v1.89.0
gardener-robot-ci-1
released this
23 Feb 07:58
·
523 commits
to master
since this release
[gardener/gardener-metrics-exporter]
⚠️ Breaking Changes
[OPERATOR]
Change OCI Image Registry from GCR (eu.gcr.io/gardener-project
) to Artifact-Registry (europe-docker.pkg.dev/gardener-project/releases
). Users should update their references.
by @ccwienk [gardener/gardener-metrics-exporter#92]
🐛 Bug Fixes
[OPERATOR]
Helm chart upgrades no longer fail due to the immutableDeployment.spec.selector
field. In order to upgrade to this version, thegardener-metrics-exporter
Deployment needs to be deleted first. by @timebertt [gardener/gardener-metrics-exporter#94]
🏃 Others
[OPERATOR]
Upgrade go to 1.22, update base image to distroless based on Debian 12, and exchange the linter. by @rickardsjp [gardener/gardener-metrics-exporter#97][OPERATOR]
Upgrade dependencies
Upgrade golang to 1.22 by @rickardsjp [gardener/gardener-metrics-exporter#96][OPERATOR]
Adds: garden_shoot_worker_node_max_total and garden_shoot_worker_node_min_total. Also gives insight into the worker type (for example for OpenStack the Flavor name). by @Sinscerly [gardener/gardener-metrics-exporter#95]
[gardener/gardener]
⚠️ Breaking Changes
[DEVELOPER]
The util functionpkg/utils/gardener.ComputeShootProjectSecretName
has been renamed topkg/utils/gardener.ComputeShootProjectResourceName
. by @petersutter [#9123][DEPENDENCY]
There are several breaking changes in thegithub.com/gardener/gardener/extensions/pkg/webhook
package:EnsureNoStringWithPrefix
,EnsureNoStringWithPrefixContains
,EnsureNoEnvVarWithName
,EnsureNoVolumeMountWithName
,EnsureNoVolumeWithName
,EnsureNoContainerWithName
,EnsureNoPVCWithName
now delete all matching entries. Previously they were deleting only the first occurrence.EnsureStringWithPrefix
,EnsureStringWithPrefixContains
now act on all prefix matches.StringIndex
is removed. instead, useslices.Index
. by @Kostov6 [#9007]
[OPERATOR]
TheUseGardenerNodeAgent
feature gate has been promoted to beta and is now turned on by default. by @rfranzke [#9161]
📰 Noteworthy
[USER]
The shoot cluster CA bundle is now stored in aConfigMap
in the project namespace of the garden cluster, in addition to storing it in aSecret
. ThisConfigMap
shares the same name as the pre-existingSecret
, which is<shoot-name>.ca-cluster
. TheSecret
will be removed in a future Gardener release. Therefore, if your tooling relies on thisSecret
, you should update it to fetch theConfigMap
instead. by @petersutter [#9123][USER]
It is now possible to skip a minor Kubernetes version for worker pool Kubernetes version upgrades as long as the version remains equal to or less than the control plane version. by @shafeeqes [#9185][OPERATOR]
A new field.spec.runtimeCluster.ingress.domains
was added to theGarden
API. This field allows to use multiple ingress domains for components of the runtime cluster. All domains are assumed to be wildcard domains. Earlier, the API only accepted one domain name via.spec.runtimeCluster.ingress.domain
.
⚠️ With this change.spec.runtimeCluster.ingress.domain
is deprecated and will be removed in the next release. Please update yourGarden
resource to the new.spec.runtimeCluster.ingress.domains
field by removing the existing domain configuration fromingress.domain
and add it as the first entry ofingress.domains
. by @ScheererJ [#9038]
✨ New Features
[OPERATOR]
gardener-resource-manager
now considers the health and the progressing status forPrometheus
andAlertmanager
resources managed viaManagedResource
s. by @rfranzke [#9163][DEVELOPER]
It is now possible to provide configuration for the cache Prometheus running in seed clusters'garden
namespaces. Read all about it here. by @rfranzke [#9128][DEVELOPER]
It is now possible to provide configuration for the seed Prometheus running in seed clusters'garden
namespaces. Read all about it here. by @rfranzke [#9180][DEVELOPER]
TheWaitUntilObjectReadyWithHealthFunction
function was enhanced to log the object's kind. by @timuthy [#9177]
🏃 Others
[DEVELOPER]
An issue with theFallbackClient
was resolved. If used in external projects, the client threw scheme related errors belonging to GVKs that are not registered in theGardenScheme
. by @timuthy [#9177][OPERATOR]
Add Prometheus alert for unhealthy seed node. by @adenitiu [#9127][OPERATOR]
Istio is now used as the single entry point on seed clusters. The load balancer of nginx-ingress is removed and traffic goes through istio before being handled by nginx if necessary. by @ScheererJ [#9038][OPERATOR]
Add condition typeObservabilityComponentsHealthy
for extension health check, it will allow extensions to register with this type. by @Sallyan [#9092][OPERATOR]
Multiple ingress domains in.spec.runtimeCluster.ingress.domains
can now overlap without triggering reconciliation issues. by @ScheererJ [#9183][OPERATOR]
Update configure-admission.sh for extensions using gardener certificate management for webhooks by @kon-angelo [#9168][OPERATOR]
The side car container of kube-apiserver for the HA VPN now have minimum memory resources that VPA will respect. by @ScheererJ [#9173]
Docker Images
- admission-controller:
europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.89.0
- apiserver:
europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.89.0
- controller-manager:
europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.89.0
- gardenlet:
europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.89.0
- node-agent:
europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.89.0
- operator:
europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.89.0
- resource-manager:
europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.89.0
- scheduler:
europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.89.0