Changelog
This changelog lists all updates, improvements and new features our Engineering team develops for our Skyscrapers Reference Developer Platform. These are rolled out automatically to all DevOps-as-a-Service customers.
2026 Q2
- 2026-06-24
Maintenance
Cluster add-on upgrades, with a VPC CNI node-networking fix
Over the past week, alongside the EKS 1.36 production rollout, we shipped a round of cluster add-on updates. The notable one is a VPC CNI fix that makes node networking more robust at startup. VPC CNI: more reliable node networking at startup The AWS VPC …
- 2026-06-24
New Features
Earlier alerting on nodes that can't run their pods
Occasionally a node joins a cluster and reports itself Ready, yet can’t actually run the pods scheduled onto it: its networking never finishes initialising (for example a VPC CNI problem at startup), so every pod placed there stays stuck in Pending. …
- 2026-06-24
New Features
Do more with Tailscale on your clusters
If you reach your clusters over Tailscale, there’s more you can do with it now. We’ve moved the integration onto the official Tailscale Kubernetes Operator. Your existing access keeps working exactly as before, your VPC CIDR and any extra …
- 2026-06-22
Announcements
Updated reference architecture diagram
We’ve refreshed the reference architecture diagram available in your customer repository (docs/README.md). What changed Updated diagram — The reference architecture image has been updated to reflect the current state of the platform, including the …
- 2026-06-17
New Features
See real GPU utilization in Grafana
Until now, the only GPU signal you had was whether a GPU was claimed by a pod, not how hard it was actually working. That meant a node could happily report its GPUs “fully used” while the cards sat nearly idle, which makes it pretty hard to …
- 2026-06-09
Maintenance
Upgrading EKS clusters to v1.36
We are rolling out EKS v1.36. Please make sure to update to our recommended client versions matching this upgrade. This release graduates User Namespaces and Mutating Admission Policies to stable, and adds pod-level in-place vertical resource scaling. …
- 2026-06-09
New Features
Opt into high-availability Grafana
Several of you have asked for this: a Grafana that stays up during rolling upgrades, node drains, and AZ disruptions. You can now opt in. When enabled, Grafana runs as two replicas spread across AZs (HPA-scaled up to five), backed by a managed RDS Postgres …
- 2026-06-05
Announcements
Action required: pick your OpenVPN replacement
As part of our roadmap of finding VPN alternatives we’re deprecating OpenVPN. It no longer meets our and our customers’ needs. We’re offering two replacements: Tailscale (full-featured, recommended) and a WireGuard-based setup (basic …
- 2026-05-21
Maintenance
Upgraded cluster add-ons, with Vertical Pod Autoscaler and Loki refreshed
The following updates have been rolled out to all non-production clusters, and will be deployed to production in the coming week. Alongside the regular add-on upgrades, this round refreshes two long-pinned components: the Vertical Pod Autoscaler now ships …
- 2026-05-13
Maintenance
More reliable K8s Event logging
The Fluent Bit (FLB) component that watches Kubernetes events and ships them to Loki has been replaced by Grafana Alloy. The main reason for this move is that we were noticing quite some performance/resource issues with the FLB-based component across …
- 2026-05-12
Kubernetes
Mitigation for the DirtyFrag kernel vulnerabilities on EKS nodes
We rolled out mitigations for the two kernel vulnerabilities (“DirtyFrag”) covered in AWS security bulletin AWS-2026-027. Both allow an unprivileged process on a node to escalate privileges by triggering auto-load of specific kernel modules. …
- 2026-05-11
Maintenance
Upgraded Concourse to 8.1.1
Concourse has been upgraded from 8.0.2 to 8.1.1, new pipeline features, several bug fixes, and security updates. New features Wolfi base image — The concourse/concourse Docker image and all built-in resource-types now use Wolfi as their base image. …
- 2026-05-05
New Features
Faster Terragrunt plans, fewer breaking upgrades
We’re rolling out a follow-up to the Platform Info file we introduced last year: customer Terragrunt application stacks are being migrated to read VPC, subnet, and EKS cluster details from k8s-clusters/<cluster>-platform-info.yaml instead of …
- 2026-05-05
New Features
ECR Pull-Through Cache for platform system images
We’re rolling out an ECR Pull-Through Cache across all customers. Platform system images (cert-manager, Prometheus stack, Flux, Velero, etc.) will be mirrored from upstream public registries (quay.io, registry.k8s.io, docker.io, ghcr.io) into your …
- 2026-05-04
Maintenance
Upgraded Neo4j to 5.26.25
The Neo4j cluster module has been bumped from 5.26.12 to 5.26.25, picking up several patch fixes on the 5.26 LTS line. Both the Helm chart (neo4j, neo4j-admin, neo4j-headless-service) and the Neo4j server image (neo4j:5.26.25-enterprise) move together. …
- 2026-04-22
Maintenance
Upgraded cluster add-ons and resilience improvements
The following updates are being rolled out to all clusters. Alongside the regular add-on upgrades, this round also includes resilience improvements for critical monitoring components and a hardening of the anti-affinity rules across our platform …
- 2026-04-21
New Features
OpenTofu: DynamoDB table removal for pure S3 backend
Our terraform-state module was upgraded from 5.1.3 to 6.0.0. This major version drops the DynamoDB table previously used for OpenTofu state locking in favor of native S3 locking. Impact The DynamoDB lock table (-terraform-state) is no longer provisioned or …
- 2026-04-03
New Features
New feature: Atlantis can now manage Atlas resources
Atlantis can now plan and apply stacks that include MongoDB Atlas clusters. Previously, stacks with Atlas configurations were erroring in Atlantis runs due to credential handling limitations. This led us to run these stacks manually. This is no longer …
- 2026-04-03
New Features
New feature: Apply access through Atlantis
We are excited to announce that customers can now apply infrastructure changes directly through Atlantis in GitHub Pull Requests. Until now, Atlantis was used to plan and review changes, but the actual apply step was handled by Skyscrapers engineers. With …
2026 Q1
- 2026-03-31
Maintenance
Upgrading EKS clusters to v1.35
We are rolling out EKS v1.35. Please make sure to update to our recommended client versions matching this upgrade. This upgrade brings In-Place Pod Resource Updates to stable and introduces Pod Certificates for workload identity as beta. Timeline: Testing …
- 2026-03-23
Maintenance
Upgraded cluster add-ons
The following updates have been rolled out to all clusters. As usual there are also improvements across various other add-ons, ensuring enhanced performance and security: alloy v1.14.0 (chart v1.6.2) amazon-eks-ami v20260304 aws-load-balancer-controller …
- 2026-03-19
Announcements
Branch protection in GitHub
As announced previously, we have enabled GitHub Organization Rulesets to protect the default branch across all our repositories. This ensures a safer and more structured way of working together, while still allowing you to contribute. Here is what changed: …
- 2026-03-17
Announcements
Security update: ingress-nginx rewrite-target configuration injection (CVE-2026-3288)
Last week we patched all clusters running ingress-nginx to address CVE-2026-3288, a configuration injection vulnerability via the rewrite-target annotation. Updates were applied when the CVE became public last week. Non-production clusters were patched on …
- 2026-03-10
Announcements
Kube-green is now available
We’re happy to announce that kube-green is now available as an optional component in our Kubernetes stack. Kube-green automatically shuts down and restarts workloads on a defined schedule, helping you reduce resource consumption and cloud costs for …
- 2026-03-04
Maintenance
Upgrading EKS clusters to v1.34
We are rolling out EKS v1.34. Please make sure to update to our recommended client versions matching this upgrade. This upgrade brings Dynamic Resource Allocation (DRA) to stable, introduces pod-level resource requests and limits as beta, and deprecates …