Release Notes v1.103

Yake release notes and upgrade guide

Update provider-hcloud to 0.6.30

[gardener-extension-provider-hcloud] v0.6.30

Update provider-openstack to 1.41.2

[gardener/gardener-extension-provider-openstack]

🏃 Others

[OPERATOR] Fix an issue with share network reconciliation not calculating number of existing share networks correctly. by @AndreasBurger [#827]

Docker Images

gardener-extension-admission-openstack: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/admission-openstack:v1.41.2
gardener-extension-provider-openstack: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/provider-openstack:v1.41.2

Update shoot-cert-service to 1.44.2

[gardener/gardener-extension-shoot-cert-service]

🏃 Others

[OPERATOR] The memory limit from the cert-controller-manager Deployment is now removed. by @ialidzhikov [#287]

Docker Images

gardener-extension-shoot-cert-service: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/shoot-cert-service:v1.44.2

Update shoot-rsyslog-relp to 0.5.2

[gardener/gardener-extension-shoot-rsyslog-relp]

🐛 Bug Fixes

[OPERATOR] Fixed an issue that caused the -a exit,always -F arch=b64 -S mount_setattr -F auid!=-1 -F key=privileged_special audit rule to not get correctly applied. by @plkokanov [#151]

Docker Images

gardener-extension-shoot-rsyslog-relp-admission: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/shoot-rsyslog-relp-admission:v0.5.2
gardener-extension-shoot-rsyslog-relp: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/shoot-rsyslog-relp:v0.5.2

Update provider-alicloud to 1.53.0

[gardener/gardener-extension-provider-alicloud]

✨ New Features

[OPERATOR] This extension now makes use of the new .spec.pools[].userDataSecretRef field to get to the worker pool user data. by @rfranzke [#727]
[OPERATOR] Helm charts of extension and admission controller are published as OCI artifacts now. by @oliver-goetz [#734]
[USER] The provider-alicloud extension does now support shoot clusters with Kubernetes version 1.30. You should consider the Kubernetes release notes before upgrading to 1.30. by @shafeeqes [#722]

🏃 Others

[OPERATOR] The controlplaneexposure.alicloud.extensions.gardener.cloud webhook does no longer mutate Services/Deployments. Previously the webhook was called for Services/Deployments mutations and was not mutating anything. by @ialidzhikov [#725]
[OPERATOR] This extension is now using the new way of providing monitoring configuration (ref GEP-19) in case a shoot cluster's Prometheus has been migrated to management via prometheus-operator. by @rfranzke [#720]
[OPERATOR] A priorityClassName can now be set for the admission deployment via the gardener-extension-admission-alicloud Helm chart. by @timuthy [#732]
[OPERATOR] Inserts architecture from worker to the machine class by @sssash18 [#735]
[OPERATOR] NodeGroupAutoscalingOptions can now be specified per worker group via the worker through the field worker.spec.pools.clusterAutoscaler by @aaronfern [#715]

[gardener/machine-controller-manager]

⚠️ Breaking Changes

[OPERATOR] Change OCI Image Registry from GCR (eu.gcr.io/gardener-project) to Artifact-Registry (europe-docker.pkg.dev/gardener-project/releases). Users should update their references. by @ccwienk [gardener/machine-controller-manager#878]
[DEVELOPER] New provider method Driver.InitializeMachine added for Post-Creation VM Instance Initialization steps. by @elankath [gardener/machine-controller-manager#898]

🐛 Bug Fixes

[DEVELOPER] MCM restart happens properly in integration tests now. This fix will get activated, once this version is vendored in your mcm-provider by @sssash18 [gardener/machine-controller-manager#879]
[OPERATOR] Fix for edge case of Node object deletion missed during machine termination. by @elankath [gardener/machine-controller-manager#887]

🏃 Others

[OPERATOR] machine controller won't reconcile machine on non-spec update events by @himanshu-kun [gardener/machine-controller-manager#877]
[OPERATOR] Updated k8s dependencies to v0.29.3 by @rishabh-11 [gardener/machine-controller-manager#907]
[OPERATOR] fixed IT for seed with k8s >= 1.27 as control cluster by @piyuagr [gardener/machine-controller-manager#869]
[OPERATOR] Removed vendor directory by @rishabh-11 [gardener/machine-controller-manager#903]
[OPERATOR] Architecture field added in the nodetemplate. This will allow CA to pickup architecture from machine class and schedule pods on relevant arch nodes. by @sssash18 [gardener/machine-controller-manager#894]
[DEVELOPER] go-git now removed from dependencies due to CVE's. by @elankath [gardener/machine-controller-manager#896]
[DEVELOPER] Bump k8s.io/* deps to v0.28.2 by @afritzler [gardener/machine-controller-manager#858]

📖 Documentation

[DEVELOPER] Phase transition diagram for a machine object is added to FAQs by @himanshu-kun [gardener/machine-controller-manager#886]

[gardener/machine-controller-manager-provider-alicloud]

🏃 Others

[DEVELOPER] Removed vendor directory by @rishabh-11 [gardener/machine-controller-manager-provider-alicloud#74]

Helm Charts

admission-alicloud: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-alicloud:v1.53.0
provider-alicloud: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/provider-alicloud:v1.53.0

Docker Images

gardener-extension-admission-alicloud: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/admission-alicloud:v1.53.0
gardener-extension-provider-alicloud: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/provider-alicloud:v1.53.0

Update provider-aws to 1.57.0

[gardener/gardener-extension-provider-aws]

✨ New Features

[OPERATOR] Helm charts of extension and admission controller are published as OCI artifacts now. by @oliver-goetz [#1012]

🐛 Bug Fixes

[OPERATOR] Removed unnecessary preStop hook from node-driver-registrar in csi-driver-node, as socket removal is now handled internally by node-driver-registrar, resolving distroless image error. by @AndreasBurger [#992]

🏃 Others

[OPERATOR] A priorityClassName can now be set for the admission deployment via the gardener-extension-admission-aws Helm chart. by @timuthy [#994]
[OPERATOR] Starting with gardenlet >= v1.98.0, use controlplane webhook object selector to limit mutator calls. by @LucaBernstein [#989]
[OPERATOR] Update the VPA CRD used for testing locally by @kon-angelo [#1019]
[OPERATOR] Inserts architecture from worker to the machine class by @sssash18 [#853]

Helm Charts

admission-aws-application: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-aws-application:v1.57.0
admission-aws-runtime: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-aws-runtime:v1.57.0
provider-aws: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/provider-aws:v1.57.0

Docker Images

gardener-extension-admission-aws: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/admission-aws:v1.57.0
gardener-extension-provider-aws: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/provider-aws:v1.57.0

Update provider-azure to 1.47.1

[gardener/gardener-extension-provider-azure]

🏃 Others

[OPERATOR] The storage domain to use for backup buckets is now inferred from the buckets' region if no explicit config is given by @AndreasBurger [#947]

Helm Charts

admission-azure-application: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-azure-application:v1.47.1
admission-azure-runtime: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-azure-runtime:v1.47.1
provider-azure: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/provider-azure:v1.47.1

Docker Images

gardener-extension-admission-azure: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/admission-azure:v1.47.1
gardener-extension-provider-azure: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/provider-azure:v1.47.1

Update provider-gcp to 1.38.0

[gardener/gardener-extension-provider-gcp]

✨ New Features

[OPERATOR] Helm charts of extension and admission controller are published as OCI artifacts now. by @oliver-goetz [#805]

🐛 Bug Fixes

[OPERATOR] Removed unnecessary preStop hook from node-driver-registrar in csi-driver-node, as socket removal is now handled internally by node-driver-registrar, resolving distroless image error. by @sujeet01 [#792]
[USER] Allow configuring iops and throughput of hyperdisk-balanced disks by @hebelsan [#793]

🏃 Others

[OPERATOR] Inserts architecture from worker to the machine class by @sssash18 [#809]
[OPERATOR] Starting with gardenlet >= v1.98.0, use controlplane webhook object selector to limit mutator calls. by @LucaBernstein [#789]
[OPERATOR] Update the VPA CRD used for testing locally by @hebelsan [#812]
[OPERATOR] A priorityClassName can now be set for the admission deployment via the gardener-extension-admission-gcp Helm chart. by @timuthy [#794]

Helm Charts

admission-gcp-application: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-gcp-application:v1.38.0
admission-gcp-runtime: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-gcp-runtime:v1.38.0
provider-gcp: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/provider-gcp:v1.38.0

Docker Images

gardener-extension-admission-gcp: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/admission-gcp:v1.38.0
gardener-extension-provider-gcp: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/provider-gcp:v1.38.0

Update shoot-dns-service to 1.51.0

[gardener/external-dns-management]

🏃 Others

[OPERATOR] Lookup processor: sort lookup results and retry on timeout by @MartinWeindel [gardener/external-dns-management#382]

[gardener/gardener-extension-shoot-dns-service]

✨ New Features

[OPERATOR] Helm charts of extension and admission controller are published as OCI artifacts now. by @oliver-goetz [#359]

🏃 Others

[OPERATOR] Bumps github.com/gardener/gardener from 1.99.0 to 1.100.0. by @dependabot[bot] [#360]

Helm Charts

admission-shoot-dns-service: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-shoot-dns-service:v1.51.0
shoot-dns-service: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/shoot-dns-service:v1.51.0

Docker Images

gardener-extension-admission-shoot-dns-service: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/admission-shoot-dns-service:v1.51.0
gardener-extension-shoot-dns-service: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/shoot-dns-service:v1.51.0

Update shoot-flux to 0.6.1

What's Changed

🐛 Fix reconcile order for new Shoots by @maboehm in https://github.com/stackitcloud/gardener-extension-shoot-flux/pull/84

Full Changelog: https://github.com/stackitcloud/gardener-extension-shoot-flux/compare/v0.6.0...v0.6.1

Update shoot-oidc-service to 0.27.0

[gardener/gardener-extension-shoot-oidc-service]

✨ New Features

[OPERATOR] The extension mutating webhook now uses object selector to reduce the number of calls. by @dimityrmirchev [#224]
[OPERATOR] Helm charts of extension and admission controller are published as OCI artifacts now. by @oliver-goetz [#222]

🏃 Others

[DEPENDENCY] The extension is now built using go version 1.22.5. by @dimityrmirchev [#220]

[gardener/oidc-webhook-authenticator]

🏃 Others

[DEVELOPER] The following dependencies have been updated:
- github.com/coreos/go-oidc/v3 v3.1.0 -> v3.10.0
- golang.org/x/time v0.3.0 -> v0.5.0
- k8s.io/* v0.27.9 -> v0.30.1
- sigs.k8s.io/controller-runtime v0.15.3 -> v0.18.4
- golang.org/x/crypto v0.21.0 -> v0.24.0
- golang.org/x/net v0.23.0 -> v0.26.0 by @vpnachev [gardener/oidc-webhook-authenticator#157]
[DEPENDENCY] OWA is now built using go version 1.22.5. by @dimityrmirchev [gardener/oidc-webhook-authenticator#158]

Helm Charts

shoot-oidc-service: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/shoot-oidc-service:v0.27.0

Docker Images

gardener-extension-shoot-oidc-service: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/shoot-oidc-service:v0.27.0

Update shoot-dns-service to 1.52.0

[gardener/gardener-extension-shoot-dns-service]

🏃 Others

[OPERATOR] Conditional deploy of CRDs on shoot. by @MartinWeindel [#369]
[OPERATOR] Bumps github.com/gardener/gardener from 1.100.0 to 1.101.0. by @dependabot[bot] [#365]
[OPERATOR] Bumps github.com/gardener/gardener from 1.101.0 to 1.102.0. by @dependabot[bot] [#372]

[gardener/external-dns-management]

⚠️ Breaking Changes

[OPERATOR] Drop support for custom resources dnslock.dns.gardener.cloud and remoteaccesscertificates.dns.gardener.cloud.
As these experimental features have no been used in Gardener, it should not be relevant in most cases. by @MartinWeindel [gardener/external-dns-management#381]

🏃 Others

[OPERATOR] Bumps golang from 1.22.6 to 1.23.0. by @dependabot[bot] [gardener/external-dns-management#384]
[OPERATOR] Bumps golang from 1.22.5 to 1.22.6. by @dependabot[bot] [gardener/external-dns-management#383]
[OPERATOR] The dependency controller-manager-library has been updated to include the new flag --<cluster>.conditional-deploy-crds by @MartinWeindel [gardener/external-dns-management#385]

Helm Charts

admission-shoot-dns-service-application: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-shoot-dns-service-application:v1.52.0
admission-shoot-dns-service-runtime: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-shoot-dns-service-runtime:v1.52.0
shoot-dns-service: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/shoot-dns-service:v1.52.0

Docker Images

gardener-extension-admission-shoot-dns-service: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/admission-shoot-dns-service:v1.52.0
gardener-extension-shoot-dns-service: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/shoot-dns-service:v1.52.0

Update external-dns-management to 0.21.1

[gardener/external-dns-management]

🐛 Bug Fixes

[OPERATOR] Fix NPE if DNSEntry contains invalid domain name by @MartinWeindel [#387]

Docker Images

dns-controller-manager: europe-docker.pkg.dev/gardener-project/releases/dns-controller-manager:v0.21.1

Update shoot-dns-service to 1.52.1

[gardener/external-dns-management]

🐛 Bug Fixes

[OPERATOR] Fix NPE if DNSEntry contains invalid domain name by @MartinWeindel [gardener/external-dns-management@7a7b7d6c195a692bc80f91c59b4c93b315252f27]

Helm Charts

admission-shoot-dns-service-application: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-shoot-dns-service-application:v1.52.1
admission-shoot-dns-service-runtime: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-shoot-dns-service-runtime:v1.52.1
shoot-dns-service: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/shoot-dns-service:v1.52.1

Docker Images

gardener-extension-admission-shoot-dns-service: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/admission-shoot-dns-service:v1.52.1
gardener-extension-shoot-dns-service: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/shoot-dns-service:v1.52.1

Update provider-aws to 1.57.1

[gardener/gardener-extension-provider-aws]

🏃 Others

[OPERATOR] Fix an issue where the infrastructure state was not properly transformed to the provider status. by @kon-angelo [#1042]
[OPERATOR] Fix an issue where terraformer artifacts would not be deleted during the control-plane-migration migrate phase. by @kon-angelo [#1043]
[OPERATOR] Correctly register infrastructure webhook with the controllerruntime manager by @kon-angelo [#1042]

Helm Charts

admission-aws-application: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-aws-application:v1.57.1
admission-aws-runtime: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-aws-runtime:v1.57.1
provider-aws: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/provider-aws:v1.57.1

Docker Images

gardener-extension-admission-aws: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/admission-aws:v1.57.1
gardener-extension-provider-aws: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/provider-aws:v1.57.1

Update provider-azure to 1.47.2

[gardener/gardener-extension-provider-azure]

🏃 Others

[USER] Flow reconciliation is now more strict when filtering subnets. This prevents subnets of shoots that are deployed into one Vnet from interfering with reconciliation. by @AndreasBurger [#953]

Helm Charts

admission-azure-application: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-azure-application:v1.47.2
admission-azure-runtime: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-azure-runtime:v1.47.2
provider-azure: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/provider-azure:v1.47.2

Docker Images

gardener-extension-admission-azure: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/admission-azure:v1.47.2
gardener-extension-provider-azure: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/provider-azure:v1.47.2

Update dashboard to 1.76.2

[gardener/dashboard]

🐛 Bug Fixes

[USER] We have addressed an issue affecting the worker group zone configuration for existing Azure clusters by @grolu [#2003]

Docker Images

gardener-dashboard: europe-docker.pkg.dev/gardener-project/releases/gardener/dashboard:1.76.2

Update dashboard to 1.76.2

[gardener/dashboard]

🐛 Bug Fixes

[USER] We have addressed an issue affecting the worker group zone configuration for existing Azure clusters by @grolu [#2003]

Docker Images

gardener-dashboard: europe-docker.pkg.dev/gardener-project/releases/gardener/dashboard:1.76.2

Update gardener-controlplane to 1.102.1

[gardener/gardener]

🐛 Bug Fixes

[OPERATOR] A bug has been fixed that prevented the deployment of gardenlets via gardener-operator and the Gardenlet resource when .spec.kubeconfigSecretRef was used. by @rfranzke [#10411]

🏃 Others

[DEPENDENCY] The gardener/etcd-druid image has been updated to v0.22.5. Release Notes by @gardener-ci-robot [#10443]
[OPERATOR] gardener-controller-manager: A corner case issue in the maintenance controller that prevented forceful minor K8s version update from K8s 1.29 to K8s 1.30 is now resolved. by @ialidzhikov [#10438]
[OPERATOR] Kernel setting net.netfilter.nf_conntrack_max is only set on nodes by sysctl.d if kube-proxy is disabled. by @ScheererJ [#10434]

Helm Charts

controlplane: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.102.1
gardenlet: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.102.1
operator: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.102.1
resource-manager: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.102.1

Docker Images

admission-controller: europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.102.1
apiserver: europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.102.1
controller-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.102.1
gardenlet: europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.102.1
node-agent: europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.102.1
operator: europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.102.1
resource-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.102.1
scheduler: europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.102.1

Update gardener-controlplane to 1.102.1

[gardener/gardener]

🐛 Bug Fixes

[OPERATOR] A bug has been fixed that prevented the deployment of gardenlets via gardener-operator and the Gardenlet resource when .spec.kubeconfigSecretRef was used. by @rfranzke [#10411]

🏃 Others

[DEPENDENCY] The gardener/etcd-druid image has been updated to v0.22.5. Release Notes by @gardener-ci-robot [#10443]
[OPERATOR] gardener-controller-manager: A corner case issue in the maintenance controller that prevented forceful minor K8s version update from K8s 1.29 to K8s 1.30 is now resolved. by @ialidzhikov [#10438]
[OPERATOR] Kernel setting net.netfilter.nf_conntrack_max is only set on nodes by sysctl.d if kube-proxy is disabled. by @ScheererJ [#10434]

Helm Charts

controlplane: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.102.1
gardenlet: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.102.1
operator: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.102.1
resource-manager: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.102.1

Docker Images

admission-controller: europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.102.1
apiserver: europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.102.1
controller-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.102.1
gardenlet: europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.102.1
node-agent: europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.102.1
operator: europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.102.1
resource-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.102.1
scheduler: europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.102.1

Update gardenlet to 1.102.1

[gardener/gardener]

🐛 Bug Fixes

[OPERATOR] A bug has been fixed that prevented the deployment of gardenlets via gardener-operator and the Gardenlet resource when .spec.kubeconfigSecretRef was used. by @rfranzke [#10411]

🏃 Others

[DEPENDENCY] The gardener/etcd-druid image has been updated to v0.22.5. Release Notes by @gardener-ci-robot [#10443]
[OPERATOR] gardener-controller-manager: A corner case issue in the maintenance controller that prevented forceful minor K8s version update from K8s 1.29 to K8s 1.30 is now resolved. by @ialidzhikov [#10438]
[OPERATOR] Kernel setting net.netfilter.nf_conntrack_max is only set on nodes by sysctl.d if kube-proxy is disabled. by @ScheererJ [#10434]

Helm Charts

controlplane: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.102.1
gardenlet: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.102.1
operator: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.102.1
resource-manager: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.102.1

Docker Images

admission-controller: europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.102.1
apiserver: europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.102.1
controller-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.102.1
gardenlet: europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.102.1
node-agent: europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.102.1
operator: europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.102.1
resource-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.102.1
scheduler: europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.102.1

Update dashboard to 1.77.0

[gardener/dashboard]

✨ New Features

[USER] Adds line selection highlighting in the Shoot YAML editor when selecting the line numbers. The line selection is reflected in the URL. by @petersutter [#1982]
[USER] Available purposes now depend on enabled add-ons, which can only be activated if the purpose is set to evaluation. Hints have been added to explain potential limitations in purpose selection by @grolu [#2031]

🐛 Bug Fixes

[USER] Resolved an issue where updates to existing worker groups would fail if an unused zone network configuration was present by @grolu [#2048]
[USER] chart: An issue causing the controlledValues: RequestsOnly field not to be set for the gardener-dashboard-vpa VPA is now fixed. by @ialidzhikov [#2017]
[OPERATOR] Upgraded the gardener dashboard to use Node.js version v22.7 which resolves CVE-2024-24806 by @holgerkoser [#2063]

Docker Images

gardener-dashboard: europe-docker.pkg.dev/gardener-project/releases/gardener/dashboard:1.77.0

Update dashboard to 1.77.0

[gardener/dashboard]

✨ New Features

[USER] Adds line selection highlighting in the Shoot YAML editor when selecting the line numbers. The line selection is reflected in the URL. by @petersutter [#1982]
[USER] Available purposes now depend on enabled add-ons, which can only be activated if the purpose is set to evaluation. Hints have been added to explain potential limitations in purpose selection by @grolu [#2031]

🐛 Bug Fixes

[USER] Resolved an issue where updates to existing worker groups would fail if an unused zone network configuration was present by @grolu [#2048]
[USER] chart: An issue causing the controlledValues: RequestsOnly field not to be set for the gardener-dashboard-vpa VPA is now fixed. by @ialidzhikov [#2017]
[OPERATOR] Upgraded the gardener dashboard to use Node.js version v22.7 which resolves CVE-2024-24806 by @holgerkoser [#2063]

Docker Images

gardener-dashboard: europe-docker.pkg.dev/gardener-project/releases/gardener/dashboard:1.77.0

Update gardener-controlplane to 1.103.0

[gardener/gardener]

⚠️ Breaking Changes

[OPERATOR] Component config change for gardener-operator: extensionVirtualClusterConfig was renamed to extension. by @MartinWeindel [#10277]

📰 Noteworthy

[DEVELOPER] Enable apiserver feature gate UseNamespacedCloudProfile in local setup by default. Though, feature gate should not be enabled in production environments yet, until access control is implemented. by @LucaBernstein [#10266]
[OPERATOR] kube-proxy now has a readiness probe so that a node will only become ready for workloads after kube-proxy was ready at least once. by @ScheererJ [#10407]
[OPERATOR] Host spread for shoots with failure tolerance node (.spec.controlPlane.highAvailability.failureTolerance.type) is now accomplished via minDomains. Earlier, this happened at a best effort basis only. If a seed was having less than 3 nodes at the time the control-plane pods were scheduled, the desired pod distribution was not possible. by @timuthy [#10400]

✨ New Features

[OPERATOR] Introduced metrics exposing the Garden resource's condition and last operation. by @rickardsjp [#10393]
[OPERATOR] Add NamespacedCloudProfile controller to enable usage of NamespacedCloudProfile in Shoot spec. by @LucaBernstein [#10266]
[OPERATOR] gardener-operator is now capable of deploying admission controllers for the virtual-garden via operator.gardener.cloud/v1alpha1.Extension resources. by @MartinWeindel [#10277]
[DEVELOPER] Extension provider-local has a dummy admission controller now. by @MartinWeindel [#10277]

🐛 Bug Fixes

[DEVELOPER] A bug was fixed that led to env-test setup errors when make test-integration was executed locally. by @timuthy [#10456]

🏃 Others

[DEPENDENCY] The quay.io/prometheus/prometheus image has been updated to v2.54.1. by @gardener-ci-robot [#10395]
[DEPENDENCY] The fluent-operator image has been updated to v3.10. Release Notes
The fluent-bit image has been updated to v3.1.5. Release Notes
The gardener/logging image has been updated to v0.61.0. Release Notes by @nickytd [#10429]
[DEPENDENCY] The gardener/dashboard image has been updated to 1.77.0. Release Notes by @gardener-ci-robot [#10463]
[DEPENDENCY] The registry.k8s.io/metrics-server/metrics-server image has been updated to v0.7.2. by @gardener-ci-robot [#10408]
[DEPENDENCY] The gardener/dashboard image has been updated to 1.76.2. Release Notes by @gardener-ci-robot [#10446]
[DEPENDENCY] The quay.io/brancz/kube-rbac-proxy image has been updated to v0.18.1. by @gardener-ci-robot [#10427]
[DEPENDENCY] The quay.io/prometheus-operator/prometheus-config-reloader image has been updated to v0.76.1. by @gardener-ci-robot [#10448]
[DEPENDENCY] The quay.io/cortexproject/cortex image has been updated to v1.18.0. by @gardener-ci-robot [#10458]
[DEPENDENCY] The gardener/hvpa-controller image has been updated to v0.16.0. Release Notes by @gardener-ci-robot [#10397]
[DEPENDENCY] The quay.io/kiwigrid/k8s-sidecar image has been updated to 1.27.6. by @gardener-ci-robot [#10424]
[DEVELOPER] The guestbook container image used in the test machinery tests is now updated from an image in GCR to an image in Artifact Registry. by @ialidzhikov [#10409]
[DEVELOPER] Introduce golang-test image for Go 1.23 and remove its Go 1.21 version. by @oliver-goetz [#10388]
[OPERATOR] A stale VPA related to the old alertmanager deployment was not cleaned up by gardenlet. Now, gardenlet on startup cleans up the these stale alertmanager VPAs. by @ialidzhikov [#10462]

Helm Charts

controlplane: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.103.0
gardenlet: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.103.0
operator: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.103.0
resource-manager: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.103.0

Docker Images

admission-controller: europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.103.0
apiserver: europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.103.0
controller-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.103.0
gardenlet: europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.103.0
node-agent: europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.103.0
operator: europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.103.0
resource-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.103.0
scheduler: europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.103.0

Update gardener-controlplane to 1.103.0

[gardener/gardener]

⚠️ Breaking Changes

[OPERATOR] Component config change for gardener-operator: extensionVirtualClusterConfig was renamed to extension. by @MartinWeindel [#10277]

📰 Noteworthy

[DEVELOPER] Enable apiserver feature gate UseNamespacedCloudProfile in local setup by default. Though, feature gate should not be enabled in production environments yet, until access control is implemented. by @LucaBernstein [#10266]
[OPERATOR] kube-proxy now has a readiness probe so that a node will only become ready for workloads after kube-proxy was ready at least once. by @ScheererJ [#10407]
[OPERATOR] Host spread for shoots with failure tolerance node (.spec.controlPlane.highAvailability.failureTolerance.type) is now accomplished via minDomains. Earlier, this happened at a best effort basis only. If a seed was having less than 3 nodes at the time the control-plane pods were scheduled, the desired pod distribution was not possible. by @timuthy [#10400]

✨ New Features

[OPERATOR] Introduced metrics exposing the Garden resource's condition and last operation. by @rickardsjp [#10393]
[OPERATOR] Add NamespacedCloudProfile controller to enable usage of NamespacedCloudProfile in Shoot spec. by @LucaBernstein [#10266]
[OPERATOR] gardener-operator is now capable of deploying admission controllers for the virtual-garden via operator.gardener.cloud/v1alpha1.Extension resources. by @MartinWeindel [#10277]
[DEVELOPER] Extension provider-local has a dummy admission controller now. by @MartinWeindel [#10277]

🐛 Bug Fixes

[DEVELOPER] A bug was fixed that led to env-test setup errors when make test-integration was executed locally. by @timuthy [#10456]

🏃 Others

[DEPENDENCY] The quay.io/prometheus/prometheus image has been updated to v2.54.1. by @gardener-ci-robot [#10395]
[DEPENDENCY] The fluent-operator image has been updated to v3.10. Release Notes
The fluent-bit image has been updated to v3.1.5. Release Notes
The gardener/logging image has been updated to v0.61.0. Release Notes by @nickytd [#10429]
[DEPENDENCY] The gardener/dashboard image has been updated to 1.77.0. Release Notes by @gardener-ci-robot [#10463]
[DEPENDENCY] The registry.k8s.io/metrics-server/metrics-server image has been updated to v0.7.2. by @gardener-ci-robot [#10408]
[DEPENDENCY] The gardener/dashboard image has been updated to 1.76.2. Release Notes by @gardener-ci-robot [#10446]
[DEPENDENCY] The quay.io/brancz/kube-rbac-proxy image has been updated to v0.18.1. by @gardener-ci-robot [#10427]
[DEPENDENCY] The quay.io/prometheus-operator/prometheus-config-reloader image has been updated to v0.76.1. by @gardener-ci-robot [#10448]
[DEPENDENCY] The quay.io/cortexproject/cortex image has been updated to v1.18.0. by @gardener-ci-robot [#10458]
[DEPENDENCY] The gardener/hvpa-controller image has been updated to v0.16.0. Release Notes by @gardener-ci-robot [#10397]
[DEPENDENCY] The quay.io/kiwigrid/k8s-sidecar image has been updated to 1.27.6. by @gardener-ci-robot [#10424]
[DEVELOPER] The guestbook container image used in the test machinery tests is now updated from an image in GCR to an image in Artifact Registry. by @ialidzhikov [#10409]
[DEVELOPER] Introduce golang-test image for Go 1.23 and remove its Go 1.21 version. by @oliver-goetz [#10388]
[OPERATOR] A stale VPA related to the old alertmanager deployment was not cleaned up by gardenlet. Now, gardenlet on startup cleans up the these stale alertmanager VPAs. by @ialidzhikov [#10462]

Helm Charts

controlplane: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.103.0
gardenlet: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.103.0
operator: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.103.0
resource-manager: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.103.0

Docker Images

admission-controller: europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.103.0
apiserver: europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.103.0
controller-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.103.0
gardenlet: europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.103.0
node-agent: europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.103.0
operator: europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.103.0
resource-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.103.0
scheduler: europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.103.0

Update gardenlet to 1.103.0

[gardener/gardener]

⚠️ Breaking Changes

[OPERATOR] Component config change for gardener-operator: extensionVirtualClusterConfig was renamed to extension. by @MartinWeindel [#10277]

📰 Noteworthy

[DEVELOPER] Enable apiserver feature gate UseNamespacedCloudProfile in local setup by default. Though, feature gate should not be enabled in production environments yet, until access control is implemented. by @LucaBernstein [#10266]
[OPERATOR] kube-proxy now has a readiness probe so that a node will only become ready for workloads after kube-proxy was ready at least once. by @ScheererJ [#10407]
[OPERATOR] Host spread for shoots with failure tolerance node (.spec.controlPlane.highAvailability.failureTolerance.type) is now accomplished via minDomains. Earlier, this happened at a best effort basis only. If a seed was having less than 3 nodes at the time the control-plane pods were scheduled, the desired pod distribution was not possible. by @timuthy [#10400]

✨ New Features

[OPERATOR] Introduced metrics exposing the Garden resource's condition and last operation. by @rickardsjp [#10393]
[OPERATOR] Add NamespacedCloudProfile controller to enable usage of NamespacedCloudProfile in Shoot spec. by @LucaBernstein [#10266]
[OPERATOR] gardener-operator is now capable of deploying admission controllers for the virtual-garden via operator.gardener.cloud/v1alpha1.Extension resources. by @MartinWeindel [#10277]
[DEVELOPER] Extension provider-local has a dummy admission controller now. by @MartinWeindel [#10277]

🐛 Bug Fixes

[DEVELOPER] A bug was fixed that led to env-test setup errors when make test-integration was executed locally. by @timuthy [#10456]

🏃 Others

[DEPENDENCY] The quay.io/prometheus/prometheus image has been updated to v2.54.1. by @gardener-ci-robot [#10395]
[DEPENDENCY] The fluent-operator image has been updated to v3.10. Release Notes
The fluent-bit image has been updated to v3.1.5. Release Notes
The gardener/logging image has been updated to v0.61.0. Release Notes by @nickytd [#10429]
[DEPENDENCY] The gardener/dashboard image has been updated to 1.77.0. Release Notes by @gardener-ci-robot [#10463]
[DEPENDENCY] The registry.k8s.io/metrics-server/metrics-server image has been updated to v0.7.2. by @gardener-ci-robot [#10408]
[DEPENDENCY] The gardener/dashboard image has been updated to 1.76.2. Release Notes by @gardener-ci-robot [#10446]
[DEPENDENCY] The quay.io/brancz/kube-rbac-proxy image has been updated to v0.18.1. by @gardener-ci-robot [#10427]
[DEPENDENCY] The quay.io/prometheus-operator/prometheus-config-reloader image has been updated to v0.76.1. by @gardener-ci-robot [#10448]
[DEPENDENCY] The quay.io/cortexproject/cortex image has been updated to v1.18.0. by @gardener-ci-robot [#10458]
[DEPENDENCY] The gardener/hvpa-controller image has been updated to v0.16.0. Release Notes by @gardener-ci-robot [#10397]
[DEPENDENCY] The quay.io/kiwigrid/k8s-sidecar image has been updated to 1.27.6. by @gardener-ci-robot [#10424]
[DEVELOPER] The guestbook container image used in the test machinery tests is now updated from an image in GCR to an image in Artifact Registry. by @ialidzhikov [#10409]
[DEVELOPER] Introduce golang-test image for Go 1.23 and remove its Go 1.21 version. by @oliver-goetz [#10388]
[OPERATOR] A stale VPA related to the old alertmanager deployment was not cleaned up by gardenlet. Now, gardenlet on startup cleans up the these stale alertmanager VPAs. by @ialidzhikov [#10462]

Helm Charts

controlplane: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.103.0
gardenlet: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.103.0
operator: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.103.0
resource-manager: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.103.0

Docker Images

admission-controller: europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.103.0
apiserver: europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.103.0
controller-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.103.0
gardenlet: europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.103.0
node-agent: europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.103.0
operator: europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.103.0
resource-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.103.0
scheduler: europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.103.0

Release Notes v1.103

Yake release notes and upgrade guide​

Related upstream release notes / changelogs​

[gardener-extension-provider-hcloud] v0.6.30

[gardener/gardener-extension-provider-openstack]

🏃 Others​

Docker Images​

[gardener/gardener-extension-shoot-cert-service]

🏃 Others​

Docker Images​

[gardener/gardener-extension-shoot-rsyslog-relp]

🐛 Bug Fixes​

Docker Images​

[gardener/gardener-extension-provider-alicloud]

✨ New Features​

🏃 Others​

[gardener/machine-controller-manager]

⚠️ Breaking Changes​

🐛 Bug Fixes​

🏃 Others​

📖 Documentation​

[gardener/machine-controller-manager-provider-alicloud]

🏃 Others​

Helm Charts​

Docker Images​

[gardener/gardener-extension-provider-aws]

✨ New Features​

🐛 Bug Fixes​

🏃 Others​

Helm Charts​

Docker Images​

[gardener/gardener-extension-provider-azure]

🏃 Others​

Helm Charts​

Docker Images​

[gardener/gardener-extension-provider-gcp]

✨ New Features​

🐛 Bug Fixes​

🏃 Others​

Helm Charts​

Docker Images​

[gardener/external-dns-management]

🏃 Others​

[gardener/gardener-extension-shoot-dns-service]

✨ New Features​

🏃 Others​

Helm Charts​

Docker Images​

What's Changed​

[gardener/gardener-extension-shoot-oidc-service]

✨ New Features​

🏃 Others​

[gardener/oidc-webhook-authenticator]

🏃 Others​

Helm Charts​

Docker Images​

[gardener/gardener-extension-shoot-dns-service]

🏃 Others​

[gardener/external-dns-management]

⚠️ Breaking Changes​

🏃 Others​

Helm Charts​

Docker Images​

[gardener/external-dns-management]

🐛 Bug Fixes​

Docker Images​

[gardener/external-dns-management]

🐛 Bug Fixes​

Helm Charts​

Docker Images​

[gardener/gardener-extension-provider-aws]

🏃 Others​

Helm Charts​

Docker Images​

[gardener/gardener-extension-provider-azure]

🏃 Others​

Helm Charts​

Docker Images​

[gardener/dashboard]

🐛 Bug Fixes​

Yake release notes and upgrade guide

Related upstream release notes / changelogs

🏃 Others

Docker Images

🏃 Others

Docker Images

🐛 Bug Fixes

Docker Images

✨ New Features

🏃 Others

⚠️ Breaking Changes

🐛 Bug Fixes

🏃 Others

📖 Documentation

🏃 Others

Helm Charts

Docker Images

✨ New Features

🐛 Bug Fixes

🏃 Others

Helm Charts

Docker Images

🏃 Others

Helm Charts

Docker Images

✨ New Features

🐛 Bug Fixes

🏃 Others

Helm Charts

Docker Images

🏃 Others

✨ New Features

🏃 Others

Helm Charts

Docker Images

What's Changed

✨ New Features

🏃 Others

🏃 Others

Helm Charts

Docker Images

🏃 Others

⚠️ Breaking Changes

🏃 Others

Helm Charts

Docker Images

🐛 Bug Fixes

Docker Images

🐛 Bug Fixes

Helm Charts

Docker Images

🏃 Others

Helm Charts

Docker Images

🏃 Others

Helm Charts

Docker Images

🐛 Bug Fixes

Docker Images

🐛 Bug Fixes

Docker Images

🐛 Bug Fixes

🏃 Others

Helm Charts

Docker Images

🐛 Bug Fixes

🏃 Others

Helm Charts

Docker Images

🐛 Bug Fixes

🏃 Others

Helm Charts

Docker Images

✨ New Features

🐛 Bug Fixes

Docker Images

✨ New Features

🐛 Bug Fixes

Docker Images

⚠️ Breaking Changes