Fleet Management
Breaking changes
- Add minimal support for templating CAPZ clusters by command line parameters. This removes
--cluster-config and --default-app-config parameters which required handcrafted YAML input. It leaves one consistent templating option for CAPI products (kubectl gs template cluster --provider ... --other-params).
Changed
- Raised resources for updater and recommender.
Changed
- App: Rename
nginx-ingress-controller-app to ingress-nginx. (#1077) - vSphere: Fix templating. (#1079)
Fixed
- Sanitize file passed as inputs data for config maps by stripping spaces from the right end of the lines.
- This makes the output to use proper multi-line strings for the embedded YAML content by working around a bug in
sig.k8s.io/yam@v1.3.0
Changed
Drop all CAPabilities in container SecurityContext for Kyverno Policy compliance- Set
AllowPrivilegeEscalation=false in container SecurityContext for Kyverno Policy compliance
Fixed
- Added
projected volume type to csi-node PSP to allow the user of IRSA.
Added
- Annotation for EBS Volumes for Logging, Docker and Containerd.
Changed
- Use non-exp apiVersion for azure machine pool types in
template nodepool.
Fixed
- Setting
spec.config.configMap in app/<cluster-name>-default-apps for CAPZ clusters.
Changed
- Add support for
--proxy and --proxy-port flags to login cmd to enable proxy-url: socks5://localhost:9000 in the cluster section of the configuration added to kubeconfig- This is only supported for
clientcert Workload Clusters
