@jetstack-gitlab jetstack-gitlab released this Nov 26, 2018 · 107 commits to master since this release

Assets 8

The 0.5 release of Tarmak adds support for Kubernetes up to minor version 1.12.
A focus of the release was to ensure all data stores are encrypted at rest.
Another focus was on the stability of tarmak. Various components had version
and/or configuration upgrades to ensure resiliency in the operation.

This detailed changes have happend since the last minor version of Tarmak:

Added

  • Update default kubernetes version for new clusters to 1.11.4 (#638, @simonswine)
  • Istio example in documentation (#551, @charlieegan3)
  • Option to enable EBS encryption (#496, @alljames)
  • Toogle EBS encryption and protect EBS data from being deleted (#531, @simonswine)
  • Kube bench proposed security fixes (#639, @simonswine)
  • Point Tarmak CLI to new multicluster environment's 'hub' cluster by default (#566, @alljames)
  • Jetstack Navigator example in documentation (#539, @charlieegan3)
  • SPIFFE/SPIRE proposal/feasibility document. (#445, @JoshVanL)
  • Documentation regarding using AWS instance storage (#545, @MattiasGees)
  • Prometheus collection of systemd unit status (#612, @simonswine)
  • Bastion and Vault instance pools now support additional policies declared in the config (#579, @JoshVanL)
  • Etcd backup strategy (daily push of KMS encrypted snapshots of every instance) (#558, @simonswine)
  • Auto-generated CLI documentation (#589, @JoshVanL)
  • Flag --auto-approve and --auto-approve-deleting-data for cluster apply command (#560, @JoshVanL)
  • KMS Server Side Encryption to Consul S3 backups (#614, @JoshVanL)
  • KMS encrypt terraform remote S3 state data. (#505, @JoshVanL)
  • plan --plan-file-store and apply --plan-file-location (#563, @JoshVanL)
  • cluster apply --auto-approve and cluster apply --auto-approve-deleting-data (#560, @JoshVanL)
  • Format terraform code for CI (#580, @JoshVanL)
  • Tests for auto-generated terraform code (#535, @JoshVanL)
  • Restart Consul on failure (#502, @dippynark)
  • Restart etcd and wing-server on the bastion automatically on failure (#510, @dippynark)
  • Metrics-server add-on from Kubernetes version 1.7 onwards (#487, @dippynark)
  • Vault_server puppet module to initiate vault servers (#476, @JoshVanL)
  • Support to enable API Server ELB access logs (#492, @JoshVanL)
  • Set root volume attribute variables, previously only default was used. (#447, @charlieegan3)
  • Cluster force-unlock subcommand for to release terraform state lock. (#522, @JoshVanL)
  • Expose auto-cluster's --scale-down-utilization-threshold in .tarmak.yaml (#456, @JoshVanL)
  • Validate configuration, so that hubs in multi cluster environments contain all zones of their clusters (#471, @JoshVanL)
  • cluster kubeconfig (#632, @JoshVanL)
  • Configuration file for Kubelet and Kube-Proxy for Kubrnetes clusters >= 1.11 (#442, @JoshVanL)

Changed

Fixed

Versions

Application Supported versions Default
Packer 1.0.2
Terraform 0.11.8
Consul 1.2.3
Vault 0.9.5
Kubernetes >= 1.9 && < 1.13 1.11.4
Calico 3.1.4
Vault Helper 0.9.13
Etcd 3.2.25