diff --git a/CHANGELOG.md b/CHANGELOG.md index 7f61ddd70bc..501442efd4d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,114 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). +## 0.10.0 - 2019-01-14 + +### Added + +- The installer pushes an Infrastructure object to + infrastructures.config.openshift.io with platform information. + Cluster components should use this instead of the deprecated + `cluster-config-v1` resource. +- `openshift-install` has a new `completion` subcommand, to generation + shell-completion code (currently only for Bash). +- On AWS, `destroy cluster` now also removed IAM users with the usual + tags. We don't create these users yet, but the removal sets the + stage for the coming credentials operator. + +### Changed + +- Install configuration now includes a new `apiVersion` property which + must be set to `v1beta1`. Future changes to the install-config + schema will result in new versions, allowing new installers to + continue to support older install-config schema (and older + installers to error out when presented with newer install-config + schema). Changes to the schema since 0.9.0: + + - `clusterID` has been removed. This should be a new UUID for + every cluster, so there is no longer an easy way for users to + configure it. + - Image configuration has been removed. Almost all users should + be fine with the installer-chosen RHCOS. Users who need to + override the RHCOS build (because they're testing new RHCOS + releases) can set a new `OPENSHIFT_INSTALL_OS_IMAGE_OVERRIDE` + environment variable. + - Per-platform network properties have been consolidated into the + platform-agnostic `machineCIDR` from which node IP addresses are + assigned. + - On libvirt, all machine-pool configuration has been removed, as + no remaining properties were supported by the libvirt + cluster-API provider. + +- `install-config.yaml` read during [staged + installs](docs/user/overview.md#multiple-invocations) will now have + installer-defaults applied for missing properties. This allows you + to set only the properties you are interested in overriding, and + allow the installer to manage the remaining properties. +- `create ignition-configs` now also writes the admin kubeconfig to + the asset directory, to support bring-your-own-infrastructure use + cases. +- The bootstrap node now [serves + journals](docs/user/troubleshooting.md#troubleshooting-the-bootstrap-node) + for easier troubleshooting. +- The validity for the initial kubelet TLS certificate has been + increased from one hour to 24 hours, to give + bring-your-own-infrastructure users longer to manually distribute + the certificate before it expires. +- The key for the root certificate authority is no longer pushed into + the cluster (not even to the bootstrap node). +- Machine(set)s generated by the installer now use `providerSpec` + instead of the deprecated `providerConfig`. +- On AWS, the load balancers now use HTTPS health checks to reduce log + noise like: + + http: TLS handshake error from 10.0.20.86:28372: EOF + +- On AWS, IAM roles are now tagged with the usual resource tags + (`openshiftClusterID`, etc.). Some other resources have had their + tags updated to match those conventions (e.g. the internal Route 53 + hosted zone was updated from `KubernetesCluster` to + `kubernetes.io/cluster/{name}: owned`). +- The OpenStack platform has been removed from the install-config + wizard while it remains experimental. It is still available for + users who supply their own `install-config.yaml`. +- On OpenStack, the service VP now respects any SSH key specified in + the install configuration. +- On OpenStack, a developer-only internal DNS server has been removed, + so users need to configure additional records for the existing + external DNS zone. +- On OpenStack, Neutron trunk ports are now used for VM network + interfaces if Neutron supports them to support future Kuryr + integration. +- On OpenStack, masters and workers have been consolidated in a single + subnet to simplify the deployment. +- On OpenStack, the Ignition security group now only allows internal + connections, and no longer allows connections from outside the + cluster network. +- On OpenStack, the machine(set) templates have been updated to set + `cloudName` and some other properties. +- On libvirt, `destroy cluster` is not more robust in the face of + domains which were already shutdown. +- Lots of doc and internal cleanup and minor fixes. + +### Removed + +- Support for `install-config.yml` (deprecated in 0.8.0) has been + removed. + +### Fixed + +- On AWS, domain pagination for the wizard's base-domain select widget + has been fixed. Previously, it would continuously fetch the first + page of hosted zones (for accounts with multiple pages of zones) + until it hit an error like: + + ``` + ERROR list hosted zones: Throttling: Rate exceeded + status code: 400, request id: ... + ``` + + before falling back to a free-form base domain input. + ## 0.9.0 - 2019-01-05 ### Added