github loft-sh/loft v3.0.0

latest releases: v4.2.0-alpha.0, v4.1.0, v4.1.0-beta.4...
20 months ago

!! BREAKING CHANGES & Deprecations !!

For a complete upgrade guide, please take a look at our docs.

  • We removed all kiosk apis that were deprecated in Loft v2, please use the new project api instead.
  • loft sleep is now loft sleep space
  • loft wakeup is now loft wakeup space
  • Direct Grafana integration was removed. We felt that this wasn't providing much benefit and users rarely used this.
  • Template syncing in non project spaces / virtual clusters was removed, please import the spaces / virtual clusters into a project to sync the templates
  • Space Constraints are now deprecated, please use projects instead
  • Cluster Quotas are now deprecated, please use project quotas instead

Projects

Projects are the new way to group spaces and virtual clusters across several clusters. They offer an easy way to manage access and superseed the older cluster access and space constraints concepts. We felt that especially space constraints were a complicated concept that were hard to understand and setup correctly.

Within projects, members can only create virtual clusters and spaces based on a template (project admins can still create them without). You can also assign which templates and clusters can be used within a project. You configure quotas and all access related configuration now on a project, which makes it also a lot easier to divide access inside a single cluster. Spaces and virtual clusters that aren't part of a project yet, can easily be imported.

Check out the docs for more information about projects.

ArgoCD Integration

We now provide a ArgoCD integration that can be enabled on the project level. Loft is able to automatically connect virtual clusters within that project to any Argo instance in any connected or project virtual cluster. In addition, it's also possible to let Loft configure SSO access to Argo cd. This allows you to make ArgoCD easily available for your users inside a project.

Cross Cluster Quotas

With projects its now possible to configure quotas per project across multiple clusters. This makes it possible to define a single quota for the project or user that will be enforced across all allowed clusters within a project.

Template versions

Templates and apps can now be versioned and assigned by their version. This allows you to upgrade spaces and virtual clusters in phases without worrying to break all virtual clusters with a single template update. Template versions are defined with semantic versioning and placeholder versions (such as 2.1.x) can be used to automatically update templates, e.g. if a new patch version of the template is released.

Declarative Config

Loft config is now configured by default through helm values, which makes it easier to deploy Loft through a GitOps approach.

White-Labelling

Its now possible to configure a company custom logo for Loft.

App Syncing

Apps that are defined in projects can now be assigned to a template and Loft will take care of upgrading, syncing parameters or even deletion of the apps if they change in the underlying template.

Management CRDs

Users can now create instances of virtual clusters and spaces inside the loft management instance which allows them to create environments in the central management cluster. This makes management of virtual clusters, spaces and projects a lot easier as you don't need to jump between kube contexts anymore. For automation purposes, this also means you can use any GitOps solution to manage your environments directly inside the management cluster.

Project Secrets

Projects allow you to create secrets inside them that should be shared across the project members. These secrets can be synced into any space or virtual cluster inside the project and can also be synced from a shared secret or other secret provisioning mechanism.

Virtual Cluster Ingress Access

It's now possible to expose virtual clusters created by Loft through a regular ingress. This is especially useful if you want to prevent authentication with Loft and give non-Loft users access to these virtual clusters.

Centralized Audit Logging

Loft will now show aggregated audit trails from all agents if direct cluster endpoints are configured. This gives you more insights into what happened on the agent side.

Better scalability

We have refactored the way how Loft and the agent connect, which makes it now possible to connect many more clusters to Loft.

Don't miss a new loft release

NewReleases is sending notifications on new releases.