1. Docs
  2. Changes and releases
  3. Managed Apps

Managed Apps

  • Managed Apps dex-app v1.0.0

    Added

    • Add condition for ingress resource installation.
    • Add support for internal Control Plane API access.
  • Managed Apps cert-manager-app v1.0.8

    Changed

    • Allowed resource requests and limits to be configured with values.yaml. (#24)
  • Managed Apps ingress-nginx-app v1.6.10

    Changed

    • Make NGINX IC Service externalTrafficPolicy configurable and default to Local.
  • Managed Apps oauth2-proxy-app v1.1.0

    Changed

    • Change chart namespace from monitoring to giantswarm.
  • Managed Apps oauth2-proxy-app v1.0.0

    Changed

    • Push g8s-oauth2-proxy chart into control-plane catalog instead of quay.io.
    • Push g8s-oauth2-proxy app CRs into <provider>-app-collection repository.
  • Managed Apps ingress-nginx-app v1.6.9

    Changed

    • Restrict PodSecurityPolicy volumes to only those required (removes wildcard).
    • Tune net.ipv4.ip_local_port_range to 1024 65535 as a safe sysctl.
    • Tune net.core.somaxconn to 32768 via an initContainer with privilege escalation.
    • Use 4 worker processes by default.
    • Use upstream default of max-worker-connections of 16384.
    • Ignore NGINX IC Deployment replica count configuration when HorizontalPodAutoscaler is enabled.
    • Drop unnecessary Helm release revision annotation from NGINX IC Deployment.
    • Adjust README for display in the web interface context.
  • Managed Apps fluent-logshipping-app v0.3.0
  • Managed Apps cert-manager-app v1.0.7

    Changed

    • Fixed sub-chart resources namespace. (#19, #21)
  • Managed Apps ingress-nginx-app v1.6.8

    Changed

    • Default max-worker-connections to 0, making it same as max-worker-open-files i.e. max open files (system's limit) / worker-processes - 1024. This optimizes for high load conditions where it improves performance at the cost of increasing RAM utilization (even on idle).
    • HorizontalPodAutoscaler was tuned to use targetMemoryUtilizationPercentage of 80 due to increased RAM utilization with new default for max-worker-connections of 0.
    • Removed use of enable-dynamic-certificates CLI flag, it has been deprecated since ingress-nginx 0.26.0 via ingress-nginx PR #4356
    • Changed default error-log-level from error to notice.
    • Added a link to the README in the sources of Chart.yaml
  • Managed Apps ingress-nginx-app v1.6.7

    Changed

    • Align graceful termination configuration with changes made in upstream ingress-nginx 0.26.0 (see related PR #4487 and important section in 0.26.0 release notes).
      • Make NGINX IC Deployment’s terminationGracePeriodSeconds configurable and align its default with configmap.worker-shutdown-timeout
      • Make NGINX IC controller container lifecycle hooks configurable, and change from sleep 60 to using /wait-shutdown as preStop hook.
    • Make controller.minReadySeconds configurable.