Changes and Releases

Updates on Giant Swarm workload cluster releases, apps, UI improvements and documentation changes.

• Jul 8, 2024 Managed Apps k8s-dns-node-cache-app v2.8.0

  Changed

  • Reduce security exceptions #89.
    • Enable readOnly FS moving config to emptyDir volume.
    • Remove NET_ADMIN and drop ALL capabilities.
    • Add NET_BIND_SERVICE capability.
    • Add policy exception for require-non-root-groups/autogen-check-runasgroup.
    • Remove disallow-capabilities-* policy exceptions.
• Jul 5, 2024 Cluster apps for CAPI cluster v0.34.1

  Fixed

  • Restore single dependency for k8s-audit-metrics app.
• Jul 4, 2024 Developer Portal backstage v0.27.0

  Changed

  • Update Backstage to 1.28.4.
• Jul 3, 2024 CAPA releases releases aws-25.1.0

  This release updates the components, keeping them up to date with Vintage AWS v20.1.x series. Several improvements for Vintage to CAPA migration have also been included.

  Change details compared to CAPA 25.0.0

  cluster-aws 1.1.0

  Fixed

  • Fixed China IRSA suffix

  Added

  • Add the Management Cluster name as a tag to the AWS resources created by CAPA.
  • Add the node pool name as a tag to the AWS resources associated with the node pool.

  Changed

  • Update cluster chart to 0.35.0

  cert-manager 3.7.9

  Fix

  • Remove quotes from acme-http01-solver-image argument. The quotes are used when looking up the image which causes an error.

  Update

  • Improves container security by setting runAsGroup and runAsUser greater than zero for all deployments.

  containerlinux 3815.2.5

  Changes since Stable 3815.2.4

  Security fixes:

  • openssh (CVE-2024-6387)

  Updates:

  • Linux (6.1.96)
  • openssh (9.7_p1)

  cilium 0.25.1

  Changed

  • Fix regression setting Policy BPF Max map policyMapMax back to 65536 from 16384.
  • Upgrade cilium to v1.15.6.
• Jul 3, 2024 Observability dashboards v3.21.0

  Changed

  • Get rid of the app label in Phoenix dashboards.
• Jul 3, 2024 Managed Apps cert-manager-app v3.7.8

  Added

  • Improves container security by setting runAsGroup and runAsUser greater than zero for all deployments.
• Jul 3, 2024 Security cert-manager-app v3.7.8

  Added

  • Improves container security by setting runAsGroup and runAsUser greater than zero for all deployments.
• Jul 3, 2024 Observability observability-bundle v1.4.0

  Changed

  • Upgrade kube-prometheus-stack to 11.0.0 and prometheus-operator-crd to 11.0.0. This upgrade mainly consists in:
    • kube-prometheus-stack dependency chart upgraded from 56.21.2 to 61.0.0
    • prometheus upgrade from 2.50.1 to 2.53.0
    • thanos ruler upgrade from 0.34.1 to 0.35.1
    • kube-state-metrics from 2.10.0 to 2.12.0
    • prometheus-operator from 0.71.2 0.75.0 - adding remoteWrite.proxyFromEnvironment and Scrape Class support
    • prometheus-node-exporter upgraded from 1.8.0 to 1.8.1
  • Upgrade grafana-agent from 0.4.3 to 0.4.4
    • This version enables the override the grafana agent CiliumNetworkPolicy egress and ingress sections.
• Jul 1, 2024 Developer Portal backstage v0.26.0

  Added

  • Add plugin-scaffolder-backend-module-gs backend module with custom parseClusterRef filter for scaffolder plugin.
  • GS Auth: add custom sign-in resolver for GitHub auth provider.

  Removed

  • Clean up catalog templates.
• Jul 1, 2024 Observability dashboards v3.20.0

  Added

  • Add “BPF map pressure” graph to “Cilium performance” dashboard.
  • Add kube-builder logs in “Kube-Builder Operators” dashboard.

  Changed

  • fluentbit dashboard: cluster selection

  Fixed

  • Mimir Cost Estimation: fix RAM usage

  Removed

  • Removed the dashboard ‘Webhook Health’.

• Newer entries
• Older entries