Releases: gardener/gardener-extension-provider-gcp
Releases · gardener/gardener-extension-provider-gcp
v1.22.1
[gardener-extension-provider-gcp]
🐛 Bug Fixes
- [USER] provider-gcp will now use
external-provisioner@v2.1.0for K8s< 1.22clusters. This is to ensure that no new PVs affected by https://issues.k8s.io/109354 will be created (incl. during the upgrade from 1.20 to 1.21). For more details see https://issues.k8s.io/109354 and this document. For K8s>= 1.22clusters provider-gcp will continue to useexternal-provisioner@v2.1.2as before. (gardener/gardener-extension-provider-gcp#440, @ialidzhikov)
v1.22.0
[gardener-extension-provider-gcp]
⚠️ Breaking Changes
- [OPERATOR] This version of admission-gcp requires the SecretBinding provider controller to be enabled - enabled by default for gardener-controller-manager >= 1.42 or can be enabled via the gardener-controller-manager component config. (gardener/gardener-extension-provider-gcp#396, @ialidzhikov)
✨ New Features
- [USER] The provider-gcp extension now installs the external-snapshotter's validating webhook server for VolumeSnapshot and VolumeSnapshotContent objects. For more details check the corresponding KEP. (gardener/gardener-extension-provider-gcp#398, @acumino)
- [USER] extension gcp now can read nodeTemplate from worker resource and fill it in machineClass. It prioritizes nodeTemplate provided by user in
providerConfig(underworkersection in shoot yaml) over worker resource's nodeTemplate, if user provides it. (gardener/gardener-extension-provider-gcp#355, @himanshu-kun) - [DEVELOPER] provider-gcp and admission-gcp components now support
--versionflag that prints the component version information and useful metadata. (gardener/gardener-extension-provider-gcp#414, @ialidzhikov)
🐛 Bug Fixes
- [USER] An issue preventing load balancers from being functional for K8s 1.23 clusters has been fixed. (gardener/gardener-extension-provider-gcp#408, @rfranzke)
- [OPERATOR] An issue has been fixed with the
csi-driver-nodePodSecurityPolicy which blocked the creation of new CSI-Driver pods becauseprojectedvolumes are not permitted. (gardener/gardener-extension-provider-gcp#403, @timuthy)
🏃 Others
- [OPERATOR] The following dependency is updated: (gardener/gardener-extension-provider-gcp#411, @kon-angelo)
- github.com/gardener/gardener: v1.40.2 -> v1.42.3
- [OPERATOR] The monitoring dashboards provided by this extension: (gardener/gardener-extension-provider-gcp#400, @ialidzhikov)
- are now using UTC by default (instead of the browser time)
- do no longer auto refresh by default
- [OPERATOR] The
terraformerpod deployed as part of shoot control planes is now using auto-rotatedServiceAccounttokens when communicating with the seed cluster. (gardener/gardener-extension-provider-gcp#399, @rfranzke) - [OPERATOR] The
gardener-extension-admission-gcpwebhook now contains an object selector for provider type label. Please make sure you are runninggardener@v1.42or later before enabling the same. (gardener/gardener-extension-provider-gcp#397, @shafeeqes) - [OPERATOR] The Secrets webhook of admission-gcp: (gardener/gardener-extension-provider-gcp#396, @ialidzhikov)
- no longer intercepts every Secret UPDATE request but only requests for Secrets that are associated with a SecretBinding with
provider.type=gcp. - no longer needs to list Shoots (hence, no cache for Shoots)
- no longer intercepts every Secret UPDATE request but only requests for Secrets that are associated with a SecretBinding with
[machine-controller-manager]
🐛 Bug Fixes
- [USER] The value for key
cluster-autoscaler.kubernetes.io/scale-down-disabledplaced by MCM is nowtrueand notTrue. This typo stopped MCM from disabling CA from scaling down during rolling update. (gardener/machine-controller-manager#685, @himanshu-kun) - [USER] MCM now marks 1 machine per machineDeployment as Failed at a time in case of healthTimeout. This is introduced to deal with meltdown scenario (gardener/machine-controller-manager#683, @himanshu-kun)
- [USER] typo stopping scaleDown disabling during cluster rollout is fixed (gardener/machine-controller-manager#687, @himanshu-kun)
🏃 Others
- [OPERATOR] machine-controller-manager does now log the Node conditions when it considers Machine as unhealthy (and changes its state to
Unknown). (gardener/machine-controller-manager#676, @ialidzhikov)
[machine-controller-manager-provider-gcp]
🏃 Others
- [USER] Vendor
machine-controller-managerv0.44.0 with meltdown fix added. Now only one machine per machineDeployment could get healthTimeout collected at a time. (gardener/machine-controller-manager-provider-gcp#35, @kon-angelo)
📰 Noteworthy
- [DEVELOPER] Updated golang to version
1.17.5(gardener/machine-controller-manager-provider-gcp#30, @himanshu-kun)
[terraformer]
🏃 Others
- [OPERATOR] terraform has been upgraded to 0.15.5 (gardener/terraformer#107, @stoyanr)
v1.21.3
[gardener-extension-provider-gcp]
🐛 Bug Fixes
- [USER] An issue preventing load balancers from being functional for K8s 1.23 clusters has been fixed. (gardener/gardener-extension-provider-gcp#409, @ialidzhikov)
Docker Images
gardener-extension-provider-gcp: eu.gcr.io/gardener-project/gardener/extensions/provider-gcp:v1.21.3
gardener-extension-admission-gcp: eu.gcr.io/gardener-project/gardener/extensions/admission-gcp:v1.21.3
v1.21.2
[machine-controller-manager]
🐛 Bug Fixes
- [USER] typo stopping scaleDown disabling during cluster rollout is fixed (gardener/machine-controller-manager#687, @himanshu-kun)
Docker Images
gardener-extension-provider-gcp: eu.gcr.io/gardener-project/gardener/extensions/provider-gcp:v1.21.2
gardener-extension-admission-gcp: eu.gcr.io/gardener-project/gardener/extensions/admission-gcp:v1.21.2
v1.21.1
[gardener-extension-provider-gcp]
🐛 Bug Fixes
- [OPERATOR] An issue has been fixed with the
csi-driver-nodePodSecurityPolicy which blocked the creation of new CSI-Driver pods becauseprojectedvolumes are not permitted. (gardener/gardener-extension-provider-gcp#404, @ialidzhikov)
v1.21.0
[gardener-extension-provider-gcp]
✨ New Features
- [USER] The GCP extension does now support shoot clusters with Kubernetes version 1.23. You should consider the Kubernetes release notes before upgrading to 1.23. (gardener/gardener-extension-provider-gcp#383, @rfranzke)
- [USER] In case
gardener/gardener'sWorkerPoolKubernetesVersionfeature gate is enabled, it's possible having worker pools with overridden Kubernetes versions forShoots whose.spec.kubernetes.versionis greater or equal than the CSI migration version (1.18). (gardener/gardener-extension-provider-gcp#382, @rfranzke) - [OPERATOR] This extension does now support
gardener/gardener'sWorkerPoolKubernetesVersionfeature gate, i.e., having worker pools with overridden Kubernetes versions. (gardener/gardener-extension-provider-gcp#382, @rfranzke) - [OPERATOR]
gardener-extension-admission-gcpnow supports configuration for enabling service account token volume projection. It is exposed through the.Values.global.serviceAccountTokenVolumeProjectionsection in the respective chart's values. (gardener/gardener-extension-provider-gcp#380, @dimityrmirchev) - [OPERATOR] It is now possible to configure a
userinstead of aserviceaccountsubject in theclusterrolebindingfor thegardener-extension-admission-gcpwhen using virtual garden setup by setting.Values.global.virtualGarden.user.name. (gardener/gardener-extension-provider-gcp#380, @dimityrmirchev)
🐛 Bug Fixes
- [USER] The validation of the Worker's
.providerConfig.serviceAccount.emailis no longer omitted and the field cannot be empty or invalid. (gardener/gardener-extension-provider-gcp#389, @vlvasilev) - [OPERATOR] The following dependency is updated: (gardener/gardener-extension-provider-gcp#386, @ialidzhikov)
- github.com/gardener/gardener: v1.39.0 -> v1.39.4
🏃 Others
- [OPERATOR] The CPU limit of
csi-driver-node/csi-driveris increased from 50m to 100m to allow bigger bursts. (gardener/gardener-extension-provider-gcp#393, @vpnachev) - [OPERATOR] The following images are updated: (gardener/gardener-extension-provider-gcp#372, @acumino)
- gcr.io/gke-release/gcp-compute-persistent-disk-csi-driver v1.0.1-gke.0 -> v1.3.4-gke.0
📰 Noteworthy
- [OPERATOR] The extension controller uses a projected
ServiceAccounttoken in case it runs on a seed with a gardenlet of at leastv1.37or higher. Similarly, the components deployed into shoot namespaces will no longer use a client certificate but an auto-rotatedServiceAccounttoken which is only valid for12h. (gardener/gardener-extension-provider-gcp#368, @rfranzke)
[cloud-provider-gcp]
✨ New Features
- [DEPENDENCY]
k8s.io/legacy-cloud-providersis now updated tov1.23.2. (gardener/cloud-provider-gcp@d41cc9f035bc) - [DEPENDENCY]
k8s.io/legacy-cloud-providersis now updated tov0.22.6. (gardener/cloud-provider-gcp@6f87ed1cc00b) - [DEPENDENCY]
k8s.io/legacy-cloud-providersis now updated tov0.21.9. (gardener/cloud-provider-gcp@a2f06f4ba9f3) - [DEPENDENCY]
k8s.io/legacy-cloud-providersis now updated tov0.20.15. (gardener/cloud-provider-gcp@372aa43fbacd)
🏃 Others
- [DEVELOPER] The alpine version has been updated to
v3.13.7. (gardener/cloud-provider-gcp@b7eb3f56b252)
[machine-controller-manager]
⚠️ Breaking Changes
- [OPERATOR] Components that deploy the
machine-controller-managerwill now have to adapt the RBAC rules to allowmachine-controller-managerto maintain its leader election resource lock inleasesas well. (gardener/machine-controller-manager#662, @acumino)
✨ New Features
- [OPERATOR] orphan collection is also triggered if machine obj is updated with having multiple backing VMs (gardener/machine-controller-manager#667, @himanshu-kun)
🏃 Others
- [USER] Updated golang version to v1.17 (gardener/machine-controller-manager#664, @AxiomSamarth)
- [OPERATOR] The default leader election resource lock of
machine-controller-managerhas been changed fromendpointstoendpointsleases. (gardener/machine-controller-manager#662, @acumino)
[terraformer]
🏃 Others
- [OPERATOR] The following terraform provider plugins are updated: (gardener/terraformer#108, @ialidzhikov)
- hashicorp/terraform-provider-aws: 3.63.0 -> 3.66.0
- [OPERATOR] terraform has been upgraded to 0.14.11 (gardener/terraformer#106, @stoyanr)
📰 Noteworthy
- [OPERATOR] The following terraform provider plugin is updated: (gardener/terraformer#116, @molecule-z)
aliyun/terraform-provider-alicloud:1.124.2->1.149.0
v1.20.1
[gardener-extension-provider-gcp]
🏃 Others
- [OPERATOR] The CPU limit of
csi-driver-node/csi-driveris increased from 50m to 100m to allow bigger bursts. (gardener/gardener-extension-provider-gcp#394, @vpnachev)
v1.20.0
[gardener-extension-provider-gcp]
⚠️ Breaking Changes
- [OPERATOR] Removed cleanup logic for GCPMachineClass objects. (gardener/gardener-extension-provider-gcp#360, @kon-angelo)
✨ New Features
- [OPERATOR] It is now possible to specify a zone name prefixed with the project id, in addition to an unprefixed zone name, in the
spec.zonefield of aDNSRecordresource. (gardener/gardener-extension-provider-gcp#350, @stoyanr)
🐛 Bug Fixes
- [USER] The cloud NAT IP validation has been fixed to correctly recognise if the external IP address is in use by the shoot's router. (gardener/gardener-extension-provider-gcp#331, @stoyanr)
🏃 Others
- [OPERATOR] The admission webhook validating the minimum workers in a pool to be >= number of availability zones has been made backward compatible with shoot clusters that have been created before this admission check to be implemented. (gardener/gardener-extension-provider-gcp#352, @vpnachev)
- [OPERATOR] Improve the
Shootvalidation error when the.spec.provider.workers[].minimumvalue is less than the number of.spec.provider.workers[].zones. (gardener/gardener-extension-provider-gcp#336, @plkokanov) - [OPERATOR] Handle extensionsv1alpha1.Bastion resources for SSH access to worker instances (gardener/gardener-extension-provider-gcp#288, @tedteng)
- [DEVELOPER] The
rewrite_tagfilter in the logging configuration is replaced bymodifyone (gardener/gardener-extension-provider-gcp#338, @vlvasilev)
📰 Noteworthy
- [USER] Since go1.17 both
net.ParseIPandnet.ParseCIDRreject leading zeros in the dot-decimal notation of IPv4 addresses. With the update to go1.17, admission-gcp now rejects Shoot objects with CIDR ranges that have such leading zeros in the dot-decimal notation. Before updating to this version of admission-gcp, make sure that there are no Shoot objects with leading zeros in the dot-decimal notation of an IPv4 address. For reference: https://nvd.nist.gov/vuln/detail/CVE-2021-29923 (gardener/gardener-extension-provider-gcp#364, @rfranzke) - [DEVELOPER] The Golang version has been updated to
1.17.5. (gardener/gardener-extension-provider-gcp#364, @rfranzke)
[machine-controller-manager]
✨ New Features
- [USER] End User can now delete the backing machine object of the node instantly by annotating the desired node with 'node.machine.sapcloud.io/trigger-deletion-by-mcm="true"` (gardener/machine-controller-manager#648, @AxiomSamarth)
- [USER] Added *expectedNodeDetails field to the MachineClass API (gardener/machine-controller-manager#644, @AxiomSamarth)
🐛 Bug Fixes
- [OPERATOR] A bug has been fixed in the pre-delivered CRD manifests for MCM (
/kubernetes/crds). It caused data to be pruned from MCM related resources and led to reconciliation issues. (gardener/machine-controller-manager#641, @timuthy)
📖 Documentation
- [DEVELOPER]
make generatenow generates v1 version of CRDs by default instead of v1beta1. (gardener/machine-controller-manager#640, @himanshu-kun)
🏃 Others
- [USER] Update Kubernetes dependency versions to v1.20.6 (gardener/machine-controller-manager#601, @AxiomSamarth)
[terraformer]
🐛 Bug Fixes
- [DEVELOPER] A bug has been fixed preventing to use Terraformer with a Terraform version >= 0.13. (gardener/terraformer#102, @rfranzke)
🏃 Others
- [OPERATOR] terraform has been upgraded to 0.13.7 (gardener/terraformer#105, @stoyanr)
- [OPERATOR] The following terraform provider plugins are updated: (gardener/terraformer#104, @ialidzhikov)
- hashicorp/terraform-provider-aws: 3.54.0 -> 3.63.0
- [OPERATOR] The following terraform provider plugins are updated: (gardener/terraformer#101, @ialidzhikov)
- hashicorp/terraform-provider-aws: 3.32.0 -> 3.54.0
📰 Noteworthy
- [DEVELOPER] The version for the
equinixmetalTerraform provider plugin has been updated to3.1.0. (gardener/terraformer#103, @rfranzke)
v1.19.2
[gardener-extension-provider-gcp]
🏃 Others
- [OPERATOR] Improve the
Shootvalidation error when the.spec.provider.workers[].minimumvalue is less than the number of.spec.provider.workers[].zones. (gardener/gardener-extension-provider-gcp#354, @vpnachev) - [OPERATOR] The admission webhook validating the minimum workers in a pool to be >= number of availability zones has been made backward compatible with shoot clusters that have been created before this admission check to be implemented. (gardener/gardener-extension-provider-gcp#354, @vpnachev)
Docker Images
gardener-extension-provider-gcp: eu.gcr.io/gardener-project/gardener/extensions/provider-gcp:v1.19.2
gardener-extension-admission-gcp: eu.gcr.io/gardener-project/gardener/extensions/admission-gcp:v1.19.2
v1.19.1
[gardener-extension-provider-gcp]
🐛 Bug Fixes
- [USER] The cloud NAT IP validation has been fixed to correctly recognise if the external IP address is in use by the shoot's router. (gardener/gardener-extension-provider-gcp#332, @stoyanr)
Docker Images
gardener-extension-provider-gcp: eu.gcr.io/gardener-project/gardener/extensions/provider-gcp:v1.19.1
gardener-extension-admission-gcp: eu.gcr.io/gardener-project/gardener/extensions/admission-gcp:v1.19.1