Jump to: navigation, search

Airship v1.0 Release

Revision as of 00:05, 26 April 2019 by Mm9745 (talk | contribs) (Release Notes)

The Airship community is excited to announce its v1.0 release.

Airship v1.0 Release Notes

Below is a summary of high-level enhancements to the Airship platform between the 1.0 Release Candidate and the 1.0 Release. It builds of the v1.0 RC release notes: [[1]]

Platform security enhancements:

  • Leverage Linux capabilities and pod security contexts for privileged operations where applicable
  • Added Kubernetes audit logging and user context tracing
  • Leverage OpenStack-Helm Network Policy primitives
  • Implemented Kubernetes admission controller best practices
  • Added HTTP Security Headers to the Shipyard API
  • Tiller aligned into the Armada pod for restricted access/visibility
  • Added Pegleg support for YAML encryption at rest in Git repos
  • Added Pegleg support for random secret/PKI generation
  • Pegleg can now pass YAMLs directly into Shipyard, for secure secret management
  • Added support for etcd encryption
  • Leverage Kubernetes PodSecurityPolicy
  • Incorporated etcd encryption

Platform, Deployment, and Tooling enhancements:

  • Pegleg enhanced to fetch declarative git repo cross-dependencies
  • Pegleg CLI interface extended and improved
  • Armada now deletes test pods from previous chart deployments automatically
  • Added Divingbell Exec module
  • Moved genesis.sh and PKI generation from Promenade to Pegleg
  • Added the Spyglass component for generation of site-level YAML manifests
  • Added Redfish as an OOB driver
  • Added Shipyard support for invoking Helm Tests on-demand
  • Laid groundwork for multi-OS support and added initial OpenSUSE support
  • Integrated Kubernetes 1.11.6 by default
  • Integrated Docker 17.03.3 by default
  • Integrated Helm v2.13.1

Continuous integration improvements:

  • Aligned Airskiff dev/test environment to Treasuremap globals
  • Chart linting gates added
  • Created automation to uplift Airship and OSH components in versions.yaml to latest master
  • Began publishing test results and logs to upstream gerrit patchsets

Resiliency:

  • Implemented etcd backup functionality
  • Enhanced liveness and readiness probes
  • Airflow and Shipyard lifecycles aligned for smooth upgrades
  • Armada Wait logic enhanced with additional tunability and hardening
  • Added functionality for resilient MaaS services and networking

Documentation:

  • Added ops-focused guides for configuration updates and troubleshooting
  • Cleaned and expanded Treasuremap reference deployment manifests
  • Expanded documentation for individual Airship projects
  • Added documentation for disk config,ceph partitioning, secret generation, and cert requirements
  • Added a new lightweight, simple site definition for getting started, and documentation on how to use