Release Notes v1.79

23KE release notes and upgrade guide

Related upstream release notes / changelogs

Update os-gardenlinux to 0.21.0

[gardener/gardener-extension-os-gardenlinux]

⚠️ Breaking Changes

• [OPERATOR] extension-os-gardenlinux no longer supports Shoots with Кubernetes version < 1.22. by @shafeeqes [#113]

🏃 Others

• [OPERATOR] The Garden Linux OS extension now features support for vSMP MemoryOne and Garden Linux. It will now consider itself responsible for a new type OperatingSystemConfig/memoryone-gardenlinux and understands a providerConfig with which certain parameters of MemoryOne can be configured. by @MrBatschner [#116]
• [OPERATOR] The following dependency is updated:
  • github.com/gardener/gardener: v1.70.2 -> v1.72.0 by @dependabot[bot] [#105]

Update cert-management to 0.11.1

[gardener/cert-management]

🏃 Others

• [OPERATOR] Disable followCNAME by default again as it was activated implicitly by github.com/go-acme/lego version upgrade by @MartinWeindel [#140]
• [OPERATOR] Fix edge case of inconsistent certificate/secret: request certificate in this case. by @MartinWeindel [#138]

Update dashboard to 1.69.2

[gardener/dashboard]

🐛 Bug Fixes

• [USER] Errors shown as notification alerts sometimes did not contain the failure reason by @grolu [#1539]
• [USER] Fixed error handling for manage workers and hibernation dialogs. The dialogs did not show all error messages and resetted to empty broken state on errors by @grolu [#1539]

Update dashboard to 1.69.2

[gardener/dashboard]

🐛 Bug Fixes

• [USER] Errors shown as notification alerts sometimes did not contain the failure reason by @grolu [#1539]
• [USER] Fixed error handling for manage workers and hibernation dialogs. The dialogs did not show all error messages and resetted to empty broken state on errors by @grolu [#1539]

Update provider-azure to 1.38.2

[gardener/gardener-extension-provider-azure]

🐛 Bug Fixes

• [OPERATOR] Update k8s.io/client-go from v0.26.3 to v0.26.4 to resolve panic on health-checking special shoots. by @MartinWeindel [#728]

Update provider-gcp to 1.32.1

[gardener/gardener-extension-provider-gcp]

🏃 Others

• [OPERATOR] The following image is updated:
  • registry.k8s.io/cloud-provider-gcp/gcp-compute-persistent-disk-csi-driver: v1.9.7 -> v1.9.9 by @ialidzhikov [#641]

Update shoot-cert-service to 1.37.1

[gardener/cert-management]

🐛 Bug Fixes

• [OPERATOR] Fix edge case of inconsistent certificate/secret: request certificate in this case. by @MartinWeindel [gardener/cert-management@dbff065ac5686aaddd8d2eb1fb6c62c3520b0c3d]
• [USER] Disable followCNAME by default again as it was activated implicitly by github.com/go-acme/lego version upgrade by @MartinWeindel [gardener/cert-management@dbff065ac5686aaddd8d2eb1fb6c62c3520b0c3d]

Update gardener-controlplane to 1.78.2

[gardener/gardener]

🐛 Bug Fixes

• [OPERATOR] An issue has been fixed which was causing a broken ControlPlaneHealthy condition report for Shoots when the MachineControllerManagerDeployment feature gate gets enabled until their next reconciliation. by @gardener-ci-robot [#8411]
• [OPERATOR] Update Kubernetes dependencies (especially k8s.io/client-go) from v0.26.3 to v0.26.4 to resolve panic on working with special shoots. by @gardener-ci-robot [#8423]

Update gardener-controlplane to 1.78.2

[gardener/gardener]

🐛 Bug Fixes

• [OPERATOR] An issue has been fixed which was causing a broken ControlPlaneHealthy condition report for Shoots when the MachineControllerManagerDeployment feature gate gets enabled until their next reconciliation. by @gardener-ci-robot [#8411]
• [OPERATOR] Update Kubernetes dependencies (especially k8s.io/client-go) from v0.26.3 to v0.26.4 to resolve panic on working with special shoots. by @gardener-ci-robot [#8423]

Update gardenlet to 1.78.2

[gardener/gardener]

🐛 Bug Fixes

• [OPERATOR] An issue has been fixed which was causing a broken ControlPlaneHealthy condition report for Shoots when the MachineControllerManagerDeployment feature gate gets enabled until their next reconciliation. by @gardener-ci-robot [#8411]
• [OPERATOR] Update Kubernetes dependencies (especially k8s.io/client-go) from v0.26.3 to v0.26.4 to resolve panic on working with special shoots. by @gardener-ci-robot [#8423]

Update gardener-controlplane to 1.79.0

[gardener/gardener]

⚠️ Breaking Changes

• [DEVELOPER] uncachedObjects under pkg/client/kubernetes/options.go is now removed from Config struct which is used to set options for new ClientSets. Now the uncached objects can be directly set under clientOptions.Cache.DisableFor field. by @ary1992 [#8245]

📰 Noteworthy

• [OPERATOR] The DisablingScalingClassesForShoots feature gate has been promoted to beta. by @rfranzke [#8428]

✨ New Features

• [OPERATOR] Operators can now use the annotation gardener.cloud/operation=rotate-observability-credentials on the garden resource to rotate the observability credentials. by @acumino [#8393]
• [OPERATOR] Configuring multiple reserve-excess-capacity deployments on Seeds is supported now by specifying .spec.settings.excessCapacityReservation.configs. by @oliver-goetz [#8356]
• [USER] When the Kubernetes control plane version is at least v1.28, it is now possible to set the worker pool Kubernetes version to be at most three versions behind the control plane version. Earlier, only a skew of at most two versions was allowed. Find more details here. by @shafeeqes [#8402]

🐛 Bug Fixes

• [OPERATOR] A bug has been fixed which was causing the garbage collector in gardener-resource-manager to wrongfully collect Secrets related to ManagedResources when the source and the target cluster are equal. by @dimityrmirchev [#8398]
• [OPERATOR] An issue has been fixed which was causing a broken ControlPlaneHealthy condition report for Shoots when the MachineControllerManagerDeployment feature gate gets enabled until their next reconciliation. by @rfranzke [#8407]
• [OPERATOR] Update Kubernetes dependencies (especially k8s.io/client-go) from v0.26.3 to v0.26.4 to resolve panic on working with special shoots. by @MartinWeindel [#8422]

🏃 Others

• [OPERATOR] Add Prometheus alert for pending seed pods by @StenlyTU [#8406]
• [OPERATOR] The admission controllers of common provider extensions are automatically installed in the local extensions development setup by @ScheererJ [#8311]
• [OPERATOR] The WorkerlessShoots feature gate has been promoted to beta and is now turned on by default. Before deploying this Gardener version, make sure that all your registered extensions support this feature gate. by @acumino [#8417]
• [OPERATOR] The following image is updated:
  • quay.io/prometheus/alertmanager: v0.24.0 -> v0.26.0 by @istvanballok [#8408]
• [DEVELOPER] The following dependencies are updated:
  • k8s.io/* : v0.26.4 -> v0.27.5
  • sigs.k8s.io/controller-runtime: v0.14.6 -> v0.15.2 by @ary1992 [#8245]

[gardener/apiserver-proxy]

🏃 Others

• [OPERATOR] Update golang base container image to 1.21.0. by @dependabot[bot] [gardener/apiserver-proxy#43]
• [OPERATOR] Update alpine base image components to 3.18.3. by @dependabot[bot] [gardener/apiserver-proxy#42]
• [OPERATOR] Removed apiserver-proxy pod webhook as it is now included in Gardener Resource Manager. by @ScheererJ [gardener/apiserver-proxy#39]
• [OPERATOR] Update gardener/gardener to 1.77.1. by @dependabot[bot] [gardener/apiserver-proxy#44]

[gardener/vpn2]

📰 Noteworthy

• [OPERATOR] Update to golang v1.21 by @ScheererJ [gardener/vpn2#42]

Docker Images

admission-controller: eu.gcr.io/gardener-project/gardener/admission-controller:v1.79.0 apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.79.0 controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.79.0 scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.79.0 operator: eu.gcr.io/gardener-project/gardener/operator:v1.79.0 gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.79.0 resource-manager: eu.gcr.io/gardener-project/gardener/resource-manager:v1.79.0

Update gardener-controlplane to 1.79.0

[gardener/gardener]

⚠️ Breaking Changes

• [DEVELOPER] uncachedObjects under pkg/client/kubernetes/options.go is now removed from Config struct which is used to set options for new ClientSets. Now the uncached objects can be directly set under clientOptions.Cache.DisableFor field. by @ary1992 [#8245]

📰 Noteworthy

• [OPERATOR] The DisablingScalingClassesForShoots feature gate has been promoted to beta. by @rfranzke [#8428]

✨ New Features

• [OPERATOR] Operators can now use the annotation gardener.cloud/operation=rotate-observability-credentials on the garden resource to rotate the observability credentials. by @acumino [#8393]
• [OPERATOR] Configuring multiple reserve-excess-capacity deployments on Seeds is supported now by specifying .spec.settings.excessCapacityReservation.configs. by @oliver-goetz [#8356]
• [USER] When the Kubernetes control plane version is at least v1.28, it is now possible to set the worker pool Kubernetes version to be at most three versions behind the control plane version. Earlier, only a skew of at most two versions was allowed. Find more details here. by @shafeeqes [#8402]

🐛 Bug Fixes

• [OPERATOR] A bug has been fixed which was causing the garbage collector in gardener-resource-manager to wrongfully collect Secrets related to ManagedResources when the source and the target cluster are equal. by @dimityrmirchev [#8398]
• [OPERATOR] An issue has been fixed which was causing a broken ControlPlaneHealthy condition report for Shoots when the MachineControllerManagerDeployment feature gate gets enabled until their next reconciliation. by @rfranzke [#8407]
• [OPERATOR] Update Kubernetes dependencies (especially k8s.io/client-go) from v0.26.3 to v0.26.4 to resolve panic on working with special shoots. by @MartinWeindel [#8422]

🏃 Others

• [OPERATOR] Add Prometheus alert for pending seed pods by @StenlyTU [#8406]
• [OPERATOR] The admission controllers of common provider extensions are automatically installed in the local extensions development setup by @ScheererJ [#8311]
• [OPERATOR] The WorkerlessShoots feature gate has been promoted to beta and is now turned on by default. Before deploying this Gardener version, make sure that all your registered extensions support this feature gate. by @acumino [#8417]
• [OPERATOR] The following image is updated:
  • quay.io/prometheus/alertmanager: v0.24.0 -> v0.26.0 by @istvanballok [#8408]
• [DEVELOPER] The following dependencies are updated:
  • k8s.io/* : v0.26.4 -> v0.27.5
  • sigs.k8s.io/controller-runtime: v0.14.6 -> v0.15.2 by @ary1992 [#8245]

[gardener/apiserver-proxy]

🏃 Others

• [OPERATOR] Update golang base container image to 1.21.0. by @dependabot[bot] [gardener/apiserver-proxy#43]
• [OPERATOR] Update alpine base image components to 3.18.3. by @dependabot[bot] [gardener/apiserver-proxy#42]
• [OPERATOR] Removed apiserver-proxy pod webhook as it is now included in Gardener Resource Manager. by @ScheererJ [gardener/apiserver-proxy#39]
• [OPERATOR] Update gardener/gardener to 1.77.1. by @dependabot[bot] [gardener/apiserver-proxy#44]

[gardener/vpn2]

📰 Noteworthy

• [OPERATOR] Update to golang v1.21 by @ScheererJ [gardener/vpn2#42]

Docker Images

admission-controller: eu.gcr.io/gardener-project/gardener/admission-controller:v1.79.0 apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.79.0 controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.79.0 scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.79.0 operator: eu.gcr.io/gardener-project/gardener/operator:v1.79.0 gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.79.0 resource-manager: eu.gcr.io/gardener-project/gardener/resource-manager:v1.79.0

Update gardenlet to 1.79.0

[gardener/gardener]

⚠️ Breaking Changes

• [DEVELOPER] uncachedObjects under pkg/client/kubernetes/options.go is now removed from Config struct which is used to set options for new ClientSets. Now the uncached objects can be directly set under clientOptions.Cache.DisableFor field. by @ary1992 [#8245]

📰 Noteworthy

• [OPERATOR] The DisablingScalingClassesForShoots feature gate has been promoted to beta. by @rfranzke [#8428]

✨ New Features

• [OPERATOR] Operators can now use the annotation gardener.cloud/operation=rotate-observability-credentials on the garden resource to rotate the observability credentials. by @acumino [#8393]
• [OPERATOR] Configuring multiple reserve-excess-capacity deployments on Seeds is supported now by specifying .spec.settings.excessCapacityReservation.configs. by @oliver-goetz [#8356]
• [USER] When the Kubernetes control plane version is at least v1.28, it is now possible to set the worker pool Kubernetes version to be at most three versions behind the control plane version. Earlier, only a skew of at most two versions was allowed. Find more details here. by @shafeeqes [#8402]

🐛 Bug Fixes

• [OPERATOR] A bug has been fixed which was causing the garbage collector in gardener-resource-manager to wrongfully collect Secrets related to ManagedResources when the source and the target cluster are equal. by @dimityrmirchev [#8398]
• [OPERATOR] An issue has been fixed which was causing a broken ControlPlaneHealthy condition report for Shoots when the MachineControllerManagerDeployment feature gate gets enabled until their next reconciliation. by @rfranzke [#8407]
• [OPERATOR] Update Kubernetes dependencies (especially k8s.io/client-go) from v0.26.3 to v0.26.4 to resolve panic on working with special shoots. by @MartinWeindel [#8422]

🏃 Others

• [OPERATOR] Add Prometheus alert for pending seed pods by @StenlyTU [#8406]
• [OPERATOR] The admission controllers of common provider extensions are automatically installed in the local extensions development setup by @ScheererJ [#8311]
• [OPERATOR] The WorkerlessShoots feature gate has been promoted to beta and is now turned on by default. Before deploying this Gardener version, make sure that all your registered extensions support this feature gate. by @acumino [#8417]
• [OPERATOR] The following image is updated:
  • quay.io/prometheus/alertmanager: v0.24.0 -> v0.26.0 by @istvanballok [#8408]
• [DEVELOPER] The following dependencies are updated:
  • k8s.io/* : v0.26.4 -> v0.27.5
  • sigs.k8s.io/controller-runtime: v0.14.6 -> v0.15.2 by @ary1992 [#8245]

[gardener/apiserver-proxy]

🏃 Others

• [OPERATOR] Update golang base container image to 1.21.0. by @dependabot[bot] [gardener/apiserver-proxy#43]
• [OPERATOR] Update alpine base image components to 3.18.3. by @dependabot[bot] [gardener/apiserver-proxy#42]
• [OPERATOR] Removed apiserver-proxy pod webhook as it is now included in Gardener Resource Manager. by @ScheererJ [gardener/apiserver-proxy#39]
• [OPERATOR] Update gardener/gardener to 1.77.1. by @dependabot[bot] [gardener/apiserver-proxy#44]

[gardener/vpn2]

📰 Noteworthy

• [OPERATOR] Update to golang v1.21 by @ScheererJ [gardener/vpn2#42]

Docker Images

admission-controller: eu.gcr.io/gardener-project/gardener/admission-controller:v1.79.0 apiserver: eu.gcr.io/gardener-project/gardener/apiserver:v1.79.0 controller-manager: eu.gcr.io/gardener-project/gardener/controller-manager:v1.79.0 scheduler: eu.gcr.io/gardener-project/gardener/scheduler:v1.79.0 operator: eu.gcr.io/gardener-project/gardener/operator:v1.79.0 gardenlet: eu.gcr.io/gardener-project/gardener/gardenlet:v1.79.0 resource-manager: eu.gcr.io/gardener-project/gardener/resource-manager:v1.79.0