github loft-sh/loft v2.1.0

2 years ago

!!! Potentially Breaking !!!

Accessing vclusters now requires the view RBAC verb. Loft will automatically redeploy its core cluster and management roles which now includes those verbs. If you have created a custom cluster role for users to access vclusters, please make sure to give them the view permission on the resource virtualclusters in api group storage.loft.sh as well.

Users with the space-viewer cluster role are also now not able anymore to access the virtual clusters inside the space.

Space Ingress Wakeup

Sleeping spaces can now be woken up through their ingresses. Loft will present a web view that makes it possible to wake up a space without the need to access the Loft UI or send any Kubernetes requests.

Space & Virtual Cluster Descriptions with Markdown

It is now possible to assign a display name as well as description to spaces and virtual clusters. Besides that it is also possible to use markdown for object descriptions, which allows you to use links and other formatting options to optimize the space or other object's description.

image

Automatic Ingress Authentication

Loft now supports automatic ingress authentication for owned spaces. Loft will rewrite the ingresses in the spaces and make sure no one that is not authenticated to Loft and has access to the space can access the application exposed by the ingress. This is currently only supported for nginx ingress controller ingresses.

Other Changes

  • ui: New vcluster permissions
  • ui: Description is now shown for users
  • ui: User subject is now configurable
  • api: Loft will now wait if a request targets a sleeping vcluster
  • api: Changed vcluster default version to v0.5.3
  • api: Fixed an issue where space migration from older would not work correctly
  • api: Removed loft webhook and apiservice which are now handled internally in the loft api server

Don't miss a new loft release

NewReleases is sending notifications on new releases.