Support for Kubernetes version 1.16.8

Container Engine for Kubernetes now supports Kubernetes version 1.16.8, in addition to versions 1.15.7 and 1.14.8. Oracle recommends you upgrade your Kubernetes environment to version 1.16.8.

Note the following:

  • To address a security vulnerability in Kubernetes (CVE-2019-11254), Kubernetes version 1.16.8 has been patched to mitigate the vulnerability associated with this CVE. Kubernetes versions 1.15.7 and 1.14.8 have already been patched to mitigate this security vulnerability.
  • Container Engine for Kubernetes now supports three minor versions of Kubernetes (previously, it only supported two Kubernetes minor versions).
  • You can now upgrade master nodes through unsupported minor versions. Kubernetes requires that you upgrade master nodes one minor version at a time. So if a master node is running Kubernetes version 1.12.7 (an unsupported minor version), you can now upgrade it to Kubernetes version 1.13.5 (also an unsupported minor version), before upgrading it to 1.14.8.
  • A number of Kubernetes API versions and Kubernetes labels are deprecated in Kubernetes version 1.16.8. Before upgrading to Kubernetes version 1.16.8, you must update any manifest files referring to the deprecated API versions and labels. For more information about the deprecations and what you need to do, see Notes about Container Engine for Kubernetes Support for Kubernetes Version 1.16.

To upgrade a cluster to a new Kubernetes minor version:

  1. Upgrade the Kubernetes version running on the master nodes by following the instructions here
  2. Having upgraded the master nodes in the cluster, upgrade the Kubernetes version running on worker nodes in a node pool by following the instructions here.

When upgrading master nodes and worker nodes, always follow the Kubernetes skew policy for Kubernetes minor version support. For example, if the master nodes in a cluster are running Kubernetes version 1.16.8, then the worker nodes must be running 1.16.8, 1.15.7, or 1.14.8. Note that although the worker nodes in a node pool must follow the Kubernetes skew policy, you do not have to upgrade them one minor version at a time.

For more information, see Upgrading Clusters to Newer Kubernetes Versions.