Skip to content

Latest commit

 

History

History
1390 lines (1138 loc) · 128 KB

CHANGELOG.md

File metadata and controls

1390 lines (1138 loc) · 128 KB

v1.38.1

Notice: The v1.38.0 images were promoted incorrectly due to a process error. Do not use any images from v1.38.0 and upgrade directly to v1.38.1.

Changes by Kind

Urgent Upgrade Notes

(No, really, you MUST read this before you upgrade)

Breaking Metrics Changes

Node plugin metrics have been renamed to follow Prometheus best practices:

  • Added aws_ebs_csi_ prefix
  • Added _total suffix for counters
  • Changed time units from microseconds to seconds for all counters

The controller plugin metrics now use the prefix aws_ebs_csi_ instead of cloudprovider_aws_. The old metric names will still be emitted, but can be disabled via the CLI parameter --deprecated-metrics=false on the controller. This will default to true in a future version of the EBS CSI Driver. The old metric names (cloudprovider_aws_*) are deprecated and will be removed in a future version of the EBS CSI Driver.

[ACTION REQUIRED] Update to the EBS CSI Driver IAM Policy

(This warning is the same as previous releases and can be disregarded if you have already taken appropriate action)

Due to an upcoming change in handling of IAM polices for the CreateVolume API when creating a volume from an EBS snapshot, a change to your EBS CSI Driver policy may be needed. For more information and remediation steps, see GitHub issue #2190. This change affects all versions of the EBS CSI Driver and action may be required even on clusters where the driver is not upgraded.

Feature

  • Confirm metrics to Prometheus best practices (#2248, @torredil)
  • Enable the VolumeAttributesClass by default for the Kustomize deployment. If you are deploying using the Kustomize manifests on a cluster that does not have the VolumeAttributesClass feature gate enabled on the control plane, you may see harmless extra failures related to the feature in the csi-provisioner and/or csi-resizer logs. (#2240, @ConnorJC3)

Bug or Regression

  • Prevent attempting to query NVMe metrics of NVMe volumes from other CSI drivers (#2239, @ConnorJC3)

Dependencies

Added

Nothing has changed.

Changed

  • cel.dev/expr: v0.16.1 → v0.19.1
  • github.com/aws/aws-sdk-go-v2/config: v1.28.3 → v1.28.6
  • github.com/aws/aws-sdk-go-v2/credentials: v1.17.44 → v1.17.47
  • github.com/aws/aws-sdk-go-v2/feature/ec2/imds: v1.16.19 → v1.16.21
  • github.com/aws/aws-sdk-go-v2/internal/configsources: v1.3.23 → v1.3.25
  • github.com/aws/aws-sdk-go-v2/internal/endpoints/v2: v2.6.23 → v2.6.25
  • github.com/aws/aws-sdk-go-v2/service/ec2: v1.187.1 → v1.196.0
  • github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding: v1.12.0 → v1.12.1
  • github.com/aws/aws-sdk-go-v2/service/internal/presigned-url: v1.12.4 → v1.12.6
  • github.com/aws/aws-sdk-go-v2/service/sso: v1.24.5 → v1.24.7
  • github.com/aws/aws-sdk-go-v2/service/ssooidc: v1.28.4 → v1.28.6
  • github.com/aws/aws-sdk-go-v2/service/sts: v1.32.4 → v1.33.2
  • github.com/aws/aws-sdk-go-v2: v1.32.4 → v1.32.6
  • github.com/aws/smithy-go: v1.22.0 → v1.22.1
  • github.com/awslabs/volume-modifier-for-k8s: v0.4.0 → v0.5.0
  • github.com/container-storage-interface/spec: v1.10.0 → v1.11.0
  • github.com/cyphar/filepath-securejoin: v0.3.4 → v0.3.5
  • github.com/golang/groupcache: 41bb18b → 2c02b82
  • github.com/google/cel-go: v0.21.0 → v0.22.1
  • github.com/google/gnostic-models: v0.6.8 → v0.6.9
  • github.com/google/pprof: d1b30fe → 40e02aa
  • github.com/grpc-ecosystem/grpc-gateway/v2: v2.23.0 → v2.24.0
  • github.com/onsi/ginkgo/v2: v2.21.0 → v2.22.0
  • github.com/onsi/gomega: v1.35.1 → v1.36.1
  • github.com/opencontainers/runc: v1.2.1 → v1.2.3
  • github.com/prometheus/common: v0.60.1 → v0.61.0
  • github.com/stretchr/testify: v1.9.0 → v1.10.0
  • go.etcd.io/etcd/api/v3: v3.5.16 → v3.5.17
  • go.etcd.io/etcd/client/pkg/v3: v3.5.16 → v3.5.17
  • go.etcd.io/etcd/client/v3: v3.5.16 → v3.5.17
  • go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp: v0.56.0 → v0.57.0
  • go.opentelemetry.io/proto/otlp: v1.3.1 → v1.4.0
  • golang.org/x/crypto: v0.28.0 → v0.30.0
  • golang.org/x/exp: 701f63a → 1829a12
  • golang.org/x/mod: v0.21.0 → v0.22.0
  • golang.org/x/net: v0.30.0 → v0.32.0
  • golang.org/x/oauth2: v0.23.0 → v0.24.0
  • golang.org/x/sync: v0.9.0 → v0.10.0
  • golang.org/x/sys: v0.27.0 → v0.28.0
  • golang.org/x/term: v0.25.0 → v0.27.0
  • golang.org/x/text: v0.20.0 → v0.21.0
  • golang.org/x/time: v0.7.0 → v0.8.0
  • golang.org/x/tools: v0.26.0 → v0.28.0
  • google.golang.org/genproto/googleapis/api: dd2ea8e → e6fa225
  • google.golang.org/genproto/googleapis/rpc: dd2ea8e → e6fa225
  • google.golang.org/grpc: v1.68.0 → v1.68.1
  • google.golang.org/protobuf: v1.35.1 → v1.35.2
  • k8s.io/api: v0.31.2 → v0.31.4
  • k8s.io/apiextensions-apiserver: v0.31.2 → v0.31.4
  • k8s.io/apimachinery: v0.31.2 → v0.31.4
  • k8s.io/apiserver: v0.31.2 → v0.31.4
  • k8s.io/cli-runtime: v0.31.2 → v0.31.4
  • k8s.io/client-go: v0.31.2 → v0.31.4
  • k8s.io/cloud-provider: v0.31.2 → v0.31.4
  • k8s.io/cluster-bootstrap: v0.31.2 → v0.31.4
  • k8s.io/code-generator: v0.31.2 → v0.31.4
  • k8s.io/component-base: v0.31.2 → v0.31.4
  • k8s.io/component-helpers: v0.31.2 → v0.31.4
  • k8s.io/controller-manager: v0.31.2 → v0.31.4
  • k8s.io/cri-api: v0.31.2 → v0.31.4
  • k8s.io/cri-client: v0.31.2 → v0.31.4
  • k8s.io/csi-translation-lib: v0.31.2 → v0.31.4
  • k8s.io/dynamic-resource-allocation: v0.31.2 → v0.31.4
  • k8s.io/endpointslice: v0.31.2 → v0.31.4
  • k8s.io/kms: v0.31.2 → v0.31.4
  • k8s.io/kube-aggregator: v0.31.2 → v0.31.4
  • k8s.io/kube-controller-manager: v0.31.2 → v0.31.4
  • k8s.io/kube-openapi: 67ed584 → 9959940
  • k8s.io/kube-proxy: v0.31.2 → v0.31.4
  • k8s.io/kube-scheduler: v0.31.2 → v0.31.4
  • k8s.io/kubectl: v0.31.2 → v0.31.4
  • k8s.io/kubelet: v0.31.2 → v0.31.4
  • k8s.io/kubernetes: v1.31.2 → v1.31.4
  • k8s.io/metrics: v0.31.2 → v0.31.4
  • k8s.io/mount-utils: v0.31.2 → v0.31.4
  • k8s.io/pod-security-admission: v0.31.2 → v0.31.4
  • k8s.io/sample-apiserver: v0.31.2 → v0.31.4
  • k8s.io/utils: 6fe5fd8 → 24370be
  • sigs.k8s.io/apiserver-network-proxy/konnectivity-client: v0.31.0 → v0.31.1
  • sigs.k8s.io/structured-merge-diff/v4: v4.4.1 → v4.4.3

Removed

Nothing has changed.

v1.37.0

Urgent Upgrade Notes

(No, really, you MUST read this before you upgrade)

[ACTION REQUIRED] Update to the EBS CSI Driver IAM Policy

Due to an upcoming change in handling of IAM polices for the CreateVolume API when creating a volume from an EBS snapshot, a change to your EBS CSI Driver policy may be needed. For more information and remediation steps, see GitHub issue #2190. This change affects all versions of the EBS CSI Driver and action may be required even on clusters where the driver is not upgraded.

Notable Changes

  • Export EBS detailed performance statistics as Prometheus metrics for CSI-managed volumes (#2216, @torredil)

Bug Fixes

  • Update example-iam-policy.json for non 'aws' partitions (#2193, @willswire)

Improvements

v1.36.0

Urgent Upgrade Notes

(No, really, you MUST read this before you upgrade)

[ACTION REQUIRED] Update to the EBS CSI Driver IAM Policy

Due to an upcoming change in handling of IAM polices for the CreateVolume API when creating a volume from an EBS snapshot, a change to your EBS CSI Driver policy may be needed. For more information and remediation steps, see GitHub issue #2190. This change affects all versions of the EBS CSI Driver and action may be required even on clusters where the driver is not upgraded.

Bug Fixes

Improvements

v1.35.0

Notable Changes

  • Add legacy-xfs driver option for clusters that mount XFS volumes to nodes with Linux kernel <= 5.4. Warning: This is a temporary workaround for customers unable to immediately upgrade their nodes. It will be removed in a future release. See the options documentation for more details.(#2121,@AndrewSirenko)
  • Add local snapshots on outposts (#2130, @ElijahQuinones)

Improvements

v1.34.0

Notable Changes

Bug Fixes

  • Ensure ModifyVolume returns InvalidArgument error code if VAC contains invalid parameter (#2103, @mdzraf)

Improvements

v1.33.0

Urgent Upgrade Notes

(No, really, you MUST read this before you upgrade)

  • The AZ topology key CreateVolume returns has changed from topology.ebs.csi.aws.com/zone to topology.kubernetes.io/zone. Volumes created on v1.33.0 or any future version will be incompatible with versions before v1.28.0. No other customer-facing impact is expected unless you directly depend on the topology label. For more information and the reasoning behind this change, see issue #729.

Notable Changes

  • Migrate CreateVolume response topology to standard label topology.kubernetes.io/zone (#2086, @ConnorJC3)
  • Add ability to modify EBS volume tags via VolumeAttributesClass (#2082, @mdzraf)
  • Add --kubeconfig flag for out-of-cluster auth (#2081, @cartermckinnon)

Bug Fixes

Improvements

v1.32.0

Announcements

  • The next minor version (v1.33.0) of the EBS CSI Driver will migrate the AZ topology label CreateVolume returns from topology.ebs.csi.aws.com/zone to topology.kubernetes.io/zone. Volumes created on this or any future version will be incompatible with EBS CSI Driver versions before v1.28.0, preventing a downgrade of more than 5 releases in the past. No other customer-facing impact is expected unless you directly depend on the topology label. For more information and the reasoning behind this change, see issue #729.

Bug Fixes

Improvements

v1.31.0

Notable Changes

Bug Fixes

Improvements

v1.30.0

Notable Changes

Bug Fixes

Improvements

v1.29.1

Bug Fixes

  • Correctly forward os.version for Windows images in multi-arch manifests (#1985, @ConnorJC3)

v1.29.0

Notable Changes

Bug Fixes

  • Add missing instances to instance store volumes table (#1966, @ConnorJC3)
  • Add c6id and r6id adjusted limits to volume_limits.go (#1961, @talnevo)
  • Ensure CSINode allocatable count is set on node before removing startup taint (#1949, @torredil)

Improvements

v1.28.0

Notable Changes

  • Add ability to override heuristic-determined reserved attachments via --reserved-volume-attachments CLI option (#1919, @jsafrane)
    • In its default behavior, the EBS CSI Driver will attempt to guess the number of reserved volume slots via IMDS metadata (when it is available). Specifying the --reserved-volume-attachments CLI option overrides this heuristic value with a user-supplied value.
    • It is strongly encouraged for users that need to reserve a well-known number of volume slots for non-CSI volumes (such as mounting an extra volume for /var/lib/docker data) use this new CLI option to avoid incorrect or incosistent behavior from the heuristic.
  • Report zone via well-known topology key in NodeGetInfo (#1931, @ConnorJC3)
    • A future release of the EBS CSI Driver will migrate the topology key for created volumes from topology.ebs.csi.aws.com/zone to the well-known and standard topology.kubernetes.io/zone.
    • After this future migration, downgrades of the EBS CSI Driver to versions prior to v1.28.0 will become impossible in some environments (particularly, environments not running the AWS CCM).

Bug Fixes

Improvements

v1.27.0

Notable Changes

  • Enable use of driver on AMIs with instance store mounts (#1889, @ConnorJC3)
  • Remove premature CreateVolume error if requested IOPS is below minimum (#1883, @AndrewSirenko)

Bug Fixes

Improvements

v1.26.1

Bug Fixes

Improvements

v1.26.0

Announcements

Notable Changes

Bug Fixes

  • Clamp minimum reported attachment limit to 1 to prevent undefined limit (This will prevent K8s from unrestricted scheduling of stateful workloads) (#1859, @torredil)
  • Instances listed under maxVolumeLimits not taking into account ENIs/Instance storage (#1860, @torredil)

Improvements

v1.25.0

Notable Changes

  • Feature: Multi-Attach for io2 block devices (#1799, @torredil)
  • Mitigate EC2 rate-limit issues by batching DescribeVolume API requests (#1819, @torredil)

Bug Fixes

  • Fix Error Handling for Volumes in Optimizing State (#1833, @torredil)

Improvements

  • Update default sidecar timeout values in chart to improve driver performance (#1824, @torredil)
  • Increase default QPS and worker threads of sidecars in chart to improve driver performance (#1834, @ConnorJC3)
  • Add volume limits for r7i (#1832, @torredil)
  • Upgrade driver & sidecar dependencies for v1.25.0 (#1835, @AndrewSirenko)
  • Bump go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp to v0.45.0 (#1827, @jsafrane)
  • Update modify-volume.md (#1816, @sebastianlzy)

v1.24.1

Bug Fixes

Improvements

v1.24.0

Notable Changes

  • Support clustered allocation with ext4 filesystems. This allows developers to enable torn write prevention on their dynamically provisioned volumes to improve the performance of I/O-intensive relational database workloads. (#1706, @AndrewSirenko)
  • Add volume limits for m7a, c7a, c7i, r7a, r7iz instance families (#1742 & #1776, @torredil)

Bug Fixes

  • Fix DeleteDisk error handling in volume creation failure (#1782, @maaoBit)

Improvements

v1.23.2

Bug Fixes

Improvements

v1.23.1

Bug Fixes

  • Upgrade volume-modifier-for-k8s sidecar to 0.1.3 for Leader election conflict with csi-resizer bug fix (#14, @torredil)

v1.23.0

Urgent Upgrade Notes

(No, really, you MUST read this before you upgrade)

The EBS CSI Driver's Linux base image was upgraded from Amazon Linux 2 (AL2) to Amazon Linux 2023 (AL2023) in this release. This change will continue to improve the performance and security of the EBS CSI Driver via updates available only on AL2023.

As part of this change, e2fsprogs will be upgraded from 1.42.9 to 1.46.5 and xfsprogs will be upgraded from 5.0.0 to 5.18.0. New volumes created on versions of the EBS CSI Driver with an AL2023 base image may fail to mount or resize on versions of the EBS CSI Driver with an AL2 base image. For this reason, downgrading the EBS CSI Driver across base images will not be supported and is strongly discouraged. Please see [Announcement] Base image upgrade to AL2023 · Issue #1719 · kubernetes-sigs/aws-ebs-csi-driver to provide any questions or feedback.

Notable Changes

Bug Fixes

  • Do not call ModifyVolume if the volume is already in the desired state (#1741, @ConnorJC3)

Improvements

v1.22.1

Bug Fixes

  • Cherry-pick from v1.23.1: Do not call ModifyVolume if the volume is already in the desired state (#1741, @ConnorJC3)
  • Upgrade volume-modifier-for-k8s sidecar to 0.1.3 for Leader election conflict with csi-resizer bug fix (#14, @torredil)

1.22.0

Urgent Upgrade Notes

(No, really, you MUST read this before you upgrade)

In an upcoming version, the EBS CSI Driver will upgrade the base image from AL2 to AL2023. For more information and to provide feedback about this change, see issue #1719

Notable Changes

  • Request coalescing for resizing and modifying volume (#1676, @hanyuel)
  • Support specifying inode size for filesystem format (#1661, @fgksgf)

Bug Fixes

Improvements

Misc

v1.21.0

Bug Fixes

  • Enable setting throughput without specifying volume type when modifying volumes (#1667, @Indresh2410)
  • Reorder device names to prevent bad behavior on non-nitro instance types (#1675, @ConnorJC3)

Improvements

  • Replace deprecated command with environment file in CI (#1636, @jongwooo)

v1.20.0

Notable Changes

  • Enable leader election in csi-resizer sidecar (#1606, @rdpsin)
  • Namespace-scoped leases permissions (#1614, @torredil)
  • Add additionalArgs parameter for sidecars (#1627, @ConnorJC3)
  • Fix context handling in WaitForVolumeAttachment & add in-flight checks to attachment/detachment operations (#1621, @torredil)
  • Extend resource list in Kustomization file (#1634, @torredil)

Bug Fixes

  • Idempotent unmount from NodeUnstageVolume / NodeUnpublishVolume (#1605, @dobsonj)
  • Remove condition on iopspergb key being mandatory for io1 volumes (#1590, @surian)
  • Avoid generating manifests with empty envFrom fields (#1630, @mvgmb)
  • Update DM allocator to use all available names (#1626, @ConnorJC3)

Improvements

v1.19.0

Urgent Upgrade Notes

(No, really, you MUST read this before you upgrade)

Windows 20H2 hosts are no longer supported. Windows 20H2 is no longer supported by Microsoft.

Notable Changes

  • Add support for annotation-based volume modification via volume-modifier-for-k8s sidecar (#1600, @rdpsin)
  • Add startup taint removal feature (#1588, @ConnorJC3 and @gtxu)

Bug Fixes

Improvements

v1.18.0

Urgent Upgrade Notes

(No, really, you MUST read this before you upgrade)

This will be the last minor release of the AWS EBS CSI Driver to support Windows 20H2 hosts. Windows 20H2 is no longer supported by Microsoft. Future releases of the AWS EBS CSI Driver will no longer be built for Windows 20H2.

Notable Changes

  • Add support for Fast Snapshot Restore (#1554, @torredil)
  • Support for interpolated tags in VolumeSnapshotClass (#1558, @hanyuel)
  • Add target to run External Storage tests on Windows nodes (#1521, @torredil)

Bug Fixes

  • Add non-negative check on volume limit for CSINode (#1542, @gtxu)
  • Fix volume mounts on AWS Snow devices (#1546, @ConnorJC3)
  • Improve consistency/idempotency of Windows mounting (#1526, @torredil)
  • Add liveness probe for node-driver-registrar container (#1570, @gtxu)
  • Fix calculation of attached block devices from IMDS (#1561, @torredil)

Improvements

  • Migrate Kustomize configuration from 'bases' to 'resources' (#1539, @torredil)
  • Reduce CI flakiness by removing unnecessary SSH certificates (#1566, @ConnorJC3)

v1.17.0

Urgent Upgrade Notes

(No, really, you MUST read this before you upgrade)

k8s.gcr.io will be redirected on Monday March 20th, and may stop working entirely in the near future. If you are using k8s.gcr.io you MUST move to registry.k8s.io to continue receiving support.

Issues related to k8s.gcr.io will no longer be accepted. public.ecr.aws and registry.k8s.io images are unaffected and remain supported as per the support policy.

Notable Changes

Bug Fixes

Improvements

v1.16.1

Notable Changes

  • Security fixes

v1.16.0

Notable Changes

  • Add support for JSON logging (#1467, @torredil)
    • --logging-format flag has been added to set the log format. Valid values are text and json. The default value is text.
    • --logtostderr is deprecated.
    • Long arguments prefixed with - are no longer supported, and must be prefixed with --. For example, --volume-attach-limit instead of -volume-attach-limit.
  • k8s.gcr.io -> registry.k8s.io (#1488, @ConnorJC3)
    • The GCR manifests now use registry.k8s.io instead of k8s.gcr.io for the image repository. For users that rely on it, the images will still be pushed to k8s.gcr.io for the forseeable future, but we recommend migration to registry.k8s.io as soon as reasonably possible. For more information, see registry.k8s.io: faster, cheaper and Generally Available (GA).
  • The sidecars have been updated. The new versions are:
    • csi-provisioner: v3.4.0
    • csi-attacher: v4.1.0
    • csi-snapshotter: v6.2.1
    • livenessprobe: v2.9.0
    • csi-resizer: v1.7.0
    • node-driver-registrar: v2.7.0

Improvements

Bug Fixes

v1.15.1

Notable Changes

  • Security fixes

v1.15.0

Notable Changes

  • Support specifying block size for filesystem format (#1452, @ConnorJC3)
  • Change default sidecars to EKS-D (#1475, @ConnorJC3, @torredil)
  • The sidecars have been updated. The new versions are:
    • csi-provisioner: v3.3.0
    • csi-attacher: v4.0.0
    • csi-snapshotter: v6.1.0
    • livenessprobe: v2.8.0
    • csi-resizer: v1.6.0
    • node-driver-registrar: v2.6.2

Bug Fixes

Improvements

Acknowledgments

  • We would like to sincerely thank: @talnevo

v1.14.1

Bug Fixes

  • (Cherry-Pick) Fixed handling of volume limits for instance types m6id and x2idn

v1.14.0

Improvements

  • Bumped golang dependencies
  • Rebuilt driver container with newer base image (containing security fixes)
  • In the next minor release (v1.15.0, scheduled for January) the default sidecars will be changed, see #1456

v1.13.0

Bug Fixes

Improvements

Acknowledgments

v1.12.1

Security

v1.11.5

Backported Security

v1.12.0

Notable Changes

Bug Fixes

  • c6i.metal and g5g.metal are nitro instances (#1358, @wmesard)
  • Update release notes; Implement useOldCSIDriver parameter (#1391, @ConnorJC3)

Improvements

Acknowledgments

v1.11.4

Improvements

  • Update go version; Update dependencies (#1394, @torredil)
    • go 1.17 -> 1.19
    • github.com/aws/aws-sdk-go v1.44.45 -> v1.44.101
    • github.com/google/go-cmp v0.5.8 -> v0.5.9
    • github.com/onsi/gomega v1.19.0 -> v1.20.2
    • golang.org/x/sys v0.0.0-20220728004956-3c1f35247d10 -> v0.0.0-20220919091848-fb04ddd9f9c8
    • google.golang.org/grpc v1.47.0 -> v1.49.0

v1.11.3

Vulnerability Fixes

  • Address CVEs (#1384, @torredil)
    • Upgrade github.com/prometheus/client_golang v1.11.0 -> v1.11.1 to address CVE-2022-21698.
    • Upgrade golang.org/x/net v0.0.0-20220225172249-27dd8689420f -> v0.0.0-20220906165146-f3363e06e74c to address CVE-2022-27664.

v1.11.2

Notable Changes

Bug Fixes

Miscellaneous

Acknowledgments

Versions [v1.11.0, v1.11.1] were skipped due to incorrect version metadata in the container.

v1.10.0

Announcement

  • OS/Architecture specific tags are no longer being pushed to public ECR (#1315)

Miscellaneous

v1.9.0

Notable Changes

  • Upgrade dependencies (#1296, @torredil)
    • k8s.io/kubernetes v1.21.11 -> v1.22.11
    • github.com/aws/aws-sdk-go v1.43.37 -> v1.44.45
    • github.com/container-storage-interface/spec v1.3.0 -> v1.6.0
    • github.com/golang/mock v1.5.0 -> v1.6.0
    • github.com/golang/protobuf v1.5.0 -> v1.5.2
    • github.com/google/go-cmp v0.5.5 -> v0.5.8
    • github.com/kubernetes-csi/csi-proxy/client v1.0.1 -> v1.1.1
    • github.com/kubernetes-csi/csi-test v2.0.0+incompatible -> v2.2.0+incompatible
    • github.com/kubernetes-csi/external-snapshotter/client/v4 v4.0.0 -> v4.2.0
    • github.com/onsi/ginkgo v1.11.0 -> v1.16.5
    • github.com/onsi/gomega v1.7.1 -> v1.19.0
    • github.com/stretchr/testify v1.6.1 -> v1.8.0
    • golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e -> v0.0.0-20220627191245-f75cf1eec38b
    • google.golang.org/grpc v1.34.0 -> v1.47.0
  • Add GitHub actions (#1297, @torredil)
    • Fix broken CHANGELOG link in release.yaml
    • Add codeql-analysis.yaml for additional vulnerability scanning
    • Add unit-tests.yaml for multi-platform unit testing (Linux/Windows)
    • Add verify.yaml which runs make verify
  • Update livenessprobe to v2.6.0 (#1303, @t0rr3sp3dr0)

Bug Fixes

Miscellaneous

Acknowledgments

v1.8.0

Notable Changes

  • Change base image from Amazon Linux 2 to EKS minimal for linux builds

Acknowledgments

  • We would like to sincerely thank: @jaxesn

v1.7.0

Announcement

  • To improve the security of the container images, the base image will be switched from Amazon Linux 2 to EKS Distro Minimal in an upcoming release. The new minimal base image only contains the necessary driver dependencies which means it will not include a shell. Please be aware that while this change won't break workloads, it may break processes for debugging if you are using a shell.

Notable Changes

Features

Bug Fixes

Vulnerability Fixes

  • Address ALAS2-2022-1801, ALAS2-2022-1802, ALAS2-2022-1805
  • Update golang.org/x/crypto for CVE-2022-27191 (#1210, @jsafrane)

Miscellaneous

Acknowledgments

v1.6.2

Notable changes

  • Address CVE ALAS-2022-1792

v1.6.1

Notable changes

  • Address CVE ALAS2-2022-1782, ALAS2-2022-1788, ALAS2-2022-1784

v1.6.0

Notable changes

Bug fixes

New features

  • Adding tagging support through StorageClass.parameters (#1199, @rdpsin)
  • Add volume resizing support for windows (#1207, @torredil)

Misc.

  • Update deprecated command go get (#1194, @gtxu)
  • Upgrade PodDisruptionBudget api version for kubernetes 1.21+ (#1196, @wangshu3000)
  • Bump prometheus/client_golang to v1.11.1 (#1197, @dobsonj)
  • Updated TAGGING.md to mention minimum version for tagging (#1202, @rdpsin)
  • Update README.md to reflect correct tag key for snapshots (#1203, @rdpsin)

v1.5.3

Notable changes

v1.5.2

Notable changes

  • Address CVE ALAS-2022-1764

v1.5.1

Notable changes

  • Address CVE ALAS-2021-1552, ALAS2-2022-1736, ALAS2-2022-1738, ALAS2-2022-1743

v1.5.0

Misc.

v1.4.0

Notable changes

  • Recognize instance-type node label when EC2 metadata isn't available (#1060, @rifelpet)
  • Fix windows NodePublish failing because mount target doesn't exist (#1081, @wongma7)
  • Search for nvme device path even if non-nvme exists (#1082, @wongma7)

Misc.

v1.3.1

  • Push multi-arch/os image manifest to ECR.

v1.3.0

Notable changes

  • Make NodePublish Mount Idempotent (#1019, @nirmalaagash)
  • Build and push multi-arch/os (amazon and windows, no debian) image manifest via Make rules (#957, @wongma7)

Bug fixes

  • Fix windows build IsCorruptedMnt not implemented (#1047, @wongma7)
  • Hash volume name to get client token (#1041, @vdhanan)
  • Include ClusterRole and ClusterRoleBinding for csi-node (#1021, @groodt)
  • Fix gcr prow builld failing because docker missing --os-version (#1020, @wongma7)
  • Fix gcr prow build failing because of IMAGE variable collision (#1017, @wongma7)
  • Fix github build failing because of wrong docker hub registry name (#1016, @wongma7)

New features

Misc.

  • Update helm chart alongside kustomize, after images have been pushed, for consistency (#1015, @wongma7)
  • Update kustomize templates only after verifying images are available in registries (#995, @wongma7)

v1.2.1

Notable changes

v1.2.0

Notable changes

  • In a future release, the debian-based image will be removed and only an al2-based image will be maintained and pushed to GCR and ECR
  • In a future release, images will stop getting pushed to Docker Hub

Bug fixes

  • Update driver capabilities (#922, @wongma7)
  • update inFlight cache to avoid race condition on volume operation (#924, @AndyXiangLi)
  • Update example policy, use it in tests, and document it (#940, @wongma7)
  • Default extra-create-metadata true so that volumes get created with pvc/pv tags (#937, @wongma7)
  • Default controller.extra-create-metadata true so that volumes get created with pvc/pv tags (#941, @wongma7)

New features

Installation updates

  • Add test-e2e-external-eks make rule that tests EKS with pod instance metadata disabled. Remove hostNetwork from DaemonSet (#907, @wongma7)
  • helm chart configurable log verbosity (#908, @wongma7)
  • Fix podLabels case in Helm chart (#925, @eytanhanig)
  • Add KubernetesCluster tag to provisioned volumes when cluster-id set (#932, @wongma7)
  • Stop pushing latest tag and remove all references to it (#949, @wongma7)
  • Install snapshot controller independently of helm for e2e tests (#968, @wongma7)
  • Several breaking changes to the helm chart (#965, @krmichel)
  • Increased the helm chart version (#980, @nirmalaagash)
  • [helm-chart] csi-snapshotter in ebs-csi-controller now checks for enableVolumeSnapshot before including it in containers (#960, @missingcharacter)

Misc.

  • Disable uuid checks on XFS (#913, @jsafrane)
  • merge v1.1.0 release commits back to master (#921, @vdhanan)
  • Add migration upgrade/downgrade test (#927, @wongma7)
  • Grant EKSCTL_ADMIN_ROLE admin access to eksctl clusters (#933, @wongma7)
  • Adding CRDs VolumeSnapshotClass, VolumeSnapshotContent, VolumeSnapshot for snapshot.storage.k8s.io/v1 (#938, @missingcharacter)
  • Revert "Fix kustomize RBAC bindings to have namespace kube-system" (#947, @TheRealDwright)
  • Clarify that using instance profile for permission requires instance metadata access on (#952, @wongma7)
  • Release v1.1.1 and chart v1.2.4 (#959, @wongma7)
  • Download fixed version of eksctl to avoid bugs (#967, @wongma7)
  • Nit: Fix typo in the CHANGELOG (#971, @ialidzhikov)
  • Add how to consume new hack/e2e scripts in other repos (efs/fsx) (#972, @wongma7)
  • Updated README.md and changed the version in snapshot example (#976, @nirmalaagash)
  • Update base images: yum update al2, bump debian tag (#986, @wongma7)
  • Release 1.1.3 (#992, @wongma7)
  • add ecr images to readme (#998, @vdhanan)

v1.1.4

Notable changes

v1.1.3

Notable changes

  • Fix ecr image being debian-based
  • In a future release, the debian-based image will be removed and only an al2-based image will be maintained and pushed to GCR and ECR
  • In a future release, images will stop getting pushed to Docker Hub

v1.1.2

Notable changes

  • Update base images: yum update al2, bump debian tag (#986, @wongma7)

v1.1.1

Bug fixes

  • update inFlight cache to avoid race condition on volume operation (#924, @AndyXiangLi)

v1.1.0

Notable changes

New features

Bug fixes

  • fix naming mistake in clusterrolebinding, expose env var to controller via downward api (#874, @vdhanan)
  • Fix kustomize RBAC bindings to have namespace kube-system (#878, @wongma7)
  • rename node clusterrolebinding to make auto upgrade work (#894, @vdhanan)
  • remove hardcoded namespace for pod disruption budget (#895, @vdhanan)
  • Only initialize the in-cluster kube client when metadata service is actually unavailable (#897, @chrisayoub)
  • Reduce default log level to 2 (#903, @wongma7)
  • Add pod disruption budgets that got missed in a rebase (#906, @krmichel)
  • remove WellKnownTopologyKey from PV Topology (#912, @Elbehery)
  • Skip volume expansion if block node (#916, @gnufied)

Misc.

v1.0.0

Notable changes

  • With this release, the EBS CSI Driver is now Generally Available!

New features

  • add options to enable aws sdk debug log and add more logs when driver… (#830, @AndyXiangLi)
  • Emit AWS API operation duration/error/throttle metrics (#842, @wongma7)
  • add pod disruption budget for csi controller (#857, @vdhanan)

Bug fixes

Misc.

v0.10.1

Notable changes

  • support volume partition, users can specify partition in the pv and driver will mount the device on the specified partition (#824, @AndyXiangLi)

Misc.

v0.10.0

Notable changes

  • Prep for Windows support: Copy pkg/mounter and refactor to use k8s.io/mount-utils (#786, @wongma7)
  • Add well-known topology label (#773, @ayberk)
  • Update livenessprobe image version from 2.1.0 to 2.2.0 (#756, @mowangdk)
  • Remove arm overlay (#719, @ayberk)
  • Add readiness probe so controller does not report "Ready" prematurely (#751, @vdhanan)
  • Add toleration time to NoExecute effect (#776, @AndyXiangLi)

New features

Bug fixes

Misc.

v0.9.1

Notable changes

  • Change helm deploy settings: default tolerationAllTaints to false, NoExecute toleration time is 300s and will tolerate CriticalAddonsOnly

New features

Bug fixes

v0.9.0

Notable changes

  • All images (including sidecars) are Multiarch
  • Enable volume stats metrics on Node service

New features

Bug fixes

Misc.

v0.8.1

Notable changes

  • Images in k8s.gcr.io are multiarch.

Bug fixes

v0.8.0

Notable changes

  • gp3 is now the default volume type. gp3 is not supported on outposts. Outpost customers need to use a different type for their volumes.
  • Images will be built on a Debian base by default. Images built on Amazon Linux will still be available but with the tag suffix -amazonlinux.
  • Images will be published to k8s.gcr.io in addition to ECR and Docker Hub.

New features

Bug fixes

  • Fix the name of the snapshot controller leader election RoleBinding (#601, @robbie-demuth)

Misc.

v0.7.1

Documentation

filename sha512 hash
v0.7.1.zip 0c8b1e539f5852e54b5f4ab48cb3054ac52145db3d692cdc6b3ac683c39ebf11951c5ff3823a83666605a56a30b38953d20f392397c16bf39a5727c66ddf0827
v0.7.1.tar.gz 157ed2c7aa00635a61438a1574bd7e124676bcabd9e27cfe865c7bbb3194609894536b1eb38a12a8e5bfa71b540e0f1cde12000b02d90b390d17987fc913042e

Notable changes

This release includes a fix for the helm chart to point to the correct image.

v0.7.0

Documentation

filename sha512 hash
v0.7.0.zip 6e1117ce046d0030c3008b3eec8ba3196c516adf0ecef8909fcfd3d68e63624a73a992033356e208bf0d5563f7dec2e40675f0fee7f322bd4f69d7b03750961a
v0.7.0.tar.gz 4dc3402ffa3dcc59c9af1f7d776a3f53a288f62a31c05cde00aeceeef6000be16ca6cdae08712b4f7f64c9e89ceeaa13df7f1ca4bf3d62ba62845b52cc13eadf

Notable changes

New features

Improvements

v0.6.0

Documentation

filename sha512 hash
v0.6.0.zip 67dc79703c2d022cbc53a370e8ac7279bf4345030a3ecc5b2bdff2b722ec807b712f2cd6eae79598edb87e15d92e683e98dde7c25e52f705233bc3ece649c693
v0.6.0.tar.gz a3b5e95ec05ce6b4e6eb22ae00c7898cb876f21719354636dae5d323934c7a0bb32a7a8e89abdfcc6b0a0827c7169a349cba9dce32b7bf25e7287a2ec0387f21

Notable changes

New features

  • Allow volume attach limit overwrite via command line parameter (#522, @rfranzke)
  • Add tags that the in-tree volume plugin uses (#530, @jsafrane)

Bug fixes

Improvements

v0.5.0

Documentation

filename sha512 hash
v0.5.0.zip c53327e090352a7f79ee642dbf8c211733f4a2cb78968ec688a1eade55151e65f1f97cd228d22168317439f1db9f3d2f07dcaa2873f44732ad23aaf632cbef3a
v0.5.0.tar.gz ec4963d34c601cdf718838d90b8aa6f36b16c9ac127743e73fbe76118a606d41aced116aaaab73370c17bcc536945d5ccd735bc5a4a00f523025c8e41ddedcb8

Notable changes

New features

Bug fixes

Improvements

v0.4.0

Documentation

filename sha512 hash
v0.4.0.zip 2f46b54211178ad1e55926284b9f6218be874038a1a62ef364809a5d2c37b7bbbe58a2cc4991b9cf44cbfe4966c61dd6c16df0790627dffac4f7df9ffc084a0c
v0.4.0.tar.gz 0199df52ac1e19ee6b04efb80439024dde11de3d8fc292ce10527f2e658b393d8bfd4e37a6ec321cb415c9bdbee83ff5dbdf58e2336d03fe5d1b2717ccb11169

Action Required

  • Update Kubernetes cluster to 1.14+ before installing the driver, since the released driver manifest assumes 1.14+ cluster.
  • storageclass parameter's fstype key is deprecated in favor of csi.storage.k8s.io/fstype key. Please update the key in you stroage parameters.

Changes since v0.3.0

See details for all the changes.

Notable changes

v0.3.0

Documentation

filename sha512 hash
v0.3.0.zip 27a7a1cd4fc7a8afa1c0dd8fb3ce4cb1d9fc7439ebdbeba7ac0bfb0df723acb654a92f88270bc68ab4dd6c8943febf779efa8cbebdf3ea2ada145ff7ce426870
v0.3.0.tar.gz 9126a3493f958aaa4727bc62b1a5c545ac8795f08844a605541aac3d38dea8769cee12c7db94f44179a91af7e8702174bba2533b4e30eb3f32f9b8338101a5db

Action Required

  • None

Upgrade Driver

Driver upgrade should be performed one version at a time by using following steps:

  1. Delete the old driver controller service and node service along with other resources including cluster roles, cluster role bindings and service accounts.
  2. Deploy the new driver controller service and node service along with other resources including cluster roles, cluster role bindings and service accounts.

Changes since v0.2.0

See details for all the changes.

Notable changes

v0.2.0

Documentation

filename sha512 hash
v0.2.0.zip a9733881c43dfb788f6c657320b6b4acdd8ee9726649c850282f8a7f15f816a6aa5db187a5d415781a76918a30ac227c03a81b662027c5b192ab57a050bf28ee
v0.2.0.tar.gz 0d7a3efd0c1b0c6bf01b08c3cbd48d867aeab1cf1f7f12274f42d561f64526c0345f23d5947ddada7a333046f101679eea620c9ab8985f9d4d1c8c3f28de49ce

Action Required

  • Upgrade the Kubernetes cluster to 1.13+ before deploying the driver. Since CSI 1.0 is only supported starting from Kubernetes 1.13.

Upgrade Driver

Driver upgrade should be performed one version at a time by using following steps:

  1. Delete the old driver controller service and node service along with other resources including cluster roles, cluster role bindings and service accounts.
  2. Deploy the new driver controller service and node service along with other resources including cluster roles, cluster role bindings and service accounts.

Changes since v0.1.0

See details for all the changes.

Notable changes

v0.1.0

Documentation

Downloads for v0.1.0

filename sha512 hash
v0.1.0.zip 03841418496e292c3f91cee7942b545395bce049e9c4d2305532545fb82ad2e5189866afec2ed937924e144142b0b915a9467bac42e9f2b881181aba6aa80a68
v0.1.0.tar.gz 106b6c2011acd42b0f10117b7f104ab188dde798711e98119137cf3d8265e381df09595b8e861c0c9fdcf8772f4a711e338e822602e98bfd68f54f9e1c7f8f16

Changelog since initial commit

Notable changes