Releases: kubernetes/kops
Releases · kubernetes/kops
v1.34.0
Release notes for kOps 1.34 series
kOps 1.34.0 introduces major updates to container runtime management, enhanced cloud provider support, and significant networking improvements.
Significant changes
Container Runtime
crictlandnerdctlare now only installed on demand (#17604)- Set
spec.containerd.installCriCtl=trueorspec.containerd.installNerdCtl=trueto install
- Set
- Update containerd to v2.1.4 (#17532)
- Better systemd integration with dbus dependency fix (#17603)
Networking
- Update Cilium to v1.18.2 (#17601)
- Add support for cilium-etcd with dns=none (#17625)
- Update Calico to v3.30.3 (#17628)
- Update Flannel to v0.27.4 (#17641)
- AWS VPC CNI updated to v1.20.2 (#17629)
- BREAKING: Canal support removed (#17642)
AWS
- Update Karpenter to v1.8.1 (#17624)
- Add support for feature gates configuration
- Important: Older versions must be uninstalled before upgrading (#17567)
- Add CPU and memory resource configuration for AWS Load Balancer Controller
- Update EBS CSI driver to v1.47.0 (#17560)
- Add support for using ECR as pull-through image cache (#16593)
Azure
- Add udev disk rules (#17611)
- Fix rolling-update error (#17538)
- Use internal K8s API endpoint for cloud-node-manager (#17607)
- Remove various VMSS configuration suffixes for cleaner naming
- Use
kopsas the default admin user
OpenStack
- Update OpenStack CSI images
Etcd
- Update etcd to v3.6.5 for Kubernetes 1.34+ (#17637)
- Update etcd to v3.5.23 for Kubernetes <1.34
- Update etcd-manager to v3.0.20250917 (#17615)
- Use image volumes to mount etcd images (#17539)
Other Components
- Update cluster-autoscaler to v1.34.0 (#17643)
- Update CoreDNS to v1.12.4
- Update Cloud Controller Managers for AWS, Azure, and Hetzner
- Default SSH key changed to
~/.ssh/id_ed25519.pub(from RSA) ebtables,ethtoolandsocatare no longer installed by default
Breaking changes
- Canal support has been removed (#17642)
- Migrate to Calico or another supported CNI before upgrading
- Legacy addons removed from the kOps repository (#17332)
- Only affects clusters using kOps <1.22
- Karpenter requires manual uninstallation before upgrading (#17567)
- Default SSH key changed from RSA to Ed25519
- Several packages no longer installed by default: crictl, nerdctl, ebtables, ethtool, socat
Other changes of note
- Migrate to control-plane nomenclature in documentation
- Fix IPv6 routes for Kubernetes 1.32
- Fix Azure subscription ID check
- Add nftables package support
- Use ephemeral S3 buckets for E2E tests
- Bump Golang to 1.25
- Update golangci-lint to v2
Known Issues
- Karpenter upgrade requires manual uninstallation of older versions
- Azure naming conventions have changed which may affect existing automation
Deprecations
- Support for Kubernetes version 1.28 is removed in kOps 1.34
- Support for Kubernetes version 1.29 is deprecated and will be removed in kOps 1.35
Installation and Upgrade Notes
Pre-Upgrade Checklist
- Canal Users: Migrate to another CNI solution
- Karpenter Users: Uninstall existing Karpenter installations
- SSH Access: Verify Ed25519 key support
- Tool Dependencies: Check if you need crictl, nerdctl, ebtables, ethtool, or socat
Upgrade Process
- Review breaking changes
- Test in non-production first
- For Karpenter users, uninstall existing version
- Run
kops update clusterand validate before applying
This release includes contributions from the kOps community. Thank you to all contributors!
v1.34.0-beta.1
What's Changed
- etcd-manager: Use image volumes to mount etcd images by @hakman in #17539
- Recognize Debian 13 by @rifelpet in #17550
- aws: Update EBS CSI driver to v1.47.0 by @hakman in #17552
- etcd-manager: Keep the ImageVolume feature gate for K8s 1.35 by @hakman in #17553
- Bump ko-build by @ameukam in #17559
- Bump Golang to 1.25 by @ameukam in #17560
- Add AGENTS.md by @ameukam in #17561
- build(deps): bump actions/checkout from 4.2.2 to 5.0.0 by @dependabot[bot] in #17566
- Add instructions to avoid loops by @ameukam in #17569
- Golangci-lint v2 fixes by @rifelpet in #17573
- Use yum instead of dnf on Amazon Linux 2 by @ConnorJC3 in #17557
- build(deps): bump actions/dependency-review-action from 4.7.1 to 4.7.2 by @dependabot[bot] in #17576
- Bump golangci-lint to v2 by @ameukam in #17562
- Upgrade AWS Load Balancer Controller to v2.13.4 by @cloud303-pdavis in #17571
- nodeup: Simplify the template by removing split-commas by @hakman in #17577
- Install cgroupfs-mount for distros lower than Debian Trixie by @ameukam in #17581
- Remove unused const, variables and function reported by Golangci-lint by @ameukam in #17582
- containerd: Don't install crictl and nerdctl by default by @hakman in #17547
- coredns: Relax zonal topologySpreadConstraints by @hakman in #17554
- Add nftables package by @ameukam in #17583
- Update amazon-ec2-instance-selector to v3.1.1 by @hakman in #17586
- Drop ebtables, ethtool and socat by @ameukam in #17587
- Update 1.34 release notes by @ameukam in #17588
- Update Kubernetes hashes with latest releases by @hakman in #17592
- chore: Bump channels with the latest releases by @hakman in #17596
- Update release notes for kOps 1.33 by @hakman in #17597
- chore: Remove support for Kubernetes 1.28 in kOps 1.34 by @hakman in #17598
- build(deps): bump actions/dependency-review-action from 4.7.2 to 4.7.3 by @dependabot[bot] in #17599
- Use only systemd as cgroup driver by @hakman in #17600
- Golangci-lint v2 fixes: gocritic by @ameukam in #17602
- Ensure containerd starts after dbus by @ameukam in #17603
- Update Karpenter to v1.6.2 by @hakman in #17567
- build(deps): bump actions/setup-go from 5.5.0 to 6.0.0 by @dependabot[bot] in #17606
- azure: Use internal K8s API endpoint for cloud-node-manager by @hakman in #17607
- Bump coredns to 1.12.4 by @ameukam in #17609
- Bump k8s assets by @ameukam in #17610
- azure: Update getting started docs by @hakman in #17612
- azure: Add udev disk rules by @hakman in #17611
- Bump versions in netlify and mkdocs by @hakman in #17614
- nodeup: Use embed for containerd license by @hakman in #17613
- Update etcd-manager to v3.0.20250917 by @hakman in #17615
- Update etcd to v3.6.4 for K8s 1.34+ by @hakman in #17616
- Update Karpenter to v1.7.1 by @hakman in #17624
- docs: migrate to control-plane nomenclature by @apeabody in #17618
- Add support for
cilium-etcdwithdns=noneby @hakman in #17625 - Update Cilium to v1.18.2 by @hakman in #17601
- feat: add CPU and memory resource configuration for AWS Load Balancer Controller by @ana-aguilar7 in #17608
- aws: Update VPC CNI to v1.20.2 by @hakman in #17629
- Update Calico to v3.30.3 by @hakman in #17628
- build(deps): bump actions/dependency-review-action from 4.7.3 to 4.8.0 by @dependabot[bot] in #17632
- Restore default SELinux security contexts for containerd binaries by @hakman in #17633
- Update etcd to v3.6.5 for K8s 1.34+ by @hakman in #17637
- Update cluster-autoscaler to v1.34.0 releases by @hakman in #17640
- Remove Canal support by @hakman in #17642
- Update Flannel to v0.27.4 by @hakman in #17641
- Update dependencies by @hakman in #17643
- Update CCM for AWS, Azure and Hetzner by @hakman in #17644
- Update codegen to v0.34.1 by @hakman in #17645
- Release 1.34.0-beta.1 by @hakman in #17646
New Contributors
- @ConnorJC3 made their first contribution in #17557
- @cloud303-pdavis made their first contribution in #17571
- @apeabody made their first contribution in #17618
Full Changelog: v1.34.0-alpha.1...v1.34.0-beta.1
Contributors
rifelpet, ameukam, and 6 other contributors
Assets 24
v1.33.1
What's Changed
- Automated cherry pick of #17550: Recognize Debian 13 by @ameukam in #17570
- Automated cherry pick of #17557: Use yum instead of dnf on Amazon Linux 2 by @hakman in #17574
- Automated cherry pick of #17554: coredns: Relax zonal topologySpreadConstraints by @hakman in #17584
- Automated cherry pick of #17581: Install cgroupfs-mount for distros lower than Debian 13 by @hakman in #17590
- Automated cherry pick of #17592: Update Kubernetes hashes with latest releases by @hakman in #17593
- Release 1.33.1 by @hakman in #17594
Full Changelog: v1.33.0...v1.33.1
Contributors
ameukam and hakman
Assets 24
v1.32.2
What's Changed
- Automated cherry pick of #17270: Update nodeup test case to 1.33
#17482: Fix cloud-provider flag for K8s 1.31+ by @hakman in #17489 - tests: don't override etcd-manager image in bare-metal test by @justinsb in #17495
- Automated cherry pick of #17500: Fix invalid filters for describing security group rules by @rifelpet in #17508
- Automated cherry pick of #17512: Wait for the GCE disk creation operation to finish by @hakman in #17514
- Automated cherry pick of #17523: testing: Fix e2e test job name by @hakman in #17530
- Automated cherry pick of #17531: metal: Update Debian image by @hakman in #17535
- Automated cherry pick of #17557: Use yum instead of dnf on Amazon Linux 2 by @hakman in #17575
- Automated cherry pick of #17550: Recognize Debian 13 by @ameukam in #17585
- Automated cherry pick of #17581: Install cgroupfs-mount for distros lower than Debian by @hakman in #17591
- Release 1.32.2 by @hakman in #17595
Full Changelog: v1.32.1...v1.32.2
Contributors
justinsb, rifelpet, and 2 other contributors
Assets 24
v1.34.0-alpha.1
What's Changed
- channels: Bump Azure image by @hakman in #17479
- azure: Fix small issues related to role assignments by @hakman in #17478
- azure: Deploy cloud-node-manager for K8s 1.31+ by @hakman in #17483
- Fix
--cloud-providerflag for K8s 1.31+ by @hakman in #17482 - docs: Fix release notes deprecations by @hakman in #17481
- aws: Update ecr-credential-provider to v1.31.7 by @hakman in #17486
- Update ecr-credential-provider checksums by @rsafonseca in #17491
- Upgrade node-local-dns from 1.23.0 to 1.26.0 by @rsafonseca in #17490
- azure: Track resources by ID during deletion by @hakman in #17493
- Introduce flag use-kubeconfig which allows loading from the local kubeconfig by @justinsb in #17494
- Normalize the hardcoded images used for warmpool pre-pulling by @rifelpet in #17144
- Reduce verbosity of k8s version warning by @rifelpet in #17498
- Fix invalid filters for describing security group rules by @rifelpet in #17500
- azure: Add e2e testing by @hakman in #17497
- azure: Add defaults for network CIDR and subscription ID by @hakman in #17504
- chore: Use constants for default network CIDRs by @hakman in #17505
- azure: Use
kopsas the default admin user by @hakman in #17506 - azure: Use creation timestamp tag in e2e tests by @hakman in #17507
- protokube: Initialize CloudProvider only with Gossip by @hakman in #17509
- Wait for GCE disk creation operation by @ouillie in #17512
- Don't require
.indns=nonecluster names by @hakman in #17515 - Prefer using
id_ed25519.pubinstead ofid_rsa.pubby @hakman in #17516 - azure: Fix periodic tests by @hakman in #17517
- (Experimental) bare-metal with IPv6 by @justinsb in #16944
- testing: Fix e2e test job name by @hakman in #17523
- aws: Add support for using ECR as pull-through image cache by @rsafonseca in #16593
- Add support for passing image for nvidia-k8s-device-plugin by @sats-23 in #17519
- aws: added permissions to RW*TargetGroupAttributes to CCM by @mtulio in #17521
- Add more context to terraform fatal log by @rifelpet in #17524
- Use ssm parameter for AMI ID in LBC scenario by @rifelpet in #17525
- Add round-trip tests / PodCIDR to all versions by @justinsb in #17526
- Update containerd to v1.7.28 by @hakman in #17527
- Use official etcd images from
registry.k8s.ioby @hakman in #17485 - metal: Update Debian image by @hakman in #17531
- Update containerd to v2.1.4 by @hakman in #17532
- tests: Skip failing CNI tests by @hakman in #17533
- build(deps): bump actions/setup-go from 5.1.0 to 5.5.0 by @dependabot[bot] in #17537
- azure: Fix rolling-update error by @hakman in #17538
- Update etcd-manager to v3.0.20250803 by @hakman in #17540
- Skip tests-e2e-scenarios-bare-metal-ipv6 when
version.gochanges by @hakman in #17549 - Release 1.34.0-alpha.1 by @hakman in #17548
New Contributors
- @ouillie made their first contribution in #17512
- @sats-23 made their first contribution in #17519
- @mtulio made their first contribution in #17521
Full Changelog: v1.33.0-beta.1...v1.34.0-alpha.1
Contributors
justinsb, rifelpet, and 6 other contributors
Assets 24
v1.33.0
What's Changed
- Automated cherry pick of #17478: Fix role assignment for cluster resource group
#17483: azure: Deploy cloud-node-manager for K8s 1.31+ by @hakman in #17487 - Automated cherry pick of #17482: Fix cloud-provider flag for K8s 1.31+ by @hakman in #17488
- Automated cherry pick of #17500: Fix invalid filters for describing security group rules by @rifelpet in #17501
- Automated cherry pick of #17512: Wait for the GCE disk creation operation to finish by @hakman in #17513
- Automated cherry pick of #17523: testing: Fix e2e test job name by @hakman in #17529
- Automated cherry pick of #17531: metal: Update Debian image by @hakman in #17534
- Automated cherry pick of #17485: Use official etcd images from registry.k8s.io by @hakman in #17536
- Automated cherry pick of #17527: Update containerd to v1.7.28 by @hakman in #17528
- Automated cherry pick of #17540: Update etcd-manager to v3.0.20250803 by @hakman in #17541
- Automated cherry pick of #16593: Add support for using ECR as pull-through image cache by @hakman in #17545
- Release 1.33.0 by @hakman in #17546
Full Changelog: v1.33.0-beta.1...v1.33.0
Contributors
rifelpet and hakman
Assets 24
v1.33.0-beta.1
What's Changed
- chore(channels): bump alpha channel k8s and ubuntu AMI versions by @moshevayner in #17393
- Bump go to 1.24.3 by @rifelpet in #17394
- Release notes for 1.32.0 by @justinsb in #17395
- build(deps): bump actions/setup-go from 5.4.0 to 5.5.0 by @dependabot in #17402
- build(deps): bump actions/dependency-review-action from 4.6.0 to 4.7.0 by @dependabot in #17401
- chore(channels): promote alpha to stable by @moshevayner in #17403
- Update requiredVersion for 1.31 and 1.32 in alpha by @rifelpet in #17404
- Change volume type to io1 from io2 by @Swizzmaster in #17405
- Update requiredVersion for 1.31 and 1.32 in stable by @rifelpet in #17407
- build(deps): bump actions/dependency-review-action from 4.7.0 to 4.7.1 by @dependabot in #17408
- Remove cloud-config and cloud-provider from 1.33 kubelet by @Swizzmaster in #17412
- Set MACAddressPolicy=none for Ubuntu 24.04 by @rifelpet in #17398
- GCE: avoid duplicate bucket IAM tasks for a single service account by @flopib in #17413
- Remove securityGroupOverride validation for NLB by @h3poteto in #17383
- [docs] fixed cilium cni exclusive topic placement by @runitmisra in #17410
- Upgrade calico to 3.29.4 by @rifelpet in #17427
- Fix minor version upgrade recommendations by @rifelpet in #17426
- Re-enable additionalSecurityGroups for bastion LB by @h3poteto in #17430
- Add documentation on max node lifetime by @rifelpet in #17431
- Fix panic when security group ID is not known by @rifelpet in #17432
- Explicitly set update_policy on GCE instance group managers by @flopib in #17411
- Ensure only owned security groups are deleted by @rifelpet in #17436
- GCE: do not reset MIG target size on cluster updates by @flopib in #17441
- Makefile: correct .PHONY casing by @mohiuddin-khan-shiam in #17442
- Remove --register-unschedulable kubelet flag by @rifelpet in #17443
- chore: Bump node images by @hakman in #17444
- add systemd network config for Cilium and Amazon VPC CNI on Ubuntu 22.04+ and AL2023 to prevent route removal by @mostafahussein in #17438
- Update to golang 1.24.4 by @justinsb in #17450
- Fix toolbox addons apply command by @tanelmae in #17429
- Skip tests-e2e-scenarios-bare-metal when
version.gochanges by @hakman in #17391 - Extend openstack mock by misc. resources by @ascheman in #17406
- hetzner: Add support for Object Storage by @hakman in #17453
- Update dependencies for v1.33 by @hakman in #17461
- hetzner: Update hetznercloud/hcloud-go to v2 by @hakman in #17464
- Update etcd-manager to v3.0.20250629 by @hakman in #17452
- Create flag api-server which allows for custom DNS setups by @justinsb in #17459
- fix(kubelet): parse image GC args failed by @huhouhua in #17465
- Use GCP CCM release image by @rifelpet in #17468
- GCE: set node labels and taints as autoscaler env vars by @flopib in #17434
- Update etcd-manager to v3.0.20250704 by @hakman in #17471
- Allow to setup CoreDNS pod annotations by @rsicart in #17315
- Enforce topologySpreadConstraints for CoreDNS by @hakman in #17472
- docs: Add note to 1.22 about the CA CN rename by @agilgur5 in #15324
- fix(openstack): determine ports to delete based on tags by @ederst in #16961
- Add an example script to setup RAID-10 for instances with multiple NVMe disks by @dobesv in #17474
- Release 1.33.0-beta.1 by @hakman in #17475
New Contributors
- @Swizzmaster made their first contribution in #17405
- @mohiuddin-khan-shiam made their first contribution in #17442
- @tanelmae made their first contribution in #17429
- @ascheman made their first contribution in #17406
- @huhouhua made their first contribution in #17465
- @rsicart made their first contribution in #17315
- @dobesv made their first contribution in #17474
Full Changelog: v1.33.0-alpha.1...v1.33.0-beta.1
Contributors
justinsb, dobesv, and 16 other contributors
Assets 24
v1.32.1
What's Changed
- [release-1.32] Upgrade to Go 1.23.9 by @rifelpet in #17396
- Automated cherry pick of #17398: Set MACAddressPolicy=none for Ubuntu 24.04 by @rifelpet in #17414
- cherry-pick of #17383: Remove securityGroupOverride validation for NLB by @h3poteto in #17422
- Automated cherry pick of #17427: Upgrade calico to 3.29.4 by @rifelpet in #17428
- Automated cherry pick of #17438: add systemd network config for Cilium and Amazon VPC CNI on Ubuntu 22.04+ and AL2023 to prevent route removal by @rifelpet in #17445
- Automated cherry pick of #17441: GCE: do not reset MIG target size on cluster updates by @rifelpet in #17447
- Automated cherry pick of #17391: Skip tests-e2e-scenarios-bare-metal when
version.gochanges by @hakman in #17454 - Update golang to 1.23.10 by @justinsb in #17456
- Update dependencies for v1.32 by @hakman in #17462
- Automated cherry pick of #17459: Create flag api-server which allows for custom DNS setups by @rifelpet in #17466
- Automated cherry pick of #17468: Use GCP CCM release image by @rifelpet in #17469
- Release 1.32.1 by @hakman in #17476
Full Changelog: v1.32.0...v1.32.1
Contributors
justinsb, rifelpet, and 2 other contributors
Assets 24
v1.33.0-alpha.1
This is the first alpha release of the kOps 1.33 series, which adds support for kubernetes 1.33.
What's Changed
- chore: avoid replacing client-go version in tests/e2e by @justinsb in #17245
- chore: create script to update dependencies by @justinsb in #17244
- docs: update 1.32 release note with beta release by @justinsb in #17254
- Update flannel to v0.26.4 by @hakman in #17179
- Remove removal notice for flannel and update docs by @hakman in #17259
- Skip failing test in pull-kops-kubernetes-e2e-ubuntu-gce-build by @hakman in #17260
- bare-metal: add some go tests to start to verify functionality by @justinsb in #16896
- docs: updated etcdctl example by @vitaliyf in #17263
- chore(channels): bump k8s and ubuntu ami versions in alpha channel by @moshevayner in #17264
- Fix conditional for reconcile command in upgrade tests by @rifelpet in #17265
- Split dpkg-query fields with a tab by @rifelpet in #17271
- Better dumping via private IP when bastion is not set by @justinsb in #17261
- metal: copy control plane config to nodes by @justinsb in #17273
- chore(channels): promote alpha to stable - k8s and Ubuntu ami versions by @moshevayner in #17276
- Remove cloud-config and cloud-provider from 1.33 apiserver by @rifelpet in #17270
- chore(networking): upgrade amazon vpc cni to 1.19.3 by @moshevayner in #17277
- Cleanup logging for reconcile cluster by @rifelpet in #17282
- cloudup/gce: use slices and maps by @ameukam in #17283
- make --admin configurable to rolling-update by @zetaab in #17274
- Update k8s.io dependencies by @ameukam in #17288
- gha: Introduce arm64 for tests by @ameukam in #17286
- Bump CI tools by @ameukam in #17292
- Skip hostnetwork + hostname tests through 1.33 by @rifelpet in #17293
- Remove default CPU limits for aws-iam-authentication and node-problem-detector by @jim-barber-he in #17237
- Change to cx22 as default instance for Hetzner by @bjornharrtell in #17296
- Bump golang.org/x/crypto by @rifelpet in #17303
- Use ephemeral S3 buckets for E2E tests by @ameukam in #17157
- kube-router: bump version v2.1.1 -> v2.5.0 by @aauren in #17297
- Update Calico to v3.29.2 by @hakman in #17311
- Update metrics-server to v0.7.2 by @hakman in #17313
- Update Cilium to v1.16.7 by @hakman in #17312
- Bump Go to v1.24 by @ameukam in #17295
- chore(channels): update alpha k8s and ubuntu ami versions by @moshevayner in #17317
- ServiceTrafficDistribution cannot be switched off for kubernetes master (for scalability tests) by @dims in #17318
- chore(channels): promote alpha to stable by @moshevayner in #17320
- WarmPool should implement CompareWithID by @justinsb in #17323
- build(deps): bump actions/setup-go from 5.3.0 to 5.4.0 by @dependabot in #17322
- Fix JSON circular dependency in ASG / WarmPool by @justinsb in #17321
- Update dependencies by @rifelpet in #17333
- Remove cilium-config-path mount in cilium-agent container by @admun in #17319
- Support 1.33 pre-releases with --cloud-provider flag removal validation by @rifelpet in #17340
- fix(cilium): operator prometheus port by @raffis in #17336
- build(deps): bump actions/dependency-review-action from 4.5.0 to 4.6.0 by @dependabot in #17343
- Pin GCP CCM image to v32.2.4 by @rifelpet in #17348
- toolbox: ensure SSH keys are loaded by @ameukam in #17346
- Remove legacy addons by @rifelpet in #17332
- feat: Added cni-exclusive setting for cilium by @runitmisra in #17361
- add goaway-chance parameter for kube-apiserver by @succa in #17357
- Update etcd to v3.5.21 by @hakman in #17367
- Bump skip.regex for failing tests to 1.34 by @hakman in #17371
- Make GCE backend service regional for the Terraform target by @flopib in #17229
- Enable more admission controllers by @ameukam in #17354
- Fix diff formatting of bools by @justinsb in #17375
- gce: use typed ServiceAccount in IAM tasks by @justinsb in #17379
- gce: set values for role labels by @justinsb in #17378
- Add support for Gateway API within Cilium by @jValdron in #17358
- fix get assets by @justinsb in #17385
- tests: add tests for kubectl get assets by @justinsb in #17384
- Release 1.33.0-alpha.1 by @justinsb in #17389
New Contributors
- @bjornharrtell made their first contribution in #17296
- @admun made their first contribution in #17319
- @runitmisra made their first contribution in #17361
- @succa made their first contribution in #17357
Full Changelog: v1.32.0-beta.1...v1.33.0-alpha.1
Contributors
vitaliyf, dims, and 16 other contributors
Assets 24
v1.32.0
Release notes for kOps 1.32 series
kOps 1.32 is a smaller release without significant additional features beyond updated support for kubernetes 1.32 and associated ecosystem updates. Significant kOps features will instead target kOps 1.33.
Significant changes
Kubernetes minor version upgrades to 1.31 or later should be performed using the `kops reconcile cluster command.
-
Kubernetes 1.31 introduced stricter checks around the version-skew policy. While kOps has always followed the version-skew policy, there was an edge case:
nodes that were added by an autoscaler during a rolling-update would not always follow the version-skew policy.
We recommend trying the new kops reconcile command, see docs/tutorial/upgrading-kubernetes.md for more details.
Thekops reconcilefunctionality was introduced in kOps 1.32. -
flannel is no longer planned to be removed and has been updated to v0.26.4.
Deprecations
-
Support for Kubernetes version 1.26 is deprecated and is removed in kOps 1.32.
-
Support for Kubernetes version 1.27 is deprecated and will be removed in kOps 1.33.
What's Changed
- Don't require PriorityClassName to pass missing-static-pod checks by @johngmyers in #10049
- Upgrade aws-iam-authenticator to 0.5.2 by @rifelpet in #10047
- Recommend kops 1.18.1 for kops >= 1.15 in alpha channel by @johngmyers in #10051
- upgrade-cluster: test that new image in stable or alpha channel will … by @nvanheuverzwijn in #10052
- Release 1.19.0-alpha.5 by @hakman in #10054
- Release notes for 1.19.0-alpha.5 by @hakman in #10055
- Rewrite ssh user to ubuntu in bastions docs by @h3poteto in #10044
- Updating alpha with October releases and latest Ubuntu AMI version by @moshevayner in #10062
- Simplify node local dns by @olemarkus in #10059
- Fix bug in MergeAddons and test by @nckturner in #10045
- do not create egress rules when using vipacl octavia by @zetaab in #10061
- Add some quick notes on how to get GPU opertor working by @olemarkus in #10067
- Add some missing notes to the release notes by @olemarkus in #10056
- Cleanup channels error output by @rifelpet in #10068
- Add eBPF dataplane support for Calico CNI by @hakman in #10069
- Upgrade aws sdk to 1.35.10 by @rifelpet in #10074
- Use AWS SDK lists of enum values for API validation by @rifelpet in #10075
- Allow more volume types by @olemarkus in #10073
- Initial kubetest2 structure for e2e testing by @rifelpet in #10031
- Hotfix/10015 cloud formation lint error by @binkkatal in #10066
- Update docs for cutting new release branches by @rifelpet in #10084
- Update security_groups.md by @yurrriq in #10078
- Take node labels from cloud tags on AWS by @johngmyers in #9575
- Update Office Hours Zoom link by @johngmyers in #10087
- Update zoom links on the spanish README by @rdrgmnzs in #10088
- Ignore changes to ForAPIServer field by @justinsb in #10086
- Update Flannel CNI to v0.13.0 by @hakman in #10064
- kubetest2 - Implement create/validate/delete cluster functionality by @rifelpet in #10083
- Cert circular deps by @olemarkus in #10092
- Fix cilium template by specifying boolean as a string for enable-metrics by @h3poteto in #10094
- Release notes for 1.18.2 by @justinsb in #10097
- Update Kops Go build supported versions 1.15 by @bmelbourne in #10099
- Spotinst: Bump the Spot Cluster Controller to 1.0.68 by @liranp in #10103
- Remove hack/workaround from etcd-manager certificate expiration advisory by @hakman in #10102
- Install container runtime packages as assets by @hakman in #10048
- Default to exporting a kubecfg, even without credentials by @justinsb in #10105
- Remove dependency of TerraformJSON feature flag by @johngmyers in #10106
- Makefile and hack script cleanup by @rifelpet in #10112
- Update channels by @hakman in #10117
- Update Calico config for eBPF mode by @hakman in #10115
- Add random AWS zone logic + specify build stage location by @rifelpet in #10121
- Update AWS VPC CNI to 1.7.5 by @moshevayner in #10124
- Add nodeLocalDNSCache.kubeDnsOnly option by @javipolo in #10111
- Align AWS VPC CNI manifest with upstream by @hakman in #10126
- Fix release notes links to point to https://kops.sigs.k8s by @hakman in #10118
- Add verify-cloudformation script by @rifelpet in #10130
- Fix cloudformation lint errors by @rifelpet in #10131
- Update shell style for CLI docs for better compatibility by @hakman in #10128
- Prevent unintended resource updates to LB attatchments by @rdrgmnzs in #9794
- Make verify-cloudformation job fail when issues are found by @rifelpet in #10133
- Set minimum Terraform version to 0.12.26/0.13.0 by @bmelbourne in #10109
- ELB/TargetGroup/ASG attachment fixes by @rifelpet in #10138
- Prepare for version 1.20 by @johngmyers in #10101
- Rebrand kops to kOps by @hakman in #10077
- Remove code for no-longer-supported k8s releases by @johngmyers in #10141
- allow reauth for openstack client by @zetaab in #10144
- Simplify etcd options builder by @hakman in #10145
- Update AWS Cloudmock for complex and externallb integration test clusters by @rifelpet in #10140
- Deprecate field calico.majorVersion by @hakman in #10143
- [Digital Ocean] Use Debian10 as default image by @srikiz in #10098
- Implement API load balancer class with NLB and ELB support on AWS by @christianjoun in #9011
- Fix NLB naming for terraform and cloudformation targets by @rifelpet in #10158
- Move NLB's VPC CIDR security group rule logic into model by @rifelpet in #10161
- Fix additionalSecurityGroups support for NLB by @rifelpet in #10162
- Some typos by @zouy414 in #10160
- Fix output for CF and TF by @hakman in #10164
- Mount the whole /etc/ssl/certs directory for k8s-ec2-srcdst by @kitos9112 in #10169
- Avoid waiting on validation during rolling update for inapplicable instance groups by @bharath-123 in #10065
- OpenStack Reset deviceID status if needed by @zetaab in #10178
- Remove unused bearer token field from kubeconfig builder by @rifelpet in #10181
- Compare KubernetesAPIAccess to OpenStack allowedCIDRs deterministically by @havulv in #10186
- Consistent naming of security group rules by @olemarkus in #10179
- Upgrade Hashicorp HCLv2 Go module v2.7.0 by @bmelbourne in #10189
- Fix auto scaling group changes when using spot instances by @hakman in #10187
- Upgrade sprig to v3 by @olemarkus in #10191
- Upgrade helm to 2.17 and use the helm.sh reference by @olemarkus in #10192
- Fix AWS NLB reconciliation by @hakman in #10199
- Fix disabling spot instances when using launch templates by @hakman in #10198
- Add ACM cert permalink by @rifelpet in #10156
- Setup a second NLB listener when an AWS ACM certificate is used by @rifelpet in #10157
- Update Go to v1.15.4 by @hakman in https://github.com...
Contributors
cardoe, vitaliyf, and 105 other contributors