v2.1.0

This release includes the following changes:

Major changes

• New container-runtime for control plane ( etcd + kubelet ): Rkt.
  Experimental. If enabled, it only works right now with Flannel/Canal
• New cloud provider: Azure
• New network plugin: Canal
• Etcd with TLS support
• Nginx proxy to provide k8s apiserver HA for non master nodes

Versions upgrade

• Kubernetes version 1.5.1
• Docker 1.12.5
• Rkt v1.21.0
• Calico 2.0.0

Network

• Calico with custom network backends and routereflector supported for large deployments
• Support for Canal network plugin
• Pseudo network plugin called "cloud" to use built-in cloud providers' networking
• Improved DNS stack with host/docker configuration options
• Network checker application to verify DNS resolve for pods and inter-pods connectivity

Clouds support

• Azure cloud provider support, improved deployments on terraform/openstack
• Azure Resource Manager templates, GlusterFS support and ansible inventory generator script as contrib addons

Security

• TLS support for etcd cluster with individual nodes' certificates
• Support for bastion hosts, security improvements via explicit cgroups limits for workloads and support of unschedulable standalone master nodes

Breaking

• Only systemd based Linux OS distributions supported from now on
• Requires users to sync groups_vars/all.yaml
• Removed the etcd-proxy

Others

• Speed up for large deployments when distributing tokens and certs and downloading containers
• Improved docker container download and sync
• Dev/QA playbooks for in-place cluster reset
• Enabled fact caching by default
• Container Linux by CoreOS added to CI matrix
• Improved documentation