edge.24-12-05
Major Linkerd upgrade that improves security and startup times, replaces NATS backend for Argo EventBus, and adds support for NATS Jetstream message broker along with numerous improvements to node image caching and AWS EKS features.
When upgrading aws_eks to this version, you may receive an error about attempting to recreate the cluster:
bootstrap_cluster_creator_admin_permissions = true -> false # forces replacementTo work around this, upgrade the aws_eks module directly to edge.24-12-10 and set the new bootstrap_cluster_creator_admin_privileges input to true.
kube_nats in this version contains a bug that forces redeployment of the underlying NATS StatefulSet on every tag/label update. This also impacts kube_argo_event_bus.
This will cause complete loss of any pending NATS messages in Jetstream streams. If you cannot afford to lose stream data, delay upgrading those modules until edge.24-12-22 which contains the fix.
Linkerd Major Upgrade
This release contains a major version upgrade to Linkerd. To upgrade with no downtime, update modules in this order:
kube_kyvernokube_policieskube_ciliumkube_linkerdaws_ekskube_karpenter_node_pools- The remainder of the modules may be updated in any order.
Replace NATS EventBus Backend
The NATS backend for kube_argo_event_bus has been replaced with the enhanced kube_nats module.
To apply this module:
- Delete any associated
EventSourceorSensorresources first (theEventBusdeletion will be blocked otherwise). - Manually delete any existing
EventBusresources in your cluster. - Apply the updated module.
Deleting an existing EventBus will cause any unprocessed events to be deleted. Ensure no pending events exist before performing this upgrade.
Remove Deprecated Modules
kube_fledged and kube_reflector have been removed (deprecated in edge.24-11-13). Remove these from your clusters before upgrading if you haven’t already.
Update kube_node_image_cache Images Input
The images input of kube_node_image_cache has been updated to take a list of image configuration options rather than a list of image strings.
Also, node_image_cached_enabled has been removed as a top-level input from Panfactum submodules (e.g., kube_deployment) — image cache settings can now be configured on a per-container basis.