Workload cluster releases for Azure

  • This Workload Cluster release upgrades Kubernetes to 1.20.11 in order to fix CVE-2021-25741 where Symlink Exchange Can Allow Host Filesystem Access.

    Change details

    kubernetes 1.20.11

    Bug or Regression

    • Fix: skip case sensitivity when checking Azure NSG rules fix: ensure InstanceShutdownByProviderID return false for creating Azure VMs (#104448, @feiskyer) [SIG Cloud Provider]
    • Kube-proxy: delete stale conntrack UDP entries for loadbalancer ingress IP. (#104152, @aojea) [SIG Network]
    • Metrics changes: Fix exposed buckets of scheduler_volume_scheduling_duration_seconds_bucket metric (#100720, @dntosas) [SIG Apps, Instrumentation, Scheduling and Storage]
    • Pass additional flags to subpath mount to avoid flakes in certain conditions (#104348, @mauriciopoppe) [SIG Storage]
    • When using kubectl replace (or the equivalent API call) on a Service, the caller no longer needs to do a read-modify-write cycle to fetch the allocated values for .spec.clusterIP and .spec.ports[].nodePort. Instead the API server will automatically carry these forward from the original object when the new object does not specify them. (#104674, @thockin) [SIG Network]

    Other (Cleanup or Flake)

    • Kube-apiserver: sets an upper-bound on the lifetime of idle keep-alive connections and time to read the headers of incoming requests (#103958, @liggitt) [SIG API Machinery and Node]

    Dependencies

    Added

    Nothing has changed.

    Changed

    Nothing has changed.

    Removed

    Nothing has changed.

  • This Workload Cluster release upgrades Kubernetes to 1.20.11 in order to fix CVE-2021-25741 where Symlink Exchange Can Allow Host Filesystem Access.

    Change details

    kubernetes 1.20.11

    Bug or Regression

    • Fix: skip case sensitivity when checking Azure NSG rules fix: ensure InstanceShutdownByProviderID return false for creating Azure VMs (#104448, @feiskyer) [SIG Cloud Provider]
    • Kube-proxy: delete stale conntrack UDP entries for loadbalancer ingress IP. (#104152, @aojea) [SIG Network]
    • Metrics changes: Fix exposed buckets of scheduler_volume_scheduling_duration_seconds_bucket metric (#100720, @dntosas) [SIG Apps, Instrumentation, Scheduling and Storage]
    • Pass additional flags to subpath mount to avoid flakes in certain conditions (#104348, @mauriciopoppe) [SIG Storage]
    • When using kubectl replace (or the equivalent API call) on a Service, the caller no longer needs to do a read-modify-write cycle to fetch the allocated values for .spec.clusterIP and .spec.ports[].nodePort. Instead the API server will automatically carry these forward from the original object when the new object does not specify them. (#104674, @thockin) [SIG Network]

    Other (Cleanup or Flake)

    • Kube-apiserver: sets an upper-bound on the lifetime of idle keep-alive connections and time to read the headers of incoming requests (#103958, @liggitt) [SIG API Machinery and Node]

    Dependencies

    Added

    Nothing has changed.

    Changed

    Nothing has changed.

    Removed

    Nothing has changed.

  • This Workload Cluster release upgrades Kubernetes to 1.21.5 in order to fix CVE-2021-25741 where Symlink Exchange Can Allow Host Filesystem Access.

    Change details

    kubernetes 1.21.5

    Feature

    • Kubernetes is now built with Golang 1.16.8 (#104906, @cpanato) [SIG Cloud Provider, Instrumentation, Release and Testing]

    Bug or Regression

    • Fix NodeAuthenticator tests in dualstack (#104840, @ardaguclu) [SIG Auth and Testing]
    • Fix: skip case sensitivity when checking Azure NSG rules fix: ensure InstanceShutdownByProviderID return false for creating Azure VMs (#104447, @feiskyer) [SIG Cloud Provider]
    • Fixed occasional pod cgroup freeze when using cgroup v1 and systemd driver. Fixed “failed to create container … unit already exists” when using cgroup v1 and systemd driver. (#104530, @kolyshkin) [SIG CLI, Cloud Provider, Cluster Lifecycle, Instrumentation, Node, Storage and Testing]
    • Kube-proxy: delete stale conntrack UDP entries for loadbalancer ingress IP. (#104151, @aojea) [SIG Network]
    • Metrics changes: Fix exposed buckets of scheduler_volume_scheduling_duration_seconds_bucket metric (#100720, @dntosas) [SIG Apps, Instrumentation, Scheduling and Storage]
    • Pass additional flags to subpath mount to avoid flakes in certain conditions (#104347, @mauriciopoppe) [SIG Storage]
    • When using kubectl replace (or the equivalent API call) on a Service, the caller no longer needs to do a read-modify-write cycle to fetch the allocated values for .spec.clusterIP and .spec.ports[].nodePort. Instead the API server will automatically carry these forward from the original object when the new object does not specify them. (#104673, @thockin) [SIG Network]

    Other (Cleanup or Flake)

    • Kube-apiserver: sets an upper-bound on the lifetime of idle keep-alive connections and time to read the headers of incoming requests (#103958, @liggitt) [SIG API Machinery and Node]

    Dependencies

    Added

    • github.com/bits-and-blooms/bitset: v1.2.0

    Changed

    Removed

  • This is the first Giant Swarm Azure stable release featuring Kubernetes 1.21.

    In this release a few of the Azure resources related to the API server load balancer have been renamed to comply to Cluster API naming. If you have a feature that relies on the naming of Load Balancers, Health Probes, Backend Pools, or Load Balancing Rules please get in touch with your Solution Engineer.

    With this release the deprecated Azure MSI extensions has been removed from node pools' VMs because it was unused. If you rely on the MSI extension being present for your workloads please talk with your Solution Engineer.

    Change details

    azure-operator 5.9.0

    Changed

    • Use go embed in place of pkger.
    • Rename API backend pool to comply with CAPZ.
    • Rename API Load Balancing rule to comply with CAPZ.
    • Rename API health probe to comply with CAPZ.
    • Set DisableOutputSnat to true for API Load Balancer Load Balancing Rule to comply with CAPZ.
    • Bumped k8scloudconfig to support Kubernetes 1.21

    Fixed

    • Ensure Spark CR release version label is updated when upgrading a cluster.

    Removed

    • Remove MSI extension from node pools.
    • Remove VPN gateway cleanup code.

    kubernetes 1.21.4

    Updated from 1.20.8.

    Please be aware this is a major release of Kubernetes that brings deprecations and dropped APIs. Please read the official changelog before upgrading to ensure your workloads are not affected.

    Detailed changes since previous release:

    containerlinux 2905.2.3

    Updated from 2765.2.6.

    This release brings Linux Kernel version 5.10.61, Docker 19.03.15 and openssl 1.1.1l as well as a number of security fixes.

    Please refer to Flatcar’s release notes for all details.

    cert-exporter 1.8.0

    Updated from 1.7.1.

    Added

    • Add new cert_exporter_certificate_cr_not_after metric. This metric exports the status.notAfter field of cert-manager Certificate CR.

    Changed

    • Remove static certificate source label from cert_exporter_secret_not_after (static value secret) and cert_exporter_not_after (static value file) metrics.

    chart-operator 2.19.0

    Updated from 2.18.0.

    Removed

    • Remove tillermigration resource now Helm 3 migration is complete.

    Changed

    • Increase memory limit for deploying large charts in workload clusters.

    coredns 1.6.0

    Updated from 1.4.1.

    Changed

    • Make targetCPUUtilizationPercentage in HPA configurable.
    • Update coredns to upstream version 1.8.3.
    • Increase maximum replica count to 50 when using horizontal pod autoscaling.

    external-dns 2.6.0

    Updated from 2.4.0.

    Added

    • Add support for CAPZ clusters by detecting the Azure configuration file location.

    Changed

    • Upgrade upstream external-dns from v0.8.0 to v0.9.0. The new release brings a lot of smaller improvements and bug fixes.

    kube-state-metrics 1.4.0

    Updated from 1.3.1.

    Changed

    • Migrate to configuration management.
    • Update architect-orb to v4.0.0.

    metrics-server 1.5.0

    Updated from 1.3.0.

    Changed

    • Bumped API version for RoleBinding to v1 as it was using a deprecated version (removed in 1.22).

    cluster-autoscaler 1.21.0-gs1

    Updated from 1.20.3.

    Changed

    • Updated cluster-autoscaler to version 1.21.0.
    • Use new node selector node-role.kubernetes.io/master in place of deprecated one kubernetes.io/role.
    • Prepare helm values to configuration management.
    • Update architect-orb to v4.0.0.
    • Add VerticalPodAutoscaler resource to adjust limits automatically.

    app-operator 5.2.0

    Updated from 4.4.0.

    Changed

    • Reject App CRs with version labels with the legacy 1.0.0 value.
    • Validate .spec.catalog using Catalog CRs instead of AppCatalog CRs.
    • Create AppCatalogEntry CRs into the same namespace of Catalog CR.
    • Include chart.keywords, chart.description and chart.upstreamChartVersion in AppCatalogEntry CRs.
    • Create AppCatalog CRs from Catalog CRs for compatibility with existing app-operator releases.
    • Prepare helm values to configuration management.
    • Use Catalog CRs in App controller.
    • Reconcile to Catalog CRs instead of AppCatalog.
    • Get Chart CRD from the GitHub resources.
    • Get metadata constants from k8smetadata library not apiextensions.

    Fixed

    • Fix creating AppCatalog CRs in appcatalogsync resource.
    • For the chart CR watcher get the kubeconfig secret from the chart-operator app CR to avoid hardcoding it.
    • Quote namespace in helm templates to handle numeric workload cluster IDs.

    cluster-operator 0.27.2

    Updated from 0.27.1.

    Changed

    • Use app-operator-konfigure configmap for the app-operator per workload cluster.

    Fixed

    • Fixed default value for calico subnet.

    etcd 3.4.16

    Updated from 3.14.4.

  • This is a bugfix release that solves an issue preventing clusters to be successfully created on new organizations.

    There is no need to upgrade workload clusters running the 15.1.0 release to this one because there are no changes in the workload cluster components.

    Change details

    azure-operator 5.8.1

    Fixed

    • Fix namespace in secret reference of AzureClusterIdentity.
  • This is the first Giant Swarm Azure stable release featuring Kubernetes 1.20.8.

    This release introduces a new feature allowing configuration of the public IP address for the NAT gateway of worker nodes for existing and new clusters. For more details please talk to your Account Engineer or follow Giant Swarm Documentation.

    Change details

    azure-operator 5.8.0

    Added

    • Allow using an existing public IP for the NAT gateway of worker nodes.

    Fixed

    • Fix udev rules that caused /boot automount to fail.

    Changed

    • Upgrade k8scloudconfig to v10.8.1 from v10.5.0.

    kubernetes 1.20.8

    Feature

    • Kubernetes is now built using Go 1.15.13 (#102786, @thejoycekung) [SIG Cloud Provider, Instrumentation, Release and Testing]

    Failing Test

    • Fixes the should receive events on concurrent watches in same order conformance test to work properly on clusters that auto-create additional configmaps in namespaces (#101950, @liggitt) [SIG API Machinery and Testing]

    Bug or Regression

    • Added jitter factor to lease controller that better smears load on kube-apiserver over time. (#101652, @marseel) [SIG API Machinery and Scalability]
    • Avoid caching the Azure VMSS instances whose network profile is nil (#100948, @feiskyer) [SIG Cloud Provider]
    • Azure: avoid setting cached Sku when updating VMSS and VMSS instances (#102005, @feiskyer) [SIG Cloud Provider]
    • Fix a bug on the endpoint slices mirroring controller where endpoint NotReadyAddresses were mirrored as Ready to the corresponding EndpointSlice (#102683, @aojea) [SIG Apps and Network]
    • Fix a bug that a preemptor pod may exist as a phantom in the scheduler. (#102498, @Huang-Wei) [SIG Scheduling]
    • Fix errors when accessing Windows container stats for Dockershim (#98510, @jsturtevant) [SIG Node and Windows]
    • Fix removing pods from podTopologyHints mapping (#101896, @aheng-ch) [SIG Node]
    • Fix: avoid nil-pointer panic when checking the frontend IP configuration (#101739, @nilo19) [SIG Cloud Provider]
    • Fix: delete non existing disk issue (#102083, @andyzhangx) [SIG Cloud Provider]
    • Fixed false-positive uncertain volume attachments, which led to unexpected detachment of CSI migrated volumes (#101737, @Jiawei0227) [SIG Apps and Storage]
    • Fixed garbage collection of dangling VolumeAttachments for PersistentVolumes migrated to CSI on startup of kube-controller-manager. (#102176, @timebertt) [SIG Apps and Storage]
    • Improve speed of vSphere PV provisioning and reduce number of API calls (#102350, @gnufied) [SIG Cloud Provider and Storage]
    • Kubeadm: remove the “ephemeral_storage” request from the etcd static pod that kubeadm deploys on stacked etcd control plane nodes. This request has caused sporadic failures on some setups due to a problem in the kubelet with cadvisor and the LocalStorageCapacityIsolation feature gate. See this issue for more details: https://github.com/kubernetes/kubernetes/issues/99305 (#102673, @jackfrancis) [SIG Cluster Lifecycle]
    • Register/Deregister Targets in chunks for AWS TargetGroup (#101592, @M00nF1sh) [SIG Cloud Provider]
    • Respect annotation size limit for server-side apply updates to the client-side apply annotation. Also, fix opt-out of this behavior by setting the client-side apply annotation to the empty string. (#102105, @julianvmodesto) [SIG API Machinery]
    • Reverted the previous fix for portforward cleanup because it introduced a kubelet regression which can lead into segmentation faults. (#102586, @saschagrunert) [SIG API Machinery and Node]
    • ServiceOwnsFrontendIP shouldn’t report error when the public IP doesn’t match (#102516, @nilo19) [SIG Cloud Provider]

    Other (Cleanup or Flake)

    • Update the Debian images to pick up CVE fixes in the base images:
      • Update the debian-base image to v1.7.0
      • Update the debian-iptables image to v1.6.1 (#102341, @cpanato) [SIG API Machinery and Testing]_

    Changed

    • sigs.k8s.io/apiserver-network-proxy/konnectivity-client: v0.0.15 → v0.0.19

    containerlinux 2765.2.6

    Security fixes

    Bug fixes

    • Update-engine sent empty requests when restarted before a pending reboot (Flatcar#388)
    • motd login prompt list of failed services: The output of “systemctl list-units –state=failed –no-legend” contains a bullet point which is not expected and ended up being taken as the unit name of failed units which was previously on the start of the line. Filtered the bullet point out to stay compatible with the old behavior in case upstream would remove the bullet point again. (coreos-overlay#1042)

    Updates

    cert-exporter 1.7.1

    Fixed

    • Fix configuration version in Chart.yaml.

    chart-operator 2.18.0

    Added

    • Add releasemaxhistory resource which ensures we retry at a reduced rate when there are repeated failed upgrades.

    Changed

    • Upgrade Helm release when failed even if version or values have not changed to handle situations like failed webhooks where we should retry.

    external-dns 2.4.0

    Changed

    • Upgrade upstream external-dns from v0.7.6 to v0.8.0.
    • Allow to configure the minimum interval between two consecutive synchronizations triggered from kubernetes events through externalDNS.minEventSyncInterval.

    net-exporter 1.10.2

    Changed

    • Allow to customize dns service.
    • Only check pod existence on dial errors. Check pod deletion directly by IP instead of listing pods and searching.

    cluster-autoscaler 1.20.3

    • Allow users to set container resources
  • This release upgrades Kubernetes to v1.19.12.

    Change details

    azure-operator 5.5.4

    Meta release for guaranteed node rolling. No changes in functionality.

    kubernetes 1.19.12

    Feature

    • Kubernetes is now built using Go 1.15.13 (#102809, @thejoycekung) [SIG Cloud Provider, Instrumentation, Release and Testing]

    Failing Test

    • Fixes the should receive events on concurrent watches in same order conformance test to work properly on clusters that auto-create additional configmaps in namespaces (#101950, @liggitt) [SIG API Machinery and Testing]

    Bug or Regression

    • Avoid caching the Azure VMSS instances whose network profile is nil (#100948, @feiskyer) [SIG Cloud Provider]
    • Azure: avoid setting cached Sku when updating VMSS and VMSS instances (#102005, @feiskyer) [SIG Cloud Provider]
    • Fix a bug that a preemptor pod may exist as a phantom in the scheduler. (#102498, @Huang-Wei) [SIG Scheduling]
    • Fix errors when accessing Windows container stats for Dockershim (#98510, @jsturtevant) [SIG Node and Windows]
    • Fix: delete non existing disk issue (#102083, @andyzhangx) [SIG Cloud Provider]
    • Fixed false-positive uncertain volume attachments, which led to unexpected detachment of CSI migrated volumes (#101737, @Jiawei0227) [SIG Apps and Storage]
    • Fixed garbage collection of dangling VolumeAttachments for PersistentVolumes migrated to CSI on startup of kube-controller-manager. (#102176, @timebertt) [SIG Apps and Storage]
    • Fixes an issue where default RBAC policy could fail to reconcile on API server startup if an error was encountered (#101954, @voutcn) [SIG Auth]
    • Improve speed of vSphere PV provisioning and reduce number of API calls (#102351, @gnufied) [SIG Cloud Provider and Storage]
    • Register/Deregister Targets in chunks for AWS TargetGroup (#101592, @M00nF1sh) [SIG Cloud Provider]
    • Respect annotation size limit for server-side apply updates to the client-side apply annotation. Also, fix opt-out of this behavior by setting the client-side apply annotation to the empty string. (#102105, @julianvmodesto) [SIG API Machinery]
    • Reverted the previous fix for portforward cleanup because it introduced a kubelet regression which can lead into segmentation faults. (#102588, @saschagrunert) [SIG API Machinery and Node]

    Other (Cleanup or Flake)

    • Update the Debian images to pick up CVE fixes in the base images:
      • Update the debian-base image to v1.7.0
      • Update the debian-iptables image to v1.6.1 (#102342, @cpanato) [SIG API Machinery and Testing]

    Dependencies

    Added

    Nothing has changed.

    Changed

    Nothing has changed.

    Removed

    Nothing has changed.

  • This is the first Giant Swarm Azure stable release featuring Kubernetes 1.20.

    This release includes improvements to make the upgrade process even more reliable with additional focus on Spot Instances Node Pools upgrades.

    This release also uses Vnet peering in place of VPN Gateway to connect the Workload Clusters with the Management Cluster. There should be no impact in terms of connectivity from the workload point of view. Prior to upgrades please check with your Solution Engineer if your Service Principals are correctly configured.

    Change details

    app-operator 4.4.0

    Updated from version 3.2.1.

    Highlight of changes:

    Fixed

    • Updated OperatorKit to v4.3.1 for Kubernetes 1.20 support.

    Changed

    • Updated Helm to v3.5.3.

    Added

    • Enable Vertical Pod Autoscaler.

    azure-operator 5.7.0

    Updated from version 5.5.3.

    Highlight of changes:

    Changed

    • Replace VPN Gateway with VNet Peering.
    • Update OperatorKit to v4.3.1 to drop usage of self-link which is not supported in k8s 1.20 anymore.
    • Avoid creating too many worker nodes at the same time when upgrading node pools.
    • Don’t wait for new workers to be up during spot instances node pools upgrades.
    • Bumped k8scloudconfig to 10.5.0 to support kubernetes 1.20.

    Fixed

    • When deleting a node pool, also delete the VMSS role assignment.

    Removed

    • Support for single tenant BYOC credentials (warning: the operator will error at startup if any organization credentials is not multi tenant).

    cert-operator 1.0.1

    Updated from 0.1.0.

    Highlight of changes:

    Changed

    • Update Kubernetes dependencies to 1.18 versions.

    Fixed

    • Add list permission for cluster.x-k8s.io.

    Added

    • Add network policy resource.
    • Added lookup for nodepool clusters in other namespaces than default.

    Removed

    • Stop using the VersionBundle version.

    cluster-operator 0.27.1

    Updated from 0.23.22.

    Highlight of changes:

    Changed

    • Dropped ensuring cluster CRDs from controllers.
    • Adjust helm chart to be used with config-controller.
    • Migrate to Go modules.
    • Update certs package to v2.0.0.
    • Refactor to use slightly newer dependency versions.
    • Align version bundle version and project version.
    • Remove VersionBundle version from CertConfigs and add the cert-operator.giantswarm.io/version label. This change requires using cert-operator 1.0.0 or later.

    Added

    • Assign app catalog name from the component in release CR.
    • Create app CR for per cluster app-operator instance.
    • Add appfinalizer resource to remove finalizers from workload cluster app CRs.

    Fixed

    • Add AllowedLabels to clusterconfigmap resource to prevent unnecessary updates.

    kubernetes 1.20.6

    Updated from 1.19.10.

    Please refer to the official release announcement for details about the 1.20 Kubernetes version and to the official changelog for details about changes in the patch releases up to 1.20.6.

    cert-exporter 1.6.1

    Updated from 1.6.0.

    Changed

    • Set docker.io as the default registry

    chart-operator 2.14.0

    Updated from 2.12.0.

    Highlights of changes:

    Fixed

    • Updated OperatorKit to v4.3.1 for Kubernetes 1.20 support.

    Changed

    • giantswarm-critical PriorityClass only managed when E2E.
    • Cancel the release resource when the manifest object already exists.
    • Cancel the release resource when helm returns an unknown error.

    kube-state-metrics 1.3.1

    Updated from 1.3.0.

    Changed

    • Set docker.io as the default registry

    metrics-server 1.3.0

    Updated from 1.2.1.

    Added

    • Added new configuration value extraArgs.

    Changed

    • Set docker.io as the default registry

    net-exporter 1.10.1

    Updated from 1.9.2.

    Highlights of changes:

    Changed

    • Set docker.io as the default registry.
    • Update kubectl image to v1.18.8.
    • Add label selector for pods to help lower memory usage.
    • Allow to customize dns service.

    node-exporter 1.7.2

    Updated from 1.7.1.

    Changed

    • Set docker.io as the default registry

    coredns 1.4.1

    Updated from 1.2.0.

    Changed

    • Set docker.io as the default registry
    • Update coredns to upstream version 1.8.0.

    cluster-autoscaler 1.20.2

    Updated from version 1.19.10.

    Changed

    • Update cluster-autoscaler to version 1.20.0.
    • Set docker.io as the default registry
  • This is the first Giant Swarm Azure release featuring Kubernetes 1.20.

    This release includes improvements to make the upgrade process even more reliable with additional focus on Spot Instances Node Pools upgrades.

    This release also uses Vnet peering in place of VPN Gateway to connect the Workload Clusters with the Management Cluster. There should be no impact in terms of connectivity from the workload point of view. Prior to upgrades please check with your Solution Engineer if your Service Principals are correctly configured.

    Change details

    app-operator 4.4.0

    Updated from version 3.2.1.

    Highlight of changes:

    Fixed

    • Updated OperatorKit to v4.3.1 for Kubernetes 1.20 support.

    Changed

    • Updated Helm to v3.5.3.

    Added

    • Enable Vertical Pod Autoscaler.

    azure-operator 5.7.0

    Updated from version 5.5.3.

    Highlight of changes:

    Changed

    • Replace VPN Gateway with VNet Peering.
    • Update OperatorKit to v4.3.1 to drop usage of self-link which is not supported in k8s 1.20 anymore.
    • Avoid creating too many worker nodes at the same time when upgrading node pools.
    • Don’t wait for new workers to be up during spot instances node pools upgrades.
    • Bumped k8scloudconfig to 10.5.0 to support kubernetes 1.20.

    Fixed

    • When deleting a node pool, also delete the VMSS role assignment.

    Removed

    • Support for single tenant BYOC credentials (warning: the operator will error at startup if any organization credentials is not multi tenant).

    cert-operator 1.0.1

    Updated from 0.1.0.

    Highlight of changes:

    Changed

    • Update Kubernetes dependencies to 1.18 versions.

    Fixed

    • Add list permission for cluster.x-k8s.io.

    Added

    • Add network policy resource.
    • Added lookup for nodepool clusters in other namespaces than default.

    Removed

    • Stop using the VersionBundle version.

    cluster-operator 0.27.1

    Updated from 0.23.22.

    Highlight of changes:

    Changed

    • Dropped ensuring cluster CRDs from controllers.
    • Adjust helm chart to be used with config-controller.
    • Migrate to Go modules.
    • Update certs package to v2.0.0.
    • Refactor to use slightly newer dependency versions.
    • Align version bundle version and project version.
    • Remove VersionBundle version from CertConfigs and add the cert-operator.giantswarm.io/version label. This change requires using cert-operator 1.0.0 or later.

    Added

    • Assign app catalog name from the component in release CR.
    • Create app CR for per cluster app-operator instance.
    • Add appfinalizer resource to remove finalizers from workload cluster app CRs.

    Fixed

    • Add AllowedLabels to clusterconfigmap resource to prevent unnecessary updates.

    kubernetes 1.20.6

    Updated from 1.19.10.

    Please refer to the official release announcement for details about the 1.20 Kubernetes version and to the official changelog for details about changes in the patch releases up to 1.20.6.

    cert-exporter 1.6.1

    Updated from 1.6.0.

    Changed

    • Set docker.io as the default registry

    chart-operator 2.14.0

    Updated from 2.12.0.

    Highlights of changes:

    Fixed

    • Updated OperatorKit to v4.3.1 for Kubernetes 1.20 support.

    Changed

    • giantswarm-critical PriorityClass only managed when E2E.
    • Cancel the release resource when the manifest object already exists.
    • Cancel the release resource when helm returns an unknown error.

    kube-state-metrics 1.3.1

    Updated from 1.3.0.

    Changed

    • Set docker.io as the default registry

    metrics-server 1.3.0

    Updated from 1.2.1.

    Added

    • Added new configuration value extraArgs.

    Changed

    • Set docker.io as the default registry

    net-exporter 1.10.1

    Updated from 1.9.2.

    Highlights of changes:

    Changed

    • Set docker.io as the default registry.
    • Update kubectl image to v1.18.8.
    • Add label selector for pods to help lower memory usage.
    • Allow to customize dns service.

    node-exporter 1.7.2

    Updated from 1.7.1.

    Changed

    • Set docker.io as the default registry

    coredns 1.4.1

    Updated from 1.2.0.

    Changed

    • Set docker.io as the default registry
    • Update coredns to upstream version 1.8.0.

    cluster-autoscaler 1.20.2

    Updated from version 1.19.10.

    Changed

    • Update cluster-autoscaler to version 1.20.0.
    • Set docker.io as the default registry
  • This release downgrades Flatcar Container Linux in order to debug connectivity issues. Please do not upgrade to this release unless it is necessary. Reach out to your Solution Engineer to validate whether this release applies to your solution.

    Change details

    containerlinux 2605.12.0

    Reverted flatcar to previous version.