KServe
v0.19.0AI & MLKServe v0.19.0 is a large release focused heavily on LLMInferenceService (LLMISvc) maturity: better observability, autoscaling, routing, and a migration path for llm-d v0.6 upgrades. Two CVEs are patched.
securityPatch two CVEs before upgrading or apply independently
v0.19.0 patches a vLLM/Pillow CVE and pins azure-core>=1.38.0 for CVE-2026-21226. If you are running KServe with vLLM runtimes or azure-core dependencies, upgrade to v0.19.0 or manually apply the azure-core pin to your environment. Check your current Pillow version in custom server images as well.
breakingRouter splitter off-by-one fix changes traffic split behavior
The pickupRoute random range had an off-by-one error. After upgrading, traffic percentages in InferenceService splitter configurations will be computed correctly, which means observed traffic distribution will shift if your weights were tuned around the buggy behavior. Verify split configurations in staging before rolling to production.
enhancementLLMISvc autoscaling and status visibility are now production-ready
HPA/KEDA scaling conditions are now visible in LLMISvc status, and readiness transitions emit k8s events. If you are operating LLMInferenceService, add these conditions to your monitoring dashboards and alerting. The --scaling flag in kserve-install.sh simplifies enabling autoscaling during fresh installs.
主な変更 (7)
- CVE fixes: vLLM setup and Pillow vulnerability patched; azure-core pinned to >=1.38.0 to address CVE-2026-21226
- LLMInferenceService gets HPA/KEDA scaling status bubbled up to service conditions, autoscaling e2e tests, and a --scaling flag in kserve-install.sh
- New LLMISvc observability: k8s events on readiness transitions, routing topology in status, workload references in status, ConfigNotFound condition surfaced
- Dual-protocol (REST/gRPC) routing added for InferenceService Standard mode
- Off-by-one bug fixed in the router splitter's pickupRoute random range — affects traffic splitting correctness
- LocalModelCache support added for LLMInferenceService; NodeSelector fix for jobs to fix PVC access
- Migration logic added for llm-d v0.6 component upgrades