Release Notes
Are you looking for the release notes for a specific version of Palette? Use the version selector below to navigate to the release notes of the desired version.
November 20, 2024 - Release 4.5.11
Bug Fixes
-
Fixed an issue that prevented the instructions screen from appearing when users select Security Token Service (STS) as the authentication method used for adding OCI registries to Palette.
-
Fixed an issue that affected the deployment of edge clusters on VerteX.
-
Fixed an issue that caused pod presets to fail to be installed correctly after upgrades, blocking pod preset users from upgrading their Palette or VerteX installation.
-
Fixed an issue that prevented the Add New Cluster and Import Cluster buttons from appearing in the Palette UI when users have selected projects without any clusters.
November 13, 2024 - Release 4.5.10
Bug Fixes
-
Fixed an issue that caused add-on packs belonging to Helm registries to fail to download due to incorrect Helm registry path lookup logic. This issue affected Edge clusters.
-
Fixed an issue where Azure users could not select a Private DNS zone from a cluster resource group when creating a new Azure cluster.
November 9, 2024 - Release 4.5.8
Palette
Breaking Changes
-
The Beehive cluster group is no longer available starting with this release. If you need to deploy a virtual cluster, create a cluster group in your tenant or project. You can learn more about creating a new cluster group in the Create and Manage Cluster Groups guide.
-
The Cluster API (CAPI) label selectors for Nutanix clusters have been updated. The change impacts active Nutanix clusters and requires manual intervention to return the cluster to a healthy state. Refer to the Nutanix Cluster Machine Template Updates for resolution steps. New Nutanix clusters will automatically use the updated label selectors.
Features
- Palette now supports Azure Disk Encryption for IaaS clusters deployed to Azure. This feature allows you to leverage Azure Key Vault for end-to-end encryption for Azure disks attached to your IaaS clusters deployed to Azure. Refer to the Azure Disk Encryption guide to learn more about this feature.
Improvements
-
The Palette SaaS login page has received a visual refresh. You can check out the new login page by visiting the Palette login page.
-
Additional Palette images that are required by internal Palette microservices are migrated to the new image registry,
us-docker.pkg.dev. Refer to the Palette 4.5.3 Breaking Changes section for more information about the new image registry. -
A new cluster filter capability has been added to the Palette UI. The new filter experience provides several quick filters out-of-the-box, such as filtering by cluster status, environment, cluster profile, architecture, and more. The new filter side drawer is located on the Clusters page. Refer to the Cluster Filters guide to learn more about the new cluster filters.
Edge
Features
- You can now add Edge clusters to Cluster Groups. This feature allows you to use Edge clusters to host virtual clusters in Cluster Groups. Check out the Create and Manage Cluster Groups guide to learn how to create a Cluster Group.
- You can now add additional manifests to the Harbor pack that invoke the Harbor API to customize the Harbor registry. This allows you to standardize custom Harbor configurations, such as creating additional projects, in your cluster profile.
Improvements
- Palette will now create separate Harbor projects for packs and Helm charts when the Harbor pack is enabled an Edge cluster profile. Existing Edge clusters may continue to use the same Harbor project for both packs and Helm charts. You can also add additional Harbor projects to the Harbor through the Harbor pack configuration. Refer to the Harbor pack documentation to learn more about this feature.
VerteX
Features
- Includes all Palette features, improvements, breaking changes, and deprecations in this release. Refer to the Palette section for more details.
Automation
-
Terraform version 0.22.0 of the Spectro Cloud Terraform provider is available. For more details, refer to the Terraform provider release page.
-
A new Terraform resource,
spectrocloud_ssh_key, is now available for uploading SSH keys to Palette. You can also use the data resourcespectrocloud_ssh_keyto look up information about an SSH key in Palette. For more information, refer to the Spectro Cloud Terraform provider documentation. -
The Terraform resource,
spectrocloud_privatecloudgateway_dns_mapis now available for creating a DNS mapping with a Private Cloud Gateway. A data resource is also available for retrieving information about a DNS mapping for a Private Cloud Gateway. For more information, refer to the Spectro Cloud Terraform provider documentation. -
The Palette CLI's usage of Forklift has been updated to version
2.6.3. The Palette CLI can leverage Forklift to migrate a Virtual Machine to a VMO cluster. Check out the Migrate a VM to a VMO cluster guide to learn more about this feature. -
You can now specify a private VMware Virtual Disk Development Kit (VDDK) image to help optimize the migration process when migrating a Virtual Machine to a VMO cluster. Refer to the Migrate a VM to a VMO cluster guide to learn more about this feature.
Deprecations and Removals
- The Terraform resource,
spectrocloud_cluster_importis deprecated. To import a cluster deployed outside of the context of Palette, refer to the Import a Cluster guide.
Docs and Education
-
A new announcement page is now available. Use the announcement page to stay informed about upcoming breaking changes, deprecations, and removals in Palette. Check out the Announcements page to learn more.
-
The Azure Required IAM permissions have been updated with granular permissions required to support dynamic and static placement for Azure IaaS and Azure AKS use cases. Check out the Azure Required IAM Permissions to review the updated content.
Packs
Kubernetes
| Pack Name | New Version |
|---|---|
| Nodeadm | 1.29.0 |
| Nodeadm | 1.30.0 |
| RKE2 | 1.28.14 |
| RKE2 | 1.29.9 |
| RKE2 | 1.30.5 |
| RKE2 - Edge | 1.28.14 |
| RKE2 - Edge | 1.29.9 |
| RKE2 - Edge | 1.30.5 |
CSI
| Pack Name | New Version |
|---|---|
| Azure CSI | 1.30.5 |
| GCP Driver | 1.15.1 |
| Rook Ceph | 1.15.3 |
Add-on Packs
| Pack Name | New Version |
|---|---|
| AWS Application Loadbalancer | 2.9.1 |
| AWS Cluster Autoscaler | 1.30.0 |
| Kong | 2.42.0 |
| Prometheus - Grafana | 65.3.1 |
| Reloader | 1.1.0 |
| Volume-Snapshot-controller | 8.1.0 |
FIPS Packs
| Pack Name | New Version |
|---|---|
| Azure CSI | 1.30.5 |
| Cillium CNI | 1.16.0 |
Community Packs
| Pack Name | New Version |
|---|---|
| vSphere No-Provisioner | 1.0.0 |
October 26, 2024 - Release 4.5.5
Breaking Changes
- Edge content bundles created with the
latest version of the Edge CLI, version
4.5.5, are incompatible with Palette agent versions before4.5.4due to a new format schema. If you are using an older version of the Palette agent, use the Edge CLI version4.5.3or earlier to create content bundles. To download the latest version of the Edge CLI, visit the Downloads page.
Improvements
-
BYOOS Edge OS pack version 2.0.0 is now available with support for agent mode deployment.
-
Cluster Profile variables marked as hidden now include the ability to be mutable, hidden, and read-only.
-
Edge content bundles will now retain tags and image signatures. In the past, tags and signatures were stripped when the content bundle was created. Use the latest version of the Edge CLI to create content bundles that retain tags and signatures. To download the latest version of the Edge CLI, visit the Downloads page.
-
Support for multiple authenticated external registries with domain mapping capabilities is now available for Edge clusters. Refer to the External Registries section in the Edge Installer Configuration Reference page for more information.
Bug Fixes
-
Resolved an issue where Edge nodes removed from a cluster remained in the Palette UI after a node delete operation was completed.
-
Fixed an issue with Palette agent version 4.4.10 was unable to connect to the Palette management plane due to a gRPC connection error.
-
Fixed an upgrade error causing clusters on K3s version 1.29 to fail to upgrade to a newer version.
-
Fixed an issue where pack names containing the
/character did not fail validation during pack creation. -
Fixed an issue where clusters, without prior backups, using Velero and Restic, were unable to accept resource quotas.
-
Resolved an issue where CoreDNS was not upgraded during a Kubernetes upgrade.
-
Fixed an issue where system macros were causing errors during cluster profile downloads.
October 13, 2024 - Release 4.5.0 - 4.5.3
This release of Palette features a new deployment model, Agent Mode, and contains several new improvements and enhancements. Take a moment and review the breaking changes and deprecation messages to ensure you stay informed of upcoming changes. We also have a new and improved Getting Started series worth checking out, especially if you have new users who need to get familiar with Palette. Check out the following sections to learn more about the changes introduced in this release.
Security Notices
- Review the Security Bulletins page for the latest security advisories.
Palette Enterprise
Breaking Changes
- Due to Google's
decision to deprecate the
gcr.iocontainer registry, we are adding a new image registry that Palette agents will use to pull images. The new registry isus-docker.pkg.dev. If you have network restrictions in place, ensure that the new registry is allowed. The new registry is available for use starting with this release. Ensure network connections togrc.ioare allowed until the migration is complete. Refer to the Proxy Requirements for a complete list of domains that must be allowed.
Features
A new deployment model is available in Palette, Agent Mode. Agent mode allows you to use your preferred
security-hardened Operating System (OS) or immutable OS and machine without sharing cloud provider credentials with
Palette. The Palette agent is downloaded and installed on the machine, and the machine is then registered with
Palette. The new model provides more flexibility for customers who want to use their own OS and manage the
infrastructure provisioning process. In this release, the first supported use case for agent mode is Edge deployments.
Check out the Agent Mode section to learn more about this new
deployment model. This feature is only available to Palette Enterprise, and is not available in Palette VerteX.
Improvements
-
You can now use OIDC user information endpoints to retrieve user information from your designated Identity Provider (IdP), such as roles and groups. This improvement allows you to automate the synchronization of user roles and groups in Palette with your IdP. Refer to OIDC to learn more about enabling OIDC integration in Palette.
-
Palette now supports automatic synchronization for OCI Helm registries. Previously, you had to trigger the synchronization process manually. With this release, you can enable automatic synchronization for OCI Helm registries. This feature is only available to new OCI Helm registries added to Palette. Existing OCI Helm registries will continue to require manual synchronization. Re-register existing OCI Helm registries to take advantage of automatic synchronization. Refer to the Add OCI Helm Registry guide to learn more about adding an OCI Helm registry.
-
The self-hosted Palette system console login page has now improved visual feedback for login errors. If the username and password fields are empty, they will be highlighted in red.
-
Several improvements have been introduced to the Palette UI in this release.These upgrades include better support for wider screens, optimized page width, ensuring headings are visible on all screen sizes, and other responsive design improvements. In addition, event and audit logs can now occupy the entire screen width.
-
The difference editor during cluster profile upgrades received minor improvements to make it more user-friendly.
-
Palette's internal database, MongoDB, has been upgraded to version 6.0.
Deprecations and Removals
- The cluster group, Beehive, will be sunset on November 9, 2024. As of the 4.5.0 release, you are no longer able to deploy any new virtual clusters into Beehive. If you are using Palette SaaS and have virtual clusters in the Beehive cluster group, migrate the workload to new virtual clusters hosted in a self-managed cluster group before November 9, 2024. You can learn more about creating a new cluster group in the Create and Manage Cluster Groups guide.
Edge
Features
- You can now use LocalUI to facilitate user authentication for applications deployed onto Edge clusters. Application developers can use the JWT token provided by LocalUI to authenticate users for their applications hosted in the Edge cluster. The LocalUI provides a shared public key to each Edge host that you can use to verify the JWT token produced by LocalUI. This feature enables a single authentication source for applications deployed onto your Edge cluster. Check out the Share Local UI Authentication guide to learn more about this feature.
Improvements
- You can now disable the webhook Edge hosts use to redirect image pulls to the appropriate locations depending on your Edge user data configuration. Turning off the default webhook allows you to use diverse registry setups, such as private authenticated registries and airgap domains. Check out the Disable Webhook to Customize Image Pull Behavior guide to learn more about this feature.
Bug Fixes
- Fixed an issue where the Harbor pack's SSL certificate was not updated when a new certificate was specified in the pack YAML configuration.
VerteX
Features
- Includes all Palette features, improvements, breaking changes, and deprecations in this release. Refer to the Palette section for more details.
Automation
- Terraform version 0.21.5 of the Spectro Cloud Terraform provider is available. For more details, refer to the Terraform provider release page.
Docs and Education
-
The Getting Started section of the documentation has been updated to provide a more comprehensive guide for new users to get started with Palette. In the Getting Started section, you can now find guides featuring AWS, Azure, GCP, and VMware vSphere. The sections have been updated with new tutorials and feature the fictional company Spacetastic to help you understand how to use Palette to manage your infrastructure.
-
A new tutorial for Edge is now available. The Deploy an Edge Cluster on VirtualBox tutorial provides a step-by-step guide to deploying an Edge cluster on VirtualBox. This tutorial is great for new users who want to learn more about Edge and gain hands-on experience without needing access to physical hardware.
Packs
Pack Notes
- NVIDIA has released a software update for the NVIDIA Container Toolkit and NVIDIA GPU Operator that addresses a critical vulnerability, NVIDIA CVE-2024-0132, that affects the NVIDIA Container Toolkit versions v1.16.1 or earlier. To address this vulnerability, we recommend you upgrade to the latest NVIDIA GPU Operator pack version v24.6.2.
OS
| Pack Name | New Version |
|---|---|
| BYOS | 2.0.0 |
Kubernetes
| Pack Name | New Version |
|---|---|
| K3s | 1.28.14 |
| K3s | 1.29.9 |
| K3s | 1.30.5 |
| Microk8s | 1.28 |
CNI
| Pack Name | New Version |
|---|---|
| Calico | 3.28.2 |
| Custom CNI | 1.0.0 |
CSI
| Pack Name | New Version |
|---|---|
| AWS EBS | 1.35.0 |
| Custom CSI | 1.0.0 |
| Portworx w/Operator | 3.1.5 |
| Rook Ceph | 1.14.9 |
Add-on Packs
| Pack Name | New Version |
|---|---|
| AWS ALB | 2.8.3 |
| Cillium Tetragon | 1.2.0 |
| Dex | 2.39.1 |
| ExternalDNS | 0.15.0 |
| External Secrets Operator | 0.10.3 |
| Istio | 1.23.1 |
| Kong | 2.41.1 |
| Nginx | 1.11.2 |
| Spectro Proxy | 1.5.4 |
| Vault | 0.28.1 |
FIPS Packs
| Pack Name | New Version |
|---|---|
| AWS EBS | 1.35.0 |
| Calico | 3.28.2 |
Deprecations and Removals
- Check out the Deprecated Packs page for a list of all deprecated packs.