1.7.1

Significant changes

• kube-dns has been updated with the hotfix for CVE-2017-14491. For more details, please see CVE Advisory.

Full changelist

• Update images in CI tests (thanks @justinsb)
• Update kube-dns to 1.14.5 for CVE-2017-14491 (thanks @mikesplain)

1.7.0

Significant changes

• Manifests are rewritten by default, which includes a normalization phase. This can make it hard to understand the actual changes (as opposed to just the formatting changes). A feature flag has been added, export KOPS_FEATURE_FLAGS="-RewriteManifests" which can be used to disable manifest rewriting. A recommendation: you can run kops update twice, once without manifest formatting to show the real changes, and then immediately afterwards with manifest changes, which will be just formatting changes. Run KOPS_FEATURE_FLAGS="-RewriteManifests" kops update cluster, to show the real changes, apply them with KOPS_FEATURE_FLAGS="-RewriteManifests" kops update cluster --yes, then run kops update cluster to show the formatting changes, followed by kops update cluster --yes

• Default disk size increased to 64GB (masters) and 128GB (nodes). This does have a higher cost, but also gives us more inodes & more iops (and more disk space, of course!)

• Calico now configured with the correct pod CIDR: #2768. Please refer to the Required Actions section for details regarding this.

Required Actions

• Existing Calico users on clusters that were created prior to kops 1.7 are susceptible to IP conflict between Pods and Services due to an overlap of the two IP ranges. Migration to a new Pod CIDR is recommended, and is a manual procedure due to risk of potential downtime during this operation.

Full changelist

• alpha channel: Bump k8s version to 1.6.6 @justinsb #2788
• Add release notes for 1.6.2 @justinsb #2786
• Support generated clientset as alternative to vfs clientset @justinsb #2622
• Change to EtcdBuilder in ETCD model @shamil #2813
• fixing govet issues and adding test directory @chrislovecnm #2805
• removing comments that are not longer generated @chrislovecnm #2799
• single-to-multi-master doc: Create all master instances groups at first @dtan4 #2774
• Bump canal addon version @trthomps #2823
• fixing bug with using shell flag @chrislovecnm #2843
• Fix missing ids in a few log messages @justinsb #2836
• Documentation updates including using YAML and API @chrislovecnm #2795
• Change logrotate compress to delaycompress to prevent fluentd log tailing from getting stuck @r4j4h #2835
• Setting versions for go and kubectl in protokube @chrislovecnm #2814
• Kubelet / Master Authentication Options @gambol99 #2831
• Lock kubectl version @justinsb #2849
• Add field to enable EBS Volume Optimization @austinmoore- #2822
• Added documentation for vSphere support status. @prashima #2850
• Propose awsudo as a workaround for kops mfa @max-lobur #2791
• Have kops 1.7 use k8s 1.7 @justinsb #2838
• Upgrade kube-dns for 1.7 @justinsb #2839
• Update our dependencies to the release-1.7 branch versions @justinsb #2840
• instructions for gossip-based cluster @arun-gupta #2853
• fixing a typo @arun-gupta #2854
• Fix typos in kops_upgrade.md @aknuds1 #2815
• Makefile targets for go 1.8 & 1.9 @justinsb #2848
• review doc on creating instance group @gianrubio #2872
• increase default instance root volume size @chrislovecnm #2847
• Add comment for Subnets field @justinsb #2874
• Update docs for new volume sizes @justinsb #2873
• Doc fixes @chrislovecnm #2865
• Initial support for authentication (kopeio) @justinsb #2773
• Add SG parameter into AWS cloud-config @alexandrst88 #2808
• Update calico to use the correct CIDR for pods @ottoyiu #2768
• Bump dns-controller & kops for 1.7.0-alpha.1 @justinsb #2880
• Properly set IAM prefix for GovCloud #2887 @amdonov #2888
• vendor github.com/digitalocean/godo @andrewsykim #2891
• vendor github.com/google/go-querystring and github.com/tent/http-link-go @andrewsykim #2892
• Corrected spelling of ClusterSpec in README.md. @jburnham #2898
• Asset redirection via manifest parsing @justinsb #2769
• bump kubernetes dashboard version @gianrubio #2789
• fixing remapping, as it was not returning the remapped data @chrislovecnm #2905
• Add omitempty json tag to resolvConf fields @austinmoore- #2916
• Fix a documentation instance group doc typo @erickt #2910
• Fixing wrong brackets on links @chrislovecnm #2884
• add registryMirrors @qqshfox #2893
• Add instructions for deleting cluster @danielbryantuk #2902
• Start 1.7 release notes @justinsb #2875
• Increase fs.inotify.max_user_instances limit. Fixes #2912 @steelecliftonberry #2913
• fix cniAsset from env var @qqshfox #2897
• Trivial doc tidying. @rk295 #2686
• kube-proxy: set hostname-override on AWS @justinsb #2936
• correct misspelling “device” for vsphere/vsphere_cloud.go @fate-grand-order #2932
• Doc fixes @mrtyler #2931
• Fix typos in create cluster docs @benhartley #2935
• fix delete_cluster for those regions don’t have route53 @qqshfox #2940
• Update weave to 2.0.1 @marccarre #2829
• Query for available instance types @justinsb #2837
• digitalocean feature flag @andrewsykim #2929
• Updating ingress-controller, default-backend and fixing permission for ClusterRole @BradErz #2896
• Dedent weave manifest, for easier diffing @justinsb #2945
• Typos and add note about need for —dns-zone @deinspanjer #2817
• digitalocean support — dns provider @andrewsykim #2864
• Reduce size of images using debian-base @aledbf #2885
• Fix test breakage by PRs that crossed @justinsb #2948
• Fixes #2708 broken kubernetes-dashboard due to RBAC @BradErz #2949
• Restore removed submodules @justinsb #2946
• support china region @qqshfox #2947
• Fix swallowed errors in upup subdirectory. @alrs #2951
• Fix swallowed errors under pkg subdirectory. @alrs #2957
• Fix swallowed err in federation. @alrs #2952
• Try adding header to generated CLI docs @justinsb #2944
• Fixed unused import in tests. @alrs #2953
• Example of how to do bash in our CLI help @justinsb #2943
• Add back integration tests into CI @justinsb #2958
• Unsetting the variable in the Make file @BradErz #2962
• Fixes #2535. @rdtr #2549
• Update generated apimachinery @justinsb #2965
• Cleaner yaml formatting @justinsb #2967
• Release notes for Calico Pod CIDR changes made in #2768 @ottoyiu #2911
• Initial work on kops-server @justinsb #2766
• Issue #2977: Improve Manifest documentation @StevenACoffman #2981
• Add a feature flag for formatting assets @justinsb #2968
• protokube changes for allowing running a custom etcd container @chrislovecnm #2966
• versioning kops-server container, and changing container @chrislovecnm #2985
• Add reserve compute resources kubelet flags @itskingori #2982
• Add full changelist (so far) for the 1.7 release to the release notes @justinsb #2991
• Fix swallowed err variable in vfs package @alrs #2995
• Mark kops 1.7.0-beta.1 @justinsb #3005
• Add missing step to pull template file; correct kops option. @j14s #3006
• Test kops submit-queue @cjwagner #3012
• kOps apiserver support for openapi and generated API docs @pwittrock #3001
• Fix for the instructions about using KOPS_FEATURE_FLAGS for drain and… @FrederikNS #2934
• populate cloud labels with cluster autoscaler tags @sethpollack #3017
• Support for lifecycles @justinsb #2763
• Map pod-infra-container-image flag @justinsb #3021
• New inventory assets API @chrislovecnm #2964
• Copy docker images when they are redirected @justinsb #3016
• Updates for g3 machine type @chrislovecnm #2986
• Adding ssh access flag @BradErz #3014
• Add gen-api-docs target to makefile @justinsb #3004
• Remap pause image through our AssetBuilder @justinsb #3026
• removing dead code @chrislovecnm #3030
• Handle the case where GetCluster returns nil @justinsb #3038
• Create labels.yaml file to define the ‘lgtm’ and ‘approved’ labels. @cjwagner #3042
• Fix migration script to take ipip mode into account @ottoyiu #3043
• Updating flannel to use RBAC in 1.6 so its not broken when deploying @BradErz #3033
• Honor shared tags when deleting subnets/vpcs @justinsb #2960
• Create test for ssh-access @justinsb #3027
• Fixing “dederation” @craigmonson #3050