Skip to content

v0.3.1
Compare
Choose a tag to compare
@invidian invidian released this 31 Jul 08:03
· 764 commits to master since this release
v0.3.1
This tag was signed with the committer’s verified signature. The key has expired.
invidian Mateusz Gozdek
GPG key ID: 97187FA1271EC224
Expired
Learn about vigilant mode.
694b106
This commit was signed with the committer’s verified signature. The key has expired.
invidian Mateusz Gozdek
GPG key ID: 97187FA1271EC224
Expired
Learn about vigilant mode.

Added

  • flexkube CLI will now print colored diff when configuration changes are detected.
  • flexkube CLI will now ask user for confirmation before deploying the resources, unless --yes flag is set.
  • flexkube CLI now supports --noop flag, which allows only checking if the configuration is up to date, without triggering the deployment.
  • flexkube CLI now supports conatiners sub-command for managing arbitrary groups of containers. This allows to also manage some extra containers not provided by libflexkube.
  • pkg/kubelet now supports waiting until node gets into ready state, if WaitForNodeReady flag is set to true.
  • kube-apiserver from static controlplane now use --target-ram-mb flag to limit memory usage of bootstrap controlplane.

Fixed

  • controlplane configuration won't be now validated, when destroy: true is specified. That allows removing entire configuration and running the deployment, which will then only validate the state of the deployment and remove all managed containers. This allows easy way of cleaning up when using flexkube controlplane command.
  • All certificates generated by PKI has now SubjectKeyID set.
  • PeerCertAllowedCN is now correctly used in etcd when it's explicitly defined, which should fix TLS connectivity issues in some setups.
  • Fixed Helm release resource creating resources in the wrong namespace.
  • flexkube_helm_release no longer leaks kubeconfig and values into plan, as they may contain sensitive information.

Changed

  • New website with user documentation is now available at flexkube.github.io. The documentation is not complete yet, but it's already better than existing documentation.
  • kube-proxy and TLS bootstrapping rules are now installed using separate Helm Charts. This is because in case of managed cluster, those components must be installed on the target cluster, not on management cluster. It also allows specifying multiple bootstrap tokens, for example per kubelet pool.
  • Improved the documentation of all Go packages.
  • Updated Helm binary in e2e tests to v3.2.3 and sonobuoy binary to v0.18.4.
  • Updated all Go dependencies to latest versions.
  • Updated default Kubernetes version to 1.18.6.
  • Updated default HAProxy version to 2.2.0.
  • Updated default etcd version to 3.4.10.
  • Mountpoints for containers are now created with 0700 permissions by default to increase security and satisfy etcd requirements. Existing users should make sure that /var/lib/etcd/* directories has 0700 permissions, otherwise etcd won't start after the upgrade.
Assets 12
Loading