diff --git a/CHANGELOG.md b/CHANGELOG.md index 7f61ddd70bc..6b370509574 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,114 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). +## 0.10.0 - 2019-01-15 + +### Added + +- The installer pushes an Infrastructure object to + infrastructures.config.openshift.io with platform information. + Cluster components should use this instead of the deprecated + `cluster-config-v1` resource. +- `openshift-install` has a new `completion` subcommand, to generation + shell-completion code (currently only for Bash). +- On AWS, `destroy cluster` now also removed IAM users with the usual + tags. We don't create these users yet, but the removal sets the + stage for the coming credentials operator. + +### Changed + +- Install configuration now includes a new `apiVersion` property which + must be set to `v1beta1`. Future changes to the install-config + schema will result in new versions, allowing new installers to + continue to support older install-config schema (and older + installers to error out when presented with newer install-config + schema). Changes to the schema since 0.9.0: + + - `clusterID` has been removed. This should be a new UUID for + every cluster, so there is no longer an easy way for users to + configure it. + - Image configuration has been removed. Almost all users should + be fine with the installer-chosen RHCOS. Users who need to + override the RHCOS build (because they're testing new RHCOS + releases) can set a new `OPENSHIFT_INSTALL_OS_IMAGE_OVERRIDE` + environment variable. + - Per-platform network properties have been consolidated into the + platform-agnostic `machineCIDR` from which node IP addresses are + assigned. + - On libvirt, all machine-pool configuration has been removed, as + no remaining properties were supported by the libvirt + cluster-API provider. + +- `install-config.yaml` read during [staged + installs](docs/user/overview.md#multiple-invocations) will now have + installer-defaults applied for missing properties. This allows you + to set only the properties you are interested in overriding, and + allow the installer to manage the remaining properties. +- `create ignition-configs` now also writes the admin kubeconfig to + the asset directory, to support bring-your-own-infrastructure use + cases. +- The bootstrap node now [serves + journals](docs/user/troubleshooting.md#troubleshooting-the-bootstrap-node) + for easier troubleshooting. +- The validity for the initial kubelet TLS certificate has been + increased from one hour to 24 hours, to give + bring-your-own-infrastructure users longer to manually distribute + the certificate before it expires. +- The key for the root certificate authority is no longer pushed into + the cluster (not even to the bootstrap node). +- Machine(set)s generated by the installer now use `providerSpec` + instead of the deprecated `providerConfig`. +- On AWS, the load balancers now use HTTPS health checks to reduce log + noise like: + + http: TLS handshake error from 10.0.20.86:28372: EOF + +- On AWS, IAM roles are now tagged with the usual resource tags + (`openshiftClusterID`, etc.). Some other resources have had their + tags updated to match those conventions (e.g. the internal Route 53 + hosted zone was updated from `KubernetesCluster` to + `kubernetes.io/cluster/{name}: owned`). +- The OpenStack platform has been removed from the install-config + wizard while it remains experimental. It is still available for + users who supply their own `install-config.yaml`. +- On OpenStack, the service VP now respects any SSH key specified in + the install configuration. +- On OpenStack, a developer-only internal DNS server has been removed, + so users need to configure additional records for the existing + external DNS zone. +- On OpenStack, Neutron trunk ports are now used for VM network + interfaces if Neutron supports them to support future Kuryr + integration. +- On OpenStack, masters and workers have been consolidated in a single + subnet to simplify the deployment. +- On OpenStack, the Ignition security group now only allows internal + connections, and no longer allows connections from outside the + cluster network. +- On OpenStack, the machine(set) templates have been updated to set + `cloudName` and some other properties. +- On libvirt, `destroy cluster` is now more robust in the face of + domains which were already shutdown. +- Lots of doc and internal cleanup and minor fixes. + +### Removed + +- Support for `install-config.yml` (deprecated in 0.8.0) has been + removed. + +### Fixed + +- On AWS, domain pagination for the wizard's base-domain select widget + has been fixed. Previously, it would continuously fetch the first + page of hosted zones (for accounts with multiple pages of zones) + until it hit an error like: + + ``` + ERROR list hosted zones: Throttling: Rate exceeded + status code: 400, request id: ... + ``` + + before falling back to a free-form base-domain input. + ## 0.9.0 - 2019-01-05 ### Added diff --git a/hack/build.sh b/hack/build.sh index 87d9c454a82..66ac0ef6111 100755 --- a/hack/build.sh +++ b/hack/build.sh @@ -2,6 +2,9 @@ set -ex +RELEASE_IMAGE="${RELEASE_IMAGE:-quay.io/openshift-release-dev/ocp-release:4.0.0-0.1}" +RHCOS_BUILD_NAME="${RELEASE_BUILD_NAME:-47.249}" + # shellcheck disable=SC2068 version() { IFS="."; printf "%03d%03d%03d\\n" $@; unset IFS;} diff --git a/pkg/asset/ignition/bootstrap/bootstrap.go b/pkg/asset/ignition/bootstrap/bootstrap.go index fde8a392660..49410ae9de7 100644 --- a/pkg/asset/ignition/bootstrap/bootstrap.go +++ b/pkg/asset/ignition/bootstrap/bootstrap.go @@ -145,7 +145,7 @@ func (a *Bootstrap) getTemplateData(installConfig *types.InstallConfig) (*bootst } releaseImage := defaultReleaseImage - if ri, ok := os.LookupEnv("OPENSHIFT_INSTALL_RELEASE_IMAGE_OVERRIDE"); ok && ri != "" { + if ri, ok := os.LookupEnv("_OPENSHIFT_INSTALL_RELEASE_IMAGE_OVERRIDE"); ok && ri != "" { logrus.Warn("Found override for ReleaseImage. Please be warned, this is not advised") releaseImage = ri } diff --git a/pkg/types/aws/validation/platform.go b/pkg/types/aws/validation/platform.go index a231372b9bd..95c50732228 100644 --- a/pkg/types/aws/validation/platform.go +++ b/pkg/types/aws/validation/platform.go @@ -15,22 +15,22 @@ var ( Regions = map[string]string{ "ap-northeast-1": "Tokyo", "ap-northeast-2": "Seoul", - "ap-northeast-3": "Osaka-Local", + //"ap-northeast-3": "Osaka-Local", "ap-south-1": "Mumbai", "ap-southeast-1": "Singapore", "ap-southeast-2": "Sydney", "ca-central-1": "Central", - "cn-north-1": "Beijing", - "cn-northwest-1": "Ningxia", - "eu-central-1": "Frankfurt", - "eu-west-1": "Ireland", - "eu-west-2": "London", - "eu-west-3": "Paris", - "sa-east-1": "São Paulo", - "us-east-1": "N. Virginia", - "us-east-2": "Ohio", - "us-west-1": "N. California", - "us-west-2": "Oregon", + //"cn-north-1": "Beijing", + //"cn-northwest-1": "Ningxia", + "eu-central-1": "Frankfurt", + "eu-west-1": "Ireland", + "eu-west-2": "London", + "eu-west-3": "Paris", + "sa-east-1": "São Paulo", + "us-east-1": "N. Virginia", + "us-east-2": "Ohio", + "us-west-1": "N. California", + "us-west-2": "Oregon", } validRegionValues = func() []string { diff --git a/pkg/types/validation/installconfig_test.go b/pkg/types/validation/installconfig_test.go index 776cf5797b8..eb62ed59008 100644 --- a/pkg/types/validation/installconfig_test.go +++ b/pkg/types/validation/installconfig_test.go @@ -234,7 +234,7 @@ func TestValidateInstallConfig(t *testing.T) { } return c }(), - expectedError: `^platform\.aws\.region: Unsupported value: "": supported values: "ap-northeast-1", "ap-northeast-2", "ap-northeast-3", "ap-south-1", "ap-southeast-1", "ap-southeast-2", "ca-central-1", "cn-north-1", "cn-northwest-1", "eu-central-1", "eu-west-1", "eu-west-2", "eu-west-3", "sa-east-1", "us-east-1", "us-east-2", "us-west-1", "us-west-2"$`, + expectedError: `^platform\.aws\.region: Unsupported value: "": supported values: "ap-northeast-1", "ap-northeast-2", "ap-south-1", "ap-southeast-1", "ap-southeast-2", "ca-central-1", "eu-central-1", "eu-west-1", "eu-west-2", "eu-west-3", "sa-east-1", "us-east-1", "us-east-2", "us-west-1", "us-west-2"$`, }, { name: "valid libvirt platform",