Cluster addons upgrades

Over the past weeks we’ve rolled out a bunch of updates to our Kubernetes addons stack for all staging and production clusters.

List of updated components:

  • cert-manager: v0.9.0 –> v0.13.1

    During the process we also made it through the major release v0.11.0 that counts as a a significant milestone for the cert-manager project, and also including the releases of v0.12.0 and v0.13.0 which contain important bug fixes and new features.

    To mention some of the changes:

    • Renaming API group to and bumping API version to v1alpha2
    • Removing deprecated fields (certificate.spec.acme, issuer.spec.http01 and issuer.spec.dns01)
    • New features: External issuer types, Deeper integrations into Kubernetes, ACME External Account Binding support, Support for full set of x509 ‘subject’ parameters

    We’ve already taken care of the resulting breaking changes to the current resources, for issuing new certificates make sure to refer to our updated documentation

  • dex: v2.17.0 –> v2.22.0

    Like cert-manager, we also passed through important releases for Dex like v2.21.0 that included the most awaited option to enable groups for OIDC connecters (think of Google groups!). We also have a removal CipherSuites towards more secure TLS settings covered in release v2.19.0.

  • oauth-proxy: v4.0.0 –> v5.0.0

    This release included a security fix for the open redirect vulnerability among other features and big fixes

  • grafana: v6.5.1 –> v6.6.2

    Several enhancements and bug fixes.

  • grafana loki & promtail: v0.3.0 –> v1.3.0

    In the remarkable release v1.0.0 Grafana Loki announced it as non-beta anymore, and despite already being production-ready while in beta, it’s now officially promoted as a production release.

    The next releases also included several improvements focusing on performance and making the API more Prometheus-compatible.

  • nginx-ingress: 0.25.0 –> 0.30.0

    Includes updating NGINX to 1.17.8, migration to alpinelinux, and several bug fixes.

  • prometheus-operator: v0.34.1 –> v0.37.0

    Several enhancements and bug fixes.

  • external-dns: v0.5.15 –> v0.6.0

    Adding support for all AWS Route53 routing policies among several enhancements and bug fixes.