Changelog (since v1.28)
Components that will be restarted during the update
- Grafana
bashible-api-server
control-plane-manager
cert-manager
chrony
upmeter
Significant Changes
Bump Grafana version to fix zero-day path
The cert-manager.io/v1alphaX
API version is no longer supported
Other Changes
[bashible]
- fixes
- Fix incorrect auth value for containerd config only
- Cluster bootstrap on Azure works for Ubuntu 20.04
[cert-manager]
- features
- Upgrade cert-manager to v1.6.1
- Pull request
- NOTE! The cert-manager controller will be restarted. CRD with version
cert-manager.io/v1alphaX
is no longer supported.
- Instructions for connecting Vault to the
cert-manager
.
- Upgrade cert-manager to v1.6.1
[chrony]
- fixes
- Fix rollout restart time of chrony daemonset.
- Pull request
- NOTE! The module will be restarted.
- Fix rollout restart time of chrony daemonset.
[deckhouse]
- fixes
- Clear values cache when a module is disabled.
- Move context generation into a bashible-apiserver.
- Pull request
- NOTE! A bashible-apiserver will be restarted.
- Fix Deckhouse Manual update mode.
[deckhouse-web]
- fixes
- Add missing 'ca.crt' field to internal values schema.
[log-shipper]
- features
- Support storing data in Elasticsearch datastreams.
- fixes
- Fix default CRD values.
- Pull request
- NOTE! CR
ClusterLogDestination
, created inv1.29.0-alpha.*
, should be recreated.
- Fix default CRD values.
[monitoring-kubernetes]
- fixes
- Fix description for alert
NTPDaemonOnNodeDoesNotSynchronizeTime
.- Pull request
- NOTE! We only use the Deckhouse chrony module, so a description about another NTP daemons is not needed.
- Fix description for alert
[node-manager]
- features
- Add Pods deletion from a node that requests disruption updates, when pod eviction fails.
[prometheus]
- features
- Improve Prometheus FAQ about Lens access.
- fixes
- Bump Grafana version to fix zero-day path traversal bug (CVE-2021-43798).
[secret-copier]
- features
- Implement create–or–update logic for proper reconcile.
- Pull request
- NOTE! Add support of namespace label-selector in
secret-copier.deckhouse.io/target-namespace-selector
annotation value.
- Implement create–or–update logic for proper reconcile.
[ingress-nginx]
- features
- Add the ability to set a default certificate.