Skip to content

Releases: k8gb-io/k8gb

v0.15.0

20 Jul 19:27
@github-actions github-actions
v0.15.0
b806292
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.15.0 Latest
Latest

K8gb v0.15.0 introduces major architectural improvements, enhanced multi-zone capabilities, dynamic configuration features, and strengthened security. This release represents significant progress toward more scalable, flexible, and robust global load balancing for Kubernetes.

🚀 Major Features & Enhancements

Multi-Zone DNS Support

  • New capability: k8gb can now manage multiple DNS zones in a single deployment
  • Eliminates the need for multiple k8gb deployments across different namespaces
  • Simplified configuration through the new dnsZones array in Helm values
  • Supports managing different domains and environments from a single configuration

Example Configuration:

k8gb:
  dnsZones:
    - parentZone: "example.com"
      loadBalancedZone: "cloud.example.com"
      dnsZoneNegTTL: 30
    - parentZone: "example.org"
      loadBalancedZone: "cloud.example.org"
      dnsZoneNegTTL: 30

Dynamic GeoTags Discovery

  • Automatic GeoTag discovery: k8gb can now automatically discover external cluster GeoTags from DNS NS records
  • Reduces manual configuration overhead and eliminates the need to restart all k8gb instances when adding/removing clusters
  • Particularly beneficial for large-scale, dynamic multi-cluster environments
  • Configurable via empty extGslbClustersGeoTags value to enable dynamic discovery

Enhanced ResourceRef Support

  • Extended GSLB ResourceRef: Now supports name, namespace, and kind fields for more flexible resource referencing
  • Improved resource resolution capabilities for complex Kubernetes environments
  • Better integration with various ingress controllers and service mesh configurations

🏗️ Architectural Improvements

Upstream Chart Integration

  • CoreDNS: Migrated to official upstream CoreDNS Helm chart instead of maintaining a fork
  • External-DNS: Now uses upstream external-dns chart for AWS integrations and other providers
  • Improved maintainability and faster adoption of upstream security fixes and features

Enhanced Bootstrap & Zone Management

  • New bootstrap package: Improved cluster IP discovery and DNS zone initialization
  • Automated DNS zone setup: Better handling of zone delegation during cluster bootstrap
  • ClusterIP support: New flag to support CoreDNS exposed via ClusterIP instead of requiring LoadBalancer

Reverse Proxy Support

  • Production deployment flexibility: k8gb now supports deployment behind reverse proxies
  • Enhanced for enterprise environments with complex networking requirements
  • Improved compatibility with ingress controllers and service mesh architectures

🔧 Operational Improvements

Enhanced Testing Framework

  • Chainsaw integration: New Kubernetes-native e2e testing framework alongside existing Terratest
  • Improved test coverage: More comprehensive testing scenarios for multi-cluster setups
  • Better debugging: Enhanced test failure diagnostics and logging

Monitoring & Observability

  • Vertical Pod Autoscaling: Added VPA support for k8gb, CoreDNS, and external-dns components
  • Performance optimizations: Reduced external DNS configuration flapping
  • Event recording: GSLB now records Kubernetes events when references cannot be resolved

Configuration Enhancements

  • CoreDNS flexibility: Added boolean flag to disable CoreDNS ConfigMap management when not needed
  • Extra server blocks: Support for custom CoreDNS server block configuration per zone
  • Multiline plugin support: Improved indentation handling for complex CoreDNS configurations

🔒 Security & Compliance

SLSA Provenance

  • Official SLSA generator: Upgraded to official SLSA provenance generation for enhanced supply chain security
  • Improved artifact attestation: Better verification of build artifacts and container images
  • Compliance readiness: Enhanced security posture for enterprise and regulated environments

Documentation Site Security

  • MkDocs integration: New comprehensive documentation site with GitHub Pages deployment
  • Automated security scanning: Enhanced CI/CD pipelines with security analysis
  • Dependency management: Regular automated updates of non-major dependencies

Reference examples and integrations

Crossplane Integration & Global Control Planes

  • New reference architecture: Complete Crossplane integration example for resilient multi-region global control planes
  • Active/Passive failover patterns with DNS-based health monitoring
  • GSLB health status integration for automated control plane transitions
  • Reference templates and deployment guides in /docs/examples/crossplane/

⚠️ Breaking Changes

Helm Chart - dnsZone configuration is now a list

  • BREAKING: dnsZone and edgeDnsZone chart values are deprecated in favor of dnsZones array
  • Migration path:
    • Old: k8gb.dnsZone and k8gb.edgeDnsZone
    • New: k8gb.dnsZones[0].loadBalancedZone and k8gb.dnsZones[0].parentZone

Helm Chart - AWS Route53 Integration must be configured using external dns

  • BREAKING: helm values under the key route53 are deprecated in favor of configuration under the key extdns. For an exact guide on how to migrate see the section More on Breaking changes

Removed Features

  • SplitBrain removed: split brain logic was already deprecated and removed in a previous release. Now we simply removed it from the CRD. This is merely a CRD update with no user impact.

🔄 Performance & Reliability

DNS Performance Optimizations

  • Health computation optimization: Application health is now computed only once per reconciliation cycle
  • External DNS efficiency: Reduced flapping in external DNS configurations
  • CNAME support: Enhanced DNS utilities with CNAME record support

Resource Management

  • Improved reconciliation: More efficient controller reconciliation loops
  • Better error handling: Enhanced error reporting and recovery mechanisms
  • Memory optimization: Reduced memory footprint in large-scale deployments

📦 Upgrade Instructions

  1. Backup current configuration: Save existing Helm values and GSLB resources
  2. Review breaking changes: Update chart values for new dnsZones format
  3. Test in staging: Validate multi-zone and dynamic GeoTag functionality
  4. Upgrade clusters: Rolling upgrade recommended for production environments
  5. Verify functionality: Test DNS resolution and failover scenarios post-upgrade

⚠️ More on Breaking changes:

v0.15.0 contains two breaking changes in the Helm chart. One relates to DNS zone configuration, which affects all users. The second one only affects users using the AWS Route53 integration.

DNS Zones

To support multiple dnsZones we created a new helm value called k8gb.dnsZones (list of objects), and deprecated the values k8gb.dnsZoneNegTTL, k8gb.edgeDnsZone, k8gb.dnsZone. We took this opportunity to clarify the naming since it was not always clear what an edge zone is.
In your chart you will need to change from:

k8gb:
  dnsZone: demo.example.com
  dnsZoneNegTTL: 300
  edgeDNSZone: example.com

to:

k8gb:
  dnsZones:
    - loadBalancedZone: demo.example.com
      parentZone: example.com
      dnsZoneNegTTL: 300

AWS Route53 integration

The AWS Route53 integration was migrated to native external dns configuration. This allows for more flexibility when configuring this integration, since you are no longer dependent on our wrappers of external-dns configuration.

If your authentication to AWS used a role ARN, then your configuration needs to be adapted as described in the external-dns docs from:

route53:
  enabled: true
  irsaRole: arn:aws:iam::111111:role/external-dns

or

route53:
  enabled: true
  assumeRoleArn: arn:aws:iam::111111:role/external-dns

to:

extdns:
  enabled: true
  provider:
    name: aws
  serviceAccount:
    name: k8gb-external-dns
    annotations:
      eks.amazonaws.com/role-arn: arn:aws:iam::111111:role/external-dns

If your authentication to AWS used secret (called credentials in this example), then your configuration needs to be adapted as described in the external-dns docs from:

route53:
  enabled: true
  secret: credentials

to

extdns:
  enabled: true
  provider:
    name: aws
  extraVolumes:
  - name: aws-credentials
    secret:
      secretName: credentials
  extraVolumeMounts:
  - name: aws-credentials
    mountPath: /.aws
    readOnly: true

Finally, a couple of variables must be specified (there are helm validation functions that make sure they are correct). Replace with the same value as k8gb.clusterGeoTag, and domainFilters with the same values as k8gb.dnsZones.parentZone:

extdns:
  txtPrefix: "k8gb-<GEOTAG>"
  txtOwnerId: "k8gb-<GEOTAG>"
  domainFilters:
  - "<domain>"

If you used to set hostedZoneID, then the txtOwnerId takes the value k8gb-<hostZoneID>-<GEOTAG>.

What's Changed

  • Update Offline Changelog by @github-actions[bot] in #1733
  • Update Helm Docs by @github-actions[bot] in #1729
  • chore(deps): update goreleaser/goreleaser-action digest to 006a7a4 by @renovate[bot] in #1708
  • Allow configuration of extra coredns server blocks by @abagua...
Read more

Contributors

ytsarev, jkremser, and 12 other contributors
Assets 18

v0.15.0-rc3

30 Jun 19:31
@github-actions github-actions
v0.15.0-rc3
16defa4
Compare
Choose a tag to compare
v0.15.0-rc3 Pre-release
Pre-release

Changelog

v0.15.0-rc3 (2025-06-30)

Full Changelog

Implemented enhancements:

  • Refactor depresolver #1870
  • Review split brain mechanism for Route53 and future external-dns based EdgeDNS providers #175

Closed issues:

  • rfc2136 provider does not support Weight Round Robin ? #1943
  • Switch to EndpointSlice API #1921
  • Migrate from dependabot to renovatebot #1014

Merged pull requests:

* This Changelog was automatically generated by github_changelog_generator

🚀

Loading

v0.15.0-rc2

28 May 14:24
@github-actions github-actions
v0.15.0-rc2
3d2cdd9
Compare
Choose a tag to compare
v0.15.0-rc2 Pre-release
Pre-release

Changelog

v0.15.0-rc2 (2025-05-28)

Full Changelog

Merged pull requests:

* This Changelog was automatically generated by github_changelog_generator

🚀

Loading

v0.15.0-rc1

19 May 08:54
@github-actions github-actions
v0.15.0-rc1
807eefb
Compare
Choose a tag to compare
v0.15.0-rc1 Pre-release
Pre-release

Changelog

v0.15.0-rc1 (2025-05-18)

Full Changelog

Implemented enhancements:

  • Reverse proxy support? #1275
  • Test implemented LB strategies for more than 2 cluster scenario #78

Fixed bugs:

  • Occasional reconciler error #566

Closed issues:

  • ArgoCD experiencing increased resource usage due to non-deterministic DNSEndpoint updates from k8gb #1900
  • K8gb.io is DOWN for everyone #1881
  • dnsZones block unintentionally introduced a breaking change #1858
  • I do not hava public dns server,I just want to test locally with 3cluster ,how to instalk #1840
  • Ignore 'mesh' gateway when counting referenced gateways in VirtualService #1833
  • Support CNAMEs lookups when fetching the ingress's IP address #1782
  • Documentation: update GOVERNANCE for incubation application - vendor neutrality #1746
  • CoreDNS AWS NLB health check not getting healthy #1741
  • WIP: Incubation Application #1662
  • Finish Setting up Socials #1642
  • GeoIP strategy #1182
  • host.k3d.internal -> k3d-edgedns-server-0 #955

Merged pull requests:

Read more
Loading

v0.14.0

16 Sep 17:11
@github-actions github-actions
v0.14.0
1874f6c
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.14.0

Changelog

v0.14.0 (2024-09-16)

Full Changelog

Implemented enhancements:

  • Deprecate GSLB CRD #1018
  • Add support for Linode #928
  • Infoblox provider: upgrade infoblox client to recent version #920
  • Feature Request/Idea: Extend registration to ISTIO and Virtual Services #552
  • [opensihft-support] global record not populated #424
  • Consider and implement the desired level of the Operator Maturity Model #51

Fixed bugs:

  • [BUG] UnitTests racing #942
  • [BUG] GSLB is not updated when Ingress has change #932
  • intermittent failure of container image build #904
  • Fix FOSSA license scan issue(s) #880

Closed issues:

  • externaldns.interval not being respect #1676
  • (vendor-neutrality) Use Vendor-Neutral Zoom #1661
  • Update Code of Conduct #1633
  • Incorrect k8gb chart metadata in ArtifactHub #1034
  • REFACTORING: Use DepResover mock in constroller tests #923
  • Support multiple edgeDNS types in parallel to enable hybrid and multi-cloud scenarios #919
  • Terratest: identify ImagePullBackOff and exit ASAP with proper message #898
  • Investigate integration with Orb #848
  • Check if incoming code is gofmt-ed #817
  • Revisit the project linting scope #775
  • Add k8gb delivery scenario to podtato head #643

Merged pull requests:

Read more
Loading

v0.13.0

03 Jul 09:23
@github-actions github-actions
v0.13.0
a0db58e
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.13.0

Highlights

  • Azure DNS Support and reference example #1525
  • Decouple Gslb from the Kubernetes Ingress resource #1557
  • Bump Core Dependencies #1627

Changelog

v0.13.0 (2024-07-03)

Full Changelog

Closed issues:

  • deploy-full-local-setup: external-dns pod exec format error with Docker Desktop > 4.26.1 #1588
  • Azure DNS: ability to reference existing secret #1585
  • Bug: Unnecessary permissions #1580
  • scorecard pipeline is failing in master branch #1566
  • TestFailoverPlayground flaky terratest #1345
  • 🟢 Replace the old k8gb code with the new k8gb-lite code #1301
  • 🟢 Revisit documentation #1299
  • 🟢 Revisit HelmChart #1298
  • 🟢 Revisit github workflow pipelines #1297
  • HelmChart values validations #1267
  • CNCF TOC annual review due #1206
  • flaky: yet another non-deterministic tests failure #974

Merged pull requests:

Read more
Loading

v0.12.2

21 Dec 14:15
@github-actions github-actions
v0.12.2
bf4e77b
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.12.2

Highlights

Changelog

v0.12.2 (2023-12-21)

Full Changelog

Implemented enhancements:

  • Implement weighted round robin load balancing strategy #50

Fixed bugs:

  • [Bug] Terratest racing #902

Closed issues:

  • Release pipeline fails with cosign validation #1361
  • "Additional property cloudflare is not allowed" appears when deploying Cloudflare integration #1339
  • Security slam #1309
  • Track the impact of HashiCorp license MPL -> BSL #1224
  • Helm template does not support GSS-TSIG configuration for ExternalDNS #1061
  • Cloudflare EdgeDNS support #944
  • Deploy k8gb on MS Azure using Private DNS #929
  • Cloudflare GSLB support #884

Merged pull requests:

Read more
Loading

v0.11.5

11 Sep 13:10
@github-actions github-actions
v0.11.5
d01f1a8
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.11.5

Changelog

v0.11.5 (2023-09-11)

Full Changelog

Merged pull requests:

* This Changelog was automatically generated by github_changelog_generator

🚀

Loading

v0.11.4

07 Sep 15:02
@github-actions github-actions
v0.11.4
71ee288
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.11.4

Changelog

v0.11.4 (2023-09-07)

Full Changelog

Implemented enhancements:

  • Extend pipelines with edgeDNS test coverage #351
  • Rancher Fleet support #1255 (kuritka)
  • Allow to enable custom coredns plugins #1248 (kuritka)

Closed issues:

  • Deploy k8gb on MS Azure #642

Merged pull requests:

* This Changelog was automatically generated by github_changelog_generator

🚀

Contributors

somaritane
Loading

v0.11.2

04 Aug 12:47
@github-actions github-actions
v0.11.2
0d4bbf6
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.11.2

Changelog

v0.11.2 (2023-08-04)

Full Changelog

Closed issues:

  • Supporting CaseInsensitive Queries #54
  • Help with DNS resolver #1178
  • Check sed version of make deploy-full-local-setup #1078

Merged pull requests:

Read more
Loading