diff --git a/CHANGELOG.md b/CHANGELOG.md index a45e0311a..8f1c901bc 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,11 +1,11 @@ ## Current release: - * [CHANGELOG-1.1.md][11] + * [CHANGELOG-1.2.md][12] ## Development release: - * [v1.2.0-beta.1][12] * [Unreleased Changes][0] ## Older releases: + * [CHANGELOG-1.1.md][11] * [CHANGELOG-1.0.md][10] * [CHANGELOG-0.11.md][9] * [CHANGELOG-0.10.md][8] diff --git a/changelogs/CHANGELOG-1.2.md b/changelogs/CHANGELOG-1.2.md index 4dc5ad19f..e3fd61641 100644 --- a/changelogs/CHANGELOG-1.2.md +++ b/changelogs/CHANGELOG-1.2.md @@ -1,40 +1,60 @@ -## v1.2.0-beta.1 -#### 2019-10-24 +## v1.2.0 +#### 2019-11-07 ### Download -- https://github.com/vmware-tanzu/velero/releases/tag/v1.2.0-beta.1 +https://github.com/vmware-tanzu/velero/releases/tag/v1.2.0 ### Container Image -`velero/velero:v1.2.0-beta.1` +`velero/velero:v1.2.0` + +Please note that as of this release we are no longer publishing new container images to `gcr.io/heptio-images`. The existing ones will remain there for the foreseeable future. ### Documentation -https://velero.io/docs/v1.2.0-beta.1/ +https://velero.io/docs/v1.2.0/ ### Upgrading - -If you're upgrading from a previous version of Velero, there are several changes you'll need to be aware of: - -- Container images are now published to Docker Hub. To upgrade your server, use the new image `velero/velero:v1.2.0-beta.1`. -- The AWS, Microsoft Azure, and GCP provider plugins that were previously part of the Velero binary have been extracted to their own standalone repositories/plugin images. If you are using one of these three providers, you will need to explicitly add the appropriate plugin to your Velero install: - - [AWS] `velero plugin add velero/velero-plugin-for-aws:v1.0.0-beta.1` - - [Azure] `velero plugin add velero/velero-plugin-for-microsoft-azure:v1.0.0-beta.1` - - [GCP] `velero plugin add velero/velero-plugin-for-gcp:v1.0.0-beta.1` +https://velero.io/docs/v1.2.0/upgrade-to-1.2/ ### Highlights +## Moving Cloud Provider Plugins Out of Tree -- The AWS, Microsoft Azure, and GCP provider plugins that were previously part of the Velero binary have been extracted to their own standalone repositories/plugin images. They now function like any other provider plugin. -- Container images are now published to Docker Hub: `velero/velero:v1.2.0-beta.1`. -- Several improvements have been made to the restic integration: - - Backup and restore progress is now updated on the `PodVolumeBackup` and `PodVolumeRestore` custom resources and viewable via `velero backup/restore describe` while operations are in progress. - - Read-write-many PVCs are now only backed up once. - - Backups of PVCs remain incremental across pod reschedules. -- A structural schema has been added to the Velero CRDs that are created by `velero install` to enable validation of API fields. -- During restores that use the `--namespace-mappings` flag to clone a namespace within a cluster, PVs will now be cloned as needed. +Velero has had built-in support for AWS, Microsoft Azure, and Google Cloud Platform (GCP) since day 1. When Velero moved to a plugin architecture for object store providers and volume snapshotters in version 0.6, the code for these three providers was converted to use the plugin interface provided by this new architecture, but the cloud provider code still remained inside the Velero codebase. This put the AWS, Azure, and GCP plugins in a different position compared with other providers’ plugins, since they automatically shipped with the Velero binary and could include documentation in-tree. + +With version 1.2, we’ve extracted the AWS, Azure, and GCP plugins into their own repositories, one per provider. We now also publish one plugin image per provider. This change brings these providers to parity with other providers’ plugin implementations, reduces the size of the core Velero binary by not requiring each provider’s SDK to be included, and opens the door for the plugins to be maintained and released independently of core Velero. + +## Restic Integration Improvements + +We’ve continued to work on improving Velero’s restic integration. With this release, we’ve made the following enhancements: + +- Restic backup and restore progress is now captured during execution and visible to the user through the `velero backup/restore describe --details` command. The details are updated every 10 seconds. This provides a new level of visibility into restic operations for users. +- Restic backups of persistent volume claims (PVCs) now remain incremental across the rescheduling of a pod. Previously, if the pod using a PVC was rescheduled, the next restic backup would require a full rescan of the volume’s contents. This improvement potentially makes such backups significantly faster. +- Read-write-many volumes are no longer backed up once for every pod using the volume, but instead just once per Velero backup. This improvement speeds up backups and prevents potential restore issues due to multiple copies of the backup being processed simultaneously. + + +## Clone PVs When Cloning a Namespace + +Before version 1.2, you could clone a Kubernetes namespace by backing it up and then restoring it to a different namespace in the same cluster by using the `--namespace-mappings` flag with the `velero restore create` command. However, in this scenario, Velero was unable to clone persistent volumes used by the namespace, leading to errors for users. + +In version 1.2, Velero automatically detects when you are trying to clone an existing namespace, and clones the persistent volumes used by the namespace as well. This doesn’t require the user to specify any additional flags for the `velero restore create` command. This change lets you fully achieve your goal of cloning namespaces using persistent storage within a cluster. + +## Improved Server-Side Encryption Support + +To help you secure your important backup data, we’ve added support for more forms of server-side encryption of backup data on both AWS and GCP. Specifically: +- On AWS, Velero now supports Amazon S3-managed encryption keys (SSE-S3), which uses AES256 encryption, by specifying `serverSideEncryption: AES256` in a backup storage location’s config. +- On GCP, Velero now supports using a specific Cloud KMS key for server-side encryption by specifying `kmsKeyName: ` in a backup storage location’s config. + +## CRD Structural Schema + +In Kubernetes 1.16, custom resource definitions (CRDs) reached general availability. Structural schemas are required for CRDs created in the `apiextensions.k8s.io/v1` API group. Velero now defines a structural schema for each of its CRDs and automatically applies it the user runs the `velero install` command. The structural schemas enable the user to get quicker feedback when their backup, restore, or schedule request is invalid, so they can immediately remediate their request. ### All Changes + * Ensure object store plugin processes are cleaned up after restore and after BSL validation during server start up (#2041, @betta1) + * bug fix: don't try to restore pod volume backups that don't have a snapshot ID (#2031, @skriss) + * Restore Documentation: Updated Restore Documentation with Clarification implications of removing restore object. (#1957, @nainav) + * add `--allow-partially-failed` flag to `velero restore create` for use with `--from-schedule` to allow partially-failed backups to be restored (#1994, @skriss) * Allow backup storage locations to specify backup sync period or toggle off sync (#1936, @betta1) * Remove cloud provider code (#1985, @carlisia) - * Restore action for cluster/namespace role bindings (#1974, @alexander) + * Restore action for cluster/namespace role bindings (#1974, @alexander-demichev) * Add `--no-default-backup-location` flag to `velero install` (#1931, @Frank51) * If includeClusterResources is nil/auto, pull in necessary CRDs in backupResource (#1831, @sseago) * Azure: add support for Azure China/German clouds (#1938, @andyzhangx) @@ -61,4 +81,3 @@ If you're upgrading from a previous version of Velero, there are several changes * fix error formatting due interpreting % as printf formatted strings (#1781, @s12chung) * when using `velero restore create --namespace-mappings ...` to create a second copy of a namespace in a cluster, create copies of the PVs used (#1779, @skriss) * adds --from-schedule flag to the `velero create backup` command to create a Backup from an existing Schedule (#1734, @prydonius) - * add `--allow-partially-failed` flag to `velero restore create` for use with `--from-schedule` to allow partially-failed backups to be restored (#1994, @skriss) diff --git a/changelogs/unreleased/1734-prydonius b/changelogs/unreleased/1734-prydonius deleted file mode 100644 index 8d13fcbca..000000000 --- a/changelogs/unreleased/1734-prydonius +++ /dev/null @@ -1 +0,0 @@ -adds --from-schedule flag to the `velero create backup` command to create a Backup from an existing Schedule diff --git a/changelogs/unreleased/1779-skriss b/changelogs/unreleased/1779-skriss deleted file mode 100644 index 114f1f1b6..000000000 --- a/changelogs/unreleased/1779-skriss +++ /dev/null @@ -1 +0,0 @@ -when using `velero restore create --namespace-mappings ...` to create a second copy of a namespace in a cluster, create copies of the PVs used diff --git a/changelogs/unreleased/1781-s12chung b/changelogs/unreleased/1781-s12chung deleted file mode 100644 index ebb563be2..000000000 --- a/changelogs/unreleased/1781-s12chung +++ /dev/null @@ -1 +0,0 @@ -fix error formatting due interpreting % as printf formatted strings diff --git a/changelogs/unreleased/1793-s12chung b/changelogs/unreleased/1793-s12chung deleted file mode 100644 index 5dd8dc65b..000000000 --- a/changelogs/unreleased/1793-s12chung +++ /dev/null @@ -1 +0,0 @@ -adds `insecureSkipTLSVerify` server config for AWS storage and `--insecure-skip-tls-verify` flag on client for self-signed certs diff --git a/changelogs/unreleased/1794-skriss b/changelogs/unreleased/1794-skriss deleted file mode 100644 index 2afc42089..000000000 --- a/changelogs/unreleased/1794-skriss +++ /dev/null @@ -1 +0,0 @@ -remove 'restic check' calls from before/after 'restic prune' since they're redundant diff --git a/changelogs/unreleased/1798-nrb b/changelogs/unreleased/1798-nrb deleted file mode 100644 index 579db4366..000000000 --- a/changelogs/unreleased/1798-nrb +++ /dev/null @@ -1 +0,0 @@ -Add `--features` argument to all velero commands to provide feature flags that can control enablement of pre-release features. diff --git a/changelogs/unreleased/1807-skriss b/changelogs/unreleased/1807-skriss deleted file mode 100644 index e32d6bbe9..000000000 --- a/changelogs/unreleased/1807-skriss +++ /dev/null @@ -1 +0,0 @@ -when backing up PVCs with restic, specify --parent flag to prevent full volume rescans after pod reschedules diff --git a/changelogs/unreleased/1821-prydonius b/changelogs/unreleased/1821-prydonius deleted file mode 100644 index f613620a8..000000000 --- a/changelogs/unreleased/1821-prydonius +++ /dev/null @@ -1 +0,0 @@ -report backup progress in PodVolumeBackups and expose progress in the velero backup describe --details command. Also upgrades restic to v0.9.5 diff --git a/changelogs/unreleased/1831-sseago b/changelogs/unreleased/1831-sseago deleted file mode 100644 index 0f19afe8f..000000000 --- a/changelogs/unreleased/1831-sseago +++ /dev/null @@ -1 +0,0 @@ -If includeClusterResources is nil/auto, pull in necessary CRDs in backupResource \ No newline at end of file diff --git a/changelogs/unreleased/1843-prydonius b/changelogs/unreleased/1843-prydonius deleted file mode 100644 index 98670537a..000000000 --- a/changelogs/unreleased/1843-prydonius +++ /dev/null @@ -1 +0,0 @@ -fix excluding additional items with the velero.io/exclude-from-backup=true label diff --git a/changelogs/unreleased/1848-ccbayer b/changelogs/unreleased/1848-ccbayer deleted file mode 100644 index 1eb7e9a5f..000000000 --- a/changelogs/unreleased/1848-ccbayer +++ /dev/null @@ -1 +0,0 @@ -Jeckyll Site updates - modifies documentation to use a wider layout; adds better markdown table formatting \ No newline at end of file diff --git a/changelogs/unreleased/1854-prydonius b/changelogs/unreleased/1854-prydonius deleted file mode 100644 index 535b433bf..000000000 --- a/changelogs/unreleased/1854-prydonius +++ /dev/null @@ -1 +0,0 @@ -report restore progress in PodVolumeRestores and expose progress in the velero restore describe --details command diff --git a/changelogs/unreleased/1859-skriss b/changelogs/unreleased/1859-skriss deleted file mode 100644 index 373869705..000000000 --- a/changelogs/unreleased/1859-skriss +++ /dev/null @@ -1 +0,0 @@ -velero install: if `--use-restic` and `--wait` are specified, wait up to a minute for restic daemonset to be ready diff --git a/changelogs/unreleased/1864-skriss b/changelogs/unreleased/1864-skriss deleted file mode 100644 index 870f29d98..000000000 --- a/changelogs/unreleased/1864-skriss +++ /dev/null @@ -1 +0,0 @@ -change default `restic prune` interval to 7 days, add `velero server/install` flags for specifying an alternate default value. diff --git a/changelogs/unreleased/1869-skriss b/changelogs/unreleased/1869-skriss deleted file mode 100644 index ac8c98aad..000000000 --- a/changelogs/unreleased/1869-skriss +++ /dev/null @@ -1 +0,0 @@ -AWS: add support for SSE-S3 AES256 encryption via `serverSideEncryption` config field in BackupStorageLocation diff --git a/changelogs/unreleased/1879-skriss b/changelogs/unreleased/1879-skriss deleted file mode 100644 index 1852d1937..000000000 --- a/changelogs/unreleased/1879-skriss +++ /dev/null @@ -1 +0,0 @@ -GCP: add support for specifying a Cloud KMS key name to use for encrypting backups in a storage location. diff --git a/changelogs/unreleased/1892-skriss b/changelogs/unreleased/1892-skriss deleted file mode 100644 index 4c42d1c6b..000000000 --- a/changelogs/unreleased/1892-skriss +++ /dev/null @@ -1 +0,0 @@ -backup sync controller: stop using `metadata/revision` file, do a full diff of bucket contents vs. cluster contents each sync interval diff --git a/changelogs/unreleased/1893-lintongj b/changelogs/unreleased/1893-lintongj deleted file mode 100644 index 4a200e5ed..000000000 --- a/changelogs/unreleased/1893-lintongj +++ /dev/null @@ -1 +0,0 @@ -Add LD_LIBRARY_PATH (=/plugins) to the env variables of velero deployment. \ No newline at end of file diff --git a/changelogs/unreleased/1895-boxcee b/changelogs/unreleased/1895-boxcee deleted file mode 100644 index cc25a7e38..000000000 --- a/changelogs/unreleased/1895-boxcee +++ /dev/null @@ -1 +0,0 @@ -Azure: add support for cross-subscription backups diff --git a/changelogs/unreleased/1896-skriss b/changelogs/unreleased/1896-skriss deleted file mode 100644 index 348c3b63f..000000000 --- a/changelogs/unreleased/1896-skriss +++ /dev/null @@ -1 +0,0 @@ -restic: only backup read-write-many PVCs at most once, even if they're annotated for backup from multiple pods. diff --git a/changelogs/unreleased/1898-prydonius b/changelogs/unreleased/1898-prydonius deleted file mode 100644 index 2dbdcac15..000000000 --- a/changelogs/unreleased/1898-prydonius +++ /dev/null @@ -1 +0,0 @@ -adds structural schema to Velero CRDs created on Velero install, enabling validation of Velero API fields diff --git a/changelogs/unreleased/1904-spiffcs b/changelogs/unreleased/1904-spiffcs deleted file mode 100644 index 1244bd098..000000000 --- a/changelogs/unreleased/1904-spiffcs +++ /dev/null @@ -1 +0,0 @@ -Add check to update resource field during backupItem diff --git a/changelogs/unreleased/1909-skriss b/changelogs/unreleased/1909-skriss deleted file mode 100644 index 4bf0cf451..000000000 --- a/changelogs/unreleased/1909-skriss +++ /dev/null @@ -1 +0,0 @@ -bug fix: during restore, check item's original namespace, not the remapped one, for inclusion/exclusion diff --git a/changelogs/unreleased/1930-nrb b/changelogs/unreleased/1930-nrb deleted file mode 100644 index 616d3c33a..000000000 --- a/changelogs/unreleased/1930-nrb +++ /dev/null @@ -1 +0,0 @@ -Add a new required --plugins flag for velero install command. --plugins takes a list of container images to add as initcontainers. diff --git a/changelogs/unreleased/1931-Frank51 b/changelogs/unreleased/1931-Frank51 deleted file mode 100644 index 4a32ea841..000000000 --- a/changelogs/unreleased/1931-Frank51 +++ /dev/null @@ -1 +0,0 @@ -Add --no-default-backup-location flag to velero install diff --git a/changelogs/unreleased/1936-betta1 b/changelogs/unreleased/1936-betta1 deleted file mode 100644 index 21c6349e1..000000000 --- a/changelogs/unreleased/1936-betta1 +++ /dev/null @@ -1 +0,0 @@ -Allow backup storage locations to specify backup sync period or toggle off sync diff --git a/changelogs/unreleased/1938-andyzhangx b/changelogs/unreleased/1938-andyzhangx deleted file mode 100644 index 075e83349..000000000 --- a/changelogs/unreleased/1938-andyzhangx +++ /dev/null @@ -1 +0,0 @@ -Azure: add support for Azure China/German clouds diff --git a/changelogs/unreleased/1957-nainav b/changelogs/unreleased/1957-nainav deleted file mode 100644 index c4dd2b20e..000000000 --- a/changelogs/unreleased/1957-nainav +++ /dev/null @@ -1 +0,0 @@ -Restore Documentation: Updated Restore Documentation with Clarification implications of removing restore object. \ No newline at end of file diff --git a/changelogs/unreleased/1974-alexander-demichev b/changelogs/unreleased/1974-alexander-demichev deleted file mode 100644 index 8b5206ca8..000000000 --- a/changelogs/unreleased/1974-alexander-demichev +++ /dev/null @@ -1 +0,0 @@ -Restore action for cluster/namespace role bindings diff --git a/changelogs/unreleased/1985-carlisia b/changelogs/unreleased/1985-carlisia deleted file mode 100644 index 2485a87ed..000000000 --- a/changelogs/unreleased/1985-carlisia +++ /dev/null @@ -1 +0,0 @@ -Remove cloud provider code \ No newline at end of file diff --git a/changelogs/unreleased/1994-skriss b/changelogs/unreleased/1994-skriss deleted file mode 100644 index 222a3f8ec..000000000 --- a/changelogs/unreleased/1994-skriss +++ /dev/null @@ -1 +0,0 @@ -add `--allow-partially-failed` flag to `velero restore create` for use with `--from-schedule` to allow partially-failed backups to be restored diff --git a/changelogs/unreleased/2031-skriss b/changelogs/unreleased/2031-skriss deleted file mode 100644 index d94b727d9..000000000 --- a/changelogs/unreleased/2031-skriss +++ /dev/null @@ -1 +0,0 @@ -bug fix: don't try to restore pod volume backups that don't have a snapshot ID diff --git a/changelogs/unreleased/2041-betta1 b/changelogs/unreleased/2041-betta1 deleted file mode 100644 index 96ac317a6..000000000 --- a/changelogs/unreleased/2041-betta1 +++ /dev/null @@ -1 +0,0 @@ -Ensure object store plugin processes are cleaned up after restore and after BSL validation during server start up