Skip to content

Latest commit

 

History

History
245 lines (169 loc) · 25.4 KB

CHANGELOG-1.6.md

File metadata and controls

245 lines (169 loc) · 25.4 KB

v1.6.2 - 2023-04-14

Changelog since v1.6.1

Changes by Kind

Bug or Regression

Updates

machine-controller and operating-system-manager

Go

v1.6.1 - 2023-03-23

Changelog since v1.6.0

Changes by Kind

Bug or Regression

Updates

operating-system-manager

  • Update Operating System Manager to v1.2.1. Fix an issue where cloud-init scripts re-ran on machine reboot (#2718, @ahmedwaleedmalik)

Hetzner

v1.6.0 - 2023-02-23

We're happy to announce a new KubeOne minor release — KubeOne 1.6! Please consult the changelog below before upgrading to this minor release.

Changelog since v1.5.0

Urgent Upgrade Notes

(No, really, you MUST read this before you upgrade)

  • The minimum Kubernetes version is increased to v1.24.0. Please use KubeOne 1.5 to upgrade your clusters to Kubernetes 1.24 prior to upgrading to KubeOne 1.6. If your clusters are running Docker, please migrate them to containerd using KubeOne 1.5. (#2599, @xmudrii)
  • Stop applying node-role.kubernetes.io/master taint for Kubernetes 1.25+ nodes. The taint will be removed from existing nodes upon upgrading to Kubernetes 1.25. The KubeOneCluster API validation will reject hosts/nodes that have the node-role.kubernetes.io/master taint if the Kubernetes version is 1.25 or newer. kubeone apply will fail if you have nodes with the node-role.kubernetes.io/master taint running Kubernetes 1.25+ (#2604, #2688, #2689, @xmudrii)
  • External CCM/CSI is required for vSphere clusters starting with Kubernetes 1.25. If your vSphere clusters are using the in-tree cloud provider (.cloudProvider.external is false or unset), you must migrate your vSphere clusters to the external CCM/CSI before upgrading to Kubernetes 1.25. Please check the documentation for more details about the CCM/CSI migration. This change is introduced because vSphere requires the CSI driver to be deployed starting with Kubernetes 1.25 (#2697, @xmudrii)
  • Forbid Kubernetes 1.26 and newer for OpenStack clusters with the in-tree cloud provider. The in-tree cloud provider for OpenStack is removed with Kubernetes 1.26.0. Make sure to migrate to the external CCM/CSI before upgrading to Kubernetes 1.26. (#2573, @xmudrii)
  • Add support for Ubuntu 22.04. Example Terraform configs for all providers are now using Ubuntu 22.04 by default. If you're using the latest Terraform configs with an existing cluster, make sure to bind the operating system/image to the image that you're currently using, otherwise your instances will get recreated (#2367, @ahmedwaleedmalik)
  • control_plane_replicas variable in Terraform configs for Hetzner is renamed to control_plane_vm_count. If you set the old variable explicitly, make sure to migrate to the new variable before migrating to the new configs (#2550, @xmudrii)
  • Forbid PodSecurityPolicy feature for Kubernetes clusters running 1.25 and newer. PodSecurityPolicies got removed from Kubernetes in 1.25. For more details, see the official blog post (#2594, @xmudrii)
  • Image references are changed from k8s.gcr.io to registry.k8s.io. This is done to keep up with the latest upstream changes. Please ensure that any mirrors you use are able to host registry.k8s.io and/or that firewall rules are going to allow access to registry.k8s.io to pull images. This change has been already introduced as part of KubeOne 1.5.4 and 1.4.12 patch releases (#2501, @xmudrii)

Changes by Kind

API Change

  • Add a new NodeLocalDNS field to the KubeOneCluster API used to control should the NodeLocalDNSCache component be deployed or not. Run kubeone config print --full for details on how to use this field (#2356, @kron4eg)
  • Introduce a new .addons.addons[*].disableTemplating field to the KubeOneCluster API which can be used to disable templatization for an addon (#2630, @ahmedwaleedmalik)
  • .cloudProvider.csiConfig is now a mandatory field for vSphere clusters using the external cloud provider (.cloudProvider.external: true) (#2430, @xmudrii)
  • .cloudProvider.csiConfig can be specified for vSphere clusters even if the in-tree provider is used, but the provided CSIConfig is ignored in such cases (a warning about this is printed) (#2430, @xmudrii)
  • Allow overriding image repository for CoreDNS via .features.coreDNS.imageRepository field (#2394, @xmudrii)

Feature

General

  • Add support for Helm-based addon (#2498, @kron4eg)
    • Upgrade Helm releases only if it's differs from the already deployed release (#2571, @kron4eg)
    • Uninstall Helm release that was installed by KubeOne but is not listed anymore in the KubeOneCluster manifest (#2522, @kron4eg)
    • Fix Helm deployment of multiple charts (#2515, @kron4eg)
  • Implement a new kubeone init command used to generate the KubeOneCluster manifest and example Terraform configurations (#2396, @kron4eg)
  • Implement an interactive mode for the kubeone init subcommand (#2552, @xmudrii)
  • Add support for SSH Host Public key verification (#2391, @kron4eg)
  • Enable etcd compact hash checks as per the recommendations from etcd for detecting data corruption (#2497, @xmudrii)
  • Schedule CSI Snapshot Validation webhook for OpenStack on the control plane nodes (#2427, @xmudrii)
  • Run kubeadm with increased verbosity unconditionally. This only changes the behavior if KubeOne is run without the verbose flag but kubeadm fails, in which case kubeadm is going to print more information about the issue (#2556, @xmudrii)
  • Expose machine-controller metrics port (8080/TCP), so Prometheus ServiceMonitor can be used for scraping (#2421, @sphr2k)
  • Migrate ebs.csi.aws.com CSIDriver to set fsGroupPolicy: File (#2424, @xmudrii)

Terraform

  • Add allow_insecure variable (default false) to Terraform configs for vSphere. The value of this variable is propagated to the MachineDeployment template in output.tf (#2432, @xmudrii)
  • Add cluster_autoscaler_min_replicas and cluster_autoscaler_max_replicas variables to Terraform configs. Those variables control the minimum and the maximum number of replicas for MachineDeployments. cluster-autoscaler must be enabled for those variables to have an effect (#2551, @xmudrii)
  • Add control_plane_vm_count variable to Terraform configs for DigitalOcean, Equinix Metal, GCE, Nutanix, OpenStack, and VMware Cloud Director (defaults to 3) (#2546, @xmudrii)
  • Add os variable to Terraform configs for DigitalOcean, Equinix Metal, and Hetzner (defaults to ubuntu) (#2546, @xmudrii)
  • Make volume size for worker nodes configurable in Terraform configs for AWS (50 GB by default) (#2415, @xmudrii)
  • Update Terraform provider for VMware Cloud Director to v3.8.1 (#2583, @ahmedwaleedmalik)
  • Add support for insecure HTTPS connection to VMware Cloud Director API in the Terraform example configs (#2583, @ahmedwaleedmalik)

Addons

  • Add a new addon parameter called HubbleIPv6 (true/false, default: true) for Cilium CNI used to enable/disable Hubble UI listening on an IPv6 interface (#2448, @xmudrii)

Experimental

  • Add Experimental Dual-Stack IPv6 support for AWS with Canal/Calico and Cilium (#2414, @PratikDeoghare)

Kubernetes Version Support

Updates

General

  • Update containerd to 1.6. This change affects control plane nodes, static worker nodes, and nodes managed by machine-controller/operating-system-manager (#2382, @kron4eg)
  • Update containerd to 1.6 on Amazon Linux 2 (#2601, @xmudrii)
  • Update kubernetes-cni to v1.2.0 and cri-tools to v1.26.0 (#2606, @xmudrii)
  • Update kubernetes-cni to v1.1.1 to allow installation of Kubernetes v1.24.5+ (#2353, @kron4eg)

Etcd

CNI

  • Update Canal to v3.23.5. This Canal release is supposed to fix an issue where Calico pods are crashing after upgrading from an older Calico version to a newer one (see the Known Issues document for more details) (#2538, @xmudrii)
  • Update Cilium from v1.12.3 to v1.12.5 (#2582, @xmudrii)
  • Update Cilium to v1.12.3 (#2478, @xmudrii)
  • Upgrade Cilium to v1.12.2 (#2359, @ahmedwaleedmalik)

General Addons

  • Update metrics-server to v0.6.2 (#2580, @xmudrii)
  • Update NodeLocalDNSCache to v1.22.15 (#2580, @xmudrii)
  • Update NodeLocalDNSCache to v1.22.13 (#2477, @xmudrii)
  • Update cluster-autoscaler to v1.26.1 for Kubernetes 1.26+ clusters (#2580, @xmudrii)
  • Update cluster-autoscaler to v1.25.0 for Kubernetes 1.25 clusters (#2476, @xmudrii)
  • Update backup-restic, unattended-updates, csi-vault-secret-provider, secrets-store-csi-driver addons (#2579, @kron4eg)

machine-controller and operating-system-manager

AWS

Azure

DigitalOcean

Equinix Metal

Google Cloud (GCP/GCE)

  • Update GCP CSI driver to v1.8.1 (#2576, @xmudrii)
  • Update GCP CSI driver to v1.8.0 and external-snapshotter for GCP CSI to v6.1.0 (#2471, @xmudrii)

Hetzner

Nutanix

OpenStack

  • Update OpenStack CCM to v1.26.0 for Kubernetes 1.26+ clusters (#2582, @xmudrii)
  • Update OpenStack Cinder CSI to v1.26.0 for Kubernetes 1.26+ clusters (#2582, @xmudrii)
  • Update OpenStack CCM and CSI to v1.25.3, v1.24.5, v1.22.2 (#2427, @xmudrii)

vSphere

VMware Cloud Director (VCD)

  • Update VMware Cloud Director (VCD) CSI driver from v1.2.0 to v1.3.1 (#2576, @xmudrii)

Go

Bug or Regression

  • Automatically delete the CoreDNS PodDistruptionBudget if the feature is disabled (#2364, @xmudrii)
  • Do not regenerate/update /etc/kubernetes/cloud-config file on nodes upon performing the CCM/CSI migration because that file is not used by the external CCM/CSI. The file is regenerated only after fully completing the CCM/CSI migration (#2694, @xmudrii)
  • Ensure that Azure CCM reads cloud-config from the cloud-config Secret instead from the node's file system (/etc/kubernetes/cloud-config) (#2694, @xmudrii)
  • Use vmware-system-csi namespace when generating certs for the vSphere CSI webhooks (#2366, @xmudrii)
  • Recreate SSH connection in case of errors with the session (#2345, @kron4eg)
  • Fix SSH client failing to re-establish a broken SSH connection (#2647, @kron4eg)
  • Remove the leftover /tmp/k1-etc-environment file. This fixes an issue with kubeone apply failing if the username is changed (#2560, @xmudrii)
  • Use the pause image from registry.k8s.io for all Kubernetes releases (#2528, @xmudrii)
  • Fix Azure CCM failing to start because of unknown port flag (#2647, @kron4eg)
  • Fix an issue where the custom CA bundle was not being propagated to machine-controller-webhook (#2586, @ahmedwaleedmalik)
  • Fix an issue where the custom CA bundle was not being propagated to operating-system-manager (#2588, @FalcoSuessgott)
  • Fix a panic (NPE) in cluster probes (#2483, @kron4eg)
  • Fix a panic (NPE) when determining if it is safe to repair a cluster when there's no kubelet or kubelet systemd unit on the node (#2494, @xmudrii)
  • Fix a panic (NPE) when the v1beta1 API is used (#2349, @kron4eg)
  • Fix a panic (NPE) when machine-controller deployment is disabled (#2344, @kron4eg)
  • Fix a panic (NPE) in case when building dynamic Kubernetes client failed on a previous try (#2643, @WeirdMachine)
  • Fix AMI filter for CentOS 7 in Terraform configs for AWS (#2555, @xmudrii)
  • Force-disable operating-system-manager (OSM) when the KubeOneCluster v1beta1 API is used (#2354, @kron4eg)

Other (Cleanup or Flake)

  • The installation script (install.sh) has been modified to match only the stable releases (#2355, @xmudrii)
  • Change default branch from master to main (#2400, @xrstf)
  • The kubeone-e2e image is moved from Docker Hub to Quay (quay.io/kubermatic/kubeone-e2e) (#2463, @xmudrii)
  • Remove the Kubernetes test binaries from the kubeone-e2e image because the new KubeOne E2E tests are using Sonobuoy instead (#2404, @xmudrii)
  • Rename generate-internal-groups Make target to update-codegen (#2433, @xmudrii)