v1.31.0

[gardener-extension-provider-aws]

🏃 Others

• [OPERATOR] Specified Elastic IP addresses are now validated: must exist & must not be already associated with another AWS resource. (gardener/gardener-extension-provider-aws#434, @danielfoehrKn)

[terraformer]

🏃 Others

• [OPERATOR] The following terraform provider plugins are updated: (gardener/terraformer#110, @ialidzhikov)
  • hashicorp/terraform-provider-aws: 3.63.0 -> 3.66.0

Docker Images

gardener-extension-provider-aws: eu.gcr.io/gardener-project/gardener/extensions/provider-aws:v1.31.0
gardener-extension-admission-aws: eu.gcr.io/gardener-project/gardener/extensions/admission-aws:v1.31.0

v1.30.1

[gardener-extension-provider-aws]

📖 Documentation

• [DEVELOPER] Kubernetes v1.22 conformance badge is now added to the README.md. (gardener/gardener-extension-provider-aws#447, @ialidzhikov)

Docker Images

gardener-extension-provider-aws: eu.gcr.io/gardener-project/gardener/extensions/provider-aws:v1.30.1
gardener-extension-admission-aws: eu.gcr.io/gardener-project/gardener/extensions/admission-aws:v1.30.1

v1.30.0

[gardener-extension-provider-aws]

✨ New Features

• [OPERATOR] Metrics exposed by provider-aws pods running on Seeds are now available in the Seed monitoring stack. (gardener/gardener-extension-provider-aws#428, @timebertt)
  • Scraping can be enabled/disabled via the metrics.enabled value in the Controller{Registration,Deployment} (enabled by default).
• [OPERATOR] The DNSRecord controller will now throttle its requests to the provider to avoid exceeding the provider rate limits. The throttling can be configured via the --dnsrecord-provider-client-qps and --dnsrecord-provider-client-burst options. (gardener/gardener-extension-provider-aws#425, @stoyanr)

🏃 Others

• [OPERATOR] The CPU limit of csi-driver-node/csi-driver is increased from 50m to 100m to allow bigger bursts. (gardener/gardener-extension-provider-aws#421, @timebertt)
• [DEVELOPER] The rewrite_tag filter in the logging configuration is replaced by modify one (gardener/gardener-extension-provider-aws#432, @vlvasilev)

[machine-controller-manager]

✨ New Features

• [USER] Added *expectedNodeDetails field to the MachineClass API (gardener/machine-controller-manager#644, @AxiomSamarth)

🐛 Bug Fixes

• [OPERATOR] A bug has been fixed in the pre-delivered CRD manifests for MCM (/kubernetes/crds). It caused data to be pruned from MCM related resources and led to reconciliation issues. (gardener/machine-controller-manager#641, @timuthy)

📖 Documentation

• [DEVELOPER] make generate now generates v1 version of CRDs by default instead of v1beta1. (gardener/machine-controller-manager#640, @himanshu-kun)

🏃 Others

• [USER] Update Kubernetes dependency versions to v1.20.6 (gardener/machine-controller-manager#601, @AxiomSamarth)

[terraformer]

🐛 Bug Fixes

• [DEVELOPER] A bug has been fixed preventing to use Terraformer with a Terraform version >= 0.13. (gardener/terraformer#102, @rfranzke)

🏃 Others

• [OPERATOR] The following terraform provider plugins are updated: (gardener/terraformer#104, @ialidzhikov)
  • hashicorp/terraform-provider-aws: 3.54.0 -> 3.63.0

Docker Images

gardener-extension-provider-aws: eu.gcr.io/gardener-project/gardener/extensions/provider-aws:v1.30.0
gardener-extension-admission-aws: eu.gcr.io/gardener-project/gardener/extensions/admission-aws:v1.30.0

v1.29.1

[gardener-extension-provider-aws]

🏃 Others

• [OPERATOR] The CPU limit of csi-driver-node/csi-driver is increased from 50m to 100m to allow bigger bursts. (gardener/gardener-extension-provider-aws#438, @ialidzhikov)

Docker Images

gardener-extension-provider-aws: eu.gcr.io/gardener-project/gardener/extensions/provider-aws:v1.29.1
gardener-extension-admission-aws: eu.gcr.io/gardener-project/gardener/extensions/admission-aws:v1.29.1

v1.29.0

[gardener-extension-provider-aws]

✨ New Features

• [USER] The AWS extension does now support shoot clusters with Kubernetes version 1.22. You should consider the Kubernetes release notes before upgrading to 1.22. (#396, @timuthy)
• [OPERATOR] VPC IDs in infrastructure config are now checked if they exist, have correct VPC attribute values, and have an internet gateway attached, and if not the issue is reported as ERR_CONFIGURATION_PROBLEM with a clear error message. (#403, @stoyanr)
• [DEVELOPER] Introducing a new field in the providerSpec of MachineClass for AWS called srcAndDstChecksEnabled which is true by default and when set to false will disable the source destination check on the AWS Instance (#386, @AxiomSamarth)

🏃 Others

• [USER] The following image is updated: (#411, @ialidzhikov)
  • k8s.gcr.io/provider-aws/aws-ebs-csi-driver: v1.1.1 -> v1.1.4 (see CHANGELOG)
• [DEVELOPER] Missing or wrong doc comments and a few other common style errors will now be reported by the linter. (#410, @stoyanr)

Docker Images

gardener-extension-provider-aws: eu.gcr.io/gardener-project/gardener/extensions/provider-aws:v1.29.0
gardener-extension-admission-aws: eu.gcr.io/gardener-project/gardener/extensions/admission-aws:v1.29.0

v1.28.1

[gardener-extension-provider-aws]

🏃 Others

• [USER] The following image is updated: (#412, @ialidzhikov)
  • k8s.gcr.io/provider-aws/aws-ebs-csi-driver: v1.1.1 -> v1.1.4 (see CHANGELOG)

Docker Images

gardener-extension-provider-aws: eu.gcr.io/gardener-project/gardener/extensions/provider-aws:v1.28.1
gardener-extension-admission-aws: eu.gcr.io/gardener-project/gardener/extensions/admission-aws:v1.28.1

v1.28.0

[gardener-extension-provider-aws]

✨ New Features

• [USER] Added AWS m6i machine type family (#393, @patrickhuy)

🏃 Others

• [USER] The following image is updated: (#383, @ialidzhikov)
  • k8s.gcr.io/sig-storage/csi-provisioner: v1.6.0 -> v2.1.2 (see CHANGELOG)
• [OPERATOR] Failures to reconcile DNSRecords due to a missing hosted zone or a DNS name not matching the zone name are now properly categorized as ERR_CONFIGURATION_PROBLEM. (#398, @stoyanr)
• [OPERATOR] machine-controller-manager logs are exposed to the end-users (#382, @vlvasilev)

[cloud-provider-aws]

🏃 Others

• [OPERATOR] k8s.io/legacy-cloud-providers is now updated to v0.18.20. (gardener-attic/cloud-provider-aws#12, @ialidzhikov)
• [OPERATOR] k8s.io/legacy-cloud-providers is now updated to v0.19.14. (gardener-attic/cloud-provider-aws#11, @vpnachev)
• [OPERATOR] k8s.io/legacy-cloud-providers is now updated to v0.20.10. (gardener-attic/cloud-provider-aws#9, @vpnachev)
• [OPERATOR] k8s.io/legacy-cloud-providers is now updated to v0.21.4. (gardener-attic/cloud-provider-aws#10, @vpnachev)

[machine-controller-manager-provider-aws]

✨ New Features

• [USER] A new boolean field called SrcAndDstChecksEnabled in the providerSpec of the MachineClass for AWS is introduced. The default value of this flag is true which retains current behavior. However, on setting this flag to false these checks are disabled. (gardener/machine-controller-manager-provider-aws#39, @AxiomSamarth)

[terraformer]

⚠️ Breaking Changes

• [DEVELOPER] Once the azurerm provider plugin is updated from v2.36.0 to v2.68.0 the skip_provider_registration flag in the provider section need to be set to true. (gardener/terraformer#99, @dkistner)

🏃 Others

• [OPERATOR] The following terraform provider plugins are updated: (gardener/terraformer#101, @ialidzhikov)
  • hashicorp/terraform-provider-aws: 3.32.0 -> 3.54.0
• [OPERATOR] The terraform azurerm provider plugin is updated from v2.36.0 to v2.68.0. (gardener/terraformer#99, @dkistner)

Docker Images

gardener-extension-provider-aws: eu.gcr.io/gardener-project/gardener/extensions/provider-aws:v1.28.0
gardener-extension-admission-aws: eu.gcr.io/gardener-project/gardener/extensions/admission-aws:v1.28.0

v1.27.0

[gardener-extension-provider-aws]

⚠️ Breaking Changes

• [USER] provider-aws does now require one additional permission (action) - iam:ListRolePolicies. For more details, see the corresponding announcement Upcoming change to AWS IAM policy. (#380, @ialidzhikov)

🏃 Others

• [USER] The following image is updated: (#376, @ialidzhikov)
  • k8s.gcr.io/provider-aws/aws-ebs-csi-driver: v1.1.0 -> v1.1.1 (see CHANGELOG)

[machine-controller-manager]

⚠️ Breaking Changes

• [OPERATOR] Draining of pods with PVs (Persistent Volume) now waits for re-attachment of PV on a different node when volumeAttachments support is enabled on the cluster. Else it falls back to the default PV reattachment timeout value configured. The default value is 90s and this can be overwritten via the machine-pv-reattach-timeout flag. Please enable permissions to allow listing of volumeAttachments resource while importing these changes. (gardener/machine-controller-manager#608, @prashanth26)

✨ New Features

• [USER] Increase default concurrent object syncs to 50 to allow more concurrent reconciles to occur. (gardener/machine-controller-manager#629, @prashanth26)
• [USER] Machine rollouts are now more as desired with the number of replicas always maintained to desired + maxSurge. Earlier machines in termination were left out of this calculation but now is considered with this change. (gardener/machine-controller-manager#627, @prashanth26)
• [OPERATOR] Finalizers will be added to the MachineClass which is used by at least one machine. Machines whose backing MachineClass does not have finalizers shall not be reconciled. (gardener/machine-controller-manager#593, @AxiomSamarth)
• [DEVELOPER] Replace integration test with unit test to test the functionality to freeze MachineSet (gardener/machine-controller-manager#620, @AxiomSamarth)

🐛 Bug Fixes

• [OPERATOR] Avoids blocking of drain call when the buffer is full for the volumeAttachmentHandlers. (gardener/machine-controller-manager#627, @prashanth26)
• [DEVELOPER] Test framework now fetches secrets from the correct (control) APIServer while running tests. (gardener/machine-controller-manager#617, @himanshu-kun)

🏃 Others

• [OPERATOR] Nodes attached to the cluster without MCM support are now annotated with "node.machine.sapcloud.io/notManagedByMCM": "1". This is then ignored by the MCM for further processing. (gardener/machine-controller-manager#612, @himanshu-kun)

[terraformer]

🏃 Others

• [OPERATOR] The following terraform provider plugins are updated: (gardener/terraformer#98, @ialidzhikov)
  • hashicorp/terraform-provider-aws: 3.18.0 -> 3.32.0
• [OPERATOR] The following terraform provider plugin is updated: (gardener/terraformer#96, @minchaow)
  • aliyun/terraform-provider-alicloud: 1.124.0 -> 1.124.2

Docker Images

gardener-extension-provider-aws: eu.gcr.io/gardener-project/gardener/extensions/provider-aws:v1.27.0
gardener-extension-admission-aws: eu.gcr.io/gardener-project/gardener/extensions/admission-aws:v1.27.0

v1.25.2

[gardener-extension-provider-aws]

🏃 Others

• [OPERATOR] An issue preventing csi-driver-node Pod to start because of too low memory recommendation by VPA is now fixed. (#373, @ialidzhikov)
• [OPERATOR] AWS CSI driver specific topology label "topology.ebs.csi.aws.com/zone" is set as a label on machine deployments to allow the proper working of cluster-autoscaler during scale-up. (#368, @himanshu-kun)

Docker Images

gardener-extension-provider-aws: eu.gcr.io/gardener-project/gardener/extensions/provider-aws:v1.25.2
gardener-extension-admission-aws: eu.gcr.io/gardener-project/gardener/extensions/admission-aws:v1.25.2

v1.26.0

[gardener-extension-provider-aws]

⚠️ Breaking Changes

• [OPERATOR] The default leader election resource lock of gardener-extension-provider-aws has been changed from configmapsleases to leases. (#348, @ialidzhikov)
  • Please make sure, that you had at least [email protected] running before upgrading to v1.26.0, so that it has successfully required leadership with the hybrid resource lock (configmapsleases) at least once.

✨ New Features

• [USER] The following images are updated (see CHANGELOG for more details): (#366, @ialidzhikov)
  • k8s.gcr.io/sig-storage/csi-snapshotter: v2.1.5 -> v3.0.3
  • k8s.gcr.io/sig-storage/snapshot-controller: v2.1.5 -> v3.0.3

🏃 Others

• [USER] The following image is updated: (#356, @ialidzhikov)
  • k8s.gcr.io/provider-aws/aws-ebs-csi-driver: v0.10.1 -> v1.1.0 (see CHANGELOG)
• [OPERATOR] An issue preventing csi-driver-node Pod to start because of too low memory recommendation by VPA is now fixed. (#369, @ialidzhikov)
• [OPERATOR] AWS CSI driver specific topology label "topology.ebs.csi.aws.com/zone" is set as a label on machine deployments to allow the proper working of cluster-autoscaler during scale-up. (#365, @himanshu-kun)
• [OPERATOR] It is now possible to overwrite the alpine and pause container images that are used in the extension controller helm chart (#358, @schrodit)
• [OPERATOR] Support for overwriting the CSI migration version was added. (#354, @rfranzke)
• [OPERATOR] When creating or updating shoots, any Kubernetes feature gates mentioned are validated against the Kubernetes version. If any feature gates are unknown or not supported in the Kubernetes version, the validation fails. (#353, @stoyanr)
• [OPERATOR] Validation of AWS cloud provider secrets is enhanced to reject accessKeyID that does not only contain alphanumeric characters, and secretAccessKey that does not only contain base64 characters. (#351, @stoyanr)

[terraformer]

🏃 Others

• [OPERATOR] The following terraform provider plugin is updated: (gardener/terraformer#95, @minchaow)
  • aliyun/terraform-provider-alicloud: 1.121.2 -> 1.124.0
• [OPERATOR] The terraform version for the alicloud, all, aws, azure, gcp, openstack, slim images is updated: (gardener/terraformer#94, @ialidzhikov)
  • hashicorp/terraform: 0.12.29 -> 0.12.31

Docker Images

gardener-extension-provider-aws: eu.gcr.io/gardener-project/gardener/extensions/provider-aws:v1.26.0
gardener-extension-admission-aws: eu.gcr.io/gardener-project/gardener/extensions/admission-aws:v1.26.0