Kubernetes-native system managing the full lifecycle of conformant Kubernetes clusters as a service on Alicloud, AWS, Azure, GCP, OpenStack, vSphere, KubeVirt, Hetzner, EquinixMetal, MetalStack, and OnMetal with minimal TCO.
OTHER License
Bot releases are visible (Hide)
Published by gardener-robot-ci-1 7 months ago
[OPERATOR]
An issue causing the reconciliation of backupentries to be stuck when the extension fails to populate the status is now fixed. by @shafeeqes [#9371][USER]
An issue has been fixed which was causing scale-downs of kube-controller-manager
and similar controllers due to prevented deletion of orphaned node Lease
s. by @rfranzke [#9353][USER]
An issue has been fixed which caused Shoot
reconciliation to get stuck because the API discovery used to generate the read-only ClusterRole
for shoots/viewerkubeconfig
subresource failed. by @rfranzke [#9362][OPERATOR]
Add logging for mcm cloud-provider methods for better traceability by @rishabh-11 [gardener/autoscaler#301]europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.89.2
europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.89.2
europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.89.2
europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.89.2
europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.89.2
europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.89.2
europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.89.2
europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.89.2
Published by gardener-robot-ci-3 7 months ago
[USER]
An issue has been fixed which caused Shoot
reconciliation to get stuck because the API discovery used to generate the read-only ClusterRole
for shoots/viewerkubeconfig
subresource failed. by @rfranzke [#9361]europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.90.2
europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.90.2
europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.90.2
europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.90.2
europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.90.2
europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.90.2
europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.90.2
europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.90.2
Published by gardener-robot-ci-1 7 months ago
[USER]
A bug has been fixed which prevented Shoot
s using Alertmanager from getting stuck in reconciliation with error last error: more than one PV found with label disk-migration.monitoring.gardener.cloud/pvc-name=alertmanager-db-alertmanager-0
. by @rfranzke [#9341][USER]
A bug has been fixed which reported false negative health checks for the ObservabilityComponentsHealthy
condition on Shoot
s using Alertmanager if they have been reconciled with Gardener >= 1.90
. by @rfranzke [#9340][USER]
An issue has been fixed which was causing scale-downs of kube-controller-manager
and similar controllers due to prevented deletion of orphaned node Lease
s. by @rfranzke [#9351][OPERATOR]
A bug causing the gardener-resource-manager
configmap to be garbage collected because of missing reference annotation is now fixed. by @aaronfern [#9347][OPERATOR]
An issue causing the reconciliation of backupentries to be stuck when the extension fails to populate the status is now fixed. by @shafeeqes [#9336][OPERATOR]
The skaffold version is downgraded from v2.10.1 to v2.9.0 to fix an issue with skaffold not detecting code changes on make gardener-up
. by @dimityrmirchev [#9328][OPERATOR]
NodeNotHealthy prometheus alert disregards nodes with deployment.machine.sapcloud.io/prefer-no-schedule
taint by @adenitiu [#9346]europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.90.1
europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.90.1
europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.90.1
europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.90.1
europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.90.1
europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.90.1
europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.90.1
europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.90.1
Published by gardener-robot-ci-1 8 months ago
[OPERATOR]
Bump alpine to 3.19.1 by @ary1992 [#9317][OPERATOR]
gardener-node-agent
now terminates itself (leading to a restart of its systemd
unit) in case it determines that the hostname of its node has changed. by @rfranzke [#9287]europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.88.1
europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.88.1
europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.88.1
europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.88.1
europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.88.1
europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.88.1
europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.88.1
europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.88.1
Published by gardener-robot-ci-2 8 months ago
[OPERATOR]
gardener-node-agent
now terminates itself (leading to a restart of its systemd
unit) in case it determines that the hostname of its node has changed. by @rfranzke [#9288]europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.87.4
europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.87.4
europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.87.4
europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.87.4
europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.87.4
europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.87.4
europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.87.4
europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.87.4
Published by gardener-robot-ci-3 8 months ago
[OPERATOR]
Bump alpine to 3.19.1 by @ary1992 [#9316][OPERATOR]
gardener-node-agent
now terminates itself (leading to a restart of its systemd
unit) in case it determines that the hostname of its node has changed. by @rfranzke [#9286]europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.89.1
europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.89.1
europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.89.1
europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.89.1
europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.89.1
europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.89.1
europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.89.1
europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.89.1
Published by gardener-robot-ci-1 8 months ago
[OPERATOR]
The UseGardenerNodeAgent
feature gate has been promoted to GA. It was already enabled by default and can now no longer be turned off. The feature gate will be removed in a future release. by @rfranzke [#9208][OPERATOR]
⚠️ Gardener does no longer support garden, seed, or shoot clusters with Kubernetes versions == 1.24. Make sure to upgrade all existing clusters before upgrading to this Gardener version. by @shafeeqes [#8989][OPERATOR]
The APIServerFastRollout
feature gate has been promoted to GA. It was already enabled by default and can now no longer be turned off. The feature gate will be removed in a future release. by @oliver-goetz [#9214][DEVELOPER]
The pkg/envtest
package has been moved to test/envtest
. Most component packages in pkg/component
have been moved. The pkg/openapi
and pkg/registry
packages have been moved to pkg/apiserver/*
. by @rfranzke [#9217][DEVELOPER]
Function signature of infrastructure controller NewReconciler
has changed from NewReconciler(manager.Manager, Actuator, ConfigValidator)
to NewReconciler(manager.Manager, Actuator, ConfigValidator, map[gardencorev1beta1.ErrorCode]func(string) bool). by @acumino [#9321][USER]
The spec.kubernetes.allowPrivilegedContainers
field in the Shoot API is deprecated and will be removed in a future version. This field is not relevant to Shoots with kubernetes versions >= 1.25. Please adapt your controllers accordingly. by @shafeeqes [#8989][USER]
It is no longer possible to add or change the .spec.seedSelector
field in Shoot
s when spec.seedName
is already set. by @rfranzke [#9212][OPERATOR]
DNSRecord
resources for seed and shoot clusters now have an annotation indicating their target ip stack (dns.gardener.cloud/ip-stack
set to either ipv4
, ipv6
, or dual-stack
). by @ScheererJ [#9289][OPERATOR]
gardener-resource-manager
's health check controller now checks whether VerticalPodAutoscaler
s report the ConfigUnsupported
condition. by @rfranzke [#9211][USER]
It is now possibleto specify some cluster-autoscaler
related options per worker pool in Shoot
s via spec.provider.workers[].clusterAutoscaler
. Read more about it here. by @aaronfern [#9245][USER]
In order to fine-tune VPA CPU recommendations, the CPU target percentile parameter for vpa-recommender
can now be configured in the Shoot
specification via the .spec.kubernetes.verticalPodAutoscaler.targetCPUPercentile
field. by @voelzmo [#9279][DEVELOPER]
It is now possible to provide configuration for the aggregate Prometheus running in seed clusters' garden
namespaces. Read all about it here. by @rfranzke [#9200][DEPENDENCY]
An issue was fixed that sometimes led to leaked extension-controlplane-shoot-webhooks
which blocked the shoot deletion. by @timuthy [#9209][DEPENDENCY]
hack/hook-me.sh
now ensures the required network connectivity so that the quic tunnel can be successfully established. by @vpnachev [#8909][USER]
A bug causing shoot force-deletion to get stuck in case the secrets referred by the DNS Records are outdated is now fixed. by @acumino [#9324][OPERATOR]
Update Istio to v1.19.7 by @axel7born [#9215][OPERATOR]
Bump alpine to 3.19.1 by @ary1992 [#9315][OPERATOR]
Enhance NodeNotHealthy
Prometheus alert to fire immediately. by @adenitiu [#9314][OPERATOR]
gardener-node-agent
now terminates itself (leading to a restart of its systemd
unit) in case it determines that the hostname of its node has changed. by @rfranzke [#9280][OPERATOR]
Resource requests of istio ingress gateway are reduced and its horizontal autoscaling behaviour specified in more detail, including scale-up under memory pressure by @ScheererJ [#9250][OPERATOR]
The VerticalPodAutoscaler
object for the shoot Prometheus is now labeled with app=prometheus,role=monitoring
, similar to the corresponding StatefulSet
. by @nickytd [#9244][OPERATOR]
Set reinvocationPolicy: IfNeeded
for VPA admission-controller webhook to ensure that webhooks injecting sidecar containers will not trigger and endless eviction loop. by @voelzmo [#9191][DEPENDENCY]
The following dependencies are updated:
k8s.io/*
: v0.28.4
-> v0.29.2
sigs.k8s.io/controller-runtime
: v0.16.3
-> v0.17.2
by @shafeeqes [#9174][USER]
The validation error shown when a user tries to change the .spec.seedName
field of a Shoot will now also display the old and new values to better indicate that a change was attempted. by @plkokanov [#9294][OPERATOR]
Change OCI Image Registry from GCR (eu.gcr.io/gardener-project
) to Artifact-Registry (europe-docker.pkg.dev/gardener-project/releases
). Users should update their references. by @ccwienk [gardener/dependency-watchdog#93][OPERATOR]
DWD no longer depends on checking the reachability of Kube-API server via external load-balancer as kube-proxy path optimizations makes that impossible on infrastructures which have a static IP for the LB. Instead it now depends on node leases that are periodically renewed by each node running in the shoot cluster to determine its scaling action (scale-down/up). by @rishabh-11 [gardener/dependency-watchdog#94][OPERATOR]
Make kcmNodeMonitorGraceDuration
optional in the prober config and use a default value of 40s
if not specified in the shoot and the config. by @rishabh-11 [gardener/dependency-watchdog#101][DEVELOPER]
Use ginkgolinter
instead of self baked gomegacheck
by @himanshu-kun [gardener/dependency-watchdog#95]europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.90.0
europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.90.0
europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.90.0
europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.90.0
europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.90.0
europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.90.0
europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.90.0
europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.90.0
Published by gardener-robot-ci-1 8 months ago
[OPERATOR]
Change OCI Image Registry from GCR (eu.gcr.io/gardener-project
) to Artifact-Registry (europe-docker.pkg.dev/gardener-project/releases
). Users should update their references.[OPERATOR]
Helm chart upgrades no longer fail due to the immutable Deployment.spec.selector
field. In order to upgrade to this version, the gardener-metrics-exporter
Deployment needs to be deleted first. by @timebertt [gardener/gardener-metrics-exporter#94][OPERATOR]
Upgrade go to 1.22, update base image to distroless based on Debian 12, and exchange the linter. by @rickardsjp [gardener/gardener-metrics-exporter#97][OPERATOR]
Upgrade dependencies[OPERATOR]
Adds: garden_shoot_worker_node_max_total and garden_shoot_worker_node_min_total. Also gives insight into the worker type (for example for OpenStack the Flavor name). by @Sinscerly [gardener/gardener-metrics-exporter#95][DEVELOPER]
The util function pkg/utils/gardener.ComputeShootProjectSecretName
has been renamed to pkg/utils/gardener.ComputeShootProjectResourceName
. by @petersutter [#9123][DEPENDENCY]
There are several breaking changes in the github.com/gardener/gardener/extensions/pkg/webhook
package:
EnsureNoStringWithPrefix
, EnsureNoStringWithPrefixContains
, EnsureNoEnvVarWithName
, EnsureNoVolumeMountWithName
, EnsureNoVolumeWithName
, EnsureNoContainerWithName
, EnsureNoPVCWithName
now delete all matching entries. Previously they were deleting only the first occurrence.EnsureStringWithPrefix
, EnsureStringWithPrefixContains
now act on all prefix matches.StringIndex
is removed. instead, use slices.Index
. by @Kostov6 [#9007][OPERATOR]
The UseGardenerNodeAgent
feature gate has been promoted to beta and is now turned on by default. by @rfranzke [#9161][USER]
The shoot cluster CA bundle is now stored in a ConfigMap
in the project namespace of the garden cluster, in addition to storing it in a Secret
. This ConfigMap
shares the same name as the pre-existing Secret
, which is <shoot-name>.ca-cluster
. The Secret
will be removed in a future Gardener release. Therefore, if your tooling relies on this Secret
, you should update it to fetch the ConfigMap
instead. by @petersutter [#9123][USER]
It is now possible to skip a minor Kubernetes version for worker pool Kubernetes version upgrades as long as the version remains equal to or less than the control plane version. by @shafeeqes [#9185][OPERATOR]
A new field .spec.runtimeCluster.ingress.domains
was added to the Garden
API. This field allows to use multiple ingress domains for components of the runtime cluster. All domains are assumed to be wildcard domains. Earlier, the API only accepted one domain name via .spec.runtimeCluster.ingress.domain
..spec.runtimeCluster.ingress.domain
is deprecated and will be removed in the next release. Please update your Garden
resource to the new .spec.runtimeCluster.ingress.domains
field by removing the existing domain configuration from ingress.domain
and add it as the first entry of ingress.domains
. by @ScheererJ [#9038][OPERATOR]
gardener-resource-manager
now considers the health and the progressing status for Prometheus
and Alertmanager
resources managed via ManagedResource
s. by @rfranzke [#9163][DEVELOPER]
It is now possible to provide configuration for the cache Prometheus running in seed clusters' garden
namespaces. Read all about it here. by @rfranzke [#9128][DEVELOPER]
It is now possible to provide configuration for the seed Prometheus running in seed clusters' garden
namespaces. Read all about it here. by @rfranzke [#9180][DEVELOPER]
The WaitUntilObjectReadyWithHealthFunction
function was enhanced to log the object's kind. by @timuthy [#9177][DEVELOPER]
An issue with the FallbackClient
was resolved. If used in external projects, the client threw scheme related errors belonging to GVKs that are not registered in the GardenScheme
. by @timuthy [#9177][OPERATOR]
Add Prometheus alert for unhealthy seed node. by @adenitiu [#9127][OPERATOR]
Istio is now used as the single entry point on seed clusters. The load balancer of nginx-ingress is removed and traffic goes through istio before being handled by nginx if necessary. by @ScheererJ [#9038][OPERATOR]
Add condition type ObservabilityComponentsHealthy
for extension health check, it will allow extensions to register with this type. by @Sallyan [#9092][OPERATOR]
Multiple ingress domains in .spec.runtimeCluster.ingress.domains
can now overlap without triggering reconciliation issues. by @ScheererJ [#9183][OPERATOR]
Update configure-admission.sh for extensions using gardener certificate management for webhooks by @kon-angelo [#9168][OPERATOR]
The side car container of kube-apiserver for the HA VPN now have minimum memory resources that VPA will respect. by @ScheererJ [#9173]europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.89.0
europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.89.0
europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.89.0
europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.89.0
europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.89.0
europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.89.0
europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.89.0
europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.89.0
Published by gardener-robot-ci-1 8 months ago
[OPERATOR]
A bug has been fixed which was preventing valitail
systemd services on shoot workers from starting when the UseGardenerNodeAgent
feature gate is enabled. by @oliver-goetz [#9152]europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.85.5
europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.85.5
europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.85.5
europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.85.5
europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.85.5
europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.85.5
europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.85.5
europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.85.5
Published by gardener-robot-ci-2 8 months ago
[USER]
The kube-apiserver
deployment is annotated to mark the completion of labeling the resources for encrytion so that this step is not repeated in case the "label removal" step fails and resources are partially without the label. by @shafeeqes [#9148][OPERATOR]
A bug has been fixed which was preventing valitail
systemd services on shoot workers from starting when the UseGardenerNodeAgent
feature gate is enabled. by @oliver-goetz [#9150][OPERATOR]
nginx-ingress-controller
image is updated to v1.9.6
. by @shafeeqes [#9133]europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.87.3
europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.87.3
europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.87.3
europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.87.3
europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.87.3
europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.87.3
europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.87.3
europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.87.3
Published by gardener-robot-ci-3 8 months ago
[OPERATOR]
The docker
CRI is no longer supported for machine images in the CloudProfile
. Docker CRI was already not supported for Shoot
s with Kubernetes versions >= v1.23
, so adding this CRI is a no-op currently. Please remove all the usages of docker
CRI from your CloudProfile
s before upgrading to this version. by @shafeeqes [#9135][OPERATOR]
The GA-ed WorkerlessShoots
feature gate has been removed. by @acumino [#9094][OPERATOR]
The GA-ed ContainerdRegistryHostsDir
feature gate has been removed. by @ialidzhikov [#9058][DEPENDENCY]
The Selector field of the github.com/gardener/gardener/pkg/extensions/webhook.{Webhook,Args}
types is now renamed to NamespaceSelector. by @ialidzhikov [#9085][OPERATOR]
When SSH access is enabled for a shoot cluster, the gardener
linux user is created during the bootstrapping process of a node
. This allows human operators to more easily SSH into the worker nodes with this username independent of the underlying machine image or cloud provider. by @oliver-goetz [#9077][OPERATOR]
It is now possible to define additional/custom permissions via RBAC for extensions access in the garden cluster. You can read all about it here. by @rfranzke [#9079][DEVELOPER]
The prometheus-operator
(and its related CustomResourceDefinition
s) are now deployed by default to garden clusters (by gardener-operator
) and to seed clusters (by gardenlet
). In the future, it will take over management of the Prometheus and Alertmanager instances. by @rfranzke [#9067][USER]
The gardener-node-agent
health is now being considered during the health check of a Shoot
and incorporated into the EveryNodeReady
condition. by @tobschli [#9073][DEVELOPER]
Fix: add snapshots repository to default "component prefixes" to fix wrong values generated into Component Descriptors by @ccwienk [#9109][DEVELOPER]
Fix Istio ingress service.yaml for dual-stack setup and add test. by @axel7born [#9098][OPERATOR]
A bug has been fixed which was preventing valitail
systemd services on shoot workers from starting when the UseGardenerNodeAgent
feature gate is enabled. by @oliver-goetz [#9149][OPERATOR]
Cluster creation with highly available control planes and an infrastructure extension that uses dynamic node networks is no longer delayed by a failing VPN connection before the first reconciliation. by @MichaelEischer [#9075][USER]
The kube-apiserver
deployment is annotated to mark the completion of labeling the resources for encrytion so that this step is not repeated in case the "label removal" step fails and resources are partially without the label. by @shafeeqes [#9147][DEVELOPER]
There is now a new github.com/gardener/gardener/extensions/pkg/webhook.EnsureUnitWithName
func that can be used to add/update unit to OperatingSystemConfig units. by @ialidzhikov [#9121][DEVELOPER]
Gardener's ClientMap
implementation was moved from an internal
to the commonly accessible clientmap
package. by @timuthy [#9101][DEVELOPER]
gardener-node-agent
is now enabled in provider-extensions
setup. by @oliver-goetz [#9048][OPERATOR]
On node machines gardener-node-init.service
is disabled and stopped when gardener-node-agent
is active. by @oliver-goetz [#9096][OPERATOR]
Fluent-bit is now upgraded to v2.2.2 by @nickytd [#9120][OPERATOR]
BackupEntry
s and Shoot
s are now labelled with seed.gardener.cloud/<seed-name>=true
where <seed-name>
is the value of .spec.seedName
or .status.seedName
. This allows for server-side filtering when watching these resources by leveraging a label selector. by @rfranzke [#9089][OPERATOR]
Seed namespaces in the garden cluster are now labelled with gardener.cloud/role=seed
, and ServiceAccount
s for extensions in the seed namespaces are labelled with controllerregistration.core.gardener.cloud/name=<controllerregistration-name>
. by @rfranzke [#9079][OPERATOR]
The following image is updated:
ci:component:github.com/gardener/alpine-conntrack
: 3.19.0 -> 3.19.1 by @gardener-robot-ci-3 [#9090][OPERATOR]
When upgrading a shoot control plane to multi-zonal high-availability there will no longer be an envoy filter left in the old istio ingress namespace by @ScheererJ [#9005][OPERATOR]
Change dnsLookupFamily to ALL in vpn seed envoy config, to prevent unnecessary DNS lookups. by @axel7born [#9102][OPERATOR]
nginx-ingress-controller
image is updated to v1.9.6
. by @shafeeqes [#9124][USER]
It is now possible to read the cluster-identity
ConfigMap
in the kube-system
namespace of the Garden cluster by @petersutter [#9056][DEPENDENCY]
Utility functions QuantityPtr
,ProtocolPtr
,TimePtr
and TimePtrDeref
, extensionsv1alpha1.UnitCommandPtr
and ValueExists
are dropped. Use k8s.io/utils/ptr.To
, k8s.io/utils/ptr.Deref
and slices.Contains
instead. by @shafeeqes [#9107][OPERATOR]
ingress-default-backend
has been migrated to Golang-based implementation. by @acumino [gardener/ingress-default-backend#32][DEVELOPER]
MCM restart happens properly in integration tests now. This fix will get activated, once this version is vendored in your mcm-provider by @sssash18 [gardener/machine-controller-manager#879][OPERATOR]
Fix for edge case of Node object deletion missed during machine termination. by @elankath [gardener/machine-controller-manager#887][OPERATOR]
Removes node.machine.sapcloud.io/not-managed-by-mcm
annotation from nodes managed by the MCM. by @elankath [gardener/machine-controller-manager#866][OPERATOR]
Architecture field added in the nodetemplate. This will allow CA to pickup architecture from machine class and schedule pods on relevant arch nodes. by @sssash18 [gardener/machine-controller-manager#894][OPERATOR]
machine controller won't reconcile machine on non-spec update events by @himanshu-kun [gardener/machine-controller-manager#877][OPERATOR]
fixed IT for seed with k8s >= 1.27 as control cluster by @piyuagr [gardener/machine-controller-manager#869][OPERATOR]
The default machine-safety-orphan-vms-period
has been reduced from 30m to 15m. by @elankath [gardener/machine-controller-manager#866][DEVELOPER]
Bump k8s.io/*
deps to v0.28.2
by @afritzler [gardener/machine-controller-manager#858][DEVELOPER]
go-git now removed from dependencies due to CVE's. by @elankath [gardener/machine-controller-manager#896][DEVELOPER]
Phase transition diagram for a machine object is added to FAQs by @himanshu-kun [gardener/machine-controller-manager#886][OPERATOR]
Change OCI Image Registry from GCR (eu.gcr.io/gardener-project
) to Artifact-Registry (europe-docker.pkg.dev/gardener-project/releases
). Users should update their references.[OPERATOR]
Autoscaler will now add NodeGroupAutoscalingOptions to node groups from annotations present in its corresponding machineDeployments by @aaronfern [gardener/autoscaler#257][OPERATOR]
Synced changes till v1.28.0 of upstream autoscaler by @aaronfern [gardener/autoscaler#260][OPERATOR]
CA will not scale down machine deployment due to a machine in failed phase, this prevents the race condition which was leading to deletion of a new healthy machine. by @sssash18 [gardener/autoscaler#291][OPERATOR]
Cluster Autoscaler will suspend its activities if the machine-controller-manager is offline by @sssash18 [gardener/autoscaler#256]europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.88.0
europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.88.0
europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.88.0
europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.88.0
europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.88.0
europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.88.0
europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.88.0
europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.88.0
Published by gardener-robot-ci-2 9 months ago
[USER]
The worker.gardener.cloud/kubernetes-version
is now correctly maintained as label on Node
s (instead of an annotation) when the UseGardenerNodeAgent
feature gate is turned on. by @rfranzke [#9113]eu.gcr.io/gardener-project/gardener/admission-controller:v1.85.4
eu.gcr.io/gardener-project/gardener/apiserver:v1.85.4
eu.gcr.io/gardener-project/gardener/controller-manager:v1.85.4
eu.gcr.io/gardener-project/gardener/gardenlet:v1.85.4
eu.gcr.io/gardener-project/gardener/node-agent:v1.85.4
eu.gcr.io/gardener-project/gardener/operator:v1.85.4
eu.gcr.io/gardener-project/gardener/resource-manager:v1.85.4
eu.gcr.io/gardener-project/gardener/scheduler:v1.85.4
europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.85.4
europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.85.4
europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.85.4
europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.85.4
europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.85.4
europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.85.4
europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.85.4
europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.85.4
Published by gardener-robot-ci-3 9 months ago
[USER]
The worker.gardener.cloud/kubernetes-version
is now correctly maintained as label on Node
s (instead of an annotation) when the UseGardenerNodeAgent
feature gate is turned on. by @rfranzke [#9111]europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.87.2
europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.87.2
europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.87.2
europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.87.2
europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.87.2
europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.87.2
europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.87.2
europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.87.2
Published by gardener-robot-ci-3 9 months ago
[USER]
The worker.gardener.cloud/kubernetes-version
is now correctly maintained as label on Node
s (instead of an annotation) when the UseGardenerNodeAgent
feature gate is turned on. by @rfranzke [#9112]eu.gcr.io/gardener-project/gardener/admission-controller:v1.86.4
eu.gcr.io/gardener-project/gardener/apiserver:v1.86.4
eu.gcr.io/gardener-project/gardener/controller-manager:v1.86.4
eu.gcr.io/gardener-project/gardener/gardenlet:v1.86.4
eu.gcr.io/gardener-project/gardener/node-agent:v1.86.4
eu.gcr.io/gardener-project/gardener/operator:v1.86.4
eu.gcr.io/gardener-project/gardener/resource-manager:v1.86.4
eu.gcr.io/gardener-project/gardener/scheduler:v1.86.4
europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.86.4
europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.86.4
europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.86.4
europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.86.4
europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.86.4
europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.86.4
europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.86.4
europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.86.4
Published by gardener-robot-ci-3 9 months ago
[OPERATOR]
A regression is fixed that led to unnecessary and repetitive updates in the status.constraints[].last{Update,Transition}Time
fields of the shoot. In larger Gardener installations, these superfluous updates could have resulted in significant excess network traffic, particularly between the gardener-apiserver
and the gardenlet
s in the seeds. by @istvanballok [#9087][USER]
Fixed an issue which prevented project admins and viewers from creating read-only kubeconfigs (via the shoots/viewerkubeconfig
subresource). by @petersutter [#9082]eu.gcr.io/gardener-project/gardener/admission-controller:v1.86.3
eu.gcr.io/gardener-project/gardener/apiserver:v1.86.3
eu.gcr.io/gardener-project/gardener/controller-manager:v1.86.3
eu.gcr.io/gardener-project/gardener/gardenlet:v1.86.3
eu.gcr.io/gardener-project/gardener/node-agent:v1.86.3
eu.gcr.io/gardener-project/gardener/operator:v1.86.3
eu.gcr.io/gardener-project/gardener/resource-manager:v1.86.3
eu.gcr.io/gardener-project/gardener/scheduler:v1.86.3
Published by gardener-robot-ci-3 9 months ago
[OPERATOR]
A regression is fixed that led to unnecessary and repetitive updates in the status.constraints[].last{Update,Transition}Time
fields of the shoot. In larger Gardener installations, these superfluous updates could have resulted in significant excess network traffic, particularly between the gardener-apiserver
and the gardenlet
s in the seeds. by @istvanballok [#9086][USER]
Fixed an issue which prevented project admins and viewers from creating read-only kubeconfigs (via the shoots/viewerkubeconfig
subresource). by @petersutter [#9083]europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.87.1
europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.87.1
europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.87.1
europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.87.1
europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.87.1
europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.87.1
europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.87.1
europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.87.1
Published by gardener-robot-ci-1 9 months ago
[OPERATOR]
A regression is fixed that led to unnecessary and repetitive updates in the status.constraints[].last{Update,Transition}Time
fields of the shoot. In larger Gardener installations, these superfluous updates could have resulted in significant excess network traffic, particularly between the gardener-apiserver
and the gardenlet
s in the seeds. by @istvanballok [#9088]eu.gcr.io/gardener-project/gardener/admission-controller:v1.85.3
eu.gcr.io/gardener-project/gardener/apiserver:v1.85.3
eu.gcr.io/gardener-project/gardener/controller-manager:v1.85.3
eu.gcr.io/gardener-project/gardener/gardenlet:v1.85.3
eu.gcr.io/gardener-project/gardener/node-agent:v1.85.3
eu.gcr.io/gardener-project/gardener/operator:v1.85.3
eu.gcr.io/gardener-project/gardener/resource-manager:v1.85.3
eu.gcr.io/gardener-project/gardener/scheduler:v1.85.3
Published by gardener-robot-ci-1 9 months ago
[OPERATOR]
Allow the dependency-watchdog-prober
to patch "deployments" and "deployments/scale" resources. by @aaronfern [#9041]eu.gcr.io/gardener-project/gardener/admission-controller:v1.86.2
eu.gcr.io/gardener-project/gardener/apiserver:v1.86.2
eu.gcr.io/gardener-project/gardener/controller-manager:v1.86.2
eu.gcr.io/gardener-project/gardener/gardenlet:v1.86.2
eu.gcr.io/gardener-project/gardener/node-agent:v1.86.2
eu.gcr.io/gardener-project/gardener/operator:v1.86.2
eu.gcr.io/gardener-project/gardener/resource-manager:v1.86.2
eu.gcr.io/gardener-project/gardener/scheduler:v1.86.2
Published by gardener-robot-ci-1 9 months ago
[OPERATOR]
Allow the dependency-watchdog-prober
to patch "deployments" and "deployments/scale" resources. by @aaronfern [#9043]eu.gcr.io/gardener-project/gardener/admission-controller:v1.85.2
eu.gcr.io/gardener-project/gardener/apiserver:v1.85.2
eu.gcr.io/gardener-project/gardener/controller-manager:v1.85.2
eu.gcr.io/gardener-project/gardener/gardenlet:v1.85.2
eu.gcr.io/gardener-project/gardener/node-agent:v1.85.2
eu.gcr.io/gardener-project/gardener/operator:v1.85.2
eu.gcr.io/gardener-project/gardener/resource-manager:v1.85.2
eu.gcr.io/gardener-project/gardener/scheduler:v1.85.2
Published by gardener-robot-ci-1 9 months ago
[OPERATOR]
Allow the dependency-watchdog-prober
to patch "deployments" and "deployments/scale" resources. by @aaronfern [#9042]eu.gcr.io/gardener-project/gardener/admission-controller:v1.84.3
eu.gcr.io/gardener-project/gardener/apiserver:v1.84.3
eu.gcr.io/gardener-project/gardener/controller-manager:v1.84.3
eu.gcr.io/gardener-project/gardener/gardenlet:v1.84.3
eu.gcr.io/gardener-project/gardener/node-agent:v1.84.3
eu.gcr.io/gardener-project/gardener/operator:v1.84.3
eu.gcr.io/gardener-project/gardener/resource-manager:v1.84.3
eu.gcr.io/gardener-project/gardener/scheduler:v1.84.3