diff --git a/versioned_docs/version-2.21/release-notes.md b/versioned_docs/version-2.21/release-notes.md index c1a5bed5..874cebc7 100644 --- a/versioned_docs/version-2.21/release-notes.md +++ b/versioned_docs/version-2.21/release-notes.md @@ -1,6 +1,19 @@ [comment]: # (Code generated by relnotesgen. DO NOT EDIT.) # Telepresence Release Notes +## Version 2.21.1 (December 17) +##
bugfix
[Allow ingest of serverless deployments without specifying an inject-container-ports annotation](https://github.com/telepresenceio/telepresence/issues/3741)
+
+ +The ability to intercept a workload without a service is built around the `telepresence.getambassador.io/inject-container-ports` annotation, and it was also required in order to ingest such a workload. This was counterintuitive and the requirement was removed. An ingest doesn't use a port. +
+ +##
bugfix
Upgrade module dependencies to get rid of critical vulnerability.
+
+ +Upgrade module dependencies to latest available stable. This includes upgrading golang.org/x/crypto, which had critical issues, from 0.30.0 to 0.31.0 where those issues are resolved. +
+ ## Version 2.21.0 (December 13) ##
feature
[Automatic VPN conflict avoidance](reference/vpn)
diff --git a/versioned_docs/version-2.21/release-notes.mdx b/versioned_docs/version-2.21/release-notes.mdx index b30043e2..45fa434b 100644 --- a/versioned_docs/version-2.21/release-notes.mdx +++ b/versioned_docs/version-2.21/release-notes.mdx @@ -7,6 +7,15 @@ import { Note, Title, Body } from '@site/src/components/ReleaseNotes' [comment]: # (Code generated by relnotesgen. DO NOT EDIT.) # Telepresence Release Notes +## Version 2.21.1 (December 17) + + Allow ingest of serverless deployments without specifying an inject-container-ports annotation + The ability to intercept a workload without a service is built around the `telepresence.getambassador.io/inject-container-ports` annotation, and it was also required in order to ingest such a workload. This was counterintuitive and the requirement was removed. An ingest doesn't use a port. + + + Upgrade module dependencies to get rid of critical vulnerability. + Upgrade module dependencies to latest available stable. This includes upgrading golang.org/x/crypto, which had critical issues, from 0.30.0 to 0.31.0 where those issues are resolved. + ## Version 2.21.0 (December 13) Automatic VPN conflict avoidance diff --git a/versioned_docs/version-2.21/troubleshooting.md b/versioned_docs/version-2.21/troubleshooting.md index 7b90b02c..05a0591f 100644 --- a/versioned_docs/version-2.21/troubleshooting.md +++ b/versioned_docs/version-2.21/troubleshooting.md @@ -43,7 +43,27 @@ After you've installed `sshfs`, if mounts still aren't working: 2. Add your user to the "fuse" group with: `sudo usermod -a -G fuse ` 3. Restart your computer after uncommenting `user_allow_other` -### No Sidecar Injected in GKE private clusters +## DNS is broken on macOS + +Commands like `dig` cannot find cluster resources even though Telepresence is connected to the cluster, but it works +with `curl`. + +This is because `dig`, and some other utilities on macOS have their own built-in DNS client which bypasses the macOS +native DNS system and use the libc resolver directly. Here's an excerpt from the `dig` command's man-page: +> Mac OS X NOTICE +> +> The nslookup command does not use the host name and address resolution or the DNS query routing +> mechanisms used by other processes running on Mac OS X. The results of name or address queries +> printed by nslookup may differ from those found by other processes that use the Mac OS X native +> name and address resolution mechanisms. The results of DNS queries may also differ from queries +> that use the Mac OS X DNS routing library. + +A command that should always work is: +```console +$ dscacheutil -q host -a name +``` + +## No Sidecar Injected in GKE private clusters An attempt to `telepresence intercept` results in a timeout, and upon examination of the pods (`kubectl get pods`) it's discovered that the intercept command did not inject a sidecar into the workload's pods: