v1.14.0
gardener-robot-ci-2
released this
11 Dec 08:35
·
525 commits
to master
since this release
[autoscaler]
π Others
- [USER] Support scale to/from zero for MCM OOT providers - AWS, Azure. (gardener/autoscaler#65, @prashanth26)
- [OPERATOR] Ignore gardener-specific and csi-specific labels while comparing nodegroups (gardener/autoscaler#62, @hardikdr)
[etcd-backup-restore]
π Others
- [OPERATOR] Validator now double checks latest revision by starting an embedded etcd if DB-based revision check fails. This can potentially avoid unnecessary data restoration when etcd terminates abnormally. (gardener/etcd-backup-restore#275, @ishan16696)
- [OPERATOR] Fix missing alternate full snapshots for some unhibernating shoots. (gardener/etcd-backup-restore#272, @shreyas-s-rao)
- [OPERATOR] Added support for OpenShift Container Storage (OCS) S3 storage type. (gardener/etcd-backup-restore#261, @stoyanr)
- [OPERATOR] Fixed the issue with consecutive restoration if backup-restore sidecar doesn't restart in between. (gardener/etcd-backup-restore#259, @amshuman-kr)
- [OPERATOR] Clarify manual backup restore process (gardener/etcd-backup-restore#224, @jfortin-sap)
- [OPERATOR] Fix snapshot metric initialization. (gardener/etcd-backup-restore#223, @shreyas-s-rao)
- [DEVELOPER] Add TestMachinery integration. (gardener/etcd-backup-restore#249, @shreyas-s-rao)
π° Noteworthy
- [USER] Add support for Dell EMC ECS object store with
S3
protocol (gardener/etcd-backup-restore#254, @lcavajani) - [OPERATOR] Added CLI-flags (
max-call-send-message-size
,max-request-bytes
andmax-txn-ops
) to enable restoration for delta snapshots with large amount of data (large number of events or events with large data). (gardener/etcd-backup-restore#282, @abdasgupta) - [DEVELOPER] Revendor etcd library to v3.4.13 and change import paths to
go.etcd.io/etcd
for etcd andgo.etcd.io/bbolt
for bbolt. (gardener/etcd-backup-restore#269, @shreyas-s-rao) - [DEVELOPER] Integration tests can be executed on any given Kubernetes cluster using the
make integration-test-cluster
target against the cluster pointed to by the environment variableINTEGRATION_TEST_KUBECONFIG
. (gardener/etcd-backup-restore#225, @shreyas-s-rao)
[etcd-druid]
π Others
- [OPERATOR] Added support for OpenShift Container Storage (OCS) S3 storage type. (gardener/etcd-druid#98, @stoyanr)
[gardener]
β οΈ Breaking Changes
- [DEPENDENCY] The
WorkerDelegate
must implement methodGetMachineControllerManagerCloudCredentials
returning map with cloud credential keys and values just like they are used by the machine-controller-manager. (gardener/gardener#3224, @vpnachev) - [DEPENDENCY] The deprecated functions in the terraformer library (
SetVariablesEnvironment
andGenerateVariablesEnvironment
) have been removed. (gardener/gardener#3223, @timebertt) - [DEPENDENCY] The
Terraformer
functions have been changed to allow passing proper contexts. Please adapt your usage accordingly. (gardener/gardener#3223, @timebertt) - [DEPENDENCY] The terraformer library was switched to
logr
instead oflogrus
in order to have more consistent and readable logging in the infrastructure controllers of provider extensions. Please adapt your usage accordingly. (gardener/gardener#3223, @timebertt)
β¨ New Features
- [USER] Support scale to/from zero for MCM OOT providers - AWS, Azure. (gardener/gardener#3276, @prashanth26)
- [USER] The shoot reconciler sets the conditions to
Progressing
after it finished a successful reconciliation, and the care controller starts to re-evaluate the health status after this happened. This helps end-users to better understand whether their cluster is indeed healthy after a reconciliation. Earlier, it could take up to30s
/1m
(based on the configured care controller sync period) until the actual status is reflected. (gardener/gardener#3251, @rfranzke) - [OPERATOR] The shoot controller inside the gardenlet has been adapted to cater with large Gardener landscapes: (gardener/gardener#3242, @rfranzke)
-
- When the gardenlet has already reconciled a shoot cluster during its maintenance time window then it doesn't reconcile it again. Instead, it computes a random duration for the next time window and requeues the shoot. Already reconciled shoots are those whose last reconciliation was less then
24h
ago.
- When the gardenlet has already reconciled a shoot cluster during its maintenance time window then it doesn't reconcile it again. Instead, it computes a random duration for the next time window and requeues the shoot. Already reconciled shoots are those whose last reconciliation was less then
-
- When the gardenlet is (re)started then it does no longer reconcile all shoots immediately whose maintenance time windows are met. Instead, it computes a random time for the current time window and requeues the shoot ("jittering", i.e., spreading the load). This will have the effect that not all shoots are getting reconciled at the same time right after startup.
-
π Bug Fixes
- [USER]
apiserver-proxy
now usessystem-node-critical
priority class. Memory limit is also increased to avoid OOM killer. (gardener/gardener#3282, @mvladev) - [USER] The
KUBERNETES_SERVICE_HOST
environment variable injected whenAPIServerSNI
is enabled no longer includes a trailing dot (being a Fully Qualified Domain Name) due to several homebrew kubernetes clients not properly handling it and sending wrong server name when initiating a TLS conneciton. (gardener/gardener#3235, @mvladev) - [OPERATOR] A bug has been fixed that caused the
vpa-admission-controller
to not being able to update its status (insideLease
object) when its enabled for shoot clusters. (gardener/gardener#3265, @rfranzke) - [OPERATOR] Fix an error during bootstrapping of fresh Seeds (gardener/gardener#3262, @BeckerMax)
- [OPERATOR] A bug has been fixed which can lead to
Seed
s not getting ready when an image vector overwrite for the etcd-druid is configured. (gardener/gardener#3212, @rfranzke) - [DEPENDENCY] The generic worker actuator is now ensuring that all machine class secrets have up-to-date cloud credentials. (gardener/gardener#3224, @vpnachev)
π Others
- [USER] The severity of the user exposed logs is unified and recognizable by the Grafana. (gardener/gardener#3270, @vlvasilev)
- [OPERATOR] The target cache of
gardener-resource-manager
instances running in the Shoot control plane is disabled now. (gardener/gardener#3268, @timebertt) - [OPERATOR] Gardener has improved infrastructure processing procedures in oder to avoid unnecessary reconciliation cycles. (gardener/gardener#3255, @timuthy)
- [OPERATOR] Add Loki multitenancy integration test. (gardener/gardener#3253, @vlvasilev)
- [OPERATOR] Istio is updated to
1.18.0
. (gardener/gardener#3250, @mvladev) - [OPERATOR] Parse the time zone of a log when reading it from the node /var/log/containers directory. (gardener/gardener#3219, @vlvasilev)
- [OPERATOR] When fluent-bit containers runs the tail plugin starts to read a file from the head(like it was prior fluent-bit 1.6). (gardener/gardener#3219, @vlvasilev)
- [OPERATOR] Make the readiness and liveness probe fail after 30 seconds and the liveness probes starts after 90 seconds. (gardener/gardener#3219, @vlvasilev)
- [OPERATOR]
get
,list
andwatch
for Pods are removed from the fluent-bit RBAC as no longer needed. (gardener/gardener#3219, @vlvasilev) - [OPERATOR] Upgrade Prometheus to v2.22.2. Sometimes Prometheus would have the error
mmap: invalid argument
. Prometheus v2.22.1+ provides a fix for this issue. (gardener/gardener#3213, @wyb1) - [OPERATOR]
metrics-server
,node-problem-detector
andvpn-shoot
now havednsPolicy: Default
set to them to remove dependency tocoredns
. (gardener/gardener#3211, @mvladev) - [OPERATOR] Sort logs to fix out of order issue (gardener/gardener#3188, @Kristian-ZH)
- [OPERATOR] The output plugin exposes custom metrics (gardener/gardener#3188, @Kristian-ZH)
- [OPERATOR] Modified fluent-bit dashboard to include the new metrics (gardener/gardener#3188, @Kristian-ZH)
- [OPERATOR] Fluent-bit tail plugin DB synchronization is set to FULL to avoid log duplication when fluent-bit pod is restarted. (gardener/gardener#3091, @vlvasilev)
- [OPERATOR] Loki chunk_target_size option is set to 1536000 bytes as recommended by Grafana (gardener/gardener#3091, @vlvasilev)
- [DEVELOPER] Integration test for the logging is added simulating seed with 100 shoots (gardener/gardener#2996, @vlvasilev)
π° Noteworthy
- [USER] The Shoot garbage collector now also deletes failed Pods with the reason
OutOf*
in the Seed namespace and thekube-system
namespace of the Shoot. (gardener/gardener#3248, @timebertt) - [USER] The system components that were previous specifying label
garden.sapcloud.io/role: (optional-addon|monitoring|system-component)
are now adapted to specifygardener.cloud/role: (optional-addon|monitoring|system-component)
. (gardener/gardener#3220, @ialidzhikov) - [OPERATOR] Forbid control plane migration between
Seeds
with different cloud providers. (gardener/gardener#3254, @plkokanov) - [OPERATOR] The gardenlet enqueues shooted seeds immediately (without configured jitter) when the shooted seed's spec was changed or when the config in the use-as-seed annotation was changed. This enabled a faster rollout of the gardenlet. (gardener/gardener#3249, @rfranzke)
- [OPERATOR]
gardenlet
is now restarted ifAPIServerSNI
is enabled on the Seed cluster. (gardener/gardener#3226, @mvladev) - [OPERATOR] The Shoot namespace in the Seed no longer specifies label
garden.sapcloud.io/role: shoot
. (gardener/gardener#3220, @ialidzhikov) - [OPERATOR] Upgraded etcd version from
v3.3.17
tov3.4.13
and moved fromquay.io/coreos/etcd
to Gardener-specific custom etcd imageeu.gcr.io/gardener-project/gardener/etcd
.β οΈ This will cause an etcd restart. (gardener/gardener#3205, @gardener-robot-ci-2)
[gardener-resource-manager]
β¨ New Features
- [OPERATOR] gardener-resource-manager now logs its own version on startup or when executed with
--version
. (gardener-attic/gardener-resource-manager#96, @timebertt) - [DEVELOPER] Docker images built by
make docker-images
are now tagged and build with the commit hash appended to the version. (gardener-attic/gardener-resource-manager#96, @timebertt) - [DEVELOPER] The cache of the kubernetes client for the target cluster can now be disabled via the
--target-disable-cache
flag. (gardener-attic/gardener-resource-manager#95, @timebertt)
π Others
- [OPERATOR] gardener-resource-manager now uses a
DynamicRESTMapper
, which will reduce the amount of explicit discovery calls and faster reconciliation loops and some cases. (gardener-attic/gardener-resource-manager#95, @timebertt)