KubeSphere Enterprise v3.4.0 Release Notes

DevOps

Features

• Add support for defining pipeline steps by using CRDs.
• Save PipelineRun results to configmap.

Enhancements & Updates

• Optimize editing of pipeline process and add support for asynchronous invocation of Jenkins' toJson and toJenkinsfile APIs.
• Display CI progress in git provider.
• Filter pipelines and multi-branch pipelines by category.
• Upgrade Subversion-related plugins of Jenkins.

Bug Fixes

• Fix an issue where Webhook configurations are lost after users modify and save pipeline configurations.
• Fix an issue where the status of PipelineRun changes from "Cancelled" to "Not Running".
• Fix an issue where a failure is triggered each time DevOps pipeline controller fails to retrieve information from Jenkins.
• Fix an issue where new users are unable to run pipelines due to mismatched keys.
• Fix an issue where the value of the retention period and the maximum build records must be an integer on the pipeline editing page.

Storage

Features

• Add support for setting storage resource quotas.
• Add support for managing storage quotas.

Bug Fixes

• Limit expansion by using storage quotas.
• Update Webhooks related to storage quotas.
• Fix an issue where the binding status in the PV list is incorrect.

Service Mesh

Features

• Upgrade Istio to v1.14. Kiali to v1.50，and Jaeger to 1.29.

Bug Fixes

• Fix an issue where enabling Jaeger fails when a jaeger-secret error is reported.

Observability

Features

• Add support for configuring Whizard parameters in the KubeSphere Whizard Observability Center Console.
• Support autoscaling based on custom metrics or custom triggers from Prometheus, Kafka, and Cron.
• Integrate processor exporter.
• Integrate blackbox-exporter.

Enhancements & Updates

• Optimize the display of alert rules on the Whizard Observability Center page.
• Optimize the display of the monitoring page when there is no data.
• Replace built-in Elasticsearch with built-in OpenSearch as the log storage backend.
• Upgrade logsidecar-injector to v1.2.0.
• Upgrade Notification Manager to v2.3.0.
• Upgrade kube-events to v0.6.0.
• Upgrade Whizard to v0.6.1.
• Support Prometheus authentication configurations.
• Upgrade OpenSearch and OpenSearch Dashboard to v2.6.0.

Bug Fixes

• Fix an issue where the resource usage ranking page is frozen.
• Fix an issue where applicable clusters of built-in alert rules cannot be modified.
• Fix an issue where alert targets are displayed inaccurately.
• Fix an issue where alerts are not triggered when the number of alert rules exceeds the limit.
• Fix the alert module enabling issue.

KubeEdge Integration

Enhancements & Updates

• Upgrade KubeEdge to v1.13.0.

Network

Enhancements & Updates

• Optimize IP pool parameters.

Bug Fixes

• Fix the locales file of IP pools.
• Modify the migration rule for migrating pods of a disabled IP pool to another pool.
• Modify the Overlay rule when creating an IP pool.

Microservices

Features

• Add affinity, tolerations parameters for gateway.
• Support workspace gateway.
• Add the default value for worker-processes.

Enhancements & Updates

• Upgrade nginx-ingress to v1.3.1.

Bug Fixes

• Fix an issue where cluster gateway data is duplicate.
• Fix an issue where cluster information is not displayed in the cluster gateway data.

App Store

Enhancements & Updates

• Add independent authentication API for Identity Provider of the Password type.
• Add the IAM v1beta1 API.

Bug Fixes

• Fix an issue where an application fails to be reinstalled after users initially fail to install the application, and then change configurations of the application.
• Remove authentication APIs marked as Deprecated in KSE v3.0.0.
• Mark IAM v1alpha2 API as Deprecated.

Authentication & Authorization

Features

• Add an authorization status prompt on the license page.
• Add support for hiding unauthorized components on the license page.
• Add a page for viewing the end-user license agreement.

Enhancements & Updates

• Require that the minimum password length must be 8 characters.

Security

Enhancements & Updates

• ks-core runs as non-root user and uses a more secure base image.
• Fix a potential heapdump file leakage vulnerability in kubesphere/spring-cloud-gateway.
• Users are forced to change initial passwords upon first login.
• Provide more complete security materials: SBOM based on SPDX standards and open source software list.

DMP

OpenSearch

Enhancements & Updates

• Upgrade operator to v2.0.19 and chart to v2.0.21.
• Support NodePort for Service.
• Support configurations of log output formats.

Bug Fixes

• Fix verification and conversion issues of the disk unit.
• Add the kubesphere tag to properly display data in specific monitoring scenarios.
• Fix the issue that monitoring data is not displayed in multi-cluster scenarios.
• Fix the log timestamp issue.

MongoDB

Enhancements & Updates

• Upgrade chart to v2.0.8.

Bug Fixes

• Fix verification and conversion issues of the disk unit.
• Add the kubesphere tag to properly display data in specific monitoring scenarios.

Redis

Enhancements & Updates

• Upgrade chart to v2.0.8.
• Enhance high availability of Sentinel.

Bug Fixes

• Fix the issue that the namespaceOverride parameter does not take effect.
• Change the image pull policy from Always to IfNotPresent.
• Add the kubesphere tag to properly display data in specific monitoring scenarios.

MySQL

Bug Fixes

• Fix the issue that the imageNamespaceOverride parameter in the Helm Chart does not take effect, resulting in image replacement failures.
• Fix the incorrect permission in the configuration file in MySQL 8.0.

PostgreSQL

Enhancements & Updates

• Upgrade chart to v1.2.0.
• Add features, such as creating backups and scheduled backups, plus recovery.
• Update the CRD field.

Bug Fixes

• Add the kubesphere tag to properly display data in specific monitoring scenarios.

Kafka

Enhancements & Updates

• Upgrade chart to v 0.1.1 and remove unused YAML for metric statistics.
• Add the num.partition parameter.
• Optimize the topic naming rule.

Bug Fixes

• Fix an issue that the network policy is enabled by default.
• Fix an error stating that the secret cannot be obtained after Kafka is deployed.

User Experience

• Support renaming of clusters, projects, workspaces, and DevOps projects.
• Optimize some UI texts and description.
• Fix an issue where alias search is not supported.
• Fix an issue where GPU is not limited when users are creating a service and application form on the container settings page.
• Fix an issue where URL error is reported after the system redirects from the grayscale release details page of projects to the container details page.
• Fix an issue where the length of cluster names is too long.
• Optimize the visibility list and popup style for clusters.
• Fix an issue where the cluster to which system-workspace belongs is not displayed.
• Fix an issue where an error is reported on the cluster details page after the cluster name is changed.
• Modify the alias matching regex.
• Fix the form style for Webhook URLs.
• Support pod grace periods.
• Optimize the LDAP login page.
• Support weighted aliases.

API Changes

Deprecated APIs

When APIs evolve, some old APIs are deprecated and eventually removed. The following APIs have been marked as Deprecated and will be removed in the next major release.

• All of alpha resource API (iam.kubesphere.io/v1alpha2).
• The alpha Authentication API(/kapis/iam.kubesphere.io/v1alpha2/login).
• All of alpha resource API (resources.kubesphere.io/v1alpha2).
• All of alpha resource API (resources.kubesphere.io/v1alpha3).

Removed APIs

The v3.4 release will stop serving the APIs we've listed below. These are all beta APIs that were previously deprecated in favor of newer and more stable APIs.

• The alpha tojenkinsfile API (/kapis/devops.kubesphere.io/v1alpha2/tojenkinsfile).
• The alpha tojson API (/kapis/devops.kubesphere.io/v1alpha2/tojson).
• The alpha Authentication API (/kapis/iam.kubesphere.io/v1alpha2/login).