2.10.0
The holiday season gave us a welcome break and an excellent opportunity to recharge our batteries. With this energy boost, we’ve set off into the new year, wishing you the best of luck and offering you the best of Kyma in its latest version, 2.10! Read on to find out what we have prepared for you.
Application Connectivity
From now Application Gateway will use the kyma-system
Namespace instead of the kyma-integration
Namespace. The Secrets related to the Namespace are not removed automatically in the process of upgrading Kyma to version 2.10. To remove them, you must run the migration script after successfully migrating from Kyma 2.9 to Kyma 2.10.
Eventing
NATS
We introduced a system account
user to allow full leverage of the NATS CLI. For more information, read about Acquiring NATS server system account credentials.
Metrics
We exposed new metrics for backend latency.
We also introduced consistent naming for all metrics exposed by Eventing Publisher Proxy (EPP).
Read Kyma Eventing Metrics for more details.
Observability
Kiali
As announced in the blog post on Kiali deprecation, Kiali was deprecated with Kyma 2.8 and will be removed in Kyma 2.11.
Deprecation of Monitoring
We decided to deprecate the monitoring component based on Prometheus/Grafana. Please start the transition to alternative solutions now. The actual removal will happen in half a year or later, with Kyma 2.16 at the earliest. For more information, read this blog post.
Monitoring
Kyma 2.10 brings the update to the latest Prometheus images (version 2.40.7).
Telemetry
Logs
With this version of Kyma, we offer solutions to the following issues:
- Improved implementation so that unnecessary restarts of Fluent Bit DaemonSet are avoided on the LogPipeline changes
- Improved certificate handling of LogPipeline and LogParser webhook so that there are no webhook downtimes caused by improper certificates
- Dashboard support for defining LogPipelines and LogParser
Traces
The first version of the new configurable tracing feature is available. Under the umbrella of the telemetry module, a new CRD TracePipeline is available as well. That new API will manage an OpenTelemetry Collector which supports you in integrating the trace aspects within a runtime into OTLP-based backends. For now, Basic Authentication is supported, and further ways of authentication will be added soon.
The Serverless and tracing modules were adjusted to the new approach.
Also, Istio got switched to the new approach. Thus, the trace propagation protocol was changed to the W3C Trace Context. Furthermore, the new Istio Telemetry API got activated to configure tracing settings selectively.
Serverless
With Kyma 2.10, we stop supporting the configuration of the previous Jaeger endpoint (at port 14268
) as an option for Serverless Functions to send trace data. This endpoint was deprecated with Kyma 2.8 and replaced with one (at port 4318
) that is compliant with Open Telemetry Protocol (OTLP). Functions don’t receive the previous endpoint as a configuration variable. Thus, if not rebuilt, they cannot send proper trace data. Functions built before Kyma 2.8 need to be rebuilt so that their trace data can be properly collected at the new OTLP endpoint introduced with the 2.8 release.
Service Mesh
Istio upgraded to 1.16.1
With this release, we upgraded Istio from 1.15.3 to 1.16.1. For more details on the changes, read the official Istio 1.16 Upgrade Notes.
Istio sidecar injection annotation deprecated
As of version 1.16 of Istio, the sidecar.istio.io/inject
annotation was deprecated in favor of the sidecar.istio.io/inject
label. To learn how to configure your Pods so that the Istio sidecar injection remains fully supported, read this blog post.
Support for XFF header
With this version of Kyma, we introduced Istio custom resource (CR) supporting the configuration of numTrustedProxies
. Read about the Support for XFF with Istio to learn how to configure Istio CR and secure your workload on a forwarded client IP.
Changelog
2.10.0-rc2 (2023-01-12)
Tracing
Committers: 5
- Christoph Kleineweber (@chrkl)
- Grzegorz Karaluch (@grego952)
- Mansur Uralov (@muralov)
- Muhammad Faizan (@mfaizanse)
- Wojciech Sołtys (@Sawthis)
2.10.0-rc1 (2023-01-10)
Api Gateway
- #16490 Bump API-Gateway image to release 1.2.0 (@barchw)
- #16128 Update Serverless & APIRules Kyma Dashboard guides (@Lyczeq)
Application Connector
- #16024 Change Application Connector secret namespace to kyma-system (@mvshao)
- #16414 Change status code for not found in Validators cache (@franpog859)
- #16143 Script copying secrets used by Application Connector to integration namespace (@mvshao)
- #16382 Bump the golang version in the AC (@franpog859)
- #16182 add tip about creating App from Busola (@grego952)
Serverless
- #16475 Fix Serverless registry-gc race condition (@moelsayed)
- #16471 Fix Serverless registry-gc failure on NotFound tags (@moelsayed)
- #16464 Fix No-Content response from nodejs16 runtime (@kwiatekus)
- #16425 Add registry cache garbage collection for serverless (@moelsayed)
- #16398 Use latest patch version for nodejs function runtimes (@kwiatekus)
- #16295 Remove simple fn cfg from integration tests (@dbadura)
- #16334 Serverless go.mod versions bump (@moelsayed)
- #16309 Bump Serverless runtimes (@moelsayed)
- #16266 Rename Serverless internal registry initContainer (@moelsayed)
- #16256 Fix issue with internal registry after waking up from hibernation (@moelsayed)
- #16128 Update Serverless & APIRules Kyma Dashboard guides (@Lyczeq)
- #16168 Bump k8s-tools image (@halamix2)
- #16172 Fix retry on conflict in Serverless integration tests (@moelsayed)
- #16108 add SecretMounts to function API (@anoipm)
- #16149 Delete unused customRuntimeConfiguration in function_types.go (@MichalKalke)
- #16138 Add Internal Registry Garbage Collection proposal (@moelsayed)
- #16116 Support structured json format of incoming CEs in nodejs runtimes (@kwiatekus)
- #16101 Bump k8s-tools image (@halamix2)
Eventing
- #16503 Image bumps for Eventing (@mfaizanse)
- #16502 Preset typeMatching standard as a default value in create subscriptions' form (@VladislavPaskar)
- #16476 Separate between unit and integration tests for jetstreamv2 package (@nachtmaar)
- #16474 Add NATS ConnectionBuilder (@nachtmaar)
- #16423 Change JetStream maxBytes to be 70% of the total file storage (@marcobebway)
- #16468 Reorganise nats config and nats backend import paths (@nachtmaar)
- #16459 Add KLogger interface (@nachtmaar)
- #16460 Add cloudevent client and factory (@nachtmaar)
- #16457 Add generic ArgumentError (@nachtmaar)
- #16451 Update api-gateway crd in eventing tests (@mfaizanse)
- #16436 use github team to configure ownership on eventing components (@k15r)
- #16434 fix nats resolv.conf (@k15r)
- #16422 Update eventing metrics docs (@raypinto)
- #16427 fix broken epp metrics tests (@k15r)
- #16396 Add system-account user to nats-server (@raypinto)
- #16400 add the doc for nats-server system_account credentials (#15381) (@raypinto)
- #16298 improve epp metrics (@k15r)
- #16407 Update outdated docs (@VladislavPaskar)
- #16352 Update cleanup logic for jetstream v1alpha2 to clean slashes (@raypinto)
- #16343 fix conversion bug for protocol settings (@raypinto)
- #16351 Print error when jetstream dispatch fails (@k15r)
- #16294 Add validation webhook reconciler tests for jetstream (@raypinto)
- #16260 Add validation webhook integration tests for eventmesh (@raypinto)
- #16176 add component name to nats connection (@k15r)
- #16245 bump epp image (@k15r)
- #16243 change loglevel from debug to error for invalid legacyEvent (@k15r)
- #16131 Add stream re-creation check in eventing FI tests (@raypinto)
- #16115 Change http response code based on backend error (@k15r)
Security
- #16398 Use latest patch version for nodejs function runtimes (@kwiatekus)
- #16334 Serverless go.mod versions bump (@moelsayed)
- #16309 Bump Serverless runtimes (@moelsayed)
Service Mesh
- #16371 Update Istio to 1.16.1 (@cnvergence)
- #16103 Introduces XFF configuration support for Istio via CRD (@videlov)
Monitoring
- #16277 update to latest prometheus images (@rakesh-garimella)
- #16215 updated node-exporter to patch version 1.4.1 (@a-thaler)
- #16224 updated kiwigrid sidecar to newest python version (@a-thaler)
- #16223 Duplicate definition of GF_PATHS_PROVISIONING env variable in grafana (@a-thaler)
Logging
Tracing
- #16353 Kyma OpenTelemetry Grafana Dashboard (@hisarbalik)
- #16394 adding istio tracing to the tracing documentation (@a-thaler)
- #16336 Redesign of telemetry/observability docu (@a-thaler)
- #16357 Disable TLS when non https endpoint used (@hisarbalik)
Documentation
- #16400 add the doc for nats-server system_account credentials (#15381) (@raypinto)
- #16407 Update outdated docs (@VladislavPaskar)
- #16220 Delete 2.5-2.6 and 2.8-2.9 cleanups (@nataliasitko)
- #16182 add tip about creating App from Busola (@grego952)
- #16163 Remove migration guide 2.8-2.9 (@nataliasitko)
Committers: 44
- Aleksei Chernyshov (@Teneroy)
- Andreas Thaler (@a-thaler)
- Arkadiusz Galwas (@akgalwas)
- Bartosz Chwila (@barchw)
- Benjamin Lindner (@lindnerby)
- Christoph Kleineweber (@chrkl)
- Damian Badura (@dbadura)
- Filip Strózik (@pPrecel)
- Franciszek Pogodziński (@franpog859)
- Friedrich (@friedrichwilken)
- Grzegorz Karaluch (@grego952)
- Hisar Balik (@hisarbalik)
- Iwona Langer (@IwonaLanger)
- Jakob Möller (@jakobmoellersap)
- Jakub Lyczko (@Lyczeq)
- Jan Wozniak (@wozniakjan)
- Jarosław Pieszka (@jaroslaw-pieszka)
- Jeremy Harisch (@jeremyharisch)
- Karol Szwaj (@cnvergence)
- Korbinian Stoemmer (@k15r)
- Krzysztof Kwiatosz (@kwiatekus)
- Mansur Uralov (@muralov)
- Marcin Dobrochowski (@anoipm)
- Marco Bebway (@marcobebway)
- Michał Kalke (@MichalKalke)
- Mohamed Elsayed (@moelsayed)
- Muhammad Faizan (@mfaizanse)
- Natalia Sitko (@nataliasitko)
- Nils Seip (@nachtmaar)
- Piotr Halama (@halamix2)
- Przemyslaw Golicz (@koala7659)
- Rafal Foks (@mvshao)
- Rakesh Garimella (@rakesh-garimella)
- Raymond Pinto (@raypinto)
- Stanislav Khalash (@skhalash)
- Tim Riffer (@triffer)
- Tobias Schuhmacher (@tobiscr)
- Vladimir Videlov (@videlov)
- Wojciech Nawa (@VOID404)
- Wojciech Sołtys (@Sawthis)
- Wojciech Wrzalik (@ralikio)
- @VladislavPaskar
- @dariusztutaj
- marcin witalis (@m00g3n)