Release Radar - Q3 2020 ·

HAProxy 2.2
#

TLDR: Dynamic load for certificates, syslog over TCP

Create/ update / delete certs (and source updates from external lists) without restart
Improvements to health check config UX
Support for dynamic error handling
DH keys now default to 2048bits (prev 1024)

Flux 1.12
#

TLDR: mostly fixes, fish completion

fish autocompletion

Maesh 1.3
#

TLDR: Namespace scoping enhancement, named targetPort support

watchNamespaces (‘only these’) augments existing ignoreNamespaces (’except these’) scopes
Labelled targetPorts now supported as selectors
Port mapping state table now in-memory (previously in a configMap), reconcile loop refactored to support this
Resolved an incompatibility between Maesh’s dependency on a modified CoreDNS and AKS

Teleport 4.3
#

TLDR: improved web UI, in-tree plugins for approvals

New API, with out-of-box support for access approvals via PagerDuty, Jira, Slack and Mattermost
New web interface: better UX, surfaces audit logs (with appropriate role) and a cluster-wide lens of deployed proxies

Vault 1.5
#

TLDR: mostly enterprise features

When using a storage backend without HA support, Integrated Storage can now be used as a HA-enabling overlay backend
Official Splunk App (available to EE customers only)
Official Helm chart now supports OpenShift
VMware and NetApp certifications
Native rate limit feature (requests per second threshold)
vault monitor CLI command streams server logs
Replication UI enhancements (replication is an EE feature)

Argo Workflows 2.10
#

TLDR: improved web UI

Adds syntax highlighting and autocomplete to resource editor in web UI
Workflow semaphore support (resource locking)
Batch operations on workflows from web UI
Easy to access Swagger UI

Grafana 7.1
#

TLDR: timezone picker!

Time range picker (available to end users) now supports timezones (not just in dashboard settings)
Query history with time/source filters
Flux query language support (when targeting InfluxDB)
Table panel (reworked in 7.0) now has feature parity with legacy Table panel
Explore tab enhancements
Monthly schedules (EE)
App config file now accepts tokenized Vault inputs (EE)

kops 1.18
#

TLDR: Ubuntu 20.04/RHEL 8, containerd

Ubuntu 20.04 new default host OS, RHEL/CentOS 8 now also supported
containerd now an opt-in CRI choice
Expanded Cilium capabilities: AWS networking integration, etcd as state store
Terraform output now 0.12 (HCL2) compatible by default
Expanded GCP capabilities: launch clusters using specific service account, NodeLocalDNS cache, metadata-proxy

Traefik 2.3
#

TLDR: plugin framework

New (Golang authored) plugin capability
Pilot, a Containous product, with initial outside-in healthchecks

Terraform 0.13
#

TLDR: New clauses for module workflows, Terraform Cloud additions

count, depends_on, and for_each clauses for more DRY module workflows
Define validation rules for variables
Install required providers (including third party and private providers) using new [hostname]/[namespace]/type syntax
terraform login command, authenticating with Terraform Cloud

Kubernetes 1.19
#

TLDR: extended support, lifecycle maturations

Support for this release [and future releases] extended from 9 to 12 months
Beta features now require transition plan, and deprecated API’s are more verbose
kubectl alpha debug as an in-tree troubleshooting sidecar
CSI API to surface storage capacity, and volume health emitted as events to dependent pods
Ingress finally GA!
containerd-CRI support for Windows workers

Loki 1.6
#

TLDR: performance

Many (many!) performance optimizations
Supports Logstash ingest
logcli can now color code based on stream labels

Istio 1.7
#

TLDR: better support for co-existing control planes

Enhanced support for multiple control planes (during upgrade process)
proxy.holdApplicationUntilProxyStarts flag to delay workload container init until Envoy sidecar is healthy
EnvoyFilter LUA syntax changes
istioctl now reads default arguments from an XDG compliant config file
istioctl x uninstall removes the entire plane

Backyards 1.4
#

TLDR: Istio 1.7 support, SLO monitoring

Supports Istio 1.7 on release day
SLO’s can be defined and reported against / alerted on
Orchestration of canary control plane upgrades
Pod logs in dashboard drilldown

Argo 1.7
#

TLDR: GPG key validation, automatic retries

New option to only reconcile commits with valid GPG keys
CRD’s can now refer to K8’s clusters by friendlyname instead of FQDN
Automatic namespace creation if not already present when reconciling
Failed syncs can be automatically scheduled for retry
Orphaned resource monitoring enhancements

vSphere 7 U1
#

TLDR: Tanzu no longer requires NSX-T and vSAN

Tanzu can now be deployed using only vSphere + vDS (BYO ingress eg HAProxy and state eg MinIO), no longer requires NSX-T for networking and vSAN for storage
vSAN now supports SMB(2.1 and 3) in addition to the NFS(3.1 and 4.1) support added in 7.0
‘HCI Mesh’ allows mounting storage from one vSAN cluster in another cluster
vSAN witnesses can now perform that role for up to 64 cluster simultaneously
VM scale limits upped yet again… 768 vCPU VM?! (requires using Workstation 18.x templates)
vCenter Connect enhancements (single pane for on-prem + partner hosted + public cloud hosted compete)

bank-vaults 1.5
#

TLDR: multi-datacenter support

vault-env now supports GCP authentication
multi-datacenter deployments now a CI tested scenario

HAProxy 2.2 #

Flux 1.12 #

Maesh 1.3 #

Teleport 4.3 #

Vault 1.5 #

Argo Workflows 2.10 #

Grafana 7.1 #

kops 1.18 #

Traefik 2.3 #

Terraform 0.13 #

Kubernetes 1.19 #

Loki 1.6 #

Istio 1.7 #

Backyards 1.4 #

Argo 1.7 #

vSphere 7 U1 #

bank-vaults 1.5 #