Releases: kubeflow/manifests
Releases ยท kubeflow/manifests
Kubeflow AI reference platform 1.11.0
This release supports Kubernetes 1.33+ and transparently switches from MinIO to Seaweedfs as S3 storage. Please backup and restore any data that you have on MinIO if needed. Please be aware of the tested and recommended Kustomize version 5.7.1.
Highlights:
- Massive scalability improvements that should allow you to scale to 1000+ users/profiles/namespaces
- By default namespaces/profiles have zero pod overhead now, so you save 2x number of namespaces pods.
- By default the Istio service mesh is pruned to save Terabytes of Istio sidecar memory and network traffic on very large clusters #3206
- S3 storage with hard multi-tenancy and per namespace credentials. Limitations of kubeflow/pipelines#12373 and kubeflow/pipelines#9889 still apply. See also https://blog.kubeflow.org/gsoc/community/kubeflow/2025/09/06/kubeflow-and-gsoc2025.html#project-1-kubeflow-platform-enhancements for more information.
- PodSecurityStandards restricted is enforced for all system namespaces. PodSecurityStandards baseline is enforced for user namespaces https://kubernetes.io/docs/concepts/security/pod-security-standards/
- Automatic tests/documentation for exposing Kserve inference services with authentication inside and outside of the cluster https://github.com/kubeflow/manifests/blob/v1.11-branch/.github/workflows/katib_test.yaml
- Experimental helm charts development has started https://github.com/kubeflow/manifests/tree/v1.11-branch/experimental/helm/charts
- Typical resource consumption per component https://github.com/kubeflow/manifests/tree/v1.11-branch#kubeflow-version-master
- KFP 2.15.0 (still supports V1 pipelines and the 1.8.23 SDK), Trainer 2.1.0, Training Operator 1.9.2, Katib 0.19.0, KServe 0.15.2, Kserve models web application 0.15.0, Spark operator 2.4.0, Model Registry 0.3.4, Istio 1.28.0, DEX 2.44, OAuth2-Proxy 7.13
- Network Policies for the namespaces knative-serving oauth2-proxy cert-manager istio-system auth by @kunal-511 in #3228
- Massive test improvements across repositories which should lead to significantly higher quality releases.
- So far this release has been tested on Kind, AKS and GKE (with GKE specific istio overlay), but should also work on EKS, Rancher and many other Kubernetes clusters.
Candidates for 1.11.1 / 1.12.0:
- enable model-registry by default
- kubeflow/dashboard update after repository migration kubeflow/dashboard#125
- kubeflow/notebooks update for v1 kubeflow/notebooks#572 or v2 preview
- Kserve 0.16.0 https://github.com/kserve/kserve/releases/tag/v0.16.0, #3290
- Potential Katib regression kubeflow/katib#2597
Changes
- Fix PSS restricted warnings for kubeflow components by @akagami-harsh in #3050
- Helm Charts Katib by @kunal-511 in #3168
- Switch to large oracle runners by @juliusvonkohout in #3189
- Update dex manifests v2.43.1 by @kunal-511 in #3193
- Update oauth2 proxy manifests v7.10.0 by @kunal-511 in #3194
- add architecture by @juliusvonkohout in #3192
- kserve enforce authentication by @madmecodes in #3180
- Update kubeflow/spark-operator manifests to 2.3.0 by @juliusvonkohout in #3201
- PSS restricted for static namespaces by @juliusvonkohout in #3190
- Update test.sh by @juliusvonkohout in #3202
- dynamic PSS baseline by @juliusvonkohout in #3204
- Update kubeflow/model-registry manifests from v0.2.21 by @tarilabs in #3195
- kfp 1.8.23 by @juliusvonkohout in #3210
- Synchronize kubeflow pipelines manifests 2.14.0 by @juliusvonkohout in #3211
- Helm charts Kserve Models Web App by @kunal-511 in #3183
- Synchronize trainer manifests 2.0 by @kunal-511 in #3181
- Update trivy_scan.py by @juliusvonkohout in #3218
- Add missing resource constraint for training operator by @kunal-511 in #3222
- Update kubeflow/model-registry manifests from v0.2.22 by @tarilabs in #3216
- TrainJob support to Katib Trial Templates by @ram4444 in #3199
- Limit Istio Sidecar Scope to reduce memory usage by @madmecodes in #3206
- Update kserve_test.yaml by @juliusvonkohout in #3221
- Add documentation for Kubeflow Pipelines Kubernetes Native API mode by @VaniHaripriya in #3209
- doc: fix ordering of individual install steps by @andyatmiami in #3226
- Merge PSS_baseline and PSS_restricted by @kunal-511 in #3220
- Update cluster-roles.yaml by @juliusvonkohout in #3229
- Deny All Network Policies for the namespaces knative-serving oauth2-proxy cert-manager istio-system auth by @kunal-511 in #3228
- Update istio to 1.27.0 by @kunal-511 in #3230
- Update kubeflow/model-registry manifests from v0.3.0 by @tarilabs in #3231
- Make Helm Comparision Tests Non Blocking by @kunal-511 in #3234
- bitnami deprecation by @juliusvonkohout in #3235
- Default to SeaweedFS instead of MinIO by @akagami-harsh in #3240
- fix-ml-pipeline-ui-mtls by @jholt96 in #3236
- Update kubeflow/pipelines manifests from 2.14.0 to 2.14.3 by @akagami-harsh in #3242
- Add Katib Test File by @kunal-511 in #3243
- Remove the unnecessary step from end to end test by @kunal-511 in #3249
- Notebook Controller Helm Charts by @kunal-511 in #3219
- Synchronize kserve models web app manifests v0.15.0 by @juliusvonkohout in #3250
- Add VirtualService conflict troubleshooting for KServe path-based Routing by @madmecodes in #3247
- kserve models web app helm charts v0.15.0 by @kunal-511 in #3252
- feat: GitHub Actions workflow to test the KServe Models Web Application by @LogicalGuy77 in #3253
- Update doc for Dex Known Issues by @NJ3rsey in #3256
- Tests for Model Catalog by @kunal-511 in #3262
- Update kubeflow/model-registry manifests from v0.3.2 by @tarilabs in #3259
- Modify version options in issue-report.yml by @juliusvonkohout in #3267
- update troubleshooting for kserve path based routing by @hahahannes in #3264
- Update deprecated MinIO Image by @juliusvonkohout in #3271
- Update kubeflow/model-registry manifests from v0.3.3 by @Al-Pragliola in #3273
- Feature: Add Istio Ambient Mode Support via Overlay Method by @madmecodes in #3246
- Fix: consolidate multiple kserve test workflows into a single job by @madmecodes in #3254
- Update synchronize istio to include ztunnel support by @kunal-511 in #3274
- Update Dex Login Test by @kunal-511 in #3277
- Upgrade istio to v.1.28.0 by @juliusvonkohout in #3276
- Add fsGroup to seaweedfs by @juliusvonkohout in #3279
- Synchronize kubeflow pipelines manifests 2.15.0 by @juliusvonkohout in #3283
- Synchronize trainer manifests v2.1.0 by @juliusvonkohout in #3282
- update kfp sdk to 2.15.1 by @juliusvonkohout in #3285
- Add fsGroup and fsGroupChangePolicy to deployment by @juliusvonkohout in #3286
- Update kubeflow/spark-operator manifests to 2.4.0 by @juliusvonkohout in #3289
- Synchronize katib manifests v0.19.0 by @juliusvonkohout in #3288
- Update kserve/kserve manifests from v0.15.2 by @juliusvonkohout in #3291
- update dex and oauth2-proxy by @juliusvonkohout in #3292
- KFP SDK 2.15.2 by @juliusvonkohout in #3295
- kustomize fixes by @juliusvonkohout in #3300
- Enhance security context for cache-deployer by @julius...
Contributors
tarilabs, ram4444, and 13 other contributors
Assets 2
Kubeflow AI reference platform v1.11.0-rc.1
This pre-release supports Kubernetes 1.33+ and transparently switches from Minio to seaweedfs as S3 storage. Please backup and restore any data that you have on MinIO if needed. Please try it out and provide development feedback.
Highlights:
- Massive scalability improvements that should allow you to scale to 1000+ users/profies/namespaces
- By default namespaces/profiles have zero pod overhead now, so you save 2x number of namespaces pods.
- By default the Istio service mesh is pruned to save Terabytes of Istio sidecar memory and network traffic on very large clusters #3206
- S3 storage with hard multi-tenancy and per namespace credentials. Limitations of kubeflow/pipelines#12373 and kubeflow/pipelines#9889 still apply. See also https://blog.kubeflow.org/gsoc/community/kubeflow/2025/09/06/kubeflow-and-gsoc2025.html#project-1-kubeflow-platform-enhancements for more information.
- PodSecurityStandards restricted is enforced for all system namespaces. PodSecurityStandards baseline is enforced for user namespaces https://kubernetes.io/docs/concepts/security/pod-security-standards/
- Automatic tests/documentation for exposing Kserve inference services with authentication inside and outside of the cluster https://github.com/kubeflow/manifests/blob/v1.11-branch/.github/workflows/katib_test.yaml
- Experimental helm charts development has started https://github.com/kubeflow/manifests/tree/v1.11-branch/experimental/helm/charts
- Typical resource consumption per component https://github.com/kubeflow/manifests/tree/v1.11-branch#kubeflow-version-master
- KFP 2.15.0 (still supports V1 pipelines and the 1.8.23 SDK), Trainer 2.1.0, Training Operator 1.9.2, Katib 0.19.0, KServe 0.15.2, Kserve models web application 0.15.0, Spark operator 2.4.0, Istio 1.28.0, DEX 2.44, OAuth2-Proxy 7.13
- Network Policies for the namespaces knative-serving oauth2-proxy cert-manager istio-system auth by @kunal-511 in #3228
- Massive test improvements across repositories which should lead to significantly higher quality releases.
- So far this release was tested on Kind and GKE (with GKE specific istio overlay), but should also work on AKS, EKS, Rancher and many other Kubernetes clusters.
TODO: Kserve 0.16.0 https://github.com/kserve/kserve/releases/tag/v0.16.0, #3290
Probably 1.11.1 / 1.12.0:
- enable model-registry by default
- default to trainer instead of training-operator
- kubeflow/dashboard update after repository migration kubeflow/dashboard#125
- kubeflow/notebooks update for v1 kubeflow/notebooks#572 or v2 preview
Changes
- Fix PSS restricted warnings for kubeflow components by @akagami-harsh in #3050
- Helm Charts Katib by @kunal-511 in #3168
- Switch to large oracle runners by @juliusvonkohout in #3189
- Update dex manifests v2.43.1 by @kunal-511 in #3193
- Update oauth2 proxy manifests v7.10.0 by @kunal-511 in #3194
- add architecture by @juliusvonkohout in #3192
- kserve enforce authentication by @madmecodes in #3180
- Update kubeflow/spark-operator manifests to 2.3.0 by @juliusvonkohout in #3201
- PSS restricted for static namespaces by @juliusvonkohout in #3190
- Update test.sh by @juliusvonkohout in #3202
- dynamic PSS baseline by @juliusvonkohout in #3204
- Update kubeflow/model-registry manifests from v0.2.21 by @tarilabs in #3195
- kfp 1.8.23 by @juliusvonkohout in #3210
- Synchronize kubeflow pipelines manifests 2.14.0 by @juliusvonkohout in #3211
- Helm charts Kserve Models Web App by @kunal-511 in #3183
- Synchronize trainer manifests 2.0 by @kunal-511 in #3181
- Update trivy_scan.py by @juliusvonkohout in #3218
- Add missing resource constraint for training operator by @kunal-511 in #3222
- Update kubeflow/model-registry manifests from v0.2.22 by @tarilabs in #3216
- TrainJob support to Katib Trial Templates by @ram4444 in #3199
- Limit Istio Sidecar Scope to reduce memory usage by @madmecodes in #3206
- Update kserve_test.yaml by @juliusvonkohout in #3221
- Add documentation for Kubeflow Pipelines Kubernetes Native API mode by @VaniHaripriya in #3209
- doc: fix ordering of individual install steps by @andyatmiami in #3226
- Merge PSS_baseline and PSS_restricted by @kunal-511 in #3220
- Update cluster-roles.yaml by @juliusvonkohout in #3229
- Deny All Network Policies for the namespaces knative-serving oauth2-proxy cert-manager istio-system auth by @kunal-511 in #3228
- Update istio to 1.27.0 by @kunal-511 in #3230
- Update kubeflow/model-registry manifests from v0.3.0 by @tarilabs in #3231
- Make Helm Comparision Tests Non Blocking by @kunal-511 in #3234
- bitnami deprecation by @juliusvonkohout in #3235
- Default to SeaweedFS instead of MinIO by @akagami-harsh in #3240
- fix-ml-pipeline-ui-mtls by @jholt96 in #3236
- Update kubeflow/pipelines manifests from 2.14.0 to 2.14.3 by @akagami-harsh in #3242
- Add Katib Test File by @kunal-511 in #3243
- Remove the unnecessary step from end to end test by @kunal-511 in #3249
- Notebook Controller Helm Charts by @kunal-511 in #3219
- Synchronize kserve models web app manifests v0.15.0 by @juliusvonkohout in #3250
- Add VirtualService conflict troubleshooting for KServe path-based Routing by @madmecodes in #3247
- kserve models web app helm charts v0.15.0 by @kunal-511 in #3252
- feat: GitHub Actions workflow to test the KServe Models Web Application by @LogicalGuy77 in #3253
- Update doc for Dex Known Issues by @NJ3rsey in #3256
- Tests for Model Catalog by @kunal-511 in #3262
- Update kubeflow/model-registry manifests from v0.3.2 by @tarilabs in #3259
- Modify version options in issue-report.yml by @juliusvonkohout in #3267
- update troubleshooting for kserve path based routing by @hahahannes in #3264
- Update deprecated MinIO Image by @juliusvonkohout in #3271
- Update kubeflow/model-registry manifests from v0.3.3 by @Al-Pragliola in #3273
- Feature: Add Istio Ambient Mode Support via Overlay Method by @madmecodes in #3246
- Fix: consolidate multiple kserve test workflows into a single job by @madmecodes in #3254
- Update synchronize istio to include ztunnel support by @kunal-511 in #3274
- Update Dex Login Test by @kunal-511 in #3277
- Upgrade istio to v.1.28.0 by @juliusvonkohout in #3276
- Add fsGroup to seaweedfs by @juliusvonkohout in #3279
- Synchronize kubeflow pipelines manifests 2.15.0 by @juliusvonkohout in #3283
- Synchronize trainer manifests v2.1.0 by @juliusvonkohout in #3282
- update kfp sdk to 2.15.1 by @juliusvonkohout in #3285
- Add fsGroup and fsGroupChangePolicy to deployment by @juliusvonkohout in #3286
- Update kubeflow/spark-operator manifests to 2.4.0 by @juliusvonkohout in #3289
- Synchronize katib manifests v0.19.0 by @juliusvonkohout in #3288
- Update kserve/kserve manifests from v0.15.2 by @juliusvonkohout in #3291
- update dex and oauth2-proxy by @juliusvonkohout in #3292
New Contributors
- @ram4444 made his first contribution in #3199
- @VaniHaripriya made her first contribution in #3209
- @andyatmiami made his first contribution in #3226...
Contributors
tarilabs, ram4444, and 11 other contributors
Assets 2
Kubeflow AI reference platform 1.11.0-rc.0
This pre-release supports Kubernetes 1.33+ and transparently switches from Minio to seaweedfs as S3 storage. Please backup and restore any data that you have on MinIO if needed. Please try it out and provide development feedback.
Highlights:
- Massive scalability improvements that should allow you to scale to 1000+ users/profies/namespaces
- By default namespaces/profiles have zero pod overhead now, so you save 2x number of namespaces pods.
- By default the Istio service mesh is pruned to save Terabytes of Istio sidecar memory and network traffic on very large clusters #3206
- S3 storage with hard multi-tenancy and per namespace credentials. Limitations of kubeflow/pipelines#12373 and kubeflow/pipelines#9889 still apply. See also https://blog.kubeflow.org/gsoc/community/kubeflow/2025/09/06/kubeflow-and-gsoc2025.html#project-1-kubeflow-platform-enhancements for more information.
- PodSecurityStandards restricted is enforced for all system namespaces. PodSecurityStandards baseline is enforced for user namespaces https://kubernetes.io/docs/concepts/security/pod-security-standards/
- Automatic tests/documentation for exposing Kserve inference services with authentication inside and outside of the cluster https://github.com/kubeflow/manifests/blob/v1.11-branch/.github/workflows/katib_test.yaml
- Experimental helm charts development has started https://github.com/kubeflow/manifests/tree/v1.11-branch/experimental/helm/charts
- Typical resource consumption per component https://github.com/kubeflow/manifests/tree/v1.11-branch#kubeflow-version-master
- KFP 2.15.0 (still supports V1 pipelines and the 1.8.23 SDK), Trainer 2.1.0, Training Operator 1.9.2, KServe 0.15.0, Kserve models web application 0.15.0, Spark operator 2.3.0, Istio 1.28, DEX 2.43, OAuth2-Proxy 7.10
- Network Policies for the namespaces knative-serving oauth2-proxy cert-manager istio-system auth by @kunal-511 in #3228
- Massive test improvements across repositories which should lead to significantly higher quality releases.
- So far this release was tested on Kind and GKE (with GKE specific istio overlay), but should also work on AKS, EKS, Rancher and many other Kubernetes clusters.
TODO: Spark-operator 2.4 https://github.com/kubeflow/spark-operator/releases/tag/v2.4.0, Kserve 0.16.0 https://github.com/kserve/kserve/releases/tag/v0.16.0, Katib 0.19.0
Probably 1.11.1 / 1.12.0:
- enable model-registry by default
- kubeflow/dashboard update after repository migration kubeflow/dashboard#125
- kubeflow/notebooks update for v1 kubeflow/notebooks#572 or v2 preview
Changes
- Fix PSS restricted warnings for kubeflow components by @akagami-harsh in #3050
- Helm Charts Katib by @kunal-511 in #3168
- Switch to large oracle runners by @juliusvonkohout in #3189
- Update dex manifests v2.43.1 by @kunal-511 in #3193
- Update oauth2 proxy manifests v7.10.0 by @kunal-511 in #3194
- add architecture by @juliusvonkohout in #3192
- kserve enforce authentication by @madmecodes in #3180
- Update kubeflow/spark-operator manifests to 2.3.0 by @juliusvonkohout in #3201
- PSS restricted for static namespaces by @juliusvonkohout in #3190
- Update test.sh by @juliusvonkohout in #3202
- dynamic PSS baseline by @juliusvonkohout in #3204
- Update kubeflow/model-registry manifests from v0.2.21 by @tarilabs in #3195
- kfp 1.8.23 by @juliusvonkohout in #3210
- Synchronize kubeflow pipelines manifests 2.14.0 by @juliusvonkohout in #3211
- Helm charts Kserve Models Web App by @kunal-511 in #3183
- Synchronize trainer manifests 2.0 by @kunal-511 in #3181
- Update trivy_scan.py by @juliusvonkohout in #3218
- Add missing resource constraint for training operator by @kunal-511 in #3222
- Update kubeflow/model-registry manifests from v0.2.22 by @tarilabs in #3216
- TrainJob support to Katib Trial Templates by @ram4444 in #3199
- Limit Istio Sidecar Scope to reduce memory usage by @madmecodes in #3206
- Update kserve_test.yaml by @juliusvonkohout in #3221
- Add documentation for Kubeflow Pipelines Kubernetes Native API mode by @VaniHaripriya in #3209
- doc: fix ordering of individual install steps by @andyatmiami in #3226
- Merge PSS_baseline and PSS_restricted by @kunal-511 in #3220
- Update cluster-roles.yaml by @juliusvonkohout in #3229
- Deny All Network Policies for the namespaces knative-serving oauth2-proxy cert-manager istio-system auth by @kunal-511 in #3228
- Update istio to 1.27.0 by @kunal-511 in #3230
- Update kubeflow/model-registry manifests from v0.3.0 by @tarilabs in #3231
- Make Helm Comparision Tests Non Blocking by @kunal-511 in #3234
- bitnami deprecation by @juliusvonkohout in #3235
- Default to SeaweedFS instead of MinIO by @akagami-harsh in #3240
- fix-ml-pipeline-ui-mtls by @jholt96 in #3236
- Update kubeflow/pipelines manifests from 2.14.0 to 2.14.3 by @akagami-harsh in #3242
- Add Katib Test File by @kunal-511 in #3243
- Remove the unnecessary step from end to end test by @kunal-511 in #3249
- Notebook Controller Helm Charts by @kunal-511 in #3219
- Synchronize kserve models web app manifests v0.15.0 by @juliusvonkohout in #3250
- Add VirtualService conflict troubleshooting for KServe path-based Routing by @madmecodes in #3247
- kserve models web app helm charts v0.15.0 by @kunal-511 in #3252
- feat: GitHub Actions workflow to test the KServe Models Web Application by @LogicalGuy77 in #3253
- Update doc for Dex Known Issues by @NJ3rsey in #3256
- Tests for Model Catalog by @kunal-511 in #3262
- Update kubeflow/model-registry manifests from v0.3.2 by @tarilabs in #3259
- Modify version options in issue-report.yml by @juliusvonkohout in #3267
- update troubleshooting for kserve path based routing by @hahahannes in #3264
- Update deprecated MinIO Image by @juliusvonkohout in #3271
- Update kubeflow/model-registry manifests from v0.3.3 by @Al-Pragliola in #3273
- Feature: Add Istio Ambient Mode Support via Overlay Method by @madmecodes in #3246
- Fix: consolidate multiple kserve test workflows into a single job by @madmecodes in #3254
- Update synchronize istio to include ztunnel support by @kunal-511 in #3274
- Update Dex Login Test by @kunal-511 in #3277
- Upgrade istio to v.1.28.0 by @juliusvonkohout in #3276
- Add fsGroup to seaweedfs by @juliusvonkohout in #3279
- Synchronize kubeflow pipelines manifests 2.15.0 by @juliusvonkohout in #3283
- Synchronize trainer manifests v2.1.0 by @juliusvonkohout in #3282
- update kfp sdk to 2.15.1 by @juliusvonkohout in #3285
- Add fsGroup and fsGroupChangePolicy to deployment by @juliusvonkohout in #3286
New Contributors
- @ram4444 made his first contribution in #3199
- @VaniHaripriya made her first contribution in #3209
- @andyatmiami made his first contribution in #3226
- @jholt96 made his first contribution in #3236
- @LogicalGuy77 made his first contribution in #3253
- @NJ3rsey made their his contribution in #3256
- @hahahannes made his first contribution in #3264
Full Changelog: v1.10.2...v1.11.0-rc.0
Contributors
tarilabs, ram4444, and 11 other contributors
Assets 2
Kubeflow Platform 1.10.2
Milestones:
1.11.0 Milestone
Our support target is Kubernetes 1.31-1.33+
New Contributors
- @kitsuyaazuma made his first contribution in #3149
- @emmanuel-ferdman made his first contribution in #3147
- @ActionsPerMinute made his first contribution in #3170
Changes since 1.10.1
- Apply pss labels from diectly PSS enable scripts by @akagami-harsh in #3132
- istio namespace missing by @juliusvonkohout in #3134
- The test_pipeline.py has been changed to test_pipeline_v2.py by @madmecodes in #3136
- Adding OpenSSF Best Practices and build status by @tarekabouzeid in #3138
- Update kubeflow/model-registry manifests from v0.2.18 by @tarilabs in #3137
- Add SeaweedFS namespace isolation security test to CI by @akagami-harsh in #3141
- Switch to Istio CNI by default by @madmecodes in #3135
- Remove static PSS files and apply security labels directly in enable PSS scripts by @akagami-harsh in #3130
- Updated tests file naming scheme by @kunal-511 in #3144
- Fix seaweedfs PSS warnings by @akagami-harsh in #3152
- Fix sed pattern in spark-operator script by @kunal-511 in #3151
- Correct Dex's issuer in README config example by @kitsuyaazuma in #3149
- Update kubeflow/spark-operator manifests to 2.2.0 by @juliusvonkohout in #3146
- Add namespace isolation to V1 pipeline workflows with SeaweedFS integration by @akagami-harsh in #3145
- test: Kserve test fail reason by @madmecodes in #3155
- Apply PSS baseline for profiles namespaces in CI by @akagami-harsh in #3150
- Modernize logger interface by @emmanuel-ferdman in #3147
- Move dynamic PSS baseline patch to
apps/profiles/by @akagami-harsh in #3157 - Update README.md by @juliusvonkohout in #3156
- Unduplicated the Trivy file by @kunal-511 in #3158
- Update trivy_scan.py by @juliusvonkohout in #3159
- KServe Path-Based Routing Implementation by @madmecodes in #3148
- Add swfs test to full_kubeflow_integration_test.yaml by @akagami-harsh in #3160
- update: 60s from 300s by @madmecodes in #3162
- Update install_KinD_create_KinD_cluster_install_kustomize.sh by @juliusvonkohout in #3165
- Update kubeflow/model-registry manifests from v0.2.19 by @tarilabs in #3163
- Feat: Migrated to Istio 1.26.1 and merged istio and istio cni by @madmecodes in #3153
- knative and cluster-local-gateway confusion by @madmecodes in #3169
- Moved from Apps to Applications by @kunal-511 in #3167
- Added the GHA permissions by @kunal-511 in #3172
- fix pipeline application command by @ActionsPerMinute in #3170
- Update: move test auth file in test GHA workflow for istio insecure overlay by @madmecodes in #3173
- feat: check resource usage in
full_kubeflow_integration_testand add section of resource utilization of each component in README by @milinddethe15 in #3091 - Migrate busybox image to ghcr by @akagami-harsh in #3174
- Helm Charts Model Registry by @kunal-511 in #3175
- Simplified the metrics by @kunal-511 in #3182
- security and contributors.md by @juliusvonkohout in #3187
- Live PVC storage by @kunal-511 in #3188
Full Changelog: v1.10.1...v1.10.2
Contributors
tarilabs, tarekabouzeid, and 8 other contributors
Assets 2
Kubeflow Platform 1.10.1
Milestones:
1.10.1 Milestone
1.11.0 Milestone
Our support target is Kubernetes 1.31-1.33+, although it should run as well on Kubernetes 1.29/1.30 (#3059).
New Contributors
- @christian-heusel made his first contribution in #3081
Full Changelog: v1.10.0...v1.10.1
Changes since 1.10.0
- documentation: Explain PodDisruptionBudget workaround by @christian-heusel in #3081
- fix: Fixes issue where service account tokens fail with: "Jwt issuer is not configured" error. by @madmecodes in #3079
- Fix: Added example.com in knative serving patch, to solve 404 error by @madmecodes in #3084
- end-to-end integration tests by @kunal-511 in #3077
- Updated the gha workflows to use new install_katib, made changes as sโฆ by @kunal-511 in #3092
- Update kubeflow/model-registry manifests from v0.2.16 by @tarilabs in #3087
- Removed KServe DNS patches from GitHub Actions tests by @madmecodes in #3086
- Update readme and todos by @juliusvonkohout in #3088
- Fix: flaky Dex login test by improving authentication flow handling by @madmecodes in #3082
- fix: disable GHA in forked repo by @milinddethe15 in #3096
- Synchronize kserve web appplication manifests v0.14.0 by @juliusvonkohout in #3097
- improve the tests with real KF profile namespaces by @kunal-511 in #3093
- Improving gha's to make them consistent by @kunal-511 in #3099
- Update kubeflow/spark-operator manifests to 2.1.1 by @juliusvonkohout in #3102
- Fixed the cert manager readiness for kserve by @kunal-511 in #3103
- Synchronize kserve manifests v0.15.0 and update tests by @juliusvonkohout in #3101
- Fix PSS warning for cluster-local-gateway by @akagami-harsh in #3108
- Update issue-report.yml by @juliusvonkohout in #3114
- Enforce failure on PSS baseline test violations by @kunal-511 in #3106
- ci: remove
triage_issuesaction by @milinddethe15 in #3116 - PSS test for knative-serving by @kunal-511 in #3117
- Integrate profiles with seaweedfs by @pschoen-itsc in #3051
- Fix knative-serving PSS warnings by @akagami-harsh in #3118
- Making the synchronize scripts consistent by @kunal-511 in #3115
- Synchronize kubeflow pipelines manifests 2.5.0 by @juliusvonkohout in #3121
- Update README.md by @juliusvonkohout in #3123
- refactor: move KServe tests from apps to tests/gh-actions by @madmecodes in #3120
- Synchronize training operator manifests v1.9.2 by @juliusvonkohout in #3126
- fix: make again script runnable on Mac OSX by @tarilabs in #3125
- Add KFP V1 Pipeline Test to CI Workflow by @kunal-511 in #3127
- Update kubeflow/model-registry manifests from v0.2.17 by @tarilabs in #3122
- Use istio cni in pipelines gha by @akagami-harsh in #3128
- Enable Spark Operator by default by @kunal-511 in #3131
- Fix Istio sidecar injection by moving from annotations to labels by @madmecodes in #3044
- Updated the V2 pipeline test to be more robust #3129 by @kunal-511 in #3129
Contributors
tarilabs, christian-heusel, and 6 other contributors
Assets 2
Kubeflow Platform 1.10.0
Milestones:
1.10.0 Milestone
1.10.1 Milestone
Our support target is Kubernetes 1.31-1.33+, although it should run as well on Kubernetes 1.29/1.30 (#3059).
- Release Page
- Blogpost with details
- TODO link to release presentation
New Contributors
- @varodrig made her first contribution in #2906
- @mahdikhashan made his first contribution in #2924
- @utsumi-fj made his first contribution in #2946
- @biswassri made her first contribution in #2939
- @warjiang made his first contribution in #2971
- @akagami-harsh made his first contribution in #2972
- @ederign made his first contribution in #2989
- @lucferbux made his first contribution in #3000
- @wooyoung85 made his first contribution in #3012
- @jbronn made his first contribution in #3021
- @anishasthana made his first contribution in #2994
- @milinddethe15 made his first contribution in #3045
- @madmecodes made his first contribution in #3048
- @shaikmoeed made his first contribution in #3063
- @kunal-511 made his first contribution in #3070
Changes since 1.9.1
- Remove the old tekton version by @hansinikarunarathne in #2772
- update Readme file to fix Kustomize links and Tekton pipelines information by @varodrig in #2906
- Upgrade istio to v.1.23.2 by @tarekabouzeid in #2890
- Upgrade istio-cni to v.1.23.2 by @tarekabouzeid in #2903
- Synchronize kserve manifests v0.14.0 by @juliusvonkohout in #2908
- feat: synchronize kubeflow model registry manifests to v0.2.10 by @Al-Pragliola in #2913
- Dex,oauth2-proxy and k8s token documentation by @juliusvonkohout in #2911
- Update Dex and oauth2-proxy to 2.41.1 and 7.7.1 by @juliusvonkohout in #2916
- Use $HOME .docker/config.json by @diegolovison in #2918
- Synchronize knative manifests v1.16.0 by @juliusvonkohout in #2917
- update cert-manager to 1.16.1 and move the upstream manifests to the upstream folder by @juliusvonkohout in #2919
- update cert-manager and kubernetes version information according to oโฆ by @juliusvonkohout in #2921
- remove seldon, bentoml and metacontroller (included in upstream KFP) by @juliusvonkohout in #2920
- fix cert-manager wrong path in standalone installation section by @mahdikhashan in #2924
- kustomize 5.4.3 and documentation updates by @juliusvonkohout in #2929
- update oauth2-proxy readme by @juliusvonkohout in #2930
- Kubernetes 1.32 and kind 0.26 by @juliusvonkohout in #2935
- Fix command for PVC Viewer Controller in README.md by @utsumi-fj in #2946
- Added a PSS patch for cluster-jwks-proxy deployment by @biswajit-9776 in #2944
- Fix typo in README.md by @utsumi-fj in #2947
- Upgrade Istio to v1.24.2 by @biswajit-9776 in #2950
- Synchronize kubeflow model registry manifests v0.2.12 by @juliusvonkohout in #2956
- Synchronize kserve manifests v0.14.1 by @juliusvonkohout in #2955
- Synchronize kubeflow training operator manifests v1.9.0 rc.0 by @juliusvonkohout in #2954
- Disable init container injection for ray by @juliusvonkohout in #2957
- chore: Add securitycontext for PSS PoC (rootless Kubeflow) by @biswassri in #2939
- update spark to 2.1.0 by @juliusvonkohout in #2962
- Update kubeflow/training-operator manifests from v1.9.0 by @tarekabouzeid in #2965
- Update sparkapplication_example.yaml by @juliusvonkohout in #2966
- Synchronize kubeflow pipelines manifests 2.4.0 by @juliusvonkohout in #2953
- fix: update kind config by @warjiang in #2971
- Refactor: Extract pipeline_test.py into a shared file for reuse across workflows by @akagami-harsh in #2972
- Update oauth2-proxy README.md by @juliusvonkohout in #2977
- Synchronize kubeflow training operator manifests 778cd72 by @juliusvonkohout in #2979
- Fix raycluster Readme by @akagami-harsh in #2976
- Update kubeflow/model-registry manifests from 5d8ed91 by @tarilabs in #2973
- Improve documentation and CI/CD by @juliusvonkohout in #2987
- Add model registry ui network policy by @ederign in #2989
- fix warnings after kustomize build in contrib by @mahdikhashan in #2992
- Synchronize kubeflow katib manifests v0.18.0 rc.0 by @juliusvonkohout in #2993
- Synchronize kubeflow kubeflow manifests v1.10.0 rc.0 by @juliusvonkohout in #2995
- Synchronize kubeflow model registry manifests v0.2.14 by @tarilabs in #2998
- Synchronize kserve web app manifests v0.14.0 rc.0 by @juliusvonkohout in #3003
- feat: Add pre-commit hooks for automated code quality checks by @akagami-harsh in #3001
- Synchronize kubeflow kubeflow manifests v1.10.0 rc.1 by @juliusvonkohout in #3008
- Add Model Registry UI Integration Test by @lucferbux in #3000
- chore: Removing PSS patches by @biswassri in #2986
- Add a section for pre-commit in README.md by @akagami-harsh in #3009
- Upgrading metacontroller to v4.11.22 by @tarekabouzeid in #2988
- docs: Add guide for Dex and Keycloak by @wooyoung85 in #3012
- Update common/knative manifests to v1.16.2/v1.16.4. by @jbronn in #3021
- Pipelines MySQL volume permissions fix by @jbronn in #3019
- Update knative README.md by @juliusvonkohout in #3024
- docs: Add information about KEP process by @anishasthana in #2994
- Refactoring by @juliusvonkohout in #3025
- Update kubeflow/pipelines manifests from 2.4.1 by @varodrig in #3029
- Test PSS baseline/restricted for Notebooks, Katib and Kserve by @akagami-harsh in #3026
- Dummy PR for integration tests by @juliusvonkohout in #3014
- Migrate Istio images from DockerHub to GCR by @akagami-harsh in #3022
- Delete experimental/security/PSS/patches/kubeflow-pipelines-profile-controller.yaml by @juliusvonkohout in #3036
- istio: generate istio-ingressgateway by @fraenkel in #3039
- PSS baseline / restricted also for Notebooks, Katib, Kserve and istio-ingressgateway by @akagami-harsh in #3042
- Cleanup istio by @juliusvonkohout in #3043
- fix(pipeline): minio filesystem permission access error by @milinddethe15 in #3045
- restructuring by @juliusvonkohout in #3046
- istio proxy version 1.24.3 by @juliusvonkohout in #3049
- Update kubeflow/model-registry manifests from v0.2.15 by @tarilabs in #3053
- Add synchronization script for Spark Operator manifests by @madmecodes in #3048
- Synchronize kubeflow kubeflow manifests v1.10.0 rc.2 by @juliusvonkohout in #3058
- U...
Contributors
jbronn, ederign, and 21 other contributors
Assets 2
Kubeflow 1.10.0-rc.3
Open issues:
1.10.0 Milestone
1.10.1 Milestone
Changes since 1.10.0-rc.2
- Migrate Istio images from DockerHub to GCR by @akagami-harsh in #3022
- Delete experimental/security/PSS/patches/kubeflow-pipelines-profile-controller.yaml by @juliusvonkohout in #3036
- istio: generate istio-ingressgateway by @fraenkel in #3039
- PSS baseline / restricted also for Notebooks, Katib, Kserve and istio-ingressgateway by @akagami-harsh in #3042
- Cleanup istio by @juliusvonkohout in #3043
- fix(pipeline): minio filesystem permission access error by @milinddethe15 in #3045
- restructuring by @juliusvonkohout in #3046
- istio proxy version 1.24.3 by @juliusvonkohout in #3049
- Update kubeflow/model-registry manifests from v0.2.15 by @tarilabs in #3053
- Add synchronization script for Spark Operator manifests by @madmecodes in #3048
- Synchronize kubeflow kubeflow manifests v1.10.0 rc.2 by @juliusvonkohout in #3058
- Update Kind and test Kubernetes 1.29-1.32 by @juliusvonkohout in #3059
- streamline kserve tests by @juliusvonkohout in #3062
- Update README.md with air gap hints by @juliusvonkohout in #3060
- Update trivy_scan.py by @juliusvonkohout in #3064
- Update kubeflow/model-registry manifests from v0.2.15.3 by @tarilabs in #3066
- Formatted code block to the experimental/ray README by @shaikmoeed in #3063
- test: fix name, debug hooks by @tarilabs in #3067
- Synchronize kubeflow training operator manifests v1.9.1 by @juliusvonkohout in #3068
- Synchronize kubeflow katib manifests v0.18.0 by @juliusvonkohout in #3069
- Part 1 of Document secure Kserve authentication via automated tests by @madmecodes in #3056
- Update README.md for the 1.10 release by @juliusvonkohout in #3074
New Contributors
- @milinddethe15 made his first contribution in #3045
- @madmecodes made his first contribution in #3048
- @shaikmoeed made his first contribution in #3063
Full Changelog: v1.10.0-rc.2...v1.10.0-rc.3
Note: We support Kubernetes 1.31-1.33 directly. It should also work on Kubernetes 1.29+, but on some 1.29-1.30 clusters you might have to either enable the native sidecars feature gate on your Kubernetes cluster or you need to disable NATIVE_SIDECARS here https://github.com/kubeflow/manifests/blob/421ffcd46899d4916972d39949a6ea0c8fe97ff2/common/istio-1-24/istio-install/base/install.yaml#L3006-L3007 or here https://github.com/kubeflow/manifests/blob/421ffcd46899d4916972d39949a6ea0c8fe97ff2/common/istio-cni-1-24/istio-install/base/install.yaml#L3318-L3319.
But Kubernetes 1.30 is already End of Life by 2025-06-28, so we strongly recommend to upgrade to 1.31+. We also tested that native sidecars work on AKS and GKE 1.31+. Kubernetes 1.33 is planned for release on April 23 2025, so we plan to support 1.31-1.33 and down to 1.29 depending on your cluster with native sidecars workarounds.
Contributors
fraenkel, tarilabs, and 5 other contributors
Assets 2
Kubeflow 1.10.0-rc.2
Open issues:
1.10.0 Milestone
1.10.1 Milestone
What has Changed since 1.10.0-rc.1
- feat: Add pre-commit hooks for automated code quality checks by @akagami-harsh in #3001
- Synchronize kubeflow kubeflow manifests v1.10.0 rc.1 by @juliusvonkohout in #3008
- Add Model Registry UI Integration Test by @lucferbux in #3000
- chore: Removing PSS patches by @biswassri in #2986
- Add a section for pre-commit in README.md by @akagami-harsh in #3009
- Upgrading metacontroller to v4.11.22 by @tarekabouzeid in #2988
- docs: Add guide for Dex and Keycloak by @wooyoung85 in #3012
- Update common/knative manifests to v1.16.2/v1.16.4. by @jbronn in #3021
- Pipelines MySQL volume permissions fix by @jbronn in #3019
- Update knative README.md by @juliusvonkohout in #3024
- docs: Add information about KEP process by @anishasthana in #2994
- Refactoring by @juliusvonkohout in #3025
- Update kubeflow/pipelines manifests from 2.4.1 by @varodrig in #3029
- Test PSS baseline/restricted for Notebooks, Katib and Kserve by @akagami-harsh in #3026
- Update README.md by @juliusvonkohout in #3030
New Contributors
- @lucferbux made his first contribution in #3000
- @wooyoung85 made his first contribution in #3012
- @jbronn made his first contribution in #3021
- @anishasthana made his first contribution in #2994
Full Changelog: v1.10.0-rc.1...V1.10.0-rc.2
Contributors
jbronn, anishasthana, and 7 other contributors
Assets 2
Kubeflow v1.10.0-rc.1
What's Changed since 1.10.0-rc0
- fix: update kind config by @warjiang in #2971
- Refactor: Extract pipeline_test.py into a shared file for reuse across workflows by @akagami-harsh in #2972
- Update oauth2-proxy README.md by @juliusvonkohout in #2977
- Synchronize kubeflow training operator manifests 778cd72 by @juliusvonkohout in #2979
- Fix raycluster Readme by @akagami-harsh in #2976
- Update kubeflow/model-registry manifests from 5d8ed91 by @tarilabs in #2973
- Improve documentation and CI/CD by @juliusvonkohout in #2987
- Add model registry ui network policy by @ederign in #2989
- fix warnings after kustomize build in contrib by @mahdikhashan in #2992
- Synchronize kubeflow katib manifests v0.18.0 rc.0 by @juliusvonkohout in #2993
- Synchronize kubeflow kubeflow manifests v1.10.0 rc.0 by @juliusvonkohout in #2995
- Synchronize kubeflow model registry manifests v0.2.14 by @tarilabs in #2998
- Synchronize kserve web app manifests v0.14.0 rc.0 by @juliusvonkohout in #3003
New Contributors
- @warjiang made their first contribution in #2971
- @akagami-harsh made their first contribution in #2972
- @ederign made their first contribution in #2989
Full Changelog: v1.10.0-rc.0...v1.10.0-rc.1
Contributors
ederign, tarilabs, and 4 other contributors
Assets 2
Kubeflow v1.10.0-rc.0
The release includes the following platform/manifests/security changes:
Core Components:
- Kubeflow Training Operator manifests upgraded to v1.9.0
- Kubeflow Pipelines manifests upgraded to 2.4.0
- Kubeflow Model Registry manifests upgraded to v0.2.12
- Spark Operator manifests upgraded to 2.1.0
- KServe manifests upgraded to v0.14.1
Platform components:
- Kubernetes 1.32 and kind 0.26 support
- Kustomize 5.4.3 support and documentation updates
- Cert-manager upgraded to 1.16.1
- Dex and oauth2-proxy upgraded to 2.41.1 and 7.7.1
- KNative manifests upgraded to v1.16.0
- Istio upgraded to v1.24.2
- OIDC-AUthservice has been removed
Other changes:
- Rootless containers improvements
- Oauth2-proxy and Dex documentation for external OIDC authentication.
- Check out #2763 for more detailed information #2763
Full Changelog: v1.9.1...v1.10.0-rc.0