Cozystack v0.20 Release: Terraform, Keycloak, and Stability & Security Improvements
Cozystack v0.20 Release: Terraform, Keycloak, and Stability & Security Improvements
This release focuses on enhancing stability while addressing a significant number of bugs and introducing new features.
What’s new
- Kube-OVN updated to the latest stable release.
- Improved logic in KubeVirt CCM, delivering more reliable load balancers for tenant Kubernetes clusters.
- Resolved user permissions issues in OIDC.
- Added a dedicated cluster admin group.
- Fixed alerts and dashboards in Grafana.
- NATs now supports enabling JetStream and passing configuration files.
- Introduced Terraform support for interacting with our API.
In v0.19, we introduced OIDC support, along with the integration of Keycloak. However, due to the need for stability improvements, we did not announce v0.19 separately. With this release, Keycloak is bundled with Cozystack, providing seamless OIDC support.
OIDC functionality
- Automatically configured with a “Cozy” realm, allowing the creation of local users and integration with external OIDC providers.
- Each tenant receives 4 default groups, and the tenant application offers an auto-generated kubeconfig file pre-configured for authentication via Keycloak.
- Added support for Keycloak as Code using the Keycloak Operator.
- Automatic integration of Keycloak with Kubernetes clusters and the Kubernetes Dashboard.
- The Talm has been updated to v0.6.6, adding support for configuring the API Server for OIDC.
For more details, check out the project on GitHub.