github kyma-project/kyma 2.15.0

latest releases: 2.20.0, 2.20.0-rc1, 2.19.3...
12 months ago

Still warm, as the June sun at noon, comes Kyma 2.15. The hot season has already started, so juicy improvements are here to refresh your experience with our product. Sip the strawberry-Telemetry, watermelon-Security, raspberry-API Gateway, and peach-Serverless cool punch news as if you were on a Hawaiian beach. Read on to see what we prepared for you!

Telemetry

Manager

Tracing

Logging

Security

With the 2.15 Kyma version, ECDHE-RSA-AES256-SHA and ECDHE-RSA-AES128-SHA cipher suites used in the default Kyma gateway become deprecated as part of security hardening and following Kyma security team recommendations. The configurations will be removed with Kyma version 2.18, and clients dependent on the cipher suites won’t be accepted.

API Gateway

Default timeout for HTTP requests

This Kyma release brings a unified timeout for workloads exposed with APIRules. The default timeout for HTTP requests is now 180s, and it’s defined on the Istio VirtualService level.

Ory Hydra OAuth2 client migration

The Ory stack has been deprecated since Kyma version 2.2. The recently published blog post explains how to migrate from the Ory Hydra client to the application created in SAP Cloud Identity Services. Start the migration process as soon as possible.

Serverless

Simplified internal Docker registry setup

With Kyma 2.15, we simplified Serverless configuration for the internal Docker registry. From now on, the images for Function runtime Pods are pulled from the internal Docker registry with NodePort.

With this change, we improve security as the internal Docker registry is no longer exposed outside of the Kubernetes cluster. Additionally, it makes Serverless fully independent from the Istio module in all installation modes.

Deployment profiles removed

In preparation for an independent installation model, we removed the predefined deployment profiles, namely evaluation and production for Serverless. We are shifting from profiled overrides used during module installation towards runtime-configurable resources.

Changelog

2.15.0 (2023-06-07)

Api Gateway

Application Connector

  • #17607 bumps application connector images (@Disper)
  • #17544 Bumps dependencies in application-connector components (@Disper)
  • #17528 bump application connector dependencies (@Disper)
  • #17458 bumps golang to 1.20.4 in application connectivity components (@Disper)

Serverless

Eventing

Security

  • #17574 Update telemetry-operator to cleanup Fluent Bit volume mounts (@chrkl)

Monitoring

Logging

Tracing

Telemetry

Documentation

Committers: 23

Don't miss a new kyma release

NewReleases is sending notifications on new releases.