Skip to main content

Release Notes v1.131

Yake release notes and upgrade guide​

Related upstream release notes / changelogs​

Update shoot-dns-service to 1.70.0

[github.com/gardener/gardener-extension-shoot-dns-service:v1.70.0]

πŸƒ Others​

  • [OPERATOR] Fix admission helm chart OCI repository paths after renaming. by @MartinWeindel [#549]

Helm Charts​

  • shoot-dns-service-admission-application: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/shoot-dns-service-admission-application:v1.70.0
  • shoot-dns-service-admission-runtime: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/shoot-dns-service-admission-runtime:v1.70.0
  • shoot-dns-service: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/shoot-dns-service:v1.70.0

Container (OCI) Images​

  • gardener-extension-admission-shoot-dns-service: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/admission-shoot-dns-service:v1.70.0
  • gardener-extension-shoot-dns-service: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/shoot-dns-service:v1.70.0
Update gardener-controlplane to 1.128.1

[github.com/gardener/gardener:v1.128.1]

πŸ› Bug Fixes​

  • [OPERATOR] Fixed the alertmanager-garden peer discovery service port names by @gardener-ci-robot [#12991]

πŸƒ Others​

  • [USER] Gardener API server now serves the OpenAPI v2 schema ( /openapi/v2 endpoint) again and will keep on serving it until Gardener v1.160. In Gardener v1.127.0, the support for OpenAPI v2 schemas was removed. However, terraform-provider-kubernetes does not yet support OpenAPI v3 schema. by @gardener-ci-robot [#12992]

Helm Charts​

  • controlplane: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.128.1
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.128.1
  • operator: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.128.1
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.128.1

Container (OCI) Images​

  • admission-controller: europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.128.1
  • apiserver: europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.128.1
  • controller-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.128.1
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.128.1
  • node-agent: europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.128.1
  • operator: europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.128.1
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.128.1
  • scheduler: europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.128.1
Update gardener-controlplane to 1.128.1

[github.com/gardener/gardener:v1.128.1]

πŸ› Bug Fixes​

  • [OPERATOR] Fixed the alertmanager-garden peer discovery service port names by @gardener-ci-robot [#12991]

πŸƒ Others​

  • [USER] Gardener API server now serves the OpenAPI v2 schema ( /openapi/v2 endpoint) again and will keep on serving it until Gardener v1.160. In Gardener v1.127.0, the support for OpenAPI v2 schemas was removed. However, terraform-provider-kubernetes does not yet support OpenAPI v3 schema. by @gardener-ci-robot [#12992]

Helm Charts​

  • controlplane: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.128.1
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.128.1
  • operator: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.128.1
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.128.1

Container (OCI) Images​

  • admission-controller: europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.128.1
  • apiserver: europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.128.1
  • controller-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.128.1
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.128.1
  • node-agent: europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.128.1
  • operator: europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.128.1
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.128.1
  • scheduler: europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.128.1
Update gardenlet to 1.128.1

[github.com/gardener/gardener:v1.128.1]

πŸ› Bug Fixes​

  • [OPERATOR] Fixed the alertmanager-garden peer discovery service port names by @gardener-ci-robot [#12991]

πŸƒ Others​

  • [USER] Gardener API server now serves the OpenAPI v2 schema ( /openapi/v2 endpoint) again and will keep on serving it until Gardener v1.160. In Gardener v1.127.0, the support for OpenAPI v2 schemas was removed. However, terraform-provider-kubernetes does not yet support OpenAPI v3 schema. by @gardener-ci-robot [#12992]

Helm Charts​

  • controlplane: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.128.1
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.128.1
  • operator: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.128.1
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.128.1

Container (OCI) Images​

  • admission-controller: europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.128.1
  • apiserver: europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.128.1
  • controller-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.128.1
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.128.1
  • node-agent: europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.128.1
  • operator: europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.128.1
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.128.1
  • scheduler: europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.128.1
Update os-coreos to 1.26.0

[github.com/gardener/gardener-extension-os-coreos:v1.26.0]

πŸƒ Others​

  • [OPERATOR] Add missing securityContext controls in order to comply with the restricted Pod Security Standards policy. by @mstueer [#224]
  • [DEVELOPER] migrate pipeline to GitHub-Actions by @ccwienk [#187]
  • [OPERATOR] An example Extension manifest for extension registration has been added. It can be found at example/extension.yaml by @timuthy [#219]

Helm Charts​

  • os-coreos: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/os-coreos:v1.26.0

Container (OCI) Images​

  • gardener-extension-os-coreos: europe-docker.pkg.dev/gardener-project/releases/extensions/os-coreos:v1.26.0
Update provider-azure to 1.55.0

[github.com/gardener/gardener-extension-provider-azure:v1.55.0]

⚠️ Breaking Changes​

  • [OPERATOR] Refactor Feature Gates specification for the provider-extesion helm chart. Operators need to specify their deployed feature gates with their canonical name. by @kon-angelo [#1301]

✨ New Features​

  • [OPERATOR] This extension now supports WorkloadIdentitys as credentials for etcd backup. by @vpnachev [#1265]

πŸƒ Others​

  • [OPERATOR] Update RBAC for extensions running in the runtime cluster. by @hebelsan [#1266]
  • [OPERATOR] Fix a bug that disabled subnet's default outbound access. by @kon-angelo [#1290]
  • [OPERATOR] Add advanced shoot input validation by @kon-angelo [#1295]

Helm Charts​

  • admission-azure-application: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-azure-application:v1.55.0
  • admission-azure-runtime: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-azure-runtime:v1.55.0
  • provider-azure: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/provider-azure:v1.55.0

Container (OCI) Images​

  • gardener-extension-admission-azure: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/admission-azure:v1.55.0
  • gardener-extension-provider-azure: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/provider-azure:v1.55.0
Update dashboard to 1.82.2

[github.com/gardener/dashboard:1.82.2]

πŸ› Bug Fixes​

  • [USER] Resolved a server error that occurred when retrieving information in the About dialog by @gardener-github-actions[bot] [#2645]
  • [USER] Fixed an issue where supported regions were not correctly identified as recommended regions. This caused invalid defaulting of regions, and in cases where seedCandidateDeterminationStrategy was set to SameRegion, the region list could incorrectly be empty by @gardener-github-actions[bot] [#2646]

Container (OCI) Images​

  • gardener-dashboard: europe-docker.pkg.dev/gardener-project/releases/gardener/dashboard:1.82.2
Update dashboard to 1.82.2

[github.com/gardener/dashboard:1.82.2]

πŸ› Bug Fixes​

  • [USER] Resolved a server error that occurred when retrieving information in the About dialog by @gardener-github-actions[bot] [#2645]
  • [USER] Fixed an issue where supported regions were not correctly identified as recommended regions. This caused invalid defaulting of regions, and in cases where seedCandidateDeterminationStrategy was set to SameRegion, the region list could incorrectly be empty by @gardener-github-actions[bot] [#2646]

Container (OCI) Images​

  • gardener-dashboard: europe-docker.pkg.dev/gardener-project/releases/gardener/dashboard:1.82.2
Update provider-gcp to 1.46.0

[github.com/gardener/gardener-extension-provider-gcp:v1.46.0]

✨ New Features​

  • [OPERATOR] This extension now supports WorkloadIdentitys as credentials for etcd backup. by @vpnachev [#1151]

πŸ› Bug Fixes​

  • [OPERATOR] A bug in the admission-gcp component, which was causing a nil-pointer exception in case a new in-place worker is added, is now fixed. by @shafeeqes [#1169]
  • [OPERATOR] A bug preventing all obsolete machine-controller-manager ClusterRoles and ClusterRoleBindings to be deleted on extension startup has been fixed. by @georgibaltiev [#1137]

πŸƒ Others​

  • [OPERATOR] Remove unused terraformer image by @kon-angelo [#1181]
  • [OPERATOR] Update GHA for new release options by @kon-angelo [#1131]
  • [OPERATOR] Update RBAC for extensions running in the runtime cluster. by @kon-angelo [#1155]
  • [OPERATOR] Upgrade gardener dependency to v1.122.1 by @plkokanov [#1122]
  • [OPERATOR] provider-gcp no longer supports Shoots with Кubernetes version <= 1.28. by @georgibaltiev [#1123]
  • [OPERATOR] Improve user input validation for provider related fields. by @kon-angelo [#1173]
  • [OPERATOR] Upgrade gardener/gardener to v1.125.0 by @hebelsan [#1142]
  • [OPERATOR] Upgrade gardener dependency to v1.123.1 by @theoddora [#1132]
  • [OPERATOR] Deprecate obsolete role, rolebinding and serviceaccounts from terraformer by @kon-angelo [#1136]
  • [DEVELOPER] migrate CICD-Pipeline to GitHub-Actions by @ccwienk [#1121]
  • [OPERATOR] An example Extension manifest for extension registration has been added. It can be found at example/extension.yaml by @timuthy [#1154]
  • [OPERATOR] Update csi driver filestore image from v1.10.1 to v1.11.0 by @hebelsan [#1124]
  • [OPERATOR] Add missing securityContext controls in order to comply with the restricted Pod Security Standards policy. by @mstueer [#1165]
  • [OPERATOR] Increase node controller workers for cloud-controller-manager by @kon-angelo [#1138]
  • [OPERATOR] Update gardener/gardener to v1.127.1 by @hebelsan [#1172]

Helm Charts​

  • admission-gcp-application: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-gcp-application:v1.46.0
  • admission-gcp-runtime: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-gcp-runtime:v1.46.0
  • provider-gcp: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/provider-gcp:v1.46.0

Container (OCI) Images​

  • gardener-extension-admission-gcp: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/admission-gcp:v1.46.0
  • gardener-extension-provider-gcp: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/provider-gcp:v1.46.0
Update provider-openstack to 1.49.0

[github.com/gardener/gardener-extension-provider-openstack:v1.49.0]

⚠️ Breaking Changes​

  • [OPERATOR] Update the defaults for the infrastructure controller. Unless opted out per shoot or per seed, the infrastructure controller will now by default reconcile using the flow implementation. In future release v1.50.0 we will disable reconciliation via terraform. by @kon-angelo [#1114]

πŸ› Bug Fixes​

  • [OPERATOR] A bug preventing all obsolete machine-controller-manager ClusterRoles and ClusterRoleBindings to be deleted on extension startup has been fixed. by @georgibaltiev [#1116]

πŸƒ Others​

  • [OPERATOR] Remove deprecated storage class nfs-constraint- for manila-csi-driver by @hebelsan [#1131]
  • [OPERATOR] provider-openstack no longer supports Shoots with Кubernetes version <= 1.28. by @RadaBDimitrova [#1101]
  • [OPERATOR] Update non-gardener dependencies & gardener/gardener to v1.125.1 by @hebelsan [#1127]
  • [DEVELOPER] migrate CICD-Pipeline to GitHub-Actions by @ccwienk [#1090]
  • [OPERATOR] Upgrade gardener dependency to v1.123.1 by @theoddora [#1113]
  • [OPERATOR] Upgrade gardener dependency to v1.122.1 by @plkokanov [#1100]
  • [OPERATOR] export testresults as inlined ocm-resource by @heldkat [#1107]
  • [OPERATOR] An example Extension manifest for extension registration has been added. It can be found at example/extension.yaml by @timuthy [#1136]
  • [DEVELOPER] Separate bastion reconcile and delete options by @hebelsan [#1108]
  • [OPERATOR] Add shoot input validation by @kon-angelo [#1155]
  • [OPERATOR] Update RBAC for extensions running in the runtime cluster. by @hebelsan [#1139]

Helm Charts​

  • admission-openstack-application: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-openstack-application:v1.49.0
  • admission-openstack-runtime: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-openstack-runtime:v1.49.0
  • provider-openstack: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/provider-openstack:v1.49.0

Container (OCI) Images​

  • gardener-extension-admission-openstack: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/admission-openstack:v1.49.0
  • gardener-extension-provider-openstack: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/provider-openstack:v1.49.0
Update gardener-controlplane to 1.128.2

[github.com/gardener/gardener:v1.128.2]

πŸ› Bug Fixes​

  • [DEVELOPER] The Priority field for the MachineDeployment API is optional instead of required again. by @gardener-ci-robot [#13016]

πŸƒ Others​

  • [DEVELOPER] The optimistic defaulting of priorities for MachineDeployments was introduced again. by @gardener-ci-robot [#13016]
  • [DEPENDENCY] The following dependencies have been updated:

Helm Charts​

  • controlplane: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.128.2
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.128.2
  • operator: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.128.2
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.128.2

Container (OCI) Images​

  • admission-controller: europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.128.2
  • apiserver: europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.128.2
  • controller-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.128.2
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.128.2
  • node-agent: europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.128.2
  • operator: europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.128.2
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.128.2
  • scheduler: europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.128.2
Update gardener-controlplane to 1.128.2

[github.com/gardener/gardener:v1.128.2]

πŸ› Bug Fixes​

  • [DEVELOPER] The Priority field for the MachineDeployment API is optional instead of required again. by @gardener-ci-robot [#13016]

πŸƒ Others​

  • [DEVELOPER] The optimistic defaulting of priorities for MachineDeployments was introduced again. by @gardener-ci-robot [#13016]
  • [DEPENDENCY] The following dependencies have been updated:

Helm Charts​

  • controlplane: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.128.2
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.128.2
  • operator: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.128.2
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.128.2

Container (OCI) Images​

  • admission-controller: europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.128.2
  • apiserver: europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.128.2
  • controller-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.128.2
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.128.2
  • node-agent: europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.128.2
  • operator: europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.128.2
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.128.2
  • scheduler: europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.128.2
Update gardenlet to 1.128.2

[github.com/gardener/gardener:v1.128.2]

πŸ› Bug Fixes​

  • [DEVELOPER] The Priority field for the MachineDeployment API is optional instead of required again. by @gardener-ci-robot [#13016]

πŸƒ Others​

  • [DEVELOPER] The optimistic defaulting of priorities for MachineDeployments was introduced again. by @gardener-ci-robot [#13016]
  • [DEPENDENCY] The following dependencies have been updated:

Helm Charts​

  • controlplane: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.128.2
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.128.2
  • operator: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.128.2
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.128.2

Container (OCI) Images​

  • admission-controller: europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.128.2
  • apiserver: europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.128.2
  • controller-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.128.2
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.128.2
  • node-agent: europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.128.2
  • operator: europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.128.2
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.128.2
  • scheduler: europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.128.2
Update provider-aws to 1.64.0

[github.com/gardener/gardener-extension-provider-aws:v1.64.0]

✨ New Features​

  • [OPERATOR] Admission controller now allows seed.spec.backup.credentialsRef and backupBucket.spec.credentialsRef to use credentials of either v1.Secret or security.gardener.cloud/v1alpha1.WorkloadIdentity by @vpnachev [#1461]

πŸƒ Others​

  • [OPERATOR] Update RBAC for extensions running in the runtime cluster. by @hebelsan [#1460]
  • [OPERATOR] LoadBalancer services in IPv6 and dual-stack clusters can now opt out of automatic dual-stack annotations using extensions.gardener.cloud/ignore-load-balancer: "true". by @axel7born [#1459]
  • [OPERATOR] AMI selection for workers' MachineClass supports Cloudprofiles with Capabilities. by @Roncossek [#1458]
  • [OPERATOR] Adopts Gardener MachineImage Capabilities and introduces CapabilitySets to the providerConfig. by @Roncossek [#1306]
  • [OPERATOR] Migration from dual-stack [IPv4, IPv6] to [IPv4] networking is now allowed. by @axel7born [#1481]
  • [OPERATOR] Input validation for shoot fields by @kon-angelo [#1479]
  • [OPERATOR] An example Extension manifest for extension registration has been added. It can be found at example/extension.yaml by @timuthy [#1454]
  • [OPERATOR] Remove CPU requests for aws-extension components in Shoot and Seed. by @voelzmo [#1448]
  • [OPERATOR] Update mcm AWS image from v0.25.0 to v0.26.0 by @hebelsan [#1478]

Helm Charts​

  • admission-aws-application: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-aws-application:v1.64.0
  • admission-aws-runtime: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-aws-runtime:v1.64.0
  • provider-aws: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/provider-aws:v1.64.0

Container (OCI) Images​

  • gardener-extension-admission-aws: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/admission-aws:v1.64.0
  • gardener-extension-provider-aws: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/provider-aws:v1.64.0
Update gardener-controlplane to 1.128.3

[github.com/gardener/gardener:v1.128.3]

πŸƒ Others​

  • [OPERATOR] Revert server block import of coredns-custom configmap for node-local-dns. by @gardener-ci-robot [#13038]

Helm Charts​

  • controlplane: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.128.3
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.128.3
  • operator: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.128.3
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.128.3

Container (OCI) Images​

  • admission-controller: europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.128.3
  • apiserver: europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.128.3
  • controller-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.128.3
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.128.3
  • node-agent: europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.128.3
  • operator: europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.128.3
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.128.3
  • scheduler: europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.128.3
Update gardener-controlplane to 1.128.3

[github.com/gardener/gardener:v1.128.3]

πŸƒ Others​

  • [OPERATOR] Revert server block import of coredns-custom configmap for node-local-dns. by @gardener-ci-robot [#13038]

Helm Charts​

  • controlplane: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.128.3
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.128.3
  • operator: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.128.3
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.128.3

Container (OCI) Images​

  • admission-controller: europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.128.3
  • apiserver: europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.128.3
  • controller-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.128.3
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.128.3
  • node-agent: europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.128.3
  • operator: europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.128.3
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.128.3
  • scheduler: europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.128.3
Update gardenlet to 1.128.3

[github.com/gardener/gardener:v1.128.3]

πŸƒ Others​

  • [OPERATOR] Revert server block import of coredns-custom configmap for node-local-dns. by @gardener-ci-robot [#13038]

Helm Charts​

  • controlplane: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.128.3
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.128.3
  • operator: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.128.3
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.128.3

Container (OCI) Images​

  • admission-controller: europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.128.3
  • apiserver: europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.128.3
  • controller-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.128.3
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.128.3
  • node-agent: europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.128.3
  • operator: europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.128.3
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.128.3
  • scheduler: europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.128.3
Update provider-openstack to 1.49.1

Helm Charts​

  • admission-openstack-application: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-openstack-application:v1.49.1
  • admission-openstack-runtime: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-openstack-runtime:v1.49.1
  • provider-openstack: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/provider-openstack:v1.49.1

Container (OCI) Images​

  • gardener-extension-admission-openstack: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/admission-openstack:v1.49.1
  • gardener-extension-provider-openstack: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/provider-openstack:v1.49.1
Update shoot-rsyslog-relp to 0.10.1

[github.com/gardener/gardener-extension-shoot-rsyslog-relp:v0.10.1]

πŸ› Bug Fixes​

  • [OPERATOR] Fix casing of role in ScrapeConfig. by @gardener-ci-robot [#314]

Helm Charts​

  • shoot-rsyslog-relp-admission-application: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/shoot-rsyslog-relp-admission-application:v0.10.1
  • shoot-rsyslog-relp-admission-runtime: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/shoot-rsyslog-relp-admission-runtime:v0.10.1
  • shoot-rsyslog-relp: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/shoot-rsyslog-relp:v0.10.1

Container (OCI) Images​

  • gardener-extension-shoot-rsyslog-relp-admission: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/shoot-rsyslog-relp-admission:v0.10.1
  • gardener-extension-shoot-rsyslog-relp: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/shoot-rsyslog-relp:v0.10.1
Update acl to 1.12.0

What's Changed​

⚠️ Breaking Changes​

  • Drop special handling for provider-openstack by @timebertt in https://github.com/stackitcloud/gardener-extension-acl/pull/173
    • Operators should ensure that the provider-openstack version is recent enough to publish Infrastructure.status.egressCIDRs for all clusters before upgrading to this version of this extension.

πŸ€– Dependencies​

New Contributors​

Full Changelog: https://github.com/stackitcloud/gardener-extension-acl/compare/v1.11.0...v1.12.0

Update provider-aws to 1.64.1

Helm Charts​

  • admission-aws-application: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-aws-application:v1.64.1
  • admission-aws-runtime: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-aws-runtime:v1.64.1
  • provider-aws: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/provider-aws:v1.64.1

Container (OCI) Images​

  • gardener-extension-admission-aws: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/admission-aws:v1.64.1
  • gardener-extension-provider-aws: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/provider-aws:v1.64.1
Update dashboard to 1.82.3

[github.com/gardener/dashboard:1.82.3]

πŸ› Bug Fixes​

  • [USER] Added the missing cloudflare-dns provider to the list of supported DNS providers by @gardener-github-actions[bot] [#2667]

Container (OCI) Images​

  • gardener-dashboard: europe-docker.pkg.dev/gardener-project/releases/gardener/dashboard:1.82.3
Update dashboard to 1.82.3

[github.com/gardener/dashboard:1.82.3]

πŸ› Bug Fixes​

  • [USER] Added the missing cloudflare-dns provider to the list of supported DNS providers by @gardener-github-actions[bot] [#2667]

Container (OCI) Images​

  • gardener-dashboard: europe-docker.pkg.dev/gardener-project/releases/gardener/dashboard:1.82.3
Update gardener-controlplane to 1.128.4

[github.com/gardener/gardener:v1.128.4]

πŸ› Bug Fixes​

  • [DEVELOPER] An issue preventing extensions.gardener.cloud/v1alpha1.Bastions to be listed due to missing json tags is now fixed. by @gardener-ci-robot [#13063]
  • [USER] A bug causing finalizers to not be removed from Secrets when such are deleted and referenced by both a CredentialsBinding and a SecretBinding is fixed. by @gardener-ci-robot [#13074]
  • [OPERATOR] A bug in the gardenletdeployer unable to handle backup credentials of type WorkloadIdentity has been fixed. by @vpnachev [#13088]

Helm Charts​

  • controlplane: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.128.4
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.128.4
  • operator: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.128.4
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.128.4

Container (OCI) Images​

  • admission-controller: europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.128.4
  • apiserver: europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.128.4
  • controller-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.128.4
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.128.4
  • node-agent: europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.128.4
  • operator: europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.128.4
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.128.4
  • scheduler: europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.128.4
Update gardener-controlplane to 1.128.4

[github.com/gardener/gardener:v1.128.4]

πŸ› Bug Fixes​

  • [DEVELOPER] An issue preventing extensions.gardener.cloud/v1alpha1.Bastions to be listed due to missing json tags is now fixed. by @gardener-ci-robot [#13063]
  • [USER] A bug causing finalizers to not be removed from Secrets when such are deleted and referenced by both a CredentialsBinding and a SecretBinding is fixed. by @gardener-ci-robot [#13074]
  • [OPERATOR] A bug in the gardenletdeployer unable to handle backup credentials of type WorkloadIdentity has been fixed. by @vpnachev [#13088]

Helm Charts​

  • controlplane: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.128.4
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.128.4
  • operator: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.128.4
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.128.4

Container (OCI) Images​

  • admission-controller: europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.128.4
  • apiserver: europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.128.4
  • controller-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.128.4
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.128.4
  • node-agent: europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.128.4
  • operator: europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.128.4
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.128.4
  • scheduler: europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.128.4
Update gardenlet to 1.128.4

[github.com/gardener/gardener:v1.128.4]

πŸ› Bug Fixes​

  • [DEVELOPER] An issue preventing extensions.gardener.cloud/v1alpha1.Bastions to be listed due to missing json tags is now fixed. by @gardener-ci-robot [#13063]
  • [USER] A bug causing finalizers to not be removed from Secrets when such are deleted and referenced by both a CredentialsBinding and a SecretBinding is fixed. by @gardener-ci-robot [#13074]
  • [OPERATOR] A bug in the gardenletdeployer unable to handle backup credentials of type WorkloadIdentity has been fixed. by @vpnachev [#13088]

Helm Charts​

  • controlplane: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.128.4
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.128.4
  • operator: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.128.4
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.128.4

Container (OCI) Images​

  • admission-controller: europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.128.4
  • apiserver: europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.128.4
  • controller-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.128.4
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.128.4
  • node-agent: europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.128.4
  • operator: europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.128.4
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.128.4
  • scheduler: europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.128.4
Update gardener-controlplane to 1.129.0

[github.com/gardener/gardener:v1.129.0]

⚠️ Breaking Changes​

  • [OPERATOR] The GA-ed and unconditionally enabled UseNamespacedCloudProfile feature gates is removed. If you have references to this feature gate, clean them up before upgrading to this version of Gardener. by @LucaBernstein [#13020]
  • [OPERATOR] It is not allowed anymore to specify the following characters: [, #], as well as capitalized letters, within the entries of the Garden's .spec.virtualCluster.Gardener.apiServer.watchCacheSizes.resources[].apiGroup field. Please update your Gardens accordingly. by @tobschli [#12839]
  • [USER] It is not allowed anymore to specify the following characters: [, #], as well as capitalized letters, within the entries of the Shoot's .spec.kubernetes.kubeAPIServer.watchCacheSizes.resources[].apiGroup field. Please update your Shoots accordingly. by @tobschli [#12839]
  • [OPERATOR] The GA-ed and unconditionally enabled CredentialsRotationWithoutWorkersRollout feature gates is removed. If you have references to this feature gate, clean them up before upgrading to this version of Gardener. by @rfranzke [#13041]
  • [OPERATOR] It is not allowed anymore to specify the following characters: [,. #], as well as capitalized letters, within the entries of the Garden's .spec.virtualCluster.Gardener.apiServer.watchCacheSizes.resources[].resource field. Please update your Gardens accordingly. by @tobschli [#12839]
  • [USER] The .status.credentials.rotation.kubeconfig field in the Shoot API is removed. This field has been deprecated since Gardener v1.114.0. by @shafeeqes [#13037]
  • [USER] It is not allowed anymore to specify the following characters: [,. #], as well as capitalized letters, within the entries of the Shoot's .spec.kubernetes.kubeAPIServer.watchCacheSizes.resources[].resource field. Please update your Shoots accordingly. by @tobschli [#12839]

πŸ“° Noteworthy​

  • [USER] ViewerKubeconfig is no longer using solely the group gardener.cloud:system:viewers to grant viewer access to the shoot cluster, instead it is now granted only to Gardener system viewer users. Project Viewer users are granted viewer access to the shoot cluster via the group gardener.cloud:project:viewers. by @vpnachev [#12674]
  • [USER] AdminKubeconfig is no longer using the group system:masters to grant admin access to the shoot cluster, instead it is now using the groups gardener.cloud:system:admins granted to Gardener system admins and gardener.cloud:project:admins granted to Gardener Project admins. by @vpnachev [#12674]

✨ New Features​

  • [OPERATOR] gardener-admission-controller now supports enabling the OwnerReferencesPermissionEnforcement admission plugin for the virtual kube-apiserver. Previously, it was rejecting requests from gardenlet because the shoots/finalizers and backupbuckets/finalizers subresources were not allowed. by @gardener-ci-robot [#13059]
  • [OPERATOR] The OperatingSystemConfig containerd config was enhanced to specify the override_path option which is respected when generating the hosts.toml file for the respective upstream config. by @timuthy [#13002]

πŸ› Bug Fixes​

  • [USER] A bug causing finalizers to not be removed from Secrets when such are deleted and referenced by both a CredentialsBinding and a SecretBinding is fixed. by @gardener-ci-robot [#13075]
  • [OPERATOR] Fixed an issue that caused Machines to be duplicated when being saved in the ShootState. This caused the ShootState to grow exponentially large and fail to be created. The issue could occur when there are multiple MachineDeployments created for the Shoot. by @gardener-ci-robot [#13089]
  • [OPERATOR] A bug in the gardenletdeployer unable to handle backup credentials of type WorkloadIdentity has been fixed. by @gardener-ci-robot [#13087]
  • [OPERATOR] Fixed the alertmanager-garden peer discovery service port names by @rickardsjp [#12988]
  • [DEVELOPER] An issue preventing extensions.gardener.cloud/v1alpha1.Bastions to be listed due to missing json tags is now fixed. by @gardener-ci-robot [#13062]
  • [DEVELOPER] The Priority field for the MachineDeployment API is optional instead of required again. by @tobschli [#13014]

πŸƒ Others​

  • [DEPENDENCY] The following dependencies have been updated:
  • [OPERATOR] Revert server block import of coredns-custom configmap for node-local-dns. by @DockToFuture [#13028]
  • [DEPENDENCY] The following dependencies have been updated:
  • [DEPENDENCY] The following dependencies have been updated:
    • quay.io/brancz/kube-rbac-proxy from v0.19.1 to v0.20.0. by @gardener-ci-robot [#12980]
  • [DEPENDENCY] The following dependencies have been updated:
  • [DEPENDENCY] The following dependencies have been updated:
    • registry.k8s.io/ingress-nginx/controller-chroot from v1.13.2 to v1.13.3. by @gardener-ci-robot [#13047]
  • [DEPENDENCY] The following dependencies have been updated:
    • fluent/fluent-operator from v3.2.5 to v4.0.9 by @nickytd [#12998]
  • [DEVELOPER] An issue with the ssh tunnel in the extensions setup is fixed. by @axel7born [#13019]
  • [DEPENDENCY] The following dependencies have been updated:
  • [DEVELOPER] The optimistic defaulting of priorities for MachineDeployments was introduced again. by @tobschli [#13014]
  • [OPERATOR] Remove migration code to clean up obsolete Prometheus volumes by @vicwicker [#13021]
  • [USER] Gardener API server now serves the OpenAPI v2 schema ( /openapi/v2 endpoint) again and will keep on serving it until Gardener v1.160. In Gardener v1.127.0, the support for OpenAPI v2 schemas was removed. However, terraform-provider-kubernetes does not yet support OpenAPI v3 schema. by @shafeeqes [#12987]

Helm Charts​

  • controlplane: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.129.0
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.129.0
  • operator: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.129.0
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.129.0

Container (OCI) Images​

  • admission-controller: europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.129.0
  • apiserver: europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.129.0
  • controller-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.129.0
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.129.0
  • node-agent: europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.129.0
  • operator: europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.129.0
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.129.0
  • scheduler: europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.129.0
Update gardener-controlplane to 1.129.0

[github.com/gardener/gardener:v1.129.0]

⚠️ Breaking Changes​

  • [OPERATOR] The GA-ed and unconditionally enabled UseNamespacedCloudProfile feature gates is removed. If you have references to this feature gate, clean them up before upgrading to this version of Gardener. by @LucaBernstein [#13020]
  • [OPERATOR] It is not allowed anymore to specify the following characters: [, #], as well as capitalized letters, within the entries of the Garden's .spec.virtualCluster.Gardener.apiServer.watchCacheSizes.resources[].apiGroup field. Please update your Gardens accordingly. by @tobschli [#12839]
  • [USER] It is not allowed anymore to specify the following characters: [, #], as well as capitalized letters, within the entries of the Shoot's .spec.kubernetes.kubeAPIServer.watchCacheSizes.resources[].apiGroup field. Please update your Shoots accordingly. by @tobschli [#12839]
  • [OPERATOR] The GA-ed and unconditionally enabled CredentialsRotationWithoutWorkersRollout feature gates is removed. If you have references to this feature gate, clean them up before upgrading to this version of Gardener. by @rfranzke [#13041]
  • [OPERATOR] It is not allowed anymore to specify the following characters: [,. #], as well as capitalized letters, within the entries of the Garden's .spec.virtualCluster.Gardener.apiServer.watchCacheSizes.resources[].resource field. Please update your Gardens accordingly. by @tobschli [#12839]
  • [USER] The .status.credentials.rotation.kubeconfig field in the Shoot API is removed. This field has been deprecated since Gardener v1.114.0. by @shafeeqes [#13037]
  • [USER] It is not allowed anymore to specify the following characters: [,. #], as well as capitalized letters, within the entries of the Shoot's .spec.kubernetes.kubeAPIServer.watchCacheSizes.resources[].resource field. Please update your Shoots accordingly. by @tobschli [#12839]

πŸ“° Noteworthy​

  • [USER] ViewerKubeconfig is no longer using solely the group gardener.cloud:system:viewers to grant viewer access to the shoot cluster, instead it is now granted only to Gardener system viewer users. Project Viewer users are granted viewer access to the shoot cluster via the group gardener.cloud:project:viewers. by @vpnachev [#12674]
  • [USER] AdminKubeconfig is no longer using the group system:masters to grant admin access to the shoot cluster, instead it is now using the groups gardener.cloud:system:admins granted to Gardener system admins and gardener.cloud:project:admins granted to Gardener Project admins. by @vpnachev [#12674]

✨ New Features​

  • [OPERATOR] gardener-admission-controller now supports enabling the OwnerReferencesPermissionEnforcement admission plugin for the virtual kube-apiserver. Previously, it was rejecting requests from gardenlet because the shoots/finalizers and backupbuckets/finalizers subresources were not allowed. by @gardener-ci-robot [#13059]
  • [OPERATOR] The OperatingSystemConfig containerd config was enhanced to specify the override_path option which is respected when generating the hosts.toml file for the respective upstream config. by @timuthy [#13002]

πŸ› Bug Fixes​

  • [USER] A bug causing finalizers to not be removed from Secrets when such are deleted and referenced by both a CredentialsBinding and a SecretBinding is fixed. by @gardener-ci-robot [#13075]
  • [OPERATOR] Fixed an issue that caused Machines to be duplicated when being saved in the ShootState. This caused the ShootState to grow exponentially large and fail to be created. The issue could occur when there are multiple MachineDeployments created for the Shoot. by @gardener-ci-robot [#13089]
  • [OPERATOR] A bug in the gardenletdeployer unable to handle backup credentials of type WorkloadIdentity has been fixed. by @gardener-ci-robot [#13087]
  • [OPERATOR] Fixed the alertmanager-garden peer discovery service port names by @rickardsjp [#12988]
  • [DEVELOPER] An issue preventing extensions.gardener.cloud/v1alpha1.Bastions to be listed due to missing json tags is now fixed. by @gardener-ci-robot [#13062]
  • [DEVELOPER] The Priority field for the MachineDeployment API is optional instead of required again. by @tobschli [#13014]

πŸƒ Others​

  • [DEPENDENCY] The following dependencies have been updated:
  • [OPERATOR] Revert server block import of coredns-custom configmap for node-local-dns. by @DockToFuture [#13028]
  • [DEPENDENCY] The following dependencies have been updated:
  • [DEPENDENCY] The following dependencies have been updated:
    • quay.io/brancz/kube-rbac-proxy from v0.19.1 to v0.20.0. by @gardener-ci-robot [#12980]
  • [DEPENDENCY] The following dependencies have been updated:
  • [DEPENDENCY] The following dependencies have been updated:
    • registry.k8s.io/ingress-nginx/controller-chroot from v1.13.2 to v1.13.3. by @gardener-ci-robot [#13047]
  • [DEPENDENCY] The following dependencies have been updated:
    • fluent/fluent-operator from v3.2.5 to v4.0.9 by @nickytd [#12998]
  • [DEVELOPER] An issue with the ssh tunnel in the extensions setup is fixed. by @axel7born [#13019]
  • [DEPENDENCY] The following dependencies have been updated:
  • [DEVELOPER] The optimistic defaulting of priorities for MachineDeployments was introduced again. by @tobschli [#13014]
  • [OPERATOR] Remove migration code to clean up obsolete Prometheus volumes by @vicwicker [#13021]
  • [USER] Gardener API server now serves the OpenAPI v2 schema ( /openapi/v2 endpoint) again and will keep on serving it until Gardener v1.160. In Gardener v1.127.0, the support for OpenAPI v2 schemas was removed. However, terraform-provider-kubernetes does not yet support OpenAPI v3 schema. by @shafeeqes [#12987]

Helm Charts​

  • controlplane: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.129.0
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.129.0
  • operator: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.129.0
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.129.0

Container (OCI) Images​

  • admission-controller: europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.129.0
  • apiserver: europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.129.0
  • controller-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.129.0
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.129.0
  • node-agent: europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.129.0
  • operator: europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.129.0
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.129.0
  • scheduler: europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.129.0
Update gardenlet to 1.129.0

[github.com/gardener/gardener:v1.129.0]

⚠️ Breaking Changes​

  • [OPERATOR] The GA-ed and unconditionally enabled UseNamespacedCloudProfile feature gates is removed. If you have references to this feature gate, clean them up before upgrading to this version of Gardener. by @LucaBernstein [#13020]
  • [OPERATOR] It is not allowed anymore to specify the following characters: [, #], as well as capitalized letters, within the entries of the Garden's .spec.virtualCluster.Gardener.apiServer.watchCacheSizes.resources[].apiGroup field. Please update your Gardens accordingly. by @tobschli [#12839]
  • [USER] It is not allowed anymore to specify the following characters: [, #], as well as capitalized letters, within the entries of the Shoot's .spec.kubernetes.kubeAPIServer.watchCacheSizes.resources[].apiGroup field. Please update your Shoots accordingly. by @tobschli [#12839]
  • [OPERATOR] The GA-ed and unconditionally enabled CredentialsRotationWithoutWorkersRollout feature gates is removed. If you have references to this feature gate, clean them up before upgrading to this version of Gardener. by @rfranzke [#13041]
  • [OPERATOR] It is not allowed anymore to specify the following characters: [,. #], as well as capitalized letters, within the entries of the Garden's .spec.virtualCluster.Gardener.apiServer.watchCacheSizes.resources[].resource field. Please update your Gardens accordingly. by @tobschli [#12839]
  • [USER] The .status.credentials.rotation.kubeconfig field in the Shoot API is removed. This field has been deprecated since Gardener v1.114.0. by @shafeeqes [#13037]
  • [USER] It is not allowed anymore to specify the following characters: [,. #], as well as capitalized letters, within the entries of the Shoot's .spec.kubernetes.kubeAPIServer.watchCacheSizes.resources[].resource field. Please update your Shoots accordingly. by @tobschli [#12839]

πŸ“° Noteworthy​

  • [USER] ViewerKubeconfig is no longer using solely the group gardener.cloud:system:viewers to grant viewer access to the shoot cluster, instead it is now granted only to Gardener system viewer users. Project Viewer users are granted viewer access to the shoot cluster via the group gardener.cloud:project:viewers. by @vpnachev [#12674]
  • [USER] AdminKubeconfig is no longer using the group system:masters to grant admin access to the shoot cluster, instead it is now using the groups gardener.cloud:system:admins granted to Gardener system admins and gardener.cloud:project:admins granted to Gardener Project admins. by @vpnachev [#12674]

✨ New Features​

  • [OPERATOR] gardener-admission-controller now supports enabling the OwnerReferencesPermissionEnforcement admission plugin for the virtual kube-apiserver. Previously, it was rejecting requests from gardenlet because the shoots/finalizers and backupbuckets/finalizers subresources were not allowed. by @gardener-ci-robot [#13059]
  • [OPERATOR] The OperatingSystemConfig containerd config was enhanced to specify the override_path option which is respected when generating the hosts.toml file for the respective upstream config. by @timuthy [#13002]

πŸ› Bug Fixes​

  • [USER] A bug causing finalizers to not be removed from Secrets when such are deleted and referenced by both a CredentialsBinding and a SecretBinding is fixed. by @gardener-ci-robot [#13075]
  • [OPERATOR] Fixed an issue that caused Machines to be duplicated when being saved in the ShootState. This caused the ShootState to grow exponentially large and fail to be created. The issue could occur when there are multiple MachineDeployments created for the Shoot. by @gardener-ci-robot [#13089]
  • [OPERATOR] A bug in the gardenletdeployer unable to handle backup credentials of type WorkloadIdentity has been fixed. by @gardener-ci-robot [#13087]
  • [OPERATOR] Fixed the alertmanager-garden peer discovery service port names by @rickardsjp [#12988]
  • [DEVELOPER] An issue preventing extensions.gardener.cloud/v1alpha1.Bastions to be listed due to missing json tags is now fixed. by @gardener-ci-robot [#13062]
  • [DEVELOPER] The Priority field for the MachineDeployment API is optional instead of required again. by @tobschli [#13014]

πŸƒ Others​

  • [DEPENDENCY] The following dependencies have been updated:
  • [OPERATOR] Revert server block import of coredns-custom configmap for node-local-dns. by @DockToFuture [#13028]
  • [DEPENDENCY] The following dependencies have been updated:
  • [DEPENDENCY] The following dependencies have been updated:
    • quay.io/brancz/kube-rbac-proxy from v0.19.1 to v0.20.0. by @gardener-ci-robot [#12980]
  • [DEPENDENCY] The following dependencies have been updated:
  • [DEPENDENCY] The following dependencies have been updated:
    • registry.k8s.io/ingress-nginx/controller-chroot from v1.13.2 to v1.13.3. by @gardener-ci-robot [#13047]
  • [DEPENDENCY] The following dependencies have been updated:
    • fluent/fluent-operator from v3.2.5 to v4.0.9 by @nickytd [#12998]
  • [DEVELOPER] An issue with the ssh tunnel in the extensions setup is fixed. by @axel7born [#13019]
  • [DEPENDENCY] The following dependencies have been updated:
  • [DEVELOPER] The optimistic defaulting of priorities for MachineDeployments was introduced again. by @tobschli [#13014]
  • [OPERATOR] Remove migration code to clean up obsolete Prometheus volumes by @vicwicker [#13021]
  • [USER] Gardener API server now serves the OpenAPI v2 schema ( /openapi/v2 endpoint) again and will keep on serving it until Gardener v1.160. In Gardener v1.127.0, the support for OpenAPI v2 schemas was removed. However, terraform-provider-kubernetes does not yet support OpenAPI v3 schema. by @shafeeqes [#12987]

Helm Charts​

  • controlplane: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.129.0
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.129.0
  • operator: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.129.0
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.129.0

Container (OCI) Images​

  • admission-controller: europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.129.0
  • apiserver: europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.129.0
  • controller-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.129.0
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.129.0
  • node-agent: europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.129.0
  • operator: europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.129.0
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.129.0
  • scheduler: europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.129.0
Update shoot-oidc-service to 0.33.0

[github.com/gardener/gardener-extension-shoot-oidc-service:v0.33.0]

✨ New Features​

  • [USER] shoot-oidc-service no longer supports Shoots with Кubernetes version <= 1.28. by @georgibaltiev [#340]

πŸƒ Others​

  • [DEVELOPER] migrate CICD-Pipeline to GitHub-Actions by @ccwienk [#333]
  • [OPERATOR] An example Extension manifest for extension registration has been added. It can be found at example/extension.yaml by @timuthy [#353]
  • [OPERATOR] Migrate the extension VPAs from the deprecated update mode Auto to its only fallback strategy - update mode Recreate. by @vitanovs [#365]
  • [OPERATOR] Test results are now exported as inlined ocm-resource. by @heldkat [#342]

Helm Charts​

  • shoot-oidc-service: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/shoot-oidc-service:v0.33.0

Container (OCI) Images​

  • gardener-extension-shoot-oidc-service: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/shoot-oidc-service:v0.33.0
Update shoot-flux to 0.23.0

What's Changed​

Full Changelog: https://github.com/stackitcloud/gardener-extension-shoot-flux/compare/v0.22.0...v0.23.0

Update acl to 1.13.0

What's Changed​

πŸ€– Dependencies​

ℹ️ Other Changes​

New Contributors​

Full Changelog: https://github.com/stackitcloud/gardener-extension-acl/compare/v1.12.0...v1.13.0

Update gardener-controlplane to 1.129.1

[github.com/gardener/gardener:v1.129.1]

πŸ› Bug Fixes​

  • [OPERATOR] A bug has been fixed which prevented L7 load-balancing for kube-apiservers to work correctly on Seeds/Gardens where topology-aware-routing is activated. by @@oliver-goetz [#13142]

πŸƒ Others​

  • [OPERATOR] Logging stack configuration is now tuned for high-throughput scenarios. It brings changes in local file system resource utilization, addressing potential node disk pressure occurrences. by @@nickytd [#13139]
  • [DEPENDENCY] The following dependencies have been updated:
    • registry.k8s.io/node-problem-detector/node-problem-detector from v0.8.21 to v0.8.22. by @@gardener-ci-robot [#13099]

Helm Charts​

  • controlplane: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.129.1
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.129.1
  • operator: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.129.1
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.129.1

Container (OCI) Images​

  • admission-controller: europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.129.1
  • apiserver: europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.129.1
  • controller-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.129.1
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.129.1
  • node-agent: europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.129.1
  • operator: europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.129.1
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.129.1
  • scheduler: europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.129.1
Update gardener-controlplane to 1.129.1

[github.com/gardener/gardener:v1.129.1]

πŸ› Bug Fixes​

  • [OPERATOR] A bug has been fixed which prevented L7 load-balancing for kube-apiservers to work correctly on Seeds/Gardens where topology-aware-routing is activated. by @@oliver-goetz [#13142]

πŸƒ Others​

  • [OPERATOR] Logging stack configuration is now tuned for high-throughput scenarios. It brings changes in local file system resource utilization, addressing potential node disk pressure occurrences. by @@nickytd [#13139]
  • [DEPENDENCY] The following dependencies have been updated:
    • registry.k8s.io/node-problem-detector/node-problem-detector from v0.8.21 to v0.8.22. by @@gardener-ci-robot [#13099]

Helm Charts​

  • controlplane: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.129.1
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.129.1
  • operator: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.129.1
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.129.1

Container (OCI) Images​

  • admission-controller: europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.129.1
  • apiserver: europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.129.1
  • controller-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.129.1
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.129.1
  • node-agent: europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.129.1
  • operator: europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.129.1
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.129.1
  • scheduler: europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.129.1
Update gardenlet to 1.129.1

[github.com/gardener/gardener:v1.129.1]

πŸ› Bug Fixes​

  • [OPERATOR] A bug has been fixed which prevented L7 load-balancing for kube-apiservers to work correctly on Seeds/Gardens where topology-aware-routing is activated. by @@oliver-goetz [#13142]

πŸƒ Others​

  • [OPERATOR] Logging stack configuration is now tuned for high-throughput scenarios. It brings changes in local file system resource utilization, addressing potential node disk pressure occurrences. by @@nickytd [#13139]
  • [DEPENDENCY] The following dependencies have been updated:
    • registry.k8s.io/node-problem-detector/node-problem-detector from v0.8.21 to v0.8.22. by @@gardener-ci-robot [#13099]

Helm Charts​

  • controlplane: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.129.1
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.129.1
  • operator: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.129.1
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.129.1

Container (OCI) Images​

  • admission-controller: europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.129.1
  • apiserver: europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.129.1
  • controller-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.129.1
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.129.1
  • node-agent: europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.129.1
  • operator: europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.129.1
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.129.1
  • scheduler: europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.129.1
Update runtime-gvisor to 0.25.0

[github.com/gardener/gardener-extension-runtime-gvisor:v0.25.0]

πŸƒ Others​

  • [OPERATOR] Updated gVisor binaries to 20251006.0. by @gardener-github-actions[bot] [#297]
  • [OPERATOR] It is now possible to specify runsc's panic-signal setting through the gVisor providerConfig. by @MrBatschner [#296]

πŸƒ Others​

  • [OPERATOR] Migrate the extension VPAs from the deprecated update mode Auto to its only fallback strategy - update mode Recreate. by @vitanovs [#290]

Helm Charts​

  • runtime-gvisor: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/runtime-gvisor:v0.25.0

Container (OCI) Images​

  • gardener-extension-runtime-gvisor-installation: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/runtime-gvisor-installation:v0.25.0
  • gardener-extension-runtime-gvisor: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/runtime-gvisor:v0.25.0
Update shoot-cert-service to 1.54.0

[github.com/gardener/gardener-extension-shoot-cert-service:v1.54.0]

✨ New Features​

  • [USER] Validation for secrets of ACME issuers specified in shoot manifest is performed on reconciling the extension.
    Both the privateKey secret of the ACME issuer and the optional external account binding secret are validated for the allowed data keys and values. by @MartinWeindel [#458]

πŸ› Bug Fixes​

  • [OPERATOR] Add networking policy label to allow access to virtual garden if the controlplane-cert-service extension is enabled and Garden runtime cluster and soil are the same. by @MartinWeindel [#469]

πŸƒ Others​

  • [OPERATOR] Migrate the extension VPAs from the deprecated update mode Auto to its only fallback strategy - update mode Recreate. by @vitanovs [#470]

Helm Charts​

  • shoot-cert-service: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/shoot-cert-service:v1.54.0

Container (OCI) Images​

  • gardener-extension-shoot-cert-service: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/shoot-cert-service:v1.54.0
Update dashboard to 1.82.4

Container (OCI) Images​

  • gardener-dashboard: europe-docker.pkg.dev/gardener-project/releases/gardener/dashboard:1.82.4
Update dashboard to 1.82.4

Container (OCI) Images​

  • gardener-dashboard: europe-docker.pkg.dev/gardener-project/releases/gardener/dashboard:1.82.4
Update external-dns-management to 0.29.0

[github.com/gardener/external-dns-management:v0.29.0]

⚠️ Breaking Changes​

  • [USER] The infoblox-dns provider is deprecated and will be removed end of 2025. by @MartinWeindel [#645]
  • [OPERATOR] The infoblox-dns provider is deprecated and will be removed end of 2025. by @MartinWeindel [#645]

✨ New Features​

  • [OPERATOR] Support command line option --kubeconfig.crds-shoot-no-cleanup-label to allow to set the label shoot.gardener.cloud/no-cleanup=true for deployed CRDs. by @MartinWeindel [#674]

πŸ› Bug Fixes​

  • [OPERATOR] [netlify-dns] Allow underscore character on validating the API token for netlify. by @MartinWeindel [#644]

πŸƒ Others​

  • [OPERATOR] Migrate the workload VPA from the deprecated update mode Auto to its only fallback strategy - update mode Recreate. by @vitanovs [#671]
  • [OPERATOR] Update cloudflare-dns to use the Version 6 of github.com/cloudflare/cloudflare-go/v6. by @MartinWeindel [#640]
  • [OPERATOR] Aligned zone metrics handling in Azure DNS and Azure Private DNS providers with all other DNS providers. by @marc1404 [#667]
  • [OPERATOR] Simplify build workflow, drop redundant check step. by @MartinWeindel [#658]

Helm Charts​

  • dns-controller-manager: europe-docker.pkg.dev/gardener-project/releases/charts/dns-controller-manager:v0.29.0

Container (OCI) Images​

  • dns-controller-manager: europe-docker.pkg.dev/gardener-project/releases/dns-controller-manager:v0.29.0
Update os-gardenlinux to 0.34.0

[github.com/gardener/gardener-extension-os-gardenlinux:v0.34.0]

πŸƒ Others​

  • [OPERATOR] Migrate the extension VPAs from the deprecated update mode Auto to its only fallback strategy - update mode Recreate. by @vitanovs [#301]

Helm Charts​

  • os-gardenlinux: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/os-gardenlinux:v0.34.0

Container (OCI) Images​

  • gardener-extension-os-gardenlinux: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/os-gardenlinux:v0.34.0
Update os-ubuntu to 1.33.0

[github.com/gardener/gardener-extension-os-ubuntu:v1.33.0]

πŸƒ Others​

  • [OPERATOR] Add missing securityContext controls in order to comply with the restricted Pod Security Standards policy. by @mstueer [#251]
  • [OPERATOR] Migrate the extension VPAs from the deprecated update mode Auto to its only fallback strategy - update mode Recreate. by @vitanovs [#247]

Helm Charts​

  • os-ubuntu: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/os-ubuntu:v1.33.0

Container (OCI) Images​

  • gardener-extension-os-ubuntu: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/os-ubuntu:v1.33.0
Update provider-azure to 1.55.1

[github.com/gardener/gardener-extension-provider-azure:v1.55.1]

πŸ› Bug Fixes​

  • [OPERATOR] Update mcm image to v0.17.1 by @hebelsan [#1324]

Helm Charts​

  • admission-azure-application: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-azure-application:v1.55.1
  • admission-azure-runtime: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-azure-runtime:v1.55.1
  • provider-azure: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/provider-azure:v1.55.1

Container (OCI) Images​

  • gardener-extension-admission-azure: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/admission-azure:v1.55.1
  • gardener-extension-provider-azure: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/provider-azure:v1.55.1
Update gardener-controlplane to 1.129.2

[github.com/gardener/gardener:v1.129.2]

πŸ› Bug Fixes​

  • [OPERATOR] A bug which deactivates topology aware routing for kube-apiservers when l7 load-balancing is not active has been fixed. by @oliver-goetz [#13186]
  • [USER] An upstream issue causing kube-proxy to log thousands of log entries per second is now mitigated by reducing the kube-proxy verbosity level when running an affected Kubernetes version in the range [1.33.0, 1.33.6). For more details, see http://issues.k8s.io/132678. by @ialidzhikov [#13193]
  • [OPERATOR] The quay.io/kiwigrid/k8s-sidecar image is downgraded to v1.30.9 to prevent a regression that causes Plutono dashboards to not be loaded. by @rickardsjp [#13199]

Helm Charts​

  • controlplane: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.129.2
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.129.2
  • operator: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.129.2
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.129.2

Container (OCI) Images​

  • admission-controller: europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.129.2
  • apiserver: europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.129.2
  • controller-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.129.2
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.129.2
  • node-agent: europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.129.2
  • operator: europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.129.2
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.129.2
  • scheduler: europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.129.2
Update gardener-controlplane to 1.129.2

[github.com/gardener/gardener:v1.129.2]

πŸ› Bug Fixes​

  • [OPERATOR] A bug which deactivates topology aware routing for kube-apiservers when l7 load-balancing is not active has been fixed. by @oliver-goetz [#13186]
  • [USER] An upstream issue causing kube-proxy to log thousands of log entries per second is now mitigated by reducing the kube-proxy verbosity level when running an affected Kubernetes version in the range [1.33.0, 1.33.6). For more details, see http://issues.k8s.io/132678. by @ialidzhikov [#13193]
  • [OPERATOR] The quay.io/kiwigrid/k8s-sidecar image is downgraded to v1.30.9 to prevent a regression that causes Plutono dashboards to not be loaded. by @rickardsjp [#13199]

Helm Charts​

  • controlplane: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.129.2
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.129.2
  • operator: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.129.2
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.129.2

Container (OCI) Images​

  • admission-controller: europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.129.2
  • apiserver: europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.129.2
  • controller-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.129.2
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.129.2
  • node-agent: europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.129.2
  • operator: europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.129.2
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.129.2
  • scheduler: europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.129.2
Update gardenlet to 1.129.2

[github.com/gardener/gardener:v1.129.2]

πŸ› Bug Fixes​

  • [OPERATOR] A bug which deactivates topology aware routing for kube-apiservers when l7 load-balancing is not active has been fixed. by @oliver-goetz [#13186]
  • [USER] An upstream issue causing kube-proxy to log thousands of log entries per second is now mitigated by reducing the kube-proxy verbosity level when running an affected Kubernetes version in the range [1.33.0, 1.33.6). For more details, see http://issues.k8s.io/132678. by @ialidzhikov [#13193]
  • [OPERATOR] The quay.io/kiwigrid/k8s-sidecar image is downgraded to v1.30.9 to prevent a regression that causes Plutono dashboards to not be loaded. by @rickardsjp [#13199]

Helm Charts​

  • controlplane: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.129.2
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.129.2
  • operator: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.129.2
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.129.2

Container (OCI) Images​

  • admission-controller: europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.129.2
  • apiserver: europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.129.2
  • controller-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.129.2
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.129.2
  • node-agent: europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.129.2
  • operator: europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.129.2
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.129.2
  • scheduler: europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.129.2
Update networking-calico to 1.52.0

[github.com/gardener/gardener-extension-networking-calico:v1.52.0]

πŸƒ Others​

  • [OPERATOR] Add multus-cni DaemonSet to enable attaching multiple network interfaces to pods by @defo89 [#719]
  • [OPERATOR] Migrate the extension VPAs from the deprecated update mode Auto to its only fallback strategy - update mode Recreate. by @vitanovs [#723]
  • [OPERATOR] minAllowed can now be specified if the autoscaling mode vpa is used. by @ScheererJ [#729]

πŸ“– Documentation​

  • [OPERATOR] fix vethMTU example by @RiRa12621 [#718]

Helm Charts​

  • admission-calico-application: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-calico-application:v1.52.0
  • admission-calico-runtime: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-calico-runtime:v1.52.0
  • networking-calico: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/networking-calico:v1.52.0

Container (OCI) Images​

  • gardener-extension-admission-calico: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/admission-calico:v1.52.0
  • gardener-extension-networking-calico: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/networking-calico:v1.52.0
Update networking-cilium to 1.44.0

[github.com/gardener/gardener-extension-networking-cilium:v1.44.0]

πŸ› Bug Fixes​

  • [OPERATOR] Adapt ScrapeConfig to more picky prometheus-operator v0.76.0 to support new gardener releases. by @ScheererJ [#631]

πŸƒ Others​

  • [OPERATOR] Mutate bind address for node-local-dns sidecar container. by @DockToFuture [#642]
  • [OPERATOR] Allows enabling policy audit mode in networking-cilium extension. by @steinwelberg [#624]
  • [OPERATOR] Migrate the extension VPAs from the deprecated update mode Auto to its only fallback strategy - update mode Recreate. by @vitanovs [#635]
  • [USER] An issue is fixed, that the cilium CA is never renewed. by @axel7born [#639]

Helm Charts​

  • admission-cilium-application: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-cilium-application:v1.44.0
  • admission-cilium-runtime: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-cilium-runtime:v1.44.0
  • networking-cilium: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/networking-cilium:v1.44.0

Container (OCI) Images​

  • gardener-extension-admission-cilium: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/admission-cilium:v1.44.0
  • gardener-extension-networking-cilium: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/networking-cilium:v1.44.0
Update shoot-networking-problemdetector to 0.30.0

[github.com/gardener/gardener-extension-shoot-networking-problemdetector:v0.30.0]

πŸƒ Others​

  • [OPERATOR] Migrate the extension VPAs from the deprecated update mode Auto to its only fallback strategy - update mode Recreate. by @vitanovs [#283]

Helm Charts​

  • shoot-networking-problemdetector: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/shoot-networking-problemdetector:v0.30.0

Container (OCI) Images​

  • gardener-extension-shoot-networking-problemdetector: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/shoot-networking-problemdetector:v0.30.0
Update gardener-controlplane to 1.130.0

[github.com/gardener/gardener:v1.130.0]

⚠️ Breaking Changes​

  • [OPERATOR] The following Shoot fields are now validated:
    • .spec.kubernetes.verticalPodAutoscaler.evictionRateBurst must be non-negative.
    • .spec.kubernetes.verticalPodAutoscaler.evictionTolerance is limited in [0, 1) interval.
    • .spec.kubernetes.verticalPodAutoscaler.recommendationMarginFraction is limited in [0, 1) interval.
    • .spec.kubernetes.kubeScheduler.kubeMaxPDVols must be a positive number.
    • .spec.tolerations[] key and value are validated similar to Kubernetes Tolerations.
    • .spec.schedulerName must comply with RFC 1123 Label Names.
    • .spec.extensions[].type must comply with RFC 1123 Label Names.
    • .spec.provider.type must comply with RFC 1123 Label Names. by @dimitar-kostadinov [#12844]

πŸ“° Noteworthy​

  • [DEVELOPER] The Gardener reviewer groups have been refined and can be found in the OWNERS_ALIASES file. This will serve as the foundation for finding appropriate reviewers for the respective areas in the future. by @timuthy [#13024]

✨ New Features​

  • [DEVELOPER] Shoot advertised addresses are now configurable by extension components for Shoot Ingress resources. For more details, see Shoot Advertised Addresses. by @dnaeon [#13043]
  • [OPERATOR] gardener-operator now prevents deletion of the garden namespace in the runtime cluster while operator.gardener.cloud/v1alpha1.Garden resources still exist. by @rfranzke [#13101]

πŸ› Bug Fixes​

  • [OPERATOR] The quay.io/kiwigrid/k8s-sidecar image is downgraded to v1.30.9 to prevent a regression that causes Plutono dashboards to not be loaded. by @rickardsjp [#13187]
  • [OPERATOR] A bug which deactivates topology aware routing for kube-apiservers when l7 load-balancing is not active has been fixed. by @oliver-goetz [#13185]
  • [USER] Fixes an issue where connecting to the kube-apiserver via the seed ingress URL did not work when the shoot used an exposure class. by @axel7born [#13055]
  • [USER] An upstream issue causing kube-proxy to log thousands of log entries per second is now mitigated by reducing the kube-proxy verbosity level when running an affected Kubernetes version in the range [1.33.0, 1.33.6). For more details, see http://issues.k8s.io/132678. by @ialidzhikov [#13192]
  • [DEVELOPER] In the local setup, the hosts file entry for garden.local.gardener.cloud is written again upon node reboot. by @LucaBernstein [#13132]
  • [OPERATOR] A bug has been fixed which prevented L7 load-balancing for kube-apiservers to work correctly on Seeds/Gardens where topology-aware-routing is activated. by @oliver-goetz [#13081]
  • [DEVELOPER] A default KUBECONFIG is now set when running make seed-{up|down}. by @oliver-goetz [#13071]
  • [DEVELOPER] The testmachinery tests for control plane migration were fixed so that the checks if nodes are kept after control plane migration are executed. by @plkokanov [#13057]
  • [OPERATOR] The worker-pools-operatingsystemconfig-hashes secret is now restored in the Shoot's control plane during the restore phase of control plane migration. This fixes an issue which caused node rollouts to happen during control plane migration when the NewWorkerPoolHash feature gate is enabled. by @plkokanov [#13056]

πŸƒ Others​

  • [OPERATOR] Use aggregate Prometheus internal service for federation from the garden Prometheus when the runtime cluster is a seed by @vicwicker [#13066]
  • [DEPENDENCY] The following dependencies have been updated:
  • [DEPENDENCY] The following dependencies have been updated:
    • registry.k8s.io/node-problem-detector/node-problem-detector from v0.8.21 to v0.8.22. by @gardener-ci-robot [#13032]
  • [OPERATOR] Introduces feature gate UseUnifiedHTTPProxy for unified HTTP proxy infrastructure. by @hown3d [#13003]
  • [DEVELOPER] The custom client certificate parsing in IstioTLSTermination lua scripts was replaced with parsedSubjectPeerCertificate() envoy function. by @oliver-goetz [#13128]
  • [DEPENDENCY] The following dependencies have been updated:
    • quay.io/cortexproject/cortex from v1.19.0 to v1.19.1. by @gardener-ci-robot [#13148]
  • [OPERATOR] The following kube-apiserver metrics are now collected, which might be handy to optimize Priority and Fairness usage:
    • apiserver_flowcontrol_current_inqueue_requests
    • apiserver_flowcontrol_current_executing_requests
    • apiserver_flowcontrol_current_executing_seats
    • apiserver_flowcontrol_request_wait_duration_seconds
    • apiserver_flowcontrol_nominal_limit_seats
    • apiserver_flowcontrol_request_concurrency_in_use
    • apiserver_flowcontrol_priority_level_request_utilization
    • apiserver_flowcontrol_priority_level_seat_utilization by @dimakow [#13000]
  • [OPERATOR] Add support for gzip compression to metrics endpoint of istio ingress gateway. by @ScheererJ [#13137]
  • [DEPENDENCY] The following dependencies have been updated:
    • gardener/dependency-watchdog from v1.5.0 to v1.6.0. Release Notes
    • github.com/gardener/dependency-watchdog from v1.5.0 to v1.6.0. by @ashwani2k [#13127]
  • [OPERATOR] gardener-node-agent-init now outputs logs to journal and console (/dev/console). by @RAPSNX [#12822]
  • [DEPENDENCY] The following dependencies have been updated:
    • gcr.io/istio-release/pilot from 1.27.1 to 1.27.2.
    • gcr.io/istio-release/proxyv2 from 1.27.1 to 1.27.2. by @gardener-ci-robot [#13151]
  • [DEPENDENCY] The following dependencies have been updated:
  • [OPERATOR] The following dependencies have been updated:
  • [DEPENDENCY] The following dependencies have been updated:
    • registry.k8s.io/autoscaling/vpa-admission-controller from 1.4.2 to 1.5.1.
    • registry.k8s.io/autoscaling/vpa-recommender from 1.4.2 to 1.5.1.
    • registry.k8s.io/autoscaling/vpa-updater from 1.4.2 to 1.5.1. by @gardener-ci-robot [#13095]
  • [DEPENDENCY] The following dependencies have been updated:
    • gcr.io/istio-release/pilot from 1.27.0 to 1.27.1.
    • gcr.io/istio-release/proxyv2 from 1.27.0 to 1.27.1. by @axel7born [#13004]
  • [OPERATOR] New panels added in VPA Recommendations Plutono dashboard to track number of pods with deviations from their CPU recommendation. by @RadaBDimitrova [#12898]
  • [OPERATOR] VerticalPodAutoscaler resources, deployed by Gardener, are now instrumented to switch from the deprecated update mode Auto to its only fallback strategy - update mode Recreate. by @vitanovs [#13046]
  • [DEPENDENCY] The following dependencies have been updated:
    • open-telemetry/opentelemetry-operator from v0.129.1 to v0.136.0. Release Notes by @rrhubenov [#13106]
  • [DEPENDENCY] The following dependencies have been updated:
    • quay.io/kiwigrid/k8s-sidecar from 1.30.10 to 1.30.11. by @gardener-ci-robot [#13149]
  • [OPERATOR] Logging stack configuration is now tuned for high-throughput scenarios. It brings changes in local file system resource utilization, addressing potential node disk pressure occurrences. by @nickytd [#13116]
  • [OPERATOR] Add IOPS metrics to etcd dashboard by @voelzmo [#13146]

Helm Charts​

  • controlplane: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.130.0
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.130.0
  • operator: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.130.0
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.130.0

Container (OCI) Images​

  • admission-controller: europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.130.0
  • apiserver: europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.130.0
  • controller-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.130.0
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.130.0
  • node-agent: europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.130.0
  • operator: europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.130.0
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.130.0
  • scheduler: europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.130.0
Update gardener-controlplane to 1.130.0

[github.com/gardener/gardener:v1.130.0]

⚠️ Breaking Changes​

  • [OPERATOR] The following Shoot fields are now validated:
    • .spec.kubernetes.verticalPodAutoscaler.evictionRateBurst must be non-negative.
    • .spec.kubernetes.verticalPodAutoscaler.evictionTolerance is limited in [0, 1) interval.
    • .spec.kubernetes.verticalPodAutoscaler.recommendationMarginFraction is limited in [0, 1) interval.
    • .spec.kubernetes.kubeScheduler.kubeMaxPDVols must be a positive number.
    • .spec.tolerations[] key and value are validated similar to Kubernetes Tolerations.
    • .spec.schedulerName must comply with RFC 1123 Label Names.
    • .spec.extensions[].type must comply with RFC 1123 Label Names.
    • .spec.provider.type must comply with RFC 1123 Label Names. by @dimitar-kostadinov [#12844]

πŸ“° Noteworthy​

  • [DEVELOPER] The Gardener reviewer groups have been refined and can be found in the OWNERS_ALIASES file. This will serve as the foundation for finding appropriate reviewers for the respective areas in the future. by @timuthy [#13024]

✨ New Features​

  • [DEVELOPER] Shoot advertised addresses are now configurable by extension components for Shoot Ingress resources. For more details, see Shoot Advertised Addresses. by @dnaeon [#13043]
  • [OPERATOR] gardener-operator now prevents deletion of the garden namespace in the runtime cluster while operator.gardener.cloud/v1alpha1.Garden resources still exist. by @rfranzke [#13101]

πŸ› Bug Fixes​

  • [OPERATOR] The quay.io/kiwigrid/k8s-sidecar image is downgraded to v1.30.9 to prevent a regression that causes Plutono dashboards to not be loaded. by @rickardsjp [#13187]
  • [OPERATOR] A bug which deactivates topology aware routing for kube-apiservers when l7 load-balancing is not active has been fixed. by @oliver-goetz [#13185]
  • [USER] Fixes an issue where connecting to the kube-apiserver via the seed ingress URL did not work when the shoot used an exposure class. by @axel7born [#13055]
  • [USER] An upstream issue causing kube-proxy to log thousands of log entries per second is now mitigated by reducing the kube-proxy verbosity level when running an affected Kubernetes version in the range [1.33.0, 1.33.6). For more details, see http://issues.k8s.io/132678. by @ialidzhikov [#13192]
  • [DEVELOPER] In the local setup, the hosts file entry for garden.local.gardener.cloud is written again upon node reboot. by @LucaBernstein [#13132]
  • [OPERATOR] A bug has been fixed which prevented L7 load-balancing for kube-apiservers to work correctly on Seeds/Gardens where topology-aware-routing is activated. by @oliver-goetz [#13081]
  • [DEVELOPER] A default KUBECONFIG is now set when running make seed-{up|down}. by @oliver-goetz [#13071]
  • [DEVELOPER] The testmachinery tests for control plane migration were fixed so that the checks if nodes are kept after control plane migration are executed. by @plkokanov [#13057]
  • [OPERATOR] The worker-pools-operatingsystemconfig-hashes secret is now restored in the Shoot's control plane during the restore phase of control plane migration. This fixes an issue which caused node rollouts to happen during control plane migration when the NewWorkerPoolHash feature gate is enabled. by @plkokanov [#13056]

πŸƒ Others​

  • [OPERATOR] Use aggregate Prometheus internal service for federation from the garden Prometheus when the runtime cluster is a seed by @vicwicker [#13066]
  • [DEPENDENCY] The following dependencies have been updated:
  • [DEPENDENCY] The following dependencies have been updated:
    • registry.k8s.io/node-problem-detector/node-problem-detector from v0.8.21 to v0.8.22. by @gardener-ci-robot [#13032]
  • [OPERATOR] Introduces feature gate UseUnifiedHTTPProxy for unified HTTP proxy infrastructure. by @hown3d [#13003]
  • [DEVELOPER] The custom client certificate parsing in IstioTLSTermination lua scripts was replaced with parsedSubjectPeerCertificate() envoy function. by @oliver-goetz [#13128]
  • [DEPENDENCY] The following dependencies have been updated:
    • quay.io/cortexproject/cortex from v1.19.0 to v1.19.1. by @gardener-ci-robot [#13148]
  • [OPERATOR] The following kube-apiserver metrics are now collected, which might be handy to optimize Priority and Fairness usage:
    • apiserver_flowcontrol_current_inqueue_requests
    • apiserver_flowcontrol_current_executing_requests
    • apiserver_flowcontrol_current_executing_seats
    • apiserver_flowcontrol_request_wait_duration_seconds
    • apiserver_flowcontrol_nominal_limit_seats
    • apiserver_flowcontrol_request_concurrency_in_use
    • apiserver_flowcontrol_priority_level_request_utilization
    • apiserver_flowcontrol_priority_level_seat_utilization by @dimakow [#13000]
  • [OPERATOR] Add support for gzip compression to metrics endpoint of istio ingress gateway. by @ScheererJ [#13137]
  • [DEPENDENCY] The following dependencies have been updated:
    • gardener/dependency-watchdog from v1.5.0 to v1.6.0. Release Notes
    • github.com/gardener/dependency-watchdog from v1.5.0 to v1.6.0. by @ashwani2k [#13127]
  • [OPERATOR] gardener-node-agent-init now outputs logs to journal and console (/dev/console). by @RAPSNX [#12822]
  • [DEPENDENCY] The following dependencies have been updated:
    • gcr.io/istio-release/pilot from 1.27.1 to 1.27.2.
    • gcr.io/istio-release/proxyv2 from 1.27.1 to 1.27.2. by @gardener-ci-robot [#13151]
  • [DEPENDENCY] The following dependencies have been updated:
  • [OPERATOR] The following dependencies have been updated:
  • [DEPENDENCY] The following dependencies have been updated:
    • registry.k8s.io/autoscaling/vpa-admission-controller from 1.4.2 to 1.5.1.
    • registry.k8s.io/autoscaling/vpa-recommender from 1.4.2 to 1.5.1.
    • registry.k8s.io/autoscaling/vpa-updater from 1.4.2 to 1.5.1. by @gardener-ci-robot [#13095]
  • [DEPENDENCY] The following dependencies have been updated:
    • gcr.io/istio-release/pilot from 1.27.0 to 1.27.1.
    • gcr.io/istio-release/proxyv2 from 1.27.0 to 1.27.1. by @axel7born [#13004]
  • [OPERATOR] New panels added in VPA Recommendations Plutono dashboard to track number of pods with deviations from their CPU recommendation. by @RadaBDimitrova [#12898]
  • [OPERATOR] VerticalPodAutoscaler resources, deployed by Gardener, are now instrumented to switch from the deprecated update mode Auto to its only fallback strategy - update mode Recreate. by @vitanovs [#13046]
  • [DEPENDENCY] The following dependencies have been updated:
    • open-telemetry/opentelemetry-operator from v0.129.1 to v0.136.0. Release Notes by @rrhubenov [#13106]
  • [DEPENDENCY] The following dependencies have been updated:
    • quay.io/kiwigrid/k8s-sidecar from 1.30.10 to 1.30.11. by @gardener-ci-robot [#13149]
  • [OPERATOR] Logging stack configuration is now tuned for high-throughput scenarios. It brings changes in local file system resource utilization, addressing potential node disk pressure occurrences. by @nickytd [#13116]
  • [OPERATOR] Add IOPS metrics to etcd dashboard by @voelzmo [#13146]

Helm Charts​

  • controlplane: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.130.0
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.130.0
  • operator: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.130.0
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.130.0

Container (OCI) Images​

  • admission-controller: europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.130.0
  • apiserver: europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.130.0
  • controller-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.130.0
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.130.0
  • node-agent: europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.130.0
  • operator: europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.130.0
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.130.0
  • scheduler: europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.130.0
Update gardenlet to 1.130.0

[github.com/gardener/gardener:v1.130.0]

⚠️ Breaking Changes​

  • [OPERATOR] The following Shoot fields are now validated:
    • .spec.kubernetes.verticalPodAutoscaler.evictionRateBurst must be non-negative.
    • .spec.kubernetes.verticalPodAutoscaler.evictionTolerance is limited in [0, 1) interval.
    • .spec.kubernetes.verticalPodAutoscaler.recommendationMarginFraction is limited in [0, 1) interval.
    • .spec.kubernetes.kubeScheduler.kubeMaxPDVols must be a positive number.
    • .spec.tolerations[] key and value are validated similar to Kubernetes Tolerations.
    • .spec.schedulerName must comply with RFC 1123 Label Names.
    • .spec.extensions[].type must comply with RFC 1123 Label Names.
    • .spec.provider.type must comply with RFC 1123 Label Names. by @dimitar-kostadinov [#12844]

πŸ“° Noteworthy​

  • [DEVELOPER] The Gardener reviewer groups have been refined and can be found in the OWNERS_ALIASES file. This will serve as the foundation for finding appropriate reviewers for the respective areas in the future. by @timuthy [#13024]

✨ New Features​

  • [DEVELOPER] Shoot advertised addresses are now configurable by extension components for Shoot Ingress resources. For more details, see Shoot Advertised Addresses. by @dnaeon [#13043]
  • [OPERATOR] gardener-operator now prevents deletion of the garden namespace in the runtime cluster while operator.gardener.cloud/v1alpha1.Garden resources still exist. by @rfranzke [#13101]

πŸ› Bug Fixes​

  • [OPERATOR] The quay.io/kiwigrid/k8s-sidecar image is downgraded to v1.30.9 to prevent a regression that causes Plutono dashboards to not be loaded. by @rickardsjp [#13187]
  • [OPERATOR] A bug which deactivates topology aware routing for kube-apiservers when l7 load-balancing is not active has been fixed. by @oliver-goetz [#13185]
  • [USER] Fixes an issue where connecting to the kube-apiserver via the seed ingress URL did not work when the shoot used an exposure class. by @axel7born [#13055]
  • [USER] An upstream issue causing kube-proxy to log thousands of log entries per second is now mitigated by reducing the kube-proxy verbosity level when running an affected Kubernetes version in the range [1.33.0, 1.33.6). For more details, see http://issues.k8s.io/132678. by @ialidzhikov [#13192]
  • [DEVELOPER] In the local setup, the hosts file entry for garden.local.gardener.cloud is written again upon node reboot. by @LucaBernstein [#13132]
  • [OPERATOR] A bug has been fixed which prevented L7 load-balancing for kube-apiservers to work correctly on Seeds/Gardens where topology-aware-routing is activated. by @oliver-goetz [#13081]
  • [DEVELOPER] A default KUBECONFIG is now set when running make seed-{up|down}. by @oliver-goetz [#13071]
  • [DEVELOPER] The testmachinery tests for control plane migration were fixed so that the checks if nodes are kept after control plane migration are executed. by @plkokanov [#13057]
  • [OPERATOR] The worker-pools-operatingsystemconfig-hashes secret is now restored in the Shoot's control plane during the restore phase of control plane migration. This fixes an issue which caused node rollouts to happen during control plane migration when the NewWorkerPoolHash feature gate is enabled. by @plkokanov [#13056]

πŸƒ Others​

  • [OPERATOR] Use aggregate Prometheus internal service for federation from the garden Prometheus when the runtime cluster is a seed by @vicwicker [#13066]
  • [DEPENDENCY] The following dependencies have been updated:
  • [DEPENDENCY] The following dependencies have been updated:
    • registry.k8s.io/node-problem-detector/node-problem-detector from v0.8.21 to v0.8.22. by @gardener-ci-robot [#13032]
  • [OPERATOR] Introduces feature gate UseUnifiedHTTPProxy for unified HTTP proxy infrastructure. by @hown3d [#13003]
  • [DEVELOPER] The custom client certificate parsing in IstioTLSTermination lua scripts was replaced with parsedSubjectPeerCertificate() envoy function. by @oliver-goetz [#13128]
  • [DEPENDENCY] The following dependencies have been updated:
    • quay.io/cortexproject/cortex from v1.19.0 to v1.19.1. by @gardener-ci-robot [#13148]
  • [OPERATOR] The following kube-apiserver metrics are now collected, which might be handy to optimize Priority and Fairness usage:
    • apiserver_flowcontrol_current_inqueue_requests
    • apiserver_flowcontrol_current_executing_requests
    • apiserver_flowcontrol_current_executing_seats
    • apiserver_flowcontrol_request_wait_duration_seconds
    • apiserver_flowcontrol_nominal_limit_seats
    • apiserver_flowcontrol_request_concurrency_in_use
    • apiserver_flowcontrol_priority_level_request_utilization
    • apiserver_flowcontrol_priority_level_seat_utilization by @dimakow [#13000]
  • [OPERATOR] Add support for gzip compression to metrics endpoint of istio ingress gateway. by @ScheererJ [#13137]
  • [DEPENDENCY] The following dependencies have been updated:
    • gardener/dependency-watchdog from v1.5.0 to v1.6.0. Release Notes
    • github.com/gardener/dependency-watchdog from v1.5.0 to v1.6.0. by @ashwani2k [#13127]
  • [OPERATOR] gardener-node-agent-init now outputs logs to journal and console (/dev/console). by @RAPSNX [#12822]
  • [DEPENDENCY] The following dependencies have been updated:
    • gcr.io/istio-release/pilot from 1.27.1 to 1.27.2.
    • gcr.io/istio-release/proxyv2 from 1.27.1 to 1.27.2. by @gardener-ci-robot [#13151]
  • [DEPENDENCY] The following dependencies have been updated:
  • [OPERATOR] The following dependencies have been updated:
  • [DEPENDENCY] The following dependencies have been updated:
    • registry.k8s.io/autoscaling/vpa-admission-controller from 1.4.2 to 1.5.1.
    • registry.k8s.io/autoscaling/vpa-recommender from 1.4.2 to 1.5.1.
    • registry.k8s.io/autoscaling/vpa-updater from 1.4.2 to 1.5.1. by @gardener-ci-robot [#13095]
  • [DEPENDENCY] The following dependencies have been updated:
    • gcr.io/istio-release/pilot from 1.27.0 to 1.27.1.
    • gcr.io/istio-release/proxyv2 from 1.27.0 to 1.27.1. by @axel7born [#13004]
  • [OPERATOR] New panels added in VPA Recommendations Plutono dashboard to track number of pods with deviations from their CPU recommendation. by @RadaBDimitrova [#12898]
  • [OPERATOR] VerticalPodAutoscaler resources, deployed by Gardener, are now instrumented to switch from the deprecated update mode Auto to its only fallback strategy - update mode Recreate. by @vitanovs [#13046]
  • [DEPENDENCY] The following dependencies have been updated:
    • open-telemetry/opentelemetry-operator from v0.129.1 to v0.136.0. Release Notes by @rrhubenov [#13106]
  • [DEPENDENCY] The following dependencies have been updated:
    • quay.io/kiwigrid/k8s-sidecar from 1.30.10 to 1.30.11. by @gardener-ci-robot [#13149]
  • [OPERATOR] Logging stack configuration is now tuned for high-throughput scenarios. It brings changes in local file system resource utilization, addressing potential node disk pressure occurrences. by @nickytd [#13116]
  • [OPERATOR] Add IOPS metrics to etcd dashboard by @voelzmo [#13146]

Helm Charts​

  • controlplane: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.130.0
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.130.0
  • operator: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.130.0
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.130.0

Container (OCI) Images​

  • admission-controller: europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.130.0
  • apiserver: europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.130.0
  • controller-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.130.0
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.130.0
  • node-agent: europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.130.0
  • operator: europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.130.0
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.130.0
  • scheduler: europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.130.0
Update provider-openstack to 1.50.0

[github.com/gardener/gardener-extension-provider-openstack:v1.50.0]

✨ New Features​

  • [OPERATOR] Admission controller now allows seed.spec.backup.credentialsRef and backupBucket.spec.credentialsRef to refer only to credentials of type v1.Secret. by @vpnachev [#1150]
  • [DEVELOPER] Add GH Workflow to auto-update images in imagevector/images.yaml and create a corresponding PR. by @wpross [#1174]

πŸƒ Others​

  • [OPERATOR] Configure QPS + burst for CSI components by @hendrikKahl [#1178]
  • [OPERATOR] Updated gardener to v1.128.3 by @hebelsan [#1167]
  • [DEPENDENCY] The following container images have been updated:
    • cloud-controller-manager: v1.31.3 -> v1.31.4 (patch)
    • cloud-controller-manager: v1.32.0 -> v1.32.1 (patch)
    • cloud-controller-manager: v1.33.0 -> v1.33.1 (patch)
    • csi-driver-cinder: v1.31.3 -> v1.31.4 (patch)
    • csi-driver-cinder: v1.32.0 -> v1.32.1 (patch)
    • csi-driver-cinder: v1.33.0 -> v1.33.1 (patch)
    • csi-driver-manila: v1.31.3 -> v1.31.4 (patch)
    • csi-driver-manila: v1.32.0 -> v1.32.1 (patch)
    • csi-driver-manila: v1.33.0 -> v1.33.1 (patch)
    • csi-driver-nfs: v4.11.0 -> v4.12.0 (singleton)
    • csi-provisioner: v5.2.0 -> v5.3.0 (singleton)
    • csi-attacher: v4.8.1 -> v4.10.0 (singleton)
    • csi-snapshotter: v8.2.1 -> v8.3.0 (singleton)
    • csi-snapshot-controller: v8.2.1 -> v8.3.0 (singleton)
    • csi-resizer: v1.13.2 -> v1.14.0 (singleton)
    • csi-node-driver-registrar: v2.13.0 -> v2.15.0 (singleton)
    • csi-liveness-probe: v2.15.0 -> v2.17.0 (singleton) by @gardener-github-actions[bot] [#1177]
  • [OPERATOR] Migrate the extension VPAs from the deprecated update mode Auto to its only fallback strategy - update mode Recreate. by @vitanovs [#1169]
  • [OPERATOR] Updated gophercloud/v2 to v2.8.0 by @hebelsan [#1167]

Helm Charts​

  • admission-openstack-application: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-openstack-application:v1.50.0
  • admission-openstack-runtime: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-openstack-runtime:v1.50.0
  • provider-openstack: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/provider-openstack:v1.50.0

Container (OCI) Images​

  • gardener-extension-admission-openstack: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/admission-openstack:v1.50.0
  • gardener-extension-provider-openstack: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/provider-openstack:v1.50.0
Update cloudprofiles to 0.8.0
Update provider-aws to 1.65.0

[github.com/gardener/gardener-extension-provider-aws:v1.65.0]

✨ New Features​

  • [DEVELOPER] Add GH Workflow to auto-update images in imagevector/images.yaml and create a corresponding PR. by @wpross [#1504]
  • [OPERATOR] Support migration of shoots with duplicated zone entries from terraform to flow by @hebelsan [#1496]

πŸ› Bug Fixes​

  • [OPERATOR] Fix nil pointer dereference in getSubnetKey by @hebelsan [#1516]
  • [OPERATOR] Set EFS daemonset hostnetwork field true by @hebelsan [#1530]
  • [OPERATOR] Wait until NATGateway is available after update by @hebelsan [#1512]

πŸƒ Others​

  • [OPERATOR] Remove cleanup for SeedLegacyCSISnapshotValidation by @hebelsan [#1506]
  • [OPERATOR] Remove code duplication for infra status creation by @hebelsan [#1505]
  • [OPERATOR] Update aws-ipam-controller to v0.7.0. by @DockToFuture [#1485]
  • [OPERATOR] Updated aws sdk, gardener-external-dns-management, ginkgo, golang/time and golang/tools library by @hebelsan [#1511]
  • [OPERATOR] Reduce AWS api calls for IPv6 or DualStack cluster by @hebelsan [#1503]
  • [OPERATOR] Deny dual-stack migration if overlay is not explicitly disabled. by @DockToFuture [#1489]
  • [OPERATOR] Update AWS CCM images by @hebelsan [#1487]
  • [OPERATOR] Migrate the extension VPAs from the deprecated update mode Auto to its only fallback strategy - update mode Recreate. by @vitanovs [#1498]
  • [OPERATOR] Update EFS CSI driver image to v2.1.12 by @hebelsan [#1486]
  • [OPERATOR] The following fields in the CloudProfile have been renamed: spec.ProviderConfig.MachineImages[].Versions[].capabilitySets -> spec.ProviderConfig.MachineImages[].Versions[].capabilityFlavors
    Please update your CloudProfiles accordingly if you are using capabilities (currently in alpha state). by @Roncossek [#1480]
  • [DEPENDENCY] The following container images have been updated:
    • aws-load-balancer-controller: v2.13.3 -> v2.13.4 (singleton)
    • csi-driver: v1.47.0 -> v1.50.1 (singleton)
    • csi-driver-efs: v2.1.12 -> v2.1.13 (singleton)
    • csi-volume-modifier: v0.5.1 -> v0.7.0 (singleton)
    • csi-attacher: v4.9.0 -> v4.10.0 (singleton)
    • csi-node-driver-registrar: v2.14.0 -> v2.15.0 (singleton)
    • csi-liveness-probe: v2.16.0 -> v2.17.0 (singleton) by @gardener-github-actions[bot] [#1509]
  • [OPERATOR] Update aws-custom-route-controller from version v0.12.0 to v0.13.0. by @MartinWeindel [#1502]
  • [OPERATOR] Increase client-side QPS/burst for CSI-* components by @hendrikKahl [#1514]

Helm Charts​

  • admission-aws-application: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-aws-application:v1.65.0
  • admission-aws-runtime: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-aws-runtime:v1.65.0
  • provider-aws: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/provider-aws:v1.65.0

Container (OCI) Images​

  • gardener-extension-admission-aws: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/admission-aws:v1.65.0
  • gardener-extension-provider-aws: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/provider-aws:v1.65.0
Update provider-openstack to 1.50.1

[github.com/gardener/gardener-extension-provider-openstack:v1.50.1]

πŸƒ Others​

  • [OPERATOR] Fix an issue preventing OpenStack installations without manila endpoints. Flow reconciler will now do lazy instantiation of the manila client. by @kon-angelo [#1190]

Helm Charts​

  • admission-openstack-application: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-openstack-application:v1.50.1
  • admission-openstack-runtime: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-openstack-runtime:v1.50.1
  • provider-openstack: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/provider-openstack:v1.50.1

Container (OCI) Images​

  • gardener-extension-admission-openstack: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/admission-openstack:v1.50.1
  • gardener-extension-provider-openstack: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/provider-openstack:v1.50.1
Update dashboard to 1.82.5

[github.com/gardener/dashboard:1.82.5]

πŸ› Bug Fixes​

  • [USER] Fixed incorrect property access when checking whether SSH access is enabled, which caused the SSH key pair option to not be displayed by @gardener-github-actions[bot] [#2682]

Container (OCI) Images​

  • gardener-dashboard: europe-docker.pkg.dev/gardener-project/releases/gardener/dashboard:1.82.5
Update dashboard to 1.82.5

[github.com/gardener/dashboard:1.82.5]

πŸ› Bug Fixes​

  • [USER] Fixed incorrect property access when checking whether SSH access is enabled, which caused the SSH key pair option to not be displayed by @gardener-github-actions[bot] [#2682]

Container (OCI) Images​

  • gardener-dashboard: europe-docker.pkg.dev/gardener-project/releases/gardener/dashboard:1.82.5
Update provider-aws to 1.65.1

[github.com/gardener/gardener-extension-provider-aws:v1.65.1]

πŸ› Bug Fixes​

  • [OPERATOR] Fix an issue with gateway endpoint validation not accepting valid DNS subdomains. by @hebelsan [#1537]

Helm Charts​

  • admission-aws-application: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-aws-application:v1.65.1
  • admission-aws-runtime: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-aws-runtime:v1.65.1
  • provider-aws: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/provider-aws:v1.65.1

Container (OCI) Images​

  • gardener-extension-admission-aws: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/admission-aws:v1.65.1
  • gardener-extension-provider-aws: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/provider-aws:v1.65.1
Update provider-gcp to 1.46.1

[github.com/gardener/gardener-extension-provider-gcp:v1.46.1]

✨ New Features​

  • [DEVELOPER] Add GH Workflow to auto-update images in imagevector/images.yaml and create a corresponding PR. by @wpross [#1199]
  • [OPERATOR] Admission controller now allows seed.spec.backup.credentialsRef and backupBucket.spec.credentialsRef to use credentials of either v1.Secret or security.gardener.cloud/v1alpha1.WorkloadIdentity by @vpnachev [#1163]

πŸ› Bug Fixes​

  • [OPERATOR] Bug in the backupentry controller not properly setting the Workload Identity token mount dirpath in the credentials configuration file for source BackupEntries has been fixed. by @vpnachev [#1213]

πŸƒ Others​

  • [OPERATOR] Migrate the extension VPAs from the deprecated update mode Auto to its only fallback strategy - update mode Recreate. by @vitanovs [#1193]
  • [USER] google-guest-agent is configured to not add a route for alias IPs now. This fixes dual-stack clusters with Cilium. by @axel7born [#1197]
  • [OPERATOR] Configure kube-apiserver QPS + burst for CSI components by @hendrikKahl [#1203]

Helm Charts​

  • admission-gcp-application: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-gcp-application:v1.46.1
  • admission-gcp-runtime: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-gcp-runtime:v1.46.1
  • provider-gcp: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/provider-gcp:v1.46.1

Container (OCI) Images​

  • gardener-extension-admission-gcp: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/admission-gcp:v1.46.1
  • gardener-extension-provider-gcp: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/provider-gcp:v1.46.1
Update provider-gcp to 1.46.2

[github.com/gardener/gardener-extension-provider-gcp:v1.46.2]

πŸ› Bug Fixes​

  • [OPERATOR] Bug in the backupentry controller not properly setting the Workload Identity token mount dirpath in the credentials configuration file for source BackupEntries has been fixed. by @vpnachev [#1213]

Helm Charts​

  • admission-gcp-application: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-gcp-application:v1.46.2
  • admission-gcp-runtime: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-gcp-runtime:v1.46.2
  • provider-gcp: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/provider-gcp:v1.46.2

Container (OCI) Images​

  • gardener-extension-admission-gcp: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/admission-gcp:v1.46.2
  • gardener-extension-provider-gcp: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/provider-gcp:v1.46.2
Update networking-cilium to 1.45.0

Helm Charts​

  • admission-cilium-application: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-cilium-application:v1.45.0
  • admission-cilium-runtime: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-cilium-runtime:v1.45.0
  • networking-cilium: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/networking-cilium:v1.45.0

Container (OCI) Images​

  • gardener-extension-admission-cilium: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/admission-cilium:v1.45.0
  • gardener-extension-networking-cilium: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/networking-cilium:v1.45.0
Update provider-azure to 1.55.2

[github.com/gardener/gardener-extension-provider-azure:v1.55.2]

πŸ› Bug Fixes​

  • [OPERATOR] Update mcm image to v0.17.2 by @hebelsan [#1339]

Helm Charts​

  • admission-azure-application: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-azure-application:v1.55.2
  • admission-azure-runtime: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-azure-runtime:v1.55.2
  • provider-azure: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/provider-azure:v1.55.2

Container (OCI) Images​

  • gardener-extension-admission-azure: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/admission-azure:v1.55.2
  • gardener-extension-provider-azure: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/provider-azure:v1.55.2
Update gardener-controlplane to 1.130.1

[github.com/gardener/gardener:v1.130.1]

πŸ› Bug Fixes​

  • [OPERATOR] An issue has been fixed which was preventing gardenlet from registering its Gardenlet resource when selfUpgrade was set in its Helm chart values. by @rfranzke [#13244]

πŸƒ Others​

  • [DEPENDENCY] The following dependencies have been updated:
  • [OPERATOR] Fixed an issue that caused the worker-pools-operatingsystemconfig-hashes secret to be created as immutable during the restore phase of control plane migration. by @plkokanov [#13271]

Helm Charts​

  • controlplane: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.130.1
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.130.1
  • operator: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.130.1
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.130.1

Container (OCI) Images​

  • admission-controller: europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.130.1
  • apiserver: europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.130.1
  • controller-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.130.1
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.130.1
  • node-agent: europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.130.1
  • operator: europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.130.1
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.130.1
  • scheduler: europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.130.1
Update gardener-controlplane to 1.130.1

[github.com/gardener/gardener:v1.130.1]

πŸ› Bug Fixes​

  • [OPERATOR] An issue has been fixed which was preventing gardenlet from registering its Gardenlet resource when selfUpgrade was set in its Helm chart values. by @rfranzke [#13244]

πŸƒ Others​

  • [DEPENDENCY] The following dependencies have been updated:
  • [OPERATOR] Fixed an issue that caused the worker-pools-operatingsystemconfig-hashes secret to be created as immutable during the restore phase of control plane migration. by @plkokanov [#13271]

Helm Charts​

  • controlplane: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.130.1
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.130.1
  • operator: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.130.1
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.130.1

Container (OCI) Images​

  • admission-controller: europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.130.1
  • apiserver: europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.130.1
  • controller-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.130.1
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.130.1
  • node-agent: europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.130.1
  • operator: europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.130.1
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.130.1
  • scheduler: europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.130.1
Update gardenlet to 1.130.1

[github.com/gardener/gardener:v1.130.1]

πŸ› Bug Fixes​

  • [OPERATOR] An issue has been fixed which was preventing gardenlet from registering its Gardenlet resource when selfUpgrade was set in its Helm chart values. by @rfranzke [#13244]

πŸƒ Others​

  • [DEPENDENCY] The following dependencies have been updated:
  • [OPERATOR] Fixed an issue that caused the worker-pools-operatingsystemconfig-hashes secret to be created as immutable during the restore phase of control plane migration. by @plkokanov [#13271]

Helm Charts​

  • controlplane: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.130.1
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.130.1
  • operator: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.130.1
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.130.1

Container (OCI) Images​

  • admission-controller: europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.130.1
  • apiserver: europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.130.1
  • controller-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.130.1
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.130.1
  • node-agent: europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.130.1
  • operator: europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.130.1
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.130.1
  • scheduler: europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.130.1
Update provider-aws to 1.65.2

[github.com/gardener/gardener-extension-provider-aws:v1.65.2]

πŸƒ Others​

  • [OPERATOR] Update CSI driver patch version for throughput handling bug fix by @kon-angelo [#1543]

Helm Charts​

  • admission-aws-application: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-aws-application:v1.65.2
  • admission-aws-runtime: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-aws-runtime:v1.65.2
  • provider-aws: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/provider-aws:v1.65.2

Container (OCI) Images​

  • gardener-extension-admission-aws: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/admission-aws:v1.65.2
  • gardener-extension-provider-aws: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/provider-aws:v1.65.2
Update gardener-metrics-exporter to 0.41.0

[github.com/gardener/gardener-metrics-exporter:0.41.0]

πŸƒ Others​

  • [DEVELOPER] migrate CICD-Pipeline to GitHub-Actions by @ccwienk [#130]

Container (OCI) Images​

  • metrics-exporter: europe-docker.pkg.dev/gardener-project/releases/gardener/metrics-exporter:0.41.0
Update gardener-metrics-exporter to 0.41.0

[github.com/gardener/gardener-metrics-exporter:0.41.0]

πŸƒ Others​

  • [DEVELOPER] migrate CICD-Pipeline to GitHub-Actions by @ccwienk [#130]

Container (OCI) Images​

  • metrics-exporter: europe-docker.pkg.dev/gardener-project/releases/gardener/metrics-exporter:0.41.0
Update shoot-rsyslog-relp to 0.10.2

[github.com/gardener/gardener-extension-shoot-rsyslog-relp:v0.10.2]

πŸ› Bug Fixes​

  • [USER] Fixed perm used without an arch is slower warnings in the system integrity rules by explicitly specifying the arch parameter to be b64.
    This also fixes issues when calling augenrules --load to load the configured audit rules. by @plkokanov [#336]

Helm Charts​

  • shoot-rsyslog-relp-admission-application: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/shoot-rsyslog-relp-admission-application:v0.10.2
  • shoot-rsyslog-relp-admission-runtime: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/shoot-rsyslog-relp-admission-runtime:v0.10.2
  • shoot-rsyslog-relp: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/shoot-rsyslog-relp:v0.10.2

Container (OCI) Images​

  • gardener-extension-shoot-rsyslog-relp-admission: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/shoot-rsyslog-relp-admission:v0.10.2
  • gardener-extension-shoot-rsyslog-relp: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/shoot-rsyslog-relp:v0.10.2
Update provider-hcloud to 0.6.42

[gardener-extension-provider-hcloud] v0.6.42

Update gardener-controlplane to 1.131.0

[github.com/gardener/gardener:v1.131.0]

πŸ“° Noteworthy​

  • [OPERATOR] On startup gardenlets will configure .spec.dns.defaults settings for its respective Seed. Operators should adapt their Seed manifests to explicitly configure default DNS as .spec.dns.defaults will become a mandatory configuration after release v1.131.0. by @dimityrmirchev [#12884]

✨ New Features​

  • [OPERATOR] Valitail is now replaced with an instance of OpenTelemetry Collector. by @rrhubenov [#12846]
  • [OPERATOR] Introduced spec.settings.loadBalancerServices.zonalIngress.enabled in the Seed API. When disabled, zonal istio ingress gateways are removed and the global istio ingress gateway is used instead. by @cerealsnow [#12956]
  • [OPERATOR] gardenlet now evaluates extension health conditions first when computing the conditions of a Shoot. by @rfranzke [#13231]
  • [USER] The KubeApiServerTooManyAuditlogFailures alert is now sent also to the shoot owners. by @vpnachev [#13177]
  • [OPERATOR] The Seed spec was extended to allow explicit configuration for default DNS settings. Operators can configure these by setting .spec.dns.defaults. The implicit configuration that involved selecting a DNS secrets from the Garden cluster based on labels will be eventually removed. Operators should adapt their Seed manifests to explicitly configure default DNS. by @dimityrmirchev [#12884]

πŸ› Bug Fixes​

  • [OPERATOR] An issue has been fixed which was preventing gardenlet from registering its Gardenlet resource when selfUpgrade was set in its Helm chart values. by @rfranzke [#13241]
  • [OPERATOR] A bug causing gardenlet to panic during CoreDNS migration check if the Shoot is hibernated is now fixed. by @shafeeqes [#13302]
  • [USER] The early access (before the cluster creation is completed) to a Shoot cluster via AdminKubeconfig credentials is restored now when dedicated groups gardener.cloud:system:admins and gardener.cloud:project:admins are used for authorization. by @vpnachev [#13299]

πŸƒ Others​

  • [DEPENDENCY] The following dependencies have been updated:
    • envoyproxy/envoy from distroless-v1.35.4 to v1.36.1. Release Notes by @gardener-ci-robot [#13170]
  • [DEPENDENCY] The following dependencies have been updated:
    • envoyproxy/envoy from distroless-v1.35.3 to v1.35.4. Release Notes by @gardener-ci-robot [#13159]
  • [DEPENDENCY] The following dependencies have been updated:
    • gcr.io/istio-release/pilot from 1.27.2 to 1.27.3.
    • gcr.io/istio-release/proxyv2 from 1.27.2 to 1.27.3.
    • istio.io/api from v1.27.2 to v1.27.3. by @gardener-ci-robot [#13235]
  • [DEPENDENCY] The following dependencies have been updated:
    • gardener/machine-controller-manager from v0.60.0 to v0.60.1. Release Notes
    • github.com/gardener/machine-controller-manager from v0.60.0 to v0.60.1. by @gardener-ci-robot [#13181]
  • [OPERATOR] Increase client-side rate limits for provider-specific container in machine-controller-manager to --kube-api-qps=100 and --kube-api-burst=200 by @voelzmo [#13254]
  • [DEPENDENCY] The following dependencies have been updated:
  • [DEPENDENCY] The following dependencies have been updated:
  • [OPERATOR] Report Gardener Operator Extension conditions as metrics by @hown3d [#13015]
  • [DEPENDENCY] The following dependencies have been updated:
    • gardener/coredns-config-adapter from v0.2.0 to v0.3.0. Release Notes by @DockToFuture [#13277]
  • [OPERATOR] Mutation of the Shoot metadata annotations such as shoot.gardener.cloud/tasks and maintenance.shoot.gardener.cloud/needs-retry-operation is moved from the ShootValidator to the ShootMutator admission plugin. by @ialidzhikov [#13171]
  • [DEPENDENCY] The following dependencies have been updated:
  • [OPERATOR] The local multi-node setup no longer relies on externalTrafficPolicy: Local and forcing traffic through a pod on the control plane node. by @ScheererJ [#13182]
  • [OPERATOR] Add support for scraping metrics for OpenTelemetry collector on nodes by @dnaeon [#13228]
  • [OPERATOR] Support custom server blocks in node-local-dns. by @DockToFuture [#13160]
  • [DEPENDENCY] The following dependencies have been updated:
    • quay.io/prometheus/prometheus from v3.7.1 to v3.7.2. by @gardener-ci-robot [#13253]
  • [OPERATOR] Fixed an issue that caused the worker-pools-operatingsystemconfig-hashes secret to be created as immutable during the restore phase of control plane migration. by @plkokanov [#13263]
  • [OPERATOR] A new mutating admission plugin is introduced - ShootMutator. It is enabled by default. For more details, see the ShootMutator admission plugin docs. by @ialidzhikov [#13156]
  • [DEPENDENCY] The following dependencies have been updated:
    • gardener/machine-controller-manager from v0.60.1 to v0.60.2. Release Notes
    • github.com/gardener/machine-controller-manager from v0.60.1 to v0.60.2. by @gardener-ci-robot [#13267]
  • [OPERATOR] The NodeNotHealthy and SeedNodeNotHealthy alerts are now removed. by @vicwicker [#13150]
  • [OPERATOR] ScrapeConfigs & PrometheusRules of blackbox-exporter are now deployed as managed-resource when type is shoot by @oliver-goetz [#13178]
  • [DEPENDENCY] The following dependencies have been updated:
  • [DEPENDENCY] The following dependencies have been updated:
  • [DEPENDENCY] The following dependencies have been updated:
    • envoyproxy/envoy from distroless-v1.36.1 to v1.36.2. Release Notes by @gardener-ci-robot [#13225]

Helm Charts​

  • controlplane: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.131.0
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.131.0
  • operator: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.131.0
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.131.0

Container (OCI) Images​

  • admission-controller: europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.131.0
  • apiserver: europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.131.0
  • controller-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.131.0
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.131.0
  • node-agent: europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.131.0
  • operator: europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.131.0
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.131.0
  • scheduler: europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.131.0
Update gardener-controlplane to 1.131.0

[github.com/gardener/gardener:v1.131.0]

πŸ“° Noteworthy​

  • [OPERATOR] On startup gardenlets will configure .spec.dns.defaults settings for its respective Seed. Operators should adapt their Seed manifests to explicitly configure default DNS as .spec.dns.defaults will become a mandatory configuration after release v1.131.0. by @dimityrmirchev [#12884]

✨ New Features​

  • [OPERATOR] Valitail is now replaced with an instance of OpenTelemetry Collector. by @rrhubenov [#12846]
  • [OPERATOR] Introduced spec.settings.loadBalancerServices.zonalIngress.enabled in the Seed API. When disabled, zonal istio ingress gateways are removed and the global istio ingress gateway is used instead. by @cerealsnow [#12956]
  • [OPERATOR] gardenlet now evaluates extension health conditions first when computing the conditions of a Shoot. by @rfranzke [#13231]
  • [USER] The KubeApiServerTooManyAuditlogFailures alert is now sent also to the shoot owners. by @vpnachev [#13177]
  • [OPERATOR] The Seed spec was extended to allow explicit configuration for default DNS settings. Operators can configure these by setting .spec.dns.defaults. The implicit configuration that involved selecting a DNS secrets from the Garden cluster based on labels will be eventually removed. Operators should adapt their Seed manifests to explicitly configure default DNS. by @dimityrmirchev [#12884]

πŸ› Bug Fixes​

  • [OPERATOR] An issue has been fixed which was preventing gardenlet from registering its Gardenlet resource when selfUpgrade was set in its Helm chart values. by @rfranzke [#13241]
  • [OPERATOR] A bug causing gardenlet to panic during CoreDNS migration check if the Shoot is hibernated is now fixed. by @shafeeqes [#13302]
  • [USER] The early access (before the cluster creation is completed) to a Shoot cluster via AdminKubeconfig credentials is restored now when dedicated groups gardener.cloud:system:admins and gardener.cloud:project:admins are used for authorization. by @vpnachev [#13299]

πŸƒ Others​

  • [DEPENDENCY] The following dependencies have been updated:
    • envoyproxy/envoy from distroless-v1.35.4 to v1.36.1. Release Notes by @gardener-ci-robot [#13170]
  • [DEPENDENCY] The following dependencies have been updated:
    • envoyproxy/envoy from distroless-v1.35.3 to v1.35.4. Release Notes by @gardener-ci-robot [#13159]
  • [DEPENDENCY] The following dependencies have been updated:
    • gcr.io/istio-release/pilot from 1.27.2 to 1.27.3.
    • gcr.io/istio-release/proxyv2 from 1.27.2 to 1.27.3.
    • istio.io/api from v1.27.2 to v1.27.3. by @gardener-ci-robot [#13235]
  • [DEPENDENCY] The following dependencies have been updated:
    • gardener/machine-controller-manager from v0.60.0 to v0.60.1. Release Notes
    • github.com/gardener/machine-controller-manager from v0.60.0 to v0.60.1. by @gardener-ci-robot [#13181]
  • [OPERATOR] Increase client-side rate limits for provider-specific container in machine-controller-manager to --kube-api-qps=100 and --kube-api-burst=200 by @voelzmo [#13254]
  • [DEPENDENCY] The following dependencies have been updated:
  • [DEPENDENCY] The following dependencies have been updated:
  • [OPERATOR] Report Gardener Operator Extension conditions as metrics by @hown3d [#13015]
  • [DEPENDENCY] The following dependencies have been updated:
    • gardener/coredns-config-adapter from v0.2.0 to v0.3.0. Release Notes by @DockToFuture [#13277]
  • [OPERATOR] Mutation of the Shoot metadata annotations such as shoot.gardener.cloud/tasks and maintenance.shoot.gardener.cloud/needs-retry-operation is moved from the ShootValidator to the ShootMutator admission plugin. by @ialidzhikov [#13171]
  • [DEPENDENCY] The following dependencies have been updated:
  • [OPERATOR] The local multi-node setup no longer relies on externalTrafficPolicy: Local and forcing traffic through a pod on the control plane node. by @ScheererJ [#13182]
  • [OPERATOR] Add support for scraping metrics for OpenTelemetry collector on nodes by @dnaeon [#13228]
  • [OPERATOR] Support custom server blocks in node-local-dns. by @DockToFuture [#13160]
  • [DEPENDENCY] The following dependencies have been updated:
    • quay.io/prometheus/prometheus from v3.7.1 to v3.7.2. by @gardener-ci-robot [#13253]
  • [OPERATOR] Fixed an issue that caused the worker-pools-operatingsystemconfig-hashes secret to be created as immutable during the restore phase of control plane migration. by @plkokanov [#13263]
  • [OPERATOR] A new mutating admission plugin is introduced - ShootMutator. It is enabled by default. For more details, see the ShootMutator admission plugin docs. by @ialidzhikov [#13156]
  • [DEPENDENCY] The following dependencies have been updated:
    • gardener/machine-controller-manager from v0.60.1 to v0.60.2. Release Notes
    • github.com/gardener/machine-controller-manager from v0.60.1 to v0.60.2. by @gardener-ci-robot [#13267]
  • [OPERATOR] The NodeNotHealthy and SeedNodeNotHealthy alerts are now removed. by @vicwicker [#13150]
  • [OPERATOR] ScrapeConfigs & PrometheusRules of blackbox-exporter are now deployed as managed-resource when type is shoot by @oliver-goetz [#13178]
  • [DEPENDENCY] The following dependencies have been updated:
  • [DEPENDENCY] The following dependencies have been updated:
  • [DEPENDENCY] The following dependencies have been updated:
    • envoyproxy/envoy from distroless-v1.36.1 to v1.36.2. Release Notes by @gardener-ci-robot [#13225]

Helm Charts​

  • controlplane: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.131.0
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.131.0
  • operator: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.131.0
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.131.0

Container (OCI) Images​

  • admission-controller: europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.131.0
  • apiserver: europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.131.0
  • controller-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.131.0
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.131.0
  • node-agent: europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.131.0
  • operator: europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.131.0
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.131.0
  • scheduler: europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.131.0
Update gardenlet to 1.131.0

[github.com/gardener/gardener:v1.131.0]

πŸ“° Noteworthy​

  • [OPERATOR] On startup gardenlets will configure .spec.dns.defaults settings for its respective Seed. Operators should adapt their Seed manifests to explicitly configure default DNS as .spec.dns.defaults will become a mandatory configuration after release v1.131.0. by @dimityrmirchev [#12884]

✨ New Features​

  • [OPERATOR] Valitail is now replaced with an instance of OpenTelemetry Collector. by @rrhubenov [#12846]
  • [OPERATOR] Introduced spec.settings.loadBalancerServices.zonalIngress.enabled in the Seed API. When disabled, zonal istio ingress gateways are removed and the global istio ingress gateway is used instead. by @cerealsnow [#12956]
  • [OPERATOR] gardenlet now evaluates extension health conditions first when computing the conditions of a Shoot. by @rfranzke [#13231]
  • [USER] The KubeApiServerTooManyAuditlogFailures alert is now sent also to the shoot owners. by @vpnachev [#13177]
  • [OPERATOR] The Seed spec was extended to allow explicit configuration for default DNS settings. Operators can configure these by setting .spec.dns.defaults. The implicit configuration that involved selecting a DNS secrets from the Garden cluster based on labels will be eventually removed. Operators should adapt their Seed manifests to explicitly configure default DNS. by @dimityrmirchev [#12884]

πŸ› Bug Fixes​

  • [OPERATOR] An issue has been fixed which was preventing gardenlet from registering its Gardenlet resource when selfUpgrade was set in its Helm chart values. by @rfranzke [#13241]
  • [OPERATOR] A bug causing gardenlet to panic during CoreDNS migration check if the Shoot is hibernated is now fixed. by @shafeeqes [#13302]
  • [USER] The early access (before the cluster creation is completed) to a Shoot cluster via AdminKubeconfig credentials is restored now when dedicated groups gardener.cloud:system:admins and gardener.cloud:project:admins are used for authorization. by @vpnachev [#13299]

πŸƒ Others​

  • [DEPENDENCY] The following dependencies have been updated:
    • envoyproxy/envoy from distroless-v1.35.4 to v1.36.1. Release Notes by @gardener-ci-robot [#13170]
  • [DEPENDENCY] The following dependencies have been updated:
    • envoyproxy/envoy from distroless-v1.35.3 to v1.35.4. Release Notes by @gardener-ci-robot [#13159]
  • [DEPENDENCY] The following dependencies have been updated:
    • gcr.io/istio-release/pilot from 1.27.2 to 1.27.3.
    • gcr.io/istio-release/proxyv2 from 1.27.2 to 1.27.3.
    • istio.io/api from v1.27.2 to v1.27.3. by @gardener-ci-robot [#13235]
  • [DEPENDENCY] The following dependencies have been updated:
    • gardener/machine-controller-manager from v0.60.0 to v0.60.1. Release Notes
    • github.com/gardener/machine-controller-manager from v0.60.0 to v0.60.1. by @gardener-ci-robot [#13181]
  • [OPERATOR] Increase client-side rate limits for provider-specific container in machine-controller-manager to --kube-api-qps=100 and --kube-api-burst=200 by @voelzmo [#13254]
  • [DEPENDENCY] The following dependencies have been updated:
  • [DEPENDENCY] The following dependencies have been updated:
  • [OPERATOR] Report Gardener Operator Extension conditions as metrics by @hown3d [#13015]
  • [DEPENDENCY] The following dependencies have been updated:
    • gardener/coredns-config-adapter from v0.2.0 to v0.3.0. Release Notes by @DockToFuture [#13277]
  • [OPERATOR] Mutation of the Shoot metadata annotations such as shoot.gardener.cloud/tasks and maintenance.shoot.gardener.cloud/needs-retry-operation is moved from the ShootValidator to the ShootMutator admission plugin. by @ialidzhikov [#13171]
  • [DEPENDENCY] The following dependencies have been updated:
  • [OPERATOR] The local multi-node setup no longer relies on externalTrafficPolicy: Local and forcing traffic through a pod on the control plane node. by @ScheererJ [#13182]
  • [OPERATOR] Add support for scraping metrics for OpenTelemetry collector on nodes by @dnaeon [#13228]
  • [OPERATOR] Support custom server blocks in node-local-dns. by @DockToFuture [#13160]
  • [DEPENDENCY] The following dependencies have been updated:
    • quay.io/prometheus/prometheus from v3.7.1 to v3.7.2. by @gardener-ci-robot [#13253]
  • [OPERATOR] Fixed an issue that caused the worker-pools-operatingsystemconfig-hashes secret to be created as immutable during the restore phase of control plane migration. by @plkokanov [#13263]
  • [OPERATOR] A new mutating admission plugin is introduced - ShootMutator. It is enabled by default. For more details, see the ShootMutator admission plugin docs. by @ialidzhikov [#13156]
  • [DEPENDENCY] The following dependencies have been updated:
    • gardener/machine-controller-manager from v0.60.1 to v0.60.2. Release Notes
    • github.com/gardener/machine-controller-manager from v0.60.1 to v0.60.2. by @gardener-ci-robot [#13267]
  • [OPERATOR] The NodeNotHealthy and SeedNodeNotHealthy alerts are now removed. by @vicwicker [#13150]
  • [OPERATOR] ScrapeConfigs & PrometheusRules of blackbox-exporter are now deployed as managed-resource when type is shoot by @oliver-goetz [#13178]
  • [DEPENDENCY] The following dependencies have been updated:
  • [DEPENDENCY] The following dependencies have been updated:
  • [DEPENDENCY] The following dependencies have been updated:
    • envoyproxy/envoy from distroless-v1.36.1 to v1.36.2. Release Notes by @gardener-ci-robot [#13225]

Helm Charts​

  • controlplane: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.131.0
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.131.0
  • operator: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.131.0
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.131.0

Container (OCI) Images​

  • admission-controller: europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.131.0
  • apiserver: europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.131.0
  • controller-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.131.0
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.131.0
  • node-agent: europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.131.0
  • operator: europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.131.0
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.131.0
  • scheduler: europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.131.0
Update provider-aws to 1.65.3

[github.com/gardener/gardener-extension-provider-aws:v1.65.3]

πŸ› Bug Fixes​

  • [OPERATOR] Revert to v1.47.1 due to a regression in the calculation of allocatable volumes by @hebelsan [#1549]

Helm Charts​

  • admission-aws-application: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-aws-application:v1.65.3
  • admission-aws-runtime: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-aws-runtime:v1.65.3
  • provider-aws: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/provider-aws:v1.65.3

Container (OCI) Images​

  • gardener-extension-admission-aws: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/admission-aws:v1.65.3
  • gardener-extension-provider-aws: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/provider-aws:v1.65.3
Update provider-alicloud to 1.66.0

[github.com/gardener/gardener-extension-provider-alicloud:v1.66.0]

✨ New Features​

  • [OPERATOR] Admission controller now allows seed.spec.backup.credentialsRef and backupBucket.spec.credentialsRef to refer only to credentials of type v1.Secret. by @vpnachev [#837]

πŸƒ Others​

  • [OPERATOR] Configure kube-apiserver QPS + burst for CSI components by @hendrikKahl [#843]
  • [OPERATOR] Include error protection when deleting a vSwitch during reconciliation. To prevent this error, you can annotate the infrastructure with alicloud.provider.extensions.gardener.cloud/flow-reconcile-can-delete-resource=true by @kevin-lacoo [#845]
  • [OPERATOR] Migrate the extension VPAs from the deprecated update mode Auto to its only fallback strategy - update mode Recreate. by @vitanovs [#841]

Helm Charts​

  • admission-alicloud-application: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-alicloud-application:v1.66.0
  • admission-alicloud-runtime: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-alicloud-runtime:v1.66.0
  • provider-alicloud: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/provider-alicloud:v1.66.0

Container (OCI) Images​

  • gardener-extension-admission-alicloud: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/admission-alicloud:v1.66.0
  • gardener-extension-provider-alicloud: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/provider-alicloud:v1.66.0
Update cert-management to 0.19.0

[github.com/gardener/cert-management:v0.19.0]

πŸƒ Others​

  • [USER] Allow to request intermediate CA certificates for CA issuers by @MartinWeindel [#601]
  • [USER] Support annotation gardener.cloud/operation=reconcile for Certificate and Issuer resources.
    If it is set for a Certificate with back-off status, it is cleared to enable immediate reconciliation. by @MartinWeindel [#600]

Helm Charts​

  • cert-controller-manager: europe-docker.pkg.dev/gardener-project/releases/charts/cert-controller-manager:v0.19.0

Container (OCI) Images​

  • cert-management: europe-docker.pkg.dev/gardener-project/releases/cert-controller-manager:v0.19.0
Update provider-azure to 1.56.0

[github.com/gardener/gardener-extension-provider-azure:v1.56.0]

⚠️ Breaking Changes​

  • [OPERATOR] Remove support for availability-sets. Operators should make sure that all availability-set-based shoots have migrated to VMSS. by @kon-angelo [#1325]

✨ New Features​

  • [DEVELOPER] Add GH Workflow to auto-update images in imagevector/images.yaml and create a corresponding PR. by @wpross [#1287]
  • [OPERATOR] Add field for passing os disk caching type by @hebelsan [#1259]
  • [OPERATOR] Admission controller now allows seed.spec.backup.credentialsRef and backupBucket.spec.credentialsRef to use credentials of either v1.Secret or security.gardener.cloud/v1alpha1.WorkloadIdentity by @vpnachev [#1277]

πŸ› Bug Fixes​

  • [OPERATOR] All NamespacedCloudProfile MachineImageVersions are all merged into its status, instead of only writing the last one by @Roncossek [#1336]

πŸƒ Others​

  • [DEPENDENCY] The following container images have been updated:
    • cloud-controller-manager: v1.30.13 -> v1.30.15 (patch)
    • cloud-controller-manager: v1.31.7 -> v1.31.9 (patch)
    • cloud-controller-manager: v1.32.6 -> v1.32.8 (patch)
    • cloud-controller-manager: v1.33.1 -> v1.33.3 (patch)
    • cloud-node-manager: v1.30.13 -> v1.30.15 (patch)
    • cloud-node-manager: v1.31.7 -> v1.31.9 (patch)
    • cloud-node-manager: v1.32.6 -> v1.32.8 (patch)
    • cloud-node-manager: v1.33.1 -> v1.33.3 (patch)
    • csi-driver-disk: v1.32.4 -> v1.33.3 (singleton)
    • csi-driver-file: v1.32.1 -> v1.33.3 (singleton)
    • csi-provisioner: v5.2.0 -> v5.3.0 (singleton)
    • csi-attacher: v4.8.1 -> v4.10.0 (singleton)
    • csi-snapshotter: v8.2.1 -> v8.3.0 (singleton)
    • csi-snapshot-controller: v8.2.1 -> v8.3.0 (singleton)
    • csi-resizer: v1.13.2 -> v1.14.0 (singleton)
    • csi-node-driver-registrar: v2.13.0 -> v2.15.0 (singleton)
    • csi-liveness-probe: v2.15.0 -> v2.17.0 (singleton) by @gardener-github-actions[bot] [#1312]
  • [OPERATOR] Configure kube-apiserver QPS + burst for CSI components by @hendrikKahl [#1319]
  • [OPERATOR] Remove ForceNatGateway feature gate after the updated announcement by Microsoft by @kon-angelo [#1299]
  • [OPERATOR] Update gardener/gardener to v1.130.0 and other go mod dependencies by @hebelsan [#1334]
  • [OPERATOR] Migrate the extension VPAs from the deprecated update mode Auto to its only fallback strategy - update mode Recreate. by @vitanovs [#1307]
  • [OPERATOR] Update mcm image to v0.17.1 by @hebelsan [#1322]

Helm Charts​

  • admission-azure-application: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-azure-application:v1.56.0
  • admission-azure-runtime: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-azure-runtime:v1.56.0
  • provider-azure: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/provider-azure:v1.56.0

Container (OCI) Images​

  • gardener-extension-admission-azure: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/admission-azure:v1.56.0
  • gardener-extension-provider-azure: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/provider-azure:v1.56.0
Update provider-gcp to 1.47.0

[github.com/gardener/gardener-extension-provider-gcp:v1.47.0]

✨ New Features​

  • [USER] Set enable-data-cache on the CSI-driver if shoot annotation gcp.provider.extensions.gardener.cloud/enable-csi-data-cache is set by @hebelsan [#1059]
  • [DEVELOPER] Add GH Workflow to auto-update images in imagevector/images.yaml and create a corresponding PR. by @wpross [#1199]
  • [OPERATOR] Admission controller now allows seed.spec.backup.credentialsRef and backupBucket.spec.credentialsRef to use credentials of either v1.Secret or security.gardener.cloud/v1alpha1.WorkloadIdentity by @vpnachev [#1163]

πŸ› Bug Fixes​

  • [OPERATOR] Bug in the backupentry controller not properly setting the Workload Identity token mount dirpath in the credentials configuration file for source BackupEntries has been fixed. by @vpnachev [#1209]
  • [OPERATOR] All NamespacedCloudProfile MachineImageVersions are all merged into its status, instead of only writing the last one by @Roncossek [#1212]

πŸƒ Others​

  • [OPERATOR] Deny dual-stack migration if overlay is not explicitly disabled. by @DockToFuture [#1185]
  • [USER] google-guest-agent is configured to not add a route for alias IPs now. This fixes dual-stack clusters with Cilium. by @axel7born [#1197]
  • [OPERATOR] Remove cleanup function FirewallRuleAllowExternalName by @hebelsan [#1218]
  • [OPERATOR] Migration from dual-stack IPv6, IPv4 is now supported. by @axel7born [#1171]
  • [OPERATOR] Update gardener/gardener to v1.130.0 and other dependencies by @hebelsan [#1214]
  • [OPERATOR] Migrate the extension VPAs from the deprecated update mode Auto to its only fallback strategy - update mode Recreate. by @vitanovs [#1193]
  • [OPERATOR] Configure kube-apiserver QPS + burst for CSI components by @hendrikKahl [#1203]
  • [DEPENDENCY] The following container images have been updated:
    • cloud-controller-manager: v32.2.4 -> v32.2.5 (patch)
    • machine-controller-manager-provider-gcp: v0.25.0 -> v0.26.0 (singleton)
    • csi-driver: v1.17.12 -> v1.17.14 (singleton)
    • csi-provisioner: v5.2.0 -> v5.3.0 (singleton)
    • csi-attacher: v4.8.1 -> v4.10.0 (singleton)
    • csi-resizer: v1.13.2 -> v1.14.0 (singleton)
    • csi-snapshotter: v8.2.1 -> v8.3.0 (singleton)
    • csi-snapshot-controller: v8.2.1 -> v8.3.0 (singleton)
    • csi-node-driver-registrar: v2.13.0 -> v2.15.0 (singleton)
    • csi-liveness-probe: v2.15.0 -> v2.17.0 (singleton) by @gardener-github-actions[bot] [#1211]

Helm Charts​

  • admission-gcp-application: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-gcp-application:v1.47.0
  • admission-gcp-runtime: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/admission-gcp-runtime:v1.47.0
  • provider-gcp: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/provider-gcp:v1.47.0

Container (OCI) Images​

  • gardener-extension-admission-gcp: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/admission-gcp:v1.47.0
  • gardener-extension-provider-gcp: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/provider-gcp:v1.47.0
Update shoot-cert-service to 1.55.0

Helm Charts​

  • shoot-cert-service: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/shoot-cert-service:v1.55.0

Container (OCI) Images​

  • gardener-extension-shoot-cert-service: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/shoot-cert-service:v1.55.0
Update external-dns-management to 0.30.0

Helm Charts​

  • dns-controller-manager: europe-docker.pkg.dev/gardener-project/releases/charts/dns-controller-manager:v0.30.0

Container (OCI) Images​

  • dns-controller-manager: europe-docker.pkg.dev/gardener-project/releases/dns-controller-manager:v0.30.0
Update shoot-dns-service to 1.71.0

[github.com/gardener/gardener-extension-shoot-dns-service:v1.71.0]

πŸ› Bug Fixes​

  • [OPERATOR] Fix handling custom resources in the shoot cluster on shoot deletion to avoid dead lock. by @MartinWeindel [#580]

πŸƒ Others​

  • [OPERATOR] Migrate the extension VPAs from the deprecated update mode Auto to its only fallback strategy - update mode Recreate. by @vitanovs [#570]
  • [OPERATOR] Add default resources for admission deployment. by @MartinWeindel [#556]

[github.com/gardener/external-dns-management:v0.29.0]

⚠️ Breaking Changes​

  • [USER] The infoblox-dns provider is deprecated and will be removed end of 2025. by @MartinWeindel [#645]
  • [OPERATOR] The infoblox-dns provider is deprecated and will be removed end of 2025. by @MartinWeindel [#645]

✨ New Features​

  • [OPERATOR] Support command line option --kubeconfig.crds-shoot-no-cleanup-label to allow to set the label shoot.gardener.cloud/no-cleanup=true for deployed CRDs. by @MartinWeindel [#674]

πŸ› Bug Fixes​

  • [OPERATOR] [netlify-dns] Allow underscore character on validating the API token for netlify. by @MartinWeindel [#644]

πŸƒ Others​

  • [OPERATOR] Migrate the workload VPA from the deprecated update mode Auto to its only fallback strategy - update mode Recreate. by @vitanovs [#671]
  • [OPERATOR] Update cloudflare-dns to use the Version 6 of github.com/cloudflare/cloudflare-go/v6. by @MartinWeindel [#640]
  • [OPERATOR] Aligned zone metrics handling in Azure DNS and Azure Private DNS providers with all other DNS providers. by @marc1404 [#667]
  • [OPERATOR] Simplify build workflow, drop redundant check step. by @MartinWeindel [#658]

Helm Charts​

  • shoot-dns-service-admission-application: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/shoot-dns-service-admission-application:v1.71.0
  • shoot-dns-service-admission-runtime: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/shoot-dns-service-admission-runtime:v1.71.0
  • shoot-dns-service: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/extensions/shoot-dns-service:v1.71.0

Container (OCI) Images​

  • gardener-extension-admission-shoot-dns-service: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/admission-shoot-dns-service:v1.71.0
  • gardener-extension-shoot-dns-service: europe-docker.pkg.dev/gardener-project/releases/gardener/extensions/shoot-dns-service:v1.71.0
Update gardener-controlplane to 1.131.1

[github.com/gardener/gardener:v1.131.1]

πŸ› Bug Fixes​

  • [USER] The feature for supporting custom server blocks in node-local-dns is now reverted. by @Kostov6 [#13354]
  • [USER] An issue with the configuration for the OpenTelemetryCollector on the nodes that leads to missing kernel logs in Vali is now fixed. by @rrhubenov [#13330]

Helm Charts​

  • controlplane: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.131.1
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.131.1
  • operator: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.131.1
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.131.1

Container (OCI) Images​

  • admission-controller: europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.131.1
  • apiserver: europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.131.1
  • controller-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.131.1
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.131.1
  • node-agent: europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.131.1
  • operator: europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.131.1
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.131.1
  • scheduler: europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.131.1
Update gardener-controlplane to 1.131.1

[github.com/gardener/gardener:v1.131.1]

πŸ› Bug Fixes​

  • [USER] The feature for supporting custom server blocks in node-local-dns is now reverted. by @Kostov6 [#13354]
  • [USER] An issue with the configuration for the OpenTelemetryCollector on the nodes that leads to missing kernel logs in Vali is now fixed. by @rrhubenov [#13330]

Helm Charts​

  • controlplane: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.131.1
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.131.1
  • operator: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.131.1
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.131.1

Container (OCI) Images​

  • admission-controller: europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.131.1
  • apiserver: europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.131.1
  • controller-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.131.1
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.131.1
  • node-agent: europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.131.1
  • operator: europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.131.1
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.131.1
  • scheduler: europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.131.1
Update gardenlet to 1.131.1

[github.com/gardener/gardener:v1.131.1]

πŸ› Bug Fixes​

  • [USER] The feature for supporting custom server blocks in node-local-dns is now reverted. by @Kostov6 [#13354]
  • [USER] An issue with the configuration for the OpenTelemetryCollector on the nodes that leads to missing kernel logs in Vali is now fixed. by @rrhubenov [#13330]

Helm Charts​

  • controlplane: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/controlplane:v1.131.1
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/gardenlet:v1.131.1
  • operator: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/operator:v1.131.1
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/charts/gardener/resource-manager:v1.131.1

Container (OCI) Images​

  • admission-controller: europe-docker.pkg.dev/gardener-project/releases/gardener/admission-controller:v1.131.1
  • apiserver: europe-docker.pkg.dev/gardener-project/releases/gardener/apiserver:v1.131.1
  • controller-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/controller-manager:v1.131.1
  • gardenlet: europe-docker.pkg.dev/gardener-project/releases/gardener/gardenlet:v1.131.1
  • node-agent: europe-docker.pkg.dev/gardener-project/releases/gardener/node-agent:v1.131.1
  • operator: europe-docker.pkg.dev/gardener-project/releases/gardener/operator:v1.131.1
  • resource-manager: europe-docker.pkg.dev/gardener-project/releases/gardener/resource-manager:v1.131.1
  • scheduler: europe-docker.pkg.dev/gardener-project/releases/gardener/scheduler:v1.131.1