Releases: kubernetes-sigs/cluster-api-provider-aws
v0.5.0-rc.0
🚨 This is a RC release. A number of breaking changes exist in this release.
Images and artifacts for pre-release versions might be deleted in a future date.
The image for this release is: us.gcr.io/k8s-artifacts-prod/cluster-api-aws/cluster-api-aws-controller:v0.5.0-rc.0.
Changes since v0.4.2
⚠️ Breaking Changes
- Update node instance profile to add support for Session Manager (#1593)
- Update control plane security group rule to remove 0.0.0.0/0 ingress CIDR (#1482)
- ELB uses separate security group (#1456)
- Remove check for root volume size (#1463)
- Support bootstrap data in secret (#1407)
- Move Status.APIEndpoints to Spec.ControlPlaneEndpoint (#1372)
- Add v1alpha3 types (#1210)
- Remove all v1alpha1 codes (#1206)
- Update and require CRDv1 (#1577)
- Rename ErrorMessage and ErrorReason to FailureMessage and FailureReason (#1352)
✨ New Features
- omitempty to networking types that may be empty (#1557)
- Add extra root volume options (#1498)
- ec2: Add support for userdata privacy (#1490)
- Support cross zone load balancing option (#1442)
- Add liveness/readiness probes (#1487)
- clusterctl labels to CAPA components (#1488)
- an auth-proxy sidecar container (#1494)
- Add support to enable/disable bastion host (#1466)
- add clusterctl-settings.json (#1470)
- Add support for updating outdated managed routes (#1421)
- version to user-agent for AWS API calls (#1427)
- Support Tilt for local development (#1432)
- Add support for extra AWS policies in clusterawsadm (#1426)
- Add support for failure domains (#1420)
- cherry pick of 1341 from release-0.4 to master (#1386)
- Add validation webhook for AWSMachine (#1218)
- apiserver elb tags (#1377)
- ImageLookupBaseOS field in AWSCluster and AWSMachine CRDs (#1319)
- logs from nodes (#1338)
- Support cluster names > 22 characters in length (#1290)
- Add addresses to machine status (#1314)
- AWSCluster: Allow setting ImageLookupOrg at the cluster level (#1309)
- Bump goformation to v3, and remove IAM hacks (#1288)
- Add printer columns (#1277)
- Allow webhook to be disabled and make leader election namespace configurable (#1257)
- LOAD_IMAGE to allow injecting locally built image into kind (#1250)
- Cluster API v1alpha3 (#1220)
- Surface inner error from
WaitForWithRetryable
(#1217) - Add validating webhook for AWSMachineTemplate (#1116)
- Instance deletion logs (#1181)
- Add webhook port flag (#1176)
- add optional ControlPlaneSpec to AWSClusterSpec type (#1179)
🐛 Bug Fixes
- secrets-manager: Fix error handling (#1606)
- Ensure that leader election is still enabled after applying auth proxy (#1599)
- Need ARN values different in GOV regions. (#1597)
- panic in createSecurityGroup error reporting (#1551)
- Support chunking AWS secrets (#1535)
- Re-add missing return when reconciling failed machines (#1527)
- cloudformation: Add tag permission for secretsmanager (#1524)
- Fix panic in getAPIServerClassicELBSpec (#1521)
- NPE if Machine's spec.Version is not set by failing the AWSMachine (#1448)
- Persist AWSCluster/AWSMachine finalizers immediately to prevent orphaned AWS resources (#1455)
- Generate event when instance fails to launch because no subnets available in an availability zone (#1445)
- Include security groups when reconciling load balancer (#1481)
- Fix when AWS return InvalidInstanceID.NotFound with statusCode 400 (#1480)
- Fix deleting AWSCluster when VPC doesn't exist (#1453)
- Create events for Elastic IP allocate/disassociate/release (#1447)
- Fix NPE when instance doens't have a root volume (#1444)
- Fix typo in SuccessfulTagVPC event name (#1446)
- creation of Internet-facing ELB (#1424)
- make create-cluster: use --decode for base64 decoding (#1415)
- Base64 the User Data retrieved from the bootstrap secret (#1409)
- Update RBAC to add getting, listing, and watching Secrets for bootstrap data (#1408)
- Update KubeadmConfig(s) to v1alpha3 (#1399)
- make create-cluster: Improve cert-manager wait (#1385)
- Add new required ELB permissions (#1382)
- Fix kubeadm types import (#1380)
- Correct outdated information in releasing doc (#1365)
- Remove git branch from version info (#1366)
- Validate AWSMachine updates last (#1358)
- Add NoCredentialProviders to list of authentication errors (#1356)
- Improve EC2 state handling, and set error for manually deleted EC2 instances (#1256)
- Fix IMAGE_ID issue in examples (#1337)
- cert-manager to output of generate-examples (#1324)
- Wait for cert-manager in
make create-cluster-management
(#1304) - We should propagate any errors during create-stack (#1299)
- Revise wait backoff parameters (#1284)
- Record events only on AWSMachine (#1276)
- Fix Machine reconciliation of deletion (#1273)
- Disassociate Elastic IPs on deletion, if still associated (#1258)
- Control plane Internal ELBs now connect to private subnets instead of public subnets (#1263)
clusterawsadm version
command (#1232)- Fix AWSMachineTemplate webhook name (#1230)
- add a default bastion AMI for the eu-north-1 (Stockholm) region (#1223)
- WaitForWithRetryable should return latest error (#1221)
- not attempt to log NAT gateway ID when creation fails (#1213)
- Fix API version in v1alpha3 (#1212)
- Use sshKeyName from awsCluster if not set in awsMachine (#1198)
- Add permission to allow controllers to get tags (#1192)
- Add omitempty to RouteTableID (#1196)
- Fix to avoid updating tags when there is no change in them and add unit tests (#1504)
🏃 Others
- Remove deprecated AvailabilityZone field on machine spec (#1509)
- Update Machine FailureDomain field (#1507)
- Update Go 1.13 (#1430)
- Use local_hostname in cloud-init config (#1405)
- controller-tools version (#1367)
- Add v1alpha2 to v1alpha3 conversion webhooks (#1329)
- Bump AWSMachine concurrency to 10, AWSCluster to 5 (#1308)
- Update generate examples to v1alpha3 (#1302)
- go.mod: Bump AWS SDK to v1.25.16 (#1234)
- Update name of AWSMachineTemplate validating webhook (#1219)
Thanks to all our contributors! 😊
v0.4.10
v0.4.9
Changes since v0.4.6
⚠️ Action Required
The IAM policy for the controllers requires new permissions:
secretsmanager:CreateSecret
secretsmanager:DeleteSecret
secretsmanager:TagResource
The IAM policy for the nodes requires new permissions:
secretsmanager:DeleteSecret
secretsmanager:GetSecretValue
You either need to manually add these to your policy, or download the latest clusterawsadm
and use it to update your CloudFormation stack.
Changes since v0.4.8
⚠️ Breaking Changes
- ELB uses separate security group (#1476)
✨ New Features
🐛 Bug Fixes
- Fix when AWS return InvalidInstanceID.NotFound with statusCode 400 (#1483)
📖 Documentation
- Update userdata privacy documentation (#1528)
The image for this release is us.gcr.io/k8s-artifacts-prod/cluster-api-aws/cluster-api-aws-controller:v0.4.9
.
Thanks to all our contributors! 😊
v0.4.8
Changes since v0.4.7
✨ New Features
- Pass instance tags through to root volume (#1394)
🐛 Bug Fixes
- Fix deleting AWSCluster when VPC doesn't exist (#1471)
- Fix NPE when dealing with instance RootDeviceSize (#1464)
🏃 Others
The image for this release is us.gcr.io/k8s-artifacts-prod/cluster-api-aws/cluster-api-aws-controller:v0.4.8
.
Thanks to all our contributors! 😊
v0.4.7
Changes since v0.4.6
⚠️ Action Required
The IAM policy for the controllers requires new permissions:
elasticloadbalancing:AddTags
elasticloadbalancing:DescribeTags
elasticloadbalancing:RemoveTags
You either need to manually add these to your policy, or download the latest clusterawsadm
and use it to update your CloudFormation stack.
✨ New Features
- AWSCluster controller now reconciles AdditionalTags against the API Server ELB (#1377)
The image for this release is us.gcr.io/k8s-artifacts-prod/cluster-api-aws/cluster-api-aws-controller:v0.4.7
.
Thanks to all our contributors! 😊
v0.4.6
v0.4.5
Changes since v0.4.4
✨ New Features
- Support cluster names > 22 characters in length (#1339)
🐛 Bug Fixes
- check for subnet nil pointer when register instance to apiserver elb (#1341)
- [0.4] Fix IMAGE_ID issue in examples (#1336)
- Automated cherry pick of #1299: We should propagate any errors during create-stack (#1301)
- Fixed an issue where multiple ec2 instances could be created for the same AWSMachine (#1357)
🏃 Others
- e2e k8s conformance (#1289)
- [e2e] delete cloudformation stack on teardown (#1297)
- [e2e] fix machinedeployment scaling comparison (#1295)
- Automated cherry pick of #1338: Fetch logs from nodes (#1355)
- cherry pick of #1316: Better command line processing in e2e-conformance.sh (#1317)
- up e2e conformance tests (release 0.4) (#1279)
- [e2e] Add boskos heartbeat (#1307)
The image for this release is us.gcr.io/k8s-artifacts-prod/cluster-api-aws/cluster-api-aws-controller:v0.4.5
.
Thanks to all our contributors! 😊
v0.4.4
Changes since v0.4.3
⚠️ Action Required
The IAM policy for the controllers requires a new permission, ec2:DisassociateAddress
. You either need to manually add this to your policy, or download the latest clusterawsadm
and use it to update your CloudFormation stack.
🐛 Bug Fixes
- Disassociate Elastic IPs on deletion, if still associated (#1286)
- Revise wait backoff parameters (#1287)
- Record events only on AWSMachine (#1285)
- Fixes
clusterawsadm version
command (#1255)
The image for this release is us.gcr.io/k8s-artifacts-prod/cluster-api-aws/cluster-api-aws-controller:v0.4.4
.
Thanks to all our contributors! 😊
v0.4.3
Changes since v0.4.2
⚠️ Action Required
The IAM policy for the controllers requires a new permission, tag:GetResources
. You either need to manually add this to your policy, or download the latest clusterawsadm
and use it to update your CloudFormation stack.
✨ New Features
🐛 Bug Fixes
- Do not attempt to log NAT gateway ID when creation fails (#1216)
- Add permission to allow controllers to get tags (#1192)
- Add omitempty to RouteTableID (#1196)
🏃 Others
- Update controller-runtime v0.3, Golang v1.12.10, CAPI v0.2.5, CABPK v0.1.3 (#1199)
- released manifests for CAPI and CABPK in examples (#1194)
- Use e2e test helpers and cleanup e2e tests (#1186)
- Add a development dockerfile (#1188)
- Fix hack/ensure-kustomize.sh (#1184)
- Change the default image in manifests to target release-0.4 (#1207)
The image for this release is us.gcr.io/k8s-artifacts-prod/cluster-api-aws/cluster-api-aws-controller:v0.4.3
.
Thanks to all our contributors! 😊
v0.4.2
Changes since v0.4.1
⚠️ Action Required
IAM policy
The IAM policy for the controllers requires a new permission, tag:GetResources
. You must manually add this permission to your IAM policy. v0.4.3 adds this to clusterawsadm
but it is missing from v0.4.1
and v0.4.2
.
Leader election
The default leader election ID has been updated in this release. When upgrading from a previous v0.4.1 (or older) release you will need to:
- Scale down the old controllers:
kubectl -n capa-system scale deployment/controller-manager --replicas=0
. - Deploy the updated manifests with the newer image.
- Scale up the new controllers:
kubectl -n capa-system scale deployment/controller-manager --replicas=1
.
Failure to scale down the Deployment prior to updating to this version will result in multiple controllers running concurrently during the roll out of the updated controller-manager image.
✨ New Features
- AWSCluster and AWSMachine default concurrency (#1163)
- Apply elb-related tags to managed subnets (#1174)
🐛 Bug Fixes
- Delete cloud provider provisioned load balancers and security groups (#1168)
- Actually apply explicitly specified subnet tags (#1177)
- Correct IAM profile for control plane (#1182)
- Support running alongside other Cluster API pods in the same namespace with leader election enabled (#1178)
- Add well-known tolerations to released CAPA manager manifest (#1170)
The image for this release is us.gcr.io/k8s-artifacts-prod/cluster-api-aws/cluster-api-aws-controller:v0.4.2
.
Thanks to all our contributors! 😊