news 4
Weekly roundup of SRE, Cloud Native, and Infrastructure news.
Cilium 1.19: Ztunnel transparent encryption and strict mode
Cilium 1.19 introduces Ztunnel transparent encryption (beta) enabling mutual authentication between workloads without sidecar proxies. IPsec and WireGuard now support strict mode that drops unencrypted inter-node traffic, and IPsec gains BPF Host Routing for faster route lookups. Conntrack optimizations reduce connection tracking overhead on Geneve, VXLAN, and WireGuard tunnels.
Prometheus v3.10: distroless image and PromQL fill() modifiers
Prometheus v3.10.0 released on February 24 ships a distroless Docker image variant alongside the default busybox image, running as UID 65532 (nonroot) for enhanced security. The distroless variant removes shell, package manager, and unnecessary libraries from the image, reducing the attack surface for RCE and minimizing CVE noise in vulnerability scans. PromQL adds fill() / fill_left() / fill_right() binop modifiers for specifying default values on missing series, and experimental early compaction of stale series reduces storage overhead for high-churn environments.
Grafana 12.4: Git Sync and Dynamic Dashboards
Grafana 12.4 released on February 25 adds GitHub App authentication for Git Sync (public preview), enabling dashboard-as-code workflows with branch selection. Dynamic Dashboards gain flexible tabs, auto grid layout, and a dashboard content outline for easier navigation. OpenTelemetry log display is also improved with enhanced metadata visibility and configurable default columns.
Grafana Loki 3.6: horizontally scalable compactor
Grafana Loki 3.6 introduces a horizontally scalable compactor that addresses the previous singleton service bottleneck. The compactor delegates deletion work to distributed workers via streaming gRPC, enabling faster processing of large delete requests and catch-up after processing lags. Internal tracing is also migrated from OpenTracing to the OpenTelemetry library.
Crossplane v2.2: pipeline inspector for composition debugging
Crossplane v2.2 ships a new alpha pipeline inspector for debugging composition pipelines, and composite resources (XRs) can now compose any Kubernetes resource, not just managed resources. The new Operation type supports declarative operational workflows for one-off tasks, scheduled maintenance, and event-driven processes. Application support lets platform teams provide a single YAML manifest to deploy both an application and its infrastructure.
CNCF Project Velocity 2025: OpenTelemetry commits up 39%
The CNCF Project Velocity 2025 report shows OpenTelemetry as the standout growth leader with a 39% rise in commits and 35% increase in contributors, reaching 1,884 active authors. OpenTelemetry remains the second highest velocity project in CNCF, with nearly 50% of surveyed cloud-native end-user companies running it in production.