Skip to content

Releases: mesosphere/kubernetes-base-addons

v4.4.0

17 Feb 05:19
@joejulian joejulian
v4.4.0
df6d91b
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v4.4.0 Latest
Latest

defaultstorageclass-protection

  • Use a chart version that has no reference to "latest" tag of default-storage-class
    #1446 (@mesosphere-mergebot)

kube-oidc-proxy

  • Bumps kube-oidc-proxy to 0.3.0 to resolve "kubectl log" latency issues (COPS-7123)
    #1420 (@mesosphere-mergebot)

nvidia

  • Updates Nvidia DCGM exporter to 2.2.9 to fix metrics (COPS-7132)
    #1412 (@mesosphere-mergebot)

  • Fixes Nvidia GPU platform service placement constraints (COPS-7142)
    #1417 (@mesosphere-mergebot)

prometheus

  • chore: Pins Grafana image to 7.5.6 and bumps kubectl image to 1.20.6 (COPS-6963)
    #1428 (@mesosphere-mergebot)

  • Adds concurrency policy Replace configuration to the Grafana home dashboard CronJob to avoid potentially creating an unbound number of pods (COPS-7105)
    #1399 (@mesosphere-mergebot)

  • Alertmanager CRD is now properly upgraded (COPS-6842)
    #1330 (@mesosphere-mergebot)

traefik-forward-auth

  • traefik-forward-auth: bring back the in-cluster storage feature.
    #1442 (@mesosphere-mergebot)

Contributors

d2iq-mergebot
Assets 2
Loading

v4.3.0

02 Dec 22:25
@joejulian joejulian
v4.3.0
d8b0439
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v4.3.0

traefik-forward-auth

  • [traefik-forward-auth] Upgrade container image to 3.0.3, pulling in a fix for URL pattern matching.
    #1345 (@mesosphere-mergebot)

Contributors

d2iq-mergebot
Assets 2
Loading

v4.2.0

15 Sep 21:04
@joejulian joejulian
v4.2.0
06bee31
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v4.2.0

ambassador

  • [1.13.10]
  • Bugfix: Fixed a regression when specifying a comma separated string for cors.origins on the
  • Mapping resource. ([#3609])
  • Change: Envoy-configuration snapshots get saved (as ambex-#.json) in /ambassador/snapshots.
  • The number of snapshots is controlled by the AMBASSADOR_AMBEX_SNAPSHOT_COUNT environment
  • variable; set it to 0 to disable. The default is 30.
  • Change: Set AMBASSADOR_AMBEX_NO_RATELIMIT to true to completely disable ratelimiting Envoy
  • reconfiguration under memory pressure. This can help performance with the endpoint or Consul
  • resolvers, but could make OOMkills more likely with large configurations. The default is false,
  • meaning that the rate limiter is active.
  • Bugfix: The Mapping resource can now specify docs.timeout_ms to set the timeout when the
  • Dev Portal is fetching API specifications.
  • Bugfix: The Dev Portal will now strip HTML tags when displaying search results, showing just
  • the actual content of the search result.
  • Change: Consul certificate-rotation logging now includes the fingerprints and validity
  • timestamps of certificates being rotated.
  • [1.13.8]
  • Bugfix: Ambassador Agent now accurately reports up-to-date Endpoint information to Ambassador Cloud
  • Feature: Ambassador Agent reports ConfigMaps and Deployments to Ambassador Cloud to provide a better Argo Rollouts experience. See Argo+Ambassador documentation for more info.
  • [1.13.7]
  • Feature: Add AMBASSADOR_JSON_LOGGING to enable JSON for most of the Ambassador control plane. Some (but few) logs from gunicorn and the Kubernetes client-go package still log text.
  • Bugfix: Fixed a bug where the Consul resolver would not actually use Consul endpoints with TCPMappings.
  • Change: Ambassador now calculates its own memory usage in a way that is more similar to how the kernel OOMKiller tracks memory.
  • [1.13.6]
  • Bugfix: Fixed a regression where Ambassador snapshot data was logged at the INFO label when using AMBASSADOR_LEGACY_MODE=true
  • [1.13.5]
  • Bugfix: Fix a regression from 1.8.0 that prevented Ambassador module config keys proper_case and preserve_external_request_id from working correctly.
  • Bugfix: Fixed a regression in detecting the Ambassador Kubernetes service that could cause the wrong IP or hostname to be used in Ingress statuses (thanks, Noah Fontes!
  • [1.13.4]
  • Bugfix: Incorporate the Envoy 1.15.5 security update by adding the reject_requests_with_escaped_slashes option to the Ambassador module.
    #1271 (@mesosphere-mergebot)

azuredisk-csi-driver

  • Features
  • support force detach
  • support incremental snapshot
  • support tags in snapshot
  • create snapshot on external resource group
  • add dangling error support
  • support Azure disk batch attach/detach (#650)
  • Windows beta support (switch to csi-proxy v0.2.2 API)
  • support multi OS versions for Windows images
  • Azure stack support
  • ListVolumes support
  • add LogicalSectorSize support for UltraSSD
  • remove unmanaged disk support
  • add full Azure Stack support
  • add more controller metrics
  • support disable AzureStack
  • disable AzureStack by DisableAzureStackCloud config
  • Bug Fixes
  • fix disk API 10s latency issue
  • fix initial delay(1s) when mount azure disk
  • fix incorrect max azure disk max count
  • fix resize error in migration scenario
  • fix azure disk resize error if source does not exist
  • fix: not schedule driver pod on virtual node
  • fix: cache data loss issue on Windows when unmount disk
  • fix: resize filesystem if cloned volume capacity is larger than source volume
  • fix: volume expansion failure on node
  • fix: helm chart installation issue
    #1272 (@mesosphere-mergebot)

dashboard

  • Hide pagination controls if there is only a single page of items to display (#5827)
  • Use .log extension instead of .txt for downloaded log files
  • Extend pod view with more information including:
  • related Service Account (#5815)
  • liveness/readiness probe (#6145)
  • Major refactoring and improvements of the log viewer (#5868)
  • Change resource status icons to colored dots (#5867)
  • Add hover effects for clickable elements (#5930)
  • Add deployment rollout restart option (#5917)
  • Improve env variable display for containers and fix ingress view (#5975)
  • Add labels to workload status charts (#5994)
  • Restore serialized reference component (#6090)
  • Reorganize resource list columns and add more columns, i.e. images (#6014)
  • Replace all overview redirects with workloads (#6092)
  • Improve chart metrics calculation to support wider time windows (#6126)
  • Use stable networking.k8s.io/v1 API for Ingress resource
    #1273 (@mesosphere-mergebot)

elasticsearchexporter

  • [FEATURE] Added elasticsearch_clustersettings_stats_max_shards_per_node metric. #277
  • [FEATURE] Added elasticsearch_indices_shards_store_size_in_bytes metric. #292
  • [FEATURE] Added --es.indices_mappings flag to scrape elasticsearch index mapping stats and elasticsearch_indices_mappings_stats collector. #411
  • [FEATURE] Added elasticsearch_snapshot_stats_latest_snapshot_timestamp_seconds metric. #318
  • [ENHANCEMENT] Added support for reloading the tls client certificate in case it changes on disk. #414
  • [BUGFIX] Fixed the elasticsearch_indices_shards_docs metric name. #291
  • [BUGFIX] Fixed elasticsearch 7.13 node stats metrics #439
  • [BUGFIX] Fixed snapshot stats metrics for some snapshot repository types #442
    #1277 (@mesosphere-mergebot)

nvidia

  • Updated Nvidia addon to support driver v460
    #1206 (@mesosphere-mergebot)

opsportal

  • Fix cluster details page for AKS clusters (COPS-6997)
    #1274 (@mesosphere-mergebot)

  • fix: UI load addon dashboard links even when custom domain ConfigMap does not exist.
    #1282 (@mesosphere-mergebot)

prometheus

  • prometheus: possible to enable elasticsearch rules
    #1223 (@mesosphere-mergebot)

  • fix: Bump Prometheus to v2.29.2 which fixes head GC and pending readers race condition that caused issues with rule evaluations.
    #1303 (@mesosphere-mergebot)

  • prometheus: possible to enable elasticsearch rules
    #1224 (@mesosphere-mergebot)

reloader

  • Reload resource if secret/configmap is re-created
    #1278 (@mesosphere-mergebot)

traefik-forward-auth

  • [traefik-forward-auth] TFA now sanitizes incoming Connection headers
    #1286 (@mesosphere-mergebot)

  • traefik-forward-auth: shorten hook names to be within 63 character length.
    #1316 (@mesosphere-mergebot)

Contributors

d2iq-mergebot
Assets 2
Loading

v3.6.0

15 Sep 23:03
@joejulian joejulian
v3.6.0
83c8bdb
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v3.6.0

dashboard

  • Starting from version 4.0.0 of this chart, it will only support Helm 3 and remove the support for Helm 2
    #1057 (@mesosphere-mergebot)

nvidia

  • Updated Nvidia addon to support driver v460
    #1205 (@mesosphere-mergebot)

prometheus

  • fix: Bump Prometheus to v2.29.2 which fixes head GC and pending readers race condition that caused issues with rule evaluations.
    #1313 (@mesosphere-mergebot)

traefik-forward-auth

  • traefik-forward-auth: shorten hook names to be within 63 character length.
    #1317 (@mesosphere-mergebot)

Contributors

d2iq-mergebot
Assets 2
Loading

v4.1.0

09 Jun 22:01
@joejulian joejulian
v4.1.0
0085b00
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v4.1.0

prometheus

traefik

  • [traefik] A bug causing configuration updates to fail when a user adds an invalid tls secret has been fixed
    #1164 (@mesosphere-mergebot)

vsphere-csi-driver

Assets 2
Loading

v3.5.0

09 Jun 21:54
@joejulian joejulian
v3.5.0
f57b73d
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v3.5.0

dex

  • Defer AuthRequest creation until after initial login page to avoid too many objects.
    #1115 (@mesosphere-mergebot)

dex-k8s-authenticator

  • security: use a service account rather than adding extra permissions to the default namespace account
    #1041 (@mesosphere-mergebot)

fluentbit

opsportal

  • fix: update UI dependencies to mitigate CVE-2021-23337
    #1124 (@armandgrillet)

  • Fixes bug in OpsPortal & Kommander UI where LDAP Root CA is malformed when saved

  • Updated UI to only ship with needed dependencies
    #1042 (@mesosphere-mergebot)

prometheus

traefik

  • [traefik] A bug causing configuration updates to fail when a user adds an invalid tls secret has been fixed
    #1163 (@mesosphere-mergebot)

vsphere-csi-driver

Assets 2
Loading

v4.1.0-rc.2

08 Jun 21:00
@joejulian joejulian
v4.1.0-rc.2
c073585
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v4.1.0-rc.2

prometheus

traefik

  • [traefik] A bug causing configuration updates to fail when a user adds an invalid tls secret has been fixed
    #1164 (@mesosphere-mergebot)

vsphere-csi-driver

Assets 2
Loading

v3.5.0-rc.2

08 Jun 22:29
@joejulian joejulian
v3.5.0-rc.2
dd01d72
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v3.5.0-rc.2

dex

  • Defer AuthRequest creation until after initial login page to avoid too many objects.
    #1115 (@mesosphere-mergebot)

dex-k8s-authenticator

  • security: use a service account rather than adding extra permissions to the default namespace account
    #1041 (@mesosphere-mergebot)

fluentbit

opsportal

  • fix: update UI dependencies to mitigate CVE-2021-23337
    #1124 (@armandgrillet)

  • Fixes bug in OpsPortal & Kommander UI where LDAP Root CA is malformed when saved

  • Updated UI to only ship with needed dependencies
    #1042 (@mesosphere-mergebot)

prometheus

traefik

  • [traefik] A bug causing configuration updates to fail when a user adds an invalid tls secret has been fixed
    #1163 (@mesosphere-mergebot)

vsphere-csi-driver

Assets 2
Loading

v4.0.0

05 May 19:11
@joejulian joejulian
v4.0.0
9687fa9
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v4.0.0

ambassador

dashboard

  • Starting from version 4.0.0 of this chart, it will only support Helm 3 and remove the support for Helm 2
    #1058 (@mesosphere-mergebot)

defaultstorageclass-protection

dex

dex-k8s-authenticator

  • security: use a service account rather than adding extra permissions to the default namespace account
    #1040 (@mesosphere-mergebot)

elasticsearch

fluentbit

gatekeeper

istio

  • istio version upgraded to 1.9.1
    #1021 (@mesosphere-mergebot)

jaeger

  • bump jaeger-operator-2.18.4
    #835 (@d2iq-dispatch)

  • bump jaeger-operator-2.19.0
    #867 (@d2iq-dispatch)

  • kiali and jaeger are now deployable with the "none" provisioner, i.e. in on-premise environments.
    #1022 (@mesosphere-mergebot)

kiali

  • kiali and jaeger are now deployable with the "none" provisioner, i.e. in on-premise environments.
    #1022 (@mesosphere-mergebot)

  • bump kiali-operator-1.29.1
    #892 (@d2iq-dispatch)

  • kiali: configure to use the same version for kiali/kialii that matches the operator.
    #887 (@dkoshkin)

opsportal

  • fix: updating GitOps Source in Kommander.

  • feat: Show certification badges in Kommander project catalog.

  • feat: Allow creating Root CA secret when attaching a firewalled cluster in Kommander.

  • feat: give list of loadbalncers when attaching a firewalled cluster in Kommander.
    #1072 (@mesosphere-mergebot)

  • UI - resolve kubecost performance issue

  • UI - handle license loading state, show loading instead of invalid when license is missing a status
    #1089 (@mesosphere-mergebot)

  • Fixes bug in OpsPortal & Kommander UI where LDAP Root CA is malformed when saved

  • Updated UI to only ship with needed dependencies
    #976 (@d2iq-dispatch)

  • fix: updating GitOps Source in Kommander.

  • feat: Show certification badges in Kommander project catalog.

  • feat: Allow creating Root CA secret when attaching a firewalled cluster in Kommander.

  • feat: give list of loadbalncers when attaching a firewalled cluster in Kommander.
    #1068 (@mesosphere-mergebot)

  • Update opsportal to mitigate CVE-2020-1971
    #1107 (@mesosphere-mergebot)

  • Fixes bug in OpsPortal & Kommander UI where LDAP Root CA is malformed when saved

  • Updated UI to only ship with needed dependencies
    #964 (@d2iq-dispatch)

  • fix(kommander): Fix empty non-Konvoy cluster Platform Services tab
    #902 (@d2iq-dispatch)

  • fix: update UI dependencies to mitigate CVE-2021-23337
    #1075 (@mesosphere-mergebot)

  • Fixes bug in OpsPortal where Identity Providers would not show up (COPS-6843)
    #953 (@d2iq-dispatch)

  • fix(kommander-ui): disable addons on foundation disabled

  • feat(kommander-ui): add license delete mutation

  • feat(kommander-ui): replace license table with single license detail view

  • feat(kommander-ui): allow workspace namespace to be configurable
    #930 (@d2iq-dispatch)

  • Update opsportal to mitigate CVE-2020-1971
    #1106 (@armandgrillet)

prometheus

  • fix(prometheus): In upgrades, use existing PVC from previous installation.
    #1015 (@gracedo)

  • prometheus(fix): Re-enable etcd prometheus rules
    #938 (@gracedo)

  • prometheus: Added new Thanos sidecar metrics

  • prometheus: Significantly improved Thanos sidecar latency (reduced ~2x)
    #1018 (@mesosphere-mergebot)

prometheusadapter

  • prometheus-adapter: bump to latest version v0.8.3

    • Fix authorizer webhook panic by bumping apiserver dependencies #362
    • Add NOTICE to comply with the CNCF rules #359
    • Populate metric selector for custom metrics #348
    • Fix apiserver panics by bump to k8s 1.20, go 1.15 #352

  • prometheusadapter: fix an error were resources in reported by the Kubernetes dashboard and kubectl top reported double of the actual resources.
    #884 (@dkoshkin)

reloader

  • Bump from v0.0.79 to v0.0.80

  • Add custom annotation support in service account
    #893 (@d2iq-dispatch)

  • When upgrading from a release that used helm 2 to install, reloader cannot be cleanly upgraded due to selector changes. This adds a flag that causes reloader to be uninstalled before being upgraded. This should have no effect on running applications.
    #956 (@armandgrillet)

Assets 2
Loading

v4.0.0-rc.3

28 Apr 21:48
@dkoshkin dkoshkin
v4.0.0-rc.3
85d412a
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v4.0.0-rc.3

ambassador

dashboard

  • Starting from version 4.0.0 of this chart, it will only support Helm 3 and remove the support for Helm 2
    #1058 (@mesosphere-mergebot)

dex-k8s-authenticator

  • security: use a service account rather than adding extra permissions to the default namespace account
    #1040 (@mesosphere-mergebot)

fluentbit

istio

  • istio version upgraded to 1.9.1
    #1021 (@mesosphere-mergebot)

jaeger

  • kiali and jaeger are now deployable with the "none" provisioner, i.e. in on-premise environments.
    #1022 (@mesosphere-mergebot)

kiali

  • kiali and jaeger are now deployable with the "none" provisioner, i.e. in on-premise environments.
    #1022 (@mesosphere-mergebot)

opsportal

  • UI - resolve kubecost performance issue

  • UI - handle license loading state, show loading instead of invalid when license is missing a status
    #1089 (@mesosphere-mergebot)

  • fix: update UI dependencies to mitigate CVE-2021-23337
    #1075 (@mesosphere-mergebot)

  • fix: updating GitOps Source in Kommander.

  • fest: Show certification badges in Kommander project catalog.

  • feat: Allow creating Root CA secret when attaching a firewalled cluster in Kommander.

  • feat: give list of loadbalncers when attaching a firewalled cluster in Kommander.
    #1072 (@mesosphere-mergebot)

  • fix: updating GitOps Source in Kommander.

  • fest: Show certification badges in Kommander project catalog.

  • feat: Allow creating Root CA secret when attaching a firewalled cluster in Kommander.

  • feat: give list of loadbalncers when attaching a firewalled cluster in Kommander.
    #1068 (@mesosphere-mergebot)

  • fix: updating GitOps Source in Kommander.

  • fest: Show certification badges in Kommander project catalog.

  • feat: Allow creating Root CA secret when attaching a firewalled cluster in Kommander.

  • feat: give list of loadbalncers when attaching a firewalled cluster in Kommander.
    #1055 (@d2iq-dispatch)

  • Fixes bug in OpsPortal & Kommander UI where LDAP Root CA is malformed when saved

  • Updated UI to only ship with needed dependencies
    #976 (@d2iq-dispatch)

prometheus

  • prometheus: Added new Thanos sidecar metrics

  • prometheus: Significantly improved Thanos sidecar latency (reduced ~2x)
    #1018 (@mesosphere-mergebot)

  • fix(prometheus): In upgrades, use existing PVC from previous installation.
    #1015 (@gracedo)

Assets 2
Loading