Kubernetes-native system managing the full lifecycle of conformant Kubernetes clusters as a service on Alicloud, AWS, Azure, GCP, OpenStack, vSphere, KubeVirt, Hetzner, EquinixMetal, MetalStack, and OnMetal with minimal TCO.
OTHER License
Bot releases are visible (Hide)
Published by gardener-robot-ci-2 about 3 years ago
Common Name: system:apiserver
for the Kube-Apiserver. In order to be DNS-1123 compliant, this certificate field is changed to Common Name: kube-apiserver
for new shoot clusters. (#4467, @timuthy)GardenerSchedulerConfiguration
: (#4320, @xrstf)
server
has been refined into healthProbes
and metrics
. Note that both cannot be listening on the same port.CachedRuntimeClients
feature gate has been removed, objects are now always cached.lockObjectName
was removed in favor of resourceName
.lockObjectNamespace
was removed in favor of resourceNamespace
.9090
. (#4320, @xrstf)HS256
, HS384
and HS512
are now removed from the valid OIDC Signing algorithms as they are not supported by the kubernetes API server. (#4470, @plkokanov)Auto
even when scale down is disabled. The scale down is naturally disabled because minReplicas
and maxReplicas
are set to be equal. (#4451, @amshuman-kr)SeedAuthorizer
is enabled. Hence, the user certificate used by Gardenlet to connect to the Garden cluster was not renewed successfully. (#4502, @timuthy)--
. (#4454, @stoyanr)golangci-lint
. Please make sure to update your local installation of golangci-lint
, e.g. by running make install-requirements
(#4475, @voelzmo)admission-controller: eu.gcr.io/gardener-project/gardener/admission-controller:v1.29.0
apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.29.0
controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.29.0
scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.29.0
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.29.0
seed-admission-controller: eu.gcr.io/gardener-project/gardener/seed-admission-controller:v1.29.0
landscaper-gardenlet: eu.gcr.io/gardener-project/gardener/landscaper-gardenlet:v1.29.0
Published by gardener-robot-ci-1 about 3 years ago
HS256
, HS384
and HS512
are now removed from the valid OIDC Signing algorithms as they are not supported by the kubernetes API server. (#4473, @plkokanov)Auto
even when scale down is disabled. The scale down is naturally disabled because minReplicas
and maxReplicas
are set to be equal. (#4469, @amshuman-kr)--
. (#4455, @stoyanr)admission-controller: eu.gcr.io/gardener-project/gardener/admission-controller:v1.26.3
apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.26.3
controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.26.3
scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.26.3
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.26.3
seed-admission-controller: eu.gcr.io/gardener-project/gardener/seed-admission-controller:v1.26.3
landscaper-gardenlet: eu.gcr.io/gardener-project/gardener/landscaper-gardenlet:v1.26.3
Published by gardener-robot-ci-1 about 3 years ago
HS256
, HS384
and HS512
are now removed from the valid OIDC Signing algorithms as they are not supported by the kubernetes API server. (#4472, @plkokanov)Auto
even when scale down is disabled. The scale down is naturally disabled because minReplicas
and maxReplicas
are set to be equal. (#4468, @amshuman-kr)admission-controller: eu.gcr.io/gardener-project/gardener/admission-controller:v1.27.5
apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.27.5
controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.27.5
scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.27.5
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.27.5
seed-admission-controller: eu.gcr.io/gardener-project/gardener/seed-admission-controller:v1.27.5
landscaper-gardenlet: eu.gcr.io/gardener-project/gardener/landscaper-gardenlet:v1.27.5
Published by gardener-robot-ci-1 about 3 years ago
HS256
, HS384
and HS512
are now removed from the valid OIDC Signing algorithms as they are not supported by the kubernetes API server. (#4471, @plkokanov)Auto
even when scale down is disabled. The scale down is naturally disabled because minReplicas
and maxReplicas
are set to be equal. (#4466, @amshuman-kr)admission-controller: eu.gcr.io/gardener-project/gardener/admission-controller:v1.28.2
apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.28.2
controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.28.2
scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.28.2
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.28.2
seed-admission-controller: eu.gcr.io/gardener-project/gardener/seed-admission-controller:v1.28.2
landscaper-gardenlet: eu.gcr.io/gardener-project/gardener/landscaper-gardenlet:v1.28.2
Published by gardener-robot-ci-2 about 3 years ago
--
. (#4457, @stoyanr)admission-controller: eu.gcr.io/gardener-project/gardener/admission-controller:v1.28.1
apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.28.1
controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.28.1
scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.28.1
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.28.1
seed-admission-controller: eu.gcr.io/gardener-project/gardener/seed-admission-controller:v1.28.1
landscaper-gardenlet: eu.gcr.io/gardener-project/gardener/landscaper-gardenlet:v1.28.1
Published by gardener-robot-ci-3 about 3 years ago
--
. (#4456, @stoyanr)admission-controller: eu.gcr.io/gardener-project/gardener/admission-controller:v1.27.4
apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.27.4
controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.27.4
scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.27.4
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.27.4
seed-admission-controller: eu.gcr.io/gardener-project/gardener/seed-admission-controller:v1.27.4
landscaper-gardenlet: eu.gcr.io/gardener-project/gardener/landscaper-gardenlet:v1.27.4
Published by gardener-robot-ci-2 about 3 years ago
1.18
. Please update your seed clusters if necessary before updating to this Gardener version. Older Kubernetes releases will not be supported any more. Please note, the version support for shoot clusters is not affected by this change. (#4426, @timuthy)DisallowKubeconfigRotationForShootInDeletion
, disabled by default, that disallows kubeconfig rotation to be requested for shoot cluster in deletion. (#4379, @vpnachev)containerd
as a runtime to fail to reconcile (see https://github.com/gardener/gardener/issues/4390 for more details). This now means that bug https://github.com/gardener/gardener/issues/4254 still exists in gardener >1.27.1. (#4408, @voelzmo)bash: line 161: ;: command not found
has been fixed. (#4355, @vpnachev)RotateSSHKeypairOnMaintenance
. (#4397, @ialidzhikov)resources.gardener.cloud/preserve-{resources,replicas}
. (gardener/gardener-resource-manager#122, @harishmanasa)gardener-resource-manager
now features an optional garbage collector controller (disabled by default) for immutable ConfigMap
s/Secret
s. Please take a look at this document if you want to use it. (gardener/gardener-resource-manager#127, @rfranzke)--version
flag to print the appropriate metadata. (gardener/gardener-resource-manager#129, @ialidzhikov)github.com/gardener/[email protected]
k8s.io/*@v0.21.2
sigs.k8s.io/[email protected]
admission-controller: eu.gcr.io/gardener-project/gardener/admission-controller:v1.28.0
apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.28.0
controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.28.0
scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.28.0
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.28.0
seed-admission-controller: eu.gcr.io/gardener-project/gardener/seed-admission-controller:v1.28.0
landscaper-gardenlet: eu.gcr.io/gardener-project/gardener/landscaper-gardenlet:v1.28.0
Published by gardener-robot-ci-2 about 3 years ago
admission-controller: eu.gcr.io/gardener-project/gardener/admission-controller:v1.27.3
apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.27.3
controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.27.3
scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.27.3
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.27.3
seed-admission-controller: eu.gcr.io/gardener-project/gardener/seed-admission-controller:v1.27.3
landscaper-gardenlet: eu.gcr.io/gardener-project/gardener/landscaper-gardenlet:v1.27.3
Published by gardener-robot-ci-2 about 3 years ago
admission-controller: eu.gcr.io/gardener-project/gardener/admission-controller:v1.26.2
apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.26.2
controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.26.2
scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.26.2
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.26.2
seed-admission-controller: eu.gcr.io/gardener-project/gardener/seed-admission-controller:v1.26.2
landscaper-gardenlet: eu.gcr.io/gardener-project/gardener/landscaper-gardenlet:v1.26.2
Published by gardener-robot-ci-2 about 3 years ago
admission-controller: eu.gcr.io/gardener-project/gardener/admission-controller:v1.25.4
apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.25.4
controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.25.4
scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.25.4
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.25.4
seed-admission-controller: eu.gcr.io/gardener-project/gardener/seed-admission-controller:v1.25.4
landscaper-gardenlet: eu.gcr.io/gardener-project/gardener/landscaper-gardenlet:v1.25.4
Published by gardener-robot-ci-1 over 3 years ago
containerd
as a runtime to fail to reconcile (see https://github.com/gardener/gardener/issues/4390 for more details). This now means that bug https://github.com/gardener/gardener/issues/4254 still exists in gardener >1.27.1. (#4409, @voelzmo)admission-controller: eu.gcr.io/gardener-project/gardener/admission-controller:v1.27.2
apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.27.2
controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.27.2
scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.27.2
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.27.2
seed-admission-controller: eu.gcr.io/gardener-project/gardener/seed-admission-controller:v1.27.2
landscaper-gardenlet: eu.gcr.io/gardener-project/gardener/landscaper-gardenlet:v1.27.2
Published by gardener-robot-ci-2 over 3 years ago
bash: line 161: ;: command not found
has been fixed. (#4356, @vpnachev)admission-controller: eu.gcr.io/gardener-project/gardener/admission-controller:v1.27.1
apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.27.1
controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.27.1
scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.27.1
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.27.1
seed-admission-controller: eu.gcr.io/gardener-project/gardener/seed-admission-controller:v1.27.1
landscaper-gardenlet: eu.gcr.io/gardener-project/gardener/landscaper-gardenlet:v1.27.1
Published by gardener-robot-ci-2 over 3 years ago
KonnectivityTunnel
feature gate in gardenlet has been dropped and removed from the code. If you upgrade to this Gardener version make sure that the feature gate is disabled and that all shoots were reconciled after you disabled it. (#4247, @rfranzke)imageGC{High,Low}ThresholdPercent
fields for the kubelet configuration (defaults: 50
for the high threshold, 40
for the low threshold) in the Shoot
API via .spec.{provider.workers[].}kubernetes.kubelet.imageGC{High,Low}ThresholdPercent
. (#4282, @rfranzke).spec.exposureClassName
. Find more information in this document. (#4244, @dkistner)NodeAuthorizer
and NodeRestriction
features in Kubernetes (preventing kubelets from accessing resources which aren't associated with their responsible Node
s), Gardener does now have a SeedAuthorizer
and SeedRestriction
feature (preventing gardenlets from accessing resources which aren't associated with their Seed
s). If you want to enable it for your landscapes then please consult this document. (#4326, @rfranzke)APIServerSNI
feature flag (default). (#4319, @dkistner).exposureClassHandlers
list of the Gardenlet configuration. Find more information in this document. (#4244, @dkistner)ExposureClass
resources. (#4334, @dkistner)1.18.3
version. (#4304, @mvladev)ManagedIstio
now uses distroless images. (#4301, @mvladev)ManagedIstio
is now upgraded to 1.10.2
(#4301, @mvladev)MountHostCADirectories
feature gate in the gardenlet
has been promoted to GA. (#4279, @ialidzhikov)make test-integration
). (#4265, @timebertt)hack/test-integration.sh
. Please consult gardener's Makefile as a reference usage. (#4265, @timebertt)hyperkube
image is now only downloaded exactly once per shoot worker node to prevent repetitive, undesired downloads in case the kubelet garbage-collects the image due to excessive root disk usage. (#4321, @rfranzke)admission-controller: eu.gcr.io/gardener-project/gardener/admission-controller:v1.27.0
apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.27.0
controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.27.0
scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.27.0
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.27.0
seed-admission-controller: eu.gcr.io/gardener-project/gardener/seed-admission-controller:v1.27.0
landscaper-gardenlet: eu.gcr.io/gardener-project/gardener/landscaper-gardenlet:v1.27.0
Published by gardener-robot-ci-3 over 3 years ago
admission-controller: eu.gcr.io/gardener-project/gardener/admission-controller:v1.24.3
apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.24.3
controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.24.3
scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.24.3
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.24.3
seed-admission-controller: eu.gcr.io/gardener-project/gardener/seed-admission-controller:v1.24.3
landscaper-gardenlet: eu.gcr.io/gardener-project/gardener/landscaper-gardenlet:v1.24.3
Published by gardener-robot-ci-1 over 3 years ago
admission-controller: eu.gcr.io/gardener-project/gardener/admission-controller:v1.25.3
apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.25.3
controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.25.3
scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.25.3
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.25.3
seed-admission-controller: eu.gcr.io/gardener-project/gardener/seed-admission-controller:v1.25.3
landscaper-gardenlet: eu.gcr.io/gardener-project/gardener/landscaper-gardenlet:v1.25.3
Published by gardener-robot-ci-1 over 3 years ago
admission-controller: eu.gcr.io/gardener-project/gardener/admission-controller:v1.26.1
apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.26.1
controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.26.1
scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.26.1
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.26.1
seed-admission-controller: eu.gcr.io/gardener-project/gardener/seed-admission-controller:v1.26.1
landscaper-gardenlet: eu.gcr.io/gardener-project/gardener/landscaper-gardenlet:v1.26.1
Published by gardener-robot-ci-1 over 3 years ago
admission-controller: eu.gcr.io/gardener-project/gardener/admission-controller:v1.25.2
apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.25.2
controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.25.2
scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.25.2
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.25.2
seed-admission-controller: eu.gcr.io/gardener-project/gardener/seed-admission-controller:v1.25.2
landscaper-gardenlet: eu.gcr.io/gardener-project/gardener/landscaper-gardenlet:v1.25.2
Published by gardener-robot-ci-1 over 3 years ago
RequestLimitExceeded
are now treated as ERR_INFRA_RATE_LIMITS_EXCEEDED
(instead of ERR_INFRA_QUOTA_EXCEEDED
before). (#4256, @vpnachev)ownerReferences
before adopting it. (#4234, @timebertt)admission-controller: eu.gcr.io/gardener-project/gardener/admission-controller:v1.24.2
apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.24.2
controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.24.2
scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.24.2
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.24.2
seed-admission-controller: eu.gcr.io/gardener-project/gardener/seed-admission-controller:v1.24.2
landscaper-gardenlet: eu.gcr.io/gardener-project/gardener/landscaper-gardenlet:v1.24.2
Published by gardener-robot-ci-1 over 3 years ago
RequestLimitExceeded
are now treated as ERR_INFRA_RATE_LIMITS_EXCEEDED
(instead of ERR_INFRA_QUOTA_EXCEEDED
before). (#4257, @vpnachev)ownerReferences
before adopting it. (#4235, @timebertt)admission-controller: eu.gcr.io/gardener-project/gardener/admission-controller:v1.23.4
apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.23.4
controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.23.4
scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.23.4
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.23.4
seed-admission-controller: eu.gcr.io/gardener-project/gardener/seed-admission-controller:v1.23.4
landscaper-gardenlet: eu.gcr.io/gardener-project/gardener/landscaper-gardenlet:v1.23.4
Published by gardener-robot-ci-2 over 3 years ago
SchedulerConfiguration.schedulers.*.retrySyncPeriod
have been removed. (#4285, @timebertt)make start-gardenlet
does not use seedSelector anymore, making the dev gardenlet single-seed only. If you have multiple Seeds in your local setup, you can specify the seed to act on via the SEED_NAME
make variable (e.g. make start-gardenlet SEED_NAME=local-foo
). (#4270, @xrstf)DirectClient
has been removed from the codebase entirely. (#4225, @timebertt)CRI.Name==nil
to CRI.Name==docker
. (#4237, @voelzmo)containerd
as default container runtime. If you upgrade an existing shoot which doesn't specify a cri.name
property in its worker pools, this will trigger a graceful node rollout and the container runtime is switched from docker
to containerd
. (#4222, @voelzmo)Shoot
: (#4212, @rfranzke)
shoot.gardener.cloud/cleanup-webhooks-finalize-grace-period-seconds
(default behaviour: "300"
)shoot.gardener.cloud/cleanup-extended-apis-finalize-grace-period-seconds
(default behaviour: "3600"
)shoot.gardener.cloud/cleanup-kubernetes-resources-finalize-grace-period-seconds
(default behaviour: "300"
)shoot.gardener.cloud/cleanup-namespaces-finalize-grace-period-seconds
(default behaviour: "300"
)"0"
is provided then all resources are finalized immediately without waiting for any graceful deletion. Please be aware that this might lead to orphaned infrastructure artefacts.ProjectValidator
admission plugin has been added (enabled by default). It prevents creating Project
s with non-empty .spec.namespace
fields if the value in .spec.namespace
does not start with garden-
. Please note that this admission plugin will be removed in a future release again in favor of the static validation in the gardener-apiserver
. (#4228, @rfranzke)docker
as a container runtime (.spec.provider.workers[].cri.name
field in Shoot
s) for backwards compatibility. Select this only if your workload doesn't run nicely with containerd
. This configuration option will be removed in the future! (#4218, @voelzmo)ResourceQuota
config
get merged with the respective fields on existing ResourceQuota
s (#4264, @petersutter)EnvoyFilter
resources from SNI and ReversedVPN into separate resources. (#4242, @DockToFuture)ManagedIstio
version is upgraded to 1.10.1
(#4241, @mvladev)RequestLimitExceeded
are now treated as ERR_INFRA_RATE_LIMITS_EXCEEDED
(instead of ERR_INFRA_QUOTA_EXCEEDED
before). (#4236, @rfranzke)ownerReferences
before adopting it. (#4232, @timebertt)*metav1.LabelSelector
to metav1.LabelSelector
in the gardenercore.SeedSelector
type in our APIs. This doesn't impose a breaking change for users of the API, however users of the golang types, will have to adapt accordingly. (#4299, @timebertt)MountHostCADirectories
feature gate in the gardenlet
has been promoted to beta and is now enabled by default. (#4223, @ialidzhikov)ServiceAccount
privileges are limited as much as possible. (#4129, @ialidzhikov)admission-controller: eu.gcr.io/gardener-project/gardener/admission-controller:v1.26.0
apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.26.0
controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.26.0
scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.26.0
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.26.0
seed-admission-controller: eu.gcr.io/gardener-project/gardener/seed-admission-controller:v1.26.0
landscaper-gardenlet: eu.gcr.io/gardener-project/gardener/landscaper-gardenlet:v1.26.0