Breaking Changes in Big Bang 2.0📜
This is part 2 in a series of Big Bang 2.0 blog posts. If you haven’t already, read through part 1 here which provides some backstory on why the team thought 2.0 was necessary and what changes are included. This post will dive more into the specific breaking changes and how these will affect you as a user.
Values Key Changes📜
As mentioned in the first post, a number of values keys will be changing in order to standardize naming. Some of these keys already changed in BB 1.x, but had backwards compatibility previously. In 2.0 usage of the new keys will be required. When evaluating the upgrade for your own deployment, these are the specific key translations/changes you will need to make if you were using them in 1.x:
Note that your upgrade to 2.0 will fail if you do not modify your values as seen above. Big Bang is now maintaining a values schema to enforce strict adherence to the allowed/required keys within Big Bang. For reference Big Bang’s values schema is located here. You can also leverage the script in
/scripts/values-translate-2-0.sh <values file path> to perform these translations for you (note that this is a relatively simple script and may not work for your use case).
Connected with name standardization as well as package isolation, several packages will be moving to different namespaces in 2.0. These packages are all “state-less” with no persistent storage, so there is no requirement to backup anything from the previous version before upgrading. Specific packages moving:
- Fluentbit: Moving from
- Promtail: Moving from
- Gitlab Runner: Moving from
Also note that Fluentbit (if connecting to Elasticsearch) and Gitlab Runner now have a dependency on Kyverno if relying on the “auto” authentication/token setup. In both cases Kyverno is leveraged to copy secrets between namespaces. This does not mean that you need to use
kyvernoPolicies as well - you could continue to use Gatekeeper for policy enforcement and deploy Kyverno exclusively for this use case (although we do encourage Kyverno adoption). If you do not want to deploy Kyverno there are several alternative options listed below.
Gitlab Runner Alternatives:
- Get a token from your Gitlab instance and add it via values (
- Manually copy the secret from the
gitlabnamespace to the
trueto setup a connection with Elastic, rather than using the auto-connection
- Manually copy secrets from the
loggingnamespace to the
fluentbitnamespace. You will need to copy both the certs secret (
logging-ek-es-http-certs-public) as well as the auth secret (
Beyond the new requirement for Kyverno, changes to a namespace can affect labels and pod/svc names in some cases, so be aware of this if you are leveraging these packages in connection with anything on top of Big Bang. All components within Big Bang have been adjusted to account for these changes already.
Default Package Changes📜
As mentioned in the previous post - Big Bang will deploy by default with a new opensource set of core packages in 2.0. If you are using any of the below packages and want to continue using them in 2.0, make note of the changes you will need to perform:
- Twistlock: Set
twistlock.enabledto true; set
- Fluentbit: Set
fluentbit.enabledto true; set
- Elasticsearch/Kibana: Set
elasticsearchKibana.enabledto true; set
- Gatekeeper: Set
clusterAuditor.enabledto true; set
- Jaeger: Set
jaeger.enabledto true; set
Provided you make the above adjustments you will be able to deploy with the same set of packages you were using in 1.x. Example values for each of the above are provided in a reference file here.
HelmRelease / GitRepository Name Changes📜
Beyond the above mentioned name changes you may also notice some
GitRepository names change in 2.0. For the most part these should have no effect on anything directly in Big Bang, but they are important to be aware of if you maintain automation/applications on top of what is provided by Big Bang. Changes to the
HelmRelease name specifically could affect pod/svc names and labels, so these are enumerated below:
- Kyverno Policies:
- Kyverno Reporter:
Is that it?📜
That’s it! This blog post lays out all of the breaking changes in 2.0, and hopefully also provides you with a clear path forward for what you need to change before upgrading.
Continue reading about Big Bang 2.0 in part 3 of this series, which is focused specifically on the new features included in 2.0.