Highlights

• May 28, 2021 Highlights

  Highlights for the week ending May 28, 2021

  User interfaces

  Through a mistake, kubectl gs v1.28.0 hasn’t been published via the Krew index. We fixed this in the meantime and you can use kubectl krew upgrade gs to get the latest version again.

  Also we provide an experimental build of kubectl gs for Windows. You can find it on GitHub for download. If you try it, we’d be very happy to hear your feedback!

  Documentation

  These weekly announcements now also appear in the Changes and Releases section, as their own category named Highlights.

• May 21, 2021 Highlights

  Highlights for the week ending May 21, 2021

  Managed apps

  Cloudflared v0.1.0 is now available. The app allows you to launch Cloudflare Argo Tunnels that route directly to services inside your cluster. Useful for clusters not running in a public cloud provider. This release significantly eases the installation in Kubernetes by creating a single deployment that reuses a named tunnel.

  Prometheus Operator v0.8.2 upgrades prometheus to v2.26.1 which contains a fix for CVE-2021-29622. The vulnerability allowed attackers to redirect to arbitrary URLs through a specially crafted address (e.g.: http://127.0.0.1:9090/new/newurl). Prior to that, v0.8.1 eases installing on kubernetes >= 1.18 by enabling ingressClass and pathType by default.

  EFK v0.5.2 reverts upstream changes of deployment labels that caused upgrade conflicts.

  Cert Manager v2.7.1 sets authoritative name servers to coredns when using dns01 ACME solver, in order to support DNS01 challenge introduced in v2.6.0.

  Apps supported with best effort

  Spark Operator, an operator that makes specifying and running Spark applications as easy as running other workloads on Kubernetes, is now available in the playground catalog.

  User interfaces

  kubectl-gs v1.28.0 adds get appcatalogs and get apps commands. It also now allows templating for China clusters.

  We recently made many fixes and changes to the Web UI from v1.7.2 to v1.9.0 to improve the user experience, as well as prepare for new features related to providing access to the Management API.

  Documentation

  Many docs are updated and made more accurate including: Advanced CoreDNS Configuration, App CR’s target namespace configuration, and Usage data recording in our web interface.

• May 7, 2021 Highlights

  Highlights for the week ending May 7, 2021

  Managed apps

  Cert Manager v2.7.0 upgrades to upstream v1.3.1, which fixes an issue preventing app upgrades.

  Kong v2.0.0 upgrades to upstream stable v2.0.0. Make sure to review the upstream changelog and the upgrade documentation, as support for Helm 2 as well as other 1.x features are dropped. Customers running 1.2.0 have no disruptions.

  User interfaces

  kubectl gs, our plug-in for the Giant Swarm Management API, is now available as binary for the ARM achitecture (e. g. Apple M1), both for Linux and macOS.

  Documentation

  We now provide a curated list of cost optimization tools for Kubernetes.

• Apr 30, 2021 Highlights

  Highlights for the week ending April 30, 2021

  General

  Upstream recently announced another change to the end of life (EOL) date of Kubernetes 1.18. The last patch for v1.18 will be published May 12th 2021. Our interfaces have been updated to reflect that.

  Managed apps

  EFK v0.5.1 upgrades to Open Distro for Elasticsearch v1.13.2.

  Prometheus Operator v0.8.0 upgrades to kube-prometheus-stack v15.2.0, which includes Prometheus v2.26.0.

  NGINX IC v1.16.1 is now more flexible, allowing you to change any annotation you want, for example, the AWS LoadBalancer Type.

  Cert Manager v2.6.0 adds support for DNS01 challenge, allowing gigantic.io certificates to work behind a firewall. It simplifies creation of installations on-premises. Prior, Cert Manager v2.5.0 upgrades to upstream v1.2.0.

  Aqua v5.3.5 upgrades to container image v5.3.21119.

  Docs

  The search engine in docs now also searches the blog, making it quicker for you to find what you are looking for. Please try it and let us know what you think!

  We updated these docs to reflect recent improvements: Advanced ingress configuration, The Giant Swarm App Platform, and Prepare an Azure subscription to run Giant Swarm workload clusters.

• Apr 16, 2021 Highlights

  Highlights for the week ending April 16, 2021

  General

  We made a mistake, and we’re here to apologize. In our user interfaces, we previously indicated that Kubernetes v1.18 would run out of support (reach end of life, EOL) by April 8. This was a mistake. The EOL date for v1.18 is April 14 (two days ago). Sorry for the confusion this may have caused!

  Our KVM team is working hard to provide a release with Kubernetes v1.19 soon.

  Managed apps

  NGINX IC v1.16.0 fixes the validation of CPU requests and limits. It also updates the controller container image to v0.45.0, addressing OpenSSL CVEs.

  User interfaces

  kubectl gs template nodepool: We removed the --num-availability-zones flag which had no effect recently. We are working on bringing back the flag and its functionality in a future release.

• Apr 9, 2021 Highlights

  Highlights for the week ending January 22, 2021

  Managed apps

  NGINX IC v1.15.1 adds options to configure failurePolicy and timeoutSeconds to allow relaxing the validating webhook.

• Mar 19, 2021 Highlights

  Highlights for the week ending March 19, 2021

  Managed apps

  Loki v0.1.2-beta adds the option to install loki-multi-tenant-proxy to ease multi-tenant authentication and authorization. Prior, Loki v0.1.1-alpha2 upgrades to Loki v2.2.0.

  Grafana v0.2.0 upgrades to upstream Grafana image v7.4.3.

  Fluent Logshipping v0.6.4 breaks up the stream names for Cloudwatch Output, to help prevent from hitting API limits.

  Apps supported with best effort

  Goldilocks v0.1.0 is now available. Some customers report significant cost savings from automatically setting requests and limits for clusters.

  Cloudflared v0.0.5 is now available. This app allows you to launch Cloudflare Argo Tunnels and then route to services inside your cluster. Best for customers whose ingress options are constained and / or clusters run on-premises.

  Strimzi Kafka Operator v0.2.2 fixes and removes the duplicated registry in image entry after templating.

  Documentation

  • For consistent terminology and to avoid confusion, we now use the term Giant Swarm REST API where we simply talked about the API or the Giant Swarm API in the past.
• Mar 12, 2021 Highlights

  Highlights for the week ending March 12, 2021

  Managed apps

  EFK Stack v0.5.0 is updated to Elasticsearch and Kibana v7.10.2.

  Aqua v5.3.2 and v5.3.1 prior to it fix issues with data types, port configurations, secrets for DB credentials, and more. It also adds security context to relevant resources and guidance on advanced configuration to the README.

  Apps supported with best-effort

  Azure Ad Pod Identity v0.5.0 and prior releases from v0.3.0 to v0.4.2 upgrade the chart to v3.0.3. They also fix PSP capabilities to allow it to work on management clusters, as well as allow more configuration options to work by default with CAPZ (Cluster API Provider Azure)

• Mar 5, 2021 Highlights

  Highlights for the week ending March 03, 2021

  Managed apps

  NGINX IC v1.15.0 upgrades the container images (controller container to v0.44.0 and kube-webhook-certgen to v1.5.1). It also removes conflicting admission webhook api versions, ensuring the tree of apiversions will be valid according to the webhook.

  Kong v1.2.0 upgrades to upstream chart v1.15.0 and Kong to v2.3. Upstream chart v1.15.0 is an interim release before the planned v2.0.0 release. Please review the upstream changelog for all changes between v1.12.0 and v1.15.0.

  Loki v0.1.1-alpha adds annotation to route alerts to the apps team, in preparation for offering Loki as a managed app in production.

  Apps supported with best-effort

  Jaeger Operator v0.2.3 upgrades to upstream chart v2.19.1.

  Fluent Logshipping v0.6.1 fixes the output config format for AWS outputs, as well as mounts journald path and sets it correctly in fluent-bit config.

  Strimzi Kafka Operator v0.2.0 upgrades to upstream v0.21.1.

  gsctl

  The gsctl create kubeconfig command now supports Kubie, which is a tool for safely setting the context for kubectl by spawning a new shell.

  The configuration path can now be customized using the GSCTL_CONFIG_DIR environment variable.

• Feb 26, 2021 Highlights

  Highlights for the week ending February 26, 2021

  Managed apps

  Prometheus Operator v0.7.0 upgrades to upstream chart v13.10.0, which contains Prometheus v2.24.0.
  :warning: This is a breaking change for the app and requires Helm 3 (AWS: >= 12.3.0, Azure: >= 12.1.0, KVM: >= 12.3.0) to install.

  Fluent Logshipping v0.6.0 drops fluentd to reduce memory usage as fluent-bit now supports AWS outputs. It adds toleration to run on any node with taints.

  kubectl gs

  • The template nodepool command now supports scaling to zero, as it is possible on Azure.

  Documentation

  • We added information on how to use cloud provider resource tagging on AWS with the Management API.

• Newer entries
• Older entries