-
Notifications
You must be signed in to change notification settings - Fork 450
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support for Kubernetes v1.26 #7275
Commits on Jan 13, 2023
-
Configuration menu - View commit details
-
Copy full SHA for f3bc1aa - Browse repository at this point
Copy the full SHA f3bc1aaView commit details -
Configuration menu - View commit details
-
Copy full SHA for a394cc5 - Browse repository at this point
Copy the full SHA a394cc5View commit details -
Maintain Kubernetes feature gates
$ ./hack/compare-k8s-feature-gates.sh 1.25 1.26 Feature gates added in 1.26 compared to 1.25: APISelfSubjectReview AggregatedDiscoveryEndpoint ConsistentHTTPGetHandlers CrossNamespaceVolumeDataSource DynamicResourceAllocation EventedPLEG LegacyServiceAccountTokenTracking MinimizeIPTablesRestore PDBUnhealthyPodEvictionPolicy PodSchedulingReadiness StatefulSetStartOrdinal TopologyManagerPolicyAlphaOptions TopologyManagerPolicyBetaOptions TopologyManagerPolicyOptions ValidatingAdmissionPolicy WindowsHostNetwork Feature gates removed in 1.26 compared to 1.25: CSIMigrationOpenStack CSRDuration DefaultPodTopologySpread DynamicKubeletConfig IndexedJob NonPreemptingPriority PodAffinityNamespaceSelector PodOverhead PreferNominatedNode ServiceLBNodePortControl ServiceLoadBalancerClass SuspendJob Feature gates locked to default in 1.26 compared to 1.25: CPUManager CSIMigrationvSphere DelegateFSGroupToCSIDriver DevicePlugins DryRun EndpointSliceTerminatingCondition JobTrackingWithFinalizers KubeletCredentialProviders MixedProtocolLBService ServerSideApply ServiceIPStaticSubrange ServiceInternalTrafficPolicy WindowsHostProcessContainers
Configuration menu - View commit details
-
Copy full SHA for 232b514 - Browse repository at this point
Copy the full SHA 232b514View commit details -
Maintain
kube-apiserver
admission plugins$ ./hack/compare-k8s-admission-plugins.sh 1.25 1.26 Admission plugins added in 1.26 compared to 1.25: ValidatingAdmissionPolicy Admission plugins removed in 1.26 compared to 1.25:
Configuration menu - View commit details
-
Copy full SHA for 338c6f2 - Browse repository at this point
Copy the full SHA 338c6f2View commit details -
Maintain
ServiceAccount
names for the controllers part of `kube-con……troller-manager` $ ./hack/compare-k8s-controllers.sh 1.25 1.26 kube-controller-manager controllers added in 1.26 compared to 1.25: resource-claim-controller kube-controller-manager controllers removed in 1.26 compared to 1.25:
Configuration menu - View commit details
-
Copy full SHA for ff962d0 - Browse repository at this point
Copy the full SHA ff962d0View commit details -
Configuration menu - View commit details
-
Copy full SHA for a55300b - Browse repository at this point
Copy the full SHA a55300bView commit details -
Deprecate the
podEvictionTimeout
field in favor of newly introduced…… kube-apiserver fields The kube-controller-manager flag `--pod-eviction-timeout` is deprecated in favor of the kube-apiserver flags `--default-not-ready-toleration-seconds` and `--default-unreachable-toleration-seconds`. The `--pod-eviction-timeout` flag does not have effect when the taint besed eviction is enabled. The taint based eviction is beta (enabled by default) since Kubernetes 1.13 and GA since Kubernetes 1.18. For more details, see kubernetes/kubernetes#74651. This commit allows configuring the kube-apiserver flags `--default-not-ready-toleration-seconds` and `--default-unreachable-toleration-seconds`. The `podEvictionTimeout` field is deprecated in favor of the newly introduced fields. gardener-apiserver no longer defaults the `podEvictionTimeout` field. gardener-apiserver also returns a warning when the `podEvictionTimeout` field is set.
Configuration menu - View commit details
-
Copy full SHA for 7ffa5cd - Browse repository at this point
Copy the full SHA 7ffa5cdView commit details -
Adapt to the renaming of
etcd_db_total_size_in_bytes
metric to `api……server_storage_db_total_size_in_bytes` The metric `etcd_db_total_size_in_bytes` is renamed to `apiserver_storage_db_total_size_in_bytes`. Ref kubernetes/kubernetes#113310.
Configuration menu - View commit details
-
Copy full SHA for 0833292 - Browse repository at this point
Copy the full SHA 0833292View commit details -
Fix the Pod spec in
simple-load-deployment.yaml.tpl
Test runs of the integration test that uses this template prints the following warning about the issue in the template: ``` {"level":"info","ts":"2022-12-28T19:36:29.043+0200","logger":"KubeAPIWarningLogger","msg":"unknown field \"spec.template.spec.containers[0].nodeName\""} ```
Configuration menu - View commit details
-
Copy full SHA for dd56ae7 - Browse repository at this point
Copy the full SHA dd56ae7View commit details -
Update
docs/usage/shoot_credentials_rotation.md
After the removal of support for Kubernetes < 1.20 Shoot clusters (ref #6987), the kubeconfig Secret no longer has the `token` field. Basic auth cannot be enabled for K8s 1.19+ clusters, hence the kubeconfig Secret cannot contain the `username`/`password` fields anymore.
Configuration menu - View commit details
-
Copy full SHA for afdc518 - Browse repository at this point
Copy the full SHA afdc518View commit details -
Default
enableStaticTokenKubeconfig
to false for Shoots with K8s ve……rsion >= 1.26 This commit also adapts most of the testmachinery integration tests to use the `shoots/adminkubeconfig` subresource instead of the static kubeconfig. The Shoot creation intergration is still using the static kubeconfig and it is downloading it to `$TM_KUBECONFIG_PATH/shoot.config`. This commit sets `enableStaticTokenKubeconfig=true` until we figure out which tests/components are using this downloaded kubeconfig.
Configuration menu - View commit details
-
Copy full SHA for ed565e3 - Browse repository at this point
Copy the full SHA ed565e3View commit details -
Add constraint for K8s version < 1.26
The constraint `ConstraintK8sLess126` is currently not used by gardener/gardener but it is introduced for usage from the extensions.
Configuration menu - View commit details
-
Copy full SHA for 6450bc0 - Browse repository at this point
Copy the full SHA 6450bc0View commit details -
Configuration menu - View commit details
-
Copy full SHA for 3088761 - Browse repository at this point
Copy the full SHA 3088761View commit details -
Configuration menu - View commit details
-
Copy full SHA for d8932ad - Browse repository at this point
Copy the full SHA d8932adView commit details -
Configuration menu - View commit details
-
Copy full SHA for c427eb8 - Browse repository at this point
Copy the full SHA c427eb8View commit details -
Configuration menu - View commit details
-
Copy full SHA for dffb02d - Browse repository at this point
Copy the full SHA dffb02dView commit details -
Revert the K8s versions used for e2e tests
For the reasoning, see #7275 (comment)
Configuration menu - View commit details
-
Copy full SHA for 89e4f98 - Browse repository at this point
Copy the full SHA 89e4f98View commit details