Release Notes - 1.43.0💣
Please see our documentation page for more information on how to consume and deploy BigBang.
Upgrade Notices💣
Monitoring:
- Starting from prometheus-node-exporter version 4.0.0, the node exporter chart is using the Kubernetes recommended labels
- You will need to delete the daemonset prior to upgrading with:
kubectl delete daemonset -l app=prometheus-node-exporter -n monitoring
- For more information please visit: https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack#from-39x-to-40x
Anchore:
- Anchore Enterprise 4.1.0 has new scan behavior that affects ability to see scan results before the feeds are fully synced
- There are also additional steps required when upgrading to 4.1.0 on a FIPS machine to ensure that the DBs are upgraded properly
- For more information visit the following: 4.1 Release Notes
Kiali:
- Kiali is updating to version 1.56.1 in this release
- While the Kiali upstream comptability matrix does not indicate support (upstream testing) for this version with Istio 1.14.3, we noted no issues in testing
- The warning that shows on the Kiali UI can be ignored provided you see no issues, and the Big Bang team will be updating to Istio 1.15.x in the near future to ensure we keep in alignment with the testing support of upstream
Upgrades from previous releases💣
If coming from a version pre-1.42.0
, note the additional upgrade notices in any release in between. The BB team doesn’t test/guarantee upgrades from anything pre-1.42.0
.
Packages💣
Package | Type | Package Version | BB Version |
---|---|---|---|
Istio Controlplane | Core | Istio 1.14.3 Tetrate Istio Distro 1.13.5 |
1.14.3-bb.4 🔗 |
Istio Operator | Core | Istio Operator 1.14.3 Tetrate Istio Distro Operator 1.13.5 |
1.14.3-bb.0 |
Jaeger | Core | 1.37.0 |
2.35.0-bb.1 🔗 |
Kiali | Core | 1.56.1 |
1.56.1-bb.1 🔗 |
Cluster Auditor | Core | 0.0.4 |
1.4.0-bb.10 🔗 |
Gatekeeper | Core | 3.9.0 |
3.9.0-bb.2 🔗 |
Kyverno | Core | 1.7.3 |
2.5.3-bb.0 |
Kyverno Policies | Core | 1.0.1 |
1.0.1-bb.5 🔗 |
Elasticsearch Kibana | Core | Kibana 8.4.0 Elasticsearch 8.4.0 |
0.10.1-bb.0 🔗 |
Eck Operator | Core | 2.3.0 |
2.3.0-bb.0 |
Fluentbit | Core | 1.9.7 |
0.20.6-bb.1 🔗 |
Promtail | Core | 2.6.1 |
6.2.2-bb.2 🔗 |
Loki | Core | 2.6.1 |
1.8.10-bb.2 |
Tempo | Core | Tempo 1.5.0 Tempo Query 1.5.0 |
0.16.1-bb.2 🔗 |
Monitoring | Core | Prometheus 2.38.0 Grafana 9.1.3 Alertmanager 0.24.0 |
40.0.0-bb.0 🔗 |
Twistlock | Core | 22.06.197 |
0.10.0-bb.1 🔗 |
Argocd | Addon | 2.4.10 |
4.10.8-bb.0 |
Authservice | Addon | 0.5.2 |
0.5.2-bb.0 |
Minio Operator | Addon | 4.4.28 |
4.4.28-bb.1 🔗 |
Minio | Addon | RELEASE.2022-08-26T19-53-15Z |
4.4.28-bb.1 🔗 |
Gitlab | Addon | 15.3.2 |
6.3.2-bb.0 🔗 |
Gitlab Runner | Addon | 15.2.1 |
0.43.1-bb.1 |
Nexus | Addon | 3.41.1-01 |
41.1.0-bb.4 🔗 |
Sonarqube | Addon | 8.9.9-community |
1.0.29-bb.2 |
Haproxy | Addon | 2.2.21 |
1.12.0-bb.0 |
Anchore Enterprise | Addon | Enterprise 4.1.0 Engine 1.1.0 |
1.19.4-bb.1 🔗 |
Mattermost Operator | Addon | 1.18.1 |
1.18.1-bb.1 🔗 |
Mattermost | Addon | 7.2.0 |
7.2.0-bb.0 |
Velero | Addon | 1.9.1 |
2.31.3-bb.2 🔗 |
Keycloak | Addon | Keycloak 18.0.2-legacy PlatformOne Plugin 1.2.0 |
18.2.1-bb.3 |
Vault | Addon | 1.11.2 |
0.21.0-bb.0 |
Metrics Server | Addon | 0.6.1 |
3.8.0-bb.4 |
Changes in 1.43.0💣
Big Bang MRs💣
- !2094: Updates Docs for pipelines
- !2077: Doc Fixes
- !2076: Resolve “Enable alpha plugins by default in ArgoCD”
Istio Controlplane💣
- !2037: Istio: Disable FSGroup modification by default
# Changelog Updates
## [1.14.3-bb.4]
### Changed
- Adds env variable to values which can be used during deployment to modify istio k8s env settings
Jaeger💣
- !2066: Jaeger mTLS metrics
# Changelog Updates
## [2.35.0-bb.1]
### Changed
- Enabled mTLS for Jaeger metrics
- Updated Gluon to 0.3.0
Kiali💣
- !2075: Update Kiali to 1.56.1
# Changelog Updates
## [1.56.1-bb.1] - 2022-09-13
### Fixed
- Fixed clicking in cypress test that was being blocked
## [1.56.1-bb.0] - 2022-09-13
### Changed
- Updated to 1.56.1 images (latest in IB)
## [1.56.0-bb.0] - 2022-09-12
### Changed
- Updated to 1.56.0 images (latest in IB)
Cluster Auditor💣
- !2086: Fix Cluster Auditor Helm Test
# Changelog Updates
## [1.4.0-bb.10]
### Fixed
- Resolved issues with cypress tests
Gatekeeper💣
- !2074: Gatekeeper: Update kubectl image
- !2087: Fix: Update gatekeeper docs to include replicas example
- !2073: Gatekeeper: Remove deprecated ingress versions
# Changelog Updates
## [3.9.0-bb.2]
### Changed
- Updated to latest kubectl v1.24.4
- Updated to latest gluon 0.3.0
## [3.9.0-bb.1]
### Changed
- Remove old Ingress API's
Kyverno Policies💣
- !2078: Kyverno Policies: Move nodeport enforcement to BB override
# Changelog Updates
## [1.0.1-bb.5] - 2022-09-14
### Changed
- Changed `disallow-nodeport-services` to `audit`
- Updated Gluon to `0.3.0`
- Fixed `disallow-pod-exec` from `attach` to `audit`
Elasticsearch Kibana💣
- !2093: Elasticsearch-kibana package update with exporter sub-chart
# Changelog Updates
## [0.10.1-bb.0] - 2022-09-11
### Added
- prometheus-elastiseaerch-exporter added as sub-chart deployment and `metrics` key to monitor health of elastic search indexes
Fluentbit💣
- !2056: Fluentbit: mTLS Metrics
# Changelog Updates
## [0.20.6-bb.1]
### Added
- Added support for tlsConfig and scheme values in the serviceMonitor
### Removed
- Removed mTLS exception for metrics
Promtail💣
- !2065: Added bits for mTLS with Promtail
# Changelog Updates
## [6.2.2-bb.2]
### Added
- Added mTLS to pod monitor
Tempo💣
- !2060: Tempo: mTLS metrics
# Changelog Updates
## [0.16.1-bb.2]
### Added
- Added support for scheme and tlsConfig in serviceMonitor
### Changed
- Removed mTLS "exception" for metrics
- Added injection on metrics port 16687
- Adjust auth policies to allow Prometheus access to 16687
- Updated gluon to 0.3.0
Monitoring💣
- !2081: Monitoring: Prom Operator 0.59.0 and other image updates
- !2080: Updated monitoring git tag
- !2059: Add Grafana Persistence Values
# Changelog Updates
## [40.0.0-bb.0]
### Fixed
- Updated Monitoring chart version to `40.0.0`
- Updated images to latest IB image versions: thanos -> `v0.28.0`, grafana-plugins -> `9.1.3`, kube-state-metrics -> `v2.6.0`
- Updated images to latest IB image versions: kubectl -> `v1.25.0`, prometheus-config-reloader -> `v0.59.0`, prometheus-operator -> `v0.59.0`
## [39.9.0-bb.3]
### Added
- More PrometheusRule resource rule templates for istio ControlPlane and Proxy Alerts
## [39.9.0-bb.2]
### Added
- Grafana Persistence Recommended Values. Including comments and links to upstream.
Twistlock💣
# Changelog Updates
## [0.10.0-bb.1] - 2022-09-02
### Added
- Add support for SAML SSO via init script
## [0.10.0-bb.0] - 2022-08-26
### Changed
- Updated console and defender to `22.06.197`
Minio Operator💣
- !2055: minio-operator console image update to v0.20.0
# Changelog Updates
## [4.4.28-bb.1] - 2022-09-06
### Upgrade
- Update console image to latest ironbank version
Minio💣
- !2068: Updated minio to version RELEASE.2022-08-26T19-53-15Z
# Changelog Updates
## [4.4.28-bb.1] - 2022-08-23
### Changed
- Update MinIO image to RELEASE.2022-08-26T19-53-15Z
Gitlab💣
- !2082: Updated gitlab git tag
# Changelog Updates
## [6.3.2-bb.0] - 2022-09-14
### Changed
- Updated to helm chart to 6.3.2 and appVersion to 15.3.2
Nexus💣
- !2085: Enhance Nexus CI test with push/pull from Docker Registry
- !2083: Nexus added support for istio values
- !2071: Update Nexus to 3.41.1
# Changelog Updates
## [41.1.0-bb.4] - 2022-09-19
### Added
- Added test for CI to push/pull image from nexus docker registry
### Fixed
- Fixed service name in BB jobs
## [41.1.0-bb.3] - 2022-09-19
### Changed
- The curl statements to istio proxy need to be made conditional on isito.enabled and istio.injection in the BigBang blob-storage job.
## [41.1.0-bb.2] - 2022-09-16
### Changed
- Fixed virtual service template.
- Make peerauthentication templates conditional on istio-injection.
## [41.1.0-bb.1] - 2022-09-13
### Changed
- The curl statements to istio proxy need to be made conditional on isito.enabled and istio.injection in the BigBang jobs.
## [41.1.0-bb.0] - 2022-09-06
### Changed
- Updated chart to version: 41.1.0-bb.0 | appVersion: 3.41.1
- Updated gluon dependency to 0.3.0
- Updated dev docs to reflect current status
Anchore Enterprise💣
# Changelog Updates
## [1.19.4-bb.1]
### Changed
- Bumped gluon version to `0.3.1`
- Bumped postgresql12 image tag to `12.12`
## [1.19.4-bb.0]
### Changed
- Bumped chart version to `1.19.4`
- Bumped Anchore Enterprise image tag to `4.1.0`
- Bumped Anchore Enterprise UI image tag to `4.1.0`
Mattermost Operator💣
- !2070: Mattermost Operator: Drop ALL Linux Capabilities
# Changelog Updates
## [1.18.1-bb.1] - 2022-09-08
### Added
- Added default securitycontext to container (drop capabilities, non-privileged, read only fs)
- Added post install package to validate MM successful install
Velero💣
# Changelog Updates
## [2.31.3-bb.2]
### Added
- Added support for tlsConfig and scheme values in the serviceMonitor
### Removed
- Removed mTLS exception for metrics
## [2.31.3-bb.1]
### Changed
- Enabled drop all capabilities
- Updated gluon to 0.3.0
Known Issues💣
- On some k8s distros certain components in the kube-system namespace are unable to be scraped by Prometheus due to the services default network interface binding - More Information
- Vault is in beta and therefore not recommended for operational use. We are still working on a few issues. If you set the extra environment variable
AGENT_INJECT_VAULT_ADDR
for the Injector ENVs you will encounter a helm install error due to duplicate ENVs. In our testing the Prometheus pod is not being injected with a Vault sidecar and Prometheus is not able to scrape metrics. - Jaeger will fail to install if Monitoring is enabled AND either Istio is disabled or mTLS is set to PERMISSIVE for Jaeger (reference this comment for more details). As a workaround set the below to ensure that
serviceMonitor
is defined as an empty value:jaeger: values: monitoring: serviceMonitor: {}
Helpful Links💣
As always, we welcome and appreciate feedback from our community of users. Please feel free to:
- Open issues here
- Join our chat
- Check out the documentation for guidance on how to get started
Future💣
Don’t see your feature and/or bug fix? Check out our epics for estimates on when you can expect things to drop, and as always, feel free to comment or create issues if you have questions, comments, or concerns.