Added
- Added Vertical Pod Autoscaler support for
controllerpods. - Added renovate configutarion
Removed
- Removed dependabot configuration
Changes and Releases
Updates on Giant Swarm workload cluster releases, apps, UI improvements and documentation changes.
In this release:
- Dex sign-in resolver was changed to use username from an email as user reference;
gitopsRepositoriesconfiguration was changed to support GitHub repositories by default. See ./docs/releases/v0.64.0-changelog.md for more information.
- Updgrade Flux to 2.2.0 version.
In this release, a bug that caused the InstallationsPicker component to incorrectly save selected installations into local storage was fixed. See ./docs/releases/v0.63.1-changelog.md for more information.
Added
- Add support for enabling pre-configured custom resources in KSM
- Add metrics containing labels for Crossplane resources
Changed
- Upgrade
kube-prometheus-stackto 72.3.0- Bumps prometheus-operator to 0.82.0
Highlights for the week ending 2025-04-10
Breaking Changes
- Ingress NGINX App version 4.0.0
- Important breaking changes to note:
- ConfigMap option allow-cross-namespace-resources is now deactivated
- Annotations with risk level “Critical” now require explicit configuration Please read carefully the whole release notes.
- Important breaking changes to note:
Fleet Management
Cluster AWS version 3.2.0
- Updated cluster chart to v2.2.0
- Added security rule to allow access to Cilium Relay when using ENI mode
- Improved node security with proper Nvidia runtime isolation to prevent OOM issues
Cluster Azure version 2.1.0
- Updated cluster chart to v2.2.0
Cluster Cloud Director version 0.66.0
- Updated cluster chart to v2.2.0
- Enabled CoreDNS extensions and ETCD defragmentation
Cluster vSphere version 1.1.0
- Updated cluster chart to v2.2.0
- Split cloud provider app into separate HelmReleases
- Added template suffix option for VM templates
Image Distribution Operator version 0.2.1
- Added support for exotic characters in passwords
- Improved vSphere release handling with ability to set suffix on uploaded VM template names
AWS EBS CSI Driver App version 3.0.5
- Updated snapshot-controller to v8.2.1
- Synchronized with upstream improvements
AWS Cloud Controller Manager App version 1.30.8-gs1
- Updated to upstream v1.30.8
Cluster Autoscaler App version 1.30.4-gs2
- Updated to upstream v1.30.4
- Added support for additional labels on PodMonitor resources
vSphere CSI Driver App version 3.4.2
- Added upstream chart at v3.3.0
- Fixed kubectl image tag
Security
ETCD Backup Operator version 4.12.0
- Added BackupDestination label to support multiple operator instances
- Improved cluster exclusion configuration
ETCD Defrag App version 1.0.3
- Updated dependency to etcd-defrag v0.26.0
Kube-vip Cloud Provider App version 0.3.0
- Enhanced security by running container with a read-only filesystem
RBAC Operator version 0.42.0
- Added support for read-all-customer-groups bindings
Teleport Kube Agent App version 0.10.4
- Added headless service on diagnostic port 3000
- Migrated to App Build Suite
- Added API capabilities check for Kyverno PolicyExceptions before switching to v2
- Made livenessProbe.initialDelaySeconds configurable
Connectivity
Cilium App version 0.32.0
- Using upstream default value for prometheus.metrics
- Enabled Envoy Proxy in standalone DaemonSet
CoreDNS App version 1.25.0
- Updated CoreDNS image to 1.12.1
Ingress NGINX App version 4.0.0
- Updated controller image to v1.12.1
- Added multiple controller configuration options
- Removed Pod Security Policies (incompatible with Kubernetes v1.24 and below)
- Important breaking changes to note:
- ConfigMap option allow-cross-namespace-resources is now deactivated
- Annotations with risk level “Critical” now require explicit configuration
- Updated to upstream chart version 2.48.0
- Updated Kong ingress controller to 3.4.3
- Changed default installation to OSS version (Enterprise requires explicit configuration)
- Dropped support for Kubernetes below v1.26
- Added customizable CRD version selection
Proxysocks version 0.1.1
- Fixed service selector in the Helm chart
- Initial release with support for credentials
Continuous Deployment
- Changed app.Validator interface for admission controller identification
- Streamlined existence checks for referenced resources
App Admission Controller version 2.0.0
- Streamlined validation approach by moving resource existence checks to reconciliation
App Operator version 7.2.0
- Decreased default reconciliation interval from 5m to 3m
- Enhanced reporting of missing resources in App CR status
- Improved namespace checking before creating resources
Cluster Apps Operator version 3.2.0
- Updated app-operator to version v7.2.0
Konfigure Operator version 0.1.2
- Initial implementation of configuration management
- Fixed map filtering logic to respect external annotations and labels
- Added protection for internal configuration annotations
Kube Downscaler App version 0.6.1
- Updated chart’s image
- Fixed Cilium network policy endpoint selector
Developer Portal
- Backstage version 0.62.0
- Improved error message styles in deployment details
- Enhanced resource entity page layout
- Added links from deployments to corresponding catalog entities
- Improved installation selection functionality
Observability
Alloy Rules version 4.54.1
- Added multi-tenancy support with tenant labeling
- Fixed and improved various alerts:
- Enhanced alert for missing teleport access logs
- Fine-tuned MetricForwardingErrors to avoid triggering on sporadic issues
- Fixed MonitoringAgentDown to not page for non-deleting clusters
- Added log-based alerts for CIDRNotAvailable events
- Improved various alert thresholds and timing
Cluster API Monitoring App version 1.17.0
- Set default memory resources to 200Mi
Dashboards version 4.4.0
- Added Cilium Agent logs dashboard
- Added Observability Resource Usage dashboard
- Added Backstage dashboard
Grafana App version 2.20.0
- Upgraded Grafana chart from 8.9.0 to 8.11.3
Logging Operator version 0.26.1
- Fine-tuned Alloy logs and events resource usage to avoid impacting customer workloads
- Fixed schema violations in Alloy logs configuration
Node Exporter App version 1.20.2
- Updated dependencies for improved security and stability
Observability Bundle version 1.12.0
- Upgraded kube-prometheus-stack from 69.5.1 to 70.1.1
- Updated Prometheus to 3.2.1
- Updated Prometheus Operator to 0.81.0
Observability Operator version 0.23.2
- Added multi-tenancy support for alerting, recording rules, and remote write
- Enhanced configuration validation with amtool
- Improved sharding for metrics across all tenants
- Configured OpsGenie integration for severity:page alerts
- Optimized resource usage settings
Prometheus Meta Operator version 4.88.0
- Improved resource usage by not loading log-based alerts in Prometheus
- Upgraded to sloth 0.12.0
Starboard Exporter version 0.8.1
- Updated Go version and dependencies
- Addressed code linter findings
Others
- Updated container images to 0.1.2
- Added Cilium network policies for API communication
- Adapted webhook certificate for platform compatibility
- Updated to project-zot/helm-charts version 0.1.67
- Bumped default zot image tag to v2.1.2
- Upgraded the upstream helm chart to 1.1.0
Docs
- You can find the new content for the developer portal in this new section.
- Ingress NGINX App version 4.0.0
Added
- Included the
giantswarm.io/clusterlabel
- Included the
In this release:
- GitOps indicator was added to the Deployment details pane;
- linkage between deployments and catalog entities was fixed. See ./docs/releases/v0.63.0-changelog.md for more information.
In this release:
- error messages styles in deployment details were improved;
- resource entity page layout was improved. See ./docs/releases/v0.62.0-changelog.md for more information.