Not so long ago in a galaxy not so far away, there was a friendly kingdom of Kyma-land ruled by king Kyma the Wise. The king once said: “It is time to improve our kingdom so that we all can lead even happier lives”. As the king had never made an empty promise, he introduced many features, such as a complete setup of the Istio metrics, Istio upgrade to 1.13.2, overriding Function runtime image and improved Eventing backend custom resource (CR) status. Read more if you want to learn about other ideas the king came up with!
See the overview of all changes in this release:
- API Gateway - ORY stack deprecation
- CLI - Removed support for Kyma 1.x
- Eventing - Improved Eventing backend CR status
- Observability - Improved documentation on monitoring limitations, cleanup of rules and dashboards, complete Istio metrics, minor upgrade of Fluent Bit, minor upgrade of Kiali
- Serverless - Overrides for the Function runtime image
- Service Mesh - Revert to distroless Istio images provided by Istio, Istio upgraded to 1.13.2
Due to the growing demand for a closer integration with our Service Mesh Istio implementation, we decided to gradually switch from the current implementation behind Kyma API Gateway (ORY Hydra and ORY Oathkeeper) to Authentication and Authorization features that Istio provides out of the box. With this change, we introduce more options in terms of configuration, flexibility, and performance to our customers. Additionally, we want to keep the Kyma stack as lean as possible.
The changes will be introduced gradually. We plan to provide as much automated migration as possible to ensure the smooth growth of Kyma API Gateway. This is just initial information, no action is required.
As announced in the Kyma 2.0 release notes, starting from the version 2.2, Kyma CLI no longer supports Kyma 1.x versions. All the deprecated commands have been removed and are no longer available:
kyma install: Kyma 2.x equivalent is
kyma upgrade: Kyma 2.x equivalent is
kyma console: Kyma 2.x equivalent is
kyma provision minikube: Kyma 2.x equivalent is
kyma provision k3d
We have made the Eventing backend CR status more verbose. We've replaced two of the three booleans,
subscriptionControllerReady, with the Kubernetes conditions. The
eventingReady boolean remains unchanged.
We added a new section outlining the limits of the shipped monitoring stack running on the production profile with the default settings. Read Monitoring limitations for more information.
We've continued to clean up Prometheus rules and Grafana dashboards. Several rules for Kubernetes introduced by Kyma itself have been removed, as they overlapped with the community-based rules. With that, the monitoring chart is fully based on the rules provided by the community upstream chart. Also, one more Kubernetes-related Grafana dashboard called Kyma / Pods has been removed, as it overlapped with the existing dashboards.
The Istio metrics setup, coming with the Kyma monitoring feature, now follows the approach recommended by Istio and provides all Istio metrics as aggregations over workload. Read Observability Best Practices for more information.
The Fluent Bit log collector, included in the Kyma logging stack, has been updated to the 1.9 release series. It brings major improvements in stability and performance.
Kiali has been upgraded to version 1.49 and is fully supporting Istio 1.13.
We've extended the definition of the Function CR. Now you can override the base image of the Serverless runtime with a custom Docker image.
You may need this feature if you want to build your Functions on top of a runtime with tooling that is not included in the default Alpine-based runtime (for example, the GCC compiler).
Remember that, if you use a custom base image for your Functions, you are responsible for scanning and assessing any potential risks related to commonly known vulnerabilities that are potentially exploitable.
With the 2.2 Kyma release, both Istio control plane and data plane again use distroless images provided by Istio.
We've upgraded Istio from 1.12.3 to 1.13.2. For more details on the introduced changes, read the official Istio 1.13.2 release notes.