Posts for: #devops

Traefik Announces First Release Candidate for Version 3.0.0

Traefik Announces First Release Candidate for Version 3.0.0

Cloud Native Application Proxy Traefik has released the first release candidate for version 3.0.0. This major release includes support for emerging technologies such as WebAssembly (Wasm), OpenTelemetry, and Kubernetes Gateway API. In addition, the routing rules and security of Traefik have been improved with support for HTTP/3, SPIFFE, and Tailscale.

To ensure a smooth user experience during the migration from the previous version, Traefik provides a complete migration guide and offers backward compatibility with v2 syntax while introducing a progressive path for adopting the v3 syntax.

The enhancements in this release candidate include:

  • Addition of weight on ServersLoadBalancer for Docker and service configurations
  • Reloading of provider file configuration on SIGHUP
  • Upgrade of gateway API to v1.0.0 for Kubernetes
  • Support for cross-namespace references and GatewayAPI ReferenceGrants in Kubernetes Gateway API
  • Introduction of static config hints for logs
  • Removal of observability for internal resources in metrics, tracing, and access logs
  • Support for sending DogStatsD metrics over Unix Socket in metrics
  • Addition of forwardAuth.addAuthCookiesToResponse in middleware and authentication
  • Implementation of the includedContentTypes option for the compress middleware
  • Reintroduction of the deprecated IpWhitelist middleware
  • Addition of ResponseCode to CircuitBreaker middleware
  • Addition of the rejectStatusCode option to IPAllowList middleware
  • Support for http-wasm plugin in Traefik
  • Reintroduction of v2 rule matchers in rules
  • Support for SO_REUSEPORT in EntryPoints for servers
  • Support for setting sticky cookie max age in sticky-session
  • Migration to OpenTelemetry in tracing and otel
  • Reintroduction of dropped v2 dynamic config

The bug fixes in this release candidate include:

  • Removal of warning in Kubernetes CRD provider about the supported version
  • Fixing of OpenTelemetry unit tests in metrics
  • Alignment of OpenTelemetry tracing and metrics configurations in middleware, authentication, metrics, and tracing
  • Fixing of brotli response status code when compression is disabled in middleware
  • Computing priority for HTTPS forwarder TLS routes in TLS and server configurations

Other changes in this release candidate include documentation updates, support for file path as input parameter for Kubernetes token value, disabling of br compression when no Accept-Encoding header is present in middleware, and merging of v2.11 into v3.0.

K3s Releases Latest Version: v1.29.1+k3s2

K3s Releases Latest Version: v1.29.1+k3s2

K3s, the lightweight, highly available, certified Kubernetes distribution, has released version v1.29.1+k3s2. This release is designed for production workloads in unattended, resource-constrained, remote locations, or inside IoT appliances. K3s is packaged as a single <70MB binary, reducing the dependencies and steps needed to install, run, and auto-update a production Kubernetes cluster.

The update to Kubernetes v1.29.1 brings several fixes and improvements. Some of the changes since v1.29.0+k3s1 include:

  • Bump Sonobuoy version
  • Bump actions/setup-go from 4 to 5
  • Update stable channel to v1.28.5+k3s1 and add v1.29 channel
  • Added support for env *_PROXY variables for agent loadbalancer
  • Add a retry around updating a secrets-encrypt node annotations
  • Silence SELinux warning on INSTALL_K3S_SKIP_SELINUX_RPM
  • Add ServiceLB support for PodHostIPs FeatureGate
  • Redirect error stream to null when checking nm-cloud systemd unit
  • Dockerfile.dapper: set $HOME properly
  • Add system-agent-installer-k3s step to GA release instructions
  • Fix install script checksum
  • and many more…

For a full list of changes, you can check the Kubernetes release notes.

This release also includes updates to various embedded components, such as Kubernetes v1.29.1, Kine v0.11.0, SQLite 3.42.0, etcd v3.5.9-k3s1, containerd v1.7.11-k3s2, runc v1.1.12-k3s1, Flannel v0.24.0, metrics-server v0.6.3, Traefik v2.10.5, CoreDNS v1.10.1, helm-controller v0.15.8, and local-path-provisioner v0.0.24.

Netmaker Releases Version 0.22.0 of WireGuard Mesh VPN

Netmaker Releases Version 0.22.0 of WireGuard Mesh VPN

Netmaker has announced the release of version v0.22.0 of its WireGuard mesh VPN software. One of the key features of Netmaker is its ability to automate virtual networks between data centers, clouds, and edge devices. This eliminates the need for manual configuration and allows for easy scalability.

The latest version introduces several new features and improvements. Some of the highlights include:

  • Revamped Internet Gateways
  • MQ fallback
  • Deprecating TURN in favor of failover hosts on Pro
  • Switch to CoreDNS for DNS resolution
  • DNS is no longer managed with the OS hosts file (/etc/hosts file)
  • Added support for RAC on mobile

In addition to the new features, version v0.22.0 also addresses several bugs and issues found in previous versions. Some of the fixes include:

  • Expired nodes not getting deleted
  • nmctl acl subcommand leading to a dirty state
  • Enforce private network ranges
  • Minor bugs and enhancements with user management
  • Scalability issues

OpenTofu: General Availability Release

OpenTofu: General Availability Release

OpenTofu, the open source fork of Terraform, has reached a significant milestone with the announcement of its general availability. The project, now under the Linux Foundation, is ready for production use after four months of development by over five dozen developers. OpenTofu offers a straightforward migration path for Terraform users and showcases the value of open source.

The release of OpenTofu 1.6 introduces several important features, including advanced testing capabilities for improved stability, an enhanced S3 state backend with new authentication methods, and a new provider and module registry. Additionally, the release includes hundreds of performance enhancements, bug fixes, and other improvements.

OpenTofu has gained significant traction in the community, with dozens of developers contributing, hundreds of active community members, thousands of GitHub followers, and support from corporate backers and technology partners such as CloudFlare, BuildKite, GitLab, and Oracle.

Looking ahead, OpenTofu 1.7 is set to introduce even more community-requested features that are not available in Terraform. These features include client-side state encryption for heightened security in regulated environments, parameterizable backends, providers, and modules for more readable code, and third-party extensibility through a plugin system for new state backends.

The general availability of OpenTofu marks a important achievement for the project and the open source community.

Source: Linux Foundation.

K3s Unveils New Version: v1.29.0+k3s1

K3s Unveils New Version: v1.29.0+k3s1

K3s has released version v1.29.0+k3s1, an update to its lightweight, highly available Kubernetes distribution. This release includes several important changes and updates, including an upgrade to Kubernetes v1.29.0. However, before upgrading, users are advised to read the Urgent Upgrade Notes from Kubernetes.

There are two important changes to note in this release. The first is the removal of the experimental rotate-keys subcommand, due to changes in Kubernetes upstream for KMSv2. This subcommand may be added back in future releases. The second change is the removal of the multi-cluster-cidr flag, as support for this alpha feature has been completely removed from Kubernetes upstream.

Other notable changes in this release include fixing an overlapping address range, updating the stable channel to November 2023, adding runtime classes for wasm/nvidia/crun, and bumping containerd/runc to v1.7.10-k3s1/v1.1.10. Additionally, there are updates to containerd, removal of GA feature-gates, improvements to code coverage, and an update to flannel.

Embedded component versions in this release include Kubernetes v1.29.0, Kine v0.11.0, SQLite 3.42.0, Etcd v3.5.9-k3s1, Containerd v1.7.11-k3s2, Runc v1.1.10, Flannel v0.24.0, Metrics-server v0.6.3, Traefik v2.10.5, CoreDNS v1.10.1, Helm-controller v0.15.4, and Local-path-provisioner v0.0.24.

Gitea Releases Version 1.21.3

Gitea Releases Version 1.21.3

Gitea has announced the release of version 1.21.3. This update includes 18 merged pull requests and fixes for a security vulnerability. Users are strongly encouraged to update to this version for important bug fixes.

One notable improvement in this release is that it is built with the latest released version of Golang to resolve the announced CVE with Golang. The specific CVE addressed is CVE-2023-48795.

The problem that was fixed in this release was contributed by @wxiaoguang.

For those interested in updating to Gitea 1.21.3, the software can be downloaded from the downloads page. The installation guide provides more information on how to install the update.

For a full list of changes in Gitea 1.21.3, refer to the Changelog.