Changelog
This changelog lists all updates, improvements and new features our Engineering team develops for our Skyscrapers Reference Developer Platform. These are rolled out automatically to all DevOps-as-a-Service customers.
2026 Q2
- 2026-06-05
Announcements
Action required: pick your OpenVPN replacement
As part of our roadmap of finding VPN alternatives we’re deprecating OpenVPN. It no longer meets our and our customers’ needs. We’re offering two replacements: Tailscale (full-featured, recommended) and a WireGuard-based setup (basic …
- 2026-05-21
Maintenance
Upgraded cluster add-ons, with Vertical Pod Autoscaler and Loki refreshed
The following updates have been rolled out to all non-production clusters, and will be deployed to production in the coming week. Alongside the regular add-on upgrades, this round refreshes two long-pinned components: the Vertical Pod Autoscaler now ships …
- 2026-05-13
Maintenance
More reliable K8s Event logging
The Fluent Bit (FLB) component that watches Kubernetes events and ships them to Loki has been replaced by Grafana Alloy. The main reason for this move is that we were noticing quite some performance/resource issues with the FLB-based component across …
- 2026-05-12
Kubernetes
Mitigation for the DirtyFrag kernel vulnerabilities on EKS nodes
We rolled out mitigations for the two kernel vulnerabilities (“DirtyFrag”) covered in AWS security bulletin AWS-2026-027. Both allow an unprivileged process on a node to escalate privileges by triggering auto-load of specific kernel modules. …
- 2026-05-11
Maintenance
Upgraded Concourse to 8.1.1
Concourse has been upgraded from 8.0.2 to 8.1.1, new pipeline features, several bug fixes, and security updates. New features Wolfi base image — The concourse/concourse Docker image and all built-in resource-types now use Wolfi as their base image. …
- 2026-05-05
New Features
Faster Terragrunt plans, fewer breaking upgrades
We’re rolling out a follow-up to the Platform Info file we introduced last year: customer Terragrunt application stacks are being migrated to read VPC, subnet, and EKS cluster details from k8s-clusters/<cluster>-platform-info.yaml instead of …
- 2026-05-05
New Features
ECR Pull-Through Cache for platform system images
We’re rolling out an ECR Pull-Through Cache across all customers. Platform system images (cert-manager, Prometheus stack, Flux, Velero, etc.) will be mirrored from upstream public registries (quay.io, registry.k8s.io, docker.io, ghcr.io) into your …
- 2026-05-04
Maintenance
Upgraded Neo4j to 5.26.25
The Neo4j cluster module has been bumped from 5.26.12 to 5.26.25, picking up several patch fixes on the 5.26 LTS line. Both the Helm chart (neo4j, neo4j-admin, neo4j-headless-service) and the Neo4j server image (neo4j:5.26.25-enterprise) move together. …
- 2026-04-22
Maintenance
Upgraded cluster add-ons and resilience improvements
The following updates are being rolled out to all clusters. Alongside the regular add-on upgrades, this round also includes resilience improvements for critical monitoring components and a hardening of the anti-affinity rules across our platform …
- 2026-04-21
New Features
OpenTofu: DynamoDB table removal for pure S3 backend
Our terraform-state module was upgraded from 5.1.3 to 6.0.0. This major version drops the DynamoDB table previously used for OpenTofu state locking in favor of native S3 locking. Impact The DynamoDB lock table (-terraform-state) is no longer provisioned or …
- 2026-04-03
New Features
New feature: Atlantis can now manage Atlas resources
Atlantis can now plan and apply stacks that include MongoDB Atlas clusters. Previously, stacks with Atlas configurations were erroring in Atlantis runs due to credential handling limitations. This led us to run these stacks manually. This is no longer …
- 2026-04-03
New Features
New feature: Apply access through Atlantis
We are excited to announce that customers can now apply infrastructure changes directly through Atlantis in GitHub Pull Requests. Until now, Atlantis was used to plan and review changes, but the actual apply step was handled by Skyscrapers engineers. With …
2026 Q1
- 2026-03-31
Maintenance
Upgrading EKS clusters to v1.35
We are rolling out EKS v1.35. Please make sure to update to our recommended client versions matching this upgrade. This upgrade brings In-Place Pod Resource Updates to stable and introduces Pod Certificates for workload identity as beta. Timeline: Testing …
- 2026-03-23
Maintenance
Upgraded cluster add-ons
The following updates have been rolled out to all clusters. As usual there are also improvements across various other add-ons, ensuring enhanced performance and security: alloy v1.14.0 (chart v1.6.2) amazon-eks-ami v20260304 aws-load-balancer-controller …
- 2026-03-19
Announcements
Branch protection in GitHub
As announced previously, we have enabled GitHub Organization Rulesets to protect the default branch across all our repositories. This ensures a safer and more structured way of working together, while still allowing you to contribute. Here is what changed: …
- 2026-03-17
Announcements
Security update: ingress-nginx rewrite-target configuration injection (CVE-2026-3288)
Last week we patched all clusters running ingress-nginx to address CVE-2026-3288, a configuration injection vulnerability via the rewrite-target annotation. Updates were applied when the CVE became public last week. Non-production clusters were patched on …
- 2026-03-10
Announcements
Kube-green is now available
We’re happy to announce that kube-green is now available as an optional component in our Kubernetes stack. Kube-green automatically shuts down and restarts workloads on a defined schedule, helping you reduce resource consumption and cloud costs for …
- 2026-03-04
Maintenance
Upgrading EKS clusters to v1.34
We are rolling out EKS v1.34. Please make sure to update to our recommended client versions matching this upgrade. This upgrade brings Dynamic Resource Allocation (DRA) to stable, introduces pod-level resource requests and limits as beta, and deprecates …
- 2026-02-18
Maintenance
Upgraded cluster add-ons
The following updates have been rolled out to all non-production clusters, and will be deployed to production in the coming week. As usual there are also improvements across various other add-ons, ensuring enhanced performance and security: alloy v1.13.1 …
- 2026-02-17
Announcements
Concourse upgraded to v8.0.1
We have upgraded Concourse to v8.0.1, which includes all changes from the v8.0.0 major release. This is a significant upgrade that brings new features, improved defaults, and a few breaking changes that pipeline authors should be aware of. The full …
- 2026-02-06
Announcements
Tempo is now production ready
We’re excited to announce that Grafana Tempo is now available for production use in our Kubernetes stack. Tempo provides distributed tracing capabilities, allowing you to track requests as they flow through your distributed systems and gain deep …
- 2026-02-03
Announcements
Critical ingress-nginx security updates applied
Security Updates Applied We have proactively updated ingress-nginx to the latest patched versions across all clusters to address four security vulnerabilities disclosed by the Kubernetes project. These updates have already been deployed, and no action is …
- 2026-02-02
Announcements
Migration from gp2 to gp3 for all customer PVs
We’ve migrated all customers infrastructure storage from AWS EBS GP2 to GP3 volumes. What’s GP3? GP3 is AWS’s latest generation storage offering better performance and faster access times, more consistent speed regardless of volume size, …
- 2026-02-02
Announcements
Enabling Pylon for all customers
Following up on our previous post: https://docs.skyscrapers.eu/changelog/2025-12-22-introducing-pylon/ We’re happy to announce that we’ve now enabled Pylon for all customers as our primary entry point for support requests and customer communication. At …
- 2026-01-27
Maintenance
Upgraded cluster add-ons
The following updates have been rolled out to all non-production clusters, and will be deployed to production in the coming week. As usual there are also improvements across various other add-ons, ensuring enhanced performance and security: amazon-eks-ami …