- #3473 - Missing dependency for postgresql-client-common package
- #3474 - Missing AWS AlmaLinux OS 8.7 image
- #3436 - Upgrade Ansible
- [AWS] AlmaLinux image from 8.6.20220901 to 8.7.20221110
- Increase the default Ansible timeout for connection plugins to use (from 10 to 30)
- Increase
retries-count
from 3 to 10 fordownload-requirements.py
- [Azure] Sometimes
epicli - list index out of range
occurs when creating Ansible inventory - pytest tests in VS Code
- #3450 - Erlang 23 packages not available for Ubuntu focal distro
- #3452 - AlmaLinux 8 GPG key changed
- #3443 - K8s legacy repositories shut down
- #3437 - Cluster-wide tagging for all cloud resources
- #3424 - PostgreSQL yum repo GPG key not available
- #3421 - Bump Python dependencies to the latest to fix a number of CVE issues, including: CVE-2023-48795 - Terrapin attack
- #3413 - [RHEL] Missing dependencies for
samba-client
package
- #3177 - Upgrade AzureCLI to 2.37+ to support Microsoft Graph migration
- #3383 - Update Python dependencies to include the latest patch versions
- #3374 - Grafana dashboard id 11074 - checksum mismatch
- #3347 - Switch from
k8s.gcr.io
toregistry.k8s.io
- #3324 - Missing python3-setuptools package in offline mode
- #3315 - Failed to initialize Kubernetes cluster: CRI v1 runtime API is not implemented
- #3306 - OpenSearch admin certificate expired
- #2090 - Add support for alternative file URLs to download-requirements
- #3186 - Refactor manifest file handling in cli
- #3232 - Use tarball format insted of legacy for downloading Docker images
- #3238 - Make OpenSearch Dashboards user configurable
- #3241 - Simplify APT commands flow in download-requirements.py
- #3260 - Remove registry-image doc support in download-requirements.py
- #3266 - Disable validation of infrastructure documents in upgrade mode
- #3271 - Filebeat not shipping logs to OpenSearch after upgrading epicli from v2.0.1
- #3275 - Kubernetes installation on aarch64 fails due to missing kubernetes-cni-0.8.7 package
- #3279 - dnf install failed for
ca-certificates
package on RedHat family distros
- #3257 - Upgrade ansible-core to 2.13 (ansible 6)
- #3061 - Upgrade Keycloak to 19.0.2
- #3277 - Simplify configuration of enabling Rook
- #3287 - Update cloud OS images to the latest
- #2932 - Support
epicli upgrade
for RHEL/AlmaLinux 8 - #3057 - Additional AWS authentication option
- #3101 - Add support for ARM architecture for AlmaLinux 8
- #3105 - Add manifest file parsing
- #3131 - Optimize Grafana dashboards downloading
- #3116 - Optimize files downloading
- #3106 - Add image-registry configuration reading
- #3140 - Allow to disable OpenSearch audit logs
- #3218 - Add support for original output coloring
- #3079 - OpenSearch improvement - add dedicated user for Filebeat
- #3207 - Add filtering mechanism for the sensitive data
- #3153 - AlmaLinux 8.5 installation fails resolving dependencies
- #3164 - Specify version and allow containerd.io package downgrade in haproxy_runc role
- #3179 - terraform fails when
use_network_security_groups
is set tofalse
- #3165 - download-requirements.py may fail due to expired certificate
- #3189 - Fix configuration/feature-mapping enabling
- #3152 - Use a stable tag for the quay.io/ceph/ceph:v16.2.7 image
- #3209 - [Ubuntu] download-requirements.py ignores package version when resolving dependencies
- #3231 - epicli may fail on "Download image haproxy-2.2.2-alpine.tar" task
- #3210 - [Ubuntu] download-requirements.py downloads redundant package dependencies
- #3190 - Enable configuration of kubelet enable-controller-attach-detach argument via input manifest
- #3080 - update Filebeat to the latest compatible version with OpenSearch
- #2982 - Using AKS and EKS Terraform configuration directly with Epiphany.
- #2870 - OpenDistro for ElasticSearch replaced by OpenSearch
- #3163 - Upgrade Python dependencies
- #3097 - Split available_roles and roles_mapping into separate yaml documents
- #3229 - Update crane to v0.11.0
- Support for Modules: Azure Basic Infrastructure (AzBI) module Azure AKS (AzKS) module AWS Basic Infrastructure (AwsBI) module AWS EKS (AwsKS) module
-
Schema
configuration/feature-mapping
changed. The document was splitted into two separate docsconfiguration/features
andconfiguration/feature-mappings
. -
AWS credentials configuration parameters are renamed from
specification.cloud.credentials.key
andspecification.cloud.credentials.secret
tospecification.cloud.credentials.access_key_id
andspecification.cloud.credentials.secret_access_key
.
- #1332 - Support for RHEL 8.4 and AlmaLinux 8.4
- #959 - Add usage of use_network_security_groups to disable NSG on AWS
- #2701 - Epicli prepare - generate files in separate directory
- #2812 - Extend K8s config validation
- #2950 - CLI refactor to make it more consistent
- #2844 - Refactor K8s upgrade task in order to simplify its flow
- #2985 - Make RabbitMQ Plugins configurable
- #2974 - Refactor Apply command
- #2976 - Allow for custom Terraform scripts
- #2716 - Change container runtime to containerd
- #805 - Refactor download-requirements script
- #2858 - Make Ruby spec tests code compliant with rubocop lint rules
- #2975 - Copy only required files
- #2991 - Add automatic backup creation for download requirements
- #2448 - Passwordless SSH communication for postgres user between DB nodes
- #2821 - Node Exporter preflight checks
- #2996 - Introduce the new configuration field to change a component name
- #2888 - Define additional disks with defined sizes to VMs for Azure
- #2812 - Extend K8s config validation
- #2890 - Rook/Ceph Kubernetes Native Storage for Azure Kubernetes non-AKS cluster
- #1452 - Create Kubernetes Native Storage Epiphany configuration for Azure provider
- #2891 - Rook/Ceph Kubernetes Native Storage for AWS non-EKS
- #2887 - Create Kubernetes Native Storage Epiphany configuration for AWS provider
- #2734 - Document upgrade Red Hat / CentOS 7 to v 8.x
- #2653 - Epicli is failing in air-gapped infra mode
- #1569 - Azure unmanaged disks not supported by Epiphany but there is misleading setting in the default configuration
- #2832 - Make the DoD checklist clear
- #2853 - Change autoscaling_group approach in AWS provider in favor of plain VM creation.
- #2669 - Restarting the installation process can cause certificate problems if K8s was not fully configured
- #2944 - Refactor InitEngine class to be agnostic to changes in ApplyEngine and UpgradeEngine
- #2945 - epicli apply sleeps 10 seconds after creating inventory
- #2968 -
epicli init
should generatespecification.cloud.subscription_name
for minimal cluster config - #2940 - firewalld.service unit could not be found on host however ansible_facts sees it as defined
- #2979 - Restore the possibility of choosing the availability zone in AWS
- #2984 - Validation blocks overwriting of destination_address_prefix in NSG rules, which is 0.0.0.0/0 by default
- #2966 -
epicli init --full
does not generate configuration for OpenDistro - #2942 - rsync command fails trying to copy artifacts
- #2930 - Backup/recovery commands fail when default configuration for backup attached to cluster-config.yml
- #2989 - Task
Remove swap from /etc/fstab
does not remove swap entry from file - #2907 - Backup/recovery commands fail when executed directly after upgrade
- #3025 - Running yum commands may hang waiting for user input
- #2728 - PostgreSQL's configuration files located outside the data directory are not copied by repmgr
- #3029 - [RHEL] Single machine upgrade fails on preflight check: 'dict object' has no attribute 'size_available'
- #2997 - Doubled HAProxy entries in prometheus.yml after upgrade
- #2803 - Refactor: rename 'kafka_var' setting
- #2995 - Update expired RHUI client certificate before installing any RHEL packages
- #3049 - HAProxy upgrade fails on re-run trying to remove haproxy_exporter
- #3006 - install
containerd.io=1.4.12-*
failed, when upgrade from v1.3.0 to 2.0.0dev - #3065 - Flag
delete_os_disk_on_termination
has no effect when removing cluster
- #2828 - K8s improvements
- Re-generate apiserver certificates only by purpose
- Do not ignore preflight errors in
kubeadm join
- Update documentation about control plane certificates renewal
- #2825 - Upgrade Terraform and providers
- Terraform 0.12.6 to 1.1.3 (#2706)
- Azurerm provider 1.38.0 to 2.91.0
- AWS provider 2.26 to 3.71.0
- Upgraded Azure-cli 2.29 to 2.32
- #2847 - Upgrade Ansible to 5.2.0
- Ansible 2.10.15 to 5.2.0
- Python 3.7 to 3.10
- #2871 - Upgrade Kafka to 2.8.1
- #3090 - Update cloud OS images to the latest
- Support for RHEL 7
- Support for CentOS
- #2834 - Removal of Hashicorp Vault component
- #2833 - Removal of Logstash component
- #2836 - Removal of Istio component
- #2837 - Removal of Apache Ignite component
- #2927 - Review Epiphany tools (remove outdated)
- #2864 - Remove unnecessary design docs
- RHEL 7 and CentOS are not supported. For RHEL, release 8.4 is required and upgrade from version 7 is not handled by Epiphany. Support for CentOS has been replaced by AlmaLinux (migration is not handled by Epiphany).
- Support for ARM architecture has been removed (together with CentOS), planned to be added for AlmaLinux in the next release.
- Upgrade of Terraform components in issue #2825 and #2853 will make running re-apply with infrastructure break on existing 1.x clusters. The advice is to deploy a new cluster and migrate data. If needed a manual upgrade path is described here.
- Kubernetes container runtime changed. Dockershim and Docker are no longer on Kubernetes hosts.
- Filebeat
docker
input replaced bycontainer
input. New field provided for Filebeat as system service installation:container.id
. Fieldkubernetes.container.name
is no longer valid.
epicli upgrade
is not supported yet for RHEL or AlmaLinux