3.7.0
Description
- NATS messaging is now available as default pub/sub, request/reply, KV store and JetStream messaging inside Eclipse ioFog clusters; use NATS Account Rules at application level and NATS User Rules at microservice level, the Controller provisions credentials automatically with no manual JWT handling.
- Access Control is now available with fine-grained Roles and Role Bindings for the Controller REST and WS APIs, plus NATS Account Rule and NATS User Rule for NATS access.
- Security is now documented in a dedicated section: NATS JWT Authentication and Certificates Manager for Microservices. For Routers and NATs instances TLS by default, with support for custom CAs and volume-mounted certs.
- Legacy ioFog Messagebus is deprecated.
- Controller supports external KMS system for Secrets and ConfigMaps(spec.usevault: true) store. HashiCorp Vault, OpenBao, AWS Secret Manager, Azure Key Vault, Google Secret Manager.
- VolumeMount is now available with type-based volume mapping and reference by name.
- Logging via WebSocket is now available for streaming Agent and microservice logs in ECN-Viewer and iofogctl; see Agent Logs for details.
- Airgap deployment is now documented with a dedicated guide for control plane and Agent images offline, OfflineImage for microservices, and iofogctl flags (
--no-cache,--transfer-pool). - Service is now available for exposing microservices, agents, Kubernetes services, or external endpoints through Router's TCP bridge mechanism.
- Secret Management is now available for storing and managing sensitive data including Opaque and TLS secrets.
- Certificate and CertificateAuthority management is now available for generating self-signed certificates or using existing certificates from ioFog cluster or Kubernetes secrets.
- ConfigMap is now available for managing non-sensitive configuration data that can be mounted to microservices.
- VolumeMount is now available for attaching ConfigMaps or Secrets to Agents as volumes, enabling easy volume management for microservices.
- OfflineImage is now available for deploying container images to edge nodes that cannot access the internet, enabling iofogctl to pull images locally and transfer them to remote hosts via SSH.
- Debugging & Exec Sessions deliver role-aware remote terminals for Agents, microservices, and system microservices powered by iofogctl and ECN Viewer.
- ECN Viewer now mirrors nearly every iofogctl operation, enabling full-cluster workload management, remote exec, resource editing, and deployments directly from the browser.
- Events and Auditing provides comprehensive tracking and auditing of all Controller API endpoint calls for compliance and troubleshooting.
- Agent as a Container , option added for Remote Agents and Remote ContorlPlane Agents.
- EdgeGuard , It serves as a critical security and monitoring component for edge devices running ioFog Agents.
- Kubernetes Control Plane components are now align with security best practises.
- Keycloak Auth and RBAC is now available.
- Controller Ingress option is now available for
KubernetesControlPlane. - Router is upgraded from Apache Qpid-Dispatch to Skupper Router.
- New Microservice Container Configuration Options are now available
runAsUserplatformruntimecdiDeviceshealhCheck annotations hostNetworkModeisPrivilegedpidModecapAddcapDropcpuSetCpusmemoryLimit.
Conforms To UI/UX Guidelines
Not verified