Skip to content

Commit

Permalink
Merge pull request #139 from sighupio/feat/release-v3.0.1
Browse files Browse the repository at this point in the history
feat/release v3.0.1
  • Loading branch information
sbruzzese902 authored Nov 25, 2024
2 parents d953f76 + 799abcd commit 3e5703a
Show file tree
Hide file tree
Showing 11 changed files with 1,670 additions and 1,319 deletions.
27 changes: 16 additions & 11 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
</h1>
<!-- markdownlint-enable MD033 -->

![Release](https://img.shields.io/badge/Latest%20Release-v2.3.3-blue)
![Release](https://img.shields.io/badge/Latest%20Release-v3.0.1-blue)
![License](https://img.shields.io/github/license/sighupio/fury-kubernetes-ingress?label=License)
![Slack](https://img.shields.io/badge/slack-@kubernetes/fury-yellow.svg?logo=slack&label=Slack)

Expand Down Expand Up @@ -51,15 +51,20 @@ Kubernetes Fury Ingress provides the following packages:

| Kubernetes Version | Compatibility | Notes |
| ------------------ | :----------------: | --------------- |
| `1.26.x` | :white_check_mark: | No known issues |
| `1.27.x` | :white_check_mark: | No known issues |
| `1.28.x` | :white_check_mark: | No known issues |
| `1.29.x` | :white_check_mark: | No known issues |
| `1.30.x` | :white_check_mark: | No known issues |
| `1.31.x` | :white_check_mark: | No known issues |

Check the [compatibility matrix][compatibility-matrix] for additional information on previous releases of the module.

## Usage

> [!NOTE]
> Instructions below are for deploying the module using furyctl legacy, that required manual intervention.
>
> Latest versions of furyctl automate the whole process and it is recommended to use the latest version of furyctl instead.
### Prerequisites

| Tool | Version | Description |
Expand Down Expand Up @@ -118,9 +123,9 @@ To deploy the `cert-manager` package:
```yaml
bases:
- name: ingress/dual-nginx
version: "v2.3.3"
version: "v3.0.1"
- name: ingress/cert-manager
version: "v2.3.3"
version: "v3.0.1"
```
2. Execute `furyctl vendor -H` to download the packages
Expand Down Expand Up @@ -179,7 +184,7 @@ Single Ingress:
```yaml
bases:
- name: ingress/nginx
version: "v2.3.3"
version: "v3.0.1"
```

Dual Ingress:
Expand All @@ -189,9 +194,9 @@ Dual Ingress:
```yaml
bases:
- name: ingress/nginx
version: "v2.3.3"
version: "v3.0.1"
- name: ingress/dual-nginx
version: "v2.3.3"
version: "v3.0.1"
```

> See `furyctl` [documentation][furyctl-repo] for additional details about `Furyfile.yml` format.
Expand Down Expand Up @@ -263,11 +268,11 @@ To deploy the `forecastle` package:
```yaml
bases:
- name: ingress/dual-nginx
version: "v2.3.3"
version: "v3.0.1"
- name: ingress/cert-manager
version: "v2.3.3"
version: "v3.0.1"
- name: ingress/forecastle
version: "v2.3.3"
version: "v3.0.1"
```

2. Execute `furyctl legacy vendor -H` to download the packages
Expand Down
3 changes: 2 additions & 1 deletion docs/COMPATIBILITY_MATRIX.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# Compatibility Matrix

| Module Version / Kubernetes Version | 1.23.X | 1.24.X | 1.25.X | 1.26.X | 1.27.X | 1.28.X | 1.29.X | 1.30.X | 1.31.X |
| Module Version / Kubernetes Version | 1.23.X | 1.24.X | 1.25.X | 1.26.X | 1.27.X | 1.28.X | 1.29.X | 1.30.X | 1.31.X |
|-------------------------------------|--------------------|--------------------|--------------------|--------------------|--------------------|--------------------|--------------------|--------------------|--------------------|
| v2.0.0 | :white_check_mark: | :white_check_mark: | :white_check_mark: | | | | | | |
| v2.1.0 | | :white_check_mark: | :white_check_mark: | :white_check_mark: | | | | | |
Expand All @@ -10,6 +10,7 @@
| v2.3.2 | | | | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: |
| v2.3.3 | | | | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: |
| v3.0.0 | | | | | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: |
| v3.0.1 | | | | | | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: |

:white_check_mark: Compatible

Expand Down
49 changes: 49 additions & 0 deletions docs/releases/v3.0.1.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,49 @@
# Kubernetes Fury Ingress Core Module Release 3.0.1

Welcome to the latest release of `Ingress` module of [`Kubernetes Fury Distribution`](https://github.com/sighupio/fury-distribution) maintained by team SIGHUP.

This is a maintenance release including:

- A fix to the NGINX Grafana dashboard to make it compatible with the latest version of the monitoring module.
- A fix to the NGINX Prometheus Rule to correctly target the new Service.
- Improves the securityContext for Forecastle, making it compliant with the `restricted` Pod Security Standard.

## Component versions 🚢

| Component | Supported Version | Previous Version |
| ------------------ | ---------------------------------------------------------------------------------------- | ---------------- |
| `cert-manager` | [`v1.16.1`](https://github.com/jetstack/cert-manager/releases/tag/v1.16.1) | `No update` |
| `external-dns` | [`v0.15.0`](https://github.com/kubernetes-sigs/external-dns/releases/tag/v0.15.0) | `No update` |
| `forecastle` | [`v1.0.145`](https://github.com/stakater/Forecastle/releases/tag/v1.0.145) | `No update` |
| `nginx` | [`v1.11.3`](https://github.com/kubernetes/ingress-nginx/releases/tag/controller-v1.11.3) | `No update` |
| `aws-cert-manager` | N.A. | `No update` |
| `aws-external-dns` | N.A. | `No update` |

> Please refer the individual release notes to get a more detailed information on each release.
## Upgrade Guide 🦮

> ⚠️ **WARNING**
>
> The previous release (`v3.0.0`) contains breaking changes that can break your installation.
>
> Please read carefully the [release notes for v3.0.0][v300-rn] before upgrading to this version if you are upgrading from versions < v3.0.0.
<!-- spacer -->

> ℹ️ **INFO**
>
> This update guide is for users of the module and not of the Distribution or users still on furyctl legacy.
> If you are a KFD user, the update is performed automatically by furyctl.
### Process

To upgrade this core module from `v3.0.0` to `v3.0.1`, you need to download this new version and apply the instructions below.

```bash
kustomize build <your-project-path> | kubectl apply -f - --server-side
```

For the Terraform modules, run `terraform init -upgrade`, then apply the new version.

[v300-rn]: https://github.com/sighupio/fury-kubernetes-ingress/blob/main/docs/releases/v3.0.0.md
4 changes: 2 additions & 2 deletions katalog/cert-manager/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -33,9 +33,9 @@ To deploy the `cert-manager` package:
```yaml
resources:
- name: ingress/dual-nginx
version: "v2.3.3"
version: "v3.0.1"
- name: ingress/cert-manager
version: "v2.3.3"
version: "v3.0.1"
```
2. Execute `furyctl legacy vendor -H` to download the packages
Expand Down
4 changes: 2 additions & 2 deletions katalog/dual-nginx/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -33,9 +33,9 @@ Ingress NGINX Double is deployed with the following default configuration:
```yaml
bases:
- name: ingress/nginx
version: "v2.3.3"
version: "v3.0.1"
- name: ingress/dual-nginx
version: "v2.3.3"
version: "v3.0.1"
```
> See `furyctl` [documentation][furyctl-repo] for additional details about `Furyfile.yml` format.
Expand Down
2 changes: 1 addition & 1 deletion katalog/external-dns/base/kustomization.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -14,4 +14,4 @@ resources:
images:
- name: registry.k8s.io/external-dns/external-dns
newName: registry.sighup.io/fury/external-dns/external-dns
newTag: 0.15.0
newTag: v0.15.0
5 changes: 5 additions & 0 deletions katalog/nginx/MAINTENANCE.md
Original file line number Diff line number Diff line change
Expand Up @@ -91,3 +91,8 @@ diff current-release.yaml new-release.yaml
go install github.com/google/[email protected]
addlicense -c "SIGHUP s.r.l" -y "2017-present" -v -l bsd .
```

## Updata Grafana Dashboards

check the grafana dashboard in this path: `deploy/grafana/dashboards/nginx.json` of the upstream repository
compare the upstream with the current one, and update it if is needed.
10 changes: 5 additions & 5 deletions katalog/nginx/MAINTENANCE.values.yml
Original file line number Diff line number Diff line change
Expand Up @@ -55,9 +55,9 @@ controller:
description: 'NGINX Ingress Controller has disapperead from Prometheus
target discovery.'
doc: "This alert fires if Promethes target discovery was not able to
reach ingress-nginx-metrics in the last 15 minutes."
reach ingress-nginx-controller-metrics in the last 15 minutes."
expr: |
absent(up{job="ingress-nginx-metrics"} == 1)
absent(up{job="ingress-nginx-controller-metrics"} == 1)
for: 15m
labels:
severity: critical
Expand All @@ -82,7 +82,7 @@ controller:
doc: "This alert fires if the ingress' configuration reload failed in
the last 10 minutes."
expr: |
nginx_ingress_controller_config_last_reload_successful{job="ingress-nginx-metrics"} == 0
nginx_ingress_controller_config_last_reload_successful{job="ingress-nginx-controller-metrics"} == 0
for: 10m
labels:
severity: warning
Expand Down Expand Up @@ -115,7 +115,7 @@ controller:
doc: "This alert fires if the certificate for a given host is expiring
in less than 7 days."
expr: |
(avg(nginx_ingress_controller_ssl_expire_time_seconds{job="ingress-nginx-metrics"}) by (host) - time()) < 604800
(avg(nginx_ingress_controller_ssl_expire_time_seconds{job="ingress-nginx-controller-metrics"}) by (host) - time()) < 604800
labels:
severity: warning
- alert: NginxIngressCertificateExpiration
Expand All @@ -125,7 +125,7 @@ controller:
doc: "This alert fires if the certificate for a given host is expiring
in less than 1 days."
expr: |
(avg(nginx_ingress_controller_ssl_expire_time_seconds{job="ingress-nginx-metrics"}) by (host) - time()) < 86400
(avg(nginx_ingress_controller_ssl_expire_time_seconds{job="ingress-nginx-controller-metrics"}) by (host) - time()) < 86400
labels:
severity: critical
config:
Expand Down
2 changes: 1 addition & 1 deletion katalog/nginx/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ Ingress NGINX single is deployed with the following default configuration:
```yaml
bases:
- name: ingress/nginx
version: "v2.3.3"
version: "v3.0.1"
```
> See `furyctl` [documentation][furyctl-repo] for additional details about `Furyfile.yml` format.
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -26,9 +26,9 @@ spec:
- alert: NginxIngressDown
annotations:
description: NGINX Ingress Controller has disapperead from Prometheus target discovery.
doc: This alert fires if Promethes target discovery was not able to reach ingress-nginx-metrics in the last 15 minutes.
doc: This alert fires if Promethes target discovery was not able to reach ingress-nginx-controller-metrics in the last 15 minutes.
expr: |
absent(up{job="ingress-nginx-metrics"} == 1)
absent(up{job="ingress-nginx-controller-metrics"} == 1)
for: 15m
labels:
severity: critical
Expand All @@ -48,7 +48,7 @@ spec:
description: Reloading NGINX Ingress' configuration has failed for {{ $labels.namespace }}/{{ $labels.pod }}.
doc: This alert fires if the ingress' configuration reload failed in the last 10 minutes.
expr: |
nginx_ingress_controller_config_last_reload_successful{job="ingress-nginx-metrics"} == 0
nginx_ingress_controller_config_last_reload_successful{job="ingress-nginx-controller-metrics"} == 0
for: 10m
labels:
severity: warning
Expand All @@ -75,14 +75,14 @@ spec:
description: NGINX Ingress certificate for host {{ $labels.host }} is expiring in less than 7 days.
doc: This alert fires if the certificate for a given host is expiring in less than 7 days.
expr: |
(avg(nginx_ingress_controller_ssl_expire_time_seconds{job="ingress-nginx-metrics"}) by (host) - time()) < 604800
(avg(nginx_ingress_controller_ssl_expire_time_seconds{job="ingress-nginx-controller-metrics"}) by (host) - time()) < 604800
labels:
severity: warning
- alert: NginxIngressCertificateExpiration
annotations:
description: NGINX Ingress certificate for host {{ $labels.host }} is expiring in less than 1 days.
doc: This alert fires if the certificate for a given host is expiring in less than 1 days.
expr: |
(avg(nginx_ingress_controller_ssl_expire_time_seconds{job="ingress-nginx-metrics"}) by (host) - time()) < 86400
(avg(nginx_ingress_controller_ssl_expire_time_seconds{job="ingress-nginx-controller-metrics"}) by (host) - time()) < 86400
labels:
severity: critical
Loading

0 comments on commit 3e5703a

Please sign in to comment.