Overview

In case you couldn’t participate and are interested in catching up, you can find the contents of the review meetings we have had in 2022 here.

Note that all review meetings in 2022 were SAP-internal meetings back then. Despite those, we also had a few Community Meetings in the open.

Reviews

2022/12/07 - v1.61 Release

Demo Agenda πŸ“‹

Presenter(s)DurationTopicReference(s)
@grolu10mπŸ•Ή Recent Gardener Dashboard Featuresdashboard (repo)
@shreyas-s-rao5mπŸ“Š Grafana Dashboard For Multi-Node ETCD#7023
@DockToFuture10mπŸ•ΈοΈ Removal Of Overlay Networksbacklog#29 (issue)
@kon-angelo5m🏷️ Annotate OpenStack VMs With Pool Labelsprovider-openstack#511
@rfranzke10mπŸ§‘πŸΌβ€πŸŒΎ Introduction Of Gardener Operator#7009, #7048

No Demo, But Still Worth Celebrating πŸŽ‰

  • πŸͺ“ [USER] Gardener does no longer support shoot clusters with Kubernetes versions < 1.20. […] #6987
  • ✨ [USER] The kube-apiserver is now verifying the server certificates presented by kubelets. #7047
  • πŸͺ“ [OPERATOR] The already deprecated SeedKubeScheduler feature gate is now removed. […] Instead, use the bin-packing scheduling profile. #7052
  • ✨ [OPERATOR] The gardener-seed-admission-controller binary has been dropped from the code. Its logic has been merged into gardener-resource-manager. #7053

2022/11/23 - v1.60 Release

Demo Agenda πŸ“‹

Presenter(s)DurationTopicReference(s)
@rfranzke10mπŸ‘¨β€πŸ‘©β€πŸ‘¦ High Availability Deployment Configurations#6967, #6982, #6989, #6992
@seshachalam-yv5mπŸ§ͺ E2E Tests For Upgrading Shoots To Become Highly Available#6910
@istvanballok, @rickardsjp10m🧾 Monthly Average Resource Usage of Shoots#6944
@axel7born5m🚦 Disable DNS Query Forwarding For External Domains#6942
@danielfoehrKn10mπŸ”« Prevent containerd-Monitor From Terminating containerd-shims#6696

No Demo, But Still Worth Celebrating πŸŽ‰

  • ✨ [OPERATOR] The field ManagedSeed.spec.seedTemplate has been deprecated and will be removed very soon in a future release of Gardener. […] #7006
  • ✨ [OPERATOR] The seed vpa-recommender is no longer scaled by VPA. Instead, fixed resource request values are used. #7001
  • πŸ› [OPERATOR] A bug was fixed where sometimes the kube-apiserver was deleted during shoot deletion flow even though there were still shoot managed resources present. #7008
  • ✨ [DEPENDENCY] Deployments or StatefulSets deployed by extensions in seed or shoot clusters can now benefit from the new high-availability-config webhook for automatically mutating the HA-related configuration of these resources. Please refer to this document. #6967
  • ✨ [DEPENDENCY] Extension controllers no longer perform owner checks based on the owner DNSRecord at the start of their reconciliations. #6973

2022/11/09 - v1.59 Release

Demo Agenda πŸ“‹

Presenter(s)DurationTopicReference(s)
@rfranzke5mπŸ‘¨β€πŸ‘©β€πŸ‘¦ High Availability-related API Changes#6914, #6915
@briantopping, @tuxgoose10mπŸ§ͺ TestMachinery Running Alongside of Google Cloud VMware Engineprovider-vsphere (repo)
@dimityrmirchev5mπŸ“ kubelet Container Logs Maximum Configurations#6702

No Demo, But Still Worth Celebrating πŸŽ‰

  • ✨ [USER] The rotation procedure of the ServiceAccount token signing key has been improved. #6943
  • ✨ [OPERATOR] The ManagedResources related to seed system components are now labeled with gardener.cloud/role=system-component. #6836
  • ✨ [DEPENDENCY] Extensions can now use the extensions/pkg/util.{DetermineError,DetermineErrorCodes} functions for conveniently handling errors with codes. #6912
  • ✨ [DEPENDENCY] gardener-extensions-controller package includes CLI parameter for --log-level and --log-format now. #6875
  • ✨ [DEVELOPER] The gardener-resource-manager component has been reworked entirely. It now uses a component config instead of CLI flags. Also, its Helm chart has been reworked entirely. #6865

2022/11/02 - v1.58 Release (Part II)

Demo Agenda πŸ“‹

Presenter(s)DurationTopicReference(s)
@petersutter10mπŸ•Ή Recent Gardener Dashboard Updatesdashboard (repo)
@plkokanov10mπŸ’“ Extension Controller Heartbeats#6626
@rfranzke10mπŸͺͺ kubelet’s Server Certificate#6784

2022/10/26 - v1.58 Release (Part I)

Demo Agenda πŸ“‹

Presenter(s)DurationTopicReference(s)
@istvanballok5mπŸ”« Eliminating VPA Exporter#6771
@istvanballok10m🀯 Remote Local Setup - WHAT???#6730
@timuthy10m🚿 Topology Spread Constraints#6665, #6674, #6685
@axel7born10mπŸ”’ Network Policies in Seeds for Istio#6765, #6826
@timebertt5m⚑️ Making Resource-Manager’s Health Controller Lightning-Fast#6770

No Demo, But Still Worth Celebrating πŸŽ‰

  • πŸͺ“ [USER] Shoots with failure tolerance type node can be scheduled on Seeds with .spec.highAvailability != nil only. #6833
  • πŸ› [USER] Shoot worker definitions are now validated using .spec.kubernetes.kubelet when .spec.provider.workers[].kubernetes.kubelet is not specified. #6741
  • πŸͺ“ [OPERATOR] HAControlPlanes feature flag is removed from gardener-scheduler. #6833
  • πŸͺ“ [OPERATOR] Remove DNSProvider from supported extension kinds. #6840
  • πŸ› [OPERATOR] Remove /scale subresource from Etcd CRD. #6850
  • ✨ [OPERATOR] Short names for Machine (mc), MachineClass (mcc), MachineDeployment (mcd), and MachineSet (mcs) resources are now added. #6787
  • ✨ [OPERATOR] Gardenlet will not start in case the seed configuration is incorrect, i.e. if the node, pod or service network specified in the Seed resource do not match to the cluster reality. #6782

2022/10/12 - v1.57 Release

Demo Agenda πŸ“‹

Presenter(s)DurationTopicReference(s)
@seshachalam-yv5mπŸ§ͺ Local E2E Tests For High Availability Scenario#6719
@vpnachev10m✍️ Extension For Image Signature Verificationshoot-lakom-service (repo)
@ialidzhikov5mπŸͺ΄ Seed Selector in CloudProfile and Shoot#6680

No Demo, But Still Worth Celebrating πŸŽ‰

  • ✨ [USER] The create/modify/delete permissions for ServiceAccounts assigned to Project members with the admin role are now removed. Read permissions are preserved. […] #6740
  • πŸͺ“ [OPERATOR] Deprecated functions DeprecatedDetermineError and DeprecatedDetermineErrorCodes will be dropped in the upcoming releases, extensions using these functions now need to use their own methods to get the error code from the errors. #6677
  • ✨ [OPERATOR] Logs from pods managed by garden-resource-manager will be scraped and stored in the shoot’s Loki. #6748
  • ✨ [OPERATOR] The ShootCARotation and ShootSARotation feature gates have been promoted to beta and are now enabled by default. […] #6734

2022/10/06 - v1.56 Release

Demo Agenda πŸ“‹

Presenter(s)DurationTopicReference(s)
@rishabh-1110m🍼 Configurable Throughput for AWS Disksmachine-controller-manager-provider-aws#95
@ScheererJ10m🧷 Make Istio’s Ingress Gateway Traffic Zone-Aware#6653
@shafeeqes10m⎈ Kubernetes 1.25 Support#6638
@plkokanov10mπŸ” Validation For Admission Plugins#6625

No Demo, But Still Worth Celebrating πŸŽ‰

  • ✨ [USER] Introduce shoot spec field spec.controlPlane to allow enabling HA control planes with failure tolerance type of node or zone. […] #6530
  • ✨ [OPERATOR] gardenlet is now using gcr.io/distroless/static-debian11:nonroot instead of versions of alpine as a base image. #6641
  • ✨ [DEVELOPER] The e2e tests do now also tear down the Gardener environment, effectively verifying whether the Seed deletion works as expected. #6664

2022/09/21 - v1.55 Release (Part II)

Demo Agenda πŸ“‹

Presenter(s)DurationTopicReference(s)
@plkokanov10mπŸŒ“ Progressing Status For Seed Conditions#6551, #6587, #6590
@oliver-goetz5mπŸ—Ώ Replacement Of Release Milestone GitHub Action#6627
@istvanballok, @wyb1, @rickardsjp15mπŸ“Š containerd-Related Monitoring Fixes#6574, #6628
@rfranzke5mπŸ’Ώ Local Container Image Pull-Through Cache#6591

2022/09/14 - v1.55 Release (Part I)

Demo Agenda πŸ“‹

Presenter(s)DurationTopicReference(s)
@grolu5mπŸ•Ή Dashboard Release Updatesdashboard@1.61.0
@ishan1669610mπŸ’Ύ ETCD Member Restorationetcd-backup-restore#509
@ialidzhikov5mβ›“ Do Not Run Privileged Containersbacklog#7 (issue)
@MartinWeindel, @ScheererJ10m🚏 Custom AWS Route Controllerprovider-aws#591, provider-aws#596
@shafeeqes5mπŸ›‘ PodSecurityPolicy -> Pod Security Admission Migration Update#5250 (issue)

No Demo, But Still Worth Celebrating πŸŽ‰

  • ✨ [DEVELOPER] The existing ManagedSeed e2e test has been enhanced with verifications for the three gardenlet kubeconfig rotation scenarios. #6568
  • ✨ [OPERATOR] gardenlet’s SeedKubeScheduler feature gate is now deprecated in favor of the bin-packing scheduling profile that can be configured for a Shoot referred by a ManagedSeed. #6599
  • ✨ [OPERATOR] Gardenlet now checks that the seed network configuration conforms to the reality in the seed cluster in case the seed is a shoot itself. #6576
  • πŸ› [OPERATOR] A bug has been fixed which caused the EveryNodeReady condition on Shoots to become False and complaining about outdated cloud configs on nodes during rolling updates. #6555

2022/08/31 - v1.54 Release

Demo Agenda πŸ“‹

Presenter(s)DurationTopicReference(s)
@ialidzhikov10mπŸ›‘ Seccomp Profile Defaulting For Seed Workload#6450
@MartinWeindel5m🌍 Network Problem Detector Updatesshoot-networking-problemdetector#21, shoot-networking-problemdetector#18
@ScheererJ10mπŸ“¬ Shoot DNS Rewriting#6192
@MartinWeindel5mπŸ‹πŸ»β€β™‚οΈ Weighted Routing Policy For DNSEntrysexternal-dns-management#270
@timuthy10mπŸ“Œ Zone Pinning on Multi-Zonal Seeds#6579

No Demo, But Still Worth Celebrating πŸŽ‰

  • ✨ [DEVELOPER] Gardener envtest now supports running against an existing gardener setup via USE_EXISTING_GARDENER, see doc #6497 (will be presented in the next review meeting)
  • ✨ [DEVELOPER] A new gomegacheck linter is now executed on make check. […] #6455
  • ✨ [OPERATOR] Plant API has been dropped, operators need to clean up Plant resources before upgrading the Gardener version to v1.54. #6472
  • ✨ [OPERATOR] The DNSProvider extension kind was removed. Please make sure to remove any ControllerRegistrations that include the DNSProvider kind. […] #6479
  • πŸ› [OPERATOR] Shoots are correctly labeled for globally enabled extensions now. #6534

2022/08/17 - v1.53 Release

Demo Agenda πŸ“‹

Presenter(s)DurationTopicReference(s)
@oliver-goetz5mβš™οΈ Custom REST Configuration For Shoot Clients#6276
@unmarshall10mπŸ“– [GEP-20] HA Shoot Control Planes#6287
@vlvasilev10mπŸͺ΅ Shoot event-logger#6223
@dimityrmirchev5m🏷 Label All Managed Resources#6393
@ishan1669610mπŸ§ͺ E2E Tests For etcd-druidetcd-druid#296

No Demo, But Still Worth Celebrating πŸŽ‰

  • ✨ Enforce that Shoot nginx-ingress addon and Seed VPA are not enabled for ManagedSeeds. #6388
  • ✨ Promote the SecretBindingProviderValidation feature gate to GA. #6429
  • ✨ Promote SeedChange and CopyEtcdBackupsDuringControlPlaneMigration feature gates to beta. #6452

2022/08/03 - v1.52 Release

Demo Agenda πŸ“‹

Presenter(s)DurationTopicReference(s)
@dkistner10mπŸͺͺ Pod CIDR Allocation For Nodesprovider-azure#539
@timebertt5mπŸ“ Streamlined Logging In Controllers#4251 (issue)
@acumino5mπŸ› Improvements For Multiple Architectures#6324, #6327
@timuthy10m⬆️ ETCD Cluster Scale Upetcd-backup-restore#487
@shafeeqes5m🩺 Skipping Health Checks For ManagedResources#6309
@shafeeqes5mπŸ’‚πŸ»β€β™€οΈ Disabling Admission Plugins#6403

No Demo, But Still Worth Celebrating πŸŽ‰

  • ✨ Promote DisableDNSProviderManagement to GA. #6341
  • ✨ Drop support for the shoot.gardener.cloud/use-as-seed annotation. #6379
  • πŸ› Fix tools download for aarch64 (arm64) 🐧. #6314

2022/07/20 - v1.51 Release

Demo Agenda πŸ“‹

Presenter(s)DurationTopicReference(s)
@oliver-goetz5mπŸ“Š TestGrid For Prowci-infra#257
@ialidzhikov10mβš–οΈ Shoot Scheduling Profiles#6251
@wyb15mπŸ“– [GEP-19] Migrating To prometheus-operator#6151
@kon-angelo10mπŸ”‘ GCP Service Account Creation For Workersprovider-gcp#451
@ary19925mβš™οΈ Custom containerd Configuration#6293@bdb4247
@rfranzke10mπŸͺž Support For ManagedSeeds Locally#6293
@shafeeqes5mπŸ›‘ PodSecurityPolicy -> Pod Security Admission Migration Plan#5250 (issue)

No Demo, But Still Worth Celebrating πŸŽ‰

  • πŸ“– [DEVELOPER] A new testing strategy and developer guideline has been added. Make sure to check out the document if you want to learn more about the different kinds of tests we use and how to best write them! #6245
  • πŸ› [OPERATOR] Health checks of ManagedResources are more reliable now when updating resources in the referenced secrets. #6136
  • ✨ [OPERATOR] The new ShootNodeLocalDNSEnabledByDefault admission plugin of the gardener-apiserver (disabled by default) controls whether the .spec.systemComponents.nodeLocalDNS.enabled field for newly created Shoot resources is defaulted to true. […] #6279
  • ✨ [OPERATOR] Several feature gate changes: SecretBindingProviderValidation -> beta (#6240), ShootMaxTokenExpiration{Overwrite,Validation} and RotateSSHKeypairOnMaintenance -> removed (#6241), Shoot{C,S}ARotation -> beta (#6252)

2022/07/06 - v1.50 Release

Demo Agenda πŸ“‹

Presenter(s)DurationTopicReference(s)
@ScheererJ / @DockToFuture5m🌍 Node Local DNS Improvements (Part 2)#6057
@rfranzke10m🧹 Automatic Remediation Of Problematic Shoot Webhooks#6090
@shafeeqes5mπŸͺ’ New shoots/binding API To Bind Shoots To Seeds#6018
@plkokanov10mπŸ— Running Control Plane Migration Locally#5987, #6059
@acumino5mπŸ› API Changes For Supporting Multiple Architectures#6156, #6178, #6233
@timebertt10mπŸ›‘ Warnings When Credentials Rotation Is Due#6110, #6149
@grolu5mπŸ•Ή Recent Gardener Dashboard Updatesdashboard (repo)

No Demo, But Still Worth Celebrating πŸŽ‰

  • ✨ [DEVELOPER] gardener-{apiserver,controller-manager,scheduler,admission-controller,seed-admission-controller,resource-manager} are now using gcr.io/distroless/static-debian11:nonroot instead of versions of alpine as a base image. #6159
  • ✨ [DEVELOPER] It is now possible to render charts from embedded file systems (embed.FS). The Render method of the chartrenderer.Interface in favour of RenderEmbeddedFS. […] #6165
  • ✨ [DEPENDENCY] Gardenlet now manages fine-granular PriorityClasses that are supposed to be used by all components in order to improve the overall robustness of the system. Find out more in the related documentation. […] #6186
  • ✨ [OPERATOR] The WorkerPoolKubernetesVersion and DisableDNSProviderManagement feature gates have been promoted. #6166, #6142
  • ✨ [DEVELOPER] k8s.io/* is now upgraded to v0.24.1 and sigs.k8s.io/controller-runtime is now upgraded to v0.12.1. #6101
  • πŸ› [OPERATOR] A disruption free CA rotation is now being supported for HA shoot clusters. #6099

2022/06/22 - v1.49 Release

Demo Agenda πŸ“‹

Presenter(s)DurationTopicReference(s)
@timuthy10mπŸ‘¨β€πŸ‘¦β€πŸ‘¦ New HAControlPlane Feature Gate#5741
@Diaphteiros5mπŸ›‘ On-Demand Kubeconfig Renewal For gardenlet#6069
@rfranzke5mπŸ“ Dump Container Logs Of E2E Tests#6088, #6089
@himanshu-kun10mπŸ‘Ύ GPU Support For GCP Worker Nodesprovider-gcp#132 (issue)
@ScheererJ, @DockToFuture10m🌍 Node Local DNS Improvements (Part 1)#6057

No Demo, But Still Worth Celebrating πŸŽ‰

  • ✨ [OPERATOR] A full snapshot of etcd-main is now triggered after all Secret were encrypted with the new key after ETCD encryption key rotation. #6064
  • ✨ [OPERATOR] Making blackbox-exporter on shoots highly-available, to prevent false positive alerts during rollouts of blackbox-exporter, apiserver-proxy and worker nodes. #6025
  • ✨ [DEPENDENCY] The generic Worker actuator now scales up machine-controller-manager Deployment when Shoot is hibernating (or waking up) and machine-controller-manager Deployment is already scaled down by external actor (dependency-watchdog). #6054

2022/06/08 - v1.48 Release

Demo Agenda πŸ“‹

Presenter(s)DurationTopicReference(s)
@rfranzke10mπŸ›‘ Credentials Rotation (ServiceAccount Signing Key, ETCD Encryption Key)#5968, #6021
@dimityrmirchev5mπŸ‘” New serviceaccountmanager Project Member Role#5971
@timebertt10mπŸ›‘ Extension Webhook Certificate Rotation#6003
@acumino5m⎈ Kubernetes 1.24 Support#6023
@plkokanov10m🧱 SeedSystemComponentsHealthy Condition Use Cases#5850 (issue)
@wyb110mπŸ›° Make blackbox-exporter Work In Local Setup#6051

No Demo, But Still Worth Celebrating πŸŽ‰

  • ✨ [USER] With the new maintenance.gardener.cloud/operation annotation for Shoots it is now possible to confine the execution of the respective operation to the shoot cluster’s maintenance time window. #6039
  • ✨ [USER] There are two new rotate-credentials-{start,complete} operation annotations for Shoots which can be used to start or complete the rotation of all Gardener-provided/Gardener-generated credentials. #6038
  • πŸ› [USER] It is now possible again to migrate the CRIs for existing worker pools in shoot clusters. #6004
  • πŸ“– [OPERATOR] The ManagedIstio and APIServerSNI feature gates are now deprecated. They are already turned on by default and will be removed in a future version of Gardener. #6007

2022/05/25 - v1.47 Release

Demo Agenda πŸ“‹

Presenter(s)DurationTopicReference(s)
@himanshu-kun10m0️⃣ Generic Scale-To-Zero Supportautoscaler#27 (issue)
@krgostev10m🩺 SystemComponentsHealthy condition for Seeds#5274
@rfranzke5mπŸ— Progressing condition for ManagedResources#5904
@grolu10mπŸ•Ή Recent Gardener Dashboard Updatesdashboard (repo)
@ary199210mπŸ›‘ Observability Credentials Rotation#5926
@MartinWeindel10m🌍 Network Problem Detector Extensionshoot-networking-problemdetector (repo)

No Demo, But Still Worth Celebrating πŸŽ‰

  • πŸ“– [USER] A new document related to the rotation of the CA certificate rotation has been added. #5939
  • ✨ [DEVELOPER] provider-local now allows to enable the dependency-watchdog-probe in the seed cluster. #5937
  • ✨ [DEVELOPER] provider-local now supports Ingress objects in the Seed cluster and now enables using the shoot node logging feature. #5924
  • ✨ [OPERATOR] The lastActivityTimestamp of the Project is now updated every time a Plant, BackupEntry or Shoot is created, or a Quota or Secret in the project namespace is referred by a SecretBinding. The timestamp is also updated when these resources are updated or deleted. #5821

2022/05/11 - v1.46 Release

Demo Agenda πŸ“‹

Presenter(s)DurationTopicReference(s)
@timebertt10mπŸ›‘οΈ Shoot Cluster CA Rotation e2e Demo#3292 (issue)
@dimityrmirchev10mπŸ§ͺ Extension e2e Tests Via Local Gardenshoot-oidc-service#33
@krgostev10mπŸ’Ύ Backup{Bucket,Entry} Support For Local Garden#5514
@istvanballok, @wyb110mπŸ“Š Connectivity Exporterconnectivity-exporter (repo)
@ialidzhikov5mπŸ”Ž Extension SecretBinding Validatorprovider-gcp#428

No Demo, But Still Worth Celebrating πŸŽ‰

  • πŸ“– [USER] Documentation for accessing the shoot cluster is added here. #5849
  • πŸ“– [USER] There is a new document explaining the various configurations (and caveats) regarding the ServiceAccount configuration for shoot clusters. #5888
  • ✨ [OPERATOR] The WorkerPoolKubernetesVersion feature gate has been promoted to beta and is now enabled by default. #5857

2022/04/27 - v1.45 Release

Demo Agenda πŸ“‹

Presenter(s)DurationTopicReference(s)
@Diaphteiros10mπŸ›‘οΈ Virtual Garden Cluster CA Rotation#5735
@acumino5mπŸ”Ž API Diff PR Check To Detect Breaking Changes#5532
@shafeeqes5mπŸ“ˆ Improved Cloud-Config Downloads To Save I/O#5768
@ScheererJ10m🌍 Extension For Networking Filtershoot-networking-filter (repo)
@BeckerMax10mπŸ›‘οΈ Dedicated Client CA For Shoots#5779
@rfranzke10mπŸ›‘οΈ Adaptation Of Extensions Library For CA Rotation#5803

No Demo, But Still Worth Celebrating πŸŽ‰

  • πŸ› [OPERATOR] Fixed an issue that could cause the cloud-config-downloader to invalidate its credentials token if the node that it is currently running on has issues with the file system where the credentials token is stored (for example when the node runs out of disk space). #5719
  • πŸ“ˆ [OPERATOR] Increase the QPS and burst value for kube-apiserver requests for the vpa-recommender of Seed and Shoot clusters to better cope with large cluster sizes. #5743
  • πŸ“ˆ [OPERATOR] VPA binaries and dependency have been upgraded to 0.10.0. #5716
  • ✨ Several Feature Gate Promotions: DenyInvalidExtensionResources (#5793) and CachedRuntimeClients (#5752) are now GA, RotateSSHKeypairOnMaintenance (#5740) and ShootMaxTokenExpirationOverwrite (#5726) are now beta.

2022/04/13 - v1.44 Release

Demo Agenda πŸ“‹

Presenter(s)DurationTopicReference(s)
@acumino5mπŸšͺ Validation For Locked Feature Gates#5667
@ary19925mπŸ›‘οΈ Deactivation Of Static Shoot Kubeconfig#5649
@ishan1669610mπŸ’Ύ New etcd-druid@v0.8 Release#5693
@rfranzke10mπŸ›‘οΈ Auto-Rotation Of Expiring Secrets#5679
@MartinWeindel10mπŸ”— Central DNS Proxyshoot-dns-service#104
@oliver-goetz10mπŸ–Ό Prow Image Buildsci-infra#181

No Demo, But Still Worth Celebrating πŸŽ‰

  • πŸ“ˆ [OPERATOR] CPU limits from all gardener components have been removed to prevent CPU throttling due to reaching limits. #5627
  • πŸ“ˆ [OPERATOR] Memory limits of all shoot control plane or system components have been removed or adjusted according to measured usage to prevent OOMKills due to reaching the limits. #5689
  • πŸ“ˆ [OPERATOR] VPA resources now use controlledValues: RequestsOnly to prevent the VPA mechanism from proportionally changing the limits, which doesn’t make sense. #5638
  • πŸ›‘ [OPERATOR] dependency-watchdog-probe does no longer use a client certificate but an auto-rotated ServiceAccount token which is only valid for 12h. #5685

2022/03/30 - v1.43 Release

Demo Agenda πŸ“‹

Presenter(s)DurationTopicReference(s)
@rfranzke5mπŸš€ Optimized LIST nodes Calls#5529
@ialidzhikov5mπŸ’Ž Improved CheckDaemonSet Function#5628
@timebertt10mπŸ›‘οΈ New Secrets Manager#5503
@acumino5mβš™οΈ Exclude Reconciliations Of ManagedResources#5556
@vlvasilev10mπŸ“ƒ Logs of kube-system Pods Are Now Scraped By Loki#5600
@rfranzke10mπŸ”§ Move DNSRecord Reconciliation Into Maintenance Time Window#5531
@oliver-goetz5m🎒 Move Of unit And integration Jobs To Prow/

No Demo, But Still Worth Celebrating πŸŽ‰

  • ✨ [USER] There is a new Secret for each Shoot in the corresponding Project Namespace (<shoot-name>.ca-cluster) which contains the current CA bundle for establishing trust to the Shoot’s API server. #5612
  • πŸ› [OPERATOR] An issue causing Shoot deletion to fail in a rare case when the corresponding Shoot Namespace in the Seed is already terminating is now fixed. #5555
  • πŸ› [USER] A race condition has been fixed which can lead to pods without any projected token volumes for newly created shoots. #5549
  • πŸ› [USER] A bug causing shoot reconciliations or deletions to fail with “no matches for kind” errors has been fixed. #5539