Assets 4

Migrating from previous releases

// Special thanks to @davidmccormick who has contributed this migration note!

It is possible to safely migrate an existing kube-aws kubernetes cluster to the v0.11.0 release with the following limitations and warnings: -

  1. You can only migrate an existing cluster successfully from a v0.10.1 release cluster with Kubernetes.Networking.SelfHosting enabled.
  2. Upgrade all the stacks at once - do not attempt to do a partial upgrade.
  3. There will be a kubernetes apiserver outage during the upgrade after the new Networking stack has been created and before the first new Controller has become available (approximately 15-20 minutes). In-cluster applications that do not depend on the kubernetes api will be unaffected but apps and services that make calls to the kubernetes apis must be able to tollerate an outage and recover again.
  4. This release moves 'etcd' servers into their own separate cloudformation stack, which results in new 'etcd' servers being created in parrallel to the existing/legacy 'etcd' servers.
  5. During the upgrade, the existing kubernetes state is exported from the existing/legacy 'etcd' servers by the leader of the new etcd cluster, and imported into the new cluster.
  6. The existing 'etcd' servers are deleted as part of the clean up after the controlplane update succeeds.
  7. Once you have successfully upgraded to the v0.11.0 release with separate Etcd stack the next update will roll the 'etcd' servers removing the migration tools/units.

Features

Improvements

Bug fixes

  • #1290: Fix failing etcd volume attach when upgrading etcd instances(Thanks to @Confushion)
  • #1334: Fix flannel traffic among controllers(Thanks to @cheungpat)
  • #1335: Fix install-kube-system(Thanks to @c-knowles)
  • #1360: Fix duplicate controller role permissions for CloudWatch logging(Thanks to @A-Hilaly)
  • #1365: Fix for rpc-statd.service needed to mount NFS file shares(Thanks to @paalkr)
  • #1388: Fix colour causing extra newlines(Thanks to @davidmccormick)
  • #1418: Fix dep ensure empty package issue(Thanks to @davidmccormick)
  • #1426: Fix kube-proxy startup race condition when metric server is enabled.(Thanks to @omar-nahhas)
  • #1446: Fix mfdir setting to prevent controller install failure w/ KIAM disabled(Thanks to @kylegato)
  • #1448: fix: Attach kube-aws controller policy to pre-existing IAM role(Thanks to @Matei207)

Documentation

Refactorings

Other changes

@mumoshu mumoshu released this Jul 19, 2018

Assets 4

We generally recommend you to use v0.10.2 instead of v0.10.1 due to the issue.
Sorry for the inconvenience!

@mumoshu mumoshu released this Jul 17, 2018 · 2 commits to v0.10.x since this release

Assets 4

Please refer to the release note of the upcoming v0.11.0 release for migration steps.

Special thanks to @davidmccormick who contributed many enhancements that made it possible 🎉

@mumoshu mumoshu released this May 8, 2018 · 159 commits to master since this release

Assets 4

Fixed seemingly a critial bug found in v0.9.10. Use this release instead of the latest feature release v0.9.10.

Also, according to our direction to better utilize semantic versioning, this release has a minor version bump.
The next feature release would be v0.11.0. In case we get to cut the hotfix release, it will be versioned v0.10.1.

Bug fixes

  • #1281: Fix etcd breakage due to strange systemd behavior
  • #1282: Fix temporary kubelet.service failures
Assets 4

SEEMS TO BE BROKEN. See #1280 for more information. Probably v0.10.0 will be cut soon with the fix proposed there.

Changelog since v0.9.9

Please see our roadmap for details on upcoming releases.

Component versions

Kubernetes: v1.9.3
Etcd: v3.2.13
Calico: v
Helm/Tiller: v2.6.0

Actions required

Features

  • #1066: Added Priority to the admissioncontrol list(Thanks to @zonzamas)
  • #1074: Add [experimental] option for using IPVS proxy mode(Thanks to @ivanilves)
  • #1086: controlplane config: Rotate Certificates on workers kubelet(Thanks to @zonzamas)
  • #1090: Set V4 signatures to enable kube-resources-autosave to work in all regions(Thanks to @whereisaaron)
  • #1092: Allow exposing several ports so that external Prometheus can scrape K8S system components' metrics(Thanks to @zach-dunton-sf)
  • #1098: Add missing admission controllers(Thanks to @danielfm)
  • #1108: Add RotateKubeletClientCertificate feature gate automatically when rotating certificates(Thanks to @zonzamas)
  • #1113: Add support for CloudFormation service role
  • #1116: conditionally deploy kube-dns to controllers(Thanks to @zonzamas)
  • #1117: Add priorityClassName to cloud-config-controller(Thanks to @sergi)
  • #1123: Add [optional] explicit IAM role specification to NodeDrainer(Thanks to @ivanilves)
  • #1127: Swap out wget for curl in node drainer scripts(Thanks to @c-knowles)
  • #1129: Template kube-dns-autoscaler parameters(Thanks to @SomeoneWeird)
  • #1134: feat(integration): kiam support
  • #1141: Add Mutating/ValidatingAdmissionWebhook to Admission Control List(Thanks to @shraykay)
  • #1164: Apply Kiam TLS Secrets to kube-system(Thanks to @kevtaylor)
  • #1167: Change bash to sh in autosave(Thanks to @kevtaylor)
  • #1172: added autoscaling:DescribeAutoScalingGroups to stack-template(Thanks to @luck02)
  • #1177: Integrate s3-uri flag into cluster.yml(Thanks to @jorge07)
  • #1178: Ask for confirmation in destroy command(Thanks to @jorge07)
  • #1179: Correct insignificant error message typo(Thanks to @whereisaaron)
  • #1181: Enable DescribeLaunchConfigurations(Thanks to @luck02)
  • #1184: Add IAM roles for resources auto saver(Thanks to @kevtaylor)
  • #1195: Add networking-daemonsets feature(Thanks to @davidmccormick)
  • #1197: do not use metric server when metricsServers addon is disabled(Thanks to @Fsero)
  • #1201: Make CoreOS AMI ID mandatory in cluster YAML(Thanks to @jorge07)
  • #1202: Dedicated Service account / Cluster Role for Tiller Deploy(Thanks to @kylehodgetts)
  • #1205: core: add OwnerReferencesADM(Thanks to @luck02)
  • #1222: Add GPU support for kubernetes 1.9+ using device plugins(Thanks to @Lemmons)
  • #1227: Enable user provided service-account-signing-keys(Thanks to @davidmccormick)
  • #1228: Another implementation of user-data fingerprinting(Thanks to @davidmccormick)
  • #1234: handle kubectl apply failures by trying delete+create(Thanks to @davidmccormick)
  • #1235: Bug/flannel cni binary install(Thanks to @davidmccormick)
  • #1239: KIAMImage should affect server as well as client.(Thanks to @davidmccormick)
  • #1243: Admission Controller for PersistentVolumeClaimResize(Thanks to @kevtaylor)
  • #1244: Inherit controlplane Kubenetes-Newtworking config in node pools.(Thanks to @davidmccormick)
  • #1249: [Canal] Support tainted worker(Thanks to @ArchiFleKs)

Improvements

Bug fixes

Documentation

Refactorings

  • #1263: removed unused s3 flags from commands(Thanks to @pete911)

Other changes

  • #1114: Migrate to golang/dep
  • #1189: closes #1186 - commit generated templates so project can be imported(Thanks to @pete911)
  • #1224: closes #1223 added generated templates back to .gitignore(Thanks to @pete911)
Pre-release
Pre-release

@mumoshu mumoshu released this Apr 24, 2018 · 174 commits to master since this release

Assets 4

Changelog since v0.9.10-rc.4

Please see our roadmap for details on upcoming releases.

Features

Improvements

Documentation

Pre-release
Pre-release

@mumoshu mumoshu released this Apr 19, 2018 · 180 commits to master since this release

Assets 4

Changelog since v0.9.10-rc.3

Please see our roadmap for details on upcoming releases.

Component versions

Kubernetes: v1.9.3

Features

  • #1243: Admission Controller for PersistentVolumeClaimResize(Thanks to @kevtaylor)

Improvements

Pre-release
Pre-release

@mumoshu mumoshu released this Apr 13, 2018 · 186 commits to master since this release

Assets 4

Changelog since v0.9.10-rc.2

Please see our roadmap for details on upcoming releases.

Component versions

Kubernetes: v1.9.3

Features

  • #1236: Bump Kubernetes to v1.9.3
Pre-release

@mumoshu mumoshu released this Apr 12, 2018 · 188 commits to master since this release

Assets 4

Changelog since v0.9.10-rc.1

Improvements

Bug fixes

Assets 4

CAUTION: As the version number indicates, this is for testing-purpose! Please help us stabilize this release by reporting any issue you encounter

TODOs towards v0.9.10 final

  • Upgrade components to the latest stable version of Kubernetes v1.9.x, Etcd v3.2.x, Calico 2.x
  • Testing with various configuration switches (Especially with or without self-hosting flannel, new-way of GPU support)

Changelog since v0.9.9

Please see our roadmap for details on upcoming releases.

Component versions

Kubernetes: v
Etcd: v
Calico: v
Helm/Tiller: v

Actions required

Features

  • #1066: Added Priority to the admissioncontrol list(Thanks to @zonzamas)
  • #1074: Add [experimental] option for using IPVS proxy mode(Thanks to @ivanilves)
  • #1086: controlplane config: Rotate Certificates on workers kubelet(Thanks to @zonzamas)
  • #1090: Set V4 signatures to enable kube-resources-autosave to work in all regions(Thanks to @whereisaaron)
  • #1092: Allow exposing several ports so that external Prometheus can scrape K8S system components' metrics(Thanks to @zach-dunton-sf)
  • #1098: Add missing admission controllers(Thanks to @danielfm)
  • #1108: Add RotateKubeletClientCertificate feature gate automatically when rotating certificates(Thanks to @zonzamas)
  • #1113: Add support for CloudFormation service role
  • #1114: Migrate to golang/dep
  • #1116: conditionally deploy kube-dns to controllers(Thanks to @zonzamas)
  • #1117: Add priorityClassName to cloud-config-controller(Thanks to @sergi)
  • #1123: Add [optional] explicit IAM role specification to NodeDrainer(Thanks to @ivanilves)
  • #1127: Swap out wget for curl in node drainer scripts(Thanks to @c-knowles)
  • #1129: Template kube-dns-autoscaler parameters(Thanks to @SomeoneWeird)
  • #1134: feat(integration): kiam support
  • #1141: Add Mutating/ValidatingAdmissionWebhook to Admission Control List(Thanks to @shraykay)
  • #1164: Apply Kiam TLS Secrets to kube-system(Thanks to @kevtaylor)
  • #1167: Change bash to sh in autosave(Thanks to @kevtaylor)
  • #1172: added autoscaling:DescribeAutoScalingGroups to stack-template(Thanks to @luck02)
  • #1177: Integrate s3-uri flag into cluster.yml(Thanks to @jorge07)
  • #1178: Ask for confirmation in destroy command(Thanks to @jorge07)
  • #1179: Correct insignificant error message typo(Thanks to @whereisaaron)
  • #1181: Enable DescribeLaunchConfigurations(Thanks to @luck02)
  • #1184: Add IAM roles for resources auto saver(Thanks to @kevtaylor)
  • #1189: closes #1186 - commit generated templates so project can be imported(Thanks to @pete911)
  • #1195: Add networking-daemonsets feature(Thanks to @davidmccormick)
  • #1197: do not use metric server when metricsServers addon is disabled(Thanks to @Fsero)
  • #1201: Make CoreOS AMI ID mandatory in cluster YAML(Thanks to @jorge07)
  • #1202: Dedicated Service account / Cluster Role for Tiller Deploy(Thanks to @kylehodgetts)
  • #1205: core: add OwnerReferencesADM(Thanks to @luck02)
  • #1222: Add GPU support for kubernetes 1.9+ using device plugins(Thanks to @Lemmons)
  • #1224: closes #1223 added generated templates back to .gitignore(Thanks to @pete911)
  • #1227: Enable user provided service-account-signing-keys(Thanks to @davidmccormick)
  • #1228: Another implementation of user-data fingerprinting(Thanks to @davidmccormick)

Improvements

  • #1103: Update various components(Thanks to @camilb)
  • #1104: Bump Kubernetes version to 1.9.1. Use Google's hyperkube image.(Thanks to @camilb)
  • #1107: Warn that 'kube-aws update' can replace all if 'amiId' is blank(Thanks to @whereisaaron)

Bug fixes

  • #1095: fix restore.sh(Thanks to @skloss)
  • #1101: Fix kubelet.service startup.(Thanks to @camilb)
  • #1131: Fix Key name for kubernetesDashboardImage(Thanks to @bgeesaman)
  • #1171: Fix validation failure on gp2 volume type for node pools(Thanks to @luck02)
  • #1225: Fix synchronization on starting etcdadm-reconfigure(Thanks to @ktateish)
  • #1229: Fix issue with tiller having to restrictive permissions(Thanks to @kylehodgetts)

Documentation