Skip to content

Releases: elastic/cloud-on-k8s

v2.15.0

12 Nov 18:59
61f99ee
Compare
Choose a tag to compare

Elastic Cloud on Kubernetes 2.15.0

New features

This is a maintenance release with various enhancements, bug fixes, and dependency upgrades, including the transition to Wolfi-based images for improved security.

Enhancements

  • Log when k8s resources are created/updated/deleted successfully #8094
  • More meaningful error in readiness script #8091 (issue: #8088)
  • Update Elastic Maps Server images to multi-arch #8085 (issue: #8034)
  • Add more metrics collected by stack monitoring #8048 (issue: #7277)
  • Move to Wolfi-based images #7977

Bug fixes

  • Ensure Elasticsearch client is closed after each reconciliation #8175 (issue: #8174)
  • Fix resetting service type to default when not specified #8165 (issue: #8161)
  • Fix Logstash templating issue in Helm chart #8087 (issue: #8000)
  • Move ‘$leading_path’ variable definition in eck-operator Helm chart #8075
  • Support Kibana basepath in associations #8053 (issue: #7909)
  • Fix eck-stack Kibana examples in Helm chart #8041
  • Add watcher for StatefulSets in Elastic Agent controller #8011
  • Add old readiness probe related ENVs #8009 (issue: #8006)

Documentation improvements

  • Clarify high availability recommendations in Elasticsearch orchestration docs #8151
  • Add note on how to access generated Kibana encryptionKeys #8150 (issue: #8129)
  • Move Troubleshooting section to top level of ToC #8145 (issue: #8131)
  • Document manual steps for reconfiguring role mappings after upgrading to ECK 8.15.3 #8112
  • Fix broken link to StatefulSet update strategies in documentation #8084
  • Emphasize the importance of having snapshot #8051

Misc

  • Bump github.com/docker/docker from 26.1.4+incompatible to 26.1.5+incompatible #7996
  • chore(deps): update registry.access.redhat.com/ubi9/ubi-minimal docker tag to v9.4-1227.1726694542 #8055
  • chore(deps): update wolfi/go to v1.23.2 and wolfi/static #8083
  • fix(deps): update k8s controller libraries to v0.31.1 #8056
  • fix(deps): update k8s controller tools #8101
  • fix(deps): update module cloud.google.com/go/storage to v1.44.0 #8103
  • fix(deps): update module dario.cat/mergo to v1.0.1 #8013
  • fix(deps): update module github.com/gkampitakis/go-snaps to v0.5.7 #7986
  • fix(deps): update module github.com/gobuffalo/flect to v1.0.3 #8071
  • fix(deps): update module github.com/google/go-containerregistry to v0.20.2 #7998
  • fix(deps): update module github.com/hashicorp/vault/api to v1.15.0 #8104
  • fix(deps): update module github.com/masterminds/sprig/v3 to v3.3.0 #8105
  • fix(deps): update module github.com/prometheus/client_golang to v1.20.4 #8045
  • fix(deps): update module github.com/prometheus/common to v0.60.0 #8106
  • fix(deps): update module go.elastic.co/apm/v2 to v2.6.2 #8036
  • fix(deps): update module go.uber.org/automaxprocs to v1.6.0 #8107

v2.14.0

08 Aug 12:55
e4e2391
Compare
Choose a tag to compare

Elastic Cloud on Kubernetes 2.14.0

New features

  • Ingress support for Elasticsearch and Kibana Helm Charts #7941
  • Add option to disable self-signed transport certs #7925 (issue: #6954)

Enhancements

  • Use Elasticsearch readiness port #7847 (issue: #7841) Note that this change is also referenced in the bug section as it fixes a bug in the previous implementation of the readiness probe.
  • Handle Serverless version in association versions check #7896
  • Use hash for secure settings secret updates #7843 (issue: #7842)
  • Report memory usage by application #7966 (issue: #7866)

Bug fixes

  • Fix Discrepancy between Logstash Helm Chart and docs for pipelinesRef #7958 (issue: #7957)
  • Fix Logstash service to preserve user defined labels #7895 (issue: #7855)
  • Handle empty NODE_ID in Elasticsearch PreStop hook #7892
  • Elasticsearch controller: fix panic and dropped error result during node shutdown #7875
  • Do not log registrations to prevent mapping explosion #7869 (issue: #7748)
  • Use Elasticsearch readiness port #7847 (issue: #7841)

Documentation improvements

  • Document how to connect to unmanaged resources #7965 (issue: #6449)
  • Fix typo on SAML Authentication docs page #7950
  • [OpenShift Route apiVersion must be route.openshift.io/v1 #7834

Misc

  • update docker.io/library/golang docker tag to v1.22.5 #7930
  • update github.com/gkampitakis/go-snaps to v0.5.5 #7947
  • update github.com/go-logr/logr to v1.4.2 #7850
  • update github.com/go-test/deep to v1.1.1 #7916
  • update github.com/google/go-containerregistry to v0.20.1 #7934
  • update github.com/hashicorp/go-retryablehttp from 0.7.6 to 0.7.7 #7920
  • update github.com/hashicorp/vault/api to v1.14.0 #7852
  • update github.com/prometheus/client_golang to v1.19.1 #7796
  • update github.com/prometheus/common to v0.55.0 #7923
  • update github.com/sethvargo/go-password to v0.3.1 #7922
  • update github.com/spf13/cobra to v1.8.1 #7903
  • update github.com/spf13/viper to v1.19.0 #7864
  • update golang.org/x/crypto to v0.25.0 #7932
  • update k8s to v0.30.3 #7946
  • update module k8s.io/klog/v2 to v2.130.1 #7917
  • update registry.access.redhat.com/ubi9/ubi-minimal docker tag to v9.4-1134 #7900
  • update sigs.k8s.io/controller-runtime to v0.18.4 #7882
  • update sigs.k8s.io/controller-tools to v0.15.0 and k8s to v0.30.0 #7807

v2.13.0

05 Jun 13:12
8896afe
Compare
Choose a tag to compare

Elastic Cloud on Kubernetes 2.13.0

New features

  • ECK Enterprise Search Helm Chart. #7744

Enhancements

  • Account for Logstash memory in resource aggregator #7853
  • Add Helm annotation to CRDs to prevent accidental deletion. #7811 (issue: #5117)
  • Allow disabling of elastic user. #7723 (issue: #7719 )
  • Make automountServiceAccountToken configurable on operator Pods via Helm #7690
  • Support setting labels and annotations on operator statefulset via Helm #7688
  • Fix Logstash keystore performance #7642 (issue: #7027 )
  • Support api_key authentication for agent-elasticsearch association #7598

Bug fixes

  • Increase default memory for agent #7789
  • Correct StatefulSet name label for Logstash pods #7788 (issue: #7742)
  • Fix webhook certname in Helm template #7775 (issue: #7771 )
  • Support loadBalancerClass in service reconciliation #7706 (issue: #7691 )
  • [Autoscaling] Do not delete existing resources #7678
  • Fix namespace logged twice #7640
  • Fix cluster name label of es scripts config map #7630

Documentation improvements

  • Add note that autoscalers are not yet supported by Logstash on ECK #7821 (issue: #7820)
  • Update indentation of ldap example #7725
  • Add Logstash Plugins on ECK documentation and remove technical preview tags #7702
  • Update saml-authentication.asciidoc #7680
  • Update stack version in recipes #7651

Misc

  • fix(deps): update module github.com/sethvargo/go-password to v0.3.0 #7736
  • fix(deps): update module github.com/prometheus/common to v0.53.0 #7735
  • fix(deps): update module github.com/hashicorp/vault/api to v1.13.0 #7734
  • Bump golang.org/x/net from 0.22.0 to 0.23.0 #7729
  • fix(deps): update module go.elastic.co/apm to v2.6.0 #7714
  • fix(deps): update module sigs.k8s.io/controller-runtime to v0.17.3 #7705
  • fix(deps): update module golang.org/x/crypto to v0.22.0 #7696
  • Update buildkite agent image (golang 1.22.2) #7694
  • Update docker.io/library/golang docker tag to v1.22.2 #7693
  • Bump github.com/docker/docker from 24.0.7+incompatible to 24.0.9+incompatible #7645
  • fix(deps): update module github.com/elastic/go-ucfg to v0.8.8 #7641
  • fix(deps): update module google.golang.org/api to v0.170.0 #7639
  • fix(deps): update module helm.sh/helm/v3 to v3.14.3 #7634
  • fix(deps): update module github.com/google/go-containerregistry to v0.19.1 #7632
  • fix(deps): update k8s to v0.29.3 #7631
  • chore(deps): update registry.access.redhat.com/ubi9/ubi-minimal docker tag to v9.3-1612 #7609
  • chore(deps): update docker.io/library/golang docker tag to v1.22.1 #7608
  • Bump github.com/go-jose/go-jose/v3 from 3.0.1 to 3.0.3 #7602
  • fix(deps): update module github.com/stretchr/testify to v1.9.0 #7593
  • fix(deps): update module github.com/prometheus/client_golang to v1.19.0 #7591

v2.12.1

27 Mar 16:21
a56215f
Compare
Choose a tag to compare

Elastic Cloud on Kubernetes 2.12.1

Bug fixes

  • Move desired nodes version gate in the client #7663 (#7664)

v2.12.0

26 Mar 10:21
dbdcc1c
Compare
Choose a tag to compare

Elastic Cloud on Kubernetes 2.12.0

Enhancements

  • Remove noisy stack config policy log line #7582 (issue: #7529)
  • Increase the default PVC size for logstash #7540 (issue: #7538)
  • Add eck-apm-server Helm Chart #7533 (issue: #7489)
  • Add Health to Logstash Status #7528 (issue: #7527)
  • Add resourceStatuses back into stack config policy status for backwards compatibility #7500
  • Add support for updateStrategy in Logstash #7466
  • Add TLS and basic authentication integration to Logstash API server #7408 (issue: #6971)
  • Add support for securing the operator metrics endpoint with RBAC and TLS #7567
  • Remove Enterprise license restriction from ECK stack Helm charts #7621

Bug fixes

  • Fix having multiple type keys in eck-beats chart #7523 (issue: #7487)
  • Use eck-operator UBI image when ubiOnly=true. #7486 (issue: #7485)
  • Fix Logstash crashes with env #7475 (issue: #7450)

Documentation improvements

  • Fix Logstash quickstart docs using single-quote EOF to avoid expanding variables #7580 (issue: #7572)
  • Fix typo in managing-compute-resources documentation #7563
  • Update APM Server docs for use since 8.x requiring Kibana #7559 (issue: #7541)
  • Remove initContainer section in Logstash plugin docs #7557
  • Add caution concerning running differing versions of CRDs + operator #7503
  • Fix small typo in uninstall docs #7436

Misc

  • fix(deps): update module golang.org/x/crypto to v0.20.0 #7578
  • fix(deps): update module go.uber.org/zap to v1.27.0 #7577
  • fix(deps): update module github.com/prometheus/common to v0.48.0 #7570
  • fix(deps): update k8s to v0.29.2 and controller-runtime to v0.17.2 #7568
  • fix(deps): update module github.com/hashicorp/vault/api to v1.12.0 #7550
  • chore(deps): update docker.io/library/golang docker tag to v1.22.0 #7549
  • fix(deps): update module github.com/google/go-containerregistry to v0.19.0 #7517
  • fix(deps): update k8s to v0.29.1 #7505
  • chore(deps): update registry.access.redhat.com/ubi9/ubi-minimal docker tag to v9.3-1552 #7501
  • fix(deps): update module github.com/google/uuid to v1.6.0 #7496
  • fix(deps): update module k8s.io/klog/v2 to v2.120.1 #7484
  • fix(deps): update module go.elastic.co/apm/v2 to v2.4.8 #7472
  • fix(deps): update module sigs.k8s.io/controller-tools to v0.14.0 #7461
  • fix(deps): update module github.com/spf13/viper to v1.18.2 #7458
  • fix(deps): update module github.com/prometheus/client_golang to v1.18.0 #7417
  • fix(deps): update module github.com/go-logr/logr to v1.4.1 #7409

v2.11.1

31 Jan 16:01
ddde995
Compare
Choose a tag to compare

Elastic Cloud on Kubernetes 2.11.1

Bug fixes

  • Add resourceStatuses back into the status subresource section of the Stack Configuration Policy for backwards compatability #7500

v2.11.0

17 Jan 15:42
64eb953
Compare
Choose a tag to compare

Elastic Cloud on Kubernetes 2.11.0

New features

  • Introduce Kibana config field in stack config policy #7324
  • Introduce Elasticsearch config and additional secret mounts to stack config policy #7233
  • Add StatefulSet as a deployment option for Elastic Agent #7357

Enhancements

  • Allow Agent and Elastic stack in different namespaces. #7382 (issue: #7352)
  • Support -ubi suffix starting 8.12.0 and 7.17.16 #7368
  • Update to ubi9 and use -ubi prefix for operator image #7321
  • Allow setting additional operator flags via the Helm chart #7252 (issue: #6091)
  • Support configuring "ca-dir" operator setting via helm #7243 (issues: #6091, #6435)

Bug fixes

  • Update eck-elasticsearch default secureSettings values to be slice #7397
  • Fix recipe name to run Fleet as non-root #7313 (issue: #7312)

Documentation improvements

  • Document how to use stack config policies to manage authentication #7381
  • Fix secure settings link on stack config policy page #7377
  • Document known issue with Kibana 8.11.2 using secure settings #7373 (issue: #7371)
  • Add details about rolling restart behavior #7372
  • Update node configuration documentation to note reserved settings #7351
  • Use docker.io/bash for sleep container of max-map-count-setter Daemonset #7332
  • Update Beats stack monitoring recipe #7322
  • Document basic snapshot repository setup for Azure #7308
  • Documentation link replaced with markup in 2.10 release notes #7306
  • Make plugin installation via initContainer more robust #7305
  • Add additional details on CA requirements. #7271
  • Document how to provide container registry credentials in air-gapped environments #7256)

Misc

  • Bump golang.org/x/crypto from 0.16.0 to 0.17.0 #7394
  • chore(deps): update docker.io/library/golang docker tag to v1.21.5 #7366
  • fix(deps): update module github.com/google/go-containerregistry to v0.17.0 #7355
  • fix(deps): update module go.elastic.co/apm/v2 to v2.4.7 #7337
  • Bump github.com/go-jose/go-jose/v3 from 3.0.0 to 3.0.1 #7329
  • chore(deps): update registry.access.redhat.com/ubi9/ubi-minimal docker tag to v9 #7326
  • fix(deps): update k8s to v0.28.4 #7319
  • fix(deps): update module github.com/spf13/cobra to v1.8.0 #7288
  • Update docker v24.0.7+incompatible #7282
  • fix(deps): update module k8s.io/klog/v2 to v2.110.1 #7278
  • fix(deps): update module github.com/go-logr/logr to v1.3.0 #7272
  • fix(deps): update module github.com/google/uuid to v1.4.0 #7270
  • fix(deps): update module sigs.k8s.io/controller-runtime to v0.16.3 #7249
  • fix(deps): update module github.com/prometheus/common to v0.45.0 #7246

v2.10.0

08 Nov 10:20
59c1e72
Compare
Choose a tag to compare

Elastic Cloud on Kubernetes 2.10.0

Enhancements

  • Allow setting additional operator flags via the Helm chart #7252
  • Support configuring "ca-dir" operator setting via Helm #7243
  • Logstash Elastic Stack Helm Chart #7143
  • Support for Logstash secure settings from Kubernetes Secrets using keystore #7024
  • Support running Agent as a non-root #6700

Bug fixes

  • Update ECK-Beats default values to not include ElasticsearchRef. #7228
  • Updating scripts configMap no longer causes Elasticsearch restart #7114 (issue: #6963)
  • Remove volumeClaimTemplates status sub-resource from Elasticsearch CRD #7097
  • Fix indentation to specify affinity, nodeSelector and tolerations in operator Helm chart #7084

Documentation improvements

  • Better sample command outputs in the Agent Fleet documentation #7213
  • Improved documentation about how to reset the default user's password #7181 (issue: #7182)
  • Removed trailing whitespaces from operator's values.yaml file. #7179 (issue: #7178)
  • Update beat/agent doc with missing RBAC rules required from 8.9.0 #7161 (issue: #6946)
  • Better documentation of podDisruptionBudget for Elasticsearch.spec #7155
  • Kubernetes 1.28 added to supported versions #7147
  • Fix incorrect Pod template spec in Logstash docs #7124
  • SAML documentation examples no longer use a deprecated callback URL #7117 (issue:#7118)
  • SAML documentation examples have a trailing slash in sp.entity_id #7115 (issue: #7116)
  • Fix manifest example to update JVM options for Logstash #7113
  • Stack monitoring documentation examples updated to use v1alpha1 as Logstash k8s api version #7111
  • Update saml-authentication.asciidoc #7101
  • Fix sed command to use FIPS compatible operator image in FIPS doc #7076
  • Update docs concerning intermediate CAs #7066
  • Stack config policies are no longer marked as experimental #7044
  • Air-gapped documentation describes how to use a mirrored operator image #7019
  • Update Fleet Server quickstart documentation to use emptyDir for agent-data volumes #6563

Misc

  • Update module golang.org/x/net to 0.17.0 #7229
  • fix(deps): update module go.elastic.co/apm/v2 to v2.4.5 #7218
  • fix(deps): update module github.com/google/go-cmp to v0.6.0 #7216
  • chore(deps): update docker.io/library/golang docker tag to v1.21.3 #7215
  • fix(deps): update module google.golang.org/api to v0.146.0 #7211
  • chore(deps): update registry.access.redhat.com/ubi8/ubi-minimal docker tag to v8.8-1072.1696517598 #7210
  • fix(deps): update module github.com/spf13/viper to v1.17.0 #7209
  • fix(deps): update module golang.org/x/crypto to v0.14.0 #7203
  • fix(deps): update module github.com/hashicorp/golang-lru/v2 to v2.0.7 #7193
  • fix(deps): update module github.com/prometheus/client_golang to v1.17.0 #7186
  • fix(deps): update module sigs.k8s.io/controller-runtime to v0.16.2 #7185
  • fix(deps): update module go.uber.org/zap to v1.26.0 #7169
  • fix(deps): update k8s to v0.28.2 #7165
  • fix(deps): update module github.com/hashicorp/vault/api to v1.10.0 #7152
  • Update module github.com/google/go-containerregistry to v0.16.1 #7073
  • Update module go.uber.org/automaxprocs to v1.5.3 #7042
  • Update module sigs.k8s.io/controller-tools to v0.12.1 #7011

v2.9.0

25 Jul 13:32
f24ccc3
Compare
Choose a tag to compare

Elastic Cloud on Kubernetes 2.9.0

Breaking changes

  • Add Support for volumeClaimTemplates for Logstash controller #6884

Enhancements

  • Enable runAsNonRoot=true for Beats >= 8.8.x #6793

Bug fixes

  • Validating policy ID only when running in Fleet mode for Elastic Agent #6938 (issue: #6903)
  • Add Selector to Logstash status #6854

Documentation improvements

  • Document Logstash connection to external Elasticsearch #6895

Misc

  • Update module golang.org/x/text to v0.11.0 #6976
  • Update registry.access.redhat.com/ubi8/ubi-minimal Docker tag to v8.8-1014 #6962
  • Disable test agent with fleet mode in 8.0.1 #6957 (issues: #6331, #6956)
  • Update module go.elastic.co/apm/v2 to v2.4.3 #6942
  • Update module github.com/hashicorp/golang-lru/v2 to v2.0.4 #6935
  • Update module github.com/imdario/mergo to v1 #6925
  • Update module github.com/prometheus/client_golang to v1.16.0 #6909
  • Update k8s to v0.27.3 #6908
  • Update module golang.org/x/crypto to v0.10.0 #6900
  • Update docker.io/library/golang Docker tag to v1.20.5 #6887
  • Update module github.com/spf13/viper to v1.16.0 #6867
  • Update module github.com/stretchr/testify to v1.8.4 #6866
  • Update module sigs.k8s.io/controller-runtime to v0.15.0 #6847
  • Update module github.com/prometheus/common to v0.44.0 #6835
  • Update module github.com/google/go-containerregistry to v0.15.2 #6817
  • Update module golang.org/x/oauth2 to v0.8.0 #6771
  • Update module golang.org/x/net to v0.10.0 #6770

2.8.0

25 May 11:55
3940cf4
Compare
Choose a tag to compare

Elastic Cloud on Kubernetes 2.8.0

Warning This release includes a hardened default security context for Elasticsearch containers. It is highly recommended to test against a staging environment before deploying to production.

Breaking changes

  • Use provided base path for stackconfigpolicy's snapshot repository #6689 (issue: #6692)
  • APM Server: Fix secret token config for APM Server 8.0+ #6769 (issue: #6768)

New features

  • Introduce the Logstash operator for ECK #6732 (issue: #1453)

Enhancements

Elasticsearch

  • Call _nodes/shutdown from pre-stop hook #6544 (issue: #6478)
  • Create Elasticsearch client for observer only if needed #6407 (issue: #6090)
  • Add the full CA certificate chain to trusted HTTP certs for Elasticsearch #6681 (issue: #6574)
  • Allow custom certificates on the transport layer #6727 (issue: #6479)
  • Hardened Security Context for Elasticsearch #6703 (issue: #6126)

Helm charts

  • Enable hostNetwork support in eck-operator Helm chart #6636
  • Add PodDisruptionBudget to eck-operator Helm chart #6671

ECK Operator

  • Add operator flag to define webhook port #6691 (issue: #6655)
  • Add operator flag to define global container repository #6737 (issue: #6643)

Fleet

  • Deprecate is_default and is_default_fleet_server flags #6724 (issue: #6678)

Bug fixes

  • Fix doc attributes in stack-helm-chart.asciidoc #6742
  • Do not set FLEET_CA for well-known CAs #6733 (issue: #6673)
  • Fix default elasticsearch-data volumeMount configuration #6725 (issue: #6186)
  • Conditionally set container-suffix in ECK config #6711 (issue: #6695)
  • [helm-chart] Include webhook client configuration CA only when certificates are not managed by the operator or cert-manager #6642 (issue: #6641)
  • Remove default for daemonset/deployment in eck-beats & eck-agent Helm Charts #6621 (issue: #6330)

Documentation improvements

  • Documentation for running ECK, Elasticsearch, and Kibana on GKE Autopilot #6760
  • Contributing page updated with Helm chart tests suite #6744
  • Documentation for Logstash on ECK #6743
  • Add 2.6 and 2.7 to the triggered restart list #6786 (issue: #6765)

Misc

  • Bump github.com/docker/distribution from 2.8.1+incompatible to 2.8.2+incompatible #6801
  • Bump google.golang.org/protobuf from 1.29.0 to 1.29.1 #6549
  • Update docker.io/library/golang Docker tag to v1.20.4 #6752
  • Update github.com/docker/docker #6654
  • Update k8s to v0.26.3 #6546
  • Update k8s.io/client-go to v0.26.5 #6849
  • Update module cloud.google.com/go/storage to v1.30.0 #6531
  • Update module github.com/go-git/go-git/v5 to v5.6.1 #6536
  • Update module github.com/go-logr/logr to v1.2.4 #6625
  • Update module github.com/google/go-containerregistry to v0.14.0 #6532
  • Update module github.com/hashicorp/vault/api to v1.9.1 #6707
  • Update module github.com/imdario/mergo to v0.3.15 #6581
  • Update module github.com/operator-framework/operator-registry to v1.26.5 #6622
  • Update module github.com/prometheus/client_golang to v1.15.0 #6686
  • Update module github.com/spf13/cobra to v1.7.0 #6647
  • Update module go.elastic.co/apm/module/apmelasticsearch/v2 to v2.3.0 #6631
  • Update module go.elastic.co/apm/module/apmzap/v2 to v2.3.0 #6633
  • Update module go.uber.org/automaxprocs to v1.5.2 #6547
  • Update module golang.org/x/crypto to v0.8.0 #6669
  • Update module golang.org/x/text to v0.9.0 #6666
  • Update module google.golang.org/api to v0.115.0 #6651
  • Update module sigs.k8s.io/controller-runtime to v0.14.6 #6614
  • Update module sigs.k8s.io/controller-tools to v0.11.4 #6718
  • Update modules go.elastic.co/apm/* to v2.4.1 #6739
  • Update registry.access.redhat.com/ubi8/ubi-minimal Docker tag to v8.7-1107 #6646