Gardener Review Meetings 2023 โ
Overview โ
In case you couldn't participate and are interested in catching up, you can find the contents of the review meetings we have had in 2023 here.
Reviews โ
2023/12/06 - v1.85 Release โ
Demo Agenda ๐ โ
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @timuthy | 10m | ๐ชช Auto-Registration + Certificate Management for Extension Admission Webhooks | #8725 |
| @acumino | 5m | ๐งน Orphaned Lease Garbage Collection | #8817 |
| @rfranzke | 10m | ๐ต๏ธ Introduction Of gardener-node-agent | #8023 (issue) |
No Demo, But Still Worth Celebrating ๐ โ
- ๐ช [OPERATOR] All the functionality related to the deprecated field
.spec.secretRefinSeeds has been removed and subsequently.spec.secretRefwill be dropped from theSeedAPI in a later release of Gardener. Please check yourSeeds and remove any usage before upgrading to this Gardener version. #8833 - โจ [OPERATOR] The
gardener-resource-managerdeployment procedure was improved. Earlier, GRM was unnecessarily rolled during shoot reconciliation if worker nodes contained custom taints. #8835
2023/11/29 - v1.84 Release โ
Demo Agenda ๐ โ
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @danielfoehrKn | 10m | โฌ๏ธ Machine Image Version Update Strategies | #8275 |
| @plkokanov | 5m | ๐คฒ๐ป node-exporter's Textfile Collector | #8721 |
| @timuthy | 5m | ๐ Improved Shoot Condition Handling | #8736 |
| @shafeeqes | 5m | ๐ฎ kube-controller-manager Controller Enablement Based on APIs | #8763 |
| @aaronfern | 5m | ๐ฅ cluster-autoscaler Metrics | #8750 |
No Demo, But Still Worth Celebrating ๐ โ
- ๐ช [USER] A validation rule was added that forbids changing the primary DNS provider in
.spec.dns.providersas soon as theShootwas scheduled. #8761 - ๐ช [OPERATOR] โ ๏ธ The deprecated fields
spec.settings.dependencyWatchdog.endpointandspec.settings.dependencyWatchdog.probehave been removed from theSeedAPI. Please check yourSeeds and remove any usage before upgrading to this Gardener version. #8747 - ๐ [OPERATOR] During the restore phase of control plane migration, the
machine-controller-manageris deployed with0replicas if it did not exist before or if it existed and was not scaled up yet. This fixes an issue that could cause theShoot's nodes to get recreated during control plane migration. #8742 - โจ [DEVELOPER] Vendoring has been removed from the project, i.e., there is no
vendorfolder anymore. #8775
2023/11/22 - v1.83 Release โ
Demo Agenda ๐ โ
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @Kostov6 | 10m | ๐ Prevent Unintended etcd-backup Secret Deletions | #8709 |
| @AleksandarSavchev | 10m | ๐ Diki - Gardener Compliance Checker | diki (repo) |
| @shafeeqes | 5m | ๐ API Server Runtime Config Validation | #8695 |
| @dimitar-kostadinov | 15m | ๐พ Introduction To registry-cache Extension | registry-cache (repo) |
No Demo, But Still Worth Celebrating ๐ โ
- ๐ [OPERATOR] A bug has been fixed which caused
ServiceAccounts related to garden access secrets for extensions to leak in the seed namespace in the garden cluster after uninstallation of said extensions. #8697 - โจ [OPERATOR] The
.status.lastOperationincore.gardener.cloud/v1beta1.Seedandoperator.gardener.cloud/v1alpha1.Gardenresources is now only updated each5sduring a reconciliation. Previously, it was updated immediately when a task was finished. #8705
2023/11/15 - Hack The Garden Wrap Up โ
Demo Agenda ๐ โ
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @robinschneider | 5m | ๐๏ธ ARM Support For OpenStack Extension | Summary |
| @dergeberl | 10m | ๐ก๏ธ Make ACL Extension Production-Ready | Summary |
| @oliver-goetz | 5m | ๐ต๏ธ Continuation Of gardener-node-agent | Summary |
| @rfranzke | 5m | ๐ง๐ผโ๐พ Deploy gardenlets Through Custom Resource Via gardener-operator | Summary |
| @Kumm-Kai | 5m | ๐ฆ Shoot Control Plane Live Migration (Without Downtime) | Summary |
| @afritzler | 10m | ๐๏ธ Stop Vendoring Third-Party Code In vendor Folder | Summary |
| @Gerrit91 | 5m | ๐ Generic Extension For Shoot Cluster Audit Logs | Summary |
| @timebertt | 5m | ๐ Rework Shoot Flux Extension | Summary |
No Demo, But Still Worth Celebrating ๐ โ
- โจ [USER] A discussion about air-gapped shoot clusters was conducted. Summary
- โจ [DEVELOPER] A new script
hack/update-skaffold-deps.shhas been added for automatically updating Skaffold dependencies for the binaries. Previously, you had to update them manually in theskaffold.yamlfile. Summary
2023/10/25 - v1.82 Release โ
Demo Agenda ๐ โ
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @rfranzke | 10m | ๐ Improved Machine State Persistence For Shoot Control Plane Migrations | #8559, #8618 |
| @acumino | 5m | ๐ No Longer Report Skipped Flow Tasks | #8541 |
| @oliver-goetz | 5m | ๐ค Accelerated API Server Rollouts | #8640 |
| @ScheererJ | 5m | ๐ฅ Forceful Managed Resources Finalization | #8584 |
No Demo, But Still Worth Celebrating ๐ โ
- ๐ช [DEPENDENCY] The
MachineClassKind(),MachineClass(), andMachineClassList()methods have been dropped from the genericWorkeractuator's interface and do not need to be implemented anymore. #8559 - ๐ช [DEPENDENCY] The no longer required
--gardenlet-manages-mcmoption has been removed. All code in provider extensions related to management/deployment ofmachine-controller-managershould be removed. #8596 - ๐ช [DEVELOPER] The
extensions/pkg/controller/operatingsystemconfig/oscommonpackage is deprecated and will be removed as soon as theUseGardenerNodeAgentfeature gate has been promoted to GA. OS extension developers should start adapting to this new feature, see documentation and example based onprovider-local. #8647
2023/10/11 - v1.81 Release โ
Demo Agenda ๐ โ
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @holgerkoser | 5m | ๐ญ Dashboard Theming + Branding | dashboard#1568 |
| @seshachalam-yv | 5m | ๐ Delta Snapshot Retention Period | etcd-druid#651 |
| @shafeeqes | 10m | ๐๏ธ Forceful Shoot Deletion | #8414, #8608 |
| @rfranzke | 5m | โน๏ธ Shoot Scheduling Failure Reason Population | #8527 |
| @himanshu-kun | 10m | ๐ Autoscaler Early Abort/Backoff | autoscaler#154 |
No Demo, But Still Worth Celebrating ๐ โ
- ๐ [USER] Gardener refined the scope of the problematic webhook matcher for
Endpointsobjects. Earlier, shoot clusters were assigned a constraint reporting a problem with afailurePolocy: Failwebhook acting on these objects. Now, onlyEndpointsin thekube-systemanddefaultnamespaces are considered for this check. #8521 - โจ [OPERATOR] The
MachineControllerManagerDeploymenthas been promoted to beta and is now enabled by default. Make sure that all registered provider extensions support this feature gate before upgrading to this version of Gardener. #8526 - โจ [OPERATOR] The
DisableScalingClassesForShootsfeature gates has been promoted to GA (and is now always enabled). #8526
2023/09/27 - v1.80 Release โ
Demo Agenda ๐ โ
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @acumino | 5m | ๐ฝ Enabled Target Cache In gardener-resource-manager | #8483 |
| @grolu | 5m | ๐น๏ธ Support For Workerless Shoots | dashboard#1531 |
| @plkokanov | 10m | ๐ฎ Introduction To rsyslog-relp Extension | shoot-rsyslog-relp (repo) |
| @rfranzke | 10m | ๐ฎ gardener-operator Manages Gardener Control Plane | #8309 |
| @oliver-goetz | 10m | ๐ Seed Credentials Renewing On Garden Credentials Rotation | #8396 |
| @oliver-goetz | 5m | โ Kubernetes 1.28 Support | #8479 |
No Demo, But Still Worth Celebrating ๐ โ
- ๐ [USER] A bug has been fixed which was allowing users to specify an extension of the same type in
.spec.extensions[].typemore than once in theShootAPI. #8457 - โจ [USER] Gardener now reports nodes for which the
checksum/cloud-config-datahasn't been populated yet. This could point towards an error on the node and that not all Gardener related configuration happened successfully. #8448 - โจ [OPERATOR]
gardener-operatornow refuses to start if operators attempt to downgrade or skip minor Gardener versions. Please see this document for more information. #8413 - โจ [DEVELOPER] The following golang dependencies have been upgraded, please consult the upstream release notes and this issue for guidance on upgrading your golang dependencies when vendoring this gardener version:
k8s.io/*tov0.28.2,sigs.k8s.io/controller-runtimetov0.16.2. #8464
2023/09/13 - v1.79 Release โ
Demo Agenda ๐ โ
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @ary1992 | 10m | ๐ฎ sigs.k8s.io/controller-runtime@v0.15 Upgrade | #8245 |
| @oliver-goetz | 10m | ๐ซง Additional Excess Capacity Reservation Configurations | #8356 |
| @ScheererJ | 10m | ๐จ๐ผโ๐ป Extension Admission Controllers In Local Setup | #8311 |
No Demo, But Still Worth Celebrating ๐ โ
- โจ [USER] When the Kubernetes control plane version is at least
v1.28, it is now possible to set the worker pool Kubernetes version to be at most three versions behind the control plane version. Earlier, only a skew of at most two versions was allowed. Find more details here. #8402 - โจ [OPERATOR] The
DisablingScalingClassesForShootsfeature gate has been promoted to beta. #8428 - โจ [OPERATOR] The
WorkerlessShootsfeature gate has been promoted to beta and is now turned on by default. Before deploying this Gardener version, make sure that all your registered extensions support this feature gate. #8417
2023/08/30 - v1.78 Release โ
Demo Agenda ๐ โ
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @schrodit | 20m | ๐ How Codesphere Uses Gardener | codesphere.com (website) |
| @acumino | 5m | ๐ง๐ผโ๐พ Gardener Operator Manages Plutono | #8301 |
| @aaronfern | 10m | ๐ฅพ Golang-Based ETCD Bootstrapping | etcd-wrapper#3 |
No Demo, But Still Worth Celebrating ๐ โ
- โจ [OPERATOR] It is possible now to trigger a
Seedreconciliation by annotating theSeedwithgardener.cloud/operation=reconcile. #8347 - โจ [OPERATOR] Status of
Gardennow includes theObservabilityComponentsHealthycondition which show the health of observability components in the garden runtime-cluster. #8346 - โจ [DEPENDENCY]
BackupBucket/BackupEntrycontrollers: watch secret metadata only. #8348
2023/08/16 - v1.77 Release โ
Demo Agenda ๐ โ
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @dimityrmirchev | 10m | ๐ Use immutable secrets in ManagedResource library | #8116 |
| @ialidzhikov | 10m | ๐๏ธ Introduce the ContainerdRegistryHostsDir feature gate | #8094 |
| @shafeeqes | 5m | ๐ช Split make generate targets | #8289 |
| @oliver-goetz | 5m | ๐ฎ Remove secrets from gardener-controlplane helm chart | #8308 |
| @timuthy | 10m | ๐ Enhance minimal distance algorithm in gardener-scheduler | #8277 |
No Demo, But Still Worth Celebrating ๐ โ
- ๐ [OPERATOR]
gardenletno longer reports theBootstrappedcondition onSeeds. Instead, it now reports the progress in.status.lastOperation, similar to how it's done forShoots. #8290 - ๐ [OPERATOR] Operators can now view and manage dashboards for compaction jobs running in shoot control plane. #8206
- ๐ [OPERATOR] gardener-operator now takes over management of
fluent-operatorandvali. #8240
2023/08/02 - v1.76 Release โ
Demo Agenda ๐ โ
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @oliver-goetz | 10m | ๐ฉบ Garden Care Controller | #8158, #8238 |
| @acumino | 5m | ๐ข Error Code Detection In Worker Controller | #8242 |
| @dergeberl | 10m | ๐ Garden Cluster Access For Extension Controllers In Seeds | #8001 (issue) |
| @timuthy | 5m | ๐ Support For Custom Gardener Schedulers | #8261 |
| @DockToFuture, @axel7born | 10m | ๐ AWS IPv4/6 Dual-Stack Support | provider-aws#778 |
No Demo, But Still Worth Celebrating ๐ โ
- ๐ช [OPERATOR] Removed
service.beta.kubernetes.io/aws-load-balancer-type: nlbannotation fromistio-ingressgatewayservice template. Set this annotation inSeedconfiguration. [...] #8214 - โจ [USER] It is now possible to enable disabled APIs for workerless shoot clusters via
spec.kubernetes.kubeAPIServer.runtimeConfig. #8258 - ๐ [USER] An issue has been fixed which caused CoreDNS to not rewrite CNAME values in DNS answers. #8231
2023/07/19 - v1.75 Release โ
Demo Agenda ๐ โ
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @StenlyTU | 10m | ๐ง๐ผโ๐พ Gardener Operator Deploys nginx-ingress-{controller,k8s-backend} | #7945 |
| @AleksandarSavchev | 5m | ๐ Pod Security Enforcements For Garden And Seed | #8099 |
| @acumino | 10m | โ๏ธ Kubeconfigs For Admission Plugin Configurations | #8110 |
| @shafeeqes | 5m | โ ๏ธ New CRDsWithProblematicConversionWebhooks Constraint For Shoots | #8159 |
| @ScheererJ | 10m | ๐๏ธ Race Mitigation For NetworkUnavailable Condition In Nodes | provider-gcp#631 |
| @timuthy | 5m | ๐ช Kubernetes Version Defaulting | #8198 |
No Demo, But Still Worth Celebrating ๐ โ
- ๐ช [DEVELOPER]
Shootfields.spec.dns.providers[].domainsand.spec.dns.providers[].zonesare now deprecated and expected to be removed in versionv1.87. Please plan ahead to drop using those fields in extensions. #8199 - ๐ช [USER] Adding Gardener-managed finalizers (e.g.,
gardenerorgardener.cloud/reference-protection) to theShooton creation is now forbidden. #8209 - ๐ [OPERATOR] A bug causing the
gardenletto panic when a ETCD encryption key rotation operation is triggered for a hibernatedShootis now fixed. Now, triggering ETCD encryption key rotation orServiceAccountsigning key rotation is forbidden when theShootis in waking up phase. #8184
2023/07/05 - v1.74 Release โ
Demo Agenda ๐ โ
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @timuthy | 5m | ๐ท๏ธ Multiple Domains For Garden Clusters | #8156 |
| @rfranzke | 10m | ๐ [GEP-22] Improved Usage of ShootState API | #8073 (issue) |
| @rfranzke | 5m | ๐ช Keep kube-proxy VPA On Kubernetes Patch Updates | #8071 |
| @oliver-goetz | 5m | ๐งน Removal Of Deprecated Development Setups | #8075 |
| @timebertt | 5m | ๐ Usage Of InternalSecret API | #7999 (issue) |
No Demo, But Still Worth Celebrating ๐ โ
- ๐ช [OPERATOR] โ ๏ธ Gardener does no longer support garden, seed, or shoot clusters with Kubernetes versions
< 1.22. Make sure to upgrade all existing clusters before upgrading to this Gardener version. #8087 - ๐ [OPERATOR]
gardener-resource-manager'ssystem-components-configwebhook no longer adds the toleration for theToBeDeletedByClusterAutoscalertaint to system components in shoot clusters. TheToBeDeletedByClusterAutoscalertaint is maintained by thecluster-autoscaler. This was breakingcluster-autoscaler's drain mechanism when scaling down an under-utilized node. It was causing just evicted system components from to be deleted node to be scheduled again on the to be deleted node. #8172
2023/06/21 - v1.73 Release โ
Demo Agenda ๐ โ
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @voelzmo | 10m | ๐ Disabled Scaling Classes For kube-apiserver Resource Requirements | #8003 |
| @dimitar-kostadinov | 10m | ๐ Improved Robustness Of terraformer Executions | #8059 |
| @rfranzke | 10m | ๐ค machine-controller-manager Managed By gardenlet | #8015, #8018, #8056 |
| @shafeeqes | 5m | ๐งน Cleanup Secret Reference In ManagedSeeds | #8039 |
No Demo, But Still Worth Celebrating ๐ โ
- ๐ช [OPERATOR] The field
.spec.secretRefin theSeedAPI has been deprecated and will be removed in a future release of Gardener. #8064 - โจ [OPERATOR]
gardener-apiservernow exposes a newcore.gardener.cloud/v1beta1.InternalSecretAPI, see the documentation for more information. #8025 - โจ [DEVELOPER] It is now easier to annotate
Services related to extensions serving webhook handlers that must be reachedby kube-apiservers running in separate namespaces such that the respective network traffic gets allowed. Please refer to this guide for all information. [...]. #8076 - โจ [DEVELOPER]
gardenlet'sControllerInstallationcontroller now populates the feature gate ofgardenletvia the Helm values to extensions when they are getting installed. The information is populated via the.gardener.gardenlet.featureGateskey. It contains a map whose keys are feature gates names and whose values are booleans (depicting the enablement status). #8011
2023/06/14 - v1.72 Release โ
Demo Agenda ๐ โ
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @ScheererJ | 5m | ๐ฆ Virtual Garden API Server Exposure Via Istio | #7953 |
| @axel7born | 5m | ๐น Golang Implementation For Egress Network Filtering | shoot-networking-filter#64 |
| @rfranzke | 5m | ๐ Improved Accuracy For Local Control Plane Migration E2E Tests | #7981 |
| @ishan16696 | 10m | โฌ๏ธ Improved ETCD Cluster Scale-Up | etcd-druid#584 (issue) |
| @kon-angelo | 5m | ๐ง Live AWS EBS Volume Modifications | provider-aws#754 |
| @elankath | 5m | ๐ GCP Disk Encryption With Customer-Managed Keys | provider-gcp#607 |
| @MartinWeindel | 5m | ๐ OpenStack Manila CSI Driver | provider-openstack#572 |
No Demo, But Still Worth Celebrating ๐ โ
- ๐ช [OPERATOR] It is required to have
ControllerRegistrations for KindsControlPlane,InfrastructureandWorkerwith the same types used for seeds (.spec.provider.type). [...]. #7928 - โจ [USER] The
core/v1alpha1API version is dropped. Make sure that you don't use thecore/v1alpha1API version in your machinery. #7965 - โจ [USER] The certificate chains served by
kube-apiservers does now include the CA certificates used to sign their server certificates. #7961 - ๐ [USER] A bug that prevented finalizers from being added to referenced
Secrets orConfigMaps in.spec.resourcesinShoots has been fixed. #7995
2023/06/07 - v1.71 Release โ
Demo Agenda ๐ โ
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @shafeeqes | 5m | ๐ก Improved Validation For Shoot Worker Pool Config | #7855 |
| @ScheererJ | 10m | ๐ง๐ผโ๐พ Gardener Operator Updates | #7881, #7931 |
| @ialidzhikov | 5m | โฑ๏ธ Configurable Toleration Seconds For Unready Nodes | #7861 |
| @acumino | 10m | ๐น๏ธ Workerless Shoot Clusters | #7635 (issue) |
| @ary1992 | 5m | โ Kubernetes 1.27 Support | #7883 |
| @istvanballok | 10m | ๐ Replace Grafana With Plutono, Loki With Vali | #7318 |
No Demo, But Still Worth Celebrating ๐ โ
- ๐ช [DEVELOPER] Extensions vendoring this
gardener/gardenerversion need to provide RBAC privileges forPATCH apps/depoyments/scale. #7868 - โจ [OPERATOR] The
HAControlPlanesfeature gate has been promoted to beta and is now turned on by default. #7867 - โจ [OPERATOR] It is now possible to provide namespace selectors for additional namespaces which should be covered by the
NetworkPolicycontrollers ofgardener-operatororgardenlet. [...] #7929 - โจ [DEVELOPER] In order to allow
kube-apiserverpods of shoot or garden clusters to reach webhook servers, they must no longer be explicitly labeled withnetworking.resources.gardener.cloud/to-<service-name>-<protocol>-<port>=allowed. Instead, it is enough to annotate theServiceof the webhook server withnetworking.resources.gardener.cloud/from-all-webhook-targets-allowed-ports=<ports>. #7907 - ๐ [DEVELOPER] A guideline for developers regarding
TODOstatements has been introduced. #7939
2023/05/31 - Hack The Garden Wrap Up โ
Demo Agenda ๐ โ
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @majst01, @Gerrit91 | 10m | ๐ต๏ธ Introduction Of gardener-node-agent | Summary |
| @einfachnuralex | 10m | ๐ IPv6 Shoot Clusters On Cloud Providers | Summary |
| @JensAc | 10m | ๐ฑ Experimenting With Masterful Shoot Clusters | Summary |
| @timebertt | 10m | ๐ Garden Cluster Access For Extension Controllers In Seeds | Summary |
| @rfranzke | 10m | ๐พ Replacing ShootStates With Backups in Backup Buckets | Summary |
| @timebertt | 10m | ๐ New InternalSecrets API In Gardener | Summary |
No Demo, But Still Worth Celebrating ๐ โ
- โจ The
machine-controller-managerdeployment procedure has been moved from the genericWorkeractuator used in extensions controllers intogardenlet. Summary - โจ The accuracy for local control plane migration e2e tests has been increased as much as possible. Summary
- โจ A few of the necessary steps for supporting ETCD encryption for custom resources have been addressed. Summary
- ๐งน The
apiserver-proxy-pod-mutatorwebhook has been moved intogardener-resource-manager. Summary
2023/05/10 - v1.70 Release โ
Demo Agenda ๐ โ
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @Kristian-ZH | 10m | ๐ชต Introduction Of Fluent Operator | #7568 |
10m | cgroup-v2 Nodes | ||
| @ScheererJ | 5m | ๐ฝ User-Defined Kernel Settings Per Worker Pool | #7825 |
| @rfranzke | 10m | ๐ง๐ผโ๐พ Gardener Operator Manages Istio and kube-state-metrics | #7817, #7836 |
| @plkokanov | 10m | ๐ Control Plane Migration For HA Shoots | #7626, #7742 |
No Demo, But Still Worth Celebrating ๐ โ
- โจ [OPERATOR] Gardener now supports seed clusters with Kubernetes versions up to
v1.26. #7831 - โจ [OPERATOR] The
highavailabilityconfigwebhook configures topology spread constraints withminDomains=<number-of- zones>. [...]. #7826 - โจ [OPERATOR] Annotations in
seed.spec.settings.loadBalancerServices.annotationsare now applied to thenginx-ingressload balancer service in the seed cluster. #7835 - ๐งน [OPERATOR] The promoted or deprecated feature gates
ManagedIstioandReversedVPNhave been removed. #7830
2023/04/26 - v1.69 Release โ
Demo Agenda ๐ โ
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @oliver-goetz | 10m | ๐ Skaffold-Based Debugging Experience | #7755 |
10m | Shoots | ||
| @DockToFuture | 10m | ๐ E2E Tests For Networking Extensions | networking-calico#257, networking-cilium#261 |
| @breuerfelix | 10m | ๐ฑ Local IPv6-Based Seed Clusters | #7561 |
No Demo, But Still Worth Celebrating ๐ โ
- โจ [OPERATOR] The
SeedChangeandCopyEtcdBackupsDuringControlPlaneMigrationfeature gates have been promoted to GA and are now locked to true. #7763 - ๐ [OPERATOR] Fixed potential leaks of
ShootStates that could happen when aShootcluster is deleted. This is achieved by no longer exiting early from the deletion flow if the shoot's seedNamespacehas been deleted. The same logic has been applied to the migration flow for consistency. #7789 - ๐ [OPERATOR] A bug causing kube-controller-manager to fail to clean up ShootState resources is now fixed. #7793
- ๐งน [OPERATOR] The
.spec.settings.ownerChecksfield of theSeedconfiguration is deprecated. The "bad-case" control plane migration is being removed in favor of the HA Shoot control planes [...]. #7748
2023/04/12 - v1.68 Release โ
Demo Agenda ๐ โ
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @ialidzhikov | 5m | ๐ฆ Toplogy-Aware-Routing in Garden Cluster | #7729 |
| @ary1992 | 10m | โณ Restrict Duration Of Reconciliations | #7147 |
| @robinschneider | 5m | ๐ Copy Docker Hub Images To Gardener GCR | #7698 |
| @timuthy | 10m | ๐ง๐ผโ๐พ Gardener Operator Manages kube-apiserver | #7693, #7730 |
| @timuthy | 5m | ๐ธ Trigger ETCD Snapshots Via | #7714 |
No Demo, But Still Worth Celebrating ๐ โ
- โจ [OPERATOR] Enable memory-saver mode for the VPA recommender. It stops tracking resource consumption for Containers without matching VPAs and frees up memory. #7746
- โจ [DEVELOPER] The server certificate of the kube-apiserver deployment now contains the
<service-name>.<namespace>.svc.cluster.localSAN. #7735 - ๐ [OPERATOR] A bug causing the gardenlet to be unable to access the BackupBucket generated secret in garden namespace is now fixed. #7708
- ๐ [OPERATOR] A bug has been fixed for the Gardener Operator that occasionally caused "404 not-found" errors when garden resources where applied and the operator ran with multiple replicas. #7739
2023/04/05 - Special Edition โ
Demo Agenda ๐ โ
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @vlerenc | 25m | ๐คช Gardener Chaos Engineering | chaos-engineering (repo) |
2023/03/29 - v1.67 Release โ
Demo Agenda ๐ โ
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
10m | |||
| @SimonKienzler | 10m | ๐ซ Ensure CSINode Readiness Before Scheduling Pods | #7621 |
| @timebertt | 5m | ๐ Skaffold-Based Development Experience | #7659 |
| @grolu | 10m | ๐น Recent Gardener Dashboard Features | dashboard (repo) |
| @timuthy | 10m | ๐ฟ Single Object Cache | #7632, #7681 |
No Demo, But Still Worth Celebrating ๐ โ
- ๐ [OPERATOR] An issue has been fixed which caused undesired PATCH requests when updating the state in the Worker or ShootState resources. #7637
- ๐ [DEVELOPER] A bug in
managedresources.NewRegistrythat was leading to excessive memory usage when this function is called multiple times has been fixed. #7694 - โจ [DEVELOPER] Shoot clusters using
provider-localcan now have multiple worker nodes withcalicoas CNI. #7684 - โจ [DEVELOPER] The local deployment of Gardener with extensions can now deal with multiple seeds. Additional seeds can be added and removed again. #7673
2023/03/15 - v1.66 Release โ
Demo Agenda ๐ โ
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @shafeeqes | 5m | ๐ป Dropped Support For Self-Managed Ingress Controllers In Seeds | #7529 |
| @timuthy | 10m | ๐ง๐ปโโ๏ธ Adapted NetworkPolicys For Istio Namespaces | #7570 |
| @ScheererJ | 10m | ๐ง๐ปโโ๏ธ Adapted NetworkPolicys For Extension Namespaces | #7589 |
| @ialidzhikov | 10m | ๐ฆ Routing Network Traffic Toplogy-Aware | #7191 |
No Demo, But Still Worth Celebrating ๐ โ
- ๐ [USER] Updates to the
AuditPolicyreferenced byShoots are now also validated against the Kubernetes versions of those shoot clusters. This fixes an issue where it was possible to specify an unsupportedaudit.k8s.ioversion when updating theConfigMapwhich contains theAuditPolicy. #7563 - ๐ [USER] Fixes control-plane migration of hibernated shoot being stuck if shoot was hibernated for
24h. #7608 - ๐ช [OPERATOR] The
ForceRestorefeature gate has been removed. #7543 - โจ [OPERATOR] The
ManagedSeedcontroller does no longer try to sync theSeedkubeconfigSecretwhenShoot's static token kubeconfig is not enabled. #7546
2023/03/01 - v1.65 Release โ
Demo Agenda ๐ โ
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @axel7born | 5m | ๐ฅธ Response Rewrite For DNS Search Path Optimization | #7478 |
| @shafeeqes | 5m | ๐ Validation For Admission Plugin Configurations | #7472 |
| @shafeeqes | 5m | ๐ฅท๐ป Recreation For Immutable ConfigMaps/Secrets | #7516 |
| @acumino | 5m | ๐ฉบ Shoot System Components Health Checks | #7462 |
| @rfranzke | 5m | ๐ง๐ปโโ๏ธ Adapted NetworkPolicys For Shoot Control Plane Components | #7484, #7515 |
| @Kumm-Kai | 10m | ๐ซ Schedule Node-Critical Pods First | #7406 |
No Demo, But Still Worth Celebrating ๐ โ
- ๐ช [USER] The
core.gardener.cloud/v1alpha1API is deprecated and will be removed soon. Thecore.gardener.cloud/v1beta1API is already available since a very long time and should be used instead. #7443 - ๐ช [OPERATOR] Before upgrading to this Gardener version,
Seeds using.spec.dns.ingressDomainmust now finally be switched to using.spec.ingressand.spec.dns.provider[...]. #7515 - ๐ [OPERATOR] Fix a bug in the etcd deploy flow that erroneously unsets
etcd.spec.etcd.peerUrlTlsin theEtcdCRs of high available shoots when marked for hibernation. #7514
2023/02/15 - v1.64 Release โ
Demo Agenda ๐ โ
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @rfranzke | 10m | ๐ง๐ปโโ๏ธ NetworkPolicy Controller In gardener-resource-manager | #7392, #7412, #7437 |
| @himanshu-kun | 5m | ๐๏ธ Progressing Condition In MachineDeployments | machine-controller-manager#762 |
| @kon-angelo | 10m | ๐คธ๐ผโโ๏ธ Nodes CIDR Expansion For Shoots | #7368 |
| @timebertt | 5m | ๐ Simplified Debugging Experience For Integration Tests | #7431 |
| @rickardsjp | 10m | โ Unification Of Grafana Deployments | #7007 |
No Demo, But Still Worth Celebrating ๐ โ
- โจ [OPERATOR] The
istio-systemnamespace in seed clusters is now labeled withgardener.cloud/role=istio-system. Allistio-ingress*namespaces are now labeled withgardener.cloud/role=istio-ingress. #7389 - ๐ [OPERATOR] When deleting a seed the
cluster-identityconfig map inkube-systemnamespace is not deleted anymore if it was already existing on seed creation. #7436 - ๐ [OPERATOR] A bug has been fixed which caused the conditions of
Shoots to be set toUnknowntoo fast in case the responsiblegardenletis no longer posting its heartbeat. #7404 - โจ [DEVELOPER] Add bootstrapping a local IPv6 KinD cluster with
make kind-up IPFAMILY=ipv6. #7388
2023/02/08 - v1.63 Release (Part III) โ
Demo Agenda ๐ โ
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @einfachnuralex | 10m | ๐ ๏ธ Development Box On GCP | #7319 |
| @acumino | 10m | โ๏ธ New SystemComponentsConfig Webhook | #7204, #7304 |
| @rfranzke | 5m | ๐
Skip Readiness Checks In Shoot Flow | #7268 |
| @ialidzhikov | 10m | โ Kubernetes 1.26 Support | #7275 |
| @SimonKienzler, @breuerfelix | 10m | ๐ฎ Access Control For Shoot Clusters | extension-acl (repo) |
2023/02/01 - v1.63 Release (Part II) โ
Demo Agenda ๐ โ
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @AleksandarSavchev | 10m | ๐ Disable SSH Access To Worker Nodes | #7188 |
| @ary1992 | 5m | ๐ฎ controller-runtime Refactoring | #4251 (issue) |
| @shafeeqes | 10m | ๐ Dashboards For controller-runtime Metrics | #7180 |
| @ialidzhikov | 5m | โ๏ธ Kubelet Versions Constraints For Machine Image Versions | #7265 |
| @timebertt | 10m | ๐ฆ [GEP-21] IPv6 Single-Stack Support in Local Gardener | #7050, #7246, #7288 |
| @plkokanov | 5m | ๐ Control Plane Migration Status Update | #5620, #5587, dashboard#1262 |
No Demo, But Still Worth Celebrating ๐ โ
- โจ [USER] The
ServiceAccountsigning key rotation procedure has been improved and should work better for clusters with lots ofServiceAccounts or intermittent creations/deletions of new/oldServiceAccountsecrets. #7313 - ๐ [USER] A bug in the kubelet-monitor script running on all shoot worker nodes has been fixed which was causing to also kill processes other than kubelet only. #7278
- โจ [OPERATOR] The legacy VPN solution has been removed. The feature gates
ReversedVPN,ManagedIstioandAPIServerSNIare unconditionally enabled (locked to their default values) now. #7167 - โจ [OPERATOR]
gardener-operatoris now managing the load balancerServicefor exposing thevirtual-garden-kube-apiserveras part of the virtual garden cluster control plane. It is possible to specify annotations for it via.spec.runtimeCluster.settings.loadBalancerServices.annotationsin theGardenresource. #7238 - ๐ [OPERATOR] When deploying
kube-apiserverversionv1.24, Gardener will add the--shutdown-send-retry-after=truecommand line flag to thekube-apiservercommand. [...]. #7250 - โจ [DEVELOPER] The
HighAvailabilityConfigwebhook now also mutates replica settings ofHPAandHVPAresources. To make use of this handling, please label respective resources with the well knownhigh-availability-config.resource.gardener.cloud/typelabel [...]. #7226 - โจ [DEVELOPER] It is now possible to make secrets manager adopt existing secrets. Find out more in this document. #7243
- ๐ [DEVELOPER] The Gardener project has introduced a policy for the number of supported Kubernetes versions read it here. #7300
2023/01/25 - v1.63 Release (Part I) โ
Demo Agenda ๐ โ
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @rgroemmer | 5m | ๐ฟ OpenStack StorageClasses Via CloudProfiles | provider-openstack#408 |
| @ScheererJ | 10m | ๐จโ๐ฉโ๐ง Highly Available Istio Deployment | #6997 |
| @shafeeqes | 5m | ๐ New ObservabilityComponentsHealthy Condition For Shoots | #7325 |
| @acumino | 5m | ๐ต Catching Long-Running Stuck Rollouts | #7241 |
2023/01/18 - v1.62 Release โ
Demo Agenda ๐ โ
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @dimityrmirchev | 10m | ๐ช Extension Lifecycle Strategies | #6999 |
| @rfranzke | 10m | ๐งโ๐ป [operator] ETCD Management, Credentials Rotation, Validation | #7067, #7144, #7225 |
| @acumino | 5m | ๐งฐ Tracking Last Maintenance Operation | #7035 |
| @oliver-goetz | 10m | ๐ป kind-Based Local Setup For Extensions | #6678 |
| @MartinWeindel | 10m | ๐จโ๐ฉโ๐ฆ Highly Available VPN Deployment | #6978 |
No Demo, But Still Worth Celebrating ๐ โ
- โจ [USER]
gardener-admission-controllernow validatesShootKubernetes version compatibility with Audit Policy API version onShootupdate request. #7205 - โจ [USER] It is now possible to configure the general log verbosity and the verbosity for HTTP access logs for the
kube-apiservervia theShootspecification. #7094 - ๐ [OPERATOR] Prevent updating
Shoots which are scheduled to aSeedwith less then 3 zones tospec.controlPlane.failureTolerance.type: zone#7195 - ๐ [DEVELOPER] A new document for developers has been added with a checklist for what to pay attention to when adding new components to garden, seed, or shoot clusters. Read it here. #7125