Releases: kubernetes-sigs/kernel-module-management
Releases · kubernetes-sigs/kernel-module-management
v2.1.1
Bug fixes
🎮 Smaller footprint in managed mode.
The following controllers are not started in managed mode (KMM_MANAGED=1) anymore:
BuildSignReconcilerPreflightValidation
In managed mode, we assume compute-intensive tasks are run by the Hub, hence those controllers serve no purpose and will not be started anymore.
➕ Normalize kernel version in labels and image tags
The kernel version can contain some special characters like + that cannot be used neither in a Kubernetes label value nor in a container image tag.
KMM will now convert all those characters to an underscore _ so that this value can be properly used internally as a resource labels or externally as container image tag.
The kernel mapping logic does not change; in literal or regexp fields, you should still target the kernel version as reported by the kubelet (in the Node resource's .status.nodeInfo.kernelVersion field).
Installing
Using OLM (recommended)
Follow the installations instructions at OperatorHub.io for KMM or KMM-Hub.
Using make
git fetch
git checkout v2.1.1
# For KMM
make deploy IMAGE_TAG=v20240618-v2.1.1
# For KMM-Hub
make deploy-hub IMAGE_TAG=v20240618-v2.1.1Full Changelog: v2.1.0...v2.1.1
v2.1.0
New features & improvements
⏳ Optional delay for the garbage collection of build pods
The new job.gcDelay operator setting allows specifying a duration for which successful build & signing pods should be kept before they are garbage-collected.
🛂 Separate deployment for the webhook server
The webhook server is now running as a separate Deployment.
📜 CRD changes
Module
Added inTreeModulesToRemove to allow specifying a list of in-tree modules to be removed before the main out-of-tree module is loaded.
The old inTreeModuleToRemove field is still present, but deprecated.
PreflightValidation
Added version v1beta2 with a new status subresource that is compliant with OpenAPI guidelines.
Version v1beta1 is still served.
🧹 Miscellaneous
cert-manager is not a required dependency anymore when KMM is instsalled via OLM.
Images are now built with Go 1.22.
Installing
Using OLM (recommended)
Follow the installations instructions at OperatorHub.io for KMM or KMM-Hub.
Using make
git fetch
git checkout v2.1.0
# For KMM
make deploy IMAGE_TAG=v20240425-v2.1.0
# For KMM-Hub
make deploy-hub IMAGE_TAG=v20240425-v2.1.0Changelog
List of pull requests included in this release
- adapting Device Plugin status report in Module to v.2 by @yevgeny-shnaidman in #606
- Update webhook validation for name+namespace length by @yevgeny-shnaidman in #607
- Restructure Worker Pod secrets' volumes' names by @yevgeny-shnaidman in #610
- Bump sigs.k8s.io/controller-runtime from 0.16.2 to 0.16.3 by @dependabot in #613
- Bump k8s.io/kubectl from 0.28.2 to 0.28.3 by @dependabot in #614
- Set the worker restart policy to
OnFailureby @qbarrand in #609 - Bump github.com/onsi/gomega from 1.28.0 to 1.28.1 by @dependabot in #618
- adapting Worker Pods status report in Module to v.2 by @yevgeny-shnaidman in #619
- Bump sigs.k8s.io/yaml from 1.3.0 to 1.4.0 by @dependabot in #620
- Bump google.golang.org/grpc from 1.54.0 to 1.56.3 by @dependabot in #623
- Bump github.com/go-logr/logr from 1.2.4 to 1.3.0 by @dependabot in #625
- Bump github.com/onsi/gomega from 1.28.1 to 1.29.0 by @dependabot in #624
- Bump golang.org/x/text from 0.13.0 to 0.14.0 by @dependabot in #629
- Bump github.com/spf13/cobra from 1.7.0 to 1.8.0 by @dependabot in #628
- Bump klog and use the new constructor by @qbarrand in #630
- Bump memory limit to 384Mi by @qbarrand in #631
- Bump github.com/onsi/gomega from 1.29.0 to 1.30.0 by @dependabot in #632
- Bump github.com/onsi/ginkgo/v2 from 2.13.0 to 2.13.1 by @dependabot in #635
- Rename controller-manager to controller by @qbarrand in #636
- Revert some changes to kustomization.yaml by @qbarrand in #637
- Do not set
createdAtmanually in the CSV by @qbarrand in #641 - Bump Kubernetes dependencies to 0.28.4 by @qbarrand in #643
- Bump github.com/docker/docker from 24.0.0+incompatible to 24.0.7+incompatible by @dependabot in #626
- Allow the controller to delete NodeModulesConfigs by @qbarrand in #645
- Bump OpenTelemetry dependencies by @qbarrand in #647
- Install go before initializing CodeQL by @qbarrand in #648
- Bump github.com/onsi/ginkgo/v2 from 2.13.1 to 2.13.2 by @dependabot in #650
- Update docs for v2.0.0 by @qbarrand in #652
- Bump actions/setup-go from 4 to 5 by @dependabot in #653
- Bump alpine from 3.18 to 3.19 by @dependabot in #654
- Update ordered upgrade docs for v2 by @qbarrand in #657
- Docs typo - Use Cases -
module.namenotmodule-nameby @pcolledg-amd in #656 - Bump client-go to v0.29.0 by @qbarrand in #663
- Bump github/codeql-action from 2 to 3 by @dependabot in #658
- Bump
actions/{up,down}load-artifactby @qbarrand in #667 - Extract links from kmod images by @qbarrand in #651
- Bump github.com/google/go-containerregistry from 0.16.1 to 0.17.0 by @dependabot in #649
- Remove deprecated module ready labels on nodes by @qbarrand in #668
- Bump golang.org/x/crypto from 0.14.0 to 0.17.0 by @dependabot in #669
- Fix handling of unknown kernels by @qbarrand in #670
- Bump github.com/containerd/containerd from 1.7.10 to 1.7.11 by @dependabot in #671
- Making GetModuleReady/GetDevicePluginReadyLabels functions public by @yevgeny-shnaidman in #672
- Bump go.uber.org/mock from 0.3.0 to 0.4.0 by @dependabot in #674
- Build / sign: handle all owner kinds by @qbarrand in #673
- Refactor worker to support different type of image to be mounted by @yevgeny-shnaidman in #677
- Bump github.com/go-logr/logr from 1.3.0 to 1.4.1 by @dependabot in #676
- Bump github.com/prometheus/client_golang from 1.17.0 to 1.18.0 by @dependabot in #678
- Fixing DevicePlugin upgrade from v1.x to v2.x by @yevgeny-shnaidman in #679
- Removing
ci/kmm-kmod/Dockerfilefrom the CI files. by @ybettan in #680 - Add extra label for controllers to install at worker nodes by @enriquebelarte in #683
- Create a helper interface for mounting OCI images by @yevgeny-shnaidman in #686
- Bump k8s.io/klog/v2 from 2.110.1 to 2.120.0 by @dependabot in #688
- Update docs to v2.0.1 by @qbarrand in #689
- Bump github.com/onsi/ginkgo/v2 from 2.13.2 to 2.14.0 by @dependabot in #690
- re-factoring worker's main and funcs_kmods by @yevgeny-shnaidman in #691
- Bump k8s.io/kubectl from 0.29.0 to 0.29.1 by @dependabot in #696
- Bump actions/cache from 3 to 4 by @dependabot in #698
- Bump sigs.k8s.io/controller-runtime from 0.16.3 to 0.17.0 by @dependabot in #692
- Bump github.com/onsi/gomega from 1.30.0 to 1.31.0 by @dependabot in #699
- Bump github.com/onsi/ginkgo/v2 from 2.14.0 to 2.15.0 by @dependabot in #702
- Bump k8s.io/klog/v2 from 2.120.0 to 2.120.1 by @dependabot in #701
- Bump github.com/google/go-containerregistry from 0.17.0 to 0.18.0 by @dependabot in #700
- Bump github.com/docker/docker from 24.0.7+incompatible to 2...
Contributors
qbarrand, pcolledg-amd, and 4 other contributors
Assets 2
v2.0.2
New features & improvements
🛂 Webhook for namespace deletion
A validating webhook will now verify that namespaces do not contain any Module resource before they can be deleted.
This avoids entering situations where the namespace is being deleted and KMM cannot create unloading Pods to honor Module deletion.
📜 CRD changes
Module: make moduleName an optional fieldManagedClusterModule: make spokeNamespace a required field
🧹 Miscellaneous
Bug fixes.
Installing
Using OLM (recommended)
Follow the installations instructions at OperatorHub.io for KMM or KMM-Hub.
Using make
git fetch
git checkout v2.0.2
# For KMM
make deploy IMAGE_TAG=v20240306-v2.0.2
# For KMM-Hub
make deploy-hub IMAGE_TAG=v20240306-v2.0.2Changelog
Full Changelog: v2.0.1...v2.0.2
Contributors
qbarrand
Assets 2
v2.0.1
New features & improvements
🔗 Symlink support
The worker pod now extracts symbolic links from the kmod image. This means that Dockerfiles can now create symlinks from /opt/lib/modules/${kernelVersion}/host to /lib/modules/${kernelVersion} prior to running depmod to have it figure out dependencies on in-tree kmods from the host's filesystem.
🔧 New selector for the controller
The KMM operator will now run on nodes labeled with kmm.node.kubernetes.io/control-plane: ''.
This should be especially helpful in clusters without master nodes, such as HyperShift, GKE, AKS or EKS.
🧹 Miscellaneous
Bug fixes.
Installing
Using OLM (recommended)
Follow the installations instructions at OperatorHub.io for KMM or KMM-Hub.
Using make
git fetch
git checkout release-2.0
# For KMM
make deploy IMAGE_TAG=v20240131-v2.0.1
# For KMM-Hub
make deploy-hub IMAGE_TAG=v20240131-v2.0.1Changelog
List of pull requests included in this release
- [release-2.0] Add commits for v2.0.1 by @qbarrand in #681
- Extract links from kmod images by @qbarrand in #682
- [release-2.0] Add extra label for controllers to install at worker nodes by @k8s-infra-cherrypick-robot in #685
- [release-2.0]
s/RELATED_IMAGES_/RELATED_IMAGE_/by @k8s-infra-cherrypick-robot in #711 - [release-2.0] Allow the Hub to patch pods by @k8s-infra-cherrypick-robot in #721
New Contributors
- @k8s-infra-cherrypick-robot made their first contribution in #685
Full Changelog: v2.0.0...v2.0.1
Contributors
qbarrand and k8s-infra-cherrypick-robot
Assets 2
v2.0.0
New features & improvements
👷🏻 Worker Pods
The operator now creates short-lived, standalone worker Pods to load kmods instead of long-running DaemonSets.
This change improves the reliability of kmod unloads and significantly reduces resource utilization on both worker nodes and the control plane.
ℹ️ Events
The KMM operator now emits events:
- on build & signing job creation, completion or failure (attached to the
Module); - on kmod load or unload (attached to the
Node).
💾 Binary firmwares
The firmware_class.path kernel parameter, which configures an alternate firmware lookup path, can now be set on all nodes before the kmod is loaded.
This feature is disabled by default and must be enabled in the operator configuration.
Installing
Using OLM (recommended)
Follow the installations instructions at OperatorHub.io for KMM or KMM-Hub.
Using make
git fetch
git checkout release-2.0
# For KMM
make deploy IMAGE_TAG=v20231130-v2.0.0
# For KMM-Hub
make deploy-hub IMAGE_TAG=v20231130-v2.0.0Changelog
List of pull requests included in this release
- Set the tag of related images when building bundles by @qbarrand in #425
- Fix a command in cloudbuild.yaml by @qbarrand in #427
- Inject the webhook CA into the validated CRDs by @qbarrand in #429
- Make cert-manager an OLM dependency of KMM by @qbarrand in #432
- Adding ordered upgrade documentation by @yevgeny-shnaidman in #431
- additional fixes for ordered upgrade doc by @yevgeny-shnaidman in #434
- Bump github.com/onsi/gomega from 1.27.7 to 1.27.8 by @dependabot in #435
- Bump github.com/onsi/ginkgo/v2 from 2.9.7 to 2.10.0 by @dependabot in #436
- Bump github.com/go-openapi/swag from 0.22.3 to 0.22.4 by @dependabot in #437
- Bump github.com/docker/distribution from 2.8.1+incompatible to 2.8.2+incompatible by @dependabot in #439
- Bump k8s.io/client-go from 0.27.2 to 0.27.3 by @dependabot in #443
- Add 1.1 docs by @qbarrand in #438
- Enforce name and namespace length in the webhook by @qbarrand in #445
- Do not require pods to have a
.spec.nodeNameby @qbarrand in #446 - Bump github.com/prometheus/client_golang from 1.15.1 to 1.16.0 by @dependabot in #447
- Use strings.Repeat and fix a typo by @qbarrand in #449
- Replace deprecated command with environment file by @jongwooo in #451
- Bump github.com/onsi/ginkgo/v2 from 2.10.0 to 2.11.0 by @dependabot in #453
- Bump k8s.io/kubectl from 0.27.2 to 0.27.3 by @dependabot in #441
- Add a script generating files for OperatorHub.io by @qbarrand in #302
- Quote arguments in modprobe commands by @qbarrand in #456
- Upgrade support between v1.02 and v1.1 by @yevgeny-shnaidman in #454
- Add further checks on Module version by @qbarrand in #457
- Fix the ordered upgrade documentation by @qbarrand in #459
- Add documentation for Hub & Spoke by @qbarrand in #460
- Fixing ModuleLoader recreation during Node reboot by @yevgeny-shnaidman in #464
- adding NodeModulesState type by @yevgeny-shnaidman in #480
- Bump k8s.io/kubectl from 0.27.3 to 0.27.4 by @dependabot in #485
- adding ModuleConfig struct to NodeModulesSpec by @yevgeny-shnaidman in #481
- Add a proposal for worker Pods in KMM by @qbarrand in #463
- Bump github.com/onsi/gomega from 1.27.8 to 1.27.9 by @dependabot in #486
- Bump github.com/onsi/gomega from 1.27.9 to 1.27.10 by @dependabot in #489
- introducing
nmcpackage by @yevgeny-shnaidman in #487 - Fix race condition for Node reboot issue by @yevgeny-shnaidman in #494
- Add the worker application by @qbarrand in #491
- Add Cloud Build configuration for the worker image by @qbarrand in #496
- Document default DaemonSet image pull policy by @qbarrand in #499
- updating skipper Dockerfile to base image of Golang 1.20 by @yevgeny-shnaidman in #497
- Move to a maintained fork of gomock by @qbarrand in #500
- Require Go to 1.20 in go.mod by @qbarrand in #498
- Introducing Module-to-NMC reconciliation logic by @yevgeny-shnaidman in #495
- Bump github.com/google/go-containerregistry from 0.15.2 to 0.16.1 by @dependabot in #501
- Adding NotFound error to the GetMLD API by @yevgeny-shnaidman in #502
- Bump sigs.k8s.io/controller-runtime from 0.15.0 to 0.15.1 by @dependabot in #505
- Introducing Module-NMC controller by @yevgeny-shnaidman in #503
- In case NMC does not exists, Get should return NotFound error by @yevgeny-shnaidman in #510
- Replacing Jobs with Pods in the building/signing features. by @ybettan in #504
- Add
NodeModulesConfigstatus management functions by @qbarrand in #514 - Bump golang from 1.20-alpine3.18 to 1.21-alpine3.18 by @dependabot in #516
- Module deleted scenario in Module-NMC controller by @yevgeny-shnaidman in #518
- Add the NodeModulesConfig controller by @qbarrand in #513
- Fixing panic in case worker pod has failed by @yevgeny-shnaidman in #523
- Bump k8s.io/client-go from 0.27.4 to 0.28.0 by @dependabot in #525
- Bump k8s.io/kubectl from 0.27.4 to 0.28.0 by @dependabot in #526
- Move
controllerstointernal/controllersby @qbarrand in #519 - Bump github.com/onsi/ginkgo/v2 from 2.11.0 to 2.12.0 by @dependabot in #531
- Fixing Unloading Kmod on a previously failed Load Pod by @yevgeny-shnaidman in #530
- Adding Makefile target for worker image creation by @yevgeny-shnaidman in #532
- Make the worker user owner of
/mnt/imgby @yevgeny-shnaidman in #522 - Bump k8s.io/client-go from 0.28.0 to 0.28.1 by @dependabot in #536
- Reconfigure worker pod capabilities by @yevgeny-shnaidman in #537
- Fixing Unload Pod not being created on Module deletion by @yevgeny-shnaidman in #539
- Bump k8s.io/kubectl from 0.28.0 to 0.28.1 by @dependabot in #533
- Add pull secrets support for the worker by @qbarrand in https://github.com/kubernetes-sigs...
Contributors
mresvanis, qbarrand, and 5 other contributors
Assets 2
v1.1.0
KMM 1.1 includes the following improvements:
- the new
versionfield of theModuleCRD gives users better control on the kmod upgrade process through node labels; - soft dependencies can now be specified using the new
modulesLoadingOrderfield of theModuleCRD; - a validating webhook now performs thorough checks on
ModuleandManagedClusterModuleresources when they are created or updated; - the new
inTreeModuleToRemovefield of theModuleCRD allows users to unload an in-tree kmod; - the
MOD_NAMEandMOD_NAMESPACEvariables are now substituted in thecontainerImagefield and are available as default build arguments for build jobs.
Installing
KMM 1.1 depends on cert-manager.
Both installation methods outlined below install it automatically.
Using make
git fetch
git checkout release-1.1
# For KMM
make deploy IMAGE_TAG=v20230606-v1.1.0
# For KMM-Hub
make deploy-hub IMAGE_TAG=v20230606-v1.1.0Using operator-sdk
When using this method, KMM and KMM-Hub have to be installed in separate namespaces.
# For KMM
operator-sdk run bundle gcr.io/k8s-staging-kmm/kernel-module-management-operator-bundle:v20230606-v1.1.0
# For KMM-Hub
operator-sdk run bundle gcr.io/k8s-staging-kmm/kernel-module-management-operator-hub-bundle:v20230606-v1.1.0Changelog
List of pull requests included in this release
- Bump github.com/onsi/ginkgo/v2 from 2.7.0 to 2.7.1 by @dependabot in #272
- Bump sigs.k8s.io/controller-runtime from 0.14.1 to 0.14.2 by @dependabot in #271
- Fixing documentation by @yevgeny-shnaidman in #275
- Bump github.com/onsi/ginkgo/v2 from 2.7.1 to 2.8.0 by @dependabot in #273
- Fix KMM Hub scheme and permissions by @mresvanis in #276
- Mention Pod Security Admission in the docs by @qbarrand in #279
- Add a troubleshooting section by @qbarrand in #281
- Remove unnecessary ServiceAccounts used in the operator namespace by @mresvanis in #280
- Refactor mapping and module unification and override by @yevgeny-shnaidman in #284
- Use a service for the registry by @qbarrand in #288
- Move to Go 1.20 by @qbarrand in #283
- Wrap assertions into Ginkgo
Itblocks by @qbarrand in #290 - Add signing to the e2e CI by @qbarrand in #287
- Move labs to the documentation website by @qbarrand in #291
- add manager-hub to .gitignore by @yevgeny-shnaidman in #293
- Fixes edit-uri for documentation by @dharmit in #286
- Add {,un}deploy KMM Hub Makefile rules by @mresvanis in #278
- Bump github.com/a8m/envsubst from 1.3.0 to 1.4.1 by @dependabot in #294
- Simplifying KernelAPI interface by @yevgeny-shnaidman in #292
- Bump open-cluster-management.io/api from 0.9.0 to 0.10.0 by @dependabot in #285
- Bump github.com/a8m/envsubst from 1.4.1 to 1.4.2 by @dependabot in #298
- ModuleReconciler and ManagedCluster controllers should not requeue on Build/Sign valid statuses by @yevgeny-shnaidman in #296
- Fix CSV metadata by @qbarrand in #299
- Bump github.com/onsi/ginkgo/v2 from 2.8.0 to 2.8.1 by @dependabot in #300
- Creating ModuleLoaderData sturcture for Build/Sign/ModuleLoader workflow by @yevgeny-shnaidman in #301
- OGP by @iranzo in #297
- Bump github.com/onsi/gomega from 1.26.0 to 1.27.0 by @dependabot in #303
- Bump github.com/onsi/gomega from 1.27.0 to 1.27.1 by @dependabot in #305
- Refactoring ModuleReconciler by @yevgeny-shnaidman in #306
- Changing the metrics flow by @yevgeny-shnaidman in #307
- Documentation fix by @yevgeny-shnaidman in #308
- Bump actions/checkout from 2 to 3 by @dependabot in #312
- Bump k8s.io/client-go from 0.26.1 to 0.26.2 by @dependabot in #317
- Bump github.com/onsi/ginkgo/v2 from 2.8.1 to 2.8.4 by @dependabot in #314
- Use kaniko for signing by @qbarrand in #313
- Expose module's name and namespace by @erusso7 in #310
- Patch instead of update Module and ManagedClusterModule status by @mresvanis in #320
- Bump github.com/onsi/gomega from 1.27.1 to 1.27.2 by @dependabot in #319
- Fix signing Dockerfile by @qbarrand in #324
- Adding Version field to Module CRD by @yevgeny-shnaidman in #327
- Build binaries manually for CodeQL by @qbarrand in #329
- Bump k8s.io/klog/v2 from 2.90.0 to 2.90.1 by @dependabot in #321
- Bump k8s.io/kubectl from 0.26.1 to 0.26.2 by @dependabot in #323
- Bump github.com/onsi/ginkgo/v2 from 2.8.4 to 2.9.0 by @dependabot in #326
- Bump sigs.k8s.io/controller-runtime from 0.14.2 to 0.14.5 by @dependabot in #322
- Adding module version labels definitions by @yevgeny-shnaidman in #330
- Refactoring of handleDriverContainer code by @yevgeny-shnaidman in #332
- Update broken links in secure_boot.md by @hershpa in #338
- Adding the namespace to the
<module>.readylabel. by @ybettan in #328 - handling Version change in DevicePlugin and ModuleLoader DaemonSets by @yevgeny-shnaidman in #334
- Bump actions/setup-go from 3 to 4 by @dependabot in #342
- Require Go 1.19 and bump dependencies by @qbarrand in #346
- Exclude generated files from codecov by @qbarrand in #349
- Bump github.com/onsi/gomega from 1.27.3 to 1.27.5 by @dependabot in #350
- updating skipper dockerfile base image to golang-1.19 by @yevgeny-shnaidman in #352
- Adding a
prowscript to test a basic deployment. by @ybettan in #353 - Revert "Adding a
prowscript to test a basic deployment." by @ybettan in #357 - fixing Daemonsets GC by @yevgeny-shnaidman in #356
- Adding
cert-managerto config/default. by @ybettan in #355 - Revert "Adding
cert-managerto config/default." by @ybettan in #358 - Installing
cert-manageras part of the deployment. by @ybettan in #359 - Bump sigs.k8s.io/controller-runtime from 0.14.5 to 0.14.6 by @dependabot in #362
- Making sure that
cert-manageris rea...
Contributors
iranzo, erusso7, and 7 other contributors
Assets 2
v1.0.0
This is the initial release of Kernel Module Management.
Full Changelog: https://github.com/kubernetes-sigs/kernel-module-management/commits/v1.0.0
Bundles
These bundles can be installed with the operator-sdk run bundle <image> command.
| Bundle | Image |
|---|---|
| KMM | gcr.io/k8s-staging-kmm/kernel-module-management-operator-bundle:v20230129-5d7ef28 |
| KMM-Hub | gcr.io/k8s-staging-kmm/kernel-module-management-operator-hub-bundle:v20230129-5d7ef28 |
Images
| Component | Image |
|---|---|
| KMM | gcr.io/k8s-staging-kmm/kernel-module-management-operator:v20230129-5d7ef28 |
| KMM-Hub | gcr.io/k8s-staging-kmm/kernel-module-management-operator-hub:v20230129-5d7ef28 |
| Signing image | gcr.io/k8s-staging-kmm/kernel-module-management-signimage:v20230129-5d7ef28 |