Upgrade cluster-aws to handle IMDS Hop Limit and patch kubernetes version.
Upgrade cluster-aws to handle IMDS Hop Limit.
Upgrade cluster-aws to handle IMDS Hop Limit.
This release along with k8s and application upgrades also brings several new features for the product. Node Pools have been extended with new Karpenter type, integrating the solution fully with the Giant Swarm cluster lifecycle instead of a Managed Application. Karpenter application will now be deployed as a part of the Giant Swarm clusters out of the box if configured. For further configuration please check our example of the Karpenter Node Pool usage.
Additionally, we have extended the Cluster configuration to support multiple VPC CIDRs under global.connectivity.network.vpcCidr, please read the schema documentation for more details.
Finally we are slowly introducing changes to IAM roles for service accounts (IRSA) management on GS side, where the infrastructure required will be fully managed by Crossplane instead of irsa-operator and capa-iam-operator. There is no impact for customers, but the change will allow Giant Swarm to pair the IAM permissions for required applications with their actual releases and deployments, moving away from single operators implementing all the roles. The Karpenter application will be the first one to use it.
For any questions regarding new features or their usage, please reach out to Giant Swarm. For customers running Karpenter as a Managed Application from Giant Swarm catalog, it is save to upgrade to this release without any changes. The application will work as expected until migrated to the new node pool type.
karpenter supportkarpenter app when karpenter node pools are configured.cert-manager-crossplane-resources App in private clusters so DNS01 clusterIssuer.DNS01 clusterIssuer deployed by cert-manager-app in private clusters.ebs.csi.aws.com/agent-not-ready for AWS EBS CSI driver on worker nodes.cluster to v2.4.0.controller pods.Azuregiantswarm.io/cluster labelcontroller-uid, since this is excluded by default now.prometheus.metrics.giantswarm.io/cluster labelPodMonitor resource via the podMonitor.additionalLabels value.coredns image to 1.12.1.v1.5.0.v0.14.0.karpenter-capa-taint-remover to allow scheduling on all taints.karpenter-crossplane-resources app version to add support for vintage OIDC issuer on migrated clustersapp.giantswarm.io label group was changed to application.giantswarm.ioalloy-app from 0.10.0 to 0.11.0Alloy from 1.8.3 to 1.9.0alloy-app from 0.9.0 to 0.10.0Alloy from 1.7.1 to 1.8.3kube-prometheus-stack to 72.3.0kube-prometheus-stack to 72.3.0kube-prometheus-stack from 69.5.1 to 70.1.1promtailgrafana-agentpromtheus-agent.Values.disabled to .Values.enabled to follow best practices.policy-api-crds app to manage Policy API CRDs.trivy (app) to v0.13.4.cloudnative-pg (app) to v0.0.7.starboard-exporter (app) to v0.8.1.kyverno-policy-operator (app) to v0.0.11.cloudnative-pg (app) to v0.0.9.Note: Kyverno PolicyExceptions (API group kyverno.io) versions v2alpha1 and v2beta1 are deprecated and will be removed in the next Kyverno minor release (v1.14). Please update all Kyverno PolicyExceptions to v2. No action is required for Giant Swarm Policy API PolicyExceptions (API group policy.giantswarm.io), which are handled automatically.
This release re-enables metrics ingestion of Cilium.
phoenix to cabbage.This release reconfigures the Cilium HelmRelease to avoid disruptions during cluster upgrades.
cluster to v2.2.1.This release reverts removal of PolicyExceptions v2alpha1 API version for smoother transition for any customer and GS workloads. The deprecated API version of v2alpha1 will be fully removed in next major release.
Note: Kyverno PolicyExceptions (API group kyverno.io) versions v2alpha1 and v2beta1 are deprecated and will be removed in the next Kyverno minor release (v1.14). Please update all Kyverno PolicyExceptions to v2. No action is required for Giant Swarm Policy API PolicyExceptions (API group policy.giantswarm.io), which are handled automatically.
kyverno-crds (app) to v1.13.1.