2017-09-23 22:02:18 +02:00
# Typhoon
Notable changes between versions.
2020-12-18 18:26:36 +01:00
## Latest
2021-04-12 00:05:46 +02:00
## v1.21.0
2021-04-09 06:44:31 +02:00
* Kubernetes [v1.21.0 ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.21.md#v1210 )
2021-04-13 18:35:11 +02:00
* Enable `tokencleaner` controller ([#969](https://github.com/poseidon/typhoon/pull/969))
2021-04-12 00:05:46 +02:00
* Enable `kube-scheduler` and `kube-controller-manager` separate authn/z kubeconfig
2021-04-13 18:35:11 +02:00
* Change CNI config location from /etc/kubernetes/cni/net.d to /etc/cni/net.d ([#965](https://github.com/poseidon/typhoon/pull/965))
2021-04-12 00:05:46 +02:00
* Change `kube-controller-manager` to mount `/var/lib/kubelet/volumeplugins` directly
* Remove unused `cloud-provider` flags
2021-04-13 18:35:11 +02:00
* Update Fedora CoreOS Config version from v1.1.0 to v1.2.0 ([#970](https://github.com/poseidon/typhoon/pull/970))
2021-04-12 00:26:54 +02:00
* Require [poseidon/ct ](https://github.com/poseidon/terraform-provider-ct ) Terraform provider v0.8+ ([notes](https://typhoon.psdn.io/topics/maintenance/#upgrade-terraform-provider-ct))
* Require any [snippets ](https://typhoon.psdn.io/advanced/customization/#hosts ) customizations to update to v1.2.0
2021-04-09 06:44:31 +02:00
2021-04-11 21:08:56 +02:00
### AWS
* Allow setting custom initial node taints on worker pools ([#968](https://github.com/poseidon/typhoon/pull/968))
* Add `node_taints` variable to internal `workers` pool module to set initial node taints
* Add `daemonset_tolerations` so `kube-system` DaemonSets can tolerate custom taints
### Azure
* Allow setting custom initial node taints on worker pools ([#968](https://github.com/poseidon/typhoon/pull/968))
* Add `node_taints` variable to internal `workers` pool module to set initial node taints
* Add `daemonset_tolerations` so `kube-system` DaemonSets can tolerate custom taints
2021-04-12 08:56:49 +02:00
* Remove deprecated `azurerm_lb_backend_address_pool` field `resource_group_name` ([#972](https://github.com/poseidon/typhoon/pull/972))
2021-04-11 21:08:56 +02:00
### Google Cloud
* Allow setting custom initial node taints on worker pools ([#968](https://github.com/poseidon/typhoon/pull/968))
* Add `node_taints` variable to internal `workers` pool module to set initial node taints
* Add `daemonset_tolerations` so `kube-system` DaemonSets can tolerate custom taints
2021-03-28 19:53:52 +02:00
### Addons
2021-04-12 09:18:47 +02:00
* Update nginx-ingress from v0.44.0 to [v0.45.0 ](https://github.com/kubernetes/ingress-nginx/releases/tag/controller-v0.45.0 )
2021-03-28 19:53:52 +02:00
* Update kube-state-metrics from v2.0.0-rc.0 to [v2.0.0-rc.1 ](https://github.com/kubernetes/kube-state-metrics/releases/tag/v2.0.0-rc.1 )
2021-04-12 09:17:22 +02:00
* Update Grafana from v7.4.5 to [v7.5.3 ](https://github.com/grafana/grafana/releases/tag/v7.5.3 )
2021-03-28 19:53:52 +02:00
2021-03-23 16:45:57 +01:00
## v1.20.5
2021-03-19 19:27:31 +01:00
* Kubernetes [v1.20.5 ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.20.md#v1205 )
2021-03-06 02:01:55 +01:00
* Update etcd from v3.4.14 to [v3.4.15 ](https://github.com/etcd-io/etcd/releases/tag/v3.4.15 )
2021-03-14 19:48:22 +01:00
* Update Cilium from v1.9.4 to [v1.9.5 ](https://github.com/cilium/cilium/releases/tag/v1.9.5 )
2021-03-14 18:23:59 +01:00
* Update Calico from v3.17.3 to [v3.18.1 ](https://github.com/projectcalico/calico/releases/tag/v3.18.1 )
2021-03-20 23:50:32 +01:00
* Update CoreDNS from v1.7.0 to [v1.8.0 ](https://coredns.io/2020/10/22/coredns-1.8.0-release/ )
2021-03-14 18:51:46 +01:00
* Mark bootstrap token as sensitive in Terraform plans ([#949](https://github.com/poseidon/typhoon/pull/949))
2021-03-06 02:01:55 +01:00
2021-03-23 16:45:57 +01:00
### Fedora CoreOS
* Set Kubelet `provider-id` ([#951](https://github.com/poseidon/typhoon/pull/951))
2021-02-21 00:36:52 +01:00
### Flatcar Linux
#### AWS
2021-03-23 16:45:57 +01:00
* Set Kubelet `provider-id` ([#951](https://github.com/poseidon/typhoon/pull/951))
2021-02-21 00:36:52 +01:00
* Remove `os_image` option `flatcar-edge` ([#943](https://github.com/poseidon/typhoon/pull/943))
#### Azure
* Remove `os_image` option `flatcar-edge` ([#943](https://github.com/poseidon/typhoon/pull/943))
#### Bare-Metal
* Remove `os_channel` option `flatcar-edge` ([#943](https://github.com/poseidon/typhoon/pull/943))
2021-03-06 02:11:57 +01:00
### Addons
2021-03-19 19:49:38 +01:00
* Update Prometheus from v2.25.0 to [v2.25.2 ](https://github.com/prometheus/prometheus/releases/tag/v2.25.2 )
2021-03-06 02:11:57 +01:00
* Update kube-state-metrics from v2.0.0-alpha.3 to [v2.0.0-rc.0 ](https://github.com/kubernetes/kube-state-metrics/releases/tag/v2.0.0-rc.0 )
2021-03-11 19:54:29 +01:00
* Switch image from `quay.io` to `k8s.gcr.io` ([#946](https://github.com/poseidon/typhoon/pull/946))
2021-03-06 02:11:57 +01:00
* Update node-exporter from v1.1.1 to [v1.1.2 ](https://github.com/prometheus/node_exporter/releases/tag/v1.1.2 )
2021-03-19 19:51:52 +01:00
* Update Grafana from v7.4.2 to [v7.4.5 ](https://github.com/grafana/grafana/releases/tag/v7.4.5 )
2021-03-06 02:11:57 +01:00
2021-02-21 00:36:52 +01:00
## v1.20.4
2021-02-19 09:02:07 +01:00
* Kubernetes [v1.20.4 ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.20.md#v1204 )
2021-02-04 08:08:22 +01:00
* Update Cilium from v1.9.1 to [v1.9.4 ](https://github.com/cilium/cilium/releases/tag/v1.9.4 )
2021-02-19 09:02:07 +01:00
* Update Calico from v3.17.1 to [v3.17.3 ](https://github.com/projectcalico/calico/releases/tag/v3.17.3 )
2021-02-14 21:04:59 +01:00
* Update flannel-cni from v0.4.1 to [v0.4.2 ](https://github.com/poseidon/flannel-cni/releases/tag/v0.4.2 )
2021-01-21 07:06:45 +01:00
2021-02-05 07:19:58 +01:00
### Addons
* Update nginx-ingress from v0.43.0 to [v0.44.0 ](https://github.com/kubernetes/ingress-nginx/releases/tag/controller-v0.44.0 )
2021-02-19 09:16:35 +01:00
* Update Prometheus from v2.24.0 to [v2.25.0 ](https://github.com/prometheus/prometheus/releases/tag/v2.25.0 )
2021-02-14 23:30:28 +01:00
* Update node-exporter from v1.0.1 to [v1.1.1 ](https://github.com/prometheus/node_exporter/releases/tag/v1.1.1 )
2021-02-19 09:18:17 +01:00
* Update Grafana from v7.3.7 to [v7.4.2 ](https://github.com/grafana/grafana/releases/tag/v7.4.2 )
2021-02-05 07:19:58 +01:00
2021-01-16 19:46:56 +01:00
## v1.20.2
2021-01-14 02:46:51 +01:00
* Kubernetes [v1.20.2 ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.20.md#v1202 )
2021-01-13 06:21:05 +01:00
* Support Terraform v0.13.x and v0.14.4+ ([#924](https://github.com/poseidon/typhoon/pull/923))
2021-01-01 22:47:58 +01:00
### Addons
2021-01-01 22:44:45 +01:00
* Update nginx-ingress from v0.41.2 to [v0.43.0 ](https://github.com/kubernetes/ingress-nginx/releases/tag/controller-v0.43.0 )
2021-01-13 05:49:18 +01:00
* Update Prometheus from v2.23.0 to [v2.24.0 ](https://github.com/prometheus/prometheus/releases/tag/v2.24.0 )
2021-01-16 19:46:56 +01:00
* Update Grafana from v7.3.6 to [v7.3.7 ](https://github.com/grafana/grafana/releases/tag/v7.3.7 )
2021-01-01 22:44:45 +01:00
## v1.20.1
2020-12-18 18:26:36 +01:00
* Kubernetes [v1.20.1 ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.20.md#v1201 )
2020-12-19 21:25:13 +01:00
### Fedora CoreOS
* Fedora CoreOS 33 has stronger crypto defaults ([**notice**](https://docs.fedoraproject.org/en-US/fedora-coreos/faq/#_why_does_ssh_stop_working_after_upgrading_to_fedora_33), [#915 ](https://github.com/poseidon/typhoon/issues/915 ))
* Use a non-RSA SSH key or add the workaround provided in upstream [Fedora docs ](https://docs.fedoraproject.org/en-US/fedora-coreos/faq/#_why_does_ssh_stop_working_after_upgrading_to_fedora_33 ) as a [snippet ](https://typhoon.psdn.io/advanced/customization/#fedora-coreos ) (**action required**)
2020-12-19 21:55:38 +01:00
### Addons
* Update Grafana from v7.3.5 to [v7.3.6 ](https://github.com/grafana/grafana/releases/tag/v7.3.6 )
2020-12-12 21:18:16 +01:00
## v1.20.0
2020-07-18 22:18:45 +02:00
2020-12-09 03:26:10 +01:00
* Kubernetes [v1.20.0 ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.20.md#v1200 )
2020-11-17 20:30:01 +01:00
* Add input variable validations ([#880](https://github.com/poseidon/typhoon/pull/880))
* Require Terraform v0.13+ ([migration guide](https://typhoon.psdn.io/topics/maintenance/#terraform-versions))
2020-11-23 20:01:04 +01:00
* Set output sensitive to suppress console display for some cases ([#885](https://github.com/poseidon/typhoon/pull/885))
2020-12-02 05:33:20 +01:00
* Add service account token [volume projection ](https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#service-account-token-volume-projection ) ([#897](https://github.com/poseidon/typhoon/pull/897))
* Scope kube-scheduler and kube-controller-manager permissions ([#898](https://github.com/poseidon/typhoon/pull/898))
2020-11-30 05:04:25 +01:00
* Update etcd from v3.4.12 to [v3.4.14 ](https://github.com/etcd-io/etcd/releases/tag/v3.4.14 )
2020-12-11 07:48:38 +01:00
* Update Calico from v3.16.5 to v3.17.1 ([#890](https://github.com/poseidon/typhoon/pull/890))
2020-11-25 23:19:10 +01:00
* Enable Calico MTU auto-detection
* Remove [workaround ](https://github.com/poseidon/typhoon/pull/724 ) to Calico cni-plugin [issue ](https://github.com/projectcalico/cni-plugin/issues/874 )
2020-12-04 23:14:18 +01:00
* Update Cilium from v1.9.0 to [v1.9.1 ](https://github.com/cilium/cilium/releases/tag/v1.9.1 )
2020-11-25 23:48:08 +01:00
* Relax `terraform-provider-ct` version constraint to v0.6+ ([#893](https://github.com/poseidon/typhoon/pull/893))
* Allow upgrading `terraform-provider-ct` to v0.7.x ([warn](https://typhoon.psdn.io/topics/maintenance/#upgrade-terraform-provider-ct))
2020-11-17 20:30:01 +01:00
2020-11-21 22:47:09 +01:00
### AWS
* Enable Network Load Balancer (NLB) dualstack ([#883](https://github.com/poseidon/typhoon/pull/883))
* NLB subnets assigned both IPv4 and IPv6 addresses
* NLB DNS name has both A and AAAA records
* NLB to target node traffic is IPv4 (no change)
2020-12-12 20:41:02 +01:00
### Bare-Metal
2020-12-12 21:18:16 +01:00
* Remove iSCSI `/etc/iscsi` and `iscsadm` mounts from Kubelet ([#912](https://github.com/poseidon/typhoon/pull/912))
2020-12-12 20:41:02 +01:00
2020-11-25 20:01:47 +01:00
### Fedora CoreOS
#### AWS
* Fix AMI query for which could fail in some regions ([#887](https://github.com/poseidon/typhoon/pull/887))
2020-11-25 23:08:45 +01:00
#### Bare-Metal
2020-12-04 23:02:55 +01:00
* Promote Fedora CoreOS to stable
2020-11-25 23:08:45 +01:00
* Use initramfs and rootfs images as initrd's ([#889](https://github.com/poseidon/typhoon/pull/889))
* Requires Fedora CoreOS version with rootfs images (e.g. 32.20200923.3.0+)
2020-11-20 06:49:11 +01:00
### Addons
2020-11-30 04:59:27 +01:00
* Update Prometheus from v2.22.2 to [v2.23.0 ](https://github.com/prometheus/prometheus/releases/tag/v2.23.0 )
2020-11-25 23:30:11 +01:00
* Update kube-state-metrics from v2.0.0-alpha.2 to [v2.0.0-alpha.3 ](https://github.com/kubernetes/kube-state-metrics/releases/tag/v2.0.0-alpha.3 )
2020-12-11 09:24:43 +01:00
* Update Grafana from v7.3.2 to [v7.3.5 ](https://github.com/grafana/grafana/releases/tag/v7.3.5 )
2020-11-20 06:49:11 +01:00
2020-11-14 22:30:30 +01:00
## v1.19.4
2020-11-12 07:29:16 +01:00
* Kubernetes [v1.19.4 ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.19.md#v1194 )
2020-11-11 08:42:41 +01:00
* Update Cilium from v1.8.4 to [v1.9.0 ](https://github.com/cilium/cilium/releases/tag/v1.9.0 )
2020-11-11 03:32:13 +01:00
* Update Calico from v3.16.3 to [v3.16.5 ](https://github.com/projectcalico/calico/releases/tag/v3.16.5 )
2020-10-19 08:29:19 +02:00
* Remove `asset_dir` variable (defaulted off in [v1.17.0 ](https://github.com/poseidon/typhoon/pull/595 ), deprecated in [v1.18.0 ](https://github.com/poseidon/typhoon/pull/678 ))
### Fedora CoreOS
2020-11-08 20:46:39 +01:00
* Improve `etcd-member.service` systemd unit ([#868](https://github.com/poseidon/typhoon/pull/868))
* Allow a snippet with a systemd dropin to set an alternate image (e.g. mirror)
2020-10-19 08:29:19 +02:00
* Fix local node delete oneshot on node shutdown ([#856](https://github.com/poseidon/typhoon/pull/855))
2020-10-17 23:41:26 +02:00
2020-11-08 19:51:42 +01:00
#### AWS
* Add experimental Fedora CoreOS arm64 support ([docs](https://typhoon.psdn.io/advanced/arm64/), [#875 ](https://github.com/poseidon/typhoon/pull/875 ))
* Allow arm64 full-cluster or mixed/hybrid cluster with worker pools
* Add `arch` variable to cluster module
* Add `daemonset_tolerations` variable to cluster module
* Add `node_taints` variable to workers module
* Requires flannel CNI provider and use of experimental AMI (see docs)
Change Flatcar kubelet.service container from rkt to docker
* Use docker to run the `kubelet.service` container
* Update Kubelet mounts to match Fedora CoreOS
* Remove unused `/etc/ssl/certs` mount (see
https://github.com/poseidon/typhoon/pull/810)
* Remove unused `/usr/share/ca-certificates` mount
* Remove `/etc/resolv.conf` mount, Docker default is ok
* Change `delete-node.service` to use docker instead of rkt
and inline ExecStart, as was done on Fedora CoreOS
* Fix permission denied on shutdown `delete-node`, caused
by the kubeconfig mount changing with the introduction of
node TLS bootstrap
Background
* podmand, rkt, and runc daemonless container process runners
provide advantages over the docker daemon for system containers.
Docker requires workarounds for use in systemd units where the
ExecStart must tail logs so systemd can monitor the daemonized
container. https://github.com/moby/moby/issues/6791
* Why switch then? On Flatcar Linux, podman isn't shipped. rkt
works, but isn't developing while container standards continue
to move forward. Typhoon has used runc for the Kubelet runner
before in Fedora Atomic, but its more low-level. So we're left
with Docker, which is less than ideal, but shipped in Flatcar
* Flatcar Linux appears to be shifting system components to
use docker, which does provide some limited guards against
breakages (e.g. Flatcar cannot enable docker live restore)
2020-10-19 07:51:25 +02:00
### Flatcar Linux
2020-10-21 09:02:29 +02:00
* Rename `container-linux` modules to `flatcar-linux` ([#858](https://github.com/poseidon/typhoon/issues/858)) (**action required**)
2020-11-12 07:19:42 +01:00
* Change on-host system containers from rkt to docker
* Change `etcd-member.service` container runnner from rkt to docker ([#867](https://github.com/poseidon/typhoon/pull/867))
* Change `kubelet.service` container runner from rkt-fly to docker ([#855](https://github.com/poseidon/typhoon/pull/855))
* Change `bootstrap.service` container runner from rkt to docker ([#873](https://github.com/poseidon/typhoon/pull/873))
* Change `delete-node.service` to use docker and an inline ExecStart ([#855](https://github.com/poseidon/typhoon/pull/855))
2020-10-19 08:29:19 +02:00
* Fix local node delete oneshot on node shutdown ([#855](https://github.com/poseidon/typhoon/pull/855))
2020-10-21 09:02:29 +02:00
* Remove CoreOS Container Linux Matchbox profiles ([#859](https://github.com/poseidon/typhoon/pull/858))
Change Flatcar kubelet.service container from rkt to docker
* Use docker to run the `kubelet.service` container
* Update Kubelet mounts to match Fedora CoreOS
* Remove unused `/etc/ssl/certs` mount (see
https://github.com/poseidon/typhoon/pull/810)
* Remove unused `/usr/share/ca-certificates` mount
* Remove `/etc/resolv.conf` mount, Docker default is ok
* Change `delete-node.service` to use docker instead of rkt
and inline ExecStart, as was done on Fedora CoreOS
* Fix permission denied on shutdown `delete-node`, caused
by the kubeconfig mount changing with the introduction of
node TLS bootstrap
Background
* podmand, rkt, and runc daemonless container process runners
provide advantages over the docker daemon for system containers.
Docker requires workarounds for use in systemd units where the
ExecStart must tail logs so systemd can monitor the daemonized
container. https://github.com/moby/moby/issues/6791
* Why switch then? On Flatcar Linux, podman isn't shipped. rkt
works, but isn't developing while container standards continue
to move forward. Typhoon has used runc for the Kubelet runner
before in Fedora Atomic, but its more low-level. So we're left
with Docker, which is less than ideal, but shipped in Flatcar
* Flatcar Linux appears to be shifting system components to
use docker, which does provide some limited guards against
breakages (e.g. Flatcar cannot enable docker live restore)
2020-10-19 07:51:25 +02:00
2020-10-22 09:14:04 +02:00
### Addons
2020-11-14 22:27:06 +01:00
* Update nginx-ingress from v0.40.2 to [v0.41.2 ](https://github.com/kubernetes/ingress-nginx/releases/tag/controller-v0.41.2 )
2020-11-08 23:12:24 +01:00
* Update Prometheus from v2.22.0 to [v2.22.1 ](https://github.com/prometheus/prometheus/releases/tag/v2.22.1 )
2020-10-29 02:37:28 +01:00
* Update kube-state-metrics from v2.0.0-alpha.1 to [v2.0.0-alpha.2 ](https://github.com/kubernetes/kube-state-metrics/releases/tag/v2.0.0-alpha.2 )
2020-11-14 22:30:30 +01:00
* Update Grafana from v7.2.1 to [v7.3.2 ](https://github.com/grafana/grafana/releases/tag/v7.3.2 )
2020-10-22 09:14:04 +02:00
2020-10-17 22:52:56 +02:00
## v1.19.3
2020-11-12 07:29:16 +01:00
* Kubernetes [v1.19.3 ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.19.md#v1193 )
2020-10-02 09:24:26 +02:00
* Update Cilium from v1.8.3 to [v1.8.4 ](https://github.com/cilium/cilium/releases/tag/v1.8.4 )
2020-10-16 05:07:20 +02:00
* Update Calico from v1.15.3 to [v1.16.3 ](https://github.com/projectcalico/calico/releases/tag/v3.16.3 ) ([#851](https://github.com/poseidon/typhoon/pull/851))
2020-10-15 05:45:49 +02:00
* Update flannel from v0.13.0-rc2 to v0.13.0 ([#219](https://github.com/poseidon/terraform-render-bootstrap/pull/219))
2020-10-02 09:24:26 +02:00
2020-09-25 04:55:32 +02:00
### Flatcar Linux
* Remove references to CoreOS Container Linux ([#839](https://github.com/poseidon/typhoon/pull/839))
* Fix error querying for coreos AMI on AWS ([#838](https://github.com/poseidon/typhoon/issues/838))
2020-09-25 05:58:32 +02:00
### Addons
2020-10-07 08:52:15 +02:00
* Update nginx-ingress from v0.35.0 to [v0.40.2 ](https://github.com/kubernetes/ingress-nginx/releases/tag/controller-v0.40.2 )
2020-10-11 22:19:05 +02:00
* Update Grafana from v7.1.5 to [v7.2.1 ](https://github.com/grafana/grafana/releases/tag/v7.2.1 )
2020-10-17 21:38:25 +02:00
* Update Prometheus from v2.21.0 to [v2.22.0 ](https://github.com/prometheus/prometheus/releases/tag/v2.22.0 )
* Update kube-state-metrics from v1.9.7 to [v2.0.0-alpha.1 ](https://github.com/kubernetes/kube-state-metrics/releases/tag/v2.0.0-alpha.1 )
2020-09-25 05:58:32 +02:00
2020-09-25 04:55:32 +02:00
## v1.19.2
2020-09-17 04:09:16 +02:00
* Kubernetes [v1.19.2 ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.19.md#v1192 )
* Update flannel from v0.12.0 to v0.13.0-rc2 ([#216](https://github.com/poseidon/terraform-render-bootstrap/pull/216))
* Update flannel-cni from v0.4.0 to v0.4.1
* Update CNI plugins from v0.8.6 to v0.8.7
2020-09-13 10:40:27 +02:00
### Addons
2020-09-13 23:42:07 +02:00
* Refresh Prometheus rules/alerts and Grafana dashboards ([#831](https://github.com/poseidon/typhoon/pull/831))
2020-09-13 10:40:27 +02:00
* Reduce apiserver metrics cardinality for non-core APIs ([#830](https://github.com/poseidon/typhoon/pull/830))
## v1.19.1
2020-09-10 05:49:52 +02:00
* Kubernetes [v1.19.1 ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.19.md#v1191 )
2020-09-10 09:35:46 +02:00
* Change control plane seccomp annotations to GA `seccompProfile` ([#822](https://github.com/poseidon/typhoon/pull/822))
2020-09-08 06:10:27 +02:00
* Update Cilium from v1.8.2 to [v1.8.3 ](https://github.com/cilium/cilium/releases/tag/v1.8.3 )
2020-09-13 04:29:21 +02:00
* Promote Cilium from experimental to general availability ([#827](https://github.com/poseidon/typhoon/pull/827))
2020-09-10 05:49:52 +02:00
* Update Calico from v1.15.2 to [v1.15.3 ](https://github.com/projectcalico/calico/releases/tag/v3.15.3 )
2020-09-08 06:10:27 +02:00
2020-09-11 08:38:40 +02:00
### Fedora CoreOS
* Update Fedora CoreOS Config version from v1.0.0 to v1.1.0
* Require any [snippets ](https://typhoon.psdn.io/advanced/customization/#hosts ) customizations to update to v1.1.0
2020-09-11 08:23:52 +02:00
### Addons
* Update IngressClass resources to `networking.k8s.io/v1` ([#824](https://github.com/poseidon/typhoon/pull/824))
2020-09-13 04:20:54 +02:00
* Update Prometheus from v2.20.0 to [v2.21.0 ](https://github.com/prometheus/prometheus/releases/tag/v2.21.0 )
2020-09-13 04:29:21 +02:00
* Remove Kubernetes node name labelmap `relabel_config` from etcd, Kubelet, and CAdvisor scrape config ([#828](https://github.com/poseidon/typhoon/pull/828))
2020-09-11 08:23:52 +02:00
2020-08-29 22:52:16 +02:00
## v1.19.0
2020-08-27 05:16:28 +02:00
* Kubernetes [v1.19.0 ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.19.md#v1190 )
2020-08-20 06:25:41 +02:00
* Update etcd from v3.4.10 to [v3.4.12 ](https://github.com/etcd-io/etcd/releases/tag/v3.4.12 )
2020-08-27 05:16:28 +02:00
* Update Calico from v3.15.1 to [v3.15.2 ](https://docs.projectcalico.org/v3.15/release-notes/ )
2020-08-20 06:25:41 +02:00
2020-08-20 06:18:10 +02:00
### Fedora CoreOS
2020-08-29 22:38:28 +02:00
* Fix race condition during bootstrap of multi-controller clusters ([#808](https://github.com/poseidon/typhoon/pull/808))
* Fix SELinux label of bootstrap-secrets on non-bootstrap controllers
2020-08-20 06:18:10 +02:00
2020-08-23 00:40:09 +02:00
### Addons
2020-08-28 08:25:44 +02:00
* Introduce [fleetlock ](https://github.com/poseidon/fleetlock ) for Fedora CoreOS reboot coordination ([#814](https://github.com/poseidon/typhoon/pull/814))
2020-08-29 22:38:28 +02:00
* Update nginx-ingress from v0.34.1 to [v0.35.0 ](https://github.com/kubernetes/ingress-nginx/releases/tag/controller-v0.35.0 )
* Repository changed to `k8s.gcr.io/ingress-nginx/controller`
2020-08-27 17:52:07 +02:00
* Update Grafana from v7.1.3 to [v7.1.5 ](https://github.com/grafana/grafana/releases/tag/v7.1.5 )
2020-08-23 00:40:09 +02:00
2020-08-20 06:18:10 +02:00
## v1.18.8
2020-08-14 05:46:42 +02:00
* Kubernetes [v1.18.8 ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.18.md#v1188 )
2020-08-13 09:29:25 +02:00
* Migrate from Terraform v0.12.x to v0.13.x ([#804](https://github.com/poseidon/typhoon/pull/804)) (**action required**)
2020-08-14 19:02:16 +02:00
* Recommend Terraform v0.13.x ([migration guide](https://typhoon.psdn.io/topics/maintenance/#terraform-versions))
2020-08-13 09:29:25 +02:00
* Support automatic install of poseidon's provider plugins ([poseidon/ct](https://registry.terraform.io/providers/poseidon/ct/latest), [poseidon/matchbox ](https://registry.terraform.io/providers/poseidon/matchbox/latest ))
2020-08-11 06:02:56 +02:00
* Require Terraform v0.12.26+ (migration compatibility)
* Require `terraform-provider-ct` v0.6.1
* Require `terraform-provider-matchbox` v0.4.1
2020-07-18 23:08:22 +02:00
* Update etcd from v3.4.9 to [v3.4.10 ](https://github.com/etcd-io/etcd/releases/tag/v3.4.10 )
2020-07-25 22:18:07 +02:00
* Update CoreDNS from v1.6.7 to [v1.7.0 ](https://coredns.io/2020/06/15/coredns-1.7.0-release/ )
2020-07-26 01:06:27 +02:00
* Update Cilium from v1.8.1 to [v1.8.2 ](https://github.com/cilium/cilium/releases/tag/v1.8.2 )
2020-08-02 09:45:39 +02:00
* Update [coreos/flannel-cni ](https://github.com/coreos/flannel-cni ) to [poseidon/flannel-cni ](https://github.com/poseidon/flannel-cni ) ([#798](https://github.com/poseidon/typhoon/pull/798))
2020-08-13 09:29:25 +02:00
* Update CNI plugins and fix CVEs with Flannel CNI (non-default)
2020-08-02 09:45:39 +02:00
* Transition to a poseidon maintained container image
2020-07-18 23:08:22 +02:00
2020-08-09 21:25:27 +02:00
### AWS
* Allow `terraform-provider-aws` v3.0+ ([#803](https://github.com/poseidon/typhoon/pull/803))
* Recommend updating `terraform-provider-aws` to v3.0+
* Continue to allow v2.23+, no v3.x specific features are used
2020-08-11 06:02:56 +02:00
### DigitalOcean
* Require `terraform-provider-digitalocean` v1.21+ for Terraform v0.13.x (unenforced)
* Require `terraform-provider-digitalocean` v1.20+ for Terraform v0.12.x
2020-08-02 06:00:39 +02:00
### Fedora CoreOS
* Fix support for Flannel with Fedora CoreOS ([#795](https://github.com/poseidon/typhoon/pull/795))
2020-08-09 03:59:49 +02:00
* Configure `flannel.1` link to select its own MAC address to solve flannel
pod-to-pod traffic drops starting with default link changes in Fedora CoreOS
32.20200629.3.0 ([details](https://github.com/coreos/fedora-coreos-tracker/issues/574#issuecomment-665487296))
2020-08-02 06:00:39 +02:00
2020-07-18 22:54:56 +02:00
#### Addons
2020-07-26 01:37:28 +02:00
* Update Prometheus from v2.19.2 to [v2.20.0 ](https://github.com/prometheus/prometheus/releases/tag/v2.20.0 )
2020-08-09 03:59:49 +02:00
* Update Grafana from v7.0.6 to [v7.1.3 ](https://github.com/grafana/grafana/releases/tag/v7.1.3 )
2020-07-18 22:54:56 +02:00
2020-07-16 07:43:49 +02:00
## v1.18.6
2020-05-28 06:33:03 +02:00
2020-07-16 07:43:49 +02:00
* Kubernetes [v1.18.6 ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.18.md#v1186 )
* Update Calico from v3.15.0 to [v3.15.1 ](https://docs.projectcalico.org/v3.15/release-notes/ )
2020-07-06 00:58:34 +02:00
* Update Cilium from v1.8.0 to [v1.8.1 ](https://github.com/cilium/cilium/releases/tag/v1.8.1 )
2020-07-05 01:53:21 +02:00
2020-07-10 06:08:55 +02:00
#### Addons
2020-07-16 07:43:49 +02:00
* Update nginx-ingress from v0.33.0 to [v0.34.1 ](https://github.com/kubernetes/ingress-nginx/releases/tag/nginx-0.34.1 )
* [ingress-nginx ](https://github.com/kubernetes/ingress-nginx/releases/tag/controller-v0.34.0 ) will publish images only to gcr.io
2020-07-10 06:08:55 +02:00
* Update Prometheus from v2.19.1 to [v2.19.2 ](https://github.com/prometheus/prometheus/releases/tag/v2.19.2 )
2020-07-10 06:10:48 +02:00
* Update Grafana from v7.0.4 to [v7.0.6 ](https://github.com/grafana/grafana/releases/tag/v7.0.6 )
2020-07-10 06:08:55 +02:00
2020-07-05 01:53:21 +02:00
## v1.18.5
2020-06-27 22:51:20 +02:00
* Kubernetes [v1.18.5 ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.18.md#v1185 )
2020-06-26 10:55:49 +02:00
* Add Cilium v1.8.0 as a (experimental) CNI provider option ([#760](https://github.com/poseidon/typhoon/pull/760))
* Set `networking` to "cilium" to enable
2020-06-26 11:40:12 +02:00
* Update Calico from v3.14.1 to [v3.15.0 ](https://docs.projectcalico.org/v3.15/release-notes/ )
2020-06-26 10:55:49 +02:00
2020-06-29 08:12:54 +02:00
#### DigitalOcean
* Isolate each cluster in an independent DigitalOcean VPC ([#776](https://github.com/poseidon/typhoon/pull/776))
* Create droplets in a VPC per cluster (matches Typhoon AWS, Azure, and GCP)
* Require `terraform-provider-digitalocean` v1.16.0+ (action required)
* Output `vpc_id` for use with an attached DigitalOcean [loadbalancer ](https://github.com/poseidon/typhoon/blob/v1.18.5/docs/architecture/digitalocean.md#custom-load-balancer )
2020-06-30 07:57:11 +02:00
### Fedora CoreOS
2020-06-30 10:16:24 +02:00
#### Google Cloud
2020-06-30 07:57:11 +02:00
2020-06-30 08:09:11 +02:00
* Promote Fedora CoreOS to stable
2020-06-30 10:16:24 +02:00
* Remove `os_image` variable deprecated in v1.18.3 ([#777](https://github.com/poseidon/typhoon/pull/777))
2020-06-30 07:57:11 +02:00
* Use `os_stream` to select a Fedora CoreOS image stream
2020-06-30 10:16:24 +02:00
### Flatcar Linux
#### Azure
* Allow using Flatcar Linux Edge by setting `os_image` to "flatcar-edge" ([#778](https://github.com/poseidon/typhoon/pull/778))
2020-06-26 10:55:49 +02:00
#### Addons
2020-06-27 23:53:58 +02:00
* Update Prometheus from v2.19.0 to [v2.19.1 ](https://github.com/prometheus/prometheus/releases/tag/v2.19.1 )
2020-06-26 11:06:38 +02:00
* Update Grafana from v7.0.3 to [v7.0.4 ](https://github.com/grafana/grafana/releases/tag/v7.0.4 )
2020-06-26 10:55:49 +02:00
2020-06-18 07:50:12 +02:00
## v1.18.4
2020-06-18 04:34:50 +02:00
* Kubernetes [v1.18.4 ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.18.md#v1184 )
* Update Kubelet image publishing ([#749](https://github.com/poseidon/typhoon/pull/749))
* Build Kubelet images internally and publish to Quay and Dockerhub
2020-05-28 10:06:26 +02:00
* [quay.io/poseidon/kubelet ](https://quay.io/repository/poseidon/kubelet ) (official)
* [docker.io/psdn/kubelet ](https://hub.docker.com/r/psdn/kubelet ) (fallback)
2020-06-18 04:34:50 +02:00
* Continue offering automated image builds with an alternate tag strategy (see [docs ](https://typhoon.psdn.io/topics/security/#container-images ))
2020-06-17 03:23:27 +02:00
* [Document ](https://typhoon.psdn.io/advanced/customization/#kubelet ) use of alternate Kubelet images during registry incidents
2020-05-31 07:03:53 +02:00
* Update Calico from v3.14.0 to [v3.14.1 ](https://docs.projectcalico.org/v3.14/release-notes/ )
2020-06-18 04:34:50 +02:00
* Fix [CVE-2020-13597 ](https://github.com/kubernetes/kubernetes/issues/91507 )
2020-06-18 07:50:12 +02:00
* Rename controller NoSchedule taint from `node-role.kubernetes.io/master` to `node-role.kubernetes.io/controller` ([#764](https://github.com/poseidon/typhoon/pull/764))
* Tolerate the new taint name for workloads that may run on controller nodes
* Remove node label `node.kubernetes.io/master` from controller nodes ([#764](https://github.com/poseidon/typhoon/pull/764))
* Use `node.kubernetes.io/controller` (present since v1.9.5, [#160 ](https://github.com/poseidon/typhoon/pull/160 )) to node select controllers
2020-06-17 03:23:27 +02:00
* Remove unused Kubelet `-lock-file` and `-exit-on-lock-contention` ([#758](https://github.com/poseidon/typhoon/pull/758))
2020-05-31 07:03:53 +02:00
2020-06-10 07:38:32 +02:00
### Fedora CoreOS
#### Azure
* Use `strict` Fedora CoreOS Config (FCC) snippet parsing ([#755](https://github.com/poseidon/typhoon/pull/755))
2020-06-19 08:47:35 +02:00
* Reduce Calico vxlan interface MTU to maintain performance ([#767](https://github.com/poseidon/typhoon/pull/766))
2020-06-10 07:38:32 +02:00
2020-06-19 08:08:01 +02:00
#### AWS
* Fix Kubelet service race with hostname update ([#766](https://github.com/poseidon/typhoon/pull/766))
* Wait for a hostname to avoid Kubelet trying to register as `localhost`
2020-06-10 07:38:32 +02:00
### Flatcar Linux
* Use `strict` Container Linux Config (CLC) snippet parsing ([#755](https://github.com/poseidon/typhoon/pull/755))
* Require `terraform-provider-ct` v0.4+, recommend v0.5+ (**action required**)
2020-05-28 06:33:03 +02:00
### Addons
2020-06-17 03:44:40 +02:00
* Update nginx-ingress from v0.32.0 to [v0.33.0 ](https://github.com/kubernetes/ingress-nginx/releases/tag/nginx-0.33.0 )
2020-06-10 08:05:03 +02:00
* Update Prometheus from v2.18.1 to [v2.19.0 ](https://github.com/prometheus/prometheus/releases/tag/v2.19.0 )
2020-06-17 02:57:09 +02:00
* Update node-exporter from v1.0.0-rc.1 to [v1.0.1 ](https://github.com/prometheus/node_exporter/releases/tag/v1.0.1 )
2020-06-03 20:35:10 +02:00
* Update kube-state-metrics from v1.9.6 to v1.9.7
2020-06-03 21:31:58 +02:00
* Update Grafana from v7.0.0 to v7.0.3
2020-05-28 06:33:03 +02:00
2020-05-21 07:53:51 +02:00
## v1.18.3
2019-10-06 21:57:15 +02:00
2020-06-18 04:34:50 +02:00
* Kubernetes [v1.18.3 ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.18.md#v1183 )
2020-04-26 01:50:51 +02:00
* Use Kubelet [TLS bootstrap ](https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet-tls-bootstrapping/ ) with bootstrap token authentication ([#713](https://github.com/poseidon/typhoon/pull/713))
* Enable Node [Authorization ](https://kubernetes.io/docs/reference/access-authn-authz/node/ ) and [NodeRestriction ](https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#noderestriction ) to reduce authorization scope
* Renew Kubelet certificates every 72 hours
2020-05-22 09:50:30 +02:00
* Update etcd from v3.4.7 to [v3.4.9 ](https://github.com/etcd-io/etcd/releases/tag/v3.4.9 )
2020-05-10 01:05:30 +02:00
* Update Calico from v3.13.1 to [v3.14.0 ](https://docs.projectcalico.org/v3.14/release-notes/ )
2020-05-22 09:50:30 +02:00
* Add CoreDNS node affinity preference for controller nodes ([#188](https://github.com/poseidon/terraform-render-bootstrap/pull/188))
2020-05-21 07:53:51 +02:00
* Deprecate CoreOS Container Linux support (no OS [updates ](https://coreos.com/os/eol/ ) after May 2020)
* Use a `fedora-coreos` module for Fedora CoreOS
* Use a `container-linux` module for Flatcar Linux
2020-04-23 05:28:55 +02:00
2020-05-10 00:58:45 +02:00
### AWS
2020-04-30 05:51:45 +02:00
* Fix Terraform plan error when `controller_count` exceeds AWS zones (e.g. 5 controllers) ([#714](https://github.com/poseidon/typhoon/pull/714))
* Regressed in v1.17.1 ([#605](https://github.com/poseidon/typhoon/pull/605))
2020-05-19 08:25:30 +02:00
### Azure
* Update Azure subnets to set `address_prefixes` list ([#730](https://github.com/poseidon/typhoon/pull/730))
* Fix warning that `address_prefix` is deprecated
* Require `terraform-provider-azurerm` v2.8.0+ (action required)
2020-05-21 07:53:51 +02:00
### DigitalOcean
* Promote DigitalOcean to beta on both Fedora CoreOS and Flatcar Linux
2020-05-10 00:58:45 +02:00
### Fedora CoreOS
* Fix Calico `install-cni` crashloop on Pod restarts ([#724](https://github.com/poseidon/typhoon/pull/724))
* SELinux enforcement requires consistent file context MCS level
* Restarting a node resolved the issue as a previous workaround
2020-05-14 06:37:18 +02:00
#### AWS
2020-05-21 07:53:51 +02:00
* Support Fedora CoreOS [image streams ](https://docs.fedoraproject.org/en-US/fedora-coreos/update-streams/ ) ([#727](https://github.com/poseidon/typhoon/pull/727))
2020-05-14 06:37:18 +02:00
* Add `os_stream` variable to set the stream to `stable` (default), `testing` , or `next`
* Remove unused `os_image` variable
2020-05-08 10:18:34 +02:00
#### Google
2020-06-30 07:57:11 +02:00
* Support Fedora CoreOS [image streams ](https://docs.fedoraproject.org/en-US/fedora-coreos/update-streams/ ) ([#723](https://github.com/poseidon/typhoon/pull/723))
2020-05-08 10:18:34 +02:00
* Add `os_stream` variable to set the stream to `stable` (default), `testing` , or `next`
* Deprecate `os_image` variable. Manual image uploads are no longer needed
2020-05-10 02:37:35 +02:00
### Flatcar Linux
#### Azure
* Use the Flatcar Linux Azure Marketplace image
* Restore [#664 ](https://github.com/poseidon/typhoon/pull/664 ) (reverted in [#707 ](https://github.com/poseidon/typhoon/pull/707 )) but use Flatcar Linux new free offer (not byol)
* Change `os_image` to use a `flatcar-stable` default
2020-05-21 07:53:51 +02:00
#### Google
* Promote Flatcar Linux to beta
2020-05-16 02:38:59 +02:00
### Addons
2020-04-21 03:09:24 +02:00
2020-05-04 08:18:47 +02:00
* Update nginx-ingress from v0.30.0 to [v0.32.0 ](https://github.com/kubernetes/ingress-nginx/releases/tag/nginx-0.32.0 )
* Add support for [IngressClass ](https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-class )
2020-05-08 07:59:11 +02:00
* Update Prometheus from v2.17.1 to v2.18.1
2020-05-16 02:42:24 +02:00
* Update kube-state-metrics from v1.9.5 to [v1.9.6 ](https://github.com/kubernetes/kube-state-metrics/releases/tag/v1.9.6 )
2020-05-16 03:03:19 +02:00
* Update node-exporter from v1.0.0-rc.0 to [v1.0.0-rc.1 ](https://github.com/prometheus/node_exporter/releases/tag/v1.0.0-rc.1 )
2020-05-19 08:42:32 +02:00
* Update Grafana from v6.7.2 to [v7.0.0 ](https://grafana.com/docs/grafana/latest/guides/whats-new-in-v7-0/ )
2020-04-21 03:09:24 +02:00
2020-04-20 01:44:26 +02:00
## v1.18.2
2020-04-17 08:40:52 +02:00
* Kubernetes [v1.18.2 ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.18.md#v1182 )
2020-04-11 23:52:30 +02:00
* Choose Fedora CoreOS or Flatcar Linux (**action required**)
* Use a `fedora-coreos` module for Fedora CoreOS
* Use a `container-linux` module for Flatcar Linux
2020-04-19 00:30:28 +02:00
* Change Container Linux modules' defaults from CoreOS Container Linux to [Flatcar Container Linux ](https://typhoon.psdn.io/architecture/operating-systems/ ) ([#702](https://github.com/poseidon/typhoon/pull/702))
2020-04-11 23:52:30 +02:00
* CoreOS Container Linux [won't receive updates ](https://coreos.com/os/eol/ ) after May 2020
2020-04-17 08:40:52 +02:00
### Fedora CoreOS
2020-04-20 01:44:26 +02:00
* Fix bootstrap race condition from SELinux unshared content label ([#708](https://github.com/poseidon/typhoon/pull/708))
2020-04-20 01:14:16 +02:00
2020-04-17 08:40:52 +02:00
#### Azure
* Add support for Fedora CoreOS ([#704](https://github.com/poseidon/typhoon/pull/704))
2020-04-20 01:44:26 +02:00
#### DigitalOcean
* Fix race condition creating firewall allow rules ([#709](https://github.com/poseidon/typhoon/pull/709))
### Flatcar Linux
2020-04-17 08:40:52 +02:00
2020-04-11 23:52:30 +02:00
#### AWS
2020-04-19 00:30:28 +02:00
* Change `os_image` default from `coreos-stable` to `flatcar-stable` ([#702](https://github.com/poseidon/typhoon/pull/702))
2020-04-11 23:52:30 +02:00
#### Azure
2020-04-19 00:30:28 +02:00
* Change `os_image` to be required. Recommend uploading a Flatcar Linux image (**action required**) ([#702](https://github.com/poseidon/typhoon/pull/702))
* Disable Flatcar Linux Azure Marketplace image [support ](https://github.com/poseidon/typhoon/pull/664 ) (**breaking**, [#707 ](https://github.com/poseidon/typhoon/pull/707 ))
* Revert to manual uploading until marketplace issue is closed ([#703](https://github.com/poseidon/typhoon/issues/703))
2020-04-11 23:52:30 +02:00
#### Bare-Metal
2020-04-19 00:30:28 +02:00
* Recommend changing [os_channel ](https://typhoon.psdn.io/cl/bare-metal/#required ) from `coreos-stable` to `flatcar-stable`
2020-04-11 23:52:30 +02:00
#### Google
2020-04-19 00:30:28 +02:00
* Change `os_image` to be required. Recommend uploading a Flatcar Linux image (**action required**) ([#702](https://github.com/poseidon/typhoon/pull/702))
2020-04-11 23:52:30 +02:00
#### DigitalOcean
2020-04-19 00:30:28 +02:00
* Change `os_image` to be required. Recommend uploading a Flatcar Linux image (**action required**) ([#702](https://github.com/poseidon/typhoon/pull/702))
2020-04-20 01:44:26 +02:00
* Fix race condition creating firewall allow rules ([#709](https://github.com/poseidon/typhoon/pull/709))
2020-04-11 23:52:30 +02:00
2020-04-09 04:38:46 +02:00
## v1.18.1
* Kubernetes [v1.18.1 ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.18.md#v1181 )
2020-04-11 22:18:26 +02:00
* Choose Fedora CoreOS or Flatcar Linux (**action recommended**)
* Use a `fedora-coreos` module for Fedora CoreOS
* Use a `container-linux` module with OS set to Flatcar Linux
2020-04-07 06:09:25 +02:00
* Update etcd from v3.4.5 to [v3.4.7 ](https://github.com/etcd-io/etcd/releases/tag/v3.4.7 )
2020-03-27 06:18:38 +01:00
* Change `kube-proxy` and `calico` or `flannel` to tolerate specific taints ([#682](https://github.com/poseidon/typhoon/pull/682))
* Tolerate master and not-ready taints, rather than tolerating all taints
2020-04-01 03:30:10 +02:00
* Update flannel from v0.11.0 to v0.12.0 ([#690](https://github.com/poseidon/typhoon/pull/690))
2020-04-10 08:13:08 +02:00
* Fix bootstrap when `networking` mode `flannel` (non-default) is chosen ([#689](https://github.com/poseidon/typhoon/pull/689))
* Regressed in v1.18.0 changes for Calico ([#675](https://github.com/poseidon/typhoon/pull/675))
2020-04-01 03:30:10 +02:00
* Rename Container Linux `controller_clc_snippets` to `controller_snippets` for consistency ([#688](https://github.com/poseidon/typhoon/pull/688))
2020-03-29 20:46:22 +02:00
* Rename Container Linux `worker_clc_snippets` to `worker_snippets` for consistency
* Rename Container Linux `clc_snippets` (bare-metal) to `snippets` for consistency
2020-04-13 00:49:48 +02:00
* Drop support for [gitRepo ](https://kubernetes.io/docs/concepts/storage/volumes/#gitrepo ) volumes ([kubelet#3](https://github.com/poseidon/kubelet/pull/3))
2020-04-10 08:13:08 +02:00
#### Azure
2020-04-01 05:28:27 +02:00
* Fix Azure worker UDP outbound connections ([#691](https://github.com/poseidon/typhoon/pull/691))
* Fix Azure worker clock sync timeouts
2020-03-27 06:18:38 +01:00
2020-04-10 08:13:08 +02:00
#### DigitalOcean
* Add support for Fedora CoreOS ([#699](https://github.com/poseidon/typhoon/pull/699))
2020-03-31 09:50:16 +02:00
#### Addons
2020-04-04 22:13:19 +02:00
* Refresh Prometheus rules/alerts and Grafana dashboards ([#692](https://github.com/poseidon/typhoon/pull/692))
* Update Grafana from v6.7.1 to v6.7.2
2020-03-31 09:50:16 +02:00
2020-03-26 05:23:18 +01:00
## v1.18.0
2020-03-22 21:47:18 +01:00
* Kubernetes [v1.18.0 ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.18.md#v1180 )
2020-03-19 04:50:41 +01:00
* Update etcd from v3.4.4 to [v3.4.5 ](https://github.com/etcd-io/etcd/releases/tag/v3.4.5 )
2020-03-17 05:21:41 +01:00
* Switch from upstream hyperkube image to individual images ([#669](https://github.com/poseidon/typhoon/pull/669))
2020-03-27 07:37:12 +01:00
* Use upstream k8s.gcr.io `kube-apiserver` , `kube-controller-manager` , `kube-scheduler` , and `kube-proxy` container images
* Use [poseidon/kubelet ](https://github.com/poseidon/kubelet ) to package the upstream Kubelet binary and dependencies as a container image (checksummed, automated build)
* Add [quay.io/poseidon/kubelet ](https://quay.io/repository/poseidon/kubelet ) as a Typhoon distributed artifact in the security policy
* Update base images from debian 9 to debian 10
* Background: Kubernetes will [stop releasing ](https://github.com/kubernetes/kubernetes/pull/88676 ) the hyperkube container image and provide the Kubelet as a binary for packaging
* Choose Fedora CoreOS or Flatcar Linux (**action recommended**)
* Use a `fedora-coreos` module for Fedora CoreOS
* Use a `container-linux` module with OS set for Flatcar Linux (varies, see docs)
* CoreOS Container Linux [won't receive updates ](https://coreos.com/os/eol/ ) after May 2020
2020-03-29 00:11:06 +01:00
* Add support for Fedora CoreOS snippets (`terraform-provider-ct` v0.5+) ([#686](https://github.com/poseidon/typhoon/pull/686))
* Recommend updating `terraform-provider-ct` plugin from v0.4.0 to [v0.5.0 ](https://github.com/poseidon/terraform-provider-ct/releases/tag/v0.5.0 )
2020-03-26 05:23:18 +01:00
* Set Fedora CoreOS log driver back to the default `journald` ([#681](https://github.com/poseidon/typhoon/pull/681))
2020-03-25 07:53:06 +01:00
* Deprecate `asset_dir` variable and remove docs ([#678](https://github.com/poseidon/typhoon/pull/678))
2020-03-27 07:37:12 +01:00
* Deprecate support for [gitRepo ](https://kubernetes.io/docs/concepts/storage/volumes/#gitrepo ) volumes. A future release will drop support.
2020-03-19 04:50:41 +01:00
2020-03-28 20:49:03 +01:00
#### AWS
* Fix Fedora CoreOS AMI to filter for stable images ([#685](https://github.com/poseidon/typhoon/pull/685))
* Latest Fedora CoreOS `testing` or `bodhi-update` images could be chosen depending on the region
2020-03-29 00:11:06 +01:00
#### Bare-Metal
2020-03-29 20:46:22 +02:00
* Update Fedora CoreOS default `os_stream` from testing to stable
2020-03-29 00:11:06 +01:00
2020-03-29 01:49:17 +01:00
#### Google Cloud
* Known: Use of stale Fedora CoreOS image may require terraform re-apply during bootstrap ([#687](https://github.com/poseidon/typhoon/pull/687))
2020-03-25 07:45:31 +01:00
#### DigitalOcean
* Rename `image` variable to `os_image` for consistency ([#677](https://github.com/poseidon/typhoon/pull/677)) (action required)
2020-03-20 06:38:05 +01:00
#### Addons
2020-03-27 06:17:13 +01:00
* Update Prometheus from v2.16.0 to [v2.17.1 ](https://github.com/prometheus/prometheus/releases/tag/v2.17.1 )
2020-03-20 06:58:59 +01:00
* Update Grafana from v6.6.2 to [v6.7.1 ](https://github.com/grafana/grafana/releases/tag/v6.7.1 )
2020-03-20 06:38:05 +01:00
2020-03-19 04:50:41 +01:00
## v1.17.4
2020-03-22 21:47:18 +01:00
* Kubernetes [v1.17.4 ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.17.md#v1174 )
2020-02-26 08:36:33 +01:00
* Update etcd from v3.4.3 to [v3.4.4 ](https://github.com/etcd-io/etcd/releases/tag/v3.4.4 )
2020-03-02 17:11:15 +01:00
* On Container Linux, fetch using the docker transport format ([#659](https://github.com/poseidon/typhoon/pull/659))
2020-02-19 06:45:14 +01:00
* Update CoreDNS from v1.6.6 to v1.6.7 ([#648](https://github.com/poseidon/typhoon/pull/648))
2020-03-13 06:59:44 +01:00
* Update Calico from v3.12.0 to [v3.13.1 ](https://docs.projectcalico.org/v3.13/release-notes/ )
2020-02-19 06:45:14 +01:00
2020-02-23 00:01:57 +01:00
#### AWS
2020-03-17 06:10:34 +01:00
* Promote Fedora CoreOS to stable ([#668](https://github.com/poseidon/typhoon/pull/668))
2020-02-26 08:12:19 +01:00
* Allow VPC route table extension via reference ([#654](https://github.com/poseidon/typhoon/pull/654))
2020-03-01 05:12:06 +01:00
* Fix `worker_node_labels` on Fedora CoreOS ([#651](https://github.com/poseidon/typhoon/pull/651))
* Fix automatic worker node delete on shutdown on Fedora CoreOS ([#657](https://github.com/poseidon/typhoon/pull/657))
2020-02-23 00:01:57 +01:00
2020-03-08 03:40:39 +01:00
#### Azure
* Upgrade to `terraform-provider-azurerm` [v2.0+ ](https://www.terraform.io/docs/providers/azurerm/guides/2.0-upgrade-guide.html ) (action required)
2020-03-09 04:39:18 +01:00
* Change `worker_priority` from `Low` to `Spot` if used (action required)
2020-03-08 03:40:39 +01:00
* Switch to Azure's new Linux VM and Linux VM Scale Set resources
* Set controller's Azure disk caching to None
* Associate subnets (in addition to NICs) with security groups (aesthetic)
2020-03-11 07:55:23 +01:00
* Add support for Flatcar Container Linux ([#664](https://github.com/poseidon/typhoon/pull/664))
* Requires accepting Flatcar Linux Azure Marketplace terms
2020-03-08 03:40:39 +01:00
2020-03-09 04:39:18 +01:00
#### Bare-Metal
* Add `worker_node_labels` map variable for per-worker node labels ([#663](https://github.com/poseidon/typhoon/pull/663))
* Add `worker_node_taints` map variable for per-worker node taints ([#663](https://github.com/poseidon/typhoon/pull/663))
2020-03-13 07:02:06 +01:00
#### DigitalOcean
* Add support for Flatcar Container Linux ([#644](https://github.com/poseidon/typhoon/pull/644))
2020-02-23 00:01:57 +01:00
#### Google Cloud
2020-03-17 06:10:34 +01:00
* Promote Fedora CoreOS to beta ([#668](https://github.com/poseidon/typhoon/pull/668))
2020-03-01 05:12:06 +01:00
* Fix `worker_node_labels` on Fedora CoreOS ([#651](https://github.com/poseidon/typhoon/pull/651))
* Fix automatic worker node delete on shutdown on Fedora CoreOS ([#657](https://github.com/poseidon/typhoon/pull/657))
2020-02-23 00:01:57 +01:00
2020-02-14 21:10:56 +01:00
#### Addons
2020-02-26 07:11:59 +01:00
* Update nginx-ingress from v0.28.0 to [v0.30.0 ](https://github.com/kubernetes/ingress-nginx/releases/tag/nginx-0.30.0 )
2020-02-14 21:10:56 +01:00
* Update Prometheus from v2.15.2 to [v2.16.0 ](https://github.com/prometheus/prometheus/releases/tag/v2.16.0 )
2020-03-02 08:20:33 +01:00
* Refresh Prometheus rules and alerts
* Add a BlackboxProbeFailure alert
2020-02-23 00:21:10 +01:00
* Update kube-state-metrics from v1.9.4 to v1.9.5
2020-02-26 07:26:24 +01:00
* Update node-exporter from v0.18.1 to [v1.0.0-rc.0 ](https://github.com/prometheus/node_exporter/releases/tag/v1.0.0-rc.0 )
2020-02-23 00:19:24 +01:00
* Update Grafana from v6.6.1 to v6.6.2
2020-03-02 08:20:33 +01:00
* Refresh Grafana dashboards
2020-03-17 06:10:34 +01:00
* Remove Container Linux Update Operator (CLUO) addon example ([#667](https://github.com/poseidon/typhoon/pull/667))
* CLUO hasn't been in active use in our clusters and won't be relevant
beyond Container Linux. Requires patches for use on Kubernetes v1.16+
2020-02-14 21:10:56 +01:00
2020-02-14 21:05:51 +01:00
## v1.17.3
2020-02-12 05:22:14 +01:00
* Kubernetes [v1.17.3 ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.17.md#v1173 )
2020-02-06 09:29:41 +01:00
* Update Calico from v3.11.2 to v3.12.0
2020-02-12 06:13:58 +01:00
* Allow Fedora CoreOS clusters to pass CNCF conformance suite
* Set Docker log driver to `json-file` as a workaround
2020-02-14 21:05:51 +01:00
* Try Fedora CoreOS or Flatcar Linux alongside CoreOS [Container Linux ](https://coreos.com/os/eol/ ) clusters (recommended)
2020-02-06 09:29:41 +01:00
2020-02-13 23:25:22 +01:00
#### AWS
2020-02-14 21:05:51 +01:00
* Promote Fedora CoreOS to beta ([#645](https://github.com/poseidon/typhoon/pull/645))
2020-02-13 23:25:22 +01:00
2020-02-12 04:54:10 +01:00
#### Bare-Metal
2020-02-14 21:05:51 +01:00
* Promote Fedora CoreOS to beta ([#645](https://github.com/poseidon/typhoon/pull/645))
2020-02-12 04:54:10 +01:00
* Add Fedora CoreOS kernel arguments initrd and console ([#640](https://github.com/poseidon/typhoon/pull/640))
2020-02-02 00:10:40 +01:00
#### Google Cloud
2020-02-13 23:18:41 +01:00
* Add Terraform module for Fedora CoreOS ([#632](https://github.com/poseidon/typhoon/pull/632))
* Add support for Flatcar Container Linux ([#639](https://github.com/poseidon/typhoon/pull/639))
2020-02-02 00:10:40 +01:00
2020-01-28 05:46:32 +01:00
#### Addons
2020-01-31 03:00:23 +01:00
* Update nginx-ingress from v0.27.1 to v0.28.0
2020-02-05 06:32:53 +01:00
* Update kube-state-metrics from v1.9.3 to v1.9.4
2020-02-08 23:50:33 +01:00
* Update Grafana from v6.5.3 to v6.6.1
2020-02-05 06:32:53 +01:00
2020-01-22 03:27:39 +01:00
## v1.17.2
* Kubernetes [v1.17.2 ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.17.md#v1172 )
2020-01-23 10:09:09 +01:00
#### AWS
* Promote Fedora CoreOS from preview to alpha
2020-01-14 09:49:34 +01:00
#### Bare-Metal
2020-01-23 10:09:09 +01:00
* Promote Fedora CoreOS from preview to alpha
2020-01-14 09:49:34 +01:00
* Update Fedora CoreOS images location
* Use Fedora CoreOS production [download ](https://getfedora.org/coreos/download/ ) streams
* Use live PXE kernel and initramfs images
2020-01-21 00:06:26 +01:00
#### Addons
2020-01-23 09:03:16 +01:00
* Update nginx-ingress from v0.26.1 to [v0.27.1 ](https://github.com/kubernetes/ingress-nginx/releases/tag/nginx-0.27.1 ) ([#625](https://github.com/poseidon/typhoon/pull/625))
2020-01-21 00:06:26 +01:00
* Change runAsUser from 33 to 101 for alpine-based image
2020-01-23 09:03:16 +01:00
* Update kube-state-metrics from v1.9.2 to v1.9.3
2020-01-21 00:06:26 +01:00
2020-01-14 09:49:34 +01:00
## v1.17.1
2020-01-18 22:45:24 +01:00
* Kubernetes [v1.17.1 ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.17.md#v1171 )
2019-12-22 16:40:56 +01:00
* Update CoreDNS from v1.6.5 to [v1.6.6 ](https://coredns.io/2019/12/11/coredns-1.6.6-release/ ) ([#602](https://github.com/poseidon/typhoon/pull/602))
2020-01-18 22:45:24 +01:00
* Update Calico from v3.10.2 to v3.11.2 ([#604](https://github.com/poseidon/typhoon/pull/604))
Inline Container Linux kubelet.service, deprecate kubelet-wrapper
* Change kubelet.service on Container Linux nodes to ExecStart Kubelet
inline to replace the use of the host OS kubelet-wrapper script
* Express rkt run flags and volume mounts in a clear, uniform way to
make the Kubelet service easier to audit, manage, and understand
* Eliminate reliance on a Container Linux kubelet-wrapper script
* Typhoon for Fedora CoreOS developed a kubelet.service that similarly
uses an inline ExecStart (except with podman instead of rkt) and a
more minimal set of volume mounts. Adopt the volume improvements:
* Change Kubelet /etc/kubernetes volume to read-only
* Change Kubelet /etc/resolv.conf volume to read-only
* Remove unneeded /var/lib/cni volume mount
Background:
* kubelet-wrapper was added in CoreOS around the time of Kubernetes v1.0
to simplify running a CoreOS-built hyperkube ACI image via rkt-fly. The
script defaults are no longer ideal (e.g. rkt's notion of trust dates
back to quay.io ACI image serving and signing, which informed the OCI
standard images we use today, though they still lack rkt's signing ideas).
* Shipping kubelet-wrapper was regretted at CoreOS, but remains in the
distro for compatibility. The script is not updated to track hyperkube
changes, but it is stable and kubelet.env overrides bridge most gaps
* Typhoon Container Linux nodes have used kubelet-wrapper to rkt/rkt-fly
run the Kubelet via the official k8s.gcr.io hyperkube image using overrides
(new image registry, new image format, restart handling, new mounts, new
entrypoint in v1.17).
* Observation: Most of what it takes to run a Kubelet container is defined
in Typhoon, not in kubelet-wrapper. The wrapper's value is now undermined
by having to workaround its dated defaults. Typhoon may be better served
defining Kubelet.service explicitly
* Typhoon for Fedora CoreOS developed a kubelet.service without the use
of a host OS kubelet-wrapper which is both clearer and eliminated some
volume mounts
2019-12-29 20:17:26 +01:00
* Inline Kubelet service on Container Linux nodes ([#606](https://github.com/poseidon/typhoon/pull/606))
2019-12-29 20:20:59 +01:00
* Disable unused Kubelet `127.0.0.1:10248` healthz listener ([#607](https://github.com/poseidon/typhoon/pull/607))
2019-12-29 21:21:49 +01:00
* Enable kube-proxy metrics and allow Prometheus scrapes
* Allow TCP/10249 traffic with worker node sources
2019-12-22 16:40:56 +01:00
2020-01-14 09:49:34 +01:00
#### AWS
* Update Fedora CoreOS AMI filter for fedora-coreos-31 ([#620](https://github.com/poseidon/typhoon/pull/620))
2020-01-11 22:58:23 +01:00
#### Google
* Allow `terraform-provider-google` v3.0+ ([#617](https://github.com/poseidon/typhoon/pull/617))
* Only enforce `v2.19+` to ease migration, as no v3.x features are used
2019-12-15 00:25:48 +01:00
#### Addons
2020-01-07 07:08:02 +01:00
* Update Prometheus from v2.14.0 to [v2.15.2 ](https://github.com/prometheus/prometheus/releases/tag/v2.15.2 )
2019-12-29 21:21:49 +01:00
* Add discovery for kube-proxy service endpoints
2020-01-19 00:32:10 +01:00
* Update kube-state-metrics from v1.8.0 to v1.9.2
2020-01-07 06:14:03 +01:00
* Reduce node-exporter DaemonSet tolerations ([#614](https://github.com/poseidon/typhoon/pull/614))
2020-01-19 00:30:09 +01:00
* Update Grafana from v6.5.1 to v6.5.3
2019-12-15 00:25:48 +01:00
2019-12-11 07:56:50 +01:00
## v1.17.0
2019-12-10 03:31:58 +01:00
* Kubernetes [v1.17.0 ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.17.md#v1170 )
2019-12-06 07:56:42 +01:00
* Manage clusters without using a local `asset_dir` ([#595](https://github.com/poseidon/typhoon/pull/595))
2019-12-11 07:56:50 +01:00
* Change `asset_dir` to be optional. Remove the variable to skip writing assets locally (**action recommended**)
* Allow keeping cluster assets only in Terraform state ([pluggable](https://www.terraform.io/docs/backends/types/remote.html), encryption) and allow `terraform apply` from stateless automation systems
2019-12-10 06:03:00 +01:00
* Improve asset unpacking on controllers
* Obtain kubeconfig from Terraform module outputs
2019-12-09 07:54:31 +01:00
* Replace usage of `template_dir` with `templatefile` function ([#587](https://github.com/poseidon/typhoon/pull/587))
2019-12-11 07:56:50 +01:00
* Require Terraform version v0.12.6+ (**action required**)
2019-11-14 01:42:17 +01:00
* Update CoreDNS from v1.6.2 to v1.6.5 ([#588](https://github.com/poseidon/typhoon/pull/588))
* Add health `lameduck` option to wait before shutdown
2019-12-11 07:56:50 +01:00
* Update Calico from v3.10.1 to v3.10.2 ([#599](https://github.com/poseidon/typhoon/pull/599))
2019-12-09 07:54:31 +01:00
* Reduce pod eviction timeout for deleting pods on unready nodes from 5m to 1m ([#597](https://github.com/poseidon/typhoon/pull/597))
* Present since [v1.13.3 ](#v1133 ), but mistakenly removed in v1.16.0
2019-12-06 07:56:42 +01:00
* Add CPU requests for control plane static pods ([#589](https://github.com/poseidon/typhoon/pull/589))
2019-11-14 02:13:36 +01:00
* May provide slight edge case benefits and aligns with upstream
2019-11-13 23:09:34 +01:00
2019-11-14 02:31:11 +01:00
#### Google
* Use new `google_compute_region_instance_group_manager` version block format
* Fixes warning that `instance_template` is deprecated
2019-12-11 07:56:50 +01:00
* Require `terraform-provider-google` v2.19.0+ (**action required**)
2019-11-14 02:31:11 +01:00
2019-11-14 08:39:19 +01:00
#### Addons
2019-11-28 23:11:25 +01:00
* Update Grafana from v6.4.4 to [v6.5.1 ](https://grafana.com/docs/guides/whats-new-in-v6-5/ )
2019-11-26 07:21:24 +01:00
* Add pod networking details in dashboards ([#593](https://github.com/poseidon/typhoon/pull/593))
2019-11-14 08:39:19 +01:00
* Add node alerts and Grafana dashboard from node-exporter ([#591](https://github.com/poseidon/typhoon/pull/591))
2019-12-11 07:56:50 +01:00
* Reduce Prometheus high cardinality time series ([#596](https://github.com/poseidon/typhoon/pull/596))
2019-11-14 08:39:19 +01:00
2019-11-13 22:05:15 +01:00
## v1.16.3
* Kubernetes [v1.16.3 ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.16.md#v1163 )
2019-11-07 20:12:44 +01:00
* Update etcd from v3.4.2 to v3.4.3 ([#582](https://github.com/poseidon/typhoon/pull/582))
2019-11-07 20:09:59 +01:00
* Upgrade Calico from v3.9.2 to [v3.10.1 ](https://docs.projectcalico.org/v3.10/release-notes/ )
2019-10-27 08:49:46 +01:00
* Allow advertising service ClusterIPs to peer routers via a [BGPConfiguration ](https://docs.projectcalico.org/v3.10/networking/advertise-service-ips )
2019-10-16 08:31:57 +02:00
* Switch `kube-proxy` from iptables to ipvs mode ([#574](https://github.com/poseidon/typhoon/pull/574))
2019-10-18 09:08:39 +02:00
#### Addons
2019-11-13 22:41:11 +01:00
* Update Prometheus from v2.13.0 to [v2.14.0 ](https://github.com/prometheus/prometheus/releases/tag/v2.14.0 )
2019-10-20 02:43:47 +02:00
* Refresh rules, alerts, and dashboards from upstreams
2019-10-20 03:23:26 +02:00
* Remove addon-resizer from kube-state-metrics ([#575](https://github.com/poseidon/typhoon/pull/575))
2019-11-07 21:00:25 +01:00
* Update Grafana from v6.4.2 to v6.4.4
2019-10-18 09:08:39 +02:00
## v1.16.2
2019-10-16 07:42:52 +02:00
* Kubernetes [v1.16.2 ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.16.md#v1162 )
* Update etcd from v3.4.1 to v3.4.2 ([#570](https://github.com/poseidon/typhoon/pull/570))
* Update Calico from v3.9.1 to [v3.9.2 ](https://docs.projectcalico.org/v3.9/release-notes/ )
2019-10-16 08:09:41 +02:00
* Default to using Calico and supporting NetworkPolicy on all platforms
#### Azure
* Change default networking provider from "flannel" to "calico" ([#573](https://github.com/poseidon/typhoon/pull/573))
2019-10-15 09:06:15 +02:00
2019-10-06 21:57:15 +02:00
#### Bare-Metal
* Add `controllers` and `workers` as typed lists of machine detail objects ([#566](https://github.com/poseidon/typhoon/pull/566))
* Define clusters' machines cleanly and with Terraform v0.12 type constraints (**action required**, see PR example)
2019-10-16 08:25:45 +02:00
* Remove `controller_names` , `controller_macs` , and `controller_domains` variables
* Remove `worker_names` , `worker_macs` , and `worker_domains` variables
2019-10-06 21:57:15 +02:00
2019-10-16 08:09:41 +02:00
#### DigitalOcean
* Change default networking provider from "flannel" to "calico" ([#573](https://github.com/poseidon/typhoon/pull/573))
2019-10-16 07:58:43 +02:00
#### Addons
* Update Grafana from v6.4.1 to [v6.4.2 ](https://github.com/grafana/grafana/releases/tag/v6.4.2 )
2019-10-16 08:25:45 +02:00
* Change CLUO label from "app" to "name"
2019-10-16 07:58:43 +02:00
2019-10-07 03:30:07 +02:00
## v1.16.1
2019-05-28 06:43:08 +02:00
2019-10-03 06:31:55 +02:00
* Kubernetes [v1.16.1 ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.16.md#v1161 )
2019-10-15 09:06:15 +02:00
* Update etcd from v3.4.0 to [v3.4.1 ](https://github.com/etcd-io/etcd/releases/tag/v3.4.1 )
2019-09-29 20:22:53 +02:00
* Update Calico from v3.8.2 to [v3.9.1 ](https://docs.projectcalico.org/v3.9/release-notes/ )
2019-10-06 20:53:49 +02:00
* Add Terraform v0.12 variables types ([#553](https://github.com/poseidon/typhoon/pull/553), [#557 ](https://github.com/poseidon/typhoon/pull/557 ), [#560 ](https://github.com/poseidon/typhoon/pull/560 ), [#556 ](https://github.com/poseidon/typhoon/pull/556 ), [#562 ](https://github.com/poseidon/typhoon/pull/562 ))
* Deprecate `cluster_domain_suffix` variable
2019-09-29 00:09:57 +02:00
2019-09-29 00:01:14 +02:00
#### AWS
2019-10-07 03:30:07 +02:00
* Add `worker_node_labels` variable to set initial worker node labels ([#550](https://github.com/poseidon/typhoon/pull/550))
* Add `node_labels` variable to internal `workers` pool module ([#550](https://github.com/poseidon/typhoon/pull/550))
2019-10-07 03:05:47 +02:00
* For Fedora CoreOS, detect most recent AMI in the region
2019-09-29 00:01:14 +02:00
#### Azure
2019-10-06 20:53:49 +02:00
* Promote `networking` provider Calico VXLAN out of experimental (set `networking = "calico"` )
2019-10-07 03:30:07 +02:00
* Add `worker_node_labels` variable to set initial worker node labels ([#550](https://github.com/poseidon/typhoon/pull/550))
* Add `node_labels` variable to internal `workers` pool module ([#550](https://github.com/poseidon/typhoon/pull/550))
2019-10-06 20:53:49 +02:00
* Change `workers` module default `vm_type` to `Standard_DS1_v2` (followup to [#539 ](https://github.com/poseidon/typhoon/pull/539 ))
2019-09-29 00:01:14 +02:00
2019-09-23 19:56:22 +02:00
#### Bare-Metal
2019-10-07 03:30:07 +02:00
* For Fedora CoreOS, use new kernel, initrd, and raw paths ([#563](https://github.com/poseidon/typhoon/pull/563))
2019-09-23 19:56:22 +02:00
* Fix Terraform missing comma error ([#549](https://github.com/poseidon/typhoon/pull/549))
2019-10-06 20:53:49 +02:00
* Remove deprecated `container_linux_oem` variable ([#562](https://github.com/poseidon/typhoon/pull/562))
2019-09-23 19:56:22 +02:00
#### DigitalOcean
2019-10-06 20:53:49 +02:00
* Promote `networking` provider Calico VXLAN out of experimental (set `networking = "calico"` )
2019-09-23 19:56:22 +02:00
* Fix Terraform missing comma error ([#549](https://github.com/poseidon/typhoon/pull/549))
2019-09-29 00:09:57 +02:00
#### Google Cloud
2019-10-07 03:30:07 +02:00
* Add `worker_node_labels` variable to set initial worker node labels ([#550](https://github.com/poseidon/typhoon/pull/550))
2019-09-29 00:09:57 +02:00
* Add `node_labels` variable to internal `workers` module ([#550](https://github.com/poseidon/typhoon/pull/550))
2019-09-29 00:13:46 +02:00
#### Addons
2019-10-07 03:22:20 +02:00
* Update Prometheus from v2.12.0 to [v2.13.0 ](https://github.com/prometheus/prometheus/releases/tag/v2.13.0 )
* Fix Prometheus etcd target discovery and scraping ([#561](https://github.com/poseidon/typhoon/pull/561), regressed with Kubernetes v1.16.0)
2019-10-02 05:50:33 +02:00
* Update kube-state-metrics from v1.7.2 to v1.8.0
2019-10-01 07:18:15 +02:00
* Update nginx-ingress from v0.25.1 to [v0.26.1 ](https://github.com/kubernetes/ingress-nginx/releases/tag/nginx-0.26.1 ) ([#555](https://github.com/poseidon/typhoon/pull/555))
2019-09-29 20:56:31 +02:00
* Add lifecycle hook to allow draining for up to 5 minutes
2019-10-02 05:51:58 +02:00
* Update Grafana from v6.3.5 to [v6.4.1 ](https://github.com/grafana/grafana/releases/tag/v6.4.1 )
2019-09-29 00:09:57 +02:00
2019-09-18 06:24:30 +02:00
## v1.16.0
* Kubernetes [v1.16.0 ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.16.md#v1160 ) ([#543](https://github.com/poseidon/typhoon/pull/543))
* Read about several Kubernetes API [deprecations ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.16.md#deprecations-and-removals )!
2019-09-23 02:37:23 +02:00
* Remove legacy node role labels (no longer shown in `kubectl get nodes` )
* Rename node labels to `node.kubernetes.io/master` and `node.kubernetes.io/node` (migratory)
2019-09-07 22:38:51 +02:00
* Migrate control plane from self-hosted to static pods ([#536](https://github.com/poseidon/typhoon/pull/536))
* Run `kube-apiserver` , `kube-scheduler` , and `kube-controller-manager` as static pods on each controller
* `kubectl` edits to `kube-apiserver` , `kube-scheduler` , and `kube-controller-manager` are no longer possible (change)
2019-09-18 06:24:30 +02:00
* Remove bootkube, self-hosted pivot, and `pod-checkpointer`
2019-09-01 00:24:10 +02:00
* Update CoreDNS from v1.5.0 to v1.6.2 ([#535](https://github.com/poseidon/typhoon/pull/535))
2019-09-08 21:57:40 +02:00
* Update etcd from v3.3.15 to [v3.4.0 ](https://github.com/etcd-io/etcd/releases/tag/v3.4.0 )
2019-09-01 01:07:22 +02:00
* Recommend updating `terraform-provider-ct` plugin from v0.3.2 to [v0.4.0 ](https://github.com/poseidon/terraform-provider-ct/releases/tag/v0.4.0 )
2019-09-01 00:24:10 +02:00
2019-09-10 07:24:10 +02:00
#### Azure
* Change default `controller_type` to `Standard_B2s` ([#539](https://github.com/poseidon/typhoon/pull/539))
* `B2s` is cheaper by $17/month and provides 2 vCPU, 4GB RAM
* Change default `worker_type` to `Standard_DS1_v2` ([#539](https://github.com/poseidon/typhoon/pull/539))
* `F1` is previous generation. `DS1_v2` is newer, similar cost, and supports Low Priority mode
2019-09-01 00:59:13 +02:00
#### Addons
2019-09-07 23:21:59 +02:00
* Update Grafana from v6.3.3 to v6.3.5
2019-09-01 00:59:13 +02:00
2019-08-19 23:49:24 +02:00
## v1.15.3
* Kubernetes [v1.15.3 ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.15.md#v1153 )
2019-08-19 23:55:06 +02:00
* Update etcd from v3.3.13 to [v3.3.15 ](https://github.com/etcd-io/etcd/releases/tag/v3.3.15 )
2019-08-19 23:49:24 +02:00
* Update Calico from v3.8.1 to [v3.8.2 ](https://docs.projectcalico.org/v3.8/release-notes/ )
2019-08-17 00:38:23 +02:00
2019-08-08 05:56:55 +02:00
#### AWS
* Enable root block device encryption by default ([#527](https://github.com/poseidon/typhoon/pull/527))
* Require `terraform-provider-aws` v2.23+ (**action required**)
2019-08-08 04:57:38 +02:00
#### Addons
2019-08-19 05:59:44 +02:00
* Update Prometheus from v2.11.0 to [v2.12.0 ](https://github.com/prometheus/prometheus/releases/tag/v2.12.0 )
2019-08-15 06:17:02 +02:00
* Update kube-state-metrics from v1.7.1 to v1.7.2
2019-08-16 23:40:47 +02:00
* Update Grafana from v6.2.5 to v6.3.3
2019-08-19 23:49:24 +02:00
* Use stable IDs for etcd, CoreDNS, and Nginx Ingress dashboards ([#530](https://github.com/poseidon/typhoon/pull/530))
2019-08-15 06:08:31 +02:00
* Update nginx-ingress from v0.25.0 to [v0.25.1 ](https://github.com/kubernetes/ingress-nginx/releases/tag/nginx-0.25.1 )
* Fix Nginx security advisories
2019-08-08 04:57:38 +02:00
2019-08-06 18:01:22 +02:00
## v1.15.2
2019-08-05 17:47:39 +02:00
* Kubernetes [v1.15.2 ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.15.md#v1152 )
2019-07-28 00:31:13 +02:00
* Update Calico from v3.8.0 to [v3.8.1 ](https://docs.projectcalico.org/v3.8/release-notes/ )
2019-08-06 07:45:47 +02:00
* Publish new load balancing, TCP/UDP, and firewall [docs ](https://typhoon.psdn.io/architecture/aws/ ) ([#523](https://github.com/poseidon/typhoon/pull/523))
#### Addons
* Add new Grafana dashboards for CoreDNS and Nginx Ingress Controller ([#525](https://github.com/poseidon/typhoon/pull/525))
2019-07-28 00:31:13 +02:00
2019-07-21 20:58:56 +02:00
## v1.15.1
2019-07-19 10:15:15 +02:00
* Kubernetes [v1.15.1 ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.15.md#v1151 )
2019-07-12 06:00:03 +02:00
* Upgrade Calico from v3.7.3 to [v3.8.0 ](https://docs.projectcalico.org/v3.8/release-notes/ )
* Enable CNI `bandwidth` plugin for [traffic shaping ](https://kubernetes.io/docs/concepts/extend-kubernetes/compute-storage-net/network-plugins/#support-traffic-shaping )
2019-07-06 22:11:37 +02:00
* Run `kube-apiserver` with lower privilege user (nobody) ([#506](https://github.com/poseidon/typhoon/pull/506))
2019-07-17 07:04:00 +02:00
* Relax `terraform-provider-ct` version constraint (v0.3.2+)
* Allow provider versions below v1.0.0 (e.g. upgrading to v0.4)
2019-07-03 05:18:02 +02:00
2019-07-21 19:32:58 +02:00
#### Azure
* Fix to add all controller nodes to the apiserver load balancer backend address pool ([#518](https://github.com/poseidon/typhoon/pull/518))
* kube-apiserver availability relied on the 0th controller
2019-07-06 04:21:05 +02:00
#### Google Cloud
* Allow controller nodes to span more than 3 zones if available in a region ([#504](https://github.com/poseidon/typhoon/pull/504))
* Eliminate extraneous controller instance groups in single-controller clusters ([#504](https://github.com/poseidon/typhoon/pull/504))
2019-07-06 04:48:49 +02:00
* Raise network deletion timeout from 4m to 6m ([#505](https://github.com/poseidon/typhoon/pull/505))
2019-07-06 04:21:05 +02:00
2019-06-29 22:17:27 +02:00
#### Addons
2019-07-10 05:54:57 +02:00
* Update Prometheus from v2.10.0 to v2.11.0
2019-07-21 20:02:18 +02:00
* Refresh rules, alerts, and dashboards from upstreams
2019-07-21 05:17:08 +02:00
* Update kube-state-metrics from v1.6.0 to v1.7.1
2019-06-29 22:17:27 +02:00
* Update Grafana from v6.2.4 to v6.2.5
2019-07-09 07:04:50 +02:00
* Update nginx-ingress from v0.24.1 to v0.25.0
* Support `networking.k8s.io/v1beta1` apiVersion
2019-06-29 22:17:27 +02:00
2019-06-20 06:29:43 +02:00
## v1.15.0
* Kubernetes [v1.15.0 ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.15.md#v1150 )
2019-05-28 06:43:08 +02:00
* Migrate from Terraform v0.11 to v0.12.x (**action required!**)
2019-05-31 09:27:25 +02:00
* [Migration ](https://typhoon.psdn.io/topics/maintenance/#terraform-v012x ) instructions for Terraform v0.12
* Require `terraform-provider-ct` v0.3.2+ to support Terraform v0.12 (action required)
2019-06-14 08:54:20 +02:00
* Update Calico from v3.7.2 to [v3.7.3 ](https://docs.projectcalico.org/v3.7/release-notes/ )
2019-06-23 22:38:49 +02:00
* Remove Fedora Atomic modules (deprecated in March) ([#501](https://github.com/poseidon/typhoon/pull/501))
2019-05-29 04:19:23 +02:00
#### AWS
* Require `terraform-provider-aws` v2.7+ to support Terraform v0.12 (action required)
2019-06-12 07:13:41 +02:00
* Allow using Flatcar Linux Edge by setting `os_image` to "flatcar-edge"
2019-05-28 06:43:08 +02:00
#### Azure
2019-05-29 04:19:23 +02:00
* Require `terraform-provider-azurerm` v1.27+ to support Terraform v0.12 (action required)
2019-05-28 07:55:16 +02:00
* Avoid unneeded rotations of Regular priority virtual machine scale sets
* Azure only allows `eviction_policy` to be set for Low priority VMs. Supporting Low priority VMs meant when Regular VMs were used, each `terraform apply` rolled workers, to set eviction_policy to null.
2020-01-14 09:49:34 +01:00
* Terraform v0.12 nullable variables fix the issue so plan does not produce a diff.
2019-05-29 04:19:23 +02:00
#### Bare-Metal
* Require `terraform-provider-matchbox` v0.3.0+ to support Terraform v0.12 (action required)
2019-06-12 07:13:41 +02:00
* Allow using Flatcar Linux Edge by setting `os_channel` to "flatcar-edge"
2019-05-28 06:43:08 +02:00
2019-05-28 00:37:36 +02:00
#### DigitalOcean
2019-05-29 04:19:23 +02:00
* Require `terraform-provider-digitalocean` v1.3+ to support Terraform v0.12 (action required)
2019-06-01 22:49:56 +02:00
* Change the default `worker_type` from `s-1vcpu1-1gb` to `s-1vcpu-2gb`
2019-05-28 00:37:36 +02:00
2019-05-28 06:43:08 +02:00
#### Google Cloud
2019-05-29 04:19:23 +02:00
* Require `terraform-provider-google` v2.5+ to support Terraform v0.12 (action required)
2019-05-28 06:43:08 +02:00
2019-06-07 09:07:54 +02:00
#### Addons
2019-06-20 06:51:54 +02:00
* Update Grafana from v6.2.1 to v6.2.4
2019-06-07 11:08:28 +02:00
* Update node-exporter from v0.18.0 to v0.18.1
2019-06-07 09:07:54 +02:00
2019-05-28 06:43:08 +02:00
## v1.14.3
2019-05-20 18:29:56 +02:00
2019-05-31 10:08:32 +02:00
* Kubernetes [v1.14.3 ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.14.md#v1143 )
2019-05-27 09:11:52 +02:00
* Update CoreDNS from v1.3.1 to v1.5.0
* Add `ready` plugin to improve readinessProbe
2019-05-22 18:24:42 +02:00
* Fix trailing slash in terraform-render-bootkube version ([#479](https://github.com/poseidon/typhoon/pull/479))
2019-05-31 09:45:16 +02:00
* Recommend updating `terraform-provider-ct` plugin from v0.3.1 to [v0.3.2 ](https://github.com/poseidon/terraform-provider-ct/releases/tag/v0.3.2 ) ([#487](https://github.com/poseidon/typhoon/pull/487))
2019-05-22 18:24:42 +02:00
2019-05-28 06:43:08 +02:00
#### AWS
2019-05-28 01:33:21 +02:00
* Rename `worker` pool module `count` variable to `worker_count` ([#485](https://github.com/poseidon/typhoon/pull/485)) (action required)
* `count` will become a reserved variable name in Terraform v0.12
2019-05-27 08:14:50 +02:00
#### Azure
* Replace `azurerm_autoscale_setting` with `azurerm_monitor_autoscale_setting` ([#482](https://github.com/poseidon/typhoon/pull/482))
2019-05-28 01:33:21 +02:00
* Rename `worker` pool module `count` variable to `worker_count` ([#485](https://github.com/poseidon/typhoon/pull/485)) (action required)
* `count` will become a reserved variable name in Terraform v0.12
2019-05-31 09:45:16 +02:00
#### Bare-Metal
* Recommend updating `terraform-provider-matchbox` plugin from v0.2.3 to [v0.3.0 ](https://github.com/poseidon/terraform-provider-matchbox/releases/tag/v0.3.0 ) ([#487](https://github.com/poseidon/typhoon/pull/487))
#### Google Cloud
2019-05-28 01:33:21 +02:00
* Rename `worker` pool module `count` variable to `worker_count` ([#485](https://github.com/poseidon/typhoon/pull/485)) (action required)
2019-05-28 06:14:25 +02:00
* `count` is a reserved variable in Terraform v0.12
2019-05-27 08:14:50 +02:00
2019-05-27 06:58:28 +02:00
#### Addons
* Update Prometheus from v2.9.2 to v2.10.0
2019-05-27 21:25:00 +02:00
* Update Grafana from v6.1.6 to v6.2.1
2019-05-27 06:58:28 +02:00
2019-05-20 18:29:56 +02:00
## v1.14.2
2020-01-14 09:49:34 +01:00
2019-05-17 13:09:15 +02:00
* Kubernetes [v1.14.2 ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.14.md#v1142 )
2019-05-04 20:42:51 +02:00
* Update etcd from v3.3.12 to [v3.3.13 ](https://github.com/etcd-io/etcd/releases/tag/v3.3.13 )
2019-05-17 12:29:46 +02:00
* Upgrade Calico from v3.6.1 to [v3.7.2 ](https://docs.projectcalico.org/v3.7/release-notes/ )
2019-05-06 09:38:23 +02:00
* Change flannel VXLAN port from 8472 (kernel default) to 4789 (IANA VXLAN)
2019-05-07 06:56:38 +02:00
#### AWS
2019-05-06 09:38:23 +02:00
* Only set internal VXLAN rules when `networking` is "flannel" (default: calico)
#### Azure
* Allow choosing Calico as the network provider (experimental) ([#472](https://github.com/poseidon/typhoon/pull/472))
* Add a `networking` variable accepting "flannel" (default) or "calico"
* Use VXLAN encapsulation since Azure doesn't support IPIP
2018-08-13 01:44:13 +02:00
2019-05-17 12:52:16 +02:00
#### DigitalOcean
2019-05-06 09:38:23 +02:00
* Allow choosing Calico as the network provider (experimental) ([#472](https://github.com/poseidon/typhoon/pull/472))
* Add a `networking` variable accepting "flannel" (default) or "calico"
* Use VXLAN encapsulation since DigitalOcean doesn't support IPIP
2019-05-17 12:52:16 +02:00
* Add explicit ordering between firewall rule creation and secure copying Kubelet credentials ([#469](https://github.com/poseidon/typhoon/pull/469))
* Fix race scenario if copies to nodes were before rule creation, blocking cluster creation
2019-04-19 08:26:32 +02:00
#### Addons
2019-04-28 05:39:55 +02:00
* Update Prometheus from v2.8.1 to v2.9.2
2019-05-07 06:30:49 +02:00
* Update kube-state-metrics from v1.5.0 to v1.6.0
2019-05-17 20:01:30 +02:00
* Update node-exporter from v0.17.0 to v0.18.0
2019-05-04 20:14:37 +02:00
* Update Grafana from v6.1.3 to v6.1.6
2019-05-04 20:42:51 +02:00
* Reduce nginx-ingress Role RBAC permissions ([#458](https://github.com/poseidon/typhoon/pull/458))
2019-04-19 08:26:32 +02:00
2019-04-16 09:05:13 +02:00
## v1.14.1
2019-04-10 06:47:23 +02:00
* Kubernetes [v1.14.1 ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.14.md#v1141 )
2019-04-10 07:06:27 +02:00
#### Addons
* Update Grafana from v6.1.1 to v6.1.3
2019-04-16 06:07:12 +02:00
* Update nginx-ingress from v0.23.0 to v0.24.1
2019-04-13 21:37:53 +02:00
2019-04-09 03:48:49 +02:00
## v1.14.0
2019-04-07 09:09:00 +02:00
* Kubernetes [v1.14.0 ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.14.md#v1140 )
2019-04-01 02:43:43 +02:00
* Update Calico from v3.6.0 to v3.6.1
2019-04-08 03:04:02 +02:00
* Add `enable_aggregation` option for CNCF conformance ([#436](https://github.com/poseidon/typhoon/pull/436))
2019-04-07 11:29:07 +02:00
* Aggregation is disabled by default to retain our security stance
* Aggregation increases the security surface area. Extensions become part of the control plane and must be scrutinized carefully and trusted. Favor leaving aggregation disabled.
2019-04-01 02:43:43 +02:00
2019-04-01 08:22:47 +02:00
#### AWS
* Add ability to load balance TCP applications ([#443](https://github.com/poseidon/typhoon/pull/443))
* Output the network load balancer ARN as `nlb_id`
* Accept a `worker_target_groups` (ARN) list to which worker instances should be added
2019-04-08 03:04:02 +02:00
#### Azure
* Add ability to load balance TCP/UDP applications ([#447](https://github.com/poseidon/typhoon/pull/447))
* Output the load balancer ID as `loadbalancer_id`
* Output `worker_security_group_name` and `worker_address_prefix` for extending firewall rules ([#447](https://github.com/poseidon/typhoon/pull/447))
2019-04-03 08:02:04 +02:00
#### DigitalOcean
2019-04-08 03:04:02 +02:00
* Harden internal (node-to-node) firewall rules to align with other platforms ([#444](https://github.com/poseidon/typhoon/pull/444))
2019-04-09 03:48:49 +02:00
* Add ability to load balance TCP applications ([#444](https://github.com/poseidon/typhoon/pull/444))
* Output `controller_tag` and `worker_tag` for extending firewall rules ([#444](https://github.com/poseidon/typhoon/pull/444))
2019-04-03 08:02:04 +02:00
2019-03-28 03:45:10 +01:00
#### Google Cloud
2019-03-30 23:12:55 +01:00
* Add ability to load balance TCP/UDP applications ([#442](https://github.com/poseidon/typhoon/pull/442))
* Add worker instances to a target pool, output as `worker_target_pool`
2020-01-14 09:49:34 +01:00
* Health check for workers with Ingress controllers. Forward rules don't support differing internal/external ports, but some Ingress controllers support TCP/UDP proxy as a workaround
2019-03-28 03:45:10 +01:00
* Remove Haswell minimum CPU platform requirement ([#439](https://github.com/poseidon/typhoon/pull/439))
* Google Cloud API implements `min_cpu_platform` to mean "use exactly this CPU". Revert [#405 ](https://github.com/poseidon/typhoon/pull/405 ) added in v1.13.4.
* Fix error creating clusters in new regions without Haswell (e.g. europe-west2) ([#438](https://github.com/poseidon/typhoon/issues/438))
2019-04-01 02:03:22 +02:00
#### Addons
* Update Prometheus from v2.8.0 to v2.8.1
2019-04-07 03:31:43 +02:00
* Update Grafana from v6.0.2 to [v6.1.1 ](http://docs.grafana.org/guides/whats-new-in-v6-1/ )
2019-04-07 08:27:11 +02:00
* Add dashboard for pods in a workload (deployment/daemonset/statefulset) ([#446](https://github.com/poseidon/typhoon/pull/446))
* Add dashboard for workloads by namespace
2019-04-01 02:03:22 +02:00
2019-03-26 05:43:47 +01:00
## v1.13.5
* Kubernetes [v1.13.5 ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.13.md#v1135 )
2019-03-05 08:00:13 +01:00
* Resolve in-addr.arpa reverse DNS lookups (PTR) for pod IPv4 addresses ([#415](https://github.com/poseidon/typhoon/pull/415))
* Reverse DNS lookups for service IPv4 addresses unchanged
2019-03-19 05:07:07 +01:00
* Upgrade Calico from v3.5.2 to [v3.6.0 ](https://docs.projectcalico.org/v3.6/release-notes/ ) ([#430](https://github.com/poseidon/typhoon/pull/430))
* Change pod IPAM from `host-local` to `calico-ipam` . `pod_cidr` is still divided into `/24` subnets per node, but managed as `ippools` and `ipamblocks`
2019-05-31 09:45:16 +02:00
* Recommend updating [terraform-provider-ct ](https://github.com/poseidon/terraform-provider-ct ) from v0.3.0 to [v0.3.1 ](https://github.com/poseidon/terraform-provider-ct/releases/tag/v0.3.1 ) ([#434](https://github.com/poseidon/typhoon/pull/434))
2019-03-27 07:47:14 +01:00
* Announce: Fedora Atomic modules will be not be updated beyond Kubernetes v1.13.x ([#437](https://github.com/poseidon/typhoon/pull/437))
* Thank you Project Atomic team and users, please see the deprecation [notice ](https://typhoon.psdn.io/announce/#march-27-2019 )
2019-03-05 08:00:13 +01:00
2019-03-09 21:03:10 +01:00
#### AWS
* Support `terraform-provider-aws` v2.0+ ([#419](https://github.com/poseidon/typhoon/pull/419))
2019-03-10 04:34:15 +01:00
#### Bare-Metal
* Change the default iPXE kernel and initrd download protocol from HTTP to HTTPS ([#420](https://github.com/poseidon/typhoon/pull/420))
* Require an iPXE-enabled network boot environment with support for TLS downloads. PXE clients must chainload to iPXE firmware compiled with `DOWNLOAD_PROTO_HTTPS` [enabled ](https://ipxe.org/crypto ). (**action required**)
2019-03-26 08:46:11 +01:00
* Only affects Container Linux and Flatcar Linux install profiles that pull public images (default)
2019-03-10 04:34:15 +01:00
* Add `download_protocol` variable. Recognizing boot firmware TLS support is difficult in some environments, set the protocol to "http" for the old behavior (discouraged)
2019-03-14 08:55:55 +01:00
#### DigitalOcean
* Fix kubelet hostname-override to set node metadata InternalIP correctly ([#424](https://github.com/poseidon/typhoon/issues/424))
* Uniquely, DigitalOcean does not resolve hostnames to instance private IPs. Kubelet auto-detect mechanisms require the internal IP be set directly.
* Regressed in v1.12.3 ([#337](https://github.com/poseidon/typhoon/pull/337)) which aimed to provide friendly hostname-based node names on DigitalOcean
2019-03-05 08:08:12 +01:00
#### Addons
2019-03-14 06:11:38 +01:00
* Update Prometheus from v2.7.1 to [v2.8.0 ](https://github.com/prometheus/prometheus/releases/tag/v2.8.0 )
2019-03-14 07:05:14 +01:00
* Refresh rules based on upstreams ([#426](https://github.com/poseidon/typhoon/pull/426))
2019-03-24 01:59:47 +01:00
* Define NetworkPolicy to allow only traffic from the Grafana addon
2019-03-22 07:41:25 +01:00
* Update Grafana from v6.0.0 to v6.0.2
2019-03-24 01:54:16 +01:00
* Add liveness and readiness probes
2019-03-14 07:05:14 +01:00
* Refresh dashboards and organize to stay below ConfigMap size limit ([#426](https://github.com/poseidon/typhoon/pull/426))
2019-03-14 07:46:04 +01:00
* Remove heapster manifests from addons ([#427](https://github.com/poseidon/typhoon/pull/427))
* Heapster addon powers `kubectl top` (in early Kubernetes, running the addon was expected). Today, there are better monitoring options.
* `kubectl top` reliance on a non-core extension means its not in-scope for minimal Kubernetes
* Look to prior releases if you still wish to apply heapster
2019-03-05 08:08:12 +01:00
2019-03-01 07:42:04 +01:00
## v1.13.4
* Kubernetes [v1.13.4 ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.13.md#v1134 )
2019-02-09 20:54:54 +01:00
* Update etcd from v3.3.11 to [v3.3.12 ](https://github.com/etcd-io/etcd/releases/tag/v3.3.12 )
2019-02-26 06:23:13 +01:00
* Update Calico from v3.5.0 to [v3.5.2 ](https://docs.projectcalico.org/v3.5/releases/ )
2019-02-20 09:54:19 +01:00
* Assign priorityClassNames to critical cluster and node components ([#406](https://github.com/poseidon/typhoon/pull/406))
2019-03-01 07:42:04 +01:00
* Inform node out-of-resource eviction and scheduler preemption and ordering
* Add CoreDNS readiness probe ([#410](https://github.com/poseidon/typhoon/pull/410))
2019-02-09 20:49:31 +01:00
2019-02-17 00:01:44 +01:00
#### Bare-Metal
2019-05-04 19:46:07 +02:00
* Recommend updating [terraform-provider-matchbox ](https://github.com/poseidon/terraform-provider-matchbox ) plugin from v0.2.2 to [v0.2.3 ](https://github.com/poseidon/terraform-provider-matchbox/releases/tag/v0.2.3 ) ([#402](https://github.com/poseidon/typhoon/pull/402))
2019-03-01 07:42:04 +01:00
* Improve docs on using Ubiquiti EdgeOS with bare-metal clusters ([#413](https://github.com/poseidon/typhoon/pull/413))
2019-02-17 00:01:44 +01:00
2019-02-18 21:54:07 +01:00
#### Google Cloud
2019-02-20 09:54:19 +01:00
* Support `terraform-provider-google` v2.0+ ([#407](https://github.com/poseidon/typhoon/pull/407))
2019-03-01 07:42:04 +01:00
* Require `terraform-provider-google` v1.19+ (**action required**)
2019-02-18 21:54:07 +01:00
* Set the minimum CPU platform to Intel Haswell ([#405](https://github.com/poseidon/typhoon/pull/405))
* Haswell or better is available in every zone (no price change)
* A few zones still default to Sandy/Ivy Bridge (shifts in April 2019)
2019-02-09 21:23:12 +01:00
#### Addons
2019-03-01 07:42:04 +01:00
* Modernize Prometheus rules and alerts ([#404](https://github.com/poseidon/typhoon/pull/404))
2019-02-18 21:05:27 +01:00
* Drop extraneous metrics ([#397](https://github.com/poseidon/typhoon/pull/397))
2019-02-08 08:26:59 +01:00
* Add `pod` name label to metrics discovered via service endpoints
* Rename `kubernetes_namespace` label to `namespace`
2019-03-02 20:26:12 +01:00
* Modernize Grafana and dashboards, see [docs ](https://typhoon.psdn.io/addons/grafana/ ) ([#403](https://github.com/poseidon/typhoon/pull/403), [#404 ](https://github.com/poseidon/typhoon/pull/404 ))
2019-02-26 06:43:43 +01:00
* Upgrade Grafana from v5.4.3 to [v6.0.0 ](https://github.com/grafana/grafana/releases/tag/v6.0.0 )!
2019-02-17 21:36:40 +01:00
* Enable Grafana [Explore ](http://docs.grafana.org/guides/whats-new-in-v6-0/#explore ) UI as a Viewer (inspect/edit without saving)
2019-03-01 10:18:54 +01:00
* Update nginx-ingress from v0.22.0 to v0.23.0
* Raise nginx-ingress liveness/readiness timeout to 5 seconds
* Remove nginx-ingess default-backend ([#401](https://github.com/poseidon/typhoon/pull/401))
2019-02-09 21:23:12 +01:00
2019-03-02 20:26:12 +01:00
#### Fedora Atomic
* Build Kubelet [system container ](https://github.com/poseidon/system-containers ) with buildah. The image is an OCI format and slightly larger.
2019-02-02 23:54:18 +01:00
## v1.13.3
2019-02-02 08:26:13 +01:00
* Kubernetes [v1.13.3 ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.13.md#v1133 )
2019-01-12 09:20:47 +01:00
* Update etcd from v3.3.10 to [v3.3.11 ](https://github.com/etcd-io/etcd/blob/master/CHANGELOG-3.3.md#v3311-2019-1-11 )
2019-01-16 06:24:35 +01:00
* Update CoreDNS from v1.3.0 to [v1.3.1 ](https://coredns.io/2019/01/13/coredns-1.3.1-release/ )
2019-01-31 07:25:23 +01:00
* Switch from the `proxy` plugin to the faster `forward` plugin for upsteam resolvers
2019-01-28 01:34:30 +01:00
* Update Calico from v3.4.0 to [v3.5.0 ](https://docs.projectcalico.org/v3.5/releases/ )
2019-01-30 06:51:25 +01:00
* Update flannel from v0.10.0 to [v0.11.0 ](https://github.com/coreos/flannel/releases/tag/v0.11.0 )
2019-02-02 23:54:18 +01:00
* Reduce pod eviction timeout for deleting pods on unready nodes to 1 minute
* Respond more quickly to node preemption (previously 5 minutes)
2019-01-17 07:59:46 +01:00
* Fix automatic worker deletion on shutdown for cloud platforms
2019-01-15 08:24:41 +01:00
* Lowering Kubelet privileges in [#372 ](https://github.com/poseidon/typhoon/pull/372 ) dropped a needed node deletion authorization. Scale-in due to manual terraform apply (any cloud), AWS spot termination, or Azure low priority deletion left old nodes registered, requiring manual deletion (`kubectl delete node name`)
2019-01-12 09:20:47 +01:00
2019-01-14 01:37:12 +01:00
#### AWS
* Add `ingress_zone_id` output with the NLB DNS name's Route53 zone for use in alias records ([#380](https://github.com/poseidon/typhoon/pull/380))
2019-01-28 02:52:35 +01:00
#### Azure
* Fix azure provider warning, `public_ip` `allocation_method` replaces `public_ip_address_allocation`
* Require `terraform-provider-azurerm` v1.21+ (action required)
2019-01-12 23:23:34 +01:00
#### Addons
2019-01-17 07:59:46 +01:00
* Update nginx-ingress from v0.21.0 to v0.22.0
2019-02-02 09:13:24 +01:00
* Update Prometheus from v2.6.0 to v2.7.1
2019-01-12 23:23:34 +01:00
* Update kube-state-metrics from v1.4.0 to v1.5.0
2019-01-22 05:07:31 +01:00
* Fix ClusterRole to collect and export PodDisruptionBudget metrics ([#383](https://github.com/poseidon/typhoon/pull/383))
2019-01-22 09:19:55 +01:00
* Update node-exporter from v0.15.2 to v0.17.0
2019-01-16 06:05:46 +01:00
* Update Grafana from v5.4.2 to v5.4.3
2019-01-12 23:23:34 +01:00
2019-01-12 09:20:47 +01:00
## v1.13.2
2019-01-11 08:21:21 +01:00
* Kubernetes [v1.13.2 ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.13.md#v1132 )
2019-01-03 08:30:42 +01:00
* Add ServiceAccounts for `kube-apiserver` and `kube-scheduler` ([#370](https://github.com/poseidon/typhoon/pull/370))
2019-01-11 08:21:21 +01:00
* Use lower-privilege TLS client certificates for Kubelets ([#372](https://github.com/poseidon/typhoon/pull/372))
* Use HTTPS liveness probes for `kube-scheduler` and `kube-controller-manager` ([#377](https://github.com/poseidon/typhoon/pull/377))
* Update CoreDNS from v1.2.6 to [v1.3.0 ](https://coredns.io/2018/12/15/coredns-1.3.0-release/ )
2019-01-07 02:23:58 +01:00
* Allow the `certificates.k8s.io` API to issue certificates signed by the cluster CA ([#376](https://github.com/poseidon/typhoon/pull/376))
* Configure controller manager to sign CSRs that are manually [approved ](https://kubernetes.io/docs/tasks/tls/managing-tls-in-a-cluster ) by an administrator
2019-01-02 03:40:11 +01:00
2018-12-18 21:29:27 +01:00
#### AWS
2019-01-12 09:07:48 +01:00
* Change `controller_type` and `worker_type` default from t2.small to t3.small ([#365](https://github.com/poseidon/typhoon/pull/365))
2018-12-18 21:29:27 +01:00
* t3.small is cheaper, provides 2 vCPU (instead of 1), and 5 Gbps of pod-to-pod bandwidth!
2019-01-03 08:30:42 +01:00
#### Bare-Metal
* Remove the `kubeconfig` output variable
2018-12-27 16:35:12 +01:00
#### Addons
* Update Prometheus from v2.5.0 to v2.6.0
2018-12-17 23:28:27 +01:00
## v1.13.1
2018-12-15 20:43:44 +01:00
* Kubernetes [v1.13.1 ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.13.md#v1131 )
2018-12-17 23:13:50 +01:00
* Update Calico from v3.3.2 to [v3.4.0 ](https://docs.projectcalico.org/v3.4/releases/ ) ([#362](https://github.com/poseidon/typhoon/pull/362))
2018-12-16 02:41:25 +01:00
* Install CNI plugins with an init container rather than a sidecar
* Improve the `calico-node` ClusterRole
2018-12-17 23:13:50 +01:00
* Recommend updating `terraform-provider-ct` plugin from v0.2.1 to v0.3.0 ([#363](https://github.com/poseidon/typhoon/pull/363))
* [Migration ](https://typhoon.psdn.io/topics/maintenance/#upgrade-terraform-provider-ct ) instructions for upgrading `terraform-provider-ct` in-place for v1.12.2+ clusters (**action required**)
* [Require ](https://typhoon.psdn.io/topics/maintenance/#terraform-plugins-directory ) switching from `~/.terraformrc` to the Terraform [third-party plugins ](https://www.terraform.io/docs/configuration/providers.html#third-party-plugins ) directory `~/.terraform.d/plugins/`
* Require Container Linux 1688.5.3 or newer
2018-12-15 20:43:44 +01:00
2018-12-15 23:20:53 +01:00
#### Google Cloud
* Increase TCP proxy apiserver backend service timeout from 1 minute to 5 minutes ([#361](https://github.com/poseidon/typhoon/pull/361))
* Align `port-forward` behavior closer to AWS/Azure (no timeout)
2018-12-15 21:39:03 +01:00
#### Addons
* Update Grafana from v5.4.0 to v5.4.2
2018-12-15 20:43:44 +01:00
## v1.13.0
2018-12-04 05:44:32 +01:00
* Kubernetes [v1.13.0 ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.13.md#v1130 )
2018-12-07 07:56:55 +01:00
* Update Calico from v3.3.1 to [v3.3.2 ](https://docs.projectcalico.org/v3.3/releases/ )
2018-12-04 05:44:32 +01:00
2018-11-29 06:56:34 +01:00
#### Addons
2018-12-06 10:33:50 +01:00
* Update Grafana from v5.3.4 to v5.4.0
2018-11-29 06:56:34 +01:00
* Disable Grafana login form, since admin user can't be disabled ([#352](https://github.com/poseidon/typhoon/pull/352))
* Example manifests aim to provide a read-only dashboard view
2018-11-28 18:23:13 +01:00
## v1.12.3
2018-11-27 06:02:59 +01:00
* Kubernetes [v1.12.3 ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.12.md#v1123 )
* Add `enable_reporting` variable (default "false") to provide upstreams with usage data ([#345](https://github.com/poseidon/typhoon/pull/345))
2018-11-03 23:04:08 +01:00
* Change kube-apiserver `--kubelet-preferred-address-types` to InternalIP,ExternalIP,Hostname
2018-11-10 22:35:35 +01:00
* Update Calico from v3.3.0 to [v3.3.1 ](https://docs.projectcalico.org/v3.3/releases/ )
2018-11-20 07:45:02 +01:00
* Disable Felix usage reporting by default ([#345](https://github.com/poseidon/typhoon/pull/345))
2018-11-12 00:57:20 +01:00
* Improve flannel manifests
2020-01-14 09:49:34 +01:00
* [Rename ](https://github.com/poseidon/terraform-render-bootkube/commit/d045a8e6b8eccfbb9d69bb51953b5a93d23f67f7 ) `kube-flannel` DaemonSet to `flannel` and `kube-flannel-cfg` ConfigMap to `flannel-config`
2018-11-12 06:05:07 +01:00
* [Drop ](https://github.com/poseidon/terraform-render-bootkube/commit/39f9afb3360ec642e5b98457c8bd07eda35b6c96 ) unused mounts and add a CPU resource request
2018-11-19 01:45:53 +01:00
* Update CoreDNS from v1.2.4 to [v1.2.6 ](https://coredns.io/2018/11/05/coredns-1.2.6-release/ )
* Enable CoreDNS `loop` and `loadbalance` plugins ([#340](https://github.com/poseidon/typhoon/pull/340))
2018-11-27 06:02:59 +01:00
* Fix pod-checkpointer log noise and checkpointable pods detection ([#346](https://github.com/poseidon/typhoon/pull/346))
2018-11-07 08:35:11 +01:00
* Use kubernetes-incubator/bootkube v0.14.0
2018-11-27 09:08:51 +01:00
* [Recommend ](https://typhoon.psdn.io/topics/maintenance/#terraform-plugins-directory ) switching from `~/.terraformrc` to the Terraform [third-party plugins ](https://www.terraform.io/docs/configuration/providers.html#third-party-plugins ) directory `~/.terraform.d/plugins/` .
* Allows pinning `terraform-provider-ct` and `terraform-provider-matchbox` versions
* Improves safety of later plugin version migrations
2018-11-03 23:04:08 +01:00
2018-11-19 01:57:54 +01:00
#### Azure
* Use eviction policy `Delete` for `Low` priority virtual machine scale set workers ([#343](https://github.com/poseidon/typhoon/pull/343))
* Fix issue where Azure defaults to `Deallocate` eviction policy, which required manually restarting deallocated instances. `Delete` policy aligns Azure with AWS and GCP behavior.
* Require `terraform-provider-azurerm` v1.19+ (action required)
2018-01-19 20:34:47 +01:00
#### Bare-Metal
* Add Kubelet `/etc/iscsi` and `iscsadm` mounts on bare-metal for iSCSI ([#103](https://github.com/poseidon/typhoon/pull/103))
2018-11-07 07:16:12 +01:00
#### Addons
2018-11-27 06:57:34 +01:00
* Update nginx-ingress from v0.20.0 to v0.21.0
2018-11-07 07:16:12 +01:00
* Update Prometheus from v2.4.3 to v2.5.0
2018-11-19 01:42:50 +01:00
* Update Grafana from v5.3.2 to v5.3.4
2018-11-07 07:16:12 +01:00
2018-10-28 00:47:57 +02:00
## v1.12.2
* Kubernetes [v1.12.2 ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.12.md#v1122 )
* Update CoreDNS from 1.2.2 to [1.2.4 ](https://github.com/coredns/coredns/releases/tag/v1.2.4 )
2018-10-24 05:30:30 +02:00
* Update Calico from v3.2.3 to [v3.3.0 ](https://docs.projectcalico.org/v3.3/releases/ )
2018-05-14 03:16:10 +02:00
* Disable Kubelet read-only port ([#324](https://github.com/poseidon/typhoon/pull/324))
2018-10-24 05:30:30 +02:00
* Fix CoreDNS AntiAffinity spec to prefer spreading replicas
2018-10-28 23:11:47 +01:00
* Ignore controller node user-data changes ([#335](https://github.com/poseidon/typhoon/pull/335))
* Once all managed clusters use v1.12.2, it is possible to update `terraform-provider-ct`
2018-10-18 07:19:57 +02:00
2018-10-15 16:59:35 +02:00
#### AWS
* Add `disk_iops` variable for EBS volume IOPS ([#314](https://github.com/poseidon/typhoon/pull/314))
2018-10-28 01:42:36 +02:00
#### Azure
2018-10-28 06:46:10 +01:00
* Use new `azurerm_network_interface_backend_address_pool_association` ([#332](https://github.com/poseidon/typhoon/pull/332))
* Require `terraform-provider-azurerm` v1.17+ (action required)
* Add `primary` field to `ip_configuration` needed by v1.17+ ([#331](https://github.com/poseidon/typhoon/pull/331))
2018-10-28 01:42:36 +02:00
2018-10-28 07:01:50 +01:00
#### DigitalOcean
* Add AAAA DNS records resolving to worker nodes ([#333](https://github.com/poseidon/typhoon/pull/333))
* Hosting IPv6 apps requires editing nginx-ingress with `hostNetwork: true`
2018-10-28 22:17:12 +01:00
#### Google Cloud
2018-10-28 23:11:47 +01:00
* Add an IPv6 address and IPv6 forwarding rules for load balancing IPv6 Ingress ([#334](https://github.com/poseidon/typhoon/pull/334))
2018-10-28 22:17:12 +01:00
* Add `ingress_static_ipv6` output variable for use in AAAA DNS records
* Allow serving IPv6 applications via Kubernetes Ingress
2018-10-19 05:39:30 +02:00
#### Addons
* Configure Heapster to scrape Kubelets with bearer token auth ([#323](https://github.com/poseidon/typhoon/pull/323))
2018-10-29 03:44:22 +01:00
* Update Grafana from v5.3.1 to v5.3.2
2018-10-19 05:39:30 +02:00
2018-10-17 17:53:23 +02:00
## v1.12.1
2018-09-22 09:02:37 +02:00
* Kubernetes [v1.12.1 ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.12.md#v1121 )
2018-10-13 22:14:37 +02:00
* Update etcd from v3.3.9 to [v3.3.10 ](https://github.com/etcd-io/etcd/blob/master/CHANGELOG-3.3.md#v3310-2018-10-10 )
2018-10-17 17:53:23 +02:00
* Update CoreDNS from 1.1.3 to [1.2.2 ](https://github.com/coredns/coredns/releases/tag/v1.2.2 )
* Update Calico from v3.2.1 to [v3.2.3 ](https://docs.projectcalico.org/v3.2/releases/ )
* Raise scheduler and controller-manager replicas to the larger of 2 or the number of controller nodes ([#312](https://github.com/poseidon/typhoon/pull/312))
2018-10-13 22:16:18 +02:00
* Single-controller clusters continue to run 2 replicas as before
2018-10-17 17:53:23 +02:00
* Raise default CoreDNS replicas to the larger of 2 or the number of controller nodes ([#313](https://github.com/poseidon/typhoon/pull/313))
2018-10-14 01:21:22 +02:00
* Add AntiAffinity preferred rule to favor spreading CoreDNS pods
2018-10-17 17:53:23 +02:00
* Annotate control plane and addon containers to use the Docker runtime seccomp profile ([#319](https://github.com/poseidon/typhoon/pull/319))
* Override Kubernetes default behavior that starts containers with `seccomp=unconfined`
2018-10-02 16:06:41 +02:00
2018-10-14 06:55:46 +02:00
#### Azure
2018-10-17 17:53:23 +02:00
* Remove `admin_password` field (disabled) since it is now optional
2018-10-14 06:55:46 +02:00
* Require `terraform-provider-azurerm` v1.16+ (action required)
2018-10-15 11:27:32 +02:00
#### Bare-Metal
* Add support for `cached_install` mode with Flatcar Linux ([#315](https://github.com/poseidon/typhoon/pull/315))
2018-10-02 16:41:53 +02:00
#### DigitalOcean
2018-10-14 06:55:46 +02:00
* Require `terraform-provider-digitalocean` v1.0+ (action required)
2018-10-02 16:41:53 +02:00
2018-09-22 07:22:21 +02:00
#### Addons
2018-10-17 06:34:17 +02:00
* Update nginx-ingress from v0.19.0 to v0.20.0
2018-10-17 06:29:41 +02:00
* Update Prometheus from v2.3.2 to v2.4.3
2018-10-17 06:23:44 +02:00
* Update Grafana from v5.2.4 to v5.3.1
2018-09-22 07:22:21 +02:00
2018-09-14 03:48:07 +02:00
## v1.11.3
* Kubernetes [v1.11.3 ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.11.md#v1113 )
2018-08-28 07:24:52 +02:00
* Introduce Typhoon for Azure as alpha ([#288](https://github.com/poseidon/typhoon/pull/288))
* Special thanks @justaugustus for an earlier variant
2018-08-15 08:49:33 +02:00
* Update Calico from v3.1.3 to v3.2.1 ([#278](https://github.com/poseidon/typhoon/pull/278))
2018-08-22 06:16:16 +02:00
#### AWS
2018-08-22 06:25:22 +02:00
* Remove firewall rule allowing ICMP packets to nodes ([#285](https://github.com/poseidon/typhoon/pull/285))
2018-08-22 06:16:16 +02:00
2018-08-13 01:44:13 +02:00
#### Bare-Metal
* Remove `controller_networkds` and `worker_networkds` variables. Use Container Linux Config snippets [#277 ](https://github.com/poseidon/typhoon/pull/277 )
2018-08-22 06:06:03 +02:00
#### Google Cloud
2018-08-22 08:21:05 +02:00
* Fix firewall to allow etcd client port 2379 traffic between controller nodes ([#287](https://github.com/poseidon/typhoon/pull/287))
* kube-apiservers were only able to connect to their node's local etcd peer. While master node outages were tolerated, reaching a healthy peer took longer than neccessary in some cases
* Reduce time needed to bootstrap the cluster
2018-08-22 06:25:22 +02:00
* Remove firewall rule allowing workers to access Nginx Ingress health check ([#284](https://github.com/poseidon/typhoon/pull/284))
2018-08-22 06:06:03 +02:00
* Nginx Ingress addon no longer uses hostNetwork, Prometheus scrapes via CNI network
2018-08-29 18:36:47 +02:00
#### Addons
2018-09-09 01:12:38 +02:00
* Update nginx-ingress from 0.17.1 to 0.19.0
2018-08-29 18:36:47 +02:00
* Update kube-state-metrics from v1.3.1 to v1.4.0
2018-09-09 00:41:20 +02:00
* Update Grafana from 5.2.2 to 5.2.4
2018-08-29 18:36:47 +02:00
2018-08-08 06:56:02 +02:00
## v1.11.2
2018-05-10 10:01:25 +02:00
2018-08-08 06:56:02 +02:00
* Kubernetes [v1.11.2 ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.11.md#v1112 )
2018-07-29 20:27:37 +02:00
* Update etcd from v3.3.8 to [v3.3.9 ](https://github.com/coreos/etcd/blob/master/CHANGELOG-3.3.md#v339-2018-07-24 )
2018-07-29 20:20:17 +02:00
* Use kubernetes-incubator/bootkube v0.13.0
2018-07-29 21:13:29 +02:00
* Fix Fedora Atomic modules' Kubelet version ([#270](https://github.com/poseidon/typhoon/issues/270))
2018-07-29 20:20:17 +02:00
2018-07-26 07:44:07 +02:00
#### Bare-Metal
* Introduce [Container Linux Config snippets ](https://typhoon.psdn.io/advanced/customization/#container-linux ) on bare-metal
* Validate and additively merge custom Container Linux Configs during terraform plan
* Define files, systemd units, dropins, networkd configs, mounts, users, and more
2018-08-22 06:25:22 +02:00
* [Require ](https://typhoon.psdn.io/cl/bare-metal/#terraform-setup ) `terraform-provider-ct` plugin v0.2.1 (**action required!**)
2018-07-26 07:44:07 +02:00
2018-07-29 20:12:56 +02:00
#### Addons
2018-08-08 09:45:20 +02:00
* Update nginx-ingress from 0.16.2 to 0.17.1
2018-08-11 21:14:23 +02:00
* Add nginx-ingress manifests for bare-metal
2018-07-29 20:12:56 +02:00
* Update Grafana from 5.2.1 to 5.2.2
2018-07-29 20:15:47 +02:00
* Update heapster from v1.5.3 to v1.5.4
2018-07-29 20:12:56 +02:00
2018-07-26 07:44:07 +02:00
## v1.11.1
2018-07-20 09:36:58 +02:00
* Kubernetes [v1.11.1 ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.11.md#v1111 )
2018-07-14 23:24:50 +02:00
#### Addons
* Update Prometheus from v2.3.1 to v2.3.2
2018-07-29 21:13:29 +02:00
#### Errata
* Fedora Atomic modules shipped with Kubelet v1.11.0, instead of v1.11.1. Fixed in [#270 ](https://github.com/poseidon/typhoon/issues/270 ).
2018-07-04 21:27:26 +02:00
## v1.11.0
2018-06-28 07:47:35 +02:00
* Kubernetes [v1.11.0 ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.11.md#v1110 )
* Force apiserver to stop listening on `127.0.0.1:8080`
2018-07-02 04:41:57 +02:00
* Replace `kube-dns` with [CoreDNS ](https://coredns.io/ ) ([#261](https://github.com/poseidon/typhoon/pull/261))
* Edit the `coredns` ConfigMap to [customize ](https://coredns.io/plugins/ )
2020-01-14 09:49:34 +01:00
* CoreDNS doesn't use a resizer. For large clusters, scaling may be required.
2018-06-28 07:47:35 +02:00
2018-07-01 02:25:54 +02:00
#### AWS
* Update from Fedora Atomic 27 to 28 ([#258](https://github.com/poseidon/typhoon/pull/258))
2018-07-04 20:16:04 +02:00
#### Bare-Metal
* Update from Fedora Atomic 27 to 28 ([#263](https://github.com/poseidon/typhoon/pull/263))
2018-07-02 05:47:46 +02:00
#### Google
2018-07-02 07:49:33 +02:00
* Promote Google Cloud to stable
2018-07-01 03:12:36 +02:00
* Update from Fedora Atomic 27 to 28 ([#259](https://github.com/poseidon/typhoon/pull/259))
2018-07-02 05:47:46 +02:00
* Remove `ingress_static_ip` module output. Use `ingress_static_ipv4` .
* Remove `controllers_ipv4_public` module output.
2018-07-02 05:55:34 +02:00
#### Addons
2018-07-03 07:06:22 +02:00
* Update nginx-ingress from 0.15.0 to 0.16.2
2018-07-02 05:55:34 +02:00
* Update Grafana from 5.1.4 to [5.2.1 ](http://docs.grafana.org/guides/whats-new-in-v5-2/ )
2018-07-02 06:07:52 +02:00
* Update heapster from v1.5.2 to v1.5.3
2018-07-02 05:55:34 +02:00
2018-06-24 00:15:57 +02:00
## v1.10.5
2018-06-22 07:51:39 +02:00
* Kubernetes [v1.10.5 ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.10.md#v1105 )
2018-06-20 06:55:05 +02:00
* Update etcd from v3.3.6 to v3.3.8 ([#243](https://github.com/poseidon/typhoon/pull/243), [#247 ](https://github.com/poseidon/typhoon/pull/247 ))
2018-06-15 07:43:01 +02:00
2018-06-19 06:57:58 +02:00
#### AWS
* Switch `kube-apiserver` port from 443 to 6443 ([#248](https://github.com/poseidon/typhoon/pull/248))
2018-06-19 07:56:32 +02:00
* Combine apiserver and ingress NLBs ([#249](https://github.com/poseidon/typhoon/pull/249))
2018-06-24 00:15:57 +02:00
* Reduce cost by ~$18/month per cluster. Typhoon AWS clusters now use one network load balancer.
* Ingress addon users may keep using CNAME records to the `ingress_dns_name` module output (few million RPS)
* Ingress users with heavy traffic (many million RPS) should create a separate NLB(s)
* Worker pools no longer include an extraneous load balancer. Remove worker module's `ingress_dns_name` output
2018-06-22 08:57:38 +02:00
* Disable detailed (paid) monitoring on worker nodes ([#251](https://github.com/poseidon/typhoon/pull/251))
2018-06-24 00:15:57 +02:00
* Favor Prometheus for cloud-agnostic metrics, aggregation, and alerting
* Add `worker_target_group_http` and `worker_target_group_https` module outputs to allow custom load balancing
* Add `target_group_http` and `target_group_https` worker module outputs to allow custom load balancing
2018-06-19 06:57:58 +02:00
2018-06-15 07:43:01 +02:00
#### Bare-Metal
2018-06-19 06:57:58 +02:00
* Switch `kube-apiserver` port from 443 to 6443 ([#248](https://github.com/poseidon/typhoon/pull/248))
* Users who exposed kube-apiserver on a WAN via their router/load-balancer will need to adjust its configuration (e.g. DNAT 6443). Most apiservers are on a LAN (internal, VPN-only, etc) so if you didn't specially configure network gear for 443, no change is needed. (possible action required)
2020-01-14 09:49:34 +01:00
* Fix possible deadlock when provisioning clusters larger than 10 nodes ([#244](https://github.com/poseidon/typhoon/pull/244))
2018-06-15 07:28:11 +02:00
2018-06-19 06:57:58 +02:00
#### DigitalOcean
* Switch `kube-apiserver` port from 443 to 6443 ([#248](https://github.com/poseidon/typhoon/pull/248))
* Update firewall rules and generated kubeconfig's
2018-05-07 08:21:53 +02:00
#### Google Cloud
* Use global HTTP and TCP proxy load balancing for Kubernetes Ingress ([#252](https://github.com/poseidon/typhoon/pull/252))
* Switch Ingress from regional network load balancers to global HTTP/TCP Proxy load balancing
* Reduce cost by ~$19/month per cluster. Google bills the first 5 global and regional forwarding rules separately. Typhoon clusters now use 3 global and 0 regional forwarding rules.
* Worker pools no longer include an extraneous load balancer. Remove worker module's `ingress_static_ip` output
2018-06-24 00:15:57 +02:00
* Allow using nginx-ingress addon on Fedora Atomic clusters ([#200](https://github.com/poseidon/typhoon/issues/200))
2018-05-07 08:21:53 +02:00
* Add `worker_instance_group` module output to allow custom global load balancing
2018-06-24 00:15:57 +02:00
* Add `instance_group` worker module output to allow custom global load balancing
* Deprecate `ingress_static_ip` module output. Add `ingress_static_ipv4` module output instead.
2018-05-07 08:21:53 +02:00
* Deprecate `controllers_ipv4_public` module output
2018-06-14 00:05:22 +02:00
#### Addons
* Update CLUO from v0.6.0 to v0.7.0 ([#242](https://github.com/poseidon/typhoon/pull/242))
2018-06-22 09:46:41 +02:00
* Update Prometheus from v2.3.0 to v2.3.1
* Update Grafana from 5.1.3 to 5.1.4
* Drop `hostNetwork` from nginx-ingress addon
* Both flannel and Calico support host port via `portmap`
* Allows writing NetworkPolicies that reference ingress pods in `from` or `to` . HostNetwork pods were difficult to write network policy for since they could circumvent the CNI network to communicate with pods on the same node.
2018-06-14 00:05:22 +02:00
2018-06-09 20:43:10 +02:00
## v1.10.4
2018-06-07 08:23:11 +02:00
* Kubernetes [v1.10.4 ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.10.md#v1104 )
2018-06-07 08:18:37 +02:00
* Update etcd from v3.3.5 to v3.3.6
2018-05-31 06:31:12 +02:00
* Update Calico from v3.1.2 to v3.1.3
2018-05-31 07:33:16 +02:00
#### Addons
2018-06-22 09:46:41 +02:00
* Update Prometheus from v2.2.1 to v2.3.0
2018-05-31 07:33:16 +02:00
* Add Prometheus liveness and readiness probes
2018-05-31 07:37:47 +02:00
* Annotate Grafana service so Prometheus scrapes metrics
2018-06-09 20:44:21 +02:00
* Label namespaces to ease writing Network Policies
2018-05-31 07:33:16 +02:00
2018-05-22 05:41:34 +02:00
## v1.10.3
* Kubernetes [v1.10.3 ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.10.md#v1103 )
2018-05-17 08:30:48 +02:00
* Add [Flatcar Linux ](https://docs.flatcar-linux.org/ ) (Container Linux derivative) as an option for AWS and bare-metal (thanks @kinvolk folks)
2018-05-14 08:49:45 +02:00
* Allow bearer token authentication to the Kubelet ([#216](https://github.com/poseidon/typhoon/issues/216))
2018-05-14 08:20:42 +02:00
* Require Webhook authorization to the Kubelet
* Switch apiserver X509 client cert org to satisfy new authorization requirement
2018-05-17 07:37:37 +02:00
* Require Terraform v0.11.x and drop support for v0.10.x ([migration guide](https://typhoon.psdn.io/topics/maintenance/#terraform-v011x))
* Update etcd from v3.3.4 to v3.3.5 ([#213](https://github.com/poseidon/typhoon/pull/213))
2018-05-22 05:41:34 +02:00
* Update Calico from v3.1.1 to v3.1.2
2018-05-10 10:01:25 +02:00
2018-04-29 22:19:00 +02:00
#### AWS
2018-05-17 08:30:48 +02:00
* Allow Flatcar Linux by setting `os_image` to flatcar-stable (default), flatcar-beta, flatcar-alpha ([#211](https://github.com/poseidon/typhoon/pull/211))
* Replace `os_channel` variable with `os_image` to align naming across clouds
* Please change values stable, beta, or alpha to coreos-stable, coreos-beta, coreos-alpha (**action required!**)
2018-05-09 07:38:05 +02:00
* Allow preemptible workers via spot instances ([#202](https://github.com/poseidon/typhoon/pull/202))
2018-05-17 08:30:48 +02:00
* Add `worker_price` to allow worker spot instances. Default to empty string for the worker autoscaling group to use regular on-demand instances
2018-04-29 22:19:00 +02:00
* Add `spot_price` to internal `workers` module for spot [worker pools ](https://typhoon.psdn.io/advanced/worker-pools/ )
2018-05-15 08:35:16 +02:00
#### Bare-Metal
2018-05-17 08:30:48 +02:00
* Allow Flatcar Linux by setting `os_channel` to flatcar-stable, flatcar-beta, flatcar-alpha ([#220](https://github.com/poseidon/typhoon/pull/220))
2018-05-17 07:37:37 +02:00
* Replace `container_linux_channel` variable with `os_channel`
2018-05-17 08:30:48 +02:00
* Please change values stable, beta, or alpha to coreos-stable, coreos-beta, coreos-alpha (**action required!**)
2018-05-17 07:37:37 +02:00
* Replace `container_linux_version` variable with `os_version`
2018-05-15 08:35:16 +02:00
* Add `network_ip_autodetection_method` variable for Calico host IPv4 address detection
2020-01-14 09:49:34 +01:00
* Use Calico's default "first-found" to support single NIC and bonded NIC nodes
2018-05-17 08:30:48 +02:00
* Allow [alternative ](https://docs.projectcalico.org/v3.1/reference/node/configuration#ip-autodetection-methods ) methods for multi NIC nodes, like can-reach=IP or interface=REGEX
2018-05-17 07:37:37 +02:00
* Deprecate `container_linux_oem` variable
2018-05-15 08:35:16 +02:00
2018-05-22 05:33:09 +02:00
#### DigitalOcean
* Update Fedora Atomic module to use Fedora Atomic 28 ([#225](https://github.com/poseidon/typhoon/pull/225))
* Fedora Atomic 27 images disappeared from DigitalOcean and forced this early update
2018-05-02 06:56:28 +02:00
#### Addons
* Fix Prometheus data directory location ([#203](https://github.com/poseidon/typhoon/pull/203))
2018-05-14 08:49:45 +02:00
* Configure Prometheus to scrape Kubelets directly with bearer token auth instead of proxying through the apiserver ([#217](https://github.com/poseidon/typhoon/pull/217))
* Security improvement: Drop RBAC permission from `nodes/proxy` to `nodes/metrics`
* Scale: Remove per-node proxied scrape load from the apiserver
2018-05-18 06:35:16 +02:00
* Update Grafana from v5.04 to v5.1.3 ([#208](https://github.com/poseidon/typhoon/pull/208))
2018-05-10 10:13:54 +02:00
* Disable Grafana Google Analytics by default ([#214](https://github.com/poseidon/typhoon/issues/214))
2018-05-18 06:42:55 +02:00
* Update nginx-ingress from 0.14.0 to 0.15.0
2018-05-19 22:05:50 +02:00
* Annotate nginx-ingress service so Prometheus auto-discovers and scrapes service endpoints ([#222](https://github.com/poseidon/typhoon/pull/222))
2018-05-02 06:56:28 +02:00
2018-04-29 22:19:00 +02:00
## v1.10.2
2017-10-04 09:07:48 +02:00
2018-04-28 09:03:29 +02:00
* Kubernetes [v1.10.2 ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.10.md#v1102 )
2018-05-22 05:41:34 +02:00
* [Introduce ](https://typhoon.psdn.io/announce/#april-26-2018 ) Typhoon for Fedora Atomic ([#199](https://github.com/poseidon/typhoon/pull/199))
2018-04-22 00:13:38 +02:00
* Update Calico from v3.0.4 to v3.1.1 ([#197](https://github.com/poseidon/typhoon/pull/197))
* https://www.projectcalico.org/announcing-calico-v3-1/
* https://github.com/projectcalico/calico/releases/tag/v3.1.0
2018-04-28 08:57:26 +02:00
* Update etcd from v3.3.3 to v3.3.4
2018-04-29 21:04:44 +02:00
* Update kube-dns from v1.14.9 to v1.14.10
2018-04-22 00:13:38 +02:00
2018-04-15 09:50:43 +02:00
#### Google Cloud
* Add support for multi-controller clusters (i.e. multi-master) ([#54](https://github.com/poseidon/typhoon/issues/54), [#190 ](https://github.com/poseidon/typhoon/pull/190 ))
2020-01-14 09:49:34 +01:00
* Switch from Google Cloud network load balancer to a TCP proxy load balancer. Avoid a [bug ](https://issuetracker.google.com/issues/67366622 ) in Google network load balancers that limited clusters to only bootstrapping one controller node.
2018-04-15 09:50:43 +02:00
* Add TCP health check for apiserver pods on controllers. Replace kubelet check approximation.
2018-04-16 02:08:58 +02:00
#### Addons
2018-04-29 21:04:44 +02:00
* Update nginx-ingress from 0.12.0 to 0.14.0
2018-04-16 02:08:58 +02:00
* Update kube-state-metrics from v1.3.0 to v1.3.1
## v1.10.1
2018-04-13 05:23:35 +02:00
* Kubernetes [v1.10.1 ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.10.md#v1101 )
2018-03-29 06:45:24 +02:00
* Enable etcd v3.3 metrics endpoint ([#175](https://github.com/poseidon/typhoon/pull/175))
2018-04-05 06:38:03 +02:00
* Use `k8s.gcr.io` instead of `gcr.io/google_containers` ([#180](https://github.com/poseidon/typhoon/pull/180))
2018-04-08 21:16:29 +02:00
* Kubernetes [recommends ](https://groups.google.com/forum/#!msg/kubernetes-dev/ytjk_rNrTa0/3EFUHvovCAAJ ) using the alias to pull from the nearest regional mirror and to abstract the backing container registry
2018-04-05 05:32:24 +02:00
* Update etcd from v3.3.2 to v3.3.3
2018-04-29 21:04:44 +02:00
* Update kube-dns from v1.14.8 to v1.14.9
2018-04-13 05:23:35 +02:00
* Use kubernetes-incubator/bootkube v0.12.0
2018-03-29 06:45:24 +02:00
2018-04-05 06:38:03 +02:00
#### Bare-Metal
* Fix need for multiple `terraform apply` runs to create a cluster with Terraform v0.11.4 ([#181](https://github.com/poseidon/typhoon/pull/181))
* To SSH during a disk install for debugging, SSH as user "core" with port 2222
* Remove the old trick of using a user "debug" during disk install
2018-04-12 08:19:35 +02:00
#### Google Cloud
* Refactor out the `controller` internal module
2018-03-29 06:45:24 +02:00
#### Addons
* Add Prometheus discovery for etcd peers on controller nodes ([#175](https://github.com/poseidon/typhoon/pull/175))
* Scrape etcd v3.3 `--listen-metrics-urls` for metrics
* Enable etcd alerts and populate the etcd Grafana dashboard
2018-04-05 06:04:13 +02:00
* Update kube-state-metrics from v1.2.0 to v1.3.0
2018-03-29 06:45:24 +02:00
## v1.10.0
2018-03-31 08:12:38 +02:00
* Kubernetes [v1.10.0 ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.10.md#v1100 )
2018-03-26 06:56:55 +02:00
* Remove unused, unmaintained `pxe-worker` internal module
2018-03-29 09:24:07 +02:00
#### AWS
* Add `disk_type` optional variable for setting the EBS volume type ([#176](https://github.com/poseidon/typhoon/pull/176))
* Change default type from `standard` to `gp2` . Prometheus etcd alerts are tuned for fast disks.
2018-03-26 06:48:08 +02:00
#### Digital Ocean
2018-03-26 07:32:09 +02:00
* Ensure etcd secrets are only distributed to controller hosts, not workers.
2018-03-29 09:24:07 +02:00
* Remove `networking` optional variable. Only flannel works on Digital Ocean.
2018-03-26 06:48:08 +02:00
2018-03-26 07:04:14 +02:00
#### Google Cloud
2018-03-29 09:24:07 +02:00
* Add `disk_size` optional variable for setting instance disk size in GB
* Add `controller_type` optional variable for setting machine type for controllers
* Add `worker_type` optional variable for setting machine type for workers
* Remove `machine_type` optional variable. Use `controller_type` and `worker_type` .
2018-03-26 07:04:14 +02:00
2018-03-29 04:12:39 +02:00
#### Addons
* Update Grafana from v4.6.3 to v5.0.4 ([#153](https://github.com/poseidon/typhoon/pull/153), [#174 ](https://github.com/poseidon/typhoon/pull/174 ))
* Restrict dashboard organization role to Viewer
2018-03-23 05:56:29 +01:00
## v1.9.6
2018-03-22 04:29:52 +01:00
* Kubernetes [v1.9.6 ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.9.md#v196 )
* Update Calico from v3.0.3 to v3.0.4
2018-03-22 04:32:01 +01:00
#### Addons
* Update heapster from v1.5.1 to v1.5.2
2018-03-20 07:15:57 +01:00
## v1.9.5
2018-03-19 01:50:14 +01:00
* Kubernetes [v1.9.5 ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.9.md#v195 )
* Fix `subPath` volume mounts regression ([kubernetes#61076](https://github.com/kubernetes/kubernetes/issues/61076))
2018-03-19 07:52:59 +01:00
* Introduce [Container Linux Config snippets ](https://typhoon.psdn.io/advanced/customization/#container-linux ) on cloud platforms ([#145](https://github.com/poseidon/typhoon/pull/145))
* Validate and additively merge custom Container Linux Configs during `terraform plan`
* Define files, systemd units, dropins, networkd configs, mounts, users, and more
* Require updating `terraform-provider-ct` plugin from v0.2.0 to v0.2.1
2018-03-19 08:14:47 +01:00
* Add `node-role.kubernetes.io/controller="true"` node label to controllers ([#160](https://github.com/poseidon/typhoon/pull/160))
2018-03-19 07:52:59 +01:00
#### AWS
2019-05-04 19:46:07 +02:00
* [Require ](https://typhoon.psdn.io/topics/maintenance/#terraform-provider-ct-v021 ) updating `terraform-provider-ct` plugin from v0.2.0 to [v0.2.1 ](https://github.com/poseidon/terraform-provider-ct/releases/tag/v0.2.1 ) (action required!)
2018-03-19 07:52:59 +01:00
#### Digital Ocean
2019-05-04 19:46:07 +02:00
* [Require ](https://typhoon.psdn.io/topics/maintenance/#terraform-provider-ct-v021 ) updating `terraform-provider-ct` plugin from v0.2.0 to [v0.2.1 ](https://github.com/poseidon/terraform-provider-ct/releases/tag/v0.2.1 ) (action required!)
2018-03-19 07:52:59 +01:00
#### Google Cloud
2019-05-04 19:46:07 +02:00
* [Require ](https://typhoon.psdn.io/topics/maintenance/#terraform-provider-ct-v021 ) updating `terraform-provider-ct` plugin from v0.2.0 to [v0.2.1 ](https://github.com/poseidon/terraform-provider-ct/releases/tag/v0.2.1 ) (action required!)
2018-03-19 08:06:37 +01:00
* Relax `os_image` to optional. Default to "coreos-stable".
2018-03-19 07:52:59 +01:00
2018-03-18 23:55:42 +01:00
#### Addons
2018-03-20 07:15:57 +01:00
* Update nginx-ingress from 0.11.0 to 0.12.0
2018-03-18 23:55:42 +01:00
* Update Prometheus from 2.2.0 to 2.2.1
2018-03-13 04:55:35 +01:00
## v1.9.4
2018-03-11 21:15:35 +01:00
* Kubernetes [v1.9.4 ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.9.md#v194 )
2018-03-13 05:19:15 +01:00
* Secret, configMap, downward API, and projected volumes now read-only (breaking, [kubernetes#58720 ](https://github.com/kubernetes/kubernetes/pull/58720 ))
2018-03-15 02:54:22 +01:00
* Regressed `subPath` volume mounts (regression, [kubernetes#61076 ](https://github.com/kubernetes/kubernetes/issues/61076 ))
2018-03-13 05:19:15 +01:00
* Mitigated `subPath` [CVE-2017-1002101 ](https://github.com/kubernetes/kubernetes/issues/60813 )
2018-03-13 04:55:35 +01:00
* Introduce [worker pools ](https://typhoon.psdn.io/advanced/worker-pools/ ) for AWS and Google Cloud for joining heterogeneous workers to existing clusters.
2018-03-12 01:05:55 +01:00
* Use new Network Load Balancers and cross zone load balancing on AWS
2018-03-11 21:15:35 +01:00
* Allow flexvolume plugins to be used on any Typhoon cluster (not just bare-metal)
2018-03-09 09:43:15 +01:00
* Upgrade etcd from v3.2.15 to v3.3.2
2018-02-25 04:16:20 +01:00
* Update Calico from v3.0.2 to v3.0.3
2018-04-13 05:23:35 +02:00
* Use kubernetes-incubator/bootkube v0.11.0
2019-05-04 19:46:07 +02:00
* [Recommend ](https://typhoon.psdn.io/topics/maintenance/#terraform-provider-ct-v021 ) updating `terraform-provider-ct` plugin from v0.2.0 to [v0.2.1 ](https://github.com/poseidon/terraform-provider-ct/releases/tag/v0.2.1 ) (action recommended)
2018-02-16 04:29:17 +01:00
2018-02-22 08:45:50 +01:00
#### AWS
2018-03-13 05:15:53 +01:00
* Promote AWS platform to stable
2018-03-12 01:05:55 +01:00
* Allow groups of workers to be defined and joined to a cluster (i.e. worker pools) ([#150](https://github.com/poseidon/typhoon/pull/150))
* Replace the apiserver elastic load balancer with a network load balancer ([#136](https://github.com/poseidon/typhoon/pull/136))
* Replace the Ingress elastic load balancer with a network load balancer ([#141](https://github.com/poseidon/typhoon/pull/141))
2018-02-26 21:55:32 +01:00
* AWS [NLBs ](https://aws.amazon.com/blogs/aws/new-network-load-balancer-effortless-scaling-to-millions-of-requests-per-second/ ) can handle millions of RPS with high throughput and low latency.
2018-03-12 01:05:55 +01:00
* Require `terraform-provider-aws` 1.7.0 or higher
2018-03-13 04:55:35 +01:00
* Enable NLB [cross-zone ](https://aws.amazon.com/about-aws/whats-new/2018/02/network-load-balancer-now-supports-cross-zone-load-balancing/ ) load balancing ([#159](https://github.com/poseidon/typhoon/pull/159))
* Requests are automatically evenly distributed to targets regardless of AZ
2018-03-12 01:05:55 +01:00
* Require `terraform-provider-aws` 1.11.0 or higher
2018-02-23 07:00:51 +01:00
* Add kubelet `--volume-plugin-dir` flag to allow flexvolume plugins ([#142](https://github.com/poseidon/typhoon/pull/142))
2018-03-10 22:13:48 +01:00
* Fix controller and worker launch configs to ignore AMI changes ([#126](https://github.com/poseidon/typhoon/pull/126), [#158 ](https://github.com/poseidon/typhoon/pull/158 ))
2018-02-23 07:00:51 +01:00
#### Digital Ocean
* Add kubelet `--volume-plugin-dir` flag to allow flexvolume plugins ([#142](https://github.com/poseidon/typhoon/pull/142))
2018-02-25 01:22:57 +01:00
* Fix to pass `ssh_fingerprints` as a list to droplets ([#143](https://github.com/poseidon/typhoon/pull/143))
2018-02-23 07:00:51 +01:00
#### Google Cloud
2018-02-27 07:16:34 +01:00
* Allow groups of workers to be defined and joined to a cluster (i.e. worker pools) ([#148](https://github.com/poseidon/typhoon/pull/148))
2018-02-23 07:00:51 +01:00
* Add kubelet `--volume-plugin-dir` flag to allow flexvolume plugins ([#142](https://github.com/poseidon/typhoon/pull/142))
2018-02-26 21:17:42 +01:00
* Add `kubeconfig` variable to `controllers` and `workers` submodules ([#147](https://github.com/poseidon/typhoon/pull/147))
* Remove `kubeconfig_*` variables from `controllers` and `workers` submodules ([#147](https://github.com/poseidon/typhoon/pull/147))
2018-03-03 02:26:51 +01:00
* Allow initial experimentation with accelerators (i.e. GPUs) on workers ([#161](https://github.com/poseidon/typhoon/pull/161)) (unofficial)
* Require `terraform-provider-google` v1.6.0
2018-02-11 19:45:39 +01:00
2018-02-23 07:33:13 +01:00
#### Addons
2018-03-03 06:59:19 +01:00
* Update Prometheus from 2.1.0 to 2.2.0 ([#153](https://github.com/poseidon/typhoon/pull/153))
2018-03-12 01:05:55 +01:00
* Scrape Prometheus itself to enable alerts about Prometheus itself
* Adjust KubeletDown rule to fire when 10% of kubelets are down
2018-02-23 07:33:13 +01:00
* Update heapster from v1.5.0 to v1.5.1 ([#131](https://github.com/poseidon/typhoon/pull/131))
* Use separate service account
* Update nginx-ingress from 0.10.2 to 0.11.0
2018-02-11 19:59:16 +01:00
## v1.9.3
2018-02-10 21:49:34 +01:00
* Kubernetes [v1.9.3 ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.9.md#v193 )
2018-02-11 19:59:16 +01:00
* Network improvements and fixes ([#104](https://github.com/poseidon/typhoon/pull/104))
2018-02-10 21:49:34 +01:00
* Switch from Calico v2.6.6 to v3.0.2
* Add Calico GlobalNetworkSet CRD
2018-01-29 08:09:21 +01:00
* Update flannel from v0.9.0 to v0.10.0
2018-02-10 21:49:34 +01:00
* Use separate service account for flannel
2018-01-29 08:09:21 +01:00
* Update etcd from v3.2.14 to v3.2.15
2018-01-24 08:50:04 +01:00
2018-02-23 07:33:13 +01:00
#### Digital Ocean
* Use new Droplet [types ](https://developers.digitalocean.com/documentation/changelog/api-v2/new-size-slugs-for-droplet-plan-changes/ ) which offer more CPU/memory, at lower cost. ([#105](https://github.com/poseidon/typhoon/pull/105))
* A small Digital Ocean cluster costs less than $25 a month!
2018-01-28 10:24:27 +01:00
#### Addons
2018-02-11 19:59:16 +01:00
* Update Prometheus from v2.0.0 to v2.1.0 ([#113](https://github.com/poseidon/typhoon/pull/113))
2018-01-28 10:24:27 +01:00
* Improve alerting rules
* Relabel discovered kubelet, endpoint, service, and apiserver scrapes
* Use separate service accounts
* Update node-exporter and kube-state-metrics
2018-02-11 19:59:16 +01:00
* Include Grafana dashboards for Kubernetes admins ([#113](https://github.com/poseidon/typhoon/pull/113))
2018-01-28 10:24:27 +01:00
* Add grafana-watcher to load bundled upstream dashboards
* Update nginx-ingress from 0.9.0 to 0.10.2
2018-02-11 08:51:55 +01:00
* Update CLUO from v0.5.0 to v0.6.0
2018-02-11 19:59:16 +01:00
* Switch manifests to use `apps/v1` Deployments and Daemonsets ([#120](https://github.com/poseidon/typhoon/pull/120))
2018-02-11 19:19:09 +01:00
* Remove Kubernetes Dashboard manifests ([#121](https://github.com/poseidon/typhoon/pull/121))
2018-01-28 10:24:27 +01:00
2018-01-19 17:40:09 +01:00
## v1.9.2
* Kubernetes [v1.9.2 ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.9.md#v192 )
2018-01-12 15:56:08 +01:00
* Add Terraform v0.11.x support
* Add explicit "providers" section to modules for Terraform v0.11.x
* Retain support for Terraform v0.10.4+
2018-02-26 21:55:32 +01:00
* Add [migration guide ](https://typhoon.psdn.io/topics/maintenance/#terraform-v011x ) from Terraform v0.10.x to v0.11.x (**action required!**)
2018-01-12 16:19:56 +01:00
* Update etcd from 3.2.13 to 3.2.14
2018-01-20 08:10:45 +01:00
* Update calico from 2.6.5 to 2.6.6
2018-01-12 17:12:18 +01:00
* Update kube-dns from v1.14.7 to v1.14.8
* Use separate service account for kube-dns
2018-01-20 08:10:45 +01:00
* Use kubernetes-incubator/bootkube v0.10.0
2018-01-12 16:19:56 +01:00
2018-01-14 21:36:40 +01:00
#### Bare-Metal
* Use per-node Container Linux install profiles ([#97](https://github.com/poseidon/typhoon/pull/97))
* Allow Container Linux channel/version to be chosen per-cluster
* Fix issue where cluster deletion could require `terraform apply` multiple times
2018-01-16 05:57:55 +01:00
#### Digital Ocean
* Relax `digitalocean` provider version constraint
2018-01-20 16:52:40 +01:00
* Fix bug with `terraform plan` always showing a firewall diff to be applied ([#3](https://github.com/poseidon/typhoon/issues/3))
2018-01-16 05:57:55 +01:00
2018-02-23 07:33:13 +01:00
#### Addons
* Update CLUO to v0.5.0 to fix compatibility with Kubernetes 1.9 (**important**)
* Earlier versions can't roll out Container Linux updates on Kubernetes 1.9 nodes ([cluo#163](https://github.com/coreos/container-linux-update-operator/issues/163))
* Update kube-state-metrics from v1.1.0 to v1.2.0
* Fix RBAC cluster role for kube-state-metrics
2018-01-12 16:19:56 +01:00
## v1.9.1
2017-12-21 23:06:38 +01:00
* Kubernetes [v1.9.1 ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.9.md#v191 )
2018-01-09 16:03:04 +01:00
* Update kube-dns from 1.14.5 to v1.14.7
* Update etcd from 3.2.0 to 3.2.13
* Update Calico from v2.6.4 to v2.6.5
* Enable portmap to fix hostPort with Calico
2018-01-12 17:12:18 +01:00
* Use separate service account for controller-manager
2017-12-21 23:06:38 +01:00
2017-12-22 22:00:18 +01:00
## v1.8.6
2017-12-21 19:30:13 +01:00
* Kubernetes [v1.8.6 ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.8.md#v186 )
2018-01-09 16:03:04 +01:00
* Update Calico from v2.6.3 to v2.6.4
2017-12-21 19:30:13 +01:00
2017-12-15 10:52:51 +01:00
## v1.8.5
2017-12-10 07:38:27 +01:00
* Kubernetes [v1.8.5 ](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.8.md#v185 )
* Recommend Container Linux [images ](https://coreos.com/releases/ ) with Docker 17.09
2017-12-10 07:02:45 +01:00
* Container Linux stable, beta, and alpha now provide Docker 17.09 (instead
2017-12-15 10:52:51 +01:00
of 1.12)
* Older clusters (with CLUO addon) auto-update Container Linux version to begin using Docker 17.09
2020-01-14 09:49:34 +01:00
* Fix race where `etcd-member.service` could fail to resolve peers ([#69](https://github.com/poseidon/typhoon/pull/69))
2017-12-15 10:52:51 +01:00
* Add optional `cluster_domain_suffix` variable (#74)
2017-12-15 10:45:02 +01:00
* Use kubernetes-incubator/bootkube v0.9.1
2017-12-10 07:38:27 +01:00
#### Bare-Metal
* Add kubelet `--volume-plugin-dir` flag to allow flexvolume providers ([#61](https://github.com/poseidon/typhoon/pull/61))
#### Addons
2017-12-15 10:52:51 +01:00
* Discourage deploying the Kubernetes Dashboard (security)
2017-12-08 17:56:53 +01:00
2017-12-02 07:27:48 +01:00
## v1.8.4
2017-11-29 06:52:11 +01:00
* Kubernetes v1.8.4
* Calico related bug fixes
* Update Calico from v2.6.1 to v2.6.3
* Update flannel from v0.9.0 to v0.9.1
2017-12-02 07:27:48 +01:00
* Service accounts for kube-proxy and pod-checkpointer
* Use kubernetes-incubator/bootkube v0.9.0
2017-11-29 06:52:11 +01:00
2017-11-08 10:35:56 +01:00
## v1.8.3
2017-11-09 07:41:01 +01:00
* Kubernetes v1.8.3
2017-11-11 05:01:37 +01:00
* Run etcd on-host, across controllers
* Promote AWS platform to beta
* Use kubernetes-incubator/bootkube v0.8.2
2017-11-07 06:19:11 +01:00
2017-11-04 18:57:12 +01:00
#### Google Cloud
2017-11-04 19:48:50 +01:00
* Add required variable `region` (e.g. "us-central1")
2017-11-05 20:01:50 +01:00
* Reduce time to bootstrap a cluster
* Change etcd to run on-host, across controllers (etcd-member.service)
2017-11-05 20:09:03 +01:00
* Change controller instances to automatically span zones in the region
* Change worker managed instance group to automatically span zones in the region
2017-11-08 08:21:12 +01:00
* Improve internal firewall rules and use tag-based firewall policies
2017-11-05 20:01:50 +01:00
* Remove support for self-hosted etcd
2017-11-05 20:09:03 +01:00
* Remove the `zone` required variable
* Remove the `controller_preemptible` optional variable
2017-11-04 18:57:12 +01:00
2017-11-06 07:36:50 +01:00
#### AWS
2017-11-07 06:19:11 +01:00
* Promote AWS platform to beta
2017-11-06 07:36:50 +01:00
* Reduce time to bootstrap a cluster
* Change etcd to run on-host, across controllers (etcd-member.service)
2017-11-07 06:19:11 +01:00
* Fix firewall rules for multi-controller kubelet scraping and node-exporter
2017-11-06 07:36:50 +01:00
* Remove support for self-hosted etcd
2017-11-08 10:35:56 +01:00
#### Addons
* Add Prometheus 2.0 addon with alerting rules
* Add Grafana dashboard for observing metrics
2017-10-25 06:34:29 +02:00
## v1.8.2
* Kubernetes v1.8.2
* Fixes a memory leak in the v1.8.1 apiserver ([kubernetes#53485](https://github.com/kubernetes/kubernetes/issues/53485))
* Switch to using the `gcr.io/google_containers/hyperkube`
* Update flannel from v0.8.0 to v0.9.0
* Add `hairpinMode` to flannel CNI config
* Add `--no-negcache` to kube-dns dnsmasq
2017-10-28 21:50:37 +02:00
* Use kubernetes-incubator/bootkube v0.8.1
2017-10-25 06:34:29 +02:00
2017-10-09 08:49:29 +02:00
## v1.8.1
* Kubernetes v1.8.1
* Use kubernetes-incubator/bootkube v0.8.0
2017-10-04 09:07:48 +02:00
#### Digital Ocean
* Run etcd cluster across controller nodes (etcd-member.service)
* Remove support for self-hosted etcd
2017-10-09 08:49:29 +02:00
* Reduce time to bootstrap a cluster
2017-10-04 09:07:48 +02:00
2017-10-04 05:48:24 +02:00
## v1.7.7
* Kubernetes v1.7.7
* Use kubernetes-incubator/bootkube v0.7.0
* Update kube-dns to 1.14.5 to fix dnsmasq [vulnerability ](https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html )
* Calico v2.6.1
* flannel-cni v0.3.0
* Update flannel CNI config to fix hostPort
2017-09-23 22:02:18 +02:00
## v1.7.5
* Kubernetes v1.7.5
2017-10-04 05:48:24 +02:00
* Use kubernetes-incubator/bootkube v0.6.2
2017-09-23 22:02:18 +02:00
* Add AWS Terraform module (alpha)
* Add support for Calico networking (bare-metal, Google Cloud, AWS)
* Change networking default from "flannel" to "calico"
#### AWS
* Add `network_mtu` to allow CNI interface MTU customization
#### Bare-Metal
* Add `network_mtu` to allow CNI interface MTU customization
2017-09-23 21:52:50 +02:00
* Remove support for `experimental_self_hosted_etcd`
2017-09-23 22:02:18 +02:00
## v1.7.3
* Kubernetes v1.7.3
2017-12-09 18:26:26 +01:00
* Use kubernetes-incubator/bootkube v0.6.1
2017-09-23 22:02:18 +02:00
#### Digital Ocean
* Add cloud firewall rules (requires Terraform v0.10)
* Change nodes tags from strings to DO tags
## v1.7.1
* Kubernetes v1.7.1
2017-12-09 18:26:26 +01:00
* Use kubernetes-incubator/bootkube v0.6.0
2017-09-23 22:02:18 +02:00
* Add Bare-Metal Terraform module (stable)
* Add Digital Ocean Terraform module (beta)
#### Google Cloud
* Remove `k8s_domain_name` variable, `cluster_name` + `dns_zone` resolves to controllers
* Rename `dns_base_zone` to `dns_zone`
* Rename `dns_base_zone_name` to `dns_zone_name`
## v1.6.7
* Kubernetes v1.6.7
2017-12-09 18:26:26 +01:00
* Use kubernetes-incubator/bootkube v0.5.1
2017-09-23 22:02:18 +02:00
## v1.6.6
* Kubernetes v1.6.6
2017-12-09 18:26:26 +01:00
* Use kubernetes-incubator/bootkube v0.4.5
2017-09-23 22:02:18 +02:00
* Disable locksmithd on hosts, in favor of [CLUO ](https://github.com/coreos/container-linux-update-operator ).
## v1.6.4
* Kubernetes v1.6.4
* Add Google Cloud Terraform module (stable)
## Earlier
Earlier versions, back to v1.3.0, used different designs and mechanisms.