[OPERATOR] A regression is fixed that led to unnecessary and repetitive updates in the status.constraints[].last{Update,Transition}Time fields of the shoot. In larger Gardener installations, these superfluous updates could have resulted in significant excess network traffic, particularly between the gardener-apiserver and the gardenlets in the seeds. by @istvanballok#9086
[USER] Fixed an issue which prevented project admins and viewers from creating read-only kubeconfigs (via the shoots/viewerkubeconfig subresource). by @petersutter#9083
[DEPENDENCY] The signature of github.com/gardener/gardener/pkg/chartrenderer.RenderedChart#Files has changed. by @acumino#8877
[OPERATOR] The deprecated field seed.spec.secretRef has been removed from the Seed API. Please check your Seeds and remove any usage before upgrading to this Gardener version. by @acumino#8896
[OPERATOR] Migration code for Plutono and Vali is now removed. Consider manual cleanup for longterm broken Shoots as described in the PR to avoid leaking Loki's PV. by @rickardsjp#8999
[DEVELOPER] The pkg/resourcemanager/predicate.ClassFilter.Active function was replaced by IsTransferringResponsibility and IsWaitForCleanupRequired.
pkg/resourcemanager/predicate.ClassFilter.IsTransferringResponsibility should be used to check whether the .spec.class field of a ManagedResource has changed and let the controller which was previously responsible for the ManagedResource perform any additional/cleanup tasks.
pkg/resourcemanager/predicate.ClassFilter.IsWaitForCleanupRequired should be used by the controller to which the responsibility was transferred to determine whether it should wait for any tasks/cleanup activities made by the previously responsible controller. by @Kostov6#8886
📰 Noteworthy
[OPERATOR] The ContainerdRegistryHostsDir feature gate has been promoted to GA and is now locked to "enabled by default". by @ialidzhikov#8979
✨ New Features
[OPERATOR] When hibernating a cluster, Gardener now assigns an error code ERR_CLEANUP_CLUSTER_RESOURCES to shoot clusters if (user) pods are still running in namespaces other than kube-system. by @benedictweis#9060
[OPERATOR]node-agent checks health of containerd and kubelet now. This replaces the previous bash implementation of these health checks. by @majst01#8786
[OPERATOR] Gardener can now support clusters with Kubernetes version 1.29. To allow creation/update of 1.29 clusters you will have to update the version of your provider extension(s) to a version that supports 1.29 as well. Please consult the respective releases and notes in the provider extension's repository. by @acumino#8976
[OPERATOR] The components managed by gardener now use PDBs with unhealthyPodEvictionPolicy: AlwaysAllow for clusters with kubernetes version >= 1.26. (For v1.26 clusters (shoots and virtual-garden cluster), the featuregate PDBUnhealthyPodEvictionPolicy needs to be turned on in the kube-apiserver. From v1.27 this is enabled by default.) by @shafeeqes#8969
[DEVELOPER] Add local setup for dual-stack seeds. by @axel7born#8983
[DEVELOPER] Gardener can now support clusters with Kubernetes version 1.29. Extension developers have to prepare individual extensions as well to work with 1.29. by @acumino#8976
🐛 Bug Fixes
[OPERATOR] False positive PrometheusCantScrape alerts for the etcd-druid job in the shoot control plane are no longer firing, even if the --enable-backup-compaction feature of etcd-druid is not turned on. by @istvanballok#8988
[OPERATOR] Allow the dependency-watchdog-prober to patch deployments and deployments/scale resources. by @aaronfern#9036
[DEVELOPER] Local single-zone gardener development setups should now work as expected again even if the istio ingress pods are not scheduled on the control plane node. by @ScheererJ#8998
[DEVELOPER] Local gardener-operator and multi-zone gardener development setups now use externalTrafficPolicy: Local for inbound communication to mitigate cross-node network problems. by @ScheererJ#8972
🏃 Others
[OPERATOR] The following dependency has been updated:
k8s.io/helm@v2.17.0+incompatible -> helm.sh/helm/v3@v3.10.3 by @acumino#8877
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Bumps github.com/gardener/gardener from 1.86.1 to 1.87.1.
Release notes
Sourced from github.com/gardener/gardener's releases.
... (truncated)
Commits
611802a
Release v1.87.19ffd285
Fix the initialization of the shoot constraints (#9086)240df7f
Allow project admins and viewers to create read-only kubeconfigs (#9083)a0f575e
Prepare next Dev Cycle v1.87.1-dev9e714b1
Release v1.87.01256410
Don't add error code for dashboard namespace (#9070)e80ff82
[release-v1.87] Fix nil pointer panic (#9068)831084b
use artifact registry for IPv6 support (#8748)8cb5d0f
Remove migration code for Plutono and Vali (#8999)0f6b8b6
Improved error reporting usingERR_CLEANUP_CLUSTER_RESOURCES
when hibernati...Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show