Welcome to the release of Kubernetes Fury Distribution (KFD) versions
As a part of Team SIGHUP's continuous efforts to serve the community with a production-ready full-fledged Kubernetes Distribution, we continuously keep expanding and maintaining the Kubernetes Fury ecosystem to keep up with the latest upstream changes.
Let us dive together into the changes for this new version.
Highlights of KFD release
- Three new versions released, following the new versioning scheme (learn more of the new scheme on this blog post.
v1.24.0, certified by the CNCF, adds support for Kubernetes
- Updated all the core modules to the latest upstream versions with bug fixes, security updates, and new features.
- Big refactoring on the logging module, replacing Elasticsearch and Kibana with Opensearch and Opensearch Dashboards.
- New Auth core module for securing Ingresses.
This time, three new releases were published, one for each of the versions supported by Fury.
The latest release of KFD has passed tests against 3 Kubernetes runtimes:
Certified Kubernetes 1.24
KFD now supports the latest stable minor version of Kubernetes
1.24, giving you all the awesome perks from Kubernetes upstream ready to go.
Each Kubernetes Fury Distribution version tested for conformance across all 3 supported Kubernetes versions across multiple cloud environments.
You can learn more about all the new changes in Kubernetes 1.24 in the official notes and the official changelog. There is also a very detailed blog post on the release from Sysdig that we recommend checking out.
Updated core modules
In KFD, we maintain a set of core modules based on cloud-native projects that we consider essential for a production-grade cluster.
With this new release, we have updated all the modules to the latest stable version from upstream. Including several enhancements, bug fixes, and security patches.
Following is a list of the core modules and the updates in them:
All the three new versions contains the same core module versions.
Kubernetes Fury Networking implements in-cluster networking functionality for the Kubernetes Fury Distribution (KFD) via Container Network Interface (CNI) plugins.
This new release of the networking module updates Calico and adds the Tigera operator package to manage Calico in different types of clusters. For example, it can deploy Calico on on-prem clusters, or deploy Calico on EKS clusters for Network Policy enforcement.
- Updated calico from
- Updated ip-masq-agent from
- Added Tigera operator package.
Kubernetes Fury Monitoring provides a fully-fledged monitoring stack for the Kubernetes Fury Distribution (KFD). This module extends and improves upon the Kube-Prometheus project.
This new release of the Monitoring module, is a major overhaul of the module. Goldpinger package has been removed, metrics-server has been replaced with prometheus-adapter, and blackbox-exporter has been added to the module.
The blackbox exporter allows blackbox probing of endpoints over HTTP, HTTPS, DNS, TCP, ICMP and gRPC.
- Updated alertmanager from
- Updated grafana from
- Updated kube-rbac-proxy from
- Updated kube-state-metrics from
- Updated prometheus-operator from
- Updated prometheus from
- Updated x509-exporter from
- Removed goldpinger package.
- Removed metrics-server package.
- Added blackbox-exporter package
- Added prometheus-adapter package
Kubernetes Fury Logging provides a logging stack for the Kubernetes Fury Distribution (KFD).
This new release of the logging module is the second major jump in the module (we also released the versions 2.x.x, never used in a distribution release), and it comes with two big refactoring.
Elasticsearch and Kibana have been replaced with Opensearch and Opensearch Dashboards. This changes was necessary since Elasticsearch changed it's licensing model from Apache 2.0 to a proprietary one. Opensearch is a fork of Elasticsearch that keeps the same codebase but continues in an open source way.
Additionally, the manually maintained fluentd and fluentbit packages have been replaced with the Banzai Logging Operator. The Banzai Logging operator automates the deployment of fluentd and fluentbit, and it also manages their configuration. You will be able to self-manage additional logging configurations, flows and outputs (for example, if you need to send logs to another output) without the need to patch the fluentd or fluentbit configuration directly.
- Removed elasticsearch package.
- Removed kibana package.
- Removed fluentd package.
- Removed curator package.
- Added opensearch package
- Added opensearch-dashboards package
- Added logging-operator package
- Added loki-stack as tech preview package
Kubernetes Fury Ingress provides Ingress Controllers to expose services and TLS certificates automated management solutions.
This new release of the ingress module removes all the packages related to authentication and authorization, see the new Auth module below for more information.
Additionally, the annotation support for specifying the ingress class has been removed, the NGINX Ingress Controller now uses only the
.spec.ingressClassName field instead.
A new package has been added, ExternalDNS. ExternalDNS synchronizes exposed Kubernetes Services and Ingresses with DNS providers. For now, ExternalDNS can be configured only with AWS Route53, but we are working on adding support for other providers.
- Updated cert-manager from
- Updated forecastle from
- Removed nginx-ldap-auth package.
- Removed nginx-ovh package.
- Removed nginx-gke package.
- Removed pomerium package.
- Added external-dns package
- Added aws-cert-manager terraform module.
- Added aws-external-dns terraform module.
Kubernetes Fury DR implements backups and disaster recovery for the Kubernetes Fury Distribution (KFD) using Velero.
The DR module has been updated to the latest stable version of Velero, and the Velero plugins has been updated to the latest stable version as well.
In this release we removed the deprecated
eks-velero Terraform module. If you are using EKS, you can use the
aws-velero module instead.
Additionally, we added a Prometheus alert to notify you if there are no successful backups in the last 24 hours for the included schedules.
- Updated velero from
- Updated velero-plugin-for-aws from
- Updated velero-plugin-for-microsoft-azure from
- Updated velero-plugin-for-gcp from
- Updated velero-plugin-for-csi from
Kubernetes Fury OPA provides policy enforcement for the Kubernetes Fury Distribution (KFD) using OPA Gatekeeper.
The OPA Module has been updated with general enhancements. Gatekeeper Policy Manager is now at version
v1.0.x and includes a revamped UI.
Additionally, a set of new Prometheus alerts has been added to notify you if the Gatekeeper webhooks are misbehaving for more than 5 min.
- Updated gatekeeper from
- Updated gatekeeper-policy-manager from
Kubernetes Fury Auth provides authentication components for the Kubernetes Fury Distribution (KFD).
This new module, moves all the packages related to authentication and authorization from the Ingress module and the on premise installer to this new module.
- Added pomerium package
- Added dex package
- Added gangway package
Discover more about each module by navigating to the Modules section on this site.
For the first time in this release, various upgrade paths have been identified depending on which version of Fury you are in, you can read all the paths and find the guides here.
New add-on modules
Simultaneously to this release, we expanded the Fury ecosystem adding two new add-on modules:
- Kafka module, to manage Apache Kafka (distributed event streaming platform) clusters in Kubernetes leveraging the Strimzi operator.
- Storage module, to manage Ceph clusters in Kubernetes via the Rook operator, adding RWO and RWX persistent volumes capabilities.
Kubernetes never stops getting better and more powerful with each release, and this time with version 1.24 is no different! A lot of exciting news to unpack and understand how to take advantage of.
With KFD we do our best to give you all of the benefits of running Kubernetes in the painless way possible.
Thank you for reading and for your interest in Fury Kubernetes Distirbution, we are happy to have you as part of our community! Come hang out with us in our Slack channel.
If you would like a demo or personalized support and consultancy on KFD or Kubernetes in general, book your slot over here.