Ahoy, mateys! We're calling at the port again to load up with a fresh portion of new features, improvements, and upgrades, but also to unload stuff that we no longer need on this journey and that's been slowing us down. Support for Kubernetes 1.21, a new alpha option for the deploy command, support for non-alphanumeric characters in event types, upgrade of the whole Monitoring component, and Istio refactoring are just some of those things that we happily bring aboard. Read on to find out more about this Kyma 2.1 ship!

CAUTION: Before upgrading to Kyma 2.1, read the Migration Guide.

General

With release 2.1, we now officially support and test against Kubernetes 1.21.

CLI

The deploy command: try the new dry-run option in the alpha version

With this release, a new dry-run option was added to the deploy command. It lets you trial-run the YAMLs for your Kubernetes resources and see what the output would be if they were deployed. Mind that for now, the option is in the alpha version. It cannot be used yet to apply a full Kyma installation, as the components having custom installation routines (such as Istio) are not included in the generated manifests. See the Kyma CLI documentation for more details.

The deploy command: specify components with downloadURL and version

Another addition to the deploy command is an extension to the --component flag. Previously you could specify the name and namespace for the component. Now you can also specify the two additional parameters: downloadURL and version. Again, refer to the CLI documentation for more details.

Generate schema for Function manifests

We improved the development experience for Functions developers. We added schema generation for the config.yaml manifests. This, when combined with dedicated plugins in your IDE, helps you avoid mistakes via validation and autocompletion.

• If you use the VSCode IDE to develop Function code, just use the --vscode option when generating the Function project:

  kyma init function --vscode

  This command creates the .vscode folder, which contains the schema for config.yaml. Install the YAML plugin in your IDE and VSCode will automatically pick it up for validation and autocompletion.

• If you just want to generate the schema, use the following command:

  kyma get schema serverless

  This will print out the JSON schema so that you can import it in your preferred IDE.

Support for Gardener cluster hibernation added

Starting with Kyma 2.1, it is now possible to specify a hibernation schedule for a Kyma cluster which was created using the kyma provision gardener command. To do so, specify a hibernation schedule by providing cron expressions for the start and end of the hibernation, and the timezone on which to base the schedule:

kyma provision gardener gcp -n my-cluster -p my-project -c /path/to/credentials.yaml -s gcp-secret --hibernation-start="00 18 * * 1,2,3,4,5" hibernation-end="00 09 * * 1,2,3,4,5" hibernation-location="Europe/Berlin" 

By default, all Gardener clusters have hibernation scheduled for weekdays at 6pm (18:00) in the Europe/Berlin timezone.

Provisioning commands for GKE, AKS, and AWS removed

With this release, we removed the support for provisioning Kyma clusters on the GKE, AWS, and AKS hyperscalers. Provisioning of a cluster via Gardener or k3d is still possible.

Eventing

Support for non-alphanumeric characters in event types

The naming in event types comes with certain restrictions.
Previously, we only supported ASCII alphanumeric characters from the range [a-zA-Z0-9]+. If your name contained an unsupported character, the event sending was failed.

Starting from this release, we no longer fail sending such events. Instead, the unsupported characters are automatically dropped from events sent to Kyma and also from event types specified in the Subscription CRD.

Read about the event names and Subscription CRD in more detail.

Observability

Kiali and Jaeger upgraded

With Kyma 2.1, the Kiali and Jaeger components were updated to the following recent versions:

• Kiali 1.44
• Jaeger 1.30.0

Monitoring upgraded

Speaking of upgrades, the different components of the Monitoring area also got one. While doing that, we felt inspired and updated the used Helm chart, too, and adapted it to the upstream charts. The components were upgraded to the following versions:

• Node-exporter 1.3.1
• Kube-state-metrics 2.3.0
• Prometheus 2.32.1
• Prometheus Operator 0.53.1
• Alertmanager 0.23.0
• Pushgateway 1.4.2
• Grafana 7.5.15
• Oauth2 Proxy 7.2.1

As the kube-state-metrics component got a major upgrade to version 2.x, some metrics were restructured.

The following table shows how the metrics were affected:

Furthermore, the envoy_ metrics exposed by the Istio sidecar running with every workload are not collected by default anymore.
However, we continue to collect the more relevant istio_ metrics, which are used in the Istio-specific dashboards.
It turned out that the envoy_ metrics were helpful only in advanced troubleshooting scenarios and introduced too big a cardinality of the metrics, resulting in big resource consumption. Still, you can enable them optionally.
See #issue 13659 for more details.

Grafana dashboards improved

Several improvements were applied to the dashboards that come with Grafana in Kyma:

• The Loki dashboard was improved by adding a new top section with the most relevant metrics displayed.
• All dashboards were adjusted to the metric changes coming with the major upgrade of kube-state-metrics.
• The dashboards tagged as kubernetes-mixins were updated to the latest available version from the community.
• node-exporter and Prometheus dashboards were replaced by the version provided by the community.
• The Kyma frontends and backends dashboards were removed, as they had no additional value to the existing dashboards.
• The Kyma Controllers dashboards were revamped to have relevant reconciliation metrics included, and they were rolled out to all Kyma controllers.

The alertmanager chart revamped

The Kyma alertmanager chart, which is a sub-chart of the Monitoring component, was refactored more heavily. Mainly, we tried to remove customizations that were in contrast to the available community chart, to simplify future updates.

With that, the following changes were applied:

• The dedicated configuration options for VictorOps were removed. Use the typical options for configuration of notification channels instead.
• New alert rules were added:
  • AlertmanagerFailedToSendAlerts
  • AlertmanagerClusterFailedToSendAlerts
  • AlertmanagerClusterFailedToSendAlerts Warning
  • AlertmanagerClusterDown
  • AlertmanagerClusterCrashlooping
  • ConfigReloaderSidecarErrors
  • KubeStateMetricsShardingMismatch
  • KubeStateMetricsShardsMissing
  • KubeAPITerminatedRequests
  • NodeFileDescriptorLimit
  • PrometheusLabelLimitHit
  • PrometheusTargetSyncFailure
  • PrometheusOperatorSyncFailed
• The following alert rules were renamed:
  • AggregatedAPIDown → KubeAggregatedAPIDown
  • AggregatedAPIErrors → KubeAggregatedAPIErrors

Logging chart updated and Loki improved

We updated the Logging component to the latest available FluentBit version, 1.8.13.
Furthermore, the label map for the Loki integration was improved:

• Previously, we had the Kubernetes app label mapped to the Loki app label. Now, on top of that, we also mapped the label app.kubernetes.io/name to the Loki app label.
• We mapped the label app.kubernetes.io/component to the Loki component label.
• We removed the release and serverless.kyma-project.io/uuid labels to improve the chunk size handling in Loki.

Moreover, besides having data retention by time, we introduced a new sidecar taking care of data retention by size. With that, Loki will not crash anymore when reaching the volume size limit. Oldest data is deleted first.

Serverless

Node.js 12 deprecated

The base image for Node.js 12 will be maintained only until April 2022. Thus, following the recommendations from Node.js, we are planning to remove Node.js 12 from the list of supported runtimes soon. This basically means that Node.js 12-based Functions will continue to work, but you won’t be able to create a new Function on this runtime or edit an existing Function to run on it.

For now, we recommend that you re-configure all your Node.js 12 Functions to run on the Node.js 14 runtime.

Service Mesh

FIPS distroless Istio images provided by Solo

With Kyma 2.1, both Istio control plane and data plane now use distroless images compliant with Federal Information Processing Standards (FIPS). Solo provides the FIPS-certified images. To learn more, read about Distroless FIPS-compliant Istio.

Istio upgraded to 1.12.3

With this release, we upgraded Istio from 1.11.4 to 1.12.3. For more details on the introduced changes, read the official Istio 1.12.3 release notes.

Istio refactored

With Kyma 2.1, we improved the Istio component, splitting it into two charts: istio (previously istio-configuration) and istio-resources. The Istio component, with the istio chart, is now solely responsible for pure Istio installation. The istio-resources chart includes Kyma-specific configuration, and it is not a prerequisite for Kyma.

2.1.0 (2022-03-25)

Security

• #13712 Adjust default refresh time and time picker for istio dashboards back to kyma defaults (@a-thaler)

Service Mesh

• #13712 Adjust default refresh time and time picker for istio dashboards back to kyma defaults (@a-thaler)

Monitoring

• #13712 Adjust default refresh time and time picker for istio dashboards back to kyma defaults (@a-thaler)

Documentation

• #13728 Add links to the resources listed in the Migration Guide for Kyma 2.1 (@majakurcius)

Committers: 3

• Andreas Thaler (@a-thaler)
• Kamil Kasperski (@Ressetkk)
• Maja Kurcius (@majakurcius)

2.1.0-rc1 (2022-03-22)

Application Connector

• #13171 Proxy the X-Forwarded-* headers (@mvshao)
• #12257 Gateway skip verify in Application CR (@koala7659)
• #13170 Add a workspace prefix to the AC dockerfiles (@franpog859)
• #13076 Bump Application Connector golang runtime to 1 17 6 (@franpog859)
• #13061 Fix central-application-connectivity-validator legacy gatewayName in VirtualService (@mjakobczyk)
• #12903 Bump CRA (@franpog859)
• #12876 Add managed-by label to apps and configmap to skr (@franpog859)
• #12877 Add SKR configmap to CRA chart (@franpog859)
• #12800 Bump Application Connector images (@franpog859)
• #12786 Simplify App Conn tutorials some more (@majakurcius)
• #12721 Tests for CRUD operations on application services (@mvshao)
• #12465 Adjust Application Connectivity docs to Kyma 2.0, pt.2 (@majakurcius)
• #12470 Fix Application Mapping CRD (@franpog859)
• #12396 Update the Runtime Agent guide to reflect changes to Kyma installation (@majakurcius)
• #12294 Deleted deprecated Runtime API in Connector Service (@mvshao)
• #12324 Remove Application Connector CRDs from deprecated location (@franpog859)
• #12322 Update Application CRD (@franpog859)
• #12181 Add Central Gateway URL to the Application CustomResource using Application Registry (@franpog859)
• #12148 Migrate Application Connector requirements.yaml to Chart.yaml (@rafalpotempa)
• #12116 Fix fast integration tests with central app gateway failing (@franpog859)
• #11952 Update CODEOWNERS with Central Application Connectivity charts (@rafalpotempa)
• #11881 Upgrade dependencies in Application Operator (@rafalpotempa)
• #11846 Refactor central-application-connectivity-validator cache sync controller. (@everesio)
• #11845 Update the Application Connector chart documentation (@majakurcius)
• #11676 Add Central Connectivity Validator fast integration tests (@rafalpotempa)
• #11778 Fix a typo in the central_application_connectivity_validator parameter name (@majakurcius)
• #11728 Add liveness and readiness probes to application-operator (@skhalash)
• #11631 Move Central Application Gateway and Central Connectivity Validator to kyma-system namespace (@franpog859)
• #11623 Replace satori/go.uuid with google/uuid in Application Registry (@rafalpotempa)
• #11591 Clean Application Operator dependencies up (@franpog859)

Serverless

• #13611 Grafana function dashboard broken (@a-thaler)
• #13495 Document the OpenTelemetry Tracer object in the context of the serverless runtimes (@pPrecel)
• #13348 Add tracing sdk to function runtimes (@pPrecel)
• #13516 Fix for CVE-2022-21698 for Function-Controller (@Cortey)
• #13263 Adding the missing Cloud Event attribute (@Cortey)
• #13309 Increase python39 concurrency defaults (@moelsayed)
• #13313 Dockerfile-lint-3-2 (@ammarlakis)
• #13292 Adjust resource configuration for "S" and "XS" profiles in the documentation (@pPrecel)
• #13060 Use the latest Kaniko image (@pPrecel)
• #12759 Replace PR tags for the serverless and the rafter components (@pPrecel)
• #12339 Remove minikube from svls (@NHingerl)
• #12079 Fix the serverless-long test (@pPrecel)
• #11980 Replace all PR tags in the serverless chart (@pPrecel)
• #11968 Disable buffering in python runtimes (@pPrecel)
• #11879 Add OAuth2 secured API Rule to fast-integration tests (@tgorgol)
• #11697 Allow for easy back-channel communication from function to eventing backend (@pPrecel)
• #11752 Document easy back-channel communication from function to eventing backend (@pPrecel)
• #11744 Add missing liveness/readiness probes to serverless pods (@skhalash)
• #11708 Fix Serverless admission webhook (@tgorgol)
• #11666 Update wookiees codeowners (@pPrecel)
• #11612 Migrate serverless admission webhooks to v1 (@tgorgol)

Service Catalog

• #13536 fixing broken link after cleaning cluster-essentials (@strekm)
• #13065 Fix Helm Broker port names in services to comply with Istio convention (@mjakobczyk)

Eventing

• #13678 Update Eventing images (@marcobebway)
• #13651 Update Eventing images (@marcobebway)
• #13648 Update golang version for Eventing components (@marcobebway)
• #13645 Upgrade nats from 2.6.4 to 2.7.4 (@nachtmaar)
• #13644 Improve Eventing documentation for Event type cleanup (@marcobebway)
• #13642 Update docs for the Event name format (@marcobebway)
• #13626 Add nats config reloader (@nachtmaar)
• #13608 Support CloudEvents type cleanup while publishing (@marcobebway)
• #13605 Improve JetStream Helm chart naming and doc (@pxsalehi)
• #13247 Non-functional improvements in event-publisher-proxy (documentation, testing) (@nachtmaar)
• #13585 Add comments and documentation for JetStream environment variables (@pxsalehi)
• #13549 Refactor Event publisher proxy tests (@marcobebway)
• #13558 upgrade nats package in eventing-controller (@FriedrichWilken)
• #13523 Refactor Event publisher NATS sender and connection (@marcobebway)
• #13511 Allow JetStream stream configuration (@pxsalehi)
• #13120 Implement readiness probe for NATS publisher based on connection status of NATS server(s) (@marcobebway)
• #13521 Rename BEB test file and package (@pxsalehi)
• #13505 remove var name and import name collisions (@FriedrichWilken)
• #13494 Minor refactoring of the NATS backend (@pxsalehi)
• #13464 Add Stream initialization to JetStream backend (@pxsalehi)
• #13405 Always wait for subscriptions in Eventing tests (@pxsalehi)
• #13394 Clear subscription status in JetStream reconciler (@pxsalehi)
• #13352 Do not explicitly use a cache in the reconciler (@pxsalehi)
• #13351 Refactor http client (@k15r)
• #13259 Setup feature flag and scaffolding for a JetStream backend (@pxsalehi)
• #13330 Refactor eventing mock server (@k15r)
• #13314 Restructured BEB reconciler (@mfaizanse)
• #13324 Refactor tests NATS controller reconciler (@FriedrichWilken)
• #13315 Add unit tests to nats reconciler (@VladislavPaskar)
• #13248 fix various typos in eventing controller (@k15r)
• #13235 add cleanEventTypes to print columns (@FriedrichWilken)
• #13262 cleanup eventing controller code (@k15r)
• #13242 use functional options pattern in tests (@k15r)
• #13209 use httptest in subscriber (@k15r)
• #13188 Bring back missing tracing and monitoring tests (@VladislavPaskar)
• #13205 Subscriptions reconciliation should be requeued if subscription cannot be marked as ready (@pxsalehi)
• #13208 Remove flaky testDispatcherWithMultipleSubscribers (@pxsalehi)
• #13126 Improve nats reconciler when subscription filters are modified (@mfaizanse)
• #13189 Clean up NATS handler unit tests (@pxsalehi)
• #13070 Fix endless reconciliation calls (@radufa)
• #13172 use local envtest binaries (@k15r)
• #13050 Avoid the deletion of NATS-subscription at each reconciliation call (@mfaizanse)
• #13109 added config file to keep configs for SKR pre-submit (@mfaizanse)
• #12997 Retry reconciling subscriptions on NATS disconnect (@pxsalehi)
• #12488 clean event types (@FriedrichWilken)
• #12918 Fix NATS servers discovery (@marcobebway)
• #12920 Increase memory limit of eventing controller (@pxsalehi)
• #12883 Fix Eventing architecture diagram (@marcobebway)
• #12833 Fix endless reconciliation of the Publisher proxy deployment (@marcobebway)
• #12769 Preserve Eventing Publisher proxy deployment annotations after reconciliation (@marcobebway)
• #12781 implement mutex in bebmock subscriptions (@FriedrichWilken)
• #12811 eventing controller reconciler should validate only the host part in … (@johgoe)
• #12588 add support for SKR in eventing fast-integration tests (@mfaizanse)
• #12801 Bump eventing-controller image (@pxsalehi)
• #12797 Bump publisher proxy image (@pxsalehi)
• #12753 fix issues found by various linters (@k15r)
• #12648 Allow using different mock namespaces (@pxsalehi)
• #12723 update nats server to 2.6.5 (@k15r)
• #12701 remove nats-operator (@k15r)
• #12567 Add a new Condition for BEB Webhook callback status (@radufa)
• #12677 update eventing-controller dependency in event-publisher-proxy (@k15r)
• #12699 Removed unused reloader and exporter from NATS helm chart (@mfaizanse)
• #12637 Update Eventing images (@marcobebway)
• #12616 bump go version (@pxsalehi)
• #12312 fix the eventingReady status change right after the backend switch (@VladislavPaskar)
• #12553 Rename commander to subscription manager in eventing-controller (@pxsalehi)
• #12549 Small improvements to the eventing-controller dev setup (@pxsalehi)
• #12535 React to OAuth2 secret changes in the Eventing controller (@pxsalehi)
• #12441 Update event-subscriber dependencies (@pxsalehi)
• #12434 Update event publisher proxy dependencies (@pxsalehi)
• #12432 Update Eventing controller dependencies (@pxsalehi)
• #12420 Fix CVE-2021-25741 for Eventing components (@marcobebway)
• #12397 Add metric tests for eventing (@pxsalehi)
• #12189 Read eventTypePrefix from ConfigMap (@marcobebway)
• #12315 Upgrade CE-SDK to 2.5.0 in eventing-controller (@radufa)
• #12318 Upgrade CE-SDK to 2.5.0 in event-publisher-proxy (@radufa)
• #12283 address linting issues (@k15r)
• #12154 Fix event-publisher-proxy ha issue (@radufa)
• #12119 Add tests for CE dispatching on NATS (@radufa)
• #12170 Nats-operator image: upgrade to alpine:3.14.2 (@radufa)
• #12115 Move in-cluster eventing sub-test to the fixture (@pxsalehi)
• #12078 Upgrade nats-server to 2.2.4 (@radufa)
• #12085 Extend existing in-cluster eventing test in fast-integration (@pxsalehi)
• #12075 Fix nats-operator (@radufa)
• #12063 Add "check-code" for local publisher-proxy development (@radufa)
• #12056 Add lint for the local eventing-controller development (@radufa)
• #12050 Reconcile Kyma subscription if APIRule is updated/deleted (@pxsalehi)
• #12045 Cleanup the code referring to the OAuth usage in BEB subscriptions (@radufa)
• #12006 Fix event multiplexer pattern for NATS (@radufa)
• #11993 Rely on OAuth2Client CR in the Helm chart (@pxsalehi)
• #11920 Fix nats-operator (@marcobebway)
• #11807 Recreate BEB subscription if it was deleted from BTP side (@radufa)
• #11733 Use timeout on channel read (@pxsalehi)
• #11621 Use Nats queue subscriptions (@radufa)
• #11419 Update fast-integration test to support switching Eventing backends (@marcobebway)
• #11651 Enhance Eventing controller logs (@marcobebway)
• #11634 Optimze HTTP header access in test (@themue)
• #11655 Use the same version of the OAuth2Client CRD as installation (@pxsalehi)
• #11610 Deduplicate subscription filters (@pxsalehi)
• #11527 Remove isBEBEnabled flag (@marcobebway)
• #11574 Update external crd for eventing controller (@pxsalehi)
• #11507 Dynamic oauth2client creation (@pxsalehi)

Security

• #13019 istio running on solo fips distroless images (@strekm)
• #12873 Update security-related tutorial (@mmitoraj)
• #12842 Ory troubleshooting guide (@mmitoraj)
• #12785 Adjust Ory replicaCount with the HPA in the Helm templates (@cnvergence)
• #12700 Move dependencies section to the Chart definition in Oathkeeper (@mjakobczyk)
• #12611 Replace the registry component (@pPrecel)
• #12618 Update Ory oath2clients CRD (@cnvergence)
• #12577 Bump Ory components to the latest versions (@cnvergence)
• #12580 Upgrade serverless components (@pPrecel)
• #12578 upgrade kaniko version (@pPrecel)
• #12571 Remove unused minio_client image from the values file (@pPrecel)
• #12570 Update minio image (@pPrecel)
• #12506 added kyma disclaimer to istio svc & po (@strekm)
• #12559 Fix security issues in the context of the rafter image (@pPrecel)
• #12313 Updated auth doc (@mmitoraj)
• #12420 Fix CVE-2021-25741 for Eventing components (@marcobebway)
• #11834 remove jobs from certificates component (@strekm)
• #11861 Replacing Dex with Ory Hydra login and consent app in api-gateway tests (@cnvergence)
• #11890 Bump text and websocket packages (@dariadomagala)
• #11883 Add health probe endpoint to api-gateway (@cnvergence)
• #11881 Upgrade dependencies in Application Operator (@rafalpotempa)
• #11623 Replace satori/go.uuid with google/uuid in Application Registry (@rafalpotempa)
• #11535 Change insensitive terms into their inclusive alternatives (@cnvergence)

Service Mesh

• #13606 Remove Istio-configuration chart (@cnvergence)
• #13603 Rename istio-configuration to istio in components.yaml (@cnvergence)
• #13551 Prepare Istio Helm Chart renaming (@cnvergence)
• #13229 bump istio to 1.12.3 (@piotrkpc)
• #13177 Istio refactoring docu (@mmitoraj)
• #13133 adding istio resources to dedicated component (@strekm)
• #13123 istio-resources component (@strekm)
• #13048 Add README.md for Istio Configuration (@mmitoraj)
• #13031 update docu on istio specific conf in kyma (@strekm)
• #13044 istio-configuration clean up (@strekm)
• #13032 istio-configuration clean up (@strekm)
• #13019 istio running on solo fips distroless images (@strekm)
• #12874 Upgrade Kiali to 1.44 (@skhalash)
• #12640 Remove unnecessary helm values from profiles in istio-configuration component (@Tomasz-Smelcerz-SAP)
• #12506 added kyma disclaimer to istio svc & po (@strekm)
• #12361 Move deprecated Istio proxy config (@cnvergence)
• #12092 authproxy must not forward host header for istio routing (@a-thaler)
• #12055 kiali not working with istio 1.11 - update kiali to 1.38.1 (@a-thaler)
• #11979 Istio-configuration helm chart fixes (@cnvergence)
• #11965 Upgrade Istio to 1.11.1 (@cnvergence)
• #11964 Upgrade Istio Installer to 1.11.1 (@cnvergence)
• #11702 IstioOperator Helm chart for Kyma 2.0 (@cnvergence)
• #11689 Clean-up default and not-used values of Istio Operator (@cnvergence)
• #11560 upgrade Kiali to 1.36 (@a-thaler)

Installation

• #13622 remove kyma 1 related resources (@strekm)
• #13527 removing CRDs from cluster-essentials (@strekm)
• #13133 adding istio resources to dedicated component (@strekm)
• #13123 istio-resources component (@strekm)
• #13019 istio running on solo fips distroless images (@strekm)
• #12352 Cleaning cluster-users (@strekm)
• #12220 bump gce-proxy in ORY chart (@strekm)
• #11834 remove jobs from certificates component (@strekm)
• #11810 Fix Kyma operator (@cnvergence)
• #11809 Helm wait fix (@cnvergence)

Monitoring

• #13611 Grafana function dashboard broken (@a-thaler)
• #13579 update to kiwigrid sidecar 1.15.7 (@a-thaler)
• #13318 Run observability tests in upgrade tests (@shorim)
• #13474 Reduce auth-proxy cookie expire time (@chrkl)
• #13444 Bump k8s-sidecar image (@chrkl)
• #13385 Remove obsolete Kyma dashboards (@chrkl)
• #13389 monitoring tutorial deploys servicemonitor to custom namespace (@a-thaler)
• #13382 update to grafana 7.5.15 (@a-thaler)
• #13317 Fix kyma grafana dashboards (@skhalash)
• #13257 Exclude cert expiration alert in monitoring tests (@skhalash)
• #13124 improve Kiali exposure instructions (@NHingerl)
• #13165 Bump oauth2 proxy (@skhalash)
• #13162 update to grafana 7.5.13 (@a-thaler)
• #13037 Upgrade kube state metrics (@rakesh-garimella)
• #13038 Upgrade prometheus node exporter (@rakesh-garimella)
• #13034 Upgrade pushgateway chart to 1.14 (@skhalash)
• #12880 update grafana to 7.5.12 (@a-thaler)
• #12768 Make observability tests part of standard test suite (@lindnerby)
• #12792 Improved docu for mTLS scrape setup (@a-thaler)
• #12760 Restore Istio PeerAuthentications (with strict mode) (@skhalash)
• #12749 disable alertmanager grafana dashboard if alertmanager is deactivated (@a-thaler)
• #12739 Add permissive mTLS policy for Fluent Bit (@skhalash)
• #12724 update oauth2-proxy to 7.2 (@a-thaler)
• #12659 removed resourceSelector workaround from monitoring chart (@a-thaler)
• #12395 Add higher level of retries for monitoring tests (@shorim)
• #12369 Fix communication between prometheus and alertmanager (@skhalash)
• #12340 fixed problems with extraPort rendering (@a-thaler)
• #12300 cleanup for observability charts (@a-thaler)
• #12278 Remove axios-retry (@shorim)
• #12043 Update Prometheus Alertmanager to Version 0.23.0 (@jeremyharisch)
• #12028 security update of several images (@a-thaler)
• #11771 made kubelet alert rule resilient to muliple kubelet scrapeconfigs (@a-thaler)
• #11735 Add liveness and readiness probes to prometheus operator (@skhalash)
• #11712 Add readiness probes to OAuth2 proxies (@skhalash)
• #11594 Upgrade Grafana to latest Apache licensed version (@elchead)

Logging

• #13690 change the PR-image (@rakesh-garimella)
• #13539 update to fluent-bit 1.18.13 (@a-thaler)
• #13318 Run observability tests in upgrade tests (@shorim)
• #13392 wrong memory/cpu consumption in loki dashboard (@a-thaler)
• #13254 Modify Loki labelMap (@shorim)
• #13210 update to fluent-bit 1.8.12 (@a-thaler)
• #13091 configurable option for fluent-bit tail inotify_watcher setting (@a-thaler)
• #12861 updated fluent bit to 1.8.11 (@a-thaler)
• #12704 Document Loki and Prometheus limits (@NHingerl)
• #12739 Add permissive mTLS policy for Fluent Bit (@skhalash)
• #12660 update fluent-bit to 1.8.10 (@a-thaler)
• #12630 Increase maxUnavailable count for DaemonSets (@chrkl)
• #12554 enable containerd support in fluent-bit, enable new multiline feature (@a-thaler)
• #12510 update fluent-bit to 1.8.9 (@a-thaler)
• #12500 Update threshold for audit events (@shorim)
• #12463 update fluent-bit to 1.8.8 (@a-thaler)
• #12300 cleanup for observability charts (@a-thaler)
• #12278 Remove axios-retry (@shorim)
• #12232 removed trailing spaces in fluent-bit config (@a-thaler)
• #12133 updated fluent-bit to 1.8.7 (@a-thaler)
• #12083 have lokis removeKeys attribute overridable (@a-thaler)
• #12028 security update of several images (@a-thaler)
• #11983 upgrade to fluent-bit 1.8 (@a-thaler)
• #11947 Move telemetry operator to the rest of the charts (@skhalash)
• #11901 telemetry helm chart (@shorim)
• #11680 added a psp specific for fluent-bit (@a-thaler)
• #11657 Restrict fluent-bit pod permissions (@elchead)
• #11577 upgrade to loki 2.2.1 (@a-thaler)

Tracing

• #13238 Update jaeger images to 1.30.0 (@rakesh-garimella)
• #13175 Fix Tracing port names in services to comply with Istio convention (@mjakobczyk)
• #13165 Bump oauth2 proxy (@skhalash)
• #12915 Update tracing charts to jaeger 1.29 (@rakesh-garimella)
• #12724 update oauth2-proxy to 7.2 (@a-thaler)
• #12300 cleanup for observability charts (@a-thaler)
• #12280 Enabled non-mtls support for pushing traces (@a-thaler)
• #12194 kiali cannot reach jaeger - enable sidecar for kiali (@a-thaler)
• #12092 authproxy must not forward host header for istio routing (@a-thaler)
• #11712 Add readiness probes to OAuth2 proxies (@skhalash)
• #11677 fixed jaeger CRD schema (@a-thaler)

Console

• #11898 Remove PR image for CBS (@dariadomagala)
• #11890 Bump text and websocket packages (@dariadomagala)

Documentation

• #13668 add natural lg in overview, technical references, resources and tests (@grego952)
• #13514 improve backup instructions (@NHingerl)
• #13647 add natural lg in overview, tutorials and operation guides (@grego952)
• #13643 Add the definition for Application to the Glossary (@majakurcius)
• #13634 Natural language in kyma\components (@grego952)
• #13624 Update the Application Gateway docs to say X-forwarded-* headers are proxied, not removed (@majakurcius)
• #13495 Document the OpenTelemetry Tracer object in the context of the serverless runtimes (@pPrecel)
• #13552 Fix a broken link to the functions.serverless.kyma-project.io CRD (@majakurcius)
• #13536 fixing broken link after cleaning cluster-essentials (@strekm)
• #13529 Link to linux troubleshoot (@NHingerl)
• #12957 Add tutorial on using BTP service operator (@klaudiagrz)
• #13512 Consistency in Application Connectivity docs (@VOID404)
• #13389 monitoring tutorial deploys servicemonitor to custom namespace (@a-thaler)
• #13248 fix various typos in eventing controller (@k15r)
• #12840 Re-add the Disable TLS certificate verification tutorial (@majakurcius)
• #13177 Istio refactoring docu (@mmitoraj)
• #13124 improve Kiali exposure instructions (@NHingerl)
• #13112 Add hint about event cleanup to Subscription doc (@alexandra-simeonova)
• #13078 Add grego952 to documentation CODEOWNERS in Kyma (@majakurcius)
• #13048 Add README.md for Istio Configuration (@mmitoraj)
• #13031 update docu on istio specific conf in kyma (@strekm)
• #13027 Remove the migration script from main (@klaudiagrz)
• #12952 Add a troubleshooting guide about a misconfigured resource (@mmitoraj)
• #12934 Troubleshooting guide for gateway not reachable (@raypinto)
• #12896 fix in the trigger-workload-with-event.md (@grego952)
• #12883 Fix Eventing architecture diagram (@marcobebway)
• #12873 Update security-related tutorial (@mmitoraj)
• #12765 Update Eventing documentation (@alexandra-simeonova)
• #12842 Ory troubleshooting guide (@mmitoraj)
• #12855 Fix link to function.yaml (@mmitoraj)
• #12828 fix components yaml sample (@NHingerl)
• #12818 remove old version from CLI installation (@NHingerl)
• #12815 Remove the migration guide from main (@klaudiagrz)
• #12799 Fix the titles of the "Revoke a client cert" tutorials (@majakurcius)
• #12795 Fix the link to the migration script (@klaudiagrz)
• #12794 remove 404 link (@NHingerl)
• #12654 Add Kyma 2.0 migration guide (@mmitoraj)
• #12792 Improved docu for mTLS scrape setup (@a-thaler)
• #12786 Simplify App Conn tutorials some more (@majakurcius)
• #12784 Include email scope in the oauth2-proxy setup documentation (@kwiatekus)
• #12704 Document Loki and Prometheus limits (@NHingerl)
• #12747 Update the k3d version in Prerequisites for Kyma installation and Get Started (@majakurcius)
• #12737 Fix a broken link (@klaudiagrz)
• #12716 correct steps for Busola Dashboard in Get Started (@grego952)
• #12662 change in glossary.md and quick-install.md (@grego952)
• #12465 Adjust Application Connectivity docs to Kyma 2.0, pt.2 (@majakurcius)
• #12546 Add a caution note (@mmitoraj)
• #12574 Fix a typo (@klaudiagrz)
• #12520 Fix broken links (@mmitoraj)
• #12458 Updated docs about certificates (@mmitoraj)
• #12490 Fix Eventing architecture documentation (@alexandra-simeonova)
• #12425 Fix broken link (@NHingerl)
• #12364 first draft fritzbox troubleshooting (@NHingerl)
• #12485 Change "Tutorials" into "Developer Tutorials" (@klaudiagrz)
• #12477 update k3d docs: revert to v4 (@NHingerl)
• #12313 Updated auth doc (@mmitoraj)
• #12379 Fix typo in Kyma docs (@alexandra-simeonova)
• #12359 K3d update: v5 (@NHingerl)
• #12357 remove docker image docs with minikube (@NHingerl)
• #12351 Remove the definite article from components names (@mmitoraj)
• #12350 Update the commands to run Kyma Dashboard in the documentation (@majakurcius)
• #12339 Remove minikube from svls (@NHingerl)
• #12334 Fix dead links (@alexandra-simeonova)
• #12331 remove tutorial to use Kyma CLI as kubectl plugin (@NHingerl)
• #12299 add sub-headlines (@NHingerl)
• #12277 fix broken links from kyma-governance-nightly (@NHingerl)
• #12276 review CLI docs (@NHingerl)
• #12273 kyma delete is now undeploy (@NHingerl)
• #12250 Fixed dead links (@mmitoraj)
• #12022 Fix a broken link (@klaudiagrz)
• #11960 Fix note on Kyma versions (@alexandra-simeonova)
• #11929 Add note about Kyma version support (@alexandra-simeonova)
• #11848 Remove the Migration Guide for Kyma 1.23 (@majakurcius)
• #11845 Update the Application Connector chart documentation (@majakurcius)
• #11843 fix broken link (@NHingerl)
• #11671 Fix links to Gardener documentation (@majakurcius)
• #11632 Fix links returning 404 error (@alexandra-simeonova)
• #11568 Use latest minio image (@tgorgol)

Community

• #13078 Add grego952 to documentation CODEOWNERS in Kyma (@majakurcius)

CI

• #13450 dependabot for epp (@k15r)
• #12648 Allow using different mock namespaces (@pxsalehi)
• #10839 Improve event-publisher-proxy build performance (@Halamix2)

Core and Supporting

• #11575 Upgrade The Rafter images (@pPrecel)

Committers: 85

• Adam Wałach (@adamwalach)
• Adrian Stobbe (@elchead)
• Aleksandra Simeonova (@alexandra-simeonova)
• Ali Khlifi (@khlifi411)
• Ammar Lakis (@ammarlakis)
• Andreas Thaler (@a-thaler)
• Andrzej Pankowski (@Cortey)
• Arkadiusz Galwas (@akgalwas)
• Benjamin Lindner (@lindnerby)
• Benjamin Somhegyi (@ebensom)
• Carina Kothe (@grischperl)
• Christoph Kleineweber (@chrkl)
• Christoph Voigt (@voigt)
• Damian Badura (@dbadura)
• Daniel Gospodinow (@danielgospodinow)
• Daria Domagała (@dariadomagala)
• Dennis Geiselmann (@dennis-ge)
• Filip Strózik (@pPrecel)
• Franciszek Pogodziński (@franpog859)
• Frank Mueller (@themue)
• Friedrich (@FriedrichWilken)
• Grzegorz Karaluch (@grego952)
• Jack Cheng (@life0215)
• Jan Mędrek (@janmedrek)
• Jan Wozniak (@wozniakjan)
• Jeremy Harisch (@jeremyharisch)
• Johannes Veicht (@veichtj)
• Kamil Kasperski (@Ressetkk)
• Kamil Sputo (@ksputo)
• Karol Szwaj (@cnvergence)
• Klaudia Grzondziel (@klaudiagrz)
• Korbinian Stoemmer (@k15r)
• Krystian Cieślik (@crabtree)
• Krzysztof Kwiatosz (@kwiatekus)
• Lilit Ghazaryan (@lilitgh)
• Magda Stręk (@strekm)
• Maja Kurcius (@majakurcius)
• Marcin Szwed (@szwedm)
• Marco Bebway (@marcobebway)
• Mariusz Szymański (@Maladie)
• Martin F (@gabel)
• Małgorzata Świeca (@mmitoraj)
• Michal Budzyn (@everesio)
• Michał 'Disper' Drzewiecki (@Disper)
• Michał Jakóbczyk (@mjakobczyk)
• Mohamed Elsayed (@moelsayed)
• Mostafa Shorim (@shorim)
• Muhammad Faizan (@mfaizanse)
• Nils Seip (@nachtmaar)
• Nina Hingerl (@NHingerl)
• Parth Sharma (@iamps5)
• Patryk Strugacz (@werdes72)
• Piotr Bochyński (@pbochynski)
• Piotr Halama (@Halamix2)
• Piotr Jasiak (@jasiu001)
• Piotr Kopec (@piotrkpc)
• Piotr Miśkiewicz (@piotrmiskiewicz)
• Piotr Wawrzyńczyk (@Wawrzyn321)
• Pooya Salehi (@pxsalehi)
• Pranav Shankar (@Pranav-SA)
• Przemek Pokrywka (@dekiel)
• Przemyslaw Golicz (@koala7659)
• Radu Fantaziu (@radufa)
• Rafal Foks (@mvshao)
• Rafał Jankowski (@rJankowski93)
• Rafał Potempa (@rafalpotempa)
• Rakesh Garimella (@rakesh-garimella)
• Raymond Pinto (@raypinto)
• Sayan Hazra (@sayanh)
• Stanislav Khalash (@skhalash)
• Thandayuthapani (@thandayuthapani)
• Till Knuesting (@tillknuesting)
• Tobias Schuhmacher (@tobiscr)
• Tomasz Gorgol (@tgorgol)
• Tomasz Smelcerz (@Tomasz-Smelcerz-SAP)
• Wojciech Nawa (@VOID404)
• Wojciech Sołtys (@Sawthis)
• Wojciech Wrzalik (@ralikio)
• Xin Ruan (@ruanxin)
• @VladislavPaskar
• @dariusztutaj
• @hamdymoussa
• @johgoe
• @szymon-nex
• marcin witalis (@m00g3n)