v0.1.9

This patch release includes bug fixes and cleanups, most notably an issue with containerd and SystemdCgroups when deploying K8s >= v1.21.0.

The GA container image can be found at k8s.gcr.io/scl-image-builder/cluster-node-image-builder-amd64:v0.1.9

Backwards Incompatibility Notices

• containerd_pause_image has been renamed to pause_image (#535)

Deprecation notices

• The ESX builder for OVAs is deprecated and will be removed in an upcoming release. Building OVAs with VMware vSphere, Fusion, and Workstation are all still supported
• The HAProxy OVA is deprecated and will be removed in an upcoming release. Cluster API Provider vSphere (CAPV) no longer uses this image, and now uses kube-vip for control plane load-balancing.

Features 🚀

• Add a builder dedicated to building raw images (#547)
• Bump dependency versions to Packer v1.7.2, GOSS 0.3.16, GOSS provisioner 3.0.3 (#570)(#569)

Enhancements 📈

• containerd_pause_image has been renamed to pause_image (#535)
• Enabled DNS resolution of SMB shares for Windows nodes with containerd pods (#558)
• Make best attempt to update Windows Defender signatures (#553)
• Clean up and add CI for all make validate targets (#546)
• Improve Windows unattend behavior (#581)
• Add CI test for GOSS test generation (#585)
• Make consistent use of ansible.cfg file (#584)
• No longer display skipped Ansible tasks (#531)
• Add local development HTTP server script for hosting local files (#582)

Bug Fixes 🐛

• No longer install cloud-initramfs-growroot for Ubuntu qemu builder (#562)
• Fix containerd systemdCgroup settings for K8s >= v1.21.0 (#573)
• Do not export OVA manifest file during vCenter builds (#580)
• Fix HNS hang when multiple LB policies are present for Windows nodes (#566)
• Exclude Calico NICS from vmtools in OVAs (#557)
• No longer restart kubelet service during build, only set service to enabled (#583)

Documentation 📝

• Add details for using container image (#495)
• Fix Azure logo links (#564)(#594)
• GCE doc updates (#574)

v0.1.8

This patch release addresses an issue with the v0.1.7 container image not working for building AMIs

The GA container image can be found at k8s.gcr.io/scl-image-builder/cluster-node-image-builder-amd64:v0.1.8

Known Issues

The v0.1.8 container image should not be used for building Azure images, as there is a resource cleanup issue with Packer >= 1.6.2 (hashicorp/packer#10713). v0.1.7 should be used for Azure, v0.1.8 for all others.

Deprecation notices

• The ESX builder for OVAs is deprecated and will be removed in an upcoming release. Building OVAs with VMware vSphere, Fusion, and Workstation are all still supported
• The HAProxy OVA is deprecated and will be removed in an upcoming release. Cluster API Provider vSphere (CAPV) no longer uses this image, and now uses kube-vip for control plane load-balancing.

Bug Fixes 🐛

• Default Packer version bumped from v1.6.0 to v1.6.6 to support AMIs (#548)
• Address CI flakiness for Windows nodes by not trying to update Windows Defender during build (#550)
• Fix issue with OVF metadata when building Windows OVAs (#545)

Enhancements 📈

• Bump containerd in Flatcare to 1.4.4 (#543)

Features 🚀

• Add support for Azure Gen2 VMs (#422)

v0.1.7

This patch release includes new features, bug fixes, and enhancements!

The GA container image can be found at k8s.gcr.io/scl-image-builder/cluster-node-image-builder-amd64:v0.1.7

Known Issues

The v0.1.7 container image should not be used for building AMIs, as there is a Packer bug dependency error where the included version of Packer (1.6.0) does not work with the included Packer configurations. v0.1.8 addresses this issue and should be used for AMIs.

Deprecation notices

• The ESX builder for OVAs is deprecated and will be removed in an upcoming release. Building OVAs with VMware vSphere, Fusion, and Workstation are all still supported
• The HAProxy OVA is deprecated and will be removed in an upcoming release. Cluster API Provider vSphere (CAPV) no longer uses this image, and now uses kube-vip for control plane load-balancing.

Bug Fixes 🐛

• Fix hardcoding of gallery name when creating Azure image definition (#414)
• Fix Azure e2e flake with duplicate storage account name (#418)
• Fix file ownership in container image (#421)
• Fix http proxy support (#440)
• Set Kubelet config to recognize pause image as infra container (#501)
• Fix issue with Ubuntu images not booting due to growpart not working if disk was resized (#510)
• Set reverse path filter to "strict" (1) in Ubuntu 20.04 to fix Calico networking

Enhancements 📈

• OVF Metadata enhancements (#353)
• OVA Build script uses Python 3 (#367)
• Update Packer GOSS provisioner to 2.0.0 (#369)
• Azure pipeline - only run SKU stage if VHD stage succeeds (#364)
• Add ON_ERROR_ASK env var to Makefile (#376)
• Truncate log files instead of deleting (#331)
• Default to BBR TCP congestion control algorithm (#386)
• Add cloud-init feature flags file (#406)
• Make CRI socket configurable (#433)
• Use gp3 ebs volumes for AMI (#452)
• Merge OVF templates (#467)
• Make ignition capable of detecting Flatcar images (#487)
• Switch OVA ubuntu images to boot from floppy during build (#497)
• Add image-builder version metadata to Azure images (#499)
• Allow setting AMI builder instance type (#516)
• Allow variable disk size for OVAs (#498)
• Add CI job to make sure JSON files remain sorted (#527, #368)

Features 🚀

• Add Ubuntu 20.04 support for all providers (#347)
• Add auditd to Ubuntu images (#373)
• containerd updates (#383, #444, #539)
• Support building base VMDK images from ISO (#352, #394)
• Add Ubuntu 20.04 and CentOS 7 support for Digital Ocean (#380)
• Use Ansible 2.10 (#357)
• Standardize on chrony for time sync (#397)
• Add CentOS to Azure SIG CI (#424)
• Add GCP CAPI images (#419)
• Add Windows node support for Azure, vSphere, AWS (#382, #402, #442)
• Add support for Flatcar Linux on AWS and QEMU (#248)
• Support ova custom post-processor (#457)
• Add DEBUG flag for builds (#415)
• Add continual container image promotion (#450)
• Add support for custom OVF properties (#503)
• Add support for using ovftool create OVA (#509, #524)
• Support systemd cgroup driver for K8s >= 1.21.0 (#540)

v0.1.6

This patch release includes new features, bug fixes, and enhancements!

Bug Fixes 🐛

• ova: remove deprecated Packer config keys for Packer 1.6 (#255)
• Fix CNI plugins binary name for HTTP installs (#264)
• ova: Add exclude-nics filter for more reliable IP address reporting (#269)
• Fix installation of rng-tools on Photon OS (#290)
• Fix building OVAs as root by passing Ansible user explicitly (#306)
• Fix containerd/cloud-init startup race (#323)
• Explicitly ensure all cloud-init related services are enabled on boot (#324)
• Fix the failed startup of auditd and sysstat services on Amazon Linux 2 (#315)

Enhancements 📈

• Bump default CentOS 7 ISO from 7.7 to 7.8 (#262)
• Bump default Photon 3 ISO to Rev 3 (#338)
• Bump default kubernetes-CNI version to v0.8.6 (#258)
• Bump default Kubernetes version to 1.16.14 (#334)
• Refactor AMI builds to always use Makefile (#266)
• Tag AMIs with version of image-builder used (#266)
• Allow overriding location of kubeadm template (#274)
• Enable auditd in PhotonOS image (#271)
• make deps now updates goss-provisioner as required, and is run automatically with make build (#301, #318)
• Default/recommended Packer version is now 1.6 (#304)
• jq package added to all RPM-based images (#305)
• Disable HyperV daemon on Ubuntu 18.04 AMIs (#316)
• Tune TCP stack in Photon for better bandwidth in K8s clusters (#319, #340)
• Add option to disable color output from Packer (#329)
• Refactor Azure Packer configs to break out different OS's into separate files (#325)
• Allow multiple custom roles to be named (#328)
• Improve cloud-init logging by adding timestamp (#294)
• ova: default hardware version now set to 15 (#337)
• Add Packer validation targets to makefile (#336)
• Always explicitly set file mode to suppress Ansible warnings (#339)
• Remove/disable conntrackd from all node images (conntrack tools still present) (#344)
• Add Azure image building as PR CI job (#313)

Features 🚀

• Vastly expanded GOSS validation support (#286, #288, #305, #307)
• Add CentOS 7 as supported Node OS for Azure (#287)
• Add RHEL 7 as supported Node OS for OVA (#129)
• Allow customizing volume size for AMIs (#293)
• Add a container image that has all pre-reqs installed (#276)

⚠️ Breaking Changes

• If you previously used the var custom_role_name to pass the name of a custom Ansible role to include during build, this has been renamed to custom_role_names to allow for multiple roles. (#328)

v0.1.5

This patch release includes new features, bug fixes, and enhancements!

Bug Fixes 🐛

• Fix race between systemd-resolvd and kubelet in kubelet systemd unit file (#229)
• Fix ability to do QEMU build as both root and non/root (#250)
• Force Python3 interpreter for Ansible in QEMU builder (#249)

Enhancements 📈

• Update hack/image-upload.py to handle HAProxy OVA (#230)
• Update QEMU image to use 18.04.4 ISO (#234)
• Update Photon 3 image to use Update 2 Revision 2 (#251)
• Update GOSS plugin version to 1.0.0 (#237)
• Ensure that chrony is enabled and configured for Azure (#240)

Features 🚀

• Initial exploratory support for container-based builds (#202)
• Add ability to run custom Ansible role during build (#239)
• Support for air-gapped AMI builds (#218)

v0.1.4

This patch release includes new features, bug fixes, and enhancements!

Bug Fixes 🐛

• Fix installation of Azure CLI by using pip3 (#201)
• Fix installation of cloud-init in CentOS installations due to unnecessary symlink (#223)
• Fix invalid link in OVA metadata (#226)

Enhancements 📈

• Make sure AWS SSM agent is installed on CentOS and Ubuntu images (#196)
• Install rng-tools on Photon based images (#204)
• Add flag kubernetes_load_additional_images to control whether or not when using the HTTP install method for Kubernetes, whether to load all container images or just the core K8s images (#207)
• Clarify OVA make targets based on hypervisor location (e.g. local, esx, vsphere) #203
• Add ability to specify additional containerd configuration (#195) Thanks @voor !
• Pre-create Kubernetes audit log with restrictive permissions (#213)
• Bump Ubuntu ISO revision to 18.04.4 (#225)

Features 🚀

• Add support for the vsphere builder (#186) Thanks @marema31 !
• Default to containerd v1.3.4 (#208)
• Take over building CAPV HAProxy OVA from the CAPV project (#214)

v0.1.3

This patch release fixes a bug with Photon-3 based OVAs

Bug Fixes 🐛

• Set PhotonOS password expiry to never (#192)

v0.1.2

This patch release includes enhancements and a new CAPI provider

Enhancements

• The OVA builds use version 1.3.1 of the guestinfo datasource provider for cloud-init (#190)
• The containerd sandbox image is now configurable (#188)

Features

• A builder for QEMU has been introduced (#169)

v0.1.1

v0.1.1

This patch release in the v0.1.x series of image-builder contains bug-fixes and enchancements since v0.1.0.

Bug Fixes 🐛

• Fix path to sample cloud-init metadata in govc-cloudinit script (#166)
• Fix location of "Wants=" in containderd unit file (#168)
• OVF metadata is now set when using a remote ESXi host for vSphere builder (#178)

Enhancements

• Enabled IPv6 forwarding on instances (#97)
• Enhanced user documentation (#164)
• Add skuLongSummary field to the Azure create SKU template (#167)
• Default to t3 instance type in AMI builder (#170)
• Set containerd TasksMax to infinity (#172)
• Several changes to OVF metadata (#175, #180, #182)
• PhotonOS builds now upgrade all system packages after OS install (#176)
• PhotonOS images no longer have Docker installed and then disabled (#179)
• Checksum of CNI tarball can now be provided programmatically (#184)