Skip to content

Preview v3.0.0-rc.0

Pre-release
Pre-release
Compare
Choose a tag to compare
@SIGHUP-C-3PO SIGHUP-C-3PO released this 07 Nov 11:11
· 12 commits to main since this release

Kubernetes Fury Ingress Core Module Release 3.0.0

Welcome to the latest release of Ingress module of Kubernetes Fury Distribution maintained by team SIGHUP.

⚠️ This release contains major changes that can break your installation. Please read carefully before upgrading.

This release adds support for Kubernetes 1.30 and 1.31 and update the following components:

Component versions 🚢

Component Supported Version Previous Version
cert-manager v1.16.1 v0.14.2
external-dns v0.15.0 v0.14.0
forecastle v1.0.145 v1.0.136
nginx v1.11.3 v1.11.2
aws-cert-manager N.A. No update
aws-external-dns N.A. No update

Please refer the individual release notes to get a more detailed information on each release.

Major changes

Nginx

  • the daemonsets command arguments changed their order, so if you have custom patches (especially patchesJson) you will need to adjust them. See the guide below.
  • some components changed their name, so again if you have custom patches, you might need to adjust them to match the new names. See the guide below.

Cert-manager

  • static label app: cert-manager has been added to pods generated by Issuers

Upgrade Guide 🦮

ℹ️ INFO

This update guide is for users of the module and not of the Distribution or users still on furyctl legacy. If you are a KFD user, the update is performed auomatically by furyctl.

Process

Nginx upgrade

Follow the first steps below whatever strategy you chose (single or dual), then follow the instructions for your specific case.

Daemonset args (single and dual)
Arg name Old position New position
--publish-service 2 1
--election-id 7 2
--controller-class 8 3
--ingress-class 6 4
--configmap 1 5
--validating-webhook 9 6
--validating-webhook-certificate 10 7
--validating-webhook-key 11 8
--http-port 4 9
--https-port 5 10
--annotations-prefix 3 None

So for example, if you had a patch like this one:

- op: "replace"
  path: "/spec/template/spec/containers/0/args/2"
  value: "--publish-service=$(POD_NAMESPACE)/ingress-nginx-internal"

you will need to adjust it like this (notice the position has changed):

- op: "replace"
  path: "/spec/template/spec/containers/0/args/1"
  value: "--publish-service=$(POD_NAMESPACE)/ingress-nginx-internal"
Resource renaming (single)

This is the list of resources that changed their name:

Resource type Old name New name
ConfigMap nginx-configuration ingress-nginx-controller
Service ingress-nginx-admission ingress-nginx-controller-admission
Service ingress-nginx-metrics ingress-nginx-controller-metrics
DaemonSet nginx-ingress-controller ingress-nginx-controller
Certificate ingress-nginx-ca ingress-nginx-root-cert
Certificate ingress-nginx-tls ingress-nginx-admission
Issuer ingress-nginx-ca ingress-nginx-root-issuer
Issuer ingress-nginx-selfsign ingress-nginx-self-signed-issuer
PrometheusRule ingress-nginx-k8s-rules ingress-nginx-controller
ServiceMonitor ingress-nginx ingress-nginx-controller
Upgrade process (single)
  1. Change your patches, if you have some, to reflect the new resource names. The safest approach is to duplicate them, so you don't break what is currently installed.

  2. Apply the new manifests.

  3. Check that everything is working fine. The two versions cohexist in this step, so it's safe to make some other changes.

  4. Delete the old resources. Here is the list of commands you need to run:

    kubectl delete configmap nginx-configuration -n ingress-nginx
    kubectl delete service ingress-nginx-admission -n ingress-nginx
    kubectl delete service ingress-nginx-metrics -n ingress-nginx
    kubectl delete daemonset.apps nginx-ingress-controller -n ingress-nginx
    kubectl delete certificate.cert-manager.io ingress-nginx-ca -n ingress-nginx
    kubectl delete certificate.cert-manager.io ingress-nginx-tls -n ingress-nginx
    kubectl delete issuer.cert-manager.io ingress-nginx-ca -n ingress-nginx
    kubectl delete issuer.cert-manager.io ingress-nginx-selfsign -n ingress-nginx
    kubectl delete prometheusrule.monitoring.coreos.com ingress-nginx-k8s-rules -n ingress-nginx
    kubectl delete servicemonitor.monitoring.coreos.com ingress-nginx -n ingress-nginx
  5. In case you duplicated the patches, you can now delete the old ones.

Resource renaming (dual)

This is the list of resources that changed their name:

Resource type Old name New name
ConfigMap nginx-configuration-external ingress-nginx-controller-external
ConfigMap nginx-configuration-internal ingress-nginx-controller-internal
Service ingress-nginx-admission-external ingress-nginx-controller-admission-external
Service ingress-nginx-admission-internal ingress-nginx-controller-admission-internal
Service ingress-nginx-metrics ingress-nginx-controller-metrics
DaemonSet nginx-ingress-controller-external ingress-nginx-controller-external
DaemonSet nginx-ingress-controller-internal ingress-nginx-controller-internal
Certificate ingress-nginx-ca ingress-nginx-root-cert
Certificate ingress-nginx-tls-external ingress-nginx-admission-external
Certificate ingress-nginx-tls-internal ingress-nginx-admission-internal
Issuer ingress-nginx-ca ingress-nginx-root-issuer
Issuer ingress-nginx-selfsign ingress-nginx-self-signed-issuer
PrometheusRule ingress-nginx-k8s-rules ingress-nginx-controller
ServiceMonitor ingress-nginx ingress-nginx-controller
Upgrade process (dual)
  1. Change your patches, if you have some, to reflect the new resource names. The safest approach is to duplicate them, so you don't break what is currently installed.

  2. Apply the new manifests.

  3. Check that everything is working fine. The two versions cohexist in this step, so it's safe to make some other changes.

  4. Delete the old resources. Here is the list of commands you need to run:

    kubectl delete configmap nginx-configuration-external -n ingress-nginx
    kubectl delete configmap nginx-configuration-internal -n ingress-nginx
    kubectl delete service ingress-nginx-admission-external -n ingress-nginx
    kubectl delete service ingress-nginx-admission-internal -n ingress-nginx
    kubectl delete service ingress-nginx-metrics -n ingress-nginx
    kubectl delete daemonset.apps nginx-ingress-controller-external -n ingress-nginx
    kubectl delete daemonset.apps nginx-ingress-controller-internal -n ingress-nginx
    kubectl delete certificate.cert-manager.io ingress-nginx-ca -n ingress-nginx
    kubectl delete certificate.cert-manager.io ingress-nginx-tls-external -n ingress-nginx
    kubectl delete certificate.cert-manager.io ingress-nginx-tls-internal -n ingress-nginx
    kubectl delete issuer.cert-manager.io ingress-nginx-ca -n ingress-nginx
    kubectl delete issuer.cert-manager.io ingress-nginx-selfsign -n ingress-nginx
    kubectl delete prometheusrule.monitoring.coreos.com ingress-nginx-k8s-rules -n ingress-nginx
    kubectl delete servicemonitor.monitoring.coreos.com ingress-nginx -n ingress-nginx
  5. In case you duplicated the patches, you can now delete the old ones.