Changelog
List of aperture PRs merged since 0.21.0 release. For the full list of changes, see [list of changes][changes]
Get back to Go 1.19 (1281)
Until we figure out how to properly build plugins, we need to stick to go 1.19.
Fix watchdog job name and harness tests (1276)
Handle situation where we don't have local prometheus running.
Moved generated CLI docs under reference section (1279)
Description of change
Moved the generated `aperturectl` docs under `reference` from
`get-started`.
Resolve latest blueprints version to latest stable release (1263)
When `latest` is used as a version for blueprints, resolve it to
the latest stable version and fetch it instead.
<!-- Reviewable:start -->
- - -
This change is [<img src="https://reviewable.io/review_button.svg"
height="34" align="absmiddle"
alt="Reviewable"/>](https://reviewable.io/reviews/fluxninja/aperture/1263)
<!-- Reviewable:end -->
Updated installation steps for CLI (1278)
Add aperturectl packaging (1271)
This also made packaging process more generic, in case we want to
package other binaries like controller.
Minor changes in format and wordings (1275)
Update policies page in Getting Started and aperturectl docs (1269)
Co-authored-by: Harjot Gill <harjot.gillfluxninja.com>
Co-authored-by: Hardik Shingala <hardik.shingalafluxninja.com>
Separate main binary and plugin caches (1272)
This prevents overwriting each others caches when both main binary and plugin binaries are build at the same time.
Added support for applying policy on Kubernetes conditionally via aperturectl and use of custom blueprints (1264)
Description of change
Added below support in `aperturectl`:
- User can pass `--apply` flag which will apply all the valid policies
generated on Kubernetes
- User can pass `--custom-blueprints-path` using which they can provide
any other blueprints than the ones which we pulled.
Fix race condition when returning extra tokens (1268)
Description of change
Checklist
- [x] Tested in playground or other setup
- [ ] Screenshot (Grafana) from playground added to PR for 15+ minute
run
- [ ] Documentation is changed or added
- [ ] Tests and/or benchmarks are included
- [ ] Breaking changes
<!-- Reviewable:start -->
- - -
This change is [<img src="https://reviewable.io/review_button.svg"
height="34" align="absmiddle"
alt="Reviewable"/>](https://reviewable.io/reviews/fluxninja/aperture/1268)
<!-- Reviewable:end -->
docs: move policy config reference into policies category (1267)
Add Control Point Type to OLAP telemetry (1213)
Adding label "aperture.control_point_type" with values "feature" and "http" for sdk/envoy respectively.
Create children in status registry with key-value pairs (1257)
Adds provided KV as labels to alerts.
Add missing root certs to images (1266
Newly used `debian-slim` images do not have root certs installed by
default.
Drive-by: Fix lint error from new linter.
Bump Golang to 1.20 (1260
This bumps Golang to the latest 1.20 version.
Also, it unifies all Docker builder images to `golang:1.20-bullseye` and
final images from `alpine` to `debian:bullseye-slim` (except for
operator, as it is recommended to use `distroless` there). This should
remove any `glibc` and `musl` compatibility issues.
Add `aperturectl` CLI tool (1217)
Description of change
- Add root, compile, version commands
- Add relevant flags to compile command
- Replace usage of `circuit-compiler` to the new `aperturectl`
---------
Co-authored-by: Hardik Shingala <hardik.shingalafluxninja.com>
Add alerter to status registry (1226)
On each status registry error it will now generate an alert.
Update K8s attr processor config (1254
Previously we've used deprecated config format (which is shown in the
processor docs).
Do not overwrite OTEL extensions in FN plugin (1252
This prevents overwriting extensions configured in base OTEL config,
with the configuration in FN plugin.
Collect basic kubelet metrics (1227
This adds a default user defined OTEL metrics pipeline, which collects
basic kubelet metrics:
* `k8s.pod.cpu.utilization`
* `k8s.pod.memory.available`
* `k8s.pod.memory.usage`
* `k8s.pod.memory.working_set`
It also adds the following labels (if applicable):
* `k8s.daemonset.name`
* `k8s.cronjob.name`
* `k8s.deployment.name`
* `k8s.job.name`
* `k8s.namespace.name`
* `k8s.node.name`
* `k8s.pod.name`
* `k8s.pod.uid`
* `k8s.replicaset.name`
* `k8s.statefulset.name`
aimd controller: change how we detect overload based on slope parameter (1250)
Remove grpc validator interceptor. (1230)
It was causing slowdown on datapath APIs.
Validator is now manually invoked on live-preview APIs.
Drive-by: Simplify SetDefaults a bit.
Revamp concurrency units (1188)
Change scheduler's concurrency metrics to "work-seconds".
New metrics are: incoming_work_seconds_total &
accepted_work_seconds_total.
Work-seconds are measuring work based on latency of flows. (One request
with 1s latency is 1 work-second).
This also redefines meaning of accepted_concurrency signal to be
unitless value measuring concurrency (mean number of in-flight flows).
Similarly for incoming_concurrency.
Allow providing arbitrary Labels in alerter (1225)
Allows creating an alerter with KV labels map.
Add custom metrics to Agent's OTEL (1222)
This introduces ability to gather any user defined metrics using OTEL
receivers and processors. Those metrics would be automatically pushed to
the Controller Prometheus. This should be useful when creating policies
which require some specific metric not gathered by builtin metrics
gatherers.
Move OTEL specific config to `cmd/{agent,controller}` (1215)
This is another round of OTEL code cleanup. It is focused on only keeping common OTEL configs in pkg/otelcollector and moving Agent/Controller specific configuration to cmd/aperture-{agent,controller}.
mermaid: do not render unused ports (1218)
Description of change
Checklist
- [ ] Tested in playground or other setup
- [ ] Screenshot (Grafana) from playground added to PR for 15+ minute
run
- [X] Documentation is changed or added
- [ ] Tests and/or benchmarks are included
- [ ] Breaking changes
<!-- Reviewable:start -->
- - -
This change is [<img src="https://reviewable.io/review_button.svg"
height="34" align="absmiddle"
alt="Reviewable"/>](https://reviewable.io/reviews/fluxninja/aperture/1218)
<!-- Reviewable:end -->
Add `decision_type` label to `workload_requests_total` and `rate_limiter_counter` (1203)
Description of change
Checklist
- [x] Tested in playground or other setup
- [x] Documentation is changed or added
- [x] Tests and/or benchmarks are included
- [ ] Breaking changes
<!-- Reviewable:start -->
- - -
This change is [<img src="https://reviewable.io/review_button.svg"
height="34" align="absmiddle"
alt="Reviewable"/>](https://reviewable.io/reviews/fluxninja/aperture/1203)
<!-- Reviewable:end -->
remove extra ports from aimd concurrency controller (1216)
Description of change
Checklist
- [X] Tested in playground or other setup
- [ ] Screenshot (Grafana) from playground added to PR for 15+ minute
run
- [ ] Documentation is changed or added
- [ ] Tests and/or benchmarks are included
- [ ] Breaking changes
<!-- Reviewable:start -->
- - -
This change is [<img src="https://reviewable.io/review_button.svg"
height="34" align="absmiddle"
alt="Reviewable"/>](https://reviewable.io/reviews/fluxninja/aperture/1216)
<!-- Reviewable:end -->
Simplify circuit unit-tests by avoiding SignalID (1212)
Circuit sim is doing blackbox-testing of components, thus all signal it
cares about are root-signals. Therefore, signal names in tests can be
just strings (internally translated to root SignalIDs). This make
circuit sim-based tests less verbose.
[changes]: https://github.com/fluxninja/aperture/compare/releases/aperture-controller/v0.21.0...releases/aperture-controller/v0.22.0-rc.1