1. Docs
  2. Changes and releases
  3. Highlights

Highlights

  • Highlights

    Highlights for the week ending 2025-04-10

    Breaking Changes

    • Ingress NGINX App version 4.0.0
      • Important breaking changes to note:
        • ConfigMap option allow-cross-namespace-resources is now deactivated
        • Annotations with risk level “Critical” now require explicit configuration Please read carefully the whole release notes.

    Fleet Management

    Security

    Connectivity

    • Cilium App version 0.32.0

      • Using upstream default value for prometheus.metrics
      • Enabled Envoy Proxy in standalone DaemonSet

    • CoreDNS App version 1.25.0

      • Updated CoreDNS image to 1.12.1

    • Ingress NGINX App version 4.0.0

      • Updated controller image to v1.12.1
      • Added multiple controller configuration options
      • Removed Pod Security Policies (incompatible with Kubernetes v1.24 and below)
      • Important breaking changes to note:
        • ConfigMap option allow-cross-namespace-resources is now deactivated
        • Annotations with risk level “Critical” now require explicit configuration

    • Kong App version 5.0.0

      • Updated to upstream chart version 2.48.0
      • Updated Kong ingress controller to 3.4.3
      • Changed default installation to OSS version (Enterprise requires explicit configuration)
      • Dropped support for Kubernetes below v1.26
      • Added customizable CRD version selection

    • Proxysocks version 0.1.1

      • Fixed service selector in the Helm chart
      • Initial release with support for credentials

    Continuous Deployment

    • App version 8.0.0

      • Changed app.Validator interface for admission controller identification
      • Streamlined existence checks for referenced resources

    • App Admission Controller version 2.0.0

      • Streamlined validation approach by moving resource existence checks to reconciliation

    • App Operator version 7.2.0

      • Decreased default reconciliation interval from 5m to 3m
      • Enhanced reporting of missing resources in App CR status
      • Improved namespace checking before creating resources

    • Cluster Apps Operator version 3.2.0

      • Updated app-operator to version v7.2.0

    • Konfigure Operator version 0.1.2

      • Initial implementation of configuration management
      • Fixed map filtering logic to respect external annotations and labels
      • Added protection for internal configuration annotations

    • Kube Downscaler App version 0.6.1

      • Updated chart’s image
      • Fixed Cilium network policy endpoint selector

    Developer Portal

    • Backstage version 0.62.0
      • Improved error message styles in deployment details
      • Enhanced resource entity page layout
      • Added links from deployments to corresponding catalog entities
      • Improved installation selection functionality

    Observability

    • Alloy Rules version 4.54.1

      • Added multi-tenancy support with tenant labeling
      • Fixed and improved various alerts:
        • Enhanced alert for missing teleport access logs
        • Fine-tuned MetricForwardingErrors to avoid triggering on sporadic issues
        • Fixed MonitoringAgentDown to not page for non-deleting clusters
        • Added log-based alerts for CIDRNotAvailable events
        • Improved various alert thresholds and timing

    • Cluster API Monitoring App version 1.17.0

      • Set default memory resources to 200Mi

    • Dashboards version 4.4.0

      • Added Cilium Agent logs dashboard
      • Added Observability Resource Usage dashboard
      • Added Backstage dashboard

    • Grafana App version 2.20.0

      • Upgraded Grafana chart from 8.9.0 to 8.11.3

    • Logging Operator version 0.26.1

      • Fine-tuned Alloy logs and events resource usage to avoid impacting customer workloads
      • Fixed schema violations in Alloy logs configuration

    • Node Exporter App version 1.20.2

      • Updated dependencies for improved security and stability

    • Observability Bundle version 1.12.0

      • Upgraded kube-prometheus-stack from 69.5.1 to 70.1.1
      • Updated Prometheus to 3.2.1
      • Updated Prometheus Operator to 0.81.0

    • Observability Operator version 0.23.2

      • Added multi-tenancy support for alerting, recording rules, and remote write
      • Enhanced configuration validation with amtool
      • Improved sharding for metrics across all tenants
      • Configured OpsGenie integration for severity:page alerts
      • Optimized resource usage settings

    • Prometheus Meta Operator version 4.88.0

      • Improved resource usage by not loading log-based alerts in Prometheus

    • Sloth App version 1.7.0

      • Upgraded to sloth 0.12.0

    • Starboard Exporter version 0.8.1

      • Updated Go version and dependencies
      • Addressed code linter findings

    Others

    • NOS App version 0.1.0

      • Updated container images to 0.1.2
      • Added Cilium network policies for API communication
      • Adapted webhook certificate for platform compatibility

    • Zot version 2.1.0

      • Updated to project-zot/helm-charts version 0.1.67
      • Bumped default zot image tag to v2.1.2

    • N8n App version 1.5.1

      • Upgraded the upstream helm chart to 1.1.0

    Docs

  • Highlights

    Highlights for the week ending 2025-03-18

    General

    Apps

    Docs

  • Highlights

    Highlights for the week ending 2025-03-11

    General

    Apps

    Docs

  • Highlights

    Highlights for the week ending 2025-03-06

    Fleet Management

    • Cluster AWS version 3.1.0

      • Updated to cluster version 2.1.1 and introduced an option to disable the AWS Node Termination Handler.

    • Cluster vSphere version 0.69.0

      • Simplified configuration defaults and updated to the latest cluster version.

    Security

    • Kyverno App version 0.19.0

      • Updated to Kyverno v1.13.4, enhancing policy specifications and security contexts.

    • Kyverno Policies UX version 0.8.0

      • Improved enforcement settings and added protection for AzureCluster objects.

    Connectivity

    Continuous Deployment

    • App Operator version 7.1.0
      • Improved app management by ensuring ‘cordon-until’ annotation expires automatically.

    Observability

    Others

  • Highlights

    Highlights for the week ending 2025-01-30

    Observability

    • Observability Platform API version 0.1.0

      • Introduced an initial setup with ingress and application templates to enhance platform observability.

    • Observability Operator version 0.10.2

      • Enhanced alert management with a new Alertmanager controller.
      • Simplified SSO settings by switching to the Grafana admin API.
      • Improved data source management and dashboard loading options.

    • Prometheus Meta Operator version 4.83.0

      • Improved alert notifications and link management for better usability.
      • Enhanced security by updating dependencies and configurations.

    • Dashboards version 3.29.1

      • Added and improved various dashboards including Cluster Overview and Promtail Overview for better monitoring insights.
      • Enhanced DNS dashboard for more accurate memory usage reporting.

    • Prometheus Rules version 4.34.0

      • Added new alerts and annotations to enhance monitoring capabilities.
      • Streamlined alert management by removing deprecated entries.

    • Logging Operator version 0.20.0

      • Introduced support for customer-specific log tenancy and enhanced default configurations.

    • Cluster API Monitoring App version 1.16.1

      • Improved security and compliance with updated RBAC permissions.

    • Prometheus Blackbox Exporter App version 0.5.0

      • Enhanced security settings to meet compliance standards.

    Security

    Connectivity

    Others

    Docs

    - [We have unified header and footer of our website](https://github.com/giantswarm/docs/pull/2445).
- [New guide on adding your application logs to the managed Loki installation](https://github.com/giantswarm/docs/pull/2447).
- [We added the annotations you can tune in the Cluster AWS resources](https://github.com/giantswarm/docs/pull/2454).
  • Highlights

    Highlights for the week ending 2024-12-12

    Observability

    • Grafana App v2.18.0

      • Improved security by blocking default access to certain endpoints (/swagger, /metrics, and /api/health).
      • Upgraded Grafana for a better user experience and new features (now at version 8.6.0).

    • Prometheus Rules v4.30.0

      • New alert added to help identify issues with KubeadmConfig configurations.
      • Reduced unnecessary alerts during tests by ignoring certain HelmReleases.
      • Added new alerts to quickly detect and resolve karpenter issues.
      • Expanded alert timing for PromtailRequestsErrors to reduce false positives (now 25 minutes).

    • Observability Operator v0.10.0

      • Integrated Mimir, Alertmanager for enhanced alerting.
      • Enhanced multi-tenant support within Grafana organizations.
      • Fixed an issue that prevented Grafana from starting by ensuring config persistence.

    Fleet Management

    • Kube Downscaler App v0.4.0
      • Introduced a new Cilium network policy template for improved network management.

    Security

    • Kyverno Policies v0.21.1

      • Enhanced visibility with the addition of the application.giantswarm.io/team label.

    • Event Exporter App v2.0.0

      • Transitioned to a new, supported image source for better stability and support.
  • Highlights

    Highlights for the week ending 2024-11-28

    Observability

    • logging-operator version 0.16.0

      • Introducing enhanced visibility with Kubernetes events logging in Alloy, allowing for better monitoring of your environments.
      • Improved security by adding support for Private Certificate Authorities (CAs) in Alloy logs.
      • More control with the new events-logger option, enabling tailored logging settings through the observability-bundle ConfigMap.
      • Simplified management with the Grafana-Agent configuration now templated, and user privacy respected by disabling usage data reporting.
      • Enhanced reliability with improved logging configuration tests.

    • prometheus-rules version 4.27.0

      • Get precise alerts with new rules distinguishing between production and non-production clusters, ensuring focused monitoring.
      • Expanded monitoring capabilities with new alerts for critical components like cloud-provider-controller, cilium, coredns, and vertical-pod-autoscaler-crd.
      • Improved alerting for system reliability, including Shield pod restarts and Mimir ruler failures.
      • Enhanced usability with fixes to dashboard links and more robust template testing.

    Continuous deployment

    • app-exporter version 1.0.0
      • Gain deeper insights with a new cluster_id field in app metrics, enhancing traceability by linking metrics to specific clusters.
      • Aligned with the latest standards by removing outdated Kubernetes support, simplifying your configuration for modern environments.
      • Streamline your deployment processes with updated pipeline tools and simplified Helm values.
      • Ensure consistency and reliability in your deployments with updated label values and the removal of unnecessary dependencies.

    Docs

    We’re excited to announce the launch of our new Docs Hub, featuring up-to-date documentation for the Giant Swarm platform, now fully ready for Cluster API. While we’ve preserved our vintage documentation in a dedicated folder for reference, all content in the general documentation section is now accurate and current. We are committed to expanding and enhancing our documentation further in the coming weeks, and we warmly welcome all customer feedback to help us improve and complete our resources.

  • Highlights

    Highlights for the week ending 2024-11-21

    Observability

    • Alloy app version 0.7.0

      • We’ve upgraded the Alloy base chart to version0.10.0, bringing Alloy itself to version 1.5.0. This update includes the latest features and improvements for enhanced performance and stability.

    • Alloy gateway app version 0.2.0

      • The Alloy gateway app now uses Alloy version 1.5.0, which includes important fixes for clustering with Cilium Network Policies.

    • Fluent log-shipping app version 5.3.1

      • We’ve fixed an issue with the fluent-bit image by adding the missing auditd libraries, enabling the use of ausearch for more comprehensive auditing capabilities.

    • Logging operator version 0.15.2

      • This update ensures compatibility with the latest Alloy logs by supporting the new secret mechanism, designed to work with Alloy 0.4.0 and the observability bundle 1.6.0. Additionally, if your deployment supports it, Vertical Pod Autoscaling (VPA) will be enabled for Alloy.

    • Dashboards version 3.26.1

      • We’ve added a new “Mimir / Continuous Test” dashboard and improved the “Management Cluster Overview” dashboard for better monitoring insights.

    • Observability bundle version 1.9.0

      • The latest bundle now includes Alloy version 1.5.0 with new event logging capabilities. We’ve also upgraded various components: alloy-logs and alloy-metrics to version 0.7.0, kube-prometheus-stack to 66.2.1, and other key monitoring tools like Prometheus, Grafana, and kube-state-metrics to their latest versions for enhanced observability.

    • Observability operator version 0.9.0

      • This release introduces new features for managing Grafana organizations, including their creation and configuration. It also addresses installation issues with the latest Alloy Metrics release and improves test reliability by updating Python dependencies and configuring required secrets.

    • Kube Prometheus stack app version 13.0.1

      • We’ve updated our chart dependencies to the latest versions, including kube-prometheus-stack 66.2.1 and Prometheus Operator 0.78.1, along with Grafana’s upgrade to 8.6.0. These updates bring improved performance and new features to your monitoring stack.

    Connectivity

    Continuous deployment

    • external-secrets version 0.11.1 * Update image version to v0.10.5 to resolve issue with failing to auth to kubernetes using client certs
    • zot version 2.0.1 * Fixed duplicate entry in ServiceMonitor resources

    Security

  • Highlights

    Highlights for the week ending 2024-10-31

    General

    • security-bundle version 1.9.0 introduces breaking changes. When upgrading to this version with Falco enabled, the Falco App may fail to upgrade due to a breaking change in the upstream chart. To complete the upgrade seamlessly, disable and then re-enable the Falco App by setting apps.falco.enabled=[false|true] in the security-bundle user values ConfigMap.

    Observability

    • dashboards version 3.26.0

      • Introduced “Loki - Slow Queries” dashboard for enhanced query performance insights.
      • Transferred ownership from BigMac to Shield for better team alignment.
      • Resynced alloy, loki, and mimir mixins from upstream to ensure feature parity.

    • logging-operator version 0.14.0

      • Default logging agent switched to Alloy, replacing Promtail for improved performance.

    • kube-prometheus-stack-app version 12.0.0

      • Updated chart dependency to kube-prometheus-stack-65.1.1.
      • Upgraded prometheus-operator from 0.75.0 to 0.77.1.
      • Prometheus upgraded from 2.53.0 to 2.54.1.
      • Grafana upgraded from 8.2.0 to 8.5.0.
      • Thanos ruler upgraded from 0.35.1 to 0.36.1.
      • Prometheus-node-exporter upgraded from 1.8.1 to 1.8.2.
      • Removed legacy in-house SLO framework to streamline integrations.

    • prometheus-operator-crd version 12.0.0

      • Upgraded CRDs chart from 13.0.2 (prometheus-operator 0.75.2) to 15.0.0 (prometheus-operator 0.77.1). See upstream changelog for more details.

    • prometheus-meta-operator version 4.81.0

      • Created new monitoring-agent inhibitions based on existing prometheus-agent configurations for tool-agnostic monitoring.
      • Added customer label to OpsGenie alerts to enhance alert specificity.

    • prometheus-rules version 4.23.0

      • Renamed all prometheus-agent related inhibitions to monitoring-agent inhibitions for clarity.
      • Standardized inhibition alert naming: InhibitionPrometheusAgentFailing and InhibitionPrometheusAgentShardsMissing.
      • Corrected statefulset.rules naming to avoid overwriting deployment.rules.
      • Adjusted KubeletVolumeSpaceTooLow alert threshold to only trigger when space is critically low, relying on node-problem-detector otherwise.
      • Updated aggregation:giantswarm:cluster_release_version expression to include Cluster API clusters.
      • Updated InhibitionControlPlaneUnhealthy for all Cluster API clusters, not just MCs.
      • Added alert for StatefulsetNotSatisfiedAtlas.
      • Updated alloy-app to 0.6.1, including an upgrade to upstream version 1.4.2 and a CiliumNetworkPolicy fix for clustering.

    • oauth2-proxy-app version 3.0.2

      • Implemented NetworkPolicy to allow traffic to oauth2-proxy.
      • Removed cert-manager ingress annotations to resolve ingress validation issues.

    • observability-bundle version 1.8.0

      • Upgraded prometheus-agent from v0.6.9 to v0.7.0.
      • Added extraArgs to enable features like WAL truncation.
      • Upgraded kube-prometheus-stack from 61.0.0 to 65.1.1.
      • Updated prometheus-operator CRDs from 0.73.0 to 0.75.0.
      • Prometheus-operator upgraded from 0.75.0 to 0.77.1.
      • Prometheus upgraded from 2.53.0 to 2.54.1.
      • Grafana upgraded from 8.2.0 to 8.5.0.
      • Thanos ruler upgraded from 0.35.1 to 0.36.1.
      • Prometheus-node-exporter upgraded from 1.8.1 to 1.8.2.
      • Added missing depends on annotations for alloy-metrics and alloy-logs to ensure correct deployment order.

    Security

    • kyverno-policies-connectivity version 0.6.1

      • Added /tmp emptyDir volume to workload cluster IP Job.

    • falco-app version 0.9.1

      • Introduced feature gates for enabling/disabling individual Falco components.

    • starboard-exporter version 0.8.0

      • Added Vertical Pod Autoscaler (VPA) configuration, enabled by default for optimized resource usage.
      • Disabled logger development mode to enhance stability.
      • Disabled PodSecurityPolicy by default.
      • Exposed port 8081 for health/liveness probes.

    • trivy-app version 0.13.0

      • Updated Trivy to upstream version v0.56.1 for enhanced security scanning.
      • Disabled PSPs.

    • trivy-operator-app version 0.10.2

      • Aligned Trivy versions between Trivy operator and the upstream project to v0.56.1.

    • security-bundle version 1.9.0

      • Updated kyverno (app) to v0.18.1.
      • Updated kyverno-crds (app) to v1.12.0.
      • Updated kyverno-policies (app) to v0.21.0.
      • Updated starboard-exporter (app) to v0.8.0.
      • Updated trivy-operator (app) to v0.10.2.
      • Updated trivy (app) to v0.13.0.
      • Updated falco (app) to v0.9.1.

    Connectivity

    • dns-operator-route53 version 0.10.0
      • Added optional --role-arn flag to specify the role ARN to assume when interacting with Route53.

    Fleet management

    • app-admission-controller version 0.26.2

      • Extended the /healthz endpoint to verify certificate validity and allow Kubernetes liveness probes to manage restarts if errors occur.

    • app-operator version 6.11.2

      • Updated dependencies to ensure compatibility and security.
  • Highlights

    Highlights for the week ending 2024-10-10

    Observability

    • alloy-gateway-app version 0.1.0

      • Deploy an extra instance of Grafana Alloy acting as an observability gateway to be able to ingest your logs from outside the clusters in the Giant Swarm managed Loki that is deployed on your management cluster.

    • alloy-app version 0.6.1

      • Upgraded alloy container image to version 1.4.2.
      • Upgraded upstream chart from 0.7.0 to 0.9.1 - see changelog for more information.
      • Fix ciliumnetworkpolicy to allow clustering mode.
        • Bump Chart appVersion to v1.4.2.
        • Fix circleci config.
        • Add PodLogs as helm chart template.
        • Upgrade Alloy upstream chart from 0.7.0 to 0.9.1.
        • This bumps the version of Alloy from 1.3.1 to 1.4.2.
        • Some debug metrics for components have changed.
        • Helm chart changes, see Alloy Helm chart v0.9.0 CHANGELOG
        • Fix CiliumNetworkPolicy to allow outgoing traffic to other nodes when running Alloy in clustering mode

    • grafana-app version 2.16.3

      • Upgraded grafana container image from 11.1.3 to 11.2.1.
      • Upgraded upstream chart from 8.3.4 to 8.5.2
      • Fix CI jobs generating new releases.
      • Upgrade grafana chart: 8.3.4 => 8.5.2
      • Upgrade grafana: 11.1.3 => 11.2.1

    • loki-app version 0.25.2

      • Upgraded upstream chart from 6.12.0 to 6.16.0 - see changelog for more information.

    • observability-bundle version 1.7.0

      • Upgrade to Alloy v1.4.2, which fixes a bug with component reload/evaluation and keeps the component in the latest upstream version.
      • Fixes an issue with CiliumNetworkPolicy preventing Alloy to run in clustering mode

    • observability-operator version 0.6.1

      • Fix CI jobs generating new releases

    • oauth2-proxy-app version 2.14.0

      • Add new configuration flags needed to let JWT token through.
      • Upgrade oauth2-proxy container image tag to v7.7.0
      • Removes oauth2-proxy from non control plane related catalogs.

    • prometheus-rules version 4.18.0

      • Add alerting rule for Loki missing logs at ingestion

    Security

    • kyverno-app version 0.18.1
      • Update Kyverno to upstream version v1.12.6.
      • Update kyverno-policy-reporter to upstream version v2.20.2.

    Fleet management

    • app-operator version 6.11.1

      • Retain a list of finalizers of Chart CR when updating it.
      • Update PolicyExceptions to v2 and failover to v2beta1.

    • zot version 2.0.0

      • Update zot to the latest version v2.1.1.
      • Update all dependencies.

This part of our documentation refers to our vintage product. The content may be not valid anymore for our current product. Please check our new documentation hub for the latest state of our docs.