Kubernetes-native system managing the full lifecycle of conformant Kubernetes clusters as a service on Alicloud, AWS, Azure, GCP, OpenStack, vSphere, KubeVirt, Hetzner, EquinixMetal, MetalStack, and OnMetal with minimal TCO.
[OPERATOR] A bug has been fixed which caused PersistentVolumes without .spec.nodeAffinity to become unusable in case they still had the old, deprecated topology labels. by @rfranzke [#9544]europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.89.4
europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.89.4
europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.89.4
europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.89.4
europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.89.4
europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.89.4
europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.89.4
europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.89.4
[OPERATOR] Fix bug where dependency watchdog is missing permissions to read nodes in the shoot clusters. by @vpnachev [#9503]europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.91.2
europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.91.2
europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.91.2
europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.91.2
europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.91.2
europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.91.2
europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.91.2
europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.91.2
[OPERATOR] Fix bug where dependency watchdog is missing permissions to read nodes in the shoot clusters. by @vpnachev [#9502]europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.90.6
europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.90.6
europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.90.6
europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.90.6
europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.90.6
europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.90.6
europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.90.6
europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.90.6
[OPERATOR] dependency-watchdog-prober now skips Leases in the kube-node-lease namespace in case the corresponding Node does not exist (anymore). by @rfranzke [gardener/dependency-watchdog#108]europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.91.1
europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.91.1
europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.91.1
europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.91.1
europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.91.1
europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.91.1
europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.91.1
europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.91.1
[OPERATOR] dependency-watchdog-prober now skips Leases in the kube-node-lease namespace in case the corresponding Node does not exist (anymore). by @rfranzke [gardener/dependency-watchdog#108]europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.90.5
europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.90.5
europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.90.5
europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.90.5
europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.90.5
europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.90.5
europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.90.5
europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.90.5
[OPERATOR] A bug has been fixed which prevented pods from starting on clusters of at least 1.28 if they were using old PersistentVolumes created with the deprecated failure-domain.beta.kubernetes.io/{zone,region} labels. by @rfranzke [#9415]europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.88.3
europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.88.3
europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.88.3
europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.88.3
europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.88.3
europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.88.3
europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.88.3
europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.88.3
[USER] Deprecated .spec.kubernetes.allowPrivilegedContainers field in the Shoot API is now removed. by @shafeeqes [#9274][USER] The .status.advertisedAddresses[] list in a Shoot's status now includes the Shoot's service account issuer under the name service-account-issuer. Please revisit any logic that might depend on all advertised addresses being used for communication with the kube-apiserver of a shoot cluster. by @dimityrmirchev [#9196][OPERATOR] The ShootForceDeletion feature gate has been promoted to beta and is turned on by default. by @acumino [#9325][DEVELOPER] The {garden,seed,shoot}-care controllers now incorporate ManagedResources into all relevant conditions, and it is possible to override the condition type into which a ManagedResource's status gets incorporated via the care.gardener.cloud/condition-type label. Please consult the respective documentation for more information (garden-care, seed-care, shoot-care). by @rfranzke [#9313][OPERATOR] The gardenlet now synchronizes the service account public keys of shoot clusters that have managed issuer enabled. The public keys are stored in a dedicated gardener-system-shoot-issuer namespace in the Garden cluster. by @dimityrmirchev [#9354][OPERATOR] gardener-resource-manager now considers the health and the progressing status for Certificate and Issuer resources (see cert-management) managed via ManagedResources. by @timuthy [#9326][OPERATOR] The Shoot maintenance controller now removes unsupported feature gates and admission plugins from the Shoot during force upgrades. by @shafeeqes [#9365][OPERATOR] gardener-operator now deploys two Alertmanager replicas into the garden namespace. They don't come with any configuration by default. It is in the responsibility of the human operators to create monitoring.coreos.com/v1alpha1.AlertmanagerConfig resources with the proper configuration suitable for their needs. Read more about it here. by @rfranzke [#9301][OPERATOR] The ControlPlaneHealthy condition in Shoots now reports an issue when {kube,machine}-controller-manager or cluster-autoscaler are scaled down to 0 replicas. The EveryNodeReady condition in Shoots now reports an issue when at least 20% of the Leases related to nodes in the kube-node-lease namespace are expired. by @rfranzke [#9376][DEVELOPER] Function NewClientFromBytes in package pkg/client/kubernetes/client.go was fixed to consider AllowedUserFields. Earlier, it failed when creating a Kubernetes client with a special but allowed fields in the Kubeconfig (e.g. auth-provider). by @timuthy [#9333][OPERATOR] Update CoreDNS to v1.11.1. by @DockToFuture [#8945][OPERATOR] The gardener operator documentation now closes resembles the reality of the coding. by @ScheererJ [#9342][OPERATOR] The istio ingress gateway orphan namespace detection no longer interferes with the istio ingress gateway zone migration in case the target zone names are unknown and there is no active usage. by @ScheererJ [#9460][OPERATOR] The ingress domain of kube-apiserver should work again for single-zonal shoot control planes. by @ScheererJ [#9393][OPERATOR] There is a new plutono dashboard named Container Images that currently contains 2 panels for image pull durations. by @ialidzhikov [#9422][OPERATOR] Port 8132 of istio ingress gateway will respond to all ordinary http requests with a redirect (301) to the https port by @ScheererJ [#9332][OPERATOR] The operating system config reconciler of the gardener-node-agent now creates directories with 0755 permissions when it creates files listed in the corresponding OperatingSystemConfig on the node. Previously these directories were created with no permissions. by @plkokanov [#9443][OPERATOR] Seed clusters with a wildcard certificate no longer use Ingress resources to expose kube-apiserver. Instead, Istio resources are directly used now. by @ScheererJ [#9300][OPERATOR] Shoot clusters should stay accessible after istio ingress gateway migration via annotation alpha.istio-ingress.gardener.cloud/migrate-to was triggered. by @ScheererJ [#9423][OPERATOR] Operators can create duplicate istio ingress gateways for migration if the zone names should be changed in the seed specification by @ScheererJ [#9304][DEVELOPER] Now the observability applications which are also targets of the authentication & authorization proxies share common label. by @nickytd [#9385][DEVELOPER] Local dev setup can now deploy a cluster with volume resize support. by @dnaeon [#9363]europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.91.0
europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.91.0
europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.91.0
europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.91.0
europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.91.0
europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.91.0
europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.91.0
europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.91.0
[OPERATOR] A bug has been fixed which prevented pods from starting on clusters of at least 1.28 if they were using old PersistentVolumes created with the deprecated failure-domain.beta.kubernetes.io/{zone,region} labels. by @rfranzke [#9414][OPERATOR] A configuration issue of the prometheus-operator managed alertmanager instances is fixed. by @istvanballok [#9419]europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.89.3
europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.89.3
europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.89.3
europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.89.3
europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.89.3
europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.89.3
europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.89.3
europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.89.3
[OPERATOR] A configuration issue of the prometheus-operator managed alertmanager instances is fixed. by @istvanballok [#9420][OPERATOR] A bug has been fixed which prevented pods from starting on clusters of at least 1.28 if they were using old PersistentVolumes created with the deprecated failure-domain.beta.kubernetes.io/{zone,region} labels. by @rfranzke [#9413]europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.90.4
europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.90.4
europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.90.4
europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.90.4
europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.90.4
europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.90.4
europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.90.4
europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.90.4
The release-notes for component github.com/gardener/gardener in version v1.90.3 exceeded the maximum length of 25000 characters allowed by GitHub for release-bodies. They have been uploaded as release-asset and can be found at https://github.com/gardener/gardener/releases/download/v1.90.3/release_notes.md.