Today we’re releasing a new user-level knowledge base of our products and services. It’s aimed to help you be more confident and autonomous in managing your applications on our platforms. You can find it in the following GitHub repository: https://github.com/skyscrapers/documentation
More …We upgraded and tested our test cluster successfully to Debian stretch now that all open issues are resolved.
More …Teleport has been upgraded to version 2.7.5 for all users. This upgrade includes various bugfixes and performance improvements, as well as additional functionality such as scp (secure copy) from the web interface.
More …Today we release the addition of the Kubernetes Cluster AutoScaler to our clusters. Since we’ll be enabling the autoscaler by default, we’ll be initially deploying it on staging while production clusters will follow in a couple of days.
More …Our Vault setup is configured to store the data in a DynamoDB table, using Vault DynamoDB storage backend. DynamoDB already replicates all the data in a table across three availability zones, giving Vault high availability and data durability. From today, we’re also enabling point-in-time recovery for the DynamoDB table, which provides continuous backups of the data for the last 35 days. This will give you the possibility to restore your Vault data in case it gets deleted or corrupted by accident, or you just want to go to a previous state.
More …We have updated our internals infrastructure tools to the latest version. These upgrades add bugfixes and several new features.
More …We’ve reduced the number of NAT gateways per VPC. In the previous setup we created one NAT gateway per VPC where we routed all the non-k8s traffic, and we had three NAT gateways just for the k8s cluster (one for each Availability Zone). In total we ended up having 4 NAT gateways per environment, plus one for the tools stack, so a total of 9.
More …We use Elasticsearch with Kibana to aggregate logs from Kubernetes and our customers’ applications. Today this stack got upgraded to 6.3, bringing several improvements and bug fixes.
We’ve upgraded all the Concourse setups to the latest available version, that’s 4.2.1. As you might have read in the previous post from concourse we were working on the upgrade to Concourse 4.1. During that process we ran into some bugs that we had to mitigate. Early this week Concourse released v4.2 and a day later 4.2.1. We decided to immediately upgrade our test cluster to this version and when everything was stable also upgrade our customer clusters.
More …We’ve upgraded all the Concourse setups to the latest available version, that’s 4.1.0.
We have upgraded our test concourse cluster from v3.14.1 to v4.1.0. Customer clusters will follow shortly after we have confirmed there are no issues with our workloads.
Update: Changed Kubernetes update from 1.10.7 to 1.10.8
More …Some of our infrastructure components were logging extensively to CloudWatch logs and Elasticsearch, filling up precious disk space for our customers. We have now reduced the logging verbosity of those components.
We’ve improved the monitoring for the Kubernetes clusters monitoring component, a.k.a. Calico. We’ll now have more insights in how the networking is behaving in case of trouble. You’ll see there’s an extra dashboard in Grafana showing some interesting metrics from Calico.
The AWS Inspector agent is now installed by default on all nodes. Get in touch if you’d like to configure Inspector Assessments.
We’ve rolled out an OIDC proxy in front of all dashboards of your Kubernetes cluster, including Grafana and Prometheus. So you can access those dashboards via GitHub authentication, instead of needing to go through a VPN.
We’ve upgraded all the Concourse setups to the latest available version, that’s 3.14.1.
More …