CircleCI server v4.0.0 is now generally available. The feature set for this release are equal to server v3.x. The installation and upgrade processes for v4.x have changed significantly.
Server v4.x offers greatly improved security handling, installation, and update processes. Server v4.x is installed using helm charts and images that can be pulled ahead of time to comply with your security processes. Installation processes can also use artifacts pulled from customer-managed registries. Server v4.x makes improved use of Kubernetes secrets and removes the requirement to grant permissions and network access to third-party tools.
Before upgrading
See the CircleCI server 4.x release notes for upgrade notes for this release.
What’s new in release 4.0.0
New features
- Two new Arm resource classes are now available
xlarge
and 2xlarge
. For more information on using Arm, see the Arm docs.
- CircleCI server v4.x images and helm charts are available for licenced users.
Fixes
- Fixed a bug that was causing a huge quantity of error logs in the
distributer-internal
pod.
- Prometheus is no longer included by default in CircleCI server v4.x.
- The default concurrency limit has been increased to avoid it being reached.
- Docker layer caching volumes are now deleted after 3 days if unused. Previously they were deleted after 7 days.
kong
is now placed behind NGINX to simplify loadbalancer setup.
- The loadbalancer has been renamed from
circleci-traefik
to circleci-proxy
.
- Workflow configurations that are stored in PostgreSQL will migrated to the Object Storage.
Known issues
- Telegraf needs to have its configuration overwritten and base64 encoded.
- When migrating from 3.x to 4.x, workflow configuration migrations will run as an
init
job and the workflows-conductor-event-consumer
and the workflows-conductor-grpc-handler
pods will not start until the migration completes. Customers with large PostgreSQL databases should plan accordingly. Migration time can be reduced by scaling the workflow-conductor
pods.
- Webhook-service may not work with an externalized Vault.
- Vault may not refresh its client token after a month of uptime.
- Retry with SSH for jobs using the machine executor advertises a private IP address. For this reason, retry with SSH for jobs using the machine executor works as standard for public installations, but for private installs you would need to ensure that you can access the private IP advertised. For example, by using a VPN into your VPC.
- CircleCI 1.0 builds are not supported. If an attempt is made to run a 1.0 build, no feedback will be available in the
application to indicate the cause of the issue. If a build is run on your installation and does not show up in the
CircleCI application, users should be directed to use the CircleCI CLI to validate the project configuration
and get details of the possible cause of the issue.
To learn more about Server 4.x installation, migration, or operations please see our documentation.