Deckhouse

Fixes


- **[admission-policy-engine]** Update Kubernetes Go client dependency to `0.26.4`. [5454](https://github.com/deckhouse/deckhouse/pull/5454)
`gatekeeper-audit` pod will be recreated.


For more information, see the [changelog](https://github.com/deckhouse/deckhouse/blob/main/CHANGELOG/CHANGELOG-v1.49.md) and minor version [release changes](https://github.com/deckhouse/deckhouse/releases/tag/v1.49.0).

Fixes


- **[candi]** Revert kubelet CRI socket path configuration for docker. [5411](https://github.com/deckhouse/deckhouse/pull/5411)
- **[cloud-provider-openstack]** Fix OpenAPI scheme for `d8-cloud-provider-discovery-data` secret. [5405](https://github.com/deckhouse/deckhouse/pull/5405)
- **[linstor]** Fix for Linstor dashboard. [5403](https://github.com/deckhouse/deckhouse/pull/5403)
- **[user-authn]** Add a custom certificate for the kubeconfig generator. [5409](https://github.com/deckhouse/deckhouse/pull/5409)


For more information, see the [changelog](https://github.com/deckhouse/deckhouse/blob/main/CHANGELOG/CHANGELOG-v1.49.md) and minor version [release changes](https://github.com/deckhouse/deckhouse/releases/tag/v1.49.0).

Fixes


- **[cloud-provider-openstack]** Remove 'minLength: 1' requirement from mainNetwork and defaultImageName properties in OpenAPI specification. [5381](https://github.com/deckhouse/deckhouse/pull/5381)


For more information, see the [changelog](https://github.com/deckhouse/deckhouse/blob/main/CHANGELOG/CHANGELOG-v1.49.md) and minor version [release changes](https://github.com/deckhouse/deckhouse/releases/tag/v1.49.0).

Important update notes

**The Docker CRI is no longer supported.** The upgrade will not start if there are Docker CRI nodes in the cluster (you can check this using the `kubectl get no -o wide | grep docker` command). See the [documentation](https://deckhouse.io/documentation/v1.49/modules/040-node-manager/faq.html#how-to-change-cri-for-nodegroup) for information on how to change the CRI for a NodeGroup or the entire cluster.

Major changes
- **The new [multitenancy-manager module](https://deckhouse.io/documentation/v1.49/modules/160-multitenancy-manager/)** (disabled by default) allows you to create templated environments in a cluster using custom resources. This way, you can easily create environments with pre-defined access isolation and resource usage limits in the cluster ([example](https://deckhouse.io/documentation/v1.49/modules/160-multitenancy-manager/usage.html)). The module is available in the EE edition.
- The installation process has been improved. The Deckhouse installer (dhctl) now has a set of pre-checks to detect possible problems before the installation begins.
- You can now reserve [compute resources](https://kubernetes.io/docs/tasks/administer-cluster/reserve-compute-resources/) for system services on a node (using the [resourceReservation](https://deckhouse.io/documentation/v1.49/modules/040-node-manager/cr.html#nodegroup-v1-spec-kubelet-resourcereservation) parameter). Resource reservation will be enabled by default. However, this will not affect the NodeGroups already present in the cluster.

The following components will be restarted during the update

- Kubernetes control plane
- `admission-policy-engine` (`constraint-exporter`)
- `runtime-audit-engine` (`falco`, `rules-reloader`)
- `log-shipper` (`vector`)
- `linstor` (`linstor-csi`, `piraeus-operator`)
- `virtualization` (`vmi-router`)

Component version updates:

- Kubernetes control plane: `1.24.16`, `1.25.12`, `1.26.7`, `1.27.4`
- falco (runtime-audit-engine): `0.35.1`
- piraeus-operator (linstor): `1.10.5`
- linstor-csi (linstor): `1.2.2`
- vector (log-shipper): `0.31.0`

See [CHANGELOG v1.49](https://github.com/deckhouse/deckhouse/blob/main/CHANGELOG/CHANGELOG-v1.49.md) for more details.

Fixes


- **[user-authn]** Add a custom certificate for the kubeconfig generator. [5424](https://github.com/deckhouse/deckhouse/pull/5424)


For more information, see the [changelog](https://github.com/deckhouse/deckhouse/blob/main/CHANGELOG/CHANGELOG-v1.48.md) and minor version [release changes](https://github.com/deckhouse/deckhouse/releases/tag/v1.48.0).