Release Notes
3.5.4
Bug Fixes
CLOUD-3519
: Fixed an issue where theforce-cleanup
bootstrap mode would fail if the EKS cluster did not exist or had previously been removed.
3.5.3
New Features
CLOUD-3448
: Updated the Maven command in Jenkins jobrun-cortex-system-tests
to excludesetup-local-integration-test
, for compatibility with the newest Self-Managed Commerce releases.
3.5.2
New Features
CLOUD-3449
: Added a variable todocker-compose.yml
for disabling version 1 of the AWS Instance Metadata Service on the EKS nodes. The default value fordisable_imds_v1
isfalse
, which keeps the behaviour consistent with previous versions of CloudOps for Kubernetes. Settingdisable_imds_v1
totrue
would leave Instance Metadata Service version 2 enabled, which requires the use of a temporary token when accessing the metadata service. Out of the box functionality is compatible with both version 1 and version 2.SUP-5050
: Added a checksum annotation to the Jenkins Helm values file, which will trigger a Jenkins pod redeployment duringdocker-compose up
if a variable value is changed. The checksum value is based on the Jenkins-specific variables defined indocker-compose.override.yml
.SUP-5090
: Added a ModSecurity Web Application Firewall rule resolving an intermittent JSON parsing issue with incoming Jenkins webhook events. This rule only applies to webhooks configured with thegeneric-webhook-trigger
plugin.CLOUD-3464
: Removed the PhantomJS binary from the Jenkinsmaven-agent
image. This resolvesmaven-agent
build failures related to PhantomJS downloads, and PhantomJS is no longer needed with recent Self-Managed Commerce releases.CLOUD-3163
: Added thecreate-and-manage-bastion-instance
Jenkins job, which can be used to create a bastion instance in your environment. The bastion instance includes Kubernetes management tools, and access to the Elastic Kubernetes Service (EKS) cluster nodes.CLOUD-3334
: Added theextensionJob
field to thecommerce-branch-validation
Jenkins job. This field can be used to trigger an additional Jenkins job to be run after the Cortex system tests complete.CLOUD-3469
: Added-Dsun.net.client.defaultConnectTimeout=10000 -Dsun.net.client.defaultReadTimeout=10000
toMAVEN_OPTS
in thebuild-deployment-package
,run-cortex-system-tests
,run-recursive-commerce-tests
, andrun-select-commerce-tests
Jenkins jobs. These timeout values should cause Maven HTTP transactions that become unresponsive to fail quickly rather than only failing when the Jenkins job timeout is reached.CLOUD-3455
: Added thestopServicesDuringDataPop
parameter to therun-data-pop-tool
Jenkins job. Setting this parameter totrue
will stop all Elastic Path Commerce application services before running the Data Population database operations. Selecting this option will cause an application outage.
Bug Fixes
SUP-4999
: Changed the ActiveMQ pod liveness and readiness probes to use a status query command rather than a TCP connection test. In addition to providing a more complete healthcheck, this eliminatesEOFException
log messages caused by the previous TCP check.
3.5.1
New Features
CLOUD-3416
: Added variables todocker-compose.yml
for configuring HAProxy connection timeout values. If these variables are not defined indocker-compose.override.yml
, the default values shipped with HAProxy will be used.CLOUD-3406
: Added Resource Profiles to thecreate-or-delete-activemq-container
Jenkins job. The ActiveMQ Resource Profile allows specifying additional Java Virtual Machine (JVM) parameters with theEP_ACTIVEMQ_X_JVM_ARGS
variable. See Configure ActiveMQ Container for more information.CLOUD-3401
: Added theMAXIMUM_CONNECTIONS
variable to the ActiveMQ Resource Profile. This variable allows specifying the maximum simultaneous incoming connections accepted by ActiveMQ. See Configure ActiveMQ Container for more information.CLOUD-3427
: Updated the Jenkins configuration to install the latest version of all plugins.CLOUD-3439
: Improved the clean-up of EKS add-ons to programatically discover add-ons and to better handle error messages.
Bug Fixes
SUP-4974
: Resolved an issue with thecommerce-branch-validation
Jenkins job where setting the build description failed when it is triggered by a custom pipeline.
3.5.0
New Features
CLOUD-3204
: Updated Jenkins version to version2.497
. The new Jenkins version includes changes that required updates to nearly all Jenkins pipelines.warning
Your custom pipelines may break with this change. Ensure that you review and update custom pipelines to be compatible with the new Jenkins version. Refer to Update to Version 3.5 for all of the information for completing the upgrade. Details about the Jenkins pipeline changes are available in Jenkins Upgrade in release 3.5.
CLOUD-3358
: Updated the Kubernetes version to 1.32. For more information about the required timeline to complete the upgrade, see End of Standard Support for EKS 1.31. Additional component version updates to support this change are as follows:- The kube-proxy add-on was updated to v1.32.0-eksbuild.2
- The kubectl version was updated to v1.32.0
- The cordedns add-on was updated to v1.11.4-eksbuild.2
- The eksctl version was updated to v0.203.0
- The metrics server add-on was updated to v0.7.2-eksbuild.2
- The Helm 3 version was updated to v3.17.0
- The cert manager helm chart was updated to v1.15.5
- The cilium helm chart was updated to v1.17.0
- The cluster autoscaler version was updated to v1.32.0
- The EBS driver helm chart was updated to v2.39.3
- The fluentd version was updated to v1.18.0-debian-cloudwatch-amd64-1.2
- The Jenkins helm chart was updated to v5.7.26
- The Jenkins version was updated to v2.497-jdk17
- The kube-state-metrics version was updated to v2.15.0
- The Kubernetes dashboard version was updated to v7.10.4
- The overprovisioning pause version was updated to v1.32.1-eks-1-32-5
- The overprovisioning autoscaler was updated to v1.9.0
SUP-4522
: Added a newTF_VAR_jenkins_overwrite_config
variable todocker-compose.yml
, which allows you to control whether the base Jenkins configuration is reset to the shipped defaults on each pod start. Setting this variable totrue
will overwrite custom configurations made through the Jenkins UI. By default, this variable is set tofalse
.CLOUD-3296
: Added timestamps to Maven build output. Updated the configuration of Maven-related Jenkins jobs so that log output generated by Maven will now include timestamps.CLOUD-3293
: Added a newTF_VAR_enable_new_relic_k8s_data
variable todocker-compose.yml
, which allows operators to configure the New Relic agent to stop sending Kubernetes metrics data to New Relic, if desired. By default, this variable is set tofalse
, keeping the behaviour consistent with previous CloudOps for Kubernetes releases.SUP-4694
: Updated thebuild-data-pop
Jenkins job to support usingamazonlinux-java
as the base image. This feature requires version 4.4.7 or later of the Elastic Path Docker project.CLOUD-3381
: Updated the Dockerfile used duringdocker-compose up
to pin the Alpine and Ubuntu Linux versions. The Ubuntu version has been updated to the latest Long-Term Support release.CLOUD-3362
: Replaced the Terraformmetrics-server
deployment with an EKS add-on deployment ofmetrics-server
defined in theeksctl.yaml.mo-template
file.CLOUD-3380
: DisabledAuto minor version upgrade
in Amazon Relational Database Service (RDS) for thepostgres-rds
database type, to match the setting used for MySQL database types. This change will only apply when thecreate-and-manage-database-server
Jenkins job is run to update an existing database, or to deploy a new database.CLOUD-3377
: Updated thecreate-and-managed-database-server
Jenkins job to set the PostgreSQL RDS recommended version to14.15
. This change only applies ifdatabaseType
is set topostgres-rds
anduseRecommendedVersion
is set totrue
.CLOUD-3366
: Added three new Jenkins users with varything levels of permissions. These new users provide an option for running jobs without using the Jenkins admin user. See Login Credentials for more information.
Bug Fixes
SUP-4747
: Resolved an issue that prevented the New Relic pods from collecting and sending metrics whenTF_VAR_enable_new_relic_k8s_data
is set tofalse
indocker-compose.override.yml
.SUP-4815
: Updated the ModSecurity Web Application Firewall (WAF) configuration to disable rules that in rare circumstances may block Self Managed Commerce connections.CLOUD-3107
: Updated thedocker-compose up
process to better handle any existing unmanaged DNS zones. Terraform will continue to manage existing DNS zones and provision new managed zones, keeping the behaviour consistent with previous CloudOps for Kubernetes releases.CLOUD-3329
: Updated code to improve the reliability of resource cleanup when runningdocker-compose up
withTF_VAR_bootstrap_mode
set toforce-cleanup
indocker-compose.override.yml
.CLOUD-3339
: Updatedcert-manager
Terraform code to allow complete removal of resources when runningdocker-compose up
withTF_VAR_bootstrap_mode
set to eithercleanup
orforce-cleanup
indocker-compose.override.yml
.CLOUD-3356
: Revised code that is executed whenTF_VAR_bootstrap_mode
is set toforce-cleanup
, ensuring that Elastic Block Store volumes for deleted resources are reliably removed.CLOUD-3364
: Improved the reliability of code used to check for existing Route53 domains, and moved this check to the beginning of thedocker-compose up
process.CLOUD-3365
: Added Kubernetes liveness and readiness probes to the New Relic agent deployment to better detect when the New Relic agent is unhealthy.CLOUD-3382
: Corrected a parameter validation issue in themulti-purpose-commerce-tool
Jenkins pipeline that caused the warning message"unless deleteOldStack or deleteNewStack are specified, deleteDatabase and deleteActiveMQ do nothing"
to be printed in the console when the related parameters were correctly specified.CLOUD-3386
: Revised code used to parse theops-spec.json
file to correctly handle conditions where the source repository cannot be read. The parsing process will now fail with a descriptive message when an error condition occurs.SUP-4905
: Updated the service account configuration used by recent versions of the Kubernetes Dashboard Helm chart. See Post Bootstrap Tasks for updated login instructions.
Upgrade Instructions
For upgrade instructions, see Upgrading CloudOps for Kubernetes.