Changelog since v0.9.7
Component versions
Kubernetes: v1.7.3
Etcd: v3.2.5
Actions required
-
#820: Simplify configuration for OIDC Authenticator.
- The key
dex
and its children in cluster.yaml has been basically renamed tooidc
and the correspondents in apiserver flags. See #820 for more information
- The key
-
#832: Update Calico to v2.4.1
- To maintain existing behavior when upgrading your existing cluster, follow these steps:
- In Namespaces that previously did not have the “DefaultDeny” annotation, you should delete any existing NetworkPolicy objects.
- In Namespaces that previously did have the “DefaultDeny” annotation, you can create the equivalent semantics by creating a NetworkPolicy that selects all pods but does not allow any traffic.
- See kubernetes/kubernetes#39164 (comment) for more details
- To maintain existing behavior when upgrading your existing cluster, follow these steps:
Features
- #731: Add cluster kube-aws version to outputs(Thanks to @Vrtak-CZ)
- #742: Install Tiller by default
- #752: Deny direct command execution on privileged containers(Thanks to @ytsarev)
- #760: Support cross-stack references of VPC, IGW
- #761: More flexible IAM configuration for etcd nodes
- #778: Better encryption error message(Thanks to @redbaron)
- #789: Ability to propagate custom options to kubelet(Thanks to @ytsarev)
- #791: Plugin System
- #792: Make PODs to resolve DNS names via locally running dnsmasq(Thanks to @dvdthms)
- #809: Automatically configure kube2iam.(Thanks to @camilb)
- #820: Simplify configuration for OIDC Authenticator.(Thanks to @camilb)
- #821: Add Spot Fleet support for the automatic ALB target group attachment
Improvements
- #740: Update the default etcd version to 3.2.1
- #743: Update CA to 0.6.0
- #746: Update Kubernetes to v1.7.0
- #755: Rename experimental.nodeLabels to controller.nodeLabels
- #756: Explicitly disallow tainting controller nodes
- #757: Remove deprecated keys in cluster.yaml
- #774: Update Kubernetes to v1.7.1
- #780: Stop using unnecessary autoscaling notification target/role
- #787: Rescheduler logs now piped to docker(Thanks to @c-knowles)
- #788: Additional permissions for heapster nanny(Thanks to @c-knowles)
- #794: Refactor node drainer implementation(Thanks to @danielfm)
- #817: Bump default k8s to 1.7.2(Thanks to @c-knowles)
- #818: Put kube2iam update strategy in the correct place(Thanks to @c-knowles)
- #828: Bump tiller to 2.5.1(Thanks to @c-knowles)
- #830: Bump default k8s to 1.7.3(Thanks to @c-knowles)
- #832: Update Calico to v2.4.1(Thanks to @tmjd)
- #835: cfn-signal depends on install-kube-system(Thanks to @dvdthms)
- #844: update default version of kubernetes dashboard to 1.6.3(Thanks to @Vrtak-CZ)
- #845: update default version of ETCd to 3.2.5(Thanks to @Vrtak-CZ)
Bug fixes
- #713: Fix kube-resources-autosave when kube2iam is enabled(Thanks to @camilb)
- #749: Fix kubelet bootstrap for Kubernetes 1.7(Thanks to @danielfm)
- #763: Fix node labeling to allow scheduling cluster-autoscaler to workers
- #773: Fix --ami-id
- #797: Issue #796 - cluster.yaml missing dnsMasqMetricsImage.repo key(Thanks to @wallentx)
- #814: Fix for typo introduced in #792(Thanks to @redbaron)
- #824: Fix managed role name validation(Thanks to @adyromantika)
- #827: Fixed typo in the error message(Thanks to @sathiyas)
- #840: Fix Typo to improve GoReport Card(Thanks to @asifdxtreme)
- #849: Fix failing worker and controller nodes when Calico is enabled
Documentation
- #733: Bugfix: CloudWatchLogging always disabled for Worker nodes(Thanks to @jollinshead)
- #748: Provide real-time feedback from Journald logs when updating/creating …(Thanks to @jollinshead)
- #781: Fix (Journald logging) localStreaming typo.(Thanks to @jollinshead)
- #801: CloudFormation events stream to stdout during kube-aws up/update(Thanks to @jollinshead)
- #826: Updating instructions for MFA token(Thanks to @sathiyas)
- #829: Add AWS_PROFILE to FAQ(Thanks to @Vrtak-CZ)
Refactorings
Other changes
- #739: Update OWNERS
- #741: Update golang to v1.8.3
- #751: Initial plugins proposal(Thanks to @c-knowles)
- #770: Containerized test run(Thanks to @ytsarev)
- #807: Update ROADMAP
- #836: Remove redundant step(Thanks to @asifdxtreme)
- #838: Fix Typo in Events Code of Conduct(Thanks to @mbssaiakhil)