[DEVELOPER] The legacy method of providing monitoring configuration via ConfigMaps labeled with extensions.gardener.cloud/configuration=monitoring has been removed. See this instead. by @rfranzke#10220
[DEVELOPER] The IPv4 addresses for the local Gardener setup was changed from 127.0.0.x to 172.18.255.x (default kind subnet) to resolve an issue on developer machines which can't use additional IP addressed from the 127.0.0.0/8 space. Please consider updating your /etc/hosts file to adjust to the the newly added addresses. Please see Deploying Gardener Locally#Accessing the Shoot Cluster for more details. by @MartinWeindel#10019
[DEVELOPER]github.com/gardener/gardener/plugin/pkg/utils.ProjectForNamespaceFromLister has been deprecated and will be removed in a future release, use github.com/gardener/gardener/pkg/utils/gardener.ProjectForNamespaceFromLister instead. by @vpnachev#10042
📰 Noteworthy
[DEVELOPER] Evaluate shoot.Spec.CloudProfile and shoot.Spec.CloudProfileName fields together to determine the applicable cloud profile in order to prepare for namespaced cloud profiles. by @LucaBernstein#10093
[DEPENDENCY] A new field class was added to resources of the extensions.gardener.cloud API group. Together with the newly introduced predicate HasClass, it serves as a mean to split responsibilities of extension controllers for extensions belonging to different type of targets, i.e. shoot (default) or garden. Handling is backwards compatible, so that extensions are still responsible for shoot extension resources without any adjustments. If you intend to already support the reconciliation of extensions belonging to the garden class (cluster), please consider adding the ExtensionClass parameter (see here for more information). by @timuthy#10254
[OPERATOR] The VPAAndHPAForAPIServer feature gate has been promoted to beta and is now turned on by default. by @ialidzhikov#10207
[OPERATOR] VPA MaxAllowed is no longer hard-coded to fixed values (4/7/8 cores and 25/28G) for kube-apiserver, etcd, and prometheus. Operators must ensure sufficiently large worker pools for control plane components. For details, see this document. by @andrerun#10208
[OPERATOR] The graduated CoreDNSQueryRewriting feature gate has been dropped. by @ScheererJ#10230
[OPERATOR] The graduated MutableShootSpecNetworkingNodes feature gate has been dropped. by @ScheererJ#10231
[USER] Use shoot.Spec.CloudProfile as the primary directive to specify the cloud profile to use. The value will by synced to the field shoot.Spec.CloudProfileName (until it is deprecated and eventually removed in the future). If no cloud profile kind is provided, it will default to CloudProfile. by @LucaBernstein#10093
✨ New Features
[OPERATOR]gardener-operator is now capable of deploying gardenlets into unmanaged seed clusters. Read more about it here. by @rfranzke#10161
[OPERATOR]gardener-operator is now capable of auto-updating the Helm chart reference (.spec.deployment.helm.ociRepository.ref) in seedmanagement.gardener.cloud/v1alpha1.Gardenlet resources. Read all about it here. by @rfranzke#10218
[OPERATOR]gardener-operator is now capable of installing ControllerRegistration and ControllerInstallation objects in the virtual cluster based on operator.gardener.cloud/v1alpha1.Extension resources. by @kon-angelo#10006
[OPERATOR] A new field Bastion was introduced to the CloudProfile. by @hebelsan#10233
🐛 Bug Fixes
[OPERATOR] Valitail is now pinned to v2.2.15 (depends on glibc 2.32) by @nickytd#10282
[OPERATOR]updatecacerts.service systemd unit on nodes with Debian OS does not fail anymore if /usr/local/share/ca-certificates directory is empty. by @ScheererJ#10242
[OPERATOR] Fixed a bug in the vpa-eviction-requirements controller causing etcds to be evicted for downscaling outside of their maintenance window. by @voelzmo#10202
🏃 Others
[DEPENDENCY] The registry.k8s.io/coredns/coredns image has been updated to v1.11.3. by @gardener-ci-robot#10224
[OPERATOR] An issue preventing kubectl rollout restart to work for Deployments, DaemonSets and StatefulSets managed by a ManagedResource is now resolved. by @Kostov6#10192
[OPERATOR] The CPU and memory resource requests of the istio-proxy container for the istio-ingressgateway deployment have been changed to 300m and 600Mi, respectively.
The HPA maxReplicas for the istio-ingressgateway deployment have been increased from 5 to 9. When deployed for multiple zones, the maxReplicas are increased from 4 to 6 per zone. by @plkokanov#10226
[OPERATOR] In case multiple network ranges are configured via infrastructure status propagation for pod, service or node network, gardenlet will check whether they comply to the requirements of Kubernetes components like kube-apiserver, kube-controller-manager, and kube-proxy. by @ScheererJ#10148
[OPERATOR] Removed the addition of the annotation: cluster-autoscaler.kubernetes.io/safe-to-evict: false for the HA etcd-main to improve node utilization. by @ishan16696#10235
[OPERATOR] The STATUS column of seeds was improved, when they are listed via kubectl. Earlier the field tend to oscillated, especially when extensions and system components are scaled frequently. by @timuthy#10237
[OPERATOR] [Secretsmanager] Drop old CA from bundle if not valid anymore. by @MartinWeindel#10158
[OPERATOR] Separate kube-state-metrics deployments for seed and garden-runtime cluster by @chrkl#10062
[USER] Displaying unhealthy nodes in the shoot Plutono dashboard was improved to show nodes with taints used for taint based eviction. Earlier, nodes with custom NoSchedule taints distorted this view, as actual healthy nodes were shown as problematic. by @timuthy#10214
[DEVELOPER] local setup: Registry caches for eu.gcr.io and ghcr.io are now removed as there are no images from these upstream registries. by @ialidzhikov#10185
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Bumps github.com/gardener/gardener from 1.97.2 to 1.101.0.
Release notes
Sourced from github.com/gardener/gardener's releases.
... (truncated)
Commits
bd0a908
Release v1.101.061460a0
[release-v1.101] Revert "Drop deprecated .spec.pools[].userData from `extensi...91ad4f9
[release-v1.101] Improve the SeedConditionFailing alert when nodes are rolled...fbcf8a6
[release-v1.101] Pin valitail version to v2.2.15 (#10282)aa54cc1
chore(deps): update golang (#10274)cdbd376
fix(deps): update module golang.org/x/tools to v0.24.0 (#10273)19f076c
fix(deps): update module golang.org/x/text to v0.17.0 (#10271)c368a87
Addclass
field toextensions.gardener.cloud
APIs (#10254)f11d8ff
Drop VPA MaxAllowed: KAPI,Etcd,Prometheus (#10208)4d852a3
fix(deps): update module github.com/gardener/etcd-druid to v0.22.4 (#10262)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show