1. Documentation
    2. history bug_report picture_as_pdf
×

Release notes

For additional information about the OpenShift Serverless life cycle and supported platforms, refer to the Platform Life Cycle Policy.

Release notes contain information about new and deprecated features, breaking changes, and known issues. The following release notes apply for the most recent OpenShift Serverless releases on OpenShift Dedicated.

For an overview of OpenShift Serverless functionality, see About OpenShift Serverless.

OpenShift Serverless is based on the open source Knative project.

For details about the latest Knative component releases, see the Knative blog.

About API versions

API versions are an important measure of the development status of certain features and custom resources in OpenShift Serverless. Creating resources on your cluster that do not use the correct API version can cause issues in your deployment.

The OpenShift Serverless Operator automatically upgrades older resources that use deprecated versions of APIs to use the latest version. For example, if you have created resources on your cluster that use older versions of the ApiServerSource API, such as v1beta1, the OpenShift Serverless Operator automatically updates these resources to use the v1 version of the API when this is available and the v1beta1 version is deprecated.

After they have been deprecated, older versions of APIs might be removed in any upcoming release. Using deprecated versions of APIs does not cause resources to fail. However, if you try to use a version of an API that has been removed, it will cause resources to fail. Ensure that your manifests are updated to use the latest version to avoid issues.

Generally Available and Technology Preview features

Features which are Generally Available (GA) are fully supported and are suitable for production use. Technology Preview (TP) features are experimental features and are not intended for production use. See the Technology Preview scope of support on the Red Hat Customer Portal for more information about TP features.

The following table provides information about which OpenShift Serverless features are GA and which are TP:

Table 1. Generally Available and Technology Preview features tracker
Feature 1.23 1.24 1.25 1.26

kn func

TP

TP

TP

GA

Service Mesh mTLS

GA

GA

GA

GA

emptyDir volumes

GA

GA

GA

GA

HTTPS redirection

GA

GA

GA

GA

Kafka broker

TP

TP

GA

GA

Kafka sink

TP

TP

GA

GA

Init containers support for Knative services

TP

GA

GA

GA

PVC support for Knative services

TP

TP

TP

GA

TLS for internal traffic

-

-

TP

TP

Deprecated and removed features

Some features that were Generally Available (GA) or a Technology Preview (TP) in previous releases have been deprecated or removed. Deprecated functionality is still included in OpenShift Serverless and continues to be supported; however, it will be removed in a future release of this product and is not recommended for new deployments.

For the most recent list of major functionality deprecated and removed within OpenShift Serverless, refer to the following table:

Table 2. Deprecated and removed features tracker
Feature 1.20 1.21 1.22 to 1.26

KafkaBinding API

Deprecated

Deprecated

Removed

kn func emit (kn func invoke in 1.21+)

Deprecated

Removed

Removed

Release notes for Red Hat OpenShift Serverless 1.26

OpenShift Serverless 1.26 is now available. New features, changes, and known issues that pertain to OpenShift Serverless on OpenShift Dedicated are included in this topic.

New features

  • OpenShift Serverless Functions with Quarkus is now GA.

  • OpenShift Serverless now uses Knative Serving 1.5.

  • OpenShift Serverless now uses Knative Eventing 1.5.

  • OpenShift Serverless now uses Kourier 1.5.

  • OpenShift Serverless now uses Knative (kn) CLI 1.5.

  • OpenShift Serverless now uses Knative Kafka 1.5.

  • OpenShift Serverless now uses Knative Operator 1.3.

  • The kn func CLI plugin now uses func 1.8.1.

  • Persistent volume claims (PVCs) are now GA. PVCs provide permanent data storage for your Knative services.

  • The new trigger filters feature is now available as a Developer Preview. It allows users to specify a set of filter expressions, where each expression evaluates to either true or false for each event.

    To enable new trigger filters, add the new-trigger-filters: enabled entry in the section of the KnativeEventing type in the operator config map:

    apiVersion: operator.knative.dev/v1alpha1
kind: KnativeEventing
...
...
spec:
  config:
    features:
      new-trigger-filters: enabled
...

  • Knative Operator 1.3 adds the updated v1beta1 version of the API for operator.knative.dev.

    To update from v1alpha1 to v1beta1 in your KnativeServing and KnativeEventing custom resource config maps, edit the apiVersion key:

    Example KnativeServing custom resource config map
    apiVersion: operator.knative.dev/v1beta1
kind: KnativeServing
...
    Example KnativeEventing custom resource config map
    apiVersion: operator.knative.dev/v1beta1
kind: KnativeEventing
...

Fixed issues

  • Previously, Federal Information Processing Standards (FIPS) mode was disabled for Kafka broker, Kafka source, and Kafka sink. This has been fixed, and FIPS mode is now available.

Known issues

  • If you use net-istio for Ingress and enable mTLS via SMCP using security.dataPlane.mtls: true, Service Mesh deploys DestinationRules for the *.local host, which does not allow DomainMapping for OpenShift Serverless.

    To work around this issue, enable mTLS by deploying PeerAuthentication instead of using security.dataPlane.mtls: true.

Additional resources

Release notes for Red Hat OpenShift Serverless 1.25.0

OpenShift Serverless 1.25.0 is now available. New features, changes, and known issues that pertain to OpenShift Serverless on OpenShift Dedicated are included in this topic.

New features

  • OpenShift Serverless now uses Knative Serving 1.4.

  • OpenShift Serverless now uses Knative Eventing 1.4.

  • OpenShift Serverless now uses Kourier 1.4.

  • OpenShift Serverless now uses Knative (kn) CLI 1.4.

  • OpenShift Serverless now uses Knative Kafka 1.4.

  • The kn func CLI plugin now uses func 1.7.0.

  • Integrated development environment (IDE) plugins for creating and deploying functions are now available for Visual Studio Code and IntelliJ.

  • Knative Kafka broker is now GA. Knative Kafka broker is a highly performant implementation of the Knative broker API, directly targeting Apache Kafka.

    It is recommended to not use the MT-Channel-Broker, but the Knative Kafka broker instead.

  • Knative Kafka sink is now GA. A KafkaSink takes a CloudEvent and sends it to an Apache Kafka topic. Events can be specified in either structured or binary content modes.

  • Enabling TLS for internal traffic is now available as a Technology Preview.

Fixed issues

  • Previously, Knative Serving had an issue where the readiness probe failed if the container was restarted after a liveness probe fail. This issue has been fixed.

Known issues

  • The Federal Information Processing Standards (FIPS) mode is disabled for Kafka broker, Kafka source, and Kafka sink.

  • The SinkBinding object does not support custom revision names for services.

  • The Knative Serving Controller pod adds a new informer to watch secrets in the cluster. The informer includes the secrets in the cache, which increases memory consumption of the controller pod.

    If the pod runs out of memory, you can work around the issue by increasing the memory limit for the deployment.

  • If you use net-istio for Ingress and enable mTLS via SMCP using security.dataPlane.mtls: true, Service Mesh deploys DestinationRules for the *.local host, which does not allow DomainMapping for OpenShift Serverless.

    To work around this issue, enable mTLS by deploying PeerAuthentication instead of using security.dataPlane.mtls: true.

Release notes for Red Hat OpenShift Serverless 1.24.0

OpenShift Serverless 1.24.0 is now available. New features, changes, and known issues that pertain to OpenShift Serverless on OpenShift Dedicated are included in this topic.

New features

  • OpenShift Serverless now uses Knative Serving 1.3.

  • OpenShift Serverless now uses Knative Eventing 1.3.

  • OpenShift Serverless now uses Kourier 1.3.

  • OpenShift Serverless now uses Knative kn CLI 1.3.

  • OpenShift Serverless now uses Knative Kafka 1.3.

  • The kn func CLI plugin now uses func 0.24.

  • Init containers support for Knative services is now generally available (GA).

  • OpenShift Serverless logic is now available as a Developer Preview. It enables defining declarative workflow models for managing serverless applications.

Fixed issues

  • Integrating OpenShift Serverless with Red Hat OpenShift Service Mesh causes the net-istio-controller pod to run out of memory on startup when too many secrets are present on the cluster.

    It is now possible to enable secret filtering, which causes net-istio-controller to consider only secrets with a networking.internal.knative.dev/certificate-uid label, thus reducing the amount of memory needed.

  • The OpenShift Serverless Functions Technology Preview now uses Cloud Native Buildpacks by default to build container images.

Known issues

  • The Federal Information Processing Standards (FIPS) mode is disabled for Kafka broker, Kafka source, and Kafka sink.

  • In OpenShift Serverless 1.23, support for KafkaBindings and the kafka-binding webhook were removed. However, an existing kafkabindings.webhook.kafka.sources.knative.dev MutatingWebhookConfiguration might remain, pointing to the kafka-source-webhook service, which no longer exists.

    For certain specifications of KafkaBindings on the cluster, kafkabindings.webhook.kafka.sources.knative.dev MutatingWebhookConfiguration might be configured to pass any create and update events to various resources, such as Deployments, Knative Services, or Jobs, through the webhook, which would then fail.

    To work around this issue, manually delete kafkabindings.webhook.kafka.sources.knative.dev MutatingWebhookConfiguration from the cluster after upgrading to OpenShift Serverless 1.23:

    $ oc delete mutatingwebhookconfiguration kafkabindings.webhook.kafka.sources.knative.dev

  • If you use net-istio for Ingress and enable mTLS via SMCP using security.dataPlane.mtls: true, Service Mesh deploys DestinationRules for the *.local host, which does not allow DomainMapping for OpenShift Serverless.

    To work around this issue, enable mTLS by deploying PeerAuthentication instead of using security.dataPlane.mtls: true.

Release notes for Red Hat OpenShift Serverless 1.23.0

OpenShift Serverless 1.23.0 is now available. New features, changes, and known issues that pertain to OpenShift Serverless on OpenShift Dedicated are included in this topic.

New features

  • OpenShift Serverless now uses Knative Serving 1.2.

  • OpenShift Serverless now uses Knative Eventing 1.2.

  • OpenShift Serverless now uses Kourier 1.2.

  • OpenShift Serverless now uses Knative (kn) CLI 1.2.

  • OpenShift Serverless now uses Knative Kafka 1.2.

  • The kn func CLI plugin now uses func 0.24.

  • It is now possible to use the kafka.eventing.knative.dev/external.topic annotation with the Kafka broker. This annotation makes it possible to use an existing externally managed topic instead of the broker creating its own internal topic.

  • The kafka-ch-controller and kafka-webhook Kafka components no longer exist. These components have been replaced by the kafka-webhook-eventing component.

  • The OpenShift Serverless Functions Technology Preview now uses Source-to-Image (S2I) by default to build container images.

Known issues

  • The Federal Information Processing Standards (FIPS) mode is disabled for Kafka broker, Kafka source, and Kafka sink.

  • If you delete a namespace that includes a Kafka broker, the namespace finalizer may fail to be removed if the broker’s auth.secret.ref.name secret is deleted before the broker.

  • Running OpenShift Serverless with a large number of Knative services can cause Knative activator pods to run close to their default memory limits of 600MB. These pods might be restarted if memory consumption reaches this limit. Requests and limits for the activator deployment can be configured by modifying the KnativeServing custom resource:

    apiVersion: operator.knative.dev/v1alpha1
kind: KnativeServing
metadata:
  name: knative-serving
  namespace: knative-serving
spec:
  deployments:
  - name: activator
    resources:
    - container: activator
      requests:
        cpu: 300m
        memory: 60Mi
      limits:
        cpu: 1000m
        memory: 1000Mi

  • If you are using Cloud Native Buildpacks as the local build strategy for a function, kn func is unable to automatically start podman or use an SSH tunnel to a remote daemon. The workaround for these issues is to have a Docker or podman daemon already running on the local development computer before deploying a function.

  • On-cluster function builds currently fail for Quarkus and Golang runtimes. They work correctly for Node, Typescript, Python, and Springboot runtimes.

  • If you use net-istio for Ingress and enable mTLS via SMCP using security.dataPlane.mtls: true, Service Mesh deploys DestinationRules for the *.local host, which does not allow DomainMapping for OpenShift Serverless.

    To work around this issue, enable mTLS by deploying PeerAuthentication instead of using security.dataPlane.mtls: true.

Release notes for Red Hat OpenShift Serverless 1.22.0

OpenShift Serverless 1.22.0 is now available. New features, changes, and known issues that pertain to OpenShift Serverless on OpenShift Dedicated are included in this topic.

New features

  • OpenShift Serverless now uses Knative Serving 1.1.

  • OpenShift Serverless now uses Knative Eventing 1.1.

  • OpenShift Serverless now uses Kourier 1.1.

  • OpenShift Serverless now uses Knative (kn) CLI 1.1.

  • OpenShift Serverless now uses Knative Kafka 1.1.

  • The kn func CLI plugin now uses func 0.23.

  • Init containers support for Knative services is now available as a Technology Preview.

  • Persistent volume claim (PVC) support for Knative services is now available as a Technology Preview.

  • The knative-serving, knative-serving-ingress, knative-eventing and knative-kafka system namespaces now have the knative.openshift.io/part-of: "openshift-serverless" label by default.

  • The Knative Eventing - Kafka Broker/Trigger dashboard has been added, which allows visualizing Kafka broker and trigger metrics in the web console.

  • The Knative Eventing - KafkaSink dashboard has been added, which allows visualizing KafkaSink metrics in the web console.

  • The Knative Eventing - Broker/Trigger dashboard is now called Knative Eventing - Channel-based Broker/Trigger.

  • The knative.openshift.io/part-of: "openshift-serverless" label has substituted the knative.openshift.io/system-namespace label.

  • Naming style in Knative Serving YAML configuration files changed from camel case (ExampleName) to hyphen style (example-name). Beginning with this release, use the hyphen style notation when creating or editing Knative Serving YAML configuration files.

Known issues

  • The Federal Information Processing Standards (FIPS) mode is disabled for Kafka broker, Kafka source, and Kafka sink.

Release notes for Red Hat OpenShift Serverless 1.21.0

OpenShift Serverless 1.21.0 is now available. New features, changes, and known issues that pertain to OpenShift Serverless on OpenShift Dedicated are included in this topic.

New features

  • OpenShift Serverless now uses Knative Serving 1.0

  • OpenShift Serverless now uses Knative Eventing 1.0.

  • OpenShift Serverless now uses Kourier 1.0.

  • OpenShift Serverless now uses Knative (kn) CLI 1.0.

  • OpenShift Serverless now uses Knative Kafka 1.0.

  • The kn func CLI plugin now uses func 0.21.

  • The Kafka sink is now available as a Technology Preview.

  • The Knative open source project has begun to deprecate camel-cased configuration keys in favor of using kebab-cased keys consistently. As a result, the defaultExternalScheme key, previously mentioned in the OpenShift Serverless 1.18.0 release notes, is now deprecated and replaced by the default-external-scheme key. Usage instructions for the key remain the same.

Fixed issues

  • In OpenShift Serverless 1.20.0, there was an event delivery issue affecting the use of kn event send to send events to a service. This issue is now fixed.

  • In OpenShift Serverless 1.20.0 (func 0.20), TypeScript functions created with the http template failed to deploy on the cluster. This issue is now fixed.

  • In OpenShift Serverless 1.20.0 (func 0.20), deploying a function using the gcr.io registry failed with an error. This issue is now fixed.

  • In OpenShift Serverless 1.20.0 (func 0.20), creating a Springboot function project directory with the kn func create command and then running the kn func build command failed with an error message. This issue is now fixed.

  • In OpenShift Serverless 1.19.0 (func 0.19), some runtimes were unable to build a function by using podman. This issue is now fixed.

Known issues

  • Currently, the domain mapping controller cannot process the URI of a broker, which contains a path that is currently not supported.

    This means that, if you want to use a DomainMapping custom resource (CR) to map a custom domain to a broker, you must configure the DomainMapping CR with the broker’s ingress service, and append the exact path of the broker to the custom domain:

    Example DomainMapping CR
    apiVersion: serving.knative.dev/v1alpha1
kind: DomainMapping
metadata:
  name: <domain-name>
  namespace: knative-eventing
spec:
  ref:
    name: broker-ingress
    kind: Service
    apiVersion: v1

    The URI for the broker is then <domain-name>/<broker-namespace>/<broker-name>.

Release notes for Red Hat OpenShift Serverless 1.20.0

OpenShift Serverless 1.20.0 is now available. New features, changes, and known issues that pertain to OpenShift Serverless on OpenShift Dedicated are included in this topic.

New features

  • OpenShift Serverless now uses Knative Serving 0.26.

  • OpenShift Serverless now uses Knative Eventing 0.26.

  • OpenShift Serverless now uses Kourier 0.26.

  • OpenShift Serverless now uses Knative (kn) CLI 0.26.

  • OpenShift Serverless now uses Knative Kafka 0.26.

  • The kn func CLI plugin now uses func 0.20.

  • The Kafka broker is now available as a Technology Preview.

    The Kafka broker, which is currently in Technology Preview, is not supported on FIPS.

  • The kn event plugin is now available as a Technology Preview.

  • The --min-scale and --max-scale flags for the kn service create command have been deprecated. Use the --scale-min and --scale-max flags instead.

Known issues

  • OpenShift Serverless deploys Knative services with a default address that uses HTTPS. When sending an event to a resource inside the cluster, the sender does not have the cluster certificate authority (CA) configured. This causes event delivery to fail, unless the cluster uses globally accepted certificates.

    For example, an event delivery to a publicly accessible address works:

    $ kn event send --to-url https://ce-api.foo.example.com/

    On the other hand, this delivery fails if the service uses a public address with an HTTPS certificate issued by a custom CA:

    $ kn event send --to Service:serving.knative.dev/v1:event-display

    Sending an event to other addressable objects, such as brokers or channels, is not affected by this issue and works as expected.

  • The Kafka broker currently does not work on a cluster with Federal Information Processing Standards (FIPS) mode enabled.

  • If you create a Springboot function project directory with the kn func create command, subsequent running of the kn func build command fails with this error message:

    [analyzer] no stack metadata found at path ''
[analyzer] ERROR: failed to : set API for buildpack 'paketo-buildpacks/ca-certificates@3.0.2': buildpack API version '0.7' is incompatible with the lifecycle

    As a workaround, you can change the builder property to gcr.io/paketo-buildpacks/builder:base in the function configuration file func.yaml.

  • Deploying a function using the gcr.io registry fails with this error message:

    Error: failed to get credentials: failed to verify credentials: status code: 404

    As a workaround, use a different registry than gcr.io, such as quay.io or docker.io.

  • TypeScript functions created with the http template fail to deploy on the cluster.

    As a workaround, in the func.yaml file, replace the following section:

    buildEnvs: []

    with this:

    buildEnvs:
- name: BP_NODE_RUN_SCRIPTS
  value: build

  • In func version 0.20, some runtimes might be unable to build a function by using podman. You might see an error message similar to the following:

    ERROR: failed to image: error during connect: Get "http://%2Fvar%2Frun%2Fdocker.sock/v1.40/info": EOF

    • The following workaround exists for this issue:

      1. Update the podman service by adding --time=0 to the service ExecStart definition:

        Example service configuration
        ExecStart=/usr/bin/podman $LOGGING system service --time=0

      2. Restart the podman service by running the following commands:

        $ systemctl --user daemon-reload
        $ systemctl restart --user podman.socket

    • Alternatively, you can expose the podman API by using TCP:

      $ podman system service --time=0 tcp:127.0.0.1:5534 &
export DOCKER_HOST=tcp://127.0.0.1:5534