ACK Edge is Alibaba Cloud's cloud-edge integrated managed Kubernetes offering for edge computing, built on ACK. This topic describes changes in the Kubernetes 1.20 release of ACK Edge.
Cluster version: 1.20.11-aliyunedge.1
Deprecated in this release
Review before upgrading. The following field is deprecated.
`dnat-ports-pair` in the `edge-tunnel-server-cfg` ConfigMap
Use http-proxy-ports for HTTP or https-proxy-ports for HTTPS instead. dnat-ports-pair is retained for backward compatibility but is no longer recommended.
Component versions
| Component | Version | Notes |
|---|---|---|
| Flannel | v0.13.1.3-6838863-aliyun | |
| CoreDNS | v1.8.4 | |
| containerd | v1.4.8 | Default container runtime |
What's new
Edge node autonomy
Bug fixes:
-
Fixed edge-hub continuing to send heartbeats after kubelet stopped, causing incorrect health check results.
-
Fixed a data race when edge nodes processed many concurrent requests.
Enhancements:
-
Automatic certificate management: If the edge-hub certificate remains after a node disconnects from a cluster, it is automatically updated when the node joins a different cluster.
-
Traffic metrics endpoint: Access edge node traffic statistics at
http://127.0.0.1:10267/metrics(served by edge-hub).
Cloud node proxy
cloud-hub is now available for cloud nodes, proxying requests between cloud-side components and the API server. cloud-hub supports Service Topology, ensuring only CoreDNS resolves domain names for cloud-originating requests.
Cloud-edge O&M channel
Request forwarding improvements:
-
Requests targeting
{nodeName:Port}can now be forwarded from the cloud to edge nodes. -
Requests to
localhost endpointson edge nodes can now be forwarded from the cloud. To enable, configurelocalhost-proxy-portsin the edge-tunnel-server-cfg ConfigMap.
Port configuration:
Specify ports beyond 10250 and 10255 with these fields in the edge-tunnel-server-cfg ConfigMap:
| Field | Use for |
|---|---|
http-proxy-ports |
HTTP endpoints |
https-proxy-ports |
HTTPS endpoints |
TLS certificate auto-update:
When the edge-tunnel-server-svc IP address changes — for example, after associating a new Server Load Balancer (SLB) instance — the edge-tunnel-server TLS server certificate is automatically updated.
Add edge nodes
New options for adding edge nodes, including connecting ECS instances over an internal network. See Add an edge node.
Component release notes
-
CoreDNS v1.8.4: See CoreDNS.
-
containerd v1.4.8: See Release notes for containerd.