Workload Cluster Releases for VSPHERE

• Dec 12, 2024 Workload cluster releases for VSPHERE releases vsphere-29.2.0

  Changes compared to v29.1.0

  Components

  • cluster-vsphere from v0.66.0 to v0.68.0
  • Kubernetes from v1.29.10 to v1.29.12

  cluster-vsphere v0.66.0…v0.68.0

  Breaking change

  [!CAUTION] The interface for setting annotations on the vsphereCluster CR has changed.

  Upgrade guide: how to migrate values (from v0.66.0)

  The additionalVsphereClusterAnnotations field is now an array of strings to accomodate for escape characters. Convert your dictionary to an array of strings as per the following example.

  Old interface for annotations:

  global:
    providerSpecific:
      additionalVsphereClusterAnnotations:
        my-key: "my-value"
  

  New interface for annotations:

  global:
    providerSpecific:
      additionalVsphereClusterAnnotations:
        - "my-key: value"
  

  Changed

  • Chart: Update cluster to v1.7.0.
    • Add teleport-init systemd unit to handle initial token setup before teleport service starts
    • Improve teleport service reliability by adding proper file and service dependencies and pre-start checks
  • Change global.providerSpecific.additionalVsphereClusterAnnotations attribute into an array.

  Apps

  • cert-manager from v3.8.1 to v3.8.2
  • coredns from v1.22.0 to v1.23.0
  • observability-bundle from v1.8.0 to v1.9.0

  cert-manager v3.8.1…v3.8.2

  Changed

  • Changed ownership to team Shield

  Removed

  • Get rid of label giantswarm.io/monitoring_basic_sli as this slo generation label is not used anymore.

  coredns v1.22.0…v1.23.0

  Changed

  • Update coredns image to 1.11.4.
  • Explicitly expose liveness and readiness probe ports in deployments.

  Removed

  • Remove PodSecurityPolicy and associated Resources and values.

  observability-bundle v1.8.0…v1.9.0

  Added

  • Add alloy v0.7.0 as alloyEvents.

  Changed

  • Upgrade alloy-logs and alloy-metrics to chart 0.7.0.
    • Bumps alloy from 1.4.2 to 1.5.0
  • upgrade kube-prometheus-stack from 65.1.1 to 66.2.1
    • prometheus-operator CRDs from 0.75.0 to 0.78.1
    • prometheus-operator from 0.77.1 to 0.78.1
    • prometheus from 2.54.1 to 2.55.1
    • kube-state-metrics from 2.13.0 to 2.14.0
    • grafana from 8.5.0 to 8.6.0
• Nov 13, 2024 Workload cluster releases for VSPHERE releases vsphere-29.1.0

  Changes compared to v29.0.0

  Components

  • cluster-vsphere from v0.65.2 to v0.66.0

  cluster-vsphere v0.65.2…v0.66.0

  Changed

  • Use Renovate to update kube-vip static pod manifest.
  • Updated giantswarm/cluster to v1.6.0.
  • Update kubectl image used by IPAM job to 1.29.9.
  • Use init-container to prepare /etc/hosts file for kube-vip.

  Apps

  • cert-exporter from v2.9.2 to v2.9.3
  • observability-bundle from v1.6.2 to v1.8.0

  cert-exporter v2.9.2…v2.9.3

  Changed

  • Chart: Enable global.podSecurityStandards.enforced. (#420)

  observability-bundle v1.6.2…v1.8.0

  Changed

  • Upgrade prometheus-agent from v0.6.9 to v0.7.0.
    • Adds extraArgs to be able to use nice features like wal truncation
  • upgrade kube-prometheus-stack from 61.0.0 to 65.1.1
    • prometheus-operator CRDs from 0.73.0 to 0.75.0
    • prometheus-operator from 0.75.0 to 0.77.1
    • prometheus upgraded from 2.53.0 to 2.54.1
    • grafana from 8.2.0 to 8.5.0
    • thanos ruler upgraded from 0.35.1 to 0.36.1
    • prometheus-node-exporter upgraded from 1.8.1 to 1.8.2
  • Add missing depends on annotation on alloy-metrics and alloy-logs to make sure they are deployed after the prometheus-operator-crds.
  • Upgrade alloyLogs to v0.6.1
    • Allow passing PodLogs via helm chart values
    • Upgrade to Alloy v1.4.2 which fixes a bug with component reload/evaluation and keeping Alloy up-to-date
    • Fixes an issue with CiliumNetworkPolicy preventing Alloy to run in clustering mode
• Oct 23, 2024 Workload cluster releases for VSPHERE releases vsphere-27.0.1

  We are happy to announce the first release for vSphere that uses the new release framework.

  Migration to new releases flow

  In order to consume the new flow, the following two fields need to be manually adapted:

  • In ConfigMap <cluster name>-userconfig set .Values.global.release.version to the release version, e.g. 27.0.1.
  • In App <cluster name> remove the spec.version field. In case of GitOps, Flux might complain that the app manifest is invalid as the spec.version field is mandatory. In that case, edit the live App CR and set spec.version to an empty string. That will unblock Flux and allow it reconcile successfully.

  And if you want to use kubectl-gs to create a cluster, you’d need to now specify the release version, e.g.:

  kubectl-gs template cluster --provider vsphere --organization my_org --name cluster_name -vsphere-network-name network_name --release 27.0.1
  

• Oct 23, 2024 Workload cluster releases for VSPHERE releases vsphere-28.0.1

  Changes compared to v27.0.1

  Components

  • Kubernetes from v1.27.16 to v1.28.15
• Oct 23, 2024 Workload cluster releases for VSPHERE releases vsphere-29.0.0

  Changes compared to v28.0.1

  Components

  • cluster-vsphere from v0.65.1 to v0.65.2.
  • Flatcar from v3815.2.5 to v3975.2.2
  • Kubernetes from v1.28.15 to v1.29.10

  cluster-vsphere v0.65.1…v0.65.2

  Changed

  • Fix kube-vip static pod manifest for Kubernetes 1.29 onwards.

  Apps

  • cert-exporter from v2.9.1 to v2.9.2
  • coredns from v1.21.0 to v1.22.0
  • node-exporter from v1.19.0 to v1.20.0
  • observability-bundle from v1.5.3 to v1.6.2
  • security-bundle from v1.8.0 to v1.8.2
  • teleport-kube-agent from v0.9.2 to v0.10.3
  • vertical-pod-autoscaler from v5.2.4 to v5.3.0
  • vertical-pod-autoscaler-crd from v3.1.0 to v3.1.1

  cert-exporter v2.9.1…v2.9.2

  Added

  • Chart: Add VPA and resources configuration for deployment and daemonset. (#382)

  coredns v1.21.0…v1.22.0

  Changed

  • Update coredns image to 1.11.3.

  Removed

  • Removed legacy Giant Swarm monitoring labels as coredns is monitored through a prometheus-operator generated servicemonitor.

  node-exporter v1.19.0…v1.20.0

  Changed

  • Synced with upstream chart v4.38.0 (node-exporter 1.8.2).

  observability-bundle v1.5.3…v1.6.2

  Added

  • Add alloy v0.4.0 as alloyMetrics.

  Changed

  • Fixed alloyMetrics catalog
  • Disable usage reporting to GrafanaLabs by:
    • Bumping alloyLogs and alloyMetrics to v0.4.1.
    • Bumping grafanaAgent to v0.4.6.

  security-bundle v1.8.0…v1.8.2

  Changed

  • Update cloudnative-pg (app) to v0.0.6.
  • Update trivy-operator (app) to v0.10.0.
  • Update kyverno-policy-operator (app) to v0.0.8.
  • Update kyverno (app) to v0.17.16.

  teleport-kube-agent v0.9.2…v0.10.3

  Changed

  • Disable JAMF components on chart templates
  • Fix issues with templates
  • Change ownership to Team Shield
  • Added small fix on podSecurityContext for seccompProfile.
  • Upgraded to Teleport version 16

  vertical-pod-autoscaler v5.2.4…v5.3.0

  Changed

  • Chart: Update Helm release vertical-pod-autoscaler to v9.9.0. (#314)
  • Chart: Consume global.imageRegistry. (#315)

  Removed

  • Chart: Do not override crds.image.tag. (#316)

  vertical-pod-autoscaler-crd v3.1.0…v3.1.1

  Changed

  • Chart: Improve Chart.yaml. (#110)
  • Repository: Some chores. (#111)
• Oct 18, 2024 Workload cluster releases for VSPHERE releases vsphere-28.0.0

  Changes compared to v27.0.0

  Components

  • Kubernetes from v1.27.16 to v1.28.12
• Aug 12, 2024 Workload cluster releases for VSPHERE releases vsphere-27.0.0

  We are happy to announce the first release for vSphere that uses the new release framework.

  Migration to new releases flow

  In order to consume the new flow, the following two fields need to be manually adapted:

  • In ConfigMap <cluster name>-userconfig set .Values.global.release.version to the release version, e.g. 27.0.0.
  • In App <cluster name> remove the spec.version field. In case of GitOps, Flux might complain that the app manifest is invalid as the spec.version field is mandatory. In that case, edit the live App CR and set spec.version to an empty string. That will unblock Flux and allow it reconcile successfully.

  And if you want to use kubectl-gs to create a cluster, you’d need to now specify the release version, e.g.:

  kubectl-gs template cluster --provider vsphere --organization my_org --name cluster_name -vsphere-network-name network_name --release 27.0.0