1. Docs
  2. Changes and releases
  3. CAPA releases

CAPA Releases

  • CAPA releases releases aws-28.2.0

    Changes compared to v28.1.2

    Components

    • cluster-aws from v1.3.2 to v1.3.3
    • Kubernetes from v1.28.11 to v1.28.14

    cluster-aws v1.3.2…v1.3.3

    Changed

    • Chart: Update cluster to v1.0.2.
      • Chart: Add OS tooling named template.
  • CAPA releases releases aws-29.3.0

    Changes compared to v29.2.0

    This release does not contain any changes to components or apps, but makes use of an updated machine image, which includes a fix for accessing private Elastic Container Registries (ECR).

    ⚠️ Breaking change introduced in v29.2.0 with cluster-aws version 2.1.0

    • Do not allow additional properties in the following fields in order to avoid unnoticed typos:

      • global.connectivity.network
      • global.connectivity.network.pods
      • global.connectivity.network.services
      • global.connectivity.subnets[]
      • global.connectivity.topology
      • global.controlPlane
      • global.controlPlane.additionalSecurityGroups[]
      • global.controlPlane.machineHealthCheck
      • global.controlPlane.oidc
      • global.providerSpecific
      • global.providerSpecific.instanceMetadataOptions

    If you were using values like global.controlPlane.containerdVolumeSizeGB and global.controlPlane.kubeletVolumeSizeGB, please move to the new .global.controlPlane.libVolumeSizeGB which defines the size of disk volume used for /var/lib mount point.

  • CAPA releases releases aws-29.2.0

    Changes compared to v29.1.0

    Components

    • cluster-aws from v2.0.0 to v2.2.0
    • Flatcar from v3975.2.0 to v3975.2.1
    • Kubernetes from v1.29.8 to v1.29.9

    cluster-aws v2.0.0…v2.2.0

    ⚠️ Breaking change

    • Do not allow additional properties in the following fields in order to avoid unnoticed typos:

      • global.connectivity.network
      • global.connectivity.network.pods
      • global.connectivity.network.services
      • global.connectivity.subnets[]
      • global.connectivity.topology
      • global.controlPlane
      • global.controlPlane.additionalSecurityGroups[]
      • global.controlPlane.machineHealthCheck
      • global.controlPlane.oidc
      • global.providerSpecific
      • global.providerSpecific.instanceMetadataOptions

    If you were using values like global.controlPlane.containerdVolumeSizeGB and global.controlPlane.kubeletVolumeSizeGB, please move to the new .global.controlPlane.libVolumeSizeGB which defines the size of disk volume used for /var/lib mount point.

    Added

    • Allow to enable auditd through global.components.auditd.enabled helm value.
    • Chart: Support multiple service account issuers.
      This is used for example in the migration from Vintage AWS clusters to CAPA. Multiple issuers were previously supported only through internal chart values (this change removes internal.migration.irsaAdditionalDomain). The internal annotation aws.giantswarm.io/irsa-additional-domain on AWSMachineTemplate objects is changed to plural aws.giantswarm.io/irsa-trust-domains on the AWSCluster object.

    Changed

    • Chart: Update cluster to v1.4.1.
    • Set provider specific configuration for cilium CNI ENI values.
    • Do not allow additional properties in most values in order to avoid unnoticed typos.
    • Validate that machine pool availability zones belong to the selected region.
    • CI: Bump release version.
    • Apps: Use catalog from Release CR.

    Removed

    • Remove Cilium app deprecated values.
    • Remove unused kubectl image Helm value.

    Apps

    • aws-pod-identity-webhook from v1.16.0 to v1.17.0
    • coredns from v1.21.0 to v1.22.0
    • observability-bundle from v1.6.1 to v1.6.2
    • security-bundle from v1.8.1 to v1.8.2
    • teleport-kube-agent from v0.9.2 to v0.10.3
    • vertical-pod-autoscaler from v5.2.4 to v5.3.0
    • vertical-pod-autoscaler-crd from v3.1.0 to v3.1.1

    aws-pod-identity-webhook v1.16.0…v1.17.0

    Changed

    • Fix VPA being ineffective due to referring to a non-existing Deployment name

    coredns v1.21.0…v1.22.0

    Changed

    • Update coredns image to 1.11.3.

    Removed

    • Removed legacy Giant Swarm monitoring labels as coredns is monitored through a prometheus-operator generated servicemonitor.

    observability-bundle v1.6.1…v1.6.2

    Changed

    • Fixed alloyMetrics catalog

    security-bundle v1.8.1…v1.8.2

    Changed

    • Update cloudnative-pg (app) to v0.0.6.
    • Update trivy-operator (app) to v0.10.0.
    • Update kyverno-policy-operator (app) to v0.0.8.
    • Update kyverno (app) to v0.17.16.

    teleport-kube-agent v0.9.2…v0.10.3

    Changed

    • Disable JAMF components on chart templates
    • Fix issues with templates
    • Change ownership to Team Shield
    • Added small fix on podSecurityContext for seccompProfile.
    • Upgraded to Teleport version 16

    vertical-pod-autoscaler v5.2.4…v5.3.0

    Changed

    • Chart: Update Helm release vertical-pod-autoscaler to v9.9.0. (#314)
    • Chart: Consume global.imageRegistry. (#315)

    Removed

    • Chart: Do not override crds.image.tag. (#316)

    vertical-pod-autoscaler-crd v3.1.0…v3.1.1

    Changed

    • Chart: Improve Chart.yaml. (#110)
    • Repository: Some chores. (#111)
  • CAPA releases releases aws-25.1.1

    This release introduces several changes that are required for Vintage to CAPA migration use-cases.

    Most notable change is that now auditd is disabled by default. If you actively use this feature, please add the following field global.components.auditd.enabled set to true in the Cluster App user values before the upgrade.

    Changes compared to v25.1.0

    Components

    • cluster-aws from v1.1.0 to v1.1.2

    cluster-aws v1.1.0…v1.1.2

    Added

    • Chart: Add global.connectivity.network.pods.nodeCidrMaskSize to schema.
    • Chart: Allow to enable auditd through global.components.auditd.enabled.
    • Chart: Support multiple service account issuers.

    Changed

    • Chart: Update cluster to v0.35.2.
      • Allow to enable auditd service through global.components.auditd.enabled.
      • Support multiple service account issuers.
      • Allow configuring kube-controller-manager --node-cidr-mask-size flag.
  • CAPA releases releases aws-25.2.1

    This release introduces several changes that are required for Vintage to CAPA migration use-cases.

    Most notable change is that now auditd is disabled by default. If you actively use this feature, please add the following field global.components.auditd.enabled set to true in the Cluster App user values before the upgrade.

    Changes compared to v25.2.0

    Components

    • cluster-aws from v1.3.0 to v1.3.2

    cluster-aws v1.3.0…v1.3.2

    Added

    • Chart: Add global.connectivity.network.pods.nodeCidrMaskSize to schema.
    • Chart: Allow to enable auditd through global.components.auditd.enabled.
    • Chart: Support multiple service account issuers.

    Changed

    • Chart: Update cluster to v1.0.1.
      • Allow to enable auditd service through global.components.auditd.enabled.
      • Support multiple service account issuers.
      • Allow configuring kube-controller-manager --node-cidr-mask-size flag.
  • CAPA releases releases aws-26.1.1

    This release introduces several changes that are required for Vintage to CAPA migration use-cases.

    Most notable change is that now auditd is disabled by default. If you actively use this feature, please add the following field global.components.auditd.enabled set to true in the Cluster App user values before the upgrade.

    Changes compared to v26.1.0

    Components

    • cluster-aws from v1.3.0 to v1.3.2

    cluster-aws v1.3.0…v1.3.2

    Added

    • Chart: Add global.connectivity.network.pods.nodeCidrMaskSize to schema.
    • Chart: Allow to enable auditd through global.components.auditd.enabled.
    • Chart: Support multiple service account issuers.

    Changed

    • Chart: Update cluster to v1.0.1.
      • Allow to enable auditd service through global.components.auditd.enabled.
      • Support multiple service account issuers.
      • Allow configuring kube-controller-manager --node-cidr-mask-size flag.
  • CAPA releases releases aws-27.1.1

    This release introduces several changes that are required for Vintage to CAPA migration use-cases.

    Most notable change is that now auditd is disabled by default. If you actively use this feature, please add the following field global.components.auditd.enabled set to true in the Cluster App user values before the upgrade.

    Changes compared to v27.1.0

    Components

    • cluster-aws from v1.3.0 to v1.3.2

    cluster-aws v1.3.0…v1.3.2

    Added

    • Chart: Add global.connectivity.network.pods.nodeCidrMaskSize to schema.
    • Chart: Allow to enable auditd through global.components.auditd.enabled.
    • Chart: Support multiple service account issuers.

    Changed

    • Chart: Update cluster to v1.0.1.
      • Allow to enable auditd service through global.components.auditd.enabled.
      • Support multiple service account issuers.
      • Allow configuring kube-controller-manager --node-cidr-mask-size flag.
  • CAPA releases releases aws-28.1.2

    This release introduces several changes that are required for Vintage to CAPA migration use-cases.

    Most notable change is that now auditd is disabled by default. If you actively use this feature, please add the following field global.components.auditd.enabled set to true in the Cluster App user values before the upgrade.

    Changes compared to v28.1.1

    Components

    • cluster-aws from v1.3.0 to v1.3.2

    cluster-aws v1.3.0…v1.3.2

    Added

    • Chart: Add global.connectivity.network.pods.nodeCidrMaskSize to schema.
    • Chart: Allow to enable auditd through global.components.auditd.enabled.
    • Chart: Support multiple service account issuers.

    Changed

    • Chart: Update cluster to v1.0.1.
      • Allow to enable auditd service through global.components.auditd.enabled.
      • Support multiple service account issuers.
      • Allow configuring kube-controller-manager --node-cidr-mask-size flag.
  • CAPA releases releases aws-28.1.1

    This release fixes an issue where certain apps installed during or before v25 will break due to API removals when upgrading to v29.

    Changes compared to v28.1.0

    Apps

    • security-bundle from v1.7.0 to v1.7.2

    security-bundle v1.7.0…v1.7.2

    Changed

    • Update trivy-operator (app) to v0.9.1.
    • Update kyverno (app) to v0.17.14.
    • Update starboard-exporter (app) to v0.7.11.
  • CAPA releases releases aws-29.1.0

    Changes compared to v29.0.0

    Components

    Apps

    • cert-exporter from v2.9.1 to v2.9.2
    • node-exporter from v1.19.0 to v1.20.0
    • observability-bundle from v1.5.2 to v1.6.1
    • security-bundle from v1.8.0 to v1.8.1

    cert-exporter v2.9.1…v2.9.2

    Added

    • Chart: Add VPA and resources configuration for deployment and daemonset. (#382)

    node-exporter v1.19.0…v1.20.0

    Changed

    • Synced with upstream chart v4.38.0 (node-exporter 1.8.2).

    observability-bundle v1.5.2…v1.6.1

    Added

    • Add alloy v0.4.0 as alloyMetrics.

    Changed

    • Disable usage reporting to GrafanaLabs by:
      • Bumping alloyLogs and alloyMetrics to v0.4.1.
      • Bumping grafanaAgent to v0.4.6.
    • Bump alloyLogs to v0.4.0.
    • Rename alloy-logs app to camel case alloyLogs.

    security-bundle v1.8.0…v1.8.1

    Changed

    • Update trivy-operator (app) to v0.9.1.

This part of our documentation refers to our vintage product. The content may be not valid anymore for our current product. Please check our new documentation hub for the latest state of our docs.