Release Notes
Are you looking for the release notes for a specific version of Palette? Use the version selector below to navigate to the release notes of the desired version.
October 13, 2024 - Release 4.5.0 - 4.5.3
This release of Palette features a new deployment model, Agent Mode, and contains several new improvements and enhancements. Take a moment and review the breaking changes and deprecation messages to ensure you stay informed of upcoming changes. We also have a new and improved Getting Started series worth checking out, especially if you have new users who need to get familiar with Palette. Check out the following sections to learn more about the changes introduced in this release.
Security Notices
- Review the Security Bulletins page for the latest security advisories.
Palette Enterprise
Breaking Changes
- Due to Google's
decision to deprecate the
gcr.iocontainer registry, we are adding a new image registry that Palette agents will use to pull images. The new registry isus-docker.pkg.dev. If you have network restrictions in place, ensure that the new registry is allowed. The new registry is available for use starting with this release. Refer to the Proxy Requirements for a complete list of domains that must be allowed.
Features
A new deployment model is available in Palette, Agent Mode. Agent mode allows you to use your preferred
security-hardened Operating System (OS) or immutable OS and machine without sharing cloud provider credentials with
Palette. The Palette agent is downloaded and installed on the machine, and the machine is then registered with
Palette. The new model provides more flexibility for customers who want to use their own OS and manage the
infrastructure provisioning process. In this release, the first supported use case for agent mode is Edge deployments.
Check out the Agent Mode section to learn more about this new
deployment model. This feature is only available to Palette Enterprise, and is not available in Palette VerteX.
Improvements
-
You can now use OIDC user information endpoints to retrieve user information from your designated Identity Provider (IdP), such as roles and groups. This improvement allows you to automate the synchronization of user roles and groups in Palette with your IdP. Refer to OIDC to learn more about enabling OIDC integration in Palette.
-
Palette now supports automatic synchronization for OCI Helm registries. Previously, you had to trigger the synchronization process manually. With this release, you can enable automatic synchronization for OCI Helm registries. This feature is only available to new OCI Helm registries added to Palette. Existing OCI Helm registries will continue to require manual synchronization. Re-register existing OCI Helm registries to take advantage of automatic synchronization. Refer to the Add OCI Helm Registry guide to learn more about adding an OCI Helm registry.
-
The self-hosted Palette system console login page has now improved visual feedback for login errors. If the username and password fields are empty, they will be highlighted in red.
-
Several improvements have been introduced to the Palette UI in this release.These upgrades include better support for wider screens, optimized page width, ensuring headings are visible on all screen sizes, and other responsive design improvements. In addition, event and audit logs can now occupy the entire screen width.
-
The difference editor during cluster profile upgrades received minor improvements to make it more user-friendly.
-
Palette's internal database, MongoDB, has been upgraded to version 6.0.
Deprecations and Removals
- The cluster group, Beehive, will be sunset on November 9, 2024. As of the 4.5.0 release, you are no longer able to deploy any new virtual clusters into Beehive. If you are using Palette SaaS and have virtual clusters in the Beehive cluster group, migrate the workload to new virtual clusters hosted in a self-managed cluster group before November 9, 2024. You can learn more about creating a new cluster group in the Create and Manage Cluster Groups guide.
Edge
Features
- You can now use LocalUI to facilitate user authentication for applications deployed onto Edge clusters. Application developers can use the JWT token provided by LocalUI to authenticate users for their applications hosted in the Edge cluster. The LocalUI provides a shared public key to each Edge host that you can use to verify the JWT token produced by LocalUI. This feature enables a single authentication source for applications deployed onto your Edge cluster. Check out the Share Local UI Authentication guide to learn more about this feature.
Improvements
- You can now disable the webhook Edge hosts use to redirect image pulls to the appropriate locations depending on your Edge user data configuration. Turning off the default webhook allows you to use diverse registry setups, such as private authenticated registries and airgap domains. Check out the Disable Webhook to Customize Image Pull Behavior guide to learn more about this feature.
Bug Fixes
- Fixed an issue where the Harbor pack's SSL certificate was not updated when a new certificate was specified in the pack YAML configuration.
VerteX
Features
- Includes all Palette features, improvements, breaking changes, and deprecations in this release. Refer to the Palette section for more details.
Automation
- Terraform version 0.21.5 of the Spectro Cloud Terraform provider is available. For more details, refer to the Terraform provider release page.
Docs and Education
-
The Getting Started section of the documentation has been updated to provide a more comprehensive guide for new users to get started with Palette. In the Getting Started section, you can now find guides featuring AWS, Azure, GCP, and VMware vSphere. The sections have been updated with new tutorials and feature the fictional company Spacetastic to help you understand how to use Palette to manage your infrastructure.
-
A new tutorial for Edge is now available. The Deploy an Edge Cluster on VirtualBox tutorial provides a step-by-step guide to deploying an Edge cluster on VirtualBox. This tutorial is great for new users who want to learn more about Edge and gain hands-on experience without needing access to physical hardware.
Packs
Pack Notes
- NVIDIA has released a software update for the NVIDIA Container Toolkit and NVIDIA GPU Operator that addresses a critical vulnerability, NVIDIA CVE-2024-0132, that affects the NVIDIA Container Toolkit versions v1.16.1 or earlier. To address this vulnerability, we recommend you upgrade to the latest NVIDIA GPU Operator pack version v24.6.2.
OS
| Pack Name | New Version |
|---|---|
| BYOS | 2.0.0 |
Kubernetes
| Pack Name | New Version |
|---|---|
| K3s | 1.28.14 |
| K3s | 1.29.9 |
| K3s | 1.30.5 |
| Microk8s | 1.28 |
CNI
| Pack Name | New Version |
|---|---|
| Calico | 3.28.2 |
| Custom CNI | 1.0.0 |
CSI
| Pack Name | New Version |
|---|---|
| AWS EBS | 1.35.0 |
| Custom CSI | 1.0.0 |
| Portworx w/Operator | 3.1.5 |
| Rook Ceph | 1.14.9 |
Add-on Packs
| Pack Name | New Version |
|---|---|
| AWS ALB | 2.8.3 |
| Cillium Tetragon | 1.2.0 |
| Dex | 2.39.1 |
| ExternalDNS | 0.15.0 |
| External Secrets Operator | 0.10.3 |
| Istio | 1.23.1 |
| Kong | 2.41.1 |
| Nginx | 1.11.2 |
| Spectro Proxy | 1.5.4 |
| Vault | 0.28.1 |
FIPS Packs
| Pack Name | New Version |
|---|---|
| AWS EBS | 1.35.0 |
| Calico | 3.28.2 |
Deprecations and Removals
- Check out the Deprecated Packs page for a list of all deprecated packs.