Updates on Giant Swarm workload cluster releases, apps, UI improvements and documentation changes.
This release updates cluster-aws Helm chart, which brings improvements for container registry usage.
This release updates the apps and components, keeping them up to date with the latest v25 release. It also brings improvements for the container registry usage.
runAsGroup and runAsUser greater than zero for all deployments.Changes since Stable 3815.2.4
runAsGroup.--logging-agent flag too, to toggle between Promtail and Alloy.prometheus-operator-crd to 11.0.1. In addition version 1.5.0 introduces the following changes:
- Add alloy v0.3.0 as alloy-logs
- prometheus-operator will not check promql syntax for prometheusRules that are labelled application.giantswarm.io/prometheus-rule-kind: lokigiantswarm.io/monitoring label.helm.sh/resource-policy: keep annotation to all CRDs to avoid deletion during Helm operations.kube-downscaler app to all collections, and version 0.2.0 adds enabled field in values to disable whole chart if needed.ingress.tls.clusterIssuer values to letsencrypt-giantswarm
- Update cert-manager.io/cluster-issuer annotation to use default.podAntiAffinity so teleport-kube-agent pods run on different control-plane nodes also increases the number of replicas to 3 to maintain better high availability.kubectl apply with --server-side=true --field-manager='kubectl-client-side-apply' --force-conflicts flags in WorkloadCluster Ip Job
- Remove unused tests under helm directory.kyverno-crds app to handle Kyverno CRD install.
- Update kyverno (app) to v0.17.15. This version disables the CRD install job in favor of kyverno-crds App.reports-controller.
- Set VPA max 4 CPU / 8Gi memory and adjust default requests/limits for background-controller.
- Set starting CPU limit of request+25% for cleanup-controller.
- Disable Kyverno CRDs install Job in favor of kyverno-crds App.aws-cloud-controller-manager-app version 1.29.3-gs1 updates component to upstream version v1.29.3.
cluster-api-provider-azure-app version 1.12.4-gs2 removes kube-rbac-proxy from azure-service-operator. Additionally, the image of azure-service-operator is now fetched from gsoci.azurecr.io.
cluster-azure version 0.16.1 introduces an improvement respecting global.apps.externalDnsPrivate to overwrite configuration of external-dns-private app.
cloud-provider-cloud-director-app version 0.3.0 rollbacks CPI from 1.6.0 to 1.5.0 due to IP Spaces incompatibility.
cluster-cloud-director version:
cluster-vsphere version 0.56.1 unpauses Cluster resource as part of cleanup hook after deletion in order to prevent leftover resources.
default-apps-cloud-director version 0.9.0 introduces the following changes:
- Update cert-exporter to v2.9.1.
- Update cert-manager-app to v3.8.0.
- Update k8s-dns-node-cache-app to v2.8.1.
- Update net-exporter to v1.21.0
- Update observability-bundle to v1.4.0.
- Update security-bundle to v1.7.1.
- Update teleport-kube-agent-app to v0.9.2.
- Update vertical-pod-autoscaler-app to v5.2.4.
azure-private-endpoint-operator version 0.2.3
cluster version 0.36.0 removes the CronJobTimeZone feature gate as it becomes stable and is included in Kubernetes v1.29.
cluster-autoscaler-app version [1.29.3-gs1](https://github.com/giantswarm/cluster-autoscaler- app/compare/v1.28.5-gs1…v1.29.3-gs1) updates the upstream app version to v1.29.3.
This part of our documentation refers to our vintage product. The content may be not valid anymore for our current product. Please check our new documentation hub for the latest state of our docs.
We empower platform teams to provide internal developer platforms that fuel innovation and fast-paced growth.
GET IN TOUCH
General: hello@giantswarm.io
CERTIFIED SERVICE PROVIDER
