Changed
- Removed check capabilities from VerticalPodAutoscaler resources.
- Dropped
CPUfrom Reports Controller VerticalPodAutoscaler controlled resources.
Managed Apps
Changed
WARNING: this version requires Cilium to run because of the dependency on the CiliumNetworkPolicy CRD
- Upgrade dependency chart to 9.2.0.
- Adjusted the resource and limits to accomodate larger clusters by default
- Adjusted the admission controller to give it more QPS against the API
- Adjusted the updater to give it more QPS against the API
- Adjusted the recommender to give it
- more QPS against the API
- doubling the memory in case of an OOMKilled event
- Using the 95% percentile for the calculation of the CPU usage: should allow to scale up more precisely to account for spikes in CPU consumption of the workload
- Adjusted the resource and limits to accomodate larger clusters by default
- Calculating recommendations only for workloads which do have a VPA custom resource, instead of all workloads
- Removed standard network policies to decrease maintenance burden
- Fixed Cilium Network Policy to allow CRD jobs execution
- Added Cilium Network Policy weight for an early execution
- Disabled VPA for the updater pod otherwise it keeps on getting re-scheduled because the memory consumption varies a lot between reconsiling resources and idle
- Disabled VPA for the recommender pod otherwise it keeps on getting re-scheduled because the memory consumption varies a lot between reconsiling resources and idle
Changed
- Upgraded chart dependency to kube-prometheus-stack-48.4.0
- Update
alertmanagerfrom 0.25.0 to 0.26.0
- Update
- Add dropped
apiserver_response_sizes_sumandapiserver_response_sizes_countmetrics back.
- Upgraded chart dependency to kube-prometheus-stack-48.4.0
Changed
- Upgrade to Linkerd v2.13.6.
Fixed
- Fix ausearch command to ensure we get all possible command executions.
Changed
- Upgrade to linkerd 2.13.6
This is the first public stable release of our new
ingress-nginxchart. If you are currently usingv2.x.x, this release includes breaking changes. We set up a migration guide to make the upgrade as smooth as possible. Notable changes requiring your attention and/or manual intervention, like renaming, deprecation or removal of values, have been highlighted below. Even though we highly recommend to upgrade to this and future releases,v2.x.xwill continue to receive bugfixes as long as possible. All feedback regarding this release, its changes, or our migration guide is very welcome!Added
- Service: Align features from external service to internal one. (#467)
- Service: Add
controller.service.internal.ports&controller.service.internal.targetPorts. (#469) - PDB: Add
controller.annotations. (#481) - KEDA: Add
fallback. (#497) - OpenTelemetry: Add distroless
init_module. (#498) - Service: Add
controller.service.loadBalancerClass. (#503)
NOTE: The load balancer class of existing services can not be changed. The app deployment might fail when defining this for already installed app instances. - Deployment: Ignore
replicaCountwith KEDA enabled. (#513) - Service: Template annotations. (#514)
- Deployment/DaemonSet: Add
controller.hostAliases. (#521)
Changed
- Helpers: Align labels to upstream. (#450)
- Values: Align CPU & memory requests to actual needs. (#453)
NOTE: This reduces the default resource requests. Please review & configure them to your actual needs. - Values: Deprecate
configmap, usecontroller.configinstead. (#463)
NOTE: This is part of our alignment to upstream. Usecontroller.configinstead. - Chart: Rename to
ingress-nginx. (#464) - HPA: Align to upstream. (#465)
- PDB: Improve checks. (#487)
- Images: Update OpenTelemetry & kube-webhook-certgen image. (#488)
- Image: Update to
v1.8.0. (#489) - HPA: Partially revert #465. (#493)
- Metrics: Use
ServiceMonitor. (#494) - Image: Update to
v1.8.1. (#505) - Values: Update docs about
controller.enableTopologyAwareRouting. (#520) - OpenTelemetry: Update image to
v20230721-3e2062ee5. (#522) - ServiceMonitor: Explicitly set namespace. (#523)
Removed
- Service: Remove
controller.service.suffix&controller.service.internal.suffix. (#448)
NOTE: This is part of our alignment to upstream. There is no replacement for this key. - Params: Align to upstream. (#452)
- Params: Remove
controller.annotationsPrefix.
NOTE: This is part of our alignment to upstream. Usecontroller.extraArgsinstead. - Params: Remove
controller.defaultSSLCertificate.
NOTE: This is part of our alignment to upstream. Usecontroller.extraArgsinstead. - Params: Remove
controller.enableSSLChainCompletion.
NOTE: This is part of our alignment to upstream. Usecontroller.extraArgsinstead. - Params: Remove
controller.updateIngressStatus.
NOTE: This is part of our alignment to upstream. Usecontroller.extraArgsinstead.
- Params: Remove
- Service: Remove default values for
controller.service.nodePorts&controller.service.internal.nodePorts. (#461)
NOTE: If you are running on our KVM product, please make sure to manually set those keys to their prior values. - Params: Remove
controller.disableExternalNameForwarding. (#462)
NOTE: This is part of our alignment to upstream. Usecontroller.extraArgsinstead.
Changed
- Upgraded upstream chart from 5.14.1 to 5.15.0 - see changelog for more information.
- Add PSP annotation to allow all seccomp profiles.
