Konvoy DocumentationD2iQ® Konvoy® version 2.2.2 was released on July 7th, 2022.
NOTE: You must be a registered user and logged on to the support portal to download this product. New customers must contact their sales representative or sales@d2iq.com before attempting to download or install DKP.
Release summary
Welcome to D2iQ Kubernetes Platform (DKP) 2.2.2! This release provides new features and enhancements to improve the user experience, fix reported issues, integrate changes from previous releases, and maintains compatibility and support for other packages used in Konvoy.
DKP 2.2.x supports Kubernetes versions between 1.21.0 and 1.22.x. Any cluster you want to attach using DKP 2.2.x must be running a Kubernetes version in this range.
Supported versions
| Kubernetes Support | Version |
|---|---|
| Minimum | 1.21.0 |
| Maximum | 1.22.x |
| Default | 1.22.8 |
Supported FIPS Manifests
| Operating System version | Kubernetes version | containerd version | Manifest URL |
|---|---|---|---|
| CentOS 7.9 | v1.22.8 | 1.14.13 | v1.22.8 CentOS 7.9 Manifest |
| Oracle Linux RHCK 7.9 | v1.22.8 | 1.14.13 | v1.22.8 OL 7.9 Manifest |
| RHEL 7.9 | v1.22.8 | 1.14.13 | v1.22.8 EL 7.9 Manifest |
| RHEL 8.2 | v1.22.8 | 1.14.13 | v1.22.8 EL 8.2 Manifest |
| RHEL 8.4 | v1.22.8 | 1.14.13 | v1.22.8 EL 8.4 Manifest |
Fixes and Improvements
Added Continuous Deployment(CD)/Gitops to the View role
The CD/Gitops resource was added to the ‘View’ clusterRole, so that users with only this permission can view the CD/Gitops resources.
Fixed containerd vulnerability (COPS-7531)
DKP packages now include updated containerd and FIPS manifests, mitigating a known containerd vulnerability.
Updated Azure support to fix an issue with specifying Additional Tags (COPS-7346)
The Cluster API Azure (CAPZ) support was updated to resolve a race condition that could prevent the creation of additional resource tags.
Updated Traefik Forward Auth to support ‘clusterStorage’ option. (COPS-7344)
The Traefik Forward Auth (TFA) component was updated to support storing of session cookies in-cluster instead of in the browser.
Kiali Platform Application not working properly (COPS-7336)
An installation issue that caused the Kiali platform application to malfunction has been corrected.
Updated Dex CRDS (COPS-7341)
The DEX Custom Resource Definitions used for configuring LDAP have been updated to include the correct syntax.
DKP custom credentials plugin restored (COPS-7343)
The mesosphere/dex-k8s-authenticator docker container now includes the appropriate binaries that allow users to download the referenced ‘konvoy-async-plugin’ after configuring a cluster using an external IDP for authentication.
FIPS Upgrade from 2.1.x to 2.2.x
If upgrading a FIPS cluster, there is a bug in the upgrade of kube-proxy DaemonSet in that it does not get automatically upgraded. To correctly upgrade, run the workaround command shown below:
kubectl set image -n kube-system daemonset.v1.apps/kube-proxy kube-proxy=docker.io/mesosphere/kube-proxy:v1.22.8_fips.0
Component updates
When upgrading to this release, the following services and service components are upgraded to the listed version:
| Common Application Name | APP ID | Version | Component Versions |
|---|---|---|---|
| Cert Manager | cert-manager | 1.7.1 | - chart: 1.7.1 - cert-manager: 1.7.1 |
| Chartmuseum | chartmuseum | 3.6.2 | - chart: 3.6.2 - chartmuseum: 3.6.2 |
| Containerd | containerd | 1.4.11 | |
| Dex | dex | 2.9.14 | - chart: 2.9.14 - dex: 2.22.0 |
| External DNS | external-dns | 6.1.8 | - chart: 6.1.8 - external-dns: 0.10.2 |
| Fluent Bit | fluent-bit | 0.19.20 | - chart: 0.19.20 - fluent-bit: 1.8.13 |
| Flux | kommander-flux | 0.27.4 | |
| Gatekeeper | gatekeeper | 3.7.0 | - chart: 3.7.0 - gatekeeper: 3.7.0 |
| Grafana | grafana-logging | 6.22.0 | - chart: 6.22.0 - grafana: 8.3.6 |
| Loki | grafana-loki | 0.33.2 | - chart: 0.33.1 - loki: 2.2.1 |
| Istio | istio | 1.11.6 | - chart: 1.11.6 - istio: 1.11.5 |
| Jaeger | jaeger | 2.29.0 | - chart: 2.29.0 - jaeger: 1.31.0 |
| Karma | karma | 2.0.1 | - chart: 2.0.1 - karma: 0.88 |
| Kiali | kiali | 1.47.0 | - chart: 1.47.0 - kiali: 1.47.0 |
| Knative | knative | 0.3.9 | - chart: 0.3.9 - knative: 0.22.3 |
| Kube OIDC Proxy | kube-oidc-proxy | 0.3.1 | - chart: 0.3.1 - kube-oidc-proxy: 0.3.0 |
| Kube Prometheus Stack | kube-prometheus-stack | 33.1.6 | - chart: 33.1.5 - prometheus-operator: 0.54.1 - prometheus: 2.33.4 - prometheus alertmanager: 0.23.0 - grafana: 8.3.6 |
| Kubecost | kubecost | 0.23.3 | - chart: 0.23.3 - cost-analyzer: 1.91.2 |
| Kubefed | kubefed | 0.9.1 | - chart: 0.9.1 - kubefed: 0.9.1 |
| Kubernetes Dashboard | kubernetes-dashboard | 5.1.1 | - chart: 5.1.1 - kubernetes-dashboard: 2.4.0 |
| Kubetunnel | kubetunnel | 0.0.11 | - chart: 0.0.11 - kubetunnel: 0.0.11 |
| Logging Operator | logging-operator | 3.17.2 | - chart: 3.17.2 - logging-operator: 3.17.2 |
| Minio | minio-operator | 4.4.10 | - chart: 4.4.10 - minio: 4.4.10 |
| NFS Server Provisioner | nfs-server-provisioner | 0.6.0 | - chart: 0.6.0 - nfs-provisioner: 2.3.0 |
| Nvidia | nvidia | 0.4.4 | - chart: 0.4.4 - nvidia-device-plugin: 0.9.0 |
| Grafana (project) | project-grafana-logging | 6.20.6 | - chart: 6.20.6 - grafana: 8.3.6 |
| Loki (project) | project-grafana-loki | 0.33.2 | - chart: 0.33.1 - loki: 2.2.1 |
| project-logging | 1.0.0 | ||
| Prometheus Adapter | prometheus-adapter | 2.17.1 | - chart: 2.17.1 - prometheus-adapter: 0.9.1 |
| Reloader | reloader | 0.0.104 | - chart: 0.0.104 - reloader: 0.0.104 |
| Thanos | thanos | 0.4.6 | - chart: 0.4.6 - thanos: 0.9.0 |
| Traefik | traefik | 10.9.1 | - chart: 10.9.1 - traefik: 2.5.6 |
| Traefik ForwardAuth | traefik-forward-auth | 0.3.6 | - chart: 0.3.6 - traefik-forward-auth: 3.1.0 |
| Velero | velero | 3.2.0 | - chart: 3.2.0 - velero: 1.5.2 |
Additional resources
For more information about working with native Kubernetes, see the Kubernetes documentation.
For a full list of attributed 3rd party software, see d2iq.com/legal/3rd.