative/serving in an effort to support pluggability (e.g. replace Istio). Our core resources now configure these subsystems: Networking, Autoscaling, and Caching via new internal APIs.

Looser Coupling:

We have spent considerable effort working to ensure that all knative components are usable in isolation, and splitting out our release artifacts into the smallest units we can. For instance, you can now install and use knative/serving without knative/build, and even plug in alternative Build CRDs!

Our release now consists of:

• serving.yaml: just the knative/serving components.
• build.yaml: just knative/build’s 0.2.0 release
• monitoring*.yaml: a number of different configurations of our monitoring stack.
• istio*.yaml: two configurations of our Istio stack, one with sidecar injection and one without.
• release*.yaml: similar bundles to last release

Autoscaling

New shared autoscaler (special thanks to @glyn @markusthoemmes)

We have replaced the previous per-Revision autoscalers with a single shared autoscaler. This autoscaler is based on the same logic as the previous autoscaler, but has evolved to be purely metrics driven (including 0->1->0), eliminating the unnecessary Revision servingState field.

Introduced the ContainerConcurrency field

We have replaced ConcurrencyModel (Single or Multi) with an integer ContainerConcurrency field. This allows limiting concurrency to values other than 1 for certain use cases (e.g. limited thread pools).

• 1 is the new Single.
• 0 is the new Multi (no limit).

Example:

spec:
  containerConcurrency: 1
  container:
    image: docker.io/{username}/helloworld-go

ContainerConcurrency is now used to determine the autoscaler target concurrency.

Core API

Decoupled Build (special thanks to @imikushin)

Build is no longer required to run Serving, unless you plan to use it. The old style of expressing builds inline is still supported when Build is installed, but deprecated in favor of:

spec:
  build:
    apiVersion: build.knative.dev/v1alpha1
    kind: Build
    spec:
      # What was previously directly under "build:"

In addition, alternative Build implementations may be plugged in, the only requirement is that those Build resources indicate completion via:

status:
  conditions:
  - type: Succeeded
    status: True | False | Unknown

Revision GC (special thanks to @greghaynes)

A Configuration will now reclaim unroutable Revisions based on a few criteria:

• Time since its creation
• Time since it was last observed to be routable (via serving.knative.dev/lastPinned annotation heartbeat)
• Age (e.g. keep the last N)
• Is it the LatestReadyRevision of the Configuration?
• These knobs can be configured in config/config-gc.yaml.

Misc Features

• Service now supports the release and manual modes.
• Short names for Knative resources
• Custom columns in kubectl output (K8s 1.11+ only)
• Longer "resync" periods, with global resyncs on (some) configmap changes
• We now create caching.internal.knative.dev/Image resources to signal the images that are important to cache. Operators must install an extension to leverage these hints.

Networking

ClusterIngress abstraction (special thanks to @lichuqiang)

Route no longer depends directly on VirtualService, but an intermediate resource ClusterIngress which could be reconciled differently for different network platforms.

Istio Updates

• Moved to Istio 1.0.2.
• Hacks & workarounds needed due to 0.8.0 bugs are removed.
• Cluster-local access to Route (through route.ns.svc.cluster.local name) no longer requires the istio sidecar.

Bug fixes

• #2276 Route status incorrect for named traffic targets having the same revision #2234 Activator headers getting forwarded prevent scaling from 0 (@trisberg, @scothis)
• #2046 Activator can activate the wrong Service (@markusthoemmes)
• #2043 Activator leaks metrics publicly (@scothis, @tanzeeb)
• #1931 Queue-proxy does not work with custom cluster domain (@cizixs,@arvtiwar)
• #1907 Activator retries its own requests (@markusthoemmes).
• #1637 Placeholder k8s service reconciliation doesn't take defaulter into account #1229 Activator should retry with backoff (@markusthoemmes).
• #837 Activator deal with multiple ports (@markusthoemmes).

Monitoring

The monitoring namespace has changed to knative-monitoring

Bug fixes:

• #2255 Zipkin install without Elasticsearch
• #2201 Add service label to revisions (@pivotal-nader-ziada)
• #1474 Switch the fluentd configmap to one-per-Revision

Knative Serving release v0.2.1

Cherry Picks

See: https://github.com/knative/serving/projects/6

Meta

Pluggability:

We have made significant progress “under the hood” encapsulating the major subsystems of knative/serving in an effort to support pluggability (e.g. replace Istio). Our core resources now configure these subsystems: Networking, Autoscaling, and Caching via new internal APIs.

Looser Coupling:

We have spent considerable effort working to ensure that all knative components are usable in isolation, and splitting out our release artifacts into the smallest units we can. For instance, you can now install and use knative/serving without knative/build, and even plug in alternative Build CRDs!

Our release now consists of:

• serving.yaml: just the knative/serving components.
• build.yaml: just knative/build’s 0.2.0 release
• monitoring*.yaml: a number of different configurations of our monitoring stack.
• istio*.yaml: two configurations of our Istio stack, one with sidecar injection and one without.
• release*.yaml: similar bundles to last release

Autoscaling

New shared autoscaler (special thanks to @glyn @markusthoemmes)

We have replaced the previous per-Revision autoscalers with a single shared autoscaler. This autoscaler is based on the same logic as the previous autoscaler, but has evolved to be purely metrics driven (including 0->1->0), eliminating the unnecessary Revision servingState field.

Introduced the ContainerConcurrency field

We have replaced ConcurrencyModel (Single or Multi) with an integer ContainerConcurrency field. This allows limiting concurrency to values other than 1 for certain use cases (e.g. limited thread pools).

• 1 is the new Single.
• 0 is the new Multi (no limit).

Example:

spec:
  containerConcurrency: 1
  container:
    image: docker.io/{username}/helloworld-go

ContainerConcurrency is now used to determine the autoscaler target concurrency.

Core API

Decoupled Build (special thanks to @imikushin)

Build is no longer required to run Serving, unless you plan to use it. The old style of expressing builds inline is still supported when Build is installed, but deprecated in favor of:

spec:
  build:
    apiVersion: build.knative.dev/v1alpha1
    kind: Build
    spec:
      # What was previously directly under "build:"

In addition, alternative Build implementations may be plugged in, the only requirement is that those Build resources indicate completion via:

status:
  conditions:
  - type: Succeeded
    status: True | False | Unknown

Revision GC (special thanks to @greghaynes)

A Configuration will now reclaim unroutable Revisions based on a few criteria:

• Time since its creation
• Time since it was last observed to be routable (via serving.knative.dev/lastPinned annotation heartbeat)
• Age (e.g. keep the last N)
• Is it the LatestReadyRevision of the Configuration?
• These knobs can be configured in config/config-gc.yaml.

Misc Features

• Service now supports the release and manual modes.
• Short names for Knative resources
• Custom columns in kubectl output (K8s 1.11+ only)
• Longer "resync" periods, with global resyncs on (some) configmap changes
• We now create caching.internal.knative.dev/Image resources to signal the images that are important to cache. Operators must install an extension to leverage these hints.

Networking

ClusterIngress abstraction (special thanks to @lichuqiang)

Route no longer depends directly on VirtualService, but an intermediate resource ClusterIngress which could be reconciled differently for different network platforms.

Istio Updates

• Moved to Istio 1.0.2.
• Hacks & workarounds needed due to 0.8.0 bugs are removed.
• Cluster-local access to Route (through route.ns.svc.cluster.local name) no longer requires the istio sidecar.

Bug fixes

• #2276 Route status incorrect for named traffic targets having the same revision #2234 Activator headers getting forwarded prevent scaling from 0 (@trisberg, @scothis)
• #2046 Activator can activate the wrong Service (@markusthoemmes)
• #2043 Activator leaks metrics publicly (@scothis, @tanzeeb)
• #1931 Queue-proxy does not work with custom cluster domain (@cizixs,@arvtiwar)
• #1907 Activator retries its own requests (@markusthoemmes).
• #1637 Placeholder k8s service reconciliation doesn't take defaulter into account #1229 Activator should retry with backoff (@markusthoemmes).
• #837 Activator deal with multiple ports (@markusthoemmes).

Monitoring

The monitoring namespace has changed to knative-monitoring

Bug fixes:

• #2255 Zipkin install without Elasticsearch
• #2201 Add service label to revisions (@pivotal-nader-ziada)
• #1474 Switch the fluentd configmap to one-per-Revision

Knative Serving release v0.2.0

Meta

Pluggability:

We have made significant progress “under the hood” encapsulating the major subsystems of knative/serving in an effort to support pluggability (e.g. replace Istio). Our core resources now configure these subsystems: Networking, Autoscaling, and Caching via new internal APIs.

Looser Coupling:

We have spent considerable effort working to ensure that all knative components are usable in isolation, and splitting out our release artifacts into the smallest units we can. For instance, you can now install and use knative/serving without knative/build, and even plug in alternative Build CRDs!

Our release now consists of:

• serving.yaml: just the knative/serving components.
• build.yaml: just knative/build’s 0.2.0 release
• monitoring*.yaml: a number of different configurations of our monitoring stack.
• istio*.yaml: two configurations of our Istio stack, one with sidecar injection and one without.
• release*.yaml: similar bundles to last release

Autoscaling

New shared autoscaler (special thanks to @glyn @markusthoemmes)

We have replaced the previous per-Revision autoscalers with a single shared autoscaler. This autoscaler is based on the same logic as the previous autoscaler, but has evolved to be purely metrics driven (including 0->1->0), eliminating the unnecessary Revision servingState field.

Introduced the ContainerConcurrency field

We have replaced ConcurrencyModel (Single or Multi) with an integer ContainerConcurrency field. This allows limiting concurrency to values other than 1 for certain use cases (e.g. limited thread pools).

• 1 is the new Single.
• 0 is the new Multi (no limit).

Example:

spec:
  containerConcurrency: 1
  container:
    image: docker.io/{username}/helloworld-go

ContainerConcurrency is now used to determine the autoscaler target concurrency.

Core API

Decoupled Build (special thanks to @imikushin)

Build is no longer required to run Serving, unless you plan to use it. The old style of expressing builds inline is still supported when Build is installed, but deprecated in favor of:

spec:
  build:
    apiVersion: build.knative.dev/v1alpha1
    kind: Build
    spec:
      # What was previously directly under "build:"

In addition, alternative Build implementations may be plugged in, the only requirement is that those Build resources indicate completion via:

status:
  conditions:
  - type: Succeeded
    status: True | False | Unknown

Revision GC (special thanks to @greghaynes)

A Configuration will now reclaim unroutable Revisions based on a few criteria:

• Time since its creation
• Time since it was last observed to be routable (via serving.knative.dev/lastPinned annotation heartbeat)
• Age (e.g. keep the last N)
• Is it the LatestReadyRevision of the Configuration?
• These knobs can be configured in config/config-gc.yaml.

Misc Features

• Service now supports the release and manual modes.
• Short names for Knative resources
• Custom columns in kubectl output (K8s 1.11+ only)
• Longer "resync" periods, with global resyncs on (some) configmap changes
• We now create caching.internal.knative.dev/Image resources to signal the images that are important to cache. Operators must install an extension to leverage these hints.

Networking

ClusterIngress abstraction (special thanks to @lichuqiang)

Route no longer depends directly on VirtualService, but an intermediate resource ClusterIngress which could be reconciled differently for different network platforms.

Istio Updates

• Moved to Istio 1.0.2.
• Hacks & workarounds needed due to 0.8.0 bugs are removed.
• Cluster-local access to Route (through route.ns.svc.cluster.local name) no longer requires the istio sidecar.

Bug fixes

• #2276 Route status incorrect for named traffic targets having the same revision #2234 Activator headers getting forwarded prevent scaling from 0 (@trisberg, @scothis)
• #2046 Activator can activate the wrong Service (@markusthoemmes)
• #2043 Activator leaks metrics publicly (@scothis, @tanzeeb)
• #1931 Queue-proxy does not work with custom cluster domain (@cizixs,@arvtiwar)
• #1907 Activator retries its own requests (@markusthoemmes).
• #1637 Placeholder k8s service reconciliation doesn't take defaulter into account #1229 Activator should retry with backoff (@markusthoemmes).
• #837 Activator deal with multiple ports (@markusthoemmes).

Monitoring

The monitoring namespace has changed to knative-monitoring

Bug fixes:

• #2255 Zipkin install without Elasticsearch
• #2201 Add service label to revisions (@pivotal-nader-ziada)
• #1474 Switch the fluentd configmap to one-per-Revision

v0.1.1

Fixes:

• Lowercase header names to fix validation with Istio 1.0.
• Update shared gateway TLS setting to work with Istio 1.0 validation.
• Update to Build v0.1.1 so that things work with containerd.