[etcd-backup-restore]

Most notable changes

• [USER] Now, snapshot upload happens in chunk. One can configure the number of parallel chunk uploads by setting command line argument max-parallel-chunk-uploads. Default is set to 5. (gardener/etcd-backup-restore#68, @swapnilgm)
• [OPERATOR] Dynamic profiling support is added. Now we expose the debug/pprof/* endpoint to dynamically profile cpu, heap consumption. To enable profiling one has to explicitly set enable-profiling on server sub-command. (gardener/etcd-backup-restore#60, @swapnilgm)

Improvements

• [OPERATOR] Updated the azure sdk as per the recommendation in doc to use package github.com/Azure/azure-storage-blob-go as azure storage SDK, (gardener/etcd-backup-restore#76, @swapnilgm)
• [OPERATOR] Added mock test for Openstack Swift snapstore. (gardener/etcd-backup-restore#75, @swapnilgm)
• [OPERATOR] At the time of restoration, the etcd data directory will be restored to temporary directory with suffix .part i.e.<path-to-etcd-data-dir>.part. On successful restoration we will replace actual etcd data directory with this. This brings standard and more cleaner approach to restoration. (gardener/etcd-backup-restore#58, @georgekuruvillak)
• [OPERATOR] Restoration time optimised by parallelising the fetching of delta snapshots. Added the --max-fetchers flag to the etcdbrctl command to specify the maximum number of fetcher threads that are allowed to run in parallel. (gardener/etcd-backup-restore#57, @shreyas-s-rao)
• [OPERATOR] Etcd-backup-restore utility when started in server mode will start defragmenting etcd member data directory periodically, so that db size will be under control. You can set defragmentation period in number of hours by setting defragmentation-period-in-hours flag on etcdbrctl server command. (gardener/etcd-backup-restore#55, @swapnilgm)
• [OPERATOR] Snapshot are now uploaded in chunks, considering only erroneous chunk upload in case of failure. (gardener/etcd-backup-restore#53, @swapnilgm)

[gardener]

Action Required

• [OPERATOR] ⚠️ The migration steps for the etcd data directory have been removed. Upgrading from Gardener versions prior to 0.13.0 is not supported. (#587, @swapnilgm)

Most notable changes

• [USER] The resource limits for kube-proxy, calico, etcd and nginx-ingress have been increased. Also, the eviction thresholds for available memory on the nodes is now optimized for the used machine type. (#592, @ggaurav10)
• [OPERATOR] The etcd as well as its backup/restore configuration has been updated - rolling out this change results in restarts of the etcd pods. (#587, @swapnilgm)
• [OPERATOR] Gardener does now validate the uniqueness of the machine-/volume type names within CloudProfile resources. (281ed3cce7efebfbca8bf708f60abd5ec3a40548)

Improvements

• [USER] Docker image version updates: (#630, @rfranzke)
  • k8s.gcr.io/kube-addon-manager: v8.7 -> v8.8
  • quay.io/prometheus/alertmanager: v0.15.2 -> v0.15.3
  • quay.io/prometheus/node-exporter: v0.16.0 -> v0.17.0
  • grafana/grafana: 5.3.0 -> 5.4.2
  • quay.io/prometheus/blackbox-exporter: v0.12.0 -> v0.13.0
  • quay.io/calico/node: v3.2.3 -> v3.4.0
  • quay.io/calico/cni: v3.2.3 -> v3.4.0
  • quay.io/calico/typha: v3.2.3 -> v3.4.0
  • coredns/coredns: 1.2.2 -> 1.3.0
  • quay.io/kubernetes-ingress-controller/nginx-ingress-controller: 0.20.0 -> 0.21.0
• [USER] An issue hosting GCP shoots on a different region than the seed has been fixed. (#615, @adracus)
• [USER] The version of the Kubernetes dashboard has been upgraded to 1.10.1. (b4eb1295468dbb47342f4484fdef4f098a1aa05b)
• [OPERATOR] The golang version has been upgraded to v1.11.4. (#608, @ialidzhikov)
• [OPERATOR] Several improvements to the EFK logging stack: (#602, @ialidzhikov)
  • Increase the initialDelaySeconds of fluentd's livenessProbe to 4m.
  • Increase the minimum required free disk space of the central ElasticSearch (in garden namespace).
  • Update the ElasticSearch and Kibana versions from 6.2.4 to 6.5.4.
• [OPERATOR] The shoot's namespace in the seed cluster will now be annotated with all annotations of the shoot resource prefixed with custom.shoot.sapcloud.io/. The namespace is also annotated with shoot.garden.sapcloud.io/uid=<value>. This can be used by controllers running in the seed to extract more information about the shoot. (#600, @vpnachev)
• [OPERATOR] Fixes a resource issue for Gardener's certificate management for clusters having many Ingresses and Secrets. (#599, @timuthy)
• [OPERATOR] Gardener does now only reconcile BackupInfrastructures resources if the current status is Reconcile (Succeeded) and if the last reconciliation happened more than the configured syncPeriod ago. (#594, @timuthy)
  • Instant reconciliation can be triggered by annotating the BackupInfrastructure resource with backupinfrastructure.garden.sapcloud.io/operation=reconcile.
• [OPERATOR] The Gardener API server does now serve its correct version on its /version endpoint. (d74c63a5ff4480a1e565853877037ec9bd55a7cb)

Docker Images

gardener-apiserver: eu.gcr.io/gardener-project/gardener/apiserver:0.15.0
gardener-controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:0.15.0

[gardener]

Improvements

• [USER] The version of the Kubernetes dashboard has been upgraded to 1.10.1. (f7a284c1530aae78a09e0f997bac3fde0c1c59f3)

Docker Images

gardener-apiserver: eu.gcr.io/gardener-project/gardener/apiserver:0.14.3
gardener-controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:0.14.3

[gardener]

Improvements

• [USER] An issue hosting GCP shoots on a different region than the seed has been fixed. (2f5bb18d35c5624c496b911c5cb85cb1723209dd)
• [OPERATOR] The Gardener API server does now serve its correct version on its /version endpoint. (9c95d7d9c7381acfb4f50c375223311ab868441c)
• [OPERATOR] Gardener does now only reconcile BackupInfrastructures resources if the current status is Reconcile (Succeeded) and if the last reconciliation happened more than the configured syncPeriod ago. (bb6ccb141fc8b05dc09688500ac1e1af89cee7b3)
  • Instant reconciliation can be triggered by annotating the BackupInfrastructure resource with backupinfrastructure.garden.sapcloud.io/operation=reconcile.
• [OPERATOR] The seeds' Prometheus' memory requests have been increased. (a91543ac4ea531c2655ad89fed186ed8cd1da947)

Docker Images

gardener-apiserver: eu.gcr.io/gardener-project/gardener/apiserver:0.14.2
gardener-controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:0.14.2

[gardener]

Improvements

• [OPERATOR] Fixes a resource issue for Gardener's certificate management for clusters having many Ingresses and Secrets. (#601, @timuthy)

Docker Images

gardener-apiserver: eu.gcr.io/gardener-project/gardener/apiserver:0.14.1
gardener-controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:0.14.1

[aws-lb-readvertiser]

Improvements

• [OPERATOR] An issue causing the aws-lb-readvertiser to panic in case the .subsets field of the Endpoint object is empty has been fixed. (gardener/aws-lb-readvertiser#11, @zanetworker)

[etcd-backup-restore]

Improvements

• [USER] Fixed the issue where in case of failed delta snapshot, data directory was marked as valid even thought there is data loss due to further delta snapshots in queue which weren't getting applied. (gardener/etcd-backup-restore#58, @georgekuruvillak)

[gardener]

Action Required

• [OPERATOR] The Gardener Helm chart has been split into two different subcharts (runtime and application). This change required that all chart values that previously were on top-level have now moved under the .global key. However, the structure/types of all existing keys has not changed. Please check the values.yaml. (#589, @rfranzke)
• [OPERATOR] ⚠️ Strict Seed and Shoot CIDR verification rules are now enabled. (#567, @mvladev)
  • Shoot or Seed resource created previously with invalid configurations MUST be deleted, before updating to this version. Failing to do so, will cause ANY modification to said resources (including attempted deletion) to be rejected by the apiserver.
• [OPERATOR] ⚠️ If you had enabled the Logging feature gate previously then please delete the persistent volumes related to the central ElasticSearch cluster before before upgrading Gardener: kubectl -n garden delete sts elasticsearch-logging (#530, @vlvasilev)

Most notable changes

• [USER] ⚠️ An issue with orphaned containers being created during the node's cloud config syncs has been fixed. Deploying this change requires a rolling update of all worker nodes of all shoot clusters. (#568, @adracus)
• [USER] The Kubernetes dashboard does no longer have cluster-admin privileges, i.e., users need now to login with the basic authentication credentials before the dashboard can be used. These credentials can be found in the provided shoot kubeconfig. By default (i.e., without being logged in), the dashboard only has minimal privileges to run properly. (#555, @rfranzke)
• [USER] The shoot conditions (representing the results of some health checks) do now have a new status Progressing (beside True, False, Unknown). If a health check fails then it first goes to Progressing state. Only if this state remains for a configured threshold time it switches to False. This is to compensate expected and normal oscillations in all the involved dynamic systems. (#552, @afritzler)
• [USER] The shoot's secret binding reference field (.spec.cloud.secretBindingRef) is now immutable. Rotating the cloud provider credentials is still possible by modifying the referenced secret's data. (#539, @adracus)
• [USER] AWS shoot clusters can now use network load balancers out of the box. This requires to allow TCP/UDP traffic to the ports 30000-32767 in the worker subnet from all client IPs. As the worker subnet is private and not accessible from the outside without proper routes (by default) this is not of any concern. In case you have created additional routes to the worker subnet please double check which subnets might now have access. (#532, @rfranzke)
• [USER] The infrastructure and kube2iam jobs are now only executed during shoot creation and within maintenance time window. This is to reduce the number of cloud API calls for the respective infrastructure providers. In order to perform an on-demand maintenance operation out of the time window annotate the shoot with shoot.garden.sapcloud.io/operation=maintain. (#528, @timuthy)
• [USER] Gardener can now issue valid certificates for Ingresses specifying having a default domains and those labelled with garden.sapcloud.io/purpose=managed-cert. (#509, @timuthy)
• [USER] Shoots can now be automatically hibernated by defining schedules in a Shoot's .spec.hibernation.schedules field. Multiple schedules can be defined, allowing the shoot to be hibernated and woken up multiple times across a day. The schedules need to be described as cron schedule expressions (example). (#507, @adracus)
• [USER] The shoot status conditions have been enriched by a new one indicating the availability of the shoot's API server (type=APIServerAvailable). We plan to add another new condition showing pending/firing alerts will be added as well in the future. (#497, @dkistner)
• [OPERATOR] A new AlertManager instance is now deployed in every seed cluster. This AlertManager uses the default SMTP configuration. Prometheus in shoot clusters does now multicast alerts to the seed's AlertManager and the shoot's AlertManager. Shoot's AlertManagers now only send emails to shoot clusters annotated with garden.sapcloud.io/[email protected]. (#527, @mvladev)
• [OPERATOR] Users can now trigger an on-demand shoot reconciliation without the necessity of changing the shoot specification by annotating the shoot with shoot.garden.sapcloud.io/operation=reconcile. (#524, @rfranzke)
• [OPERATOR] The Gardener Helm chart does now contain a new aggregated ClusterRole garden.sapcloud.io:system:administrators containing all privileges required by a garden administrator. Operators are asked to bind this ClusterRole themselves to users that should have these permissions. (#518, @rfranzke)
• [OPERATOR] Gardener can now manage Ingress resources requesting a certificate for Gardener's default domains. This can be enabled by enabling the CertificateManagement feature gate in the ControllerManagementConfiguration. Please make sure that the required configuration is placed in the garden namespace of the garden cluster (please find here an example configuration). (#509, @timuthy)

Improvements

• [USER] Gardener adds a new shoot.garden.sapcloud.io/status label to shoots to indicate the health status of the shoot and to allow filtering. There are three possible values: healthy, progressing, unhealthy. See also: https://github.com/gardener/gardener/pull/552 (#564, @adracus)
  • The old label shoot.garden.sapcloud.io/unhealthy is deprecated and will be removed in the future.
• [USER] The CoreDNS logs do now only contain denial (either NXDOMAIN or NODATA (name exists, type does not)) or error (SERVFAIL, NOTIMP, REFUSED, etc. - anything that indicates the remote server is not willing to resolve the request)` messages. (#561, @vlvasilev)
• [USER] An IP cache was added to the kubelet monitoring script deployed to each shoot worker node. It should prevent unnecessary restarts of the kubelet in case it loses the VM's internal IP address. (#558, @timuthy)
• [USER] Gardener does no longer create a ClusterRoleBinding that allows every node to read every secret, pod, etc. Instead, due to the "node authorizer" plugin, every node is restricted to only read those secrets/pods/... that are assigned or related to its node. (#549, @rfranzke)
• [USER] The kubelet does now reserve 80m CPU on every shoot worker node for itself. (#548, @rfranzke)
• [USER] Either the start or end field in a shoot's hibernation schedule can now be omitted (although at least one of both needs to be specified). This allows to have schedules that only hibernate or only wake up a shoot. (#543, @adracus)
• [USER] Gardener does now correctly react on DELETECOLLECTION requests for shoots and projects. This fixes issues with deleting namespaces in clusters which had registered the Garden APIService. (#537, @rfranzke)
• [USER] The shoot access credentials are now only synced to the project namespace in the Garden cluster if the shoot's kube-apiserver as well as the kube-controller-manager/cloud-controller-manager were successfully deployed. (#536, @rfranzke)
• [USER] The resource limits and requests for the system pods have been lowered. The mid-/long-term goal is to have vertical autoscaling in place. (#529, @rfranzke)
• [USER] Fixed an issue with the control plane health check which caused not checking monitoring/logging components in case the shoot's API server was not reachable. (#501, @adracus)
• [USER] The kubelet's client QPS/burst values have been increased in order to allow the kubelet to faster react on many pod creations at the same time. (0922ecdfa686666d2cb30079274c862cde17251f)
• [USER] The kubelet's client QPS/burst values have been increased in order to allow the kubelet to faster react on many pod creations at the same time. (f229ff5862a535ae6fdb055975f9613638270e1c)
• [USER] Fixed an issue in the kubelet health script deployed to every worker node that might cause unwanted kubelet restarts in case the corresponding Node object could not be found. (cc568fb49f0cc0b8ea60ee95f9977356e051fee1)
• [USER] An issue leading to invalid configuration for the kube-apiserver exposure for cross-cloud shoots has been fixed. (e146c72eea2d9fd08b3885dfff6a9cd54199bc06)
• [USER] The cloud-config-downloader script running on all shoot worker nodes does now only pre-pull Docker images if they are not yet already present. (454a2a29125aeb79796344b0a7306d611480382b)
• [OPERATOR] fix enabling pod priority feature for 1.10 clusters by re-positioning the helm chart check to the right place. (#562, @zanetworker)
• [OPERATOR] The network policies isolating the shoot's kube-apiserver have been refined and do now restrict even more connection that are not needed/desired. (#559, @rfranzke)
• [OPERATOR] Gardener does now correctly clean up all logging stack related artefacts it created in case the Logging feature gate has been disabled. (#556, @rfranzke)
• [OPERATOR] Gardener does now generate a default domain name for newly created shoots that do not specify .spec.dns.domain but set .spec.dns.provider!=unmanaged. The domain will have the following scheme: <shootName>.<projectName>.<managed-domain>. This does only work if default domains were registered in the system beforehand. (#547, @timuthy)
• [OPERATOR] Terraform DNS validation is now executed only when necessary in order to reduce API calls to the cloud APIs. (#534, @zanetworker)
• [OPERATOR] The shoot care controller does now correctly check the health of the logging control plane components. (#531, @vlvasilev)
• [OPERATOR] The request timeout for the OpenStack Kubernetes cloud provider config is now configurable via the CloudProfile's .spec.openstack.requestTimeout field. (#526, @afritzler)
• [OPERATOR] A new Grafana dashboard showing DaemonSets and StatefulSets has been added. (#523, @dkistner)
• [OPERATOR] The Grafana pod dashboard does now show resource requests and limits. (#521, @dkistner)
• [OPERATOR] A new Grafana dashboard for the etcd clusters has been added. (#520, @dkistner)
• [OPERATOR] The shoot's AlertManager does now contain alerts for persistent volumes whose capacity is filled up entirely. (#517, @dkistner)
• [OPERATOR] The Terraform error code mapping has been extended. (0e7780ae3ed363ae282511362297e26f6730c33f)

[ingress-default-backend]

Improvements

• [OPERATOR] The alpine version of the Docker base image has been upgraded vom 3.7 to 3.8. (gardener/ingress-default-backend@0ffdef9c14999028a488b5a708204f1a613a2825)

[terraformer]

Improvements

• [USER] The alicloud Terraform provider plugin has been upgraded from 1.10.0 to 1.22.0. (gardener/terraformer#15, @jia-jerry)
• [OPERATOR] The alpine version of the Docker base image has been upgraded vom 3.7 to 3.8. (gardener/terraformer@c6fd9284e342fde12ed8a9793d36b05f17f97b7b)

Docker Images

gardener-apiserver: eu.gcr.io/gardener-project/gardener/apiserver:0.14.0
gardener-controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:0.14.0

[gardener]

Most notable changes

• [USER] ⚠️ An issue with orphaned containers being created during the node's cloud config syncs has been fixed. Deploying this change requires a rolling update of all worker nodes of all shoot clusters. (4f9e3f39b94d985c40b22b55221535e0c0ee773e)

Improvements

• [USER] The kubelet's client QPS/burst values have been increased in order to allow the kubelet to faster react on many pod creations at the same time. (ef952d5852554de171f43f1b353d44ba18e25d41)
• [USER] Gardener does no longer create a ClusterRoleBinding that allows every node to read every secret, pod, etc. Instead, due to the "node authorizer" plugin, every node is restricted to only read those secrets/pods/... that are assigned or related to its node. (9a51d5940949836cad37248cd864bd347e27beb8)
• [USER] An IP cache was added to the kubelet monitoring script deployed to each shoot worker node. It should prevent unnecessary restarts of the kubelet in case it loses the VM's internal IP address. (07e3e6fb5b131287fd228e1411a7c04c7957ac0a)
• [OPERATOR] fix enabling pod priority feature for 1.10 clusters by re-positioning the helm chart check to the right place. (66c1f976b23996a9e22e16735b83063cf8615593)
• [OPERATOR] The network policies isolating the shoot's kube-apiserver have been refined and do now restrict even more connection that are not needed/desired. (06776a63326cba9125fea5ef13c181b4f646e5c8)
• [OPERATOR] Gardener does now correctly clean up all logging stack related artefacts it created in case the Logging feature gate has been disabled. (595a05c51e5801c6fd565b4e6a44ec798ce9694f)

Docker Images

gardener-apiserver: eu.gcr.io/gardener-project/gardener/apiserver:0.13.5
gardener-controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:0.13.5

[gardener]

Most notable changes

• [USER] The infrastructure and kube2iam jobs are now only executed during shoot creation and within maintenance time window. This is to reduce the number of cloud API calls for the respective infrastructure providers. In order to perform an on-demand maintenance operation out of the time window annotate the shoot with shoot.garden.sapcloud.io/operation=maintain. (56019d79f7a3af92bdafb4777bf32fbc12a1409c)
• [OPERATOR] Users can now trigger an on-demand shoot reconciliation without the necessity of changing the shoot specification by annotating the shoot with shoot.garden.sapcloud.io/operation=reconcile. (a9dc08cfbb80f9e014e39d577d21049dca62b6cc)

Improvements

• [OPERATOR] Terraform DNS validation is now executed only when necessary in order to reduce API calls to the cloud APIs. (70a15845f27e6effd38056c4c2ec5c79637541a9)

Docker Images

gardener-apiserver: eu.gcr.io/gardener-project/gardener/apiserver:0.13.4
gardener-controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:0.13.4

[gardener]

Improvements

• [USER] Gardener does now correctly react on DELETECOLLECTION requests for shoots and projects. This fixes issues with deleting namespaces in clusters which had registered the Garden APIService. (9a9b3448bd50aac69d47359a380ed5996346ef2f)
• [USER] The kubelet's client QPS/burst values have been increased in order to allow the kubelet to faster react on many pod creations at the same time. (05b3a84635e5b69c621ee72f5b172f911b1d2840)
• [USER] Fixed an issue in the kubelet health script deployed to every worker node that might cause unwanted kubelet restarts in case the corresponding Node object could not be found. (8b7917485300b5ba0bb3d3166ea983f005f8babb)

Docker Images

gardener-apiserver: eu.gcr.io/gardener-project/gardener/apiserver:0.13.3
gardener-controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:0.13.3

[aws-lb-readvertiser]

Improvements

• [OPERATOR] An issue causing the aws-lb-readvertiser to panic in case the .subsets field of the Endpoint object is empty has been fixed. (gardener/aws-lb-readvertiser#11, @zanetworker)

[etcd-backup-restore]

Improvements

• [USER] Fixed the issue where in case of failed delta snapshot, data directory was marked as valid even thought there is data loss due to further delta snapshots in queue which weren't getting applied. (gardener/etcd-backup-restore#58, @georgekuruvillak)

[gardener]

Most notable changes

• [OPERATOR] The Gardener Helm chart does now contain a new aggregated ClusterRole garden.sapcloud.io:system:administrators containing all privileges required by a garden administrator. Operators are asked to bind this ClusterRole themselves to users that should have these permissions. (34be67c917d53da14a83991ed85f3950444cb4e2)

Improvements

• [OPERATOR] The shoot care controller does now correctly check the health of the logging control plane components. (babde62dde96e4bca34ee195e645ce15aec22422)

[ingress-default-backend]

Improvements

• [OPERATOR] The alpine version of the Docker base image has been upgraded vom 3.7 to 3.8. (gardener/ingress-default-backend@0ffdef9c14999028a488b5a708204f1a613a2825)

Docker Images

gardener-apiserver: eu.gcr.io/gardener-project/gardener/apiserver:0.13.2
gardener-controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:0.13.2

[gardener]

Improvements

• [USER] Fixed an issue with the control plane health check which caused not checking monitoring/logging components in case the shoot's API server was not reachable. (21f1ea060f65d5a2b7c58e556639a39f1654ffdd)
• [USER] An issue leading to invalid configuration for the kube-apiserver exposure for cross-cloud shoots has been fixed. (0b0b1a29f1dcede794f8a077c3f0edba9fbee7aa)
• [USER] The cloud-config-downloader script running on all shoot worker nodes does now only pre-pull Docker images if they are not yet already present. (93e06eb617d213f9e401894fd2572e29e38d4f51)

Docker Images

gardener-apiserver: eu.gcr.io/gardener-project/gardener/apiserver:0.13.1
gardener-controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:0.13.1

[aws-lb-readvertiser]

Most notable changes

• [USER] The AWS LB readvertiser has been completely refactored and does now no longer change the deployment manifest of the kube-apiserver. Instead, it changes the default/kubernetes endpoint and keeps it up-to-date. This requires users to deploy their kube-apiserver with --endpoint-reconciler-type=none. Moreover, the AWS LB readvertiser needs a kubeconfig having privileges to talk to the kube-apiserver. Please consider the latest example manifest for instructions how to deploy the AWS LB readvertiser. (gardener/aws-lb-readvertiser#10, @zanetworker)

[gardener]

Action Required

• [USER] By default kube-apiserver of the shoot clusters will no longer produce audit events. To enable auditing, please provide a custom audit policy. (#495, @vpnachev)
• [USER] ⚠️ The deprecated option to trigger shoot cluster hibernation is no longer possible (setting autoScalerMin=autoScalerMax=0 for all worker pools). The only way to hibernate a shoot cluster is setting .spec.hibernation.enabled=true as of now. Please adapt your scripts and change all existing shoot cluster specification accordingly before upgrading Gardener. (#471, @rfranzke)
• [OPERATOR] ⚠️ The migration logic for automatically creating Project resource out of properly labelled Namespaces has been removed. Upgrading from a Gardener version prior 0.11.0 is not supported. Also, this Gardener version is not compatible with Gardener Dashboard versions prior 1.23.0. (#480, @rfranzke)
• [OPERATOR] ⚠️ In-code overriding of HPA config for shooted seeds has been removed. This affects the defaulting of downscaleDelay to 24h and tolerance to 0.2 for seeds. These flags must now be specified in the Shoot specifications of the individual seeds. (#399, @amshuman-kr)

Most notable changes

• [USER] Gardener does now prevent concurrent reconciliations of seeds and shoots. As a result it may take a while until a shoot gets reconciled if its seed is processing. (#486, @rfranzke)
• [USER] Gardener does now support Shoot clusters with Kubernetes version 1.12 (beginning with 1.12.1; further details). You should consider the Kubernetes release notes before upgrading to 1.12. (#474, @rfranzke)
• [USER] ⚠️ All addons other than kubernetes-dashboard and nginx-ingress are now deprecated. The cluster-autoscaler addon is automatically enabled if at least one worker pool specifies max>min. Please find more individual recommendations/explanations in the example shoot resource. (#471, @rfranzke)
• [USER] Shoot conditions are now retained during reconciliation and deletion operations. The checks are being conducted during the initial creation of shoots as well. The condition checks themselves now also check more thoroughly on the existence of specific Kubernetes objects (Deployments, DaemonSets, StatefulSets) in both the seed and the shoot. (#457, @Adracus)
• [USER] A bug in the CoreDNS configuration that prevented reverse DNS lookups has been resolved. (#452, @zanetworker)
• [USER] Docker images updates (#451, @rfranzke)
  • quay.io/coreos/etcd: v3.3.9 -> v3.3.10
  • quay.io/prometheus/alertmanager: v0.15.1 -> v0.15.2
  • quay.io/prometheus/prometheus: v2.3.2 -> v2.4.3
  • quay.io/coreos/kube-state-metrics: v1.3.1 -> v1.4.0
  • grafana/grafana: 5.2.2 -> 5.3.0
  • quay.io/calico/node: v3.2.1 -> v3.2.3
  • quay.io/calico/cni: v3.2.1 -> v3.2.3
  • quay.io/calico/typha: v3.2.1 -> v3.2.3
  • k8s.gcr.io/kubernetes-dashboard-amd64: v1.8.3 -> v1.10.0
  • jtblin/kube2iam: 0.10.1 -> 0.10.4
  • quay.io/kubernetes-ingress-controller/nginx-ingress-controller: 0.17.1 -> 0.20.0
• [USER] The kube-apiservers do now get higher CPU/memory limits to avoid frequent and unneeded up-/down-scaling. (#445, @ggaurav10)
• [USER] The incremental snapshot period for etcd has been reduced from 10s to 5m to reduce load on the backing blob storages. (#443, @georgekuruvillak)
• [USER] ⚠️ Kubelet version updates are now smoother as the new hyperkube image will be preloaded in advance. Rolling out this change will result in a rolling update of all worker nodes. (#429, @Adracus)
• [USER] The list of TLS cipher suites supported by the Kubernetes control plane has been limited to TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA. (#428, @rfranzke)
• [USER] Gardener does now schedule the etcd and kube-apiserver pods of the Shoot control planes with priority in the Seeds. Rolling out this change will result in rescheduling all existing etcd and kube-apiserver pods. (#422, @rfranzke)
• [USER] Gardener has now DNS supported for Alicloud. Please consider the example resource manifests if you want to use it. (#393, @jia-jerry)
• [USER] Users can now define custom audit policies for the kube-apiserver of their shoot clusters. Please find a detailed guide how to use this feature here. (#331, @vpnachev)
• [USER] The PodSecurityPolicy admission plugin is now enabled by default for all shoots. Cluster administrators seeking to increase the security of their clusters can enable stricter rules by setting spec.kubernetes.allowPrivilegedContainers to false in the Shoot resource: kubectl patch shoot my-shoot -p '{"spec":{"kubernetes":{"allowPrivilegedContainers":false}}}' (#226, @mvladev)
• [OPERATOR] An issue has been fixed that allowed the creation of trial clusters above the project quota. (#483, @mliepold)
• [OPERATOR] The Project resource has been changed to support management of project members (by setting .spec.members, please take a look at the example Project resource). (#480, @rfranzke)
• [OPERATOR] Gardener does now have better support for multiple seed clusters in the same cloud and region. Previously, Gardener assigned shoots to the first matching seed (if there were multiple). Now Gardener identifies all candidate seed clusters in a first step, and then assigns shoots to the best out of those in a second step. (#469, @rfranzke)
• [OPERATOR] The HPA tolerance flag has been changed to 0.2 for the shooted Seed clusters to provide wider bandwidth to the HPA (effect of load, fluctuating around the threshold, can be smoothened). (#445, @ggaurav10)
• [OPERATOR] All of the Grafana dashboards for every Shoot are revamped and consolidated. (#420, @mvladev)
• [OPERATOR] The Prometheus instance responsible for Shoots does now ingest only a subset of samples per scrape target. (#410, @mvladev)
• [OPERATOR] The Gardener controller manager does now provide a new alpha feature that can be enabled via the Logging feature gate called (disabled by default). If enabled, Gardener will deploy one logging stack for every seed cluster and one per shoot control plane. The seed cluster's garden namespace will get a separate ElasticSearch + Kibana instance serving the logs of all the seed's pods running not running in shoot namespaces. The dedicated shoot logging stack covers the logs of the shoot's control plane. Application logs are of no concern, the logging stack is meant to be used by Gardener operators (similar to the dedicated shoot monitoring stacks). (#176, @vlpanov)

Improvements

• [USER] The Shoot Quota objects can now be fetched by kubectl get squota to avoid conflicts with Kubernetes' core/v1/ResourceQuota resources. (#468, @rfranzke)
• [USER] An issue has been fixed causing that no more trial clusters could be created although the quota was not exceeded. (#463, @mliepold)
• [USER] Gardener does now validate that the specified domain for a Shoot is unique across the Garden cluster. (#417, @rfranzke)
• [USER] When deleting a shoot then Gardener does only wait for the controllers to be active if both deployments for kube-controller-manager and cloud-controller-manager exist. (#415, @rfranzke)
• [USER] Command-line parameters of kube-controller-manager related to the horizontal pod autoscaler settings are now configurable in the Shoot specification. (#399, @amshuman-kr)
• [USER] The check whether machines are ready during the shoot reconciliation flow has been improved. (61fd991eae9d54a86fd91fce76ad8707d31ad145)
• [USER] Shoots that have been marked as "to-be-ignored" are no longer allowed to be deleted. The shoot.garden.sapcloud.io/ignore annotation needs to be removed first. (e56134333d0f7fb09849b798eabe5b5798a43cfb)
• [USER] Load balancer and security groups are now correctly deleted before destroying the remaining infrastructure for AWS Shoots. (46de177975207361c880a62325f4274577105a74)
• [OPERATOR] Calico now starts only one container. CNI installation happens via an init container. (#498, @mvladev)
• [OPERATOR] The shoot's Prometheus does now scale vertically based on the node count. (#493, @mvladev)
• [OPERATOR] A new usable field has been added to machineTypes and volumeTypes in CloudProfiles (defaults to true). With this flag it is possible to prevent that any shoot uses a non-usable machine or volume type. Existing shoots may continue to use a non-usable type, but no other shoot can be updated or created with it. (#488, @mliepold)
• [OPERATOR] The version of golang has been upgraded to v1.11.1. (#487, @rfranzke)
• [OPERATOR] The repeat-send interval for the alertmanager has been increased to 12h (this will help to reduce the amount of alerts being send). (#485, @mvladev)
• [OPERATOR] Grafana dashboards now use only container_memory_working_set_bytes to for memory calculations/display. (#482, @mvladev)
  • Alerts are only fired for components which are deployed and running.
• [OPERATOR] When a shoot cluster is hibernated most of the control plane components are now scaled down to zero, effectively reducing costs. (#477, @rfranzke)
• [OPERATOR] A network policy has been added allowing the kube-apiserver of a shoot to connect to the gardener-external-admission-controller in the seed. (#464, @timuthy)
• [OPERATOR] The network policies in the seed cluster have been refined. (#459, @timuthy)
• [OPERATOR] The memory limit for the kube-controller-manager deployment of shooted seeds has been increased from 1Gi to 1.5Gi. (#458, @swapnilgm)
• [OPERATOR] Gardener does now randomize the maintenance time of shoots (still respecting the constraints specified in the shoots .spec.maintenance.timeWindow object`) instead of regularly checking whether it can start maintaining or not. (#456, @rfranzke)
• [OPERATOR] Missing alerts in Grafana's "Kubernetes Cluster Health" dashboard for cluster-autoscaler, machine-controller-manager and cloud-controller-manager have been added. (#432, @mvladev)
• [OPERATOR] New metrics scraping and alerting rules for cluster-autoscaler, machine-controller-manager and cloud-controller-manager have been added. (#430, @mvladev)
• [OPERATOR] An issue causing unnecessary restarts of the kube-addon-manager pods has been fixed. (#414, @rfranzke)
• [OPERATOR] The explicit AWS load balancer and security group deletion is skipped if the infrastructure has already been deleted. (#413, @rfranzke)
• [OPERATOR] An issue has been resolved which caused a failure during deletion for Shoot cluster running Kubernetes 1.9.x. The error occurred because in Kubernetes 1.9.x APIServices are only available of version v1beta1. As a consequence, Gardener now uses APIServices v1beta1 instead of v1. (#404, @timuthy)
• [OPERATOR] Gardener does now take the clientConnection configuration of the controller-manager's componentconfig file into account, effectively allowing faster updates to resources in the Garden cluster. (70ff4c73ea2a181a5847bea2b13f3f257ed8fad1)
• [OPERATOR] An issue has been resolved that prevented the the infrastructure destruction for AWS Shoots. (f2fabe488d5a92e9b1ce6187fbdeb34727e37b26)

[machine-controller-manager]

Most notable changes

• [USER] Timeouts for creation and health check is split into two configurable knobs instead of a single one (gardener/machine-controller-manager#183, @prashanth26)

Improvements

• [OPERATOR] Updates vendor dependecies to support K8s version 1.10 (gardener/machine-controller-manager#173, @prashanth26)
• [OPERATOR] Restructure documentation so they are easier to consume. (gardener/machine-controller-manager#159, @zanetworker)
• [OPERATOR] (Un)Freezing of machine controller based on APIServer availability (gardener/machine-controller-manager#180, @prashanth26)

Docker Images

gardener-apiserver: eu.gcr.io/gardener-project/gardener/apiserver:0.13.0
gardener-controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:0.13.0

[gardener]

Improvements

• [USER] An issue has been fixed causing that no more trial clusters could be created although the quota was not exceeded. (4ff962c9d5199f74b279a0b12cbb209c6f3b8d32)
• [OPERATOR] A network policy has been added allowing the kube-apiserver of a Shoot to connect to the Gardener external admission controller. (#465, @timuthy)

Docker Images

gardener-apiserver: eu.gcr.io/gardener-project/gardener/apiserver:0.12.4
gardener-controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:0.12.4

[gardener]

Most notable changes

• [USER] A bug in the CoreDNS configuration that prevented reverse DNS lookups has been resolved. (2cd28249ecf908bffb3166725261bd72dea5ff50)

Improvements

• [USER] Load balancer and security groups are now correctly deleted before destroying the remaining infrastructure for AWS Shoots. (5e58f9c1f5d6638988a5289836ba63eb67854632)
• [OPERATOR] The network policies in the seed cluster have been refined. (#461, @timuthy)
• [OPERATOR] The memory limit for the kube-controller-manager deployment of shooted seeds has been increased from 1Gi to 1.5Gi. (2c5471f945ed9a19eb747df1130b396d324b0ec0)

Docker Images

gardener-apiserver: eu.gcr.io/gardener-project/gardener/apiserver:0.12.3
gardener-controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:0.12.3

[gardener]

Improvements

• [OPERATOR] An issue has been resolved that prevented the the infrastructure destruction for AWS Shoots. (b8d785030951377f016873626aa206789fe24498)

Docker Images

gardener-apiserver: eu.gcr.io/gardener-project/gardener/apiserver:0.12.2
gardener-controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:0.12.2

[gardener]

Improvements

• [USER] When deleting a Shoot then Gardener does only wait for the controllers to be active if both deployments for kube-controller-manager and cloud-controller-manager exist. (#418, @rfranzke)
• [OPERATOR] An issue has been resolved which caused a failure during deletion for Shoot cluster running Kubernetes 1.9.x. The error occurred because in Kubernetes 1.9.x APIServices are only available of version v1beta1. As a consequence, Gardener now uses APIServices v1beta1 instead of v1. (#418, @rfranzke)
• [OPERATOR] The explicit AWS load balancer and security group deletion is skipped if the infrastructure has already been deleted. (#418, @rfranzke)
• [OPERATOR] An issue causing unnecessary restarts of the kube-addon-manager pods has been fixed. (#418, @rfranzke)

Docker Images

gardener-apiserver: eu.gcr.io/gardener-project/gardener/apiserver:0.12.1
gardener-controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:0.12.1

[gardener]

Most notable changes

• [USER] The type field has been removed from the StorageClass deployed in OpenStack Shoots. Moreover, the StorageClasses deployed by Gardener are now reconciled and not only created once anymore. (#395, @afritzler)
• [USER] Initializers for cloud-specific PersistentVolumes are now added by Gardener instead of the Kubernetes initializer admission plugin (to temporarily mitigate a runtime panic that would otherwise happen in the Kubernetes cloud-controller-manager (see https://github.com/kubernetes/kubernetes/issues/68996 for more details)). (#392, @rfranzke)
• [USER] When deleting a Shoot cluster Gardener does now forcefully delete CustomResourceDefinitions and APIServices if they have not been cleaned up regularly by their responsible controllers within 5 minutes. (#391, @Adracus)
• [USER] Gardener does now delete pods stuck in terminating state longer than their deletion grace period allows. (#383, @rfranzke)
• [USER] Failed Shoot operations are now retried when a different Gardener version takes over without requiring user interaction. (#382, @zanetworker)
• [USER] All control plane components other than kube-controller-manager and cloud-controller-manager are now blocked via network policies from accessing the cloud's metadata service. (#381, @zanetworker)
• [USER] System component pods as well as addons managed by Gardener are now scheduled with a high priority using the Kubernetes pod priority feature. They might preempt pods created by users causing their eviction/deletion. Users should consider scaling up their cluster (either vertically or horizontally) in such cases. (#379, @rfranzke)
• [USER] Gardener does now replace kube-dns with CoreDNS in all Shoot clusters. kube-dns is becoming deprecated, and CoreDNS is the new default DNS plugin for Kubernetes (as it is more pluggable and provides more features). (#364, @zanetworker)
• [OPERATOR] The horizontal pod autoscaler downscale delay for shooted Seed clusters has been increased to 24h. (#397, @amshuman-kr)
• [OPERATOR] The automatic-updates daemon on CoreOS is now disabled permanently, ensuring that the OS image version configured in Shoot resources is fixed. (8950d68efb5725f6127af875b8050cacad9170f4)

Improvements

• [USER] The metrics-server deployment in Shoot cluster has been added to the deletion whitelist, i.e. Gardener won't delete it when deleting a Shoot. This is due to the fact that the Kubernetes namespace controller requires to discover all APIs (including aggregated APIs) in order to recursively clean up all object in the namespace. (#390, @rfranzke)
• [USER] The delays for the horizontal pod autoscaler have been modified in the following way to achieve a less oscillating behaviour: Downscale: 5m -> 15m and Upscale: 3m -> 1m. (#389, @rfranzke)
• [USER] Gardener does now wait until all needed controllers are active before cleaning the Kubernetes resources when deleting a Shoot. (#386, @rfranzke)
• [USER] Resources deployed into Shoot clusters that are not needed any longer are no correctly pruned. (#384, @rfranzke)
• [USER] The version of calico has been upgraded to v3.2.1. (#380, @databus23)
• [OPERATOR] An issue where the Shoot-specific Prometheus instance did use invalid certificates for scraping etcd and the kubelet has been resolved. (#394, @mvladev)
• [OPERATOR] Horizontal pod autoscaling for the kube-apiserver's is now enabled for all Shoots. (#388, @zanetworker)
• [OPERATOR] Fixed an issue that prevented a correct error code mapping for errors returned by the machine-controller-manager. (#375, @Adracus)
• [OPERATOR] Fixed an issue that caused unnecessary restarts of kube-/cloud-controller-manager for Shoot deletions. (73365eb6bef3d3eb31dd35ea63de25789a7a0e83)

Docker Images

gardener-apiserver: eu.gcr.io/gardener-project/gardener/apiserver:0.12.0
gardener-controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:0.12.0

[gardener]

Most notable changes

• [OPERATOR] The automatic-updates daemon on CoreOS is now disabled permanently, ensuring that the OS image version configured in Shoot resources is fixed. (4cd8b818488bd2377ad1fbb4a3e5541c07aead1e)

Improvements

• [OPERATOR] Fixed an issue that caused unnecessary restarts of kube-/cloud-controller-manager for Shoot deletions. (f005f3c2030316176c08dba7b25473834dc27995)
• [OPERATOR] Fixed an issue that prevented a correct error code mapping for errors returned by the machine-controller-manager. (91dafbe1161583c594963be230887f34218ce6c3)

Docker Images

gardener-apiserver: eu.gcr.io/gardener-project/gardener/apiserver:0.11.1
gardener-controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:0.11.1

[gardener]

Most notable changes

• [USER] ⚠️ Gardener does now compute dedicated certificate authorities for the various components deployed with a Shoot cluster. Previously, only one CA was used for all components. Users must restart (e.g., by deleting) their API server extension pods in case they have deployed any (e.g., service-catalog, ...) so that they read the new CA certificate. (#353, @rfranzke)
• [USER] Gardener does now support specifying the maxSurge and maxUnavailable parameters for the worker pools in the Shoot specification. Similar to rolling updates of Kubernetes native Deployment resource you can influence how the rolling update of your worker pools behaves. Please find more information about these values here. (#351, @zanetworker)
• [USER] Gardener does now support the .spec.hibernation.enabled field in the Shoot specification for triggering hibernation/wake-up. The current behavior (setting min=max=0 for all worker groups) is still supported but deprecated and will be removed in a future version. (#350, @timuthy)
• [USER] Gardener does now deploy the Kubernetes metrics-server into the kube-system namespace of every Shoot cluster. This enables the horizontal pod autoscaling feature of Kubernetes out of the box. Users that have previously deployed the metrics-server on their own do not longer need to care about it (as it's now managed by Gardener). Gardener will overtake the responsibility of maintaining it. (#347, @rfranzke)
• [USER] ⚠️ The Gardener API server now features a dedicated Project resource (see this for an example). A project results in a Kubernetes namespace into which Shoot clusters can be deployed. The Gardener controller manager features a webhook endpoint for protecting direct deletion of namespace belonging to a project. For that, it now exposes a HTTPS server which requires a TLS certificate having gardener-controller-manager, gardener-controller-manager.garden, gardener-controller-manager.garden.svc as valid SANs. Please check the Gardener componentconfig example and the Gardener Helm chart values for how to specify the new configuration flags. Please do also make sure that the Garden cluster has enabled the ValidatingAdmissionWebhook admission plugin. Similar to Shoots, deleting a Project resource requires to annotate it with confirmation.garden.sapcloud.io/deletion=true in a previous step. (#330, @rfranzke)
• [USER] A shoot maintenance operation can now be triggered immediately by annotating the Shoot with shoot.garden.sapcloud.io/operation=maintain (even outside the maintenance time window). (1e5cc01e1e6e2433dea68adab556a82d82bead06)
• [USER] The EC2 instance profile policy attached to all worker nodes/VMs for AWS Shoot clusters has been reduced from ec2:Describe* to ec2:DescribeInstances. See #178 for more details. (f1bfc09b7eff5a1a0b54a977d6fe0290b4d294d6)
• [USER] ⚠️ Gardener does no longer support Kubernetes v1.8. You must upgrade all Shoot cluster to at least Kubernetes v1.9 before upgrading Gardener. (e3ebf2e9779ce2769de23043559f3f63657dd780)
• [OPERATOR] The Kubernetes cloud controller manager gets now deployed as part of a Shoot's control plane in the Seed cluster. It is responsible for provisioning load balancers and routes, sets cloud-specific labels on persistent volumes, and initializes nodes. The kube-apiserver of a Shoot is now completely blocked from accessing the cloud's metadata service IP and does no longer mount the customer's cloud provider secret. (#336, @rfranzke)
• [OPERATOR] ⚠️ Gardener was depending on yaml2json which was downloaded on every worker machine in order to read the kubeconfig and the cloud-config. This dependency has now been removed (instead, we are now working inside Docker containers to not rely on external tools but rather on stable images). Gardener MUST be updated as the yaml2json binary is no longer available at its download URL which results in the fact that no new machines can join the cluster (as the cloud-config cannot be read/extracted). This will result in a rolling update of all machines for all clusters. (539db79faf254821540b4b5ca3f33b49fd3b8d9f)
• [OPERATOR] The kubelet's insecure/read-only port is now disabled. (4b29f0a)

Improvements

• [USER] Gardener does now explicitly delete the load balancers and security groups belonging to Kubernetes services for AWS Shoots. This is to mitigate the issue that the kube-controller-manager does not use finalizers on Service objects and may forget that it has created resources in the underlying infrastructure. (05c72032bd3339f63c22173131833c1adf531d88)
• [USER] The number of concurrent controller syncs of the kube-controller-manager of Shoot clusters has been increased to allow faster processing of events. (5f4aca2e54bea0836a93ec031827e34319b621b7)
• [USER] The number of nginx-ingress worker processes has been fixed to avoid OOM issues when running on high-CPU machines. (d36b04504f783d22b2680e50d1748253f3815d0a)
• [USER] The resource limits of the node-exporter have been increased to avoid OOM issues when running on high-CPU machines. (26195fc)
• [OPERATOR] Added new storageClass to provision Azure files (#338, @luisdavim)
• [OPERATOR] The Gardener component metrics has been refactored and enhanced. The controller-manager expose no service-level metrics anymore, because they are moved to the Gardener Metrics Exporter. Metrics refer to internal state of the controllers and their workqueues has been added. (#244, @dkistner)
• [USER] A missing RBAC rule allowing the kube-dns-autoscaler to operate correctly has been added. (7f41b6b)
• [OPERATOR] A bug setting minReplicas=maxReplicas=1 for the kube-apiservers of shooted Seed clusters has been fixed. (317b4e2)
• [OPERATOR] The error code mapping has been extended to classify frequently seen errors easily. (8f3a0fd,317b4e2)
• [OPERATOR] The default Shoot and BackupInfrastructure controller sync periods have been increased. (26ca086c8d7e7af6ccb7a51eb309e9bb5587ca2e)
• [OPERATOR] An issue causing the creation of the Terraform job although the pre-validating pod timed out has been fixed. (5f04dd50aa9588096c4a557af25a0e2b11b38d4b)

[machine-controller-manager]

Most notable changes

• [USER] Integrated support for Ali cloud in MCM (gardener/machine-controller-manager#136, @lu-zhenyu)

Improvements

• [USER] Enhanced integration tests to support AWS and GCP. (gardener/machine-controller-manager#147, @prashanth26)
  • Adding support in integration tests for a new provider is simpler and modular now.
• [OPERATOR] The mcm has now support to integrate custom Prometheus metrics. A metric to expose the amount of managed machines is already integrated. (gardener/machine-controller-manager#137, @dkistner)

[vpn]

Improvements

• [USER] An issue causing vpn-shoot to fail starting on CoreOS machines provisioned by Alicloud has been resolved. (gardener/vpn#32, @jia-jerry)

Docker Images

gardener-apiserver: eu.gcr.io/gardener-project/gardener/apiserver:0.11.0
gardener-controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:0.11.0

[gardener]

Most notable changes

⚠️ Gardener was depending on a yaml2json binary which was downloaded on every worker machine in order to construct the kubelet's kubeconfig and to apply the machine's cloud-config. We are now no longer depending on yaml2json (instead, we are now working inside Docker containers to not rely on external binaries but rather on stable Docker images). Gardener MUST be updated as the yaml2json binary is no longer available at its download URL which results in the fact that no new machines can join the cluster (as the cloud-config cannot be read/extracted). This will result in a rolling update of all machines for all clusters.

Docker Images

gardener-apiserver: eu.gcr.io/gardener-project/gardener/apiserver:0.10.2
gardener-controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:0.10.2

[gardener]

Improvements

• [USER] A missing RBAC rule allowing the kube-dns-autoscaler to operate correctly has been added. (3f047e72)
• [OPERATOR] A bug setting minReplicas=maxReplicas=1 for the kube-apiservers of shooted Seed clusters has been fixed. (aa3a93a9)
• [OPERATOR] The error code mapping has been extended to classify frequently seen errors easily. (6de9fc5d)

Docker Images

gardener-apiserver: eu.gcr.io/gardener-project/gardener/apiserver:0.10.1
gardener-controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:0.10.1