Skip to content

v0.9.5-2

Rollout

  • FFM: September 26, 2024
  • MDB: October 8, 2024

PaaS Release v0.9.5

This release brings a bunch of improvements in different areas. It will include HA setups for various components such as Keycloak and the Gardener Dashboard to ensure higher stability for customer-used services. Internally, other components like Dex, internal OSC Keycloak, and internal monitoring components will also be switched to HA mode to enhance the resilience of the management stack.

Key Features and Improvements

  • Bug Fixes and Stability Improvements: Various bug fixes have been implemented, including upgrading the Golang version used for building internal controller images (CVE-2024-24788), as well as upgrading the Postgres operator and MinIO S3 storage provider.
  • HA Mode for Customer Services: To increase stability and high availability, HA mode has been set for Single Sign-On (SSO) components (Keycloak, Dex) and for the Gardener Dashboard.
  • Improvements in CSI driver: A new feature has been introduced to enable the customer to create persistent volume with custom filesystem configuration. A bug was fixed which caused volume to be unmountable.
  • New Features in S3 Extension: New features has been introduced in the S3 extension, including S3 bucket user management, which allows customers to create and manage S3 bucket users with different permissions across different buckets. The status part of the S3 bucket manifest now also includes information about S3 bucket storage utilization. More details about these new features can be found here
  • Support for Kubernetes Version Up to 1.28: With the new release, Kubernetes version 1.28 is supported for Shoot clusters.
  • Cilium upgrade from 1.14.6 to version 1.15.8 cilium release notes here and compare to previous version 1.14.6 here
  • New Garden Linux 1510.1: Kernel updated to 6.1.89 (with OSC SGX EPC cgroup patches), QEMU updated to 8.2.3 (fixed CVE-2024-3446), Garden Linux packages update to revision 1510, fixed issue with Garden Linux Shoot image (shoot not creating).

Create storage class with filesystem parameters

OSC Container Storage Interface (CSI) offers a way to create volumes with higher number of inodes by creating an additional storage class on Shoot cluster.

To create the storage class which allows higher number of inodes per volume apply following manifest:

apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  name: <name>
provisioner: csi.onmetal.de
parameters:
  mkfs_options: '-i <bytes/inode ratio>'
  type: fast
  volume_pool: <region>
reclaimPolicy: Delete
allowVolumeExpansion: false
volumeBindingMode: WaitForFirstConsumer

S3bucket User management

Support to specify custom users with custom permissions to concrete bucket. More details here.

Notes

It is recommended for customers to upgrade their Worker-Node images to Garden Linux 1510.1.