Skip to main content

Release Radar - Q2 2021

Lens 4.2
#

TLDR: BYO shell

  • Custom shell (any filepath) can now be defined in preferences
  • UI layout now persists between application restarts
  • lens:// protocol routers
  • If autostart=true, window is hidden by default (🙌🏻)

Grafana 7.5
#

TLDR: Loki alerting, Tempo datasource

  • Mew (beta), in-tree pie chart visualization
  • Loki can be used to trigger Grafana alerts (based on metrics created via LogQL)
  • Improved UX for selecting log labels in Loki
  • Tempo (tracing) added as a Grafana datasource
  • Query caching [requires Enterprise]

Vault 1.7
#

TLDR: Azure/AWS KMS middleware

  • Integrated Storage Autopilot (better cluster node join/cleanup behaviors, health check API)
  • KMS Secrets Engine continues to evolve (Azure ready, AWS in beta)
  • Now supports creation of short-lived AD accounts (via OpenLDAP)
  • Now possible to dynamically generate tokens for Terraform Cloud/Enterprise

Kubernetes 1.21
#

TLDR: PSP deprecation

  • NetworkPolicy now supports port ranges
  • PodSecurityPolicy deprecated
  • CronJob, PodDisruptionBudget graduate to GA
  • New ‘Memory Manager’ component, tries to constrain guaranteed QoS class pods to a single NUMA node
  • .status.nominatedNodeName field, for hinting at the ideal node to run that pod on
  • podAffinity now allows targetting namespaces via labels in addition to their names (via namespaceSelector)
  • Improved ReplicaSet downscaling (semi-random via LogarithmicScaleDown vs annotated, cost-weighted strategies)

Argo Notifications 1.1
#

TLDR: New integrations

  • Native MS Teams webhooks
  • Native (outbound) GitHub webhooks
  • Native Mattermost webhooks

Gitea 1.14
#

TLDR: OIDC!

  • In addition to OAuth2, now supports operating as an OIDC provider
  • Now supports migration from GH/GL via intermediary dumping to disk, then uploading to Gitea, rather than direct SaaS <-> Gitea sync
  • PR reviews can be dismissed, and PR’s can be marked as manually merged

kube-state-metrics 2.0
#

TLDR: Breaking changes

  • Changes to syntax for a few arguments, check release notes
  • Changes to naming standards for a few metric labels, check release notes
  • Container moved from Quay to GCR, Helm chart moved to the prometheus-community repo

Windows Terminal 1.8
#

TLDR: Minor UX enhancements

  • New ability to name (--window) and refer to (identifyWindow) terminal windows
  • Font face dropdown in settings UI (itself now considered ‘stable’)
  • Can now configure different appearance attributes for unfocused windows

Terraform 0.15
#

TLDR: State file compatibility between recent and near-future versions

  • State file standardised, enabling remote state compatibility between TF 0.14.x, 0.15.x, and future 1.0.x releases
  • Unified console support across Linux, macOS, and Windows (UTF-8, virtual terminal sequences etc)
  • TF 0.14’s ability to redact values from console/log output extended to support third party provider attributes (wrapped with a sensitive function)

Liqo 0.2
#

TLDR: Pod resiliency

  • Improved behavior between local (placeholder) and foreign (workload) pods, such that reconciling desired state of the latter is managed by the remote cluster
  • Now supports init containers
  • Enhancements to virtual-kubelet implementation fix kubectl port-forwards, copy, and metric querying

Boundary 0.2
#

TLDR: OIDC auth

  • Can now authenticate to boundary via OIDC-supporting IdP’s
  • MacOS desktop (GUI) client, Windows TBA
  • Worker tags enable pairing targets with specific workers for deterministic traffic routing
  • Improved database upgrade and migration resiliency
  • boundary connect kube for proxying Kubernetes API access

Pulumi 3.0
#

TLDR: API middleware, native providers

  • Pulumi Automation API, middleware for interacting with Pulumi’s deployment engine via a HTTP interface
  • Native providers for GCP and Azure (no longer using Terraform for execution of desired state against these hyperscalers)
  • New ‘Packages’ allow authored libraries to be consumed in any Pulumi-supported language. Combined with (also new) ‘Components’, this is similar to Crossplane Packages; wrap your ‘happy path’ in an easily distributable, language agnostic format for consumption by other Pulumi users (eg your app dev teams)
  • New Pulumi SaaS capabilities (CI/CD wizard, SAML/SCIM, new dashboard)
  • Improved Go and Python SDK’s (faster builds, stronger type support, more consistency across languages)

Waypoint 0.3
#

TLDR: Remote runners, git triggers

  • GitOps capability (watch a repo, waypoint up on commit, tag the operation with the commit SHA)
  • Runners (remote execution targets)
  • Terraform Cloud config sourcer (reference terraform apply output in your waypoint.hcl, trigger new waypoint operations on Terraform Cloud events)
  • Can now build AWS Lambdas

Argo Events 1.3
#

TLDR: High availability, metrics

  • HA for both EventSources and Sensors (simply by choosing >1 spec.replica)
  • All sources and sensors now expose metrics in Prometheus format
  • A Validating Admission Webhook can now be deployed, preventing invalid specs from being applied
  • Sensors now support more powerful filters and retries (via retryStrategy)
  • Azure Event Hub added as trigger source

k3s 1.21
#

TLDR: K8s 1.21

  • Kubernetes 1.21.0
  • Dual stack (IPv4/IPv6) now supported by k3s but not Flannel (or ServiceLB), so alternative dual-stack friendly components must be substituted
  • New installs now use Traefik 2.x for ingress (existing 1.x installs will not be upgraded)
  • containerd now supports private repo rewrites (eg for cached mirrors with prefix’ed URLs for image paths)

Atlantis 0.17
#

TLDR: Policy checking

  • --enable-policy-checks to run conftest policies on the terraform output
  • Auto triggered commands (eg comments) can now fire pre-workflow hooks
  • Support for a global apply lock(!), structured logging, and regex in commands

Crossplane 1.2
#

TLDR: Update UX improvements

  • Improved deployment model (via helm upgrade)
  • Providers and Configurations can now be upgraded via kubectl semantics
  • Documentation improved, now addresses multi-tenancy in depth

Checkov 2.0
#

TLDR: More intelligent .tf evaluation

  • Terraform checks now use a re-written (graph based) scanning backend, facilitating multi-resource queries, improved variable resolution, increased performance
  • Support for scanning Dockerfiles (K8s manifests and Helm charts also supported, since late 1.x.x)
  • 250+ new OOB policies

Vitess 10.0
#

TLDR: Compatibility

  • Many changes aimed at addressing edge case compatibility, positioning Vitess a drop-in replacement for MySQL deployments
  • VTAdmin, an xperimental multi-cluster admin API and web UI

GitLab 13.11
#

TLDR: GitLab.com Kubernetes Agent

  • Pull-based K8s deploys from GitLab.com (previously, Agent was on-prem only)
  • OOB compliance-centric pipeline configurations
  • GitLab-native on-call scheduling

Nomad 1.1
#

TLDR: Memory oversubscription

  • Workloads can now be permitted to use in excess of their scheduled memory allocation via memory_max
  • Workloads can now be allocated exclusive use of a CPU core (use core instead of cpu key)
  • Web UI enhancements - fuzzy search, improved resource monitoring, nomad ui for ad-hoc web auth via a one time token
  • Remote task drivers (beta) - run workloads on Lambda/ECS

Prometheus 2.27
#

TLDR: Dark theme

  • Web UI now supports darek theme (top right icons)
  • promtool can now retroactively evaluate rules
  • Remote write now supports exemplars (feature flagged)

Argo Workflows 3.1
#

TLDR: Improved substitution tooling

  • New data template adds native support for transformations (eg string manipulation)
  • New emissary executor - replaces specified containers runtime command with another, facilitating capture of STDOUT/exit code
  • Expands on 3.0’s template tags (variable substitution) by adding support for expressions (conditional logic)

GitHub Enterprise 3.1
#

TLDR: GHA execution UI

  • Web UI now supports a visual graph of executing (and executed) GitHub Actions
  • Auto-merge PR’s when all requirements have been met
  • Performance enhancements aimed at monorepos

Tailscale 1.8
#

TLDR: Opt-in features

  • Improvements to (‘Magic’)DNS reliability on all client OSes
  • Split DNS and Taildrop (file transfer between endpoints logged in with same identity) in preview; preview features are new, toggleable in admin UI
  • tailscale logout CLI command

Calico 3.19
#

TLDR: New dataplane options

  • Adds Vector Packet Processing (VPP) dataplane to existing roster of iptables, eBPF, Windows options; VPP supports K8s network policy, WireGuard encryption, MagLev load balancing
  • Calico can now be controlled via kubectl (requires an additional API addon installed), obviating the necessity of calicoctl
  • Calico running on Windows nodes now support the containerd CRI

HAProxy 2.4
#

TLDR: HTTP/2 and MQTT support

  • WebSockets over HTTP/2 support (via CONNECT HTTP method)
  • FIX protocol support (used in FinTech)
  • MQTT protocol support
  • Resolution of endpoints via DNS now supports TCP DNS servers (previously only UDP)
  • Dynamic certificate storage (now supports live reload of HAProxy’s client cert, useful in mTLS scenario)
  • Built-in OpenTracing (requires USE_OT=1 during compile)

Zulip 4.0
#

TLDR: GIPHY support

  • Topics can now be moved to different streams, in the same way messages could already be moved across topics
  • Native GIPHY integration
  • Mobile apps move closer to feature parity with web client
  • New terminal (TUI) and M1 compatible (Electron-wrapped) apps

Istio 1.10
#

TLDR: Discovery Selectors

  • Discovery Selectors grant ability to limit the set of resources istiod watches (improve performance/scalability by watching only relevent resources)
  • New revision tagging capability (eg map string ‘prod’ to 1-9-5 and ’test’ to 1-10-0) improves namespace-scoped canary upgrades of the Istio control plane via existing istio.io/rev label
  • Envoy sidecars now send traffic to workload on eth0 (previously lo)

Cilium 1.10
#

TLDR: On-prem features

  • Egress IP Gateway is a CRD configured capability for giving dynamic pod IP’s a fixed/predictable egress IP address (on-prem, legacy IP-based ACL use case)
  • WireGuard joins IPsec as an encryption protocol option
  • Native BGP service announcement (via MetalLB!)
  • Native load balancing, including PCAP packet capture capability

GitLab 13.12
#

TLDR: DevSecOps enhancements

  • CI now supports wildcards in the include: directive
  • CI now exposes DAG visualization for pipelines, based on dependencies discerned from needs: directive
  • On-demand DAST scans [Ultimate]
  • Project Vulnerability Report now has scanner (and vendor) filters
  • Deployment Frequency chart (scoped to group level), a key DORA4 metric [Ultimate]

Windows Terminal 1.9
#

TLDR: Quake mode!

  • Can now be set as default console host (also requires W10 Insider at present)
  • ‘Global summon’ (quake mode) added, with default hotkey super + tilde
  • Settings UI enhancements (edit keybind actions, create profile option)

Teleport 6.2
#

TLDR: Auth via HTTP headers

  • Pass-through header support, including native JWT header support for Grafana >8.x
  • K8s clusters connected to Teleport are now visible in the web UI (but still only accessible via kubectl)
  • PAM now supports templated parameters eg {{ external.someIdPclaimhere }}

CDK for Terraform 0.4
#

TLDR: Golang support

  • Experimental support for Go (already supports TypeScript, Python, C#, Java)
  • New ‘asset’ construct, for eg serverless workflows
  • Terraform Cloud output is now streamed, rather than displayed at end of run

Argo Rollouts 1.0
#

TLDR: Web UI

  • New (pretty great!) web dashboard
  • Can now reference existing Deployments (!, previously had to duplicate existing Deployment’s pod template inside the Argo Rollout’s spec.template)
  • Richer Kubernetes events (revision, step info), and are now also emitted as Prometheus metrics
  • Support canarying via Istio DestinationRules

Harvester 0.2
#

TLDR: Live VM migration

  • Support for (vMotion-esque) live migration of VM’s between hosts
  • Hosts can now be PXE booted
  • VM backup feature, support for S3 or NFS destinations

Terraform 1.0
#

TLDR: Support guarantees

  • State file compatibility across 0.14.x, 0.15.x, and 1.0.x
  • Vesion/workflow compatibility between 0.15.x and all 1.x releases
  • 18 months of maintenance (bug fixes) for all 1.x releases

Alertmanager 0.22
#

TLDR: Time-based muting

  • mute_times routing tree logic
  • Silence form now features a date picker
  • Silence and Alert datetimes now output in ISO8601 format

Grafana 8.0
#

TLDR: Unified alerting

  • Manage Alertmanager/Cortex/Loki/’native’ Grafana alerts from single UI/API
  • New panels (bar chart, state timeline, status history, histogram)
  • Share new ’library’ panels across multiple dashboards; changes will propegate across all
  • Value mappings (map strings/booleans to colours or alt-texts)
  • Live streaming (requires MQTT datasource) and eventing (by calling /api/live/push)
  • Logging and tracing improvements: Loki pagination, create Loki queries (and execute them) from Tempo trace UI

Tempo 1.0
#

TLDR: Performance enhancements

  • -auth.enabled renamed to -multitenancy.enabled and default is now false (this breaking change explains 1.0 bump, not major features)
  • Insertion and marshalling improvements for Ingester component
  • /api/echo healthcheck endpoint

Boundary 0.3
#

TLDR: OIDC enhancements

  • GUI client for Windows now available, joining MacOS client released with 0.2
  • Group memberships can now be derived from an OIDC IdP
  • OIDC providers can now be configured from the admin console (web UI)

Harbor 2.3
#

TLDR: Dependency updates

  • Now supports ENV-based declarative config
  • Base image, Postgres, Redis, Trivy updates
  • ChartMuseum deprecation announced

Prometheus 2.28
#

TLDR: Web UI enhancements

  • (Previously) experimental web UI PromQL editor is now default
  • Kubernetes service discovery now accepts a KUBECONFIG (file) as input
  • Exemplars now surfaced in web UI graphs

Thanos 0.19-0.21
#

TLDR: Exemplar support

  • API now supports exemplars
  • Dark mode for web UI, which now defaults to previously experimental React variant
  • Go 1.16 + Prom/AM version bumps

Google Cloud Q2 2021
#

TLDR: Tons!

  • Tau VM’s (AMD Milan processors)
  • Predictive (ML) autoscaling for managed instance groups
  • Network Connectivity Center (single pane for cloud & on-prem networks)
  • Share physical GPU’s across GKE worker nodes, a GCP native K8s Gateway controller implementation, cost optimization UX enhancements
  • Cloud Run features: IaP support, CMEK support, Secrets Manager integration