Unikorn is a relatively large collection of independent microservices that combine to provide IaaS/PaaS functionality. Maintaining a matrix of compatible versions is complex due to a lot of inter-dependencies. This repository aims to simplify the task by bundling together versions that are know to work together and notify of any breaking changes before the project becomes GA.
20 January 2025
Component | Version |
---|---|
Core | v0.1.88 |
Identity | v0.2.51 🆕 |
Region | v0.1.47: |
Kubernetes | v0.2.54 |
Compute | v0.1.0 |
UI | v0.3.3 🆕 |
- Rearchitects how users are managed internally, they are now objects that can exist in various states and may have metadata associated with them.
- Upgrading to this or a newer release from an older one MUST be accompanied by a user migration. To perform this upgrade:
go run github.com/unikorn-cloud/identity/hack/user_migration
16 January 2025
Component | Version |
---|---|
Core | v0.1.88 |
Identity | v0.2.50 |
Region | v0.1.47: |
Kubernetes | v0.2.54 |
Compute | v0.1.0 🆕 |
UI | v0.3.2 🆕 |
- Provides rudimentary support for the compute service, allowing provisioning of raw virtual machines and baremetal servers.
13 January 2025
Component | Version |
---|---|
Core | v0.1.88 |
Identity | v0.2.50 🆕 |
Region | v0.1.47: |
Kubernetes | v0.2.54 |
UI | v0.3.1 🆕 |
- Fixes a small bug in the service account read code.
- Lots of UI stylistic changes to maintain consistency.
10 January 2025
Component | Version |
---|---|
Core | v0.1.88 🆕 |
Identity | v0.2.49 🆕 |
Region | v0.1.47 🆕 |
Kubernetes | v0.2.54 🆕 |
UI | v0.3.0 🆕 |
- Fixes CVE-2024-45337 and CVE-2024-45338.
- Adds service accounts to the identity service.
- Adds a meta-user view to the identity service.
- Changes image metadata to be more descriptive in preparation for the compute service.
- Fixes Kubernetes cluster resource leaks during deprovision.
- Image metadata needs to be updated to conform to the new v2.0.0 specification.
28 November 2024
Component | Version |
---|---|
Core | v0.1.86 🆕 |
Identity | v0.2.46 🆕 |
Region | v0.1.46 🆕 |
Kubernetes | v0.2.53 🆕 |
UI | v0.2.41 🆕 |
- Makes networks generic to lay a foundation for the compute service.
- Adds in server provisioning to the region controller.
- Streamlines region resource deletion.
- Adds Kubernetes control plane node selection resource limits.
- RBAC has been tigtened significantly.
PhysicalNetwork
resources are nowNetwork
resources, so all infrastructure in regions with physical network suport will need to be torn down and rebuilt. Further to that, the APIs have been modified in the same way.HelmApplications
now make use of the new generic tags type, so you must delete all existing applications first in order to perform a clean upgrade:kubectl delete helmapplications -A --all
.
- Any clients that relied on metadata tags on resources will need to be modified to read this from the generic metadata header, and not the spec.
- Images and flavors should be read from the relevant service from now on as those can provide context specific filtering.
5 November 2024
Component | Version |
---|---|
Core | v0.1.79 |
Identity | v0.2.44 🆕 |
Region | v0.1.45 🆕 |
Kubernetes | v0.2.46 🆕 |
UI | v0.2.39 🆕 |
- Improves RBAC so users who use one service no longer need direct access to requisite services.
- Remove flavor/image filtering from the region service, these need to be proxied through the top level service e.g. kubernetes, as those contain the domain specific knowledge to filter correctly.
- 3rd party UX components will be affected by a number of API changes:
- Any ACL reliant code needs to be aware endpoints have changed e.g.
projects
becomesidentity:projects
.- In general the form is
<service>:<resource>
meaning we can do things likeregion:*
in the future as a terse way of granting access to everything. - A full list of officially supported endpoints is available here.
- In general the form is
- Users can no longer access flavors and images directly through the region service.
- This is a fairly trivial thing to fix as the APIs remain the same, they now belong to the service that consumes those resources.
- This allows the Kubernetes service for example to filter out flavors that
kubeadm
cannot use, independently of the compute service.
- Any ACL reliant code needs to be aware endpoints have changed e.g.
1 November 2024
Component | Version |
---|---|
Core | v0.1.79 |
Identity | v0.2.42 |
Region | v0.1.44 |
Kubernetes | v0.2.45 |
UI | v0.2.38 |
- Initial baseline.