Releases: kubernetes-sigs/cloud-provider-azure
v1.29.7
Full Changelog: v1.29.6..v1.29.7
Changes by Kind
Bug or Regression
- Ensure NSG rules cleanup excludes DestinationApplicationSecurityGroups (#6340, @zarvd)
- Fix setting single dst prefix for NSG rule (#6277, @zarvd)
- Fix: Ensure vnet ID will be attached to backend pool in local service reconciliation loops. (#6294, @k8s-infra-cherrypick-robot)
- This only affects 1P, internal-to-Microsoft, customers. Windows 2019 with dual-stack is not possible otherwise. (#6327, @k8s-infra-cherrypick-robot)
Dependencies
Added
Nothing has changed.
Changed
- github.com/Azure/go-autorest/autorest/adal: v0.9.23 → v0.9.24
- github.com/go-logr/logr: v1.4.1 → v1.4.2
- github.com/onsi/ginkgo/v2: v2.17.3 → v2.19.0
- golang.org/x/net: v0.24.0 → v0.25.0
- golang.org/x/sys: v0.20.0 → v0.21.0
- golang.org/x/text: v0.15.0 → v0.16.0
- golang.org/x/tools: v0.20.0 → e35e4cc
- sigs.k8s.io/cloud-provider-azure/pkg/azclient: v0.0.20 → v0.0.23
Removed
Nothing has changed.
v1.30.2
Full Changelog: v1.30.1..v1.30.2
Changes by Kind
Bug or Regression
- Fix generating NSG rules while using shared BYO public IP (#6216, @zarvd)
- Fix: Only check internal lbs for internal services when using multi-slb (#6144, @k8s-infra-cherrypick-robot)
Dependencies
Added
Nothing has changed.
Changed
- github.com/onsi/ginkgo/v2: v2.17.2 → v2.17.3
- golang.org/x/crypto: v0.22.0 → v0.23.0
- golang.org/x/sys: v0.19.0 → v0.20.0
- golang.org/x/term: v0.19.0 → v0.20.0
- golang.org/x/text: v0.14.0 → v0.15.0
- k8s.io/api: v0.30.0 → v0.30.1
- k8s.io/apimachinery: v0.30.0 → v0.30.1
- k8s.io/apiserver: v0.30.0 → v0.30.1
- k8s.io/client-go: v0.30.0 → v0.30.1
- k8s.io/cloud-provider: v0.30.0 → v0.30.1
- k8s.io/component-base: v0.30.0 → v0.30.1
- k8s.io/component-helpers: v0.30.0 → v0.30.1
- k8s.io/controller-manager: v0.30.0 → v0.30.1
- k8s.io/cri-api: v0.30.0 → v0.30.1
- k8s.io/kms: v0.30.0 → v0.30.1
- k8s.io/kubelet: v0.30.0 → v0.30.1
- sigs.k8s.io/cloud-provider-azure/pkg/azclient/configloader: v0.0.8 → v0.0.11
- sigs.k8s.io/cloud-provider-azure/pkg/azclient: v0.0.15 → v0.0.19
Removed
Nothing has changed.
v1.29.6
Full Changelog: v1.29.5..v1.29.6
Changes by Kind
Bug or Regression
- Fix generating NSG rules while using shared BYO public IP (#6217, @zarvd)
- Fix: Only check internal lbs for internal services when using multi-slb (#6143, @k8s-infra-cherrypick-robot)
Dependencies
Added
- github.com/chromedp/cdproto: 3cf4e6d
- github.com/chromedp/chromedp: v0.9.2
- github.com/chromedp/sysutil: v1.0.0
- github.com/go-task/slim-sprig/v3: v3.0.0
- github.com/gobwas/httphead: v0.1.0
- github.com/gobwas/pool: v0.2.1
- github.com/gobwas/ws: v1.2.1
- golang.org/x/telemetry: f48c80b
Changed
- github.com/Azure/azure-sdk-for-go/sdk/internal: v1.5.2 → v1.6.0
- github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/compute/armcompute/v5: v5.6.0 → v5.7.0
- github.com/google/pprof: ada837c → a892ee0
- github.com/ianlancetaylor/demangle: eabc099 → bd984b5
- github.com/onsi/ginkgo/v2: v2.17.1 → v2.17.3
- github.com/onsi/gomega: v1.32.0 → v1.33.1
- golang.org/x/crypto: v0.22.0 → v0.23.0
- golang.org/x/mod: v0.14.0 → v0.17.0
- golang.org/x/sys: v0.19.0 → v0.20.0
- golang.org/x/term: v0.19.0 → v0.20.0
- golang.org/x/text: v0.14.0 → v0.15.0
- golang.org/x/tools: v0.17.0 → v0.20.0
- k8s.io/api: v0.29.4 → v0.29.5
- k8s.io/apimachinery: v0.29.4 → v0.29.5
- k8s.io/apiserver: v0.29.4 → v0.29.5
- k8s.io/client-go: v0.29.4 → v0.29.5
- k8s.io/cloud-provider: v0.29.4 → v0.29.5
- k8s.io/component-base: v0.29.4 → v0.29.5
- k8s.io/component-helpers: v0.29.4 → v0.29.5
- k8s.io/controller-manager: v0.29.4 → v0.29.5
- k8s.io/cri-api: v0.29.4 → v0.29.5
- k8s.io/kms: v0.29.4 → v0.29.5
- k8s.io/kubelet: v0.29.4 → v0.29.5
- sigs.k8s.io/cloud-provider-azure/pkg/azclient: v0.0.13 → v0.0.20
Removed
Nothing has changed.
v1.30.1
Full Changelog: v1.30.0..v1.30.1
Changes by Kind
Bug or Regression
- Fix cleaning up security rule for services with shared external-IP (#6093, @k8s-infra-cherrypick-robot)
Dependencies
Added
- github.com/chromedp/cdproto: 3cf4e6d
- github.com/chromedp/chromedp: v0.9.2
- github.com/chromedp/sysutil: v1.0.0
- github.com/go-task/slim-sprig/v3: v3.0.0
- github.com/gobwas/httphead: v0.1.0
- github.com/gobwas/pool: v0.2.1
- github.com/gobwas/ws: v1.2.1
Changed
- github.com/google/pprof: ada837c → a892ee0
- github.com/ianlancetaylor/demangle: eabc099 → bd984b5
- github.com/onsi/ginkgo/v2: v2.17.1 → v2.17.2
- github.com/onsi/gomega: v1.33.0 → v1.33.1
- golang.org/x/mod: v0.15.0 → v0.17.0
- golang.org/x/net: v0.23.0 → v0.24.0
- golang.org/x/telemetry: b75ee88 → f48c80b
- golang.org/x/tools: v0.18.0 → v0.20.0
- sigs.k8s.io/cloud-provider-azure/pkg/azclient/configloader: v0.0.7 → v0.0.8
- sigs.k8s.io/cloud-provider-azure/pkg/azclient: v0.0.13 → v0.0.15
Removed
Nothing has changed.
v1.29.5
Full Changelog: v1.29.4..v1.29.5
Changes by Kind
Bug or Regression
- Fix cleaning up security rule for services with shared external-IP (#6092, @k8s-infra-cherrypick-robot)
Dependencies
Added
Nothing has changed.
Changed
Nothing has changed.
Removed
Nothing has changed.
v1.30.0
Full Changelog: v1.29.0..v1.30.0
Changes by Kind
Feature
- Add support of service principal with cert auth for multi tenant scenario (#5594, @bowen5)
- Feat: Add a cloud-node-manager sidecar container called health-probe-proxy to transfer the traffic from port 10356 to the kube-proxy health check server port 10256. This sidecar will parse the proxy protocol packet data unit when the user uses private link service integrated with the service annotation and set the proxy protocol annotation. In this case the kube-proxy health probe server will not read the health probe request from the SLB and fails the health check. (#5180, @nilo19)
- Feat: add forceDetach parameter in DetachDisk function (#5559, @andyzhangx)
- Feat: support workload identity setting in static PV mount on AKS (#4996, @cvvz)
- Refine consolidating security-rules for LoadBalancer service.
Deprecate service annotationservice.beta.kubernetes.io/azure-shared-securityrule
. (#5164, @zarvd) - When user-provided
LoadBalancerSourceRanges
orazure-allowed-ip-ranges
are not valid network prefixes, cloud-controller-manager skips these invalid ranges, emits a warning event, and adds a deny-All rule in nsg. (#5650, @jwtty)
Bug or Regression
-
Allow space-separated load balancer source ranges in service annotation. Allow
service.beta.kubernetes.io/load-balancer-source-ranges
to be used together withservice.beta.kubernetes.io/azure-allowed-service-tags
. (#5885, @jwtty) -
Fix cleaning legacy security rules while upgrading from versions that are 1.28 or older. (#5886, @zarvd)
-
Fix: Skip attaching/detaching vmss vm to lb backend pool if the vm is not active.
We should not update the VM instance if its provisioning state or power state is not good. This will save a lot of api calls and reduce throttling issues. (#5356, @nilo19)
-
Fix: The case of load balancer name should be ignored when determing if it is an internal load balancer. (#5225, @nilo19)
-
Fix: [multi-slb] Put the service in the load balancer that has no label/namespace selector only if there is no other choice for the service. (#5281, @nilo19)
-
Fix: azure_loadbalancer.go: don't use service.Name, when service is nil (#5266, @damdo)
-
Fix: fileshare snapshot does not require setting RequestGiB (#5438, @andyzhangx)
-
Fix: get zone panic (#5821, @andyzhangx)
-
Fix: match tags issue in account search (#5465, @andyzhangx)
-
Fix: move lockMap initialization into InitializeCloudFromConfig func to fix panic (#5466, @andyzhangx)
-
Fix: nfs file share created in storage account that has smb file share (#5619, @andyzhangx)
-
Fix: shared probe should not be removed if there are other services using it when deleting a service (#5042, @nilo19)
-
For dual-stack Windows case, both ipv4 and ipv6 ip address are provided and separated by comma in a string. This change is to split the ipv4 and ipv6 addresses and check whether all these provided IPs exist in the cloud provider. (#5747, @mainred)
-
Force cache refresh for getVMManagementTypeByIPConfigurationID(). The reason is that when a new standalone VM is included in the cluster, CCM cannot tell its VM type with stale cache. (#5948, @lzhecheng)
-
Truncate lengthy PIP name. If PIP prefix is lengthy, the PIP name may be longer than 80. If so, the PIP name needs truncation. (#5219, @lzhecheng)
Other (Cleanup or Flake)
- Chore: AddStorageAccountTags refine (#5535, @andyzhangx)
- Kubernetes dependencies are updated to v1.29.0 (#5199, @feiskyer)
Dependencies
Added
- github.com/Azure/azure-sdk-for-go/sdk/keyvault/azsecrets: v0.12.0
- github.com/Azure/azure-sdk-for-go/sdk/keyvault/internal: v0.7.1
- github.com/fxamacker/cbor/v2: v2.6.0
- github.com/golang-jwt/jwt: v3.2.1+incompatible
- github.com/modocache/gover: b58185e
- github.com/x448/float16: v0.8.4
- go.uber.org/mock: v0.4.0
- golang.org/x/telemetry: b75ee88
- k8s.io/gengo/v2: 51d4e06
Changed
- github.com/Azure/azure-kusto-go: v0.15.0 → v0.15.2
- github.com/Azure/azure-sdk-for-go/sdk/azcore: v1.9.0 → v1.11.1
- github.com/Azure/azure-sdk-for-go/sdk/azidentity: v1.4.0 → v1.5.2
- github.com/Azure/azure-sdk-for-go/sdk/internal: v1.5.0 → v1.5.2
- github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/compute/armcompute/v5: v5.3.0 → v5.6.0
- github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v4: v4.6.0 → v4.8.0
- github.com/AzureAD/microsoft-authentication-library-for-go: v1.2.0 → v1.2.2
- github.com/emicklei/go-restful/v3: v3.10.2 → v3.11.0
- github.com/evanphx/json-patch: v5.7.0+incompatible → v5.9.0+incompatible
- github.com/go-logr/logr: v1.3.0 → v1.4.1
- github.com/go-logr/zapr: v1.2.3 → v1.3.0
- github.com/golang-jwt/jwt/v5: v5.0.0 → v5.2.1
- github.com/golang/protobuf: v1.5.3 → v1.5.4
- github.com/google/cel-go: v0.16.1 → v0.17.8
- github.com/google/uuid: v1.4.0 → v1.6.0
- github.com/gorilla/websocket: v1.4.2 → v1.5.0
- github.com/onsi/ginkgo/v2: v2.13.2 → v2.17.1
- github.com/onsi/gomega: v1.30.0 → v1.33.0
- github.com/pkg/browser: 681adbf → 5ac0b6a
- github.com/stretchr/objx: v0.5.0 → v0.5.2
- github.com/stretchr/testify: v1.8.4 → v1.9.0
- go.etcd.io/bbolt: v1.3.7 → v1.3.8
- go.etcd.io/etcd/api/v3: v3.5.9 → v3.5.10
- go.etcd.io/etcd/client/pkg/v3: v3.5.9 → v3.5.10
- go.etcd.io/etcd/client/v2: v2.305.9 → v2.305.10
- go.etcd.io/etcd/client/v3: v3.5.9 → v3.5.10
- go.etcd.io/etcd/pkg/v3: v3.5.9 → v3....
v1.29.4
Full Changelog: v1.29.3..v1.29.4
Changes by Kind
Bug or Regression
- Allow space-separated load balancer source ranges in service annotation. Allow
service.beta.kubernetes.io/load-balancer-source-ranges
to be used together withservice.beta.kubernetes.io/azure-allowed-service-tags
. (#5887, @k8s-infra-cherrypick-robot) - Fix cleaning legacy security rules while upgrading from versions that are 1.28 or older. (#5918, @k8s-infra-cherrypick-robot)
- Fix: Retry put vmss vm on preempted error (#5921, @k8s-infra-cherrypick-robot)
- Force cache refresh for getVMManagementTypeByIPConfigurationID(). The reason is that when a new standalone VM is included in the cluster, CCM cannot tell its VM type with stale cache. (#5970, @k8s-infra-cherrypick-robot)
Dependencies
Added
- github.com/Azure/azure-sdk-for-go/sdk/keyvault/azsecrets: v0.12.0
- github.com/Azure/azure-sdk-for-go/sdk/keyvault/internal: v0.7.1
- github.com/golang-jwt/jwt: v3.2.1+incompatible
- github.com/modocache/gover: b58185e
Changed
- github.com/Azure/azure-kusto-go: v0.15.1 → v0.15.2
- github.com/Azure/azure-sdk-for-go/sdk/azcore: v1.10.0 → v1.11.1
- github.com/Azure/azure-sdk-for-go/sdk/azidentity: v1.5.1 → v1.5.2
- github.com/AzureAD/microsoft-authentication-library-for-go: v1.2.1 → v1.2.2
- github.com/golang-jwt/jwt/v5: v5.2.0 → v5.2.1
- github.com/onsi/ginkgo/v2: v2.17.0 → v2.17.1
- golang.org/x/crypto: v0.21.0 → v0.22.0
- golang.org/x/net: v0.21.0 → v0.24.0
- golang.org/x/sync: v0.6.0 → v0.7.0
- golang.org/x/sys: v0.18.0 → v0.19.0
- golang.org/x/term: v0.18.0 → v0.19.0
- k8s.io/api: v0.29.3 → v0.29.4
- k8s.io/apimachinery: v0.29.3 → v0.29.4
- k8s.io/apiserver: v0.29.3 → v0.29.4
- k8s.io/client-go: v0.29.3 → v0.29.4
- k8s.io/cloud-provider: v0.29.3 → v0.29.4
- k8s.io/component-base: v0.29.3 → v0.29.4
- k8s.io/component-helpers: v0.29.3 → v0.29.4
- k8s.io/controller-manager: v0.29.3 → v0.29.4
- k8s.io/cri-api: v0.29.3 → v0.29.4
- k8s.io/kms: v0.29.3 → v0.29.4
- k8s.io/kubelet: v0.29.3 → v0.29.4
- sigs.k8s.io/cloud-provider-azure/pkg/azclient/configloader: v0.0.1 → v0.0.4
- sigs.k8s.io/cloud-provider-azure/pkg/azclient: v0.0.4 → v0.0.13
Removed
Nothing has changed.
v1.28.9
Full Changelog: v1.28.8..v1.28.9
Changes by Kind
Bug or Regression
- Allow space-separated load balancer source ranges in service annotation. Allow
service.beta.kubernetes.io/load-balancer-source-ranges
to be used together withservice.beta.kubernetes.io/azure-allowed-service-tags
. (#5893, @jwtty) - Fix: Retry put vmss vm on preempted error (#5966, @nilo19)
- Force cache refresh for getVMManagementTypeByIPConfigurationID(). The reason is that when a new standalone VM is included in the cluster, CCM cannot tell its VM type with stale cache. (#5971, @k8s-infra-cherrypick-robot)
Dependencies
Added
Nothing has changed.
Changed
- github.com/Azure/azure-kusto-go: v0.15.1 → v0.15.2
- github.com/onsi/gomega: v1.32.0 → v1.33.0
- golang.org/x/crypto: v0.21.0 → v0.22.0
- golang.org/x/net: v0.21.0 → v0.24.0
- golang.org/x/sync: v0.6.0 → v0.7.0
- golang.org/x/sys: v0.18.0 → v0.19.0
- golang.org/x/term: v0.18.0 → v0.19.0
- k8s.io/api: v0.28.8 → v0.28.9
- k8s.io/apimachinery: v0.28.8 → v0.28.9
- k8s.io/apiserver: v0.28.8 → v0.28.9
- k8s.io/client-go: v0.28.8 → v0.28.9
- k8s.io/cloud-provider: v0.28.8 → v0.28.9
- k8s.io/component-base: v0.28.8 → v0.28.9
- k8s.io/component-helpers: v0.28.8 → v0.28.9
- k8s.io/controller-manager: v0.28.8 → v0.28.9
- k8s.io/cri-api: v0.28.8 → v0.28.9
- k8s.io/kms: v0.28.8 → v0.28.9
- k8s.io/kubelet: v0.28.8 → v0.28.9
Removed
Nothing has changed.
v1.27.17
Full Changelog: v1.27.16..v1.27.17
Changes by Kind
Bug or Regression
- Allow space-separated load balancer source ranges in service annotation. Allow
service.beta.kubernetes.io/load-balancer-source-ranges
to be used together withservice.beta.kubernetes.io/azure-allowed-service-tags
. (#5894, @jwtty) - Fix: Retry put vmss vm on preempted error (#5925, @nilo19)
- Force cache refresh for getVMManagementTypeByIPConfigurationID(). The reason is that when a new standalone VM is included in the cluster, CCM cannot tell its VM type with stale cache. (#5972, @k8s-infra-cherrypick-robot)
Dependencies
Added
Nothing has changed.
Changed
- github.com/onsi/gomega: v1.32.0 → v1.33.0
- golang.org/x/crypto: v0.21.0 → v0.22.0
- golang.org/x/net: v0.21.0 → v0.24.0
- golang.org/x/sync: v0.6.0 → v0.7.0
- golang.org/x/sys: v0.18.0 → v0.19.0
- golang.org/x/term: v0.18.0 → v0.19.0
- k8s.io/api: v0.27.12 → v0.27.13
- k8s.io/apimachinery: v0.27.12 → v0.27.13
- k8s.io/apiserver: v0.27.12 → v0.27.13
- k8s.io/client-go: v0.27.12 → v0.27.13
- k8s.io/cloud-provider: v0.27.12 → v0.27.13
- k8s.io/component-base: v0.27.12 → v0.27.13
- k8s.io/component-helpers: v0.27.12 → v0.27.13
- k8s.io/controller-manager: v0.27.12 → v0.27.13
- k8s.io/kms: v0.27.12 → v0.27.13
- k8s.io/kubelet: v0.27.12 → v0.27.13
Removed
Nothing has changed.
v1.29.3
Full Changelog: v1.29.2..v1.29.3
Changes by Kind
Feature
- When user-provided
LoadBalancerSourceRanges
orazure-allowed-ip-ranges
are not valid network prefixes, cloud-controller-manager skips these invalid ranges, emits a warning event, and adds a deny-All rule in nsg. (#5749, @k8s-infra-cherrypick-robot)
Bug or Regression
- For dual-stack Windows case, both ipv4 and ipv6 ip address are provided and separated by comma in a string. This change is to split the ipv4 and ipv6 addresses and check whether all these provided IPs exist in the cloud provider. (#5759, @k8s-infra-cherrypick-robot)
Dependencies
Added
Nothing has changed.
Changed
- github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/compute/armcompute/v5: v5.5.0 → v5.6.0
- github.com/onsi/gomega: v1.31.1 → v1.32.0
- gopkg.in/dnaeon/go-vcr.v3: v3.1.2 → v3.2.0
- sigs.k8s.io/cloud-provider-azure/pkg/azclient/configloader: ba9f211 → v0.0.1
- sigs.k8s.io/cloud-provider-azure/pkg/azclient: ba9f211 → v0.0.2
Removed
Nothing has changed.