aws/karpenter-provider-aws v0.6.2

on GitHub

Update Highlights

1. Karpenter controller and webhook containers are now collocated in the same pod.
2. A new permission ec2:DeleteLaunchTemplate is required to cleanup Launch Templates.
3. Karpenter now requires the ARN for the IAM Role used for IRSA as an input at deployment time.
4. The getting started guide has been updated so that the IAM Role used for IRSA is assigned with a predictable name instead of a long random ID generated by eksctl.

Upgrade Instructions

If you are upgrading an existing cluster, please follow these steps.

1. Update the IAM role permissions by rerunning the CloudFormation stack here.
2. Find out the ServiceAccount IAM role (If you followed this step in the previous getting started guide, the role will contains the keyword iamserviceaccount) ARN, use the ARN value in the helm upgrade command (the next step).
3. Upgrade Karpenter by following this step

For general upgrade instructions please refer to this.

Features

• Refactor Helm chart (#1145) #1145 (Steve Hipwell)
• Adding initial support for bottlerocket without custom launch template (#1110) #1110 (Ray Terrill)
• Support ubuntu amiFamily (#1323) #1323 (Brandon Wagner)
• Bottlerocket nvidia (#1331) #1331 (Justin Garrison)

Commits

• 4c1fb8a: Double the instance retry (#1286) (Felix Zhe Huang) #1286
• cd1f88d: Adding initial support for bottlerocket without custom launch template (#1110) (Ray Terrill) #1110
• 93c391c: handle unhandled error when unmarshalling JSON (#1293) (Ryan Maleki) #1293
• 3bceb0c: AMIFamily Defaulting and Validation (#1296) (Brandon Wagner) #1296
• 5856e38: Check DoNotEvict after filtering evictable pods to ensure termination can complete. (#1294) (Ellis Tarn) #1294
• 6b52c28: AWS launch template deletion on cache eviction (#1278) (Brandon Wagner) #1278
• 0d1c5d0: Replaces the link to non-existent rbac.yaml into the four files it is broken down to after #1145 (#1301) (Ryan Maleki) #1301
• a1ded83: Add failure-domain.beta.kubernetes.io/region to the ignore label list (#1299) (Felix Zhe Huang) #1299
• e86b864: Update documents about Grafana dashboard deployment (#1304) (Felix Zhe Huang) #1304
• 5ddf71b: Replaces the link to non-existent rbac.yaml into the four files it is broken down to after #1145 for v0.6.1 (#1305) (Ryan Maleki) #1305
• 154a260: Improve the error message readability (#1287) (Felix Zhe Huang) #1287
• edfac2f: Removed constraints+overrides verbiage in favor of layered constraints (#1316) (Ellis Tarn) #1316
• 9df15a2: fix overhead calculation to correctly apply kube-reserved cpu (#1317) (Brandon Wagner) #1317
• b19740e: Fix the wrong field in the api error for provisoner validation (#1318) (Felix Zhe Huang) #1318
• 4578405: Allow NotIn and DoesNotExist operators for provisioner validation (#1321) (Felix Zhe Huang) #1321
• f3bfddb: Removed outdated README warning (#1320) (Ellis Tarn) #1320
• 2f201bc: Removes unnecessary call to .Error method of err to get error message in formatted strings (#1324) (Ryan Maleki) #1324
• 05989a3: support ubuntu amiFamily (#1323) (Brandon Wagner) #1323
• 0518fb3: Removed dead code (#1326) (Ellis Tarn) #1326
• ed9473a: Bottlerocket nvidia (#1331) (Justin Garrison) #1331
• a4c7e3b: Lower the minimum supported k8s version (#1328) (Felix Zhe Huang) #1328
• fix typo in link to getting started (#1333) #1333 (Bryan A. S)
• 3bdbe13: re-enable the PDB eviction test (#1334) (Todd) #1334
• b396ad6: fix test typo (Context/It swapped) (#1340) (Todd) #1340
• 4c55110: Add codeql security analysis workflow to the repo (#1339) (Ryan Maleki) #1339
• 3d0d368: Include the update instructions (#1341) (Felix Zhe Huang) #1341
• b0dbedc: v0.6.2 (#1345) (Felix Zhe Huang) #1345