Cozystack v0.31–0.33

Cozystack v0.31–0.33 Releases: Air Gap, Backup System, AI workloads in K8s, replace for Helm and other features

It’s been a while since we last covered Cozystack’s updates — time to fix that! We’re thrilled to showcase a wealth of new features and key improvements in this roundup. For brevity, we’ve curated only the most significant changes here (you’ll find all fixes and enhancements in the release notes, linked throughout the article).

What is Cozystack. Cozystack is a free PaaS and framework for building clouds that unifies VMs, containers, and GPU workloads under Kubernetes. Companies can turn hardware into a cloud: offer users or customers managed K8s, VMs, managed data bases, applications and GPU services. With KubeVirt integration, multi-tenancy, and bare-metal simplicity, it lets enterprises deploy AI, databases, or edge apps without vendor lock-in. Cozystack is a CNCF Sandbox project.

V0.33.0: Improved Allocation Management, New Backup System, NFS Support

Cozystack 0.33.0 introduces unified resource management with global CPU/memory allocation ratios now applied across VMs, apps, and quotas. The update delivers Velero-powered PVC backups, NFS storage support, and CPU pinning for multi-socket systems, while simplifying resource definitions with automatic migration from legacy configs.

Unified CPU and Memory Allocation Management. Since version 0.31.0, Cozystack introduced a single-point-of-truth configuration variable cpu-allocation-ratio, making CPU resource requests and limits uniform in Virtual Machines managed by KubeVirt. The new release 0.33.0 introduces memory-allocation-ratio and expands both variables to all managed applications and tenant resource quotas.

Resource presets also respect the allocation ratios and behave in the same way as explicit resource definitions. The new resource definition format is concise and simple for platform users.

# resourcePrese
# resource definition in the configuration
resources:
  cpu: 
  memory: 

It results in Kubernetes resource requests and limits, based on defined values and the universal allocation ratios:

# actual requests and limits, provided to the application
resources:
  limits:
    cpu: 
    memory: 
  requests:
    cpu: 
    memory: 

When updating from earlier Cozystack versions, resource configuration in managed applications will be automatically migrated to the new format.

Backing up and Restoring Data in Tenant Kubernetes. One of the main features of the release is backup capability for PVCs in tenant Kubernetes clusters. It enables platform and tenant administrators to back up and restore data used by services in the tenant clusters. This new functionality in Cozystack is powered by Velero and needs an external S3-compatible storage.

Support for NFS Storage. Cozystack now supports using NFS shared storage with a new optional system module. See the documentation.

Other Features and Improvements

• Enable PVC backups in tenant Kubernetes clusters, powered by Velero.
• Enable NFS support by introducing a new optional system module nfs-driver.
• Configure CPU sockets available to VMs with the resources.cpu.sockets configuration value. The update enables custom VM resource allocation beyond predefined instance types, including NUMA-aware CPU pinning for multi-socket systems — allowing precise socket assignment for virtual machines.
• Add support for using pre-imported “golden image” disks for virtual machines, enabling faster provisioning by referencing existing images instead of downloading via HTTP.
• Add an option to expose the Ingress-NGINX controller in tenant Kubernetes cluster via LoadBalancer. New configuration value exposeMethod offers a choice of Proxied and LoadBalancer.
• Respect cpu-allocation-ratio in tenant’s resourceQuotas. Resource specifications now use identical units and conversions in both configuration and resource logs.
• Better support for Java applications by calculating heap parameters from memory requests and limits. Introduce helper function to calculate Java heap params based on memory requests and limits.

All changes: v0.33.0.

Many thanks to all contributors.

v0.32.0: cozypkg, PostgreSQL backups, un-hardcoded cozy.local

Cozystack’s latest release revolutionizes platform management by replacing Helm with cozypkg as the default package manager, while introducing granular CPU allocation in vCPUs and tenant-level registry mirror support. The update brings a lot of fixes and modernizes core components including Flux and Cilium, alongside new OCI installation docs.

Major Features and Improvements

cozypkg. cozy wrapper around Helm and Flux CD for local development. Article about new tool.

Usage:
 cozypkg [command]

Available Commands:
 apply       Upgrade or install the HelmRelease and sync status
 completion  Generate shell‑autocomplete script
 delete      Uninstall the release
 diff        Show live vs desired manifests
 get         Get one or many HelmReleases
 list        List HelmReleases
 reconcile   Trigger Flux reconciliation
 resume      Resume a suspended release
 show        Render manifests (helm template)
 suspend     Suspend a release (Flux stops reconciling)
 version     Print version

HelmRelease reconciler for system components. Automated monitoring of key configuration changes to ensure system applications are promptly updated when relevant settings are modified.

Enable using container registry mirrors by tenant Kubernetes clusters. Configure containerd for tenant Kubernetes clusters.

Other Features and Improvements

• Allow users to specify CPU requests in vCPUs.
• Annotate all child objects of apps with uniform labels for tracking by WorkloadMonitors. Enables more precise tracking and monitoring of resource utilization.
• Introduce cluster-domain option and un-hardcode cozy.local. Previously, management clusters used our non-default domain while Kubernetes DNS defaulted to cluster.local — forcing constant workarounds for apps expecting the standard domain. This change eliminates those compatibility headaches.
• Add RBAC rules to allow port forwarding in KubeVirt for SSH via virtctl.
• Add events and audit logging. Event and audit log collection is now implemented.
• Introduce new functionality for backup and restore in PostgreSQL.
• Refactor resources in managed applications.
• Make VMAgent’s extraArgs tunable.
• Introduce cozyreport tool and gather reports in CI. All diagnostic information is now preserved as build artifacts.

Components Updates

• Introduce cozykpg, update to v1.1.0.
• Update flux-operator to 0.23.0, Flux to 2.6.x.
• Update Talos Linux to v1.10.3.
• Update Cilium to v1.17.4.
• Update MetalLB to v0.15.2.
• Update Kube-OVN to v1.13.13.
• Update cozy-proxy to v0.2.0.
• Update Kafka Operator to 0.45.1-rc1.

New Documentation Pages

• Oracle Cloud Infrastructure installation guide.
• Cluster configuration with talosctl.
• Configuring container registry mirrors for tenant Kubernetes clusters.
• Explain application management strategies and available versions for managed applications.
• How to clean up etcd state.

All changes: v0.32.0, v0.32.1, v0.32.2

Many thanks to all contributors and especially to new contributors:

• @kevin880202 made their first contribution in #948
• @mattia-eleuteri made their first contribution in #1027

v0.31: AI Workloads in Kubernetes, ARM Support, Air Gap and Smarter Autoscaling

v031 supercharges AI/ML workloads with native NVIDIA GPU support in Kubernetes, letting users deploy GPU-accelerated applications like Stable Diffusion. The update also delivers ARM64 beta support, smarter auto-scaling via VerticalPodAutoscaler, and enhanced VM management with exportable KubeVirt machines — all backed by a more robust release cycle.

Major Features and Improvements

Installing Talos in Air-Gapped Environments. We cooked a new guide for configuring and bootstrapping Talos Linux clusters in air-gapped environments).

GPU support for tenant Kubernetes clusters. Cozystack now integrates NVIDIA GPU Operator support for tenant Kubernetes clusters. Platform users now can run GPU-powered AI/ML workloads in VMs and Kubernetes clusters.

How to use:

• Docs for VMs.
• CNCF on-demand webinar showcasing the GPU support by running Stable Diffusion in Cozystack.

ARM Support Beta (Cross-Architecture Builds). Cozystack’s build system was refactored to support multi-architecture binaries and container images. This paves the road to running Cozystack on ARM64 servers. Changes include Makefile improvements and multi-arch Docker image builds.

VerticalPodAutoscaler (VPA) Expansion. The VerticalPodAutoscaler is now enabled for more Cozystack components to automate resource tuning. Specifically, VPA was added for tenant Kubernetes control planes, the Cozystack Dashboard, and the Cozystack etcd-operator. All Cozystack components that have VPA enabled can automatically adjust their CPU and memory requests based on usage, improving platform and application stability.

Other Features and Improvements

• Gateway API support in Cilium is now enabled, allowing advanced L4/L7 routing features via Kubernetes Gateway API.
• Cozystack now permits custom user-provided parameters in the tenant cluster’s Cilium configuration.
• Tenant HelmRelease Reconcile Controller. This controller propagates configuration changes to tenant workloads and ensures that any HelmRelease defined in a tenant stays in sync with platform updates. It improves the reliability of deploying managed applications in Cozystack.
• Configurable KubeVirt CPU Overcommit. The CPU allocation ratio in KubeVirt (how virtual CPUs are overcommitted relative to physical) is now configurable via the cpu-allocation-ratio value in the Cozystack configmap. This means Cozystack administrators can now tune CPU overcommitment for VMs to balance performance vs. density.
• KubeVirt VM Export. Cozystack now allows exporting KubeVirt virtual machines. This feature, enabled via KubeVirt’s VirtualMachineExport capability, lets users snapshot or back up VM images.
• Support for various storage classes in Virtual Machines. The virtual-machine application (since version 0.9.2) lets you pick any StorageClass for a VM’s system disk instead of relying on a hard-coded PVC. Refer to values systemDisk.storage and systemDisk.storageClass in the application’s configs.

New documentation pages

• Installing Talos in Air-Gapped Environment: new guide for configuring and bootstrapping Talos Linux clusters in air-gapped environments).
• Cozystack Bundles: new page in the learning section explaining how Cozystack bundles work and how to choose a bundle.
• Managed Application Reference: A set of new pages in the docs, mirroring application docs from the Cozystack dashboard.
• LINSTOR Networking: Guides on configuring dedicated network for LINSTOR and configuring network for distributed storage in multi-datacenter setup.

New Release Lifecycle

The Cozystack community has introduced a new release policy for the platform. New release lifecycle is changing to provide a more stable and predictable lifecycle to customers running Cozystack in mission-critical environments.

• Gradual Release with Alpha, Beta, and Release Candidates: Cozystack will now publish pre-release versions (alpha, beta, release candidates) before a stable release. Starting with v0.31.0, the team made three release candidates before releasing version v0.31.0. This allows more testing and feedback before marking a release as stable.
• Prolonged Release Support with Patch Versions: After the initial vX.Y.0 release, a long-lived branch release-X.Y will be created to backport fixes. For example, with 0.31.0’s release, a release-0.31 branch will track patch fixes (0.31.x). This strategy lets Cozystack users receive timely patch releases and updates with minimal risks.

To implement these new changes, we have rebuilt our CI/CD workflows and introduced automation, enabling automatic backports. You can read more about how it’s implemented in the Development section below.

All changes: v0.31.2, v0.31.1, v0.31.0

Many thanks to all contributors and especially to new contributors:

• @etoshutka made their first contribution in #872
• @dtrdnk made their first contribution in #896
• @zdenekjanda made their first contribution in #924
• @gwynbleidd2106 made their first contribution in #962