Release notes

1.21+ck2 Bugfix release

May 28, 2021 - charmed-kubernetes-679

Fixes

A list of bug fixes and other minor feature updates in this release can be found at the launchpad milestone page.

1.21+ck1 Bugfix release

May 04, 2021 - charmed-kubernetes-655

Fixes

A list of bug fixes and other minor feature updates in this release can be found at the launchpad milestone page.

1.21

April 15, 2021 - charmed-kubernetes-632

What's new

  • Azure Arc conformance

Charmed Kubernetes is compliant with the Azure Arc Validation test suite. More information about this program can be found in the azure-arc-validation documentation.

  • Container images by release

LP 1891530 describes an upgrade failure for deployments that use a private image registry. The Charmed Kubernetes release process now publishes a list of required images per-release for administrators to easily determine what registry changes are needed prior to an upgrade.

Component upgrades

  • cloud-provider-openstack 1.20.0
  • coredns 1.8.3
  • kube-state-metrics 1.9.8
  • kubernetes-dashboard 2.2.0
  • nginx-ingress 0.44.0
  • pause 3.4.1

Fixes

A list of bug fixes and other minor feature updates in this release can be found at the launchpad milestone page.

Notes and Known Issues

  • LP 1920216 MetalLB speaker pod logs error with "selfLink was empty, can't make reference".

Deprecations and API changes

  • Private container registry action

The registry action of the kubernetes-worker charm is deprecated and will be removed in a future release. See the Private Docker Registry documentation for using a custom registry with Charmed Kubernetes.

  • Upstream

For details of other deprecation notices and API changes for Kubernetes 1.21, please see the relevant sections of the upstream release notes

Previous releases

Please see this page for release notes of earlier versions.

1.20+ck1 Bugfix release

February 23rd, 2021 - charmed-kubernetes-596

Fixes

A list of bug fixes and other minor feature updates in this release can be found at the launchpad milestone page

Notes / Known Issues

  • Secret names

LP 1906732 highlighted an issue where kubernetes-worker units would overwrite existing secrets when deployed as different application names. This lead to some worker units losing the ability to authenticate with the cluster. This has be resolved by ensuring new secrets are uniquely named in the form: auth-$username-$random.

  • Juju and GCP

LP 1761838 describes an issue with Juju and Google cloud where deployments may fail due to FAN networking. Workaround this by disabling FAN configuration for Google cloud models:

juju model-config -m <model_name> fan-config="" container-networking-method=""

1.20

December 16th, 2020 - charmed-kubernetes-559

What's new

  • Calico VXLAN support

The Calico charm now supports enabling VXLAN encapsulation for Calico network traffic. This provides an easier alternative to the direct routing or IPIP encapsulation modes, making it possible to run Calico on any Juju cloud without special cloud configuration. For more details, see the Calico CNI documentation page.

  • CoreDNS operator charm support

The CoreDNS component can now be deployed as an operator charm inside the Kubernetes cluster instead of being managed by the cdk-addons snap. This allows for more control over the component, including additional configuration options and easier contribution of bug fixes or upgrades to that component.

Details on how to set this up can be found in the [CoreDNS section of the Addons page][coredns].

  • Kubernetes Dashboard operator charm support

The Kubernetes Dashboard component can now be deployed as an operator charm inside the Kubernetes cluster instead of being managed by the cdk-addons snap. This allows for more control over the component, including additional configuration options and easier contribution of bug fixes or upgrades to that component.

Details on how to set this up can be found in the Kubernetes Dashboard section of the Addons page.

Component upgrades

Fixes

A list of bug fixes and other minor feature updates in this release can be found at https://launchpad.net/charmed-kubernetes/+milestone/1.20.

Notes / Known Issues

Deprecations and API changes

For details of deprecation notices and API changes for Kubernetes 1.20, please see the relevant sections of the upstream release notes

1.19+ck2 Bugfix release

November 27th, 2020 - charmed-kubernetes-545

Fixes

A list of bug fixes and other minor feature updates in this release can be found at https://launchpad.net/charmed-kubernetes/+milestone/1.19+ck2.

1.19+ck1 Bugfix release

November 20th, 2020 - charmed-kubernetes-541

Fixes

A list of bug fixes and other minor feature updates in this release can be found at https://launchpad.net/charmed-kubernetes/+milestone/1.19+ck1.

1.19

September 30th, 2020 - charmed-kubernetes-519

Before upgrading, please read the upgrade notes.

What's new

  • IPv6 support

This release of Charmed Kubernetes can now enable the alpha IPv6 dual-stack or beta IPv6-only support in Kubernetes by using IPv6 CIDRs in addition to or instead of IPv4 CIDRs in the Kubernetes Master charm's service-cidr and the Calico charm's cidr charm config.

More information can be found in Using IPv6 with Charmed Kubernetes, including limitations and known issues.

  • CIS benchmark compliance

Charmed Kubernetes is now compliant with the Center for Internet Security (CIS) benchmark for Kubernetes. Significant changes to the kubernetes-master and kubernetes-worker charms have been made to achieve this. Find more information about these changes, running the benchmark, and analyzing test results in the CIS compliance for Charmed Kubernetes documentation.

  • Authentication changes

File-based authentication is not compliant with the CIS benchmark. Charmed Kubernetes now deploys a webhook authentication service that compares API requests to Kubernetes secrets. If needed, any existing entries in previous authentication files (basic_auth.csv and known_tokens.csv) are migrated to secrets during the kubernetes-master charm upgrade.

More information about this new service can be found in the Authorisation and Authentication documentation.

  • New Calico configuration options

The new veth-mtu setting allows fine tuning of the MTU setting for optimum performance on the underlying network. See the Calico documentation for more details and recommendations, and the Calico charm docs for information on how to set this configuration.

Calico and related charms (Canal, Tigera Secure EE) also have a new ignore-loose-rpf configuration option. By default, for security, these charms check that the kernel has strict reverse path forwarding set (net.ipv4.conf.all.rp_filter set to 0 or 1). In some circumstances you may need to set this to 2, in which case you can now set ignore-loose-rpf=true to ignore the check.

  • Ubuntu 20.04

The default operating system for deployed machines is now Ubuntu 20.04 (Focal). Ubuntu 18.04 (Bionic) and 16.04 (Xenial) are still supported.

  • MetalLB Operator

MetalLB offers a software network load balancing implementation that allows for LoadBalancing services in Kubernetes. This bundle has been made available in the Charm Store to be deployed along Charmed Kubernetes, MicroK8s, or any Kubernetes supported by Juju. This operator deploys upstream MetalLB in layer 2 mode. The BGP mode of upstream MetalLB is not supported yet. For more information about deploying and operating MetalLB, please see the MetalLB documentation.

  • SR-IOV CNI

A new SR-IOV CNI addon has been made available for Charmed Kubernetes. Using SR-IOV CNI, it is now possible to take network interfaces that are SR-IOV Virtual Functions and attach them directly to pods. For more information, see the new SR-IOV CNI documentation.

For a full list of the changes introduced in Kubernetes 1.19, please see the upstream release notes

Component upgrades

  • addon-resizer 1.8.9
  • ceph-csi 2.1.2
  • cloud-provider-openstack 1.18.0
  • coredns 1.6.7
  • kube-state-metrics 1.9.7
  • kubernetes-dashboard 2.0.1
  • nginx-ingress 0.31.1

Fixes

A list of bug fixes and other minor feature updates in this release can be found at https://launchpad.net/charmed-kubernetes/+milestone/1.19.

Notes / Known Issues

  • The insecure-bind-address and insecure-port options to kube-apiserver have been removed in this release. Using juju run with kubectl to interact with the cluster now requires an explicit --kubeconfig <file> option:

      juju run --unit kubernetes-master/0 'kubectl --kubeconfig /root/.kube/config get nodes'
  NAME              STATUS   ROLES    AGE   VERSION
  ip-172-31-10-19   Ready    <none>   71m   v1.19.0

  • The webhook authentication service included in this release runs on port 5000 of each kubernetes-master unit. Ensure this port is available prior to upgrading.

  • Additional known issues scheduled for the first 1.19 bugfix release can be found at https://launchpad.net/charmed-kubernetes/+milestone/1.19+ck1

Deprecations and API changes

For details of deprecation notices and API changes for Kubernetes 1.19, please see the relevant sections of the upstream release notes

Previous releases

Please see this page for release notes of earlier versions.

Previous releases

Please see this page for release notes of earlier versions.

We appreciate your feedback on the documentation. You can edit this page or file a bug here.