Know before update
* Cluster will upgrade Kubernetes version to `1.27` if the [kubernetesVersion](https://deckhouse.io/documentation/v1/installing/configuration.html#clusterconfiguration-kubernetesversion) parameter is set to `Automatic`.
* Support for Istio 1.12 and 1.13 has been discontinued. The DKP update will not take place if Istio 1.12 or 1.13 is in use in the cluster.
Major changes
* **Ubuntu 24.04** support has been added.
* **Support for NGINX Ingress Controller 1.10** (that includes support for Nginx 1.25 and HTTP/3) has been added. Note that there may be incompatibility of directives at the configuration-snippet level and more. Also, in version 1.10, GeoIP support has been dropped in favor of GeoIP2.
* The new **static-routing-manager** module. The module allows using Kubernetes resources to manage static routing ([RoutingTable](https://deckhouse.io/documentation/v1.61/modules/025-static-routing-manager/cr.html#routingtable) resource) and routing policies (policy routing, [IPRuleSet](https://deckhouse.io/documentation/v1.61/modules/025-static-routing-manager/cr.html#ipruleset) resource) on nodes.
* A feature to implement a fault-tolerant Egress Gateway has been added. You can configure it using the [EgressGateway](https://deckhouse.io/documentation/v1.61/modules/021-cni-cilium/cr.html#egressgateway) and [EgressGatewayPolicy](https://deckhouse.io/documentation/v1.61/modules/021-cni-cilium/cr.html#egressgatewaypolicy) custom resources. The EgressGateway resource allows you to allocate a group of nodes as gateways for external requests. The active node is then selected out of those nodes to process external requests. The EgressGatewayPolicy resource defines how external application requests will be routed through the configured gateways (only available when using the cni-cilium module).
* Additional pre-installation checks prior to the installation using the dhct tool have been added (checks to make sure that the data to connect to container registry and establish SSH connections is valid as well as a check to make sure that containerd is not installed).
* Metrics for monitoring by node groups have been added. Refer to the [documentation](https://deckhouse.io/documentation/v1.61/modules/040-node-manager/#monitoring) for more details.
* The [fencing](https://github.com/deckhouse/deckhouse/pull/6421) feature automatically isolates problem nodes in a Kubernetes cluster to improve its reliability and fault tolerance. When the system detects that a node loses connection to the Kubernetes API, it initiates the process of disconnecting that node. This prevents possible failures and minimizes the risks of data loss, ensuring more reliable operation of Stateful applications.
Component version updates
- Kubernetes control plane: `v1.27.14`, `v1.28.10`, `v1.29.5`
- deckhouse-cli (d8 tool): `v0.1.2`
- image-availability-exporter (extended-monitoring): `v0.8.0`
A list of internal modules or their components that will be restarted during the upgrade
- **Kubernetes control plane**
- **Ingress controller**
- cloud-provider-vcd
- cloud-provider-yandex
- documentation
- image-availability-exporter (extended-monitoring)
- kube-dns
- node-manager
- user-authn
See [CHANGELOG v1.61](https://github.com/deckhouse/deckhouse/blob/main/CHANGELOG/CHANGELOG-v1.61.md) for more details.