v1.5.0

v1.5.0

What's New

Support Kubernetes up to V1.28

“k8s.io/xxx” and all its related dependencies are upgraded to version “v0.28.9”, for ensuring OpenYurt is compatible with Kubernetes v1.28 version. This compatibility has been confirmed by an end-to-end (E2E) test where we started a Kubernetes v1.28 cluster using KinD and deployed the latest components of OpenYurt. At the same time, all the key components of OpenYurt, such as yurt-manager and yurthub, are deployed on the Kubernetes cluster via Helm to ensure that the Helm charts provided by the OpenYurt community can run stably in the production environment.
#2047
#2074

Reduce cloud-edge traffic spike during rapid node additions

NodePool resource is essential for managing groups of nodes within OpenYurt clusters, as it records details of all nodes in the collective through the NodePool.status.nodes field. YurtHub relies on this information to identify endpoints within the same NodePool, thereby enabling pool-level service topology functionality. However, when a large NodePool—potentially comprising thousands of nodes—experiences swift expansion, such as the integration of hundreds of edge nodes within a mere minute, the surge in cloud-to-edge network traffic can be significant. In this release, a new type of resource called NodeBucket has been introduced. It provides a scalable and streamlined method for managing extensive NodePool, significantly reducing the impact on cloud-edge traffic during periods of rapid node growth, and ensuring the stability of the clusters is maintained.
#1864
#1874
#1930

Upgrade YurtAppSet to v1beta1 version

YurtAppSet v1beta1 is introduced to facilitate the management of multi-region workloads. Users can use YurtAppSet to distribute the same WorkloadTemplate (Deployment/Statefulset) to different nodepools by a label selector NodePoolSelector or nodepool name slice (Pools). Users can also customize the configuration of workloads in different node pools through WorkloadTweaks.
In this release, we have combined the functionality from the three old crds (YurtAppSet v1alpha1, YurtAppDaemon and YurtAppOverrider) in yurtappset v1beta1. We recommend to use this in favor of the old ones.
#1890
#1931
#1939
#1974
#1997

Improve transparent management mechanism for control traffic from edge to cloud

The current transparent management mechanism for cloud-edge control traffic has certain limitations and cannot effectively support direct requests to the default/kubernetes service. In this release, a new transparent management mechanism for cloud-edge control traffic, aimed at enabling pods using InClusterConfig or the default/kubernetes service name to access the kube-apiserver via YurtHub without needing to be aware of the details of the public network connection between the cloud and edge.
#1975
#1996

Separate clients for yurt-manager component

Yurt-manager is an important component in cloud environment for OpenYurt which holds multiple controllers and webhooks. Those controllers and webhooks shared one client and one set of RBAC (yurt-manager-role/yurt-manager-role-binding/yurt-manager-sa) which grew bigger as we add more function into yurt-manager. This mechanism makes a controller has access it shouldn't has. and it's difficult to find out the request is from which controller from the audit logs. In the latest release, we restrict each controller/webhook to only the permissions it may use and separate RBAC and UA for different controllers and webhooks.
#2051
#2069

Enhancement to Yurthub's Autonomy capabilities

New autonomy condition have been added to node conditions so that yurthub can report autonomy status of node in real time at each nodeStatusUpdateFrequency. This condition allows for accurate determination of each node's autonomy status. In addition, an error key mechanism has been introduced to log cache failure keys along with their corresponding fault reasons. The error keys are persisted using the AOF (Append-Only File) method, ensuring that the autonomy state is recovered even after a reboot and preventing the system from entering a pseudo-autonomous state. These enhancements also facilitate easier troubleshooting when autonomy issues arise.
#2015
#2033
#2096

Other Notable changes

• improve ca data for yurthub component by @rambohe-ch in #1815
• improve FieldIndexer setting in yurt-manager by @2456868764 in #1834
• fix: yurtadm join ignorePreflightErrors could not set all by @YTGhost in #1837
• Feature: add name-length of dummy interface too long error by @8rxn in #1875
• feat: support v3 rest api client for edgex v3 api by @wangxye in #1850
• feat: support edgex napa version by auto-collector by @LavenderQAQ in #1852
• feat: improve discardcloudservice filter in yurthub component (#1924) by @huangchenzhao in #1926
• Add missing verb to the role of node lifecycle controller by @crazytaxii in #1936
• don't cache csr and sar resource in yurthub by @rambohe-ch in #1949
• feat: improve hostNetwork mode of NodePool by adding NodeAffinity to pods with specified annotation (#1935) by @huangchenzhao in #1959
• move list object handling from ObjectFilter into ResponseFilter by @rambohe-ch in #1991
• The gateway can forward traffic from extra source cidrs by @River-sh in #1993
• return back watch.Deleted event to clients when watch object is removed in OjbectFilters by @rambohe-ch in #1995
• add pool service controller. by @zyjhtangtang in #2010
• aggregated annotations and labels. by @zyjhtangtang in #2027
• improve pod webhook for adapting hostnetwork mode nodepool by @rambohe-ch in #2050
• intercept kubelet get node request in order to reduce the traffic by @vie-serendipity in #2039
• bump controller-gen to v0.13.0 by @Congrool in #2056
• improve nodepool conversion by @rambohe-ch in #2080
• feat: add version metrics for yurt-manager and yurthub components by @rambohe-ch in #2094

Fixes

• fix cache manager panic in yurthub by @rambohe-ch in #1950
• fix: upgrade the version of runc to avoid security risk by @qclc in #1972
• fix only openyurt crd conversion should be handled for upgrading cert by @rambohe-ch in #2013
• fix the cache leak in yurtappoverrider controller by @MeenuyD in #1795
• fix(yurt-manager): add clusterrole for nodes/status subresources by @qclc in #1884
• fix: close dst file by @testwill in #2046

Proposals

• Proposal: High Availability of Edge Services by @Rui-Gan in #1816
• Proposal: yurt express: openyurt data transmission system proposal by @qsfang in #1840
• proposal: add NodeBucket to reduce cloud-edge traffic spike during rapid node additions. by @rambohe-ch in #1864
• Proposal: add yurtappset v1beta1 proposal by @luc99hen in #1890
• proposal: improve transparent management mechanism for control traffic from edge to cloud by @rambohe-ch in #1975
• Proposal: enhancement of edge autonomy by @vie-serendipity in #2015
• Proposal: separate yurt-manager clients by @luc99hen in #2051

Contributors

Thank you to everyone who contributed to this release! ❤

• @wangxye
• @huiwq1990
• @testwill
• @fengshunli
• @Congrool
• @zyjhtangtang
• @vie-serendipity
• @dsy3502
• @YTGhost
• @River-sh
• @qclc
• [@lilongfeng0902](https://github.com/lilon...

v1.4.4

What's Changed

• fix: edgex component creation cause registration errors and core-command crash by @LavenderQAQ in #2030

Full Changelog: v1.4.3...v1.4.4

v1.4.3

What's Changed

• [Backport release-v1.4] fix only openyurt crd conversion should be handled for upgrading cert by @github-actions in #2014

Full Changelog: v1.4.2...v1.4.3

v1.4.2

What's Changed

• [Backport release-v1.4] fix: yurtadm join can't work when kubernetes version large than v1.27.0 by @github-actions in #1998

Full Changelog: v1.4.1...v1.4.2

v1.4.1

What's Changed

• [Backport release-v1.4] fix cache manager panic in yurthub by @github-actions in #1951
• [Backport release-v1.4] fix: yurtadm join ignorePreflightErrors could not set all by @github-actions in #1954
• [Backport release-v1.4] Feature: add name-length of dummy interface too long error by @github-actions in #1952
• [Backport release-v1.4] feat: bookmark and error response should be skipped in yurthub filter (#1868) by @github-actions in #1953

Full Changelog: v1.4.0...v1.4.1

v1.4.0

v1.4.0

What's New

Support for HostNetwork Mode NodePool

When the resources of edge nodes are limited and only simple applications need to be run (for instance, situations where container network is not needed and there is no need for communication between applications),
using a HostNetwork mode nodepool is a reasonable choice. When creating a nodepool, users only need to set spec.HostNetwork=true to create a HostNetwork mode nodepool.

In this mode, only some essential components such as kubelet, yurthub and raven-agent will be installed on all nodes in the pool. In addition, Pods scheduled on these nodes will automatically adopt host network mode.
This method effectively reduces resource consumption while maintaining application performance efficiency.

Support for customized configuration at the nodepool level for multi-region workloads

YurtAppOverrider is a new CRD used to customize the configuration of the workloads managed by YurtAppSet/YurtAppDaemon. It provides a simple and straightforward way to configure every field of the workload under each nodepool.
It is fundamental component of multi-region workloads configuration rendering engine.

Support for building edgex iot systems by using PlatformAdmin

PlatformAdmin is a CRD that manages the IoT systems in the OpenYurt nodepool. It has evolved from the previous yurt-edgex-manager. Starting from this version, the functionality of yurt-edgex-controller has been merged into yurt-manager. This means that users no longer need to deploy any additional components; they only need to install yurt-manager to have all the capabilities for managing edge devices.

PlatformAdmin allows users with a user-friendly way to deploy a complete edgex system on nodepool. It comes with an optional component library and configuration templates. Advanced users can also customize the configuration of this system according to their needs.

Currently, PlatformAdmin supports all versions of EdgeX from Hanoi to Minnesota. In the future, it will continue to rapidly support upcoming releases using the auto-collector feature. This ensures that PlatformAdmin remains compatible with the latest versions of EdgeX as they are released.

Supports yurt-iot-dock deployment as an iot system component

yurt-iot-dock is a component responsible for managing edge devices in IoT system. It has evolved from the previous yurt-device-controller. As a component that connects the cloud and edge device management platforms, yurt-iot-dock abstracts three CRDs: DeviceProfile, DeviceService, and Device. These CRDs are used to represent and manage corresponding resources on the device management platform, thereby impacting real-world devices.

By declaratively modifying the fields of these CRs, users can achieve the operational and management goals of complex edge devices in a cloud-native manner. yurt-iot-dock is deployed by PlatformAdmin as an optional IoT component. It is responsible for device synchronization during startup and severs the synchronization relationship when being terminated or destroyed.

In this version, the deployment and destruction of the yurt-iot-dock are all controlled by PlatformAdmin, which improves the ease of use of the yurt-iot-dock.

Some Repos are archived

With the upgrading of OpenYurt architecture, the functions of quite a few components are merged into Yurt-Manager (e.g. yurt-app-manager, raven-controller-manager, etc.),
or there are repos migrated to openyurt for better management (e.g. yurtiotdock). The following repos have been archived:

• yurt-app-manager
• yurt-app-manager-api
• raven-controller-manager
• yurt-edgex-manager
• yurt-device-controller
• yurtcluster-operator

Other Notable changes

• feat: use real kubernetes server address to yurthub when yurtadm join by @Lan-ce-lot in #1517
• yurtadm support enable kubelet service by @YTGhost in #1523
• feat: support SIGUSR1 signal for yurthub by @y-ykcir in #1487
• feat: remove yurtadm init command by @YTGhost in #1537
• add yurtadm join node in specified nodepool by @JameKeal in #1402
• rename pool-coordinator to yurt-coordinator for charts by @JameKeal in #1551
• move iot controller to yurt-manager by @Rui-Gan in #1488
• feat: provide config option for yurtadm by @YTGhost in #1547
• add yurtadm to install/uninstall staticpod by @JameKeal in #1550
• change access permission to default in general. by @fujitatomoya in #1576
• build: added github registry by @siredmar in #1578
• feat: support edgex minnesota through auto-collector by @LavenderQAQ in #1582
• feat: prevent node movement by label modification by @y-ykcir in #1444
• add cpu limit for yurthub by @huweihuang in #1609
• feat: provide users with the ability to customize the edgex framework by @LavenderQAQ in #1596
• add kubelet certificate mode in yurthub by @rambohe-ch in #1625
• delete configmap when yurtstaticset is deleting by @JameKeal in #1640
• add new gateway version v1beta1 by @River-sh in #1641
• feat: reclaim device, deviceprofile and deviceservice before exiting YurtIoTDock by @wangxye in #1647
• feat: upgrade YurtIoTDock to support edgex v3 api by @wangxye in #1666
• feat: add token format checking to yurtadm join process by @YTGhost in #1681
• Add status info to YurtAppSet/YurtAppDaemon by @vie-serendipity in #1702
• fix(yurt-manager): raven controller can't list calico blockaffinity by @luckymrwang in #1676
• feat: support yurtadm config command by @YTGhost in #1709
• improve lease lock for yurt-manager component by @rambohe-ch in #1741
• add nodelifecycle controller by @rambohe-ch in #1746
• disable the iptables setting of yurthub component by default by @rambohe-ch in #1770

Fixes

• fix memory leak for yur-tunnel-server by @huweihuang in #1471
• fix yurthub memory leak by @JameKeal in #1501
• fix yurtstaticset workerpod reset error by @JameKeal in #1526
• fix conflicts for getting node by local storage in yurthub filters by @rambohe-ch in #1552
• fix work dir nested yurthub/yurthub by @luc99hen in #1693
• fix pool scope crd resource etcd key path by @qsfang in #1729

Proposals

• proposal for raven l7 by @River-sh in #1541
• proposal of support raven NAT traversal by @YTGhost in #1639
• Proposal for Multi-region workloads configuration rendering engine by @vie-serendipity in #1600
• Proposal of install openyurt components using dashboard by @401lrx in #1664
• Proposal use message-bus instead of REST to communicate with EdgeX by @Pluviophile225 in #1680

Contributors

Thank you to everyone who contributed to this release! ❤

• @huiwq1990
• @y-ykcir
• @JameKeal
• @Lan-ce-lot
• @YTGhost
• @fujitatomoya
• @LavenderQAQ
• @River-sh
• @huweihuang
• @luc99hen
• @luckymrwang
• @wangzihao05
• @yojay11717
• @lishaokai1995
• @yeqiugt
• @TonyZZhang
• @vie-serendipity
• @my0sotis
• @Rui-Gan
• @zhy76
• @siredmar
• @wangxye
• @401lrx
• @testwill
• @Pluviophile225
• @shizuocheng
• @qsfang

And thank you very much to everyone else not listed here who contributed in other ways like filing issues,
giving feedback, ...

v1.2.2

What's Changed

• [Backport release-v1.2] change access permission to default in general. by @github-actions in #1583
• backport: feat: add yurtadm binaries release workflow by @rambohe-ch in #1601

Full Changelog: v1.2.1...v1.2.2

v1.1.1

What's Changed

• change access permission to default in general. by @fujitatomoya in #1598
• backport: feat: add yurtadm binaries release workflow by @rambohe-ch in #1602

Full Changelog: v1.1.0...v1.1.1

v1.0.2

What's Changed

• change access permission to default in general. by @fujitatomoya in #1599
• backport: feat: add yurtadm binaries release workflow by @rambohe-ch in #1603

Full Changelog: v1.0.1...v1.0.2

v1.3.4

What's Changed

• [Backport release-v1.3] improve yurtstaticset template metadata by @github-actions in #1591

Full Changelog: v1.3.3...v1.3.4