CloudOps for Kubernetes

3.0.x

Release Notes

3.0.8

New features

  • SUP-3909: Updated the pull-docker-images Jenkins job to start the dockerd runtime when needed, and with validation to confirm the process is running. Replaced the deprecated ecr get-login authentication command with the ecr get-login-password equivalent.
  • SUP-3919: Fixed Jenkins job build-jenkins-agents, which began failing in July 2024 due to an upstream dependency. For more information, see Job build-jenkins-agents Fails with Could not resolve host: mirrorlist.centos.org; Unknown error.

3.0.7

New features

  • CLOUD-3115: Updated the default Java version to v8u412.
  • CLOUD-3117: Adjusted to always use the public schema in a PostgreSQL database.

Bug Fixes

  • CLOUD-3128: Added the enabledTLSProtocols=TLSv1.2 parameter to MySQL connection strings to address the SSLHandshakeException: No appropriate protocol error that occurs when encryption protocol negotiation fails. This issue results from changes in Java 8 version 8u412 and above when connecting to Amazon Web Services Aurora MySQL database endpoints.

3.0.6

Bug Fixes

  • CLOUD-3089: Fixed error due to missing binary in the pull-docker-images Jenkins job by replacing dockerd with containerd.
  • CLOUD-3090: Fixed authorization error when reading instance metadata by explicitly enabling Instance Metadata Service version 1 in the EKS node group configuration.

3.0.5

New features

  • CLOUD-3055: Added support for checking out tags in jobs that check out Self Managed Commerce code. When running Jenkins jobs that have the epCommerceBranch parameter, specify a tag as the value, and then the job will check out that tag if it exists in the ep-commerce project.
  • CLOUD-3060: Updated the default Tomcat version to 9.0.85.
  • CLOUD-3069: Added a step to the cluster upgrade process that cleans up the Jenkins Helm deployment of deprecated or removed Kubernetes APIs.

3.0.4

Bug Fixes

  • SUP-3269: Added TF_VAR_letsencrypt_email variable to docker-compose.yml, with associated text explaining its use.
  • SUP-3276: Updated the optional ModSecurity Web Application Firewall DaemonSet configuration to use the currently recommended default values. Additionally, updated the Terraform code to define the version of ModSecurity Web Application Firewall to be deployed, and moved pod memory and CPU values to variables. These changes do not impact firewall rules.
  • SUP-3446: Exposed the epCommerceCredentialId Jenkins job parameter for all jobs that checkout Self Managed Commerce code.

3.0.3

Bug Fixes

  • SUP-3019: Revised AWS authentication code used by Jenkins to support automatic session renewal for long-running jobs.

3.0.2

Bug Fixes

  • CLOUD-2968: Reduced the maven-large container memory requirements to address a scheduling issue with the cluster autoscaler. Updated the run-cortex-system-tests Jenkins job to use the maven-small container image.
  • CLOUD-2975: Set Alpine Linux container image version to 3.18.5 for compatibility with the AWS CLI.

3.0.1

New features

  • CLOUD-2947: Updated the ActiveMQ version defined in the default ops-spec.json file to 5.16.7.
  • SUP-2978: Updated the ModSecurity Web Application Firewall (WAF) configuration to allow the HTTP PATCH method. For information about the optional ModSecurity WAF, see Manage the Web Application Firewall.

Bug Fixes

  • CLOUD-2832: Updated the update-terraform-provider-path.sh script to include the Terraform provider local.
  • CLOUD-2948: Resolved an issue preventing the kube-proxy and coredns EKS add-ons from being updated.

3.0.0

Release 3.0.0 adds support for Elastic Path Self-Managed Commerce release 8.5.x. This includes support for the new Java, Maven and ActiveMQ versions required by Self-Managed Commerce release 8.5.x.

Release 3.0.0 enables the ability to build and deploy different releases of Commerce that have distinct build and deployment stack requirements, from within a single CloudOps for Kubernetes setup. For example, you can now build and deploy Commerce versions that require different Maven and Java versions side-by-side. To enable this capability, many Jenkins pipelines have been updated to read and leverage the new Commerce ops-spec.json file, included in Commerce release 8.5.x, to determine when the versions of build and runtime stack elements differ from the defaults.

Special Consideration Required

Several changes were required to enable the support for multiple build and deployment stacks. For details about these changes and the consideration required, see Update to Version 3.0.

New features

  • CLOUD-2844: Added support for Elastic Path Self-Managed Commerce release 8.5.x, including the updated for Java, Maven and ActiveMQ versions. Updated many build and deployment Jenkins pipelines to read and leverage the new Commerce ops-spec.json file, included in Commerce release 8.5.x, to determine the proper versions of build and runtime stack elements. Furthermore, default stack values are now stored in and read from a CloudOps for Kubernetes default ops-spec.json file.
  • CLOUD-2767: Replace the database password in the Information Page template with a link to Access the Commerce Environment, which describes how to extract the password from the Kubernetes secret. Rebuild your info-page container image(s) then replace existing info-page-• pods to consume this change.
  • CLOUD-2820: Updated default Postgres RDS engine to major version 14, and updated create-and-manage-database-server Jenkins job to always install the latest patch release of the defined major version.
  • SUP-2827: Added the mount option noresvport for the "aws-efs" storage class. For information on how to update deployments that use the "aws-efs" storage class, see Updating Amazon File System Mount Settings.
  • SUP-2842: Updated build-deployment-package Jenkins job to explicitly allow Permission to Copy Artifact when matrix-based security is used.
  • CLOUD-2914: Restructured the multi-purpose-commerce-tool Jenkins job to allow successful resource removal incase of a deployment failure.
  • CLOUD-2897: Updated the create-or-delete-activemq-container Jenkins job to conditionally perform Terraform resource import and remove unnecessary console output.
  • CLOUD-2891: Removed the ActiveMQ JMS secret dependency from the run-data-pop-tool Jenkins job.
  • CLOUD-2878: Updated the run-cortex-system-tests Jenkins job to ensure that all test dependencies are built properly in Self Managed Commerce 8.5.x.
  • CLOUD-2915: Updated the create-and-manage-database-server Jenkins job to use Amazon's default MySQL Aurora version instead of the Long Term Support (LTS) version, to maintain compatibility with newer Commerce patches. Some parameter names in the job were revised as part of the change.
  • CLOUD-2928: Updated the Jenkins agents JNLP container version to 4.13.3 running Java 17.

Bug Fixes

  • CLOUD-2813: Fixed the parameter settings in the deleteExistingDatabaseServer function in buildlib.groovy.
  • CLOUD-2833: Set an explicit Terraform dependency between the Jenkins Helm chart and the resources required to create the Jenkins persistent volume, to avoid rare intermittent errors where the Jenkins deployment would fail while waiting for the persistent volume.
  • CLOUD-2850: Enhanced the update documentation to stress the importance of keeping the node groups up to date with the EKS version.
  • CLOUD-2851: Adjusted the logic in the create-and-manage-database-server Jenkins job to handle situations where the Key Management System (KMS) key does not exist.
  • CLOUD-2872: Fixed an issue where enabling JMX with JMX authentication in Commerce resulted in the failure of Commerce containers to start.
  • CLOUD-2883: Added parameter validation for the parameter imageTag to jobs build-core-images, build-commerce-images, and build-selected-docker-images.
  • CLOUD-2884: Refined the descriptions of several Jenkins jobs and parameters. Additionally, removed an unused kubernetesNickname parameter from the run-select-commerce-tests Jenkins job.
  • CLOUD-2890: Fixed an issue where Kubernetes namespaces were not being deleted after Kubernetes resources had been removed.
  • CLOUD-2938: Removed Jenkins configuration force_update to address a Persistent Volume/Persistent Volume Claim issue when the Jenkins Helm chart is modified in any way.
  • SUP-1428: Removed the unused trinidad.exclude.filter parameter from the Maven command line in Jenkins job run-cortex-system-tests".
  • SUP-2686: Updated New Relic agent version to 2.13.10 and set NRIA_EVENT_QUEUE_DEPTH to 2000 in order to resolve could not queue event error.

Deprecations & Removals

See Deprecations and Removals.

Last updated on 7/31/2024