Deckhouse

En
**[dhctl]**
- [Fix](https://github.com/deckhouse/deckhouse/commit/1c7ca0bd70863c6180bfe4af88a5360e8b5ac157) converge

**[cloud-provider-yandex]**
- [Fix](https://github.com/deckhouse/deckhouse/commit/cd7194b2e7be63b30186b681991aa38a51e228e0): Bump Yandex CCM to the v0.21.3. Network loadbalancer fixes.

Ru
**[dhctl]**
- [Исправление](https://github.com/deckhouse/deckhouse/commit/1c7ca0bd70863c6180bfe4af88a5360e8b5ac157) converge'а

**[cloud-provider-yandex]**
- [Исправление](https://github.com/deckhouse/deckhouse/commit/cd7194b2e7be63b30186b681991aa38a51e228e0): Обновлена версия Yandex CCM на версию v0.21.3. Чинит работу с network loadbalancer.

En

**[bashible]**
- Fix [resize](https://github.com/deckhouse/deckhouse/commit/39a2525d06abb091275dfad32f5582dab9484cf0) partitions step.

**[global]**
- [Fix](https://github.com/deckhouse/deckhouse/commit/996bb477916a99420fb7ef49a989124b9761bb31) K8s version discovery in managed K8s installation (without our control-plane).
- Fix: [Revert](https://github.com/deckhouse/deckhouse/commit/e8fef604aa595394efa57e8adda2404cb732cf95) Commit 41820f7559a6e701afd1706c27f30cbf80be351c.

**[ingress-nginx]**
- [Fix](https://github.com/deckhouse/deckhouse/commit/b595d0da2267bc23b395bf4c236400d4c38390e0) failover iptables rules.

**[user-authn]**
- [Fix](https://github.com/deckhouse/deckhouse/commit/f73550362abc21e400d30e279401a584e2ecc036): increase `crowd-basic-auth-proxy` caching time.

**[cloud-provider-gcp]**
- Enhancement: [bump](https://github.com/deckhouse/deckhouse/commit/d9903d29f3ea6e35113855afd8bb9180b4a61e83) `gce-pd-csi-driver` to v1.3.3.

**[log-shipper]**
- [Fix](https://github.com/deckhouse/deckhouse/commit/): add VPA limits for a vector agent.

Ru
**[bashible]**
- [Исправление](https://github.com/deckhouse/deckhouse/commit/39a2525d06abb091275dfad32f5582dab9484cf0) шага resize'а раздела.

**[global]**
- [Исправление](https://github.com/deckhouse/deckhouse/commit/996bb477916a99420fb7ef49a989124b9761bb31) механизма определения версии K8s в managed-инсталляциях K8s (где control-plane не управляется Deckhouse)
- Исправление: [Откат](https://github.com/deckhouse/deckhouse/commit/e8fef604aa595394efa57e8adda2404cb732cf95) коммита 41820f7559a6e701afd1706c27f30cbf80be351c

**[ingress-nginx]**
- [Исправление](https://github.com/deckhouse/deckhouse/commit/b595d0da2267bc23b395bf4c236400d4c38390e0) failover-правил в iptables.

**[user-authn]**
- [Исправление](https://github.com/deckhouse/deckhouse/commit/f73550362abc21e400d30e279401a584e2ecc036): увеличено время кеширования в `crowd-basic-auth-proxy`.

**[cloud-provider-gcp]**
- Улучшение: [Поднята](https://github.com/deckhouse/deckhouse/commit/d9903d29f3ea6e35113855afd8bb9180b4a61e83) версия csi-драйвера `gce-pd-csi-driver` до версии v1.3.3.

**[log-shipper]**
- [Исправление](https://github.com/deckhouse/deckhouse/commit/): добавлены лимиты VPA для vector-агента.

En
**[istio]**
- [Fix](https://github.com/deckhouse/deckhouse/commit/1358ffd90414607475c1d675370c5a07fe1ba367): detect `jwtPolicy` according to Kubernetes version.

**[candi]**
- [Fix](https://github.com/deckhouse/deckhouse/commit/e383a07c6959df45907b22ebcdaa30c7d528cd0c) wrong `rootDir` detection in the `kubelet` configuration.

**[cloud-provider-aws]**
- [Fix](https://github.com/deckhouse/deckhouse/commit/e64d795e2e79be4167a43fa03c21fb2997524cd4) `terraform` detects changes on `volume_tags`.

**[monitoring-kubernetes]**
- [Fix](https://github.com/deckhouse/deckhouse/commit/6757c0e4d209383d9dcd235e248a0a942eb58dc2): switch off alerts about deprecated Docker CRI.

**[ci]**
- [Fix](https://github.com/deckhouse/deckhouse/commit/726802d546074d69e575a4a6b9bfc6ed363c066e) install `binutils`, `dumb_init` and `jo` from the main repository.

Ru
**[istio]**
- [Исправление](https://github.com/deckhouse/deckhouse/commit/1358ffd90414607475c1d675370c5a07fe1ba367): определение `jwtPolicy` в соответствии с версией Kubernetes.

**[candi]**
- [Исправление](https://github.com/deckhouse/deckhouse/commit/e383a07c6959df45907b22ebcdaa30c7d528cd0c) некорректного определения `rootDir` в конфигурации `kubelet`.

**[cloud-provider-aws]**
- [Исправление](https://github.com/deckhouse/deckhouse/commit/e64d795e2e79be4167a43fa03c21fb2997524cd4) механизма слежения за изменениями `volume_tags` terraform.

**[monitoring-kubernetes]**
- [Исправление](https://github.com/deckhouse/deckhouse/commit/6757c0e4d209383d9dcd235e248a0a942eb58dc2): отключены алерты о необходимости мигриации с Docker CRI.

**[ci]**
- [Исправление](https://github.com/deckhouse/deckhouse/commit/726802d546074d69e575a4a6b9bfc6ed363c066e) установки пакетов `binutils`, `dumb_init` и `jo`.

En

**[cloud-provider-aws]**
- [Enhancement](https://github.com/deckhouse/deckhouse/commit/c0e4dde3f98a4fd8d555b47ddde97bd9e34f7668): Add `gp3` volume type support.
- Enhancement: [Bump](https://github.com/deckhouse/deckhouse/commit/e570cd7130a0d4f05cc2c7c6b04f5f7946977f7c) AWS CSI driver to the newest version (`1.3.0`).

**[dhctl]**
- [Fix](https://github.com/deckhouse/deckhouse/commit/d02180b045c63e11dbcf34f89286bce5189ae8e0): it was not possible to use kubeconfig parameter for some subcommands.
- [Fix](https://github.com/deckhouse/deckhouse/commit/66551d7080cfd656f0a611cf89aeefcfef6a6a5b): `terraform check` command in cluster (`ssh-host` is a required parameter).
- [Fix](https://github.com/deckhouse/deckhouse/commit/8fdb868cd7559b4d9d2a94ab11bd93905ecebb0d): hide `Not found k8s versions` error in the `dhctl` and fix error strings in `kubernetes_version` hook.

**[ingress-nginx]**
- [Enhancement](https://github.com/deckhouse/deckhouse/commit/938e803bb684744b558215fbfd169ee433648745): use gzip by default.
- [Enhancement](https://github.com/deckhouse/deckhouse/commit/dec403ca948de9f2c93cd1966352681dafeca2b3): improve Nginx failover.

**[node-local-dns]**
- [Fix](https://github.com/deckhouse/deckhouse/commit/d6a09f03bc6fd1e506b4201ac344293ca4a120be) in liveness probe trap bash ERR.

**[user-authn]**
- [Fix](https://github.com/deckhouse/deckhouse/commit/d559fde62f00038ceb2ce686a588142a5192ec14): avoid extending the item expiration period when getting it for `crowd-basic-auth-proxy`.

RU

**[cloud-provider-aws]**
- [Улучшение](https://github.com/deckhouse/deckhouse/commit/c0e4dde3f98a4fd8d555b47ddde97bd9e34f7668): Добавлена поддержка томов с типом `gp3`.
- [Улучшение](https://github.com/deckhouse/deckhouse/commit/e570cd7130a0d4f05cc2c7c6b04f5f7946977f7c) Поднята версия драйвера AWS CSI до последней (1.3.0).

**[dhctl]**
- [Исправление](https://github.com/deckhouse/deckhouse/commit/66551d7080cfd656f0a611cf89aeefcfef6a6a5b) команды `terraform check` (требование параметра `ssh-host`).
- [Исправление](https://github.com/deckhouse/deckhouse/commit/d02180b045c63e11dbcf34f89286bce5189ae8e0): было невозможно использовать параметр `kubeconfig` для некоторых подкомманд.
- [Исправление](https://github.com/deckhouse/deckhouse/commit/8fdb868cd7559b4d9d2a94ab11bd93905ecebb0d): убран вывод ошибки `Not found k8s versions` в `dhctl` и исправлены сообщения об ошибках в `kubernetes_version`-хуке.

**[ingress-nginx]**
- [Улучшение](https://github.com/deckhouse/deckhouse/commit/938e803bb684744b558215fbfd169ee433648745): gzip включен по умолчанию.
- [Улучшение](https://github.com/deckhouse/deckhouse/commit/dec403ca948de9f2c93cd1966352681dafeca2b3) механизма failover Nginx.

**[node-local-dns]**
- [Исправление](https://github.com/deckhouse/deckhouse/commit/d6a09f03bc6fd1e506b4201ac344293ca4a120be) liveness-пробы для учета bash ERR-сигнала.

**[user-authn]**
- [Исправление](https://github.com/deckhouse/deckhouse/commit/d559fde62f00038ceb2ce686a588142a5192ec14): не продлять срок валидности элемента при его запросе в `crowd-basic-auth-proxy`.

En
**[cloud-provider-aws]**
- [Fix](https://github.com/deckhouse/deckhouse/commit/a90a54eead68e86a3c4e3408ad775c7916bc5095): restore the `standard` section in the OpenAPI specification.

**[istio]**
- Fix: [add](https://github.com/deckhouse/deckhouse/commit/949046b18f27a7be7f9fb292be43b8681f8c179c) `ca-certificates` to istiod image.
- [Fix](https://github.com/deckhouse/deckhouse/commit/0e195ce2efa7cec389404836239f9df558c40741): service pack #5.

**[upmeter]**
- [Fix](https://github.com/deckhouse/deckhouse/commit/ebcfd1dfbb727388ea6e97191d75d5d69d911620): restore shell hook for copying custom certificates.

**[global-hooks]**
- [Fix](https://github.com/deckhouse/deckhouse/commit/d64adeb71af86e071125a40a8e7fcbe3fb3e953b) panic for static clusters when looking up a cloud provider.

Ru
**[cloud-provider-aws]**
- [Исправление](https://github.com/deckhouse/deckhouse/commit/a90a54eead68e86a3c4e3408ad775c7916bc5095): в OpenAPI-спецификацию возвращена секция `standard`.

**[istio]**
- [Исправление](https://github.com/deckhouse/deckhouse/commit/949046b18f27a7be7f9fb292be43b8681f8c179c): в образе istiod добавлена установка пакета `ca-certificates`.
- [Исправление](https://github.com/deckhouse/deckhouse/commit/0e195ce2efa7cec389404836239f9df558c40741): service pack #5.

**[upmeter]**
- [Исправление](https://github.com/deckhouse/deckhouse/commit/ebcfd1dfbb727388ea6e97191d75d5d69d911620): восстановлен shell-хук, необходимый для копирования custom-сертификатов.

**[global-hooks]**
- [Исправление](https://github.com/deckhouse/deckhouse/commit/d64adeb71af86e071125a40a8e7fcbe3fb3e953b) ошибки, приводящей к 'панике' в статических кластерах на шаге определения cloud-провайдера.

En
Components that will be restarted during update
- IngressNginx
- ControllerManager

Significant changes

[Install](https://github.com/deckhouse/deckhouse/commit/2a6e2eeb32ba4f1a6c24ec5feb9e8eded5eec0c6) required OS packages from the Deckhouse registry
This feature allows Deckhouse to be installed in any environment that has either direct access to `registry.deckhouse.io` or has a trusted internal proxy/registry that has all required images. No external repositories for package managers are required on Kubernetes nodes.

Ingress nginx controller [serves](https://github.com/deckhouse/deckhouse/commit/d45a5f22d7b7bc7271f062e2201a5d4e8a4d7186) all metrics on the localhost
Stop serving controller's `/healthz` and `/metrics` endpoints on the `0.0.0.0`. It is required to keep them secure in the `hostNetwork: true` mode.

Other changes
**[control-plane-manager]**
- [Fix](https://github.com/deckhouse/deckhouse/commit/e3ea524224a76b82e5076d6e007f29bec812b4ba): race between etcd hooks.
- [Fix](https://github.com/deckhouse/deckhouse/commit/0bafd0fc1dc78759bfa01c88998d79f6f9737f08): set `terminated-pod-gc-threshold` to 12500.

**[monitoring-kubernetes]**
- [Add](https://github.com/deckhouse/deckhouse/commit/0101ec7ddacd8e4e226a8af9ec56dcba4b22d5f4): Docker deprecation alert.
- [Add](https://github.com/deckhouse/deckhouse/commit/799b00d091189cf43fd70c683c1168ba2731dedf): time ranges to panel links.
- [Fix](https://github.com/deckhouse/deckhouse/commit/63ba419f933cc6acadde9add29add9760592d7ba): eliminate `kubelet-eviction-exporter` killing [issue](https://github.com/deckhouse/deckhouse/issues/81).
- [Fix](https://github.com/deckhouse/deckhouse/commit/44d6178b27624a9ceaa150d1fc2541e8fb8c10af): mute cri alerts on nodes where cri is not managed by the Deckhouse.
- [Fix](https://github.com/deckhouse/deckhouse/commit/6b560e67d0e7f6d1bb440d8d4b342a452f503d84): throttling graph in the Namespaces dashboard ([#issue](https://github.com/deckhouse/deckhouse/issues/108)).

**[ingress-nginx]**
- [Fix](https://github.com/deckhouse/deckhouse/commit/d63ce7718862fc0c68e8675b488e520609bc16d3): prohibit change of .spec.inlet field.

**[monitoring-applications]**
- [Fix](https://github.com/deckhouse/deckhouse/commit/197770308bf4fda55ed04f8c0e58bb8d9ab966e1) memcached dashboard.

**[monitoring-control-plane]**
- [Enhancement](https://github.com/deckhouse/deckhouse/commit/f0a75b29aa04f61f6662f82aefbc95cdd3e62e81): provide an alert when etcd db size is close to the limit.

**[cloud-provider-openstack]**
- [Fix](https://github.com/deckhouse/deckhouse/commit/dcef052f78798e847ee2fee12fed5f85c6cf5d57) custom `caCert` support.

**[cloud-provider-yandex]**
- [Fix](https://github.com/deckhouse/deckhouse/commit/efa96f056473f0fc45c174af8ec25e988c85f5fd): bump `yandex-cloud-controller-manager` to version `v0.21.1` having `TargetGroups` deletion fix. **For Kubernetes 1.21 only.**

**[upmeter]**
- [Enhancement](https://github.com/deckhouse/deckhouse/commit/5ad7216696314d0a9275efed3d6b642595decc64): make DNS probe use the domain `kubernetes.default.svc.<global.discovery.clusterDomain>` as stated in the probe design.
- [Enhancement](https://github.com/deckhouse/deckhouse/commit/a0dfb5499d402d47454c49ea657d8cb45725a006): make synthetic group tolerant to `smoke-mini` rescheduling.
- [Enhancement](https://github.com/deckhouse/deckhouse/commit/ad89ca59fe33972e9a7cdea4149012a3572d03fa): make `node-exporter` probe tolerant to pods unreadiness for some interval.
- [Update](https://github.com/deckhouse/deckhouse/commit/a4b2cd644253967443f8ce41b3033484a8e4419c) Deckhouse probe.
- [Add](https://github.com/deckhouse/deckhouse/commit/8880c26bccbed91ab4cbc69b98443733c01e7ed3) load-balancing probe group.
- [Add](https://github.com/deckhouse/deckhouse/commit/6127b46a2f419169cd8407b76c75801f9ca2b7fc) group of probes for cluster scaling and autoscaling features.

**[dhctl]**
- [Fix](https://github.com/deckhouse/deckhouse/commit/675a775d899ddf0ace76d1b33c66a866e4446d9a): Fix `fs watcher for intermediate terraform state file` error and not running converge from cluster.
- [Fix](https://github.com/deckhouse/deckhouse/commit/fc8db1d81296feba67c1b562f68d00ec9518d169): Fix incomplete abort or destroy.
- [Enhancement](https://github.com/deckhouse/deckhouse/commit/3a85bcbe7c71be1a4b973346ee71914224827995): Converger lock improvements and fixes.

**[docs]**
- [Add](https://github.com/deckhouse/deckhouse/commit/6bed8c5a116193f4c59edc2211b2b205f0406bde) Code of Conduct Deckhouse community follows the Code of Conduct based on Contributor Covenant v2.1.
- [Translate](https://github.com/deckhouse/deckhouse/commit/e49e349ddba8b8e4d8651e63884984c412a9c00c) alerts to English.

**[prometheus]**
- [Enhancement](https://github.com/deckhouse/deckhouse/commit/a86ade869bd7338214ea4f2943cae0c2a3d6f4cf): add support for `remote_write.tls_config.insecure_skip_verify`.

**[user-authn]**
- [Fix](https://github.com/deckhouse/deckhouse/commit/f4526e182d74881c31f3c3da2814a00a26f6089b): change readiness probe for `dex-authenticator`.
- [Enhancement](https://github.com/deckhouse/deckhouse/commit/441ee3e251ae3d7c1a0fbade6d20d2c45e8db92c): bump Dex version to `v2.30.0`.
- [Refactoring](https://github.com/deckhouse/deckhouse/commit/ff966587846af5df82823ea38eacbe0c450f80c3): do not check existence of Kubernetes objects before deleting (in hooks).

**[user-authz]**
- [Fix](https://github.com/deckhouse/deckhouse/commit/c18fcd48c8982b883c2984433043f61e17acd8ea) `ResourceQuota` name in RBAC rules.

**[deckhouse-web]**
- [Enhancement]: show revision, version, and update channel used.

Other internal changes
- [Enhancement](https://github.com/deckhouse/deckhouse/commit/c679e5ed35ed529f740b0fab0c3e0c92ca2a4ade): add step to auto-resize ext4 partitions.
- [Enhancement](https://github.com/deckhouse/deckhouse/commit/024ffb7abbb3449117bd95d67e30e2b2880e6309): `cloud-controller-manager` should bind on internal IP for security purposes.
- [Add](https://github.com/deckhouse/deckhouse/commit/a4b15e715c30e4708960d32a163b9b77db3b4e95) descriptions for cluster configuration resource in `cloud-provider-gcp`.
- [Fix](https://github.com/deckhouse/deckhouse/commit/1f5971bcf281e10ffe29dc61865d16392d7a7108): [go_lib] `ensure_crds` skip empty documents in YAML files.
- [Enhancement](https://github.com/deckhouse/deckhouse/commit/ca07d5852a9553de7bec4d55efdcfbd4f8ae11c7): add logs for `terraform-exporter` and fix empty node template alert ([#issue](https://github.com/deckhouse/deckhouse/issues/91)).
- [Refactoring](https://github.com/deckhouse/deckhouse/commit/9d2ff9d90592b6e977e4372b2a518d812f1d0063): `kube-`dns module is rewritten in Go.
- [Fix](https://github.com/deckhouse/deckhouse/commit/b7dfaacea160ffaea503456b3fb0e51a4dc04b91): split grouped alert about unavailable images into two alerts.
- [Enhancement](https://github.com/deckhouse/deckhouse/commit/8a5a546a5c980c15e4becffa4fc80e8afb7d0f81): cluster bootstrap in DMZ.
- [Enhancement](https://github.com/deckhouse/deckhouse/commit/10662ffd4c9271a4ea037b49cf99a5d2d09f2834): remove migrations and unnecessary old hooks.
- [Enhancement](https://github.com/deckhouse/deckhouse/commit/cba1bf187c2e9ebf082b5d8af31fb583f71fb124): some components moved to repositories in the [deckhouse](https://github.com/deckhouse/) organization (on the GitHub).
- [Enhancement](https://github.com/deckhouse/deckhouse/commit/40b9fcefad3672da51a84d138f8e305eadb2994b): remove helm patches. Fix bugs in templates.
- [Fix](https://github.com/deckhouse/deckhouse/commit/1fd4d477266065cba795ebfcd26008a07cf5f119): prevent using local ports range as host ports (Deskhouse uses ports lower than 10500).
- [Enhancement](https://github.com/deckhouse/deckhouse/commit/41820f7559a6e701afd1706c27f30cbf80be351c): complete migration to dynamic `resolv.conf`.

RU
Компоненты, которые будут перезапущены в процессе обновления
- IngressNginx
- ControllerManager

Важные изменения

[Установка](https://github.com/deckhouse/deckhouse/commit/2a6e2eeb32ba4f1a6c24ec5feb9e8eded5eec0c6) необходимых пакетов из registry Deckhouse
Все необходимые для работы Deckhouse образы теперь доступны по одному адресу - `registry.deckhouse.io`, без использования каких-либо других внешних ресурсов.

Это позволяет устанавливать Deckhouse в том числе в окружении с ограниченным доступом в интернет, - достаточно обеспечить доступ к `registry.deckhouse.io` напрямую или через доверенный внутренний proxy-сервер (кеширующий registry).

Ingress nginx-контроллер [отдает](https://github.com/deckhouse/deckhouse/commit/d45a5f22d7b7bc7271f062e2201a5d4e8a4d7186) метрики только локально

Endpoint'ы `/healthz` и `/metrics` теперь недоступны на адресе `0.0.0.0`. Это сделано для безопасности работы в режиме `hostNetwork: true`.

Другие изменения
**[control-plane-manager]**
- [Исправление](https://github.com/deckhouse/deckhouse/commit/e3ea524224a76b82e5076d6e007f29bec812b4ba) состояния гонки etcd-хуков.
- [Исправление](https://github.com/deckhouse/deckhouse/commit/0bafd0fc1dc78759bfa01c88998d79f6f9737f08): `terminated-pod-gc-threshold` установлен в 12500.

**[monitoring-kubernetes]**
- [Добавлен](https://github.com/deckhouse/deckhouse/commit/0101ec7ddacd8e4e226a8af9ec56dcba4b22d5f4) алерт об использовании Docker, в связи с необходимостью миграции на containerd.
- [Сохранение](https://github.com/deckhouse/deckhouse/commit/799b00d091189cf43fd70c683c1168ba2731dedf) текущего временного интервала при переходе по ссылкам в досках.
- [Исправлена](https://github.com/deckhouse/deckhouse/commit/63ba419f933cc6acadde9add29add9760592d7ba) [проблема](https://github.com/deckhouse/deckhouse/issues/81) зависания `kubelet-eviction-exporter` при завершении работы.
- [Исправление](https://github.com/deckhouse/deckhouse/commit/44d6178b27624a9ceaa150d1fc2541e8fb8c10af): отключены алерты о cri на узлах, где cri не под управлением Deckhouse.
- [Исправление](https://github.com/deckhouse/deckhouse/commit/6b560e67d0e7f6d1bb440d8d4b342a452f503d84) throttling-графика на доске Namespaces ([#issue](https://github.com/deckhouse/deckhouse/issues/108)).

**[ingress-nginx]**
- [Исправление](https://github.com/deckhouse/deckhouse/commit/d63ce7718862fc0c68e8675b488e520609bc16d3): запрет изменений поля .spec.inlet.

**[monitoring-applications]**
- [Исправление](https://github.com/deckhouse/deckhouse/commit/197770308bf4fda55ed04f8c0e58bb8d9ab966e1) доски memcached.

**[monitoring-control-plane]**
- [Улучшение](https://github.com/deckhouse/deckhouse/commit/f0a75b29aa04f61f6662f82aefbc95cdd3e62e81): добавлен алерт о приближении размера базы данных etcd к лимиту.

**[cloud-provider-openstack]**
- [Исправление](https://github.com/deckhouse/deckhouse/commit/dcef052f78798e847ee2fee12fed5f85c6cf5d57) поддержки custom `caCert`.

**[cloud-provider-yandex]**
- [Исправление](https://github.com/deckhouse/deckhouse/commit/efa96f056473f0fc45c174af8ec25e988c85f5fd): поднята версия `yandex-cloud-controller-manager` до v0.21.1, содержащей исправление удаления TargetGroups. Актуально **только для Kubernetes 1.21**.

**[upmeter]**
- [Улучшение](https://github.com/deckhouse/deckhouse/commit/5ad7216696314d0a9275efed3d6b642595decc64): использование домена `kubernetes.default.svc.<global.discovery.clusterDomain>` в проверках DNS.
- [Улучшение](https://github.com/deckhouse/deckhouse/commit/a0dfb5499d402d47454c49ea657d8cb45725a006): synthetic-пробы толерантны к перекатам `smoke-mini`.
- [Улучшение](https://github.com/deckhouse/deckhouse/commit/ad89ca59fe33972e9a7cdea4149012a3572d03fa): пробы `node-exporter` толерантны к недоступности Readiness-проб отдельных подов некоторое время.
- [Обновление](https://github.com/deckhouse/deckhouse/commit/a4b2cd644253967443f8ce41b3033484a8e4419c) проб Deckhouse.
- [Добавлена](https://github.com/deckhouse/deckhouse/commit/8880c26bccbed91ab4cbc69b98443733c01e7ed3) группа проб load-balancing.
- [Добавлена](https://github.com/deckhouse/deckhouse/commit/6127b46a2f419169cd8407b76c75801f9ca2b7fc) группа проб для работы автомасштабирования кластера.

**[dhctl]**
- [Исправление](https://github.com/deckhouse/deckhouse/commit/675a775d899ddf0ace76d1b33c66a866e4446d9a) ошибки `fs watcher for intermediate terraform state file` при converge из кластера.
- [Исправление](https://github.com/deckhouse/deckhouse/commit/fc8db1d81296feba67c1b562f68d00ec9518d169) ошибок, возникающих при прерывании работы и удалении.
- [Улучшение](https://github.com/deckhouse/deckhouse/commit/3a85bcbe7c71be1a4b973346ee71914224827995) работы с блокировками во время converge’а.

**[docs]**
- [Добавлен](https://github.com/deckhouse/deckhouse/commit/6bed8c5a116193f4c59edc2211b2b205f0406bde) Code of Conduct Deckhouse community, основанный на Code of Conduct Contributor Covenant v2.1.
- [Переводы](https://github.com/deckhouse/deckhouse/commit/e49e349ddba8b8e4d8651e63884984c412a9c00c) всех алертов на Английский язык.

**[prometheus]**
- [Улучшение](https://github.com/deckhouse/deckhouse/commit/a86ade869bd7338214ea4f2943cae0c2a3d6f4cf): добавлена поддержка `remote_write.tls_config.insecure_skip_verify`.

**[user-authn]**
- [Исправление](https://github.com/deckhouse/deckhouse/commit/f4526e182d74881c31f3c3da2814a00a26f6089b) readiness-пробы `dex-authenticator`.
- [Улучшение](https://github.com/deckhouse/deckhouse/commit/441ee3e251ae3d7c1a0fbade6d20d2c45e8db92c): поднята версия Dex до `v2.30.0`.
- [Рефакторинг](https://github.com/deckhouse/deckhouse/commit/ff966587846af5df82823ea38eacbe0c450f80c3): в хуке удалена проверка на существование объекта в Kubernetes перед его удалением.

**[user-authz]**
- [Исправление](https://github.com/deckhouse/deckhouse/commit/c18fcd48c8982b883c2984433043f61e17acd8ea) названия `ResourceQuota` в правилах RBAC.

**[deckhouse-web]**
- [Улучшение]: показ используемой версии, канала обновлений и редакции.

Другие внутренние изменения
- [Улучшение](https://github.com/deckhouse/deckhouse/commit/c679e5ed35ed529f740b0fab0c3e0c92ca2a4ade): добавлен bashible step для авто-ресайза разделов ext4.
- [Улучшение](https://github.com/deckhouse/deckhouse/commit/024ffb7abbb3449117bd95d67e30e2b2880e6309): биндинг `cloud-controller-manager` на внутренний IP (требование безопасности).
- [Добавлено](https://github.com/deckhouse/deckhouse/commit/a4b15e715c30e4708960d32a163b9b77db3b4e95) описание в ресурсе cluster configuration для `cloud-provider-gcp`.
- [Исправление](https://github.com/deckhouse/deckhouse/commit/1f5971bcf281e10ffe29dc61865d16392d7a7108): пропуск пустых документов в YAML-файлах ([go_lib] `ensure_crds`).
- [Улучшение](https://github.com/deckhouse/deckhouse/commit/ca07d5852a9553de7bec4d55efdcfbd4f8ae11c7): добавлено ведение логов `terraform-exporter` и исправлена [проблема](https://github.com/deckhouse/deckhouse/issues/91).
- [Рефакторинг](https://github.com/deckhouse/deckhouse/commit/9d2ff9d90592b6e977e4372b2a518d812f1d0063): модуль `kube-dns` переписан на Go.
- [Исправление](https://github.com/deckhouse/deckhouse/commit/b7dfaacea160ffaea503456b3fb0e51a4dc04b91): алерт о недоступности образов разделен на два, для возможности по разному реагировать на события недоступности образов компонентов Deckhouse и остальных приложений.
- [Улучшение](https://github.com/deckhouse/deckhouse/commit/8a5a546a5c980c15e4becffa4fc80e8afb7d0f81): возможность развертывания кластера в закрытом контуре (DMZ).
- [Улучшение](https://github.com/deckhouse/deckhouse/commit/10662ffd4c9271a4ea037b49cf99a5d2d09f2834): удалены неактуальные миграции и хуки.
- [Улучшение](https://github.com/deckhouse/deckhouse/commit/cba1bf187c2e9ebf082b5d8af31fb583f71fb124): перенос репозиториев некоторых компонентов в организацию [deckhouse](https://github.com/deckhouse) на GitHub.
- [Улучшение](https://github.com/deckhouse/deckhouse/commit/40b9fcefad3672da51a84d138f8e305eadb2994b): удалены helm-патчи и исправлены шаблоны.
- [Исправление](https://github.com/deckhouse/deckhouse/commit/1fd4d477266065cba795ebfcd26008a07cf5f119): предотвращение использования диапазона локальных портов на узле, который может конфликтовать с сервисами Deckhouse (Deckhouse использует порты ниже 10500 на узлах).
- [Улучшение](https://github.com/deckhouse/deckhouse/commit/41820f7559a6e701afd1706c27f30cbf80be351c): завершение процесса миграции на динамический `resolv.conf`.