🤖 Update module github.com/gardener/gardener to v1.106.1 #55
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![renovate[bot]](https://avatars.githubusercontent.com/in/2740?s=60&v=4){kind=small}
renovate
bot
force-pushed
the
renovate/k8s-gardener-go
branch
from
a0581a8
to
f1f612a
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/k8s-gardener-go
branch
from
f1f612a
to
83415a4
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/k8s-gardener-go
branch
from
83415a4
to
adfb272
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/k8s-gardener-go
branch
from
adfb272
to
48252a1
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/k8s-gardener-go
branch
from
48252a1
to
ef1d7e9
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/k8s-gardener-go
branch
from
ef1d7e9
to
a8cede6
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/k8s-gardener-go
branch
3 times, most recently
from
30e1403
to
2088ad1
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/k8s-gardener-go
branch
from
2088ad1
to
8db1c14
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/k8s-gardener-go
branch
from
8db1c14
to
25a48dd
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/k8s-gardener-go
branch
from
25a48dd
to
b669ba7
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/k8s-gardener-go
branch
from
b669ba7
to
732fb3c
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/k8s-gardener-go
branch
from
732fb3c
to
63f627f
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/k8s-gardener-go
branch
from
63f627f
to
578197b
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/k8s-gardener-go
branch
from
578197b
to
a272578
Compare
renovate
bot
force-pushed
the
renovate/k8s-gardener-go
branch
from
baf0f13
to
e38f50f
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/k8s-gardener-go
branch
from
e38f50f
to
5a3e248
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/k8s-gardener-go
branch
from
5a3e248
to
d7a3786
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/k8s-gardener-go
branch
from
d7a3786
to
6034bfc
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/k8s-gardener-go
branch
from
6034bfc
to
0135302
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/k8s-gardener-go
branch
from
0135302
to
50befc8
Compare
renovate
bot
changed the title
|
should wait for gardener/gardener#10459 and then merge with v2.4.0 |
renovate
bot
force-pushed
the
renovate/k8s-gardener-go
branch
4 times, most recently
from
66423d2
to
18e8974
Compare
renovate
bot
force-pushed
the
renovate/k8s-gardener-go
branch
2 times, most recently
from
3ae8659
to
b276354
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/k8s-gardener-go
branch
from
b276354
to
775477a
Compare
renovate
bot
changed the title
|
renovate
bot
force-pushed
the
renovate/k8s-gardener-go
branch
from
775477a
to
f1ea649
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/k8s-gardener-go
branch
from
f1ea649
to
eb5e88d
Compare
Renovate Ignore NotificationBecause you closed this PR without merging, Renovate will ignore this update ( If you accidentally closed this PR, or if you changed your mind: rename this PR to get a fresh replacement PR. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
v1.101.3->v1.106.1Release Notes
gardener/gardener (github.com/gardener/gardener)
v1.106.1Compare Source
[gardener/gardener]
🐛 Bug Fixes
[OPERATOR]Thegardener-resource-managerdoes not markDeployments as progressing when there are still completedPods in the system. by @timuthy [#10727]🏃 Others
[OPERATOR]IPv6 support fornode-local-dns. by @DockToFuture [#10707][OPERATOR]Fixed an issue that would cause the entry for themachine-statein theShootStateto be overwritten with nil data during control plane migration, if themigratephase errored and was retried after theMachineDeployment,MachineSetandMachineobjects were deleted, which would result in the Shoot's nodes to be recreated during Control Plane Migration. by @plkokanov [#10695]Helm Charts
europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.106.1europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.106.1europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.106.1europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.106.1Docker Images
europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.106.1europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.106.1europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.106.1europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.106.1europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.106.1europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.106.1europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.106.1europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.106.1v1.106.0Compare Source
[gardener/gardener]
[OPERATOR]kubeletCSRApprovercontroller ingardener-resource-managerHelm chart has been renamed tocsrApprover. by @oliver-goetz [#10549][OPERATOR]TheHVPAandHVPAForShootedSeedfeature gates have been deprecated and locked to false. Disable theHVPAandHVPAForShootedSeedfeature gates if you have them enabled before upgrading to this version of Gardener. by @plkokanov [#10659]📰 Noteworthy
[USER]For Kubernetes 1.31+ Shoot clusters, the kubelet and containerd cgroup driver is set tosystemd. Previously, the used cgroup driver wascgroupfs. Find more details in the cgroup driver section. by @ialidzhikov [#10472][OPERATOR]The gardener operator chart (charts/gardener/operator) does no longer enable theHVPAfeature gate in its defaultvalues.yaml. by @ialidzhikov [#10566]✨ New Features
[DEVELOPER]Allow gosec to be consumed from gardener/gardener by @ScheererJ [#10642][DEVELOPER]Gardener can now support clusters with Kubernetes version 1.31. Extension developers have to prepare individual extensions as well to work with 1.31. by @ialidzhikov [#10472][OPERATOR]AddsCloudProfilevalidation for the recently introduced.spec.bastionsection. by @hebelsan [#10318][OPERATOR]Gardener can now support clusters with Kubernetes version 1.31. To allow creation/update of 1.31 clusters you will have to update the version of your provider extension(s) to a version that supports 1.31 as well. Please consult the respective releases and notes in the provider extension's repository. by @ialidzhikov [#10472][OPERATOR]Added an alert for theGardenresource's conditions, along with a dashboard that also displays the resource's last operation. by @rickardsjp [#10562]🐛 Bug Fixes
[OPERATOR]Fixes an issue with the network metrics relabeling config that caused theNode Detailsdashboard to not display data for AWS nodes. by @rickardsjp [#10625]🏃 Others
[DEPENDENCY]Theregistry.k8s.io/ingress-nginx/controller-chrootimage has been updated tov1.11.3. by @gardener-ci-robot [#10626][DEPENDENCY]Thegardener/vpn2image has been updated to0.28.0. Release Notes by @gardener-ci-robot [#10640][DEPENDENCY]Thequay.io/cortexproject/corteximage has been updated tov1.18.1. by @gardener-ci-robot [#10657][DEPENDENCY]Theregistry.k8s.io/node-problem-detector/node-problem-detectorimage has been updated tov0.8.20. by @gardener-ci-robot [#10661][DEPENDENCY]Theenvoyproxy/envoyimage has been updated tov1.32.0. Release Notes by @gardener-ci-robot [#10656][OPERATOR]HA-VPN works if seed and shoot have different IPFamilies. by @DockToFuture [#10622][OPERATOR]Update istio to version 1.23.2 by @axel7born [#10558][OPERATOR][NewVPN] Enable IPv6 for HA if needed. by @MartinWeindel [#10641][OPERATOR]Gardener generated certificates are valid 1 minute before issuance to handle some amount of clock skew. by @ScheererJ [#10603][OPERATOR]Metrics forvpa-recommenders are now collected in separate prometheus instances depending on where thevpa-recommenderpods are deployed. Metrics for thevpa-recommenderin thegardennamespace are collected inprometheus-seed. Metrics for thevpa-recommenderin the shoot control plane namespaces are collected in the correspondingprometheus-shoot. Additionally, theVPA Recommenderplutono dashboard is separately deployed for seeds in thegardennamespace and shoots in their control plane namespaces. by @plkokanov [#10517][OPERATOR]Clean up migration code from the monitoring component by @vicwicker [#10597][DEVELOPER]The following dependencies are updated:k8s.io/*:v0.29.8->v0.31.0sigs.k8s.io/controller-runtime:v0.17.5->v0.19.0by @ary1992 [#10459][DEVELOPER]The HVPA features gates (HVPAandHVPAForShootedSeed) are no longer enabled in local setups. by @ialidzhikov [#10566]Helm Charts
europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.106.0europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.106.0europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.106.0europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.106.0Docker Images
europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.106.0europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.106.0europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.106.0europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.106.0europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.106.0europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.106.0europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.106.0europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.106.0v1.105.2Compare Source
[gardener/gardener]
🐛 Bug Fixes
[OPERATOR]Thegardener-resource-managerdoes not markDeployments as progressing when there are still completedPods in the system. by @timuthy [#10728]🏃 Others
[OPERATOR]Fixed an issue that would cause the entry for themachine-statein theShootStateto be overwritten with nil data during control plane migration, if themigratephase errored and was retried after theMachineDeployment,MachineSetandMachineobjects were deleted, which would result in the Shoot's nodes to be recreated during Control Plane Migration. by @plkokanov [#10696][OPERATOR]IPv6 support fornode-local-dns. by @DockToFuture [#10708]Helm Charts
europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.105.2europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.105.2europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.105.2europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.105.2Docker Images
europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.105.2europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.105.2europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.105.2europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.105.2europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.105.2europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.105.2europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.105.2europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.105.2v1.105.1Compare Source
[gardener/gardener]
🐛 Bug Fixes
[OPERATOR]An issue was fixed that causegardener-operatorto deploy thegardenletinto the runtime cluster instead of another intended remote cluster. by @timuthy [#10631][OPERATOR]Fix a bug where the shoot care controller cannot reconcile shoots withspec.maintenance.confineSpecUpdateRollout=trueand migrated betweensecretBindingNameandcredentialsBindingNameuntil the shoot is reconciled.. by @vpnachev [#10674]Helm Charts
europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.105.1europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.105.1europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.105.1europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.105.1Docker Images
europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.105.1europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.105.1europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.105.1europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.105.1europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.105.1europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.105.1europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.105.1europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.105.1v1.105.0Compare Source
[gardener/gardener]
📰 Noteworthy
[OPERATOR]TheVPAForETCDandVPAAndHPAForAPIServerfeature gates have been promoted to GA and locked totrue. by @plkokanov [#10599][USER]The limitation of having at maximum ~80 worker pools inShoots has been lifted. Much higher numbers should be possible now (concrete limit depends on the amount of configuration within the pools (e.g., labels, taints, annotations, etc.)). by @rfranzke [#10542]✨ New Features
[DEVELOPER]Add functionality for the determination of bastion VM parameters used by the extensions by @hebelsan [#10537][OPERATOR]gardener-operatoris now capable of deploying extension controllers to the garden runtime cluster viaoperator.gardener.cloud/v1alpha1.Extensionresources. Please visit this document for more information. by @timuthy [#10518][OPERATOR]gardenletnow performs garbage collection of stalePods in all namespaces (exceptkube-system) in the seed cluster. by @rfranzke [#10548]🐛 Bug Fixes
[OPERATOR]When checking whether aDeploymentrollout is complete, stalePods are now ignored and no longer counted. by @rfranzke [#10548]🏃 Others
[DEPENDENCY]Thequay.io/prometheus-operator/prometheus-config-reloaderimage has been updated tov0.77.0. by @gardener-ci-robot [#10547][DEPENDENCY]Thegardener/ingress-default-backendimage has been updated to0.20.0. Release Notes by @gardener-ci-robot [#10560][DEPENDENCY]Thegardener/etcd-druidimage has been updated tov0.22.7. Release Notes by @gardener-ci-robot [#10570][DEPENDENCY]Thegardener/etcd-druidimage has been updated tov0.22.6. Release Notes by @gardener-ci-robot [#10556][DEPENDENCY]Thegardener/gardener-discovery-serverimage has been updated tov0.2.0. Release Notes by @gardener-ci-robot [#10546][DEPENDENCY]Thequay.io/prometheus-operator/prometheus-config-reloaderimage has been updated tov0.77.1. by @gardener-ci-robot [#10573][DEPENDENCY]Thequay.io/kiwigrid/k8s-sidecarimage has been updated to1.28.0. by @gardener-ci-robot [#10591][DEPENDENCY]Theenvoyproxy/envoyimage has been updated tov1.31.2. Release Notes by @gardener-ci-robot [#10553][DEPENDENCY]Thegcr.io/istio-release/pilotimage has been updated to1.21.6. by @gardener-ci-robot [#10564][DEVELOPER]provider-extensions setup: Seed VPA is disabled by default to avoid two VPA deployments to act on the same cluster causing endless eviction loops. by @ialidzhikov [#10593][DEVELOPER]Correctly extract and install the go binaries in the remote local setup by @vicwicker [#10605][OPERATOR]Allow overlapping network ranges in case of single stack IPv6. by @axel7born [#10584][OPERATOR]Allow empty pod and service ranges in shoot spec for IPv6 single stack. by @axel7born [#10541][OPERATOR]TheTopologySpreadConstraintcalculation was improved for workload spread across multiple zones. This especially leads to a more balanced distribution ofkube-apiserverandistioreplicas in seed clusters. by @timuthy [#10608][OPERATOR]VPA resource settings are now adapted - memory limits are removed and initial resource requests are lowered. by @voelzmo [#10568]Helm Charts
europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.105.0europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.105.0europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.105.0europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.105.0Docker Images
europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.105.0europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.105.0europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.105.0europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.105.0europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.105.0europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.105.0europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.105.0europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.105.0v1.104.3Compare Source
[gardener/gardener]
🏃 Others
[OPERATOR]IPv6 support fornode-local-dns. by @DockToFuture [#10709]Helm Charts
europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.104.3europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.104.3europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.104.3europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.104.3Docker Images
europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.104.3europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.104.3europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.104.3europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.104.3europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.104.3europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.104.3europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.104.3europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.104.3v1.104.2Compare Source
[gardener/gardener]
🐛 Bug Fixes
[OPERATOR]Fix a bug where the shoot care controller cannot reconcile shoots withspec.maintenance.confineSpecUpdateRollout=trueand migrated betweensecretBindingNameandcredentialsBindingNameuntil the shoot is reconciled.. by @vpnachev [#10675][OPERATOR]An issue was fixed that causegardener-operatorto deploy thegardenletinto the runtime cluster instead of another intended remote cluster. by @timuthy [#10628]Helm Charts
europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.104.2europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.104.2europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.104.2europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.104.2Docker Images
europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.104.2europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.104.2europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.104.2europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.104.2europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.104.2europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.104.2europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.104.2europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.104.2v1.104.1Compare Source
[gardener/gardener]
🐛 Bug Fixes
[OPERATOR]Fix a regression that causedgardenletto not be able to migrate deprecatedfailure-domain.beta.kubernetes.iolabels totopology.kubernetes.iodue to a removed RBAC rule required to patchPersistentVolumes. by @plkokanov [#10578]🏃 Others
[OPERATOR]Thegardener/etcd-druidimage has been updated tov0.22.7. Release Notes by @ishan16696 [#10592]Helm Charts
europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.104.1europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.104.1europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.104.1europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.104.1Docker Images
europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.104.1europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.104.1europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.104.1europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.104.1europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.104.1europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.104.1europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.104.1europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.104.1v1.104.0Compare Source
[gardener/gardener]
[USER]A bug has been fixed which was allowing users to setShootoidc configurations for thekube-apiserverwithout setting theclientIDandissuerURLfields inspec.kubernetes.kubeAPIServer.oidcConfig, which would lead to thekube-apiserverstuck in aErrorstate. gardener-apiserver now requires bothclientIDandissuerURLfields to be set when thespec.kubernetes.kubeAPIServer.oidcConfigfield is specified. by @AleksandarSavchev [#10461][OPERATOR]credentialsBinding.credentialsRefis now an immutable field. by @dimityrmirchev [#10365]📰 Noteworthy
[USER]Users are allowed to changeshoot.spec.credentialsBindingNameand reference anotherCredentialsBindingonly if they have the permissions to read both the old and newly referenced credential. by @dimityrmirchev [#10365][USER]Users can migrate fromshoot.spec.secretBindingNametoshoot.spec.credentialsBindingNameonly if the referenced credential remains the same and is not changed during the process. by @dimityrmirchev [#10365][OPERATOR]Allow project users to readNamespacedCloudProfiles and for project admins to make adjustments to machine types and volume types. by @LucaBernstein [#10485][OPERATOR]Alerts based on theproposals_failed_totalmetric of the etcd cluster are not raised anymore. by @renormalize [#10524][DEVELOPER]A new predicateextensions/pkg/predicate.GardenSecurityProviderTypecan be used to select resources from thesecurity.gardener.cloudgroup that are related to the passed provider type. by @dimityrmirchev [#10499]✨ New Features
[OPERATOR]Thegardener-operatormetrics are now automatically scraped by thegardenPrometheus. by @maboehm [#10464][OPERATOR]Introduce custom RBAC verbs to allow for modification of.spec.{kubernetes,machineImages}inNamespacedCloudProfiles. by @LucaBernstein [#10485][OPERATOR]The feature gateNewVPNis introduced for thegardenletcomponent. If enabled, the new VPN implementation (Golang rewrite) is used for allShoots of the respectiveSeed. In this case, the old implementation can be disabled for a singleShootby annotating the shoot resource withalpha.control-plane.shoot.gardener.cloud/disable-new-vpn=true. ForSeeds with disabled feature gate, the new implementation can be enabled for a single shoot by annotating it withalpha.control-plane.shoot.gardener.cloud/disable-new-vpn=false. by @MartinWeindel [#9774]🐛 Bug Fixes
[USER]Fixed disk read/write panel in the shoot's etcd dashboards by @rickardsjp [#10493][DEVELOPER]An issue was fixed that rejected the creation of workerless shoots in the local setup. by @timuthy [#10498]🏃 Others
[DEPENDENCY]Thegardener/hvpa-controllerimage has been updated tov0.17.0. Release Notes by @gardener-ci-robot [#10508][DEPENDENCY]Thequay.io/prometheus-operator/prometheus-config-reloaderimage has been updated tov0.76.2. by @gardener-ci-robot [#10500][DEPENDENCY]Thegardener/machine-controller-managerimage has been updated tov0.54.0. Release Notes by @gardener-ci-robot [#10528][DEPENDENCY]Thegardener/alpine-conntrackimage has been updated to3.20.3. Release Notes by @gardener-ci-robot [#10487][DEPENDENCY]Theenvoyproxy/envoyimage has been updated tov1.31.1. Release Notes by @gardener-ci-robot [#10531][OPERATOR]Federate apiserver_total_request metric to the Prometheus longterm instance by @jguipi [#10457][OPERATOR]Allow emptynetworking.nodesin case of IPv6 only shoots. by @axel7born [#10533][OPERATOR]Improved node utilisation by reducing requests for etcd-druid managed pods. by @unmarshall [#10540][DEVELOPER]Install go in the remote local setup from the go download site instead of using the apk package manager. by @vicwicker [#10502]Helm Charts
europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.104.0europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.104.0europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.104.0europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.104.0Docker Images
europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.104.0europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.104.0europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.104.0europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.104.0europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.104.0europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.104.0europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.104.0europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.104.0v1.103.2Compare Source
[gardener/gardener]
🐛 Bug Fixes
[OPERATOR]An issue was fixed that causegardener-operatorto deploy thegardenletinto the runtime cluster instead of another intended remote cluster. by @timuthy [#10624][OPERATOR]Fix a bug where the shoot care controller cannot reconcile shoots withspec.maintenance.confineSpecUpdateRollout=trueand migrated betweensecretBindingNameandcredentialsBindingNameuntil the shoot is reconciled.. by @vpnachev [#10676]Helm Charts
europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.103.2europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.103.2europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.103.2europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.103.2Docker Images
europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.103.2europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.103.2europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.103.2europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.103.2europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.103.2europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.103.2europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.103.2europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.103.2v1.103.1Compare Source
[gardener/gardener]
🐛 Bug Fixes
[DEVELOPER]An issue was fixed that rejected the creation of workerless shoots in the local setup. by @timuthy [#10503][OPERATOR]Fix a regression that causedgardenletto not be able to migrate deprecatedfailure-domain.beta.kubernetes.iolabels totopology.kubernetes.iodue to a removed RBAC rule required to patchPersistentVolumes. by @plkokanov [#10581]Helm Charts
europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.103.1europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.103.1europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.103.1europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.103.1Docker Images
europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.103.1europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.103.1europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.103.1europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.103.1europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.103.1europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.103.1europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.103.1europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.103.1v1.103.0Compare Source
[gardener/gardener]
[OPERATOR]Component config change forgardener-operator:extensionVirtualClusterConfigwas renamed toextension. by @MartinWeindel [#10277]📰 Noteworthy
[DEVELOPER]Enable apiserver feature gateUseNamespacedCloudProfilein local setup by default. Though, feature gate should not be enabled in production environments yet, until access control is implemented. by @LucaBernstein [#10266][OPERATOR]kube-proxynow has a readiness probe so that a node will only become ready for workloads afterkube-proxywas ready at least once. by @ScheererJ [#10407][OPERATOR]Host spread for shoots with failure tolerancenode(.spec.controlPlane.highAvailability.failureTolerance.type) is now accomplished viaminDomains. Earlier, this happened at a best effort basis only. If a seed was having less than 3 nodes at the time the control-plane pods were scheduled, the desired pod distribution was not possible. by @timuthy [#10400]✨ New Features
[OPERATOR]Introduced metrics exposing the Garden resource's condition and last operation. by @rickardsjp [#10393][OPERATOR]AddNamespacedCloudProfilecontroller to enable usage ofNamespacedCloudProfileinShootspec. by @LucaBernstein [#10266][OPERATOR]gardener-operatoris now capable of deploying admission controllers for the virtual-garden viaoperator.gardener.cloud/v1alpha1.Extensionresources. by @MartinWeindel [#10277][DEVELOPER]Extensionprovider-localhas a dummy admission controller now. by @MartinWeindel [#10277]🐛 Bug Fixes
[DEVELOPER]A bug was fixed that led toenv-testsetup errors whenmake test-integrationwas executed locally. by @timuthy [#10456]🏃 Others
[DEPENDENCY]Thequay.io/prometheus/prometheusimage has been updated tov2.54.1. by @gardener-ci-robot [#10395][DEPENDENCY]Thefluent-operatorimage has been updated tov3.10. Release NotesThe
fluent-bitimage has been updated tov3.1.5. Release NotesThe
gardener/loggingimage has been updated tov0.61.0. Release Notes by @nickytd [#10429][DEPENDENCY]Thegardener/dashboardimage has been updated to1.77.0. Release Notes by @gardener-ci-robot [#10463][DEPENDENCY]Theregistry.k8s.io/metrics-server/metrics-serverimage has been updated tov0.7.2. by @gardener-ci-robot [#10408][DEPENDENCY]Thegardener/dashboardimage has been updated to1.76.2. Release Notes by @gardener-ci-robot [#10446][DEPENDENCY]Thequay.io/brancz/kube-rbac-proxyimage has been updated tov0.18.1. by @gardener-ci-robot [#10427][DEPENDENCY]Thequay.io/prometheus-operator/prometheus-config-reloaderimage has been updated tov0.76.1. by @gardener-ci-robot [#10448][DEPENDENCY]Thequay.io/cortexproject/corteximage has been updated tov1.18.0. by @gardener-ci-robot [#10458][DEPENDENCY]Thegardener/hvpa-controllerimage has been updated tov0.16.0. Release Notes by @gardener-ci-robot [#10397][DEPENDENCY]Thequay.io/kiwigrid/k8s-sidecarimage has been updated to1.27.6. by @gardener-ci-robot [#10424][DEVELOPER]The guestbook container image used in the test machinery tests is now updated from an image in GCR to an image in Artifact Registry. by @ialidzhikov [#10409][DEVELOPER]Introducegolang-testimage for Go 1.23 and remove its Go 1.21 version. by @oliver-goetz [#10388][OPERATOR]A stale VPA related to the old alertmanager deployment was not cleaned up by gardenlet. Now, gardenlet on startup cleans up the these stale alertmanager VPAs. by @ialidzhikov [#10462]Helm Charts
europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.103.0europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.103.0europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.103.0europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.103.0Docker Images
europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.103.0europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.103.0europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.103.0europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.103.0europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.103.0europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.103.0europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.103.0europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.103.0v1.102.2Compare Source
[gardener/gardener]
🐛 Bug Fixes
[OPERATOR]Fix a regression that causedgardenletto not be able to migrate deprecatedfailure-domain.beta.kubernetes.iolabels totopology.kubernetes.iodue to a removed RBAC rule required to patchPersistentVolumes. by @plkokanov [#10582]🏃 Others
[DEPENDENCY]Thegardener/dashboardimage has been updated to1.76.2. Release Notes by @gardener-ci-robot [#10453]Helm Charts
europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.102.2europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.102.2europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.102.2europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.102.2Docker Images
europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.102.2europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.102.2europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.102.2europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.102.2europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.102.2europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.102.2europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.102.2europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.102.2v1.102.1Compare Source
[gardener/gardener]
🐛 Bug Fixes
[OPERATOR]A bug has been fixed that prevented the deployment ofgardenlets viagardener-operatorand theGardenletresource when.spec.kubeconfigSecretRefwas used. by @rfranzke [#10411]🏃 Others
[DEPENDENCY]Thegardener/etcd-druidimage has been updated tov0.22.5. Release Notes by @gardener-ci-robot [#10443][OPERATOR]gardener-controller-manager: A corner case issue in the maintenance controller that prevented forceful minor K8s version update from K8s 1.29 to K8s 1.30 is now resolved. by @ialidzhikov [#10438][OPERATOR]Kernel settingnet.netfilter.nf_conntrack_maxis only set on nodes bysysctl.difkube-proxyis disabled. by @ScheererJ [#10434]Helm Charts
europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.102.1europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.102.1europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.102.1europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.102.1Docker Images
europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.102.1europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.102.1europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.102.1europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.102.1europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.102.1europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.102.1europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.102.1europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.102.1v1.102.0Compare Source
[gardener/gardener]
[OPERATOR]When theNewWorkerPoolHashfeature gate is enabled, the calculation now also rolls worker nodes ofShoots when changingsystemReservedin thekubeletconfiguration. Worker pools are not rolled if the sum ofkubeReservedandsystemReserveddoes not change. If the feature gate is already enabled, then the worker pools ofShoots with non-zero values insystemReservedwill be rolled once. by @MichaelEischer [#10290]📰 Noteworthy
[USER]Thespec.clientfield in the{Cluster}OpenIDConnectPresetAPIs is deprecated and will be removed after support for Kubernetes 1.30 is dropped. by @AleksandarSavchev [#10253][USER]Thespec.kubernetes.kubeAPIServer.oidcConfig.clientAuthenticationfield in theShootAPI is deprecated and will be removed after support for Kubernetes 1.30 is dropped. by @AleksandarSavchev [#10253][USER]The Shoot specification field.spec.kubernetes.kubeAPIServer.oidcConfig.signingAlgsfor Kubernetes versions>= v1.30is not supported anymore. by @AleksandarSavchev [#10244][OPERATOR]The.spec.deployment.vpafield in theseedmanagement.gardener.cloud/v1alpha1.{Gardenlet,ManagedSeed}APIs is deprecated and has no effect anymore. It will be removed in a future version. Now,gardenletdeploys its own VPA as part of theSeedreconciliation (after it ensured the VPA CRD exists). by @rfranzke [#10299]✨ New Features
[USER]Structured authentication configuration can now be set by creating aConfigMapin the project namespace with theAuthenticationConfigurationfile set in theconfig.yamldata key and referencing theConfigMapin the newShootspecification field.spec.kubernetes.kubeAPIServer.structuredAuthentication.configMapNamefor Kubernetes versions>= v1.30. Only one authenticator can be set via the authentication configuration untilk8s.io/*Golang dependencies are upgraded to version>= v0.30. by [@AleksandarSavchev](htConfiguration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.