Deckhouse

Fixes


- **[linstor]** Improve kernel-headers detection for СentOS. [2641](https://github.com/deckhouse/deckhouse/pull/2641)
- **[monitoring-kubernetes]** Add deployments to kube-state-metrics's allowlist. [2636](https://github.com/deckhouse/deckhouse/pull/2636)


See [CHANGELOG v1.37](https://github.com/deckhouse/deckhouse/blob/main/CHANGELOG/CHANGELOG-v1.37.md) for more details.

Component version updates

- Alpine Linux (base image): `3.16.2`

Important update notes

- Control plane components will be restarted.
- The majority of Pods owned by Deckhouse will be restarted.

Major changes

- The base container images used to build Deckhouse components have been updated to address known security issues (CVEs).
- Ephemeral Containers support has been enabled for Kubernetes 1.23.
- Panels displaying information about under-requested container resources have been added to the Grafana **Capacity Planning** dashboard.
- Changes in the istio module:
- The `tlsMode` parameter will be removed in Deckhouse 1.38. In the current version of Deckhouse, an alert has been added to notify the user that the `tlsMode` parameter is used in the configuration of the istio module.
- The logic for enabling istio-sidecar for the ingress-nginx module has been redesigned.
- The problem with istio-proxy shutting down before the application (which could cause the app to freeze on shutdown) has been solved.
- The global sampling parameter has been added. It allows you to set the percentage of requests sent to the tracing system.

See [CHANGELOG v1.37](https://github.com/deckhouse/deckhouse/blob/main/CHANGELOG/CHANGELOG-v1.37.md) for more details.

Fixes


- **[control-plane-manager]** Fixed panic when a node with minimal RAM cannot be found. [2635](https://github.com/deckhouse/deckhouse/pull/2635)
- **[log-shipper]** Stop generating pointless 'parse_json' transform, which improves performance. [2619](https://github.com/deckhouse/deckhouse/pull/2619)
- **[log-shipper]** Fix the bug when the many sources point to the same input and only the last is working. [2619](https://github.com/deckhouse/deckhouse/pull/2619)
- **[monitoring-kubernetes]** Add deployments to kube-state-metrics's allowlist. [2642](https://github.com/deckhouse/deckhouse/pull/2642)
- **[node-manager]** Fixed failing on not existing control-plane node labels. [2635](https://github.com/deckhouse/deckhouse/pull/2635)
- **[upmeter]** Reduces QPS and burst in `upmeter-agent` to reduce `kube-apiserver` latency in multi-control-plane setups. [2666](https://github.com/deckhouse/deckhouse/pull/2666)

Chore


- **[node-manager]** Added automatic migration to the `control-plane` node role. [2635](https://github.com/deckhouse/deckhouse/pull/2635)


See [CHANGELOG v1.36](https://github.com/deckhouse/deckhouse/blob/main/CHANGELOG/CHANGELOG-v1.36.md) for more details.

Fixes


- **[flant-integration]** Fixed telemetry reporting control-plane nodes as nodes for charge. [2617](https://github.com/deckhouse/deckhouse/pull/2617)


See [CHANGELOG v1.36](https://github.com/deckhouse/deckhouse/blob/main/CHANGELOG/CHANGELOG-v1.36.md) for more details.

Fixes


- **[istio]** Fixed `D8IstioDataPlaneWithoutIstioInjectionConfigured` alert description. [2599](https://github.com/deckhouse/deckhouse/pull/2599)
- **[prometheus]** Fixed input lag by bumping Grafana version to `8.5.13`. [2603](https://github.com/deckhouse/deckhouse/pull/2603)
- Documentation updates.


See [CHANGELOG v1.36](https://github.com/deckhouse/deckhouse/blob/main/CHANGELOG/CHANGELOG-v1.36.md) for more details.

Fixes


- **[cloud-provider-aws]** Bump cloud provider version to fix LB target group creation. [2560](https://github.com/deckhouse/deckhouse/pull/2560)
- **[deckhouse]** Bump shell-operator image to avoid panic. [2547](https://github.com/deckhouse/deckhouse/pull/2547)
- **[istio]** Fixed `D8IstioActualDataPlaneRevisionNeDesired` alert. [2558](https://github.com/deckhouse/deckhouse/pull/2558)


See [CHANGELOG v1.36](https://github.com/deckhouse/deckhouse/blob/main/CHANGELOG/CHANGELOG-v1.36.md) for more details.