mirror of
https://github.com/openshift/installer.git
synced 2026-02-05 06:46:36 +01:00
CHANGELOG: Document changes since 0.14.0
Through 0d891e1119 (Merge pull request #1446 from staebler/vsphere_tf,
2019-03-21).
This commit is contained in:
W. Trevor King
98
CHANGELOG.md
98
CHANGELOG.md
@@ -4,6 +4,98 @@ All notable changes to this project will be documented in this file.
|
||||
|
||||
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
|
||||
|
||||
## 0.15.0 - 2019-03-25
|
||||
|
||||
### Added
|
||||
|
||||
- We now initialize TLS certificates for etcd metrics over TCP on port
|
||||
9979. We also store etcd certificates in various `kube-system`
|
||||
Secrets and ConfigMaps.
|
||||
- The Kubernetes client is now extracted from the release image's
|
||||
`kube-client-agent` reference, replacing
|
||||
`quay.io/coreos/kube-client-agent`.
|
||||
- On the control-plane and compute nodes, CRI-O's pause image is now
|
||||
extracted from the release image's `pod` reference.
|
||||
- Initial work for user-provided infrastructure on AWS and vSphere,
|
||||
including a new `user-provided-infrastructure` subcommand.
|
||||
|
||||
### Changed
|
||||
|
||||
- The install-config version has been bumped to `v1beta4` for changes
|
||||
to more closely align with `Network.config.openshift.io`:
|
||||
- `serviceCIDR` is now `serviceNetwork`.
|
||||
- `clusterNetworks` is now `clusterNetwork`.
|
||||
- `type` is now `networkType`.
|
||||
- `hostSubnetLength` is now `hostPrefix`.
|
||||
`v1beta3` is deprecated and will be removed in a future release.
|
||||
- On AWS and OpenStack, ports 9000 through 9999 are now open for UDP.
|
||||
They had been open for TCP since 0.4.0, with a bugfix for 9990 ->
|
||||
9999 in 0.13.0.
|
||||
- On AWS, we now create network interfaces for the control-plane
|
||||
nodes explicitly, which allows for faster resource-creation time by
|
||||
allowing greater parallelization.
|
||||
- On AWS, we now ask the machine-API operator to use
|
||||
`aws-cloud-credentials` (created by [the credential
|
||||
operator][credential-operator]) to fulfill our Machine(Set)s.
|
||||
- On OpenStack, resources are prefixed with the cluster ID to avoid
|
||||
conflicts when running multiple clusters under the same tenant.
|
||||
- On OpenStack, machines are now configured with hostnames to allow
|
||||
inter-VM communication.
|
||||
- On OpenStack, machines are now configured with default DNS
|
||||
nameservers (1.1.1.1 and 208.67.222.222).
|
||||
- Several doc and internal cleanups.
|
||||
|
||||
### Fixed
|
||||
|
||||
- On AWS, the credentials-checking logic now allows root credentials,
|
||||
although it logs a warning because this approach is not recommended.
|
||||
- On AWS, we only consider available zones when calculating defaults.
|
||||
This reduces the chance of errors from attempting resource creation
|
||||
in impaired or unavailable zones, although there's still a
|
||||
possibility for a zone going unavailable after our check but before
|
||||
resource creation.
|
||||
- On AWS, the bootstrap machine is now created in the first public
|
||||
subnet, restoring SSH and journald access, and fixing a bug from
|
||||
0.14.0.
|
||||
- On AWS, the Kubernetes API load balancers now use `/readyz` instead
|
||||
of `/healthz` for health checks, which allows for more graceful
|
||||
control-plane rotation.
|
||||
- On AWS, `destroy cluster` has some fixes for:
|
||||
- Removing snapshots associated with copied AMIs, fixing a bug
|
||||
from 0.14.0.
|
||||
- Deleting network interfaces, where we now remove all network
|
||||
interfaces in an owned VPC regardless of whether those network
|
||||
interfaces were themselves tagged as owned.
|
||||
- Instance termination, where we now attempt to terminate
|
||||
instances which are stopped, stopping, or shutting down in
|
||||
addition to those which are pending or running.
|
||||
- Instance profiles (which cannot be tagged directly) are now
|
||||
removed by name in a final deletion step, covering cases where
|
||||
they slipped through tag-based deletion because some external
|
||||
actor removed both the referencing instances and roles but left
|
||||
the instance profiles.
|
||||
- `InvalidGroup.NotFound` is now caught and considered a succesful
|
||||
deletion in more situations than with previous releases.
|
||||
- Error handling where subsequent successes no longer mask earlier
|
||||
errors.
|
||||
- Rate-limiting delete cycles, to reduce excessive AWS API usage
|
||||
(and associated throttling) while waiting for removed
|
||||
dependencies to resolve.
|
||||
- On OpenStack, Machine(Set)s now use the correct security group name.
|
||||
- On OpenStack, we now set `api` and `*.apps` DNS entries for internal
|
||||
IPs when a floating IP is not configured.
|
||||
- The `none` platform no longer creates Machine(Set)s, because there
|
||||
is, by definition, no machine-API support for that platform.
|
||||
|
||||
### Removed
|
||||
|
||||
- The deprecated `cluster-config-v1` ConfigMap no longer contains the
|
||||
pull secret, now that all pull-secret consumers have been migrated
|
||||
to the `coreos-pull-secret` Secret.
|
||||
- On AWS, control-plane nodes no longer allow ingress on ports 12379
|
||||
or 12380 (which had, in the distant past, been used for etcd
|
||||
bootstrapping).
|
||||
|
||||
## 0.14.0 - 2019-03-05
|
||||
|
||||
### Changed
|
||||
@@ -32,11 +124,9 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
|
||||
still broken, but we've landed a fix to get it working again in the
|
||||
next release. In the meantime, you can set up a SSH bastion or
|
||||
debug pod if you need SSH access to cluster machines.
|
||||
|
||||
- On OpenStack, the Machine(Set)s have been updated to track provider
|
||||
changes. For example, the `SecurityGroups` schema has changed, as
|
||||
has the schema for selecting subnets.
|
||||
|
||||
- Several doc and internal cleanups.
|
||||
|
||||
### Fixed
|
||||
@@ -271,7 +361,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
|
||||
install-config version has been bumped from `v1beta1` to `v1beta2`.
|
||||
All users, regardless of platform, will need to update any saved
|
||||
`install-config.yaml` to use the new version. IAM roles are being
|
||||
replaced by [the credentials operator][credential-operator], and
|
||||
replaced by [the credential operator][credential-operator], and
|
||||
while we still create IAM roles for our master, worker, and
|
||||
bootstrap machines, we're removing the user-facing property now to
|
||||
avoid making this breaking change later.
|
||||
@@ -393,7 +483,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
|
||||
shell-completion code (currently only for Bash).
|
||||
- On AWS, `destroy cluster` now also removed IAM users with the usual
|
||||
tags. We don't create these users yet, but the removal sets the
|
||||
stage for the coming credentials operator.
|
||||
stage for the coming [credential operator][credential-operator].
|
||||
|
||||
### Changed
|
||||
|
||||
|
||||
Reference in New Issue
Block a user