With engines on and all hands on deck, we are fully concentrated on the upcoming major release of Kyma 2.0. For this reason, this release is rather a short stop on a longer route, meant to apply all patches that would allow us to continue a secure journey. Read on to see the changes we provide in this release.
See the overview of all changes in this release:
- Installation - Istio upgraded to 1.10.2, ORY charts updated
- Observability - Keycloak Gatekeeper replaced with OAuth2 Proxy
In this release, we upgraded Istio from 1.9.5 to 1.10.2. For more details on the introduced changes, read the official Istio 1.10.2 release notes.
NOTE: As of the 1.24.5 patch release, we upgraded Istio from 1.10.2 to 1.11.1. Find more details in the Istio 1.11.1 release notes.
NOTE: As of the 1.24.8 patch release, we upgraded Istio from 1.11.1 to 1.11.4. Find more details in the Istio 1.11.4 release notes.
We also updated ORY charts, changing the Oathkeeper version to 0.38.11-beta.1. For more details on the introduced changes, read the official Oathkeeper 0.38-11-beta.1 release notes.
Keycloak Gatekeeper, which was used to secure access to Kiali, Grafana, and Jaeger, was replaced with OAuth2 Proxy. Due to different capabilities of OAuth2 Proxy, the available override values to expose Kiali, Grafana, and Jaeger also changed respectively. As a result, configuring the exposure of individual resources is not possible anymore. Also, matching custom OAuth2 claims is not supported anymore.