Upgrade Kubernetes components

We are in the process of upgrading our staging Kubernetes clusters components to the latest stable releases. Production clusters will follow in 1 to 2 weeks (to be announced) after we have confirmed there are no issues with our customer’s workloads.

Component Old version New version Changelog
cert-manager v0.5.0 v0.6.2 https://github.com/jetstack/cert-manager/releases
cluster-autoscaler v1.2.X v1.3.6 https://github.com/kubernetes/autoscaler/releases
k8s-dashboard several v1.10.1 https://github.com/kubernetes/dashboard/releases
external-dns v0.5.6 v0.5.11 https://github.com/kubernetes-incubator/external-dns/releases
fluentd-kubernetes-daemonset v1.3.2 v1.3.3 https://github.com/fluent/fluentd-kubernetes-daemonset/blob/master/README.md
kube2iam 0.10.4 0.10.6 https://github.com/jtblin/kube2iam/releases
nginx-ingress-controller 0.19.0 0.23.0 https://github.com/kubernetes/ingress-nginx/releases
dex v2.10.0 v2.15.0 https://github.com/dexidp/dex/releases
keycloack-proxy v2.2.2 v2.3.0 https://github.com/keycloak/keycloak-gatekeeper/releases
prometheus-operator v0.25.0 v0.29.0 https://github.com/coreos/prometheus-operator/releases
alertmanager v0.15.2 v0.16.1 https://github.com/prometheus/alertmanager/releases
prometheus v2.4.3 v2.7.1 https://github.com/prometheus/prometheus/releases
grafana 5.3.4 6.0.0 https://github.com/grafana/grafana/releases

Main improvements


  • Multiple bug-fixes
  • Introduced ACME ‘Order’ and ‘Challenge’ CRDs


  • Multiple bug-fixes
  • Update AWS EC2 instance type catalog


  • Consolidate version among clusters


  • Multiple bug-fixes
  • Allow AWS batching to fully sync on each run


  • Multiple bug-fixes and security fixes
  • New kubectl plugin Alpha
  • NGINX 1.15.9


  • Multiple bug-fixes and security fixes
  • New connector: Bitbucket Cloud


  • Multiple bug-fixes
  • Add support for grouping by all labels
  • Deprecate API v1


  • Multiple bug-fixes and security fixes


  • Multiple bug-fixes and security fixes
  • Explore: A new query focused workflow for ad-hoc data exploration and troubleshooting

Breaking changes


  • Annotation nginx.ingress.kubernetes.io/rewrite-target has changed and will not behave as expected if you don’t update them.

Refer to https://kubernetes.github.io/ingress-nginx/examples/rewrite/#rewrite-target on how to change it.

  • Annotations nginx.ingress.kubernetes.io/add-base-url and nginx.ingress.kubernetes.io/base-url-scheme were removed.

  • By default do not trust any client to extract true client IP address from X-Forwarded-For header using realip module (use-forwarded-headers: “false”)