Skip to content

Release Notes - 2.0.0💣

Please see our documentation page for more information on how to consume and deploy BigBang. This release was primarily tested on Kubernetes 1.26.3 (RKE2).

Upgrade Notices💣

Breaking Changes:

There are several breaking changes in 2.0. These have been detailed in this blog post with the required changes to maintain previous functionality. They are also briefly summarized below.

Values Key Changes - if using any of the below packages and overriding values take not of the change you will have to make to maintain your overrides:

  • istiooperator -> istioOperator
  • kyvernopolicies -> kyvernoPolicies
  • kyvernoreporter -> kyvernoReporter
  • logging -> elasticsearchKibana
  • eckoperator -> eckOperator
  • mattermostoperator -> mattermostOperator
  • nexus -> nexusRepositoryManager

Default Package Changes - as detailed in previous blog posts the default set of core packages has changed. If you previously used any of the below packages and wish to continue using them take note of the values required to enable them and disable the alternative(s):

  • Twistlock: Set twistlock.enabled to true; set neuvector.enabled to false
  • Fluentbit: Set fluentbit.enabled to true; set promtail.enabled to false
  • Elasticsearch/Kibana: Set elasticsearchKibana.enabled to true; set loki.enabled to false
  • Gatekeeper: Set gatekeeper.enabled and clusterAuditor.enabled to true; set kyverno.enabled, kyvernoReporter.enabled, and kyvernoPolicies.enabled to false
  • Jaeger: Set jaeger.enabled to true; set tempo.enabled to false

Namespace Changes - take note that these moves do have additional implications on requirements to deploy the packages in the case of Fluentbit and Gitlab Runner. Review the blog post for further details. The below list includes all packages changing namespaces:

  • Fluentbit: Moving from logging namespace to fluentbit namespace
  • Promtail: Moving from logging namespace to promtail namespace
  • Gitlab Runner: Moving from gitlab namespace to gitlab-runner namespace

HelmRelease Name Changes - no impacts are anticipated from these changes but note that labels and/or pod names may update as a result:

  • Fluentbit: fluent-bit -> fluentbit
  • Kyverno Policies: kyvernopolicies -> kyverno-policies
  • Kyverno Reporter: kyvernoreporter -> kyverno-reporter

Loki:

  • Loki images updated to version 2.8.0 chart version 5.0.0. This version adds a new backend deployment target which is enabled by default in the BigBang package.

Upgrades from previous releases💣

If coming from a version pre-1.57.1, note the additional upgrade notices in any release in between. The BB team doesn’t test/guarantee upgrades from anything pre-1.57.1.

Packages💣

Package Type Package Version BB Version
Updated Istio Controlplane Core Istio 1.17.2 Tetrate Istio Distro 1.16.1 1.17.2-bb.0 🔗
Updated Istio Operator Core Istio Operator 1.17.2 Tetrate Istio Distro Operator 1.16.1 1.17.2-bb.0 🔗
Updated Jaeger Core 1.43.0 2.42.0-bb.0 🔗
Updated Kiali Core 1.66.0 1.66.0-bb.0 🔗
Cluster Auditor Core 0.0.7 1.5.0-bb.2
Updated Gatekeeper Core 3.11.0 3.11.0-bb.3 🔗
Kyverno Core 1.8.5 2.6.5-bb.3
Updated Kyverno Policies Core 1.1.0 1.1.0-bb.5 🔗
Kyverno Reporter Core 2.10.4 2.16.0-bb.1
Updated Elasticsearch Kibana Core Kibana 8.6.1 Elasticsearch 8.6.0 1.2.0-bb.0 🔗
Updated Eck Operator Core 2.7.0 2.7.0-bb.0 🔗
Updated Fluentbit Core 2.0.11 0.27.0-bb.0 🔗
Updated Promtail Core 2.7.5 6.10.0-bb.0 🔗
Updated Loki Core 2.8.0 5.0.0-bb.0 🔗
Updated Neuvector Core 5.1.2 2.4.3-bb.0 🔗
Tempo Core Tempo 2.0.1 Tempo Query 2.0.1 1.0.2-bb.0
Monitoring Core Prometheus 2.40.5 Grafana 9.3.2 Alertmanager 0.24.0 43.1.2-bb.4
Twistlock Core 22.12.415 0.12.0-bb.0
New Wrapper Core N / A 0.4.1
Updated Argocd Addon 2.6.7 5.28.0-bb.0 🔗
Updated Authservice Addon 0.5.3 0.5.3-bb.6 🔗
Minio Operator Addon 4.5.8 4.5.8-bb.1
Minio Addon RELEASE.2023-01-31T02-24-19Z 4.5.8-bb.0
Updated Gitlab Addon 15.10.0 6.10.0-bb.0 🔗
Updated Gitlab Runner Addon 15.10.0 0.51.0-bb.0 🔗
Nexus Addon 3.47.1-01 47.1.0-bb.0
Sonarqube Addon 9.9.0-community 8.0.0-bb.1
Haproxy Addon 2.2.21 1.12.0-bb.0
Anchore Enterprise Addon Enterprise 4.5.0 Engine 1.1.0 1.23.0-bb.0
Mattermost Operator Addon 1.20.0 1.20.0-bb.0
Updated Mattermost Addon 7.9.1 7.9.1-bb.0 🔗
Velero Addon 1.10.2 3.1.5-bb.0
Keycloak Addon 21.0.2 18.4.0-bb.2
Updated Vault Addon 1.12.5 0.23.0-bb.4 🔗
Updated Metrics Server Addon 0.6.3 3.9.0-bb.0 🔗

Changes in 2.0.0💣

Big Bang MRs💣

  • !2695: wrapper update to 0.4.1
  • !2666: Wrapper/package istio injection fix
  • !2638: Resolve “Stress test networkpolicy wrapper features”
  • !2573: Resolve “Change wrapper to an “opt-in” (off by default)”
  • !2687: Add basic values translation script, example 1.x defaults
  • !2688: Update HPA logic for Istio
  • !2680: [install_flux.sh] Addresses two warning messages observed when running the script
  • !2562: Update Flux to 0.41.2
  • !2644: Resolve “Define BB upgrade path/guidance”
  • !2675: New blog posts
  • !2673: Release 2.x
  • !2616: Renovate docs
  • !2678: Git schema tweaks
  • !2624: JSON schema
  • !2668: Auto set Istio jwksResolverExtraRootCA if sso.certificateAuthority specified
  • !2654: Resolve “Logging (EFK): Update to meet standards”
  • !2622: Resolve “Finalize “extra package” documentation”
  • !2665: Clean up sso values example for Neuvector
  • !2625: Resolve “BB Extension: Document way to consume/translate BB values”
  • !2531: Resolve “Kyverno packages: Update to meet standards”
  • !2653: Add dependsOn option for packages
  • !2559: PLG Stack standardization
  • !2639: Update 2.x values to use OCI
  • !2629: Istio naming standardization
  • !2632: Update blog/big-bang-2-0.md, blog/.pages
  • !2581: Resolve “Improve isolation between GitLab and Runners by moving Runners to their own namespace”
  • !2604: Swap default packages, define core/addons
  • !2631: Add a Big Bang Blog folder + 2.0 Blog Post
  • !2561: Style guide
  • !2618: SKIP UPGRADE fix gitlab-runner tag to release-2.x
  • !2588: Addon to package

Istio Controlplane💣

  • !2684: istio update to 1.17.2-bb.0
  • !2667: istio update to 1.17.1-bb.1
# Changelog Updates

## [1.17.2-bb.0] - 2023-04-11

### Changed

- ironbank/opensource/istio/install-cni updated from 1.17.1 to 1.17.2
- ironbank/opensource/istio/pilot updated from 1.17.1 to 1.17.2
- ironbank/opensource/istio/proxyv2 updated from 1.17.1 to 1.17.2

## [1.17.1-bb.1] - 2023-04-07

### Changed

- Added ability to pass pilot values to IstioOperator resource definition

Istio Operator💣

  • !2683: istioOperator update to 1.17.2-bb.0
# Changelog Updates

## [1.17.2-bb.0]

### Changed

- Updated repo1 image to `1.17.2`

Jaeger💣

  • !2681: jaeger update to 2.42.0-bb.0
# Changelog Updates

## [2.42.0-bb.0] - 2023-04-11

### Changed

- Updated Jaeger images to 1.43.0 (latest operator version)
- Updated helm chart version to upstream latest - 2.42.0

Kiali💣

  • !2693: kiali update to 1.66.0-bb.0
# Changelog Updates

## [1.66.0-bb.0] - 2023-04-11

### Changed

- Updated to 1.66.0 images (latest in IB)

Gatekeeper💣

  • !2670: gatekeeper update to 3.11.0-bb.3
# Changelog Updates

## [3.11.0-bb.3] - 2022-04-07

### Changed

- Updated registry1.dso.mil/ironbank/opensource/kubernetes/kubectl v1.26.2 -> v1.26.3

Kyverno Policies💣

  • !2671: kyvernopolicies update to 1.1.0-bb.5
# Changelog Updates

## [1.1.0-bb.5] - 2023-03-30

### Changed

- ironbank/opensource/kubernetes/kubectl updated from v1.26.2 to v1.26.3

Elasticsearch Kibana💣

  • !2654: Resolve “Logging (EFK): Update to meet standards”
# Changelog Updates

## [1.2.0-bb.0] - 2023-04-06

### Added

- Added networkpolicy for fluentbit ingress

Eck Operator💣

  • !2660: eckoperator update to 2.7.0-bb.0
# Changelog Updates

## [2.7.0-bb.0]

### Changed

- Updated chart and IB images from 2.6.1 to 2.7.0

Fluentbit💣

  • !2685: fluentbit update to 0.27.0-bb.0
  • !2654: Resolve “Logging (EFK): Update to meet standards”
# Changelog Updates

## [0.27.0-bb.0]

### Changed

- Updated upstream helm chart tag `0.27.0-bb.0`
- Updated fluent-bit image to `2.0.11` from IB

## [0.25.0-bb.3]

### Changed

- Set namespace on kyverno policies

## [0.25.0-bb.2]

### Added

- Added elastic cert sync capability

## [0.25.0-bb.1]

### Added

- Added elastic password sync capability

Promtail💣

  • !2672: promtail update to 6.10.0-bb.0
  • !2559: PLG Stack standardization
# Changelog Updates

## [6.10.0-bb.0]

### Added

- Bumped chart version to 6.10.0
- Bumped appversion to 2.7.5

## [6.8.1-bb.3]

### Changed

- Modified network policy for loki egress

## [6.8.1-bb.2]

### Added

- Added network policy for loki egress

Loki💣

  • !2679: loki update to 5.0.0-bb.0 & backend statefulset enabled by default
  • !2669: loki update to 4.10.0-bb.0
  • !2559: PLG Stack standardization
# Changelog Updates

## [5.0.0-bb.0] - 2022-04-11

### Added

- Updated chart to `helm-loki-5.0.0`
- Update loki from 2.7.5 -> 2.8.0
- Update lokiCanary from 2.7.5 -> 2.8.0

## [4.10.0-bb.0] - 2022-04-06

### Added

- Updated chart to `helm-loki-4.10.0`
- Update loki from 2.7.4 -> 2.7.5
- Update lokiCanary from 2.7.4 -> 2.7.5
- Update kubectl from 1.26.2 -> 1.26.3

## [4.8.0-bb.2] - 2022-04-03

### Added

- Added ingress policy for promtail -> loki

Neuvector💣

  • !2655: neuvector update to 2.4.2-bb.6
# Changelog Updates

## [2.4.3-bb.7] - 2023-04-06

### Fixed

- Update images from `5.1.1` to `5.1.2`
- Update chart version to `2.4.3`
- Update monitor chart to `2.4.3`

## [2.4.2-bb.6] - 2023-04-05

### Fixed

- Make cypress scan test more deterministic

Argocd💣

  • !2661: argocd update to 5.28.0-bb.0
# Changelog Updates

## [5.28.0-bb.0] - 2023-04-05

### Updated

- Updated to Argo 2.6.7

Authservice💣

  • !2690: authservice update to 0.5.3-bb.6
# Changelog Updates

## [0.5.3-bb.6]

### Changed

- Update HPA template syntax to support apiVersion v2 for AWS-EKS 1.23+

Gitlab💣

  • !2686: gitlab update to 6.10.0-bb.0
# Changelog Updates

## [6.10.0-bb.0] - 2023-04-13

### Changed

- Updated gitlab helm chart to 6.10.0 and appVersion to 15.10.0
- ironbank/gitlab/gitlab/gitlab-webservice minor 15.9.2 -> 15.10.0
- registry1.dso.mil/ironbank/gitlab/gitlab/alpine-certificates minor 15.9.2 -> 15.10.0
- registry1.dso.mil/ironbank/gitlab/gitlab/gitaly minor 15.9.2 -> 15.10.0
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-container-registry minor 15.9.2 -> 15.10.0
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-exporter minor 15.9.2 -> 15.10.0
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-mailroom minor 15.9.2 -> 15.10.0
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-pages minor 15.9.2 -> 15.10.0
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-shell minor 15.9.2 -> 15.10.0
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-sidekiq minor 15.9.2 -> 15.10.0
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-toolbox minor 15.9.2 -> 15.10.0
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-webservice minor 15.9.2 -> 15.10.0
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-workhorse minor 15.9.2 -> 15.10.0
- registry1.dso.mil/ironbank/gitlab/gitlab/kubectl minor 15.9.2 -> 15.10.0
- registry1.dso.mil/ironbank/opensource/minio/mc RELEASE.2022-12-24T15-21-38Z -> RELEASE.2023-04-06T16-51-10Z
- registry1.dso.mil/ironbank/opensource/minio/minio RELEASE.2022-12-12T19-27-27Z -> RELEASE.2023-04-07T05-28-58Z

Gitlab Runner💣

  • !2664: gitlabRunner update to 0.51.0-bb.0
# Changelog Updates

## [0.51.0-bb.0] - 2022-04-05

### Changed

- Updated images to 15.10.0
- Updated chart to 0.51.0

Mattermost💣

  • !2651: mattermost update to 7.9.1-bb.0
# Changelog Updates

## [7.9.1-bb.0] - 2023-03-21

### Changed

- ironbank/opensource/mattermost/mattermost updated from 7.8.1 to 7.9.1

Vault💣

  • !2676: vault update to 0.23.0-bb.4
# Changelog Updates

## [0.23.0-bb.4] - 2023-04-04

### Changed

- `vault` updated to 1.12.5
- `vault-k8s` updated to 1.2.0

Metrics Server💣

  • !2652: metricsServer update to 3.9.0-bb.0
# Changelog Updates

## [3.9.0-bb.0]

### Added

- Updated helm chart version and upstream changes.
- Upgrade metrics server image 0.6.2 -> 0.6.3
- Update patch version of kubectl v1.26.2 -> 1.26.3

Known Issues💣

  • On some k8s distros certain components in the kube-system namespace are unable to be scraped by Prometheus due to the services default network interface binding - More Information

As always, we welcome and appreciate feedback from our community of users. Please feel free to:

Future💣

Don’t see your feature and/or bug fix? Check out our epics for estimates on when you can expect things to drop, and as always, feel free to comment or create issues if you have questions, comments, or concerns.