v2.0.0

New features & improvements

👷🏻 Worker Pods

The operator now creates short-lived, standalone worker Pods to load kmods instead of long-running DaemonSets.
This change improves the reliability of kmod unloads and significantly reduces resource utilization on both worker nodes and the control plane.

ℹ️ Events

The KMM operator now emits events:

• on build & signing job creation, completion or failure (attached to the Module);
• on kmod load or unload (attached to the Node).

💾 Binary firmwares

The firmware_class.path kernel parameter, which configures an alternate firmware lookup path, can now be set on all nodes before the kmod is loaded.
This feature is disabled by default and must be enabled in the operator configuration.

Installing

Using OLM (recommended)

Follow the installations instructions at OperatorHub.io for KMM or KMM-Hub.

Using make

git fetch
git checkout release-2.0

# For KMM
make deploy IMAGE_TAG=v20231130-v2.0.0

# For KMM-Hub
make deploy-hub IMAGE_TAG=v20231130-v2.0.0

Changelog

List of pull requests included in this release

• Set the tag of related images when building bundles by @qbarrand in #425
• Fix a command in cloudbuild.yaml by @qbarrand in #427
• Inject the webhook CA into the validated CRDs by @qbarrand in #429
• Make cert-manager an OLM dependency of KMM by @qbarrand in #432
• Adding ordered upgrade documentation by @yevgeny-shnaidman in #431
• additional fixes for ordered upgrade doc by @yevgeny-shnaidman in #434
• Bump github.com/onsi/gomega from 1.27.7 to 1.27.8 by @dependabot in #435
• Bump github.com/onsi/ginkgo/v2 from 2.9.7 to 2.10.0 by @dependabot in #436
• Bump github.com/go-openapi/swag from 0.22.3 to 0.22.4 by @dependabot in #437
• Bump github.com/docker/distribution from 2.8.1+incompatible to 2.8.2+incompatible by @dependabot in #439
• Bump k8s.io/client-go from 0.27.2 to 0.27.3 by @dependabot in #443
• Add 1.1 docs by @qbarrand in #438
• Enforce name and namespace length in the webhook by @qbarrand in #445
• Do not require pods to have a .spec.nodeName by @qbarrand in #446
• Bump github.com/prometheus/client_golang from 1.15.1 to 1.16.0 by @dependabot in #447
• Use strings.Repeat and fix a typo by @qbarrand in #449
• Replace deprecated command with environment file by @jongwooo in #451
• Bump github.com/onsi/ginkgo/v2 from 2.10.0 to 2.11.0 by @dependabot in #453
• Bump k8s.io/kubectl from 0.27.2 to 0.27.3 by @dependabot in #441
• Add a script generating files for OperatorHub.io by @qbarrand in #302
• Quote arguments in modprobe commands by @qbarrand in #456
• Upgrade support between v1.02 and v1.1 by @yevgeny-shnaidman in #454
• Add further checks on Module version by @qbarrand in #457
• Fix the ordered upgrade documentation by @qbarrand in #459
• Add documentation for Hub & Spoke by @qbarrand in #460
• Fixing ModuleLoader recreation during Node reboot by @yevgeny-shnaidman in #464
• adding NodeModulesState type by @yevgeny-shnaidman in #480
• Bump k8s.io/kubectl from 0.27.3 to 0.27.4 by @dependabot in #485
• adding ModuleConfig struct to NodeModulesSpec by @yevgeny-shnaidman in #481
• Add a proposal for worker Pods in KMM by @qbarrand in #463
• Bump github.com/onsi/gomega from 1.27.8 to 1.27.9 by @dependabot in #486
• Bump github.com/onsi/gomega from 1.27.9 to 1.27.10 by @dependabot in #489
• introducing nmc package by @yevgeny-shnaidman in #487
• Fix race condition for Node reboot issue by @yevgeny-shnaidman in #494
• Add the worker application by @qbarrand in #491
• Add Cloud Build configuration for the worker image by @qbarrand in #496
• Document default DaemonSet image pull policy by @qbarrand in #499
• updating skipper Dockerfile to base image of Golang 1.20 by @yevgeny-shnaidman in #497
• Move to a maintained fork of gomock by @qbarrand in #500
• Require Go to 1.20 in go.mod by @qbarrand in #498
• Introducing Module-to-NMC reconciliation logic by @yevgeny-shnaidman in #495
• Bump github.com/google/go-containerregistry from 0.15.2 to 0.16.1 by @dependabot in #501
• Adding NotFound error to the GetMLD API by @yevgeny-shnaidman in #502
• Bump sigs.k8s.io/controller-runtime from 0.15.0 to 0.15.1 by @dependabot in #505
• Introducing Module-NMC controller by @yevgeny-shnaidman in #503
• In case NMC does not exists, Get should return NotFound error by @yevgeny-shnaidman in #510
• Replacing Jobs with Pods in the building/signing features. by @ybettan in #504
• Add NodeModulesConfig status management functions by @qbarrand in #514
• Bump golang from 1.20-alpine3.18 to 1.21-alpine3.18 by @dependabot in #516
• Module deleted scenario in Module-NMC controller by @yevgeny-shnaidman in #518
• Add the NodeModulesConfig controller by @qbarrand in #513
• Fixing panic in case worker pod has failed by @yevgeny-shnaidman in #523
• Bump k8s.io/client-go from 0.27.4 to 0.28.0 by @dependabot in #525
• Bump k8s.io/kubectl from 0.27.4 to 0.28.0 by @dependabot in #526
• Move controllers to internal/controllers by @qbarrand in #519
• Bump github.com/onsi/ginkgo/v2 from 2.11.0 to 2.12.0 by @dependabot in #531
• Fixing Unloading Kmod on a previously failed Load Pod by @yevgeny-shnaidman in #530
• Adding Makefile target for worker image creation by @yevgeny-shnaidman in #532
• Make the worker user owner of /mnt/img by @yevgeny-shnaidman in #522
• Bump k8s.io/client-go from 0.28.0 to 0.28.1 by @dependabot in #536
• Reconfigure worker pod capabilities by @yevgeny-shnaidman in #537
• Fixing Unload Pod not being created on Module deletion by @yevgeny-shnaidman in #539
• Bump k8s.io/kubectl from 0.28.0 to 0.28.1 by @dependabot in #533
• Add pull secrets support for the worker by @qbarrand in #540
• Fixing panic for pull secret implementation by @yevgeny-shnaidman in #544
• Fixing worker pod failure in case no pullsecrets are defined by @yevgeny-shnaidman in #545
• Adding Garbage Collection for NMC objects for deleted Nodes by @yevgeny-shnaidman in #543
• Stop creating ModuleLoader DaemonSets by @qbarrand in #541
• Make the images directory a constant by @qbarrand in #546
• Changing the Module-NMC reconciliation logic by @yevgeny-shnaidman in #521
• Make all binaries run as regular users by @qbarrand in #548
• Use the default ServiceAccount when creating NMC by @qbarrand in #551
• Bump actions/checkout from 3 to 4 by @dependabot in #550
• Explicitly checking PodPending when reporting Build/Sign status by @yevgeny-shnaidman in #552
• Adding support for loading multiple kernel modules(softdep) by @yevgeny-shnaidman in #549
• Update plantuml.jar download version and link by @enriquebelarte in #555
• Implementing ordered upgrade feature for V2 by @yevgeny-shnaidman in #556
• Changing daemonsets GarbageCollector for v2 by @yevgeny-shnaidman in #558
• Bump k8s.io/client-go from 0.28.1 to 0.28.2 by @dependabot in #559
• Bump k8s.io/kubectl from 0.28.1 to 0.28.2 by @dependabot in #562
• Continuing adaption of ordered upgrade to KMM V2 by @yevgeny-shnaidman in #563
• Bump codecov/codecov-action from 3 to 4 by @dependabot in #564
• Revert codecov action upgrade to v4 by @qbarrand in #567
• Changing the flow of SyncStatus to accomodate Delete Pod errors by @yevgeny-shnaidman in #566
• Upgrade gomock to 0.3.0 by @qbarrand in #569
• Bump github.com/onsi/ginkgo/v2 from 2.12.0 to 2.12.1 by @dependabot in #571
• Upgrade to controller-runtime v0.16.2 by @qbarrand in #570
• Finalize Module resources by @qbarrand in #568
• Record more fields into the NMC status by @qbarrand in #573
• Code cleanup by @yevgeny-shnaidman in #574
• Bump open-cluster-management.io/api from 0.11.0 to 0.12.0 by @dependabot in #576
• Handling of kmm module ready label (kernel module is loaded) by @yevgeny-shnaidman in #575
• Fix concurrent map read and write in cache test by @mresvanis in #579
• Removing DaemonSet role from the DevicePlugin labels by @yevgeny-shnaidman in #580
• Adjusting pod-node reconciler to v2 by @yevgeny-shnaidman in #578
• Publish build & sign events by @qbarrand in #577
• Bump github.com/prometheus/client_golang from 1.16.0 to 1.17.0 by @dependabot in #581
• Bump golang.org/x/text from 0.12.0 to 0.13.0 by @dependabot in #582
• Fix flaky async cache test by @mresvanis in #584
• Bump github.com/onsi/gomega from 1.27.10 to 1.28.0 by @dependabot in #585
• Set resources for worker Pods by @qbarrand in #587
• Record kmod load & unload events by @qbarrand in #583
• Allow worker pods to restart on failures by @qbarrand in #588
• Rename JobEventReconciler to BuildSignEventsReconciler by @qbarrand in #589
• Fixing Module with device-plugin finalization deadlock by @yevgeny-shnaidman in #590
• Fix prepareSchedulingData loop variable capture by @qbarrand in #591
• Make the worker set firmware_class.path by @qbarrand in #586
• Fix device-plugin/worker pod labels validationsduring ordered-upgrade by @yevgeny-shnaidman in #592
• Test the soft dependencies feature in CI by @qbarrand in #594
• Adding support for firmware loading by @yevgeny-shnaidman in #596
• Reverting RestartPolicy back to Never by @yevgeny-shnaidman in #597
• Fix support bundle collection by @qbarrand in #595
• Test the in-tree removal feature by @qbarrand in #593
• Fixing 2 bugs related to failure scenarios by @yevgeny-shnaidman in #599
• Install clusteradm v0.6.0 by @qbarrand in #604
• Splitting Module reconcile into BuildSign and DevicePlugin reconcilers by @yevgeny-shnaidman in #602
• Bump github.com/onsi/ginkgo/v2 from 2.12.1 to 2.13.0 by @dependabot in #598
• Bump github.com/google/go-cmp from 0.5.9 to 0.6.0 by @dependabot in #600
• Bump golang.org/x/net from 0.14.0 to 0.17.0 by @dependabot in #601
• adapting Device Plugin status report in Module to v.2 by @yevgeny-shnaidman in #608
• Update webhook validation for name+namespace length (#607) by @yevgeny-shnaidman in #611
• Restructure Worker Pod secrets' volumes' names by @yevgeny-shnaidman in #612
• [release-2.0] Set the worker restart policy to OnFailure by @qbarrand in #617
• adapting Worker Pods status report in Module to v.2 (#619) by @yevgeny-shnaidman in #621
• [release-2.0] Bump memory limit to 384Mi by @qbarrand in #633
• [release-2.0] Rename the deployment from controller-manager to controller by @qbarrand in #638
• [release-2.0] Do not set createdAt manually in the CSV by @qbarrand in #642

New Contributors

• @jongwooo made their first contribution in #451

Full Changelog: v1.1.0...v2.0.0

Getting support

The KMM community is available on #sig-node-kmm on the Kubernetes Slack.
Please join the community meeting!