Skip to content

v1.9.0
Compare
Choose a tag to compare
@tiraboschi tiraboschi released this 22 May 14:47
· 537 commits to main since this release
v1.9.0
407576a
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

This release follows v1.8.2 and consists of 108 changes, leading to 2503 files changed, 252374 insertions(+), 56553 deletions(-).

The source code and selected binaries are available for download at: https://github.com/kubevirt/hyperconverged-cluster-operator/releases/tag/v1.9.0.

The primary release artifact of hyperconverged-cluster-operator is the git tree. The release tag is
signed and can be verified using git tag -v v1.9.0.

Pre-built containers are published on Quay and can be viewed at: https://quay.io/kubevirt/.

Notable changes

hyperconverged-cluster-operator - v1.9.0

kubevirt: v0.58.1 -> v0.59.0

  • [PR #9311][kubevirt-bot] fixes the requests/limits CPU number mismatch for VMs with isolatedEmulatorThread
  • [PR #9276][fossedihelm] Added foreground finalizer to virtual machine
  • [PR #9295][kubevirt-bot] Fix bug of possible re-trigger of memory dump
  • [PR #9270][kubevirt-bot] BugFix: Guestfs image url not constructed correctly
  • [PR #9234][kubevirt-bot] The dedicatedCPUPlacement attribute is once again supported within the VirtualMachineInstancetype and VirtualMachineClusterInstancetype CRDs after a recent bugfix improved VirtualMachine validations, ensuring defaults are applied before any attempt to validate.
  • [PR #9267][fossedihelm] This version of KubeVirt includes upgraded virtualization technology based on libvirt 9.0.0 and QEMU 7.2.0.
  • [PR #9197][kubevirt-bot] Fix addvolume not rejecting adding existing volume source, fix removevolume allowing to remove non hotpluggable volume
  • [PR #9120][0xFelix] Fix access to portforwarding on VMs/VMIs with the cluster roles kubevirt.io:admin and kubevirt.io:edit
  • [PR #9116][EdDev] Allow the specification of the ACPI Index on a network interface.
  • [PR #8774][avlitman] Added new Virtual machines CPU metrics:
  • [PR #9087][zhuchenwang] Open /dev/vhost-vsock explicitly to ensure that the right vsock module is loaded
  • [PR #9020][feitnomore] Adding support for status/scale subresources so that VirtualMachinePool now supports HorizontalPodAutoscaler
  • [PR #9085][0xFelix] virtctl: Add options to infer instancetype and preference when creating a VM
  • [PR #8917][xpivarc] Kubevirt can be configured with Seccomp profile. It now ships a custom profile for the launcher.
  • [PR #9054][enp0s3] do not inject LimitRange defaults into VMI
  • [PR #7862][vladikr] Store the finalized VMI migration status in the migration objects.
  • [PR #8878][0xFelix] Add 'create vm' command to virtctl
  • [PR #9048][jean-edouard] DisableCustomSELinuxPolicy feature gate introduced to disable our custom SELinux policy
  • [PR #8953][awels] VMExport now has endpoint containing entire VM definition.
  • [PR #8976][iholder101] Fix podman CRI detection
  • [PR #9043][iholder101] Adjust operator functional tests to custom images specification
  • [PR #8875][machadovilaca] Rename migration metrics removing 'total' keyword
  • [PR #9040][lyarwood] inferFromVolume now uses labels instead of annotations to lookup default instance type and preference details from a referenced Volume. This has changed in order to provide users with a way of looking up suitably decorated resources through these labels before pointing to them within the VirtualMachine.
  • [PR #9039][orelmisan] client-go: Added context to additional VirtualMachineInstance's methods.
  • [PR #9018][orelmisan] client-go: Added context to additional VirtualMachineInstance's methods.
  • [PR #9025][akalenyu] BugFix: Hotplug pods have hardcoded resource req which don't comply with LimitRange maxLimitRequestRatio of 1
  • [PR #8908][orelmisan] client-go: Added context to some of VirtualMachineInstance's methods.
  • [PR #6863][rmohr] The install strategy job will respect the infra node placement from now on
  • [PR #8948][iholder101] Bugfix: virt-handler socket leak
  • [PR #8649][acardace] KubeVirt is now able to run VMs inside restricted namespaces.
  • [PR #8992][iholder101] Align with k8s fix for default limit range requirements
  • [PR #8889][rmohr] Add basic TLS encryption support for vsock websocket connections
  • [PR #8660][huyinhou] Fix remoteAddress field in virt-api log being truncated when it is an ipv6 address
  • [PR #8961][rmohr] Bump distroless base images
  • [PR #8952][rmohr] Fix read-only sata disk validation
  • [PR #8657][fossedihelm] Use an increasingly exponential backoff before retrying to start the VM, when an I/O error occurs.
  • [PR #8480][lyarwood] New inferFromVolume attributes have been introduced to the {Instancetype,Preference}Matchers of a VirtualMachine. When provided the Volume referenced by the attribute is checked for the following annotations with which to populate the {Instancetype,Preference}Matchers:
  • [PR #7762][VirrageS] Service kubevirt-prometheus-metrics now sets ClusterIP to None to make it a headless service.
  • [PR #8599][machadovilaca] Change KubevirtVmHighMemoryUsage threshold from 20MB to 50MB
  • [PR #7761][VirrageS] imagePullSecrets field has been added to KubeVirt CR to support deployments form private registries
  • [PR #8887][iholder101] Bugfix: use virt operator image if provided
  • [PR #8750][jordigilh] Fixes an issue that prevented running real time workloads in non-root configurations due to libvirt's dependency on CAP_SYS_NICE to change the vcpu's thread's scheduling and priority to FIFO and 1. The change of priority and scheduling is now executed in the virt-launcher for both root and non-root configurations, removing the dependency in libvirt.
  • [PR #8845][lyarwood] An empty Timer is now correctly omitted from Clock fixing bug #8844.
  • [PR #8842][andreabolognani] The virt-launcher pod no longer needs the SYS_PTRACE capability.
  • [PR #8734][alicefr] Change libguestfs-tools image using root appliance in qcow2 format
  • [PR #8764][ShellyKa13] Add list of included and excluded volumes in vmSnapshot
  • [PR #8811][iholder101] Custom components: support gs
  • [PR #8770][dhiller] Add Ginkgo V2 Serial decorator to serial tests as preparation to simplify parallel vs. serial test run logic
  • [PR #8808][acardace] Apply migration backoff only for evacuation migrations.
  • [PR #8525][jean-edouard] CR option mediatedDevicesTypes is deprecated in favor of mediatedDeviceTypes
  • [PR #8792][iholder101] Expose new custom components env vars to csv-generator and manifest-templator
  • [PR #8701][enp0s3] Consider the ParallelOutboundMigrationsPerNode when evicting VMs
  • [PR #8740][iholder101] Fix: Align Reenlightenment flows between converter.go and template.go
  • [PR #8530][acardace] Use exponential backoff for failing migrations
  • [PR #8720][0xFelix] The expand-spec subresource endpoint was renamed to expand-vm-spec and made namespaced
  • [PR #8458][iholder101] Introduce support for clones with a snapshot source (e.g. clone snapshot -> VM)
  • [PR #8716][rhrazdil] Add overhead of interface with Passt binding when no ports are specified
  • [PR #8619][fossedihelm] virt-launcher: use virtqemud daemon instead of libvirtd
  • [PR #8736][knopt] Added more precise rest_client_request_latency_seconds histogram buckets
  • [PR #8624][zhuchenwang] Add the REST API to be able to talk to the application in the guest VM via VSOCK.
  • [PR #8625][AlonaKaplan] iptables are no longer used by masquerade binding. Nodes with iptables only won't be able to run VMs with masquerade binding.
  • [PR #8673][iholder101] Allow specifying custom images for core components
  • [PR #8622][jean-edouard] Built with golang 1.19
  • [PR #8336][alicefr] Flag for setting the guestfs uid and gid
  • [PR #8667][huyinhou] connect VM vnc failed when virt-launcher work directory is not /
  • [PR #8368][machadovilaca] Use collector to set migration metrics
  • [PR #8558][xpivarc] Bug-fix: LimitRange integration now works when VMI is missing namespace
  • [PR #8404][andreabolognani] This version of KubeVirt includes upgraded virtualization technology based on libvirt 8.7.0, QEMU 7.1.0 and CentOS Stream 9.
  • [PR #8652][akalenyu] BugFix: Exporter pod does not comply with restricted PSA
  • [PR #8563][xpivarc] Kubevirt now runs with nonroot user by default
  • [PR #8442][kvaps] Add Deckhouse to the Adopters list
  • [PR #8546][zhuchenwang] Provides the Vsock feature for KubeVirt VMs.
  • [PR #8598][acardace] VMs configured with hugepages can now run using the default container_t SELinux type
  • [PR #8594][kylealexlane] Fix permission denied on on selinux relabeling on some kernel versions
  • [PR #8521][akalenyu] Add an option to specify a TTL for VMExport objects
  • [PR #7918][machadovilaca] Add alerts for VMs unhealthy states
  • [PR #8516][rhrazdil] When using Passt binding, virl-launcher has unprivileged_port_start set to 0, so that passt may bind to all ports.
  • [PR #7772][jean-edouard] The SELinux policy for virt-launcher is down to 4 rules, 1 for hugepages and 3 for virtiofs.
  • [PR #8402][jean-edouard] Most VMIs now run under the SELinux type container_t
  • [PR #8513][alromeros] [Bug-fix] Fix error handling in virtctl image-upload

containerized-data-importer: v1.55.2 -> v1.56.0

  • [PR #2616][kubevirt-bot] Add sourceRef support for VolumeSnapshot sources
  • [PR #2614][kubevirt-bot] Enhancement: Open Stack manila now has a complete storage profile
  • [PR #2612][kubevirt-bot] BugFix: Respect bind.immediate annotation on fancy clones by falling back to host assisted
  • [PR #2605][kubevirt-bot] cdi.kubevirt.io/storage.checkStaticVolume annotation skips volume population step if a static PV is configured for target DataVOlume PVC
  • [PR #2598][kubevirt-bot] Stop forcing preallocation on block imports
  • [PR #2597][kubevirt-bot] BugFix: use retry filter in inline streaming conversion with qcow2 http endpoints.
  • [PR #2585][awels] Enhancement: builds now use golang 1.19.5
  • [PR #2571][arnongilboa] BugFix: VM with DataSource referring a non-existing PVC won't start after DataSource fix
  • [PR #2522][akalenyu] Clone from VolumeSnapshot source
  • [PR #2527][maya-r] At runtime, remove v1alpha1 version from CDI CRD, the last CRD that had it.
  • [PR #2566][arnongilboa] Fix DataImportCron PVC timestamping
  • [PR #2559][akalenyu] BugFix: target PVC disappears after cross namespace clone
  • [PR #2546][arnongilboa] Ensure Prometheus resources exist for CDINotReady
  • [PR #2482][alromeros] Support for external volume populators in DataVolumes
  • [PR #2536][mhenriks] Mount block PVCs readonly when source of clone operation
  • [PR #2539][arnongilboa] BugFix: PVC garbage collection in DataImportCron fails when CDI DV garbage collection is disabled
  • [PR #2538][arnongilboa] BugFix: Failed/successful pods associated with DataImportCron Jobs need to be cleaned up
  • [PR #2537][kvaps] Add LINSTOR to known provisioners
  • [PR #2534][lyarwood] The following KubeVirt default instance type and preference labels found on DataImportCrons are now passed on to any DataVolume, DataSource and PVC resources managed by the import.
  • [PR #2530][jpeimer] BugFix: storage profile missing defaults for LVMS "topolvm.io" provisioner
  • [PR #2520][alromeros] [bug-fix] Fix bug in size-detection mechanism when cloning across namespaces
  • [PR #2490][lyarwood] The following KubeVirt default instance type and preference annotations found on DataImportCrons are now passed on to any DataVolume and DataSource resources managed by the import.
  • [PR #2407][maya-r] Stop serving v1alpha1 CRDs (except CDI CRD). v1beta1 has been the storage version since CDI v1.20.0.
  • [PR #2474][arnongilboa] Fix import proxy ConfigMap update
  • [PR #2492][awels] BugFix: Use golang 1.18.8 for building binaries
  • [PR #2478][awels] BugFix: update golang to 1.18.8
  • [PR #2470][akalenyu] BugFix: TopoLVM profile missing defaults
  • [PR #2466][akalenyu] BugFix: Priority of CDI SecurityContextConstraints is too high
  • [PR #2455][arnongilboa] Add DataImportCron CronJobs Proxy support
  • [PR #2441][arnongilboa] Add DataVolume garbage collection support for DataImportCron and DataSource
  • [PR #2445][awels] Enable HonorWaitForFirstConsumer by default on release manifest

cluster-network-addons-operator: v0.79.1 -> v0.85.2

ssp-operator: v0.16.2 -> v0.17.0

  • [PR #507][akrejcir] Create a Route for vm-console-proxy.
  • [PR #498][codingben] Add vm-console-proxy functional tests
  • [PR #493][lyarwood] The common-instancetypes operand now supports reconciling resources from a Kustomize remote target through the CommonInstancetypes.URI attributes of the SSP CustomResource.
  • [PR #497][lyarwood] Update common-instancetypes bundle to v0.1.0
  • [PR #496][ksimon1] Update common-templates bundle to v0.25.0
  • [PR #491][codingben] Deploy vm-console-proxy via ssp-operator
  • [PR #494][github-actions[bot]] Update vm-console-proxy-bundle to v0.1.0
  • [PR #486][fossedihelm] RHEL6 guests will be not supported on RHEL9 hosts anymore. Add alert for rhel6 running vms
  • [PR #487][lyarwood] Update common-instancetypes bundle to v0.0.3
  • [PR #476][lyarwood] The data_sources operand is now always deployed, regardless of the underlying environment being OpenShift or OKD.
  • [PR #481][lyarwood] Update common-instancetypes bundle to v0.0.3-rc
  • [PR #471][lyarwood] Functional and unit tests have now moved to Ginkgo v2
  • [PR #472][ksimon1] Update common-templates bundle to v0.24.2
  • [PR #464][lyarwood] common-instancetypes has been updated to the v0.0.2-rc release.
  • [PR #425][machadovilaca] Add e2e tests for total_restored_common_templates metric
  • [PR #453][lyarwood] VirtualMachineClusterInstancetypes and VirtualMachineClusterPreferences generated by the v0.0.1-rc release of the common-instancetypes project are now installed by default by the operator.
  • [PR #426][ksimon1] Update common-templates bundle to v0.24.1
  • [PR #419][ksimon1] Update common-templates bundle to v0.24.0
  • [PR #417][akrejcir] Operator properly handles missing CRDs.
  • [PR #412][machadovilaca] Rename metrics to follow Prometheus naming conventions
  • [PR #408][borod108] SSP-Operator now supports TLS configuration through the SSP CR

tekton-tasks-operator: v0.4.1 -> v0.5.0

  • [PR #128][ksimon1] Update tekton tasks bundle to v0.13.1

hostpath-provisioner-operator: v0.14.0

Not updated

hostpath-provisioner: v0.14.0 -> v0.15.0

  • [PR #147][maya-r] Fix bug where the published arm64 docker images were built with amd64 binaries.
  • [PR #170][awels] Client-go now uses k8s-1.26 client.
  • [PR #156][awels] Using golang 1.19.4

vm-import-operator:

Not updated

Contributors

13 people contributed to this HCO release:

Additional Resources

Contributing: https://github.com/kubevirt/hyperconverged-cluster-operator/blob/main/CONTRIBUTING.md

License: https://github.com/kubevirt/hyperconverged-cluster-operator/blob/main/LICENSE

Assets 2
Loading