[gardener]
⚠️ Breaking Changes
- [DEPENDENCY] Worker's
RollingUpdate
condition is removed as it was not used. (gardener/gardener#5814, @ary1992)
🐛 Bug Fixes
- [USER] Changing the default
ServiceAccount
issuer to a custom issuer for shoot clusters is now supported. (gardener/gardener#5888, @rfranzke) - [OPERATOR] An issue causing the istiod validating webhook's
clientConfig.caBundle
to be not populated is now fixed. (gardener/gardener#5903, @ScheererJ) - [OPERATOR] A potential issue causing control plane Secrets to be wrongly deleted due to a failed (or not yet executed) task is now fixed. (gardener/gardener#5876, @ialidzhikov)
- [OPERATOR] An issue causing gardener-resource-manager to not be scaled up (and afterwards the Shoot reconciliation to be stuck) after a failed hibernation attempt is now fixed. (gardener/gardener#5874, @ialidzhikov)
📖 Documentation
- [USER] There is a new document explaining the various configurations (and caveats) regarding the
ServiceAccount
configuration for shoot clusters. (gardener/gardener#5888, @rfranzke)
🏃 Others
- [OPERATOR] Gardenlet memory limit was removed, according to measured usage, to prevent OOMKills due to reaching the limits. (gardener/gardener#5919, @andrerun)
- [OPERATOR] The
ShootMaxTokenExpirationValidation
feature gate has been promoted to beta and is now enabled by default. (gardener/gardener#5877, @rfranzke) - [OPERATOR] The webhook for auto-mounting projected service account tokens now also considers init containers. (gardener/gardener#5864, @ScheererJ)
- [OPERATOR] Fixes an issue that occurs during the control plane migration flow when the shoot's control plane namespace on the source seed is being terminated and the flow is restarted before the namespace has been completely deleted. (gardener/gardener#5856, @plkokanov)
- [USER] Documentation for accessing the shoot cluster is added here. (gardener/gardener#5849, @ary1992)
- [DEVELOPER] An issue causing the controlplane migration integration tests to always fail is now fixed. (gardener/gardener#5907, @ialidzhikov)
📰 Noteworthy
- [OPERATOR] The
WorkerPoolKubernetesVersion
feature gate has been promoted to beta and is now enabled by default. Make sure that all provider extensions registered to your system support this feature before upgrading to this Gardener version. (gardener/gardener#5857, @rfranzke)
[etcd-backup-restore]
🐛 Bug Fixes
- [OPERATOR] Throw Fatal error to avoid edge case potential deadlocks. (gardener/etcd-backup-restore#467, @ishan16696)
🏃 Others
- [OPERATOR] ETCD won't restart from the PVC if it is wrongly mounted to the pod. (gardener/etcd-backup-restore#470, @abdasgupta)
[logging]
✨ New Features
- [OPERATOR] The hostname can be inserted into the log label stream via configuration. (gardener/logging#122, @vlvasilev)
🏃 Others
- [OPERATOR] Loki's curator does fewer slice allocations when deleting files. (gardener/logging#120, @vlvasilev)
- [OPERATOR] Loki's curator closes the opened directories after each deletion. (gardener/logging#120, @vlvasilev)
- [OPERATOR] Loki's curator profiling is available via HTTP
pprof
API open on2718
port. (gardener/logging#120, @vlvasilev) - [DEPENDENCY] Remove some security vulnerabilities by re-vendoring. (gardener/logging#121, @vlvasilev)
[vpn2]
📰 Noteworthy
- [OPERATOR] Container images are now being build and published also for
arm64
platforms. (gardener/vpn2#9, @timuthy)
Docker Images
admission-controller: eu.gcr.io/gardener-project/gardener/admission-controller:v1.46.0
apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.46.0
controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.46.0
gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.46.0
resource-manager: eu.gcr.io/gardener-project/gardener/resource-manager:v1.46.0
scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.46.0
seed-admission-controller: eu.gcr.io/gardener-project/gardener/seed-admission-controller:v1.46.0