1.17-NOTES.md

Release notes for kops 1.17 series

(The kops 1.17 release has not been released yet, this is a document to gather the notes prior to the release).

Breaking changes

• Terraform users on AWS may need to rename some resources in their state file in order to prepare for future Terraform 0.12 support. See Required Actions below.

• Please see the notes in the 1.15 release about the apiGroup changing from kops to kops.k8s.io

• Since 1.16, a controller is now used to apply labels to nodes. If you are not using AWS, GCE or OpenStack your (non-master) nodes may not have labels applied correctly.

Significant changes

• If upgrading from 1.11 or earlier, please see the notes in previous releases about upgrading through kubernetes 1.12, with the etcd3 upgrade.

Required Actions

• Terraform users on AWS may need to rename resources in their terraform state file in order to prepare for future Terraform 0.12 support. Terraform 0.12 no longer supports resource names starting with digits. In Kops, both the default route and additional VPC CIDR associations are affected. See #7957 for more information.

  • The default route was named aws_route.0-0-0-0--0 and will now be named aws_route.route-0-0-0-0--0.
  • Additional CIDR blocks associated with a VPC were similarly named the hyphenated CIDR block with two hyphens for the /, for example aws_vpc_ipv4_cidr_block_association.10-1-0-0--16. These will now be prefixed with cidr-, for example aws_vpc_ipv4_cidr_block_association.cidr-10-1-0-0--16.

  To prevent downtime, follow these steps with the new version of Kops:

  kops update cluster --target terraform ...
  terraform plan
  # Observe any aws_route or aws_vpc_ipv4_cidr_block_association resources being destroyed and recreated
  # Run these commands as necessary. The exact names may differ; use what is outputted by terraform plan
  terraform state mv aws_route.0-0-0-0--0 aws_route.route-0-0-0-0--0
  terraform state mv aws_vpc_ipv4_cidr_block_association.10-1-0-0--16 aws_vpc_ipv4_cidr_block_association.cidr-10-1-0-0--16
  terraform plan
  # Ensure these resources are no longer being destroyed and recreated
  terraform apply
  

• Kubernetes 1.9 users will need to enable the PodPriority feature gate. This is required for newer versions of Kops.

  To enable the Pod priority feature, follow these steps:

  kops edit cluster
  # Add the following section
  spec:
    kubelet:
      featureGates:
        PodPriority: "true"
  

• If either a Kops 1.17 alpha release or a custom Kops build was used on a cluster, a kops-controller Deployment may have been created that should get deleted because it has been replaced with a DaemonSet. Run kubectl -n kube-system delete deployment kops-controller after upgrading to Kops 1.17.0-alpha.2 or later.

Deprecations

• The kops/v1alpha1 API is deprecated and will be removed in kops 1.18. Users of kops replace will need to supply v1alpha2 resources.

Full change list since 1.16.0 release

1.16.0-alpha.1 to 1.17.0-alpha.1

• Add release notes for 1.16.0-alpha.1 @justinsb #7896
• stable channel: promote kubernetes 1.13.12, 1.14.8 etc @justinsb #7891
• Don't update first node in instancegroup if cluster fails validation @johngmyers,@justinsb #7872
• add missing priorityClassName to flannel DaemonSet @EladDolev #7842
• fix broken links @dj80hd #7901
• Fix rendering of the Node Authorizer template @KashifSaadat #7916
• Fix fork bomb in Makefile @johngmyers #7935
• Unhide docs make logging @mikesplain #7936
• Upgrade AWS VPC CNI to 1.5.5 @rifelpet #7938
• Correct spelling mistakes @yuxiaobo96 #7922
• Fix flannel CNI version to use 0.2.0 @srikiz #7924
• Update vendoring documentation for go modules @rifelpet #7937
• Remove duplication and update release details @mikesplain #7939
• Updated documentation on how to move from single to multi master @mccare #7439
• Create PodDisruptionBudget for kube-dns in kube-system namespace @hakman #7856
• Add support for newer Docker versions @hakman #7860
• Machine types updates @mikesplain #7947
• fix 404 urls in docs @tanjunchen #7943
• Fix generation of documentation /sitemap.xml file @aledbf #7949
• Kops site link @mikesplain #7950
• Fix netlify mixed content @mikesplain #7953
• Fix goimports errors @rifelpet #7955
• Upate Lyft CNI to v0.5.1 @maruina #7402
• Add relnotes for 1.16.0-alpha.2 @justinsb #7962
• Bump version of alpha @mikesplain #7963
• Add relnotes for 1.15.0 @justinsb #7964
• Update feature flag documentation @rifelpet #7969
• Bazel upgrade @mikesplain #7933
• Upgrade AWS SDK @rifelpet #7972
• Fix panic when ssh key not exists on digitalocean @prksu #7941
• Upgrade go to 1.13 @rifelpet #7973
• Use correct values for CALICO_IPV4POOL_IPIP in Calico v3 @zacblazic #7899
• Put kubernetes 1.17.0-beta.2 into channels @justinsb #7982
• Update compatability matrix @mikesplain #7984
• Promote peter & ryan & zetaab to approvers @justinsb #7983
• upgrade the time api @tanjunchen #7910
• sysctls.go: Fix some comments @eest #7923
• Ignore devcontainer for vscode remote-containers @granular-ryanbonham #7987
• Dont run travis with Go 1.11 @rifelpet #7988
• Change doc cross-references from absolute to relative links @johngmyers #7907
• Correct link error:404 @yuxiaobo96 #7954
• Update apiVersion in docs and tests @johngmyers #7906
• [aws-iam-authenticator] Docs - Steps to disable DaemonSet Temporarily @bhegazy #7926
• Add indent template function and use it to fix KubeDNS.ExternalCoreFile rendering @rochacon #7979
• fix golint failures @FayerZhang #7894
• [Issue-7870] kops controller support for digital ocean @srikiz #7961
• cleanup whitespace in root.go @joshbranham #7997
• Run goimports from locked version in go.mod @justinsb #7998
• Remove note about 1.15 not being released @kaspernissen #8000
• fix(openstack): fix additional security groups on instance groups @mitch000001 #8004
• DOCS: fix simple typo in readme @lpmi-13 #8005
• Spotinst: Upgrade the Spotinst SDK to version 1.36 @liranp #8003
• Release 1.17.0-alpha.1 @justinsb #7985

1.17.0-alpha.1 to 1.17.0-alpha.2

• Fix mounting Calico "flexvol-driver-host" in CoreOS @hakman #8062
• Cherry-pick #8074 to release-1.17 @johngmyers #8084
• Bump cilium version to 1.6.4 @olemarkus #8022
• Complete support for Flatcar @mazzy89 #7545
• Canal v3.10 manifest for k8s v1.15+ @KashifSaadat,@hakman #7917
• Cherry pick #8095 @zetaab #8096
• test validateCluster twice to make sure it does not flap @zetaab,@johngmyers #8088
• Add inf1 isntances @mikesplain #8128
• Add CapacityOptimized to list of supported spot allocation strategies @gjtempleton #7406
• Update Calico to v3.10.2 @hakman #8104
• Openstack: Fix cluster floating ips @mitch000001 #8115
• cilium: don't try to mount sys/fs/bpf if already mounted @justinsb #7832
• Update copyrights for 2020 @johngmyers #8241
• Fix protokube osx build @mikesplain #8263
• Set CLUSTER_NAME env var on amazon-vpc-cni pods @rifelpet #8274
• Add deprecation warning for older k8s versions @rifelpet #8176
• Remove kops-controller deployment @rifelpet #8273
• Don't output empty sections in the manifests @justinsb #8317
• Cloud controller template function @DavidSie #7992
• Configuration to specify no SSH key @austinmoore- #7096
• tests: increase timeout in rolling update tests @justinsb #8139
• Fix crossbuild-nodeup-in-docker @johngmyers #8343
• update gophercloud dependency @zetaab #8347
• Update Terraform resource names to be 0.12 compatible. @rifelpet #7957
• Allow local filesystem state stores (to aid CI pull-request workflows) @ari-becker,@rifelpet #6465
• Fix issues with older versions of k8s for basic clusters @hakman #8248
• Use IAMPrefix() for hostedzone @lazzarello #8366
• Fix scheduler policy configmap args @vvbogdanov87 #8386
• Add Cilium.EnablePolicy back into templates @olemarkus #8379
• Bump etcd-manager to 3.0.20200116 (#8310) @mmerrill3 #8399
• CoreDNS default image bump to 1.6.6 to resolve CVE @gjtempleton #8333
• Don't load nonexistent calico-client cert when CNI is Cilium @johngmyers #8338
• Kops releases - prefix git tags with v @rifelpet #8373
• EBS Root Volume Termination @tioxy #7865
• Alicloud: etcd-manager support @bittopaz #8016

1.17.0-alpha.2 to 1.17.0-alpha.3

• Add missing priorityClassName for critical pods @johngmyers #8200
• Alicloud: allow use RAM role for OSS client @bittopaz #8025
• Update coredns to 1.6.7 @maruina #8452
• Fix Github download url for nodeup @adri,@justinsb #8468

1.17.0-alpha.3 to 1.17.0-alpha.4

• Cilium - Add missing Identity Allocation Mode to Operator Template @daviddyball #8445
• Revert "Update coredns to 1.6.7" @gjtempleton #8502
• GCS: Don't try to set ACLs if bucket-policy only is set @justinsb #8493
• Make it possible to enable Prometheus metrics for Cilium @olemarkus #8433
• Update cilium to 1.6.6 @olemarkus #8484