The Buoyant Extension is an aggregate package that includes the Linkerd lifecycle automation operator, the Buoyant Cloud agent, and certain BEL-specific linkerd CLI features.
Added a licenseSecret Helm value to allow users to provide their Buoyant
License via a Kubernetes secret.
Added additionalVolumes and additionalVolumeMounts Helm values to allow
users to mount additional volumes and volumeMounts to any Buoyant Extension
container.
Added a spec.components.linkerd.licenseSecret field to the Managed Linkerd
ControlPlane CRD, to allow users to provide their Buoyant License via a
Kubernetes secret.
Updated linkerd-control-plane-operator to support up to enterprise-2.15.2.
View all supported versions for this release.
Updated the linkerd-buoyant check CLI output to check the
linkerd-control-plane-validator workload, and also point to new doc
versions.
Updated linkerd-control-plane-operator to support up to enterprise-2.15.0,
or enterprise-2.15.1 when Buoyant Cloud is installed.
View all supported versions for this release.
Added linkerd-control-plane-operator support for enterprise-2.15 releases.
Unlike enterprise-2.14.10-0, enterprise-2.15 is hosted publicly, and no
longer requires the controlPlaneOperator.helmRepoPrefix and
controlPlaneOperator.helmDockerConfigJSONSecret values.
Updated linkerd-control-plane-operator to support up to
enterprise-2.14.9-1, or enterprise-2.14.9-3 when Buoyant Cloud is
installed. View all supported versions for this release.
Added linkerd-control-plane-operator support for managed upgrades to the new
Buoyant Enterprise for Linkerd preview channel, along with managed
downgrades from preview to enterprise.
Updated linkerd-control-plane-operator to support up to
enterprise-2.14.8-1, or enterprise-2.14.9-1 when Buoyant Cloud is
installed. View all supported versions for this release.
Added linkerd-control-plane-operator support for the new Buoyant Enterprise
for Linkerd preview channel. Note: The operator does not currently support
migration to/from the preview channel, only fresh installations.
Updated linkerd-control-plane-operator to support up to
enterprise-2.14.7-0, or enterprise-2.14.8-0 when Buoyant Cloud is
installed. View all supported versions for this release.
Added a spec.components.linkerd.crdsConfig field to the Managed Linkerd
ControlPlane CRD, to allow configuring linkerd-crds.
Updated linkerd-control-plane-operator to support up to
enterprise-2.14.5-1. View all supported versions for this release.
Added Helm value controlPlaneOperator.helmRepoPrefix to allow overriding the
default Buoyant Enterprise for Linkerd Helm registry.
Added Helm value controlPlaneOperator.helmNoTLS to allow disabling TLS when
fetching Buoyant Enterprise for Linkerd Helm charts.
Simplified ControlPlane custom resource ergonomics when installing a
FIPS-enabled Buoyant Enterprise for Linkerd control plane.
Updated buoyant-cloud-agent, linkerd-control-plane-operator, and
linkerd-data-plane-operator to better abide by cpu and memory limits, via
automaxprocs.
Improved gRPC metrics and logging.
Loosened client-go throttling, and improved logging.
Updated linkerd-control-plane-operator to support up to
enterprise-2.14.1-2, or enterprise-2.14.5-1 when Buoyant Cloud is
installed. View all supported versions for this release.
Added Helm value metrics.debugMetrics to enable sending additional debug
metrics to Buoyant.
Upgraded buoyant-cloud-metrics to v0.35.4.
Fixed an issue where buoyant-cloud-metrics could consume excessive memory
when the Linkerd Destination controller exported many server_port_subscribes
metrics.
Breaking change: The agent now requires Linkerd be installed in the
default linkerd namespace.
Breaking change: To convert an unmanaged Linkerd installation to managed,
the linkerd-control-plane-operator now that requires Linkerd’s Helm releases
conform to the default linkerd-crds and linkerd-control-plane names. Users
with non-default Helm release names may run
linkerd-buoyant controlplane migrate-helm-release to migrate.
Updated linkerd-control-plane-operator to support up to edge-23.10.3,
stable-2.14.1, and enterprise-2.14.1-2
Added support for managing ControlPlane Custom Resources via ArgoCD.
Modified Helm value controlPlaneOperator.extendedRBAC.enabled, default
changed from true to false. This flag should only be enabled for clusters
with Linkerd 2.12 or below.
Removed Helm values linkerd.namespace, linkerdJaeger.namespace, and
linkerdMulticluster.namespace
Added an --enable-pprof debug flag, defaulted to false, on
buoyant-cloud-agent, linkerd-control-plane-operator, and
linkerd-data-plane-operator
Updated buoyant-cloud-agent to send TLS certs from webhook secrets
Added support for managed Buoyant Enterprise for Linkerd, up to
enterprise-2.13.6-1
Added Helm value controlPlaneOperator.helmDockerConfigJSONSecret, for
Buoyant enterprise registry access
Added Helm value buoyantCloudEnabled, default true . When set to false,
disable buoyant-cloud-agent, buoyant-cloud-metrics, all communication with
Buoyant Cloud
Fixed an issue in the linkerd-buoyant CLI where it may fail to read
KUBECONFIG
Updated linkerd-control-plane-operator to support up to stable-2.13.6 and
edge-23.8.3
Updated linkerd-control-plane-operator to require a controlPlaneConfig
field on all ControlPlane Custom Resources. This ensures the ControlPlane
CR is the ground source of truth for the Linkerd installation. This is a
breaking change and will require modifying existing ControlPlane Custom
Resources.
Added a new linkerd-control-plane-validator component, to validate
ControlPlane Custom Resources are well-formed.
Added a linkerd-buoyant controlplane import-helm-config CLI command, to
assist in migrating from an existing Helm or ControlPlane -based Linkerd
installation to a new ControlPlane CR with a controlPlaneConfig field.
Added resources Helm config fields to support configuring memory and CPU
requests and limits
Fixed linkerd-control-plane-operator to disallow skipping major versions
during upgrades and downgrades
For a full list of new and existing configuration options, see the
Helm documentation
for this release
Updated linkerd-control-plane-operator to support up to edge-23.7.2
Added Buoyant Cloud support for viewing HTTPRoute resources from the Gateway
API
Fixed an issue with serializing the timeout fields for HTTPRoute resources
from Linkerd
Added startup probes with default values, configurable via the startupProbe
Helm value
Added support for configuring the startup sync timeout, configurable via the
syncTimeout Helm value — useful for installing the agent on large clusters
Added support for JSON logging, configurable via the logFormat Helm value
For a full list of new and existing configuration options, see the
Helm documentation
for this release
Fixed linkerd-control-plane-operator failing to upgrade the Linkerd control
plane if a SelfSubjectRulesReview check encountered an authorizer on the
cluster that did not support rules evaluation
Modified buoyant-cloud-agent to send Pod updates if the status of any
container in the pod changes. This allows tracking the full lifecycle of
containers.
Change all images references to ghcr.io/buoyantio
Switch ghcr.io/buoyantio/linkerd-buoyant from
debian:bullseye-20221024-slim base image to scratch
Updated buoyant-cloud-metrics-agent base Docker image to resolve OpenSSL
vulnerabilities
CVE-2022-3602 and
CVE-2022-3786. While the
vulnerable version of OpenSSL was not used by the running container, its
inclusion in the base image was being reported by security scanners
nonetheless. This has been fixed.
Updated linkerd-control-plane-operator to support up to edge-22.12.1 and
stable-2.12.2
Updated linkerd-control-plane-operator and linkerd-data-plane-operator to
emit Kubernetes events, and updated buoyant-cloud-agent to send these events
to Buoyant Cloud
Updated linkerd-control-plane-operator to support edge-22.10.1,
edge-22.10.2, and stable-2.12.2
Fixed buoyant-cloud-agent not collecting trust root information from some
Linkerd control plane components
Fixed linkerd-control-plane-operator unnecessarily toggling between
Updating and Pending states