Gardener Review Meetings 2022 β
Overview β
In case you couldn't participate and are interested in catching up, you can find the contents of the review meetings we have had in 2022 here.
Note that all review meetings in 2022 were SAP-internal meetings back then. Despite those, we also had a few Community Meetings in the open.
Reviews β
2022/12/07 - v1.61 Release β
Demo Agenda π β
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @grolu | 10m | πΉ Recent Gardener Dashboard Features | dashboard (repo) |
| @shreyas-s-rao | 5m | π Grafana Dashboard For Multi-Node ETCD | #7023 |
| @DockToFuture | 10m | πΈοΈ Removal Of Overlay Networks | backlog#29 (issue) |
| @kon-angelo | 5m | π·οΈ Annotate OpenStack VMs With Pool Labels | provider-openstack#511 |
| @rfranzke | 10m | π§πΌβπΎ Introduction Of Gardener Operator | #7009, #7048 |
No Demo, But Still Worth Celebrating π β
- πͺ [USER] Gardener does no longer support shoot clusters with Kubernetes versions
< 1.20. [...] #6987 - β¨ [USER] The
kube-apiserveris now verifying the server certificates presented bykubelets. #7047 - πͺ [OPERATOR] The already deprecated
SeedKubeSchedulerfeature gate is now removed. [...] Instead, use thebin-packingscheduling profile. #7052 - β¨ [OPERATOR] The
gardener-seed-admission-controllerbinary has been dropped from the code. Its logic has been merged intogardener-resource-manager. #7053
2022/11/23 - v1.60 Release β
Demo Agenda π β
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @rfranzke | 10m | π¨βπ©βπ¦ High Availability Deployment Configurations | #6967, #6982, #6989, #6992 |
| @seshachalam-yv | 5m | π§ͺ E2E Tests For Upgrading Shoots To Become Highly Available | #6910 |
| @istvanballok, @rickardsjp | 10m | π§Ύ Monthly Average Resource Usage of Shoots | #6944 |
| @axel7born | 5m | π¦ Disable DNS Query Forwarding For External Domains | #6942 |
| @danielfoehrKn | 10m | π« Prevent containerd-Monitor From Terminating containerd-shims | #6696 |
No Demo, But Still Worth Celebrating π β
- β¨ [OPERATOR] The field
ManagedSeed.spec.seedTemplatehas been deprecated and will be removed very soon in a future release of Gardener. [...] #7006 - β¨ [OPERATOR] The seed
vpa-recommenderis no longer scaled by VPA. Instead, fixed resource request values are used. #7001 - π [OPERATOR] A bug was fixed where sometimes the
kube-apiserverwas deleted during shoot deletion flow even though there were still shoot managed resources present. #7008 - β¨ [DEPENDENCY]
Deployments orStatefulSets deployed by extensions in seed or shoot clusters can now benefit from the newhigh-availability-configwebhook for automatically mutating the HA-related configuration of these resources. Please refer to this document. #6967 - β¨ [DEPENDENCY] Extension controllers no longer perform owner checks based on the owner
DNSRecordat the start of their reconciliations. #6973
2022/11/09 - v1.59 Release β
Demo Agenda π β
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @rfranzke | 5m | π¨βπ©βπ¦ High Availability-related API Changes | #6914, #6915 |
| @briantopping, @tuxgoose | 10m | π§ͺ TestMachinery Running Alongside of Google Cloud VMware Engine | provider-vsphere (repo) |
| @dimityrmirchev | 5m | π kubelet Container Logs Maximum Configurations | #6702 |
No Demo, But Still Worth Celebrating π β
- β¨ [USER] The rotation procedure of the
ServiceAccounttoken signing key has been improved. #6943 - β¨ [OPERATOR] The
ManagedResources related to seed system components are now labeled withgardener.cloud/role=system-component. #6836 - β¨ [DEPENDENCY] Extensions can now use the
extensions/pkg/util.{DetermineError,DetermineErrorCodes}functions for conveniently handling errors with codes. #6912 - β¨ [DEPENDENCY]
gardener-extensions-controllerpackage includes CLI parameter for--log-leveland--log-formatnow. #6875 - β¨ [DEVELOPER] The
gardener-resource-managercomponent has been reworked entirely. It now uses a component config instead of CLI flags. Also, its Helm chart has been reworked entirely. #6865
2022/11/02 - v1.58 Release (Part II) β
Demo Agenda π β
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @petersutter | 10m | πΉ Recent Gardener Dashboard Updates | dashboard (repo) |
| @plkokanov | 10m | π Extension Controller Heartbeats | #6626 |
| @rfranzke | 10m | πͺͺ kubelet's Server Certificate | #6784 |
2022/10/26 - v1.58 Release (Part I) β
Demo Agenda π β
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @istvanballok | 5m | π« Eliminating VPA Exporter | #6771 |
| @istvanballok | 10m | π€― Remote Local Setup - WHAT??? | #6730 |
| @timuthy | 10m | πΏ Topology Spread Constraints | #6665, #6674, #6685 |
| @axel7born | 10m | π Network Policies in Seeds for Istio | #6765, #6826 |
| @timebertt | 5m | β‘οΈ Making Resource-Manager's Health Controller Lightning-Fast | #6770 |
No Demo, But Still Worth Celebrating π β
- πͺ [USER]
Shoots with failure tolerance typenodecan be scheduled onSeeds with.spec.highAvailability != nilonly. #6833 - π [USER] Shoot worker definitions are now validated using
.spec.kubernetes.kubeletwhen.spec.provider.workers[].kubernetes.kubeletis not specified. #6741 - πͺ [OPERATOR]
HAControlPlanesfeature flag is removed fromgardener-scheduler. #6833 - πͺ [OPERATOR] Remove
DNSProviderfrom supported extension kinds. #6840 - π [OPERATOR] Remove
/scalesubresource fromEtcdCRD. #6850 - β¨ [OPERATOR] Short names for
Machine(mc),MachineClass(mcc),MachineDeployment(mcd), andMachineSet(mcs) resources are now added. #6787 - β¨ [OPERATOR] Gardenlet will not start in case the seed configuration is incorrect, i.e. if the node, pod or service network specified in the Seed resource do not match to the cluster reality. #6782
2022/10/12 - v1.57 Release β
Demo Agenda π β
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @seshachalam-yv | 5m | π§ͺ Local E2E Tests For High Availability Scenario | #6719 |
| @vpnachev | 10m | βοΈ Extension For Image Signature Verification | shoot-lakom-service (repo) |
| @ialidzhikov | 5m | πͺ΄ Seed Selector in CloudProfile and Shoot | #6680 |
No Demo, But Still Worth Celebrating π β
- β¨ [USER] The create/modify/delete permissions for
ServiceAccounts assigned toProjectmembers with the admin role are now removed. Read permissions are preserved. [...] #6740 - πͺ [OPERATOR] Deprecated functions
DeprecatedDetermineErrorandDeprecatedDetermineErrorCodeswill be dropped in the upcoming releases, extensions using these functions now need to use their own methods to get the error code from the errors. #6677 - β¨ [OPERATOR] Logs from pods managed by
garden-resource-managerwill be scraped and stored in the shoot's Loki. #6748 - β¨ [OPERATOR] The
ShootCARotationandShootSARotationfeature gates have been promoted to beta and are now enabled by default. [...] #6734
2022/10/06 - v1.56 Release β
Demo Agenda π β
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @rishabh-11 | 10m | πΌ Configurable Throughput for AWS Disks | machine-controller-manager-provider-aws#95 |
| @ScheererJ | 10m | π§· Make Istio's Ingress Gateway Traffic Zone-Aware | #6653 |
| @shafeeqes | 10m | β Kubernetes 1.25 Support | #6638 |
| @plkokanov | 10m | π Validation For Admission Plugins | #6625 |
No Demo, But Still Worth Celebrating π β
- β¨ [USER] Introduce shoot spec field
spec.controlPlaneto allow enabling HA control planes with failure tolerance type ofnodeorzone. [...] #6530 - β¨ [OPERATOR] gardenlet is now using
gcr.io/distroless/static-debian11:nonrootinstead of versions ofalpineas a base image. #6641 - β¨ [DEVELOPER] The e2e tests do now also tear down the Gardener environment, effectively verifying whether the
Seeddeletion works as expected. #6664
2022/09/21 - v1.55 Release (Part II) β
Demo Agenda π β
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @plkokanov | 10m | π Progressing Status For Seed Conditions | #6551, #6587, #6590 |
| @oliver-goetz | 5m | πΏ Replacement Of Release Milestone GitHub Action | #6627 |
| @istvanballok, @wyb1, @rickardsjp | 15m | π containerd-Related Monitoring Fixes | #6574, #6628 |
| @rfranzke | 5m | πΏ Local Container Image Pull-Through Cache | #6591 |
2022/09/14 - v1.55 Release (Part I) β
Demo Agenda π β
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @grolu | 5m | πΉ Dashboard Release Updates | dashboard@1.61.0 |
| @ishan16696 | 10m | πΎ ETCD Member Restoration | etcd-backup-restore#509 |
| @ialidzhikov | 5m | β Do Not Run Privileged Containers | backlog#7 (issue) |
| @MartinWeindel, @ScheererJ | 10m | π Custom AWS Route Controller | provider-aws#591, provider-aws#596 |
| @shafeeqes | 5m | π‘ PodSecurityPolicy -> Pod Security Admission Migration Update | #5250 (issue) |
No Demo, But Still Worth Celebrating π β
- β¨ [DEVELOPER] The existing
ManagedSeede2e test has been enhanced with verifications for the three gardenlet kubeconfig rotation scenarios. #6568 - β¨ [OPERATOR] gardenlet's
SeedKubeSchedulerfeature gate is now deprecated in favor of the bin-packing scheduling profile that can be configured for aShootreferred by aManagedSeed. #6599 - β¨ [OPERATOR] Gardenlet now checks that the seed network configuration conforms to the reality in the seed cluster in case the seed is a shoot itself. #6576
- π [OPERATOR] A bug has been fixed which caused the
EveryNodeReadycondition on Shoots to becomeFalseand complaining about outdated cloud configs on nodes during rolling updates. #6555
2022/08/31 - v1.54 Release β
Demo Agenda π β
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @ialidzhikov | 10m | π‘ Seccomp Profile Defaulting For Seed Workload | #6450 |
| @MartinWeindel | 5m | π Network Problem Detector Updates | shoot-networking-problemdetector#21, shoot-networking-problemdetector#18 |
| @ScheererJ | 10m | π¬ Shoot DNS Rewriting | #6192 |
| @MartinWeindel | 5m | ππ»ββοΈ Weighted Routing Policy For DNSEntrys | external-dns-management#270 |
| @timuthy | 10m | π Zone Pinning on Multi-Zonal Seeds | #6579 |
No Demo, But Still Worth Celebrating π β
- β¨ [DEVELOPER] Gardener envtest now supports running against an existing gardener setup via
USE_EXISTING_GARDENER, see doc #6497 (will be presented in the next review meeting) - β¨ [DEVELOPER] A new
gomegachecklinter is now executed on make check. [...] #6455 - β¨ [OPERATOR]
PlantAPI has been dropped, operators need to clean upPlantresources before upgrading the Gardener version to v1.54. #6472 - β¨ [OPERATOR] The
DNSProviderextension kind was removed. Please make sure to remove anyControllerRegistrations that include the DNSProvider kind. [...] #6479 - π [OPERATOR] Shoots are correctly labeled for globally enabled extensions now. #6534
2022/08/17 - v1.53 Release β
Demo Agenda π β
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @oliver-goetz | 5m | βοΈ Custom REST Configuration For Shoot Clients | #6276 |
| @unmarshall | 10m | π [GEP-20] HA Shoot Control Planes | #6287 |
| @vlvasilev | 10m | πͺ΅ Shoot event-logger | #6223 |
| @dimityrmirchev | 5m | π· Label All Managed Resources | #6393 |
| @ishan16696 | 10m | π§ͺ E2E Tests For etcd-druid | etcd-druid#296 |
No Demo, But Still Worth Celebrating π β
- β¨ Enforce that Shoot nginx-ingress addon and Seed VPA are not enabled for ManagedSeeds. #6388
- β¨ Promote the
SecretBindingProviderValidationfeature gate to GA. #6429 - β¨ Promote
SeedChangeandCopyEtcdBackupsDuringControlPlaneMigrationfeature gates to beta. #6452
2022/08/03 - v1.52 Release β
Demo Agenda π β
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @dkistner | 10m | πͺͺ Pod CIDR Allocation For Nodes | provider-azure#539 |
| @timebertt | 5m | π Streamlined Logging In Controllers | #4251 (issue) |
| @acumino | 5m | π Improvements For Multiple Architectures | #6324, #6327 |
| @timuthy | 10m | β¬οΈ ETCD Cluster Scale Up | etcd-backup-restore#487 |
| @shafeeqes | 5m | π©Ί Skipping Health Checks For ManagedResources | #6309 |
| @shafeeqes | 5m | ππ»ββοΈ Disabling Admission Plugins | #6403 |
No Demo, But Still Worth Celebrating π β
- β¨ Promote
DisableDNSProviderManagementto GA. #6341 - β¨ Drop support for the
shoot.gardener.cloud/use-as-seedannotation. #6379 - π Fix tools download for aarch64 (arm64) π§. #6314
2022/07/20 - v1.51 Release β
Demo Agenda π β
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @oliver-goetz | 5m | π TestGrid For Prow | ci-infra#257 |
| @ialidzhikov | 10m | βοΈ Shoot Scheduling Profiles | #6251 |
| @wyb1 | 5m | π [GEP-19] Migrating To prometheus-operator | #6151 |
| @kon-angelo | 10m | π GCP Service Account Creation For Workers | provider-gcp#451 |
| @ary1992 | 5m | βοΈ Custom containerd Configuration | #6293@bdb4247 |
| @rfranzke | 10m | πͺ Support For ManagedSeeds Locally | #6293 |
| @shafeeqes | 5m | π‘ PodSecurityPolicy -> Pod Security Admission Migration Plan | #5250 (issue) |
No Demo, But Still Worth Celebrating π β
- π [DEVELOPER] A new testing strategy and developer guideline has been added. Make sure to check out the document if you want to learn more about the different kinds of tests we use and how to best write them! #6245
- π [OPERATOR] Health checks of ManagedResources are more reliable now when updating resources in the referenced secrets. #6136
- β¨ [OPERATOR] The new
ShootNodeLocalDNSEnabledByDefaultadmission plugin of thegardener-apiserver(disabled by default) controls whether the.spec.systemComponents.nodeLocalDNS.enabledfield for newly created Shoot resources is defaulted to true. [...] #6279 - β¨ [OPERATOR] Several feature gate changes:
SecretBindingProviderValidation-> beta (#6240),ShootMaxTokenExpiration{Overwrite,Validation}andRotateSSHKeypairOnMaintenance-> removed (#6241),Shoot{C,S}ARotation-> beta (#6252)
2022/07/06 - v1.50 Release β
Demo Agenda π β
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @ScheererJ / @DockToFuture | 5m | π Node Local DNS Improvements (Part 2) | #6057 |
| @rfranzke | 10m | π§Ή Automatic Remediation Of Problematic Shoot Webhooks | #6090 |
| @shafeeqes | 5m | πͺ’ New shoots/binding API To Bind Shoots To Seeds | #6018 |
| @plkokanov | 10m | π Running Control Plane Migration Locally | #5987, #6059 |
| @acumino | 5m | π API Changes For Supporting Multiple Architectures | #6156, #6178, #6233 |
| @timebertt | 10m | π‘ Warnings When Credentials Rotation Is Due | #6110, #6149 |
| @grolu | 5m | πΉ Recent Gardener Dashboard Updates | dashboard (repo) |
No Demo, But Still Worth Celebrating π β
- β¨ [DEVELOPER]
gardener-{apiserver,controller-manager,scheduler,admission-controller,seed-admission-controller,resource-manager}are now usinggcr.io/distroless/static-debian11:nonrootinstead of versions ofalpineas a base image. #6159 - β¨ [DEVELOPER] It is now possible to render charts from embedded file systems (
embed.FS). TheRendermethod of thechartrenderer.Interfacein favour ofRenderEmbeddedFS. [...] #6165 - β¨ [DEPENDENCY] Gardenlet now manages fine-granular
PriorityClassesthat are supposed to be used by all components in order to improve the overall robustness of the system. Find out more in the related documentation. [...] #6186 - β¨ [OPERATOR] The
WorkerPoolKubernetesVersionandDisableDNSProviderManagementfeature gates have been promoted. #6166, #6142 - β¨ [DEVELOPER]
k8s.io/*is now upgraded tov0.24.1andsigs.k8s.io/controller-runtimeis now upgraded tov0.12.1. #6101 - π [OPERATOR] A disruption free CA rotation is now being supported for HA shoot clusters. #6099
2022/06/22 - v1.49 Release β
Demo Agenda π β
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @timuthy | 10m | π¨βπ¦βπ¦ New HAControlPlane Feature Gate | #5741 |
| @Diaphteiros | 5m | π‘ On-Demand Kubeconfig Renewal For gardenlet | #6069 |
| @rfranzke | 5m | π Dump Container Logs Of E2E Tests | #6088, #6089 |
| @himanshu-kun | 10m | πΎ GPU Support For GCP Worker Nodes | provider-gcp#132 (issue) |
| @ScheererJ, @DockToFuture | 10m | π Node Local DNS Improvements (Part 1) | #6057 |
No Demo, But Still Worth Celebrating π β
- β¨ [OPERATOR] A full snapshot of
etcd-mainis now triggered after all Secret were encrypted with the new key after ETCD encryption key rotation. #6064 - β¨ [OPERATOR] Making
blackbox-exporteron shoots highly-available, to prevent false positive alerts during rollouts ofblackbox-exporter,apiserver-proxyand worker nodes. #6025 - β¨ [DEPENDENCY] The generic
Workeractuator now scales upmachine-controller-managerDeployment whenShootis hibernating (or waking up) andmachine-controller-managerDeployment is already scaled down by external actor (dependency-watchdog). #6054
2022/06/08 - v1.48 Release β
Demo Agenda π β
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @rfranzke | 10m | π‘ Credentials Rotation (ServiceAccount Signing Key, ETCD Encryption Key) | #5968, #6021 |
| @dimityrmirchev | 5m | π New serviceaccountmanager Project Member Role | #5971 |
| @timebertt | 10m | π‘ Extension Webhook Certificate Rotation | #6003 |
| @acumino | 5m | β Kubernetes 1.24 Support | #6023 |
| @plkokanov | 10m | 𧱠SeedSystemComponentsHealthy Condition Use Cases | #5850 (issue) |
| @wyb1 | 10m | π° Make blackbox-exporter Work In Local Setup | #6051 |
No Demo, But Still Worth Celebrating π β
- β¨ [USER] With the new
maintenance.gardener.cloud/operationannotation forShoots it is now possible to confine the execution of the respective operation to the shoot cluster's maintenance time window. #6039 - β¨ [USER] There are two new
rotate-credentials-{start,complete}operation annotations forShoots which can be used to start or complete the rotation of all Gardener-provided/Gardener-generated credentials. #6038 - π [USER] It is now possible again to migrate the CRIs for existing worker pools in shoot clusters. #6004
- π [OPERATOR] The
ManagedIstioandAPIServerSNIfeature gates are now deprecated. They are already turned on by default and will be removed in a future version of Gardener. #6007
2022/05/25 - v1.47 Release β
Demo Agenda π β
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @himanshu-kun | 10m | 0οΈβ£ Generic Scale-To-Zero Support | autoscaler#27 (issue) |
| @krgostev | 10m | π©Ί SystemComponentsHealthy condition for Seeds | #5274 |
| @rfranzke | 5m | π Progressing condition for ManagedResources | #5904 |
| @grolu | 10m | πΉ Recent Gardener Dashboard Updates | dashboard (repo) |
| @ary1992 | 10m | π‘ Observability Credentials Rotation | #5926 |
| @MartinWeindel | 10m | π Network Problem Detector Extension | shoot-networking-problemdetector (repo) |
No Demo, But Still Worth Celebrating π β
- π [USER] A new document related to the rotation of the CA certificate rotation has been added. #5939
- β¨ [DEVELOPER]
provider-localnow allows to enable thedependency-watchdog-probein the seed cluster. #5937 - β¨ [DEVELOPER]
provider-localnow supports Ingress objects in theSeedcluster and now enables using the shoot node logging feature. #5924 - β¨ [OPERATOR] The
lastActivityTimestampof theProjectis now updated every time aPlant,BackupEntryorShootis created, or aQuotaorSecretin the project namespace is referred by aSecretBinding. The timestamp is also updated when these resources are updated or deleted. #5821
2022/05/11 - v1.46 Release β
Demo Agenda π β
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @timebertt | 10m | π‘οΈ Shoot Cluster CA Rotation e2e Demo | #3292 (issue) |
| @dimityrmirchev | 10m | π§ͺ Extension e2e Tests Via Local Garden | shoot-oidc-service#33 |
| @krgostev | 10m | πΎ Backup{Bucket,Entry} Support For Local Garden | #5514 |
| @istvanballok, @wyb1 | 10m | π Connectivity Exporter | connectivity-exporter (repo) |
| @ialidzhikov | 5m | π Extension SecretBinding Validator | provider-gcp#428 |
No Demo, But Still Worth Celebrating π β
- π [USER] Documentation for accessing the shoot cluster is added here. #5849
- π [USER] There is a new document explaining the various configurations (and caveats) regarding the ServiceAccount configuration for shoot clusters. #5888
- β¨ [OPERATOR] The
WorkerPoolKubernetesVersionfeature gate has been promoted to beta and is now enabled by default. #5857
2022/04/27 - v1.45 Release β
Demo Agenda π β
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @Diaphteiros | 10m | π‘οΈ Virtual Garden Cluster CA Rotation | #5735 |
| @acumino | 5m | π API Diff PR Check To Detect Breaking Changes | #5532 |
| @shafeeqes | 5m | π Improved Cloud-Config Downloads To Save I/O | #5768 |
| @ScheererJ | 10m | π Extension For Networking Filter | shoot-networking-filter (repo) |
| @BeckerMax | 10m | π‘οΈ Dedicated Client CA For Shoots | #5779 |
| @rfranzke | 10m | π‘οΈ Adaptation Of Extensions Library For CA Rotation | #5803 |
No Demo, But Still Worth Celebrating π β
- π [OPERATOR] Fixed an issue that could cause the
cloud-config-downloaderto invalidate its credentials token if the node that it is currently running on has issues with the file system where the credentials token is stored (for example when the node runs out of disk space). #5719 - π [OPERATOR] Increase the QPS and burst value for
kube-apiserverrequests for thevpa-recommenderof Seed and Shoot clusters to better cope with large cluster sizes. #5743 - π [OPERATOR] VPA binaries and dependency have been upgraded to 0.10.0. #5716
- β¨ Several Feature Gate Promotions:
DenyInvalidExtensionResources(#5793) andCachedRuntimeClients(#5752) are now GA,RotateSSHKeypairOnMaintenance(#5740) andShootMaxTokenExpirationOverwrite(#5726) are now beta.
2022/04/13 - v1.44 Release β
Demo Agenda π β
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @acumino | 5m | πͺ Validation For Locked Feature Gates | #5667 |
| @ary1992 | 5m | π‘οΈ Deactivation Of Static Shoot Kubeconfig | #5649 |
| @ishan16696 | 10m | πΎ New etcd-druid@v0.8 Release | #5693 |
| @rfranzke | 10m | π‘οΈ Auto-Rotation Of Expiring Secrets | #5679 |
| @MartinWeindel | 10m | π Central DNS Proxy | shoot-dns-service#104 |
| @oliver-goetz | 10m | πΌ Prow Image Builds | ci-infra#181 |
No Demo, But Still Worth Celebrating π β
- π [OPERATOR] CPU limits from all gardener components have been removed to prevent CPU throttling due to reaching limits. #5627
- π [OPERATOR] Memory limits of all shoot control plane or system components have been removed or adjusted according to measured usage to prevent OOMKills due to reaching the limits. #5689
- π [OPERATOR] VPA resources now use
controlledValues: RequestsOnlyto prevent the VPA mechanism from proportionally changing the limits, which doesn't make sense. #5638 - π‘ [OPERATOR]
dependency-watchdog-probedoes no longer use a client certificate but an auto-rotatedServiceAccounttoken which is only valid for12h. #5685
2022/03/30 - v1.43 Release β
Demo Agenda π β
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @rfranzke | 5m | π Optimized LIST nodes Calls | #5529 |
| @ialidzhikov | 5m | π Improved CheckDaemonSet Function | #5628 |
| @timebertt | 10m | π‘οΈ New Secrets Manager | #5503 |
| @acumino | 5m | βοΈ Exclude Reconciliations Of ManagedResources | #5556 |
| @vlvasilev | 10m | π Logs of kube-system Pods Are Now Scraped By Loki | #5600 |
| @rfranzke | 10m | π§ Move DNSRecord Reconciliation Into Maintenance Time Window | #5531 |
| @oliver-goetz | 5m | π’ Move Of unit And integration Jobs To Prow | / |
No Demo, But Still Worth Celebrating π β
- β¨ [USER] There is a new Secret for each Shoot in the corresponding Project Namespace (
<shoot-name>.ca-cluster) which contains the current CA bundle for establishing trust to the Shoot's API server. #5612 - π [OPERATOR] An issue causing Shoot deletion to fail in a rare case when the corresponding Shoot Namespace in the Seed is already terminating is now fixed. #5555
- π [USER] A race condition has been fixed which can lead to pods without any projected token volumes for newly created shoots. #5549
- π [USER] A bug causing shoot reconciliations or deletions to fail with "no matches for kind" errors has been fixed. #5539