Buoyant Extension
The Buoyant Extension is an aggregate package that includes the Linkerd lifecycle automation operator, the Buoyant Cloud agent, and certain BEL-specific linkerd
CLI features.
May 6, 2024
- Updated
linkerd-data-plane-operator
to support restarting proxies running in
native sidecar containers. - Updated
buoyant-cloud-agent
to fix a serialization issue with v1beta1
Server resources on Linkerd 2.14 clusters. - Updated
linkerd-control-plane-operator
to support latest edge and patch
releases. View all supported versions. - Updated
golang.org/x/net
dependency to remediate
CVE-2023-45288.
April 8, 2024
- Added a
licenseSecret
Helm value to allow users to provide their Buoyant
License via a Kubernetes secret. - Added
additionalVolumes
and additionalVolumeMounts
Helm values to allow
users to mount additional volumes and volumeMounts to any Buoyant Extension
container. - Added a
spec.components.linkerd.licenseSecret
field to the Managed Linkerd
ControlPlane
CRD, to allow users to provide their Buoyant License via a
Kubernetes secret. - Updated
linkerd-control-plane-operator
to support up to enterprise-2.15.2
.
View all supported versions. - Updated the
linkerd-buoyant check
CLI output to check the
linkerd-control-plane-validator
workload, and also point to new doc
versions. - Updated Go to 1.22.2
- Updated
github.com/docker/docker
dependency to remediate
CVE-2024-21626 and
CVE-2024-24557 - Updated
github.com/golang/protobuf
dependency to remediate
CVE-2024-24786 - Updated
google.golang.org/grpc
dependency to remediate
CVE-2023-44487
March 5, 2024
- Fixed
linkerd-control-plane-operator
not supporting dynamic updates of
enterprise patch releases in some cases.
March 1, 2024
- Updated
linkerd-control-plane-operator
to give all users access to dynamic
updates to the latest Linkerd versions, not just Buoyant Cloud customers.
February 26, 2024
February 21, 2024
- Updated
linkerd-control-plane-operator
to support up to enterprise-2.15.0
,
or enterprise-2.15.1
when Buoyant Cloud is installed.
View all supported versions. - Added
linkerd-control-plane-operator
support for enterprise-2.15
releases.
Unlike enterprise-2.14.10-0
, enterprise-2.15
is hosted publicly, and no
longer requires the controlPlaneOperator.helmRepoPrefix
and
controlPlaneOperator.helmDockerConfigJSONSecret
values.
February 13, 2024
January 24, 2024
- Updated
linkerd-control-plane-operator
to support up to
enterprise-2.14.9-1
, or enterprise-2.14.9-3
when Buoyant Cloud is
installed. View all supported versions. - Added
linkerd-control-plane-operator
support for managed upgrades to the new
Buoyant Enterprise for Linkerd preview
channel, along with managed
downgrades from preview
to enterprise
.
January 14, 2024
- Updated
linkerd-control-plane-operator
to support up to
enterprise-2.14.8-1
, or enterprise-2.14.9-1
when Buoyant Cloud is
installed. View all supported versions. - Added
linkerd-control-plane-operator
support for the new Buoyant Enterprise
for Linkerd preview
channel. Note: The operator does not currently support
migration to/from the preview
channel, only fresh installations.
December 20, 2023
- Updated
linkerd-control-plane-operator
to support up to
enterprise-2.14.7-0
, or enterprise-2.14.8-0
when Buoyant Cloud is
installed. View all supported versions. - Added a
spec.components.linkerd.crdsConfig
field to the Managed Linkerd
ControlPlane
CRD, to allow configuring linkerd-crds
.
December 7, 2023
December 5, 2023
- Updated
linkerd-control-plane-operator
to support up to
enterprise-2.14.5-1
. View all supported versions. - Added Helm value
controlPlaneOperator.helmRepoPrefix
to allow overriding the
default Buoyant Enterprise for Linkerd Helm registry. - Added Helm value
controlPlaneOperator.helmNoTLS
to allow disabling TLS when
fetching Buoyant Enterprise for Linkerd Helm charts. - Simplified
ControlPlane
custom resource ergonomics when installing a
FIPS-enabled Buoyant Enterprise for Linkerd control plane. - Updated
buoyant-cloud-agent
, linkerd-control-plane-operator
, and
linkerd-data-plane-operator
to better abide by cpu and memory limits, via
automaxprocs. - Improved gRPC metrics and logging.
- Loosened client-go throttling, and improved logging.
October 25, 2023
- Updated
linkerd-control-plane-operator
to support up to
enterprise-2.14.1-2
, or enterprise-2.14.5-1
when Buoyant Cloud is
installed. View all supported versions. - Added Helm value
metrics.debugMetrics
to enable sending additional debug
metrics to Buoyant. - Upgraded
buoyant-cloud-metrics
to v0.35.4
. - Fixed an issue where
buoyant-cloud-metrics
could consume excessive memory
when the Linkerd Destination controller exported many server_port_subscribes
metrics.
October 10, 2023
- Breaking change: The agent now requires Linkerd be installed in the
default
linkerd
namespace. - Breaking change: To convert an unmanaged Linkerd installation to managed,
the
linkerd-control-plane-operator
now that requires Linkerd’s Helm releases
conform to the default linkerd-crds
and linkerd-control-plane
names. Users
with non-default Helm release names may run
linkerd-buoyant controlplane migrate-helm-release
to migrate. - Updated
linkerd-control-plane-operator
to support up to edge-23.10.3
,
stable-2.14.1
, and enterprise-2.14.1-2
- Added support for managing
ControlPlane
Custom Resources via ArgoCD. - Modified Helm value
controlPlaneOperator.extendedRBAC.enabled
, default
changed from true
to false
. This flag should only be enabled for clusters
with Linkerd 2.12 or below. - Removed Helm values
linkerd.namespace
, linkerdJaeger.namespace
, and
linkerdMulticluster.namespace
- Added an
--enable-pprof
debug flag, defaulted to false
, on
buoyant-cloud-agent
, linkerd-control-plane-operator
, and
linkerd-data-plane-operator
- Updated
buoyant-cloud-agent
to send TLS certs from webhook secrets
September 6, 2023
- Breaking change: Move all workloads from
buoyant-cloud
to
linkerd-buoyant
namespace. Please follow these
one-time migration instructions. - Updated
linkerd-control-plane-operator
to support up to edge-23.9.4
,
stable-2.13.7
, and enterprise-2.13.6-2
- Added new
linkerd-buoyant migrate-helm-release
CLI subcommand, to aide in
migration to a Managed Linkerd installation. - Added support for dynamic upgrades of managed Buoyant Enterprise for Linkerd.
This enables Linkerd upgrades without first requiring an agent upgrade.
August 25, 2023
- Added support for managed Buoyant Enterprise for Linkerd, up to
enterprise-2.13.6-1
- Added Helm value
controlPlaneOperator.helmDockerConfigJSONSecret
, for
Buoyant enterprise registry access - Added Helm value
buoyantCloudEnabled
, default true
. When set to false
,
disable buoyant-cloud-agent
, buoyant-cloud-metrics
, all communication with
Buoyant Cloud - Fixed an issue in the
linkerd-buoyant
CLI where it may fail to read
KUBECONFIG
August 3, 2023
- Updated
linkerd-control-plane-operator
to support up to stable-2.13.6
and
edge-23.8.3
- Updated
linkerd-control-plane-operator
to require a controlPlaneConfig
field on all ControlPlane
Custom Resources. This ensures the ControlPlane
CR is the ground source of truth for the Linkerd installation. This is a
breaking change and will require modifying existing ControlPlane
Custom
Resources. - Added a new
linkerd-control-plane-validator
component, to validate
ControlPlane
Custom Resources are well-formed. - Added a
linkerd-buoyant controlplane import-helm-config
CLI command, to
assist in migrating from an existing Helm or ControlPlane
-based Linkerd
installation to a new ControlPlane
CR with a controlPlaneConfig
field. - Added
resources
Helm config fields to support configuring memory and CPU
requests and limits - Fixed
linkerd-control-plane-operator
to disallow skipping major versions
during upgrades and downgrades - For a full list of new and existing configuration options, see the
Helm documentation
for this release
July 25, 2023
- Updated
linkerd-control-plane-operator
to support up to edge-23.7.2
- Added Buoyant Cloud support for viewing
HTTPRoute
resources from the Gateway
API - Fixed an issue with serializing the timeout fields for
HTTPRoute
resources
from Linkerd - Added startup probes with default values, configurable via the
startupProbe
Helm value - Added support for configuring the startup sync timeout, configurable via the
syncTimeout
Helm value — useful for installing the agent on large clusters - Added support for JSON logging, configurable via the
logFormat
Helm value - For a full list of new and existing configuration options, see the
Helm documentation
for this release
June 16, 2023
- Updated
linkerd-control-plane-operator
to support up to edge-23.6.3
and
stable-2.13.5
- Updated
buoyant-cloud-metrics
to start collecting outbound TCP write metrics - Updated
linkerd-data-plane-operator
to work with Argo Rollouts - Updated serialization of Linkerd
HTTPRoute
resources to support all versions
up to v1beta3
May 10, 2023
- Updated
linkerd-control-plane-operator
to support up to edge-23.5.3
and
stable-2.13.3
May 3, 2023
- Updated
linkerd-control-plane-operator
to support up to edge-23.4.3
and
stable-2.12.5
- Upgraded Docker dependency to address
GHSA-33pg-m6jh-5237
- Fixed
linkerd-control-plane-operator
RBAC failure when Linkerd was installed
with PodMonitor
April 11, 2023
- Improvements to the output of the check command
- Hide
--no-tls
flag from the install command
April 7, 2023
- Enable
linkerd-data-plane-operator
to work with custom Linkerd proxy
March 30, 2023
- Add
securityContext
on initContainers
in buoyant-cloud-agent
and
buoyant-cloud-metrics
March 29, 2023
- Fixed high cpu in
linkerd-data-plane-operator
March 16, 2023
- Added Helm values:
affinity
imagePullSecrets
- cpu and memory resource
limit
and request
tolerations
priorityClassName
(buoyant-cloud-metrics
only)
- Updated
linkerd-control-plane-operator
to support up to edge-23.3.2
and
stable-2.12.4
- Fixed a memory leak in
buoyant-cloud-agent
March 9, 2023
- Fixed an issue where ControlPlane and DataPlane custom resources would
sometimes not appear in the Buoyant Cloud UI
March 8, 2023
- Added Helm values:
controlPlaneOperator.enabled
: Enable/disable
linkerd-control-plane-operator
dataPlaneOperator.enabled
: Enable/disable linkerd-data-plane-operator
freeTier
: Install the agent with limited free-tier features
- Deprecated Helm value:
managed
: Enable/disable managed features. Deprecated in favor of
controlPlaneOperator.enabled
and dataPlaneOperator.enabled
- Updated
linkerd-control-plane-operator
to support up to edge-23.3.1
and
stable-2.12.4
- Updated non-Helm installations to include
linkerd-data-plane-operator
- Fixed agent installation failing via Argo
February 16, 2023
- Added the ability for users to collect control plane diagnostic data
February 1, 2023
- Updated
linkerd-control-plane-operator
to support up to edge-22.12.1
and
stable-2.12.4
December 22, 2022
- Fixed
linkerd-control-plane-operator
failing to upgrade the Linkerd control
plane if a SelfSubjectRulesReview
check encountered an authorizer on the
cluster that did not support rules evaluation
December 15, 2022
- Updated
buoyant-cloud-metrics-agent
to collect and send Linkerd control
plane metrics to Buoyant Cloud
December 1, 2022
- Modified
buoyant-cloud-agent
to send Pod updates if the status of any
container in the pod changes. This allows tracking the full lifecycle of
containers. - Change all images references to
ghcr.io/buoyantio
- Switch
ghcr.io/buoyantio/linkerd-buoyant
from
debian:bullseye-20221024-slim
base image to scratch
November 3, 2022
- Updated
buoyant-cloud-metrics-agent
base Docker image to resolve OpenSSL
vulnerabilities
CVE-2022-3602 and
CVE-2022-3786. While the
vulnerable version of OpenSSL was not used by the running container, its
inclusion in the base image was being reported by security scanners
nonetheless. This has been fixed. - Updated
linkerd-control-plane-operator
to support up to edge-22.12.1
and
stable-2.12.2
October 21, 2022
- Updated
linkerd-control-plane-operator
and linkerd-data-plane-operator
to
emit Kubernetes events, and updated buoyant-cloud-agent
to send these events
to Buoyant Cloud - Updated
linkerd-control-plane-operator
to support edge-22.10.1
,
edge-22.10.2
, and stable-2.12.2
- Fixed
buoyant-cloud-agent
not collecting trust root information from some
Linkerd control plane components - Fixed
linkerd-control-plane-operator
unnecessarily toggling between
Updating
and Pending
states
September 27, 2022
- Updated control plane operator to support
stable-2.11.5
, stable-2.12.0
,
and edge-22.9.2
September 21, 2022
- Added managed Linkerd feature to restart workloads if the data plane’s trust
roots are out of sync with the control plane
- Updated
linkerd-buoyant check
command to verify CRD existence - Updated managed Linkerd to only manage workloads that the proxy injector
operates on
- Fixed a bug that was leaving
ControlPlane
custom resources with an empty
status field
September 5, 2022
- Added
HTTPRoute
gathering for Buoyant Cloud - Updated install to not require
buoyant-cloud-org-credentials
secret - Updated
linkerd-buoyant check
to validate linkerd-control-plane-operator
and linkerd-data-plane-operator
workloads - Updated
linkerd-buoyant check
to warn rather than fail on missing labels on
the buoyant-cloud-org-credentials
secret
August 29, 2022
- Added option for users to provide their own
buoyant-cloud-org-credentials
secret
August 23, 2022
- Updated control plane operator to support
stable-2.12.0
- Modified default Helm values:
managed
: true
extendedRBAC.enabled
: true
August 19, 2022
- Updated control plane operator to support
stable-2.12.0-rc2
- Fixed an issues with downgrading HA clusters from linkerd 2.12/edge to 2.11
August 18, 2022
- Renamed
- Note: this requires re-creating any
ControlPlane
and DataPlane
resources that previously existed on your cluster
- Updated control plane operator to support
edge-22.8.2
- Updated control plane operator to guard against linkerd version skew
- Added support for downgrades from linkerd 2.12/edge to 2.11
- Updated helm chart to not install operator components if linkerd already
installed via CLI
- Uninjected operator components
August 4, 2022
- Updated minimum required Kubernetes version from 1.20 to 1.21
- Fixed
ControlPlane
CRD’s lastUpdateAttempt
and lastUpdateAttemptMessage
fields not always updating - Collect additional proxy error metrics
- Decreased metrics agent resource limits
July 29, 2022
- Added Argo Rollouts support
- Added operator support for installing Linkerd from scratch
- Added operator support for upgrading to Linkerd versions released in the
future
- Added helm values to set custom labels/annotations to pods
- Updated operator support up to
stable-2.11.4
and edge-22.7.3
June 23, 2022
- Fixed incomplete data sent on startup
- Fixed terminated pods not immediately disappearing in Buoyant Cloud
- Operator support for
edge-22.6.2
- Added exponential backoff for data-plane upgrades
June 16, 2022
- Operator support for
edge-22.6.1
June 9, 2022
- Fixed a nil-pointer exception when gathering webhook certs
June 9, 2022
- Added support for gathering Linkerd webhook certs
- Fix containerd security vulnerability
- Operator support for
edge-22.5.2
and edge-22.5.3
June 1, 2022
- Gather Operator CRDs
- Renamed Operator CRDs
ControlPlaneUpdate
=> ControlPlane
DataPlaneUpdate
=> DataPlane
May 25, 2022
- Gather linkerd-proxy OOM events
- Fixed CRD status sometimes getting incorrectly overwritten
- Remove broken
stable-2.10.x
=> edge upgrade paths
May 11, 2022
- Set 443 as a skip port in Linkerd, to address an issue with Linkerd installed
in CNI mode
- Operator support for upgrading from
stable-2.10.x
- Add a default PSP resource
May 9, 2022
- Operator support for
edge-22.5.1