v1.36.0
·
1102 commits
to master
since this release
[gardener-extension-provider-aws]
⚠️ Breaking Changes
- [OPERATOR] This version of admission-aws requires the SecretBinding provider controller to be enabled - enabled by default for gardener-controller-manager >= 1.42 or can be enabled via the gardener-controller-manager component config. (gardener/gardener-extension-provider-aws#551, @ialidzhikov)
- [OPERATOR] This extension is only compatible with Gardener versions
>= v1.37. (gardener/gardener-extension-provider-aws#538, @timebertt)
✨ New Features
- [USER] The AWS extension does now support shoot clusters with Kubernetes version 1.24. You should consider the Kubernetes release notes before upgrading to 1.24. (gardener/gardener-extension-provider-aws#553, @acumino)
- [OPERATOR] The extension does now automatically rotate its webhook CA and server certificates each
30d. (gardener/gardener-extension-provider-aws#550, @rfranzke) - [OPERATOR] This extension is prepared to support the Shoot
ServiceAccountsigning key rotation feature (see documentation). (gardener/gardener-extension-provider-aws#550, @rfranzke) - [OPERATOR] This extension is prepared to support the Shoot CA rotation feature (GEP-18). (gardener/gardener-extension-provider-aws#538, @timebertt)
🐛 Bug Fixes
- [OPERATOR] An issue causing admission-aws to fail a Shoot creation request with
.spec.provider.infrastructureConfig=nilwith 500 Internal server error is now fixed. admission-aws now properly indicates in the response that the corresponding field is required. (gardener/gardener-extension-provider-aws#549, @ialidzhikov)
📖 Documentation
- [USER] add link to K8s v1.23 conformance tests (gardener/gardener-extension-provider-aws#537, @hendrikKahl)
- [DEPENDENCY] Paths transformations in .docforge/manifest.yaml for simplification (gardener/gardener-extension-provider-aws#517, @Kostov6)
🏃 Others
- [USER] The following image is updated: (gardener/gardener-extension-provider-aws#541, @kon-angelo)
- k8s.gcr.io/provider-aws/aws-ebs-csi-driver: v1.5.0 -> v1.5.3
- [OPERATOR] The following image is updated: (gardener/gardener-extension-provider-aws#553, @acumino)
- eu.gcr.io/gardener-project/kubernetes/cloud-provider-aws: 1.23.6 -> 1.24.0(For shoots with Kubernetes version 1.24)
- [OPERATOR] The Secrets webhook of admission-aws: (gardener/gardener-extension-provider-aws#551, @ialidzhikov)
- no longer intercepts every Secret UPDATE request but only requests for Secrets that are associated with a SecretBinding with
provider.type=aws. - no longer needs to list Shoots (hence, no cache for Shoots)
- no longer intercepts every Secret UPDATE request but only requests for Secrets that are associated with a SecretBinding with
- [OPERATOR] The admission-aws component introduces a new SecretBinding validator. It validates requests for SecretBindings and checks whether the SecretBinding refers to a valid AWS Secret. (gardener/gardener-extension-provider-aws#551, @ialidzhikov)
- [OPERATOR] The following images used by the mtu-customizer DaemonSet are updated: (gardener/gardener-extension-provider-aws#548, @ialidzhikov)
- alpine: 3.12.1 -> 3.15.4
- k8s.gcr.io/pause: 3.1 -> 3.7
- [OPERATOR] The dashboards: Cloud Controller Manager and CSI Driver are removed from Grafana (gardener/gardener-extension-provider-aws#534, @Kristian-ZH)
- [OPERATOR] The resource requests and limits for components (seed and shoot) managed by the
provider-awsextension has been adapted based on a production environment analysis. This is done to avoid OOMKills and cpu throttling situations. Furthermore the vpaminAllowedsettings are now aligned with the cpu and memory request of the respective component` (gardener/gardener-extension-provider-aws#527, @dkistner)
[aws-lb-readvertiser]
🏃 Others
- [OPERATOR] Updated alpine base image to
v3.15.4(gardener/aws-lb-readvertiser#20, @kon-angelo) - [OPERATOR] The release tags from now are prefixed with
v. (gardener/aws-lb-readvertiser#18, @ialidzhikov)
[cloud-provider-aws]
✨ New Features
- [DEPENDENCY]
k8s.io/legacy-cloud-providersis now updated tov1.21.12. (gardener/cloud-provider-aws@6e0c40b2ccad) - [DEPENDENCY]
k8s.io/legacy-cloud-providersis now updated tov1.22.9. (gardener/cloud-provider-aws@a8cb9b6b1aba) - [DEPENDENCY]
k8s.io/legacy-cloud-providersis now updated tov1.23.6. (gardener/cloud-provider-aws@47e83c698b7b)
🏃 Others
- [DEVELOPER] The alpine version has been updated to
v3.15.4. (gardener/cloud-provider-aws@d451e4ca38fc) - [DEVELOPER] The Golang version has been updated to
v1.16.15. (gardener/cloud-provider-aws@d451e4ca38fc) - [DEVELOPER] The alpine version has been updated to
v3.15.4. (gardener/cloud-provider-aws@9a33c6496ef4) - [DEVELOPER] The Golang version has been updated to
v1.16.15. (gardener/cloud-provider-aws@9a33c6496ef4) - [DEVELOPER] The alpine version has been updated to
v3.15.4. (gardener/cloud-provider-aws@c8f610c5c43f) - [DEVELOPER] The Golang version has been updated to
v1.17.9. (gardener/cloud-provider-aws@c8f610c5c43f)
[machine-controller-manager]
📖 Documentation
- [USER] upgraded k8s dependecy to v1.22.9 (revendor in providers required to see effects) (gardener/machine-controller-manager#721, @Mkmittal)
- [DEPENDENCY] Paths transformations in .docforge/manifest.yaml for simplification (gardener/machine-controller-manager#689, @Kostov6)
🏃 Others
- [OPERATOR] Base image updated to alpine
v3.15.4and build image to golang1.17.9. (gardener/machine-controller-manager#713, @himanshu-kun) - [DEPENDENCY] K8s dependency upgraded to 1.21.12 (gardener/machine-controller-manager#719, @Mkmittal)
[machine-controller-manager-provider-aws]
📰 Noteworthy
- [OPERATOR] upgraded to mcm version 0.45.0 (gardener/machine-controller-manager-provider-aws#88, @rfranzke)
[terraformer]
🏃 Others
- [OPERATOR] Update alpine to 3.15.4 (gardener/terraformer#117, @rfranzke)