v2.5.0

Overview

Version 2.5 is a ‘edge’ release focused on GPU Savings, Turbonomic integration beta, UI consistency with date pickers, as well as many bug fixes.

For federated (multi-cluster) installations, the Primary Kubecost cluster must be upgraded prior to upgrading agent (secondary) clusters. Agent upgrades are only required to support additional GPU metrics.

Major Features

• GPU Savings
• Turbonomic Integration

Minor Features

• UI Consistency with date pickers.
• Updated logos and branding to reflect IBM acquisition.
• Add GPU Max usage and GPU Sharing collection to agent, and output to allocation API.

Fixes

• Fix a nil panic on recommendations endpoint.
• Fix an issue with assets labels for the network asset type are showing node labels that are non-network related.
• Update dependencies from go-migrate-duckdb library to fix CVE.
• Fix UI empty state for tables across the user interface.
• Fix an issue allowing for negative values in allocations.
• Fix an issue with accumulation on hourly windows in allocations.
• Fix an issue allowing requestSizingV2 to return more than one recommendation.
• Fix an issue with sharing by namespace distributing incorrectly.
• Fix an issue with allocations trends inaccuracy.
• Fix an issue with the overview not always matching the allocations page for idle.
• Fix an issue causing agent to get HTTP 500 error on /metrics endpoint with duplicate label/annotation.
• Fix an issue where container information was not showing on the allocations page.
• Fix an issue causing oracle clusters to get a crash loop when installing the agent.
• Fix an issue with accounts not always showing correctly in Assets view.
• Fix cost metadata to be more accurate for oracle cloud provider.
• Update kubectl cost to mitigate vulnerabilities in dependencies.
• Fix an issue causing HTTP 500 in multi-cluster diagnostics.
• Fix log level of critical object store outage in the agent to always be error instead of certain conditions allowing warning.
• Fix an issue with ‘uh oh’ showing on allocations page due to an error in /topline endpoint.
• Fix an issue with Assets autocompletion when label filter is set.
• Fix allocation summary efficiency not matching full allocations api.
• Fix an issue where allocations totals row shows shared costs when sharing is disabled.
• Fix an issue with datadog plugin error on database monitoring costs.
• Fix an issue with cloud reports not saving properly.
• Fix an issue with budgets “view breakdown” not matching export output.
• Fix an issue with container right-sizing CPU/Memory columns using inconsistent units.
• Fix an issue filtering by project on the assets page.
• Fix an issue with Multi-cluster diagnostics returning false positives when SSO is enabled.
• Fix an issue with slow response on allocation api with no aggregate set.
• Fix an issue with inconsistent drill-down in cloud costs.

Helm Changes

• #3605 Add Instance AllowLists for cluster-sizing.
• #3591 Add ingestion configuration for standard (global) discount.
• #3635 Add routes for savings recommendations allow list validation API.
• #3647 Add new tmp directory for new base image requirements on frontend container.
• #3645 Add resource reference files for kubecostProductConfigs.savingsRecommendationsAllowLists.
• #3651 Increase prometheus.server.retention to 97h.
• #3658 Remove helm rollout restarter, replaced with config hash restarter.
• #3642 Add new container costs and resources endpoints to nginx.
• #3660 Enhance Pod utilization Grafana dashboard with GPU Utilization widget.
• #3670 Add aggregator custom labels template.
• #3673 Add federated storage warning.
• #3563 Update version compatibility matrix.
• #3534 Add node selector and affinity to cluster controller.
• #3680 Begins CI testing with K8s 1.31. Bumps patches for all other versions in the matrix. Rolls forward for compatibility of 2.4 by one version.
• #3684 Add /diagnostic/nodeCount endpoint to nginx routes.
• #3622 Make basic-health image configurable.
• #3585 Add missing container security context in prometheus server statefulset.
• #3679 Allow defining resources for cluster controller.
• #3676 Add option for additional chart labels in values.
• #3678 Add annotations to all controllers.
• #3704 Add gpuUtilization endpoints to nginx routes.
• #3708 Add support for multiple simultaneous plugins.
• #3711 Add nginx routes for /savings/gpuUtilization/topline endpoint.
• #3710 Add cost model image tag as an environment variable.
• #3714 Update ISSUE_Guidelines to redirect to https://support.kubecost.com
• #3717 Add logLevel as a helm value property of kubecostModel instead of extraEnv.
• #3716 Fix proper handling of a list of values for imagePullSecrets.
• #3700 Add kubeRBACProxy property to support querying in cluster prometheus in openshift.
• #3694 Delete many deprecated templates/values.
• #3719 Add nginx routes for gpu recommendations endpoints.
• #3723 Add additional aggregation options to endpoint configuration.
• #3725 Update comments about OIDC RBAC groups.
• #3706 Add turbonomic secret.
• #3728 Add nginx routes for topline endpoint.
• #3735 Improve comments in extraScrapeConfigs.
• #3739 Update endpoint configuration for savings/gpuWorkloadUtilization.

Helm Fixes

• #3621 Use ghcr.io instead of dockerhub due to rate limiting for k8s-sidecar
• #3637 Fix diagnostics and federatedStorageConfig
• #3732 Fix turbonomic integration environment variables.
• #3741 Fix upstream chainguard dependency failures.
• #3742 Fix link to docs.kubecost.com.
• #3721 Fix openshift values to default with in-cluster prometheus.

Dependency Updates

• #3724 Bump kubecost modeling 0.1.18
• #3621 k8s-sidecar moved to ghcr instead of dockerhub
• #3662 Bump network-costs to 0.17.6
• #3652 Bump Cluster Controller 0.16.9
• #3741 move all chainguard references back to default upstream image locations.

Helm Chart Comparison Report kubecost/[email protected] to kubecost/[email protected]

CVE by Severity

Severity	Count	Prev Count	Difference
critical	0	0	+0
high	0	0	+0
medium	14	16	-2
low	66	70	-4

Images

Image Name	Status	Before Repo	After Repo	Before Tag	After Tag
kubecost-modeling	Changed	gcr.io/kubecost1	gcr.io/kubecost1	v0.1.16	v0.1.18
cost-model	Changed	gcr.io/kubecost1	gcr.io/kubecost1	prod-2.4.3	prod-2.5.0-rc.4
frontend	Changed	gcr.io/kubecost1	gcr.io/kubecost1	prod-2.4.3	prod-2.5.0-rc.4
prometheus	Unchanged	quay.io/prometheus	quay.io/prometheus	v2.55.1	v2.55.1
k8s	Unchanged	alpine	alpine	1.26.9	1.26.9
k8s-sidecar	Unchanged	ghcr.io/kiwigrid	ghcr.io/kiwigrid	1.28.0	1.28.0
grafana	Unchanged	grafana	grafana	11.3.1	11.3.1

Unchanged CVEs

CVE ID	Severity	Affected Images

Medium

CVE ID	Severity	Affected Images
CVE-2021-3997	medium	cost-model
CVE-2023-30571	medium	cost-model
CVE-2024-35325	medium	cost-model
CVE-2024-50602	medium	k8s-sidecar
CVE-2024-52533	medium	cost-model
CVE-2024-9287	medium	kubecost-modeling

Low

CVE ID	Severity	Affected Images
CVE-2019-12900	low	cost-model
CVE-2022-27943	low	cost-model
CVE-2022-29458	low	cost-model
CVE-2022-3219	low	cost-model
CVE-2022-41409	low	cost-model
CVE-2022-4899	low	cost-model
CVE-2023-2953	low	cost-model
CVE-2023-32636	low	cost-model
CVE-2023-36191	low	cost-model
CVE-2023-4156	low	cost-model
CVE-2023-45322	low	cost-model
CVE-2023-45918	low	cost-model
CVE-2023-50495	low	cost-model
CVE-2024-0232	low	cost-model
CVE-2024-2511	low	cost-model
CVE-2024-34459	low	cost-model
CVE-2024-41996	low	cost-model
CVE-2024-4741	low	cost-model
CVE-2024-51744	low	grafana
CVE-2024-5535	low	cost-model
CVE-2024-7264	low	cost-model
CVE-2024-9143	low	grafana, k8s-sidecar
CVE-2024-9681	low	cost-model

Added CVEs

No CVEs found.

Removed CVEs

CVE ID	Severity	Affected Images

Medium

CVE ID	Severity	Affected Images
CVE-2024-49766	medium	kubecost-modeling
CVE-2024-49767	medium	kubecost-modeling

Low

CVE ID	Severity	Affected Images
CVE-2024-51744	low	cost-model
CVE-2024-9143	low	kubecost-modeling