Skip to content
This repository has been archived by the owner on Oct 10, 2023. It is now read-only.

Tanzu Framework v0.29.0

Latest
Latest
Compare
Choose a tag to compare
@sameerkhan97 sameerkhan97 released this 09 May 05:03
v0.29.0
b25b198
This commit was created on github.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

Tanzu CLI Installation Instructions

If you are installing Tanzu CLI using the artifacts published as part of this release, please follow the instructions.

Changes by Kind

Miscellaneous

  • Add VolumeSnapshot related RBACs to provider service account for TKC/GC (#4491, @akankshapanse)

  • Addon finalizer is added to workload clusters to control resource deletion order (#4160, @adduarte)

  • Addons manager self managed tls certificates have a life expectency of one week, and are rotated every six days. (#4317, @adduarte)

  • Allow for simpler ClusterClass JSON patches accessing
    kubernetesSpec.{etcd,pause,coredns,kube-vip}.imageRepository fields in TKR_DATA values.
    They can now assume imageRepository fields in TKR_DATA values are non-empty and default to
    kubernetesSpec.imageRepository (if they are empty in the TKR). (#4298, @imikushin)

  • Annotating a clusterbootstrap CR with tkg.tanzu.vmware.com/unmanaged-cni: "", will allow for the clusterbootstrap.spec.cni = nil (#4264, @adduarte)

  • Azure: Disable use of AAD Pod Identity for resolution of Azure credentials

    • Azure: Restart pods during private cluster initialisation to work around lack of hairpin LB support for control planes
    • Azure: Disable extraneous route table entries (#4273, @randomvariable)

  • Bump kapp-controller to v0.41.6 (#4374, @shivaani0505)

  • CSI will be deployed in namespace configure in vpshere-csi package. addon-controller will not manage vsphere-csi namespace. (#4512, @nikhilbarge)

  • Changed the capabilities deployment update strategy to fallback-on-replace (#4333, @yharish991)

  • Cluster-api-ipam-provider-in-cluster respects the imagePath field from the TKG BOM (#4529, @christianang)

  • Default vsphere csi namespace is changed from kube-system to vmware-system-csi (#4430, @nikhilbarge)

  • Deprecate TKG discovery functions in Capabilities (#4434, @codegold79)

  • Enable BUILDKIT caching for Tanzu Framework build (#3972, @jayunit100)

  • Fetch vSphere credentials from vSphereClusterIdentity, instead of secret directly, in case of TMC based deployment of vSphere CSI. (#4388, @akankshapanse)

  • Fix TKG_CUSTOM_IMAGE_REPOSITORY_SKIP_TLS_VERIFY user env setting for the TKR Source Controller. (#4383, @imikushin)

  • Fix issue where vsphere-cpi cannot set the node address after kubelet is configured with a different address on IPv6 clusters. (#4323, @christianang)

  • Fixed apigroups for volumesnapshot psa RBAC (#4547, @deepakkinni)

  • Fixes bug in clusterbootstrap webhook which incorrectly failed create validation if not all api service endpoints are running at the time of creation. (#4459, @adduarte)

  • Make CRD Waiter use uncached client (#4247, @shyaamsn)

  • Management cluster now uses cert-manager v1.10.2. (#4490, @avi-08)

  • Omits PCI related params from tkg vsphere config (#4457, @srm09)

  • Removed default FeatureGate CR belonging to config.tanzu.vmware.com API group in featuregates package (#4456, @yharish991)

  • Support trusting self-signed image registry for user's application. Users can configure 3 registries with a legacy config file:
    ADDITIONAL_IMAGE_REGISTRY_1: ""
    ADDITIONAL_IMAGE_REGISTRY_1_SKIP_TLS_VERIFY: false
    #! Base64 encoded self-signed CA certificate
    ADDITIONAL_IMAGE_REGISTRY_1_CA_CERTIFICATE: ""

    ADDITIONAL_IMAGE_REGISTRY_2: ""
    ADDITIONAL_IMAGE_REGISTRY_2_SKIP_TLS_VERIFY: false
    ADDITIONAL_IMAGE_REGISTRY_2_CA_CERTIFICATE: ""

    ADDITIONAL_IMAGE_REGISTRY_3: ""
    ADDITIONAL_IMAGE_REGISTRY_3_SKIP_TLS_VERIFY: false
    ADDITIONAL_IMAGE_REGISTRY_3_CA_CERTIFICATE: ""

    If there are more than 3, user can add them to generated cluster manifest variable additionalImageRegistries before creating the cluster. (#4467, @DanielXiao)

  • Tanzu CLI will throw error if current AVI controller version is not supported by current TKG version (#4338, @XudongLiuHarold)

  • Tanzu Cli will throw out errors when cluster name length is longer than the max allowed in avi enabled workload cluster. (#4416, @XudongLiuHarold)

  • Tanzu-auth package support for PSA (#4451, @benjaminapetersen)

  • This pr will enable tkgm user to confgure csi net-permissions (#4412, @nikhilbarge)

  • Updated Docker dependency in Go modules to v20.10.24 to fix CVE-2023-28840, CVE-2023-28841 and CVE-2023-28842. (#4549, @rajathagasthya)

  • Upgrade CAPZ version to v1.6.3 (#4422, @srm09)

  • Users can configure system-wide proxy when vsphere as the cloud provider (#4345, @XudongLiuHarold)

  • When WORKER_NODE_NAMESERVERS or CONTROL_PLANE_NODE_NAMESERVERS variables are set, nameservers from DHCP are ignored. (#4023, @tylerschultz)

Dependencies

Added

  • github.com/dougm/pretty: 2ee9d74
  • github.com/rasky/go-xdr: 4930550

Changed

  • github.com/docker/docker: v20.10.17+incompatible → v20.10.24+incompatible
  • github.com/vmware/govmomi: v0.27.1 → v0.30.2
  • golang.org/x/exp: e8c3332 → 540bb73
  • golang.org/x/mod: v0.7.0 → v0.8.0
  • golang.org/x/net: v0.4.0 → v0.8.0
  • golang.org/x/sys: v0.3.0 → v0.6.0
  • golang.org/x/term: v0.3.0 → v0.6.0
  • golang.org/x/text: v0.5.0 → v0.8.0
  • golang.org/x/tools: v0.1.12 → v0.6.0
  • sigs.k8s.io/cluster-api-provider-vsphere: v1.4.1 → v1.5.3

Removed

  • github.com/davecgh/go-xdr: e6a2ba0

New Contributors

Full Changelog: v0.28.0...v0.29.0

Contributors

tylerschultz, benjaminapetersen, and 20 other contributors
Assets 19