Solutions
Audit & Optimization Platform Design Automation Team Structure
Documentation Blog
Get Started
Kubernetes Releases 2018

Kubernetes 1.12: Secure Node Bootstrap, RuntimeClass & Cloud Scale

K8s Guru
4 min read
#kubernetes #1.12 #release #tls-bootstrap #vmss #autoscaling #runtimeclass #snapshot #hpa #gce
Kubernetes 1.12: Secure Node Bootstrap, RuntimeClass & Cloud Scale

Table of Contents

Introduction

On September 27 2018, Kubernetes version 1.12 was officially released.
This release continued the focus on maturing the platform by graduating key features to General Availability — including kubelet certificate bootstrapping and support for Azure Virtual Machine Scale Sets (VMSS) — and improving autoscaling and cluster performance.

Official Highlights

1. Kubelet TLS Bootstrap (GA)

With Kubernetes 1.12, the kubelet bootstrapping process via TLS and the certificate signing workflow became GA, enabling more secure and automated node onboarding.

2. Azure VMSS Support (GA)

Support for Azure Virtual Machine Scale Sets (VMSS) moved to GA, providing better scalability and dynamic infrastructure for Kubernetes clusters on Azure.

3. RuntimeClass and Windows Acceleration

  • RuntimeClass (beta) lets clusters select container runtimes per workload—perfect for sandboxes such as gVisor or Kata Containers.
  • Windows node support advanced with improved kube-proxy, CSI integration, and networking parity for hybrid clusters.

4. Performance and Autoscaling Improvements

  • Inter-Pod affinity scheduling saw up to 100× improvements via caching and precomputation.
  • Cluster Autoscaler and Horizontal Pod Autoscaler both gained faster reaction times, better scale-down fairness, and enhanced external metrics support.
  • Vertical Pod Autoscaler v1beta1 API preview landed with admission controller integration.

5. Networking & Storage Enhancements

  • NetworkPolicy now supports egress rules with ipBlock selectors for granular outbound filtering.
  • CSINodeInfo and CSIDriver CRDs launched, paving the way for topology-aware storage scheduling.
  • Volume snapshot/restore alpha introduced snapshotting CRDs that unify backup tooling across vendors.

6. Cloud Provider Updates

  • Azure VMSS support hit GA, bringing autoscaling parity with other cloud providers.
  • GCE regional persistent disks and AWS EBS multi-attach features entered beta, widening HA storage options.
  • Cloud Controller Manager (CCM) interfaces received polish to encourage externalized cloud integrations.

Field Notes & Best Practices

  • Use RuntimeClass with a matching nodeSelector or admission policy so sandboxed workloads land on compatible nodes.
  • For TLS bootstrap GA, rotate bootstrap tokens regularly and gate certificate approvals via RBAC to prevent rogue nodes.
  • Adopt the new VolumeSnapshotClass resources alongside CSI drivers for consistent backup policies and retention.

Upgrade Watch-outs

  • Kubelet certificate rotation defaults may change behavior—confirm /var/lib/kubelet/pki/kubelet-client-current.pem symlinks after upgrade.
  • Cluster Autoscaler flags shifted; validate cloud provider settings and ensure IAM roles allow new API calls.
  • RuntimeClass relies on API server feature-gates=RuntimeClass=true; update control plane manifests before applying RuntimeClass resources.

Milestones Timeline

DateEvent
Sept 27 2018Kubernetes 1.12 officially released.
Late 2018Cloud providers begin rolling 1.12; production focus shifts to stability.
Early 2019RuntimeClass pilots, snapshot tooling, and large-scale autoscaling rollouts accelerate.

Patch Releases for 1.12

Patch releases in the 1.12.x branch (1.12.0 → etc) addressed bug fixes, security patches and compatibility improvements.

Patch VersionRelease DateNotes
1.12.02018-09-27Initial 1.12 release
1.12.1+various datesSuccessive stability, compatibility and security patches

Legacy and Impact

Kubernetes 1.12 further solidified the platform’s readiness for enterprise-level deployments by enhancing node security (TLS bootstrap), cloud provider scalability (Azure VMSS), and performance at scale.
These advances helped shift Kubernetes from “fast evolution” mode to “platform maturity and performance” mode, while RuntimeClass and snapshot features invited experimentation with modern runtimes and resilient storage.

Summary

AspectDescription
Release DateSeptember 27 2018
Key InnovationsTLS bootstrap GA, RuntimeClass beta, Azure VMSS GA, autoscaling & snapshot advances
SignificanceMarked a maturity milestone — security, scale, stability and new runtime flexibility prioritized

Deprecations & Gotchas

  • Dynamic Kubelet Config API moved to v1beta1; convert older configs and verify ConfigMap sizes.
  • Pod priority/preemption has been enabled cluster-wide since 1.11—ensure mission-critical workloads define PriorityClass.
  • kube-dns remains available, but CoreDNS is the strategic path; keep ConfigMaps synced if you temporarily run both.

Next in the Series

Next up: Kubernetes 1.13 (December 2018) — we’ll explore simpler cluster management with kubeadm enhancements, CoreDNS defaults and the Container Storage Interface (CSI) advancing further.