1.3.0 Aster

This is the first release in the Aster 1.3 series.

Notable changes

  • Upgraded kubespray and kubernetes. Upgraded kubespray to the current master branch (commit id 6a70f026628c4f9976f96e135853f094239ca48e) and kubernetes to 1.28.3.

  • Upgraded ceph to 17.2.7.

  • Upgraded other kubernetes components like etcd, containerd, calico, nerdctl, helm, etc. See VERSIONS.

  • Removed PodSecurityPolicy in Admission plugin because it is not supported since kubernetes version 1.25. Use PodSecurity Admission plugin instead.

  • Removed the containerd cri-base.json patch task. The new kubespray already has this applied.

  • Modified variables in offline_vars.yml due to changes in the way containerd is configured. It uses hosts.toml to configure the container registries.

  • Changed localrepo namespace to kube-system from burrito. It is not necessary to create a new namespace for the only one pod.

  • Add security-hardening features in kubernetes - Cluster Hardening

Burrito Changelog