Skip to content

@jetstack-gitlab jetstack-gitlab released this Mar 29, 2019 · 41 commits to master since this release

Changed

Versions

Application Supported versions Default
Packer 1.2.5
Terraform 0.11.11
Consul 1.2.4
Vault 0.9.6
Kubernetes >= 1.10 && < 1.14 1.12.7
Calico 3.1.4
Vault Helper 0.9.13
Etcd 3.2.25
Assets 8

@jetstack-gitlab jetstack-gitlab released this Mar 22, 2019 · 41 commits to master since this release

Fixed

Changed

Versions

Application Supported versions Default
Packer 1.2.5
Terraform 0.11.11
Consul 1.2.4
Vault 0.9.6
Kubernetes >= 1.10 && < 1.14 1.12.6
Calico 3.1.4
Vault Helper 0.9.13
Etcd 3.2.25
Assets 8

@jetstack-gitlab jetstack-gitlab released this Mar 15, 2019 · 41 commits to master since this release

Another bugfix release for the 0.6 milestone. Fixes disruptionless upgrade path for 0.5.4.

Fixed

  • Ensure ssh_known_host file shares the same ssh_config directory. (#778, @JoshVanL)
  • Replace EnsureDirectoryExists by os.MkdirAll (#773, @simonswine)
  • Fixes route 53 domain name reporting while using network-existing-vpc (#775, @simonswine)
  • Fix bug with Terraform that causes problems on Tarmak upgrades. (#763, @MattiasGees)
  • Set correct datacenter in consul and respect existing datacenters (#766, @simonswine)
  • Support ext4/xfs for new filesystem. Detect fstype of existing ones automatically (#767, @simonswine)
  • Use depends_on on the resource rather than the data object (#768, @simonswine)

Versions

Application Supported versions Default
Packer 1.2.5
Terraform 0.11.11
Consul 1.2.4
Vault 0.9.6
Kubernetes >= 1.10 && < 1.14 1.12.5
Calico 3.1.4
Vault Helper 0.9.13
Etcd 3.2.25
Assets 8

@jetstack-gitlab jetstack-gitlab released this Mar 4, 2019 · 41 commits to master since this release

A problem during our build process has built a broken Darwin binary. Small
bug fix release.

Fixed

  • Down grade upx to 3.94 to build working Darwin binaries during releases (#758, @simonswine)

Versions

Application Supported versions Default
Packer 1.2.5
Terraform 0.11.11
Consul 1.2.4
Vault 0.9.6
Kubernetes >= 1.10 && < 1.14 1.12.5
Calico 3.1.4
Vault Helper 0.9.13
Etcd 3.2.25
Assets 8
Feb 27, 2019
Release 0.7.0-alpha1

@jetstack-gitlab jetstack-gitlab released this Feb 27, 2019 · 41 commits to master since this release

The 0.6 release of Tarmak comes with many more features and improvements to
internals. Notable new additions include pre-built AMI images that are used when
one has not yet been built, making getting a cluster running for new users much
faster. A new worker AMI image type that will pre-install and configure Kubernetes
worker nodes so nodes become ready much faster during auto scaling. Finally, we
have also included an option to deploy Calico using Kubernetes as a backend,
rather than using Etcd directly.

A large focus of this release has been on improving the use of SSH by now
utilising the in package standard Go libraries. This has meant we now have
better control of SSH connections whilst running. We have also developed a
significant change to how SSH host keys are handled, whereby instances will now
tag themselves with their public keys securely, via an Amazon Lambda function.
These tags are then used to populate, verify and update our local host key file
during SSH connections.

We do not report any specific action required for upgrading to 0.6.0 from 0.5.3
besides our normal upgrade method.

More detailed and other changes not mentioned are as follows:

Added

  • Add Packer image that pre-installs Kubernetes dependencies drastically improving node ready time (#390 @MattiasGees)
  • Expose feature flags for Kubernetes components in Tarmak configuration (#431 @joshvanl)
  • Use puppet to install and manage configuration and Systemd Units on Vault instances (#494 @joshvanl)
  • New command tarmak environment destroy to destroy all clusters in an environment (#527 @MattiasGees)
  • New command tarmak cluster logs to gather systemd logs from target instances (#575 @JoshVanL)
  • Allow custom Vault-Helper URLs to be used to download (#619 @joshvanl)
  • Proposal on how to manage the SSH known hosts file and securely propagate instance public keys (#643 @joshvanl)
  • Create OWNER files in sub paths of the Tarmak project (#656 @simonswine)
  • Documentation on how to install and use Ark in Tarmak (#657 @alljames)
  • Wing tags its instance through an Amazon Lambda function securely to advertise it's public key with trust. Tarmak relies on these keys for SSH connection. (#664 @joshvanl)
  • Wing dev mode now also enabled for the bastion instance (#678 @joshvanl)
  • Release pre-built packer images with every release (#682 @simonswine)
  • Give optional Kubernetes backend to calico add-on (#683 @joshvanl)
  • Tarmak created Kubernetes resources have their life cycle managed by Kube-Addon-Manager (#688 @joshvanl)
  • Documentation on how to add Pod Security Policies to arbitrary Namespaces (#694 @MattiasGees)
  • Use Core-DNS DNS and Service Discovery project instead of Kube-DNS for clusters >= 0.10 (#715 @joshvanl)
  • programmatic end to end testing with Sonobuoy (#743 @joshvanl)
  • Disable Overlay ETCD servers when calico in Kubernetes backend mode (#724 @joshvanl)
  • More rigorous fluent-bit acceptance tests (#747 @simonswine)
  • Adds AddListener and RemoveListenerCertificates permissions to ELB nodes (#749 @joshvanl)
  • Adds de-register permissions to ELB nodes (#750 @joshvanl)

Changed

  • Enable dry mode for vault-helper ensure to ensure to write during plan and when in a converged state (#572 @joshvanl)
  • Use in package SSH over a forked exec of OpenSSH. This gives greater control and efficiency of SSH connections in Tarmak (#635 @joshvanl)
  • Hard code Centos version to mitigate errors during minor releases (#649 @simonswine)
  • Upgrade Vault to 0.9.6 and Consul to 1.2.4 (#674 @joshvanl)
  • Upgrade Terraform to 0.11.11 (#675 @joshvanl)
  • Upgrade wing API server internals to upstream Kubernetes (1.13) (#677 @joshvanl)
  • Upgrade Golang to 1.11.4 (#680 @simonswine)
  • Change gobindata dependency to maintained project (#699 @simonswine)
  • Use upstream Kubernetes for binary versioning (#704 @simonswine)
  • Separate Tarmak binaries and assets (#705 @simonswine)
  • Makefile improvements (#709 @simonswine)
  • Use Jetstack's patch metrics-server to scrape Kubelet summary via the Kubernetes API server proxy. Enabled Scraping Kubelets on Master nodes. (#712 @joshvanl)
  • Remove gorelaser from Makefile(#714 @simonswine)
  • Known hosts keys managed by Tarmak and will update if the instance public key tags have updated (#721 @joshvanl)
  • If no private images have been built for non EBS encrypted clusters, fallback
    to using Jetstack's pre-built images (#724 @joshvanl)
  • Upgrade Fluentbit to 1.0.4 (#725 @simonswine)
  • Upgrade Centos to 7.6.1810 (#726 @simonswine)
  • Improve Elastic Search settings (#732 @simonswine)
  • SSH tunnels have a timeout after 10 minutes of inactivity (#730 @joshvanl)
  • Heapster, InfluxDB and Grafana have toggles in the Tarmak configuration. They
    are enabled for current clusters but disable by default for all newly created
    clusters via init (#740 @joshvanl)
  • Upgrade default Kubernetes version to 1.12.5 (#753 @simonswine)

Fixed

Assets 8

@jetstack-gitlab jetstack-gitlab released this Feb 14, 2019 · 361 commits to master since this release

Updated the Centos image due to CVE-CVE-2019-5736: a runc venerability that
enables container break-out,
details

Changed

Versions

Application Supported versions Default
Packer 1.0.2
Terraform 0.11.8
Consul 1.2.3
Vault 0.9.5
Kubernetes >= 1.9 && < 1.13 1.11.5
Calico 3.1.4
Vault Helper 0.9.13
Etcd 3.2.25
Assets 8
You can’t perform that action at this time.