v1.8.1

Changelog since v1.8.0

Changes by Kind

Feature

• Add support for Kubernetes 1.30 (#3215, @kubermatic-bot)
• Refactor the cluster upgrade process to adhere to the Kubernetes recommendations by updating ConfigMaps used by Kubeadm instead of providing the full config to Kubeadm itself. This change should not have any effect to cluster upgrades, but if you encounter any issue, please create an issue in the KubeOne repository (#3253, @kubermatic-bot)
• KubeOne now runs kubeadm upgrade apply without the --certificate-renewal=true flag. This change should not have any effect to the upgrade process, but if you discover any issue, please create a new issue in the KubeOne repository (#3242, @kubermatic-bot)
• Add default VolumeSnapshotClass for all supported providers as part of the default-storage-class addon (#3275, @kubermatic-bot)

Bug or Regression

• Fix snapshot-webhook admitting non-supported objects (VolumeSnapshots and VolumeSnapshotContents). This fixes an issue that caused inability to create new VolumeSnapshots (#3275, @kubermatic-bot)
• Ensure apparmor-utils package is installed on Ubuntu as it's required for kubelet to function properly (#3235, @kubermatic-bot)
• Load the CA bundle before any addon installations to resolve issues with untrusted TLS connections in environments with self-signed certificates (#3247, @kubermatic-bot)
• Fix deletion issues for local Helm charts (#3268, @kubermatic-bot)

Updates

• Upgrade control plane components:
  • Update NodeLocalDNS to v1.23.1
  • Update AWS CCM to v1.30.1, v1.29.3, v1.28.6, and v1.27.7
  • Update CSI snapshot controller and webhook to v8.0.1
  • Update AWS EBS CSI driver to v1.31.0
  • Update Azure CCM to v1.30.3 for Kubernetes 1.30 clusters
  • Update AzureFile CSI driver to v1.30.2
  • Update AzureDisk CSI driver to v1.30.1
  • Update DigitalOcean CCM to v0.1.53
  • Update DigitalOcean CSI to v4.10.0
  • Update Hetzner CSI to v2.7.0
  • Update OpenStack CCM and CSI to v1.30.0 for Kubernetes 1.30 clusters
  • Update vSphere CCM to v1.30.1 for Kubernetes 1.30 clusters
  • Update vSphere CSI driver to v3.2.0
  • Update GCP Compute CSI driver to v1.13.2
  • Update Cilium to v1.15.6
  • Update cluster-autoscaler to v1.30.1, v1.29.3, v1.28.5, and v1.27.8 (#3214, @kubermatic-bot)
• Update GCP CCM to v30.0.0 (Kubernetes 1.30), v29.0.0 (Kubernetes 1.29), v28.2.1 (Kubernetes 1.28 and 1.27) (#3241, #3284, @kubermatic-bot)
• Update Canal CNI to v3.27.3 (#3200, @kubermatic-bot)
• Bind the csi-snapshotter image to v8.0.1 for all providers that are supporting snapshotting volumes (#3270, @kubermatic-bot)

Terraform Configs

• Fix the default Rocky Linux EC2 image filter query in the example Terraform configs for AWS (#3262, @kubermatic-bot)
• Add bastion host support to the example Terraform configs for VMware Virtual Cloud Director (VCD) (#3278, @kubermatic-bot)

v1.8.0

We're happy to announce a new KubeOne minor release — KubeOne 1.8! Please consult the changelog below, as well as, the following two documents before upgrading:

• Upgrading from KubeOne 1.7 to 1.8 guide
• Known Issues in KubeOne 1.8

Changelog since v1.7.0

Urgent Upgrade Notes

(No, really, you MUST read this before you upgrade)

• Refactor example Terraform configs for Hetzner to randomly generate the private network subnet in order to support creating multiple KubeOne clusters (#3152, @xmudrii)
• The example Terraform configs for Azure have been migrated to use the Standard SKU for IP addresses. This is a breaking change for existing setups; in which case you should continue using your current SKU. Manual migration is possible by dissociating IP from the VM and LB, the migrating it, and assigning it back, however please consider all potential risks before doing this migration (#3149, @kron4eg)
• Credentials defined in the credentials file now have precedence over credentials defined via environment variables. This change is made to match the behavior that's already documented in the KubeOne docs. If you use both the credentials file and the environment variables, we recommend double-checking your credentials file to make sure the credentials are up to date, as those credentials will be applied on the next kubeone apply run (#2991, @kron4eg)
• kured has been removed, you have to re-enable it back in form of helmRelease (#3024, @kron4eg)
• OSM: The latest Ubuntu 22.04 images on Azure have modified the configuration for cloud-init and how it accesses its datasource in Azure, in a breaking way. If you're having an Azure cluster, it's required to refresh your machines with the latest provided OSPs to ensure that a system-wide package update doesn't result in broken machines. (#3172, @xrstf)
• Support for Docker is removed; containerRuntime.docker became a no-op. (#3008, @kron4eg)

Checksums

SHA256 checksums can be found in the kubeone_1.8.0_checksums.txt file.

v1.8.0-rc.0

⚠️ This is a release candidate and should not be used for any production-grade setup. Things might not be working. Use at your own risk.

v1.8.0-beta.0

⚠️ This is a beta release and should not be used for any production-grade setup. Things might not be working. Use at your own risk.

v1.7.4

Changelog since v1.7.3

Urgent Upgrade Notes

(No, really, you MUST read this before you upgrade)

• Update operating-system-manager to v1.3.5. The latest Ubuntu 22.04 images ship with cloud-init 24.x package. This package has breaking changes and thus rendered our OperatingSystemProfiles (OSPs) as incompatible. It's recommended to refresh your machines with the latest provided OSPs to ensure that a system-wide package update, that updates cloud-init to 24.x, doesn't break the machines. (#3163, @xrstf)

Changes by Kind

Bug or Regression

• Clean yum cache upon configuring Kubernetes repos. This fixes an issue with cluster upgrades failing on nodes with an older yum version (#3147, @kubermatic-bot)
• Deploy user defined addons before the external CCM initialization. This fixes an issue with cluster provisioning for users that use both external CCM and external CNI (#3068, @kubermatic-bot)
• Fix cluster upgrades on Debian hosts with deprecated Kubernetes repositories (#3084, @kubermatic-bot)

Updates

machine-controller

• Update machine-controller to v1.57.6 (#3064, @ahmedwaleedmalik)

Checksums

SHA256 checksums can be found in the kubeone_1.7.4_checksums.txt file.

v1.6.6

Changelog since v1.6.5

Urgent Upgrade Notes

(No, really, you MUST read this before you upgrade)

• Update operating-system-manager to v1.2.5. The latest Ubuntu 22.04 images ship with cloud-init 24.x package. This package has breaking changes and thus rendered our OperatingSystemProfiles (OSPs) as incompatible. It's recommended to refresh your machines with the latest provided OSPs to ensure that a system-wide package update, that updates cloud-init to 24.x, doesn't break the machines. (#3164, @xrstf)

Changes by Kind

Bug or Regression

• Clean yum cache upon configuring Kubernetes repos. This fixes an issue with cluster upgrades failing on nodes with an older yum version (#3148, @kubermatic-bot)
• Fix cluster upgrades on Debian hosts with deprecated Kubernetes repositories (#3083, @kubermatic-bot)

Checksums

SHA256 checksums can be found in the kubeone_1.6.6_checksums.txt file.

v1.7.3

Changelog since v1.7.2

Changes by Kind

Feature

• Enforce etcd v3.5.10 for Kubernetes versions that use an older etcd version. This etcd version includes some important stability, reliability, and security fixes (#3004, @kubermatic-bot)

Bug or Regression

• Fix KubeOne failing to provision and upgrade Flatcar control plane and static worker nodes due to torcx removal (#3041, @kron4eg)
• Fix Helm deploying resources in the wrong namespace (#3001, @kubermatic-bot)
• Improve error messages when working with remote files over SSH (#3054, @kubermatic-bot)

Updates

machine-controller

• Update machine-controller to v1.57.5 (#3057, @xmudrii)

operating-system-manager

• Update operating-system-manager to v1.3.4 (#3041, @kron4eg)

Go

• KubeOne is now built with Go 1.21.6 (#3060, @xmudrii)

Checksums

SHA256 checksums can be found in the kubeone_1.7.3_checksums.txt file.

v1.6.5

Changelog since v1.6.4

Changes by Kind

Feature

• Enforce etcd v3.5.10 for Kubernetes versions that use an older etcd version. This etcd version includes some important stability, reliability, and security fixes (#3003, @kubermatic-bot)

Bug or Regression

• Fix KubeOne failing to provision and upgrade Flatcar control plane and static worker nodes due to torcx removal (#3042, @kron4eg)
• Improve error messages when working with remote files over SSH (#3053, @kubermatic-bot)

Updates

machine-controller

• Update machine-controller to v1.56.6 (#3058, @xmudrii)

operating-system-manager

• Update operating-system-manager to v1.2.4 (#3042, @kron4eg)

Addons

• Update backup-restic addon to use etcd 3.5.11 for creating etcd snapshots (#2983, @kubermatic-bot)

Checksums

SHA256 checksums can be found in the kubeone_1.6.5_checksums.txt file.

v1.7.2

Changelog since v1.7.1

Urgent Upgrade Notes

(No, really, you MUST read this before you upgrade)

• Fix determining the CLUSTER_NAME environment variable for OpenStack CCM DaemonSet and OpenStack Cinder CSI Deployment. This fixes a regression where the cluster name was changed to kubernetes upon running kubeone apply two or more times after upgrading from KubeOne 1.6 to KubeOne 1.7. This regression might affect Octavia Load Balancers, making them fail to reconcile. Please check the known issues document to find if you're affected by this issue and what steps you need to take if you're affected (#2979, @kubermatic-bot)

Changes by Kind

Bug or Regression

• Delete AzureDisk's csi-azuredisk-node-secret-binding ClusterRoleBinding if RoleRef's name is csi-azuredisk-node-sa to allow upgrading KubeOne from 1.6 to 1.7 (#2984, @kubermatic-bot)
• Increase the memory requests and limits from 300Mi to 600Mi for cluster-autoscaler to prevent cluster-autoscaler from being OOMKilled (#2979, @kubermatic-bot)

Updates

machine-controller

• Update machine-controller to v1.57.4 (#2989, @xmudrii)

Addons

• Update backup-restic addon to use etcd 3.5.11 for creating etcd snapshots (#2982, @kubermatic-bot)

Go

• KubeOne is now built with Go 1.21.5 (#2989, @xmudrii)

Checksums

SHA256 checksums can be found in the kubeone_1.7.2_checksums.txt file.

v1.7.1

Changelog since v1.7.0

Changes by Kind

Feature

• Allow setting CCM_CONCURRENT_SERVICE_SYNCS parameter on CCM addons to configure number of concurrent LoadBalancer service reconciles (#2918, @kubermatic-bot)
• Support for customizing vAppName for VMware Cloud Director CSI driver (#2956, @kubermatic-bot)

Bug or Regression

• Fix a bug with the VMware Cloud Director CSI driver addon where it would crash if no VCD_API_TOKEN is set (#2956, @kubermatic-bot)
• Fix a bug where wildcard registry name provided to the machine-controller-webhook Deployment is not properly escaped (#2928, @kubermatic-bot)
• Fix a bug where kubeadm init and kubeadm join report that the containerRuntimeEndpoint field in KubeletConfiguration doesn't exist for clusters running Kubernetes versions prior to 1.27 (#2940, @kubermatic-bot)
• Fix a bug where registryConfiguration.OverrideRegistry wasn't correctly applied to the pause image configured for control plane and static worker nodes (#2930, @kubermatic-bot)
• Fix a bug where the CA bundle was not propagated to the vSphere CSI driver (#2907, @kubermatic-bot)
• Fix a globbing issue for apt-get install causing KubeOne to install wrong Kubernetes version in some circumstances (#2959, @kubermatic-bot)
• Fix incorrect validation that made VCD_API_TOKEN unusable for VMware Cloud Director (#2946, @kubermatic-bot)

Updates

Core Components

• Update metrics-server and cluster-autoscaler to the latest patch releases (#2957, @xmudrii)
• Update Canal to v3.26.3 (#2957, @xmudrii)
• Update Calico VXLAN to v3.26.3 (#2957, @xmudrii)
• Update Cilium to v1.14.3 (#2957, @xmudrii)

Go

• KubeOne is now built with Go 1.21.3 (#2954, @xmudrii)

Other (Cleanup or Flake)

• Store GPG keys for package repositories in /etc/apt/keyrings instead of deprecated apt-key-add command (#2920, @kubermatic-bot)
• Download cri-tools from the Kubernetes package repositories instead of the Amazon Linux 2 package repositories on instances running Amazon Linux 2 (#2951, @kubermatic-bot)
• Update CRDs for the operating-system-manager (OSM) addon (#2935, @kubermatic-bot)

Checksums

SHA256 checksums can be found in the kubeone_1.7.1_checksums.txt file.