Skip to main content

Release Radar - Q2 2023

GitLab 15.10
#

TLDR: suggested reviewers

  • MFA upgrades: Duo support, WebAuthn can be primary authenticator (no longer require TOTP added first)
  • glab capability additions: export CI variables, trigger CI schedules
  • Suggested Reviewers goes GA [SaaS]
  • Wiki editor integration with diagrams.net
  • Open vulnerabilities (from SAST analyzers) are now auto-resolved when rules are disabled or deleted

Kubernetes 1.27
#

TLDR: k8s.gcr.io freeze

  • k8s.gcr.io deprecated, in favour of registry.k8s.io (traffic stays inside your hyperscaler of choice)
  • usual slew of deprecations and removals, including the popular EphemeralContainers feature flag
  • in-place update of pod.spec.containers.resources (gated behind InPlacePodVerticalScaling)
  • VolumeGroupSnapshot, for orchestrating consistent multi-PV snaps (gated behind enable-volume-group-snapshot)
  • kubectl API for fetching node logs (gated behind NodeLogQuery)
  • dynamic allocation of hardware resources like shared GPU’s (gated behind DynamicResourceAllocation)
  • kubectl plugin subcommands (gated behind KUBECTL_ENABLE_CMD_SHADOW ENV)
  • kubectl apply --prune enhanced via applyset.k8s.io labels (gated behind KUBECTL_APPLYSET ENV)

Coroot 0.15
#

TLDR: FinOps

  • node-agent gathered instance metrics used to compute and present (cloud) costs for both individual workloads and the nodes they run on
  • cost reporting surfaced in web UI, and in deployment notifications (both absolute monthly cost, and delta relative to previous deploy)
  • AWS, GCP and Azure supported in this release, but only list/standard VM pricing (no discounts, no spot, no managed DB’s)

Loki 2.8
#

TLDR: native TSDB index graduation

  • QoS for queries, via X-Actor-Path configured heirarchial queues
  • now possible to mandate a minimum label count on a query (configurable per-tenant)
  • first party, Prometheus-inspired TSDB index (introduced in 2.7) graduates from ’experimental’ status

Argo Rollouts 1.5 RC
#

TLDR: plugin framework

  • support for Apache SkyWalking, pairs well with Apache APISIX (added in v1.4)
  • (API’s for) traffic and metric router plugins
  • support for orchestrating multiple ingress-nginx resources under a single Rollout

VictoriaMetrics 1.89 - 1.90
#

TLDR: Windows binaries

  • vmalert now concurrently loads of config files from object storage [Enterprise]
  • default vmctl remote-read timeout increased from 30s to 5m
  • x64 Wintel binaries for the core component (vmsingle / vmcluster)
  • numerous improvements to vmui, like heatmaps for queries returninging histograms, and better cardinality explorer search ergonomics

vcluster 0.15
#

TLDR: host DNS option

  • v1beta1.metrics.k8s.io API, and chart values (proxy.metricsServer) for orchestrating deployment of metrics-server
  • support for fallbackHostDns, when true allows child clusters to lookup (and use) host cluster services
  • chart now points to ghcr.io images

liqo 0.8
#

TLDR: pod offload networking granularity

  • configurable network connectivity, and liqoctl updates to reflect the same
  • nodeSelector, toleration and affinity support
  • metric emissions for virtual kubelet, improvements to Grafana dashboard

Linkerd 2.13
#

TLDR: circuit breaking

  • granular request routing (HTTP headers, gRPC methods etc), built atop Gateway API
  • opt-in (service annotation) circuit breaking, reducing traffic to backends returning errors, until their responses trend back to healthy
  • opt-in Buoyant Cloud observability, vulnerability reporting and upgrade orchestration

Harbor 2.8
#

TLDR: ChartMuseum removed

  • OCI Distribution v1.1.0 support, heralding the removal of ChartMuseum
  • support for CloudEvents payload format in outbound webhooks
  • live logging and cleanup for expired tasks in jobservice dashboard

Kyverno 1.10
#

TLDR: horizontal scaling

  • controller decomposition: option to split operator into function-bounded microservices (admission, reports, background, cleanup)
  • verifyImages rule expanded to support Notary, adding to existing Cosign verification capability
  • support for Notary (v2), adding to existing support for Cosign and Sigstore
  • support for external HTTP service calls (GET and POST) when gathering context
  • swathe of documentation and policy library enhancements, including all policies now being published to Artifact Hub
  • support for subresource, DELETE, and shared lifecycle triggers in generate rules

Talos 1.4
#

TLDR: TTY dashboard

  • augmented node reset capabilities (kernel argument, more talosctl reset flags, an os:operator API role)
  • /dev/tty2 output’s a basic TUI dashboard (akin to htop, but also depicts state of node readiness)
  • catch-all registry mirror (machine.registries.mirrors.*)

GitLab 15.11
#

TLDR: code suggestions

  • Code Suggestions, a GH Copilot clone, exclusive to GitLab SaaS [Premium/Ultimate]
  • next-gen Web IDE enabled by default (no longer feature flagged) on self-managed instances
  • Achievements, a facsimile of GH badges/achievements
  • Value Stream Dashboard (DORA4 metrics) [Ultimate]
  • Dependency Scanner support for pnpm [Ultimate]
  • Container Scanner support for CycloneDX output format [Ultimate]
  • Group level README support, same behavior as personal profile README repositories

Traefik 2.10
#

TLDR: K8s Service LB

  • support for multiple Nomad namespaces
  • direct controller-to-pod load balancing (bypassing Service IP) via new traefik.ingress.kubernetes.io/service.nativelb annotation
  • ability to breakout requests_total metric emissions by HTTP header

Crossplane 1.12
#

TLDR: observe-only resources

  • managementPolicy: ObserveOnly parameter facilitates Crossplane awareness of existing resources without the operator taking ownership of their lifecycle
  • secret stores now a pluggable interface (previously only supported in-tree ESS providers)
  • Composition validation now occurs at CR ingest, with actionable errors emitted by API server should issues arise

Tempo 2.1
#

TLDR: query aggregates

  • TempoQL support for min/max/sum aggregates
  • -config.verify flag, attempts to validate configuration before applying, failing verbosely if problems found
  • tenant migration capability added to tempo-cli

Grafana 9.5
#

TLDR: service accounts

  • alerting improvements: multi-datasource search, bidirectional links to/from relevant dashboards/panels
  • service accounts introduced as an (oft-better-fitting) alternative to user-bound API keys
  • dashboard panel UX iteration: improved error messages, keyboard shortcuts, panel descriptions

ArgoCD 2.7
#

TLDR: web UI upgrades

  • ‘follow’ and ‘historical’ modes added to web UI pod log viewer
  • improved handling of kustomize namespace directives (no longer conflict with ArgoCD’s own)
  • ‘proxy extensions’ - UI extensions proxied through Argo (to a specified external backend)
  • readinessGates status surfaced in Application summary

Mimir 2.8
#

TLDR: Redis caching

  • ability to fetch TLS secrets from (Hashi) Vault
  • support for Redis as cache backend
  • efficiency enhancements to intra-component queries and regex label matching (lower compute/storage consumption)

Coroot 0.16-0.17
#

TLDR: distributed tracing

  • latency heatmap charts (like other visualizations, annotated with deployment updates)
  • support for ingest and visualization of both OpenTelemetry and eBPF collected traces
  • Helm chart option to deploy a singleton ClickHouse instance (for storing traces)

Teleport 13.0
#

TLDR: ARM64 binaries

  • automatic update capability for deployed agents
  • support for multiplex TLS routing through AWS ALB
  • universal macOS binaries
  • cross-cluster search in Teleport Connect (GUI client)

VictoriaMetrics 1.91
#

TLDR: relabelling debugger

  • improved Consul service discovery filtering, and support for Consul Agent discovery
  • full RFC3339 support, ie support for timestamps with Z suffixes
  • a REPL-like ‘Relabelling Playground’ page added to vmui
  • vmauth catch-all route capability
  • less verbose STDOUT INFO logging, to better highlight relevant emissions

Prometheus 2.44
#

TLDR: histogram improvements

  • promtool subcommands for (server) health and readiness checks
  • native histogram support for remote read
  • various histogram query performance enhancements and bugfixes

GitLab 16.0
#

TLDR: value stream metrics

  • per-project ‘value stream’ dashboards (DORA metrics and security posture analytics)
  • remote development workspaces [Premium]
  • composable CI building blocks (called Components), referenced via inputs:
  • (user-configured) comment templates
  • regex branch filter for mirrored repos
  • API endpoint for token rotations (:rotate)

Istio 1.18
#

TLDR: ambient mesh

  • Ambient Mesh becomes preferred deployment model (moves many functions to node-level ztunnel, facilitating much lighter waypoint sidecars)
  • better support for K8s Gateway API, including support for v1beta1 resources
  • istioctl analyze subcommand enhancements
  • consistent configuration of concurrency param across deployment archetypes

Grafana 10.0
#

TLDR: correlations

  • new panels: trend, datagrid, GA for canvas, updates to time series
  • ‘Correlations’ - define a relationship (and link) between disparate datasources (correlations feature flagged)
  • enterprise datasource plugins moved from Enterprise to Free tier
  • ‘Scenes’ - a frontend (TypeScript) library with support for template variables, flexible layouts, dynamic panel rendering etc
  • better first-party ‘as code’ story, with tweaks to Terraform provider, Graffonet, and their Golang libraries
  • QoL public dashboard improvements, like collapsing rows, hiding queries, and zoom in panels
  • subfolders (nestedFolders feature flagged), with RBAC support in paid tiers

Terraform 1.5
#

TLDR: declarative imports

  • check blocks - declarative validation of provisioned infrastructure (assert conditions, output parametarized error on fail)
  • import blocks - declarative workflow for adding existing resources to TF state
  • improved handling of both signalled (SIGINT) and unexpected aborts of terraform apply