Update of ingress-nginx
We have updated the ingress-nginx component to 0.33.0 and its chart to the latest version (2.6.0)
More …Migrating from kube2iam to IAM roles for Service Accounts (IRSA)
Since the beginnning when we started rolling out our K8s-based reference solution towards customers, we’ve been handling application access to AWS resources via kube2iam.
More …Update of Velero
We have updated the Velero cluster components to 1.4.0. Velero is responsible for taking cluster backups.
Upgraded monitoring plugins
We have updated our monitoring plugins on our Kubernetes clusters.
More …Vault upgraded to 1.4.2
We have updated our Kubernetes based Vault setups from 1.3.2 to the latest version 1.4.2.
More …Upgrade EKS to 1.16
We have updated our EKS control planes and nodes to the latest supported version: 1.16. This brings EKS on K8s v1.16.8.
More …Additional Concourse monitoring
We’ve enhanced the way we monitoring Concourse setups by adding new alerts for workers state along with endpoint monitoring for the Concourse web UI.
More …Cert-manger updated to 0.15.1
We have updated cert-manager from v0.13.1 to v0.15.1, bringing a number of new features and improvements. Cert-manager is the component responsible for providing you automatic certificates through for example LetsEncrypt.
More …Upgrade Concourse to version 6.2.0 and other improvements
We have upgraded our Concourse solution to the latest version V6.2.0. In the meanwhile we have changed the workers from Ubuntu 16.04 based AMIs to Amazon Linux AMIs so its more in line with our offering.
More …Resizable persistent volumes
We updated the defaults for our persistent volume storage classes to allow for volume expansion. This allows you to Modify the volume in your PersistentVolumeClaim without the need to replace the existing volume.
More …Monitoring RDS instances through Prometheus
Up until now we’ve been monitoring our managed RDS instances through Icinga, which has been working great. But for Kubernetes customers, we’ve been relying on Prometheus more and more to monitor external services, as well as the cluster itself. So it just makes sense that we also monitor RDS instances through it.
More …Automated OpenVPN deployments
In the past the OpenVPN deployment was done manually to each cluster. As of today we made it part of our Addons stack and deploy and update OpenVPN in an automated way.
More …Upgrades to monitoring & logging components
We’ve rolled out some minor updates to the following monitoring and logging components:
More …Fix Services without Endpoints timeout instead of reject
If a Kubernetes Service had no active Endpoints, for example when a deployment is scaled to 0, then requests to that Service were timing out. Instead it’s supposed to reject traffic with the appropriate ICMP response.
More …Option to configure custom routes and endpoints in Alertmanager
We now offer the option to configure custom endpoints and custom routes in Alertmanager. This is useful if you want to route your prometheus alerts to custom slack endpoints or use an escalation tool like PagerDuty or OpsGenie.
More …Option to add an internal-only Ingress controller
We now offer the option to enable and use an internal-only Nginx Ingress Controller, next to the public one we offer by default. This is useful if you want to expose services running in K8s only within the private AWS VPC network.
More …Loki - Option to set custom labels in Promtail
We now offer the option to parse custom log labels with Promtail so you can use them in Loki.
More …Oauth-proxy security fix following High Severity CVE-20200-11052
Today a notice for CVE-2020-11053 with a severity of High went out, impacting our oauth2-proxy that is used for authentication to our internal dashboards.
More …Update of cluster components
We have updated the following cluster components to their latest version:
More …Upgrade EKS to 1.15
We have updated our EKS control planes and nodes to the latest supported version: 1.15. This brings EKS on K8s v1.15.11.
More …