[gardener]

Most notable changes

• [USER] It is now possible to configure extra admission plugins (regarding those the Gardener installs by default) in the Shoot manifest and their corresponding configuration. Please see this for an example. (#322)
• [USER] The kube-apiserver of a Shoot cluster does now get a HorizontalPodAutoscaler. It is configured to scale automatically up to maximum number of 4 replicas in case the cluster is large. The scale decision will be made based on its CPU consumption. (#315)

Improvements

• [USER] When the Gardener controller manager starts it will update all Shoot resources to .status.lastOperation.state=Aborted if .status.lastOperation.state=Processing. (0d85b6012e0811e62a0708659ebe9224441932df)
• [USER] The Terraformer pods do now use their own dedicated service account, resolving a sporadic issue during initial cluster creation showing up for Shoots. (d47551089c4c60800af00cca7d4f9c781f190b13)
• [USER] An issue computing the configuration for nginx-ingress has been resolved. (9b4964fdd4182ac4ac6d2e5009de01316e31af59)
• [USER] Gardener does now explicitly wait for the etcd pods to be ready before continuing, resulting in better progress information. (5d35d12082ec600a57a2d2f5d7ac8aa68ea88154)
• [USER] Docker images updates (613e0d6471924ea0ec3b2aceb94bfaf78679709b)
  • eu.gcr.io/gardener-project/gardener/machine-controller-manager: 0.7.0 -> 0.9.0
• [OPERATOR] Vertically scales the central Prometheus statefulset deployed in all Seed clusters based on the number of nodes. (#323)
• [OPERATOR] The error code mapping has been extended. (a4770387f1f3b2156688bb5e77137ec42a630a1e)
• [OPERATOR] Some noisy metrics have been dropped from Shoot clusters Prometheuses. (#329)
• [OPERATOR] Add support for setting K8S log level in controller manager (#326)

Docker Images

gardener-apiserver: eu.gcr.io/gardener-project/gardener/apiserver:0.10.0
gardener-controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:0.10.0

[gardener]

Improvements

• [USER] An issue computing the configuration for nginx-ingress has been resolved. (6282ac078352f9c9c8848e4a0b270ef299bd494c)
• [OPERATOR] The error code mapping has been extended. (a4770387f1f3b2156688bb5e77137ec42a630a1e)

Docker Images

gardener-apiserver: eu.gcr.io/gardener-project/gardener/apiserver:0.9.1
gardener-controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:0.9.1

[gardener]

Most notable changes

• Gardener does now perform server side printing when listing resources of the Garden API, greatly enriching the information displayed via kubectl get calls. (f0dcad05d960430481158447230876db3cc59528)
• Names of worker pools must now be DNS1123-label conformant. (#261, 1277a7bcf5866f8ec6d70d0c830aa4a1685d68a1)
• A new NetworkPolicy in the Seed clusters does now restrict outgoing traffic from Shoot cluster kube-apiservers. They can no longer talk to the Seed networks but only to their corresponding etcd instance and kube-dns. (#266, ec7e29f5e683c9df968eeb737b2b2eaf356ff105, 5ec60cc6b9066876a0914172494058bd4c467589, 81f122834e06db8c777cd0a4461cec522d88eaca)
• The monitoring stack (Prometheus, AlertManager, Grafana) used the same basic auth. credentials like the Shoot kube-apiservers. Now, they have their dedicated credentials stored in a new monitoring-ingress-credentials Secret in the Seed cluster. (#271, 8e671890710b707ba6e2870e1ae88163292da32f)
• ⚠️ Gardener does now reserve excess capacity in Seed clusters. This requires the Seed kube-apiservers to be of Kubernetes version 1.11, or to enable the PodPriority feature gate and the scheduling.k8s.io/v1alpha1 API version for Kubernetes < 1.11. The amount of excess capacity is computed so that new Shoot control planes can be deployed (allowing to enable the cluster-autoscaler in Seeds). Currently, the Shoot control plane size has been statically set to a requirement of 7 CPU cores and 14Gi of memory. The number of Shoot control planes that can be supported is 3 or 5% of currently running Shoots, whichever is greater. The feature can be disabled in the Gardener controller manager's component config (.controllers.seed.reserveExcessCapacity). (#267, 3e8e350c806d9acbdf22dbb6b336fc7205be48a9, daad692286f7b4672ff1004460f7654412a677f9)
• The etcd connection timeout has been increased to allow catering with large snapshots. Moreover, the default full-backup frequency has been changed to one day. Incremental snapshots/backups will be taken in the meantime. (#304, bdbb530188123b739046cdacf90d97000c71b84f)
• The Docker daemon on Shoot cluster's worker VMs is now restarted whenever new CA certificates shall be installed to the machines. (#320, e7684b7bae5b8be35d4fe508296fcef527147c45)

Improvements

• The kubelet process is now restarted when it did not report an InternalIP or an ExternalIP on its corresponding Node object, resolving an issue with Shoots of Kubernetes version 1.11. (1311de43a1745cbc8cf65d57c72e9ed0a2c5e586)
• The maxUnavailable parameters of MachineDeployments is now set to 0 as we do not want that the number of available replicas goes below the desired number of replicas during rolling updates. (#274, 6bb3addfd8bdd7231be3f9a46bd92a86c8a391b)
• It is now possible to configure the loadBalancerSourceRanges for the nginx-ingress addon via the .spec.addons.nginx-ingress.loadBalancerSourceRanges field. (#298, ee24d30a6ac2c7846ff81ad05ecb2868d5f02c44)
• The Shoot care controller does now automatically delete evicted pods in Shoot namespaces in the Seeds. (#294, 714e036858f0914a0a817ad78b4bc83c351419b6)
• The machine-controller-manager deployment now features a liveness probe. (9757e95d897290747de67f76330d113d48714a61)
• The worker machine types of GCP clusters was not correctly transported to the machine-controller-manager. This issue has been resolved. (7397c20d9345a5027ae04b4b391e74643659de14)
• Project members are now longer allowed to write RoleBindings inside their project, but only read the one listing all members. In the future we will add dedicated resources for the management of projects. (3252c5c7e3f1e4a6132be6111d4bafd81b975727)
• Updates to SecretBinding resources are forbidden. It is needed for SecretBindings referencing trial Quotas which are assigned by Garden administrators. We do not want project members to simply patch these Quotas out of the provided SecretBinding. (30f03cdb70b1a9bb785cd6c241f42c14d719ed58)
• The sync period for Seed resources can now be configured in the controller manager's component config. (3110346016638d36c11e14f4fc08d43a61ba95a6)
• The nginx-ingress DNS record is destroyed when a Shoot gets hibernated (mainly to allow creating new Shoots directly in hibernation mode). (#312, f3aa9312b5252485f93101698d6f4745b55017c5)
• A bug making Gardener delete its own Seed resources for Shoots which have been marked to be be used as Seed cluster has been fixed. (5c5ae5f8c053724279b62177abbe42ce82ea248b)
• The nginx-ingress resource limits have been increased for Shoots which are used as Seeds. (83e9996785e49270fbc7acee9325b39a2fcfc04d)
• Docker image version updates (3b19d31c88a25ae515ea2ab7f74aa6febb3180b4, 177b1066259006f356be5cd922429eb21954097a, 3e8e350c806d9acbdf22dbb6b336fc7205be48a9)
  • quay.io/coreos/etcd: v3.3.8 -> v3.3.9
  • quay.io/prometheus/alertmanager: v0.14.0 -> v0.15.1
  • grafana/grafana: 5.1.3 -> 5.2.2
  • k8s.gcr.io/cluster-proportional-autoscaler-amd64: 1.1.2 -> 1.2.0
  • jetstack/kube-lego: 0.1.5 -> 0.1.7
  • jtblin/kube2iam: 0.9.0 -> 0.10.1
  • quay.io/kubernetes-ingress-controller/nginx-ingress-controller: 0.16.2 -> 0.17.1
  • busybox: 1.28.4 -> 1.29.2
  • gcr.io/google_containers/pause-amd64: 3.1 (new)
  • quay.io/prometheus/prometheus: v2.2.0 -> v2.3.2

Docker Images

gardener-apiserver: eu.gcr.io/gardener-project/gardener/apiserver:0.9.0
gardener-controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:0.9.0

Improvements

• The machine-controller-manager deployment now features a liveness probe. (395865c208bade634d1f194a2eb943b1420cb8e8)
• Project members are now longer allowed to write RoleBindings inside their project, but only read the one listing all members. In the future we will add dedicated resources for the management of projects. (5f04e91fa1299d58a6aea03ea33987f6a2d90a17)
• Updates to SecretBinding resources are forbidden. It is needed for SecretBindings referencing trial Quotas which are assigned by Garden administrators. We do not want project members to simply patch these Quotas out of the provided SecretBinding. (ce8120ac2d9f14ba2f4a798635459971efa8688f)

Docker Images

gardener-apiserver: eu.gcr.io/gardener-project/gardener/apiserver:0.8.1
gardener-controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:0.8.1

Most notable changes

• ⚠️ The migration logic for BackupInfrastructure objects has been removed. Upgrading from a Gardener version prior 0.5.0 is not supported. (cc8807d3bf66a4c70a145959c64fbc864d644634)
• ⚠️ The DeletionConfirmation feature gate as well as the old deletion logic have been removed. This script shows how to trigger a Shoot deletion. (f14e9b8950d60e1d4e9c3932123abad9f7a9a5e9)
• Gardener does now support Shoot clusters with Kubernetes version 1.11. You should consider the Kubernetes release notes before upgrading to 1.11. (88b3b1ea9575289d6637a2545a26fd8ef73fc8e1, ee3096e0e90840002702fefbb0854093ac2b9048, 9bbb58684b3dc0ef06f134daf12c94732e03cac2, f6f8e2382143d9179d8ec13657515e46ffc97669)

Improvements

• The ResourceReference admission controller now performs a live lookup in case a referenced secret was continuously not found in the cache (#227, 6228f43a7d52de92a974a7ab266f4b0c30f7eba6)
• Kubernetes API server deployments of Shoot clusters now feature a readiness probe. (#230, 705570429fa07555289298c08b041e349993b30a)
• All times are now converted to UTC when handling maintenance time windows to ensure correct functionality. (d2e2b6ccb2e98e22d3dde6d6fceda06dcba43644)
• The resource requests and limits for the control plane components of shooted Seed clusters have been increased. (bff5882c4d3d33464ad1ee76ef6ff55300c42481)
• Values are not quoted within the cloud provider config to allow catering with special characters. (b0dd83f56ad7019fd1c609c0869ad92ca76d0c9a)
• The Azure rate limit configuration has been adapted to cater with out-of-subscription deployments. (4fc77724a0e44cc39b5b394c50982f870a2def86)
• The Terraform job/pods for DNS are now cleaned up although the DNS record is already registered to always ensure a clean environment. (3184b4a768f12b8a8ff3f7b9def9bf8041b3f414)
• The Shoot health check does not fail when pods have been completed successfully (terminated with exit code 0). (36a9b3c8cfc89769ece350604e8b22baa43af0d6)
• Docker image version updates (c9ab09cba4f3fae0591a8dccbea911132e5af3a9, d0f70f14f2df28278765515b6bc1337dd4afe11d, f64fea99316b913c76151b42d15e68a18c361a12, 57fc669feb76402f8d8f2d8920295fbd499026a6)
  • eu.gcr.io/gardener-project/gardener/etcdbrctl: 0.2.3 -> 0.3.0
  • eu.gcr.io/gardener-project/gardener/machine-controller-manager: 0.6.1 -> 0.7.0
  • eu.gcr.io/gardener-project/gardener/vpn-seed: 0.11.0 -> 0.12.0
  • eu.gcr.io/gardener-project/gardener/aws-lb-readvertiser: 0.2.0 -> 0.3.0
  • eu.gcr.io/gardener-project/gardener/vpn-shoot: 0.11.0 -> 0.12.0
  • eu.gcr.io/gardener-project/gardener/ingress-default-backend: 0.5.0 -> 0.6.0
  • eu.gcr.io/gardener-project/gardener/terraformer: 0.6.0 -> 0.7.0 -> 0.8.0
  • eu.gcr.io/gardener-project/gardener/autoscaler/cluster-autoscaler: 0.1.0 -> 0.2.0
  • quay.io/kubernetes-ingress-controller/nginx-ingress-controller: 0.15.0 -> 0.16.2
• Golang dependency updates (75932361914404f22bee271589219ffab8a03911)
  • k8s.io/api: kubernetes-1.10.3 -> kubernetes-1.11.0
  • k8s.io/apimachinery: kubernetes-1.10.3 -> kubernetes-1.11.0
  • k8s.io/apiserver: kubernetes-1.10.3 -> kubernetes-1.11.0
  • k8s.io/client-go: kubernetes-1.10.3 -> kubernetes-1.11.0
  • k8s.io/code-generator: kubernetes-1.10.3 -> kubernetes-1.11.0

Docker Images

gardener-apiserver: eu.gcr.io/gardener-project/gardener/apiserver:0.8.0
gardener-controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:0.8.0

Improvements

• The ResourceReference admission controller now performs a live lookup in case a referenced secret was continuously not found in the cache (#227, d43d276837d3e07091ad5d4305a6bbc36d3fce09)
• Kubernetes API server deployments of Shoot clusters now feature a readiness probe. (#230, ab139149de19775270597a4aeef2e511dc2f372f)
• All times are now converted to UTC when handling maintenance time windows to ensure correct functionality. (399beda40472de81ee14b730449fe9fe7a8505ef)

Docker Images

gardener-apiserver: eu.gcr.io/gardener-project/gardener/apiserver:0.7.1
gardener-controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:0.7.1

Most notable changes

• ⚠️ The new DeletionConfirmation admission controller feature is now enabled by default. It requires Shoots to have set the confirmation.garden.sapcloud.io/deletion=true annotation before they are allowed to become deleted. The old/deprecated annotation (confirmation.garden.sapcloud.io/deletionTimestamp=<x>) is still needed but will be removed entirely in the next version. (e8c3e31cf192335532b9b20ba05a6d94df40351b)
• The latest machine-controller-manager version supports propagation of failures/errors from Machine to MachineDeployment objects. In case Gardener detects these errors it will abort the machine reconciliation and push detailed information into the Shoots .status.lastOperation object to become visible to users. (ac08ddc5d1ec9bf9f3a84035ca8eb76feaa8503e)
• The cluster-autoscaler does not automatically adjust the number of desired machines if the minimum gets increased or the maximum gets decreased. Gardener takes over in these cases and modifies the machine replicas accordingly to reflect the desired state. (#218, a328b280df1e72d154095cacd88a43838f08162f)
• Gardener now supports OpenStack Designate as third DNS provider. (#215, 90259480707a967791d15db7ddaad451aad13996, 0a509e897852aadedb0b37435ece260ef47210b4, 659796447597781db25dca59288ab0e6f32bc7f9, a669929dfa47abd88b0bc88abae0128372a190eb, 03fda7784b3ae05a7a7e06c01ca26a9e8833d616, e6d824bb39543566ffd8852c679647458e76b8cd)
• The alerts do now contain information about the Seed cluster responsible for the Shoot the alert has been fired for (region, API server URL, cloud profile). (#214, 274a275e1fcecff1cd5070d696b41f76a54ff7de)
• All "shooted" Seed clusters will get three kube-apiserver replicas by default. (4ecaaeb04d73adb297f550380fe76d99efe0eb19)
• The nginx-ingress controller configuration has been adapted to make it publishing the external address into all Ingress resources. (#154, 82dbdf88756d4843d241798a7cf3fdd010304da5)

Improvements

• Time windows overlapping two days (beginning is on another day than the end, e.g. 230000-010000) are now handled correctly. (57a2e2b80b5aacffaf9bd8c024d3b0e35b25c152)
• The SystemComponentsHealthy condition of the Shoot health check only checks deployments deployed by Gardener, and the ControlPlaneHealthy now also checks the deployments statuses (was only checking the pod statuses before). (b1611bf59de3d3ab3e3a5d70ae8891091a4d4010, 6a052343476d4d45eaa3fde8b18e6828f30e09a6)
• Project members are now allowed to create technical users in the Garden cluster. (#213, 08d2c919c67c93c0351270754a1c75ebb5beb376)
• CPU and memory requests and limits have been slightly increased for the machine-controller-manager deployment. (250ea0c54bfa77fa54dc1d6f5da8af0a07083733)
• All admission plugins are now waiting for their caches to be synced before handling requests. (d0f1fda30b679c730680af3355bfa1424fe4f37e)
• Objects with owner references are no longer considered when cleaning up Shoot clusters during destruction. Gardener now relies on the parent controllers and Kubernetes garbage collection to clean them up. (13a13feda1536735a739f88169c3e4a62e24cd4c)
• The regular expression for extracting Terraform errors has been improved. (8c27a6a5d98dab421c87bdefaf9ca032ff120474, 396a740532e2df68b1e5cd5010b3353f5f1bad02)
• The ingress domain of a Seed cluster is now validated to be DNS1123-subdomain conformant. (dfb8c6439b190e96a8da0ff2512138df545fa56b)
• Shoots which are used as Seeds can now be configured to be protected or invisible. (66155841980935efd0c2b306c23add6a4c9dcb29)
• An issue causing a panic in the Gardener API server when validating OIDC configuration for Shoots has been resolved. (3522923aa9af6a51ebfd3f460529b78f7bc2f85f)
• Docker image version updates (dfa9ad3c07eb09191069e8582afd6a9c2f03ff9b, b287ccb9565ed942eba4c4465c81aa3989cc11b9, ac08ddc5d1ec9bf9f3a84035ca8eb76feaa8503e)
  • quay.io/coreos/etcd: v3.3.5 -> v3.3.7 -> v3.3.8
  • quay.io/calico/node: v3.1.2 -> v3.1.3
  • quay.io/calico/cni: v3.1.2 -> v3.1.3
  • quay.io/calico/typha: v0.7.3 -> v0.7.4
  • eu.gcr.io/gardener-project/gardener/ingress-default-backend: 0.3.0 -> 0.4.0 -> 0.5.0
  • eu.gcr.io/gardener-project/gardener/machine-controller-manager: 0.4.0 -> 0.5.0 -> 0.6.1
  • eu.gcr.io/gardener-project/gardener/vpn-seed: 0.10.0 -> 0.11.0
  • eu.gcr.io/gardener-project/gardener/vpn-shoot: 0.10.0 -> 0.11.0
  • busybox: 1.28 -> 1.28.4
• Golang dependency updates (69f30ce55468e689391d930037e55b02ef648210)
  • github.com/gardener/machine-controller-manager: 0be5317161d27ef7b95fa7b53844ae3b78f24c7a -> 0.5.0

Docker Images

gardener-apiserver: eu.gcr.io/gardener-project/gardener/apiserver:0.7.0
gardener-controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:0.7.0

Improvements

• All "shooted" Seed clusters will get three kube-apiserver replicas by default. (52cf20113b0326e1233937f9330ad1b2f2d9045c)
• The regular expression for extracting Terraform errors has been improved. (65c8aeda2e7eea9bee6a348877c5efbf788ad311)
• Project members are now allowed to create technical users in the Garden cluster. (a7a7ef4a1a4f84f52573f7a15d0f29509d1b2d5f)

Docker Images

gardener-apiserver: eu.gcr.io/gardener-project/gardener/apiserver:0.6.1
gardener-controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:0.6.1

Most notable changes

• The forked version of the upstream Kubernetes cluster-autoscaler has been adapted to work with our machine-controller-manager and integrated into the Gardener. It can be enabled by setting .spec.addons.cluster-autoscaler.enabled=true in the Shoot manifest. The Shoot cluster worker nodes will be scaled according to what the user has defined in his/her worker pool's autoScalerMin/autoScalerMax constraints. Due to the Machine abstraction it is capable of auto-scaling Shoots independent of the cloud provider they are deployed to.
  ⚠️ Having worker pools with autoScalerMin=0 are no longer allowed unless autoScalerMax=0 as well (cluster hibernation). If you have Shoot resource specifying worker pools with autoScalerMin=0 and autoScalerMax>0 every modification to the Shoot resource will be rejected until you update your pools to autoScalerMin>0. (#200, #207, 47ee5625cac3585c88c6a478863b40207ca0a7c4, 93b8444a686e9c261ea510e2953d693d2045439f, 3527ad11d7295bd36331ddb14ab1581312e38f99, 01d7ec7daba49df6db32fe4d1bfdcecbe59f90e4, 63232bbe70680acc12d73a12354bca693a5b5323, f2253092898f2cc19e1e3a9a8d1846c5a8cc9e76, be662f96616ac12affb93684b3b6633f61c9ff1c)
• The Gardener API server and the Gardener controller manager do now allow specifying feature gates to enable/disable alpha/beta features. For the Gardener API server it is needed to provide the features per comma-separated list as command line flag, e.g. --feature-gates=MyFeature=true,AnotherFeatue=false. For the Gardener controller manager the feature gates are enabled or disabled per its componentconfig file. (4c251be0b11639c20d41ce20c5de0deb59b0f008)
• A new alpha DeletionConfirmation admission controller has been added which is currently disabled by default. You can enable it by enabling the DeletionConfirmation feature gate. Once it's enabled it will only allow DELETE requests on Shoots that have been annotated by confirmation.garden.sapcloud.io/deletion=true. This is to prevent users from accidentally deleting their Shoot clusters with a simple kubectl delete shoot command.
  ⚠️ The previous way of confirming the Shoot deletion will be deprecated and removed in a future release. (#193, cce038540ef23596f6e1cfab513c52eefb9e39da, 2bc1b5205d936eda7b27937f69517348fa5223b8)
• The EveryNodeReady health check now correlates the number of desired worker nodes with the number of nodes actually registered. Previously, the check did only verify that every registered node is ready (which was true even if no node was registered at all). (122945d8b8a346a2d5d77e2d41e1875b2f371396)

Improvements

• The length constraint validation checks are bypassed in the ShootValidator admission controller for all operations other than CREATE. (b43e09279646ba0b1b06dc32d1e39778d39c146a)
• When deleting a Shoot cluster the Gardener now waits until all Machine objects have been marked to be forcefully deleted (or until the operation returned an error) before continuing with its flow. (#203, 1a5e1acab07882193d1e3e2a4798e30a48629187)
• The Shoot care controller now performs health checks even if the Shoot cluster has been marked as not to be reconciled. (757a6461ba06c11207c09cbf507cd3910d56d12b)
• The Gardener Helm chart has been fixed to allow every authenticated user in the Garden cluster to read/list/watch CloudProfile resources. (#205, 6309a19a66a4e1ee5cf91b5ac15c00c6fff6b01b)
• Elastic IP and NAT gateway resources created for AWS Shoot clusters are now properly tagged with the cluster name. (922cdbf79683a0eb40135c8ea96f924d0be5debd)
• Health checks are no longer performed for pending Shoots (those who are waiting to become created). (44e2e872ea4670b921750d165d2a2880d42606b4)
• An issue in the Shoot resource defaulting that could cause a panic in the Gardener API server has been fixed. (8259b16be271fdf0c8809d3ee5fcd58849089df5)
• Docker image version updates (3527ad11d7295bd36331ddb14ab1581312e38f99)
  • eu.gcr.io/gardener-project/gardener/autoscaler/cluster-autoscaler: 0.1.0 (new)

Docker Images

gardener-apiserver: eu.gcr.io/gardener-project/gardener/apiserver:0.6.0
gardener-controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:0.6.0

Improvements

• The length constraint validation checks are bypassed in the ShootValidator admission controller for all operations other than CREATE. (6cf35958fe2ebd0cdd68e402972a662ee271e840)

Docker Images

gardener-apiserver: eu.gcr.io/gardener-project/gardener/apiserver:0.5.1
gardener-controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:0.5.1

Most notable changes

• A new resource named BackupInfrastructure has been introduced in the Gardener API server. The Gardener controller manager features a corresponding controller which creates or deletes cloud provider specific blob storage buckets which are used for etcd backups. So far, these tasks have been performed by the Shoot controller itself. This change not only supports a better separation of concerns but also allows to retain the blob store bucket of a specific Shoot even though the Shoot has been deleted. The default behavior is to delete the blob store bucket immediately when a Shoot is deleted, however, the .controllers.backupInfrastructure.deletionGracePeriodDays key in the Gardener controller manager's component config allows overwriting it. The changes are backwards compatible, hence, for all Shoots a corresponding BackupInfrastructure resource will be created in the next reconciliation period. (e93c11b5ae9aab3c9782b41809be2e3d102daf4c, 1086c2fb273550bf3e4a96589031f4f1de37f707, f37c866c8040f16e51b12b98df1a6bb8a0c7d5dd, a1eb7a28d76c4a59b26294e349d01ad9650d651a, cdb68b0e4b58a7e14333bae8e603a82d2682ec36, 389773b986267743f6f3ac6e934eaa609346263a, 18355bd3bfef19b93750d059200a9180200c9634, 504c552c4c443895409cf38df9e07f99aeebe70d, f57d36ee42f50fe95f19db6afd8e5caed31102cc)
• The technical ID of Shoot clusters has been changed from shoot-<projectName>-<shootName> to shoot--<projectName>--<shootName>, and the usage of two consecutive hyphens in either projectName or shootName is now forbidden. The technical ID is used for creating the Shoot namespace in the Seed cluster as well as for naming/tagging all infrastructure resources. Existing Shoots are not migrated to the new scheme. (#164, 285ef971d31c75d8aaa8fc7362068da0f990dcc6, 0d95fe1fb9ef8a902fe28c109c798c27d6d2cee5)
• The cloud provider secret used by the Shoot control plane as well as the machine class secrets used by the machine-controller-manager are now refreshed in the Shoot deletion flow. This resolves issues when the user has changed the cloud provider credentials but already marked the Shoot as 'to be deleted' (the controllers weren't able to clean up volumes, load balancers, and virtual machines any more). (e671c15d26aa76e7c698355272867d940f6b95b3, 77023be55eb1cfb85d4b11904afd25535d6009c2, 26fe6c8ae62fadf435ee9f96b25a07de5788c228)
• The communication between the kube-apiserver and etcd is now secured by TLS. (89a574552b112aa1735e153bb2e5251b2301e5eb, 3b6323a7b87fd11004fcb3e5b46ed473aade3da6, d4029599fb9a01f390105618323bcb7bff767574, 15d68aaba911eb2056b6d35578b541fb2c15b331, b154bb4571288165e2855c236bcebb18a6c00e8f)
• Gardener does no longer deploy a LimitRange object in the default namespace of a Shoot cluster. The cluster administrator/owner is responsible for defining these ranges if needed. (226f23d380ee560f7cfba6bfd99f41594fbe9e0e)
• An alert is now fired if pods in the Shoot cluster deployed by Gardener are Pending or NotReady for 10m. (8891409c14f3934a929b6019da7973362e18b5aa)
• OpenStack Shoots with Kubernetes version >= 1.10.3 are now supported (the OpenStack-specific behavior regarding the worker node naming scheme prior to Kubernetes 1.10 has been re-introduced and the cloud provider config needed to reflect these changes). AWS, Azure, and GCP Shoots are supporting Kubernetes >= 1.10.3 without any modifications inside Gardener. (1c9bd91a3c83c8cb517afa58b0811be6cf202db1)

Improvements

• Seeds that have been marked as 'to be deleted' are no longer considered for new Shoots by the SeedManager admission controller. (836eddb2acc80944d50ac368a86e0544c97c71c5)
• The nginx-ingress-controller is now started with --enable-ssl-passthrough=true. (#187, 24ce349d60aadac4f7560f520610cebabe9f611b)
• Machines are now labelled to be forcefully deleted in parallel when a Shoot cluster is deleted. Already labelled machines are skipped. (c3b1a98f54228ce6fd5f95a8698c46d6de8d3b30, d3ad1efd734eec777a383bbcc9b64c75bec88a71)
• The resource limits for CPU and memory have been slightly increased for the etcd and the kube-apiserver pods. The snapshot count for the etcd backup sidecar has been reduced. (4c4be26372211a284ee3e722b090ce9de68da10d, 18f93c882c03e20388626cb9aaf3930b665db6af)
• The last operation description message in the Shoot status has been adapted to improve readability. (5422525a76a3a7a2da49e86ff7fbd95c84eca830)
• The retention period of the central Prometheus deployed in every Seed cluster has been reduced from 12h to 2h. (7074a55551fb6e43d790701a85ddd3945cf5e3e6)
• An issue regarding the usage of a wrong Kubernetes client that prevented the deletion of unused machine class secrets has been resolved. (911e39101b62d25ff5986c49003678d1f8bc3663)
• API groups are now correctly re-discovered when the API group was found but the resource kind was not. (7ffbd8ad134542c6d2fe6b4a8e39e64d1743b156)
• Both the Initializer and PodPreset admission controllers have been disabled as their feature statuses are 'alpha'. (9f5529594c2f9bbfa5639b6797ae4b8a348e334a)
• The cAdvisor has been disabled for all Shoots as it is deprecated and removed with Kubernetes 1.12. (521452eeaa38eda05cd877a92878a18c3a93ce2e)
• A race condition in the Kubernetes client occurring sometimes when posting new resources has been resolved. (0cda9077650642c6fc77e8e07c7a4b2c4a6d7795)
• The alerts have been partly reworked and improved to avoid false positives. (b895b348e69111b7170ef0973e602a7e57fc4316, d8dcbc2e2da426ac4b2698760dd5712b89b7885f)
• The GCP Terraform output variables now contain vpc_name. (4ac05a9a1a3279a9372aec2a6b13a21a0b78778b)
• The OpenStack Terraform output variables now contain router_id and security_group_id. (9cbcb66096a32848de0a81cca7756edc3c34f003)
• The Grafana dashboards and data sources are no longer applied by the grafana-watcher but by means of the latest native Grafana features. (c4d9c3942f0b9eb6fefca92640e2a21c2c1a412d)
• The Monocular prerender pod is no longer deployed due to too many vulnerabilities. (54ec6bac48827c131d8a7b2f666b7f8ea58d7084)
• Docker image version updates (96cd52659f78b24898a06056c64d11e37bb27b45, aedf80a967205bc57eebcd992df5f8a39373aefe, 89a574552b112aa1735e153bb2e5251b2301e5eb, d4029599fb9a01f390105618323bcb7bff767574, c4d9c3942f0b9eb6fefca92640e2a21c2c1a412d, 16ba9fce8ef27be7134eb3f1c2d07d3e7793e2da, 54ec6bac48827c131d8a7b2f666b7f8ea58d7084)
  • eu.gcr.io/gardener-project/gardener/aws-lb-readvertiser: 0.1.0 -> 0.2.0
  • quay.io/coreos/etcd: v3.3.3 -> v3.3.5
  • eu.gcr.io/gardener-project/gardener/etcdbrctl: 0.2.1 -> 0.2.3
  • grafana/grafana: 5.0.4 -> 5.1.3
  • quay.io/prometheus/node-exporter: v0.15.2 -> v0.16.0
  • quay.io/calico/node: v3.1.0 -> v3.1.2
  • quay.io/calico/cni: v3.1.0 -> v3.1.2
  • quay.io/calico/typha: v0.7.1 -> v0.7.3
  • quay.io/kubernetes-ingress-controller/nginx-ingress-controller: 0.14.0 -> 0.15.0
  • eu.gcr.io/gardener-project/gardener/ingress-default-backend: 0.2.0 -> 0.3.0
  • gcr.io/kubernetes-helm/tiller: v2.8.2 -> v2.9.1
  • Removed quay.io/coreos/grafana-watcher
  • Removed quay.io/cy-play/vts-nginx-exporter
  • Removed migmartri/prerender
• Golang dependency updates (ee3872ddde8fdc768e33bce9efd2638aefc36cce)
  • k8s.io/api: kubernetes-1.10.1 -> kubernetes-1.10.3
  • k8s.io/apimachinery: kubernetes-1.10.1 -> kubernetes-1.10.3
  • k8s.io/apiserver: kubernetes-1.10.1 -> kubernetes-1.10.3
  • k8s.io/client-go: kubernetes-1.10.1 -> kubernetes-1.10.3
  • k8s.io/code-generator: kubernetes-1.10.1 -> kubernetes-1.10.3
  • github.com/gardener/machine-controller-manager: 0be5317161d27ef7b95fa7b53844ae3b78f24c7a (new)

Docker Images

gardener-apiserver: eu.gcr.io/gardener-project/gardener/apiserver:0.5.0
gardener-controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:0.5.0

Most notable changes:

• The VPN bridge deployed to establish network connectivity between the control plane of Shoots running in Seed clusters and the actual worker nodes has been refactored to use an OpenVPN-based approach instead of SSH. It requires to generate a dedicated TLS auth key for every Shoot cluster (which can only be generated by the openvpn binary), hence, openvpn is now part of the controller-manager's Docker image. Moreover, a default Diffie Hellman key for encryption is provided in the vpn-shoot Helm chart. It is possible to provide a self-generated key to the Gardener which is then used for all Shoot clusters. (149a20a3d25e29d13f8548bc3511bfd592a1b53b, 98a834df97e94248251e9897dc70c8e39c6c65a0, c7f34bce7539c3c90398d985b9a81d8e34c3994f, 4aed15e555789aaa440ec8a4ab21f5e1484400f0, f2edd976a76fe9ad4df5058e0cc61dc8e9231011)
• All containers/pods deployed by the Gardener do now have resource requests and limits. (fba244cfe3c60e949e1baeb537b0c43c25c74ed5)
• Shoots which are registered as Seeds do now have a dedicated queue and dedicated workers to not compete with those working on regular Shoots. (59ce3409b2cf595e79842f49ab610dfa96fcf6f0)
• The OpenStack Swift containers created for etcd backups are now deleted on deletion of a Shoot cluster. Before that, the Terraform OpenStack provider plugin didn't allow deletion of non-empty Swift containers. Hence, old containers must be cleaned up manually. (8cc1644ebb0647c6b875bee1c210149c111b48b6)

Improvements:

• The custom resource definition GlobalNetworkSet was missing from the Calico manifest and has been added. (9654b619ca007b245d5c87b8948b89bcd287b3a2)
• The Prometheus ingress service port was wrongly configured (8080 instead of 80) which has been resolved. (f563c6f5dd7b28744d298251d194afa3537b5154, 44f9aa2a35de03d99ea672b36d28684a154abbb3)
• kube-proxy pods now restart when their secret is changed. (d656d0b461f165199a385ab60b4c0bab52a22a82)
• Maintenance windows whose end is not on the same day like the begin are now correctly handled. (ff3fd00e4464651911675160d3937721c07cbaa0)
• The metrics endpoint for the controller manager has been refactored and extended. (37d9a3bf0890bfdca7aacb6b8aa17853fe8b23f3)
• The kube-lego Helm chart is now correctly deployed into a Shoot's kube-system namespace. (7a62dbf4fdfb8cdc9eea4b723d5d292dd2212c2d)
• Shoots that are marked as 'to-be-ignored' are now also ignored by the care and the maintenance controller. Previously, only the main Shoot controller itself ignored them. (8cc1644ebb0647c6b875bee1c210149c111b48b6)
• The .spec.cloud.aws.networks.nodes field is now defaulted with the first worker network in case the Shoot is deployed into an existing VPC. (6bef1385d7bad56f0c842ed105f3eb2dddf32ab7)
• The comparison of ports when updating a Service object has been resolved. NodePorts of existing Services are not longer overwritten, leading to re-balancing of possible load balancers and a short unavailability of the underlying services. (d93bd87c690593f405be98ebd7cb87586698e5d3)
• The metrics scraped by Prometheus from Seed and Shoot clusters have been reduced. (1b183ee0cbf871382f07b3a15ca06294652d8536, cce3fed1c76801cceebf2f4996e2a1b8747e86d9)
• The worker pool volume sizes are now validated against a cloud-specific minimum. (503a3e4ef1275c274ba6689915a741ba8ce24d21)
• The worker pool names are now validated against DNS1123 subdomain compliance. (703716fae99ad85d58da6cba006b7175f5efe236)
• The timeout for freezing a MachineSet during scale operations has been increased to 40 minutes. (9d5622c6fc1ffce76a347b02185a67cb4a6cd2f6)
• The last operation description of a non-running Machine is now propagated into the Shoot's EveryNodeReady status condition. (4e7ee75f0ac14ee82db17022b19a67f68486d57b)
• Docker image version updates (149a20a3d25e29d13f8548bc3511bfd592a1b53b, a1a1a65b5518ff063d8976a4319615739579db21, 2f1abfbe2b4e003143575dfc05d05f2403ee09f8, d3b16886b6617d1a774acb3738508b5637f6a2bc, 8cc1644ebb0647c6b875bee1c210149c111b48b6)
  • eu.gcr.io/gardener-project/gardener/vpn-seed: 0.8.0 -> 0.10.0
  • eu.gcr.io/gardener-project/gardener/vpn-shoot: 0.8.0 -> 0.10.0
  • k8s.gcr.io/k8s-dns-kube-dns-amd64: 1.14.9 -> 1.14.10
  • k8s.gcr.io/k8s-dns-dnsmasq-nanny-amd64: 1.14.9 -> 1.14.10
  • k8s.gcr.io/k8s-dns-sidecar-amd64: 1.14.9 -> 1.14.10
  • quay.io/kubernetes-ingress-controller/nginx-ingress-controller: 0.12.0 -> 0.14.0
  • eu.gcr.io/gardener-project/gardener/terraformer: 0.5.0 -> 0.6.0

Docker Images

gardener-apiserver: eu.gcr.io/gardener-project/gardener/apiserver:0.4.0
gardener-controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:0.4.0

Improvements:

• The .spec.cloud.aws.networks.nodes field is now defaulted with the first worker network in case the Shoot is deployed into an existing VPC. (999ef31edc91fac741a645b7faec16a70bb75dad)

Docker Images

gardener-apiserver: eu.gcr.io/gardener-project/gardener/apiserver:0.3.3
gardener-controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:0.3.3

Improvements:

• The comparison of ports when updating a Service object has been resolved. NodePorts of existing Services are not longer overwritten, leading to re-balancing of possible load balancers and a short unavailability of the underlying services. (ab1e67b42d7cb8a5806e232d16303125042f919e)
• The metrics scraped by Prometheus from Seed and Shoot clusters have been reduced. (1b183ee0cbf871382f07b3a15ca06294652d8536, 5743797804578cde6618d9819dba50039aadda1b)

Docker Images

gardener-apiserver: eu.gcr.io/gardener-project/gardener/apiserver:0.3.2
gardener-controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:0.3.2

Improvements:

• The worker pool volume sizes are now validated against a cloud-specific minimum. (290e95fff7ca3f23af2e7a65acdd81aac2188ab3)
• The worker pool names are now validated against DNS1123 subdomain compliance. (15598f3320b162403107d93bba5751de1ed4b79a)
• The timeout for freezing a MachineSet during scale operations has been increased to 40 minutes. (f492ffb6a95c0658dccb821fa9ac22e1fff50e20)
• The last operation description of a non-running Machine is now propagated into the Shoot's EveryNodeReady status condition. (2aac1f3d78e9c6605bef2f4b7369b12f2ebce696)
• Docker image version updates (cf2fc7ddbe71e3aafd8f39b993ce50d77ecc8673)
  • k8s.gcr.io/k8s-dns-kube-dns-amd64: 1.14.9 -> 1.14.10
  • k8s.gcr.io/k8s-dns-dnsmasq-nanny-amd64: 1.14.9 -> 1.14.10
  • k8s.gcr.io/k8s-dns-sidecar-amd64: 1.14.9 -> 1.14.10

Docker Images

gardener-apiserver: eu.gcr.io/gardener-project/gardener/apiserver:0.3.1
gardener-controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:0.3.1

Most notable changes:

• Kubernetes versions 1.10.1+ are now supported on Azure and OpenStack (which were not supporting 1.10 at all before). AWS and GCP continue to support Kubernetes 1.10.0+. (c438ccebf70b001b60bf277295b68b10366e9cb5)
• The main etcd of all Shoot clusters is now backed up to the respective cloud provider's blob storage. The etcd pod incorporates a sidecar container that does the same, as well as performing validation of the data directory regarding corruption. It is also able to restore the data directory from the latest snapshot in case it was lost or damaged. (de1217bb9a071a41919252a8fdce9ea1bc1038b5, de1217bb9a071a41919252a8fdce9ea1bc1038b5, d9655dc6d0ab8513a16358a46b2de95a256ac3a6, 397514cf83885ff7e936b0c0b9eddda25482bede, 6cabf572d0e55f2ea580ba2ef744418f33d3a4c3, 544e320feb1c1ddf3b90eb1ccbee28a2af7ea9f3)
• The Gardener now provisions a central Prometheus instance into the garden namespace of all Seed clusters. It is used to scrape the kubelets of all Seeds and to federate the metrics for the individual Shoot Prometheuses, significantly reducing the load and network traffic in the Seeds. (2f05d7ac7e757277e9509c9047b2cc51b6a88cd9, 0ed18db74edf4335149882fad0d8b8e6e07ea4c0, a244fbec57e2540ca427b76c7e8752c85bb1f158, addeb16e5da4a4f90c7997a9629fcce1fc7aac56)
• When deleting a Shoot cluster, its custom resource definitions are now deleted first. This will trigger recursive deletion of corresponding custom resources, allowing controllers to terminate them gracefully. Only after all custom resource defintions have been gone, the other Kubernetes resources will get deleted. (9aec13f509b02ed544d15d86a4952ebe78f1675c)
• It is now possible to disable the reconciliation enitrely per Shoot cluster (useful for development scenarios). In order to enable the feature, the .controllers.shoot.respectSyncPeriodOverwrite flag in the controller-managers componentconfig must be set to true, and the respective Shoot cluster must be annotated with shoot.garden.sapcloud.io/ignore: true. (2896cbb85ed61496e8cc3ad5e27a52e2ba022f3d)
• The .ci folder now features integration and conformance tests for Shoot clusters.

Improvements:

• Gardener controller-manager does not shut down much faster (it does not longer wait for the running operations to complete, but just terminates immediately). (71c2b931545721c9bf6061227a2e9c3aaace69f6)
• The Prometheus alerting rules have been revisioned and cleaned up. (047d595fcb2141f68e430344e8b40f9526037aee)
• The garbage collection of old replica sets has been replaced by the native .spec.revisionHistoryLimit option in a Kubernetes deployment manifest. (0fa82ccc7fa8e84a80acee75996ad3f5b4656ade)
• New Shoot resources are automatically annotated with garden.sapcloud.io/createdBy: <userName>. (3fba68339f53f71211cbccc5ad419747015234d4)
• The retrieval of the logs of created Terraformer pods is now bound to a timeout of two minutes. (2ddab35337835e96fda58183ecfc174d4df94cf0)
• The monocular addon is now correctly deployed in a Shoot's kube-system namespace. (a221b4de9e184455b4596c414f666b2de54aa158, de1217bb9a071a41919252a8fdce9ea1bc1038b5)
• The vagrant provider has been renamed to local. (790a66d39790ec0643129c24994fd9138c0b2ad2)
• When updating a Service object, possibly existing nodePorts are now safely provided into the new manifest. (4ff27849eca6845194f7e8ef074b73c48400e5c8)
• A multiply used variable name that was accidently overwritten with incorrect values in some cases has been renamed, solving issues when reconciling Shoots that were annotated to be used as Seeds. (50ad5cb7bb4784fbf87222c9fdcf32dc07c20b24)
• Old or unused machine class secrets are now correctly cleaned up in the Shoot's namespace in the Seed cluster. (055b76deb5635e43e83a319421fa7a85568a6594)
• Docker image version updates (0bde20d4daedad55544bed9a1ffe052fd2e34b5c, 2afa2229cc12fa3366bb38fb3345205e726ba1e2, a723c7cc72976d38cd7759fea2d879b55923f09e, f69ed93c8b30b4722c46ee52fa02151900eecafb)
  • eu.gcr.io/gardener-project/gardener/etcdbrctl: 0.2.1 (new)
  • eu.gcr.io/gardener-project/gardener/terraformer: 0.3.0 -> 0.5.0
  • quay.io/coreos/etcd: v3.3.2 -> v3.3.3
  • quay.io/coreos/kube-state-metrics: v1.2.0 -> v1.3.1
  • grafana/grafana: 5.0.3 -> 5.0.4
  • quay.io/calico/node: v3.0.4 -> v3.1.0
  • quay.io/calico/cni: v2.0.3 -> v3.1.0
  • quay.io/calico/typha: v0.7.0 -> v0.7.1
  • k8s.gcr.io/k8s-dns-kube-dns-amd64: 1.14.8 -> 1.14.9
  • k8s.gcr.io/k8s-dns-dnsmasq-nanny-amd64: 1.14.8 -> 1.14.9
  • k8s.gcr.io/k8s-dns-sidecar-amd64: 1.14.8 -> 1.14.9
  • k8s.gcr.io/heapster: v1.5.1 -> v1.5.2
  • eu.gcr.io/gardener-project/gardener/machine-controller-manager: 0.3.0 -> 0.4.0
• Golang dependency updates (de90981bfda32c00d177ea716dd7b51a3da7b322)
  • k8s.io/api: kubernetes-1.10.0 -> kubernetes-1.10.1
  • k8s.io/apimachinery: kubernetes-1.10.0 -> kubernetes-1.10.1
  • k8s.io/apiserver: kubernetes-1.10.0 -> kubernetes-1.10.1
  • k8s.io/client-go: kubernetes-1.10.0 -> kubernetes-1.10.1
  • k8s.io/code-generator: kubernetes-1.10.0 -> kubernetes-1.10.1

Docker Images

gardener-apiserver: eu.gcr.io/gardener-project/gardener/apiserver:0.3.0
gardener-controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:0.3.0

Improvements:

• Shoot and project name lengths sum are now validated against a maximum of 23 characters. (ba62803117a2502026ae44da3ca330fd8ad50103)
• Deploying AWS Shoot clusters into an existing VPC requires that the VPC has an attached internet gateway. The Gardener will no longer create one. (b42d857ff080e3c7e2506c0dcc5289202ec0fa5e)
• The Node Authorziation mode has been enabled for all Kubernetes versions. (3e9e588058a57a58f5ba7fd615cc4c2b3d08e81c)
• The Azure cloud provider backoff configuration has been configured with the default values, fixing possible backoff times up to 40 hours. (2a218a90d0a22acad6161d00a12171547b760106)
• The computation for map hash values now considers also bool and int types which results now in a correct checksum for the machine class specifications. (ac5be8cf4bea9386c762c420b27f88cd9815ecd1)

Docker Images

gardener-apiserver: eu.gcr.io/gardener-project/gardener/apiserver:0.1.1
gardener-controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:0.1.1

Most notable changes:

• Kubernetes 1.10 is now supported for AWS and GCP Shoot clusters. Azure clusters are only supported with version 1.8 (1.9 can probably be supported with 1.9.7 (kubernetes/kubernetes#61754 was required and is merged), 1.10 can probably be supported with 1.10.1 (kubernetes/kubernetes#61753 was required and is merged)). OpenStack clusters are only supported with version 1.8 and 1.9 (1.10 can probably be supported with 1.10.1 (kubernetes/kubernetes#58502 has introduced an issue which was "fixed" with kubernetes/kubernetes#61000)). (21b347636f62ecc59e45054030e98822d675dab7)
• The quota admission controller has been implemented, allowing to put resources consumed by Shoots under quota constraints. Quotas are referenced in SecretBindings which are used by Shoots. Quotas may also contain a maximum cluster life time which enables offering trial clusters that are terminated automatically after that time. (2490ae1589ccaf443d33b698bc768d3fc824d1d3, 77be92290a82848382af6faf8ae0abae5022af1f, 6d287bf0eb6b53f9bc0ad28332cc89dc4e554244, aa1043427333f2e4bef3667bb9584b21dd4d9f25, 55ef2ac3c9e3eaeff75662b4dde9050c3cab6237, 3b744ec4587bc1c0d2f079ee79ce5f133ce1ae1c)
• Shoots which are unhealthy are now labelled with shoot.garden.sapcloud.io/unhealthy=true to allow easy filtering of Shoots with issues. In case a Shoot is healthy, the label is not set/present. (d16c258b9d638c03a65afd020adb80b4b8761a38)
• The Kubelet monitoring script installed on all worker machines now reboots the VM if
  • the Kubelet's ready state toggles too often between True and False. (cc7c0bf8e55b37b3ba9e55e2b38ba19b262e9299)
  • the Kubelet reports PLEG is not healthy too often. (b07bf50c0ac601c5c5c26d852b73bd0fb1f7434f)
• The Node Authorziation mode has been enabled for all Kubernetes versions. (f6d5f9406e9a3da286836aff83eee3ed6e4ea67b)
• Shoot and project name lengths sum are now validated against a maximum of 23 characters. (ba62803117a2502026ae44da3ca330fd8ad50103)
• Deploying AWS Shoot clusters into an existing VPC requires that the VPC has an attached internet gateway. The Gardener will no longer create one. (972bfe8ca6c192d9e83e6d7ddab15a879507c9dd)
• The OpenStack cloud profile allows to configure DNS servers which will be used for the worker machine network of all Shoots using this cloud profile. (65db9e6e1a41e1ab5c6322eeae980ce22e0c7791)
• GCP Shoot clusters can now be deployed in multiple zones (a Kubernetes issue regarding volume attachment has been resolved since 1.8.5 and 1.9). (b1ce34bf0742304b3f0b47529146be5dd750bda0)

Improvements:

• The retry cycle start time handling has been improved. Moreover, it is now possible to retrigger operations on Shoot clusters in a failed state (normally, the Gardener won't retry them). To do so, the user must set the shoot.garden.sapcloud.io/operation=retry annotation on the Shoot. (f68421d0760716a8830411cee8d4e4dd3124bd44, 21288fa4cf7a8e9aa83d42163c484dfe582bcbf6, 93b1bdcf0138d392651f25c90b69d657a3e78dc3)
• The Gardener controller manager can now be configured to respect overwriting the default resync period of a dedicated Shoot cluster. If so, the shoot.garden.sapcloud.io/sync-period annotation on a Shoot can be used to individually configure the Shoot's sync period. The controller manager's componentconfig allows now also to define the duration after which an errornous operation should be retried (was hard-coded with 15s previously). (183de36e3b7e0ee91f450f2caedcf53c4d5a0af5)
• The Azure cloud provider backoff configuration has been configured with the default values, fixing possible backoff times up to 40 hours. (f15944037e1784bada87bd4bff51b5a334b3b066)
• Terraform errors containing InvalidClientTokenId are correlated to the ERR_INFRA_UNAUTHORIZED error code. (0fb32f79d3bb48b1061c6f1fcd221c07223c8699)
• The Terraform job configuration has been improved (backoff limit was set to 3, meaning at most 4 pods will be scheduled to try to complete the job). (56d98600b3bbae1338623bf4ca219b2e48d41a50)
• The default retry times of the creation/reconciliation/deletion flow have been lowered because errornous operations will be retried completely. (f5474d4597bb6af4386b1bf7375912a5b7846f06)
• When deleting a Shoot cluster the Gardener now waits until all Machine objects have been removed. (8ae8f32f18d050b3f5e48a3a0a9a6b510b4041c2)
• The computation for map hash values now considers also bool and int types which results now in a correct checksum for the machine class specifications. (487e16209db6c236818f69f23ef0d6aca844c195)
• Updating the Shoot specification is no longer allowed when a Shoot's .metadata.deletionTimestamp is set. (2f1c762bd4fcaa787193b976f1db69495f1529d8)
• When deleting a Shoot cluster the kube-apiserver deployment is explicitly deleted when destroying the internal DNS record. (e133a507832450267330e4a7c7de89e3f606e586)
• When registering a Shoot as a Seed cluster then the .metadata.ownerReference is set on the computed Seed resource (pointing to the Shoot). (706a3267169339273439a6911c838c4a6e998575)
• The OpenAPI specification has been extended with custom column printing for Shoots and Seeds, allowing to get more information when using kubectl get {seeds,shoots}. (1ab403a0463166921842b776f4915338c2dcc891)
• Docker image version updates (801bda1c6725b7f510d1c1adfc8bbc0928f22092, aecfcb7564f13b81e1b3c8e9a67997927c6a8440, adc003f8838ee2b463353958b1b2e1130fece064)
  • k8s.gcr.io/kube-addon-manager: v8.5 -> v8.6
  • quay.io/calico/node: v3.0.3 -> v3.0.4
  • quay.io/calico/cni: v2.0.2 -> v2.0.3
  • quay.io/calico/typha: v0.6.2 -> v0.7.0
  • eu.gcr.io/gardener-project/gardener/terraformer: 0.2.0 -> 0.3.0
  • eu.gcr.io/gardener-project/gardener/machine-controller-manager: 0.2.0 -> 0.3.0

Docker Images

gardener-apiserver: eu.gcr.io/gardener-project/gardener/apiserver:0.2.0
gardener-controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:0.2.0

Initial release

The Gardener implements the automated management and operation of Kubernetes clusters as a service and aims to support that service on multiple Cloud providers (AWS, GCP, Azure, OpenStack). Its main principle is to use Kubernetes itself as base for its tasks.

In essence, the Gardener is an extension API server along with a bundle of Kubernetes controllers which introduces new API objects in an existing Kubernetes cluster (which is called Garden cluster) in order to use them for the management of further Kubernetes clusters (which are called Shoot clusters).
To do that reliably and to offer a certain quality of service, it requires to control the main components of a Kubernetes cluster (etcd, API server, controller manager, scheduler). These so-called control plane components are hosted in Kubernetes clusters themselves (which are called Seed clusters).

Please find more information regarding the concepts and a detailed description of the architecture in our Kubernetes Wiki.

Docker Images

gardener-apiserver: eu.gcr.io/gardener-project/gardener/apiserver:0.1.0
gardener-controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:0.1.0