diff --git a/CHANGELOG.md b/CHANGELOG.md index a09c29d503..1d1e702870 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,12 @@ +# v1.26.1 +### Bug Fixes +* Fix [csi sidecar container restarts after 30 minutes of idleness](https://github.com/kubernetes-csi/external-provisioner/issues/1099) by upgrading to latest versions of affected sidecars ([#1886](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/1886), [@AndrewSirenko](https://github.com/AndrewSirenko)) +* Fix regression for those upgrading from pre-v1.12.0 who have misconfigured GP3 storage classes with IOPS below 3000 ([#1879](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/1879), [@AndrewSirenko](https://github.com/AndrewSirenko)) + +### Improvements +* Bump golang.org/x/crypto to v0.17.0 to fix [CVE-2023-48795](https://github.com/advisories/GHSA-45x7-px36-x8w8) ([$1877](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/1877), [@dobsonj](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/commits?author=dobsonj)) +* Upgrade dependencies ([#1886](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/1886), [@AndrewSirenko](https://github.com/AndrewSirenko)) + # v1.26.0 ### Announcements * [The EBS CSI Driver Helm chart will stop supporting `--reuse-values` in a future release](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/issues/1864) diff --git a/Makefile b/Makefile index b6c1374dbb..86b25a87f7 100644 --- a/Makefile +++ b/Makefile @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -VERSION?=v1.26.0 +VERSION?=v1.26.1 PKG=github.com/kubernetes-sigs/aws-ebs-csi-driver GIT_COMMIT?=$(shell git rev-parse HEAD) diff --git a/README.md b/README.md index c3575c3f48..18fa52ef9e 100644 --- a/README.md +++ b/README.md @@ -19,13 +19,14 @@ The [Amazon Elastic Block Store](https://aws.amazon.com/ebs/) Container Storage | Driver Version | [registry.k8s.io](https://kubernetes.io/blog/2022/11/28/registry-k8s-io-faster-cheaper-ga/) Image | [ECR Public](https://gallery.ecr.aws/ebs-csi-driver/aws-ebs-csi-driver) Image | |----------------|---------------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------| -| v1.26.0 | registry.k8s.io/provider-aws/aws-ebs-csi-driver:v1.26.0 | public.ecr.aws/ebs-csi-driver/aws-ebs-csi-driver:v1.26.0 | +| v1.26.1 | registry.k8s.io/provider-aws/aws-ebs-csi-driver:v1.26.1 | public.ecr.aws/ebs-csi-driver/aws-ebs-csi-driver:v1.26.1 |
Previous Images | Driver Version | [registry.k8s.io](https://kubernetes.io/blog/2022/11/28/registry-k8s-io-faster-cheaper-ga/) Image | [ECR Public](https://gallery.ecr.aws/ebs-csi-driver/aws-ebs-csi-driver) Image | |----------------|---------------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------| +| v1.26.0 | registry.k8s.io/provider-aws/aws-ebs-csi-driver:v1.26.0 | public.ecr.aws/ebs-csi-driver/aws-ebs-csi-driver:v1.26.0 | | v1.25.0 | registry.k8s.io/provider-aws/aws-ebs-csi-driver:v1.25.0 | public.ecr.aws/ebs-csi-driver/aws-ebs-csi-driver:v1.25.0 | | v1.24.1 | registry.k8s.io/provider-aws/aws-ebs-csi-driver:v1.24.1 | public.ecr.aws/ebs-csi-driver/aws-ebs-csi-driver:v1.24.1 | | v1.24.0 | registry.k8s.io/provider-aws/aws-ebs-csi-driver:v1.24.0 | public.ecr.aws/ebs-csi-driver/aws-ebs-csi-driver:v1.24.0 | diff --git a/charts/aws-ebs-csi-driver/CHANGELOG.md b/charts/aws-ebs-csi-driver/CHANGELOG.md index d13a6bde11..d2affeb7a4 100644 --- a/charts/aws-ebs-csi-driver/CHANGELOG.md +++ b/charts/aws-ebs-csi-driver/CHANGELOG.md @@ -1,4 +1,7 @@ # Helm chart +## v2.26.1 +* Bump driver version to `v1.26.1` +* Bump sidecar container versions to fix [restart bug in external attacher, provisioner, resizer, snapshotter, and node-driver-registrar](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/issues/1875) ([#1886](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/pull/1886), [@AndrewSirenko](https://github.com/AndrewSirenko)) ## v2.26.0 * Bump driver version to `v1.26.0` diff --git a/charts/aws-ebs-csi-driver/Chart.yaml b/charts/aws-ebs-csi-driver/Chart.yaml index f5761359d1..d34352bf24 100644 --- a/charts/aws-ebs-csi-driver/Chart.yaml +++ b/charts/aws-ebs-csi-driver/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: 1.26.0 +appVersion: 1.26.1 name: aws-ebs-csi-driver description: A Helm chart for AWS EBS CSI Driver -version: 2.26.0 +version: 2.26.1 kubeVersion: ">=1.17.0-0" home: https://github.com/kubernetes-sigs/aws-ebs-csi-driver sources: diff --git a/charts/aws-ebs-csi-driver/values.yaml b/charts/aws-ebs-csi-driver/values.yaml index 113d66dde8..945bd67b9e 100644 --- a/charts/aws-ebs-csi-driver/values.yaml +++ b/charts/aws-ebs-csi-driver/values.yaml @@ -19,7 +19,7 @@ sidecars: image: pullPolicy: IfNotPresent repository: public.ecr.aws/eks-distro/kubernetes-csi/external-provisioner - tag: "v3.6.2-eks-1-28-11" + tag: "v3.6.3-eks-1-29-2" logLevel: 2 # Additional parameters provided by external-provisioner. additionalArgs: [] @@ -44,7 +44,7 @@ sidecars: image: pullPolicy: IfNotPresent repository: public.ecr.aws/eks-distro/kubernetes-csi/external-attacher - tag: "v4.4.2-eks-1-28-11" + tag: "v4.4.3-eks-1-29-2" # Tune leader lease election for csi-attacher. # Leader election is on by default. leaderElection: @@ -71,7 +71,7 @@ sidecars: image: pullPolicy: IfNotPresent repository: public.ecr.aws/eks-distro/kubernetes-csi/external-snapshotter/csi-snapshotter - tag: "v6.3.2-eks-1-28-11" + tag: "v6.3.3-eks-1-29-2" logLevel: 2 # Additional parameters provided by csi-snapshotter. additionalArgs: [] @@ -85,7 +85,7 @@ sidecars: image: pullPolicy: IfNotPresent repository: public.ecr.aws/eks-distro/kubernetes-csi/livenessprobe - tag: "v2.11.0-eks-1-28-11" + tag: "v2.11.0-eks-1-29-2" # Additional parameters provided by livenessprobe. additionalArgs: [] resources: {} @@ -97,7 +97,7 @@ sidecars: image: pullPolicy: IfNotPresent repository: public.ecr.aws/eks-distro/kubernetes-csi/external-resizer - tag: "v1.9.2-eks-1-28-11" + tag: "v1.9.3-eks-1-29-2" # Tune leader lease election for csi-resizer. # Leader election is on by default. leaderElection: @@ -122,7 +122,7 @@ sidecars: image: pullPolicy: IfNotPresent repository: public.ecr.aws/eks-distro/kubernetes-csi/node-driver-registrar - tag: "v2.9.2-eks-1-28-11" + tag: "v2.9.3-eks-1-29-2" logLevel: 2 # Additional parameters provided by node-driver-registrar. additionalArgs: [] diff --git a/deploy/kubernetes/base/controller.yaml b/deploy/kubernetes/base/controller.yaml index 54a0ba9244..0bdc3e9eca 100644 --- a/deploy/kubernetes/base/controller.yaml +++ b/deploy/kubernetes/base/controller.yaml @@ -61,7 +61,7 @@ spec: runAsUser: 1000 containers: - name: ebs-plugin - image: public.ecr.aws/ebs-csi-driver/aws-ebs-csi-driver:v1.26.0 + image: public.ecr.aws/ebs-csi-driver/aws-ebs-csi-driver:v1.26.1 imagePullPolicy: IfNotPresent args: # - {all,controller,node} # specify the driver mode @@ -128,7 +128,7 @@ spec: allowPrivilegeEscalation: false readOnlyRootFilesystem: true - name: csi-provisioner - image: public.ecr.aws/eks-distro/kubernetes-csi/external-provisioner:v3.6.2-eks-1-28-11 + image: public.ecr.aws/eks-distro/kubernetes-csi/external-provisioner:v3.6.3-eks-1-29-2 imagePullPolicy: IfNotPresent args: - --timeout=60s @@ -157,7 +157,7 @@ spec: allowPrivilegeEscalation: false readOnlyRootFilesystem: true - name: csi-attacher - image: public.ecr.aws/eks-distro/kubernetes-csi/external-attacher:v4.4.2-eks-1-28-11 + image: public.ecr.aws/eks-distro/kubernetes-csi/external-attacher:v4.4.3-eks-1-29-2 imagePullPolicy: IfNotPresent args: - --timeout=60s @@ -183,7 +183,7 @@ spec: allowPrivilegeEscalation: false readOnlyRootFilesystem: true - name: csi-snapshotter - image: public.ecr.aws/eks-distro/kubernetes-csi/external-snapshotter/csi-snapshotter:v6.3.2-eks-1-28-11 + image: public.ecr.aws/eks-distro/kubernetes-csi/external-snapshotter/csi-snapshotter:v6.3.3-eks-1-29-2 imagePullPolicy: IfNotPresent args: - --csi-address=$(ADDRESS) @@ -208,7 +208,7 @@ spec: allowPrivilegeEscalation: false readOnlyRootFilesystem: true - name: csi-resizer - image: public.ecr.aws/eks-distro/kubernetes-csi/external-resizer:v1.9.2-eks-1-28-11 + image: public.ecr.aws/eks-distro/kubernetes-csi/external-resizer:v1.9.3-eks-1-29-2 imagePullPolicy: IfNotPresent args: - --timeout=60s @@ -235,7 +235,7 @@ spec: allowPrivilegeEscalation: false readOnlyRootFilesystem: true - name: liveness-probe - image: public.ecr.aws/eks-distro/kubernetes-csi/livenessprobe:v2.11.0-eks-1-28-11 + image: public.ecr.aws/eks-distro/kubernetes-csi/livenessprobe:v2.11.0-eks-1-29-2 imagePullPolicy: IfNotPresent args: - --csi-address=/csi/csi.sock diff --git a/deploy/kubernetes/base/node.yaml b/deploy/kubernetes/base/node.yaml index 6818413b96..27a1e7519c 100644 --- a/deploy/kubernetes/base/node.yaml +++ b/deploy/kubernetes/base/node.yaml @@ -52,7 +52,7 @@ spec: runAsUser: 0 containers: - name: ebs-plugin - image: public.ecr.aws/ebs-csi-driver/aws-ebs-csi-driver:v1.26.0 + image: public.ecr.aws/ebs-csi-driver/aws-ebs-csi-driver:v1.26.1 imagePullPolicy: IfNotPresent args: - node @@ -100,7 +100,7 @@ spec: exec: command: ["/bin/aws-ebs-csi-driver", "pre-stop-hook"] - name: node-driver-registrar - image: public.ecr.aws/eks-distro/kubernetes-csi/node-driver-registrar:v2.9.2-eks-1-28-11 + image: public.ecr.aws/eks-distro/kubernetes-csi/node-driver-registrar:v2.9.3-eks-1-29-2 imagePullPolicy: IfNotPresent args: - --csi-address=$(ADDRESS) @@ -137,7 +137,7 @@ spec: allowPrivilegeEscalation: false readOnlyRootFilesystem: true - name: liveness-probe - image: public.ecr.aws/eks-distro/kubernetes-csi/livenessprobe:v2.11.0-eks-1-28-11 + image: public.ecr.aws/eks-distro/kubernetes-csi/livenessprobe:v2.11.0-eks-1-29-2 imagePullPolicy: IfNotPresent args: - --csi-address=/csi/csi.sock diff --git a/deploy/kubernetes/overlays/stable/gcr/kustomization.yaml b/deploy/kubernetes/overlays/stable/gcr/kustomization.yaml index 6b92b4a34f..04f20a9031 100644 --- a/deploy/kubernetes/overlays/stable/gcr/kustomization.yaml +++ b/deploy/kubernetes/overlays/stable/gcr/kustomization.yaml @@ -7,19 +7,19 @@ images: newName: registry.k8s.io/provider-aws/aws-ebs-csi-driver - name: public.ecr.aws/eks-distro/kubernetes-csi/external-provisioner newName: registry.k8s.io/sig-storage/csi-provisioner - newTag: v3.6.2 + newTag: v3.6.3 - name: public.ecr.aws/eks-distro/kubernetes-csi/external-attacher newName: registry.k8s.io/sig-storage/csi-attacher - newTag: v4.4.2 + newTag: v4.4.3 - name: public.ecr.aws/eks-distro/kubernetes-csi/livenessprobe newName: registry.k8s.io/sig-storage/livenessprobe newTag: v2.11.0 - name: public.ecr.aws/eks-distro/kubernetes-csi/external-snapshotter/csi-snapshotter newName: registry.k8s.io/sig-storage/csi-snapshotter - newTag: v6.3.2 + newTag: v6.3.3 - name: public.ecr.aws/eks-distro/kubernetes-csi/external-resizer newName: registry.k8s.io/sig-storage/csi-resizer - newTag: v1.9.2 + newTag: v1.9.3 - name: public.ecr.aws/eks-distro/kubernetes-csi/node-driver-registrar newName: registry.k8s.io/sig-storage/csi-node-driver-registrar - newTag: v2.9.2 + newTag: v2.9.3 diff --git a/go.mod b/go.mod index 9f00541d7e..7eb2e1c457 100644 --- a/go.mod +++ b/go.mod @@ -1,7 +1,7 @@ module github.com/kubernetes-sigs/aws-ebs-csi-driver require ( - github.com/aws/aws-sdk-go v1.49.1 + github.com/aws/aws-sdk-go v1.49.13 github.com/awslabs/volume-modifier-for-k8s v0.1.3 github.com/container-storage-interface/spec v1.8.0 github.com/golang/mock v1.6.0 @@ -18,8 +18,8 @@ require ( go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.21.0 go.opentelemetry.io/otel/sdk v1.21.0 golang.org/x/sys v0.15.0 - google.golang.org/grpc v1.60.0 - google.golang.org/protobuf v1.31.0 + google.golang.org/grpc v1.60.1 + google.golang.org/protobuf v1.32.0 k8s.io/api v0.29.0 k8s.io/apimachinery v0.29.0 k8s.io/client-go v0.29.0 @@ -28,7 +28,7 @@ require ( k8s.io/kubernetes v1.29.0 k8s.io/mount-utils v0.29.0 k8s.io/pod-security-admission v0.29.0 - k8s.io/utils v0.0.0-20231127182322-b307cd553661 + k8s.io/utils v0.0.0-20240102154912-e7106e64919e ) require ( diff --git a/go.sum b/go.sum index 5b7274a526..d8472b856f 100644 --- a/go.sum +++ b/go.sum @@ -627,8 +627,8 @@ github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkY github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 h1:DklsrG3dyBCFEj5IhUbnKptjxatkF07cF2ak3yi77so= github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw= -github.com/aws/aws-sdk-go v1.49.1 h1:Dsamcd8d/nNb3A+bZ0ucfGl0vGZsW5wlRW0vhoYGoeQ= -github.com/aws/aws-sdk-go v1.49.1/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk= +github.com/aws/aws-sdk-go v1.49.13 h1:f4mGztsgnx2dR9r8FQYa9YW/RsKb+N7bgef4UGrOW1Y= +github.com/aws/aws-sdk-go v1.49.13/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk= github.com/awslabs/volume-modifier-for-k8s v0.1.3 h1:EkHELalA7IE8UjKbdma3E2WDLtD400aGeL0zDIPpgCw= github.com/awslabs/volume-modifier-for-k8s v0.1.3/go.mod h1:qNmDTxtB4/tUICCioStvhekxZVpf5oCCV2a6zbcNVXU= github.com/benbjohnson/clock v1.1.0 h1:Q92kusRqC1XV2MjkWETPvjJVqKetz1OzxZB7mHJLju8= @@ -1846,8 +1846,8 @@ google.golang.org/grpc v1.52.0/go.mod h1:pu6fVzoFb+NBYNAvQL08ic+lvB2IojljRYuun5v google.golang.org/grpc v1.53.0/go.mod h1:OnIrk0ipVdj4N5d9IUoFUx72/VlD7+jUsHwZgwSMQpw= google.golang.org/grpc v1.54.0/go.mod h1:PUSEXI6iWghWaB6lXM4knEgpJNu2qUcKfDtNci3EC2g= google.golang.org/grpc v1.55.0/go.mod h1:iYEXKGkEBhg1PjZQvoYEVPTDkHo1/bjTnfwTeGONTY8= -google.golang.org/grpc v1.60.0 h1:6FQAR0kM31P6MRdeluor2w2gPaS4SVNrD/DNTxrQ15k= -google.golang.org/grpc v1.60.0/go.mod h1:OlCHIeLYqSSsLi6i49B5QGdzaMZK9+M7LXN2FKz4eGM= +google.golang.org/grpc v1.60.1 h1:26+wFr+cNqSGFcOXcabYC0lUVJVRa2Sb2ortSK7VrEU= +google.golang.org/grpc v1.60.1/go.mod h1:OlCHIeLYqSSsLi6i49B5QGdzaMZK9+M7LXN2FKz4eGM= google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.1.0/go.mod h1:6Kw0yEErY5E/yWrBtf03jp27GLLJujG4z/JK95pnjjw= google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= @@ -1866,8 +1866,9 @@ google.golang.org/protobuf v1.28.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqw google.golang.org/protobuf v1.28.1/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= google.golang.org/protobuf v1.29.1/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= google.golang.org/protobuf v1.30.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= -google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8= google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= +google.golang.org/protobuf v1.32.0 h1:pPC6BG5ex8PDFnkbrGU3EixyhKcQ2aDuBS36lqK/C7I= +google.golang.org/protobuf v1.32.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= @@ -1944,8 +1945,8 @@ k8s.io/pod-security-admission v0.29.0 h1:tY/ldtkbBCulMYVSWg6ZDLlgDYDWy6rLj8e/Agm k8s.io/pod-security-admission v0.29.0/go.mod h1:bGIeKCzU0Q0Nl185NHmqcMCiOjTcqTrBfAQaeupwq0E= k8s.io/utils v0.0.0-20210802155522-efc7438f0176/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= k8s.io/utils v0.0.0-20230726121419-3b25d923346b/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= -k8s.io/utils v0.0.0-20231127182322-b307cd553661 h1:FepOBzJ0GXm8t0su67ln2wAZjbQ6RxQGZDnzuLcrUTI= -k8s.io/utils v0.0.0-20231127182322-b307cd553661/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +k8s.io/utils v0.0.0-20240102154912-e7106e64919e h1:eQ/4ljkx21sObifjzXwlPKpdGLrCfRziVtos3ofG/sQ= +k8s.io/utils v0.0.0-20240102154912-e7106e64919e/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= lukechampine.com/uint128 v1.1.1/go.mod h1:c4eWIwlEGaxC/+H1VguhU4PHXNWDCDMUlWdIWl2j1gk= lukechampine.com/uint128 v1.2.0/go.mod h1:c4eWIwlEGaxC/+H1VguhU4PHXNWDCDMUlWdIWl2j1gk= modernc.org/cc/v3 v3.36.0/go.mod h1:NFUHyPn4ekoC/JHeZFfZurN6ixxawE1BnVonP/oahEI= diff --git a/pkg/cloud/cloud.go b/pkg/cloud/cloud.go index 27cbbaee86..178c0e722a 100644 --- a/pkg/cloud/cloud.go +++ b/pkg/cloud/cloud.go @@ -1517,6 +1517,8 @@ func capIOPS(volumeType string, requestedCapacityGiB int64, requestedIops int64, if allowIncrease { iops = minTotalIOPS klog.V(5).InfoS("[Debug] Increased IOPS to the min supported limit", "volumeType", volumeType, "requestedCapacityGiB", requestedCapacityGiB, "limit", iops) + } else if volumeType == VolumeTypeGP3 { + klog.V(5).InfoS("[Debug] Did not increase IOPS", "volumeType", volumeType, "requestedCapacityGiB", requestedCapacityGiB) } else { return 0, fmt.Errorf("invalid IOPS: %d is too low, it must be at least %d", iops, minTotalIOPS) }