2.13.0
Like the sea that relentlessly sends waves softly shaping the shore, we also incessantly keep sending new releases to you and hope to improve your Kyma experience gently but consistently. Here we come, with version 2.13, bringing a collection of updates, fixes, and improvements that will make you love Kyma even more! Read on to find out what we have prepared for you.
API Gateway
From now on, the Ory Hydra Postgres database refuses localhost connections without a password, as we have introduced MD5 authentication. Check this PR for more details.
Also, we have updated API Gateway to version 1.5.0 and thus introduced a default request time for the exposed workload.
Observability
Monitoring
With the 2.13 version of Kyma, we've updated kube-state-metrics to version 2.8.1.
Telemetry
Manager
This release brings improvement in the way Telemetry Manager caches Kubernetes resources. As a result, the manager has a reduced memory footprint and requires fewer access permissions to Kubernetes resources. For more information on the changes, see this issue.
We have also improved the validation of LogPipelines by the webhook, which allows for earlier feedback reception.
As of now, the CRD reference documentation is always up-to-date as it's automatically generated from the CRD description.
We have improved the resiliency of the setup. Consequently, Fluent Bit DaemonSet is automatically recovered in case of unattended deletion. See this PR for more details.
Tracing
With Kyma 2.13, we've updated OTel Collector to version 0.73.0.
Logging
With this release, the profiles for the Telemetry component have been consolidated, and no specialized settings for profiles are in use anymore. The settings from the previous production profile are the new default.
We have updated Fluent Bit to version 2.0.10 and also improved its retry handling by increasing the Fluent Bit retry limit.
Serverless
serverless.kyma-project.io/v1alpha1
API version removed
Following the depreciation of the serverless.kyma-project.io/v1alpha1
API version with Kyma 2.6, we've finally removed it in this release. The conversion webhook responsible for converting v1alpha1 to v1alpha2 during the grace period has also been removed.
Dependencies to cluster-essentials removed
From now on, the Serverless module brings all its belongings within its Helm Chart and becomes independent of the cluster-essentials module. It is a step towards the modularization of Kyma, in which independent modules are the basic concept.
Maintenance
We have introduced multiple security patches and fixed the bug responsible for premature Function CR creation.
Security
Istio upgraded to 1.17.1
With this release, we have upgraded the Istio version from 1.16.3 to 1.17.1. For more details on the changes, read the official Istio 1.17.1 release notes.
Troubleshooting
Failed to PATCH functions.serverless.kyma-project.io
CustomResourceDefinition during upgrade
With Kyma 2.13, we have removed the v1alpha1
version from functions.serverless.kyma-project.io
Custom Resource Definition.
If you deploy the 2.13.0 version on top of the previous Kyma version, you see the following error:
kubeClient failed to update CustomResourceDefinition 'functions.serverless.kyma-project.io' (namespace: ) with strategy 'PATCH': cannot patch "functions.serverless.kyma-project.io" with kind CustomResourceDefinition: CustomResourceDefinition.apiextensions.k8s.io "functions.serverless.kyma-project.io" is invalid: status.storedVersions[0]: Invalid value: "v1alpha1": must appear in spec.versions
To overcome this problem, you must manually delete the v1alpha1
version from the function CRD status with this command:
kubectl patch customresourcedefinitions functions.serverless.kyma-project.io --subresource='status' --type='merge' -p '{"status":{"storedVersions":["v1alpha2"]}}'
Changelog
2.13.0-rc1 (2023-04-11)
Api Gateway
- #17249 Add documentation regarding limatations on Istio, Ory and API Gateway (@barchw)
- #17218 Api-gateway 1.5.0 (@barchw)
- #17132 Update api-gateway image to 1.4.1 (@barchw)
- #17138 Restrict localhost
trust
auth in favour ofmd5
(@videlov) - #17011 Bump api-gateway to 1.4 (@werdes72)
- #16967 Bump postgres image to 11.19-alpine3.17 (@videlov)
Application Connector
- #16978 Remove PR images from application-connector code before release 2.12 (@koala7659)
- #16917 add note on Istio sidecar injection (@grego952)
- #16525 Change Compass Runtime Agent namespace to kyma-system (@mvshao)
Serverless
- #17187 Fullfill stub for webhooks (@dbadura)
- #17186 move the UI config map from busola to serverless (@anoipm)
- #17185 Remove k3s-tests from srvls chart definition (@kwiatekus)
- #17183 Set function-dashboard namespace (@pPrecel)
- #17092 Remove v1alpha1 crd (@dbadura)
- #17180 Change v1alpha1 to v1alpha2 serverless fast integration (@dbadura)
- #17182 Allow serverless installation in arbitraty namespace (@kwiatekus)
- #17140 Fix kubectl code in Deploy and expose a Function (@grego952)
- #17134 Serverless module defines its CRDs (@kwiatekus)
- #17131 Independent priority class for serverless workloads (@kwiatekus)
- #17091 Remove v1alpha1 - webhook's cleanup (@dbadura)
- #17090 Remove v1alpha1 conversion webhook (@dbadura)
- #17125 Serialise in json non primitive types as string (@kwiatekus)
- #17089 Remove conversion tests for v1alpha1 (@dbadura)
- #17096 Document serverless limitations (@kwiatekus)
- #17098 Optimisation for python function image (@kwiatekus)
- #17029 Change v1alpha1 to v1alpha2 in the Technical reference section (@grego952)
- #17015 change alpha1 in the Serverless tutorials (@grego952)
- #17040 Fix priority class name for serverless controller (@kwiatekus)
- #17036 Increase test functions' resources (@pPrecel)
- #17025 Document example with Python OTEL skd (@kwiatekus)
- #16931 Documentation for adding schema versioning for v1alpha1 and v1alpha2 (@MichalKalke)
- #17019 refactor Function alpha2 code (@grego952)
- #16990 Exclude default
request
auto-instrumentation in python functions (@kwiatekus) - #16989 change alpha1 to alpha2 in AC and Eventing tutorials (@grego952)
- #16986 change alpha1 to alpha2 in Trigger a workload with an event (@grego952)
- #16920 Include nodejs18 in serverless integration and benchmark tests (@kwiatekus)
- #16918 Add nodejs18 in function controller (@kwiatekus)
- #16965 Deprecate nodejs14 runtime - remove from docs (@kwiatekus)
- #16925 Move function profile overrides from the test-infra scripts (@pPrecel)
- #16892 Remove dependencies to compass-system Namespace (@mvshao)
- #16869 Fix regression in response formatting in nodejs16 runtime (@kwiatekus)
Eventing
- #17261 Eventing image bumps for rel-2.13 (@mfaizanse)
- #17192 gomod(deps): bump github.com/nats-io/nats.go from 1.24.0 to 1.25.0 in /components/event-publisher-proxy (@dependabot[bot])
- #16991 add test atleast once delivery for jetstream during upgrade (@raypinto)
- #17073 Update NATS 2.9.15 (@marcobebway)
- #17007 Clean up the comments in Subscription v1alpha2. (@friedrichwilken)
- #16944 Fix Eventing controller makefile recipe indentation (@marcobebway)
- #16945 Fix Eventing tutorial (@marcobebway)
- #16921 Added tests for exact type matching in Eventing FI tests (@mfaizanse)
- #16916 Fix time comparisons for NATS in Eventing FI tests (@mfaizanse)
- #16900 Bumped NATS version to 2.9.14 (@mfaizanse)
- #16905 Globalized subscription names in Eventing FI tests (@mfaizanse)
- #16896 Removed JetStream atLeastOnceCheck test in Eventing FI tests (@mfaizanse)
- #16548 bump CPU limit to 1k to support same load as epp (@k15r)
- #16522 add metric for dispatch duration in nats dispatcher (@k15r)
- #16772 Update security context for the Eventing components (@marcobebway)
- #16771 Change loglevel for unneccessary info messages to debug (@k15r)
- #16553 change epp linter config (@k15r)
- #16756 Fixed NATS config comparison (@mfaizanse)
Service Mesh
- #17249 Add documentation regarding limatations on Istio, Ory and API Gateway (@barchw)
- #17074 Update Istio to 1.17.1 (@videlov)
- #16954 Set Istio cni namespace (@triffer)
Monitoring
- #17254 Update telemetry images (@chrkl)
- #17224 Update Alpine based images to 3.17.3 (@chrkl)
- #17129 update prometheus config reloader image to version 0.8.0 (@a-thaler)
- #17068 disable grafana external snapshot publish endpoint (@a-thaler)
- #17058 update images for telemetry/observabaility (@a-thaler)
- #16873 updated alpine to 1.17.2 (@a-thaler)
- #16858 update to alpine 1.17.2 for third-party-images (@a-thaler)
- #16816 Fix Kyma 2.12.0 cleanup script (@skhalash)
- #16814 Revert "Temporarily re-add FluentBit ServiceMonitor" (@skhalash)
- #16813 Convert logging, tracing to annotation-based Prometheus scraping (@skhalash)
- #16810 Convert serverless to annotation-based Prometheus scraping (@skhalash)
- #16805 Convert api gateway, istio, ory to annotation-based Prometheus scraping (@skhalash)
- #16761 Convert eventing to annotation-based Prometheus scraping (@skhalash)
- #16769 Add deprecation notes for monitoring component (@shorim)
- #16792 Always disable scraping for kube-state-metrics service (@skhalash)
- #16766 Temporarily re-add FluentBit ServiceMonitor (@skhalash)
- #16740 Convert telemetry to annotation-based Prometheus scraping (@skhalash)
Logging
- #17224 Update Alpine based images to 3.17.3 (@chrkl)
- #17130 [Telemetry] Update telemetry-operator image (@chrkl)
- #17109 update to fluentbit 2.0.10 (@a-thaler)
- #17058 update images for telemetry/observabaility (@a-thaler)
- #16858 update to alpine 1.17.2 for third-party-images (@a-thaler)
- #16764 update fluentbit to 2.0.9 (@a-thaler)
- #16781 remove init container from fluentbit (@rakesh-garimella)
- #16767 Always have dynamic-parsers config file (@rakesh-garimella)
Tracing
- #17224 Update Alpine based images to 3.17.3 (@chrkl)
- #17025 Document example with Python OTEL skd (@kwiatekus)
- #16851 Remove unused network policy (@rakesh-garimella)
- #16831 Remove Telemetry Component from Kyma repository (@hisarbalik)
Documentation
- #17249 Add documentation regarding limatations on Istio, Ory and API Gateway (@barchw)
- #17190 add info on Kyma import certs (@grego952)
- #17140 Fix kubectl code in Deploy and expose a Function (@grego952)
- #17096 Document serverless limitations (@kwiatekus)
- #17029 Change v1alpha1 to v1alpha2 in the Technical reference section (@grego952)
- #17015 change alpha1 in the Serverless tutorials (@grego952)
- #17025 Document example with Python OTEL skd (@kwiatekus)
- #17032 Fix typo in the documentation (@mvshao)
- #16931 Documentation for adding schema versioning for v1alpha1 and v1alpha2 (@MichalKalke)
- #17019 refactor Function alpha2 code (@grego952)
- #16989 change alpha1 to alpha2 in AC and Eventing tutorials (@grego952)
- #16986 change alpha1 to alpha2 in Trigger a workload with an event (@grego952)
- #16985 Change link in 2.12 Migration Guide (@mvshao)
- #16876 Change the migration script name (@mvshao)
- #16964 fixed link in migration guide (@a-thaler)
- #16965 Deprecate nodejs14 runtime - remove from docs (@kwiatekus)
- #16917 add note on Istio sidecar injection (@grego952)
- #16945 Fix Eventing tutorial (@marcobebway)
- #16857 Fix broken links in Telemetry docs (@IwonaLanger)
Committers: 43
- Aleksei Chernyshov (@Teneroy)
- Andreas Thaler (@a-thaler)
- Andrzej Pankowski (@Cortey)
- Bartosz Chwila (@barchw)
- Christoph Kleineweber (@chrkl)
- Damian Badura (@dbadura)
- Dennis Geiselmann (@dennis-ge)
- Filip Strózik (@pPrecel)
- Friedrich (@friedrichwilken)
- Grzegorz Karaluch (@grego952)
- Hisar Balik (@hisarbalik)
- Iwona Langer (@IwonaLanger)
- Jan Wozniak (@wozniakjan)
- Karol Szwaj (@cnvergence)
- Korbinian Stoemmer (@k15r)
- Krzysztof Kwiatosz (@kwiatekus)
- Magda Stręk (@strekm)
- Mansur Uralov (@muralov)
- Marcin Dobrochowski (@anoipm)
- Marco Bebway (@marcobebway)
- Michał 'Disper' Drzewiecki (@Disper)
- Michał Kalke (@MichalKalke)
- Mostafa Shorim (@shorim)
- Muhammad Faizan (@mfaizanse)
- Natalia Sitko (@nataliasitko)
- Patryk Strugacz (@werdes72)
- Piotr Bochyński (@pbochynski)
- Piotr Halama (@halamix2)
- Przemyslaw Golicz (@koala7659)
- Rafal Foks (@mvshao)
- Rakesh Garimella (@rakesh-garimella)
- Raymond Pinto (@raypinto)
- Stanislav Khalash (@skhalash)
- Tarik Özkahraman (@TarikOez)
- Tim Riffer (@triffer)
- Vladimir Videlov (@videlov)
- Vladislav Paskar (@vpaskar)
- Wojciech Nawa (@VOID404)
- Wojciech Sołtys (@Sawthis)
- Wojciech Wrzalik (@ralikio)
- Zhoujing Wang (@zhoujing2022)
- @kasiakepka
- marcin witalis (@m00g3n)