v0.9.5-rc.1

Features

• Managed HA etcd cluster (#332, thanks to @redbaron, @gianrubio and @pieterlange for reviews)
• Add additional EBS volumes to worker nodes (#342, thanks to @jollinshead)

Improvements

• Emit a warning message when t2.nano or t2.micro is set for *instanceType (#369)

Fixes

• fix(e2e): node pool "Fleet2" fails to be created
• fix(e2e): The second and the subsequent testinfra stacks fail to be created

Breaking changes

• Drop deprecated hostedZone(not hostedZoneId) in cluster.yaml (#368)

Full change log
v0.9.4...v0.9.5-rc.1

v0.9.4

Features

• Kubernetes 1.5.3 (#324, thanks to @gianrubio)
• Calico 2.0.2 (#282, thanks to @heschlie)
• Bypass 16KB userdata limit (#268, thanks to @redbaron)
• Easier to configure, easier to version-control, more tightly integrated node pools
  (#315, thanks to @redbaron @Sasso @c-knowles for reviewing)
• Flexible and customizable network topology (#284) based on all the awesome works:
  • #227 "Use existing subnets when creating/updating cluster" (which is followed by #278) for @Sasso
    • Deployment to existing subnets for etcd is backed up by "Don't precalculate etcd static IP addresses" (#226 #263, thanks to @redbaron)
  • #169 "Create etcd and workers in private subnets, controllers in public subnet" for @neoandroid
• kube-aws calculator for estimating cfn stack costs (#314, thanks to @gianrubio)
• Add support for ALBs Target Groups (#353, thanks to @gbtechhub)
• Add DOCKER_OPTS environment variable to limit docker log files (#323, thanks to @jollinshead)
• Encryption support for etcd data volume (#307, thanks to @checkr)
• Add experimental support for pod security policies (#339, @soellman)
• Experimental webhook token authentication support (#321, thanks to @olesku)
• Experimental kube2iam support (#297, thanks to @Fsero)
• Experimental ClusterAutoscalerSupport option to setup IAM ASG permissions (#294, thanks to @pwillie)
  • The worker nodes require extra privileges for the cluster-autoscaler
    to run successfully within the cluster. Can be optionally
    enabled via boolean in cluster.yaml.

Improvements

• Minimal RBAC policies (#316, thanks to @gianrubio)
• credentials: Add /O=systems:master for kube-admin (#345, thanks to @ankon)
• Explicitly create EBS volumes for Etcd nodes (#317, thanks to @redbaron)
  • Having EBS volumes which survive node termination makes them more manageable
• Wait for signals by default (#304, thanks to @gianrubio)
  • Enable feature waitSignal as default
  • Setup initial value for RollingUpdateMinInstancesInService as 1
  • Reuquire s3-flag on validate command
• Remove checks for dedicated spot instances (#280, thanks to @iameli)
• More robust etcd search and replace step (#292, thanks to @redbaron)
• Do not require keyName if sshAuthorizedKeys are set (#242, thanks to @redbaron)
• Remove obsolete Calico files (#274, thanks to @redbaron)

Fixes

• Fix missing Name and ControllerHost in status and up commands (#356, thanks to @Thermi, @ankon for reporting)
• Fix the inconsistent S3 object prefix issue (#357, thanks to @c-knowles for reporting)
• Fix customSettings unavailability for node pools (#358, thanks to @ankon for reporting)
• Fix various typos (#329, thanks to @ankon)
• Fix a typo in a image reference (#328, thanks to @ankon)
• Remove a reference to waitsignal being experimental (#327, thanks to @ankon)
• Update readme (#337, thanks to @philips)
• Fix typo in comment (#350, thanks to @ankon)
• Fix typo in provisioner.go (#354, thanks to @msanterre)
• Fix error message when failed to init cluster (#313, thanks to @cheungpat)
• kubelet SecurityGroupIngress (#310, thanks to @soellman)
  • Add a SecurityGroupIngress for controllers to access the kubelet
    port (10250) on other controllers. This is needed for when there
    are multiple masters.
• Fix the bug which was causing a private subnet to have no route to an existing nat gateway (#301)
• Fix lint (#250, thanks to @jmcarp and @icereval)
• Fix connection drop after 60 sec when executing commands inside containers (#275, thanks to @camilb)

Full change log
v0.9.3...v0.9.4

v0.9.4-rc.4

Features

• kube-aws calculator for estimating cfn stack costs (#314, thanks to @gianrubio)
• Add support for ALBs Target Groups (#353, thanks to @gbtechhub)
• Add experimental support for pod security policies (#339, @soellman)

Improvements

• Minimal RBAC policies (#316, thanks to @gianrubio)
• credentials: Add /O=systems:master for kube-admin (#345, thanks to @ankon)

Fixes

• Fix missing Name and ControllerHost in status and up commands (#356, thanks to @Thermi, @ankon for reporting)
• Fix the inconsistent S3 object prefix issue (#357, thanks to @c-knowles for reporting)
• Fix customSettings unavailability for node pools (#358, thanks to @ankon for reporting)
• Fix various typos (#329, thanks to @ankon)
• Fix a typo in a image reference (#328, thanks to @ankon)
• Remove a reference to waitsignal being experimental (#327, thanks to @ankon)
• Update readme (#337, thanks to @philips)
• Fix typo in comment (#350, thanks to @ankon)
• Fix typo in provisioner.go (#354, thanks to @msanterre)

Full change log
v0.9.4-rc.3...v0.9.4-rc.4

v0.9.4-rc.3

Features

• Kubernetes 1.5.3 (#324, thanks to @gianrubio)
• Easier to configure, easier to version-control, more tightly integrated node pools
  (#315, thanks to @redbaron @Sasso @c-knowles for reviewing)
• Add DOCKER_OPTS environment variable to limit docker log files (#323, thanks to @jollinshead)
• Encryption support for etcd data volume (#307, thanks to @checkr)
• Experimental webhook token authentication support (#321, thanks to @olesku)
• Experimental kube2iam support (#297, thanks to @Fsero)
• Experimental ClusterAutoscalerSupport option to setup IAM ASG permissions (#294, thanks to @pwillie)
  • The worker nodes require extra pivileges for the cluster-autoscaler
    to run successfully within the cluster. Can be optionally
    enabled via boolean in cluster.yaml.

Improvements

• Explicitly create EBS volumes for Etcd nodes (#317, thanks to @redbaron)
  • Having EBS volumes which survive node termination makes them more manageable
• Wait for signals by default (#304, thanks to @gianrubio)
  • Enable feature waitSignal as default
  • Setup initial value for RollingUpdateMinInstancesInService as 1
  • Reuquire s3-flag on validate command
• Remove checks for dedicated spot instances (#280, thanks to @iameli)

Fixes

• Fix error message when failed to init cluster (#313, thanks to @cheungpat)
• kubelet SecurityGroupIngress (#310, thanks to @soellman)
  • Add a SecurityGroupIngress for controllers to access the kubelet
    port (10250) on other controllers. This is needed for when there
    are multiple masters.

Full change log
v0.9.4-rc.2...v0.9.4-rc.3

v0.9.4-rc.2

Features

• Calico 2.0.2 (#282, thanks to @heschlie)

Improvements

• More robust etcd search and replace step (#292, thanks to @redbaron)

Fixes

• Fix the bug which was causing a private subnet to have no route to an existing nat gateway (#301)

Full change log
v0.9.4-rc.1...v0.9.4-rc.2

v0.9.4-rc.1

Features

• Kubernetes 1.5.2 (#262)
• Bypass 16KB userdata limit (#268, thanks to @redbaron)
• Flexible and customizable network topology (#284) based on all the awesome works:
  • #227 "Use existing subnets when creating/updating cluster" (which is followed by #278) for @Sasso
    • Deployment to existing subnets for etcd is backed up by "Don't precalculate etcd static IP addresses" (#226 #263, thanks to @redbaron)
  • #169 "Create etcd and workers in private subnets, controllers in public subnet" for @neoandroid

Improvements

• Do not require keyName if sshAuthorizedKeys are set (#242, thanks to @redbaron)
• Remove obsolete Calico files (#274, thanks to @redbaron)

Fixes

• Fix lint #250 (thanks to @jmcarp and @icereval)
• Fix connection drop after 60 sec when executing commands inside containers (#275, thanks to @camilb)

Full change log
v0.9.3...v0.9.4-rc.1

v0.9.3 (Binary signing process postponed)

Features

• Kubernetes v1.5.1 #166
• Configurable instance tenancy (#146 thanks to @iameli )
• Source of truth for updating cluster-autoscaler #151
• DNS horizontal autoscaling (#178)
• Add customSettings to cluster.yaml (#209, thanks to @redbaron)

Improvements

• Calico self hosted integration (#124, thanks to @heschlie)
• Controller nodes are now schedulable/tainted #150
• Conform node pools powered by Spot Fleet to ones powered by ASG #167
• Min replicas for kube-dns is now not 1 but 2 for availability reason (#178)
• Update kube-dns to the one bundled with k8s v1.5.1 (#177)
• Move from the deprecated m3.medium instance type to the marginally better t2.medium (#184)
• Use computed stack name to ensure node pools are nested within the cluster (#187, thanks to @icereval)
• Allow etcd cluster health check via port 2379 (#191, thanks to @jgmize)
• Setups labels following the same used on kops (#221, thanks to @gianrubio)
• Update the kubernetes-dashboard to 1.5.1 (#228, thanks to @ankon)
• Various Bash improvements (#217, thanks to @redbaron)

Fixes

• Fix kube-node-label failure when there is a whitespace in security group name (#163, thanks to @tarvip)
• Correct node pool command inconsistencies/Remove deprecated node pools render command (#174, thanks to @c-knowles)
• Add missing validations for a node pool powered by Spot Fleet (#179)
• Controller node not being properly tainted (#199, thanks to @artushin)
• Handle error from ReadOrCreateEncryptedTLSAssets gracefully. (#188, thanks to @andrejvanderzee)
• Fix typo "etcdDataVolumeEphemeral" (#194, thanks to @jgmize)
• Report error if assets packing failed (#204, thanks to @redbaron)
• Typo in node-pools render stack message (#225, thanks to @whereisaaron)
• Don't block ICMP for API ELB (#220, thanks to @whereisaaron)
• Change taint-and-uncordon worker task to use docker for now (#231, thanks to @whereisaaron)
• Fix kubectl logs problem due to apiserver config (#223, thanks to @mgilbir)

Documentation

• workerCount should explicitly be set to zero if you'd like to have no worker in a main cluster
• kube-aws update doesn't work when decreasing number of workers down to zero as of today
• kube-aws node-pools update on a spot-fleet-based node pool would possibly result in some downtime
• Address the issue #121
• Point to the node-pool documentation: (aws-experimental-features) is a dead link, but in this case the intended target seems to be the node-pool documentation. (#200, thanks to @ankon)
• Fix the SAN for non-us-east-1 AWS regions (#201, thanks to @ankon)
• Removed add cluster logging link/Fix broken links iscsi, host-dns, and rdb (#207, thanks to @reiinakano)
• Document different account may have different supported AZs and solutions (#210, thanks to @helinwang)
• Update e2e/README.md: Add description for each environment variable used for customizing the test cluster (3f47616)
• Update kubernetes-on-aws-limitations.md (dec2402)
• Update ROADMAP.md (c39793c)
• Fix word to match other headings (#235, thanks to @ankon)

Full change log
v0.9.2...v0.9.3

v0.9.3-rc.5

This release includes a hot-fix for the issue introduced in v0.9.3-rc.4 which had been preventing following deployments from starting:

• kube-dns
• kube-dns-autoscaler
• heapster

Improvements

• Calico self hosted integration (#124, thanks to @heschlie)

Fixes

• Fix install-kube-system (#245, thanks to @redbaron)

v0.9.3-rc.4 (broken)

Features

• Add customSettings to cluster.yaml (#209, thanks to @redbaron)

Improvements

• Update the kubernetes-dashboard to 1.5.1 (#228, thanks to @ankon)
• Various Bash improvements (#217, thanks to @redbaron)

Fixes

• Don't block ICMP for API ELB (#220, thanks to @whereisaaron)
• Change taint-and-uncordon worker task to use docker for now (#231, thanks to @whereisaaron)
• Fix kubectl logs problem due to apiserver config (#223, thanks to @mgilbir)

Documentation

• Fix word to match other headings (#235, thanks to @ankon)

Full change log
v0.9.3-rc.3...v0.9.3-rc.4

v0.9.3-rc.3

All the v0.9.3-rc.2 users should upgrade their clusters by recreating with rc.3 because of the performance issue in the controller node #199

Improvements

• Move from the deprecated m3.medium instance type to the marginally better t2.medium (#184)
• Use computed stack name to ensure node pools are nested within the cluster (#187, thanks to @icereval)
• Allow etcd cluster health check via port 2379 (#191, thanks to @jgmize)
• Setups labels following the same used on kops (#221, thanks to @gianrubio)

Fixes

• Controller node not being properly tainted (#199, thanks to @artushin)
• Handle error from ReadOrCreateEncryptedTLSAssets gracefully. (#188, thanks to @andrejvanderzee)
• Fix typo "etcdDataVolumeEphemeral" (#194, thanks to @jgmize)
• Report error if assets packing failed (#204, thanks to @redbaron)
• Typo in node-pools render stack message (#225, thanks to @whereisaaron)

Documentation

• Point to the node-pool documentation: (aws-experimental-features) is a dead link, but in this case the intended target seems to be the node-pool documentation. (#200, thanks to @ankon)
• Fix the SAN for non-us-east-1 AWS regions (#201, thanks to @ankon)
• Removed add cluster logging link/Fix broken links iscsi, host-dns, and rdb (#207, thanks to @reiinakano)
• Document different account may have different supported AZs and solutions (#210, thanks to @helinwang)
• Update e2e/README.md: Add description for each environment variable used for customizing the test cluster (3f47616)
• Update kubernetes-on-aws-limitations.md (dec2402)
• Update ROADMAP.md (c39793c)

Full change log
v0.9.3-rc.2...v0.9.3-rc.3