Changelog since v0.9.7

Component versions

Kubernetes: v1.7.3
Etcd: v3.2.5

#820: Simplify configuration for OIDC Authenticator.
- The key dex and its children in cluster.yaml has been basically renamed to oidc and the correspondents in apiserver flags. See #820 for more information
#832: Update Calico to v2.4.1
- To maintain existing behavior when upgrading your existing cluster, follow these steps:
  - In Namespaces that previously did not have the “DefaultDeny” annotation, you should delete any existing NetworkPolicy objects.
  - In Namespaces that previously did have the “DefaultDeny” annotation, you can create the equivalent semantics by creating a NetworkPolicy that selects all pods but does not allow any traffic.
  - See kubernetes/kubernetes#39164 (comment) for more details

#731: Add cluster kube-aws version to outputs(Thanks to @Vrtak-CZ)
#742: Install Tiller by default
#752: Deny direct command execution on privileged containers(Thanks to @ytsarev)
#760: Support cross-stack references of VPC, IGW
#761: More flexible IAM configuration for etcd nodes
#778: Better encryption error message(Thanks to @redbaron)
#789: Ability to propagate custom options to kubelet(Thanks to @ytsarev)
#791: Plugin System
#792: Make PODs to resolve DNS names via locally running dnsmasq(Thanks to @dvdthms)
#809: Automatically configure kube2iam.(Thanks to @camilb)
#820: Simplify configuration for OIDC Authenticator.(Thanks to @camilb)
#821: Add Spot Fleet support for the automatic ALB target group attachment

#740: Update the default etcd version to 3.2.1
#743: Update CA to 0.6.0
#746: Update Kubernetes to v1.7.0
#755: Rename experimental.nodeLabels to controller.nodeLabels
#756: Explicitly disallow tainting controller nodes
#757: Remove deprecated keys in cluster.yaml
#774: Update Kubernetes to v1.7.1
#780: Stop using unnecessary autoscaling notification target/role
#787: Rescheduler logs now piped to docker(Thanks to @c-knowles)
#788: Additional permissions for heapster nanny(Thanks to @c-knowles)
#794: Refactor node drainer implementation(Thanks to @danielfm)
#817: Bump default k8s to 1.7.2(Thanks to @c-knowles)
#818: Put kube2iam update strategy in the correct place(Thanks to @c-knowles)
#828: Bump tiller to 2.5.1(Thanks to @c-knowles)
#830: Bump default k8s to 1.7.3(Thanks to @c-knowles)
#832: Update Calico to v2.4.1(Thanks to @tmjd)
#835: cfn-signal depends on install-kube-system(Thanks to @dvdthms)
#844: update default version of kubernetes dashboard to 1.6.3(Thanks to @Vrtak-CZ)
#845: update default version of ETCd to 3.2.5(Thanks to @Vrtak-CZ)

#713: Fix kube-resources-autosave when kube2iam is enabled(Thanks to @camilb)
#749: Fix kubelet bootstrap for Kubernetes 1.7(Thanks to @danielfm)
#763: Fix node labeling to allow scheduling cluster-autoscaler to workers
#773: Fix --ami-id
#797: Issue #796 - cluster.yaml missing dnsMasqMetricsImage.repo key(Thanks to @wallentx)
#814: Fix for typo introduced in #792(Thanks to @redbaron)
#824: Fix managed role name validation(Thanks to @adyromantika)
#827: Fixed typo in the error message(Thanks to @sathiyas)
#840: Fix Typo to improve GoReport Card(Thanks to @asifdxtreme)
#849: Fix failing worker and controller nodes when Calico is enabled

#733: Bugfix: CloudWatchLogging always disabled for Worker nodes(Thanks to @jollinshead)
#748: Provide real-time feedback from Journald logs when updating/creating …(Thanks to @jollinshead)
#781: Fix (Journald logging) localStreaming typo.(Thanks to @jollinshead)
#801: CloudFormation events stream to stdout during kube-aws up/update(Thanks to @jollinshead)
#826: Updating instructions for MFA token(Thanks to @sathiyas)
#829: Add AWS_PROFILE to FAQ(Thanks to @Vrtak-CZ)