Upgrade EKS to 1.16
We have updated our EKS control planes and nodes to the latest supported version: 1.16. This brings EKS on K8s v1.16.8.
More …Additional Concourse monitoring
We’ve enhanced the way we monitoring Concourse setups by adding new alerts for workers state along with endpoint monitoring for the Concourse web UI.
More …Cert-manger updated to 0.15.1
We have updated cert-manager from v0.13.1 to v0.15.1, bringing a number of new features and improvements. Cert-manager is the component responsible for providing you automatic certificates through for example LetsEncrypt.
More …Upgrade Concourse to version 6.2.0 and other improvements
We have upgraded our Concourse solution to the latest version V6.2.0. In the meanwhile we have changed the workers from Ubuntu 16.04 based AMIs to Amazon Linux AMIs so its more in line with our offering.
More …Resizable persistent volumes
We updated the defaults for our persistent volume storage classes to allow for volume expansion. This allows you to Modify the volume in your PersistentVolumeClaim without the need to replace the existing volume.
More …Monitoring RDS instances through Prometheus
Up until now we’ve been monitoring our managed RDS instances through Icinga, which has been working great. But for Kubernetes customers, we’ve been relying on Prometheus more and more to monitor external services, as well as the cluster itself. So it just makes sense that we also monitor RDS instances through it.
More …Automated OpenVPN deployments
In the past the OpenVPN deployment was done manually to each cluster. As of today we made it part of our Addons stack and deploy and update OpenVPN in an automated way.
More …Upgrades to monitoring & logging components
We’ve rolled out some minor updates to the following monitoring and logging components:
More …Fix Services without Endpoints timeout instead of reject
If a Kubernetes Service had no active Endpoints, for example when a deployment is scaled to 0, then requests to that Service were timing out. Instead it’s supposed to reject traffic with the appropriate ICMP response.
More …Option to configure custom routes and endpoints in Alertmanager
We now offer the option to configure custom endpoints and custom routes in Alertmanager. This is useful if you want to route your prometheus alerts to custom slack endpoints or use an escalation tool like PagerDuty or OpsGenie.
More …Option to add an internal-only Ingress controller
We now offer the option to enable and use an internal-only Nginx Ingress Controller, next to the public one we offer by default. This is useful if you want to expose services running in K8s only within the private AWS VPC network.
More …Loki - Option to set custom labels in Promtail
We now offer the option to parse custom log labels with Promtail so you can use them in Loki.
More …Oauth-proxy security fix following High Severity CVE-20200-11052
Today a notice for CVE-2020-11053 with a severity of High went out, impacting our oauth2-proxy that is used for authentication to our internal dashboards.
More …Update of cluster components
We have updated the following cluster components to their latest version:
More …Upgrade EKS to 1.15
We have updated our EKS control planes and nodes to the latest supported version: 1.15. This brings EKS on K8s v1.15.11.
More …Adjusting the NodeFilesystemSpaceFillingUp Prometheus alert
You might have noticed the NodeFilesystemSpaceFillingUp alert passing by on some occasions. That alert triggers when Prometheus predicts that a node’s disk will run out of space, based on the trend of the last few hours.
Improved Slack notifications for Prometheus alerts
We’re updating the format of our monitoring Slack messages. As you already know, all the alerts produced by your Kubernetes clusters show up in Slack. The goal is to provide visibility on what’s going on in your infrstructure and application, and to improve the response time of alerts.
More …Simplifying our ECS monitoring
We’re deprecating the Prometheus setup of our ECS clusters. We released that setup a while ago as an alternative for both infrastructure and application montoring for our ECS clusters, similar to what we have in place for Kubernetes. But we’ve found that it hasn’t been really used in any of the clusters. Operational coverage for ECS clusters is still covered by our central monitoring system, and customers have their own monitoring in place to cover the application.
More …Migration to Helm 3
We have migrated all our managed cluster add-ons and our CI to Helm 3.
More …Auto configuration for AWS ElasticSearch multi-az deployment
Our AWS ElasticSearch terraform module now supports auto-configuration for multi-az deployment. The criteria is to always enable multiple Availability Zones up to 3 zones and within the available resources, unless specified otherwise by the user.
More …