Venafi Kubernetes Agent releases¶
Learn about current and past releases of Venafi Kubernetes Agent.
Latest release¶
The latest stable version of Venafi Kubernetes Agent is v1.3.0.
Downloads¶
- Container Image:
private-registry.venafi.cloud/venafi-agent/venafi-agent:v1.3.0 - Container Image:
registry.venafi.cloud/venafi-agent/venafi-agent:v1.3.0 - Helm Chart:
oci://registry.venafi.cloud/charts/venafi-kubernetes-agent:1.3.0 - Helm Chart:
oci://private-registry.venafi.cloud/charts/venafi-kubernetes-agent:1.3.0
- Container Image:
private-registry.venafi.eu/venafi-agent/venafi-agent:v1.3.0 - Container Image:
registry.venafi.cloud/venafi-agent/venafi-agent:v1.3.0 - Helm Chart:
oci://registry.venafi.cloud/charts/venafi-kubernetes-agent:1.3.0 - Helm Chart:
oci://private-registry.venafi.eu/charts/venafi-kubernetes-agent:1.3.0
Release v1.3.0¶
Venafi Kubernetes Agent v1.3.0 was released on November 14, 2024.
Key features¶
- Venafi Kubernetes Agent discovers and reports metadata, such as labels and annotations, set on Kubernetes resources like Secrets. You can now customize discovery by excluding specific labels and annotations from being reported to Venafi Control Plane. For more information, see Configuring annotations.
-
The Agent's output logs have been enhanced to be structured, providing more detailed and readable information. By default, the logs are in the textual format. To output logs in JSON format, use the
--logging-format=jsonflag. You can also change the verbosity level using the-vflag.Format comparison
Before:
2024/11/14 13:53:38 Preflight agent version: development () 2024/11/14 13:53:38 Using the Venafi Cloud Key Pair Service Account auth mode since --client-id and --private-key-path were specified. 2024/11/14 13:53:38 Using period from config 5m0s 2024/11/14 13:53:38 Loading upload_path from "venafi-cloud" configuration. 2024/11/14 13:53:38 error messages will not show in the pod's events because the POD_NAME environment variable is empty 2024/11/14 13:53:38 starting "k8s/namespaces" datagatherer 2024/11/14 13:53:38 starting "k8s/secrets" datagatherer 2024/11/14 13:54:47 server missing resource for datagatherer of "cert-manager.io/v1, Resource=issuers" W1114 13:54:47.844087 31016 reflector.go:561] pkg/mod/k8s.io/client-go@v0.31.1/tools/cache/reflector.go:243: failed to list networking.istio.io/v1alpha3, Resource=virtualservices: the server could not find the requested resource 2024/11/14 13:54:47 server missing resource for datagatherer of "networking.istio.io/v1alpha3, Resource=virtualservices" W1114 13:54:48.042893 31016 reflector.go:561] pkg/mod/k8s.io/client-go@v0.31.1/tools/cache/reflector.go:243: failed to list jetstack.io/v1alpha1, Resource=venafiissuers: the server could not find the requested resource 2024/11/14 13:53:38 successfully gathered 7 items from "k8s/namespaces" datagatherer 2024/11/14 13:53:38 successfully gathered 5 items from "k8s/secrets" datagatherer 2024/11/14 13:53:38 Posting data to: https://api.venafi.cloud/ 2024/11/14 13:53:39 Data sent successfully.After:
I1114 13:52:48.941205 30246 run.go:59] "Starting" logger="Run" version="development" commit="" I1114 13:52:48.941655 30246 config.go:404] "Using the Venafi Cloud Key Pair Service Account auth mode since --client-id and --private-key-path were specified." logger="Run" I1114 13:52:48.941666 30246 config.go:540] "Using period from config" logger="Run" period="5m0s" I1114 13:52:48.941680 30246 config.go:767] "Loading upload_path from \"venafi-cloud\" configuration." logger="Run" I1114 13:52:48.941880 30246 run.go:117] "Healthz endpoints enabled" logger="Run.APIServer" addr=":8081" path="/healthz" I1114 13:52:48.941889 30246 run.go:121] "Readyz endpoints enabled" logger="Run.APIServer" addr=":8081" path="/readyz" E1114 13:52:48.943810 30246 run.go:269] "Error messages will not show in the pod's events because the POD_NAME environment variable is empty" logger="Run" I1114 13:52:49.655153 30246 run.go:409] "Data sent successfully" logger="Run.gatherAndOutputData.postData"
Downloads
- Container Image:
private-registry.venafi.cloud/venafi-agent/venafi-agent:v1.3.0 - Container Image:
registry.venafi.cloud/venafi-agent/venafi-agent:v1.3.0 - Helm Chart:
oci://registry.venafi.cloud/charts/venafi-kubernetes-agent:1.3.0 - Helm Chart:
oci://private-registry.venafi.cloud/charts/venafi-kubernetes-agent:1.3.0
- Container Image:
private-registry.venafi.eu/venafi-agent/venafi-agent:v1.3.0 - Container Image:
registry.venafi.cloud/venafi-agent/venafi-agent:v1.3.0 - Helm Chart:
oci://registry.venafi.cloud/charts/venafi-kubernetes-agent:1.3.0 - Helm Chart:
oci://private-registry.venafi.eu/charts/venafi-kubernetes-agent:1.3.0
Release v1.2.0¶
Venafi Kubernetes Agent v1.2.0 was released on October 31, 2024.
Key features¶
- You can now diagnose issues with the Venafi Kubernetes Agent by looking at the Kubernetes events attached to its pod.
- Venafi Kubernetes Agent now compresses its requests made to the Venafi Control Plane API, reducing the network traffic by 90%.
Downloads
- Container Image:
private-registry.venafi.cloud/venafi-agent/venafi-agent:v1.2.0 - Container Image:
registry.venafi.cloud/venafi-agent/venafi-agent:v1.2.0 - Helm Chart:
oci://registry.venafi.cloud/charts/venafi-kubernetes-agent:1.2.0 - Helm Chart:
oci://private-registry.venafi.cloud/charts/venafi-kubernetes-agent:1.2.0
- Container Image:
private-registry.venafi.eu/venafi-agent/venafi-agent:v1.2.0 - Container Image:
registry.venafi.cloud/venafi-agent/venafi-agent:v1.2.0 - Helm Chart:
oci://registry.venafi.cloud/charts/venafi-kubernetes-agent:1.2.0 - Helm Chart:
oci://private-registry.venafi.eu/charts/venafi-kubernetes-agent:1.2.0
Release v1.1.0¶
Venafi Kubernetes Agent v1.1.0 was released on October 7, 2024.
Key features¶
- The agent now reports the annotations and labels of namespaces and secrets to the Venafi Control Plane.
- The agent now exposes readiness and liveness probes.
- In Venafi Cloud Key Pair Service Account mode, you can now omit the
serverfield in the configuration file. It defaults to the URLhttps://api.venafi.cloud. If you are in the European region, you still need to setserver: https://api.venafi.eufield in the configuration file. - It is now possible to use the
--periodflag without giving the period field. - The
--helpflag content has been re-written to help explain how authentication flags interact with each other. - You can no longer use
--private-key-pathalong with--credentials-path. Previously,--private-key-pathwas ignored if--credentials-pathwas provided. Now, the two options are mutually exclusive and a helpful message is shown when trying to use both. - Helm chart values are now validated to alert you if they contain errors to help you quickly identify typos in fields.
- The
--private-key-pathflag now defaults to an empty string. It previously defaulted to/etc/venafi/agent/key/privatekey.pemand the flag was omitted from the deployment manifest. This was confusing to users trying to understand how this private key was being configured. A helpful message is now shown when trying to run--client-idwithout--private-key-path. - The
uploader_idfield in the configuration file is now deprecated. Setting this field will no longer do anything. A warning is now shown when using this field. This field was deprecated as it was never used by the Venafi Cloud API. Behind the scenes, theuploader_idis arbitrarily set tonoso that the API doesn't raise errors. - The Docker image is now built using cert-manager's base image based on apko's alpine image using ko. As a result, the binary's location in the image is now at
/ko-app/preflightinstead of/bin/preflight. - The binary's size has been reduced from 77MB to 55MB.
Downloads
- Container Image:
private-registry.venafi.cloud/venafi-agent/venafi-agent:v1.1.0 - Container Image:
registry.venafi.cloud/venafi-agent/venafi-agent:v1.1.0 - Helm Chart:
oci://registry.venafi.cloud/charts/venafi-kubernetes-agent:1.1.0 - Helm Chart:
oci://private-registry.venafi.cloud/charts/venafi-kubernetes-agent:1.1.0
- Container Image:
private-registry.venafi.eu/venafi-agent/venafi-agent:v1.1.0 - Container Image:
registry.venafi.cloud/venafi-agent/venafi-agent:v1.1.0 - Helm Chart:
oci://registry.venafi.cloud/charts/venafi-kubernetes-agent:1.1.0 - Helm Chart:
oci://private-registry.venafi.eu/charts/venafi-kubernetes-agent:1.1.0
Release v1.0.0¶
Venafi Kubernetes Agent v1.0.0 was released on September 3, 2024.
Key features¶
-
Secretless authentication
You can now use the Venafi Connection CRD to authenticate to Venafi Control Plane. With the Venafi Connection CRD, you can choose to authenticate using a Workload Identity Federation service account ("secretless").
-
Memory usage improvements
The memory usage of Venafi Kubernetes Agent has been reduced by excluding Helm release Secrets and some standard Secret types. You can configure the ignored types with the Helm value
config.ignoredSecretTypes. -
Logging improvements
The configuration manifest is no longer dumped on startup, uncluttering the logs.
Downloads
- Container Image:
private-registry.venafi.cloud/venafi-agent/venafi-agent:v1.0.0 - Container Image:
registry.venafi.cloud/venafi-agent/venafi-agent:v1.0.0 - Helm Chart:
oci://registry.venafi.cloud/charts/venafi-kubernetes-agent:1.0.0 - Helm Chart:
oci://private-registry.venafi.cloud/charts/venafi-kubernetes-agent:1.0.0
- Container Image:
private-registry.venafi.eu/venafi-agent/venafi-agent:v1.0.0 - Container Image:
registry.venafi.cloud/venafi-agent/venafi-agent:v1.0.0 - Helm Chart:
oci://registry.venafi.cloud/charts/venafi-kubernetes-agent:1.0.0 - Helm Chart:
oci://private-registry.venafi.eu/charts/venafi-kubernetes-agent:1.0.0
Release v0.1.49¶
Venafi Kubernetes Agent v0.1.49 was released on July 11, 2024.
Key features¶
- When the Venafi Kubernetes Agent requires a proxy for outbound connections, and the proxy uses a certificate issued by a private certificate authority, you can now add the certificate authority to a custom CA bundle that will be trusted by the agent. The Helm chart now supports specifying volumes and volume mounts to streamline this process. For more information, see the Venafi Kubernetes Agent Helm values reference page.
- The Helm chart has been enhanced to allow users to control the metrics settings. For more information, see the Venafi Kubernetes Agent Helm values reference page.
- An error preventing Venafi Kubernetes Agent deployment on Red Hat OpenShift clusters has been resolved. The error "runAsUser: Invalid value: 1000", is no longer encountered.
- Following best practices, the default CPU limit for the Agent pod has been removed. This allows for more dynamic resource allocation by Kubernetes.
- Logging improvements have been made for faster issue resolution. For example, the last log message now explicitly identifies the reason a process terminates, helping in troubleshooting.
Downloads
- Container Image:
private-registry.venafi.cloud/venafi-agent/venafi-agent:v0.1.49 - Container Image:
registry.venafi.cloud/venafi-agent/venafi-agent:v0.1.49 - Helm Chart:
oci://registry.venafi.cloud/charts/venafi-kubernetes-agent:0.1.49 - Helm Chart:
oci://private-registry.venafi.cloud/charts/venafi-kubernetes-agent:0.1.49
- Container Image:
private-registry.venafi.eu/venafi-agent/venafi-agent:v0.1.49 - Container Image:
registry.venafi.cloud/venafi-agent/venafi-agent:v0.1.49 - Helm Chart:
oci://registry.venafi.cloud/charts/venafi-kubernetes-agent:0.1.49 - Helm Chart:
oci://private-registry.venafi.eu/charts/venafi-kubernetes-agent:0.1.49
Release v0.1.48¶
Venafi Kubernetes Agent v0.1.48 was released on May 14, 2024.
Key features¶
-
This release adds three new environment variables to the available Helm values:
- HTTP_PROXY: Configures the HTTP_PROXY environment variable where a HTTP proxy is required.
- HTTPS_PROXY: Configures the HTTPS_PROXY environment variable where a HTTP proxy is required.
- NO_PROXY: Configures the NO_PROXY environment variable where a HTTP proxy is required, but certain domains should be excluded.
For more information on Venafi Kubernetes Agent Helm values, see Reference: Venafi Kubernetes Agent Helm values.
Downloads
- Container Image:
private-registry.venafi.cloud/venafi-agent/venafi-agent:v0.1.48 - Container Image:
registry.venafi.cloud/venafi-agent/venafi-agent:v0.1.48 - Helm Chart:
oci://registry.venafi.cloud/charts/venafi-kubernetes-agent:0.1.48 - Helm Chart:
oci://private-registry.venafi.cloud/charts/venafi-kubernetes-agent:0.1.48
- Container Image:
private-registry.venafi.eu/venafi-agent/venafi-agent:v0.1.48 - Container Image:
registry.venafi.cloud/venafi-agent/venafi-agent:v0.1.48 - Helm Chart:
oci://registry.venafi.cloud/charts/venafi-kubernetes-agent:0.1.48 - Helm Chart:
oci://private-registry.venafi.eu/charts/venafi-kubernetes-agent:0.1.48
Release v0.1.47¶
Venafi Kubernetes Agent v0.1.47 was released on March 28, 2024.
Key features¶
-
This release adds the namespace to the configmap, deployment, and serviceaccount Helm templates.
-
This release also mitigates a start-up memory spike issue.
Downloads
- Container Image:
private-registry.venafi.cloud/venafi-agent/venafi-agent:v0.1.47 - Container Image:
registry.venafi.cloud/venafi-agent/venafi-agent:v0.1.47 - Helm Chart:
oci://registry.venafi.cloud/charts/venafi-kubernetes-agent:0.1.47 - Helm Chart:
oci://private-registry.venafi.cloud/charts/venafi-kubernetes-agent:0.1.47
- Container Image:
private-registry.venafi.eu/venafi-agent/venafi-agent:v0.1.47 - Container Image:
registry.venafi.cloud/venafi-agent/venafi-agent:v0.1.47 - Helm Chart:
oci://registry.venafi.cloud/charts/venafi-kubernetes-agent:0.1.47 - Helm Chart:
oci://private-registry.venafi.eu/charts/venafi-kubernetes-agent:0.1.47
Release v0.1.46¶
Venafi Kubernetes Agent v0.1.46 was released on March 15, 2024.
Key features¶
-
This release adds an optional
PodDisruptionBudgethelm value that can be used in yourvalues.yamlfile:podDisruptionBudget: enabled: true -
Labels for Venafi Enhanced Issuer clusterrole / clusterrolebinding were added.
Downloads
- Container Image:
private-registry.venafi.cloud/venafi-agent/venafi-agent:v0.1.46 - Container Image:
registry.venafi.cloud/venafi-agent/venafi-agent:v0.1.46 - Helm Chart:
oci://registry.venafi.cloud/charts/venafi-kubernetes-agent:0.1.46 - Helm Chart:
oci://private-registry.venafi.cloud/charts/venafi-kubernetes-agent:0.1.46
- Container Image:
private-registry.venafi.eu/venafi-agent/venafi-agent:v0.1.46 - Container Image:
registry.venafi.cloud/venafi-agent/venafi-agent:v0.1.46 - Helm Chart:
oci://registry.venafi.cloud/charts/venafi-kubernetes-agent:0.1.46 - Helm Chart:
oci://private-registry.venafi.eu/charts/venafi-kubernetes-agent:0.1.46
Release v0.1.45¶
Venafi Kubernetes Agent v0.1.45 was released on February 6, 2024.
Key features¶
- You can now add cluster name and description information to the Venafi Kubernetes Agent helm chart so that you can connect a cluster to Venafi Control Plane without going using the UI or the Venafi CLI tool.
Downloads
- Container Image:
private-registry.venafi.cloud/venafi-agent/venafi-agent:v0.1.45 - Container Image:
registry.venafi.cloud/venafi-agent/venafi-agent:v0.1.45 - Helm Chart:
oci://registry.venafi.cloud/charts/venafi-kubernetes-agent:0.1.45 - Helm Chart:
oci://private-registry.venafi.cloud/charts/venafi-kubernetes-agent:0.1.45
- Container Image:
private-registry.venafi.eu/venafi-agent/venafi-agent:v0.1.45 - Container Image:
registry.venafi.cloud/venafi-agent/venafi-agent:v0.1.45 - Helm Chart:
oci://registry.venafi.cloud/charts/venafi-kubernetes-agent:0.1.45 - Helm Chart:
oci://private-registry.venafi.eu/charts/venafi-kubernetes-agent:0.1.45
Release v0.1.43¶
Venafi Kubernetes Agent v0.1.43 was released on October 24, 2023.
Key features¶
- Dependencies updates to latest compatible version.
Downloads
- Container Image:
private-registry.venafi.cloud/venafi-agent/venafi-agent:v0.1.43 - Container Image:
registry.venafi.cloud/venafi-agent/venafi-agent:v0.1.43 - Helm Chart:
oci://registry.venafi.cloud/charts/venafi-kubernetes-agent:0.1.43 - Helm Chart:
oci://private-registry.venafi.cloud/charts/venafi-kubernetes-agent:0.1.43
- Container Image:
private-registry.venafi.eu/venafi-agent/venafi-agent:v0.1.43 - Container Image:
registry.venafi.cloud/venafi-agent/venafi-agent:v0.1.43 - Helm Chart:
oci://registry.venafi.cloud/charts/venafi-kubernetes-agent:0.1.43 - Helm Chart:
oci://private-registry.venafi.eu/charts/venafi-kubernetes-agent:0.1.43