Kubernetes-native system managing the full lifecycle of conformant Kubernetes clusters as a service on Alicloud, AWS, Azure, GCP, OpenStack, vSphere, KubeVirt, Hetzner, EquinixMetal, MetalStack, and OnMetal with minimal TCO.
OTHER License
Bot releases are hidden (Show)
Published by gardener-robot-ci-2 over 1 year ago
networking.resources.gardener.cloud/from-world-to-ports
annotation from being reached from internal IP addresses when the cluster was using Cilium as CNI. (gardener/gardener#7891, @gardener-ci-robot)eu.gcr.io/gardener-project/gardener/autoscaler/cluster-autoscaler
: v1.21.5
-> v1.21.6
(for Kubernetes 1.21
)eu.gcr.io/gardener-project/gardener/autoscaler/cluster-autoscaler
: v1.22.5
-> v1.22.6
(for Kubernetes 1.22
)eu.gcr.io/gardener-project/gardener/autoscaler/cluster-autoscaler
: v1.23.3
-> v1.23.4
(for Kubernetes 1.23
)eu.gcr.io/gardener-project/gardener/autoscaler/cluster-autoscaler
: v1.24.2
-> v1.24.3
(for Kubernetes 1.24
)eu.gcr.io/gardener-project/gardener/autoscaler/cluster-autoscaler
: v1.25.2
-> v1.25.3
(for Kubernetes 1.24
)eu.gcr.io/gardener-project/gardener/autoscaler/cluster-autoscaler
: v1.26.1
-> v1.26.2
(for Kubernetes 1.26
)admission-controller: eu.gcr.io/gardener-project/gardener/admission-controller:v1.70.1
apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.70.1
controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.70.1
scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.70.1
operator: eu.gcr.io/gardener-project/gardener/operator:v1.70.1
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.70.1
resource-manager: eu.gcr.io/gardener-project/gardener/resource-manager:v1.70.1
Published by gardener-robot-ci-2 over 1 year ago
cgroupDriver
of provider-local
to systemd
. (gardener/gardener#7804, @gardener-ci-robot)admission-controller: eu.gcr.io/gardener-project/gardener/admission-controller:v1.67.3
apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.67.3
controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.67.3
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.67.3
resource-manager: eu.gcr.io/gardener-project/gardener/resource-manager:v1.67.3
scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.67.3
operator: eu.gcr.io/gardener-project/gardener/operator:v1.67.3
Published by gardener-robot-ci-3 over 1 year ago
minDomains
for shoot system components to the number of zones configured in the system component worker pool(s). (gardener/gardener#7826, @timuthy)
maximum: <number-of-zones>
values of your system component worker pool(s).MinDomainsInPodTopologySpread
(enabled by default as of Kubernetes v1.27
).spec.secretBindingName
, .spec.networking
, .spec.networking.type
, spec.maintenance.autoUpdate.machineImageVersion
fields in the Shoot API are now made optional to prepare for the introduction of workerless Shoots feature. Please see https://github.com/gardener/gardener/issues/7635 for more details. (gardener/gardener#7828, @shafeeqes)ManagedIstio
and ReversedVPN
have been removed. Remove these feature gates before updating to this version of Gardener. (gardener/gardener#7830, @rfranzke)gardener.cloud/timestamp
annotation is now formatted as time.RFC3339Nano
. (gardener/gardener#7796, @dimityrmirchev)Shoot
s via .spec.provider.workers[].sysctls
, which may override Gardener default values. (gardener/gardener#7825, @ScheererJ)Secret
s/ConfigMap
s referenced in .spec.resources
of Shoot
s are now protected with a finalizer to ensure they do not disappear from the system as long as they are still referenced somewhere. (gardener/gardener#7850, @rfranzke)gardener-operator
now deploys Istio
components into the garden runtime cluster. (gardener/gardener#7817, @timuthy)highavailabilityconfig
webhook configures topology spread constraints with minDomains=<number-of- zones>
. This configuration only takes effect for clusters which enabled feature gate MinDomainsInPodTopologySpread
(default as of Kubernetes v1.27
). Please note, this configuration will require at least one worker node per registered availability zone so that Kubernetes can spread the respective seed, shoot and control-plane pods across zones. (gardener/gardener#7826, @timuthy)v1.26
. (gardener/gardener#7831, @shafeeqes)seed.spec.settings.loadBalancerServices.annotations
are now applied to the Nginx-Ingress load balancer service in the seed cluster. (gardener/gardener#7835, @timuthy)gardener-operator
does now also manage kube-state-metrics
. (gardener/gardener#7836, @rfranzke)Seed
. This Seed
can be used to test the control plane migration scenario for HA Shoot
s. Additionally, make targets were added to trigger the control plane migration integration test with HA Shoot
s: test-e2e-local-migration-ha-single-zone
to test the migration locally, and ci-e2e-kind-migration-ha-single-zone
mainly intended to be used in Gardener prow jobs. (gardener/gardener#7742, @plkokanov)gardenlet
when seed namespace is gone. (gardener/gardener#7827, @oliver-goetz)nest
filter's warnings in the fluent-bit. (gardener/gardener#7832, @vlvasilev)gardenlet
to run into CrashLoopBackoff
when following the docs/development/getting_started_locally.md#remote-local-setup guide. (gardener/gardener#7841, @plkokanov)spec.settings.ownerChecks.enabled=false
gardenlet is now able to delete the owner DNSRecord for a Shoot stuck in deletion where the kube-apiserver Deployment is missing but the Infrastructure is present and cannot be deleted for some reason (infrastructure dependency, invalid credentials). (gardener/gardener#7842, @ialidzhikov)log
mount path of node-problem-detector
from /var/log
to /var/log/journal
. (gardener/gardener#7860, @AleksandarSavchev)[email protected]
. (gardener/gardener#7831, @shafeeqes)make *-debug.
(gardener/gardener#7847, @oliver-goetz)register-kind2-env
and tear-down-kind2-env
will no longer try to deploy and delete the seed-local
Secret
. This fixes an issue where tear-down-kind2-env
would hang as it deletes and then waits for the seed-local
Secret
to be deleted which can not happen as long as the local
Seed
which uses it still exists. (gardener/gardener#7742, @plkokanov)machineDeploymentsLastUpdateTime
in the Worker
status to keep track of the time when the status of the Worker resource was last updated with the latest machine deployments. (gardener/gardener#7774, @rishabh-11)k8s.io/autoscaling/v2
when necessary for all API calls. (gardener/hvpa-controller#121, @voelzmo)--leader-elect=true
is passed as commandline arg (gardener/hvpa-controller#122, @voelzmo)admission-controller: eu.gcr.io/gardener-project/gardener/admission-controller:v1.70.0
apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.70.0
controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.70.0
scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.70.0
operator: eu.gcr.io/gardener-project/gardener/operator:v1.70.0
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.70.0
resource-manager: eu.gcr.io/gardener-project/gardener/resource-manager:v1.70.0
Published by gardener-robot-ci-3 over 1 year ago
gardenlet
when seed namespace is gone. (gardener/gardener#7833, @gardener-ci-robot)admission-controller: eu.gcr.io/gardener-project/gardener/admission-controller:v1.69.1
apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.69.1
controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.69.1
scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.69.1
operator: eu.gcr.io/gardener-project/gardener/operator:v1.69.1
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.69.1
resource-manager: eu.gcr.io/gardener-project/gardener/resource-manager:v1.69.1
Published by gardener-robot-ci-1 over 1 year ago
Seed
and ManagedSeed
API validation has been enhanced by the following checks: (gardener/gardener#7695, @timuthy)
ManagedSeed
s can only use the very same zone(s) (managedSeed.spec.gardenlet.config.seedConfig.spec.provider.zones
) that are available in the referenced Shoot
(shoot.spec.provider.workers[].zones
).ManagedSeed
s can only add additional zones that are available in the referenced shoot.seed.spec.provider.zones
is denied if shoots are still scheduled to the affected seed.v1.60
to compensate a zone mismatch issue in Azure that is in the meantime fixed by the Azure provider extension v1.34.ManagedSeed
objects. They should configure as many as zone as there are available in the referenced shoot - see check (c).v1
API of the snapshot.storage.k8s.io
group. v1
is served starting external-snapshotter@v4
. Before upgrading to this version of Gardener make sure that provider extension install at least external-snapshotter@v4
and do not install any lower version. (gardener/gardener#7759, @ialidzhikov)GardenletConfiguration.seedConfig.metadata.annotations
are added to the Seed
object during registration. If an annotation is removed from seedConfig
, it is not removed from the Seed
object. (gardener/gardener#7753, @timebertt)make gardener-up IPFAMILY=ipv6
. See the documentation for more detailed steps. (gardener/gardener#7561, @breuerfelix)make gardener-debug
to start a skaffold-based debugging loop which allows remote debugging of Gardener Core pods using Delve. See the documentation for more details. (gardener/gardener#7755, @oliver-goetz)generate-controller-registration.sh
now supports extension charts with fully-qualified image
values instead of the usual image
stanza with values for repository
and tag
. With this, skaffold can be configured (using resourceSelector
) to inject a freshly-built image reference into the generated ControllerDeployment
. (gardener/gardener#7757, @timebertt)state-metrics-seed
status to show down falsely has been fixed. (gardener/gardener#7771, @acumino)kube-apiserver
job for kube-controller-manager
up status is now fixed. (gardener/gardener#7773, @shafeeqes)ShootState
s that could happen when a Shoot
cluster is deleted. This is achieved by no longer exiting early from the deletion flow if the shoot's seed Namespace
has been deleted. The same logic has been applied to the migration flow for consistency. (gardener/gardener#7789, @plkokanov)kube-controller-manager
to fail to clean up ShootState
resources is now fixed. (gardener/gardener#7793, @shafeeqes).spec.settings.ownerChecks
field of the Seed configuration is deprecated. The "bad-case" control plane migration is being removed in favor of the HA Shoot control planes (see https://github.com/gardener/gardener/issues/6302). The field will be locked to false
in a future version of Gardener. In this way gardenlet will clean up all owner DNSRecords. Finally, the field will be removed from the API. Set this field to false
to be prepared for the above-mentioned locking. (gardener/gardener#7748, @dimitar-kostadinov)SeedChange
and CopyEtcdBackupsDuringControlPlaneMigration
feature gates have been promoted to GA and are now locked to true
. (gardener/gardener#7763, @plkokanov)eu.gcr.io/gardener-project/gardener/autoscaler/cluster-autoscaler
: v1.21.4
-> v1.21.5
(for Kubernetes 1.21
)eu.gcr.io/gardener-project/gardener/autoscaler/cluster-autoscaler
: v1.22.4
-> v1.22.5
(for Kubernetes 1.22
)eu.gcr.io/gardener-project/gardener/autoscaler/cluster-autoscaler
: v1.23.2
-> v1.22.3
(for Kubernetes 1.23
)eu.gcr.io/gardener-project/gardener/autoscaler/cluster-autoscaler
: v1.24.1
-> v1.24.2
(for Kubernetes 1.24
)eu.gcr.io/gardener-project/gardener/autoscaler/cluster-autoscaler
: v1.25.1
-> v1.25.2
(for Kubernetes 1.25
)eu.gcr.io/gardener-project/gardener/autoscaler/cluster-autoscaler
: v1.26.1
(for Kubernetes 1.26
)loki
Service to logging
Service. (gardener/gardener#7778, @vlvasilev)cgroupDriver
of provider-local
to systemd
. (gardener/gardener#7797, @oliver-goetz)admission-controller: eu.gcr.io/gardener-project/gardener/admission-controller:v1.69.0
apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.69.0
controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.69.0
scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.69.0
operator: eu.gcr.io/gardener-project/gardener/operator:v1.69.0
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.69.0
resource-manager: eu.gcr.io/gardener-project/gardener/resource-manager:v1.69.0
Published by gardener-robot-ci-2 over 1 year ago
cgroupDriver
of provider-local
to systemd
. (gardener/gardener#7806, @gardener-ci-robot)admission-controller: eu.gcr.io/gardener-project/gardener/admission-controller:v1.66.3
apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.66.3
controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.66.3
resource-manager: eu.gcr.io/gardener-project/gardener/resource-manager:v1.66.3
scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.66.3
operator: eu.gcr.io/gardener-project/gardener/operator:v1.66.3
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.66.3
Published by gardener-robot-ci-1 over 1 year ago
global.apiserver.serviceEnabled
. global.apiserver.serviceEnabled
is replaced by global.apiserver.service.enabled
. Before you upgrade to this version, please make sure that you adapt the corresponding value to its new equivalent. (gardener/gardener#7729, @ialidzhikov)extensions/pkg/webhook/certificates.AddCertificateManagementToManager
function does now take a list of source webhook configs instead of a single webhook config only. (gardener/gardener#7693, @rfranzke)Garden
API was extended with the new .spec.virtualCluster.{dns,kubernetes,networking}
sections. For now, they only allow configuring the necessary information for the deployment of kube-apiserver
. Since the API server is not deployed yet, any configuration does not have any effect. Still, you must make sure to already specify at least .spec.virtualCluster.kubernetes.version
, .spec.virtualCluster.dns.domain
, and .spec.virtualCluster.networking.services
. In the upcoming releases, gardener-operator
will also take over the management of the kube-apiserver
deployment whilst taking the configuration into account. (gardener/gardener#7693, @rfranzke)Garden
resource now supports a setting for topology-aware routing. For more details, see the Topology-aware Traffic Routing documentation. (gardener/gardener#7729, @ialidzhikov)gardener-operator
is now managing the kube-apiserver
instance as part of the virtual garden cluster control plane. (gardener/gardener#7730, @rfranzke)kube-apiserver-etcd-encryption-key
or service-account-key
. (gardener/gardener#7710, @rfranzke)garden
resources where applied and the operator ran with multiple replicas. (gardener/gardener#7739, @timuthy)node-problem-detector
has been upgraded to v0.8.13
(gardener/gardener#7707, @acumino)fluent-bit
's output plugin targets the logging
service instead of the previously used loki
service. (gardener/gardener#7731, @nickytd)update-local-ca-certificates.sh
script from /etc/ssl
to /var/lib/ssl
on our worker nodes. (gardener/gardener#7740, @AleksandarSavchev)nginx-ingress-controller-seed
image is updated to v1.7.0
for 1.24.x+
seeds. (gardener/gardener#7741, @shafeeqes)kube-apiserver
deployment now contains the <service-name>.<namespace>.svc.cluster.local
SAN. (gardener/gardener#7735, @rfranzke)[email protected]
. (gardener/gardener#7737, @oliver-goetz)controllermanager
and gardenlet
controller reconciliations are now limited to a 1m
timeout. Additionally, there is a 1m limit on predicate functions that use contexts. (gardener/gardener#7147, @plkokanov)--restoration-temp-snapshots-dir
to configure directory used for temporarily persisting delta snapshots during restoration. (gardener/etcd-backup-restore#609, @shreyas-s-rao)--data-dir
for etcdbrctl compact
command to be consistent with the flag's usage in other etcdbrctl
commands. (gardener/etcd-backup-restore#609, @shreyas-s-rao)--max-parallel-copy-operations
). (gardener/etcd-backup-restore#591, @timebertt)safe_guard
file from 644 to 600. (gardener/etcd-backup-restore#607, @AleksandarSavchev)3.15.6
to 3.15.7
(gardener/etcd-custom-image#31, @aaronfern)ignore-operation-annotation
is now set to false
. This means druid will now respect the gardener.cloud/operation
annotation for reconciling the Etcd
resource by default. This change allows for developers to follow best practices during local development and testing. (gardener/etcd-druid#506, @shreyas-s-rao)make test-integration
. (gardener/etcd-druid#506, @shreyas-s-rao)ServiceAccount
helm charts and converted into Golang component with added unit tests. (gardener/etcd-druid#535, @seshachalam-yv)instance:<ETCD Name>
as selector field. (gardener/etcd-druid#521, @abdasgupta)0
has been fixed by eliminating the EtcdCopyBackupsTask
helm chart. (gardener/etcd-druid#553, @seshachalam-yv)v3.4.13-bootstrap-8
to v3.4.13-bootstrap-9
(gardener/etcd-druid#555, @aaronfern)etcdbrctl
dir path flags data-dir
and restoration-temp-snapshots-dir
based on etcd-backup-restore#609. (gardener/etcd-druid#570, @shreyas-s-rao)github.com/gardener/hvpa-controller/api:v0.5.0
. (gardener/etcd-druid#522, @Kostov6)admission-controller: eu.gcr.io/gardener-project/gardener/admission-controller:v1.68.0
apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.68.0
controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.68.0
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.68.0
resource-manager: eu.gcr.io/gardener-project/gardener/resource-manager:v1.68.0
scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.68.0
operator: eu.gcr.io/gardener-project/gardener/operator:v1.68.0
Published by gardener-robot-ci-3 over 1 year ago
admission-controller: eu.gcr.io/gardener-project/gardener/admission-controller:v1.67.2
apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.67.2
controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.67.2
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.67.2
resource-manager: eu.gcr.io/gardener-project/gardener/resource-manager:v1.67.2
scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.67.2
operator: eu.gcr.io/gardener-project/gardener/operator:v1.67.2
Published by gardener-robot-ci-2 over 1 year ago
kube-apiserver-etcd-encryption-key
or service-account-key
. (gardener/gardener#7716, @gardener-ci-robot)managedresources.NewRegistry
that was leading to excessive memory usage when this function is called multiple times has been fixed. (gardener/gardener#7700, @gardener-ci-robot)admission-controller: eu.gcr.io/gardener-project/gardener/admission-controller:v1.66.2
apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.66.2
controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.66.2
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.66.2
resource-manager: eu.gcr.io/gardener-project/gardener/resource-manager:v1.66.2
scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.66.2
operator: eu.gcr.io/gardener-project/gardener/operator:v1.66.2
Published by gardener-robot-ci-2 over 1 year ago
kube-apiserver-etcd-encryption-key
or service-account-key
. (gardener/gardener#7719, @gardener-ci-robot)managedresources.NewRegistry
that was leading to excessive memory usage when this function is called multiple times has been fixed. (gardener/gardener#7701, @gardener-ci-robot)admission-controller: eu.gcr.io/gardener-project/gardener/admission-controller:v1.65.4
apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.65.4
controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.65.4
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.65.4
resource-manager: eu.gcr.io/gardener-project/gardener/resource-manager:v1.65.4
scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.65.4
operator: eu.gcr.io/gardener-project/gardener/operator:v1.65.4
Published by gardener-robot-ci-2 over 1 year ago
kube-apiserver-etcd-encryption-key
or service-account-key
. (gardener/gardener#7717, @gardener-ci-robot)admission-controller: eu.gcr.io/gardener-project/gardener/admission-controller:v1.67.1
apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.67.1
controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.67.1
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.67.1
resource-manager: eu.gcr.io/gardener-project/gardener/resource-manager:v1.67.1
scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.67.1
operator: eu.gcr.io/gardener-project/gardener/operator:v1.67.1
Published by gardener-robot-ci-2 over 1 year ago
kube-apiserver-etcd-encryption-key
or service-account-key
. (gardener/gardener#7718, @gardener-ci-robot)managedresources.NewRegistry
that was leading to excessive memory usage when this function is called multiple times has been fixed. (gardener/gardener#7699, @gardener-ci-robot)admission-controller: eu.gcr.io/gardener-project/gardener/admission-controller:v1.64.4
apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.64.4
controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.64.4
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.64.4
resource-manager: eu.gcr.io/gardener-project/gardener/resource-manager:v1.64.4
scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.64.4
operator: eu.gcr.io/gardener-project/gardener/operator:v1.64.4
Published by gardener-robot-ci-3 over 1 year ago
seed.spec.dns.ingressDomain
, seed.spec.dns.provider.domains
, seed.spec.dns.provider.zones
has been removed from the Seed API. Please check your Seed
manifests and remove any usage before upgrading to this Gardener version. (gardener/gardener#7602, @shafeeqes){Deploy,Cleanup}MachineDependencies
methods have been dropped from the WorkerDelegate
interface. Similar, the deprecated WorkerCredentialsDelegate
interface has been dropped. (gardener/gardener#7600, @rfranzke)DeprecatedDetermineError
, DeprecatedDetermineErrorCodes
, and DeprecatedNewWrappedLastErrors
have been dropped . (gardener/gardener#7641, @acumino)spec.settings.dependencyWatchdog.endpoint
in the Seed API has been deprecated and will go out of support in future releases. Use spec.settings.dependencyWatchdog.weeder
instead.spec.settings.dependencyWatchdog.probe
in the Seed API has been deprecated and will go out of support in future releases. Use spec.settings.dependencyWatchdog.prober
instead.provider-local
can now have multiple worker nodes with calico as CNI. (gardener/gardener#7684, @ScheererJ)gardenlet
's cache support has been enhanced to virtually all object kinds it requires from the Gardener API server. Earlier, objects like ShootState
s, Project
s, SecretBinding
s, ControllerDeployment
s, etc. couldn't be cached for security reasons. Especially in large landscapes, this enhancement will lead to less load on the Gardener API server besides reducing the overall network traffic. (gardener/gardener#7632, @timuthy)csi-driver-node
pods that they manage with node.gardener.cloud/wait-for-csi-node-<suffix>=<driver-name>
to ensure user workload is only scheduled to nodes once the driver is properly registered. Please refer to the documentation for more details. (gardener/gardener#7621, @SimonKienzler)gardener.seed.name
. (gardener/gardener#7624, @MartinWeindel)make gardener-dev
to start a skaffold-based dev loop which can trigger new builds and deployments when changing source files. See the documentation for more details. (gardener/gardener#7659, @timebertt)PATCH
requests when updating the state in the Worker
or ShootState
resources. (gardener/gardener#7637, @rfranzke)managedresources.NewRegistry
that was leading to excessive memory usage when this function is called multiple times has been fixed. (gardener/gardener#7694, @vpnachev)tunef2s
now enables the large_dir
filesystem feature on Loki PV. (gardener/gardener#7650, @vlvasilev)1.22.20
. (gardener/gardener#7663, @DockToFuture)spec.kubernetes.enableStaticTokenKubeconfig
field to true. The field will be now defaulted by gardener-apiserver: for Shoots with K8s < 1.26, it is set to true; for Shoots with K8s >= 1.26, it is set to false. (gardener/gardener#7609, @ialidzhikov)k8s.io/*
: v0.26.1
-> v0.26.2
sigs.k8s.io/controller-runtime
: v0.14.4
-> v0.14.5
dependency-watchdog
has been changed to weeder
and probe
has been changed to prober
. Command line options have also changed. Please refer the docs for details.(github.com/gardener/dependency-watchdog#67,@unmarshall)client-go
is limited to:(github.com/gardener/dependency-watchdog#67,@unmarshall)
Deployment
resources. This version onwards any k8s resource that has a scale sub-resource is supported.(github.com/gardener/dependency-watchdog#67,@unmarshall)prow
.(github.com/gardener/dependency-watchdog#67,@unmarshall)format
, check-vulnerabilites
etc (gardener/dependency-watchdog#65, @himanshu-kun)admission-controller: eu.gcr.io/gardener-project/gardener/admission-controller:v1.67.0
apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.67.0
controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.67.0
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.67.0
resource-manager: eu.gcr.io/gardener-project/gardener/resource-manager:v1.67.0
scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.67.0
operator: eu.gcr.io/gardener-project/gardener/operator:v1.67.0
Published by gardener-robot-ci-1 over 1 year ago
admission-controller: eu.gcr.io/gardener-project/gardener/admission-controller:v1.66.1
apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.66.1
controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.66.1
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.66.1
resource-manager: eu.gcr.io/gardener-project/gardener/resource-manager:v1.66.1
scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.66.1
operator: eu.gcr.io/gardener-project/gardener/operator:v1.66.1
Published by gardener-robot-ci-3 over 1 year ago
admission-controller: eu.gcr.io/gardener-project/gardener/admission-controller:v1.64.3
apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.64.3
controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.64.3
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.64.3
resource-manager: eu.gcr.io/gardener-project/gardener/resource-manager:v1.64.3
scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.64.3
operator: eu.gcr.io/gardener-project/gardener/operator:v1.64.3
Published by gardener-robot-ci-3 over 1 year ago
admission-controller: eu.gcr.io/gardener-project/gardener/admission-controller:v1.65.3
apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.65.3
controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.65.3
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.65.3
resource-manager: eu.gcr.io/gardener-project/gardener/resource-manager:v1.65.3
scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.65.3
operator: eu.gcr.io/gardener-project/gardener/operator:v1.65.3
Published by gardener-robot-ci-3 over 1 year ago
spec.dns.ingressDomain
in the Seed has been removed. Subsequently, .spec.dns.ingressDomain
will be dropped from the Seed API in a later release of Gardener. Before upgrading to this Gardener version, make sure to switch all seeds to .spec.ingress
and .spec.dns.provider
. Please find more details here, https://github.com/gardener/gardener/blob/master/docs/deployment/deploy_gardenlet_manually.md#kubernetes-cluster-that-should-be-registered-as-a-seed-cluster (gardener/gardener#7529, @shafeeqes).spec.dns.provider.domains
and .spec.dns.provider.zones
in the Seed are deprecated, and all the functionality related to the deprecated fields has been removed. Subsequently these fields will be dropped from the Seed API in a later release of Gardener. Before upgrading to this Gardener version, make sure to switch all seeds not to use these fields. (gardener/gardener#7529, @shafeeqes)ForceRestore
feature gate has been removed. (gardener/gardener#7543, @plkokanov)secretRef
when the Shoot static token kubeconfig is disabled. (ManagedSeed
admission plugin)secretRef
is set. (ShootManagedSeed
admission plugin)TopologyAwareHints
. For more details, see the Topology-aware Traffic Routing documentation. (gardener/gardener#7191, @ialidzhikov)FullNetworkPoliciesInRuntimeCluster
was introduced. If enabled, it adds NetworkPolicy
s to namespaces running extensions. Only enable this when all extensions registered in your system support it. (gardener/gardener#7589, @rfranzke)AuditPolicy
referenced by Shoot
s are now also validated against the Kubernetes versions of those shoot clusters. This fixes an issue where it was possible to specify an unsupported audit.k8s.io
version when updating the ConfigMap
which contains the AuditPolicy
. (gardener/gardener#7563, @plkokanov)blackbox-exporter
to scrape the kube-apiserver
s of shoot clusters via the istio-ingressgateway
. As a result, its "external probe" was always failing. (gardener/gardener#7603, @rfranzke).spec.kubernetes.kubeAPIServer.enableBasicAuthentication
field is now no-op - the gardener-apiserver
no longer defaults this field and no longer validates it. The field will be set always to nil
on CREATE/UPDATE request. (gardener/gardener#7534, @ialidzhikov)
minAllowed.cpu
from all VPA objects (gardener/gardener#7572, @voelzmo)vpn-seed-server
service so that NetworkPolicy
controller can create required network policies for allowing ingress traffice to vpn-seed-server
pods. (gardener/gardener#7587, @acumino)BackupEntry
and Shoot
"Migration" reconcilers were removed, as part of the removal of the control plane migration "bad case" scenario. (gardener/gardener#7543, @plkokanov)Istio-System
and Istio-Ingress
have been adapted and now make use of GRM's NetworkPolicy Controller. (gardener/gardener#7570, @timuthy)1.20.2
. (gardener/gardener#7616, @oliver-goetz)admission-controller: eu.gcr.io/gardener-project/gardener/admission-controller:v1.66.0
apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.66.0
controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.66.0
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.66.0
resource-manager: eu.gcr.io/gardener-project/gardener/resource-manager:v1.66.0
scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.66.0
operator: eu.gcr.io/gardener-project/gardener/operator:v1.66.0
Published by gardener-robot-ci-3 over 1 year ago
blackbox-exporter
to scrape the kube-apiserver
s of shoot clusters via the istio-ingressgateway
. As a result, its "external probe" was always failing. (gardener/gardener#7604, @rfranzke)admission-controller: eu.gcr.io/gardener-project/gardener/admission-controller:v1.65.2
apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.65.2
controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.65.2
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.65.2
resource-manager: eu.gcr.io/gardener-project/gardener/resource-manager:v1.65.2
scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.65.2
operator: eu.gcr.io/gardener-project/gardener/operator:v1.65.2
Published by gardener-robot-ci-3 over 1 year ago
vpn-seed-server
service so that NetworkPolicy
controller can create required network policies for allowing ingress traffice to vpn-seed-server
pods. (gardener/gardener#7588, @gardener-ci-robot)admission-controller: eu.gcr.io/gardener-project/gardener/admission-controller:v1.65.1
apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.65.1
controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.65.1
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.65.1
resource-manager: eu.gcr.io/gardener-project/gardener/resource-manager:v1.65.1
scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.65.1
operator: eu.gcr.io/gardener-project/gardener/operator:v1.65.1
Published by gardener-robot-ci-3 over 1 year ago
admission-controller: eu.gcr.io/gardener-project/gardener/admission-controller:v1.64.2
apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.64.2
controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.64.2
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.64.2
resource-manager: eu.gcr.io/gardener-project/gardener/resource-manager:v1.64.2
scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.64.2
operator: eu.gcr.io/gardener-project/gardener/operator:v1.64.2