Patch Version Release Notes

Version 1.28

**Table 1** Release notes for the v1.28 patch
CCE Cluster Patch Version	Kubernetes Version	Feature Updates	Optimization	Vulnerability Fixing
v1.28.2-r0	v1.28.3	You can configure an ELB blocklist/trustlist for access control when creating a Service or ingress.	None	Fixed some security issues.
v1.28.1-r4	v1.28.3	None	None	Fixed CVE-2024-21626 issues.
v1.28.1-r0	v1.28.3	CCE clusters of v1.28 are released for the first time. For more information, see Kubernetes 1.28 Release Notes. The prefix and suffix of a node name can be customized in node pools. In CCE Turbo clusters, you can create container networks for workloads and specify pod subnets. LoadBalancer ingresses support gRPC. LoadBalancer Services allow you to specify a private IP address for a load balancer during Service creation using YAML.	Accelerated the startup speed for creating a large number of Kata containers in a CCE Turbo cluster. Improved the stability when Kata containers are repeatedly created or deleted in a CCE Turbo cluster.	None

Version 1.27

In CCE v1.27 and later versions, all nodes support only the containerd container engine. To migrate nodes from Docker to containerd, follow the operations described in Migrating Nodes from Docker to containerd.

**Table 2** Release notes for the v1.27 patch
CCE Cluster Patch Version	Kubernetes Version	Feature Updates	Optimization	Vulnerability Fixing
v1.27.3-r4	v1.27.4	None	None	Fixed CVE-2024-21626 issues.
v1.27.2-r0	v1.27.2	Volcano supports node pool affinity scheduling. Volcano supports workload rescheduling.	None	Fixed some security issues.
v1.27.1-r10	v1.27.2	None	Optimized the events generated during node pool scaling.	Fixed some security issues.
v1.27.1-r0	v1.27.2	CCE clusters of v1.27 are released for the first time. For more information, see Kubernetes 1.27 Release Notes. Both soft eviction and hard eviction are supported in node pool configurations.	None	None

Version 1.25

All nodes in the CCE clusters of version 1.25, except the ones running EulerOS 2.5, use containerd by default.

**Table 3** Release notes for the v1.25 patch
CCE Cluster Patch Version	Kubernetes Version	Feature Updates	Optimization	Vulnerability Fixing
v1.25.6-r4	v1.25.10	None	None	Fixed CVE-2024-21626 issues.
v1.25.5-r0	v1.25.5	Volcano supports node pool affinity scheduling. Volcano supports workload rescheduling.	None	Fixed some security issues.
v1.25.4-r10	v1.25.5	None	Optimized the events generated during node pool scaling.	Fixed some security issues.
v1.25.4-r0	v1.25.5	Both soft eviction and hard eviction are supported in node pool configurations. TMS tags can be added to automatically created EVS disks to facilitate cost management.	None	Fixed some security issues.
v1.25.3-r10	v1.25.5	The timeout interval can be configured for a load balancer.	High-frequency parameters of kube-apiserver are configurable.	Fixed some security issues.
v1.25.3-r0	v1.25.5	None	Enhanced network stability of CCE Turbo clusters when their specifications are modified.	Fixed some security issues.
v1.25.1-r0	v1.25.5	CCE clusters of v1.25 are released for the first time. For more information, see Kubernetes 1.25 Release Notes.	None	None

Version 1.23

**Table 4** Release notes for the v1.23 patch
CCE Cluster Patch Version	Kubernetes Version	Feature Updates	Optimization	Vulnerability Fixing
v1.23.11-r4	v1.23.17	None	None	Fixed CVE-2024-21626 issues.
v1.23.10-r0	v1.23.11	Volcano supports node pool affinity scheduling. Volcano supports workload rescheduling.	None	Fixed some security issues.
v1.23.9-r10	v1.23.11	None	Optimized the events generated during node pool scaling.	Fixed some security issues.
v1.23.9-r0	v1.23.11	Both soft eviction and hard eviction are supported in node pool configurations. TMS tags can be added to automatically created EVS disks to facilitate cost management.	None	Fixed some security issues.
v1.23.8-r10	v1.23.11	The timeout interval can be configured for a load balancer.	High-frequency parameters of kube-apiserver are configurable.	Fixed some security issues.
v1.23.8-r0	v1.23.11	None	Enhanced Docker reliability during upgrades. Optimized node time synchronization.	Fixed some security issues.
v1.23.5-r0	v1.23.11	Fault detection and isolation are supported on GPU nodes. Security groups can be customized by cluster. CCE Turbo clusters support ENIs pre-binding by node. containerd is supported.	Upgraded the etcd version of the master node to the Kubernetes version 3.5.6. Optimized scheduling so that pods are evenly distributed across AZs after pods are scaled in. Optimized the memory usage of kube-apiserver when CRDs are frequently updated.	Fixed some security issues and the following CVE vulnerabilities: CVE-2022-3294 CVE-2022-3162 CVE-2022-3172 CVE-2021-25749
v1.23.1-r0	v1.23.4	CCE clusters of v1.23 are released for the first time. For more information, see Kubernetes 1.23 Release Notes.	None	None

Version 1.21

**Table 5** Release notes for the v1.21 patch
CCE Cluster Patch Version	Kubernetes Version	Feature Updates	Optimization	Vulnerability Fixing
v1.21.12-r4	v1.21.14	None	None	Fixed CVE-2024-21626 issues.
v1.21.11-r20	v1.21.14	Volcano supports node pool affinity scheduling. Volcano supports workload rescheduling.	None	Fixed some security issues.
v1.21.11-r10	v1.21.14	None	Optimized the events generated during node pool scaling.	Fixed some security issues.
v1.21.11-r0	v1.21.14	Both soft eviction and hard eviction are supported in node pool configurations. TMS tags can be added to automatically created EVS disks to facilitate cost management.	None	Fixed some security issues.
v1.21.10-r10	v1.21.14	The timeout interval can be configured for a load balancer.	High-frequency parameters of kube-apiserver are configurable.	Fixed some security issues.
v1.21.10-r0	v1.21.14	None	Enhanced Docker reliability during upgrades. Optimized node time synchronization. Enhanced the stability of the Docker runtime for pulling images after nodes are restarted.	Fixed some security issues.
v1.21.7-r0	v1.21.14	Fault detection and isolation are supported on GPU nodes. Security groups can be customized by cluster. CCE Turbo clusters support ENIs pre-binding by node. Control plane logs can be collected.	Improved the stability of LoadBalancer Services/ingresses with a large number of connections.	Fixed some security issues and the following CVE vulnerabilities: CVE-2022-3294 CVE-2022-3162 CVE-2022-3172
v1.21.1-r0	v1.21.7	CCE clusters of v1.21 are released for the first time. For more information, see Kubernetes 1.21 Release Notes.	None	None

Version 1.19

**Table 6** Release notes for the v1.19 patch
CCE Cluster Patch Version	Kubernetes Version	Feature Updates	Optimization	Vulnerability Fixing
1.19.16-r84	v1.19.16	None	None	Fixed CVE-2024-21626 issues.
v1.19.16-r60	v1.19.16	Volcano supports node pool affinity scheduling. Volcano supports workload rescheduling.	None	Fixed some security issues.
v1.19.16-r50	v1.19.16	None	Optimized the events generated during node pool scaling.	Fixed some security issues.
v1.19.16-r40	v1.19.16	Both soft eviction and hard eviction are supported in node pool configurations. TMS tags can be added to automatically created EVS disks to facilitate cost management.	None	Fixed some security issues.
v1.19.16-r30	v1.19.16	The timeout interval can be configured for a load balancer.	High-frequency parameters of kube-apiserver are configurable.	Fixed some security issues.
v1.19.16-r20	v1.19.16	None	Cloud Native 2.0 Networks allow you to specify subnets for a namespace. Enhanced the stability of the Docker runtime for pulling images after nodes are restarted. Optimized the performance of CCE Turbo clusters in allocating ENIs if not all ENIs are pre-bound.	Fixed some security issues.
v1.19.16-r4	v1.19.16	Containers support SFS 3.0 for storage. Fault detection and isolation are supported on GPU nodes. Security groups can be customized by cluster. CCE Turbo clusters support ENIs pre-binding by node.	Scheduling is optimized on taint nodes. Enhanced the long-term running stability of containerd when cores are bound. Improved the stability of LoadBalancer Services/ingresses with a large number of connections. Optimized the memory usage of kube-apiserver when CRDs are frequently updated.	Fixed some security issues and the following CVE vulnerabilities: CVE-2022-3294 CVE-2022-3162 CVE-2022-3172
v1.19.16-r0	v1.19.16	None	Enhanced the stability in updating LoadBalancer Services when workloads are upgraded and nodes are scaled in or out.	Fixed some security issues and the following CVE vulnerabilities: CVE-2021-25741 CVE-2021-25737
v1.19.10-r0	v1.19.10	CCE clusters of v1.19 are released for the first time. For more information, see Kubernetes 1.19 Release Notes.	None	None

Parent topic: Cluster Overview

Previous topic: Release Notes for Kubernetes 1.9 (EOM) and Earlier Versions

Next topic: Buying a Cluster

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with the product UI

Unclear descriptions

Lack of examples or code

Incorrect steps

Can't find what I need

Lack of best practices

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel