Istio upgraded to version 1.15.2
We have upgraded Istio on all clusters that use it. The version was upgraded to 1.15.2 and comes with many security fixes.
Upgraded cluster add-ons
As part of our regular upgrade cycle, the following Kubernetes cluster components have been updated. These changes have already been rolled out to all clusters.
More …New feature: Jaeger tracing
Today we’re adding a new feature in our Kubernetes AWS reference solution. It’s now possible to deploy one or more Jaeger setups on your EKS clusters. AKS clusters will follow in the near future, depending on customer demand.
More …Add support for hierarchical namespaces
As of today we offer the hierarchical namespace controller as an optional component to your cluster.
More …Concourse migrated from ECS to K8s
Today we can proudly say that the web component of Concourse is migrated from ECS to K8s for all our customers!
More …Upgraded Teleport to version 10.1.4
We’ve upgraded all Teleport clusters and nodes from version 9.3.7 to 10.1.4. Teleport is a tool we mostly use internally to provide secure and auditted access to (EC2) instances, Kubernetes clusters and several dashboards.
Upgraded cluster add-ons
As part of our regular upgrade cycle, the following Kubernetes cluster components have been updated. We’ve already rolled these out to all non-production clusters in the past days. Production upgrades are scheduled to happen next week during business hours. As usual, no workload interuptions are expected.
More …Upgraded AKS and EKS clusters to 1.22
We have started rolling out AKS and EKS 1.22. This brings our supported AKS platforms to v1.22.11 and EKS to v1.22.10.
Upgraded cluster add-ons
As part of our regular upgrade cycle, the following Kubernetes cluster components have been updated. We’ve already started rolling these out to all non-production clusters. Production upgrades are scheduled to happen next week during business hours. As usual, no workload interuptions are expected.
More …Upgraded Teleport to version 9.3.7
We’ve upgraded all Teleport clusters and nodes from version 8.2.0 to 9.3.7. Teleport is a tool we mostly use internally to provide secure and auditted access to (EC2) instances and Kubernetes clusters.
More …Calico NetworkPolicy controller upgraded on EKS
On AWS EKS clusters we use Calico for providing NetworkPolicy functionality as an optional feature. With these NetworkPolicies you can control the traffic flow within a Kubernetes cluster between Pods, Services and external resources.
Major Nginx Ingress Controller upgrade
We’re in the process of upgrading the Nginx Ingress Controller from the legacy v0.51.0 version to mainline v1.2.1. This is in preparation for the AKS and EKS upgrades to Kubernetes 1.22 which is following in the coming weeks.
Replacing eventrouter component for persisting K8s events
Kubernetes events are a great resource to debug and troubleshoot problems with workloads and other cluster components. The problem is that the K8s API stores them for only 1 hour. To be able to persist those events further in time, we used an open-source component called eventrouter, which streamed all cluster events into Loki. This project has been deprecated and unmaintained for a while now, so we needed to find a replacement for it.
Improving Loki performance and usability
Some of our customers have experienced performance-related limitations in our Loki & Fluent-bit setup, mainly on queries that require scanning a large volume of data. At the moment we run a monolith Loki architecture, so the single Loki Pod performs all the roles (ingester, querier, query-scheduler, frontend, …). This setup works good enough for most of our customers, but it shows its limitations on large-volume queries, which require some brute-force and could benefit from more parallelism.
More …Upgraded cluster add-ons
As part of our regular upgrade cycle, the following Kubernetes cluster components have been updated. And it’s a big one! We’ve already rolled these out to all non-production clusters. Production upgrades are scheduled to happen on Monday 16/05 during business hours. As usual, no workload interuptions are expected.
More …[Action required] Final call - Deprecated API removal, upgrade your Ingresses etc.
We are preparing to upgrade our platforms to Kubernetes 1.22, which drops support for many deprecated API versions! This is the final call to make sure you’ve updated your manifests, Helm charts (*), etc. to make use of the newest APIs (mainly Ingress, but some others too). Make sure to check out the deprecated API migration guide for more info. Below you will find more details on some of the most common deprecated resources used by our customers.
More …Improved node termination handling (AWS EKS)
For a long time now, we’ve been using the AWS Node Termination Handler for catching Spot instance interruption notices, allowing Kubernetes to respond appropriately by draining these (spot) nodes before they are terminated. You may have noticed this behavior via the “:construction: Instance interruption” notices in the Slack alerts.
More …Add support for GP3 volumes through the AWS EBS CSI driver
You can now create GP3 Persistent Volumes through the gp3 and gp3-encrypted Storage Classes. This is in addition to the previously available GP2 (gp2, gp2-encrypted) and EFS (efs) volumes.
Internal refactor of monitoring addons
We’ve completely refactored how we manage our monitoring components, like Prometheus, Grafana and many exporters and alerts. For you, the platform user, nothing will change although there is some disruption in Grafana and Prometheus expected during rollout.
More …[Important] New 24/7 escalation phone numbers!
It has come to our attention that many of our 24/7 escalation phone numbers could only receive calls from domestic numbers. We have generated new telepohone numbers, so make sure to verify your new number in your repo’s README!