Automated cherry pick of #15235: Add terraform rendering to GCP HTTP Health Check
#15237: gcp: Add placeholder integration test for public load by @hakman in kubernetes/kops#15239
The default networking provider for new clusters is now Cilium.
Control-plane instance groups in new clusters are now created with names starting
with "control-plane-". The names of groups for existing clusters are unchanged.
The channels CLI that kOps use to manage addons is now bundled with the kOps binary. These commands are useful for addon diagnostics and troubleshooting. For example, to list installed addons, run kops toolbox addons get addons.
Since kOps 1.24, by default during rolling updates, kOps will time out after
spending 15 minutes on an InstanceGroup (instead of hanging indefinitely on
eviction errors), proceeding to the next InstanceGroup after timing out.
As of kOps 1.26, rolling updates will not proceed if a cluster validation
error is encountered while updating an InstanceGroup.
AWS
Clusters can be created without DNS or Gossip, by using the --dns=none flag.
Bastions are now fronted by a Network Load Balancer.
Instance group images can now be dynamically fetched through an AWS SSM Parameter.
The AWS Load Balancer, when enabled, will run on worker nodes if IRSA is enabled as of Kubernetes version 1.24.
As of Kubernetes version 1.26 and with IRSA enabled, control plane nodes will now run with a max hop limit of 1 for the metadata service. This will prevent Pods without host networking from accessing the instance metadata service.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Bumps k8s.io/kops from 1.25.3 to 1.26.3.
Release notes
Sourced from k8s.io/kops's releases.
... (truncated)
Commits
3b5c99d
Release 1.26.3 (#15371)5ccbcd0
Merge pull request #15315hakman/automated-cherry-pick-of-#15314
04e5174
Upgrade k8s-dns-node-cache to 1.22.20640225e
Merge pull request #15313hakman/automated-cherry-pick-of-#15311
9b0c436
Increase max_map_count in sysctls.go43ecbdc
Merge pull request #15309hakman/automated-cherry-pick-of-#15275
4130e0a
./hack/update-expected.shd13edbd
AWS: Check if vpc_ipv6_cidr_block is an empty string (rather than null)d96a1f5
Merge pull request #15272hakman/automated-cherry-pick-of-#15270
9a8169d
Update kube-router to v1.5.3Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)