Releases: oracle/oci-cloud-controller-manager
Releases · oracle/oci-cloud-controller-manager
v1.30.0
What's Changed
- Security patching, updated Makefile, Readme and Third Party Licences
New features
- Added Dns Names Support For Fss Mount Targets
- Support for ingress ipMode via new annotation in k8s 1.30+
- Support ReadWriteOnceWithFSType fsGroupPolicy in CSI Driver for non-root user
- Support for Proxy Protocol Version 2 (PPv2) on NLB via CCM
- Add Raw Block Volume support
- Add OpenShift Tag to identify Openshift usage and support secondary vnic function
Code Enhancements and Bug Fixes
- Adding rate limiting for fss node mount to avoid OOM
- Updated UHP post detach logout wait logic
- Upgraded CSI sidecar versions
- Fix CCM Bug in Sec List Rule Management when ipPReserveSource is set to true for NLBs
- Fix readyToUse false issue for large data volumes
- Fix the santisedDevices logic for ubuntu nodes
- Fix bug in wrapper returning response for NSG rules
- Made error handling changes in FSS GetPrivateIP flow
New E2Es, Unit Tests and Enhancements
- Added FSS mount options e2e enhancement
- Updating all CCM E2Es to create private LB where possible
- Allow skipping E2Es via new SKIP_FOCUS environment variable
- Fix UT to add instance id to instanceCache
- CCM E2E - K8s version check fix
- Add annotation to configure the cipher suites on LBaaS and add e2e test cases
Full Changelog: v1.29.0...v1.30.0
v1.29.1
What's Changed
- Security patching, updated Makefile, Readme and Third Party Licences
New features
- Added Dns Names Support For Fss Mount Targets
- Support ReadWriteOnceWithFSType fsGroupPolicy in CSI Driver for non-root user
- Support for Proxy Protocol Version 2 (PPv2) on NLB via CCM
- Add Raw Block Volume support
- Add OpenShift Tag to identify Openshift usage and support secondary vnic function
Code Enhancements and Bug Fixes
- Adding rate limiting for fss node mount to avoid OOM
- Updated UHP post detach logout wait logic
- Upgraded CSI sidecar versions
- Fix CCM Bug in Sec List Rule Management when ipPReserveSource is set to true for NLBs
- Fix readyToUse false issue for large data volumes
- Fix the santisedDevices logic for ubuntu nodes
- Fix bug in wrapper returning response for NSG rules
- Made error handling changes in FSS GetPrivateIP flow
New E2Es, Unit Tests and Enhancements
- Added FSS mount options e2e enhancement
- Updating all CCM E2Es to create private LB where possible
- Allow skipping E2Es via new SKIP_FOCUS environment variable
- Fix UT to add instance id to instanceCache
- CCM E2E - K8s version check fix
- Add annotation to configure the cipher suites on LBaaS and add e2e test cases
Full Changelog: v1.29.0...v1.29.1
v1.28.2
What's Changed
- Security patching, updated Makefile, Readme and Third Party Licences
New features
- Added Dns Names Support For Fss Mount Targets
- Support ReadWriteOnceWithFSType fsGroupPolicy in CSI Driver for non-root user
- Support for Proxy Protocol Version 2 (PPv2) on NLB via CCM
- Add Raw Block Volume support
- Add OpenShift Tag to identify Openshift usage and support secondary vnic function
Code Enhancements and Bug Fixes
- Adding rate limiting for fss node mount to avoid OOM
- Updated UHP post detach logout wait logic
- Upgraded CSI sidecar versions
- Fix CCM Bug in Sec List Rule Management when ipPReserveSource is set to true for NLBs
- Fix readyToUse false issue for large data volumes
- Fix the santisedDevices logic for ubuntu nodes
- Fix bug in wrapper returning response for NSG rules
- Made error handling changes in FSS GetPrivateIP flow
New E2Es, Unit Tests and Enhancements
- Added FSS mount options e2e enhancement
- Updating all CCM E2Es to create private LB where possible
- Allow skipping E2Es via new SKIP_FOCUS environment variable
- Fix UT to add instance id to instanceCache
- CCM E2E - K8s version check fix
- Add annotation to configure the cipher suites on LBaaS and add e2e test cases
Full Changelog: v1.28.1...v1.28.2
v1.29.0
What's Changed
- Added wait in volume expansion for volume to become available
- fix security list rule clean up flow for OCI loadbalancer delete calls
- for externalTrafficPolicy local the healthcheck port security rule should be retained
- skip healthcheck port in use for services that are deleted or not of type loadbalancer
- Added fix to check length of consistent device paths available before attempting read
- process updateLoadbalancer if NLB is in failed state
- Fix CVEs
- Separating UpdateLoadBalancer flow for Backends from Ensure Load Balancer flow in CCM
- Moved listener and backendset updates before shape change & other customer error prone operations
- Changes to parallelise e2e test runs
- add opc-retry-token
- Do not record events for failure to acquire lock for lb sync
- Add unit test to for merging common tags tags at the time of creation of LB & storage resources
- Use topology.kubernetes.io labels
- set serviceUid as opc-retry-token
- Bugfix: Ensure backend ssl certificates during Update LoadBalancer Backendsets flow
- Fix response when no size change in ControllerExpandVolume
- Avoid change service type in update shape test cases
- List instances to check for authorization issues
Full Changelog: v1.28.0...v1.29.0
v1.28.1
What's Changed
- Added wait in volume expansion for volume to become available
- fix security list rule clean up flow for OCI loadbalancer delete calls
- for externalTrafficPolicy local the healthcheck port security rule should be retained
- skip healthcheck port in use for services that are deleted or not of type loadbalancer
- Added fix to check length of consistent device paths available before attempting read
- process updateLoadbalancer if NLB is in failed state
- Fix CVEs
- Separating UpdateLoadBalancer flow for Backends from Ensure Load Balancer flow in CCM
- Moved listener and backendset updates before shape change & other customer error prone operations
- Changes to parallelise e2e test runs
- add opc-retry-token
- Do not record events for failure to acquire lock for lb sync
- Add unit test to for merging common tags tags at the time of creation of LB & storage resources
- Use topology.kubernetes.io labels
- set serviceUid as opc-retry-token
- Bugfix: Ensure backend ssl certificates during Update LoadBalancer Backendsets flow
- Fix response when no size change in ControllerExpandVolume
- Avoid change service type in update shape test cases
- List instances to check for authorization issues
Full Changelog: v1.28.0...v1.28.1
v1.27.3
What's Changed
- Added wait in volume expansion for volume to become available
- fix security list rule clean up flow for OCI loadbalancer delete calls
- for externalTrafficPolicy local the healthcheck port security rule should be retained
- skip healthcheck port in use for services that are deleted or not of type loadbalancer
- Added fix to check length of consistent device paths available before attempting read
- process updateLoadbalancer if NLB is in failed state
- Fix CVEs
- Separating UpdateLoadBalancer flow for Backends from Ensure Load Balancer flow in CCM
- Moved listener and backendset updates before shape change & other customer error prone operations
- Changes to parallelise e2e test runs
- add opc-retry-token
- Do not record events for failure to acquire lock for lb sync
- Add unit test to for merging common tags tags at the time of creation of LB & storage resources
- Use topology.kubernetes.io labels
- set serviceUid as opc-retry-token
- Bugfix: Ensure backend ssl certificates during Update LoadBalancer Backendsets flow
- Fix response when no size change in ControllerExpandVolume
- Avoid change service type in update shape test cases
- List instances to check for authorization issues
Full Changelog: v1.27.2...v1.27.3
v1.26.4
What's Changed
- Added wait in volume expansion for volume to become available
- fix security list rule clean up flow for OCI loadbalancer delete calls
- for externalTrafficPolicy local the healthcheck port security rule should be retained
- skip healthcheck port in use for services that are deleted or not of type loadbalancer
- Added fix to check length of consistent device paths available before attempting read
- process updateLoadbalancer if NLB is in failed state
- Fix CVEs
- Separating UpdateLoadBalancer flow for Backends from Ensure Load Balancer flow in CCM
- Moved listener and backendset updates before shape change & other customer error prone operations
- Changes to parallelise e2e test runs
- add opc-retry-token
- Do not record events for failure to acquire lock for lb sync
- Add unit test to for merging common tags tags at the time of creation of LB & storage resources
- Use topology.kubernetes.io labels
- set serviceUid as opc-retry-token
- Bugfix: Ensure backend ssl certificates during Update LoadBalancer Backendsets flow
- Fix response when no size change in ControllerExpandVolume
- Avoid change service type in update shape test cases
- List instances to check for authorization issues
Full Changelog: v1.26.3...v1.26.4
v1.28.0
What's Changed
- Upgraded k8s to v1.28
- NSG rule management for CCM loadbalancers and respective e2e tests
- Add validation if loadbalancer subnets are empty and new unit test cases
- Bug fix for topology collision error in CSI node driver
- Bug fixes and follow-up improvements for the NSG rule management feature
- CSI controller GRPCs now use parent contexts, new unit tests and logging improvements
- Updated timeouts for CSI ControllerPublish/ControllerUnpublish/ControllerExpand calls
- Fix for FSS controller nil pointer reference causing panic
- Enabling static FSS Intransit encryption Tests for ARM
- Support UHP volumes
- CVE fixes
- E2E and other doc updates
Full Changelog: v1.27.1...v1.28.0
v1.27.2
What's Changed
- NSG rule management for CCM loadbalancers and respective e2e tests
- Add validation if loadbalancer subnets are empty and new unit test cases
- Bug fix for topology collision error in CSI node driver
- Bug fixes and follow-up improvements for the NSG rule management feature
- CSI controller GRPCs now use parent contexts, new unit tests and logging improvements
- Updated timeouts for CSI ControllerPublish/ControllerUnpublish/ControllerExpand calls
- Fix for FSS controller nil pointer reference causing panic
- Enabling static FSS Intransit encryption Tests for ARM
- Support UHP volumes
- CVE fixes
- E2E and other doc updates
Full Changelog: v1.27.1...v1.27.2
v1.26.3
What's Changed
- NSG rule management for CCM loadbalancers and respective e2e tests
- Add validation if loadbalancer subnets are empty and new unit test cases
- Bug fix for topology collision error in CSI node driver
- Bug fixes and follow-up improvements for the NSG rule management feature
- CSI controller GRPCs now use parent contexts, new unit tests and logging improvements
- Updated timeouts for CSI ControllerPublish/ControllerUnpublish/ControllerExpand calls
- Fix for FSS controller nil pointer reference causing panic
- Enabling static FSS Intransit encryption Tests for ARM
- Support UHP volumes
- CVE fixes
- E2E and other doc updates
Full Changelog: v1.26.2...v1.26.3