Releases: gardener/gardener-extension-provider-azure
Releases · gardener/gardener-extension-provider-azure
v1.26.3
[gardener-extension-provider-azure]
🐛 Bug Fixes
- [OPERATOR] An issue causing csi-driver-controller-disk/azure-csi-driver to fail with forbidden error while trying to list PersistentVolumes is now fixed. (gardener/gardener-extension-provider-azure#478, @ialidzhikov)
v1.26.2
[gardener-extension-provider-azure]
🐛 Bug Fixes
- [USER] An issue preventing load balancers from being functional for K8s 1.23 clusters has been fixed. (gardener/gardener-extension-provider-azure#463, @ialidzhikov)
v1.26.1
[machine-controller-manager]
🐛 Bug Fixes
- [USER] typo stopping scaleDown disabling during cluster rollout is fixed (gardener/machine-controller-manager#687, @himanshu-kun)
v1.26.0
[gardener-extension-provider-azure]
✨ New Features
- [USER] The Azure extension does now support shoot clusters with Kubernetes version 1.23. You should consider the Kubernetes release notes before upgrading to 1.23. (gardener/gardener-extension-provider-azure#431, @rfranzke)
- [USER] In case
gardener/gardener'sWorkerPoolKubernetesVersionfeature gate is enabled, it's possible having worker pools with overridden Kubernetes versions forShoots whose.spec.kubernetes.versionis greater or equal than the CSI migration version (1.21). (gardener/gardener-extension-provider-azure#429, @rfranzke) - [OPERATOR]
gardener-extension-admission-azurenow supports configuration for enabling service account token volume projection. It is exposed through the.Values.global.serviceAccountTokenVolumeProjectionsection in the respective chart's values. (gardener/gardener-extension-provider-azure#434, @dimityrmirchev) - [OPERATOR] It is now possible to configure a
userinstead of aserviceaccountsubject in theclusterrolebindingfor thegardener-extension-admission-azurewhen using virtual garden setup by setting.Values.global.virtualGarden.user.name. (gardener/gardener-extension-provider-azure#434, @dimityrmirchev) - [OPERATOR] This extension does now support
gardener/gardener'sWorkerPoolKubernetesVersionfeature gate, i.e., having worker pools with overridden Kubernetes versions. (gardener/gardener-extension-provider-azure#429, @rfranzke) - [OPERATOR] Handle extensionsv1alpha1.Bastion resources for SSH access to worker instances (gardener/gardener-extension-provider-azure#397, @tedteng)
🐛 Bug Fixes
- [OPERATOR] Fixes a bug in the terraform manifest generation when more than one public IP Addresses were provided for the NAT Gateway (gardener/gardener-extension-provider-azure#447, @kon-angelo)
🏃 Others
- [OPERATOR] The
terraformerpod deployed as part of shoot control planes is now using auto-rotatedServiceAccounttokens when communicating with the seed cluster. (gardener/gardener-extension-provider-azure#452, @rfranzke) - [OPERATOR] An integration test for user provided ip addresses for the NatGateway has been added. (gardener/gardener-extension-provider-azure#450, @dkistner)
- [OPERATOR] The CPU limit of
csi-driver-node/csi-driveris increased from 50m to 100m to allow bigger bursts. (gardener/gardener-extension-provider-azure#444, @vpnachev)
📰 Noteworthy
- [OPERATOR] The extension controller uses a projected
ServiceAccounttoken in case it runs on a seed with a gardenlet of at leastv1.37or higher. Similarly, the components deployed into shoot namespaces will no longer use a client certificate but an auto-rotatedServiceAccounttoken which is only valid for12h. (gardener/gardener-extension-provider-azure#421, @rfranzke)
[cloud-provider-azure]
✨ New Features
- [DEPENDENCY]
k8s.io/legacy-cloud-providersis now updated tov0.22.6. (gardener/cloud-provider-azure@805c4a0edd65) - [DEPENDENCY]
k8s.io/legacy-cloud-providersis now updated tov0.21.9. (gardener/cloud-provider-azure@753148b7a462) - [DEPENDENCY]
k8s.io/legacy-cloud-providersis now updated tov0.20.15. (gardener/cloud-provider-azure@7e0c69a4fa11)
[terraformer]
🏃 Others
- [OPERATOR] The following terraform provider plugins are updated: (gardener/terraformer#108, @ialidzhikov)
- hashicorp/terraform-provider-aws: 3.63.0 -> 3.66.0
- [OPERATOR] terraform has been upgraded to 0.14.11 (gardener/terraformer#106, @stoyanr)
📰 Noteworthy
- [OPERATOR] The following terraform provider plugin is updated: (gardener/terraformer#116, @molecule-z)
aliyun/terraform-provider-alicloud:1.124.2->1.149.0
v1.25.1
[gardener-extension-provider-azure]
🐛 Bug Fixes
- [OPERATOR] Fixes a bug in the terraform manifest generation when more than one public IP Addresses were provided for the NAT Gateway (gardener/gardener-extension-provider-azure#449, @dkistner)
v1.25.0
[gardener-extension-provider-azure]
🏃 Others
- [OPERATOR] machineDeployment will have the label
topology.disk.csi.azure.com/zonewhen created if the shoot has csi enabled (gardener/gardener-extension-provider-azure#430, @himanshu-kun) - [OPERATOR] Azure provider now supports a new network setup that allows for zone redundant NAT Gateways. (gardener/gardener-extension-provider-azure#331, @kon-angelo)
[machine-controller-manager]
⚠️ Breaking Changes
- [OPERATOR] Components that deploy the
machine-controller-managerwill now have to adapt the RBAC rules to allowmachine-controller-managerto maintain its leader election resource lock inleasesas well. (gardener/machine-controller-manager#662, @acumino)
✨ New Features
- [OPERATOR] orphan collection is also triggered if machine obj is updated with having multiple backing VMs (gardener/machine-controller-manager#667, @himanshu-kun)
🏃 Others
- [USER] Updated golang version to v1.17 (gardener/machine-controller-manager#664, @AxiomSamarth)
- [OPERATOR] The default leader election resource lock of
machine-controller-managerhas been changed fromendpointstoendpointsleases. (gardener/machine-controller-manager#662, @acumino)
v1.24.1
[gardener-extension-provider-azure]
🐛 Bug Fixes
- [USER] topology label
topology.disk.csi.azure.com/zoneis added to machinedeployment to assist in scale-from-zero (gardener/gardener-extension-provider-azure#436, @himanshu-kun)
v1.24.0
[gardener-extension-provider-azure]
🐛 Bug Fixes
- [USER] A bug has been fixed that could lead to no egress connectivity for a vmss flex (vmo) based Shoot clusters. This could happen if a cluster is using the
reverse-vpnfeature and has no nat-gateway configured. (gardener/gardener-extension-provider-azure#423, @dkistner)
📰 Noteworthy
- [USER] Since go1.17 both
net.ParseIPandnet.ParseCIDRreject leading zeros in the dot-decimal notation of IPv4 addresses. With the update to go1.17, admission-azure now rejects Shoot objects with CIDR ranges that have such leading zeros in the dot-decimal notation. Before updating to this version of admission-azure, make sure that there are no Shoot objects with leading zeros in the dot-decimal notation of an IPv4 address. For reference: https://nvd.nist.gov/vuln/detail/CVE-2021-29923 (gardener/gardener-extension-provider-azure#418, @rfranzke) - [DEVELOPER] The Golang version has been updated to
1.17.5. (gardener/gardener-extension-provider-azure#418, @rfranzke)
v1.23.1
[gardener-extension-provider-azure]
🐛 Bug Fixes
- [OPERATOR] Finalizers are now properly added to the
Workerresource at the start of arestoreoperation. (gardener/gardener-extension-provider-azure#422, @ialidzhikov)
Docker Images
gardener-extension-provider-azure: eu.gcr.io/gardener-project/gardener/extensions/provider-azure:v1.23.1
gardener-extension-admission-azure: eu.gcr.io/gardener-project/gardener/extensions/admission-azure:v1.23.1
v1.23.0
[gardener-extension-provider-azure]
⚠️ Breaking Changes
- [OPERATOR] Removed azuremachineclass cleanup logic. (gardener/gardener-extension-provider-azure#407, @kon-angelo)
- [OPERATOR] The logic to migrate the Terraform natgateway state will be removed. In case there are
Infrastructureresources that are created with <v1.15and not reconciled with >=v1.15they need to be reconciled before a release with this change is applied. (gardener/gardener-extension-provider-azure#406, @dkistner)
✨ New Features
- [OPERATOR] The node and service controllers now have a configurable sync period (defaults to 4h), so that if an event is missed, the next reconcile will happen at most after this period. (gardener/gardener-extension-provider-azure#405, @stoyanr)
- The node and service predicates now use an expiring cache of nodes / services, so that if an event is missed, the next event is likely to cause a reconcile after comparing with the cache.
- The node and service controllers now also watch "owned"
VirtualMachineandPublicIPAddressresources and would trigger a reconcile if a an unexpected situation is detected, such as creating or updating an object without an owner, deleting an object with an owner that is not being deleted, etc. - The node and service controllers have been enhanced to ensure that any owned objects are deleted if the node or service is not found.
- The service controller has been enhanced to also delete any still existing "owned"
PublicIPAddressresources that are not found in the serviceLoadBalancerIPs when deleting a service or ensuring that it's deleted.
- [OPERATOR] Operators can now provide a list of service principals that can be used in case the user does not provide service principal information in the secret for her/his Shoot. (gardener/gardener-extension-provider-azure#401, @dkistner)
🏃 Others
- [OPERATOR] Azure provider extension now uses non-strict decoder for InfrastructrureStatus resources. (gardener/gardener-extension-provider-azure#414, @kon-angelo)
- [DEVELOPER] The
rewrite_tagfilter in the logging configuration is replaced bymodifyone (gardener/gardener-extension-provider-azure#386, @vlvasilev)
[cloud-provider-azure]
🏃 Others
- [OPERATOR]
k8s.io/legacy-cloud-providersis now updated tov0.20.12. (gardener/cloud-provider-azure@c36b6edcc10f) - [OPERATOR]
k8s.io/legacy-cloud-providersis now updated tov0.21.6. (gardener/cloud-provider-azure@03ebe6747186) - [OPERATOR]
k8s.io/legacy-cloud-providersis now updated tov0.22.3. (gardener/cloud-provider-azure@e083e3b71091)
[machine-controller-manager]
✨ New Features
- [USER] End User can now delete the backing machine object of the node instantly by annotating the desired node with 'node.machine.sapcloud.io/trigger-deletion-by-mcm="true"` (gardener/machine-controller-manager#648, @AxiomSamarth)
- [USER] Added *expectedNodeDetails field to the MachineClass API (gardener/machine-controller-manager#644, @AxiomSamarth)
🐛 Bug Fixes
- [OPERATOR] A bug has been fixed in the pre-delivered CRD manifests for MCM (
/kubernetes/crds). It caused data to be pruned from MCM related resources and led to reconciliation issues. (gardener/machine-controller-manager#641, @timuthy)
📖 Documentation
- [DEVELOPER]
make generatenow generates v1 version of CRDs by default instead of v1beta1. (gardener/machine-controller-manager#640, @himanshu-kun)
🏃 Others
- [USER] Update Kubernetes dependency versions to v1.20.6 (gardener/machine-controller-manager#601, @AxiomSamarth)
[terraformer]
🐛 Bug Fixes
- [DEVELOPER] A bug has been fixed preventing to use Terraformer with a Terraform version >= 0.13. (gardener/terraformer#102, @rfranzke)
🏃 Others
- [OPERATOR] terraform has been upgraded to 0.13.7 (gardener/terraformer#105, @stoyanr)
- [OPERATOR] The following terraform provider plugins are updated: (gardener/terraformer#104, @ialidzhikov)
- hashicorp/terraform-provider-aws: 3.54.0 -> 3.63.0
- [OPERATOR] The following terraform provider plugins are updated: (gardener/terraformer#101, @ialidzhikov)
- hashicorp/terraform-provider-aws: 3.32.0 -> 3.54.0
📰 Noteworthy
- [DEVELOPER] The version for the
equinixmetalTerraform provider plugin has been updated to3.1.0. (gardener/terraformer#103, @rfranzke)