v2.0.0

Release notes for Cluster API Provider AWS (CAPA) v2.0.0

Documentation

IMPORTANT

This is a major version change due to a number of API changes. Please review the changes below in the API Changes section.

If you plan to create new EKS clusters, please be aware that we have re-introduced AWSManagedCluster and it's advised that you use this as the infrastructure cluster going forwards. For example:

apiVersion: cluster.x-k8s.io/v1beta1
kind: Cluster
metadata:
  name: "ekstest"
spec:
  clusterNetwork:
    pods:
      cidrBlocks: ["192.168.0.0/16"]
  infrastructureRef:
    kind: AWSManagedCluster
    apiVersion: infrastructure.cluster.x-k8s.io/v1beta2
    name: "ekstest"
  controlPlaneRef:
    kind: AWSManagedControlPlane
    apiVersion: controlplane.cluster.x-k8s.io/v1beta2
    name: "ekstest-control-plane"

Changelog since v1.5.1

What's Changed

⚠ API Changes

• add option for disabling instance refresh by @harveyxia in #3730
• Remove ARN field from AWSResourceReference by @Ankitasw in #3835
• Remove failure domain from AWSMachineSpec to respect CAPI's Machine/MD failure domain field by @Ankitasw in #3847
• feat: re-introduce awsmanagedcluster by @richardcase in #3797

🚀 Features

• feat: add custom environment variables to the 'aws-node' DaemonSet by @charlie-haley in #3374
• Add AWSMachinePool test to eks e2e test by @pydctw in #3607
• Add spot instance support in AWSMachinePool by @Ankitasw in #3563
• Add ClusterClass tests by @pydctw in #3472, #3491
• Add scaling from 0 support by @Skarlso in #3684
• Add ipv6 support for EKS by @Skarlso in #3513
• Align logging practices with cluster-api by @Skarlso in #3722
• Suspend and Resume ASG Processes by @Skarlso in #3741
• Unify the logger interface in CAPA by @Skarlso in #3776
• Enhance the EKSConfigTemplate and add configuration for files, mounts, users, ntp, etc for CAPI feature parity by @cnmcavoy in #3757
• allow annotation on MachinePool to set externally managed by @mweibel in #3683
• Make overwrite the default behaviour for conflict resolution in addons by @Skarlso in #3833
• Add CCM tag to routing tables by @Skarlso in #3838
• AWSManagedMachinePool - Launch Template support by @richardchen331 in #3094

🐛 Bug Fixes

• Removed additionalTag application on unmanaged subnets by @Ankitasw in #3512
• Revert "Streamline Ginkgo variables" #3501 by @sedefsavas in #3561
• Fix the json tag for VpcCni by @Skarlso in #3566
• Add deduplication handling and only update if there is a need for it by @Skarlso in #3568
• [clusterawsadm] Fix attaching CSI policy to control plane IAM role by @sedefsavas in #3595
• Fix aws-node-env checker to use the correct input and context by @Skarlso in #3612
• Fix apidiff target by @Prajyot-Parab in #3634
• Fix the update logic for aws-node daemonset environment properties by @Skarlso in #3677
• chore: adding rbac generation back in by @richardcase in #3685
• adding a return nil after deleting cni by @luthermonson in #3674
• Relax the AWSManagedControlPlane version regex and remove normalising the version by @Skarlso in #3682
• fix validation for aws tags with spaces by @Jacobious52 in #3702
• Fix multitenancy topic for secretRef syntax by @Skarlso in #3719
• Add elasticloadbalancing:DeregisterTargets to control plane role policy by @cnmcavoy in #3727
• Add ASG Instance AZ SDK API to CAPA API conversion by @Ankitasw in #3743
• Downgrade K8s dependency version to v0.24 by @sedefsavas in #3758
• Use the eksClusterName passed in to the function instead of the scope configured one by @Skarlso in #3713
• normalize oidc configs to string values for comparison by @luthermonson in #3735
• Try to find and verify existing OIDC providers before we try to create a new one by @codablock in #2901
• deleting additional vpc cni resources when disabled by @luthermonson in #3732
• Add EventBridge ec2 event reconciliation and rule creation to eks managed control planes by @cnmcavoy in #3752
• Skip deleting 'control-plane.cluster-api-provider-aws.sigs.k8s.io' if it does not exist in the e2e setup by @cnmcavoy in #3795
• [E2E] Fix test flavor generation make targets by @Ankitasw in #3800
• fix: remove check for root volume device name on create by @AverageMarcus in #3798
• rework vpc cni envvar logic to drop the forced keys by @luthermonson in #3681
• Change naming format of AMIs while searching for AMIs by @Ankitasw in #3790
• More nil checks for Version by @luthermonson in #3769
• [E2E] Add check that the pod list is not empty. by @Skarlso in #3841
• Change AMI name generation based on new format in image-builder by @Ankitasw in #3829

Please see the CHANGELOG.md attached in the assets section for a full list of changes that include documentation, dependency and other changes.

New Contributors

• @banthaherder made their first contribution in #3552
• @charlie-haley made their first contribution in #3374
• @yogeek made their first contribution in #3576
• @bhegazy made their first contribution in #3615
• @tobiasgiese made their first contribution in #3613
• @tasdikrahman made their first contribution in #3460
• @steve-fraser made their first contribution in #3737
• @harveyxia made their first contribution in #3730
• @AverageMarcus made their first contribution in #3798
• @cablunar made their first contribution in #3815
• @phoban01 made their first contribution in #3467

The image for this release is: registry.k8s.io/cluster-api-aws/cluster-api-aws-controller:v2.0.0

A special thanks to @dlipovetsky, @Ankitasw and @Skarlso who have moved to be maintainers. And also to @AverageMarcus who moved to be a reviewer.

Thank you to all our contributors!

v1.5.1

Release notes for Cluster API Provider AWS (CAPA) v1.5.1

Documentation

Changelog since v1.5.0

What's Changed

🌱 Others

• [release-1.5] [E2E] Bump NVIDIA GPU operator version in GPU tests by @k8s-infra-cherrypick-robot in #3676
• [release-1.5] fix: wrong EKS tag when upgrading older clusters by @dlipovetsky in #3787
• chore: Backport maintainer/reviewer updates to release-1.5 by @dlipovetsky in #3807
• [release-1.5] fix: use v1beta1 version in EKS user kubeconfig by @k8s-infra-cherrypick-robot in #3763

Full Changelog: v1.5.0...v1.5.1
The image for this release is: registry.k8s.io/cluster-api-aws/cluster-api-aws-controller:v1.5.1
Thanks to all our contributors!

v2.0.0-beta.1

🚨 This is a BETA RELEASE. Use it only for testing purposes. If you find any bugs, please file an issue.

This release has dependency version fix: #3758

The image for this release is:
registry.k8s.io/cluster-api-aws/cluster-api-aws-controller:v2.0.0-beta.1

v2.0.0-beta.0

🚨 This is a BETA RELEASE. Use it only for testing purposes. If you find any bugs, please file an issue.

The image for this release is:
registry.k8s.io/cluster-api-aws/cluster-api-aws-controller:v2.0.0-beta.0

v1.5.0

Release notes for Cluster API Provider AWS (CAPA) v1.5.0

Documentation

NOTE:

If you are planning to use Garbage Collection, which is a new feature added in this release, then you will need to update your controllers policy by running clusterawsadm bootstrap iam create-cloudformation-stack again (or can manually add elasticloadbalancing:DeleteTargetGroup permission to controllers policy). See the documentation on how to enable this feature via a feature flag.

Changelog since v1.4.0

What's Changed

🚀 Features

• External load balancer garbage collection - new gc service by @richardcase in
  #3625 #3632 #3646 #3650
• [E2E] EFS CSI driver validation by @Madhur97 in #3391
• Add lookup for fields of type AWSResourcesReference by @Ankitasw in #3257
• Make CAPA tooling work on arm64 by @Prajyot-Parab in #3519
• [EKS] Allow disabling VPC CNI when setting secondary CIDR block by @mtougeron in #3524
• [EKS] Add ability to delete kube-proxy daemonset by @mzahorik in #3490
• Create bastion security group only when bastion is enabled by @k8s-infra-cherrypick-robot in #3588

🐛 Bug Fixes

• Do not change default security groups during EKS control plane reconcile by @dlipovetsky in #3622
• Add relative path for code generation by @richardcase in #3547
• Only setup envtest when the test target is called by @Skarlso in #3387
• Fix for release log creation script by @sedefsavas in #3388
• Only attempt to delete bootstrap data secret if InsecureSkipSecretsManager isn't set by @dlmather in #3400
• Update clusterawsadm ami list nil AMI output by @zeborg in #3496
• Fail apidiff make target when git fails by @Callisto13 in #3538
• Fix generate go apis target by @LucaLanziani in #3500
• Fix panics and add timeouts to various e2e methods by @josh-ferrell in #3457 #3471 #3418

📖 Documentation

• Remove KIAM page from the book by @sedefsavas in #3417
• Add role assumption trust policy example to book by @sedefsavas in #3416
• Update roadmap by @sedefsavas in #3415
• Add multitenancy example by @LucaLanziani in #3401
• Add steps to recover cluster by @warroyo in #3438
• docs: Using IAM roles instead of AWS credentials in management cluster by @Ankitasw in #3328
• Add EKS AWSManagedMachinePool example to spot instances doc by @pydctw in #3523

🌱 Others

• Disable external infrastructure test by @josh-ferrell in #3499
• Merge external infrastructure, peered VPCs, internal ELB and private subnets E2E test. by @josh-ferrell in #3366
• Add owner-id flag for clusterawsadm ami list by @zeborg in #3461
• Add multi-tenancy and ssm test based on ClusterClass by @pydctw in #3448 #3389
• Validate Tags created for the resources by @VibhorChinda in #3398
• Updates e2e test cluster names to include spec name by @ydarb in #3425
• Apidiff test runs only if there are changes in api/ or exp/api/ by @meghanajangi in #3368
• Remove list webhooks by @sedefsavas in #3413
• Fix failing tests because of change in cluster names by @Ankitasw in #3429
• Add tests for using filters in AWSResourceReference type fields by @Ankitasw in #3382
• Use registry.k8s.io registry in CI jobs by @sedefsavas in #3436
• Scope cleanup by @sedefsavas in #3430
• Makefile: use 'rm -f' for verify-boilerplate by @invidian in #3442
• [E2E] Fix failing GPU test due to update in the CUDA Linux GPG Repository Key by @Ankitasw in #3459
• Add ClusterClass templates by @sedefsavas in #3462
• Fix eks-fargate cluster template by @pydctw in #3493
• Add ReplaceRoute in ControllersPolicy by @AmitSahastra in #3492
• Publish e2e templates by @sedefsavas in #3497
• Update EKS e2e addon versions by @pydctw in #3516
• Update EKS e2e to use k8s v1.22 by @pydctw in #3520
• Fix for conformance tests by @sedefsavas in #3529
• Add Roadmap Update for Windows Support by @luthermonson in #3534
• chore: use "registry.k8s.io" for k8s images by @richardcase in #3521
• Rename kubernetes.io/cluster tag to use EKS cluster name by @k8s-infra-cherrypick-robot in #3591
• Fix the owner checking of a cluster by @k8s-infra-cherrypick-robot in #3598
• [EKS] Add defaulting for update config by @k8s-infra-cherrypick-robot in #3629
• Manual cherry pick of linter fixes (#3617 and #3623) by @sedefsavas in #3637
• Add 1.5 version to metadata file by @sedefsavas in #3658

🌱 Dependencies

• Bump cluster-api to v1.1.5 by @sedefsavas in #3638
• Bump cert-manager version in the tests by @sedefsavas in #3437
• build(deps): bump actions/setup-go from 2 to 3 by @dependabot in #3406
• build(deps): bump actions/checkout from 2 to 3 by @dependabot in #3408
• build(deps): bump EndBug/add-and-commit from 7 to 9 by @dependabot in #3407
• build(deps): bump actions/cache from 2 to 3 by @dependabot in #3409
• build(deps): bump github.com/aws/aws-lambda-go from 1.28.0 to 1.29.0 by @dependabot in #3367
• build(deps): bump sigs.k8s.io/kustomize/kustomize/v4 from 4.5.3 to 4.5.4 in /hack/tools by @dependabot in #3383
• Bump AWS SDK Go and AWS IAM and AWS VPC CNI Authenticator by @Ankitasw in #3393 #3412
• build(deps): bump github.com/spf13/cobra from 1.4.0 to 1.5.0 by @dependabot in #3543
• build(deps): bump github/codeql-action from 1 to 2 by @dependabot in #3446
• build(deps): bump github.com/aws/aws-lambda-go from 1.30.0 to 1.31.1 by @dependabot in https://github.com/kubernetes-sigs/cluster-api-provid...

v1.4.1

Release notes for Cluster API Provider AWS (CAPA) v1.4.0

Documentation

Changelog since v1.4.0

What's Changed

🐛 Bug Fixes

• Fix for InsecureSkipSecretsManager @dlmather #3400

New Contributors

• @dlmather made their first contribution in #3040

The image for this release is: k8s.gcr.io/cluster-api-aws/cluster-api-aws-controller:v1.4.1
Thanks to all our contributors!

v1.4.0

Release notes for Cluster API Provider AWS (CAPA) v1.4.0

Documentation

Changelog since v1.3.0

What's Changed

⚠ API Changes

• Add support for Ignition-based bootstrap data and Flatcar Container Linux by @invidian in #2271
• Add nodegroup update config support by @richardcase in #3337

🚀 Features

• Add support for custom protocol for ELB health checks by @Ankitasw in #3124
• Validate internal ELB in a peered VPC by @josh-ferrell in #3285
• Add lookup logic for bastion hosts by @Ankitasw in #3298
• Change the release process to use GitHub Release Notes by @meghanajangi in #3214
• Query AWS to find subnets with explicitely specified subnet IDs by @codablock in #2864
• Add filter lookup support to AWSMachinePool.Spec.Subnets by @shivi28 in #3255

🐛 Bug Fixes

• [EKS] Fix for subnet cloud-provider tags @10hin in #3123
• [EKS] Fix for ASG and instance cloud-provider tags by @faiq in #3343
• [EKS] Fix racing conditions in reconcileDelete by @richardchen331 in #3157
• Block ELB re-creation after the cluster has been provisioned by @Ankitasw in #3240
• Validate additionalTags by @jonathanbeber in #3177
• Fix MP template: use correct machine type env var by @mweibel in #3227
• Update ClusterSecurityGroupsReadyCondition as part of managedcontrolplane by @pydctw in #3234
• Remove .metadata.clusterName usage by @pydctw in #3322
• Fix asgNeedsUpdates invalid condition (pointers) by @mweibel in #3264
• Disassociate secondary CIDR after subnets are deleted by @Ankitasw in #3347

📖 Documentation

• Add documentation for usage of failure domains by @Ankitasw in #3173
• Add list of Prow jobs to the book by @sedefsavas in #3199
• Update version support documentation by @sedefsavas in #3230
• Add an initial page about e2e testing by @mweibel in #3269
• Add documentation for usage of spot instances by @Ankitasw in #3281
• Add documentation for usage of externally managed clusters by @Ankitasw in #3247
• Update developer guideline to write unit/integration tests in CAPA repo by @Ankitasw in #3289
• Update multi-tenacy docs by @davidblum in #3320

🌱 Others

• Add conversion-verifier in CI by @zeborg in #3168
• Add verify-shellcheck make target by @zeborg in #3178
• Add verify-book-links make target by @zeborg in #3194
• Add apidiff target to the Makefile by @meghanajangi in #3222
• Group Makefile targets by @Skarlso in #3192
• Add methods to create AWS resources for externally managed infrastructure tests by @josh-ferrell in #3237 #3251
• Add unit/integration tests for controllers and pkg/cloud/services by @Ankitasw @Madhur97 @shivi28
• Add flatcar-stable to supported OS list for clusterawsadm by @sedefsavas in #3158
• Add a join slack badge in CAPA repo for k8s cluster-api-aws channel by @shivi28 in #3258
• Add go report badge by @shivi28 in #3210
• Update AwsClusterTemplate printcolumn and remove unnecessary RBAC files by @pydctw in #3217
• Add OpenSSF best practices badge to README.md by @Ankitasw in #3260
• Enable EKS upgrade test by @pydctw in #3229
• Add external Sec Groups E2E test by @josh-ferrell in #3261
• Add v1.22 to v1.23 upgrade test for external CCM migration by @sedefsavas in #3267
• Makefile: don't log verbose from tests by default by @invidian in #3351
• Replace all instances of reflect.DeepEqual() with cmp.Equal() by @VibhorChinda in #3342
• Add test to check if bastion host is running when enabled by @Ankitasw in #3318
• Change assertion for DetachInternetGateway to Eventually by @josh-ferrell in #3291
• Using setup-envtest to install kubebuilder dependency by @Skarlso in #3362

🌱 Dependencies

• Upgrade to use latest Kind version v0.12.0 by @shivi28 in #3293
• update GH_VERSION to v2.7.0 by @faiq in #3376
• build(deps): bump sigs.k8s.io/controller-runtime from 0.11.1 to 0.11.2 by @dependabot in #3369
• build(deps): bump github.com/google/go-cmp from 0.5.6 to 0.5.7 by @dependabot in #3349
• build(deps): bump github.com/onsi/gomega from 1.18.1 to 1.19.0 by @dependabot in #3358
• Bump to golangci-lint v1.45.2 by @Prajyot-Parab in #3350
• build(deps): bump sigs.k8s.io/kustomize/kustomize/v4 from 4.5.2 to 4.5.3 in /hack/tools by @dependabot in #3356
• Bump golanci-lint in /hack/tools by @Ankitasw in #3334
• build(deps): bump k8s.io/klog/v2 from 2.50.0 to 2.60.1 by @dependabot in #3330
• build(deps): bump github.com/go-logr/logr from 1.2.2 to 1.2.3 by @dependabot in #3327
• build(deps): bump github.com/aws/amazon-vpc-cni-k8s from 1.10.1 to 1.10.2 by @dependabot in #3162
• build(deps): bump sigs.k8s.io/aws-iam-authenticator from 0.5.3 to 0.5.4 by @dependabot in #3163
• build(deps): bump sigs.k8s.io/kustomize/kustomize/v4 from 4.5.1 to 4.5.2 in /hack/tools by @dependabot in #3213
• build(deps): bump sigs.k8s.io/controller-runtime from 0.11.0 to 0.11.1 by @dependabot in #3221
• build(deps): bump sigs.k8s.io/aws-iam-authenticator from 0.5.4 to 0.5.5 by @dependabot in #3233
• Bump hack/tools/golangci-lint and fix lint errors by @Ankitasw in #3241
• build(deps): bump github.com/joelanford/go-apidiff from 0.2.0 to 0.3.0 in /hack/tools by @dependabot in #3280
• build(deps): bump github.com/itchyny/gojq from 0.12.6 to 0.12.7 in /hack/tools by @dependabot in #3279
• build(deps): bump github.com/spf13/cobra from 1.3.0 to 1.4.0 by @dependabot in #3302
• Bump CAPI to v1.1.2 by @shivi28 in #3231

New Contributors

• @zeborg made their first contribution in #3168
• @10hin made their first contribution in #3123
• @diptoch...

v1.3.0

Release notes for Cluster API Provider AWS (CAPA) v1.3.0

This version is tested with Cluster API versions 1.1.x.

Documentation

Changelog since v1.2.0

Changes by Kind

API Change

• [EKS] Expose additional EKS node bootstrap configuration options via EKSConfig (#2965, @richardcase)

Feature

• [EKS] Support tagging EKS node group's underlying ASG (#2884, @richardchen331)
• [clusterawsadm] Allow tagging CloudFormation stack during create/update (#3009, @jonathanbeber)

Documentation

• Fix machinepool template and doc for subnet field usage (#2903, @shivi28)
• Add contributors to the README (#3069, @richardcase)

Failing Test

• Fix EKS conversion tests (#3033, @pydctw)
• Increase vCPU quota limit for EC2 instances in e2e tests (#3002, @Ankitasw)

Bug or Regression

• [EKS] Fix AWSManagedControlPlane v1alpha3 to v1beta1 conversion (#3037, @jonathanbeber)
• [EKS] Disable bastion SG when bastion is disabled (#3028, @abhinavnagaraj)
• [EKS] Fix EKS encryption configuration comparison bug (#3040, @jon-fearer)
• [EKS] Fix for EKS encryption reporting false changes (#3095, @richardcase)
• [EKS] Fix to allow updating roleName in fargate, if not already configured (#3052, @abhinavnagaraj)
• Fix for using kubeconfig context in clusterawsadm (#3068, @sedefsavas)
• Fix ECR describe in e2e tests when searching for previously created ECR (#3133, @josh-ferrell)
• Refactor TestMain functions to stop using os.Exit which was swallowing errors (#3036, @jonathanbeber)
• Update bastion status after deleting it (#3090, @sedefsavas)

Other (Cleanup or Flake)

• Move randomvariable to emeritus (#3060, @randomvariable)
• Promote @pydctw to reviewers (#3013, @sedefsavas)
• Enable all golang linters by default with explicit disable (#3093, @pydctw)
• Add HA control plane cluster upgrade e2e test (#3075, @pydctw)
• Add test package linter checks (#3071, @sedefsavas)
• Add unit tests for package pkg/cloud/tags (#3117, @Ankitasw)
• Publish CAPA AMI images for last 4 k8s releases in CAPA book (#3125, @shivi28)
• Re-enable GPU test (#3039, @sedefsavas)

New Contributors

• @jon-fearer made their first contribution in #3040
• @KushalBeniwal made their first contribution in #3047
• @richardchen331 made their first contribution in #2884
• @Skarlso made their first contribution in #3115
• @josh-ferrell made their first contribution in #3133

Full Changelog: v1.2.0...v1.3.0

The image for this release is:
k8s.gcr.io/cluster-api-aws/cluster-api-aws-controller:v1.3.0

A special thanks to @randomvariable for his contributions to CAPA from its inception who moves to emeritus status now. And thanks to @pydct who move to reviewers.

Thanks to all our contributors!

v0.7.3

Release notes for Cluster API Provider AWS (CAPA) v0.7.3

Documentation

Changelog since v0.7.2

Changes by Kind

API Change

• Bump CAPI to v0.4.7 for CAPA v0.7 (#3142, @shivi28)

Bug or Regression

• Bugfix in AWSManagedControlPlane object conversion from v1alpha3 to v1beta1. Some fields in Status and Spec were not being considered during conversion (#3043, @jonathanbeber)
• Fixes an issue with using multiple EKS addons. (#2961, @richardcase)
• Refactor TestMain functions across the project to stop using os.Exit swallowing errors (#3041, @jonathanbeber)

The images for this release are:

k8s.gcr.io/cluster-api-aws/cluster-api-aws-controller:v0.7.3

Thanks to all our contributors.

v1.2.0

Release notes for Cluster API Provider AWS (CAPA) v1.2.0

This version is compatible with Cluster API versions 1.0.x.

Documentation

Changelog since v1.1.0

Changes by Kind

Feature

• [EKS] Allow configuring services cidr when creating an EKS cluster. (#2964, @richardcase)
• [EKS] Expose additional EKS node bootstrap configuration options via EKSConfig. (#2965, @richardcase)

Bug or Regression

• Revert setting ELB name field to a generated name (this was a bug that made v1.1.0 incompatible with v1.0.0) (#3004, @dlipovetsky)
• Block creating a new instance if AWSMachine already has ProviderID field set (#2957, @sedefsavas)
• Fix for setting conditions to error severity only when errors are non-transients (#3018, @sedefsavas)
• Fix recurring AWS.SimpleQueueService.NonExistentQueue error messages from CAPA logs (#2976, @Ankitasw)
• Fix for trying to update AWSMachine immutable field: rootVolume.deviceName (#3011, @pydctw)
• [EKS] Fix AWSFargateProfile template (#2984, @matthewhembree)
• Use non root numeric user for CAPA containers (#2960, @Ankitasw)
• [EKS] Fix for EKS e2e tests caused by new environment variable (#2987, @richardcase)
• [EKS] Add missing permissions for EKS OIDC provider configuration (#2870, @codablock)

Documentation

• Update documentation to specify JSON output for AWS CLI commands (#2982, @matthewhembree)
• Update tilt development docs for v0.7.0+ and debugging (#2994, @richardcase)

Other

• Add ClusterUpgradeConformanceSpec CAPI test (#2973, @pydctw)

New Contributors

• @matthewhembree made their first contribution in #2984

Full Changelog: v1.1.0...v1.2.0

The image for this release is:
k8s.gcr.io/cluster-api-aws/cluster-api-aws-controller:v1.2.0

Thanks to all our contributors.