Kubernetes-native system managing the full lifecycle of conformant Kubernetes clusters as a service on Alicloud, AWS, Azure, GCP, OpenStack, vSphere, KubeVirt, Hetzner, EquinixMetal, MetalStack, and OnMetal with minimal TCO.
OTHER License
Published by gardener-robot-ci-3 over 4 years ago
APIServerSNI
feature gate is enabled by the Gardener administrators, a TLS client with support for server name indication must be used when talking to Shoot API servers. Alternatively, unmanaged
DNS provider should be used. (#2406, @mvladev)ClientMap
s to retrieve clientsets for all kind of clusters instead of creating new clientsets each time to leverage the clients' caches. (#2449, @tim-ebert)pkg/client/kubernetes.Interface
) now return a cached controller-runtime client from Interface.Client()
if kubernetes.UseCachedRuntimeClients
has been set to true (defaults to false
). The cached clients have to be started before the first usage by a call to Interface.Start()
. If you use a ClientMap
to retrieve the clientset, this is done automatically. (#2449, @tim-ebert)kube-apiserver
did not have any root CA bundles. This resulted in failure to verify x509 certificates when attempting to send traffic to OIDC discovery endpoint or other endpoints. (#2508, @mvladev)vertical-pod-autoscaler
component is now supported for shoot clusters by setting .spec.kubernetes.verticalPodAutoscaler.enabled=true
(disabled by default). More information can be found in this document. (#2478, @rfranzke)name
property for dataVolumes
in the Shoot
spec is a required field. (#2463, @rfranzke)CachedRuntimeClients
has been added to gardenlet
, gardener-controller-manager
and gardener-scheduler
. If enabled via the respective component config, the components use cached clients for their API calls wherever possible. (#2449, @tim-ebert)Project
s that are no longer in use. By default, only Project
s older than 30d
which are unused for at least 14d
will be auto-deleted after 90d
. However, the concrete values depend on the configuration of the respective Gardener landscape. You can find more information in this document. (#2446, @rfranzke)APIServerSNI
can cause the kube-controller-manager
to be scaled down to 0
for 15 minutes
. This is a known issue and it's going to be resolved in a future release of dependency-watchdog
. (#2406, @mvladev)APIServerSNI
implementing GEP-8 is now available at alpha state. This allows for only one LoadBalancer in a Seed cluster to be used for all Shoot clusters in it. It's recommended to use in conjunction with ManagedIstio
feature gate as the feature requires Istio to be installed in the Seed cluster. (#2406, @mvladev)systemComponents.allow: false
in the pool definition. (#2480, @jannickfahlbusch)
.spec.maintenance
settings are now correctly defaulted when a Shoot
is being created without any such configuration. (#2464, @rfranzke)KonnectivityTunnel
has been enabled while the Shoot was hibernated. (#2540, @tim-ebert)Progressing
status for the configured conditionThresholds
time after a successful shoot reconciliation. This is to prevent false negative status reports shortly after reconciliations. (#2535, @rfranzke)Create
/Delete
operations but also for processing Reconcile
operations in case there aren't any last errors. (#2533, @rfranzke)FeatureGates
for the gardener-scheduler
via the respective values in the gardener/controlplane
chart. (#2531, @tim-ebert)443
, allowing it to function properly in GKE clusters. (#2529, @tim-ebert)gardener-controller-manager
and gardenlet
to panic if the Kubeconfig referenced by a Plant or Seed is empty. (#2504, @tim-ebert)shoot:container_network_transmit_bytes_total_apiserver:sum
and shoot:container_network_receive_bytes_total_apiserver:sum
which will be useful in observing the network traffic for all shoots. (#2488, @wyb1)ManagedIstio
is updated to 1.6.3
(#2487, @mvladev)ManagedIstio
feature gate was enabled. (#2486, @rfranzke)retry
operation for shoots from working reliably in case of a reconciliation. (#2467, @timuthy)spec.seedName
or status.seedName
. (#2456, @swilen-iwanow)Namespace
in the system even when the related Project
is deleted by annotating the Namespace
with namespace.gardener.cloud/keep-after-project-deletion=true
. (#2436, @rfranzke)Shoot
's Control Plane are now saved/loaded to/from the ShootState. (#2359, @plkokanov)make docker-images
are now tagged and build with the commit hash appended to the version. (#2500, @tim-ebert)Delete
and ManifestReader's DeleteManifest
now support passing TolerateErrorFunc
option which can be used to tolerate certain errors - e.g. using TolerateNoMatchError
can be useful in situations where a deleting a custom resource, but its CRD is already removed. (#2496, @mvladev)EnsureCleanedUp
and WaitForCleanEnvironment
funcs are now exported via the Terraformer
interface. (#2461, @tim-ebert)gardener-resource-manager
has the required permissions to also update secrets now. (gardener/gardener-resource-manager#54, @tim-ebert)resource-manager
now have resource-manager.gardener.cloud/description
annotation with DO NOT EDIT
warning. (gardener/gardener-resource-manager#46, @mvladev)gardener.cloud/operation: reconcile
. (gardener/gardener-resource-manager#57, @timuthy)ResourcesHealthy
) by reconciling the resource. (gardener/gardener-resource-manager#57, @timuthy)gardener-resource-manager
now properly removes its finalizer from secrets, that are not referenced by a ManagedResource
anymore. (gardener/gardener-resource-manager#54, @tim-ebert)ManagedResource
is falsely indicating a "Ready" state for a short period of time. (gardener/gardener-resource-manager#51, @tim-ebert)ManagedResource
CRD features a new field .spec.deletePersistentVolumeClaims
. If set to true
, gardener-resource-manager will delete PVCs belonging to managed StatefulSets, when they are deleted. (gardener/gardener-resource-manager#50, @tim-ebert)gardener-resource-manager
now also injects labels specified in .spec.injectLabels
into the .spec.volumeClaimTemplates
of new StatefulSets. (gardener/gardener-resource-manager#49, @tim-ebert)gardener-resource-manager
now deletes resources with DeletePropagationForeground
to cascade the deletion to their dependents (e.g. to clean up Job
s created by a CronJob
). (gardener/gardener-resource-manager#48, @tim-ebert)gardener-resource-manager
have been reworked to contain less unnecessary error entries. (gardener/gardener-resource-manager#45, @tim-ebert)gardener-resource-manager
now keeps the status of managed objects to prevent overwriting the status of CRs that don't have a status
subresource. (gardener/gardener-resource-manager#44, @tim-ebert)gardener-resource-manager
now keeps the replicas and/or resource requirements of Deployments and StatefulSets if they are scaled horizontally and/or vertically by an HPA or HVPA respectively. (gardener/gardener-resource-manager#44, @tim-ebert)ResourcesApplied
condition of ManagedResource
s now includes all errors, that occurred while applying/deleting managed objects if there were any. (gardener/gardener-resource-manager#43, @tim-ebert)gardener-resource-manager
fail to apply all new objects, if there were conflicting changes on those objects, instead of retrying the update request. (gardener/gardener-resource-manager#42, @tim-ebert)gardener-resource-manager
now adds finalizers to Secrets referenced in ManagedResource
s to prevent Secrets from being deleted accidentally. (gardener/gardener-resource-manager#41, @tim-ebert)gardener-resource-manager
now makes use of a caching client for talking to the targeted API server, which reduces its network traffic. (gardener/gardener-resource-manager#40, @tim-ebert)gardener-resource-manager
handling for Jobs is now improved. (gardener/gardener-resource-manager#37, @ialidzhikov)ClusterIP
services and ExternalName
services. .spec.healthCheckNodePort
is only set if the service is of type LoadBalancer
with .spec.externalTrafficPolicy: Local
(gardener/gardener-resource-manager#35, @mvladev)gardener-resource-manager
handling for Jobs is now improved. (gardener/gardener-resource-manager@6e40fe5d7253ece0a562086254939f139f1719f1)--always-update
command line parameter (default: false
) allows to configure whether to always send a PUT
request for managed resources regardless of whether their desired state differs from their actual state. (gardener/gardener-resource-manager#70, @rfranzke)max
of value and percentage gaps, instead of min
(gardener/hvpa-controller#72, @ggaurav10)ConfigUnsupported
, ConfigDeprecated
or LowConfidence
set to true
(gardener/hvpa-controller#68, @ggaurav10)minChange
configuration while overriding scale up stabilisation. This ensures that full VPA recommendations are applied in case the target pods are OOMKilled or restarted due to livenessProbe failure, no matter what. (gardener/hvpa-controller#61, @amshuman-kr)ScalingLimited
. (gardener/hvpa-controller#57, @ggaurav10)gardener-apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.7.0
gardener-controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.7.0
gardener-scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.7.0
seed-admission-controller: eu.gcr.io/gardener-project/gardener/seed-admission-controller:v1.7.0
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.7.0
Published by gardener-robot-ci-1 over 4 years ago
gardener-apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.6.6
gardener-controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.6.6
gardener-scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.6.6
seed-admission-controller: eu.gcr.io/gardener-project/gardener/seed-admission-controller:v1.6.6
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.6.6
Published by gardener-robot-ci-3 over 4 years ago
gardener-apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.5.5
gardener-controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.5.5
gardener-scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.5.5
seed-admission-controller: eu.gcr.io/gardener-project/gardener/seed-admission-controller:v1.5.5
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.5.5
Published by gardener-robot-ci-1 over 4 years ago
gardener-apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.6.5
gardener-controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.6.5
gardener-scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.6.5
seed-admission-controller: eu.gcr.io/gardener-project/gardener/seed-admission-controller:v1.6.5
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.6.5
Published by gardener-robot-ci-3 over 4 years ago
gardener-resource-manager
handling for Jobs is now improved. (gardener/gardener-resource-manager@6e40fe5d7253ece0a562086254939f139f1719f1)gardener-apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.6.4
gardener-controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.6.4
gardener-scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.6.4
seed-admission-controller: eu.gcr.io/gardener-project/gardener/seed-admission-controller:v1.6.4
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.6.4
Published by gardener-robot-ci-1 over 4 years ago
retry
operation for shoots from working reliably in case of a reconciliation. (6d3b429ea50926bc737bdd5cd99d7a8a33b3c270)gardener-apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.6.3
gardener-controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.6.3
gardener-scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.6.3
seed-admission-controller: eu.gcr.io/gardener-project/gardener/seed-admission-controller:v1.6.3
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.6.3
Published by gardener-robot-ci-1 over 4 years ago
retry
operation for shoots from working reliably in case of a reconciliation. (a4322e3e49032bdd757ac1336ad462b92595b782)gardener-apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.5.4
gardener-controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.5.4
gardener-scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.5.4
seed-admission-controller: eu.gcr.io/gardener-project/gardener/seed-admission-controller:v1.5.4
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.5.4
Published by gardener-robot-ci-3 over 4 years ago
.spec.maintenance
settings are now correctly defaulted when a Shoot
is being created without any such configuration. (e70b7294a9bd574bf4cf7926c9a51b9eaaf7054c)EnsureCleanedUp
and WaitForCleanEnvironment
funcs are now exported via the Terraformer
interface. (7bb6e1c03c1f7a5f359bc8fcbf11028ede816aad)gardener-apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.6.2
gardener-controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.6.2
gardener-scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.6.2
seed-admission-controller: eu.gcr.io/gardener-project/gardener/seed-admission-controller:v1.6.2
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.6.2
Published by gardener-robot-ci-2 over 4 years ago
OperatingSystemConfig
CRD. Os-extensions depend on that information to generate CRI specific files and systemd.services. In an edge case that could also lead to the containerd.service to not be enabled. (#2421, @danielfoehrKn)EnsureCleanedUp
and WaitForCleanEnvironment
funcs are now exported via the Terraformer
interface. (c960b497333131630d0a7ee6e5408e6e0de0a37b)gardener-apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.5.3
gardener-controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.5.3
gardener-scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.5.3
seed-admission-controller: eu.gcr.io/gardener-project/gardener/seed-admission-controller:v1.5.3
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.5.3
Published by gardener-robot-ci-3 over 4 years ago
vpn-shoot
pod if no pod labeled with type=tunnel
is found. (#2448, @vpnachev)gardener-apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.6.1
gardener-controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.6.1
gardener-scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.6.1
seed-admission-controller: eu.gcr.io/gardener-project/gardener/seed-admission-controller:v1.6.1
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.6.1
Published by gardener-robot-ci-2 over 4 years ago
discovery
section has been removed completely from the GardenletConfiguration
, SchedulerConfiguration
, ControllerManagerConfiguration
and the respective charts in charts/gardener
as it is no longer needed. Please adapt your chart usages and/or component configurations accordingly. (#2415, @tim-ebert)1.16
. (#2370, @tim-ebert)pkg/client/kubernetes.ApplierInterface
interface has been renamed to Applier
. Please adapt your usages accordingly when revendoring. (#2417, @tim-ebert)ChartRenderer
and a ChartApplier
by using the respective functions of the ClientSet interface (pkg/client/kubernetes.Interface
). Please use the provided functions instead of constructing new ChartRenderer
s and ChartApplier
s wherever needed. (#2417, @tim-ebert)Shoot
resources do now support specifying tolerations for taints on seeds in the .spec.tolerations
field. Only tolerations that were whitelisted by the corresponding Project
's .spec.tolerations.whitelist
field, or by the global configuration (controlled by Gardener administrators) are allowed to be used. Please read more about it in this document. (#2384, @rfranzke)KonnectivityTunnel
feature gate (disabled by default). If enabled then the network connection between the shoot control plane in the seed and the shoot worker nodes will be established from shoot->seed for >= 1.18 shoot clusters (instead of seed->shoot like earlier). Furthermore, in this case the additional "vpn-shoot" load balancer in the shoot will no longer be needed. Please note that the feature is in alpha state and might be promoted in future Gardener releases. (#2251, @zanetworker)oscommon
library for OperatingSystemConfig
extension controllers was enhanced to allow providing additional values for the to-be-rendered template. These additional values can be computed out of the OperatingSystemConfig
resource, for example, out of the providerConfig
. (#2420, @rfranzke).spec.provider.workers[].machine.image.providerConfig
to the respective extension controller. (#2438, @rfranzke)KUBE_MAX_PD_VOLS
variable for the kube-scheduler using the .spec.kubernetes.kubeScheduler.kubeMaxPDVols
flag. Please find more information here. Note that using this field is considered alpha-/experimental-level and is on your own risk. You should be aware of all the side-effects and consequences when changing it. (#2413, @rfranzke)Shoot
resource now supports changing the failSwapOn
flag under the kubelet section, default is true
. (#2411, @saggir)kube-proxy
to fail starting up for clusters with .spec.kubernetes.allowPrivilegedContainers=false
. (#2395, @tim-ebert)shoot:node_operating_system:sum
(#2443, @wyb1)7.0.3
(#2428, @wyb1)OperatingSystemConfig
CRD. Os-extensions depend on that information to generate CRI specific files and systemd.services. In an edge case that could also lead to the containerd.service to not be enabled. (#2421, @danielfoehrKn)extensionsv1alpha1.BackupEntry
to be deleted is now fixed. (#2419, @ialidzhikov)1.6.0
and status-port
of ingress gateway is changed to 15021
. (#2418, @mvladev).spec.purpose: testing
). (#2402, @timuthy)ERR_CONFIGURATION_PROBLEM
error code. (#2398, @rfranzke)Shoot
resource. (#2397, @rfranzke)Service
s of type LoadBalancer
created in the seed clusters. These annotations will be injected into each of these Service
resources. They can be configured in the .spec.settings.loadBalancerServiceAnnotations
field in Seed
resources. Please consult this document for more information. (#2380, @rfranzke)v1.17.6
. (#2370, @tim-ebert)gardener-controller-manager
's validating webhooks by running hack/local-development/dev-setup-register-gardener --with-webhooks
. (#2363, @tim-ebert)v
. (gardener/dependency-watchdog#11, @ialidzhikov)gardener-apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.6.0
gardener-controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.6.0
gardener-scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.6.0
seed-admission-controller: eu.gcr.io/gardener-project/gardener/seed-admission-controller:v1.6.0
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.6.0
Published by gardener-robot-ci-3 over 4 years ago
.spec.purpose: testing
). (f7c2d264b0508ad9f74a7a8bc556fdaf278a1615)extensionsv1alpha1.BackupEntry
to be deleted is now fixed. (b2979647a6a1104feae07e0cd7aba17b1441344f)gardener-apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.5.2
gardener-controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.5.2
gardener-scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.5.2
seed-admission-controller: eu.gcr.io/gardener-project/gardener/seed-admission-controller:v1.5.2
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.5.2
Published by gardener-robot-ci-1 over 4 years ago
kube-proxy
to fail starting up for clusters with .spec.kubernetes.allowPrivilegedContainers=false
. (1f87b4414e934bad5004a44b21c3ef912b63260e)ERR_CONFIGURATION_PROBLEM
error code. (e0fc7d18da8873de6a2e1448d6acbdc44dc25f0e)Shoot
resource. (66c5c2824cda31a2b73603efdaaad6f8613e263f)gardener-apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.5.1
gardener-controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.5.1
gardener-scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.5.1
seed-admission-controller: eu.gcr.io/gardener-project/gardener/seed-admission-controller:v1.5.1
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.5.1
Published by gardener-robot-ci-1 over 4 years ago
1.12
. Please make sure this your garden cluster is of at least this version before upgrading Gardener. (#2151, @swilen-iwanow)extensions/pkg/controller/error.RequeueAfterError
need to make sure that the cause error is properly logged on their side. (#2351, @ialidzhikov)Network
and ContainerRuntime
CRDs have to implement the Restore and Migrate operations. (#2276, @swilen-iwanow)/healthz
and /metrics
endpoint. You should generate a server certificate for the gardenlet
, gardenlet.garden
, gardenlet.garden.svc
hosts. The bind address, port, and TLS certificate paths are configurable in its component config. Also, the gardenlet
Helm chart was enhanced with a liveness probe that targets the /healthz
endpoint. (#2309, @rfranzke)SecurityContextDeny
admission plugin is no longer allowed to be used for shoots as it conflicts with the PodSecurityPolicy
admission plugin which is enabled by default. (#2346, @rfranzke)ERR_INFRA_UNAUTHORIZED
or ERR_CONFIGURATION_PROBLEM
error codes are now automatically set to Failed
status. This means that they won't be retried automatically unless you annotate the Shoot
with gardener.cloud/operation=retry
. All other error codes will lead to automatic retries for at most 12h
before the shoot is set to Failed
. (#2333, @rfranzke)failurePolicy: Fail
and operation CREATE
, UPDATE
or *
for the following resources: (#2270, @mvladev)
apiservices
apiservices/status
certificatesigningrequests
certificatesigningrequests/approval
certificatesigningrequests/status
clusterrolebindings
clusterroles
configmaps
(only for kube-system
namespace)controllerrevisions
(only for kube-system
namespace)customresourcedefinitions
customresourcedefinitions/status
daemonsets
(only for kube-system
namespace)daemonsets/status
(only for kube-system
namespace)deployments
(only for kube-system
namespace)deployments/scale
(only for kube-system
namespace)endpoints
leases
namespaces
namespaces/finalize
namespaces/status
networkpolicies
(only for kube-system
namespace)nodes
nodes/status
pods
(only for kube-system
namespace and shoot.gardener.cloud/no-cleanup=true,orgin=gardener
labels)pods/status
(only for kube-system
namespace and shoot.gardener.cloud/no-cleanup=true,orgin=gardener
labels)podsecuritypolicies
priorityclasses
replicasets
(only for kube-system
namespace)replicasets/scale
(only for kube-system
namespace)replicasets/status
(only for kube-system
namespace)rolebindings
(only for kube-system
namespace)roles
(only for kube-system
namespace)secrets
(only for kube-system
namespace)serviceaccounts
(only for kube-system
namespace)services
services/status
retry
operation, a .spec
change, or a rollout of a new Gardenlet version re-triggers a reconciliation. (#2324, @timuthy)seed.gardener.cloud/disable-capacity-reservation
in favour of the new .spec.settings.excessCapacityReservation.enabled
field.seed.gardener.cloud/invisible
in favour of the new .spec.settings.scheduling.visible
field.seed.gardener.cloud/disable-dns
in favour of the new .spec.settings.shootDNS.enabled
field..controllers.seed.reserveExcessCapacity
setting in the component config of the Gardenlet has been removed in favour of the new settings field mentioned earlier.ControllerRegistration
object does now allow better control for deployment/deletion of extension controllers to seed clusters (policy, seed selector, ...). You might want to look into this document. (#2278, @rfranzke)ManagedIstio
to gardenlet. When enabled it deploys a customized installation of istio on Seed clusters. Disabling it once enabled does not remove any installed resources. (#2273, @mvladev)
istio-system
namespace and istio ingress gateway in istio-ingress
namespace. mTLS is enforced and Services
, VirtualServices
and DestinationRules
are not exported and advertised by default and therefore it must be explicitly enabled either via the networking.istio.io/exportTo: "*"
annotation or .exportTo: ["*"]
.ClusterRole
s of other projects when reconciling a Project
that doesn't have a member with the same extension role. (#2352, @rfranzke)Shoot
specification does now have a new .spec.seedSelector
field which allows to provide label selector. Only seeds whose labels match will be considered for scheduling decisions. (#2340, @rfranzke)Shoot
s by setting .spec.extensions[] = {type: <extension-type>, disabled: true}
. (#2278, @rfranzke)garden
namespace, potentially making it trying to schedule a shoot to such a seed (which will fail forever). (#2382, @rfranzke)ContainerRuntime
custom resources for multiple worker pools. (#2357, @danielfoehrKn)HVPA
feature gate is disabled was fixed. (#2345, @rfranzke).spec.regions[].labels
field in the CloudProfile
, e.g. to provide more information about reliability, access restrictions, etc. (#2340, @rfranzke)ShootState
and ControllerInstallationRequired
causing too many goroutines to be created. Also fixed a bug during worker creation to further reduce the amount of workers being created. (#2331, @danielfoehrKn)not-bootstrapped
to successfully bootstrapped
. (#2330, @danielfoehrKn)Shoot
with experimental.addons.shoot.gardener.cloud/kyma=enabled
. Be aware that we won't provide upgrades or customization, and that this addon is temporary and will be removed in a future version of Gardener again. Its purpose is to ease the Kyma installation and to show-case which features it provides. It is by no means a production-ready setup. Also, please note that, once enabled, the Kyma addon can never be disabled again. The only way to get rid of it is to delete the shoot cluster. You can check the status of the installation by using kubectl get installation/kyma-installation -o jsonpath="{'Status: '}{.status.state}{', description: '}{.status.description}"
. (#2326, @a-thaler)safe-to-evict
cluster-autoscaler annotation from etcd-events
pods. (#2317, @georgekuruvillak)kube-apiserver
deployment of shoots is now scheduled with anti-affinity and a pod disruption budget of 1
. (#2310, @rfranzke)shoot.gardener.cloud/status
label for newly created Shoots is now fixed. (#2308, @ialidzhikov)ClusterRole
s for the machine-controller-manager
was added to the extensions/pkg/controller/worker/genericactuator
package. (#2378, @rfranzke)Worker
actuator does now exit its reconciliation flows early if it detects an error during the machine reconciliation. This allows to faster propagate problems to the end-user. (#2348, @rfranzke)Progressing
status. This allows to provide more accurate status information and less false negative health reports. (#2289, @rfranzke)AfterTest
function to test cases to run a specific function when the test has finished. (#2283, @schrodit)gardener-apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.5.0
gardener-controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.5.0
gardener-scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.5.0
seed-admission-controller: eu.gcr.io/gardener-project/gardener/seed-admission-controller:v1.5.0
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.5.0
Published by gardener-robot-ci-1 over 4 years ago
ClusterRole
s of other projects when reconciling a Project
that doesn't have a member with the same extension role. (d9799ba074767f58e1d26642387e3cc4aaef9750)HVPA
feature gate is disabled was fixed. (6790d072c08b1db22d223f8854c3619c263c572b)gardener-apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.3.3
gardener-controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.3.3
gardener-scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.3.3
seed-admission-controller: eu.gcr.io/gardener-project/gardener/seed-admission-controller:v1.3.3
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.3.3
Published by gardener-robot-ci-3 over 4 years ago
ClusterRole
s of other projects when reconciling a Project
that doesn't have a member with the same extension role. (83acc93fedc5f35b6cd95ea879fa2d3b9a2fb6b2)ContainerRuntime
custom resources for multiple worker pools. (b9a920ab6256f68561837627c2cdfb823bd0160e)HVPA
feature gate is disabled was fixed. (654ee8e45e8c214cd3c5ea8e6ac8e5ba879de997)gardener-apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.4.2
gardener-controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.4.2
gardener-scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.4.2
seed-admission-controller: eu.gcr.io/gardener-project/gardener/seed-admission-controller:v1.4.2
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.4.2
Published by gardener-robot-ci-1 over 4 years ago
shoot.gardener.cloud/status
label for newly created Shoots is now fixed. (2bbb388c80080c85e551cfd13517ef24dccf3cff)gardener-apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.4.1
gardener-controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.4.1
gardener-scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.4.1
seed-admission-controller: eu.gcr.io/gardener-project/gardener/seed-admission-controller:v1.4.1
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.4.1
Published by gardener-robot-ci-3 over 4 years ago
gardener-apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.3.2
gardener-controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.3.2
gardener-scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.3.2
seed-admission-controller: eu.gcr.io/gardener-project/gardener/seed-admission-controller:v1.3.2
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.3.2
Published by gardener-robot-ci-2 over 4 years ago
ERR_INFRA_RESOURCES_DEPLETED
indicates that the underlying infrastructure does not have enough resources anymore, and ERR_CONFIGURATION_PROBLEM
indicates that the user has misconfigured something and should double-check the specification. (#2237, @rfranzke)Shoot
specification to the individual maintenance time window. You can set .spec.maintenance.confineSpecUpdateRollout=true
to achieve the desired behaviour. Please consult this document to get all information about it. (#2233, @rfranzke)preview
classification are excluded from auto-update functionality for Kubernetes and machine image versions. (#2108, @danielfoehrKn)etcd
and etcd-backup-restore
. If you want to overwrite these versions you must do it via the etcd-druid
. Please consult this document for more information. (#2262, @rfranzke)CloudProfile
which are still in use by shoot clusters. (#2106, @danielfoehrKn).status.lastError.codes[]
field instead of recomputing them. (#2248, @rfranzke).status.conditions[].codes
that help categorizing observed problems. (#2242, @rfranzke)v2.0.0
. (#2221, @rfranzke)Shoot
's .status.lastOperation.state
to be set to Error
although no actual reconciliation operation is executed for the Shoot
has been fixed. (#2217, @rfranzke).status.lastError.codes
. (#2212, @rfranzke)443
, allowing it to function properly in GKE clusters. (#2300, @rfranzke)coredns
and blackbox-exporter
deployments in the shoot have been slightly increased to prevent false negative API server availability reports. (#2286, @rfranzke)ShootState
synchronization controller does now properly respect ContainerRuntime
resources. (#2259, @rfranzke)metadata.generateName
are fixed. Shoot name length limit restriction is applied on generateName
with random suffix length fixed to 5 as in the kubernetes. Default DNS name is generated using same name generator for shoot. ⚠️ But it will differ from generated shoot name. (#2236, @swapnilgm)podAntiAffinity
of the fluentd
statefulset deployed in the seed clusters is now a soft requirement. (#2213, @Kristian-ZH)terminationGracePeriodSeconds
setting for the Prometheus instance in shoot control planes has been lowered from 300
to 60
. (#2199, @wyb1)ShootNotFailed
predicate in the extensions library does now work as expected. (#2265, @rfranzke)extensionsv1alpha1.Last{Operation,Error}
interfaces were removed - the respective GetLast{Operation,Error}()
functions do now return the objects directly instead of the old interfaces. (#2244, @rfranzke)1.14.2
. (#2234, @rfranzke)CSIMigration<Provider>Complete
feature gate to be set to early. (#2223, @rfranzke).status.lastError.codes
. Gardener will pick them up and merge them into the shoot conditions. (#2212, @rfranzke)containerd
test is now skipped for worker pools that are not using the ubuntu
operating system. (#2201, @ialidzhikov)etcdbr_snapstore_latest_deltas_total
and etcdbr_snapstore_latest_deltas_revisions_total
to provide information about the delta snapshots since the latest full snapshot in the snapstore. (gardener/etcd-backup-restore#211, @shreyas-s-rao)v
. (gardener/etcd-backup-restore#210, @ialidzhikov)ownerReferences
set to another top-level controller . (gardener/etcd-druid#48, @georgekuruvillak)priorityClassName
to specify the priority of etcd pods. (gardener/etcd-druid#36, @georgekuruvillak)gardener-apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.4.0
gardener-controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.4.0
gardener-scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.4.0
seed-admission-controller: eu.gcr.io/gardener-project/gardener/seed-admission-controller:v1.4.0
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.4.0
Published by gardener-robot-ci-1 over 4 years ago
terminationGracePeriodSeconds
setting for the Prometheus instance in shoot control planes has been lowered from 300
to 60
. (8782a64e664c40aed98549509a18a2ecf35debd3)CSIMigration<Provider>Complete
feature gate to be set to early. (6c9e30471ac3c8d21f3e53a8ae25b4ad545d33a2)containerd
test is now skipped for worker pools that are not using the ubuntu
operating system. (4eacfa14c6f821fb4ab71ef3d563358bd5afe8df)gardener-apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.3.1
gardener-controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.3.1
gardener-scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.3.1
seed-admission-controller: eu.gcr.io/gardener-project/gardener/seed-admission-controller:v1.3.1
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.3.1