Releases: gardener/gardener-extension-provider-aws
Releases · gardener/gardener-extension-provider-aws
v1.40.2
[machine-controller-manager-provider-aws]
🏃 Others
- [USER] Updated golang version to v1.19 (gardener/machine-controller-manager-provider-aws#98, @rishabh-11)
v1.40.1
[gardener-extension-provider-aws]
🐛 Bug Fixes
- [OPERATOR] Remove clusterrole label from aws-custom-route-controller as it prevents reconciliation on existing custom-route-controller deployments. (gardener/gardener-extension-provider-aws#653, @kon-angelo)
- Remove clusterrole and clusterrolebinding for custom-route-controller in seed-controlplane charts as they are not needed.
v1.40.0
[gardener-extension-provider-aws]
🏃 Others
- [OPERATOR] scheduler.alpha.kubernetes.io/critical-pod annotation is removed as pod priority (spec.priorityClassName) is used instead to mark pods as critical (gardener/gardener-extension-provider-aws#641, @dimitar-kostadinov)
- [OPERATOR] Adds a heartbeat controller that creates and renews a
Leaseresource namedgardener-extension-heartbeatin the namespace where the extension controller is deployed. ThisLeaseresource can be used by other controllers to check if theprovider-awsextension controller is running. (gardener/gardener-extension-provider-aws#642, @AleksandarSavchev) - [OPERATOR] Overlay networks for newly created calico shoot clusters are dropped now by default. To keep the overlay network
networking.providerConfig.overlay.enabled: trueneeds to be set explicitly in the shoot spec. (gardener/gardener-extension-provider-aws#635, @DockToFuture) - [DEPENDENCY] Dependency
github.com/gardener/gardeneris updatedv1.56.0->v1.59.0. (gardener/gardener-extension-provider-aws#642, @AleksandarSavchev)
v1.39.1
- [OPERATOR] Ignore permission boundary for
nodesIAM role (#636, @shaoyongfeng)
Contributors
shaoyongfeng
Assets 3
v1.39.0
[gardener-extension-provider-aws]
✨ New Features
- [USER] The aws extension does now support shoot clusters with Kubernetes version 1.25. You should consider the Kubernetes release notes before upgrading to 1.25. (gardener/gardener-extension-provider-aws#624, @shafeeqes)
🐛 Bug Fixes
- [USER] Disable automatic enablement of no-overlay network configuration for cluster >=1.22 (gardener/gardener-extension-provider-aws#622, @kon-angelo)
🏃 Others
- [OPERATOR] Add route table associations for VPC endpoints (gardener/gardener-extension-provider-aws#611, @MartinWeindel)
- [OPERATOR] Correctly enable aws custom route controller if required to ensure overlay free cluster operation. (gardener/gardener-extension-provider-aws#612, @ScheererJ)
- [OPERATOR] Update EBS CSI driver to
v1.11.3(gardener/gardener-extension-provider-aws#616, @kon-angelo) - [OPERATOR] Update pause container image to v3.8 (gardener/gardener-extension-provider-aws#627, @kon-angelo)
- [OPERATOR] Update golang for builder image:
1.18.3->1.19.2(gardener/gardener-extension-provider-aws#602, @MartinWeindel) - [DEPENDENCY] The following dependency is updated: (gardener/gardener-extension-provider-aws#609, @shafeeqes)
- github.com/gardener/gardener: v1.53.0 -> v1.56.0
- k8s.io/* : v0.24.3 -> v0.25.0
- sigs.k8s.io/controller-runtime: v0.12.1 -> v0.13.0
[machine-controller-manager-provider-aws]
🏃 Others
- [DEPENDENCY] The following dependency is updated: (gardener/machine-controller-manager-provider-aws#96, @shafeeqes)
- github.com/gardener/machine-controller-manager v0.46.1 -> 0.47.0
v1.38.2
[gardener-extension-provider-aws]
🐛 Bug Fixes
- [USER] Disable automatic enablement of no-overlay network configuration for cluster >=1.22 (gardener/gardener-extension-provider-aws#623, @kon-angelo)
v1.38.1
[gardener-extension-provider-aws]
🏃 Others
- [OPERATOR] Correctly enable aws custom route controller if required to ensure overlay free cluster operation. (gardener/gardener-extension-provider-aws#613, @kon-angelo)
v1.38.0
[gardener-extension-provider-aws]
⚠️ Breaking Changes
- [OPERATOR] This version of provider-aws requires Gardener v1.51+. (gardener/gardener-extension-provider-aws#566, @istvanballok)
- [OPERATOR] Please make sure you're running [email protected] or above before upgrading to this version. (gardener/gardener-extension-provider-aws#587, @shafeeqes)
✨ New Features
- [OPERATOR] Add optional custom-route-controller (gardener/gardener-extension-provider-aws#591, @MartinWeindel)
🏃 Others
- [USER] The following image is updated: (gardener/gardener-extension-provider-aws#594, @kon-angelo)
- k8s.gcr.io/provider-aws/aws-ebs-csi-driver: v1.9.0 -> 1.11.2
- [OPERATOR] Adjust metric name due to upgrading the kube-state-metrics component (gardener/gardener-extension-provider-aws#566, @istvanballok)
- [OPERATOR] The following dependency is updated: (gardener/gardener-extension-provider-aws#585, @shafeeqes)
- github.com/gardener/gardener: v1.50.1 -> v1.52.0
- [OPERATOR] All new calico aws shoot clusters with kubernetes >= 1.22 will be created without an overlay if not explicitly specified in the shoot spec. (gardener/gardener-extension-provider-aws#589, @ScheererJ)
- [OPERATOR] The
csi-driver-nodedaemonset now have its seccomp profile set to "RuntimeDefault". (gardener/gardener-extension-provider-aws#592, @dimityrmirchev) - [OPERATOR] Enable custom aws route controller per default for kubernetes >= 1.22 unless explicitly disabled. (gardener/gardener-extension-provider-aws#596, @ScheererJ)
- [OPERATOR] The
gardener.cloud-faststorage class is now deployed withvolumeBindingMode: WaitForFirstConsumer. This change is required if stateful pods with volumes have a topology relatedpodAffinityorpodAntiAffinitydefined, e.g. when Gardener creates control-planes for HA shoot clusters. (gardener/gardener-extension-provider-aws#597, @timuthy) - [OPERATOR]
QPSandBurstare set in the HealthCheckConfig passed to the Controller. (gardener/gardener-extension-provider-aws#598, @shafeeqes) - [OPERATOR] The memory limits of the aws cloud-controller-manager has been removed. (gardener/gardener-extension-provider-aws#605, @dkistner)
- [DEPENDENCY] The following dependency is updated: (gardener/gardener-extension-provider-aws#588, @shafeeqes)
- github.com/gardener/gardener: v1.52.0 -> v1.53.0
- k8s.io/* : v0.24.2 -> v0.24.3
[aws-custom-route-controller]
🐛 Bug Fixes
- [OPERATOR] Delete orphaned routes for nodes whose deletion was missed. (gardener/aws-custom-route-controller#1, @MartinWeindel)
[machine-controller-manager]
✨ New Features
- [USER] Bootstrap token replacement by MCM is now supported for Ignition userData format (gardener/machine-controller-manager#743, @Gerrit91)
🐛 Bug Fixes
- [OPERATOR] resourceName
machine-controlleradded for leases in clusterrole. Updated version of Clusterroles and Clusterrolebindings to v1. (gardener/machine-controller-manager#739, @rishabh-11) - [OPERATOR] resourceName
machine-controlleradded for leases in clusterrole. Updated version of Clusterroles and Clusterrolebindings to v1. (gardener/machine-controller-manager#738, @rishabh-11)
🏃 Others
- [OPERATOR] Migrated clients to use
policy/v1PodDisruptionBudgetfor kubernetes versions >= 1.21.policy/v1beta1PDB is also supported but for k8s < 1.21 (gardener/machine-controller-manager#744, @shafeeqes)
[machine-controller-manager-provider-aws]
✨ New Features
- [USER] Throughput is now configurable for volume types. Its validation i.e. whether it is allowed or not for the particular volume type and is within the range, is done on the provider(AWS) side. Currently only gp3 volume have configurable throughput. (gardener/machine-controller-manager-provider-aws#95, @rishabh-11)
[terraformer]
🏃 Others
- [OPERATOR] The golang base image is now updated to 1.16.15. The alpine base image is updated to 3.16.2. (gardener/terraformer#125, @kon-angelo)
v1.37.0
[gardener-extension-provider-aws]
⚠️ Breaking Changes
- [USER] The
gp2StorageClass is now removed. (gardener/gardener-extension-provider-aws#576, @StenlyTU) - [OPERATOR] This version of provider-aws requires Gardener v1.50.0. (gardener/gardener-extension-provider-aws#562, @ialidzhikov)
- [OPERATOR] This version of provider-aws requires Gardener v1.50+. (gardener/gardener-extension-provider-aws#571, @kris94)
✨ New Features
- [OPERATOR]
CloudProfileConfignow supports a new field.machineImages[].versions[].regions[].architecture. It specifies the supported CPU architecture of the given machine image AMI. (gardener/gardener-extension-provider-aws#565, @acumino) - [OPERATOR]
WorkerStatusnow supports a new field.machineImage[].architecture. It specifies the supported CPU architecture of the given worker pool. (gardener/gardener-extension-provider-aws#565, @acumino)
🐛 Bug Fixes
- [USER] Users can now set IOPS for a GP3 volume type. Validation of IOPS (i.e. whether it is allowed and is in the specified range for a volume type) is done on the AWS side, so feedback will arrive once the volume is created. (gardener/gardener-extension-provider-aws#561, @rishabh-11)
- [OPERATOR] provider-aws now mutates the
cluster-autoscalerDeployment by implementing theEnsureClusterAutoscalerDeploymentfunction. This is required in the context of kubernetes/autoscaler#4517 - cluster-autoscaler supports--feature-gatesflag and provider extensions have to mutate the cluster-autoscaler Deployment to add the CSI related feature gates to it. (gardener/gardener-extension-provider-aws#562, @ialidzhikov)
🏃 Others
- [USER] The following images are updated: (gardener/gardener-extension-provider-aws#540, @acumino)
- k8s.gcr.io/sig-storage/csi-provisioner: v2.1.2 -> v2.2.2 (for kubernetes < 1.20)
- k8s.gcr.io/sig-storage/csi-provisioner: v2.1.2 -> v3.2.0 (for kubernetes >= 1.20)
- k8s.gcr.io/sig-storage/csi-attacher: v3.3.0 -> v3.4.0
- k8s.gcr.io/sig-storage/csi-resizer: v0.5.0 -> v1.5.0
- k8s.gcr.io/sig-storage/csi-snapshotter: v3.0.3 -> v4.2.1 (for kubernetes >= 1.20)
- k8s.gcr.io/sig-storage/snapshot-validation-webhook: v3.0.3 -> v4.2.1 (for kubernetes >= 1.20)
- k8s.gcr.io/sig-storage/snapshot-controller: v3.0.3 -> v4.2.1 (for kubernetes >= 1.20)
- k8s.gcr.io/sig-storage/csi-node-driver-registrar: v1.3.0 -> v2.5.1
- k8s.gcr.io/sig-storage/livenessprobe: v2.3.0 -> v2.7.0
- [USER] The following image is updated: (gardener/gardener-extension-provider-aws#574, @ialidzhikov)
- k8s.gcr.io/provider-aws/aws-ebs-csi-driver: v1.5.3 -> v1.9.0
- [OPERATOR] The extension now uses
distrolessinstead ofalpineas a base image. (gardener/gardener-extension-provider-aws#564, @dimityrmirchev) - [OPERATOR] The following dependency is updated: (gardener/gardener-extension-provider-aws#568, @acumino)
- github.com/gardener/gardener: v1.48.0 -> v1.50.0
- [OPERATOR] Update golang version used to 1.18 (gardener/gardener-extension-provider-aws#569, @kon-angelo)
- [OPERATOR] Update MTU-resizer alpine image (gardener/gardener-extension-provider-aws#579, @kon-angelo)
[aws-lb-readvertiser]
🏃 Others
- [OPERATOR] Use
go modinstead ofdep(gardener/aws-lb-readvertiser#21, @kon-angelo)- Update golang version used.
- [OPERATOR] The
aws-lb-readvertisernow usesdistrolessinstead ofalpineas a base image. (gardener/aws-lb-readvertiser#23, @dimityrmirchev)
[machine-controller-manager]
⚠️ Breaking Changes
- [OPERATOR] The default leader election resource lock of
machine-controller-managerhas been changed fromendpointsleasestoleases. (gardener/machine-controller-manager#711, @acumino)- Please make sure, that you had at least
[email protected]running before upgrading tov0.46.0, so that it has successfully acquired leadership with the hybrid resource lock (endpointsleases) at least once.
- Please make sure, that you had at least
🐛 Bug Fixes
- [USER] Rollout freeze won't happen due to
Unknownmachines now. (gardener/machine-controller-manager#733, @himanshu-kun)
🏃 Others
- [OPERATOR] Published docker images for Machine-Controller-Manager are now multi-arch ready. They support
linux/amd64andlinux/arm64. (gardener/machine-controller-manager#732, @timuthy) - [OPERATOR] The
machine-controller-managercontainer now usesdistrolessinstead ofalpineas a base image. (gardener/machine-controller-manager#734, @dimityrmirchev)
[machine-controller-manager-provider-aws]
🏃 Others
- [OPERATOR] machine-controller-manager-provider-aws now uses
distrolessinstead ofalpineas a base image. (gardener/machine-controller-manager-provider-aws#90, @ialidzhikov) - [DEVELOPER] probeResources() now doesn't try to delete orphan resources but only lists them. (gardener/machine-controller-manager-provider-aws#85, @Mkmittal)
- The beforeSuite for IT test now calls for cleanup of orphan resources separately.
- The Integration Test, which looks for orphan resources, now doesn't try to delete the orphan resources and just waits for them to be done automatically.
[terraformer]
🏃 Others
- [OPERATOR] Terraform google provider is updated to v4.19.0 (gardener/terraformer#119, @bd3lage)
v1.36.0
[gardener-extension-provider-aws]
⚠️ Breaking Changes
- [OPERATOR] This version of admission-aws requires the SecretBinding provider controller to be enabled - enabled by default for gardener-controller-manager >= 1.42 or can be enabled via the gardener-controller-manager component config. (gardener/gardener-extension-provider-aws#551, @ialidzhikov)
- [OPERATOR] This extension is only compatible with Gardener versions
>= v1.37. (gardener/gardener-extension-provider-aws#538, @timebertt)
✨ New Features
- [USER] The AWS extension does now support shoot clusters with Kubernetes version 1.24. You should consider the Kubernetes release notes before upgrading to 1.24. (gardener/gardener-extension-provider-aws#553, @acumino)
- [OPERATOR] The extension does now automatically rotate its webhook CA and server certificates each
30d. (gardener/gardener-extension-provider-aws#550, @rfranzke) - [OPERATOR] This extension is prepared to support the Shoot
ServiceAccountsigning key rotation feature (see documentation). (gardener/gardener-extension-provider-aws#550, @rfranzke) - [OPERATOR] This extension is prepared to support the Shoot CA rotation feature (GEP-18). (gardener/gardener-extension-provider-aws#538, @timebertt)
🐛 Bug Fixes
- [OPERATOR] An issue causing admission-aws to fail a Shoot creation request with
.spec.provider.infrastructureConfig=nilwith 500 Internal server error is now fixed. admission-aws now properly indicates in the response that the corresponding field is required. (gardener/gardener-extension-provider-aws#549, @ialidzhikov)
📖 Documentation
- [USER] add link to K8s v1.23 conformance tests (gardener/gardener-extension-provider-aws#537, @hendrikKahl)
- [DEPENDENCY] Paths transformations in .docforge/manifest.yaml for simplification (gardener/gardener-extension-provider-aws#517, @Kostov6)
🏃 Others
- [USER] The following image is updated: (gardener/gardener-extension-provider-aws#541, @kon-angelo)
- k8s.gcr.io/provider-aws/aws-ebs-csi-driver: v1.5.0 -> v1.5.3
- [OPERATOR] The following image is updated: (gardener/gardener-extension-provider-aws#553, @acumino)
- eu.gcr.io/gardener-project/kubernetes/cloud-provider-aws: 1.23.6 -> 1.24.0(For shoots with Kubernetes version 1.24)
- [OPERATOR] The Secrets webhook of admission-aws: (gardener/gardener-extension-provider-aws#551, @ialidzhikov)
- no longer intercepts every Secret UPDATE request but only requests for Secrets that are associated with a SecretBinding with
provider.type=aws. - no longer needs to list Shoots (hence, no cache for Shoots)
- no longer intercepts every Secret UPDATE request but only requests for Secrets that are associated with a SecretBinding with
- [OPERATOR] The admission-aws component introduces a new SecretBinding validator. It validates requests for SecretBindings and checks whether the SecretBinding refers to a valid AWS Secret. (gardener/gardener-extension-provider-aws#551, @ialidzhikov)
- [OPERATOR] The following images used by the mtu-customizer DaemonSet are updated: (gardener/gardener-extension-provider-aws#548, @ialidzhikov)
- alpine: 3.12.1 -> 3.15.4
- k8s.gcr.io/pause: 3.1 -> 3.7
- [OPERATOR] The dashboards: Cloud Controller Manager and CSI Driver are removed from Grafana (gardener/gardener-extension-provider-aws#534, @Kristian-ZH)
- [OPERATOR] The resource requests and limits for components (seed and shoot) managed by the
provider-awsextension has been adapted based on a production environment analysis. This is done to avoid OOMKills and cpu throttling situations. Furthermore the vpaminAllowedsettings are now aligned with the cpu and memory request of the respective component` (gardener/gardener-extension-provider-aws#527, @dkistner)
[aws-lb-readvertiser]
🏃 Others
- [OPERATOR] Updated alpine base image to
v3.15.4(gardener/aws-lb-readvertiser#20, @kon-angelo) - [OPERATOR] The release tags from now are prefixed with
v. (gardener/aws-lb-readvertiser#18, @ialidzhikov)
[cloud-provider-aws]
✨ New Features
- [DEPENDENCY]
k8s.io/legacy-cloud-providersis now updated tov1.21.12. (gardener/cloud-provider-aws@6e0c40b2ccad) - [DEPENDENCY]
k8s.io/legacy-cloud-providersis now updated tov1.22.9. (gardener/cloud-provider-aws@a8cb9b6b1aba) - [DEPENDENCY]
k8s.io/legacy-cloud-providersis now updated tov1.23.6. (gardener/cloud-provider-aws@47e83c698b7b)
🏃 Others
- [DEVELOPER] The alpine version has been updated to
v3.15.4. (gardener/cloud-provider-aws@d451e4ca38fc) - [DEVELOPER] The Golang version has been updated to
v1.16.15. (gardener/cloud-provider-aws@d451e4ca38fc) - [DEVELOPER] The alpine version has been updated to
v3.15.4. (gardener/cloud-provider-aws@9a33c6496ef4) - [DEVELOPER] The Golang version has been updated to
v1.16.15. (gardener/cloud-provider-aws@9a33c6496ef4) - [DEVELOPER] The alpine version has been updated to
v3.15.4. (gardener/cloud-provider-aws@c8f610c5c43f) - [DEVELOPER] The Golang version has been updated to
v1.17.9. (gardener/cloud-provider-aws@c8f610c5c43f)
[machine-controller-manager]
📖 Documentation
- [USER] upgraded k8s dependecy to v1.22.9 (revendor in providers required to see effects) (gardener/machine-controller-manager#721, @Mkmittal)
- [DEPENDENCY] Paths transformations in .docforge/manifest.yaml for simplification (gardener/machine-controller-manager#689, @Kostov6)
🏃 Others
- [OPERATOR] Base image updated to alpine
v3.15.4and build image to golang1.17.9. (gardener/machine-controller-manager#713, @himanshu-kun) - [DEPENDENCY] K8s dependency upgraded to 1.21.12 (gardener/machine-controller-manager#719, @Mkmittal)
[machine-controller-manager-provider-aws]
📰 Noteworthy
- [OPERATOR] upgraded to mcm version 0.45.0 (gardener/machine-controller-manager-provider-aws#88, @rfranzke)
[terraformer]
🏃 Others
- [OPERATOR] Update alpine to 3.15.4 (gardener/terraformer#117, @rfranzke)