Skip to content

Releases: gardener/gardener-extension-provider-gcp

v1.19.0

27 Sep 07:54
@gardener-robot-ci-3 gardener-robot-ci-3
v1.19.0
ece6989
Compare
Choose a tag to compare
v1.19.0

[gardener-extension-provider-gcp]

✨ New Features

  • [USER] The GCP extension does now support shoot clusters with Kubernetes version 1.22. You should consider the Kubernetes release notes before upgrading to 1.22. (#314, @timuthy)
  • [USER] The following images are updated (see CHANGELOG for more details): (#297, @tareqhs)
    • k8s.gcr.io/sig-storage/csi-snapshotter: v2.1.5 -> v3.0.3
    • k8s.gcr.io/sig-storage/snapshot-controller: v2.1.5 -> v3.0.3
  • [OPERATOR] NAT IP names in infrastructure config are now checked if they exist and are available, and if not the issue is reported as ERR_CONFIGURATION_PROBLEM with a clear error message. (#312, @stoyanr)

🐛 Bug Fixes

  • [USER] An issue has been fixed which prevented worker nodes with separate data disks to get ready. (#327, @timuthy)

🏃 Others

  • [USER] Add validation for min # of workers required to support scale-up from zero. (#296, @AxiomSamarth)
  • [DEVELOPER] Missing or wrong doc comments will now be reported by the linter. (#319, @stoyanr)

[cloud-provider-gcp]

✨ New Features

🏃 Others

Contributors

tareksha, stoyanr, and 4 other contributors
Assets 3
Loading

v1.18.0

05 Aug 05:30
@gardener-robot-ci-3 gardener-robot-ci-3
v1.18.0
478cee3
Compare
Choose a tag to compare
v1.18.0

[gardener-extension-provider-gcp]

⚠️ Breaking Changes

  • [OPERATOR] The default leader election resource lock of gardener-extension-provider-gcp has been changed from configmapsleases to leases. (#287, @ialidzhikov)
    • Please make sure, that you had at least gardener-extension-provider-gcp@v1.15 running before upgrading to v1.18.0, so that it has successfully required leadership with the hybrid resource lock (configmapsleases) at least once.

✨ New Features

  • [OPERATOR] It is now possible to specify the leader election resource lock via the chart value leaderElection.resourceLock (defaults to leases). (#287, @ialidzhikov)

🐛 Bug Fixes

  • [USER] Do not trigger a node rollout when switching from CRI.Name==nil to CRI.Name==docker. (#290, @BeckerMax)

🏃 Others

  • [USER] The following image is updated: (#301, @ialidzhikov)
    • k8s.gcr.io/sig-storage/csi-provisioner: v1.6.0 -> v2.1.2 (see CHANGELOG)
  • [OPERATOR] machine-controller-manager logs are exposed to the end-users (#300, @vlvasilev)

[machine-controller-manager]

⚠️ Breaking Changes

  • [OPERATOR] Draining of pods with PVs (Persistent Volume) now waits for re-attachment of PV on a different node when volumeAttachments support is enabled on the cluster. Else it falls back to the default PV reattachment timeout value configured. The default value is 90s and this can be overwritten via the machine-pv-reattach-timeout flag. Please enable permissions to allow listing of volumeAttachments resource while importing these changes. (gardener/machine-controller-manager#608, @prashanth26)

✨ New Features

🐛 Bug Fixes

🏃 Others

[machine-controller-manager-provider-gcp]

🏃 Others

[terraformer]

⚠️ Breaking Changes

  • [DEVELOPER] Once the azurerm provider plugin is updated from v2.36.0 to v2.68.0 the skip_provider_registration flag in the provider section need to be set to true. (gardener/terraformer#99, @dkistner)

🏃 Others

Docker Images

gardener-extension-provider-gcp: eu.gcr.io/gardener-project/gardener/extensions/provider-gcp:v1.18.0
gardener-extension-admission-gcp: eu.gcr.io/gardener-project/gardener/extensions/admission-gcp:v1.18.0

Contributors

dkistner, BeckerMax, and 6 other contributors
Assets 3
Loading

v1.17.0

18 Jun 15:10
@gardener-robot-ci-1 gardener-robot-ci-1
v1.17.0
1b4aefa
Compare
Choose a tag to compare
v1.17.0

[gardener-extension-provider-gcp]

⚠️ Breaking Changes

  • [OPERATOR] This version of provider-gcp requires at least Gardener v1.21.0. Before upgrading to this version of provider-gcp, make sure that you upgraded to at least Gardener v1.21.0. (#283, @ialidzhikov)

🐛 Bug Fixes

  • [OPERATOR] provider-gcp is now using a separate ManagedResource for ControlPlane CRDs (volumesnapshot related CRDs) that are installed in the Shoot cluster to separate the deletion of CRDs from the deletion of the RBAC for controller leader election. (#283, @ialidzhikov)
  • [OPERATOR] An issue causing Infrastructure with multiple .networks.cloudNAT.natIPNames to fail to be reconciled is now fixed. (#266, @ialidzhikov)

🏃 Others

  • [USER] The following image is updated (see CHANGELOG for more details): (#279, @ialidzhikov)
    • k8s.gcr.io/sig-storage/livenessprobe: v2.2.0 -> v2.3.0
  • [OPERATOR] When creating or updating shoots, any Kubernetes feature gates mentioned are validated against the Kubernetes version. If any feature gates are unknown or not supported in the Kubernetes version, the validation fails. (#280, @stoyanr)
  • [OPERATOR] Replace infrastructure's terraform helm chart with native go templates. (#268, @kon-angelo)

[machine-controller-manager]

✨ New Features

🐛 Bug Fixes

[machine-controller-manager-provider-gcp]

⚠️ Breaking Changes

🏃 Others

[terraformer]

✨ New Features

  • [OPERATOR] Terraformer now copies Terraform's error outputs to /terraform-termination-log to make it available in the containers termination message for better analyzing and more readable error messages (e.g. in the Shoot status). (gardener/terraformer#93, @timebertt)

🏃 Others

Docker Images

gardener-extension-provider-gcp: eu.gcr.io/gardener-project/gardener/extensions/provider-gcp:v1.17.0
gardener-extension-admission-gcp: eu.gcr.io/gardener-project/gardener/extensions/admission-gcp:v1.17.0

Assets 3
Loading

v1.16.2

20 May 13:32
@gardener-robot-ci-2 gardener-robot-ci-2
v1.16.2
637e99f
Compare
Choose a tag to compare
v1.16.2

[machine-controller-manager]

✨ New Features

🐛 Bug Fixes

[machine-controller-manager-provider-gcp]

⚠️ Breaking Changes

🏃 Others

Docker Images

gardener-extension-provider-gcp: eu.gcr.io/gardener-project/gardener/extensions/provider-gcp:v1.16.2
gardener-extension-admission-gcp: eu.gcr.io/gardener-project/gardener/extensions/admission-gcp:v1.16.2

Assets 3
Loading

v1.16.1

14 May 14:24
@gardener-robot-ci-2 gardener-robot-ci-2
v1.16.1
1257b79
Compare
Choose a tag to compare
v1.16.1

[gardener-extension-provider-gcp]

🐛 Bug Fixes

  • [OPERATOR] An issue causing Infrastructure with multiple .networks.cloudNAT.natIPNames to fail to be reconciled is now fixed. (#267, @ialidzhikov)

Docker Images

gardener-extension-provider-gcp: eu.gcr.io/gardener-project/gardener/extensions/provider-gcp:v1.16.1
gardener-extension-admission-gcp: eu.gcr.io/gardener-project/gardener/extensions/admission-gcp:v1.16.1

Assets 3
Loading

v1.16.0

30 Apr 10:01
@gardener-robot-ci-1 gardener-robot-ci-1
v1.16.0
9c824b3
Compare
Choose a tag to compare
v1.16.0

[gardener-extension-provider-gcp]

⚠️ Breaking Changes

  • [USER] Extension resource configs (InfrastructureConfig, ControlPlaneConfigs, WorkerConfig) are now deserialized in "strict" mode, including during validation by the admission webhook. This means that resources with fields that are not allowed by the API schema will be rejected by validation. Creating new shoots containing such resources will not be possible, and reconciling existing shoots will fail with an appropriate error until you manually update the shoot to make sure any extension resource configs contained in it are valid. (#249, @stoyanr)

✨ New Features

🏃 Others

  • [USER] The following images are updated: (#252, @ialidzhikov)
    • k8s.gcr.io/sig-storage/csi-snapshotter: v2.1.4 -> v2.1.5
    • k8s.gcr.io/sig-storage/snapshot-controller: v2.1.4 -> v2.1.5
    • k8s.gcr.io/sig-storage/livenessprobe: v2.0.0 -> v2.2.0
  • [OPERATOR] The few CSI sidecar containers that didn't specify any resource requests and limits do now specify appropriate requests and limits. (#254, @ialidzhikov)
  • [OPERATOR] admission-gcp memory usage is reduced by not using cache for reading Secrets. (#253, @ialidzhikov)

[cloud-provider-gcp]

✨ New Features

🏃 Others

[machine-controller-manager]

🐛 Bug Fixes

[terraformer]

🐛 Bug Fixes

  • [OPERATOR] The aws provider has been downgraded from 3.32.0 to 3.18.0 due to issue with additionally required permission for the AWS accounts. (gardener/terraformer#87, @vpnachev)

🏃 Others

  • [OPERATOR] The following terraform provider plugins are updated: (gardener/terraformer#88, @ialidzhikov)
    • hashicorp/terraform-provider-google: 3.59.0 -> 3.62.0
    • hashicorp/terraform-provider-google-beta: 3.59.0 -> 3.62.0
  • [DEVELOPER] The golang has been updated to 1.16.2, the alpine has been updated to 3.13.2. (gardener/terraformer#85, @vpnachev)

Docker Images

gardener-extension-provider-gcp: eu.gcr.io/gardener-project/gardener/extensions/provider-gcp:v1.16.0
gardener-extension-admission-gcp: eu.gcr.io/gardener-project/gardener/extensions/admission-gcp:v1.16.0

Assets 3
Loading

v1.15.0

29 Mar 04:04
@gardener-robot-ci-1 gardener-robot-ci-1
v1.15.0
568ccbd
Compare
Choose a tag to compare
v1.15.0

[gardener-extension-provider-gcp]

⚠️ Breaking Changes

  • [OPERATOR] The ValidatingWebhookConfiguration of the GCP admission controller has been changed from version v1beta1 to v1. Please make sure to deploy the admission controller only to clusters with a Kubernetes version >= 1.16 (#230, @timuthy)

✨ New Features

  • [OPERATOR] The secrets and configmaps used by the terraformer now have an owner reference to the Infrastructure resource. (#228, @vpnachev)
  • [OPERATOR] The GCP extension now uses a new terraformer image only including the GCP terraform provider plugin (v2.1.0). (#227, @timebertt)

🐛 Bug Fixes

  • [USER] The following images are updated (see CHANGELOG for more details): (#237, @ialidzhikov)
    • quay.io/k8scsi/csi-snapshotter: v2.1.3 -> v2.1.4
    • quay.io/k8scsi/snapshot-controller: v2.1.3 -> v2.1.4

🏃 Others

  • [OPERATOR] The cloud-controller-manager VPA does now specify minAllowed values to prevent too low resource recommendations from VPA that lead to OOM. (#240, @ialidzhikov)
  • [OPERATOR] All resources are now deleted from the shoot namespace during migration. Also, during restore the MCM is now scaled down to 0 and not deleted. (#239, @kris94)
  • [OPERATOR] Golang has been updated to 1.15.5 (#228, @vpnachev)
  • [OPERATOR] Alpine base image has been updated to 3.12.3. (#228, @vpnachev)
  • [OPERATOR] Reducing credential update complexity by all the machine classes using the new .{spec.}credentialsSecretRef field. (#222, @danielfoehrKn)
    • This means all worker pools use the same "cloudprovider" secret containing only the cloud provider credentials.
    • The existing MachineClass SecretReference only contains the user data that is different for each pool.
  • [DEVELOPER] github.com/gardener/gardener dependency is now updated to v1.19.0. For the complete list of changes, see the release notes. (#245, @ialidzhikov)

📰 Noteworthy

  • [OPERATOR] The validator/admission component's Helm chart is now deploying a VerticalPodAutoscaler resource by default. If undesired or no VPA is available in the garden cluster then it can be turned of via .Values.global.vpa.enabled=false. (#234, @rfranzke)

[cloud-provider-gcp]

🏃 Others

[machine-controller-manager]

⚠️ Breaking Changes

  • [DEVELOPER] machine-controller-manager now checks for misconfigured PodDisruptionBudgets (ones that require zero voluntary evictions and make impossible the graceful Node drain) and sets better Machine .status.lastOperation.description for such Machines. This change is breaking as out-of-tree providers need new RBAC permissions - list and watch access for PodDisruptionBudgets in the target cluster. (gardener/machine-controller-manager#591, @ialidzhikov)

🏃 Others

[terraformer]

🐛 Bug Fixes

  • [OPERATOR] A bug was fixed that caused terraform to leak its finalizer on ConfigMaps and Secrets in case of an interrupt during terraform destroy. (gardener/terraformer#71, @timebertt)
  • [OPERATOR] A bug was fixed that caused terraform to leak its finalizer on ConfigMaps and Secrets in case of an interrupt during terraform destroy. (gardener/terraformer#72, @timebertt)

🏃 Others

  • [OPERATOR] The following terraform provider plugins are updated: (gardener/terraformer#84, @ialidzhikov)
    • hashicorp/terraform-provider-aws: 3.18.0 -> 3.32.0
    • hashicorp/terraform-provider-google: 3.27.0 -> 3.59.0
    • hashicorp/terraform-provider-google-beta: 3.27.0 -> 3.59.0
  • [OPERATOR] The Terraformer now instantly removes its finalizer from the state ConfigMap if the state is empty and destroy is called. A separate Terraform destroy is not executed. (gardener/terraformer#80, @timuthy)
  • [OPERATOR] Terraformer will now publish an additional image without any pre-installed terraform plugins. (gardener/terraformer#77, @Diaphteiros)
  • [OPERATOR] Provides support for the Equinix Metal provider, which replaces the Packet one (gardener/terraformer#73, @deitch)
  • [OPERATOR] The terraformer-openstack use now the openstack provider in version v1.37.0 (gardener/terraformer#70, @kon-angelo)
  • [OPERATOR] The terraformer-openstack use now the openstack provider in version v1.36.0 (gardener/terraformer#68, @dkistner)
  • [OPERATOR] The configmaps and secrets used to contain terraform configuration, state and variables are now protected with a finalizer against accidental deletion. (gardener/terraformer#65, @vpnachev)

📰 Noteworthy

Docker Images

gardener-extension-provider-gcp: eu.gcr.io/gardener-project/gardener/extensions/provider-gcp:v1.15.0
gardener-extension-admission-gcp: eu.gcr.io/gardener-project/gardener/extensions/admission-gcp:v1.15.0

Assets 3
Loading

v1.14.0

07 Jan 11:02
@gardener-robot-ci-3 gardener-robot-ci-3
v1.14.0
e23115a
Compare
Choose a tag to compare
v1.14.0

[gardener-extension-provider-gcp]

✨ New Features

🏃 Others

  • [USER] The following images are updated to address CVE-2020-8569: (#220, @ialidzhikov)
    • quay.io/k8scsi/csi-snapshotter: v2.1.1 -> v2.1.3
    • quay.io/k8scsi/snapshot-controller: v2.1.1 -> v2.1.3
  • [USER] New dashboards which expose logs for cloud-controller-manager and csi-driver-controller. (#207, @Kristian-ZH)
  • [OPERATOR] A bug that was preventing the deletion machines with outdated credentials is now fixed. (#215, @ialidzhikov)
  • [DEVELOPER] github.com/gardener/gardener dependency is now updated to v1.15.0. (#225, @ialidzhikov)

📰 Noteworthy

  • [OPERATOR] Logging in the infrastructure actuator has been improved to make it consistent in the logging format and more readable/helpful. (#208, @timebertt)
  • [DEVELOPER] The infrastructure integration test can now be triggered on a PR by commenting /test instead of /test-single. (#213, @timebertt)

[cloud-provider-gcp]

✨ New Features

🏃 Others

[machine-controller-manager]

✨ New Features

  • [OPERATOR] All machine classes do now support an optional .{spec.}credentialsSecretRef field in addition to today's .{spec.}secretRef field. If .{spec.}credentialsSecretRef is non-nil then the provider credentials will be read out of this secret. The user-data for the machine bring-up is still required to be part of the secret referenced by .{spec.}secretRef. (gardener/machine-controller-manager#578, @rfranzke)
  • [OPERATOR] Some machine class secrets are now supporting alternative data keys: (gardener/machine-controller-manager#578, @rfranzke)
    • The machine class secret for Alicloud machines does now also accept the data keys accessKeyID and accessKeySecret as alternatives for today's keys.
    • The machine class secret for AWS machines does now also accept the data keys accessKeyID and secretAccessKey as alternatives for today's keys.
    • The machine class secret for Azure machines does now also accept the data keys clientID, clientSecret, subscriptionID and tenantID as alternatives for today's keys.
    • The machine class secret for GCP machines does now also accept the data key serviceaccount.json as alternatives for today's key.

🏃 Others

📰 Noteworthy

[machine-controller-manager-provider-gcp]

✨ New Features

🏃 Others

Docker Images

gardener-extension-provider-gcp: eu.gcr.io/gardener-project/gardener/extensions/provider-gcp:v1.14.0
gardener-extension-admission-gcp: eu.gcr.io/gardener-project/gardener/extensions/admission-gcp:v1.14.0

Assets 3
Loading

v1.13.1

27 Nov 09:59
@gardener-robot-ci-2 gardener-robot-ci-2
v1.13.1
43f8aa1
Compare
Choose a tag to compare
v1.13.1

[machine-controller-manager]

🏃 Others

📰 Noteworthy

Docker Images

gardener-extension-provider-gcp: eu.gcr.io/gardener-project/gardener/extensions/provider-gcp:v1.13.1
gardener-extension-admission-gcp: eu.gcr.io/gardener-project/gardener/extensions/admission-gcp:v1.13.1

Assets 3
Loading

v1.13.0

23 Nov 13:49
@gardener-robot-ci-2 gardener-robot-ci-2
v1.13.0
3510ad2
Compare
Choose a tag to compare
v1.13.0

[gardener-extension-provider-gcp]

Most notable changes

  • [OPERATOR] The infrastructure actuator is now injecting infrastructure credentials into the terraformer PodSpec via secret references instead of plain env var values. (#203, @timebertt)
  • [OPERATOR] The terraformer version has been upgraded to version v2.0.0-rc.0. (#190, @timebertt)

Improvements

  • [OPERATOR] Firewall range for internal access is now set via networks.worker and networks.internal cidr range. (#196, @qiffang)
  • [OPERATOR] Golang version is updated to 1.15 and alpine image version is updated to 3.12.1. (#195, @DockToFuture)
  • [OPERATOR] Revert machine drain timeout to 2hrs from 12hrs (#193, @prashanth26)
  • [OPERATOR] Adds priority class for extension pods to prevent preemption. (#189, @danielfoehrKn)
  • [DEVELOPER] An issue causing make test to fail on macOS is now fixed. (#197, @ialidzhikov)

[machine-controller-manager]

Most notable changes

Improvements

[machine-controller-manager-provider-gcp]

Improvements

[terraformer]

Action Required

  • [DEVELOPER] Terraformer version v2 now requires to pass in ConfigMap and Secret names via command line flags instead of environment variables and the base command of the docker image has changed to /terraformer. Please see the examples for more details. (gardener/terraformer#58, @timebertt)
  • [DEVELOPER] If your provider extension is deploying terraformer Pods via gardener's terraformer library, please make sure, that you use at least gardener/gardener@v1.12.0 and set terraformer.UseV2(true) in order to deploy a PodSpec, that is compatible with terraformer v2. (gardener/terraformer#58, @timebertt)

Most notable changes

  • [OPERATOR] Terraformer was rewritten in go and now watches the terraform state file in order to continuously update the state ConfigMap to not lose any relevant infrastructure state. (gardener/terraformer#58, @timebertt)
  • [DEVELOPER] You can now run a small e2e test, that creates some lightweight resource on AWS via terraform, by executing make test-e2e. (gardener/terraformer#51, @timebertt)

Improvements

  • [DEVELOPER] You can use make start-dev-container to start a docker container which can run terraformer and tests in an isolated environment for development and testing. Also make start will run terraformer commands in such a development container. (gardener/terraformer#58, @timebertt)

Docker Images

gardener-extension-provider-gcp: eu.gcr.io/gardener-project/gardener/extensions/provider-gcp:v1.13.0
gardener-extension-admission-gcp: eu.gcr.io/gardener-project/gardener/extensions/admission-gcp:v1.13.0

Assets 3
Loading