Gardener Review Meetings (2025) โ
In case you couldn't participate and are interested in catching up, you can find the contents of the review meetings we have had in 2025 here.
Meetings are recorded and published on Gardener's YouTube channel.
Check back regularly for updates and upcoming topics!
Reviews โ
2025/11/05 - v1.131 Release โ
Demo Agenda ๐ โ
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @kon-angelo | 5m | ๐งฝ Terraformer Removal | provider-openstack#1166 |
| @rrhubenov | 10m | ๐ฃ valitail Replacement With OpenTelemetry Collector | #12846 |
| @rfranzke | 10m | ๐ GEP-28: gardenadm connect Skeleton | #12391 |
| @hown3d | 5m | ๐ Metrics For Extension Conditions | #13015 |
No Demo, But Still Worth Celebrating ๐ โ
- ๐ [OPERATOR] An issue has been fixed which was preventing
gardenletfrom registering itsGardenletresource whenselfUpgradewas set in its Helm chart values. #13241 - โจ [OPERATOR] Introduced
spec.settings.loadBalancerServices.zonalIngress.enabledin theSeedAPI. When disabled, zonal istio ingress gateways are removed and the global istio ingress gateway is used instead. #12956 - โจ [OPERATOR]
gardenletnow evaluates extension health conditions first when computing the conditions of aShoot. #13231
2025/10/22 - v1.130 Release โ
Demo Agenda ๐ โ
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @vitanovs | 5m | โป๏ธ VPA's Recreate Update Mode | #13046 |
| @RadaBDimitrova | 5m | ๐ต๏ธโโ๏ธ Improved VPA Recommendation Monitoring | #12898 |
| @dnaeon | 5m | ๐ฃ Extensible Advertised Addresses For Shoots | #13043 |
| @timebertt | 10m | ๐ผ GEP-28: gardenadm bootstrap Progress | #2906 (issue) |
| @hown3d | 10m | ๐ UseUnifiedHTTPProxy Feature Gate | #13003 |
| @plkokanov | 5m | ๐ ๏ธ Secret Restoration During Control Plane Migration | #13056 |
| @oliver-goetz | 5m | ๐ Multi-Zonal L7 Load-Balancing Issues | #13081 |
No Demo, But Still Worth Celebrating ๐ โ
- โจ [OPERATOR]
gardener-operatornow prevents deletion of thegardennamespace in the runtime cluster whileoperator.gardener.cloud/v1alpha1.Gardenresources still exist. #13101 - โจ [OPERATOR]
gardener-node-agent-initnow outputs logs to journal and console (/dev/console). #12822
2025/10/08 - v1.129 Release โ
Demo Agenda ๐ โ
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @vpnachev | 5m | ๐ชช WorkloadIdentity For Backup Credentials | #12924 |
| @domdom82 | 5m | ๐ Multiple IPv4 Ranges For VPN | vpn2#160 |
| @videlov | 5m | ๐ฆ Bird Exporter Sidecar For calico-node | networking-calico#687 |
| @hebelsan | 10m | ๐ EFS + Filestore CSI Drivers | provider-aws#1174, provider-gcp#1095 |
No Demo, But Still Worth Celebrating ๐ โ
- ๐ [OPERATOR] Fixed an issue that caused
Machines to be duplicated when being saved in theShootState. This caused theShootStateto grow exponentially large and fail to be created. The issue could occur when there are multipleMachineDeployments created for the Shoot. #13089 - โจ [OPERATOR] The
OperatingSystemConfigcontainerd config was enhanced to specify theoverride_pathoption which is respected when generating thehosts.tomlfile for the respective upstream config. #13002
2025/09/24 - v1.128 Release โ
Demo Agenda ๐ โ
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @Roncossek | 5m | ๐งฉ GEP-33: Machine Image Capabilities | GEP-33 |
| @axel7born | 5m | ๐ฏ Dual-Stack Migration Of kube-dns Service | #12816 |
| @DockToFuture | 5m | ๐ Custom CoreDNS Configuration Support For node-local-dns | #12893 |
| @petersutter | 5m | ๐น Gardener Dashboard Update | dashboard#2444, dashboard#2572 |
| @marc1404 | 5m | ๐ค Project Titles In Gardener Dashboard | dashboard#2470 |
| @ialidzhikov | 5m | ๐ Developer Guideline For Validation | #12811 |
| @vpnachev | 5m | ๐ซ Dedicated Groups For Shoot Cluster Access | #12673, #12674 |
No Demo, But Still Worth Celebrating ๐ โ
- โจ [USER] The
rotate-etcd-encryption-startandrotate-etcd-encryption-completeoperation annotations have been deprecated in favour ofrotate-etcd-encryption-key. #12605 - โจ [OPERATOR]
gardener-node-agentno longer reboots a node if it flaps too often between ready/non-ready in a short period of time. #12930
2025/09/10 - v1.127 Release โ
Demo Agenda ๐ โ
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @rrhubenov | 10m | ๐ชฃ New OpenTelemetryCollector Feature Gate | #12568 |
| @dimityrmirchev | 5m | ๐ฉ Internal DNS Secret Configuration Via Seed API | #12663 |
| @voelzmo | 10m | ๐ MutatingAdmissionPolicy For Everyday Operations | Kubernetes docs |
No Demo, But Still Worth Celebrating ๐ โ
- ๐ช [OPERATOR] โ ๏ธ Gardener does no longer support garden, seed, or shoot clusters with Kubernetes versions
<= 1.28. Make sure to upgrade all existing clusters before upgrading to this Gardener version. #12486 - โจ [USER]
shoot.spec.secretBindingNamefield is deprecated in favour ofshoot.spec.credentialsBindingNameand will be removed after Kubernetes support for version 1.34 is dropped. [...] #12804 - โจ [OPERATOR] When
gardenletstarts up, it now checks the version skew with thegardener-apiserver(click here for the policy document). #12863
2025/08/27 - v1.126 Release โ
Demo Agenda ๐ โ
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @ScheererJ | 10m | ๐ node-local-dns Enablement w/o Nodes Rollout | #12422 |
| @LucaBernstein | 5m | ๐จ Emergency Stop Of Shoot Reconciliations | #12712 |
No Demo, But Still Worth Celebrating ๐ โ
- ๐ช [OPERATOR] โ ๏ธ The
NewWorkerPoolHashfeature gate has been promoted to beta and is now enabled by default. [...] All provider extensions must be upgraded to a version which includes Gardenerv1.98.0first to support this feature. #12550 - ๐ [USER] Errors that occur during
Workerreconciliation are now also propagated to theShootstatus. #12769 - ๐ [OPERATOR] An issue causing the
plutono-datasourcesConfigMapto be reconciled by 2ManagedResources when Seed is Garden managed bygardener-operatoris now fixed. [...] #12798
2025/08/13 - v1.125 Release โ
Demo Agenda ๐ โ
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @rfranzke | 10m | ๐ค GEP-28: ETCD Management Via etcd-druid | #12391 |
| @marc1404 | 5m | ๐ซ No More RBAC Collisions In Kubeconfigs | #12597 |
| @ialidzhikov | 10m | ๐ ๐ผโโ๏ธ Global Max Allowed Values For VPA | #12481 |
| @AleksandarSavchev | 5m | ๐งฑ Robust Config Handling In gardener-node-agent | #12589 |
| @tobschli | 10m | ๐ข Cluster API Provider For Gardener | cluster-api-provider-gardener (repo), blog post |
No Demo, But Still Worth Celebrating ๐ โ
- ๐ [OPERATOR]
Seedregistration was fixed forManagedSeeds with seed templates configuringspec.resources. #12652 - ๐ [OPERATOR] A bug in
gardener-node-agentthat prevented the location for the sandbox image to be configurable to a custom value on worker nodes with containerdv2.xwas fixed. #12665 - โจ [DEVELOPER] The Concourse CICD pipeline has been migrated to GitHub Actions. #12592
2025/08/06 - Kubernetes v1.33 Special Edition โ
Demo Agenda ๐ โ
Presenters: @Kostov6, @plkokanov, @RadaBDimitrova
| Duration | Topic | Reference(s) |
|---|---|---|
15m | ๐ Graduation Ceremony Graduated Features | KEP-753, KEP-3850, KEP-3998, KEP-4193, KEP-2590, KEP-1880, KEP-3866, KEP-4444 & KEP-2433, KEP-2625, KEP-3633, KEP-3094, KEP-1495, KEP-2644, KEP-3857 |
15m | ๐ธ Beta Bloom Alpha -> Beta Promotions | KEP-5100, KEP-4381, KEP-4817, KEP-5142, KEP-4832, KEP-3257, KEP-3619, KEP-4639, KEP-127, KEP-4265, KEP-2902, KEP-3960 & KEP-4818, KEP-5073 |
10m | ๐๏ธ Fresh Off The Press New Alpha Features | KEP-4951, KEP-4603, KEP-4960, KEP-5055 & KEP-4816 & KEP-5018 & KEP-4815, KEP-2535, KEP-4742, KEP-5067, KEP-5109, KEP-4205, KEP-4412, KEP-4049 |
5m | ๐งผ Security, Deprecations & Removals | CVE-2025-4563, KEP-4004. KEP-4974, KEP-5040, KEP-3503 |
5m | ๐ชด What's Changing In Gardener | #11033, #12343, #12115 & #12413, #11502 |
2025/07/30 - v1.124 Release โ
Demo Agenda ๐ โ
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @timuthy | 10m | ๐ผ๏ธ Image Rewriter Extension | extension-image-rewriter (repo) |
| @oliver-goetz | 5m | โ๏ธ L7 Load-Balancing Metrics Dashboards | #12509 |
| @domdom82 | 10m | ๐งฆ CIDR Overlap w/ Seed For HA Shoots | #12204 |
| @vitanovs | 10m | ๐ช Vertical Pod Autoscaler Feature Gates | #12339 |
No Demo, But Still Worth Celebrating ๐ โ
- ๐ช [USER] Starting with Kubernetes v1.34, setting the field
.spec.cloudProfileNameis be forbidden. The field will be dropped from existingShoots once. Users are advised to drop this field and specify the cloud profile using the.spec.cloudProfile.namefield instead. #11816 - ๐ [OPERATOR] A bug has been fixed which caused
Pods from namespaces other thankube-systemand labeled withnode.gardener.cloud/critical-component=trueto be considered by gardener-resource-manager. #12557 - ๐ [OPERATOR] A bug has been fixed which prevented the seed-specific Plutono dashboards from being provided by
gardenletin case its seed cluster was the garden runtime cluster at the same time. #12476
2025/07/16 - v1.123 Release โ
Demo Agenda ๐ โ
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @LucaBernstein | 5m | ๐ช Defaulting Machine Image Version From Prefix | #12374 |
| @oliver-goetz | 10m | ๐ Simplified gardenlet Deployment Configuration | #11996 |
| @timebertt | 10m | ๐โโก๏ธ Bastion Controller In provider-local | #12366 |
| @ishan16696 | 15m | ๐ ๐ผโโ๏ธ Immutable Backup Buckets | #12175 |
No Demo, But Still Worth Celebrating ๐ โ
- ๐ช [USER] The deprecated
urlannotation in<shoot-name>.monitoringsecrets in the project namespace has been removed. Please use theplutono-urlannotation instead. #12396 - โจ [OPERATOR] The
NodeAgentAuthorizerfeature gate has been graduated to GA and is locked to true. #12405 - โจ [DEVELOPER]
BackupBucket/BackupEntrycontrollers now supportWorkloadIdentitytype of credentials, provider extensions may need to adjust the respective controllers or to explicitly disallowBackupBuckets of their type to configureWorkloadIdentity. #12321
The occurrence for the v1.122 release was skipped because of too few topics.
2025/06/25 - v1.121 Release โ
Demo Agenda ๐ โ
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @RadaBDimitrova | 5m | ๐ฉบ Improved Health Check For Rolling Updates | #11869 |
| @ashwani2k | 5m | ๐ฃ dependency-watchdog Reports Scale Down | #12272 |
| @timebertt | 10m | ๐ผ GEP-28: gardenadm bootstrap Progress | #2906 (issue) |
| @timuthy | 5m | ๐ฆพ New Capabilities For Extension Shoot Webhooks | #12273 |
| @vpnachev | 5m | ๐
New DoNotCopyBackupCredentials Feature Gate | #12168 |
No Demo, But Still Worth Celebrating ๐ โ
- ๐ช [OPERATOR]
gardenletno longer deploysControlPlaneresources with.spec.purpose=exposureforShoots using unmanaged DNS provider.gardenletwill now cleanup anyControlPlaneexposure resource as part of the reconciliation and deletion flows for such Shoots. #12162 - ๐ [USER] A bug causing the
kube-apiserverto crash when anonymous authentication is configured viaStructuredAuthenticationwas fixed. #12198 - โจ [DEVELOPER] Introduced new version classifications
unavailableandexpired. They are not meant to be set manually but should act as computed classification states. #12298
2025/06/18 - v1.120 Release โ
Demo Agenda ๐ โ
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @DockToFuture | 10m | ๐ฏ Single-Stack IPv4 -> Dual-Stack IPv{4,6} Migration For GCP | extension-provider-gcp#1010 |
| @nickytd | 5m | ๐ฐ๏ธ GEP-34: OpenTelemetry Operator And Collectors | #11861 |
| @oliver-goetz | 10m | โ๏ธ Cluster-Internal L7 Load-Balancing Endpoints For kube-apiservers | Summary |
| @timuthy | 10m | ๐ธ Compatibility Fields In Extension API | #11982 |
No Demo, But Still Worth Celebrating ๐ โ
- โจ [OPERATOR] The
Gardenresource has been enhanced with a new field,spec.VirtualCluster.ETCD.Main.Backup.Region, which enables the configuration of the backup bucket region. Previously, the region was derived from the provider (spec.runtimeCluster.provider.region). This behavior remains as a fallback if the backup region is not explicitly specified. #12186 - โจ [DEVELOPER] The
.spec.purposefield in theControlPlaneresource is now deprecated and will be removed in Gardenerv1.123. In the times before SNI was introduced and unconditionally enabled it was previously used to manage control plane exposure. #12161
2025/06/11 - Hack The Garden Wrap Up โ
Demo Agenda ๐ โ
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @axel7born | 5m | โก๏ธ Replace OpenVPN With Wireguard | Summary |
| @afritzler | 5m | โณ๏ธ Make gardener-operator Single-Node Ready | Summary |
| @nickytd | 5m | ๐ก OpenTelemetry Transport For Shoot Metrics | Summary |
| @rickardsjp | 5m | ๐ฌ Cluster Network Observability | Summary |
| @tobschli | 5m | ๐ Signing Of ManagedResource Secrets | Summary |
| @Gerrit91 | 5m | ๐งฐ Migrate ControlPlane Reconciliation Of Provider Extensions To ManagedResources | Summary |
| @benedikt-haug | 5m | โจ Dashboard Usability Improvements | Summary |
| @klocke-io | 5m | ๐ Documentation Revamp | Summary |
| @Gerrit91 | 5m | โน๏ธ Expose EgressCIDRs In shoot-info ConfigMap | Summary |
| @kon-angelo | 5m | ๐ Overcome Maximum Of 450 Nodes On Azure | Summary |
| @Nuckal777 | 5m | ๐ฆ Multiple Parallel Versions In A Gardener Landscape (Canary Deployments) | Summary |
| @rrhubenov | 5m | ๐งโ๐ง Worker Group Node Roll-out | Summary |
| @kon-angelo | 5m | ๐ Instance Scheduled Events Watcher | Summary |
No Demo, But Still Worth Celebrating ๐ โ
- โ๏ธ Cluster-Internal L7 Load-Balancing Endpoints For
kube-apiservers. Summary - โป๏ธ GEP-32 โ Version Classification Lifecycles. Summary
2025/05/21 - v1.119 Release โ
Demo Agenda ๐ โ
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @timuthy | 10m | ๐ก๏ธ CVE-2025-47282, CVE-2025-47283, CVE-2025-47284 | #12136 (issue), #12137 (issue), external-dns-management#462 (issue) |
| @shafeeqes | 5m | ๐ช๐ป Forceful Redeployment Of gardenlets | #11972 |
| @rfranzke | 10m | gardenadm token + gardenadm join | #11934, #11942 |
| @ScheererJ | 5m | kube-proxy's Readiness Probe | #12015 |
No Demo, But Still Worth Celebrating ๐ โ
- โจ [OPERATOR] The support for the already deprecated
shoot.gardener.cloud/managed-seed-api-serverannotation is now removed. Instead, consider enabling high availability for theManagedSeed'sShootcontrol plane. #11838 - โจ [OPERATOR] Spreading Istio
ingress-gatewaypods across hosts is enforced only for zonal Istio deployments now. #12007
2025/05/07 - v1.118 Release โ
Demo Agenda ๐ โ
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @domdom82 | 10m | ๐งฆ CIDR Overlap w/ Seed For Non-HA Shoots | #11582 |
| @vlerenc | 10m | ๐ฐ Leaner Clusters, Lower Bills | blog post |
| @grolu | 10m | ๐น Recent Gardener Dashboard Features | 1.80.0 (release) |
| @shafeeqes, @ary1992 | 15m | ๐ฆ In-Place Node Updates | #11191, #11393, #11631, #11713, #11718, #11843, #11844, #11953 |
No Demo, But Still Worth Celebrating ๐ โ
- ๐ [OPERATOR] Gardener core components are automatically restarted (due to a failing liveness probe) in case their Kubernetes API server watch caches do not sync for
3m. #11966 - โจ [USER] The CA bundle of the kubelet is now available via a
ConfigMapthe project's namespace, called<shoot-name>.ca-kubelet. #11916 - โจ [OPERATOR] The
SeedAPI feature new fieldspec.backup.credentialsRef, it is of typecorev1.ObjectReferenceand is allowed to refer to aSecret. #11583
2025/04/23 - v1.117 Release โ
Demo Agenda ๐ โ
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @axel7born | 10m | ๐ฏ Single-Stack IPv4 -> Dual-Stack IPv{4,6} Migration | #11692 |
| @oliver-goetz | 5m | ๐ญ SPDY Support For L7 Load-Balancing | #11807 |
| @oliver-goetz | 10m | ๐งโโ๏ธ Extension Care Controller | #11769 |
| @hendrikKahl | 5m | ๐ machine-controller-manager Processing Throughput | #11879 |
No Demo, But Still Worth Celebrating ๐ โ
- ๐ช [USER] The VPA version is updated to 1.3.0. Upstream VPA 1.3.0 does no longer serve API version
autoscaling.k8s.io/v1beta2. Gardener's VPA installation will continue to serve API versionautoscaling.k8s.io/v1beta2until Gardener v1.119. [...] #11774 - โจ [OPERATOR]
NamespacedCloudProfile.spec.limits.maxNodesTotalcan now also be used to override the limit defined in the parentCloudProfilewith an increased value. Increasing requires additional permissions granted by the custom verbraise-spec-limits. #11796 - โจ [OPERATOR]
gardener-operatorautomatically adds thenetworking.resources.gardener.cloud/to-virtual-garden-kube-apiserver-tcp-443: allowedlabel to the gardenlet deployment in case it is deployed to the garden runtime cluster. Thus, it is not required anymore to configure this label in theGardenletresource. #11855
2025/04/09 - v1.116 Release โ
Demo Agenda ๐ โ
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @vitanovs | 10m | ๐ฎ New ShootState Finalizer Controller | #11491 |
| @unmarshall, @Shreyas-s14 | 10m | ๐ค etcd-druid CEL Validations + API Module | #11545 |
| @rfranzke | 5m | ๐ฎ Bug Fixes In NetworkPolicy Controller | #11780 |
| @timuthy | 10m | ๐งฉ Extensions For Seed Reconciliations | #11764 |
| @ScheererJ | 10m | ๐ GEP-28 Update: Autonomous Shoot Clusters | #2906 (issue) |
No Demo, But Still Worth Celebrating ๐ โ
- ๐ช [OPERATOR] Please note, if you configure
spec.extensionsin yourGardenresource:gardener-operatoradds agarden-prefix to all extension resources configured via theGarden. Existing extension resources (not prefixed) will be deleted automatically at the end of the reconciliation. [...]. #11764 - ๐ช [DEVELOPER] The extension
classfield in the generic extension controller was removed. Please use the new fieldclassesinstead. #11764 - โจ [OPERATOR] The feature gate
NewVPNhas been graduated to GA. It was already enabled by default and can now no longer be turned off. The feature gate will be removed in a future release. #11714
2025/03/26 - v1.115 Release โ
Demo Agenda ๐ โ
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @shafeeqes | 10m | ๐๏ธ Drop TokenInvalidator Controller And Webhook | #11497 |
| @LucaBernstein | 5m | ๐ Latest NamespacedCloudProfiles Features | #11647, #11550 |
| @ialidzhikov | 10m | ๐ Replace TopologyAwareHints With ServiceTrafficDistribution | #11178 |
| @ScheererJ | 5m | โ๏ธ Better CoreDNS Configurability | #11526 |
| @oliver-goetz | 10m | ๐
Drop HorizontalPodAutoscaler For gardener-apiserver | #11684 |
| @hendrikKahl | 5m | ๐ GOAWAY Chance For gardener-apiserver | #11551 |
No Demo, But Still Worth Celebrating ๐ โ
- โจ [USER] If the Gardener operator has defined a control plane wildcard certificate, the
.status.advertisedAddressesof theShootcontain an entry with an endpoint secured by this certificate. Note that this endpoint is specific to the seed cluster the Shoot is scheduled to. Read all about it in this document. #11612 - โจ [OPERATOR] The
injectGardenKubeconfigfield is defaulted totruefor extensions responsible forWorkerresources when registered via theoperator.gardener.cloud/v1alpha1.ExtensionAPI. #11658
2025/03/12 - v1.114 Release โ
Demo Agenda ๐ โ
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @AleksandarSavchev | 5m | โ๏ธ Deny-All NetworkPolicy In kube-system Namespace For Shoots | #11502 |
| @timuthy | 10m | ๐ญ Minimum Resource Requirements For Shoot ETCD + API Server | #11252 |
| @timuthy | 5m | ๐จ Extension Example Manifest Generator | #11329 |
| @Wieneo | 5m | ๐๏ธ Dropping Reserved VPN Authz Server | #11338 |
| @oliver-goetz | 10m | โ๏ธ L7 Load-Balancing For Requests To kube-apiservers | #11085 |
| @rfranzke | 5m | ๐ Garden Access For Extensions No Longer By Default | #11593 |
No Demo, But Still Worth Celebrating ๐ โ
- ๐ช [OPERATOR] โ ๏ธ Gardener does no longer support garden, seed, or shoot clusters with Kubernetes versions <= 1.26. Make sure to upgrade all existing clusters before upgrading to this Gardener version. #10664
- ๐ช [USER] All
Seeds are now automatically labeled withname.seed.gardener.cloud/<name>=true(โ no longerseed.gardener.cloud/<name>=true) where<name>is their own name, and (if applicable) the name of their parent seed in case they are managed seeds. This label can be used as selector for requests. #11479 - โจ [OPERATOR]
gardener-operatornow waits for requiredExtensions to get ready early in the reconcile flow. It addresses use-cases where extensions run mutating webhooks in the garden runtime cluster that must be present when Garden components are deployed. #11523
2025/03/05 - Kubernetes v1.32 Special Edition โ
Demo Agenda ๐ โ
Presenters: @marc1404, @LucaBernstein
| Duration | Topic | Reference(s) |
|---|---|---|
10m | ๐ Graduation Ceremony Graduated Features | KEP-4358, KEP-1967, KEP-4193, KEP-3221, KEP-1847 |
10m | ๐ธ Beta Bloom Alpha -> Beta Promotions | KEP-4368, KEP-4633, KEP-4247, KEP-1790, KEP-3476, KEP-4381, KEP-4601, KEP-3157 |
10m | ๐๏ธ Fresh Off The Press New Alpha Features | KEP-4832, KEP-3962, KEP-2837, KEP-4818, KEP-4817, KEP-4827 & KEP-4828, KEP-4802 & KEP-4885 |
5m | ๐งผ Security, Deprecations & Removals | CVE-2025-0426, CVE-2024-9042, KEP-4381, kubernetes/kubernetes#127017 |
5m | ๐ชด What's Changing In Gardener | #11020, #10666, #10858 |
2025/02/26 - v1.113 Release โ
Demo Agenda ๐ โ
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @maboehm | 5m | ๐ท Maximum Node Count For Shoots | #11279 |
| @domdom82 | 5m | ๐ ACL Reconciliation On Infrastructure Changes | extension-acl#105 |
| @Wieneo | 5m | ๐ญ GEP-30: Rework API Server Proxy | #11214 (issue) |
| @ishan16696 | 10m | ๐ Fix Failing ETCD Restorations | etcd-backup-restore#778 (issue) |
| @timebertt | 5m | ๐ช Refactor E2E Tests To Ordered Its | #11379 (issue) |
| @vpnachev | 5m | ๐ข Public Gardener Information Discovery | #11238 |
No Demo, But Still Worth Celebrating ๐ โ
- ๐ [USER] The ETCD encryption config now properly configures a 32-byte key. #11150
- โจ [OPERATOR] Enhance the
gardener-operatorto allow specification of more than a single network range for.spec.runtimeCluster.networking.{nodes,pods,services}, and.spec.virtualCluster.networking.services, which also allows dual-stack configurations. #11251 - โจ [OPERATOR] Shoot system and Shoot control plane containers, which do not require privilege escalations, now forbid privilege escalation explicitly. There is an issue in Kubernetes about the privilege escalation configuration being true by default. #11241
2025/02/19 - v1.112 Release โ
Demo Agenda ๐ โ
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @domdom82 | 5m | ๐ก๏ธ Prevent Leaking kube-apiserver's Service IP in Shoot | #10949 |
| @rfranzke | 10m | ๐คนโโ๏ธ Credentials Rotation Without Workers Rollout | #11027 |
| @oliver-goetz | 5m | ๐ฏ Wrapper For OperatingSystemConfig Provisioning Script | #11208 |
| @marc1404 | 10m | ๐ฅ Cluster Autoscaler Priority Expander Config | #11045 |
| @petersutter | 5m | ๐ผ Structured Authentication With Dashboard | #11080 |
No Demo, But Still Worth Celebrating ๐ โ
- โจ [USER] All
Seeds are now automatically labeled withseed.gardener.cloud/<name>=truewhere<name>is their own name, and (if applicable) the name of their parent seed in case they are managed seeds. This label can be used as selector for requests. #11062 - ๐ [OPERATOR] Rewrite Setup Gardener document #11260
2025/02/12 - v1.111 Release โ
Demo Agenda ๐ โ
| Presenter(s) | Duration | Topic | Reference(s) |
|---|---|---|---|
| @marc1404 | 5m | โ๏ธ Default Machine Image Version | #10954 |
| @timuthy | 10m | ๐จ๐ปโ๐พ Gardener Operator Manages Extension Resources | #11192, #11001 |
| @dimityrmirchev | 5m | ๐ซ Secret/ConfigMap Tampering Protection | #11108 |
| @oliver-goetz | 5m | ๐๏ธ Improved Deletion Logic In gardener-node-agent | #11015 |
No Demo, But Still Worth Celebrating ๐ โ
- โจ [USER] Expired versions from the
NamespacedCloudProfileare always dropped, except for already applied versions. #10910 - โจ [OPERATOR] Now
valicontains the managed control plane logs from the early stages ofShootreconcile. #11082 - ๐ [OPERATOR] An issue was fixed in
gardener-operatorthat prevented configuring OIDC forgardener-dashboardwhile using Structured Authentication. #11080