Helm 2.20.1 Release Content
Kubernetes - Helm EA branch: GKE Autopilot Support, priority class enhancements
Type: New Feature
Description:
The following features have been added to the Helm EA branch:
Support GKE Autopilot clusters (version 1.25 and above) via helm flag:
--set platform=gke.autopilotAllow specifying priority class per agent. Set 'cluster-critical' and 'node-critical' priority class for agents by default
Autopilot Supported Blades: Inventory, Compliance, Image Assurance, Admission Controller and Threat Intelligence
Known limitations:
Auto-detection of Autopilot is not supported (i.e., installation may fail if
platformis not set explicitly)Autopilot versions prior to 1.25 are not supported
Helm 2.20.0 Release Content
Image Assurance 2.21.0:
Improvements for slow networks and large images
Runtime Protection | runtime-daemon 1.6.2, runtime-probe 0.30.2-cp-3, runtime-cos-compat 0.0.9
Google COS support for File Reputation engine
Security enhancements
Profiling engine improvements - better detection of startup event
Reduced Memory & CPU footprint
All features
FluentBit removal
2.19.1: IA: Artifactory auto-discovery, CRI v1 etc.; RP: enhancement.
Image Assurance 2.20.1
Support JFrog Artifactory auto-discovery
When onboarding an Artifactory instance to CloudGuard you should provide the FQDN of the Artifactory server. CloudGuard will scan images of all discovered sub-registries
Agents load updated registry credentials and CA bundle without requiring a restart
CRI: support v1 API following v1alpha2 removal
CRI-O/Openshift: support nodes without podman, do not use podman if possible
Runtime Protection - daemon 1.0.0, probe 0.28.0-cp-7
Logging enhancements
Telemetry enhancements
Security enhancements