Monitoring upgrades
As part of our regular upgrade cycle, the following Kubernetes cluster components will be updated in the next rollout. These updates are being rolled out to all clusters and will be finished by the end of the week.
More …Concourse upgraded to v7.1.0
We have upgraded our Concourse setups to the latest version 7.1.0
More …Upgraded several cluster components
As part of our regular upgrade cycle, the following Kubernetes cluster components have been updated. We’ve already rolled these out to all clusters.
More …Improved monitoring alerts on Slack
We have updated the format of the monitoring Slack notifications. We now differentiate between warning and critical alerts with a visual color and we changed the output of the alert from the summary to the full description to give more information in the alert.
More …Fixed regression in Elasticsearch monitoring for Prometheus
We discovered an issue with our Elasticsearch monitoring for Prometheus that was introduced a while back in a rutinary chart upgrade. Because of this problem some Elasticsearch metrics were not being reported into Prometheus, like available storage space for example, and as a result there were some problematic situations in an Elasticsearch cluster that we didn’t pick up in time.
More …You can now use local NVMe Instance Storage with your Pods on EKS
Certain AWS EC2 instances come with fast local NVMe Instance Storage and can usually be recognized with the d suffix (eg. m5d.large). Our platform will now automatically mount these volumes under the /ephemeralX paths (eg. /ephemeral0, /ephemeral1, …).
Option to run the K8s API private
As of today we have the option to only allow access to the Kubernetes API over a private network connection.
More …New container to authenticate to aws-ecr
We added a new docker image called concourse-ecr-login. This image has the AWS cli and docker installed.
Upgraded several cluster components
As part of our regular upgrade cycle, the following Kubernetes cluster components have been updated. We’ve already rolled these out to all clusters.
More …Auto-assigned Elastic IPs for K8s nodes (optional)
We’re releasing an optional feature where it’s possible to assign Elastic IPs to nodepools. This can be useful for whitelisting purposes. For example when nodes, running in public subnets, need to connect to services behind enterprise firewalls.
More …Striving for more automation on the K8s reference solution
We’ve recently improved in the automation of our Kubernetes reference solution in several ways. Automation is very important for us to be able to quickly deliver new features and bug fixes to our customers, while performing seamless rollouts that cause no disruption to running workloads.
More …Grafana main dashboard updated
By default we integrated our Grafana deployments with Dex for handling authentication. We’ve now also made it possible to configure any other supported Grafana authentication backend, for example to use Azure AD directly.
Automated AWS ELasticsearch Service backups to S3
By default, the AWS Elasticsearch Service already comes with regular automated snapshots. However these snapshots can not be used for recovery or migration to a new Elasticsearch cluster and furthermore can only be accessed as long as the Elasticsearch API of the cluster is available.
More …Velero S3 backups replication
Our reference solution eks-based Velero backups on AWS S3 now supports automatic replication to an additional S3 bucket on an AWS region of choice. The feature is disabled by default, contact your lead engineer to discuss about enabling it for your cluster(s) if needed.
Monitoring upgrades
As part of our regular upgrade cycle, the following Kubernetes cluster components have been updated. These updates are being rolled out to all clusters and will be finished by the end of the week.
More …Concourse upgraded to v6.7.3
We have upgraded our Concourse setups to the latest version 6.7.3.
More …Vault upgraded to 1.6.1
We have updated our Kubernetes based Vault setups to the latest version 1.6.1 in the past days.
Grafana main dashboard updated
We have fixed a problem in our main Grafana dashboard. Previously we counted the resources for all pods (including those who already completed). This gave an incorrect indication on the cluster usage. Now we filter out the failed and succeeded pods so the dashboard indicates a more correct usage of the cluster.
More …Upgraded Dex version with security patch
We’ve upgraded Dex on all our clusters with a new version (v2.27.0) that contains a fix for a security vulnerability.
More …Configurable default certificate and default backend on nginx-ingress
The Nginx Ingress Controller has configuration options for setting a default TLS certificate and a default backend. We have now exposed this settings to be configurable on a per-cluster basis.
More …