kubernetes/kops v1.24.0 on GitHub

Release Notes

https://kops.sigs.k8s.io/releases/1.24-notes/

What's Changed

Release 1.24.0-alpha.1 by @hakman in #12928
Update release notes and minimum k8s version by @hakman in #12929
kops auth-plugin: need to clear any existing password / key by @justinsb in #12921
Add integration test for k8s 1.24 by @olemarkus in #12930
Only shellcheck files by @olemarkus in #12931
Do not set insecure-port as of k8s 1.20 by @olemarkus in #12926
tests: Improve logging on test failure by @justinsb in #12933
nodeup: store the CloudProvider in the context by @justinsb in #12923
bazel: always build with pure (CGO_ENABLED=0) by @justinsb in #12934
nodeup: print more info on hash mismatches by @justinsb in #12935
PKI library: Add initial support for EC keys by @justinsb in #12936
Recognize debian bullseye as having "broken" resolv.conf by @justinsb in #12937
Remove code for now-unsupported Kubernetes 1.18 by @johngmyers in #12939
Add missing k8s 1.18 relnote by @johngmyers in #12938
Remove obsolete, redundant secrets.md by @johngmyers in #12942
Drop support for Weave as of k8s 1.23 by @johngmyers in #12941
Remove support for Aliyun/Alibaba Cloud by @johngmyers in #12944
Document CoreDNS configuration settings by @recollir in #12914
Update name of kubernetes-ca keypair in documentation by @johngmyers in #12943
Revert "Recognize debian bullseye as having "broken" resolv.conf" by @olemarkus in #12947
Set the default LT version to the new LT version by @olemarkus in #12932
Make service topology for cilium configurable by @olemarkus in #12918
gce: ServiceAccount task by @justinsb in #12950
Update Calico and Canal to v3.21.2 by @hakman in #12951
Update Go to v1.17.5 by @hakman in #12954
Skip IPv6 LB test in the k/s e2e by @hakman in #12953
GCE: Task for StorageBucket IAM by @justinsb in #12958
GCE: Project IAM Binding task by @justinsb in #12959
add verify-golangci-lint.sh script by @rlankfo in #12892
Hubble relay should not tolerate anything by @olemarkus in #12963
Do not explicitly skip Dashboard tests by @hakman in #12962
Do not skip NodePort tests for Calico by @hakman in #12960
Remove verify-staticcheck by @rifelpet in #12965
wait for instances to drain from classic LB by @heybronson in #12902
Support Karpenter by @olemarkus in #12906
Update containerd to v1.6.0-beta.4 by @hakman in #12968
Update controller-runtime to v0.11.0 by @hakman in #12967
Add missing permissions by @olemarkus in #12977
Do not skip HPA tests by @hakman in #12972
Do not skip RuntimeClass tests by @hakman in #12974
gce: Use ServiceAccount task when building model by @justinsb in #12978
Quote values and remove limits in karpenter provisioners by @olemarkus in #12979
Promote alpha with December releases by @olemarkus in #12984
gce: map multiple serviceaccounts by @justinsb in #12982
Defend against nil containerd by @justinsb in #12990
Remove unused TemplateResource interface by @justinsb in #12989
Avoid double-encoding templates by @justinsb in #12991
Refactor nodeup script to avoid action-at-a-distance by @justinsb in #12993
gce: use per InstanceGroup serviceaccounts by @justinsb in #12988
dep: update github.com/pkg/sftp by @justinsb in #12996
Create helper functions for parsing public keys by @justinsb in #12999
Use terraform literals in GCP service account references by @rifelpet in #12995
kops-controller: use controller-runtime manager by @justinsb in #12997
gce: clean up networking objects by reference by @justinsb in #12987
componentconfig: expose advertise-address flag for kube-apiserver by @justinsb in #12998
Do not allow docker on k8s 1.24+ by @olemarkus in #12927
Ignore images hosted in private ECR repositories as containerd cannot pull these by @olemarkus in #13000
Skip RuntimeClass tests for older Kubernetes versions by @hakman in #13003
Various nill pointer fixes for karpenter by @olemarkus in #12973
Set Resource Based Naming on managed subnets by @johngmyers in #12864
Add kubetest2-kops flags for overriding instance group fields by @rifelpet in #13005
Support creating dualstack internal NLBs by @johngmyers in #13006
Skip SCTP check for all versions of k8s 1.23/1.24 by @olemarkus in #13008
Use spread constraints rather than affinity to spread pods by @olemarkus in #12961
Bump karpenter to 0.5.3 and RBN support by @olemarkus in #13002
Validate IGs more strictly after defaults have applied by @olemarkus in #12660
Karpenter template fix by @olemarkus in #13009
staticcheck cleanup: fixup nodeup/pkg/model by @justinsb in #13013
nodeup bash script: use explicit return code by @justinsb in #13012
Prevent creation of unsupported etcd clusters by @olemarkus in #13011
Create cgroups for kube and runtime if configured by @olemarkus in #12917
Do not install ClusterRole and binding used by in-tree volume provider if CSI is used by @olemarkus in #13010
kubetest2 - Use the same binary path and env when fetching IGs by @rifelpet in #13018
Use fi.Keyset instead of passing tasks around by @justinsb in #12992
add instance connection draining for NLBs by @heybronson in #12966
Use kubelet --non-masquerade-cidr only for Docker with kubenet by @hakman in #13007
Fix dangling ENIs from AWS VPC CNI by @olemarkus in #13021
Update k8s dependencies to v1.23.1 by @hakman in #13022
Improve HA for various addons by @olemarkus in #13027
Add a CLI flag for creating one karpenter-managed IG for worker nodes instead of ASG-managed ones by @olemarkus in #12975
Allow IPv6-only subnets by @johngmyers in #13026
Support specifying instance requirements per IG by @olemarkus in #13019
Remove TerraformJSON feature flag by @rifelpet in #13029
LBC has to run on the control plane, so set replicas accordingly by @olemarkus in #13033
Fix various typos related to karpenter by @olemarkus in #13035
Kube components log to stdout by @olemarkus in #13038
Identify pending instances by @olemarkus in #13040
Add managed-by label to static kube-proxy pods by @olemarkus in #13039
Prefix karpenter logging-config name by @olemarkus in #13037
gce: don't set per-IG permissions when using shared account by @justinsb in #13043
Add documentation on karpenter by @olemarkus in #13036
external CCM for GCE by @jiahuif in #13017
Migrate to GCE CCM in k8s 1.24 by @johngmyers in #13045
Fix OpenStack SecurityGroupRule/LB When CIDR is IPv6 by @ching-kuo in #13032
update deps by @zetaab in #13047
Bump Cluster Autoscaler and update manifest by @olemarkus in #13050
Use instance requirements with Karpenter by @olemarkus in #13031
force update dependencies by @zetaab in #13055
Enhance AddHostPathMapping to support a fluent style by @justinsb in #13062
addons: support for kopeio-networking addon by @justinsb in #12727
Use latest GCP CCM for k8s 1.24 by @johngmyers in #13066
Add action for automatically tagging releases by @johngmyers in #12805
Bump external-snapshotted to v5.0.0 by @olemarkus in #13067
Release 1.24.0-alpha.2 by @johngmyers in #13069
Release notes for 1.24.0-alpha.2 by @johngmyers in #13070
Update release process for automatic tagging by @johngmyers in #13075
Remove temporary restrictions on automatically tagging releases by @johngmyers in #13071
add flatcar note related to additionalUserData by @shubhindia in #13061
Drain OpenStack loadbalancers by @zetaab in #12983
Extend terraform support for IPv6 by @rifelpet in #13028
Update containerd to v1.6.0-beta.5 by @hakman in #13084
Release notes for 1.22.3 by @johngmyers in #13085
Spotinst: Update spotinst/ocean-controller to v1.0.81 by @liranp in #13086
Support price and priority cluster-autoscaler expanders by @danports in #13081
Update containerd to v1.6.0-rc.0 by @hakman in #13098
decrease the openstack monitoring default timeout by @zetaab in #13097
Don't try to add node name to instances without node object by @olemarkus in #13106
fix ipv4+ipv6 sec groups/listeners in OpenStack by @zetaab in #13093
Do not create an IAM role for dns-controller on gossip clusters by @olemarkus in #13110
Add ipv6 to relnotes by @olemarkus in #13088
Use IPv6-only subnets for worker nodes in private IPv6 topology by @johngmyers in #13030
Remove networking flags as of k8s 1.24 by @olemarkus in #13120
Create helper function for ec2 create/tag-on-create IAM permissions by @olemarkus in #13104
Add DescribeRegions to nodeup privs by @olemarkus in #13114
Remove featureflag for creating IPv6 clusters by @hakman in #12788
Preload channel versions from namespaces by @olemarkus in #13049
Don't set unsupported configs by default by @olemarkus in #13111
Update pause image to v3.6 by @hakman in #13125
Clean up kubelet networking flags for dockershim by @hakman in #13128
January bump of channels by @olemarkus in #13130
expose external ccm metrics for OpenStack by @zetaab in #13131
Update to aws-sdk-go to v1.42.37 by @jinhong- in #13132
Fix recommended kops versions in channels by @olemarkus in #13134
Tag on create for remaining CCM privileges by @olemarkus in #12911
Bump metrics-server to 0.6.0 and enable HA mode by @olemarkus in #13135
OpenStack - Add loadbalancer pool monitor to API LB by @zetaab in #13096
Bump CCM images by @olemarkus in #13143
Bump karpenter to 0.5.6 by @olemarkus in #13151
Promote alpha AMIs to stable by @yurrriq in #13152
Bump 1.23 version in alpha channel by @olemarkus in #13153
Add missing v prefix to default upgrade test version by @olemarkus in #13155
Bump cert-manager and related godep to 1.6.2 by @olemarkus in #13154
add node-drain-timeout flag to rolling-update by @heybronson in #13103
Bump etcd-manager to v3.0.20220128 by @olemarkus in #13158
Replace deprecated aws.BackgroundContext with context.Background by @justinsb in #13162
Fix nil pointer when IAM not populated by @justinsb in #13167
JWKS / IRSA: Expose public ACLs to terraform by @justinsb in #13166
[DigitalOcean] update ccm version to 0.1.36 by @srikiz in #13175
Bump Ubuntu AMI in alpha by @olemarkus in #13177
Use etcd-manager pre-release until final release has been cut by @olemarkus in #13183
Bump karpenter to 0.6.0 by @olemarkus in #13185
More descriptive error message when public key file can't be opened by @nckturner in #13186
update GCE default images by @zetaab in #13181
Fix etcd-manager for ipv6 by @olemarkus in #13191
Update Calico and Canal to v3.21.4 by @hakman in #13189
Update to etcd-manager v3.0.20220203 by @justinsb in #13196
Pull k8s-custom-iptables from k8s.gcr.io by @justinsb in #13194
Add support for AB tests starting out with released kops version by @olemarkus in #13174
Update containerd to v1.6.0-rc.2 by @hakman in #13198
tests: ensure that we use ACLs with memfs by @justinsb in #13165
Karpenter fixes by @olemarkus in #13207
Always enable Leader Election for cloud-controller-manager by @jiahuif in #13187
Use short commit sha for default stage location instead of git-describe by @olemarkus in #13208
use 1.23.1 ccm for openstack by @zetaab in #13136
Document download of test versions by @olemarkus in #13209
Remove snapshot controller dependency on ebs csi driver by @olemarkus in #13213
fix KCM LogLevel setting not honored by @jiahuif in #13218
Fix CSI migration feature gates by @olemarkus in #13203
CCM: use flagbuilder instead of manually building argv by @jiahuif in #13219
Update containerd to v1.6.0-rc.3 by @hakman in #13224
Promote alpha to stable by @MoShitrit in #13227
always enable Leader Election for openstack CCM by @jiahuif in #13220
Update aws node termination handler to 1.14.0 by @ryan-dyer-sp in #13092
[Issue-12293] Fix json output to keep it consistent for single or multiple objects by @srikiz in #13188
Fix irsa for k8s < 1.20 by @olemarkus in #13212
enable pruning for CCM by @jiahuif in #13235
Add support for graceful node shutdown by @olemarkus in #12994
allow specify GCP project via env. by @jiahuif in #13237
KCM should not run with leader migraton when aws ccm is enabled by @olemarkus in #13241
Do not enable graceful shutdown if k8s version < 1.21 by @olemarkus in #13242
Update metrics-server e2e test for 0.6.0 by @olemarkus in #13243
Install runc from opencontainers/runc by @hakman in #13240
Fix nilpointer when graceful shutdown is not configured by @olemarkus in #13246
Install contained from the release package by @hakman in #13248
CCM: allow setting Controllers for cloudControllerManagerConfig by @jiahuif in #13252
CCM: add livenessProbe for GCP CCM by @jiahuif in #13253
E2E HA Upgrade/Rollback for Leader Migration by @jiahuif in #13251
Bump AWS CNI to 1.10.2 by @MoShitrit in #13228
Update supported distros for IPv6 by @hakman in #13256
Karpenter on kOps will now use approperiate max pods by @olemarkus in #13178
Allow PrefixList for sshAccess and kubernetesApiAccess by @hierynomus in #13113
service account workaround for gce by @jiahuif in #13261
GCP API health checks by @zetaab in #13199
Update containerd to v1.6.0 by @hakman in #13262
re-organize Leader Migration test with exec tester by @jiahuif in #13265
Update LBC to 2.4.0 by @olemarkus in #13267
Enable RBN with AWS CCM 1.22.0-alpha.1 by @johngmyers in #13268
Disable some flags in kube-apiserver when logging-format is not text by @h3poteto in #13264
kops: Leader Migration testing: run with pure kubetest2 by @jiahuif in #13276
Bump k8s versions in alpha with Feb 2022 releases by @MoShitrit in #13275
Validate taints in IG spec by @olemarkus in #13266
test: use T.TempDir to create temporary test directory by @Juneezee in #13283
Do not create a cert-manager namespace by @olemarkus in #13284
Add missing permissions to aws lbc for irsa by @olemarkus in #13280
[DigitalOcean] Implement new VPC if network-cidr flag is specified by @srikiz in #13060
Use current tree in presubmit upgrade jobs if version B is latest by @olemarkus in #13290
Release notes for 1.22.4 by @justinsb in #13294
alpha channel: recommend kOps 1.22.4 by @justinsb in #13296
docs: add hubble ui helm chart deployment by @eddycharly in #13299
cleanup GCP Cluster Service Accounts by @zetaab in #13201
docs for release process shouldn't assume remotes by @justinsb in #13295
Release notes for 1.23.0-beta.2 by @hakman in #13303
Add support to install EKS Pod Identity Webhook by @h3poteto in #13176
Update kubetest2 deps by @olemarkus in #13314
use own function to define CSI image version by @zetaab in #13311
Add support for ed25519 keys in AWS by @aclevername in #13304
Append policy config map arguments only if UsePolicyConfigmap is true by @vivekjainx86 in #13308
Cluster config update after kOps update by @karanrn in #13306
Bump AWS SDK to v1.43.11 by @olemarkus in #13322
Make cloudProvider a struct in v1alpha3 API by @johngmyers in #13059
Update containerd to v1.6.1 by @hakman in #13325
Fix GCE service account creation by @zetaab in #13310
Use proper image and add health check by @olemarkus in #13328
Update stable and alpha channels by @olemarkus in #13334
Release notes for 1.21.5 by @hakman in #13336
Add e2e for pod identity webhook by @olemarkus in #13335
Add webhook notes + some docs changes by @olemarkus in #13338
Only delete node object on GCE by @olemarkus in #13289
Release notes for 1.23.0 by @hakman in #13340
Bump AWS CCM to 1.22.0-alpha.2 by @olemarkus in #13342
Bump CCM 1.22 image. Use the 1.23 image for 1.24 due to latest being broken by @olemarkus in #13357
Update channels by @hakman in #13356
Recommend enabling IRSA for new clusters by @olemarkus in #12976
Post 1.23.0 release doc updates by @johngmyers in #13359
Add user to container securityContext and remove command by @olemarkus in #13343
[Digital Ocean] e2e tests - Fix seeding for generating random zones by @srikiz in #13362
wait for all targetGroups to drain by @heybronson in #13363
Support GPU in OpenStack by @zetaab in #13330
Add missing permissions to aws lbc for IP targeting by @olemarkus in #13369
If kubetest2 fails cluster validation, we run down before exiting by @olemarkus in #13373
If image is empty, have kops upgrade fill it in by @olemarkus in #13374
Update channels by @hakman in #13379
Update HPA docs by @ddelange in #13367
Clean up nodeup targets by @olemarkus in #13370
Upgrade aws-iam-authenticator to v0.5.5 by @glebiller in #13381
Add protocol explicitly to services by @olemarkus in #13383
Allow duplicate taint keys by @olemarkus in #13366
[Digital Ocean] Remove sfo2 region from the list of supported DO regions by @srikiz in #13382
Fix long role names by @olemarkus in #13364
Migrate to registry.k8s.io by @hakman in #13380
Remove oss-upload target since aliyun support has been removed by @olemarkus in #13389
dev: create scripts to make it easier to run e2e tests by @justinsb in #13161
Remove pr target by @olemarkus in #13392
Release 1.24.0-alpha.3 by @heybronson in #13372
Release notes for 1.24.0-alpha.3 by @heybronson in #13375
Spotinst: Ocean as a template for VNGs by @liranp in #13234
[Digital Ocean] Use available regions as per the latest DO documentation by @srikiz in #13394
Build kops images with ko by @olemarkus in #13341
Clean up kops build targets by @olemarkus in #13390
update k8s dependencies by @heybronson in #13397
Update golangci-lint to v1.45.0 by @hakman in #13403
Use k8s.gcr.io for k8s side-loaded images by @hakman in #13402
Use ko-builds for dev-upload by @olemarkus in #13401
Clean up channels and protokube targets by @olemarkus in #13404
Don't use bazel for dev-upload by @olemarkus in #13407
Clean up the rest of the dev-upload targets by @olemarkus in #13408
AWS-NODE-TERMINATION: Add possibility to set a tune image version by @anthonyhaussman in #13405
Update netflify deps by @hakman in #13412
Promote alpha to stable by @MoShitrit in #13415
Correctly detect GovCloud regions by @mixja in #13410
dev-upload from upload directory, not bazelupload by @olemarkus in #13419
fix member update when draining by @zetaab in #13414
Update the security docs by @olemarkus in #13421
Remove id var, which is never used beyond that if test by @olemarkus in #13420
Pin actions to a full length commit SHA by @naveensrinivasan in #13395
Digest images during remapping by @olemarkus in #13422
Do not return a '-1' exit if no keys found and json/yaml output by @hierynomus in #13378
Use non-bazel builds in kubetest2 by @olemarkus in #13409
Run CSI controller in masters by @zetaab in #13426
Push ko-built images to staging by @olemarkus in #13428
Included githubactions in dependabot config by @naveensrinivasan in #13423
Bump actions/setup-go from 2.2.0 to 3 by @dependabot in #13429
Use golang 1.18 for building by @olemarkus in #13430
Use golang 1.18.0 explicitly by @hakman in #13432
Install gcloud instead of gsutil by @hakman in #13434
Use the correct upload folder for the latest.txt file by @olemarkus in #13435
Fix upload dir in cloudbuild-artifacts target by @olemarkus in #13437
Skip upstream e2e log dump by @olemarkus in #13438
Remove direct dependency on klog v1 by @olemarkus in #13447
Bump semver for kubetest2 by @olemarkus in #13446
fix dns controller crashing for DO by @zak905 in #13443
Add possibility to set PodAnnotations into NodeLocalDNS by @anthonyhaussman in #13396
Disable CGO and enable trimpath by @olemarkus in #13451
Possibility to add additional routes in route tables of subnets by @guillomep in #13318
Update containerd to v1.6.2 by @hakman in #13455
Don't run the CSI snapshot plugin if snapshot controller is not installed by @olemarkus in #13453
Add back hash for containerd v1.6.1 by @hakman in #13462
Use Cilium 1.11 as default by @olemarkus in #12919
Bump Cert Manager to 1.8 by @olemarkus in #13464
Pick the right OS server group when creating cloud groups by @ederst in #13461
Don't hash parts of the cluster name for e2e by @olemarkus in #13354
Enable etcd corruption check as mitigatio of 3.5 corruption issue by @olemarkus in #13454
Move Azure settings to cloudProvider.azure by @johngmyers in #13065
Add PDBs to addons where this was missing by @olemarkus in #13475
Bump NTH 1.16 and add excludeFromLoadBalancers option by @DingGGu in #13467
Move Openstack settings to cloudProvider.openstack by @johngmyers in #13326
Bump viper and cobra by @olemarkus in #13482
Bump cert-manager deps by @olemarkus in #13481
Remove explicit dependency on yamlv2 by @olemarkus in #13483
Use latest stable release by default for scenario test by @olemarkus in #13476
Remove GOPATH dependency for apimachinery by @hakman in #13472
Document NodeLocalDNS forwardToKubeDNS breaking change by @jorge07 in #13448
Fix typos in docs/getting_started/arguments by @scottchiang in #13485
Update kubetest2 by @olemarkus in #13486
Bump Ubuntu AMIs in alpha and stable by @olemarkus in #13487
Bump AWS CNI to version 1.10.3 by @MoShitrit in #13488
Use aws_s3_object instead of deprecated aws_s3_bucket_object by @hakman in #13491
Docs getting started aws by @anthonytwh in #13489
Update Calico and Canal to v3.21.5 by @hakman in #13497
Update to etcd-manager 3.0.20220417 by @justinsb in #13499
Revert "Enable etcd corruption check" by @hakman in #13495
etcd 3 5 3 by @justinsb in #13501
Remove bazel targets and tools by @olemarkus in #13484
Bump CCM 1.22 and 1.23 images to stable versions by @olemarkus in #13506
Use Cluster Autoscaler 1.23 for k8s 1.24 by @olemarkus in #13510
Adopt control-plane taint and remove master role labels by @olemarkus in #13452
Update aws-sdk-go to v1.43.41 by @hakman in #13515
Revert to using 1.23.0-alpha.0 for AWS CCM by @hakman in #13514
add cluster autoscaler pod annotations by @heybronson in #13511
Trim GCE firewall rule names to their max length by @rifelpet in #13513
kubetest2-kops - Create ephemeral SSH keys by @rifelpet in #13522
Skip topology hints tests in k8s 1.23 by @rifelpet in #13524
Update remaining addon manifests for the control-plane node role by @rifelpet in #13521
Release notes for 1.22.5 by @olemarkus in #13528
Release notes for 1.23.1 by @olemarkus in #13531
Allow cluster autoscaler to read EC2 instance types to build catalog dynamically by @seh in #13532
Use expected pointer type in type assertion when iterating over GS ACLs by @tesspib in #13534
Shell out to ssh-keygen for creating ed25519 keys by @rifelpet in #13538
Update control plane toleration for external-dns by @rifelpet in #13539
Pin AWS CCM image tag for k8s 1.25 by @rifelpet in #13543
fix pod annotations in addon yamls by @heybronson in #13536
Skip SCTP tests in k8s 1.25 as well by @rifelpet in #13545
Bump k8s deps to 1.24.0-rc.0 by @olemarkus in #13548
Trim GCE Subnet and Disk names by @rifelpet in #13546
Update codegen to v1.24.0-rc.0 by @hakman in #13549
Update Go to v1.18.1 by @hakman in #13550
Upgrade flannel to 0.17.0 by @rifelpet in #13552
Always set cluster-id flag for Protokube by @hakman in #13555
Creaate kubeconfig for the root user on Ubuntu by @hakman in #13553
Bump alpha channel with april releases by @olemarkus in #13556
Enable internal load balancers when running on GCP by @nat-henderson in #13445
Add back support for Ubuntu 18.04 by @hakman in #13557
Add support for Rocky Linux 8 by @hakman in #13559
Re-add net.bridge settings for flannel by @rifelpet in #13564
Update Canal's Flannel to v0.15.1 by @tesspib in #13562
Bump AWS CNI to version 1.11.0 by @MoShitrit in #13493
Fix OIDC Provider cleanup by @rifelpet in #13571
Include sysctls in toolbox dump by @rifelpet in #13570
Add NodeTerminationHandler CPU request settings by @glebiller in #13566
Add docs for Rocky Linux 8 by @hakman in #13561
Don't digest side-loaded images by @hakman in #13576
Update containerd to v1.6.3 by @hakman in #13578
Upgrade EBS CSI Driver to v1.6.0 by @rifelpet in #13565
Bump nvidia device plugin to 0.11 and nvidia driver to 510 by @olemarkus in #13580
Make kOps version show server version too by @olemarkus in #12327
Spotinst: Add support for EBS root volume encryption by @liranp in #13585
promote alpha to stable (k8s versions bump) by @MoShitrit in #13587
Remove remaining bazel references by @rifelpet in #13586
Revert containerd v1.6.3 upgrade by @rifelpet in #13582
Update etcd to v3.5.4 by @hakman in #13588
Bump cilium to 1.11.4 by @olemarkus in #13581
Update golangci-lint to v1.45.2 by @hakman in #13584
Don't install nfs-common/nfs-utils by default by @hakman in #13577
doc(mfa): add another workaround using aws-vault by @techieforfun in #13591
add priorities to CSI openstack by @zetaab in #13594
Fix unexpected type for object metadata when using gossip DNS by @hakman in #13592
fix immutable retry logic when updating member by @zetaab in #13595
Add support for installing additional packages by @hakman in #13590
Update containerd to v1.6.4 by @hakman in #13596
Update etcd-manager to v3.0.20220503 by @hakman in #13598
Bump k8s.io deps to 1.24.0 by @olemarkus in #13601
update deps by @zetaab in #13602
update OpenStack CSI & cloud-controller manifest by @zetaab in #13603
Add hashes for containerd and Docker in order to fix CVE-2022-23648 by @drequena in #13606
Add IRSA for kube-router by @rifelpet in #13609
Avoid "/etc/resolv.conf" file loopback for Flatcar Container Linux distribution by @seh in #13617
Skip in-tree volume limits test by @rifelpet in #13621
Add initial support for Hetzner Cloud by @hakman in #13572
remove bind address for occm by @zetaab in #13623
Add docs for the packages option by @hakman in #13622
Update Calico and Canal to v3.23.0 by @hakman in #13625
Use latest staging AWS CCM for k8s 1.24+ by @hakman in #13626
Allow returning multiple addresses for API by @hakman in #13624
[DigitalOcean]: make droplet image constant when building droplet in for fitask by @zak905 in #13628
Upgrade Karpenter to 0.10.0 by @rifelpet in #13547
Add load balancer support for Hetzner by @hakman in #13629
Release 1.24.0-alpha.4 by @hakman in #13631
Release notes for 1.23.2 by @olemarkus in #13632
Release notes for 1.24.0-alpha.4 by @hakman in #13634
Use fixed staging AWS CCM for k8s 1.24+ by @hakman in #13637
Update runc to v1.1.2 by @hakman in #13638
add annotation support to aws-ebs-csi pods by @avish42 in #13600
Bump cluster autoscaler image for 1.24 by @olemarkus in #13642
Ignore digest for kube-apiserver-healthcheck model test by @hakman in #13639
Update documentation for manageStorageClasses by @minkimipt in #13641
fix typo in docs/instance-groups.md by @marquezika in #13635
Fix code block in manageStorageClasses docs by @minkimipt in #13645
[Digital Ocean] Add CSI driver for DO block storage by @srikiz in #13643
Update AWS CCM to 13.05.2022 releases by @hakman in #13644
Skip nfs tests in all scenarios by @hakman in #13648
Tweak integration tests to be simpler by @justinsb in #13647
Use Calico v3.21 with older versions of k8s by @hakman in #13649
Use -ginkgo.junit-report instead of -ginkgo.reportFile by @hakman in #13650
Allow editing clusters with Hetzner by @hakman in #13654
Bump actions/setup-go from 3.0.0 to 3.1.0 by @dependabot in #13653
Promote May AMIs in channels by @olemarkus in #13658
Allow the AWS Load Balancer Controller to use WAFs by @seh in #13636
Update controller-runtime to v0.12.0 by @hakman in #13655
Set nodeSelector and command to null by @zetaab in #13656
Add a nameservers parameter for cert-manager. by @jim-barber-he in #13567
Allow overriding the kubernetes version when upgrading the cluster by @hakman in #13652
Bump EBS CSI driver to 1.6.1 by @olemarkus in #13664
Bump Load Balancer Controller to 2.4.1 by @olemarkus in #13665
Bump Cilium to 1.11.5 by @olemarkus in #13666
Add missing backslash to aws.md by @piec in #13669
Bump NTH to 1.16.4 and add support for scheduled instance change events by @olemarkus in #13662
Bump EBS CSI driver to 1.6.2 by @olemarkus in #13670
Bump metrics-server to 0.6.1 by @olemarkus in #13674
Bump external-dns to 0.11.0 by @olemarkus in #13673
Release 1.24.0-alpha.5 by @hakman in #13675
Release notes for 1.24.0-alpha.5 by @olemarkus in #13676
Bump coredns to 1.8.6 by @olemarkus in #13677
Add Support for OVN Load Balancer for OpenStack by @ching-kuo in #13678
Add release note and getting started entries for Hetzner by @hakman in #13680
Fix kops update for OpenStack with LB by @ching-kuo in #13682
Update Calico and Canal to v3.23.1 by @hakman in #13672
bump alpha k8s versions with May releases by @MoShitrit in #13683
Update troubleshoot.md by @simonccc in #13685
Add support for configuring which metrics cilium will export by @olemarkus in #13684
Remove unused DNS logic from Protokube by @hakman in #13689
Fix Protokube gossip flag by @hakman in #13692
Bump actions/setup-go from 3.1.0 to 3.2.0 by @dependabot in #13694
Refactor cloud providers and remove unused code from Protokube by @hakman in #13691
Use dependabot for Go deps by @hakman in #13696
Fix links to go docs by @diversario in #13705
Update gophercloud to v0.25.0 by @ching-kuo in #13710
Use build tags for Protokube by @hakman in #13706
Clarify difference between terraform and kOps state stores by @hakman in #13709
Bump node termination handler to 1.16.5 by @olemarkus in #13711
promote alpha to stable (k8s releases) by @MoShitrit in #13713
Migrate EBS CSI images back to registry.k8s.io by @rifelpet in #13718
Bump github.com/prometheus/client_golang from 1.12.1 to 1.12.2 by @dependabot in #13697
update openstack ccm + csi by @zetaab in #13716
Bump github.com/spotinst/spotinst-sdk-go from 1.118.0 to 1.120.0 by @dependabot in #13699
Bump aws cni to 1.11.2 by @MoShitrit in #13726
Add CSI driver for Hetzner by @hakman in #13728
Use kubectl replace instead of apply when updating addons by @olemarkus in #13731
Release 1.24.0-beta.1 by @hakman in #13730
Automated cherry pick of #13749: Channels to have exit status 1 on apply failure by @olemarkus in #13756
Automated cherry pick of #13715: Add support for setting mode field on file assets by @hakman in #13759
Automated cherry pick of #13761: Revert "Use kubectl replace instead of apply when updating by @hakman in #13762
Automated cherry pick of #13750: Fix API group being incorrect for ingresses by @hakman in #13766
Automated cherry pick of #13741: Update containerd and Docker versions by @hakman in #13743
Automated cherry pick of #13748: Update AWS CCM images for k8s 1.20-1.22 by @hakman in #13771
Automated cherry pick of #13763: Update runc to v1.1.3 by @hakman in #13769
Automated cherry pick of #13773: Fix namespace for cert manager webhook config by @hakman in #13775
Automated cherry pick of #13779: Add back the metrics-server 443 port with a new name by @olemarkus in #13786
Automated cherry pick of #13774: Avoid spurious changes with ed25519 keys by @hakman in #13776
Automated cherry pick of #13781: Fix broken node selector for node termination handler by @olemarkus in #13787
Release 1.24.0-beta.2 by @olemarkus in #13788
Automated cherry pick of #13809: replace flexdriver with busybox by @zetaab in #13810
Automated cherry pick of #13824: Update etcd-manager to v3.0.20220617 by @hakman in #13825
Automated cherry pick of #13846: Do not run CAS on spot instances by @olemarkus in #13847
Automated cherry pick of #13857: Fix GCE resource tracking by @hakman in #13863
Automated cherry pick of #13707: Adding GuestAccelerators to InstanceTemplate by @hakman in #13865
Automated cherry pick of #13866: Limit GCE tag for role to 63 chars by @hakman in #13867
Automated cherry pick of #13819: Replace manifests after apply by @olemarkus in #13871
Automated cherry pick of #13764: Don't try to manage the kube-system namespace
#13768: Remove unneeded kube-proxy service account by @hakman in #13874
Release 1.24.0-beta.3 by @olemarkus in #13880
Automated cherry pick of #13869: Clean-up firewall rules that contain targets with the by @hakman in #13872
Automated cherry pick of #13896: Log errors from detachInstance by @olemarkus in #13899
Automated cherry pick of #13902: gce: set ProvisioningModel on InstanceTemplate by @hakman in #13905
Automated cherry pick of #13903: gce: Move out of beta, drop feature flag by @hakman in #13904
Automated cherry pick of #13907: Fix cleanup of firewall rules that contain the cluster name by @hakman in #13910
Automated cherry pick of #13897: Apply PKI even if addon fails by @olemarkus in #13913
Update dependencies for 1.24 by @hakman in #13919
Automated cherry pick of #13920: Refactor ClusterPrefixedName and ClusterSuffixedName to not by @hakman in #13921
Automated cherry pick of #13929: Make it possible to enable the shield addon for LBC by @olemarkus in #13930
Automated cherry pick of #13926: Make IRSA webhook configure apps to use regional STS and set by @olemarkus in #13928
Automated cherry pick of #13873: Limit GCE names to 63 chars for various resources by @hakman in #13927
Automated cherry pick of #13922: Mount /etc/hosts from host for CoreDNS by @hakman in #13923
Automated cherry pick of #13932: Limit GCE router name to 63 chars by @hakman in #13933
Automated cherry pick of #13917: Update Cilium to 1.11.6 by @olemarkus in #13936
Remove the v1alpha3 API version by @johngmyers in #13935
Automated cherry pick of #13852: Fix unsetting ASG max price by @hakman in #13937
Automated cherry pick of #13940: Revert "Add back the metrics-server 443 port with a new name" by @olemarkus in #13941
Automated cherry pick of #13892: aws: introduce maximum instance lifetime in cluster by @olemarkus in #13943
Automated cherry pick of #13861: Be more specific when filtering OS instance ports by @ederst in #13951
Automated cherry pick of #13890: Use csi-snapshotter for OS only when the controller is by @ederst in #13952
Automated cherry pick of #13939: Bump EBS CSI driver to 1.8.0 by @hakman in #13953
Release 1.24.0 by @hakman in #13957

New Contributors

@rlankfo made their first contribution in #12892
@jiahuif made their first contribution in #13017
@shubhindia made their first contribution in #13061
@danports made their first contribution in #13081
@jinhong- made their first contribution in #13132
@aclevername made their first contribution in #13304
@vivekjainx86 made their first contribution in #13308
@karanrn made their first contribution in #13306
@glebiller made their first contribution in #13381
@mixja made their first contribution in #13410
@zak905 made their first contribution in #13443
@guillomep made their first contribution in #13318
@DingGGu made their first contribution in #13467
@jorge07 made their first contribution in #13448
@scottchiang made their first contribution in #13485
@anthonytwh made their first contribution in #13489
@tesspib made their first contribution in #13534
@nat-henderson made their first contribution in #13445
@techieforfun made their first contribution in #13591
@drequena made their first contribution in #13606
@avish42 made their first contribution in #13600
@minkimipt made their first contribution in #13641
@marquezika made their first contribution in #13635
@piec made their first contribution in #13669
@simonccc made their first contribution in #13685

Full Changelog: v1.23.0...v1.24.0