RATATOSKRATATOSK
Sign in

Releases

AI-analyzed release notes for CNCF graduated and incubating projects.

Jun 2026Clear ×

Kubeflow

AI & MLJun 15, 2026

Kubeflow 26.03.1 is a large calendar release bundling upgrades across Pipelines, Kserve, Trainer, Notebooks, Dashboard, Istio, Knative, Dex, cert-manager, and oauth2-proxy, alongside a breaking rename of model-registry to hub and a relocation of model registry/catalog namespaces that operators must account for before upgrading.

  • breakingmodel-registry package renamed to hub

    The kubeflow/model-registry package has been renamed to kubeflow/hub. Update manifests, kustomizations, and any automation referencing the old package name.

  • breakingModel registry now deploys to user profile namespace

    Model registry deployments now land in the user's profile namespace instead of the shared default namespace. Review per-user access, RBAC, and any scripts that assumed a fixed default-namespace location.

  • breakingModel catalog moved to cluster-wide singleton

    The model catalog is now split out into the kubeflow namespace as a single cluster-wide instance rather than one per namespace. Check for per-namespace catalog customizations that would need consolidation.

  • enhancementModel registry with UI now on by default

    Model registry with its UI is now enabled by default. Clusters that previously left it off will get it running after upgrade unless explicitly disabled.

Key changes (7)
  • Breaking: kubeflow/model-registry renamed to kubeflow/hub, with model registry relocated to per-user profile namespaces and the model catalog consolidated into a cluster-wide singleton in the kubeflow namespace
  • Model registry with UI is now enabled by default
  • Major component bumps: Kubeflow Pipelines 2.16.1, Kserve/Kserve Web App v0.18.0, Kubeflow Trainer v2.2.0, Notebooks v1.11.0 (Workspaces v2 at v2.0.0-alpha.3), Dashboard toward v2.0.0
  • Platform dependency updates: Istio 1.30.1 (hostUsers: false support), Knative 1.22.0 (new eventing security overlay), cert-manager 1.20.2 (overlay split from base), oauth2-proxy v7.15.2, Dex 2.45.1 (now 2 replicas, no sticky service)
  • CI/infra: PSS restricted and network policies added for optional knative-eventing, move to Kind 0.32+ and Kubernetes 1.36, dependabot with SHA-pinned Actions
  • Docs restructured with version-specific upgrade notes, including Kserve v0.16.x to v0.17.0 migration guidance
  • trivy scanning temporarily removed from CI, to be re-enabled later
Source

KServe

AI & MLJun 14, 2026

KServe v0.19.0 is a large release focused heavily on LLMInferenceService (LLMISvc) maturity: better observability, autoscaling, routing, and a migration path for llm-d v0.6 upgrades. Two CVEs are patched.

  • securityPatch two CVEs before upgrading or apply independently

    v0.19.0 patches a vLLM/Pillow CVE and pins azure-core>=1.38.0 for CVE-2026-21226. If you are running KServe with vLLM runtimes or azure-core dependencies, upgrade to v0.19.0 or manually apply the azure-core pin to your environment. Check your current Pillow version in custom server images as well.

  • breakingRouter splitter off-by-one fix changes traffic split behavior

    The pickupRoute random range had an off-by-one error. After upgrading, traffic percentages in InferenceService splitter configurations will be computed correctly, which means observed traffic distribution will shift if your weights were tuned around the buggy behavior. Verify split configurations in staging before rolling to production.

  • enhancementLLMISvc autoscaling and status visibility are now production-ready

    HPA/KEDA scaling conditions are now visible in LLMISvc status, and readiness transitions emit k8s events. If you are operating LLMInferenceService, add these conditions to your monitoring dashboards and alerting. The --scaling flag in kserve-install.sh simplifies enabling autoscaling during fresh installs.

Key changes (7)
  • CVE fixes: vLLM setup and Pillow vulnerability patched; azure-core pinned to >=1.38.0 to address CVE-2026-21226
  • LLMInferenceService gets HPA/KEDA scaling status bubbled up to service conditions, autoscaling e2e tests, and a --scaling flag in kserve-install.sh
  • New LLMISvc observability: k8s events on readiness transitions, routing topology in status, workload references in status, ConfigNotFound condition surfaced
  • Dual-protocol (REST/gRPC) routing added for InferenceService Standard mode
  • Off-by-one bug fixed in the router splitter's pickupRoute random range — affects traffic splitting correctness
  • LocalModelCache support added for LLMInferenceService; NodeSelector fix for jobs to fix PVC access
  • Migration logic added for llm-d v0.6 component upgrades
Source
Browse by month