CloudOps for Kubernetes

3.3.x

Release Notes

3.3.2

Bug Fixes

  • CLOUD-3237: Specified a missing Terraform dependency related to cert-manager configuration, to improve the reliability of the CloudOps for Kubernetes setup process.
  • SUP-4272: Added back the version line to the docker-compose.yml file to maintain backwards compatibility with older versions of Docker.

3.3.1

New features

  • CLOUD-3131: Added a page to the documentation on how to update CloudOps for Kubernetes container images.
  • CLOUD-3210: Exposed parameters in the docker-compose.yml file that can be used to change the Jenkins administrator password. For more information on changing the Jenkins administrator password, see Login Credentials.
  • SUP-3891: Added support for Commerce application-specific Java Virtual Machine (JVM) arguments. With this change you can now specify additional JVM arguments for the Commerce applications. To enable this you must also consume, and build your application container images with, a release of the Elastic Path Docker project that contains the corresponding SUP-3891 changes. For more information, see Configure Application Containers.

Bug Fixes

  • SUP-3907: Updated the ModSecurity Web Application Firewall rules to resolve an issue where special characters in password and cookie header fields are blocked.

3.3.0

New features

  • CLOUD-3115: Updated the default Java version to v8u412.
  • CLOUD-3117: Adjusted to always use the public schema in a PostgreSQL database.
  • CLOUD-2849: Updated the commerce-test-and-deploy Jenkins job so it can be used to deploy and update Commerce environments by any name. Previously it only supported an environment named nightly. It is now also possible to skip tests, and to choose whether an existing stack is first deleted, or just updated in place. This Jenkins job is now enabled by default with no defined run schedule. Added parameters kubernetesNickname, runTests, and updateMode.
  • CLOUD-3081: Updated the Kubernetes version to 1.29. For more information on the changes, see End of Standard Support for EKS 1.28.
  • SUP-3768: Added a new TF_VAR_encrypt_ebs_volumes variable to docker-compose.yml, which allows you to specify if new Amazon Elastic Block Store (EBS) volumes are created as encrypted volumes. By default, this option is set to false.
    • For existing clusters, if you set this parameter to true and rerun setup, any EBS volumes subsequently created will be encrypted. Volumes of existing Kubernetes deployments and services (Jenkins, Nexus, search-primary) will not be affected or updated by updating this parameter. For information about rerunning setup to apply configuration changes, see Updating Cluster Configuration.
    • For new clusters, if you set this parameter to true before the initial setup, all EBS volumes will be created encrypted.
    • If you set this parameter to true and then rebuild the cluster node groups, the EBS volumes of the replacement nodes will be encrypted. For information about rebuilding the node groups, see Update EKS Node Groups.
  • CLOUD-3113: Added mysqlVersion parameter to commerce-test-and-deploy and commerce-branch-validation Jenkins jobs.
  • CLOUD-3149: Defined a variable for the Terraform parameter progress_deadline_seconds used during Self Managed Commerce stack deployment, with the same default value of 1200 seconds.
  • SUP-3909: Updated the pull-docker-images Jenkins job to start the dockerd runtime when needed, and with validation to confirm the process is running. Replaced the deprecated ecr get-login authentication command with the ecr get-login-password equivalent.
  • SUP-3919: Fixed Jenkins job build-jenkins-agents, which began failing in July 2024 due to an upstream dependency. For more information, see Job build-jenkins-agents Fails with Could not resolve host: mirrorlist.centos.org; Unknown error.

Bug Fixes

  • CLOUD-3128: Added the enabledTLSProtocols=TLSv1.2 parameter to MySQL connection strings to address the SSLHandshakeException: No appropriate protocol error that occurs when encryption protocol negotiation fails. This issue results from changes in Java 8 version 8u412 and above when connecting to Amazon Web Services Aurora MySQL database endpoints.
  • SUP-3859: Resolved Jenkins issue where credentials configured after deployment were not retained when the Jenkins pod restarted.
  • CLOUD-3078: Resolved an issue with fluentd that caused multi-line logs, such as Java exception stack traces, to be split into multiple CloudWatch events, causing those log entries to be spread across multiple lines in CloudWatch logs. This only impacts users who enable CloudWatch logging by setting TF_VAR_aws_enable_cloudwatch_logging to true.

Deprecations & Removals

  • CLOUD-2986: Removed the default value for the kubernetesNickname parameter in all Jenkins jobs.
  • CLOUD-2998: Removed the clusterName parameter from all Jenkins jobs, which will now target the Kubernetes cluster in which the Jenkins pod is running.
  • CLOUD-3150: Updated the multi-purpose-commerce-tool Jenkins job to remove the automatic restart of Self Managed Commerce applications after the data-pop tool is run.

See Deprecations and Removals.

Upgrade Instructions

For upgrade instructions, see Upgrading CloudOps for Kubernetes.

Last updated on 10/30/2024