1. Docs
  2. Changes and releases
  3. Observability

Observability

  • Observability tempo-app v0.14.0

    Added

    • Add support for extracting tags from VsphereCluster and VCDCluster CRs in Crossplane
    • Add clusterProvider field to support scenarios where cluster provider differs from storage provider (e.g., vsphere cluster with azure storage)
    • Make Azure subscription ID overridable via crossplane.azure.subscriptionId value (falls back to AzureCluster CR lookup if not provided)
  • Observability mimir-app v0.27.0

    Added

    • Add support for extracting tags from VSphereCluster and VCDCluster CRs in Crossplane.
    • Add clusterProvider field to support scenarios where the cluster infrastructure provider differs from the storage provider (e.g., a vSphere cluster using Azure blob storage).
    • Azure Subscription ID is now overridable via crossplane.azure.subscriptionId, falling back to an AzureCluster CR lookup if not provided.

    Changed

    • Refactor VPA templates to use a shared mimir.lib.verticalPodAutoscaler helper, reducing per-component templates to 3 lines each.
    • VPA updateMode now defaults to Recreate (was Auto) and is configurable per component via verticalAutoscaling.updateMode.
    • VPA controlledValues and container mode are now configurable per component via verticalAutoscaling.controlledValues and verticalAutoscaling.mode.
    • minAllowed and maxAllowed are now optional and accept any resource key (not limited to cpu and memory).
  • Observability loki-app v0.41.0

    Added

    • Add ScaledObject resources for loki-write and loki-backend.
    • Add support for extracting tags from VsphereCluster and VCDCluster CRs in Crossplane
    • Add clusterProvider field to support scenarios where cluster provider differs from storage provider (e.g., vsphere cluster with azure storage)
    • Make Azure subscription ID overridable via crossplane.azure.subscriptionId value (falls back to AzureCluster CR lookup if not provided)

    Changed

    • Enable/Disable HTTPRoute with .Values.loki.enabled values.
  • Observability kube-prometheus-stack-app v20.2.0

    Added

    • Add labels to Deployment, DaemonSet, StatefulSet metrics: app.kubernetes.io/version, helm.toolkit.fluxcd.io/name, helm.toolkit.fluxcd.io/namespace
  • Observability prometheus-operator-app v20.2.0

    Added

    • Add labels to Deployment, DaemonSet, StatefulSet metrics: app.kubernetes.io/version, helm.toolkit.fluxcd.io/name, helm.toolkit.fluxcd.io/namespace
  • Observability tempo-app v0.13.0

    Changed

    • Upgrade Tempo chart from to 1.61.3 to 2.4.2
      • Upgrades Tempo from 2.9.0 to 2.10.1
    • Upgrade Tempo Vulture chart from 0.12.5 to 0.12.6
  • Observability observability-bundle v2.8.0

    Changed

    • Update kube-prometheus-stack to 20.1.0
  • Observability observability-platform-api v0.2.0

    Added

    • Add Gateway API HTTPRoute resources for Loki, Mimir, and Tempo (read and write), replacing the previous NGINX ingress setup.
    • Add native JWT authentication via Envoy Gateway SecurityPolicy.jwt, supporting multiple OIDC providers (e.g. Dex, Azure AD). Configurable via auth.jwt.providers.
    • Add /loki/api/v1/rules to the Loki read routes.
    • Add GRPCRoute for Tempo gRPC traffic (port 9095), routing all tempopb.* services to tempo-query-frontend with JWT enforcement via SecurityPolicy.

    Changed

    • Replace NGINX ingress-based auth (nginx.ingress.kubernetes.io/auth-url) with Envoy Gateway SecurityPolicy JWT validation — no external auth service (oauth2-proxy or Dex extAuth) required.
    • Change missing X-Scope-OrgID response code from 400 to 401 across all routes.
    • When auth.jwt.providers is empty and a service is enabled, routes are silently not rendered (no chart error). Previously the chart would fail with an error.
    • Fix Tempo gRPC route service regex from tempopb to tempopb\.[^/]+ to correctly match package-qualified service names (e.g. tempopb.StreamingQuerier).

    Removed

    • Remove dependency on oauth2-proxy for write route authentication.
    • Remove Envoy Gateway Backend CRD and extAuth configuration in favour of inline JWT validation.
  • Observability kube-prometheus-stack-app v20.1.0

    Changed

    • Upgraded chart dependency to kube-prometheus-stack-82.8.0
      • Added VPA support for Alertmanager
      • Added VPA support for Prometheus
      • grafana from 11.2.2 to 11.2.3
  • Observability prometheus-operator-app v20.1.0

    Changed

    • Upgraded chart dependency to kube-prometheus-stack-82.8.0
      • Added VPA support for Alertmanager
      • Added VPA support for Prometheus
      • grafana from 11.2.2 to 11.2.3