1. Docs
  2. Changes and releases
  3. Workload cluster releases for VSPHERE

Workload Cluster Releases for VSPHERE

  • Workload cluster releases for VSPHERE releases vsphere-29.3.0

    Changes compared to v29.2.0

    Components

    • cluster-vsphere from v0.68.0 to v0.68.1
    • Flatcar from v3975.2.2 to v4081.2.1
    • Kubernetes from v1.29.12 to v1.29.13

    cluster-vsphere v0.68.0…v0.68.1

    Added

    • Add components.containerd to the schema and values.

    Changed

    • Update example manifest.
    • Make cloud-provider-vsphere HelmRelease catalog configurable.
    • Update kube-vip to 0.8.9.
    • Update kube-vip static pod manifest with CIDR.

    Apps

    • cilium from v0.25.1 to v0.25.2
    • cloud-provider-vsphere from v1.11.0 to v1.12.0
    • prometheus-blackbox-exporter from v0.4.2 to v0.5.0
    • security-bundle from v1.8.2 to v1.9.1
    • vertical-pod-autoscaler from v5.3.0 to v5.3.1
    • vertical-pod-autoscaler-crd from v3.1.1 to v3.1.2

    cilium v0.25.1…v0.25.2

    Changed

    cloud-provider-vsphere v1.11.0…v1.12.0

    Added

    • Add Renovate to track new tags.
    • Update kube-vip helm chart to 0.6.2.
    • Update kube-vip to 0.8.4.
    • Add initContainer to CSI node registrar container to wait for CRD to be registered.

    prometheus-blackbox-exporter v0.4.2…v0.5.0

    Changed

    • Harden security context to pass PSS compliance.

    Removed

    • Remove PSP resources.

    security-bundle v1.8.2…v1.9.1

    Breaking changes

    Note: When upgrading to this security-bundle version with Falco enabled, the Falco App will fail to upgrade due to a breaking change in the upstream chart. To finish the upgrade, disable, then re-enable the Falco App by setting apps.falco.enabled=[false|true] in the security-bundle user values Config Map.

    Changed

    • Update trivy-operator (app) to v0.10.3.
    • Update trivy (app) to v0.13.1.
    • Update kyverno (app) to v0.18.1.
    • Update kyverno-crds (app) to v1.12.0.
    • Update kyverno-policies (app) to v0.21.0.
    • Update starboard-exporter (app) to v0.8.0.
    • Update falco (app) to v0.9.1.

    vertical-pod-autoscaler v5.3.0…v5.3.1

    Changed

    • Chart: Update Helm release vertical-pod-autoscaler to v9.9.1. (#333)

    vertical-pod-autoscaler-crd v3.1.1…v3.1.2

    Changed

    • Chart: Sync to upstream. (#124)
  • Workload cluster releases for VSPHERE releases vsphere-29.2.0

    Changes compared to v29.1.0

    Components

    • cluster-vsphere from v0.66.0 to v0.68.0
    • Kubernetes from v1.29.10 to v1.29.12

    cluster-vsphere v0.66.0…v0.68.0

    Breaking change

    [!CAUTION] The interface for setting annotations on the vsphereCluster CR has changed.

    Upgrade guide: how to migrate values (from v0.66.0)

    The additionalVsphereClusterAnnotations field is now an array of strings to accomodate for escape characters. Convert your dictionary to an array of strings as per the following example.

    Old interface for annotations:

    global:
  providerSpecific:
    additionalVsphereClusterAnnotations:
      my-key: "my-value"

    New interface for annotations:

    global:
  providerSpecific:
    additionalVsphereClusterAnnotations:
      - "my-key: value"

    Changed

    • Chart: Update cluster to v1.7.0.
      • Add teleport-init systemd unit to handle initial token setup before teleport service starts
      • Improve teleport service reliability by adding proper file and service dependencies and pre-start checks
    • Change global.providerSpecific.additionalVsphereClusterAnnotations attribute into an array.

    Apps

    • cert-manager from v3.8.1 to v3.8.2
    • coredns from v1.22.0 to v1.23.0
    • observability-bundle from v1.8.0 to v1.9.0

    cert-manager v3.8.1…v3.8.2

    Changed

    • Changed ownership to team Shield

    Removed

    • Get rid of label giantswarm.io/monitoring_basic_sli as this slo generation label is not used anymore.

    coredns v1.22.0…v1.23.0

    Changed

    • Update coredns image to 1.11.4.
    • Explicitly expose liveness and readiness probe ports in deployments.

    Removed

    • Remove PodSecurityPolicy and associated Resources and values.

    observability-bundle v1.8.0…v1.9.0

    Added

    • Add alloy v0.7.0 as alloyEvents.

    Changed

    • Upgrade alloy-logs and alloy-metrics to chart 0.7.0.
      • Bumps alloy from 1.4.2 to 1.5.0
    • upgrade kube-prometheus-stack from 65.1.1 to 66.2.1
      • prometheus-operator CRDs from 0.75.0 to 0.78.1
      • prometheus-operator from 0.77.1 to 0.78.1
      • prometheus from 2.54.1 to 2.55.1
      • kube-state-metrics from 2.13.0 to 2.14.0
      • grafana from 8.5.0 to 8.6.0
  • Workload cluster releases for VSPHERE releases vsphere-29.1.0

    Changes compared to v29.0.0

    Components

    • cluster-vsphere from v0.65.2 to v0.66.0

    cluster-vsphere v0.65.2…v0.66.0

    Changed

    • Use Renovate to update kube-vip static pod manifest.
    • Updated giantswarm/cluster to v1.6.0.
    • Update kubectl image used by IPAM job to 1.29.9.
    • Use init-container to prepare /etc/hosts file for kube-vip.

    Apps

    • cert-exporter from v2.9.2 to v2.9.3
    • observability-bundle from v1.6.2 to v1.8.0

    cert-exporter v2.9.2…v2.9.3

    Changed

    • Chart: Enable global.podSecurityStandards.enforced. (#420)

    observability-bundle v1.6.2…v1.8.0

    Changed

    • Upgrade prometheus-agent from v0.6.9 to v0.7.0.
      • Adds extraArgs to be able to use nice features like wal truncation
    • upgrade kube-prometheus-stack from 61.0.0 to 65.1.1
      • prometheus-operator CRDs from 0.73.0 to 0.75.0
      • prometheus-operator from 0.75.0 to 0.77.1
      • prometheus upgraded from 2.53.0 to 2.54.1
      • grafana from 8.2.0 to 8.5.0
      • thanos ruler upgraded from 0.35.1 to 0.36.1
      • prometheus-node-exporter upgraded from 1.8.1 to 1.8.2
    • Add missing depends on annotation on alloy-metrics and alloy-logs to make sure they are deployed after the prometheus-operator-crds.
    • Upgrade alloyLogs to v0.6.1
      • Allow passing PodLogs via helm chart values
      • Upgrade to Alloy v1.4.2 which fixes a bug with component reload/evaluation and keeping Alloy up-to-date
      • Fixes an issue with CiliumNetworkPolicy preventing Alloy to run in clustering mode
  • Workload cluster releases for VSPHERE releases vsphere-27.0.1

    We are happy to announce the first release for vSphere that uses the new release framework.

    Migration to new releases flow

    In order to consume the new flow, the following two fields need to be manually adapted:

    • In ConfigMap <cluster name>-userconfig set .Values.global.release.version to the release version, e.g. 27.0.1.
    • In App <cluster name> remove the spec.version field. In case of GitOps, Flux might complain that the app manifest is invalid as the spec.version field is mandatory. In that case, edit the live App CR and set spec.version to an empty string. That will unblock Flux and allow it reconcile successfully.

    And if you want to use kubectl-gs to create a cluster, you’d need to now specify the release version, e.g.:

    kubectl-gs template cluster --provider vsphere --organization my_org --name cluster_name -vsphere-network-name network_name --release 27.0.1
  • Workload cluster releases for VSPHERE releases vsphere-28.0.1

    Changes compared to v27.0.1

    Components

    • Kubernetes from v1.27.16 to v1.28.15
  • Workload cluster releases for VSPHERE releases vsphere-29.0.0

    Changes compared to v28.0.1

    Components

    • cluster-vsphere from v0.65.1 to v0.65.2.
    • Flatcar from v3815.2.5 to v3975.2.2
    • Kubernetes from v1.28.15 to v1.29.10

    cluster-vsphere v0.65.1…v0.65.2

    Changed

    • Fix kube-vip static pod manifest for Kubernetes 1.29 onwards.

    Apps

    • cert-exporter from v2.9.1 to v2.9.2
    • coredns from v1.21.0 to v1.22.0
    • node-exporter from v1.19.0 to v1.20.0
    • observability-bundle from v1.5.3 to v1.6.2
    • security-bundle from v1.8.0 to v1.8.2
    • teleport-kube-agent from v0.9.2 to v0.10.3
    • vertical-pod-autoscaler from v5.2.4 to v5.3.0
    • vertical-pod-autoscaler-crd from v3.1.0 to v3.1.1

    cert-exporter v2.9.1…v2.9.2

    Added

    • Chart: Add VPA and resources configuration for deployment and daemonset. (#382)

    coredns v1.21.0…v1.22.0

    Changed

    • Update coredns image to 1.11.3.

    Removed

    • Removed legacy Giant Swarm monitoring labels as coredns is monitored through a prometheus-operator generated servicemonitor.

    node-exporter v1.19.0…v1.20.0

    Changed

    • Synced with upstream chart v4.38.0 (node-exporter 1.8.2).

    observability-bundle v1.5.3…v1.6.2

    Added

    • Add alloy v0.4.0 as alloyMetrics.

    Changed

    • Fixed alloyMetrics catalog
    • Disable usage reporting to GrafanaLabs by:
      • Bumping alloyLogs and alloyMetrics to v0.4.1.
      • Bumping grafanaAgent to v0.4.6.

    security-bundle v1.8.0…v1.8.2

    Changed

    • Update cloudnative-pg (app) to v0.0.6.
    • Update trivy-operator (app) to v0.10.0.
    • Update kyverno-policy-operator (app) to v0.0.8.
    • Update kyverno (app) to v0.17.16.

    teleport-kube-agent v0.9.2…v0.10.3

    Changed

    • Disable JAMF components on chart templates
    • Fix issues with templates
    • Change ownership to Team Shield
    • Added small fix on podSecurityContext for seccompProfile.
    • Upgraded to Teleport version 16

    vertical-pod-autoscaler v5.2.4…v5.3.0

    Changed

    • Chart: Update Helm release vertical-pod-autoscaler to v9.9.0. (#314)
    • Chart: Consume global.imageRegistry. (#315)

    Removed

    • Chart: Do not override crds.image.tag. (#316)

    vertical-pod-autoscaler-crd v3.1.0…v3.1.1

    Changed

    • Chart: Improve Chart.yaml. (#110)
    • Repository: Some chores. (#111)
  • Workload cluster releases for VSPHERE releases vsphere-28.0.0

    Changes compared to v27.0.0

    Components

    • Kubernetes from v1.27.16 to v1.28.12
  • Workload cluster releases for VSPHERE releases vsphere-27.0.0

    We are happy to announce the first release for vSphere that uses the new release framework.

    Migration to new releases flow

    In order to consume the new flow, the following two fields need to be manually adapted:

    • In ConfigMap <cluster name>-userconfig set .Values.global.release.version to the release version, e.g. 27.0.0.
    • In App <cluster name> remove the spec.version field. In case of GitOps, Flux might complain that the app manifest is invalid as the spec.version field is mandatory. In that case, edit the live App CR and set spec.version to an empty string. That will unblock Flux and allow it reconcile successfully.

    And if you want to use kubectl-gs to create a cluster, you’d need to now specify the release version, e.g.:

    kubectl-gs template cluster --provider vsphere --organization my_org --name cluster_name -vsphere-network-name network_name --release 27.0.0

This part of our documentation refers to our vintage product. The content may be not valid anymore for our current product. Please check our new documentation hub for the latest state of our docs.