🤖 Update module github.com/gardener/gardener to v1.105.0 #55
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![renovate[bot]](https://avatars.githubusercontent.com/in/2740?s=60&v=4){kind=small}
renovate
bot
force-pushed
the
renovate/k8s-gardener-go
branch
from
a0581a8
to
f1f612a
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/k8s-gardener-go
branch
from
f1f612a
to
83415a4
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/k8s-gardener-go
branch
from
83415a4
to
adfb272
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/k8s-gardener-go
branch
from
adfb272
to
48252a1
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/k8s-gardener-go
branch
from
48252a1
to
ef1d7e9
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/k8s-gardener-go
branch
from
ef1d7e9
to
a8cede6
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/k8s-gardener-go
branch
3 times, most recently
from
30e1403
to
2088ad1
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/k8s-gardener-go
branch
from
2088ad1
to
8db1c14
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/k8s-gardener-go
branch
from
8db1c14
to
25a48dd
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/k8s-gardener-go
branch
from
25a48dd
to
b669ba7
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/k8s-gardener-go
branch
from
b669ba7
to
732fb3c
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/k8s-gardener-go
branch
from
732fb3c
to
63f627f
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/k8s-gardener-go
branch
from
63f627f
to
578197b
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/k8s-gardener-go
branch
from
578197b
to
a272578
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/k8s-gardener-go
branch
from
18617bc
to
36f1ec9
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/k8s-gardener-go
branch
2 times, most recently
from
7b07cc4
to
1015d00
Compare
renovate
bot
force-pushed
the
renovate/k8s-gardener-go
branch
from
1015d00
to
4fa6b5f
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/k8s-gardener-go
branch
from
4fa6b5f
to
ef684a5
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/k8s-gardener-go
branch
from
ef684a5
to
baf0f13
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/k8s-gardener-go
branch
from
baf0f13
to
e38f50f
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/k8s-gardener-go
branch
from
e38f50f
to
5a3e248
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/k8s-gardener-go
branch
from
5a3e248
to
d7a3786
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/k8s-gardener-go
branch
from
d7a3786
to
6034bfc
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/k8s-gardener-go
branch
from
6034bfc
to
0135302
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/k8s-gardener-go
branch
from
0135302
to
50befc8
Compare
renovate
bot
changed the title
|
should wait for gardener/gardener#10459 and then merge with v2.4.0 |
renovate
bot
force-pushed
the
renovate/k8s-gardener-go
branch
4 times, most recently
from
66423d2
to
18e8974
Compare
renovate
bot
force-pushed
the
renovate/k8s-gardener-go
branch
from
18e8974
to
3ae8659
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
v1.99.4->v1.105.0Release Notes
gardener/gardener (github.com/gardener/gardener)
v1.105.0Compare Source
[gardener/gardener]
📰 Noteworthy
[OPERATOR]TheVPAForETCDandVPAAndHPAForAPIServerfeature gates have been promoted to GA and locked totrue. by @plkokanov [#10599][USER]The limitation of having at maximum ~80 worker pools inShoots has been lifted. Much higher numbers should be possible now (concrete limit depends on the amount of configuration within the pools (e.g., labels, taints, annotations, etc.)). by @rfranzke [#10542]✨ New Features
[DEVELOPER]Add functionality for the determination of bastion VM parameters used by the extensions by @hebelsan [#10537][OPERATOR]gardener-operatoris now capable of deploying extension controllers to the garden runtime cluster viaoperator.gardener.cloud/v1alpha1.Extensionresources. Please visit this document for more information. by @timuthy [#10518][OPERATOR]gardenletnow performs garbage collection of stalePods in all namespaces (exceptkube-system) in the seed cluster. by @rfranzke [#10548]🐛 Bug Fixes
[OPERATOR]When checking whether aDeploymentrollout is complete, stalePods are now ignored and no longer counted. by @rfranzke [#10548]🏃 Others
[DEPENDENCY]Thequay.io/prometheus-operator/prometheus-config-reloaderimage has been updated tov0.77.0. by @gardener-ci-robot [#10547][DEPENDENCY]Thegardener/ingress-default-backendimage has been updated to0.20.0. Release Notes by @gardener-ci-robot [#10560][DEPENDENCY]Thegardener/etcd-druidimage has been updated tov0.22.7. Release Notes by @gardener-ci-robot [#10570][DEPENDENCY]Thegardener/etcd-druidimage has been updated tov0.22.6. Release Notes by @gardener-ci-robot [#10556][DEPENDENCY]Thegardener/gardener-discovery-serverimage has been updated tov0.2.0. Release Notes by @gardener-ci-robot [#10546][DEPENDENCY]Thequay.io/prometheus-operator/prometheus-config-reloaderimage has been updated tov0.77.1. by @gardener-ci-robot [#10573][DEPENDENCY]Thequay.io/kiwigrid/k8s-sidecarimage has been updated to1.28.0. by @gardener-ci-robot [#10591][DEPENDENCY]Theenvoyproxy/envoyimage has been updated tov1.31.2. Release Notes by @gardener-ci-robot [#10553][DEPENDENCY]Thegcr.io/istio-release/pilotimage has been updated to1.21.6. by @gardener-ci-robot [#10564][DEVELOPER]provider-extensions setup: Seed VPA is disabled by default to avoid two VPA deployments to act on the same cluster causing endless eviction loops. by @ialidzhikov [#10593][DEVELOPER]Correctly extract and install the go binaries in the remote local setup by @vicwicker [#10605][OPERATOR]Allow overlapping network ranges in case of single stack IPv6. by @axel7born [#10584][OPERATOR]Allow empty pod and service ranges in shoot spec for IPv6 single stack. by @axel7born [#10541][OPERATOR]TheTopologySpreadConstraintcalculation was improved for workload spread across multiple zones. This especially leads to a more balanced distribution ofkube-apiserverandistioreplicas in seed clusters. by @timuthy [#10608][OPERATOR]VPA resource settings are now adapted - memory limits are removed and initial resource requests are lowered. by @voelzmo [#10568]Helm Charts
europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.105.0europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.105.0europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.105.0europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.105.0Docker Images
europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.105.0europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.105.0europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.105.0europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.105.0europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.105.0europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.105.0europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.105.0europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.105.0v1.104.1Compare Source
[gardener/gardener]
🐛 Bug Fixes
[OPERATOR]Fix a regression that causedgardenletto not be able to migrate deprecatedfailure-domain.beta.kubernetes.iolabels totopology.kubernetes.iodue to a removed RBAC rule required to patchPersistentVolumes. by @plkokanov [#10578]🏃 Others
[OPERATOR]Thegardener/etcd-druidimage has been updated tov0.22.7. Release Notes by @ishan16696 [#10592]Helm Charts
europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.104.1europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.104.1europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.104.1europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.104.1Docker Images
europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.104.1europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.104.1europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.104.1europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.104.1europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.104.1europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.104.1europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.104.1europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.104.1v1.104.0Compare Source
[gardener/gardener]
[USER]A bug has been fixed which was allowing users to setShootoidc configurations for thekube-apiserverwithout setting theclientIDandissuerURLfields inspec.kubernetes.kubeAPIServer.oidcConfig, which would lead to thekube-apiserverstuck in aErrorstate. gardener-apiserver now requires bothclientIDandissuerURLfields to be set when thespec.kubernetes.kubeAPIServer.oidcConfigfield is specified. by @AleksandarSavchev [#10461][OPERATOR]credentialsBinding.credentialsRefis now an immutable field. by @dimityrmirchev [#10365]📰 Noteworthy
[USER]Users are allowed to changeshoot.spec.credentialsBindingNameand reference anotherCredentialsBindingonly if they have the permissions to read both the old and newly referenced credential. by @dimityrmirchev [#10365][USER]Users can migrate fromshoot.spec.secretBindingNametoshoot.spec.credentialsBindingNameonly if the referenced credential remains the same and is not changed during the process. by @dimityrmirchev [#10365][OPERATOR]Allow project users to readNamespacedCloudProfiles and for project admins to make adjustments to machine types and volume types. by @LucaBernstein [#10485][OPERATOR]Alerts based on theproposals_failed_totalmetric of the etcd cluster are not raised anymore. by @renormalize [#10524][DEVELOPER]A new predicateextensions/pkg/predicate.GardenSecurityProviderTypecan be used to select resources from thesecurity.gardener.cloudgroup that are related to the passed provider type. by @dimityrmirchev [#10499]✨ New Features
[OPERATOR]Thegardener-operatormetrics are now automatically scraped by thegardenPrometheus. by @maboehm [#10464][OPERATOR]Introduce custom RBAC verbs to allow for modification of.spec.{kubernetes,machineImages}inNamespacedCloudProfiles. by @LucaBernstein [#10485][OPERATOR]The feature gateNewVPNis introduced for thegardenletcomponent. If enabled, the new VPN implementation (Golang rewrite) is used for allShoots of the respectiveSeed. In this case, the old implementation can be disabled for a singleShootby annotating the shoot resource withalpha.control-plane.shoot.gardener.cloud/disable-new-vpn=true. ForSeeds with disabled feature gate, the new implementation can be enabled for a single shoot by annotating it withalpha.control-plane.shoot.gardener.cloud/disable-new-vpn=false. by @MartinWeindel [#9774]🐛 Bug Fixes
[USER]Fixed disk read/write panel in the shoot's etcd dashboards by @rickardsjp [#10493][DEVELOPER]An issue was fixed that rejected the creation of workerless shoots in the local setup. by @timuthy [#10498]🏃 Others
[DEPENDENCY]Thegardener/hvpa-controllerimage has been updated tov0.17.0. Release Notes by @gardener-ci-robot [#10508][DEPENDENCY]Thequay.io/prometheus-operator/prometheus-config-reloaderimage has been updated tov0.76.2. by @gardener-ci-robot [#10500][DEPENDENCY]Thegardener/machine-controller-managerimage has been updated tov0.54.0. Release Notes by @gardener-ci-robot [#10528][DEPENDENCY]Thegardener/alpine-conntrackimage has been updated to3.20.3. Release Notes by @gardener-ci-robot [#10487][DEPENDENCY]Theenvoyproxy/envoyimage has been updated tov1.31.1. Release Notes by @gardener-ci-robot [#10531][OPERATOR]Federate apiserver_total_request metric to the Prometheus longterm instance by @jguipi [#10457][OPERATOR]Allow emptynetworking.nodesin case of IPv6 only shoots. by @axel7born [#10533][OPERATOR]Improved node utilisation by reducing requests for etcd-druid managed pods. by @unmarshall [#10540][DEVELOPER]Install go in the remote local setup from the go download site instead of using the apk package manager. by @vicwicker [#10502]Helm Charts
europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.104.0europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.104.0europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.104.0europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.104.0Docker Images
europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.104.0europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.104.0europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.104.0europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.104.0europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.104.0europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.104.0europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.104.0europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.104.0v1.103.1Compare Source
[gardener/gardener]
🐛 Bug Fixes
[DEVELOPER]An issue was fixed that rejected the creation of workerless shoots in the local setup. by @timuthy [#10503][OPERATOR]Fix a regression that causedgardenletto not be able to migrate deprecatedfailure-domain.beta.kubernetes.iolabels totopology.kubernetes.iodue to a removed RBAC rule required to patchPersistentVolumes. by @plkokanov [#10581]Helm Charts
europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.103.1europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.103.1europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.103.1europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.103.1Docker Images
europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.103.1europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.103.1europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.103.1europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.103.1europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.103.1europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.103.1europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.103.1europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.103.1v1.103.0Compare Source
[gardener/gardener]
[OPERATOR]Component config change forgardener-operator:extensionVirtualClusterConfigwas renamed toextension. by @MartinWeindel [#10277]📰 Noteworthy
[DEVELOPER]Enable apiserver feature gateUseNamespacedCloudProfilein local setup by default. Though, feature gate should not be enabled in production environments yet, until access control is implemented. by @LucaBernstein [#10266][OPERATOR]kube-proxynow has a readiness probe so that a node will only become ready for workloads afterkube-proxywas ready at least once. by @ScheererJ [#10407][OPERATOR]Host spread for shoots with failure tolerancenode(.spec.controlPlane.highAvailability.failureTolerance.type) is now accomplished viaminDomains. Earlier, this happened at a best effort basis only. If a seed was having less than 3 nodes at the time the control-plane pods were scheduled, the desired pod distribution was not possible. by @timuthy [#10400]✨ New Features
[OPERATOR]Introduced metrics exposing the Garden resource's condition and last operation. by @rickardsjp [#10393][OPERATOR]AddNamespacedCloudProfilecontroller to enable usage ofNamespacedCloudProfileinShootspec. by @LucaBernstein [#10266][OPERATOR]gardener-operatoris now capable of deploying admission controllers for the virtual-garden viaoperator.gardener.cloud/v1alpha1.Extensionresources. by @MartinWeindel [#10277][DEVELOPER]Extensionprovider-localhas a dummy admission controller now. by @MartinWeindel [#10277]🐛 Bug Fixes
[DEVELOPER]A bug was fixed that led toenv-testsetup errors whenmake test-integrationwas executed locally. by @timuthy [#10456]🏃 Others
[DEPENDENCY]Thequay.io/prometheus/prometheusimage has been updated tov2.54.1. by @gardener-ci-robot [#10395][DEPENDENCY]Thefluent-operatorimage has been updated tov3.10. Release NotesThe
fluent-bitimage has been updated tov3.1.5. Release NotesThe
gardener/loggingimage has been updated tov0.61.0. Release Notes by @nickytd [#10429][DEPENDENCY]Thegardener/dashboardimage has been updated to1.77.0. Release Notes by @gardener-ci-robot [#10463][DEPENDENCY]Theregistry.k8s.io/metrics-server/metrics-serverimage has been updated tov0.7.2. by @gardener-ci-robot [#10408][DEPENDENCY]Thegardener/dashboardimage has been updated to1.76.2. Release Notes by @gardener-ci-robot [#10446][DEPENDENCY]Thequay.io/brancz/kube-rbac-proxyimage has been updated tov0.18.1. by @gardener-ci-robot [#10427][DEPENDENCY]Thequay.io/prometheus-operator/prometheus-config-reloaderimage has been updated tov0.76.1. by @gardener-ci-robot [#10448][DEPENDENCY]Thequay.io/cortexproject/corteximage has been updated tov1.18.0. by @gardener-ci-robot [#10458][DEPENDENCY]Thegardener/hvpa-controllerimage has been updated tov0.16.0. Release Notes by @gardener-ci-robot [#10397][DEPENDENCY]Thequay.io/kiwigrid/k8s-sidecarimage has been updated to1.27.6. by @gardener-ci-robot [#10424][DEVELOPER]The guestbook container image used in the test machinery tests is now updated from an image in GCR to an image in Artifact Registry. by @ialidzhikov [#10409][DEVELOPER]Introducegolang-testimage for Go 1.23 and remove its Go 1.21 version. by @oliver-goetz [#10388][OPERATOR]A stale VPA related to the old alertmanager deployment was not cleaned up by gardenlet. Now, gardenlet on startup cleans up the these stale alertmanager VPAs. by @ialidzhikov [#10462]Helm Charts
europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.103.0europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.103.0europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.103.0europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.103.0Docker Images
europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.103.0europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.103.0europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.103.0europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.103.0europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.103.0europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.103.0europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.103.0europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.103.0v1.102.2Compare Source
[gardener/gardener]
🐛 Bug Fixes
[OPERATOR]Fix a regression that causedgardenletto not be able to migrate deprecatedfailure-domain.beta.kubernetes.iolabels totopology.kubernetes.iodue to a removed RBAC rule required to patchPersistentVolumes. by @plkokanov [#10582]🏃 Others
[DEPENDENCY]Thegardener/dashboardimage has been updated to1.76.2. Release Notes by @gardener-ci-robot [#10453]Helm Charts
europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.102.2europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.102.2europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.102.2europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.102.2Docker Images
europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.102.2europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.102.2europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.102.2europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.102.2europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.102.2europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.102.2europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.102.2europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.102.2v1.102.1Compare Source
[gardener/gardener]
🐛 Bug Fixes
[OPERATOR]A bug has been fixed that prevented the deployment ofgardenlets viagardener-operatorand theGardenletresource when.spec.kubeconfigSecretRefwas used. by @rfranzke [#10411]🏃 Others
[DEPENDENCY]Thegardener/etcd-druidimage has been updated tov0.22.5. Release Notes by @gardener-ci-robot [#10443][OPERATOR]gardener-controller-manager: A corner case issue in the maintenance controller that prevented forceful minor K8s version update from K8s 1.29 to K8s 1.30 is now resolved. by @ialidzhikov [#10438][OPERATOR]Kernel settingnet.netfilter.nf_conntrack_maxis only set on nodes bysysctl.difkube-proxyis disabled. by @ScheererJ [#10434]Helm Charts
europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.102.1europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.102.1europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.102.1europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.102.1Docker Images
europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.102.1europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.102.1europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.102.1europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.102.1europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.102.1europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.102.1europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.102.1europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.102.1v1.102.0Compare Source
[gardener/gardener]
[OPERATOR]When theNewWorkerPoolHashfeature gate is enabled, the calculation now also rolls worker nodes ofShoots when changingsystemReservedin thekubeletconfiguration. Worker pools are not rolled if the sum ofkubeReservedandsystemReserveddoes not change. If the feature gate is already enabled, then the worker pools ofShoots with non-zero values insystemReservedwill be rolled once. by @MichaelEischer [#10290]📰 Noteworthy
[USER]Thespec.clientfield in the{Cluster}OpenIDConnectPresetAPIs is deprecated and will be removed after support for Kubernetes 1.30 is dropped. by @AleksandarSavchev [#10253][USER]Thespec.kubernetes.kubeAPIServer.oidcConfig.clientAuthenticationfield in theShootAPI is deprecated and will be removed after support for Kubernetes 1.30 is dropped. by @AleksandarSavchev [#10253][USER]The Shoot specification field.spec.kubernetes.kubeAPIServer.oidcConfig.signingAlgsfor Kubernetes versions>= v1.30is not supported anymore. by @AleksandarSavchev [#10244][OPERATOR]The.spec.deployment.vpafield in theseedmanagement.gardener.cloud/v1alpha1.{Gardenlet,ManagedSeed}APIs is deprecated and has no effect anymore. It will be removed in a future version. Now,gardenletdeploys its own VPA as part of theSeedreconciliation (after it ensured the VPA CRD exists). by @rfranzke [#10299]✨ New Features
[USER]Structured authentication configuration can now be set by creating aConfigMapin the project namespace with theAuthenticationConfigurationfile set in theconfig.yamldata key and referencing theConfigMapin the newShootspecification field.spec.kubernetes.kubeAPIServer.structuredAuthentication.configMapNamefor Kubernetes versions>= v1.30. Only one authenticator can be set via the authentication configuration untilk8s.io/*Golang dependencies are upgraded to version>= v0.30. by @AleksandarSavchev [#10244][USER]The followingvpa-recommenderflags are now configurable via theShootspecification:--recommendation-lower-bound-cpu-percentile:.spec.kubernetes.verticalPodAutoscaler.recommendationLowerBoundCPUPercentile--recommendation-upper-bound-cpu-percentile:.spec.kubernetes.verticalPodAutoscaler.recommendationUpperBoundCPUPercentile--target-memory-percentile:.spec.kubernetes.verticalPodAutoscaler.targetMemoryPercentile--recommendation-lower-bound-memory-percentile:.spec.kubernetes.verticalPodAutoscaler.recommendationLowerBoundMemoryPercentile--recommendation-upper-bound-memory-percentile:.spec.kubernetes.verticalPodAutoscaler.recommendationUpperBoundMemoryPercentileby @ialidzhikov [#10221][OPERATOR]Performing control plane migration acrossSeeds with different provider types is now possible. Before triggering the migration, make sure that pods in theShoot's control plane, once it is moved to theDestination Seed, will have network connectivity to the storage provider of theSource Seed(so that ETCD backups can be copied automatically). Additionally, make sure that theShoot's nodes will have network connectivity to theShoot's control plane after it is moved to theDestination Seed. by @plkokanov [#10323][OPERATOR]gardenletnow runs a new controller calledTokenRequestorWorkloadIdentitywhich requests workload identity tokens and writes them intoSecretresources in the seed cluster. These tokens can be then used by control plane components in order to present the saidWorkloadIdentitybefore external systems. Please see here for more details. by @dimityrmirchev [#10298][OPERATOR]Quotas can now have scope of typeWorkloadIdentity. by @dimityrmirchev [#10346]🐛 Bug Fixes
[USER]Fixes a bug preventing shoot clusters with annotationshoot.gardener.cloud/skip-readiness: "true"to be created. by @ScheererJ [#10317][OPERATOR]An issue causing the vpn-seed-server VPA's to be created with wrong targetRef for highly available Shoots is now fixed. by @ialidzhikov [#10366]🏃 Others
[OPERATOR]vpa-updater and vpa-recommender components do now run with leader election enabled (unconditionally) and support running in HA mode. by @ialidzhikov [#10302][OPERATOR]Reduce kubelet http2 timeouts. by @axel7born [#10223][OPERATOR]Gardener now temporarily uses avpa-recommenderbuilt from a fork to add additional logging and metrics for debugging an issue where thevpa-recommendercould recommend lower thanminAllowedmemory requests for pods that actually have high memory usage. by @plkokanov [#10342][OPERATOR]The vertical pod autoscaler component is updated to v1.2.0. Release Notes by @ialidzhikov [#10275][OPERATOR]Migrate VPA metrics to CustomResourceState metrics and upgradekube-state-metricstov2.13.0. by @vicwicker [#9941][OPERATOR]An issue in gardener-node-agent causing registry hosts probe to fail when thespec.criConfig.containerd.registries.hosts.caCertsfield of OperatingSystemConfig is set is now fixed. by @dimitar-kostadinov [#10375][OPERATOR]Shoot clusters with Kubernetes version>= v1.30will use cluster-autoscalerv1.30.0. Release Notes. by @ashwani2k [#10309][DEPENDENCY]Thecredativ/plutonoimage has been updated tov7.5.33. Release Notes by @gardener-ci-robot [#10296][DEPENDENCY]A wildcard option was added to the SwitchOptions to disable all webhooks at once via--disable-webhooks="*"by @timuthy [#10255][DEPENDENCY]The following dependencies have been updated:[DEPENDENCY]Thecredativ/valiimage has been updated tov2.2.18. Release Notes by @gardener-ci-robot [#10292][DEPENDENCY]Theregistry.k8s.io/autoscaling/vpa-admission-controllerimage has been updated to1.2.1. by @gardener-ci-robot [#10350][DEPENDENCY]Theregistry.k8s.io/autoscaling/vpa-updaterimage has been updated to1.2.1. by @gardener-ci-robot [#10351][DEPENDENCY]Thequay.io/prometheus/prometheusimage has been updated tov2.54.0. by @gardener-ci-robot [#10297][DEPENDENCY]Thegardener/ext-authz-serverimage has been updated to0.10.0. Release Notes by @gardener-ci-robot [#10321][DEPENDENCY]Thequay.io/prometheus-operator/prometheus-config-reloaderimage has been updated tov0.76.0. by @gardener-ci-robot [#10332][USER]Grant get, list and watch permissions to thecustomresourcedefinitionsresource in the virtual cluster for authenticated users. Shoot owners can now generate their own shoot metrics using custom resource state configurations by kube-state-metrics. by @vicwicker [#10293]📖 Documentation
[DEVELOPER]This document now contains a guide for developers how to handle deprecations and backwards-compatibility of changes. by @rfranzke [#10294][OPERATOR]The version skew policy was updated to better reflect how to handlegardenletupgrades. by @rfranzke [#10294]Helm Charts
europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.102.0europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.102.0europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.102.0europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.102.0Docker Images
europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.102.0europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.102.0europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.102.0europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.102.0europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.102.0europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.102.0europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.102.0europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.102.0v1.101.3Compare Source
[gardener/gardener]
🐛 Bug Fixes
[OPERATOR]A bug has been fixed that prevented the deployment ofgardenlets viagardener-operatorand theGardenletresource when.spec.kubeconfigSecretRefwas used. by @rfranzke [#10410][OPERATOR]An issue causing the vpn-seed-server VPA's to be created with wrong targetRef for highly available Shoots is now fixed. by @ialidzhikov [#10372]🏃 Others
[OPERATOR]Kernel settingnet.netfilter.nf_conntrack_maxis only set on nodes bysysctl.difkube-proxyis disabled. by @oliver-goetz [#10444][OPERATOR]gardener-controller-manager: A corner case issue in the maintenance controller that prevented forceful minor K8s version update from K8s 1.29 to K8s 1.30 is now resolved. by @ialidzhikov [#10439][OPERATOR]An issue in gardener-node-agent causing registry hosts probe to fail when thespec.criConfig.containerd.registries.hosts.caCertsfield of OperatingSystemConfig is set is now fixed. by @dimitar-kostadinov [#10380][DEPENDENCY]Thegardener/dashboardimage has been updated to1.76.2. Release Notes by @gardener-ci-robot [#10454]Helm Charts
europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.101.3europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.101.3europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.101.3europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.101.3Docker Images
europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.101.3europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.101.3europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.101.3europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.101.3europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.101.3europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.101.3europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.101.3europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.101.3v1.101.2Compare Source
[gardener/gardener]
🏃 Others
[DEPENDENCY]Theregistry.k8s.io/ingress-nginx/controller-chrootimage has been updated tov1.11.2. by @gardener-ci-robot [#10357]Helm Charts
europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.101.2europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.101.2europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.101.2europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.101.2Docker Images
europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.101.2europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.101.2europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.101.2europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.101.2europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.101.2europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.101.2europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.101.2europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.101.2v1.101.1Compare Source
[gardener/gardener]
🐛 Bug Fixes
[OPERATOR]Disable cloud profile field sync ifShootis being deleted. by @LucaBernstein [#10310][OPERATOR]A bug has been fixed which preventedgardenletfrom creating its ownseedmanagement.gardener.cloud/v1alpha1.Gardenletresource whenselfUpgradewas set in its Helm chart values (more information). by @rfranzke [#10306]Helm Charts
europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.101.1europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.101.1europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.101.1europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.101.1Docker Images
europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.101.1europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.101.1europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.101.1europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.101.1europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.101.1europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.101.1europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.101.1europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.101.1v1.101.0Compare Source
[gardener/gardener]
[DEVELOPER]The legacy method of providing monitoring configuration viaConfigMaps labeled withextensions.gardener.cloud/configuration=monitoringhas been removed. See this instead. by @rfranzke [#10220][DEVELOPER]The IPv4 addresses for the local Gardener setup was changed from127.0.0.xto172.18.255.x(default kind subnet) to resolve an issue on developer machines which can't use additional IP addressed from the127.0.0.0/8space. Please consider updating your/etc/hostsfile to adjust to the the newly added addresses. Please see Deploying Gardener Locally#Accessing the Shoot Cluster for more details. by @MartinWeindel [#10019][DEVELOPER]github.com/gardener/gardener/plugin/pkg/utils.ProjectForNamespaceFromListerhas been deprecated and will be removed in a future release, usegithub.com/gardener/gardener/pkg/utils/gardener.ProjectForNamespaceFromListerinstead. by @vpnachev [#10042]📰 Noteworthy
[DEVELOPER]Evaluateshoot.Spec.CloudProfileandshoot.Spec.CloudProfileNamefields together to determine the applicable cloud profile in order to prepare for namespaced cloud profiles. by @LucaBernstein [#10093][DEPENDENCY]A new fieldclasswas added to resources of theextensions.gardener.cloudAPI group. Together with the newly introduced predicate HasClass, it serves as a mean to split responsibilities of extension controllers for extensions belonging to different type of targets, i.e.shoot(default) orgarden. Handling is backwards compatible, so that extensions are still responsible forshootextension resources without any adjustments. If you intend to already support the reconciliation of extensions belonging to thegardenclass (cluster), please consider adding theExtensionClassparameter (see here for more information). by @timuthy [#10254][OPERATOR]TheVPAAndHPAForAPIServerfeature gate has been promoted to beta and is now turned on by default. by @ialidzhikov [#10207][OPERATOR]VPA MaxAllowed is no longer hard-coded to fixed values (4/7/8 cores and 25/28G) forkube-apiserver,etcd, andprometheus. Operators must ensure sufficiently large worker pools for control plane components. For details, see [this document](https://redirect.github.com/gardener/gardener/blob/mConfiguration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.