kOps - v1.25.0

Significant changes

• GCE cloud provider support has been promoted to stable.
• Hetzner cloud provider support has been promoted to beta.
• Karpenter support has been promoted to stable on Kubernetes versions 1.22, 1.23 and 1.24. Karpenter does not yet support Kubernetes above 1.25.
• IAM roles on AWS used for ServiceAccounts are now tagged with the name and namespace of the ServiceAccount.
• Cert Manager may now solve dns-01 challenges. See the cert manager documentation.
• Add support to --cordon-node-before-terminating on the cluster autoscaler addon (CordonNodeBeforeTerminating)
• EBS CSI driver can now be self-managed. See the addon docs.

Breaking changes

Cinder CSI snapthot controller changes

The CSI Cinder plugin for OpenStack will now only use the CSI snapshotter when the CSI snapshot controller is enabled in the cluster spec. This changes the default behavior where the CSI snaphotter container was always present, but spammed the log with error messages (see #13890). In case of manually deployed CRDs to make the snapshotter work it is now necessary to enable the snapshot controller.

Other breaking changes

• Support for Kubernetes version 1.19 has been removed.

Deprecations

• Support for Kubernetes version 1.20 is deprecated and will be removed in kOps 1.26.
• Support for Kubernetes version 1.21 is deprecated and will be removed in kOps 1.27.

What's Changed

• Release notes for 1.24.0-beta.1 by @hakman in https://github.com/kubernetes/kops/pull/13732
• Bump github.com/spf13/viper from 1.11.0 to 1.12.0 by @dependabot in https://github.com/kubernetes/kops/pull/13698
• Add GHA workflow for updating dependabot PRs by @rifelpet in https://github.com/kubernetes/kops/pull/13735
• Bump github.com/hashicorp/vault/api from 1.5.0 to 1.6.0 by @dependabot in https://github.com/kubernetes/kops/pull/13734
• Bump github.com/google/go-containerregistry from 0.8.0 to 0.9.0 by @dependabot in https://github.com/kubernetes/kops/pull/13720
• Bump helm.sh/helm/v3 from 3.8.2 to 3.9.0 by @dependabot in https://github.com/kubernetes/kops/pull/13733
• Only rewrite to k8s.gcr.io until k8s 1.25 by @rifelpet in https://github.com/kubernetes/kops/pull/13739
• Bump github.com/stretchr/testify from 1.7.1 to 1.7.2 by @dependabot in https://github.com/kubernetes/kops/pull/13738
• Update containerd and Docker versions by @hakman in https://github.com/kubernetes/kops/pull/13741
• Remove support for K8s 1.19 by @olemarkus in https://github.com/kubernetes/kops/pull/13742
• [DigitalOcean] Restart journald service on node startup by @srikiz in https://github.com/kubernetes/kops/pull/13717
• Drop older cilium versions and add support for k8s 1.25 by @olemarkus in https://github.com/kubernetes/kops/pull/13747
• Update AWS CCM images for k8s 1.20-1.22 by @hakman in https://github.com/kubernetes/kops/pull/13748
• Channels to have exit status 1 on apply failure by @olemarkus in https://github.com/kubernetes/kops/pull/13749
• Add support for setting mode field on file assets by @yurrriq in https://github.com/kubernetes/kops/pull/13715
• Revert "Use kubectl replace instead of apply when updating addons" by @hakman in https://github.com/kubernetes/kops/pull/13761
• Don't try to manage the kube-system namespace by @hakman in https://github.com/kubernetes/kops/pull/13764
• Run channels on upgrade e2e tests to verify addons are being applied by @olemarkus in https://github.com/kubernetes/kops/pull/13757
• Fix API group name for ingresses in DNS Controller by @julienperignon in https://github.com/kubernetes/kops/pull/13750
• Remove some unused legacy addons by @hakman in https://github.com/kubernetes/kops/pull/13765
• Bump nvidia device plugin to 0.12.0 by @ddelange in https://github.com/kubernetes/kops/pull/13745
• Update runc to v1.1.3 by @hakman in https://github.com/kubernetes/kops/pull/13763
• Fix namespace for cert manager webhook config by @olemarkus in https://github.com/kubernetes/kops/pull/13773
• Avoid spurious changes with ed25519 keys by @hakman in https://github.com/kubernetes/kops/pull/13774
• Make the cert-manager breaking change more visible. by @olemarkus in https://github.com/kubernetes/kops/pull/13780
• Bump go.uber.org/multierr from 1.6.0 to 1.8.0 by @dependabot in https://github.com/kubernetes/kops/pull/13782
• Bump github.com/aws/aws-sdk-go from 1.44.6 to 1.44.32 by @dependabot in https://github.com/kubernetes/kops/pull/13783
• Bump github.com/hashicorp/vault/api from 1.6.0 to 1.7.2 by @dependabot in https://github.com/kubernetes/kops/pull/13785
• Add back the metrics-server 443 port with a new name by @olemarkus in https://github.com/kubernetes/kops/pull/13779
• Fix broken node selector for node termination handler by @olemarkus in https://github.com/kubernetes/kops/pull/13781
• Bump google.golang.org/api from 0.81.0 to 0.83.0 by @dependabot in https://github.com/kubernetes/kops/pull/13784
• Release notes for 1.24.0-beta.2 by @olemarkus in https://github.com/kubernetes/kops/pull/13790
• Fix PDB api version for a set of addons by @olemarkus in https://github.com/kubernetes/kops/pull/13791
• Remove replaces from go.mod by @olemarkus in https://github.com/kubernetes/kops/pull/13789
• Remove core addons from addons by @hakman in https://github.com/kubernetes/kops/pull/13768
• Use exported interface to detect SSH key type by @AaronFriel in https://github.com/kubernetes/kops/pull/13805
• Use node.k8s.io/v1 API in the nvidia addon by @olemarkus in https://github.com/kubernetes/kops/pull/13806
• Merge the cilium templates by @olemarkus in https://github.com/kubernetes/kops/pull/13807
• fix tenv linter by @remyleone in https://github.com/kubernetes/kops/pull/13802
• Replace flexdriver with busybox by @zetaab in https://github.com/kubernetes/kops/pull/13809
• add support for varcheck linter by @remyleone in https://github.com/kubernetes/kops/pull/13801
• Depend on external cloud providers rather than cloud-providers-legacy by @olemarkus in https://github.com/kubernetes/kops/pull/13808
• bump k8s versions and ubuntu ami (aws) in alpha channel by @MoShitrit in https://github.com/kubernetes/kops/pull/13822
• chore(deps): Included dependency review by @naveensrinivasan in https://github.com/kubernetes/kops/pull/13651
• add metric port to nth deployment by @raffis in https://github.com/kubernetes/kops/pull/13811
• Recommend the latest kOps version in alpha & stable channels and add 1.24 to alpha by @MoShitrit in https://github.com/kubernetes/kops/pull/13823
• Ensure clusters with internal load balancers have a private subnet by @olemarkus in https://github.com/kubernetes/kops/pull/13793
• Update etcd-manager to v3.0.20220617 by @hakman in https://github.com/kubernetes/kops/pull/13824
• Use legacy-cloud-providers repo for the gcp provider dep by @olemarkus in https://github.com/kubernetes/kops/pull/13840
• Bump actions/dependency-review-action from 1 to 2 by @dependabot in https://github.com/kubernetes/kops/pull/13829
• Remove the removable replaces in kubetest2 by @olemarkus in https://github.com/kubernetes/kops/pull/13841
• Add kubetest2 scenario for testing many addons by @olemarkus in https://github.com/kubernetes/kops/pull/13828
• Skip known failing cilium e2e test by @olemarkus in https://github.com/kubernetes/kops/pull/13842
• Add manual job for updating dependencies by @hakman in https://github.com/kubernetes/kops/pull/13827
• Update dependencies by @github-actions in https://github.com/kubernetes/kops/pull/13843
• Do not run cluster autoscaler on spot instances by @olemarkus in https://github.com/kubernetes/kops/pull/13846
• Fix GCE resource tracking by @hakman in https://github.com/kubernetes/kops/pull/13857
• Adding GuestAccelerators to InstanceTemplate by @jonasasx in https://github.com/kubernetes/kops/pull/13707
• Align website and readme file by @sxt90128 in https://github.com/kubernetes/kops/pull/13862
• Limit GCE tag for role to 63 chars by @hakman in https://github.com/kubernetes/kops/pull/13866
• Promote alpha to stable by @MoShitrit in https://github.com/kubernetes/kops/pull/13868
• Clean-up firewall rules that contain targets with the cluster name hash by @hakman in https://github.com/kubernetes/kops/pull/13869
• Replace manifests after apply by @olemarkus in https://github.com/kubernetes/kops/pull/13819
• Bump kubetest2 to test rundir by @olemarkus in https://github.com/kubernetes/kops/pull/13870
• Release notes for 1.24.0-beta.3 by @olemarkus in https://github.com/kubernetes/kops/pull/13881
• Generate cli docs after updating dependencies by @hakman in https://github.com/kubernetes/kops/pull/13885
• Fix unexpected symbol error in update-deps workflow by @hakman in https://github.com/kubernetes/kops/pull/13886
• Update troubleshoot.md by @Deepak1100 in https://github.com/kubernetes/kops/pull/13891
• Update dependencies by @github-actions in https://github.com/kubernetes/kops/pull/13889
• Replace Dependabot with regular update-deps run by @hakman in https://github.com/kubernetes/kops/pull/13894
• Log errors from detachInstance by @olemarkus in https://github.com/kubernetes/kops/pull/13896
• increase backoff time when updating loadbalancer pool member by @zetaab in https://github.com/kubernetes/kops/pull/13854
• gce: Move out of beta, drop feature flag by @justinsb in https://github.com/kubernetes/kops/pull/13903
• Update CoreDNS to v1.9.3 by @hakman in https://github.com/kubernetes/kops/pull/13895
• gce: set ProvisioningModel on InstanceTemplate by @justinsb in https://github.com/kubernetes/kops/pull/13902
• Set Makefile GITSHA to the git sha instead of human 'readable' name by @olemarkus in https://github.com/kubernetes/kops/pull/13860
• Add validation for IRSA bucket name which contains dots by @h3poteto in https://github.com/kubernetes/kops/pull/13888
• Only fail an addon update if the final apply fails. Install PKI anyway by @olemarkus in https://github.com/kubernetes/kops/pull/13897
• Fix cleanup of firewall rules that contain targets with the cluster name hash by @hakman in https://github.com/kubernetes/kops/pull/13907
• Update Calico to v3.23.2 by @hakman in https://github.com/kubernetes/kops/pull/13908
• Release 1.25.0-alpha.1 by @hakman in https://github.com/kubernetes/kops/pull/13912
• Ignore the _rundir that kubetest2 now creates by @olemarkus in https://github.com/kubernetes/kops/pull/13914
• Remove obsolete protokube test for mirrored assets by @hakman in https://github.com/kubernetes/kops/pull/13916
• Use Calico v3.23 for Kubernetes 1.22+ by @hakman in https://github.com/kubernetes/kops/pull/13901
• gce: Refactor ClusterPrefixedName and ClusterSuffixedName to not return error by @hakman in https://github.com/kubernetes/kops/pull/13920
• Mount /etc/hosts from host for CoreDNS by @hakman in https://github.com/kubernetes/kops/pull/13922
• Wait longer after update in the e2e upgrade scenario by @olemarkus in https://github.com/kubernetes/kops/pull/13925
• Limit GCE names to 63 chars for various resources by @hakman in https://github.com/kubernetes/kops/pull/13873
• Make IRSA webhook configure apps to use regional STS and set the default region on them by @olemarkus in https://github.com/kubernetes/kops/pull/13926
• Use csi-snapshotter for OS only when the controller is enabled by @ederst in https://github.com/kubernetes/kops/pull/13890
• Make it possible to enable the shield addon for LBC by @olemarkus in https://github.com/kubernetes/kops/pull/13929
• Update Cilium to 1.11.6 by @ReillyBrogan in https://github.com/kubernetes/kops/pull/13917
• Limit GCE router name to 63 chars by @hakman in https://github.com/kubernetes/kops/pull/13932
• fix typos by @yojay11717 in https://github.com/kubernetes/kops/pull/13851
• Fix unsetting ASG max price by @olemarkus in https://github.com/kubernetes/kops/pull/13852
• Bump EBS CSI driver to 1.8.0 by @hakman in https://github.com/kubernetes/kops/pull/13939
• Revert "Add back the metrics-server 443 port with a new name" by @olemarkus in https://github.com/kubernetes/kops/pull/13940
• Add config drive as a source for OpenStack instance metadata by @ederst in https://github.com/kubernetes/kops/pull/13845
• Be more specific when filtering OS instance ports by @ederst in https://github.com/kubernetes/kops/pull/13861
• aws: introduce maximum instance lifetime in cluster by @sterchelen in https://github.com/kubernetes/kops/pull/13892
• Upgrade karpenter to 0.13.1 by @rifelpet in https://github.com/kubernetes/kops/pull/13918
• Fix broken links by @Ladicle in https://github.com/kubernetes/kops/pull/13942
• Set SpecOverrideFlag to true by default by @hakman in https://github.com/kubernetes/kops/pull/13955
• Release notes for 1.24.0 by @hakman in https://github.com/kubernetes/kops/pull/13959
• Fix release notes for 1.24.0 by @hakman in https://github.com/kubernetes/kops/pull/13960
• Use dynamic client for applying channels manifest rather than calling kubectl by @olemarkus in https://github.com/kubernetes/kops/pull/13753
• Add release 1.24.0 to channels by @hakman in https://github.com/kubernetes/kops/pull/13961
• Fix AWS IAM Authenticator nodeSelector in k8s 1.24 by @rifelpet in https://github.com/kubernetes/kops/pull/13965
• Remove non-functional scheduler annotations from addons by @rifelpet in https://github.com/kubernetes/kops/pull/13969
• Skip deregistering the instance during rolling update for Spotinst by @hakman in https://github.com/kubernetes/kops/pull/13970
• bump alpha channel k8s releases by @MoShitrit in https://github.com/kubernetes/kops/pull/13977
• Upgrade aws-iam-authenticator to v0.5.9 by @rifelpet in https://github.com/kubernetes/kops/pull/13979
• Update dependencies by @github-actions in https://github.com/kubernetes/kops/pull/13981
• Use only IPv4 for Hetzner servers by @hakman in https://github.com/kubernetes/kops/pull/13982
• Add option to set etcd-manager backup interval by @hakman in https://github.com/kubernetes/kops/pull/13975
• Add option to set number of replicas for pod-identity-webhook by @hakman in https://github.com/kubernetes/kops/pull/13986
• Adding GCE SPOT support by @jonasasx in https://github.com/kubernetes/kops/pull/13946
• Update etcd-manager to v3.0.20220717 by @hakman in https://github.com/kubernetes/kops/pull/13990
• Update Go to v1.18.4 by @hakman in https://github.com/kubernetes/kops/pull/13994
• Add S3_REGION to Hetzner docs by @tom-dudley in https://github.com/kubernetes/kops/pull/13987
• Update GitHub workflows by @hakman in https://github.com/kubernetes/kops/pull/13995
• Bump actions/setup-go from 3.2.0 to 3.2.1 by @dependabot in https://github.com/kubernetes/kops/pull/14002
• Add missing namespace to external-dns Service by @rifelpet in https://github.com/kubernetes/kops/pull/14001
• Upgrade DO CSI controller to 4.2.0 by @rifelpet in https://github.com/kubernetes/kops/pull/14005
• Applier should be more tolerant of errors by @justinsb in https://github.com/kubernetes/kops/pull/13963
• Switch to latest MacOS version for CI by @hakman in https://github.com/kubernetes/kops/pull/14015
• delete t.FailNow after t.Fatalf by @Abirdcfly in https://github.com/kubernetes/kops/pull/14014
• fix hyperlinks in calico docs by @mostafahussein in https://github.com/kubernetes/kops/pull/14016
• Update dependencies by @github-actions in https://github.com/kubernetes/kops/pull/14022
• Revert to using instance private DNS name to lookup hostname by @hakman in https://github.com/kubernetes/kops/pull/14024
• Add server group management for Hetzner by @hakman in https://github.com/kubernetes/kops/pull/14018
• promote alpha k8s versions to stable by @MoShitrit in https://github.com/kubernetes/kops/pull/14029
• Update Calico and Canal to v3.23.3 by @hakman in https://github.com/kubernetes/kops/pull/14009
• Update etcd-manager to v3.0.20220727 by @hakman in https://github.com/kubernetes/kops/pull/14038
• Update continuous_integration.md by @yurrriq in https://github.com/kubernetes/kops/pull/14032
• Check keyset existence before attempting to distrust by @yurrriq in https://github.com/kubernetes/kops/pull/14041
• Make control plane size configurable in kops-up by @olemarkus in https://github.com/kubernetes/kops/pull/14036
• Do not allow PodSecurityPolicy using K8s 1.25 by @olemarkus in https://github.com/kubernetes/kops/pull/14045
• Fix SIGSEGV when deleting a Hetzner instance by @hakman in https://github.com/kubernetes/kops/pull/14046
• Use cabundle for etcd CA files to fix key rotation in HA clusters by @olemarkus in https://github.com/kubernetes/kops/pull/14054
• Use stable kops release for kops 1.21 by @olemarkus in https://github.com/kubernetes/kops/pull/14056
• Remove namespaces from cluster-scoped resources in CNI manifests by @rifelpet in https://github.com/kubernetes/kops/pull/14053
• Update dependencies by @github-actions in https://github.com/kubernetes/kops/pull/14055
• Enable rolling updates for Hetzner by @hakman in https://github.com/kubernetes/kops/pull/14034
• Release notes for 1.22.6 by @justinsb in https://github.com/kubernetes/kops/pull/14062
• Release notes for 1.23.3 by @justinsb in https://github.com/kubernetes/kops/pull/14063
• Wait for load balancer to be ready for Hetzner by @hakman in https://github.com/kubernetes/kops/pull/14057
• Add multiple SSH keys support for Hetzner by @hakman in https://github.com/kubernetes/kops/pull/14058
• Release 1.25.0-alpha.2 by @hakman in https://github.com/kubernetes/kops/pull/14070
• Release notes for 1.24.1 by @hakman in https://github.com/kubernetes/kops/pull/14073
• Use SSA for updating addon channel objects by @olemarkus in https://github.com/kubernetes/kops/pull/14074
• Merge cmd factories by @olemarkus in https://github.com/kubernetes/kops/pull/14075
• Remove passing cluster name as positional argument by @olemarkus in https://github.com/kubernetes/kops/pull/14076
• Allow configuring OpenStack CCM networking options by @ederst in https://github.com/kubernetes/kops/pull/14017
• Upgrade kubetest2 by @rifelpet in https://github.com/kubernetes/kops/pull/14061
• Fix Karpenter IAM permissions and make karpenter respect IG subnets by @olemarkus in https://github.com/kubernetes/kops/pull/14077
• Remove --files flag from channels and make single arg mandatory by @olemarkus in https://github.com/kubernetes/kops/pull/14082
• Fix typo in channels error message by @rifelpet in https://github.com/kubernetes/kops/pull/14083
• Set higher verbosity when logging the endpoint of non-AWS S3 backend by @hakman in https://github.com/kubernetes/kops/pull/14084
• aws-ebs-csi-driver: remove preStop hook by @sterchelen in https://github.com/kubernetes/kops/pull/14081
• Hide klog flags from --help output by @justinsb in https://github.com/kubernetes/kops/pull/14088
• Positional deprecation warning should go to stderr by @justinsb in https://github.com/kubernetes/kops/pull/14089
• Add back conversion struct to cert-manager CRDs by @olemarkus in https://github.com/kubernetes/kops/pull/14087
• Support kube-scheduler config by @justinsb in https://github.com/kubernetes/kops/pull/13618
• Add option to configure runc version for containerd by @hakman in https://github.com/kubernetes/kops/pull/14090
• Add template for e2e test with cpuManagerPolicy: static by @olemarkus in https://github.com/kubernetes/kops/pull/14092
• Update dependencies by @github-actions in https://github.com/kubernetes/kops/pull/14094
• Add support for ci and stable builds in upgrade-ab script by @olemarkus in https://github.com/kubernetes/kops/pull/14095
• Add hashes for containerd v1.6.7 by @hakman in https://github.com/kubernetes/kops/pull/14093
• Test the aws ebs csi driver in e2e if installed by @olemarkus in https://github.com/kubernetes/kops/pull/14098
• Specify the full url for CI versions in upgrade-ab tests by @olemarkus in https://github.com/kubernetes/kops/pull/14099
• Bump AWS CNI to 1.11.3 by @MoShitrit in https://github.com/kubernetes/kops/pull/14107
• Update containerd to v1.6.8 by @hakman in https://github.com/kubernetes/kops/pull/14106
• Don't add previous-gen instances to Karpenter provisioners by @olemarkus in https://github.com/kubernetes/kops/pull/14109
• Skip testing the in-tree aws-ebs driver if CSI driver is enabled by @olemarkus in https://github.com/kubernetes/kops/pull/14110
• cilium: fix wrong pod annotations templating by @sterchelen in https://github.com/kubernetes/kops/pull/14111
• Add deployment-specific selectors to nth pdb by @olemarkus in https://github.com/kubernetes/kops/pull/14113
• Disable some flags in kube-controller-manager and kube-scheduler when logging-format is not text by @h3poteto in https://github.com/kubernetes/kops/pull/14115
• Use semver for skipregex ifs instead of strings.Contains by @olemarkus in https://github.com/kubernetes/kops/pull/14112
• Update dependencies by @github-actions in https://github.com/kubernetes/kops/pull/14116
• Fix more e2e skips by @olemarkus in https://github.com/kubernetes/kops/pull/14124
• Create etcd-manager config for each instance group by @hakman in https://github.com/kubernetes/kops/pull/14080
• Revert back to using kubectl in channels by @olemarkus in https://github.com/kubernetes/kops/pull/14125
• Limit GCE network names to 63 chars by @hakman in https://github.com/kubernetes/kops/pull/14134
• Bump the CCM images by @olemarkus in https://github.com/kubernetes/kops/pull/14130
• Update Go to v1.19.0 by @hakman in https://github.com/kubernetes/kops/pull/14135
• Bump cilium to 1.11.8 by @olemarkus in https://github.com/kubernetes/kops/pull/14137
• Revert "Remove passing cluster name as positional argument" by @olemarkus in https://github.com/kubernetes/kops/pull/14138
• Remove life cycle hooks when warmpool is disabled by @olemarkus in https://github.com/kubernetes/kops/pull/14141
• Update dependencies by @github-actions in https://github.com/kubernetes/kops/pull/14144
• Bump Karpenter to 0.15 and enable consolidation by @olemarkus in https://github.com/kubernetes/kops/pull/14142
• Add more create_cluster integration tests by @olemarkus in https://github.com/kubernetes/kops/pull/14147
• Add more cluster_update tests by @olemarkus in https://github.com/kubernetes/kops/pull/14148
• Plug the IAM role leak by @olemarkus in https://github.com/kubernetes/kops/pull/14151
• Write the user provided IG spec to state store instead of the full spec by @olemarkus in https://github.com/kubernetes/kops/pull/14127
• Add default image for CAS that exists by @olemarkus in https://github.com/kubernetes/kops/pull/14150
• Introduce library for applying objects by @justinsb in https://github.com/kubernetes/kops/pull/14030
• Bump k8s releases and Ubuntu AMI version in Alpha by @MoShitrit in https://github.com/kubernetes/kops/pull/14152
• Ignore entities not found when deleting IAM roles and profiles by @olemarkus in https://github.com/kubernetes/kops/pull/14153
• Bump actions/dependency-review-action from 2.0.4 to 2.1.0 by @dependabot in https://github.com/kubernetes/kops/pull/14156
• Bump peter-evans/create-pull-request from 4.0.4 to 4.1.1 by @dependabot in https://github.com/kubernetes/kops/pull/14157
• Fix no such entity check for iam profiles and roles by @olemarkus in https://github.com/kubernetes/kops/pull/14155
• Update and clean up etcdcli and etcd backup documentation by @olemarkus in https://github.com/kubernetes/kops/pull/14158
• Fix bugs and typo in iam resource deletion logic by @olemarkus in https://github.com/kubernetes/kops/pull/14159
• Fix test package location when using k8s ci versions in the upgrade AB scenario by @olemarkus in https://github.com/kubernetes/kops/pull/14161
• Don't set unused test package flags to empty string by @olemarkus in https://github.com/kubernetes/kops/pull/14163
• Fix the non-ci markers by @olemarkus in https://github.com/kubernetes/kops/pull/14166
• Trim space around SSH public key by @hakman in https://github.com/kubernetes/kops/pull/14168
• Bump K8s libs to 0.25.0 by @olemarkus in https://github.com/kubernetes/kops/pull/14167
• Tag IAM Roles with service account info by @rifelpet in https://github.com/kubernetes/kops/pull/13052
• Fix policy API version for LBC and NTH by @olemarkus in https://github.com/kubernetes/kops/pull/14169
• Skip tests related to metadata concealment on GCE k8s <= 1.23 by @olemarkus in https://github.com/kubernetes/kops/pull/14170
• Bump karpenter to 0.16 by @olemarkus in https://github.com/kubernetes/kops/pull/14173
• Allow self-managed aws-ebs-csi-driver by @torredil in https://github.com/kubernetes/kops/pull/14164
• Bump node termination handler to 1.17.0 by @olemarkus in https://github.com/kubernetes/kops/pull/14177
• Bump AWS Load Balancer Controller to v2.4.3 by @olemarkus in https://github.com/kubernetes/kops/pull/14178
• Merge kubeletConfigs earlier by @olemarkus in https://github.com/kubernetes/kops/pull/14114
• Add Terraform target support for Hetzner by @hakman in https://github.com/kubernetes/kops/pull/14179
• Bump Cert Manager to 1.9.1 by @olemarkus in https://github.com/kubernetes/kops/pull/14180
• Bump snapshot-controller to 6.0.1 by @olemarkus in https://github.com/kubernetes/kops/pull/14184
• Bump the nvidia addon by @olemarkus in https://github.com/kubernetes/kops/pull/14185
• Update runc to v1.1.4 by @hakman in https://github.com/kubernetes/kops/pull/14188
• Bump node local dns cache to 1.22.8 by @olemarkus in https://github.com/kubernetes/kops/pull/14187
• Update cloud.google.com/go/storage to v1.25.0 by @hakman in https://github.com/kubernetes/kops/pull/14191
• Update dependencies by @github-actions in https://github.com/kubernetes/kops/pull/14190
• OIDC: Tolerate extra service-account key set items by @seh in https://github.com/kubernetes/kops/pull/14175
• Bump external-dns to 0.12.2 by @olemarkus in https://github.com/kubernetes/kops/pull/14193
• Update CSI driver to latest for Hetzner by @hakman in https://github.com/kubernetes/kops/pull/14186
• Map up kubelet config to karpenter provisioners and add CCM startup taint by @olemarkus in https://github.com/kubernetes/kops/pull/14183
• Fix karpenter update test by @olemarkus in https://github.com/kubernetes/kops/pull/14199
• Bump actions/setup-go from 3.2.1 to 3.3.0 by @dependabot in https://github.com/kubernetes/kops/pull/14200
• Use runpath for kubectl binary by @olemarkus in https://github.com/kubernetes/kops/pull/14198
• Promote alpha to stable by @MoShitrit in https://github.com/kubernetes/kops/pull/14202
• Run etcd-manager with instance group name as volume name tag for Hetzner by @hakman in https://github.com/kubernetes/kops/pull/14181
• Show the reason for which an AWS image is invalid by @hakman in https://github.com/kubernetes/kops/pull/14206
• Calico: Work around host port/conntrack problem by @seh in https://github.com/kubernetes/kops/pull/14205
• Update etcd-manager to v3.0.20220831 by @hakman in https://github.com/kubernetes/kops/pull/14208
• Bumping AWS CCM to 1.25 by @olemarkus in https://github.com/kubernetes/kops/pull/14207
• Release 1.25.0-beta.1 by @hakman in https://github.com/kubernetes/kops/pull/14210
• Automated cherry pick of #14226: Update Flannel to v0.19.2 by @hakman in https://github.com/kubernetes/kops/pull/14238
• Automated cherry pick of #14215: AWS IAM Role listing: don't ignore "other" errors by @hakman in https://github.com/kubernetes/kops/pull/14227
• Automated cherry pick of #14223: Remove warning for FindClusterStatus not implemented for by @hakman in https://github.com/kubernetes/kops/pull/14228
• Automated cherry pick of #14225: Update Calico to v3.24.1 by @hakman in https://github.com/kubernetes/kops/pull/14239
• Automated cherry pick of #14235: Bump cluster-autoscaler images by @olemarkus in https://github.com/kubernetes/kops/pull/14240
• Automated cherry pick of #14229: Add support for cert-manager dns-01 challenges by @olemarkus in https://github.com/kubernetes/kops/pull/14241
• Automated cherry pick of #14236: Add support to --cordon-node-before-terminating on the by @olemarkus in https://github.com/kubernetes/kops/pull/14242
• Automated cherry pick of #14244: aws-node-termination-handler: Add option to fetch node name by @olemarkus in https://github.com/kubernetes/kops/pull/14245
• Automated cherry pick of #14254: Fix CAS cordon flag by @olemarkus in https://github.com/kubernetes/kops/pull/14256
• Automated cherry pick of #14255: AWS LBC needs ec2:DescribeVpcPeeringConnections for IPv6 by @hakman in https://github.com/kubernetes/kops/pull/14259
• Automated cherry pick of #14260: Bump verbosity level for some log statements by @olemarkus in https://github.com/kubernetes/kops/pull/14261
• Automated cherry pick of #13853: Fix openstack tag limitation by @hakman in https://github.com/kubernetes/kops/pull/14263
• Automated cherry pick of #14251: Warm pool-enabled ASGs scaled to zero will no longer panic by @hakman in https://github.com/kubernetes/kops/pull/14266
• Automated cherry pick of #14265: bump aws-cni to version 1.11.4 by @MoShitrit in https://github.com/kubernetes/kops/pull/14273
• Automated cherry pick of #14272: remove 'get' from aws-cni clusterRole to reflect by @hakman in https://github.com/kubernetes/kops/pull/14274
• Automated cherry pick of #14282: Delete the oldest servers when over the desired count for by @hakman in https://github.com/kubernetes/kops/pull/14283
• Automated cherry pick of #14287: Add test for ensuring taints are merged correctly by @zetaab in https://github.com/kubernetes/kops/pull/14289
• Automated cherry pick of #14290: User IG without image should be allowed by @hakman in https://github.com/kubernetes/kops/pull/14292
• Automated cherry pick of #14291: Bump tests to supported k8s version by @hakman in https://github.com/kubernetes/kops/pull/14293
• Automated cherry pick of #14294: Add support for using an existing network for Hetzner by @hakman in https://github.com/kubernetes/kops/pull/14296
• Automated cherry pick of #14297: Update Hetzner CCM to v1.13.0 by @hakman in https://github.com/kubernetes/kops/pull/14298
• Automated cherry pick of #14299: hetzner: Move out of alpha and drop feature flag by @hakman in https://github.com/kubernetes/kops/pull/14300
• Release 1.25.0 by @hakman in https://github.com/kubernetes/kops/pull/14304

New Contributors

• @julienperignon made their first contribution in https://github.com/kubernetes/kops/pull/13750
• @AaronFriel made their first contribution in https://github.com/kubernetes/kops/pull/13805
• @remyleone made their first contribution in https://github.com/kubernetes/kops/pull/13802
• @raffis made their first contribution in https://github.com/kubernetes/kops/pull/13811
• @jonasasx made their first contribution in https://github.com/kubernetes/kops/pull/13707
• @sxt90128 made their first contribution in https://github.com/kubernetes/kops/pull/13862
• @Deepak1100 made their first contribution in https://github.com/kubernetes/kops/pull/13891
• @Ladicle made their first contribution in https://github.com/kubernetes/kops/pull/13942
• @tom-dudley made their first contribution in https://github.com/kubernetes/kops/pull/13987
• @Abirdcfly made their first contribution in https://github.com/kubernetes/kops/pull/14014
• @mostafahussein made their first contribution in https://github.com/kubernetes/kops/pull/14016
• @torredil made their first contribution in https://github.com/kubernetes/kops/pull/14164

Full Changelog: https://github.com/kubernetes/kops/compare/v1.24.0-beta.1...v1.25.0