Kubernetes-native system managing the full lifecycle of conformant Kubernetes clusters as a service on Alicloud, AWS, Azure, GCP, OpenStack, vSphere, KubeVirt, Hetzner, EquinixMetal, MetalStack, and OnMetal with minimal TCO.
OTHER License
Bot releases are hidden (Show)
Published by gardener-robot-ci-2 almost 3 years ago
garden*
) exposed by gardener-controller-manager and gardenlet are removed, as they will soon be replaced by controller-runtime built-in metrics. (gardener/gardener#4913, @timebertt).spec.{type,providerConfig}
fields in the ControllerRegistration
resource have now been dropped. Make sure to migrate to ControllerDeployment
s before updating to this Gardener version. (gardener/gardener#4864, @rfranzke)gardener-resource-manager
now requires operators to provide a TLS certificate and key for its webhook server. The respective directory can be configured with --tls-cert-dir
, bind address and port can be configured with --bind-address
and --port
, respectively. (gardener/gardener#4817, @rfranzke)garden.sapcloud.io/role
label key in the control plane Pod labels. Before upgrading this this version of Gardener, make sure that you first upgraded to at least Gardener v1.31.0. (gardener/gardener#4783, @ialidzhikov)hack/hook-me
script should change that to the whole service name. (gardener/gardener#4887, @dimityrmirchev)github.com/gardener/gardener/extensions/pkg/controller.{ReconcileErr,ReconcileErrCause,ReconcileErrCauseOrErr} functions have been moved to
github.com/gardener/gardener/pkg/controllerutils/reconciler`. (gardener/gardener#4880, @rfranzke)pkg/resourcemanager/manager
was moved to pkg/utils/managedresources/builder
. (gardener/gardener#4862, @rfranzke)extensions/...
to other packages. You might need to adapt your import paths. (gardener/gardener#4860, @rfranzke)gardener-resource-manager
can now make request and auto-rotate short-lived ServiceAccount
tokens via the TokenRequest
API for components running in the source cluster and communicating with the target cluster. Please consult this document for more information. (gardener/gardener#4867, @BeckerMax)druid.gardener.cloud/v1alpha1.Etcd
resources are now protected from unintentional deletion, i.e. they must be annotated with confirmation.gardener.cloud/deletion=true
before any DELETE
call can succeed. (gardener/gardener#4861, @vanjiii)gardener-resource-manager
can now make sure static ServiceAccount
tokens are invalidated. This might be helpful to enforce usage of Kubernetes' upstream ServiceAccount
Token Volume Projection feature. Please consult this document for more information. (gardener/gardener#4817, @rfranzke)etcd-main
and etcd-events
Etcd
resources if their etcd.Status.Etcd
fields are not set by the etcd-druid fast enough. (gardener/gardener#4975, @plkokanov)ConfigMap
s/Secret
s in shoot namespaces in seed clusters not to be deleted. (gardener/gardener#4904, @rfranzke)hack/hook-me.sh
is now successfully establishing connection to the remote tunnel server. Also the script now supports different kind of services and not only cloud provider extensions
. (gardener/gardener#4887, @dimityrmirchev)/hack/api-reference
are moved to /docs/api-reference directory. (gardener/gardener#4959, @Kristian-ZH)dns.gardener.cloud/include-zones
annotation for the default domain secret in the Gardener controlplane chart. (gardener/gardener#4950, @MartinWeindel)extensions.NewGardenDecoder
has been removed in favor of kubernetes.GardenCodec
. (gardener/gardener#4912, @timebertt)ReversedVPN
enabled will have to be reconciled once in case their existing VPN connection gets reset, which happened in the old setup during shoot cluster creation/deletion. (gardener/gardener#4434, @ScheererJ)admission-controller: eu.gcr.io/gardener-project/gardener/admission-controller:v1.35.0
apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.35.0
controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.35.0
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.35.0
landscaper-gardenlet: eu.gcr.io/gardener-project/gardener/landscaper-gardenlet:v1.35.0
scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.35.0
seed-admission-controller: eu.gcr.io/gardener-project/gardener/seed-admission-controller:v1.35.0
resource-manager: eu.gcr.io/gardener-project/gardener/resource-manager:v1.35.0
Published by gardener-robot-ci-1 almost 3 years ago
dns.gardener.cloud/include-zones
annotation for the default domain secret in the Gardener controlplane chart. (gardener/gardener#4954, @timuthy)Published by gardener-robot-ci-2 almost 3 years ago
DNSRecord
resources to be never reconciled again after they are in an Error
state. (gardener/gardener#4858, @stoyanr)dns.gardener.cloud/include-zones
annotation for the default domain secret in the Gardener controlplane chart. (gardener/gardener#4952, @timuthy)Published by gardener-robot-ci-2 almost 3 years ago
dns.gardener.cloud/include-zones
annotation for the default domain secret in the Gardener controlplane chart. (gardener/gardener#4953, @timuthy)Published by gardener-robot-ci-1 about 3 years ago
net.ParseIP
and net.ParseCIDR
reject leading zeros in the dot-decimal notation of IPv4 addresses. With the update to go1.17, gardener-apiserver now rejects Shoot objects with CIDR ranges that have such leading zeros in the dot-decimal notation. Before updating to this version of gardener-apiserver, make sure that there are no Shoot objects with leading zeros in the dot-decimal notation of an IPv4 address. For reference: https://nvd.nist.gov/vuln/detail/CVE-2021-29923 (gardener/gardener#4822, @ialidzhikov)pkg/utils/validation/cidr
package has been changed to properly detect CIDR overlaps. Please make sure to adapt your use of the library when revendoring. (gardener/gardener#4829, @kon-angelo)
CIDR.ValidateNotSubset
have been replaced by CIDR.ValidateNotOverlap
. CIDR.ValidateNotOverlap
is stricter as it does not allow its subject to be a superset or subset of the CIDRs it tests against (previously only the superset condition was checked).hack/{generate,generate-parallel.sh}
don't set GO111MODULE=off
anymore as they used to. This was done to speed up generation with k8s.io/code-generator
. If your repo reuses these scripts to generate code using k8s.io/code-generator
you might want to consider setting GO111MODULE=off
explicitly in hack/update-codegen.sh
. (gardener/gardener#4854, @timebertt)extensions/pkg/controller.Try*
functions have been removed, as the usage was discouraged anyways (see this document on Kubernetes clients). (gardener/gardener#4757, @rfranzke)lameduck
of 15 seconds. This way, when a coredns replica is being shut down, it will keep serving the currently established clients for up to 15 seconds so that they can reconnect to some of the other replicas. More info about the lameduck
can be found here. (gardener/gardener#4839, @vpnachev)--event-ttl
kube-apiserver flag by configuring .spec.kubernetes.kubeAPIServer.eventTTL
in the Shoot
resource. (gardener/gardener#4758, @rfranzke)CachedRuntimeClients
feature gate is promoted to beta and now enabled by default. (gardener/gardener#4831, @timebertt)apiserver_crd_webhook_conversion_duration_seconds
metric is now kept in the shoot monitoring stack. (gardener/gardener#4795, @timebertt)gardenlet
s now report the expiration date of their client certificates in the .status.clientCertificateExpirationTimestamp
field of their respective Seed
resources. If they are managed by ManagedSeed
s then this enables to re-bootstrap gardenlets in case their certificate expired and they weren't able to refresh it themselves. gardener-controller-manager
will automatically trigger this process if necessary. (gardener/gardener#4740, @rfranzke)example/seed-crds
. This allows to quickly apply all Seed CRDs for development purposes. (gardener/gardener#4854, @timebertt)generate-seed-crds.sh
was added, that can generate all of Gardener's Seed CRDs using controller-gen
. See this file for an example usage. Make sure to add controller-gen
to the list of requirements and example
to the list of generated paths. (gardener/gardener#4854, @timebertt)DNSRecord
resources to be never reconciled again after they are in an Error
state. (gardener/gardener#4815, @stoyanr)Gardener-Seed-Admission-Controller
when DELETECOLLECTION
requests are sent to the admission webhook. (gardener/gardener#4869, @timuthy)cluster-autoscaler
to be started without --nodes
during the restore phase of control plane migration. (gardener/gardener#4820, @plkokanov)spec.file[]
entries will no longer be added or modified by provider controlplane mutating webhooks if the new file content is empty. (gardener/gardener#4782, @plkokanov)gardencorev1beta1.Condition
created with the ConditionBuilder
if ConditionBuilder.WithOldCondition(oldCondition)
is used to initialize the condition, but error codes are not provided with ConditionBuilder.WithCodes(codes...)
(gardener/gardener#4885, @plkokanov)Shoot
field in the Cluster
resource is nil or the dnsrecords
CRD is not present. (gardener/gardener#4876, @stoyanr)1.17.2
. (gardener/gardener#4822, @ialidzhikov)eu.gcr.io/gardener-project/gardener/resource-manager:<tag>
will be released as well. (gardener/gardener#4757, @rfranzke)concurrent map interaction and write
issue is fixed. (gardener/logging#114, @vlvasilev)admission-controller: eu.gcr.io/gardener-project/gardener/admission-controller:v1.34.0
apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.34.0
controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.34.0
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.34.0
landscaper-gardenlet: eu.gcr.io/gardener-project/gardener/landscaper-gardenlet:v1.34.0
scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.34.0
seed-admission-controller: eu.gcr.io/gardener-project/gardener/seed-admission-controller:v1.34.0
resource-manager: eu.gcr.io/gardener-project/gardener/resource-manager:v1.34.0
Published by gardener-robot-ci-2 about 3 years ago
DNSRecord
resources to be never reconciled again after they are in an Error
state. (gardener/gardener#4859, @stoyanr)Shoot
field in the Cluster
resource is nil or the dnsrecords
CRD is not present. (gardener/gardener#4877, @stoyanr)admission-controller: eu.gcr.io/gardener-project/gardener/admission-controller:v1.33.1
apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.33.1
controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.33.1
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.33.1
landscaper-gardenlet: eu.gcr.io/gardener-project/gardener/landscaper-gardenlet:v1.33.1
scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.33.1
seed-admission-controller: eu.gcr.io/gardener-project/gardener/seed-admission-controller:v1.33.1
Published by gardener-robot-ci-1 about 3 years ago
--service-account-{extend-token-expiration,max-token-expiration}
kube-apiserver flags by configuring .spec.kubernetes.kubeAPIServer.serviceAccountConfig.{extendTokenExpiration,maxTokenExpiration}
in the Shoot
resource. (gardener/gardener#4753, @rfranzke)MaxGracefulTerminationSeconds
flag on ClusterAutoscaler. This allows end-users to configure maximum graceful termination (drain) seconds beyond which the node is force deleted during scale-down of cluster nodes. The default value is 600 seconds. (gardener/gardener#4697, @prashanth26)__gardener_multitenant_id__
is introduced to specify multiple tenants separated by semicolon. (gardener/gardener#4751, @vlvasilev)owner
DNSRecord resource in the seed cluster. (gardener/gardener#4638, @stoyanr)Deploying owner domain DNS record
step. (gardener/gardener#4756, @timebertt)missing information for required secret EtcdEncryptionConfig
(gardener/gardener#4780, @plkokanov)field is immutable
. With this change gardener-controller-manager properly indicates that it is waiting until the deletion of the needed ControllerInstallation is completed. (gardener/gardener#4718, @ialidzhikov)UseDNSRecords
feature gate is enabled. (gardener/gardener#4709, @plkokanov)sideEffects
field to the ValidatingWebhookConfiguration template in the Gardener control plane helm chart. (gardener/gardener#4707, @Diaphteiros)docker
container runtime are no longer set when using containerd
(gardener/gardener#4693, @voelzmo)make test-integration
works with bash version 3 now. (gardener/gardener#4715, @timebertt)Secret
objects if the CachedRuntimeClients
feature gate is enabled. (gardener/gardener#4754, @timuthy)kube-rback-proxy
and telegraf
container resources in Loki pod to withstand higher resource usage spikes. (gardener/gardener#4714, @vlvasilev)botanist.WaitUntilTunnelConnectionExists
step is now enhanced to do not fail right away when the tunnel connection cannot be established. Instead, the step will retry tunnel connection check until the configured timeout is exceeded. (gardener/gardener#4691, @ialidzhikov)__gardener_multitenant_id__
is removed from a shared label set. (gardener/logging#113, @vlvasilev)admission-controller: eu.gcr.io/gardener-project/gardener/admission-controller:v1.33.0
apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.33.0
controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.33.0
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.33.0
landscaper-gardenlet: eu.gcr.io/gardener-project/gardener/landscaper-gardenlet:v1.33.0
scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.33.0
seed-admission-controller: eu.gcr.io/gardener-project/gardener/seed-admission-controller:v1.33.0
Published by gardener-robot-ci-1 about 3 years ago
kube-rback-proxy
and telegraf
container resources in Loki pod to withstand higher resource usage spikes. (gardener/gardener#4771, @vpnachev)admission-controller: eu.gcr.io/gardener-project/gardener/admission-controller:v1.30.2
apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.30.2
controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.30.2
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.30.2
landscaper-gardenlet: eu.gcr.io/gardener-project/gardener/landscaper-gardenlet:v1.30.2
scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.30.2
seed-admission-controller: eu.gcr.io/gardener-project/gardener/seed-admission-controller:v1.30.2
Published by gardener-robot-ci-3 about 3 years ago
sideEffects
field to the ValidatingWebhookConfiguration template in the Gardener control plane helm chart. (gardener/gardener#4711, @ialidzhikov)ManagedSeed.spec.gardenlet.config.debugging.*
fields to be wrongly set to false
. (gardener/gardener#4686, @timebertt)
v1.31.[0-3]
already, upgrading to this version will not remove the wrongly added fields. If you want to remove the fields in order to rely on the defaults (settings from the parent gardenlet) please use the following kubectl
command: kubectl -n garden patch ms my-seed -p '{"spec":{"gardenlet":{"config":{"debugging":null}}}}'
.Machine
resource cannot be updated with the name of the corresponding Node. (gardener/gardener#4702, @plkokanov)kube-rback-proxy
and telegraf
container resources in Loki pod to withstand higher resource usage spikes. (gardener/gardener#4770, @vpnachev)admission-controller: eu.gcr.io/gardener-project/gardener/admission-controller:v1.31.4
apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.31.4
controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.31.4
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.31.4
landscaper-gardenlet: eu.gcr.io/gardener-project/gardener/landscaper-gardenlet:v1.31.4
scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.31.4
seed-admission-controller: eu.gcr.io/gardener-project/gardener/seed-admission-controller:v1.31.4
Published by gardener-robot-ci-1 about 3 years ago
Deploying owner domain DNS record
step. (gardener/gardener#4760, @timebertt)kube-rback-proxy
and telegraf
container resources in Loki pod to withstand higher resource usage spikes. (gardener/gardener#4769, @vpnachev)admission-controller: eu.gcr.io/gardener-project/gardener/admission-controller:v1.32.2
apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.32.2
controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.32.2
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.32.2
landscaper-gardenlet: eu.gcr.io/gardener-project/gardener/landscaper-gardenlet:v1.32.2
scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.32.2
seed-admission-controller: eu.gcr.io/gardener-project/gardener/seed-admission-controller:v1.32.2
Published by gardener-robot-ci-3 about 3 years ago
UseDNSRecords
feature gate is enabled. (#4728, @plkokanov)sideEffects
field to the ValidatingWebhookConfiguration template in the Gardener control plane helm chart. (#4710, @ialidzhikov)admission-controller: eu.gcr.io/gardener-project/gardener/admission-controller:v1.32.1
apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.32.1
controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.32.1
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.32.1
landscaper-gardenlet: eu.gcr.io/gardener-project/gardener/landscaper-gardenlet:v1.32.1
scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.32.1
seed-admission-controller: eu.gcr.io/gardener-project/gardener/seed-admission-controller:v1.32.1
Published by gardener-robot-ci-3 about 3 years ago
Shoot.spec.seedName
). (#4521, @timebertt)
spec.seedName
and let gardener-scheduler pick the best Seed with available capacity for you.gardener/gardener
because it has been out of maintenance for a longer period of time. Please remove any references to github.com/gardener/gardener/extensions/test/e2e/framework/networkpolicies/generators
. (#4643, @timuthy)gardener-{admission-controller,controller-manager}
components now prefer using the certificates.k8s.io/v1
API if available. (#4671, @rfranzke)gardener.cloud:viewer
or gardener.cloud:admin
now have access to the customresourcedefinitions
resources. (#4636, @vpnachev).spec.resourcePolicy.containerPolicies[].controlledResources
is now available for VerticalPodAutoscaler v1beta2
objects. (#4656, @timuthy)Extension
and other resources to be deleted if the CachedRuntimeClients
feature gate is enabled. (#4674, @timebertt)Machine
resource cannot be updated with the name of the corresponding Node. (#4681, @plkokanov)ManagedSeed.spec.gardenlet.config.debugging.*
fields to be wrongly set to false
.
v1.31.[0-3]
already, upgrading to this version will not remove the wrongly added fields. If you want to remove the fields in order to rely on the defaults (settings from the parent gardenlet) please use the following kubectl
command: kubectl -n garden patch ms my-seed -p '{"spec":{"gardenlet":{"config":{"debugging":null}}}}'
.coredns_kubernetes_dns_programming_duration_seconds
and provide a panel for it in grafana. (#4618, @wyb1)Seed.status.{capacity,allocatable}
). (#4604, @timebertt)context.Context
, please adapt your usages accordingly and pass a proper context. (#4644, @timebertt)DisallowKubeconfigRotationForShootInDeletion
feature gate in the gardener-apiserver
has been promoted to beta and is now enabled by default. (#4645, @ialidzhikov)admission-controller: eu.gcr.io/gardener-project/gardener/admission-controller:v1.32.0
apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.32.0
controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.32.0
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.32.0
landscaper-gardenlet: eu.gcr.io/gardener-project/gardener/landscaper-gardenlet:v1.32.0
scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.32.0
seed-admission-controller: eu.gcr.io/gardener-project/gardener/seed-admission-controller:v1.32.0
Published by gardener-robot-ci-2 about 3 years ago
admission-controller: eu.gcr.io/gardener-project/gardener/admission-controller:v1.31.3
apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.31.3
controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.31.3
scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.31.3
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.31.3
seed-admission-controller: eu.gcr.io/gardener-project/gardener/seed-admission-controller:v1.31.3
Published by gardener-robot-ci-1 about 3 years ago
admission-controller: eu.gcr.io/gardener-project/gardener/admission-controller:v1.31.2
apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.31.2
controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.31.2
scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.31.2
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.31.2
seed-admission-controller: eu.gcr.io/gardener-project/gardener/seed-admission-controller:v1.31.2
landscaper-gardenlet: eu.gcr.io/gardener-project/gardener/landscaper-gardenlet:v1.31.2
Published by gardener-robot-ci-3 about 3 years ago
.spec.resourcePolicy.containerPolicies[].controlledResources
is now available for VerticalPodAutoscaler v1beta2
objects. (#4658, @timuthy)admission-controller: eu.gcr.io/gardener-project/gardener/admission-controller:v1.31.1
apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.31.1
controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.31.1
scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.31.1
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.31.1
seed-admission-controller: eu.gcr.io/gardener-project/gardener/seed-admission-controller:v1.31.1
landscaper-gardenlet: eu.gcr.io/gardener-project/gardener/landscaper-gardenlet:v1.31.1
Published by gardener-robot-ci-3 about 3 years ago
v0.49.0
for shoot clusters running Kubernetes 1.20, 1.21. For shoot clusters running Kubernetes >= 1.22 NGINX Ingress Controller v1.0.0
is used. Please have a detailed look at this FAQ document which explains the most important ingress changes when updating to NGINX Ingress Controller v1.0.0
. (#4614, @timuthy)v0.49.0
for seed clusters running Kubernetes 1.18, 1.19, 1.20, 1.21. For seed clusters running Kubernetes >= 1.22 NGINX Ingress Controller v1.0.0
is used. (#4614, @timuthy)testing
purpose. (#4594, @vlvasilev)gardenlet
was restarted just before removing the operation annotation from a BackupEntry
. (#4545, @stoyanr).spec.region
field of a Shoot
which was not part of the .spec.regions[]
list of the respective CloudProfile
. (#4553, @rfranzke)revisionHistoryLimit
for gardenlets deployed by ManagedSeeds
was increased to 10
. (#4580, @timebertt)extensions.gardener.cloud/my-service: "true"
where my-service
is the type of the extension. (#4476, @dimityrmirchev)admission-controller: eu.gcr.io/gardener-project/gardener/admission-controller:v1.31.0
apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.31.0
controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.31.0
scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.31.0
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.31.0
seed-admission-controller: eu.gcr.io/gardener-project/gardener/seed-admission-controller:v1.31.0
landscaper-gardenlet: eu.gcr.io/gardener-project/gardener/landscaper-gardenlet:v1.31.0
Published by gardener-robot-ci-2 about 3 years ago
admission-controller: eu.gcr.io/gardener-project/gardener/admission-controller:v1.29.1
apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.29.1
controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.29.1
scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.29.1
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.29.1
seed-admission-controller: eu.gcr.io/gardener-project/gardener/seed-admission-controller:v1.29.1
landscaper-gardenlet: eu.gcr.io/gardener-project/gardener/landscaper-gardenlet:v1.29.1
Published by gardener-robot-ci-3 about 3 years ago
SeedAuthorizer
is enabled. Hence, the user certificate used by Gardenlet to connect to the Garden cluster was not renewed successfully. (#4505, @timuthy)admission-controller: eu.gcr.io/gardener-project/gardener/admission-controller:v1.28.3
apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.28.3
controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.28.3
scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.28.3
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.28.3
seed-admission-controller: eu.gcr.io/gardener-project/gardener/seed-admission-controller:v1.28.3
landscaper-gardenlet: eu.gcr.io/gardener-project/gardener/landscaper-gardenlet:v1.28.3
Published by gardener-robot-ci-3 about 3 years ago
testing
purpose. (#4596, @ialidzhikov)admission-controller: eu.gcr.io/gardener-project/gardener/admission-controller:v1.30.1
apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.30.1
controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.30.1
scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.30.1
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.30.1
seed-admission-controller: eu.gcr.io/gardener-project/gardener/seed-admission-controller:v1.30.1
landscaper-gardenlet: eu.gcr.io/gardener-project/gardener/landscaper-gardenlet:v1.30.1
Published by gardener-robot-ci-1 about 3 years ago
.spec.provider.workers[].cri.name: docker
, as the in-tree dockershim will be removed by upstream kubernetes. See our documentation for more details on the dockershim removal. (#4529, @voelzmo)MountHostCADirectories
feature gate that is GA since v1.27 is unconditionally enabled, and can no longer be specified in the gardenlet's configuration. (#4526, @ialidzhikov)expander
and maxNodeProvisionTime
. The default value for expander
is least-waste
and for maxNodeProvisionTime
it is 20m
. This can be overridden by flags on the shoot.spec.kubernetes.clusterAutoscaler
section. (#4508, @prashanth26)metrics-server
has been updated to version v0.5.0
. (#4496, @vpnachev)
docker
explicitly to the list of supported container runtimes for all MachineImageVersions in your Cloud Profile. This is not a functional change: Previously, docker
support was implicitly assumed for all MachineImageVersions. This is now changed in the context of the dockershim removal. (#4500, @voelzmo)controlplane
mutator webhook can now easily mutate the vpn-seed-server
deployment by implementing the EnsureVPNSeedServerDeployment
function. (#4544, @rfranzke)NetworkPolicy
s in the shoot namespaces in the seed for shoots without static node CIDRs. (#4543, @rfranzke)>= 1.18
in [email protected], is now technically enforced as well. (#4503, @timebertt)gardener.cloud:system:viewers
for managing viewer permissions (without access to view secrets) for all Gardener and Kubernetes resources across all Gardener projects (#4497, @donistz)ManagedIstio
feature gate is enabled by default. (#4481, @amshuman-kr)telegraf
component is added into hack/.ci/set_dependency_version script (#4492, @vlvasilev).spec.deployment.{type,providerConfig}
fields in the ControllerRegistration
resource (deprecated since v1.23
) will be removed from the API starting with v1.32
. Please consider adapting to ControllerDeployment
s now (see https://github.com/gardener/gardener/blob/master/docs/extensions/controllerregistration.md and https://github.com/gardener/gardener/pull/3995). (#4532, @rfranzke)docker
runtime was implicit, it now needs to be set explicitly. See our dockershim removal document for more information. To ease this transition this release adds adds docker
to the list of supported container runtimes for all MachineImageVersions in your Cloud Profile see #4500. (#4438, @BeckerMax)admission-controller: eu.gcr.io/gardener-project/gardener/admission-controller:v1.30.0
apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.30.0
controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.30.0
scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.30.0
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.30.0
seed-admission-controller: eu.gcr.io/gardener-project/gardener/seed-admission-controller:v1.30.0
landscaper-gardenlet: eu.gcr.io/gardener-project/gardener/landscaper-gardenlet:v1.30.0