Releases: kubernetes-sigs/cluster-api-provider-aws
v0.7.3
Release notes for Cluster API Provider AWS (CAPA) v0.7.3
Changelog since v0.7.2
Changes by Kind
API Change
Bug or Regression
- Bugfix in
AWSManagedControlPlane
object conversion from v1alpha3 to v1beta1. Some fields in Status and Spec were not being considered during conversion (#3043, @jonathanbeber) - Fixes an issue with using multiple EKS addons. (#2961, @richardcase)
- Refactor TestMain functions across the project to stop using os.Exit swallowing errors (#3041, @jonathanbeber)
The images for this release are:
k8s.gcr.io/cluster-api-aws/cluster-api-aws-controller:v0.7.3
Thanks to all our contributors.
v1.2.0
Release notes for Cluster API Provider AWS (CAPA) v1.2.0
This version is compatible with Cluster API versions 1.0.x.
Changelog since v1.1.0
Changes by Kind
Feature
- [EKS] Allow configuring services cidr when creating an EKS cluster. (#2964, @richardcase)
- [EKS] Expose additional EKS node bootstrap configuration options via EKSConfig. (#2965, @richardcase)
Bug or Regression
- Revert setting ELB name field to a generated name (this was a bug that made v1.1.0 incompatible with v1.0.0) (#3004, @dlipovetsky)
- Block creating a new instance if AWSMachine already has ProviderID field set (#2957, @sedefsavas)
- Fix for setting conditions to error severity only when errors are non-transients (#3018, @sedefsavas)
- Fix recurring AWS.SimpleQueueService.NonExistentQueue error messages from CAPA logs (#2976, @Ankitasw)
- Fix for trying to update AWSMachine immutable field:
rootVolume.deviceName
(#3011, @pydctw) - [EKS] Fix AWSFargateProfile template (#2984, @matthewhembree)
- Use non root numeric user for CAPA containers (#2960, @Ankitasw)
- [EKS] Fix for EKS e2e tests caused by new environment variable (#2987, @richardcase)
- [EKS] Add missing permissions for EKS OIDC provider configuration (#2870, @codablock)
Documentation
- Update documentation to specify JSON output for AWS CLI commands (#2982, @matthewhembree)
- Update tilt development docs for v0.7.0+ and debugging (#2994, @richardcase)
Other
New Contributors
- @matthewhembree made their first contribution in #2984
Full Changelog: v1.1.0...v1.2.0
The image for this release is:
k8s.gcr.io/cluster-api-aws/cluster-api-aws-controller:v1.2.0
Thanks to all our contributors.
v1.1.0
IMPORTANT:
!!Do not use this release!! This release is not backward compatible with v1.0.0 due to a bug caused by an API change. API change is reverted in v1.2.0 release.
Changelog since 1.0.0
Changes by Kind
Feature
- Add support for bring your own control plane ELB. This is an advanced feature (#2787, @dlipovetsky)
- EKS: Add option to create EKS console IAM policy (#2790, @Madhur97)
Bug or Regression
- EKS: Fix for installing multiple EKS addons. (#2914, @richardcase)
- EKS: Add error handling while getting a remote client (#2878, @sedefsavas)
- EKS: Fix panic when adding labels to AWSManagedMachinePool (#2896, @zhengtianbao)
- EKS: Add missing permissions for EKS OIDC provider configuration (#2870, @codablock)
- EKS: Fix for
node-eks-additional
SG overrides for EKSManagedControlPlane (#2850, @codablock) - EKS: Add a check for maximum allowed resync period (#2846, @richardcase)
- Prevent the creation of a new instance if AWSMachine already has ProviderID field set (#2957, @sedefsavas)
- Fix for supporting SecureString parameter type in SSM on GovCloud (#2952, @sedefsavas)
- Use non root numeric user for CAPA containers (#2960, @Ankitasw)
- Allow control plane ELB to use different subnets from node subnets (#2877, @pydctw)
- Fix AWSClusterControllerIdentity ValidateUpdate panic when AllowedNamespaces is nil (#2885, @zhengtianbao)
Documentation
- Add documentation for building custom AMIs (#2934, @sedefsavas)
- Fix documentation on external AWS CCM and EBS CSI driver (#2837, @scottslowe)
- Add externally managed infrastructure docs (#2895, @enxebre)
Other
- Upgrade cluster-api to main branch, golang to v1.17, controller-runtime to v0.11+, go-logr to v1.2.0 (#2943, @sbueringer)
- Replace ioutil deprecated package with os/io for golang 1.16 (#2900, @shivi28)
- Add GPU e2e test (#2843, @Ankitasw)
- Enable v1alpha3/v1alpha4 to v1beta1 upgrade e2e test (#2950, @sedefsavas)
New Contributors
- @Jacobious52 made their first contribution in #2841
- @codablock made their first contribution in #2850
- @ameukam made their first contribution in #2867
- @zhengtianbao made their first contribution in #2885
- @PushkarJ made their first contribution in #2892
- @vibhorrawat made their first contribution in #2889
- @invidian made their first contribution in #2917
Full Changelog: v1.0.0...v1.1.0
The image for this release is:
k8s.gcr.io/cluster-api-aws/cluster-api-aws-controller:v1.1.0
Thanks to all our contributors.
v0.7.2
Release notes for Cluster API Provider AWS (CAPA) v0.7.2
Changelog since v0.7.1
Changes by Kind
Bug or Regression
- Correct version number in metadata.yaml (#2894, @randomvariable)
- Fix panic caused by nil map in
createLabelUpdate
(#2906, @zhengtianbao) - Fix panic in
AWSClusterControllerIdentity.ValidateUpdate
(#2887, @zhengtianbao) - Fix timeout due to delay in bringing up control plane in e2e tests (#2928, @Ankitasw)
- Fix for supporting SecureString as a parameter type in SSM on GovCloud (#2959, @sedefsavas)
- Fix to allow using multiple EKS addons (#2961, @richardcase)
Other
- Bump cluster-api version to v0.4.3 (#2904, @sedefsavas)
- Remove GINKGO_SKIP conditions from Makefile to enable the e2e tests for CAPI (#2946, @Ankitasw)
Full Changelog: v0.7.1...v0.7.2
The images for this release are:
k8s.gcr.io/cluster-api-aws/cluster-api-aws-controller:v0.7.2
Thanks to all our contributors.
v0.7.1
Release notes for Cluster API Provider AWS (CAPA) v0.7.1
Changelog since v0.7.0
Changes by Kind
API Change
- Correct the casing of the ELB load balancer scheme from
Internet-facing
tointernet-facing
, allowing the ELB to be correctly reconciled (#2861, @sedefsavas) (#2768, @dlipovetsky)
Note: This is a seemingly breaking API change, but no users will be impacted, because cluster reconcililation after initial create was failing with the Internet-facing
value. Cluster API Provider AWS v0.7.1 will update the value to the corrected version.
Feature
- EKS: Add support to create/update tags for a Fargate Profile (#2676, @abhinavnagaraj)
- EKS: Support adding additional policies to node group role for AWSManagedMachinePool (#2751, @abhinavnagaraj)
- EKS: Support spot capacity type for ManagedMachinePool (#2702, @abhinavnagaraj)
- Support adding AWS cloud provider tags to pre-existing infrastructure (#2715, @pydctw)
- Expose leader-election-resource-lock as a flag (#2822, @enxebre)
- Add readiness and health checks to webhook server (#2685, @geetikabatra)
Documentation
- Add documentation for using external cloud provider and CSI driver (#2718, @Ankitasw)(#2837, @scottslowe)
Bug or Regression
- Fix panic on RouteTables reconcile (#2705, @dilyevsky)
- Fix findSubnet function's logic when subnet ID is specified (#2728, @pydctw)
- Fix reconciliation of AWS ingress rules of same port (#2813, @pydctw)
- Move EKS-related resources from
AWSIAMManagedPolicyControllers
to a separate policy to work around AWS size limit for managed policies (#2662, @johananl) - Reinstating the check for the maximum allowed resync period when EKS is enabled. (#2846, @richardcase)
- Resolves issue with KIAM annotation not appearing on Cluster API AWS Manager pod (#2800, @voor)
- Fix to honor
AWSMachine.Spec.PublicIP
and set a public IP to the instance (#2772, @pydctw)
Other
- Add v1alpha3 to v1alpha4 upgrade test (#2770, @Ankitasw)
- Add external cloud provider end-to-end test (#2647, @Ankitasw)
- Set controller log level with CAPA_LOGLEVEL variable. Defaults to 0. (#2673, @Ankitasw)
- Clean up unused Kubernetes RBAC permissions (#2720, @sayantani11)
- Bump AWS SDK to v1.4.0.33, with support added for IMDS IPv6 endpoint (#2721, @dependabot[bot])
- Bump AWS SDK to v1.40.28: Fix SDK's suppressing of sensitive API parameters being logged. The SDK did not correctly suppress sensitive API parameters via the
String
andGoString
methods. Updates the SDK's behavior to suppress sensitive API parameters (#2703, @dependabot[bot])
The image for this release is:
k8s.gcr.io/cluster-api-aws/cluster-api-aws-controller:v0.7.1
Thanks to all our contributors.
v0.6.9
Release notes for Cluster API Provider AWS (CAPA) v0.6.9
Changelog since v0.6.8
Changes by Kind
API Change
- Correct the casing of the ELB load balancer scheme from
Internet-facing
tointernet-facing
, allowing the ELB to be correctly reconciled (#2862, @sedefsavas)
Note: This is a seemingly breaking API change, but no users will be impacted, because cluster reconcililation after initial create was failing with the Internet-facing
value. Cluster API Provider AWS v0.6.9 will update the value to the corrected version.
Bug or Regression
- Add missing RBAC permission for AWSClusterControllerIdentities for managed control plane controller (#2709, @richardcase)
- Fix for managed
SecurityGroups
filtering (#2620, @sedefsavas) - EKS: Add missing identity permission for the managed control plane (#2709, @richardcase)
The images for this release are:
k8s.gcr.io/cluster-api-aws/cluster-api-aws-controller:v0.6.9
k8s.gcr.io/cluster-api-aws/eks-controlplane-controller:v0.6.9
k8s.gcr.io/cluster-api-aws/eks-bootstrap-controller:v0.6.9
Thanks to all our contributors.
v1.0.0
Release notes for Cluster API Provider AWS (CAPA) v1.0.0
This version is compatible with Cluster API versions 1.0.x.
Changelog since v0.7.0
Urgent Upgrade Notes
(No, really, you MUST read this before you upgrade)
- v1.0.0 is based on Cluster API v1beta1 and must be used in conjunction with Cluster API v1.0.x. (#2831, @randomvariable)
- All Cluster API Provider AWS API types have been graduated to v1beta1, this includes:
AWSCluster*
,AWSMachine*
,AWSManaged*
and all experimental APIs, covering both EC2 and EKS.- clusterawsadm configuration has also graduated to v1beta1. Clusterawsadm is backwards compatible with v1alpha1 configuration files and they are semantically the same. Running
clusterawsadm bootstrap iam print-config --config <old-file>
will do an automated conversion to v1beta1.
- Cluster API Provider AWS will support upgrades directly from v1alpha3 to v1beta1 as well as v1alpha4 to v1beta1.
Changes by Kind
API Change
- IAM types have been moved (back) out of the main
/api
package into a new/iam/api
package where they are consumed by both EKS and clusterawsadm. (#2820, @randomvariable)
Feature
- EKS: Add support to create and update tags for a Fargate Profile (#2676, @abhinavnagaraj)
- EKS: Support role additional policies for AWSManagedMachinePool (#2751, @abhinavnagaraj)
- EKS: Support spot capacity type for ManagedMachinePool (#2702, @abhinavnagaraj)
- Support adding AWS cloud provider tags to pre-existing infrastructure (#2715, @pydctw)
- Add readiness and health checks to webhook server (#2685, @geetikabatra)
- Controller log level can be set using the CAPA_LOGLEVEL variable. Defaults to 0. (#2673, @Ankitasw)
Documentation
- Add documentation for using external cloud provider and CSI driver add-on (#2718, @Ankitasw)
- Updated readme with godoc shield and centered images. (#2700, @pshail)
- Add doc for using external CCM with CSI driver. (#2724, @Ankitasw)
- Fix the broken link in the tilt development guide. (#2724, @mkumatag)
- Update contributing guide. (#2756, @richardcase)
- Update docs to v1beta1. (#2830, @randomvariable)
Bug or Regression
- Add v1alpha3 to v1alpha4 upgrade test (#2770, @Ankitasw)
- Fixed a panic when there are extra routes with non-CIDR destinations (IPv6 CIDR, Prefix List) present in the managed routing table. (#2705, @dilyevsky)
- Correct the casing of the ELB load balancer scheme from
Internet-facing
tointernet-facing
, allowing the ELB to be correctly continuously reconciled (#2768, @dlipovetsky, #2832, @sedefsavas) - Fix
findSubnet
function's logic when subnet ID is specified. It will find a matching subnet regardless of a failureDomain setting. (#2728, @pydctw) - Fix reconciliation of AWS ingress rules of same port (#2813, @pydctw)
- Move EKS-related resources from
AWSIAMManagedPolicyControllers
to a separate policy to work around AWS size limit for managed policies. (#2662, @johananl) - Resolves issue with KIAM annotation not appearing on Cluster API AWS Manager pod. (#2800, @voor)
- Validation added for empty
InstanceType
inAWSMachine
andAWSMachineTemplate
. (#2740, @shivi28) - When
AWSMachine.Spec.PublicIP
is set true, an instance is launched in a public subnet with public IP. (#2772, @pydctw) - Retry fetching managed vpc attributes when vpc is 'NotFound'. (#2678, @abhinavnagaraj)
- Remove
elasticloadbalancing:AddTags
duplicate entries. (#2692, @rayandas) - Improve the netlify speed issues. (#2682, #2811, @randomvariable)
- Fix inorrect api version in metadata.yml (#2677, @randomvariable)
- Add check for invalid memory address or nil pointer dereference in getImageSnapshotSize (#2821, @enxebre)
- Error when capacity type or scaling config is missing. (#2713, @richardcase)
- Fix node affinity rules in external CCM CRDs. (#2722, #2723, @Ankitasw)
- Fix the gomega errors in tests with the controller runtime version bump. (#2745, @Ankitasw)
- Fix the timeout for conformance test due to prolonged log collection. (#2766, @Ankitasw)
- Fix timeout due to delay in bringing up control plane in e2e tests. (#2777, @Ankitasw)
- Correct typo in
AWSCluster
validation hook error. (#2776,@dlipovetsky) - Make
PublicIP
field inAWSMachine
spec work. (#2772, @pydctw) - Ensure destination pointer is non-nil before calling restore functions. (#2809, @dlipovetsky)
- Add bastion-sg to managedMachinePool remoteAccess source-sgs when bastion is enabled. (#2659, @abhinavnagaraj)
- If one type of webhook is not defined, testenv.Build hits a nil dereference. (#2810, @dlipovetsky)
Other (Cleanup or Flake)
- Clean up unused Kubernetes RBAC permissions (#2720, @sayantani11)
- Expose leader-election-resource-lock as a flag (#2822, @enxebre)
- Add external cloud provider end-to-end test (#2647, @Ankitasw)
- Update to CAPA reviwers and maintainers. (#2716, @vincepri, #2667, @richardcase)
- Use same Golang version everywhere. (#2735, @mkumatag)
- Change references ...
v0.7.0
Release notes for Cluster API Provider AWS (CAPA) v0.7.0
Changelog since v0.6.5
Urgent Upgrade Notes
(No, really, you MUST read this before you upgrade)
- v0.7.0 is based on Cluster API v1alpha4 and MUST be used in conjunction with Cluster API v0.4.x
- EKS support has graduated out of experimental and is now enabled by default. 🎉
Please see the additional section below for details. (#2648, @richardcase)
All users of Cluster API Provider AWS (whether you use EKS or not) should read the notes below regarding the EKS graduation as it impacts the provider as a whole (e.g. IAM permissions)
- Cluster API Provider AWS will now be preferentially pinned to control plane nodes. This is especially helpful when running self-managed management clusters in AWS as for EC2-based control planes, the control plane EC2 instances have the
controlplane.cluster-api.sigs.k8s.io
IAM role which has sufficient permissions for Cluster API Provider AWS to run.
Please ensure your control plane nodes have sufficient resources to run Cluster API Provider AWS. (#2377, @vespian) - Controllers policy updated with missing KMS permissions required to use EKS encryption, if you are planning to use EKS encryption then you will need to update your controllers policy by running
clusterawsadm bootstrap iam create-cloudformation-stack
again. And then when you create a cluster with encryption enabled you will need to use a KMS key that has an alias name starting withcluster-api-provider-aws-
. For further information see the docs. (#2447, @richardcase, #2505, @Ankitasw) - Controllers policy updated with missing key pairs permission, if you are using or plan to use
AWSManagedMachinePool
with an SSH key then you will need to update your controllers policy by runningclusterawsadm bootstrap iam create-cloudformation-stack
again. (#2404, @richardcase) - During v0.6.x to v0.7.x upgrade: All secrets that are used for AWSClusterStaticIdentity should be moved to controller namespace manually if they are not already in the
capa-system
namespace. (#2425, @sedefsavas) - Renamed field
networkSpec
asnetwork
. CheckAWSCluster
andAWSManagedControlPlane
manifests when switching versions. (#2571, @Ankitasw)
Changes by Kind
Feature
- Adds the ability to configure EBS volume throughput in supported EBS types (#2468, @cnmcavoy)
- Add controller related commands to clusterawsadm: zero/update/print bootstrap credentials and rollout controllers (#2457, @sedefsavas)
- Add externally managed predicate. Clusters marked with
"cluster.x-k8s.io/managed-by"
annotation should be skipped from reconciliation. (#2383, @alexander-demichev) - Apply clusterctl.cluster.x-k8s.io/move-hierarchy label on the infrastructure cluster global identity CRDs. (#2524, @shivi28)
- CLI command to list AWS resources created by CAPA (#2509, @shivi28)
- Clusterawsadm ARM64 builds for both Linux and macOS are now available (#2557, @scottslowe)
- No longer mandatory to set encryption value to
True
for root volumes when using encrypted AMIs (#2556, @shivi28) - OIDC provider association for EKS clusters. (#2422, @sadysnaat)
- Tagging elastic IPs on creation (#2551, @Madhur97)
- Taints supported on EKS node groups created via
AWSmanagedMachinePool
(#2405, @richardcase) - NAT gateways are now deleted in parallel, which should reduce cluster deletion time by >50% for multi-AZ clusters (#2600, @shivi28)
- Add support for G4ad xlarge and 2xlarge instances powered by AMD Radeon Pro V520 GPUs and AMD 2nd Generation EPYC processors (#2626, @dependabot[bot])
- Enable usage of GPU optimized AMIs for EKS
Removed unused fields like ARN and Filters from AMIReference (#2549, @shivi28) - Validate label selector for AWS Identity CRDs
- Add
AWSClusterStaticIdentity
webhook with validation checks (#2436, @Ankitasw)
Bug or Regression
AWSMachine
objects successfully deleted in case of invalid credentials (#2601, @shivi28)AWSMachinePool
controller removes one old LaunchTemplate version before creating a new version, preventing the number of versions from growing without bound, and reaching the maximum limit. (#2525, @dlipovetsky)- Add root storage device tags through
additionalTags
in ec2 instance (#2463, @Ankitasw) - Align region resolution in create/delete cloudformation stack commands (#2423, @Szymongib)
- Fixes bug in
elb.DescribeTags
when the user has more than 20 load balancers in an account (#2500, @faiq) - Correct field being used for endpoint column on
kubectl get AWSCluster
(#2529, @njuettner) - Do not delete security groups when provided as overrides (#2555, @sedefsavas)
- EKS Nodepool min/max will be updated to match the
AWSManagedMachinePool
spec, overriding changes to min/max made via the AWS Console, CLI, or SDK. (#2375, @richardcase) - RBAC permission and update documentation for multi-tenancy (#2373, @paulcarlton-ww)
- Specifying no SSH key for machine pool launch templates. (#2362, @jimmidyson)
- When the
AWSMachinePool
controller scales an AWS Auto Scaling Group, it updates the Launch Template with a valid bootstrap token. (#2354, @dlipovetsky) - Patch VPC ID immediately after VPC creation, to deal with edge case where multiple VPCs may get created with the same tags. (#2587, @sedefsavas)
- Process extra statements for Cluster API Controllers (#2437, @Szymongib)
- Update RBAC with missing awsclustercontrolleridentities permission (#2359, @martin-ducar-gd)
- Update
EKSConfig
secret onkubeletExtraArgs
changes (#2579, @trutx) - Fix for reconciling LaunchTemplates. (#2411, @dkoshkin)
- Fix typo in
AWSFargateProfile
validation webhook which cause the webhook not called. (#2445, @jzhoucliqr)
Documentation
v0.7.0-alpha.0
🚨 This is an ALPHA RELEASE. Use it only for testing purposes, if you find any bugs file an issue. v1alpha4 API is not yet complete.
The images for this release are:
k8s.gcr.io/cluster-api-aws/cluster-api-aws-controller:v0.7.0-alpha.0
k8s.gcr.io/cluster-api-aws/eks-controlplane-controller:v0.7.0-alpha.0
k8s.gcr.io/cluster-api-aws/eks-bootstrap-controller:v0.7.0-alpha.0
Thanks to all our contributors.
v0.6.8
Changelog since v0.6.7
Bug or Regression
- Fix for filtering managed SecurityGroups correctly.(#2620, @sedefsavas)
The images for this release are:
k8s.gcr.io/cluster-api-aws/cluster-api-aws-controller:v0.6.8
k8s.gcr.io/cluster-api-aws/eks-controlplane-controller:v0.6.8
k8s.gcr.io/cluster-api-aws/eks-bootstrap-controller:v0.6.8
Thanks to all our contributors.