Add support for hierarchical namespaces
As of today we offer the hierarchical namespace controller as an optional component to your cluster.
More …Concourse migrated from ECS to K8s
Today we can proudly say that the web component of Concourse is migrated from ECS to K8s for all our customers!
More …Upgraded Teleport to version 10.1.4
We’ve upgraded all Teleport clusters and nodes from version 9.3.7 to 10.1.4. Teleport is a tool we mostly use internally to provide secure and auditted access to (EC2) instances, Kubernetes clusters and several dashboards.
Upgraded cluster add-ons
As part of our regular upgrade cycle, the following Kubernetes cluster components have been updated. We’ve already rolled these out to all non-production clusters in the past days. Production upgrades are scheduled to happen next week during business hours. As usual, no workload interuptions are expected.
More …Upgraded AKS and EKS clusters to 1.22
We have started rolling out AKS and EKS 1.22. This brings our supported AKS platforms to v1.22.11 and EKS to v1.22.10.
Upgraded cluster add-ons
As part of our regular upgrade cycle, the following Kubernetes cluster components have been updated. We’ve already started rolling these out to all non-production clusters. Production upgrades are scheduled to happen next week during business hours. As usual, no workload interuptions are expected.
More …Upgraded Teleport to version 9.3.7
We’ve upgraded all Teleport clusters and nodes from version 8.2.0 to 9.3.7. Teleport is a tool we mostly use internally to provide secure and auditted access to (EC2) instances and Kubernetes clusters.
More …Calico NetworkPolicy controller upgraded on EKS
On AWS EKS clusters we use Calico for providing NetworkPolicy functionality as an optional feature. With these NetworkPolicies you can control the traffic flow within a Kubernetes cluster between Pods, Services and external resources.
Major Nginx Ingress Controller upgrade
We’re in the process of upgrading the Nginx Ingress Controller from the legacy v0.51.0 version to mainline v1.2.1. This is in preparation for the AKS and EKS upgrades to Kubernetes 1.22 which is following in the coming weeks.
Replacing eventrouter component for persisting K8s events
Kubernetes events are a great resource to debug and troubleshoot problems with workloads and other cluster components. The problem is that the K8s API stores them for only 1 hour. To be able to persist those events further in time, we used an open-source component called eventrouter, which streamed all cluster events into Loki. This project has been deprecated and unmaintained for a while now, so we needed to find a replacement for it.
Improving Loki performance and usability
Some of our customers have experienced performance-related limitations in our Loki & Fluent-bit setup, mainly on queries that require scanning a large volume of data. At the moment we run a monolith Loki architecture, so the single Loki Pod performs all the roles (ingester, querier, query-scheduler, frontend, …). This setup works good enough for most of our customers, but it shows its limitations on large-volume queries, which require some brute-force and could benefit from more parallelism.
More …Upgraded cluster add-ons
As part of our regular upgrade cycle, the following Kubernetes cluster components have been updated. And it’s a big one! We’ve already rolled these out to all non-production clusters. Production upgrades are scheduled to happen on Monday 16/05 during business hours. As usual, no workload interuptions are expected.
More …[Action required] Final call - Deprecated API removal, upgrade your Ingresses etc.
We are preparing to upgrade our platforms to Kubernetes 1.22, which drops support for many deprecated API versions! This is the final call to make sure you’ve updated your manifests, Helm charts (*), etc. to make use of the newest APIs (mainly Ingress, but some others too). Make sure to check out the deprecated API migration guide for more info. Below you will find more details on some of the most common deprecated resources used by our customers.
More …Improved node termination handling (AWS EKS)
For a long time now, we’ve been using the AWS Node Termination Handler for catching Spot instance interruption notices, allowing Kubernetes to respond appropriately by draining these (spot) nodes before they are terminated. You may have noticed this behavior via the “:construction: Instance interruption” notices in the Slack alerts.
More …Add support for GP3 volumes through the AWS EBS CSI driver
You can now create GP3 Persistent Volumes through the gp3 and gp3-encrypted Storage Classes. This is in addition to the previously available GP2 (gp2, gp2-encrypted) and EFS (efs) volumes.
Internal refactor of monitoring addons
We’ve completely refactored how we manage our monitoring components, like Prometheus, Grafana and many exporters and alerts. For you, the platform user, nothing will change although there is some disruption in Grafana and Prometheus expected during rollout.
More …[Important] New 24/7 escalation phone numbers!
It has come to our attention that many of our 24/7 escalation phone numbers could only receive calls from domestic numbers. We have generated new telepohone numbers, so make sure to verify your new number in your repo’s README!
Upgrade Nginx Ingress, fixing CVEs
We’ve rolled out an nginx-ingress update (v0.51.0) to all clusters, with the following fixes:
Upgrade to Grafana v8 - take 2
Last year we rolled out a major Grafana update, going from 7.5 to 8.1, but had to roll back because a small number of customers were impacted by a breaking change regarding SQL datasources.
More …[Important / breaking] VPC renames on AWS
We’d like to inform you that we’re renaming and (re-tagging) many network related resources, like the VPC name, subnet names, route tables, etc. Normally this shouldn’t have any impact for you, however if you rely on the VPC name for anything, you will need to update this workload. (*)
More …