v1.25.0

[gardener-extension-provider-openstack]

⚠️ Breaking Changes

• [OPERATOR] A failing Kubernetes conformance test when ManagedIstio and APIServerSNI feature gates are disabled is now fixed. (gardener/gardener-extension-provider-openstack#425, @dergeberl)

✨ New Features

• [USER] The provider-openstack extension now installs the external-snapshotter's validating webhook server for VolumeSnapshot and VolumeSnapshotContent objects. For more details check the corresponding KEP. (gardener/gardener-extension-provider-openstack#427, @acumino)
• [USER] The following images are updated (see CHANGELOG for more details): (gardener/gardener-extension-provider-openstack#405, @ialidzhikov)
  • k8s.gcr.io/sig-storage/csi-snapshotter: v2.1.5 -> v3.0.3
  • k8s.gcr.io/sig-storage/snapshot-controller: v2.1.5 -> v3.0.3
• [DEVELOPER] provider-openstack and admission-openstack components now support --version flag that prints the component version information and useful metadata. (gardener/gardener-extension-provider-openstack#426, @ialidzhikov)

🐛 Bug Fixes

• [USER] An issue preventing load balancers from being functional for K8s 1.23 clusters has been fixed. (gardener/gardener-extension-provider-openstack#415, @rfranzke)

🏃 Others

• [OPERATOR] The cloudprovider webhook will now use objectSelector to filter secrets when gardener-version >=1.42. (gardener/gardener-extension-provider-openstack#424, @kon-angelo)
• [OPERATOR] Parameters of the etcd StorageClass can now be set (gardener/gardener-extension-provider-openstack#423, @Kumm-Kai)
• [OPERATOR] Vendor gardener/gardener v1.42.3. (gardener/gardener-extension-provider-openstack#419, @kon-angelo)
• [OPERATOR] The monitoring dashboards provided by this extension: (gardener/gardener-extension-provider-openstack#409, @ialidzhikov)
  • are now using UTC by default (instead of the browser time)
  • do no longer auto refresh by default
• [OPERATOR] The gardener-extension-admission-openstack webhook now contains an object selector for provider type label. Please make sure you are running [email protected] or later before enabling this. (gardener/gardener-extension-provider-openstack#407, @shafeeqes)
• [OPERATOR] The terraformer pod deployed as part of shoot control planes is now using auto-rotated ServiceAccount tokens when communicating with the seed cluster. (gardener/gardener-extension-provider-openstack#406, @rfranzke)

[machine-controller-manager]

🐛 Bug Fixes

• [USER] The value for key cluster-autoscaler.kubernetes.io/scale-down-disabled placed by MCM is now true and not True. This typo stopped MCM from disabling CA from scaling down during rolling update. (gardener/machine-controller-manager#685, @himanshu-kun)
• [USER] MCM now marks 1 machine per machineDeployment as Failed at a time in case of healthTimeout. This is introduced to deal with meltdown scenario (gardener/machine-controller-manager#683, @himanshu-kun)
• [USER] typo stopping scaleDown disabling during cluster rollout is fixed (gardener/machine-controller-manager#687, @himanshu-kun)

🏃 Others

• [OPERATOR] machine-controller-manager does now log the Node conditions when it considers Machine as unhealthy (and changes its state to Unknown). (gardener/machine-controller-manager#676, @ialidzhikov)

[machine-controller-manager-provider-openstack]

🐛 Bug Fixes

• [USER] A regression in Machine creation from imageName is now fixed. (gardener/machine-controller-manager-provider-openstack#49, @ialidzhikov)
• [OPERATOR] An issue causing klog's --v flag to be not respected is now fixed. (gardener/machine-controller-manager-provider-openstack#47, @ialidzhikov)

🏃 Others

• [USER] Revendor MCM dependency to v0.44.1 (gardener/machine-controller-manager-provider-openstack#55, @kon-angelo)

[terraformer]

🏃 Others

• [OPERATOR] terraform has been upgraded to 0.15.5 (gardener/terraformer#107, @stoyanr)

v1.24.2

[gardener-extension-provider-openstack]

🐛 Bug Fixes

• [USER] An issue preventing load balancers from being functional for K8s 1.23 clusters has been fixed. (gardener/gardener-extension-provider-openstack#417, @ialidzhikov)

Docker Images

gardener-extension-provider-openstack: eu.gcr.io/gardener-project/gardener/extensions/provider-openstack:v1.24.2
gardener-extension-admission-openstack: eu.gcr.io/gardener-project/gardener/extensions/admission-openstack:v1.24.2

v1.24.1

[machine-controller-manager]

🐛 Bug Fixes

• [USER] typo stopping scaleDown disabling during cluster rollout is fixed (gardener/machine-controller-manager#687, @himanshu-kun)

v1.24.0

[gardener-extension-provider-openstack]

✨ New Features

• [OPERATOR] gardener-extension-admission-openstack now supports configuration for enabling service account token volume projection. It is exposed through the .Values.global.serviceAccountTokenVolumeProjection section in the respective chart's values. (gardener/gardener-extension-provider-openstack#387, @dimityrmirchev)
• [OPERATOR] It is now possible to configure a user instead of a serviceaccount subject in the clusterrolebinding for the gardener-extension-admission-openstack when using virtual garden setup by setting .Values.global.virtualGarden.user.name. (gardener/gardener-extension-provider-openstack#387, @dimityrmirchev)

🏃 Others

• [OPERATOR] The CPU limit of csi-driver-node/csi-driver is increased from 50m to 100m to allow bigger bursts. (gardener/gardener-extension-provider-openstack#402, @vpnachev)

📰 Noteworthy

• [OPERATOR] The extension controller uses a projected ServiceAccount token in case it runs on a seed with a gardenlet of at least v1.37 or higher. Similarly, the components deployed into shoot namespaces will no longer use a client certificate but an auto-rotated ServiceAccount token which is only valid for 12h. (gardener/gardener-extension-provider-openstack#369, @rfranzke)

[machine-controller-manager-provider-openstack]

🐛 Bug Fixes

• [USER] A regression in Machine creation from imageName is now fixed. (gardener/machine-controller-manager-provider-openstack#51, @ialidzhikov)
• [OPERATOR] An issue causing klog's --v flag to be not respected is now fixed. (gardener/machine-controller-manager-provider-openstack#50, @ialidzhikov)

[terraformer]

🏃 Others

• [OPERATOR] The following terraform provider plugins are updated: (gardener/terraformer#108, @ialidzhikov)
  • hashicorp/terraform-provider-aws: 3.63.0 -> 3.66.0
• [OPERATOR] terraform has been upgraded to 0.14.11 (gardener/terraformer#106, @stoyanr)

📰 Noteworthy

• [OPERATOR] The following terraform provider plugin is updated: (gardener/terraformer#116, @molecule-z)
  • aliyun/terraform-provider-alicloud: 1.124.2 -> 1.149.0

v1.23.4

[gardener-extension-provider-openstack]

🏃 Others

• [OPERATOR] The CPU limit of csi-driver-node/csi-driver is increased from 50m to 100m to allow bigger bursts. (gardener/gardener-extension-provider-openstack#403, @vpnachev)

v1.23.3

[machine-controller-manager-provider-openstack]

🐛 Bug Fixes

• [USER] A regression in Machine creation from imageName is now fixed. (gardener/machine-controller-manager-provider-openstack#51, @ialidzhikov)
• [OPERATOR] An issue causing klog's --v flag to be not respected is now fixed. (gardener/machine-controller-manager-provider-openstack#50, @ialidzhikov)

Docker Images

gardener-extension-provider-openstack: eu.gcr.io/gardener-project/gardener/extensions/provider-openstack:v1.23.3
gardener-extension-admission-openstack: eu.gcr.io/gardener-project/gardener/extensions/admission-openstack:v1.23.3

v1.23.2

[gardener-extension-provider-openstack]

🐛 Bug Fixes

• [OPERATOR] The following dependency is updated: (gardener/gardener-extension-provider-openstack#394, @ialidzhikov)
  • github.com/gardener/gardener: v1.39.3 -> v1.39.5

Docker Images

gardener-extension-provider-openstack: eu.gcr.io/gardener-project/gardener/extensions/provider-openstack:v1.23.2
gardener-extension-admission-openstack: eu.gcr.io/gardener-project/gardener/extensions/admission-openstack:v1.23.2

v1.23.1

[gardener-extension-provider-openstack]

🐛 Bug Fixes

• [OPERATOR] The following dependency is updated: (gardener/gardener-extension-provider-openstack#391, @ialidzhikov)
  • github.com/gardener/gardener: v1.39.0 -> v1.39.3

Docker Images

gardener-extension-provider-openstack: eu.gcr.io/gardener-project/gardener/extensions/provider-openstack:v1.23.1
gardener-extension-admission-openstack: eu.gcr.io/gardener-project/gardener/extensions/admission-openstack:v1.23.1

v1.23.0

[gardener-extension-provider-openstack]

⚠️ Breaking Changes

• [OPERATOR] Removes deprecated OpenstackMachineClass removal logic. (gardener/gardener-extension-provider-openstack#361, @kon-angelo)
• [OPERATOR] Kubernetes versions >=1.18 and < 1.22 will get cloud-controller-manager with version v1.21.0 (gardener/gardener-extension-provider-openstack#355, @RaphaelVogel)

✨ New Features

• [USER] The OpenStack extension does now support shoot clusters with Kubernetes version 1.23. You should consider the Kubernetes release notes before upgrading to 1.23. (gardener/gardener-extension-provider-openstack#386, @rfranzke)
• [USER] In case gardener/gardener's WorkerPoolKubernetesVersion feature gate is enabled, it's possible having worker pools with overridden Kubernetes versions for Shoots whose .spec.kubernetes.version is greater or equal than the CSI migration version (1.19). (gardener/gardener-extension-provider-openstack#384, @rfranzke)
• [OPERATOR] This extension does now support gardener/gardener's WorkerPoolKubernetesVersion feature gate, i.e., having worker pools with overridden Kubernetes versions. (gardener/gardener-extension-provider-openstack#384, @rfranzke)

🏃 Others

• [OPERATOR] New check-docforge step will be executed on each PR (gardener/gardener-extension-provider-openstack#377, @Kristian-ZH)
• [OPERATOR] Use separate resolv.conf for kubelet (optionally patched with resolvConfOptions from the cloud profile) (gardener/gardener-extension-provider-openstack#375, @MartinWeindel)
• [OPERATOR] Add internalNetworkName to cloud-provider-config (gardener/gardener-extension-provider-openstack#373, @jkmw)
• [OPERATOR] Provider now supports specifying the volume type for the root disk of nodes. (gardener/gardener-extension-provider-openstack#371, @kon-angelo)
• [DEVELOPER] The rewrite_tag filter in the logging configuration is replaced by modify one (gardener/gardener-extension-provider-openstack#346, @vlvasilev)

📰 Noteworthy

• [USER] Since go1.17 both net.ParseIP and net.ParseCIDR reject leading zeros in the dot-decimal notation of IPv4 addresses. With the update to go1.17, admission-openstack now rejects Shoot objects with CIDR ranges that have such leading zeros in the dot-decimal notation. Before updating to this version of admission-openstack, make sure that there are no Shoot objects with leading zeros in the dot-decimal notation of an IPv4 address. For reference: https://nvd.nist.gov/vuln/detail/CVE-2021-29923 (gardener/gardener-extension-provider-openstack#364, @rfranzke)
• [DEVELOPER] The Golang version has been updated to 1.17.5. (gardener/gardener-extension-provider-openstack#364, @rfranzke)

[machine-controller-manager]

⚠️ Breaking Changes

• [OPERATOR] Components that deploy the machine-controller-manager will now have to adapt the RBAC rules to allow machine-controller-manager to maintain its leader election resource lock in leases as well. (gardener/machine-controller-manager#662, @acumino)

✨ New Features

• [USER] End User can now delete the backing machine object of the node instantly by annotating the desired node with 'node.machine.sapcloud.io/trigger-deletion-by-mcm="true"` (gardener/machine-controller-manager#648, @AxiomSamarth)
• [OPERATOR] orphan collection is also triggered if machine obj is updated with having multiple backing VMs (gardener/machine-controller-manager#667, @himanshu-kun)

🏃 Others

• [USER] Updated golang version to v1.17 (gardener/machine-controller-manager#664, @AxiomSamarth)
• [OPERATOR] The default leader election resource lock of machine-controller-manager has been changed from endpoints to endpointsleases. (gardener/machine-controller-manager#662, @acumino)

[machine-controller-manager-provider-openstack]

🏃 Others

• [USER] Update vendored machine-controller-manager to v0.43.0 (gardener/machine-controller-manager-provider-openstack#45, @shafeeqes)
• [USER] Updated golang version to v1.17 (gardener/machine-controller-manager-provider-openstack#44, @kon-angelo)
• [USER] The volume type of the root disk can now be specified in the MachineClass (gardener/machine-controller-manager-provider-openstack#43, @kon-angelo)
• [USER] Added local integration tests. (gardener/machine-controller-manager-provider-openstack#42, @kon-angelo)
• [USER] Created Neutron ports will now be tagged with the shoot tags. (gardener/machine-controller-manager-provider-openstack#41, @kon-angelo)
• [DEVELOPER] Missing or wrong doc comments and a few other common style errors will now be reported by the linter. (gardener/machine-controller-manager-provider-openstack#36, @kon-angelo)

[terraformer]

🐛 Bug Fixes

• [DEVELOPER] A bug has been fixed preventing to use Terraformer with a Terraform version >= 0.13. (gardener/terraformer#102, @rfranzke)

🏃 Others

• [OPERATOR] terraform has been upgraded to 0.13.7 (gardener/terraformer#105, @stoyanr)
• [OPERATOR] The following terraform provider plugins are updated: (gardener/terraformer#104, @ialidzhikov)
  • hashicorp/terraform-provider-aws: 3.54.0 -> 3.63.0
• [OPERATOR] The following terraform provider plugins are updated: (gardener/terraformer#101, @ialidzhikov)
  • hashicorp/terraform-provider-aws: 3.32.0 -> 3.54.0

📰 Noteworthy

• [DEVELOPER] The version for the equinixmetal Terraform provider plugin has been updated to 3.1.0. (gardener/terraformer#103, @rfranzke)

v1.22.0

[gardener-extension-provider-openstack]

🏃 Others

• [OPERATOR] Added optional field resolvConfOptions to the provider config of the cloud profile to allow to add options to /etc/resolv.conf on worker nodes (gardener/gardener-extension-provider-openstack#342, @MartinWeindel)
• [OPERATOR] Allow configuration of request timeout for control plane components (CCM, CSI) via cloudprofile (gardener/gardener-extension-provider-openstack#338, @kon-angelo)
• [OPERATOR] Change the security group rules cluster_tcp_all and cluster_udp_all to use nil port ranges. (gardener/gardener-extension-provider-openstack#336, @kon-angelo)

[machine-controller-manager]

✨ New Features

• [USER] Added *expectedNodeDetails field to the MachineClass API (gardener/machine-controller-manager#644, @AxiomSamarth)

🐛 Bug Fixes

• [OPERATOR] A bug has been fixed in the pre-delivered CRD manifests for MCM (/kubernetes/crds). It caused data to be pruned from MCM related resources and led to reconciliation issues. (gardener/machine-controller-manager#641, @timuthy)

📖 Documentation

• [DEVELOPER] make generate now generates v1 version of CRDs by default instead of v1beta1. (gardener/machine-controller-manager#640, @himanshu-kun)

🏃 Others

• [USER] Update Kubernetes dependency versions to v1.20.6 (gardener/machine-controller-manager#601, @AxiomSamarth)

[machine-controller-manager-provider-openstack]

🏃 Others

• [USER] Fix a bug where orphan ports would be left during a failed create attempt. (gardener/machine-controller-manager-provider-openstack#35, @kon-angelo)
  • Fix a bug where orphan ports would be left when a machine was deleted using the Openstack API.
• [USER] Update machine-controller-manager to v0.40.0 (gardener/machine-controller-manager-provider-openstack#33, @kon-angelo)