Significant changes

  • If upgrading from 1.11 or earlier, please see the notes in previous releases about upgrading through kubernetes 1.12, with the etcd3 upgrade.

  • A new component runs on the master nodes now: kops-controller. kops-controller currently labels nodes, but will likely perform additional functionality in future releases.

Breaking changes

  • Please see the notes in the 1.15 release about the apiGroup changing from kops to kops.k8s.io

  • A controller is now used to apply labels to nodes. If you are not using AWS, GCE or OpenStack your (non-master) nodes may not have labels applied correctly.

Required Actions

  • Kubernetes 1.9 users will need to enable the PodPriority feature gate. This is required for newer versions of kOps.

To enable the Pod priority feature, follow these steps:

Deprecations

  • The API is deprecated and will be removed in kops 1.18. Users of will need to supply v1alpha2 resources.

Full change list since 1.15.0 release

1.15.0-alpha.1 to 1.16.0-alpha.1

  • Update release notes for 1.15.0-alpha.1 @justinsb
  • When fast-building, copy a newer version of utils.tar.gz @justinsb
  • Bootstrap: protokube labels its own node with node-role label @justinsb
  • Update copyright notices @mikesplain
  • Add a few docs comments on gomod and bazel @mikesplain
  • Calico update and typha @gjtempleton, #7528
  • “Force” k8s 1.11.10 #7423
  • Log more sensibly when we can’t get sha256 #7555
  • [Feature] CoreDNS: External CoreFile option ,@mikesplain
  • Fix gomod errors @mikesplain
  • Add horizontalPodAutoscalerDownscaleStabilization @mikesplain
  • Associate subnets to port within OpenStack @mitch000001
  • Fix kops for us-gov-east-1 #7564 @ibrf
  • Promote 1.13 AMI from alpha to stable @rifelpet
  • Add myself @rifelpet as a reviewer @rifelpet
  • Fix mkdocs @mikesplain
  • Add missing OpenStack reference @marsavela
  • Fix Dropped Errors in upup @alrs
  • Promote 2019-08-16 AMIs from alpha -> stable @justinsb
  • hack/update-expected.sh: mask development env vars @justinsb
  • “Force” k8s 1.11.10 in stable channel @justinsb
  • add cilium in error message @PascalBourdier
  • Clean security groups if api/ssh ips are removed from config @zetaab
  • [DO-7442] Digital Ocean add consistent volume and droplet tags for multi master feature @srikiz
  • Expose API Server flags needed for AWS pod identities @rifelpet
  • Add logrotate for etcd/etcd-events.log @mikesplain
  • Updated container-selinux url to point to the right path @igarcia-sugarcrm, #7609
  • Check the HTTP response code when downloading URLs #7611
  • Update rules_go with some fixes #7625
  • Change Cilium templates to standalone version ,@olemarkus
  • Skip Docker install @austinmoore-
  • Add —wait argument to kops validate @justinsb
  • Fixed “NeedsUpdate” status of nodes in mixedinstancegroups after rolling update @hippolin
  • fix instance name @zetaab
  • Use without external router (OpenStack) @zetaab
  • Openstack: value if spec does not associate public ips @mitch000001
  • Updating master IAM policies. @michalschott
  • Machine types g4dn @mikesplain
  • OpenStack: Additional security groups for instances @mitch000001
  • Add arg min-port=1024 to dnsmasq container in kube-dns @nr17
  • Release notes for 1.13.1 @justinsb
  • Pull centos.org packages from the vault @justinsb
  • fix-typo @tanjunchen
  • Align AWS and kops validation for spot allocation strategy @coufalja
  • Add relnotes for 1.13.2 @justinsb
  • Fix some bugs reported by staticcheck @rifelpet
  • Bump k8s versions in alpha channel @olemarkus
  • Misleading description for KubeProxy MetricsBindAddress @RmMsr
  • Fix for tarball image names after 1.16 @justinsb
  • Cilium standalone continuation @olemarkus
  • Limit calico cpu request to 100m @justinsb
  • fix-up some spelling mistakes in /pkg @tanjunchen
  • kops-controller @justinsb
  • OpenStack: use InstanceGroup zones to populate availability zone @mitch000001
  • alpha channel: image for 1.15 and general update @justinsb
  • Calico: upgrade pod2daemon (only) @justinsb
  • Add verify-staticcheck script @rifelpet
  • Create tools/sha1 and sha256 helpers, simply Makefile @justinsb
  • kops-controller version should match version of kops @justinsb
  • Publish kops-controller container dump to S3/GCS @justinsb
  • Change from float -> resource.Quantity @justinsb
  • More staticcheck bugfixes and cleanup @rifelpet
  • Correct word misspelling @yuxiaobo96
  • fix-up some spelling mistakes @tanjunchen
  • Add calico 3.9.1 @mikesplain
  • Allow to use custom rootCAs @zetaab
  • cleanup code to cancel some staticcheck warnings @beautytiger
  • Use helpers to move gzip & sha from makefile to bazel @justinsb
  • Update etcd-manager with OpenStack fixes @justinsb
  • Update DigitalOcean CCM to v0.1.20 @timoreimann
  • ineffectual assignment to @tanjunchen
  • remove duplicated entry in notes @beautytiger
  • docs: fix spelling mistakes @hwdef
  • Docs: Adding a doc on how to propose a cherry-pick @justinsb
  • relnotes for 1.14.0 @justinsb
  • bazel: fix hashes rule to generate outputs @justinsb
  • remove the repeat word in docs/authentication.md b/docs/authentication.md @tanjunchen
  • Rollback alpha channels 1.14.7 @mikesplain
  • Openstack block device mapping support @Shonei
  • Update controller-tools and CRDs @rifelpet
  • Upgrade bazel’s rules_go and rules_docker @rifelpet
  • simplfy code @tanjunchen
  • fix-up some staticcheck error @tanjunchen
  • nodeup download: try to use compression @justinsb
  • Add optional RBE support for kops @fejta
  • Update readme for 1.14 @mikesplain
  • Add a BAZEL_CONFIG Makefile arg to bazel commands @fejta
  • Memberlist gossip implementation @jacksontj
  • bazel: comment out shallow_since as fails to build with bazel 1.0 @justinsb
  • kOps controller support for OpenStack @zetaab
  • Upgrade Amazon VPC CNI plugin to 1.5.4 @rifelpet
  • Add documentation for updating CRDs when making API changes @rifelpet
  • Kubelet configuration: Maximum pods flag is miscalculated when using Amazon VPC CNI @liranp
  • Add event ttl flag @tioxy
  • docs: document state store configuration @mitch000001
  • Add artifacts.k8s.io to mirror list @justinsb
  • fix-up gosimple check error @tanjunchen
  • fix-up staticcheck error @tanjunchen
  • remove the unnecessary newline and unused vars @tanjunchen
  • Upload dns-controller archive, use in KOPS_BASE_URL @justinsb
  • Move kops-controller to use a yaml configuration file @justinsb
  • fix(apiserver): allow multiple service-account-key-file @hatappi
  • Move kops-controller to daemonset @justinsb
  • Change default port for memberlist from 3997 @justinsb
  • bazel: remove deprecated stamp attribute from container building @justinsb
  • Promote alpha to stable, bump alpha @mikesplain
  • Fix network changed in openstack ports @zetaab
  • Upgrade go version to 1.12.11 @rifelpet
  • Rename upload command variable in Makefile @bittopaz
  • fix-up bug in nodeup/pkg/model @tanjunchen
  • fix string trim func in main @beautytiger
  • Alicloud: add OSS as upload dest @bittopaz
  • Alicloud: fix status discovery @bittopaz
  • Alicloud: add hostname override @bittopaz
  • Alicloud: fix error msg when check hostname @bittopaz
  • replace slice loop with append for simple and clear @beautytiger
  • dnsprovider,nodeup: fix static check @hwdef
  • pkg: fix static check @hwdef
  • Add relnotes for 1.15.0-beta.1 @justinsb
  • Docs cleanup / mkdocs migration @mikesplain
  • Allow for override of CoreDNS version @gjtempleton
  • Add netlify config @mikesplain
  • Update etcd-manager to 3.0.20191025 @justinsb
  • Document eventTTL @tioxy
  • use existing network and subnet in OpenStack @zetaab
  • fix static check @hwdef
  • fix firewalls for OpenStack @zetaab
  • Set default image for OpenStack CCM @zetaab
  • Add protocol rules to master as well @zetaab
  • Fix permalink @mikesplain
  • Remove extraneous document separator causing failures applying addons @ripta
  • docs(addons): fix broken links @mitch000001
  • Fix extraneous whitespace in warning message @johngmyers
  • Revert “Upgrade Amazon VPC CNI plugin to 1.5.4” @rifelpet
  • mark weavenet-pod as system-critical @jochen42
  • increase retry count @zetaab
  • awsup: fix shadowed var when looking for etcd cluster name @diversario
  • Add back calico metrics options @mikesplain
  • Fix kops upgrade cluster link @flackdl
  • Fix doc linkages to addons @s3than, #7830
  • Alicloud: remove unnecessary if when evaluateHostnameOverride #7850
  • Alicloud: split ProviderID with “.” #7852
  • Fix behavior of mock DescribeAutoScalingGroups when no names supplied #7867
  • Update “Guide” links for DigitalOcean & OpenStack #7884
  • Add ci postsubmit script for pushing images to staging #7697
  • remove the unnecessary break #7791
  • [DO-7442] Add gossip cluster implementation for Digital Ocean cloud provider #7838
  • fix-up static-check #7841
  • remove myself from OWNERS #7888
  • Cleanup make targets #7863
  • fix golint failures #7854
  • Recommend kops 1.11.1 #7892
  • fix-up staticcheck problems #7839
  • Add hint how to determine mount path of etcd data #7735
  • stable channel: promote default AMIs from alpha -> stable #7893
  • Release notes for 1.14.1 #7895

1.16.0-alpha.1 to 1.16.0-alpha.2

  • Add release notes for 1.16.0-alpha.1 @justinsb
  • stable channel: promote kubernetes 1.13.12, 1.14.8 etc @justinsb
  • Don’t update first node in instancegroup if cluster fails validation @johngmyers, #7872
  • add missing priorityClassName to flannel DaemonSet #7842
  • fix broken links #7901
  • Fix rendering of the Node Authorizer template #7916
  • Fix fork bomb in Makefile #7935
  • Unhide docs make logging #7936
  • Upgrade AWS VPC CNI to 1.5.5 #7938
  • Correct spelling mistakes #7922
  • Update vendoring documentation for go modules #7937
  • Remove duplication and update release details #7939
  • Updated documentation on how to move from single to multi master #7439
  • Create PodDisruptionBudget for kube-dns in kube-system namespace #7856
  • Add support for newer Docker versions #7860
  • Machine types updates #7947
  • fix 404 urls in docs #7943
  • Fix generation of documentation /sitemap.xml file #7949
  • kOps site link #7950
  • Fix netlify mixed content #7953
  • Fix goimports errors #7955
  • Upate Lyft CNI to v0.5.1 #7402
  • Complete support for Flatcar @mazzy89
  • Fix mounting Calico “flexvol-driver-host” in CoreOS @hakman
  • fix(openstack): fix additional security groups on instance groups @mitch000001
  • Cloud controller template function @DavidSie
  • Add CapacityOptimized to list of supported spot allocation strategies @gjtempleton
  • Add inf1 isntances @mikesplain
  • Openstack: Fix cluster floating ips @mitch000001
  • [Issue-7870] kops controller support for digital ocean @srikiz
  • Fix Handling of LaunchTemplate Versions for MixedInstancePolicy @granular-ryanbonham
  • Bump cilium version to 1.6.4 @olemarkus
  • Update copyrights for 2020 @johngmyers
  • cilium: don’t try to mount sys/fs/bpf if already mounted @justinsb
  • Fix protokube osx build @mikesplain
  • Add deprecation warning for older k8s versions @rifelpet
  • Remove kops-controller deployment @rifelpet
  • Promote peter & ryan & zetaab to approvers @justinsb
  • Fix crossbuild-nodeup-in-docker @johngmyers
  • Add release notes for deleting the kops-controller deployment @rifelpet
  • Configuration to specify no SSH key @austinmoore-
  • Set CLUSTER_NAME env var on amazon-vpc-cni pods @rifelpet
  • Don’t output empty sections in the manifests @justinsb
  • Fix issues with older versions of k8s for basic clusters @hakman, #8248
  • Backport the k8s 1.9 required action release note #8378
  • Fix scheduler policy configmap args #8386
  • Use IAMPrefix() for hostedzone #8366
  • Add Cilium.EnablePolicy back into templates #8379
  • CoreDNS default image bump to 1.6.6 to resolve CVE #8333
  • Don’t load nonexistent calico-client cert when CNI is Cilium #8338
  • kOps releases - prefix git tags with v #8373
  • EBS Root Volume Termination #7865
  • Announce impending removal of v1alpha1 API #8064
  • Add missing priorityClassName for critical pods #8200

1.16.0-beta.1 to 1.16.0-beta.2

  • Fix Github download url for nodeup @adri, #8468
  • GCS: Don’t try to set ACLs if bucket-policy only is set #8493
  • Alicloud: allow use RAM role for OSS client #8025
  • Cilium - Add missing Identity Allocation Mode to Operator Template #8445
  • Make it possible to enable Prometheus metrics for Cilium #8433
  • Update cilium to 1.6.6 #8484

1.16.0-beta.2 to 1.16.0

  • Stabilize sequence of “export xx=xxx” statements @bittopaz
  • Add events RBAC permissions to kops-controller @rifelpet
  • Update AWS IAM Authenticator to 0.5.0 @rifelpet
  • Update IAM permissions for amazon-vpc-cni-k8s 1.6.0 @rifelpet
  • Update amazon-vpc-cni-k8s to v1.6.0 @hakman
  • Switch AWS IAM Authenticator to use non-scratch image @rifelpet
  • Fix DNS loop on Ubuntu 18.04 (Bionic) @hakman
  • Revert update of AWS IAM Authenticator to 0.5.0 for 1.16 @rifelpet
  • add s3 region @zetaab
  • Update coredns to 1.6.7 @maruina
  • Cilium fix bpffs check @olemarkus
  • Fix periodic e2e test for Ubuntu 16.04 @hakman
  • Add indent template function and use it to fix KubeDNS.ExternalCoreFile rendering #7979
  • Bump Cilium to 1.7 for k8s 1.12+ #8589
  • Implementing audit dynamic configuration (#7392) #7424
  • Revert “Automated cherry pick of #8589: Bump Cilium to 1.7 for k8s 1.12+ #8591: Fix typo in the cilium default version” #8677
  • Use latest patch release for Calico, Canal and Cilium #8698
  • Fix uploading of file assets #8694
  • Tag EBS volumes when using launch templates with AWS API target ,@hakman
  • Fix RollingUpdate behaviour when using LaunchTemplates for both kops & terraform spec updates @KashifSaadat, #8261
  • Enable stamping on bazel image builds #8835
  • Update lyft CNI to 0.6.0 #8757
  • Remove support for Docker 1.11, 1.12 and 1.13 #8855
  • Fix kuberouter for k8s 1.16+ ,@hakman
  • Fix tests for obsolete Docker versions in 1.16 @hakman
  • Load the correct certificate before deleting @olemarkus
  • Use non-experimental version of encryption provider config flag in 1.13+ @zacblazic

1.16.1 to 1.16.2

  • Add support for Ubuntu 20.04 (Focal) #8925
  • feat(openstack): propagate cloud labels to machines #9013
  • Back-port well known owner aliases and SSH users to 1.16 #9036
  • Use Ubuntu 18.04 Docker packages for Ubuntu 20.04 setups #9046
  • Make cilium operator health check go against localhost IP #9045
  • Update to etcd-manager 3.0.20200428 #9042

1.16.2 to 1.16.3

  • Revert “Automated cherry pick of #8999: feat(openstack): propagate cloud labels to machines” @zetaab
  • Reduce the number of TravisCI jobs for release branch @hakman
  • Fix zsh completion @olemarkus
  • Allow cluster maintenance when channel is unavailable @johngmyers
  • Upgrade amazon vpc cni to 1.6.1 @rifelpet
  • Use systemd-timesyncd for Ubuntu 20.04 @hakman
  • Remove all versions of a file from the S3 bucket @hakman
  • Allow listing versions for objects in the S3 bucket @hakman
  • Update etcd-manager to 3.0.20200531 #9237
  • Use CNI 0.8.6 for Kubernetes 1.15+ #9256
  • Use Docker 19.03.11 for Kubernetes 1.17+ #9314
  • Fix missing changes in Weave manifest #8965
  • Update Weave Net to 2.6.5 #9330
  • Update Calico for CVE-2020-13597 #9331