kubernetes/kops v1.27.0-alpha.2

on GitHub

What's Changed

• v1alpha3: Move GCE-specific CloudConfig settings to GCESpec by @johngmyers in #14837
• Update min versions for 1.27 by @johngmyers in #14869
• OWNERS needs to be synced to k8s.io by @johngmyers in #14872
• Fix file extension of 1.27 release notes by @johngmyers in #14873
• v1alpha3: Move AWS-specific CloudConfig settings to AWSSpec by @johngmyers in #14874
• Include kops-controller logs in toolbox dump by @johngmyers in #14876
• Simplify pointers to maps in API by @johngmyers in #14878
• Use short service name with discovery labels by @hakman in #14880
• Fix ingress status for loadbalancers that does not have publicname by @zetaab in #14888
• Include SSHCredentials in create cluster dryrun output by @johngmyers in #14897
• Documentation updates by @johngmyers in #14901
• APIServer nodes need cloudconfig by @johngmyers in #14882
• Etcd domains are now under .internal. by @johngmyers in #14902
• Improve validation of API loadbalancer specs by @johngmyers in #14883
• set loadbalancer configs before initializing the OS clients by @zetaab in #14887
• Update dependencies by @github-actions in #14906
• APIServer nodes also need apiserverAdditionalIPs by @johngmyers in #14907
• Move networking validations inside validateNetworking() by @johngmyers in #14881
• Make IsValidValue more useful for enum types by @johngmyers in #14909
• Don't require subnets on DO and Hetzner by @johngmyers in #14914
• Reduce use of cluster topology field by @johngmyers in #14915
• Add Context arg to vfs ReadFile by @justinsb in #14925
• Refactor away from using Cluster object in nodeup by @johngmyers in #14870
• OpenStack: include cloud config in normal nodes by @zetaab in #14932
• Improve error message when trying to use IPv6 with amazonvpc networking by @johngmyers in #14937
• Pull pki.Keystore out of fi.KeystoreReader by @johngmyers in #14935
• Use NodeupConfig for container-runtime configuration by @johngmyers in #14936
• Prune admission webhooks by @johngmyers in #14929
• Temporarily disable cluster-autoscaler in many-addons test by @johngmyers in #14934
• Do not include tags when searching existing volumes in OpenStack by @zetaab in #14923
• Don't tag public subnets for internal LBs in IPv6 clusters by @johngmyers in #14941
• gce: try to avoid concurrent IAM project operations by @justinsb in #14912
• Use NodeupConfig for kube-proxy config by @johngmyers in #14943
• Miscellaneous NodeupConfig refactoring by @johngmyers in #14947
• vfs: don't cache bucketDetails in S3Path by @justinsb in #14945
• Support multiple terraform file providers by @justinsb in #14926
• Refactor to reduce vfs -> terraformWriter dependency by @justinsb in #14944
• EnsureTask should panic by @justinsb in #14927
• Refactor terraform provider version logic by @justinsb in #14948
• v1alpha3: Move IG root volume settings to sub-struct by @johngmyers in #14885
• Bump cluster autoscaler to 1.26.1 by @olemarkus in #14952
• Allow built-in manifests to be replaced by external addons by @justinsb in #14955
• Revert "Temporarily disable cluster-autoscaler in many-addons test" by @olemarkus in #14953
• Update dependencies by @github-actions in #14957
• kubetest2-kops: include stderr when calling kops toolbox dump by @justinsb in #14958
• move openstack cloud config to k8s secrets by @zetaab in #14959
• kubetest: pass through KOPS_ARCH if set by @justinsb in #14961
• gce: KCM should not allocate IPs when CCM is in use. by @justinsb in #14962
• Bump actions/checkout from 3.2.0 to 3.3.0 by @dependabot in #14964
• Fix kops version command when dev-building nodeup by @zcahana in #14965
• Bump EBS CSI driver to 1.14.1 by @olemarkus in #14966
• Upgrade k8s-dns-node-cache to 1.22.16 by @johngmyers in #14951
• Exit rolling updates when encountering specific errors by @jandersen-plaid in #14194
• scaleway: remove location environment variables by @Mia-Cross in #14972
• aws: Set IMDS defaults for existing clusters by @hakman in #14879
• Run pods needing control-plane instance credentials on hostNetwork by @johngmyers in #14913
• Update containerd to v1.6.15 by @hakman in #14974
• Feat(ca): priority expander config by @chubchubsancho in #14519
• Bump cert-manager to 1.10.2 by @olemarkus in #14981
• Update Go to v1.19.5 by @hakman in #14978
• Update release notes for kOps v1.26 by @hakman in #14860
• Use state store for nodeup.Config in Gossip clusters by @johngmyers in #14983
• AWS: set IMDS hop limit 1 on all new clusters by @johngmyers in #14884
• Populate cluster with default values in kops replace by @dimamo5 in #14920
• Infer the dns suffix from the cluster name for etcd-manager by @hakman in #14986
• OpenStack: Add support for clusters without DNS by @zetaab in #14930
• Update dependencies by @github-actions in #14990
• openstack: use subnet type instead of topology by @johngmyers in #14916
• Remove the SpecOverrideFlag feature flag by @hakman in #14839
• Rename version.go to kops-version.go by @johngmyers in #14993
• Add release note about CAS expander config by @olemarkus in #14998
• Use kops-controller to boostrap nodes in OpenStack by @zetaab in #14999
• Bump actions/dependency-review-action from 3.0.2 to 3.0.3 by @dependabot in #15005
• v1alpha3: Move most OIDC settings to authentication.oidc by @johngmyers in #14894
• Run kops-controller server on non-leaders as well by @johngmyers in #15002
• Move some networking settings to nodeup.Config by @johngmyers in #15004
• Upgrade AWS CCM to 1.25.2 by @johngmyers in #15011
• update OpenStack node identifier to use Identifier by @zetaab in #15006
• support multiple ConfigServers by @zetaab in #15000
• Move more networking settings into nodeup.Config by @johngmyers in #15016
• fix(sec): upgrade gopkg.in/yaml.v3 to 3.0.0 by @chncaption in #15021
• Upgrade Node Termination Handler to 1.18.3 by @johngmyers in #15020
• scaleway: refactoring: instance and tags by @Mia-Cross in #15022
• Update dependencies by @github-actions in #15026
• Fix LBC e2e after dropping override feature flag by @olemarkus in #15029
• Upgrade AWS LBC to v2.4.6 by @johngmyers in #15030
• gce cloud-controller-manager: Add nodes/patch permission by @justinsb in #15031
• Validate nonMasqueradeCIDR doesn't overlap additionalNetworkCIDRs by @johngmyers in #14997
• nodeup: don't set up masquerade if nonMasqueradeCIDR not set by @justinsb in #15033
• tests: Capture iptables chains by @justinsb in #15039
• Load etcd binaries dynamically from container images by @hakman in #14785
• Add Spotinst to help-wanted announcement by @johngmyers in #15041
• make openstack kops-controller boostrap auth better by @zetaab in #15024
• etcd-manager: Add option to set backup retention by @hakman in #14988
• Fix resource-tracking scenario test by @johngmyers in #15044
• Fix resource-tracking scenario by @johngmyers in #15047
• Bump aws-cni to 1.12.1 by @moshevayner in #15052
• bump k8s versions and ubuntu ami version in alpha by @moshevayner in #15051
• Upgrade AWS CCM to 1.25.3 by @johngmyers in #15053
• Always disable the reboot manager for Flatcar by @hakman in #15054
• remove condition path exists by @zetaab in #15055
• Update dependencies by @github-actions in #15060
• nodeup: fix logging of download times by @justinsb in #15062
• openstack verifier: support IPv6 by @justinsb in #15069
• Promote alpha to stable by @moshevayner in #15070
• Update containerd to v1.6.16 by @hakman in #15072
• executor: Avoid writing into slice without a mutex by @justinsb in #15064
• scaleway: load-balancer support by @Mia-Cross in #14933
• Cilium: Add unreachable route for pod IP on deletion option by @anthonyhaussman in #15050
• scaleway: CCM and CSI driver by @Mia-Cross in #15077
• Update etcd to v3.5.7 by @hakman in #15068
• azure: Use Basic SKU for the API LB by @hakman in #15081
• disable kops-configuration.service after successful execution by @zetaab in #15078
• Allow setting 'ignore-volume-microversion' for OCCP by @ederst in #15083
• Update etcd-manager to v3.0.20230201 by @hakman in #15087
• OpenStack: add k8s node labels by @zetaab in #15091
• Update dependencies by @github-actions in #15098
• Fix nvidia container toolkit repos by @elezar in #15096
• aws: Remove S3 region validation by @hakman in #15105
• Switch contained config file path to /etc/containerd/config.toml by @hakman in #15111
• gce: Always apply the metadata-proxy-ready node label by @justinsb in #15110
• Update golangci-lint to v1.51.1 by @hakman in #15117
• Update dependencies by @github-actions in #15120
• Document missing kops permission for aws NTH addon in SQS mode by @Nick-Triller in #15119
• Bump AWS CNI to 1.12.2 by @moshevayner in #15109
• Replace deprecated command with environment file by @jongwooo in #15116
• Use cloud-discovery on GCE in gossip mode by @justinsb in #15121
• hetzner: support toolbox dump of instances by @justinsb in #15124
• digitalocean: don't print empty IP addresses by @justinsb in #15128
• gce terraform: Use google_storage_object_acl by @justinsb in #14954
• Revert "disable kops-configuration.service after successful execution" by @hakman in #15129
• Update remaining references from k8s.gcr.io to registry.k8s.io by @hakman in #15134
• Add cluster name to OCCM opts by @zetaab in #15139
• DigitalOcean: Support SSH key provisioning by @justinsb in #15127
• kubetest2-kops: update tests for new zones by @justinsb in #15143
• remove AWS S3 access from nodes if using none dns by @zetaab in #15145
• OpenStack: remove cadvisor and etcd client fw rule by @zetaab in #15147
• Update containerd to v1.6.17 by @hakman in #15131
• hetzner: add dependency logic to deletion by @justinsb in #15141
• Pass actual cluster name to cinder-csi-plugin by @ederst in #15095
• Add terraform target support for configuring Warm Pool by @rsafonseca in #15153
• Document setting cluster name flag for OCCM and Cinder CSI plugin by @ederst in #15156
• Update Go to v1.19.6 by @hakman in #15160
• tests: create smoketest scenario by @justinsb in #15166
• Update containerd to v1.6.18 by @hakman in #15159
• exit nodeup gracefully if server already exists in k8s by @zetaab in #15138
• update openstack csi & ccm versions by @zetaab in #15169
• [docs] Fix External IAM Policy Docs by @philnielsen in #15177
• Improve support for AdditionalNetworkCIDRs by @johngmyers in #15036
• scaleway: get credentials from Scaleway profile by @Mia-Cross in #15122
• validation cleanup: simplify signature of validateCIDR by @justinsb in #15179
• set node status update freq to 60min in OpenStack by @zetaab in #15180
• nodelocaldns: Add possibility to set ExternalCoreFile by @anthonyhaussman in #15183
• Set the nonMasqueradeCIDR for GCE networking by @justinsb in #15035
• gce: When using network native pod IPs, open firewall to apiserver by @justinsb in #15040
• gce: Don't reconcile routes when running with "gce" networking. by @justinsb in #15186
• kubetest2: don't cache version markers by @justinsb in #15191
• Always try to prune an addon even if applying updates fail by @olemarkus in #15192
• Fix error in dependencies update workflow by @hakman in #15194
• Update dependencies by @github-actions in #15195
• Update Go to v1.19.7 by @hakman in #15198
• Bump channels by @hakman in #15208
• Fix the latest Ubuntu images by @hakman in #15213
• scaleway: documentation by @Mia-Cross in #14735
• Update dependencies by @github-actions in #15218
• Update channels and release note for 1.26 by @hakman in #15219
• Don't set CSIMigrationAWS in k8s 1.27 by @rifelpet in #15197
• Documentation: add CI and latest release badges by @R3DRUN3 in #15228
• scaleway: fix client for protokube by @Mia-Cross in #15230
• Initial support for Debian 12 Bookworm by @ReillyBrogan in #15231
• Add terraform rendering to GCP HTTP Health Check by @rifelpet in #15235
• gcp: Add integration test for minimal cluster with public load balancer by @hakman in #15237
• Skip new endpoint port/protocol e2e test on cilium by @rifelpet in #15240
• aws: Use control-plane for additional policies instead of master by @hakman in #15238
• Initial Amazon Linux 2023 support by @rifelpet in #15241
• Skip multiple-port multiple-endpointslice e2e test with Cilium by @rifelpet in #15243
• Fix behaviour for kops export kubeconfig --internal by @hakman in #15244
• Bump k8s versions to latest by @moshevayner in #15247
• switch to use registry.k8s.io images for openstack by @zetaab in #15249
• Bump actions/setup-go from 3.5.0 to 4.0.0 by @dependabot in #15254
• Bump actions/checkout from 3.3.0 to 3.4.0 by @dependabot in #15252
• Bump peter-evans/create-pull-request from 4.2.3 to 4.2.4 by @dependabot in #15253
• Bump AWS CNI to 1.25.5 by @moshevayner in #15248
• Retry creating failed OpenStack servers by @ederst in #15102
• feat(spot): Setting the VNG Size Limits in Launch Spec by @IdanShohamNetApp in #15256
• spot: support latest controller version by @yehielnetapp in #15263
• OpenStack: Add OCCM address sort order config by @ederst in #15267
• Bump actions/dependency-review-action from 3.0.3 to 3.0.4 by @dependabot in #15268
• Bump actions/checkout from 3.4.0 to 3.5.0 by @dependabot in #15269
• Update kube-router to v1.5.3 by @chenliu1993 in #15270
• Allow Cilium manifest to be replaced (for testing) by @justinsb in #15265
• OpenStack: Allow setting allowed address pairs for ports by @ederst in #15221
• OpenStack: Format and improve getting started docu by @ederst in #15259
• test scenarios: create simple scalability test by @justinsb in #15273
• scaleway: integration tests by @Mia-Cross in #15224
• Update scalability test so it passes by @justinsb in #15276
• gce: Fix log message about bucket level IAM by @justinsb in #15279
• GCE FirewallRule: Use an explicit field for ipv4 vs ipv6 by @justinsb in #15280
• gce ipv6: nodeup should only run the AWS prefix assigner on AWS by @justinsb in #15282
• gce: Add IPv6 support to subnet/instances by @justinsb in #15281
• Corrected multiple broken link in calico.md by @kundan2707 in #15290
• Pin github.com/docker/* to v20.10.21+incompatible by @hakman in #15293
• Update bastion.md by @recollir in #15294
• broken link removed as not available by @kundan2707 in #15295
• Create simple test that runs with boskos by @justinsb in #15303
• [DigitalOcean] support terraform provider for DO by @srikiz in #15181
• Allow Cluster Autoscaler to ignore daemon pods by @seh in #15291
• Fix IPv6 Terraform code generation by @felixfriedrich in #15275
• Bump peter-evans/create-pull-request from 4.2.4 to 5.0.0 by @dependabot in #15307
• OpenStack: Add network-cidr config for etcd-manager by @ederst in #15266
• Increase max_map_count in sysctls.go by @SimonMisencik in #15311
• gce: Avoid spurious changes for ForwardingRule by @hakman in #15283
• Upgrade k8s-dns-node-cache to 1.22.20 by @zetaab in #15314
• Bump golang to 1.20 by @olemarkus in #15320
• Bump actions/checkout from 3.5.0 to 3.5.2 by @dependabot in #15321
• scaleway: small fixes in loadbalancer tasks by @Mia-Cross in #15334
• docs(release): fix typo in 1.22 Notes by @agilgur5 in #15323
• Update containerd to v1.6.20 by @anthonyhaussman in #15319
• docs(release): fix broken CLI link in 1.19 notes by @agilgur5 in #15326
• gce: set ip address family on all FirewallRule tasks by @justinsb in #15331
• add openstack ccm + csi versions to 1.27 by @zetaab in #15346
• Spot: Update Spot Ocean controller to the latest version (1.0.90) by @oded7hoffman in #15338
• add csi cinder metrics by @zetaab in #15341
• scaleway: downgrade CCM + refactoring tags by @Mia-Cross in #15333
• makefile: use go run to execute ko by @justinsb in #15348
• gce: fix icmpv6 in firewalls by @justinsb in #15347
• scaleway: doc: temporary env var to pull protokube by @Mia-Cross in #15350
• Block bootstrap when the node already exists by @justinsb in #15351
• Switch to using external ECR credential provider for k8s 1.27 by @olemarkus in #15342
• Spotinst: update help wanted in release doc by @yehielnetapp in #15357
• Spotinst: bump spotinst-sdk-go to v1.145.0 by @yehielnetapp in #15361
• update default runc to 1.1.5, add 1.1.6 and 1.1.7 by @heybronson in #15358
• hack/update-expected: exclude DIGITALOCEAN_ACCESS_TOKEN by @justinsb in #15366
• Update release-process.md for registry.k8s.io change by @johngmyers in #15372
• Update gcp-compute-persistent-disk-csi-driver to v1.10.1 by @hakman in #15374
• Bump peter-evans/create-pull-request from 5.0.0 to 5.0.1 by @dependabot in #15376
• Create func to reset awsCloudInstances by @ltellesfl in #15316
• Perform challenge callbacks into a node by @justinsb in #15125
• DigitalOcean support for node bootstrap by @justinsb in #15367
• upload helper: support upload to S3 buckets that block ACLs by @justinsb in #15368
• Update ko to v0.13.0 by @hakman in #15380
• Update dependencies to K8s v1.27 by @hakman in #15373
• Update Go to v1.20.4 by @hakman in #15379
• Update containerd to v1.6.21 by @hakman in #15378
• Add kubescheduler.config.k8s.io/v1 for K8s 1.25+ by @hakman in #15384
• Make it possible to use assume role by @zetaab in #15234
• Bump AWS CNI version to 1.12.6 by @moshevayner in #15387
• bump k8s versions and ubuntu ami to latest in alpha by @moshevayner in #15386
• Support Cilium Operator Pod Annotations by @moshevayner in #15389
• If the Cluster Name is not default the hubble relay shows TLS errors by @s3than in #15360
• Support dualstack NLBs with Terraform by @johngmyers in #15398
• Promote alpha to stable (channels) by @moshevayner in #15404
• scaleway: fix naming and typos by @Mia-Cross in #15407
• replace references of https://storage.googleapis.com/kubernetes-release with https://dl.k8s.io by @KlwntSingh in #15408
• Add missing ServiceAccount in snapshot-validation-deployment by @minkimipt in #15400
• scaleway: tag resources with cloud labels by @Mia-Cross in #15405
• nodeup: Use functional options pattern for HostPathMapping by @justinsb in #15406
• Make NLBs dualstack when they're in IPv6-capable subnets by @johngmyers in #15410
• OpenStack Octavia FlavorID by @sn4psh0t in #15414
• Fix spotinst vendoring by @hakman in #15418
• use registry.k8s.io for cinder csi by @zetaab in #15419
• do not mount same dir twice by @zetaab in #15399
• Update etcd-manager to v3.0.20230516 by @zetaab in #15421
• Spotinst: integrate AWS instance metadata config to instance groups #2 by @yehielnetapp in #15420
• scaleway: instance resize and termination by @Mia-Cross in #15411
• Bump channels with May 2023 releases by @hakman in #15427
• openstack designate fixes by @zetaab in #15425
• Add a mutex lock to 'awsCloudInstances' map by @fcgravalos in #15415
• Release 1.27.0-alpha.2 by @hakman in #15430

New Contributors

• @zcahana made their first contribution in #14965
• @jandersen-plaid made their first contribution in #14194
• @chubchubsancho made their first contribution in #14519
• @dimamo5 made their first contribution in #14920
• @chncaption made their first contribution in #15021
• @elezar made their first contribution in #15096
• @Nick-Triller made their first contribution in #15119
• @jongwooo made their first contribution in #15116
• @rsafonseca made their first contribution in #15153
• @philnielsen made their first contribution in #15177
• @R3DRUN3 made their first contribution in #15228
• @IdanShohamNetApp made their first contribution in #15256
• @yehielnetapp made their first contribution in #15263
• @chenliu1993 made their first contribution in #15270
• @kundan2707 made their first contribution in #15290
• @felixfriedrich made their first contribution in #15275
• @SimonMisencik made their first contribution in #15311
• @agilgur5 made their first contribution in #15323
• @oded7hoffman made their first contribution in #15338
• @ltellesfl made their first contribution in #15316
• @KlwntSingh made their first contribution in #15408
• @sn4psh0t made their first contribution in #15414
• @fcgravalos made their first contribution in #15415

Full Changelog: v1.27.0-alpha.1...v1.27.0-alpha.2