CAUTION: As the version number indicates, this is for testing-purpose! Please help us stabilize this release by reporting any issue you encounter

TODOs towards v0.9.10 final

• Upgrade components to the latest stable version of Kubernetes v1.9.x, Etcd v3.2.x, Calico 2.x
• Testing with various configuration switches (Especially with or without self-hosting flannel, new-way of GPU support)

Changelog since v0.9.9

Please see our roadmap for details on upcoming releases.

Component versions

Kubernetes: v
Etcd: v
Calico: v
Helm/Tiller: v

Actions required

Features

• #1066: Added Priority to the admissioncontrol list(Thanks to @zonzamas)
• #1074: Add [experimental] option for using IPVS proxy mode(Thanks to @ivanilves)
• #1086: controlplane config: Rotate Certificates on workers kubelet(Thanks to @zonzamas)
• #1090: Set V4 signatures to enable kube-resources-autosave to work in all regions(Thanks to @whereisaaron)
• #1092: Allow exposing several ports so that external Prometheus can scrape K8S system components' metrics(Thanks to @zach-dunton-sf)
• #1098: Add missing admission controllers(Thanks to @danielfm)
• #1108: Add RotateKubeletClientCertificate feature gate automatically when rotating certificates(Thanks to @zonzamas)
• #1113: Add support for CloudFormation service role
• #1114: Migrate to golang/dep
• #1116: conditionally deploy kube-dns to controllers(Thanks to @zonzamas)
• #1117: Add priorityClassName to cloud-config-controller(Thanks to @sergi)
• #1123: Add [optional] explicit IAM role specification to NodeDrainer(Thanks to @ivanilves)
• #1127: Swap out wget for curl in node drainer scripts(Thanks to @c-knowles)
• #1129: Template kube-dns-autoscaler parameters(Thanks to @SomeoneWeird)
• #1134: feat(integration): kiam support
• #1141: Add Mutating/ValidatingAdmissionWebhook to Admission Control List(Thanks to @shraykay)
• #1164: Apply Kiam TLS Secrets to kube-system(Thanks to @kevtaylor)
• #1167: Change bash to sh in autosave(Thanks to @kevtaylor)
• #1172: added autoscaling:DescribeAutoScalingGroups to stack-template(Thanks to @luck02)
• #1177: Integrate s3-uri flag into cluster.yml(Thanks to @jorge07)
• #1178: Ask for confirmation in destroy command(Thanks to @jorge07)
• #1179: Correct insignificant error message typo(Thanks to @whereisaaron)
• #1181: Enable DescribeLaunchConfigurations(Thanks to @luck02)
• #1184: Add IAM roles for resources auto saver(Thanks to @kevtaylor)
• #1189: closes #1186 - commit generated templates so project can be imported(Thanks to @pete911)
• #1195: Add networking-daemonsets feature(Thanks to @davidmccormick)
• #1197: do not use metric server when metricsServers addon is disabled(Thanks to @Fsero)
• #1201: Make CoreOS AMI ID mandatory in cluster YAML(Thanks to @jorge07)
• #1202: Dedicated Service account / Cluster Role for Tiller Deploy(Thanks to @kylehodgetts)
• #1205: core: add OwnerReferencesADM(Thanks to @luck02)
• #1222: Add GPU support for kubernetes 1.9+ using device plugins(Thanks to @Lemmons)
• #1224: closes #1223 added generated templates back to .gitignore(Thanks to @pete911)
• #1227: Enable user provided service-account-signing-keys(Thanks to @davidmccormick)
• #1228: Another implementation of user-data fingerprinting(Thanks to @davidmccormick)

Improvements

• #1103: Update various components(Thanks to @camilb)
• #1104: Bump Kubernetes version to 1.9.1. Use Google's hyperkube image.(Thanks to @camilb)
• #1107: Warn that 'kube-aws update' can replace all if 'amiId' is blank(Thanks to @whereisaaron)

Bug fixes

• #1095: fix restore.sh(Thanks to @skloss)
• #1101: Fix kubelet.service startup.(Thanks to @camilb)
• #1131: Fix Key name for kubernetesDashboardImage(Thanks to @bgeesaman)
• #1171: Fix validation failure on gp2 volume type for node pools(Thanks to @luck02)
• #1225: Fix synchronization on starting etcdadm-reconfigure(Thanks to @ktateish)
• #1229: Fix issue with tiller having to restrictive permissions(Thanks to @kylehodgetts)

Documentation

• #1097: Update documentation that hostPort issue fixed since Kubernetes 1.7.0(Thanks to @whereisaaron)
• #1118: Tidy up markdown(Thanks to @whereisaaron)
• #1155: Prompt for passphrase when dealing with encrypted ca key(Thanks to @tomas-edwardsson)
• #1198: Doc: notice about service token invalidation after credentials update.(Thanks to @hartym)
• #1216: Fix documentation of s3-uri(Thanks to @c-knowles)