v1.11.0

[v1.11.0] - 2025-08-28

Major update of project documentation, Prometheus/Fluent-bit/Fluentd refactoring, Spegel Mirroring, Keycloak Operator, Flux Operator

Release Scope

• Flux Bootstrap process migration from CLI to FluxCD Operator]

• Add Registry Mirror (Spegel)

• Prometheus refactoring

  • Automate upgrade process of prometheus dashboards and rules for K3s from Prometheus mixins.
  • Use of ScrapeConfig CRD for external services monitoring

• Logs collection/distribution refactoring (Fluentbit and Fluentd)

  • Fluentbit
    • Use new YAML configuration
    • Extract configuration to external configMap and enable hot-reloading
    • Remove old configuration options
      • TZ management
      • Kubernetes merge fields
  • Fluentd
    • Extract configuration to external configMap
    • Move records manipulation rules to Fluent-bit

• Kafka Zookeeper deprecation and migration to KRAFT

• Monitor with Prometheus all External Services (services running out-side the Kubernetes Cluster):

  • Metrics and logs at OS level (node1)
    • Metrics export using NodeExporter
    • Logs collection using Fluent-bit collector
  • Services running in node1
    • Logs and node-level metrics
    • HAProxy
    • Vault
    • Bind9
    • OpenWrt
  • Services running in Cloud
    • Minio external service

• Monitor with Prometheus all Internal Services (services running in the Kubernetes Cluster).

  • Fix monitoring issues with some of the services:
    • etcd
    • Grafana
    • ElasticSearch
  • Add monitoring of remaining services
    • Cert-Manager
    • External-Secrets
    • FluxCD
    • MongoDB

• Keycloak application refactoring

  • Installation in HA mode using Keycloak Operator instead of Bitnami's Helm Chart
  • keycloak-config-cli to automatically configure Keycloak from config files.

• Project documentation review

  • Update deprecated technologies documentation.
    • Highlight documentation as deprecated and without maintenance
    • Review references to deprecated technologies in all documentation
  • Standardize documentation
    • Common layout of sections: Installation, Configuration, Obervability, etc.
    • Refactor documentation
      • Prometheus doc
        • Extract Grafana installation/configuration to its own page
        • Extract monitoring configuration of each service to Observability section to corresponding service document
      • Fluentbit/Fluentd documentation
        • Extract Fluent-bit and Fluentd documentation to separate documents
      • Cert-manager doc
        • Extract cert-bot documentation to a separate document
      • Backup documentation
        • Extract OS-filesystem backup (Restic) to a separate document

New Contributors

• @marmila made their first contribution in #685
• @olipinski made their first contribution in #821
• @JaeungJayJang made their first contribution in #925

Full Changelog: v1.10.0...v1.11.0

v1.10.0

[v1.10.0] - 2025-01-16

Homelab/Kuberenes DNS rearchitecture, migration to OpenWRT based router/firewall, and new 3D-based dev environment and support MongoDB declarative deployment.

Release Scope:

• Migrate Homelab Gateway Ubuntu OS based to OpenWRT

  • Migrate firewall rules to OpenWrt router
    • OpenWrt firewall is also using nftables to implemt its firewall functionallity.
  • Migrate DNS/DHCP services to OpenWrt
    • OpenWrt DNS/DCHP is also based on dnsmasq.
  • Migrate PXE boot services (TFTF server and Kick-start web servers) to other node in the cluster (node1). GL-A1300 does not have enough disk space to store boot and iso files.

• New DNS Architecure

  • Cluster domain changed to homelab.picluster.ricsanfre.com
  • New Homelab DNS authoritative server based on Bind9
  • Gateway DNS resolver/forwarder service reconfiguration
  • External-DNS kubernetes service deployment integrated with Bind9
  • Cert-manager reconfiguration to support LetsEncrypt certificates in split DNS horizon architecture

• New Dev Environment

  • Add documentation to install k3d development platform
  • Add Flux configuration for dev cluster environment

• Add support for creating MongoDB clusters

  • Deploy MongoDB Community Operator operator
  • Add sample mongoDB FluxCD cluster kustomized application.
  • Document how to create MondoDB cluster databases and secure using TLS certificates generated by Cert-Manager

What's Changed

• fix(cilium): k3s has an API server proxy at 127.0.0.1:6444 by @onedr0p in #512
• Adding authoritative dns (Bind9) and external-dns by @ricsanfre in #514
• chore(deps): update helm release coredns to v1.36.1 by @renovate in #504
• chore(deps): update helm release cilium to v1.16.3 by @renovate in #516
• chore(deps): update helm release cert-manager to v1.16.1 by @renovate in #491
• chore(config): migrate renovate config by @renovate in #527
• chore(deps): update helm release ingress-nginx to v4.11.3 by @renovate in #493
• chore(deps): update helm release prometheus-operator-crds to v15 by @renovate in #508
• chore(deps): update helm release kube-prometheus-stack to v65 by @renovate in #522
• chore(deps): update helm release external-secrets to v0.10.5 by @renovate in #492
• chore(deps): update helm release kiali-operator to v2 by @renovate in #530
• chore(deps): update helm release metrics-server to v3.12.2 by @renovate in #531
• chore(deps): update helm release minio to v5.3.0 by @renovate in #533
• chore(deps): update helm release grafana to v8.5.12 by @renovate in #483
• chore(deps): update helm release fluent-bit to v0.47.10 by @renovate in #473
• chore(deps): update helm release tempo-distributed to v1.21.1 by @renovate in #486
• chore(deps): update helm release prometheus-elasticsearch-exporter to v6.5.0 by @renovate in #523
• chore(deps): update helm release loki to v6.19.0 by @renovate in #478
• chore(deps): update helm release eck-operator to v2.14.0 by @renovate in #536
• chore(deps): update helm release cloudnative-pg to v0.22.1 by @renovate in #535
• chore(deps): update helm release community-operator to v0.11.0 by @renovate in #525
• chore(deps): update helm release strimzi-kafka-operator to v0.44.0 by @renovate in #534
• chore(deps): update helm release schema-registry to v21.0.3 by @renovate in #532
• chore(deps): update helm release oauth2-proxy to v7.7.28 by @renovate in #498
• Update Documentation: DNS and Router/Firewall rearchitecture by @ricsanfre in #544
• Update Helm release coredns to v1.37.0 by @renovate in #552
• Update Helm release cilium to v1.16.4 by @renovate in #547
• Update Helm release external-secrets to v0.11.0 by @renovate in #557
• Update Helm release cert-manager to v1.16.2 by @renovate in #555
• Update Helm release grafana to v8.7.0 by @renovate in #541
• Update Helm release cert-manager-webhook-ionos to v1.2.0 by @renovate in #556
• Update Helm release loki to v6.23.0 by @renovate in #562
• Update Helm release tempo-distributed to v1.26.0 by @renovate in #564
• Update Helm release fluent-bit to v0.48.3 by @renovate in #560
• Update Helm release schema-registry to v23 by @renovate in #565
• Update Helm release eck-operator to v2.15.0 by @renovate in #559
• Update Helm release oauth2-proxy to v7.8.2 by @renovate in #563
• Update Helm release keycloak to v24.3.0 by @renovate in #561
• Update Helm release prometheus-elasticsearch-exporter to v6.5.1 by @renovate in #558
• Update Helm release prometheus-operator-crds to v16 by @renovate in #539
• Update Helm release kube-prometheus-stack to v66 - autoclosed by @renovate in #540
• Update Helm release kiali-operator to v2.2.0 by @renovate in #543
• Update Helm release tempo-distributed to v1.26.1 by @renovate in #566
• Update Helm release tempo-distributed to v1.28.0 by @renovate in #572
• Update Helm release strimzi-kafka-operator to v0.45.0 by @renovate in #573
• Configure dev environment based in k3d by @ricsanfre in #590
• Update Helm release prometheus-operator-crds to v17 by @renovate in #569
• Update Helm release kube-prometheus-stack to v67 by @renovate in #570
• Update Helm release cilium to v1.16.5 by @renovate in #575
• Update Helm release grafana to v8.8.2 by @renovate in #568
• Update dependency community.crypto to v2.23.0 by @renovate in #592
• Update dependency community.general to v10.2.0 - autoclosed by @renovate in #593
• Update Helm release prometheus-elasticsearch-exporter to v6.6.0 by @renovate in #588
• Update Helm release ingress-nginx to v4.12.0 by @renovate in #591
• Update Helm release eck-operator to v2.16.0 by @renovate in #581
• Update Helm release external-secrets to v0.12.1 by @renovate in #585
• Update Helm release loki to v6.24.0 by @renovate in #582
• Update Helm release cloudnative-pg to v0.23.0 by @renovate in #584
• Update Helm release velero to v8.2.0 by @renovate in #589
• Update velero/velero-plugin-for-aws Docker tag to v1.11.1 by @renovate in #583
• Update Helm release community-operator to v0.12.0 by @renovate in #580
• Update Helm release oauth2-proxy to v7.9.0 by @renovate in #587
• Update keycloak Docker tag to v24.3.2 by @renovate in #571
• Update dependency Istio Performance Dashboard to v240 by @renovate in #598
• Update dependency Istio Mesh Dashboard to v240 by @renovate in #597
• Update dependency Istio Control Plane Dashboard to v240 by @renovate in #596
• Update dependency k3s-io/k3s to v1.31.4+k3s1 - autoclosed by @renovate in #595
• Update Helm release kiali-operator to v2.3.0 by @renovate in #586
• Update Helm release fluent-bit to v0.48.4 by @renovate in #602
• Update dependency restic/restic to v0.17.3 by @renovate in #600

New Contributors

• @onedr0p made their first contribution in #512

Full Changelog: https://github.com/r...

v1.9.0

[v1.9.0] - 2024-10-07

Cluster Upgrade to use Cilium CNI, as cluster networking solution, Istio, as Service Mesh solution, and Flux CD, as GitOps solution.

Release Scope:

• Migrate GitOps solution from ArgoCD to FluxCD

  • Upgrade cluster bootstrap process to use FluxCD instead of ArgoCD
  • Re-package all kubernetes application to use FluxCD specific resources
  • Use advance Kustomize options (variants and componets) to have a reusable set of configurations

• Kubernetes CNI migration from Flannel to Cilium

  • Install K3s disabling installation of embedded Flannel CNI.
  • Replace cluster's load balancer, based on Metal LB by Cilium L4 load balancer capabilty.
  • Configure Cilium to replace kube-proxy component. That means to replace kube-proxy’s iptables based routing by eBFP technology.

• Migrate Service Mesh solution from Linkerd to Istio

  • Deploy Istio sidecar-less ambient mode
  • Integrate Istio with Cilium CNI
  • Deploy Istio's observability solution, Kiali
  • Remove Likerd specific configuration

• Keycloak Database (HA and backup)

  • Deploy CloudNative-PG operator
  • Define declartive Keycloak cluster database configuration in HA
  • Configure backup of the database to external backup service (s3)
  • Renconfigure Keycloak deployment to use this external DB instead of embedded posgreSQL database (Bitnami's posgreSQL chart)

What's Changed

• Cilium CNI and refactoring packaged applications with kustomize by @ricsanfre in #423
• Update Helm release argo-cd to v7 by @renovate in #422
• Update Helm release external-secrets to v0.9.19 by @renovate in #407
• Update Helm release keycloak to v21.4.1 by @renovate in #412
• Update Helm release oauth2-proxy to v7.7.1 by @renovate in #420
• Update Helm release fluent-bit to v0.46.8 by @renovate in #414
• Update Helm release loki to v6.6.3 by @renovate in #426
• Update schema-registry Docker tag to v19 by @renovate in #429
• Update Helm release eck-operator to v2.13.0 by @renovate in #425
• Update Helm release cert-manager to v1.15.0 by @renovate in #424
• Update Helm release velero to v6.6.0 by @renovate in #418
• Update Helm release tempo-distributed to v1.11.0 by @renovate in #421
• Update Helm release argo-cd to v7.2.1 by @renovate in #438
• Update Helm release kube-prometheus-stack to v60.3.0 by @renovate in #427
• Update Helm release prometheus-elasticsearch-exporter to v5.8.1 by @renovate in #440
• Update Helm release fluent-bit to v0.46.11 by @renovate in #441
• Update schema-registry Docker tag to v19.1.7 by @renovate in #447
• Update Helm release keycloak to v21.4.4 by @renovate in #446
• Update Helm release oauth2-proxy to v7.7.4 by @renovate in #442
• Update Helm release velero to v6.7.0 by @renovate in #448
• Update Helm release argo-cd to v7.3.3 by @renovate in #454
• Cloud native databases operators (cloudnative-pg and mongodb-operator) and configuring Keycloak DB in HA with backup by @ricsanfre in #458
• Update Helm release argo-cd to v7.3.4 by @renovate in #459
• Update Helm release oauth2-proxy to v7.7.8 by @renovate in #456
• Update Helm release keycloak to v21.4.5 by @renovate in #460
• Update Helm release cert-manager to v1.15.1 by @renovate in #455
• Update Helm release loki to v6.6.5 by @renovate in #452
• Update Helm release tempo-distributed to v1.13.2 by @renovate in #453
• Update Helm release kube-prometheus-stack to v60.5.0 by @renovate in #461
• Update Helm release keycloak to v21.5.0 by @renovate in #469
• Update Helm release external-secrets to v0.9.20 by @renovate in #468
• Update Helm release tempo-distributed to v1.14.0 by @renovate in #470
• Update Helm release prometheus-elasticsearch-exporter to v5.9.0 by @renovate in #463
• Update Helm release prometheus-operator-crds to v13 by @renovate in #467
• Update Helm release kube-prometheus-stack to v61 - autoclosed by @renovate in #465
• Update Helm release grafana to v8.3.2 by @renovate in #457
• Update Helm release prometheus-elasticsearch-exporter to v6 by @renovate in #466
• Update schema-registry Docker tag to v19.2.1 by @renovate in #464
• Istio ambient mode deployment and configuration by @ricsanfre in #487
• Update Helm release argo-cd to v7.3.10 by @renovate in #477
• Update Helm release argo-cd to v7.3.11 by @renovate in #488
• Migration to FluxCD by @ricsanfre in #501

Full Changelog: v1.8.5...v1.9.0

v1.8.0

[v1.8.0] - 2024-01-04

K3S HA deployment and SSO support.

Release Scope:

• K3S HA deployment.

  • 3 masters with embedded etcd database using HA proxy as Kubernetes API load balancer.
  • Ansible code update for supporting K3s single-node and HA deployments.

• Single sign-on (SSO) solution

  • Identity Access Management solution based on Keycloak
  • OAuth2.0 Proxy deployment for securing applications not using any authentication mechanism.
  • Ingress NGINX integration with OAuth2-Proxy
  • Grafana SSO configuration. Integration with Keycloak.

• Ingress Controller migration.

  • Ingress NGINX deployment. Traefik ingress controller deprecation.
  • ArgoCD packaged applications update to use standard Ingress resources implemented by NGINX.

• Kafka service

  • Use of Strimzi Operator to streamline the deployment of Kafka cluster
  • Integrate Kafka Schema Registry, based on Confluent Schema Registry
  • Use of Kafka GUI, Kafdrop

What's Changed

• Pxe server by @ricsanfre in #133
• Increasing minio number of replicas by @ricsanfre in #135
• Configuring K3S HA by @ricsanfre in #136
• Fixing #137. Adding affinity rule to minio multi node deployment by @ricsanfre in #138
• Ingress NGINX deployment and Traefik migration by @ricsanfre in #140
• Velero patch by @ricsanfre in #141
• typo fix by @quoing in #143
• Kafka deployment by @ricsanfre in #144
• Configure Renovate by @renovate in #145
• Update Helm release metallb to v0.13.11 by @renovate in #147
• Update Helm release external-secrets to v0.9.5 by @renovate in #146
• Update Helm release cert-manager to v1.13.1 by @renovate in #156
• Update Helm release trust-manager to v0.6.0 by @renovate in #172
• Update Helm release linkerd-crds to v1.8.0 by @renovate in #163
• Update Helm release linkerd-control-plane to v1.16.2 by @renovate in #162
• Update Helm release linkerd-viz to v30.12.2 by @renovate in #165
• Update Helm release linkerd-jaeger to v30.12.2 by @renovate in #164
• Update Helm release argo-cd to v5.46.7 by @renovate in #155
• Update Helm release ingress-nginx to v4.8.1 by @renovate in #160
• Update Helm release minio to v5.0.14 by @renovate in #149
• Update Helm release prometheus-elasticsearch-exporter to v5.3.1 by @renovate in #168
• Update Helm release eck-operator to v2.9.0 by @renovate in #157
• Doc: kibana manifest typo and loki architecture image broken link fix by @ricsanfre in #195
• Update schema-registry Docker tag to v15 by @renovate in #193
• Upgrade to longhorn 1.5.1 by @ricsanfre in #196
• Update Helm release strimzi-kafka-operator to v0.37.0 by @renovate in #169
• Update Helm release fluent-bit to v0.39.0 by @renovate in #158
• Update Helm release loki to v5.27.0 by @renovate in #166
• Update Helm release tempo-distributed to v1.6.10 by @renovate in #170
• Update Helm release kube-prometheus-stack to v47.6.1 by @renovate in #161
• Update Helm release fluentd to v0.4.4 by @renovate in #159
• Update Helm release kube-prometheus-stack to v51 by @renovate in #182
• Update actions/checkout action to v4 by @renovate in #185
• Update actions/setup-python action to v4 by @renovate in #186
• Update Helm release velero to v4.4.1 by @renovate in #173
• Updating Velero to v1.12 by @ricsanfre in #202
• Update Helm release argo-cd to v5.46.8 by @renovate in #197
• Update Helm release ingress-nginx to v4.8.2 by @renovate in #198
• Update Helm release loki to v5.29.0 by @renovate in #201
• Update Helm release kube-prometheus-stack to v51.6.1 by @renovate in #200
• Update Helm release ingress-nginx to v4.8.3 by @renovate in #215
• Update Helm release metallb to v0.13.12 by @renovate in #207
• Update Helm release trust-manager to v0.7.0 by @renovate in #211
• Update Helm release argo-cd to v5.51.2 by @renovate in #213
• Update Helm release longhorn to v1.5.3 by @renovate in #214
• Update Helm release eck-operator to v2.10.0 by @renovate in #220
• Update Helm release loki to v5.36.3 by @renovate in #203
• Update Helm release strimzi-kafka-operator to v0.38.0 by @renovate in #227
• Update Helm release linkerd-control-plane to v1.16.6 by @renovate in #217
• Update Helm release linkerd-viz to v30.12.6 by @renovate in #219
• Update Helm release linkerd-jaeger to v30.12.6 by @renovate in #218
• Update Helm release kube-prometheus-stack to v51.10.0 by @renovate in #205
• Update Helm release loki to v5.38.0 by @renovate in #229
• Update Helm release fluent-bit to v0.40.0 by @renovate in #221
• Update schema-registry Docker tag to v15.1.0 by @renovate in #199
• Update Helm release argo-cd to v5.51.4 by @renovate in #231
• Update schema-registry Docker tag to v16 by @renovate in #228
• Update Helm release fluentd to v0.5.0 by @renovate in #210
• Update Helm release tempo-distributed to v1.7.1 by @renovate in #230
• Update Helm release velero to v5.1.4 by @renovate in #224
• Update velero/velero-plugin-for-csi Docker tag to v0.6.2 by @renovate in #226
• Update velero/velero-plugin-for-aws Docker tag to v1.8.2 - autoclosed by @renovate in #225
• Adding SSO support by @ricsanfre in #254

New Contributors

• @quoing made their first contribution in #143
• @renovate made their first contribution in #145

Full Changelog: v1.7.0...v1.8.0

v1.7.0

[v1.7.0] - 2023-06-24

Hybrid x86/ARM kubernetes cluster support (x86 and ARM cluster nodes can be used within the same Pi-Cluster).

Release Scope:

• Hybrid x86/ARM kubernetes cluster support.

  • Combine Raspberry PI 4B nodes and x86 mini PCS (HP Elitedesk 800 G3) in the same cluster.
  • Ansible code update for supporting configuration of Raspberry PI nodes and x86 nodes.

• Ubuntu OS installation automation

  • Automate process of creating boot USB disk for Raspberry PI nodes.
  • x86 nodes autoinstallation using PXE

• Node's Operating System upgrade from Ubuntu 20.04 LTS to Ubuntu 22.04 LTS.

  • Node's installation/configuration documentation update.
  • Ansible OS configuration tasks updated to fit the new OS release.

• K3s automated upgrade

  • Deploy Rancher's system-upgrade-controller app. This controller uses a [custom resource definition (CRD)], plan, to schedule upgrades based on the configured plans.
  • ArgoCD packaged application created to deploy system-upgrade-controller app and to generate upgrade plans.

• Logging solution enhancements

  • ES/Kibana upgrade to release 8.6
  • ElasticSearch's ILM policies (data retention policies) and Index templates (data model) configuration for Fluentd logs.
  • Fluentd dynamic indices creation and configuration.
  • Elasticsearch roles and users definition. File Auth Realm configured through ECK. Different roles and users created (fluentd, prometheus-elasticsearch-exporter)

• Automation enhancements

  • New Ansible-runtime environment in a docker container, ansible-runner containing all ansible packages and its dependencies. Isolating ansible run-time environment from local server.

What's Changed

• Upgrading longhorn to 1.4.0 (and CSI external snapshot controller) by @ricsanfre in #100
• Automating K3s upgrade by @ricsanfre in #101
• Patch k3s upgrade by @ricsanfre in #102
• Ansible control node encapsulated in a Docker container (ansible-runner) by @ricsanfre in #103
• Migrate external services (S3 backup/Vault) outside cluster and deploy Minio cluster service for Loki/Tempo by @ricsanfre in #104
• Rolling back vault migration by @ricsanfre in #105
• Migrate picluster website comments platform to giscus by @ricsanfre in #115
• Enabling elaticsearch ILM and Index Templates by @ricsanfre in #119
• Patch fix #122 by @ricsanfre in #123
• Adding support for hybrid cluster (x86 nodes and RaspberryPI) by @ricsanfre in #124
• Using vault secret for elastic user by @r1cebank in #125
• Upgrade to Ubuntu 22.04 LTS by @ricsanfre in #130

Full Changelog: v1.6.0...v1.7.0

v1.6.0

[v1.6.0] - 2023-01-29

Apply GitOps methodology using ArgoCD to deploy and manage Kubernetes Applications, integrate Hashicorp Vault secret management solution and transform monitoring platform into observability platform (logs, traces and metrics monitoring).

Release Scope:

• GitOps methodology

  • Argo CD deployment
  • New packaged Kubernetes applications (helm charts and manifest files) to be deployed using ArgoCD
  • Automate cluster bootstraping with ArgoCD using Ansible
  • Ansible playbooks/roles/vars refactoring

• Integrate Secrets Management solution

  • Hashicorp Vault deployment
  • Kuberentes authorization mechanism integration
  • External Secrets Operator deployment

• Observability platform

  • Grafana Loki and Grafana Tempo deployment
  • Grafana as cluster operations single pane of glass
  • Fluentbit/Fluentd configuration to distribute logs to ES and Loki
  • Linkerd distributed tracing integration
  • Traefik tracing integration and automatic correlation with access logs

• Automation enhancements

  • Integration of Ansible vault and GPG to automate the encrypt/decrypt process
  • Automatic generation of credentials and load in Vault
  • Add Makefile

What's Changed

• Fix #65: Move from Monitoring Platform to Observability Platform
• Fix #87: Moving from Ansible to GitOps when deploying Kubernetes applications (ArgoCD)
• Fix #90: Ansible vault integrated with GPG
• Fix #91: Add Hashicorp Vault as Secret Management solution

What's Changed

• Patch/namespaces by @ricsanfre in #81
• Feature/loki by @ricsanfre in #84
• Feature/tempo by @ricsanfre in #88
• Moving linkerd tracing configuration to service-mesh page by @ricsanfre in #89
• Feature/Argocd by @ricsanfre in #98

Full Changelog: v1.5.0...v1.6.0

v1.5.0

[v1.5.0] - 2022-10-12

Upgrade backup service adding Kubernetes CSI Snapshot feature, Prometheus memory optimization removing K3S duplicate metrics, enabling Let's Encrypt TLS certificates, and upgrading Linkerd to release 2.12.

Release Scope:

• Use of Let's Encrypt TLS certificates
  • Certmanager configuration of Let's Encrypt support. ACME DNS01 challenge provider
  • Certbot deployment
  • IONOS DNS provider integration
• Upgrade backup service adding CSI Snapshot support
  • Enable Kubernetes CSI Snapshot feature, installing external snapshot controller.
  • Configure Longhorn CSI Snapshots support
  • Configure Velero CSI Snapshot support
• Prometheus memory footprint optimization
  • Removing of duplicate metrics coming from K3S endpoints.
• Upgrade Linkerd to version 2.12
• Ansible Playbooks improvements
  • Encrypt passwords and keys used in playbooks with Ansible Vault
  • Automatic provision of Prometheus Rules from yaml files.

What's Changed

• Fix #16: Cert-manager: Add Let's Encrypt as SSL certificate provider
• Fix #31: Backup: Adding CSI Snapshot support
• FIx #60: Improve Prometheus documentation including details about what is deployed with kube-prometheus-stack
• Fix #63: Memory footprint optimization
• Fix #66: Upgrade to latest version of Ansible role ricsanfre.backup
• Fix #67: K3S emitting duplicated metrics in all endpoints (Api server, kubelet, kube-proxy, kube-scheduler, etc)
• Fix #69: Prometheus Rules: Provision automatically of Prometheus rules from yaml files
• Fix #70: Linkerd: Upgrade to 2.12 release
• Fix #71: Configure Prometheus, Grafana, AlertManager to run behind Traefik HTTP Proxy using a subpath
• Fix #77: Ansible: Encrypt passwords and keys used in playbooks with Ansible Vault

Full Changelog: v1.4.0...v1.5.0

v1.4.0

[v1.4.0] - 2022-08-04

Re-architecting logging solution and configure Kubernetes' graceful node shutdown.

Release Scope:

• Logging solution (EFK) enhancements
  • Upgrade Elasticsearch and Kibana to v8.1
  • Logging collection and distribution architecture based on fluentd/fluentbit re-architected
  • Prometheus integration: Adding Elasticsearch and Fluentbit/Fluentd metrics
  • Logging parsing enhancements and log fields standardization
• Configure Kubernetes' graceful node shutdown feature
• Monitor external nodes (gateway) in Prometheues using fluent-bit agent.
• Upgrade software components to latest stable version

What's Changed

• Fix #51. EFK: Add logs aggregation layer based on fluentd
• Fix #52. Prometheus: Adding Elasticsearch and Fluentbit metrics
• Fix #53. Configure Kubernetes's graceful node shutdown feature
• Fix #54. Error deploying Metal LB version 0.13
• Fix #55. Error with deprecated arguments when installing new K3s release (v1.24.3+k3s1)
• Fix #56. Collect gateway node metrics using new v1.8 fluentbit 's metrics built-in plugins
• Fix #57. Fluentbit: Processing multiline/stack trace log messages (java, python, go, .)
• Fix #58 Fluentbit Kubernetes Merge_Log results in conflicting field types and rejection by elasticsearch

Full Changelog: v1.3.0...v1.4.0

v1.3.0

[v1.3.0] - 2022-04-05

Adding service mesh architecture to kubernetes cluster

Release Scope:

• Deployment of Linkerd service mesh architecture
• Linkerd integration with Cert-manager for automatically generate Linkerd trust anchor and rotate Linkerd identity issuer certificate and private keys.
• Meshing cluster services with Linkerd.
• Disabling Elasticsearch TLS default configuration. Secure communications provided by Linkerd.
• Update documentation.

What's Changed

• Feature/linkerd by @ricsanfre in #48
• Fix #44: Add secure access to Kibana
• Fix #42: Make configurable Elasticsearh and Kibana release to be deployed with ECK
• Fix #45: Disable Elasticsearch TLS default configuration

Full Changelog: v1.2.0...v1.3.0

v1.2.0

[v1.2.0] - 2022-02-03

New website (picluster.ricsanfre.com) and improvements in logging and monitoring solution

Release Scope:

• New feature: website (picluster.ricsanfre.com) from documentation using Jekyll and GitHub pages
• Fluentbit as unique logs collector solution (Fluentbit replacing Fluentd within the cluster)
• Adding Velero and Minio Metrics to Prometheus
• Activating Traefik's access logs and integrate them into EFK

What's Changed

• Fix #30: Static IP address for external services (Elasticsearch and Traefik Ingress) by @ricsanfre in #33
• Prometheus: Velero and Minio integration by @ricsanfre in #35
• Feature/fluentbit by @ricsanfre in #36
• Adding project website and reorganizing repository by @ricsanfre in #39
• Fix/patch-1 by @ricsanfre in #41

Full Changelog: v1.1.0...v1.2.0