Release Notes - 2.0.0💣
Please see our documentation page for more information on how to consume and deploy BigBang. This release was primarily tested on Kubernetes 1.26.3 (RKE2).
Upgrade Notices💣
Breaking Changes:
There are several breaking changes in 2.0. These have been detailed in this blog post with the required changes to maintain previous functionality. They are also briefly summarized below.
Values Key Changes - if using any of the below packages and overriding values take not of the change you will have to make to maintain your overrides:
istiooperator
->istioOperator
kyvernopolicies
->kyvernoPolicies
kyvernoreporter
->kyvernoReporter
logging
->elasticsearchKibana
eckoperator
->eckOperator
mattermostoperator
->mattermostOperator
nexus
->nexusRepositoryManager
Default Package Changes - as detailed in previous blog posts the default set of core packages has changed. If you previously used any of the below packages and wish to continue using them take note of the values required to enable them and disable the alternative(s):
- Twistlock: Set
twistlock.enabled
to true; setneuvector.enabled
to false - Fluentbit: Set
fluentbit.enabled
to true; setpromtail.enabled
to false - Elasticsearch/Kibana: Set
elasticsearchKibana.enabled
to true; setloki.enabled
to false - Gatekeeper: Set
gatekeeper.enabled
andclusterAuditor.enabled
to true; setkyverno.enabled
,kyvernoReporter.enabled
, andkyvernoPolicies.enabled
to false - Jaeger: Set
jaeger.enabled
to true; settempo.enabled
to false
Namespace Changes - take note that these moves do have additional implications on requirements to deploy the packages in the case of Fluentbit and Gitlab Runner. Review the blog post for further details. The below list includes all packages changing namespaces:
- Fluentbit: Moving from
logging
namespace tofluentbit
namespace - Promtail: Moving from
logging
namespace topromtail
namespace - Gitlab Runner: Moving from
gitlab
namespace togitlab-runner
namespace
HelmRelease Name Changes - no impacts are anticipated from these changes but note that labels and/or pod names may update as a result:
- Fluentbit:
fluent-bit
->fluentbit
- Kyverno Policies:
kyvernopolicies
->kyverno-policies
- Kyverno Reporter:
kyvernoreporter
->kyverno-reporter
Loki:
- Loki images updated to version
2.8.0
chart version5.0.0
. This version adds a newbackend
deployment target which is enabled by default in the BigBang package.
Upgrades from previous releases💣
If coming from a version pre-1.57.1
, note the additional upgrade notices in any release in between. The BB team doesn’t test/guarantee upgrades from anything pre-1.57.1
.
Packages💣
Package | Type | Package Version | BB Version |
---|---|---|---|
Istio Controlplane | Core | Istio 1.17.2 Tetrate Istio Distro 1.16.1 |
1.17.2-bb.0 🔗 |
Istio Operator | Core | Istio Operator 1.17.2 Tetrate Istio Distro Operator 1.16.1 |
1.17.2-bb.0 🔗 |
Jaeger | Core | 1.43.0 |
2.42.0-bb.0 🔗 |
Kiali | Core | 1.66.0 |
1.66.0-bb.0 🔗 |
Cluster Auditor | Core | 0.0.7 |
1.5.0-bb.2 |
Gatekeeper | Core | 3.11.0 |
3.11.0-bb.3 🔗 |
Kyverno | Core | 1.8.5 |
2.6.5-bb.3 |
Kyverno Policies | Core | 1.1.0 |
1.1.0-bb.5 🔗 |
Kyverno Reporter | Core | 2.10.4 |
2.16.0-bb.1 |
Elasticsearch Kibana | Core | Kibana 8.6.1 Elasticsearch 8.6.0 |
1.2.0-bb.0 🔗 |
Eck Operator | Core | 2.7.0 |
2.7.0-bb.0 🔗 |
Fluentbit | Core | 2.0.11 |
0.27.0-bb.0 🔗 |
Promtail | Core | 2.7.5 |
6.10.0-bb.0 🔗 |
Loki | Core | 2.8.0 |
5.0.0-bb.0 🔗 |
Neuvector | Core | 5.1.2 |
2.4.3-bb.0 🔗 |
Tempo | Core | Tempo 2.0.1 Tempo Query 2.0.1 |
1.0.2-bb.0 |
Monitoring | Core | Prometheus 2.40.5 Grafana 9.3.2 Alertmanager 0.24.0 |
43.1.2-bb.4 |
Twistlock | Core | 22.12.415 |
0.12.0-bb.0 |
Wrapper | Core | N / A | 0.4.1 |
Argocd | Addon | 2.6.7 |
5.28.0-bb.0 🔗 |
Authservice | Addon | 0.5.3 |
0.5.3-bb.6 🔗 |
Minio Operator | Addon | 4.5.8 |
4.5.8-bb.1 |
Minio | Addon | RELEASE.2023-01-31T02-24-19Z |
4.5.8-bb.0 |
Gitlab | Addon | 15.10.0 |
6.10.0-bb.0 🔗 |
Gitlab Runner | Addon | 15.10.0 |
0.51.0-bb.0 🔗 |
Nexus | Addon | 3.47.1-01 |
47.1.0-bb.0 |
Sonarqube | Addon | 9.9.0-community |
8.0.0-bb.1 |
Haproxy | Addon | 2.2.21 |
1.12.0-bb.0 |
Anchore Enterprise | Addon | Enterprise 4.5.0 Engine 1.1.0 |
1.23.0-bb.0 |
Mattermost Operator | Addon | 1.20.0 |
1.20.0-bb.0 |
Mattermost | Addon | 7.9.1 |
7.9.1-bb.0 🔗 |
Velero | Addon | 1.10.2 |
3.1.5-bb.0 |
Keycloak | Addon | 21.0.2 |
18.4.0-bb.2 |
Vault | Addon | 1.12.5 |
0.23.0-bb.4 🔗 |
Metrics Server | Addon | 0.6.3 |
3.9.0-bb.0 🔗 |
Changes in 2.0.0💣
Big Bang MRs💣
- !2695: wrapper update to 0.4.1
- !2666: Wrapper/package istio injection fix
- !2638: Resolve “Stress test networkpolicy wrapper features”
- !2573: Resolve “Change wrapper to an “opt-in” (off by default)”
- !2687: Add basic values translation script, example 1.x defaults
- !2688: Update HPA logic for Istio
- !2680: [install_flux.sh] Addresses two warning messages observed when running the script
- !2562: Update Flux to 0.41.2
- !2644: Resolve “Define BB upgrade path/guidance”
- !2675: New blog posts
- !2673: Release 2.x
- !2616: Renovate docs
- !2678: Git schema tweaks
- !2624: JSON schema
- !2668: Auto set Istio jwksResolverExtraRootCA if sso.certificateAuthority specified
- !2654: Resolve “Logging (EFK): Update to meet standards”
- !2622: Resolve “Finalize “extra package” documentation”
- !2665: Clean up sso values example for Neuvector
- !2625: Resolve “BB Extension: Document way to consume/translate BB values”
- !2531: Resolve “Kyverno packages: Update to meet standards”
- !2653: Add dependsOn option for
packages
- !2559: PLG Stack standardization
- !2639: Update 2.x values to use OCI
- !2629: Istio naming standardization
- !2632: Update blog/big-bang-2-0.md, blog/.pages
- !2581: Resolve “Improve isolation between GitLab and Runners by moving Runners to their own namespace”
- !2604: Swap default packages, define core/addons
- !2631: Add a Big Bang Blog folder + 2.0 Blog Post
- !2561: Style guide
- !2618: SKIP UPGRADE fix gitlab-runner tag to release-2.x
- !2588: Addon to package
Istio Controlplane💣
# Changelog Updates
## [1.17.2-bb.0] - 2023-04-11
### Changed
- ironbank/opensource/istio/install-cni updated from 1.17.1 to 1.17.2
- ironbank/opensource/istio/pilot updated from 1.17.1 to 1.17.2
- ironbank/opensource/istio/proxyv2 updated from 1.17.1 to 1.17.2
## [1.17.1-bb.1] - 2023-04-07
### Changed
- Added ability to pass pilot values to IstioOperator resource definition
Istio Operator💣
- !2683: istioOperator update to 1.17.2-bb.0
# Changelog Updates
## [1.17.2-bb.0]
### Changed
- Updated repo1 image to `1.17.2`
Jaeger💣
- !2681: jaeger update to 2.42.0-bb.0
# Changelog Updates
## [2.42.0-bb.0] - 2023-04-11
### Changed
- Updated Jaeger images to 1.43.0 (latest operator version)
- Updated helm chart version to upstream latest - 2.42.0
Kiali💣
- !2693: kiali update to 1.66.0-bb.0
# Changelog Updates
## [1.66.0-bb.0] - 2023-04-11
### Changed
- Updated to 1.66.0 images (latest in IB)
Gatekeeper💣
- !2670: gatekeeper update to 3.11.0-bb.3
# Changelog Updates
## [3.11.0-bb.3] - 2022-04-07
### Changed
- Updated registry1.dso.mil/ironbank/opensource/kubernetes/kubectl v1.26.2 -> v1.26.3
Kyverno Policies💣
- !2671: kyvernopolicies update to 1.1.0-bb.5
# Changelog Updates
## [1.1.0-bb.5] - 2023-03-30
### Changed
- ironbank/opensource/kubernetes/kubectl updated from v1.26.2 to v1.26.3
Elasticsearch Kibana💣
- !2654: Resolve “Logging (EFK): Update to meet standards”
# Changelog Updates
## [1.2.0-bb.0] - 2023-04-06
### Added
- Added networkpolicy for fluentbit ingress
Eck Operator💣
- !2660: eckoperator update to 2.7.0-bb.0
# Changelog Updates
## [2.7.0-bb.0]
### Changed
- Updated chart and IB images from 2.6.1 to 2.7.0
Fluentbit💣
# Changelog Updates
## [0.27.0-bb.0]
### Changed
- Updated upstream helm chart tag `0.27.0-bb.0`
- Updated fluent-bit image to `2.0.11` from IB
## [0.25.0-bb.3]
### Changed
- Set namespace on kyverno policies
## [0.25.0-bb.2]
### Added
- Added elastic cert sync capability
## [0.25.0-bb.1]
### Added
- Added elastic password sync capability
Promtail💣
# Changelog Updates
## [6.10.0-bb.0]
### Added
- Bumped chart version to 6.10.0
- Bumped appversion to 2.7.5
## [6.8.1-bb.3]
### Changed
- Modified network policy for loki egress
## [6.8.1-bb.2]
### Added
- Added network policy for loki egress
Loki💣
- !2679: loki update to 5.0.0-bb.0 & backend statefulset enabled by default
- !2669: loki update to 4.10.0-bb.0
- !2559: PLG Stack standardization
# Changelog Updates
## [5.0.0-bb.0] - 2022-04-11
### Added
- Updated chart to `helm-loki-5.0.0`
- Update loki from 2.7.5 -> 2.8.0
- Update lokiCanary from 2.7.5 -> 2.8.0
## [4.10.0-bb.0] - 2022-04-06
### Added
- Updated chart to `helm-loki-4.10.0`
- Update loki from 2.7.4 -> 2.7.5
- Update lokiCanary from 2.7.4 -> 2.7.5
- Update kubectl from 1.26.2 -> 1.26.3
## [4.8.0-bb.2] - 2022-04-03
### Added
- Added ingress policy for promtail -> loki
Neuvector💣
- !2655: neuvector update to 2.4.2-bb.6
# Changelog Updates
## [2.4.3-bb.7] - 2023-04-06
### Fixed
- Update images from `5.1.1` to `5.1.2`
- Update chart version to `2.4.3`
- Update monitor chart to `2.4.3`
## [2.4.2-bb.6] - 2023-04-05
### Fixed
- Make cypress scan test more deterministic
Argocd💣
- !2661: argocd update to 5.28.0-bb.0
# Changelog Updates
## [5.28.0-bb.0] - 2023-04-05
### Updated
- Updated to Argo 2.6.7
Authservice💣
- !2690: authservice update to 0.5.3-bb.6
# Changelog Updates
## [0.5.3-bb.6]
### Changed
- Update HPA template syntax to support apiVersion v2 for AWS-EKS 1.23+
Gitlab💣
- !2686: gitlab update to 6.10.0-bb.0
# Changelog Updates
## [6.10.0-bb.0] - 2023-04-13
### Changed
- Updated gitlab helm chart to 6.10.0 and appVersion to 15.10.0
- ironbank/gitlab/gitlab/gitlab-webservice minor 15.9.2 -> 15.10.0
- registry1.dso.mil/ironbank/gitlab/gitlab/alpine-certificates minor 15.9.2 -> 15.10.0
- registry1.dso.mil/ironbank/gitlab/gitlab/gitaly minor 15.9.2 -> 15.10.0
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-container-registry minor 15.9.2 -> 15.10.0
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-exporter minor 15.9.2 -> 15.10.0
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-mailroom minor 15.9.2 -> 15.10.0
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-pages minor 15.9.2 -> 15.10.0
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-shell minor 15.9.2 -> 15.10.0
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-sidekiq minor 15.9.2 -> 15.10.0
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-toolbox minor 15.9.2 -> 15.10.0
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-webservice minor 15.9.2 -> 15.10.0
- registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-workhorse minor 15.9.2 -> 15.10.0
- registry1.dso.mil/ironbank/gitlab/gitlab/kubectl minor 15.9.2 -> 15.10.0
- registry1.dso.mil/ironbank/opensource/minio/mc RELEASE.2022-12-24T15-21-38Z -> RELEASE.2023-04-06T16-51-10Z
- registry1.dso.mil/ironbank/opensource/minio/minio RELEASE.2022-12-12T19-27-27Z -> RELEASE.2023-04-07T05-28-58Z
Gitlab Runner💣
- !2664: gitlabRunner update to 0.51.0-bb.0
# Changelog Updates
## [0.51.0-bb.0] - 2022-04-05
### Changed
- Updated images to 15.10.0
- Updated chart to 0.51.0
Mattermost💣
- !2651: mattermost update to 7.9.1-bb.0
# Changelog Updates
## [7.9.1-bb.0] - 2023-03-21
### Changed
- ironbank/opensource/mattermost/mattermost updated from 7.8.1 to 7.9.1
Vault💣
- !2676: vault update to 0.23.0-bb.4
# Changelog Updates
## [0.23.0-bb.4] - 2023-04-04
### Changed
- `vault` updated to 1.12.5
- `vault-k8s` updated to 1.2.0
Metrics Server💣
- !2652: metricsServer update to 3.9.0-bb.0
# Changelog Updates
## [3.9.0-bb.0]
### Added
- Updated helm chart version and upstream changes.
- Upgrade metrics server image 0.6.2 -> 0.6.3
- Update patch version of kubectl v1.26.2 -> 1.26.3
Known Issues💣
- On some k8s distros certain components in the kube-system namespace are unable to be scraped by Prometheus due to the services default network interface binding - More Information
Helpful Links💣
As always, we welcome and appreciate feedback from our community of users. Please feel free to:
- Open issues here
- Join our chat
- Check out the documentation for guidance on how to get started
Future💣
Don’t see your feature and/or bug fix? Check out our epics for estimates on when you can expect things to drop, and as always, feel free to comment or create issues if you have questions, comments, or concerns.