Releases: elastic/cloud-on-k8s
Releases · elastic/cloud-on-k8s
v2.16.0
Elastic Cloud on Kubernetes 2.16.0
New features
Enhancements
- Make Helm chart consistent in respect to handling of 'spec'. (eck-fleet-server) #8285
- Make Helm chart consistent in respect to handling of 'spec'. (eck-beats) #8248
- Make Helm chart consistent in respect to handling of 'spec'. (eck-agent) #8246
- Make Helm chart consistent in respect to handling of 'spec'. (eck-kibana) #8192
- Set default hardened security context for Kibana. #8086 (issue: #7787)
- Add a setting in the Helm chart to deploy FIPS compliant ECK image. #8272 (issue: #8204)
- Remove kube-rbac-proxy and adjust default approach to securing the metrics endpoint. #8302 (issue: #8279)
Bug fixes
- Allow Beats stack monitoring without elasticseachRef. #8273 (issue: #8194)
- Add recommened roles for Elastic Agent on Kubernetes. #8188 (issue: #8168)
- Set 'basePath' in Metricbeat when using stack monitoring #8311 (issue: #8310)
Documentation improvements
- Optimization of the quickstart sections. #8128
- Optimization of overview and support help. #8130
- Remove node.remote_cluster_client from examples. #8274
- Update the guidance for the stack config policy/role mapping issue. #8247
- Update stack monitoring documentation. #8198
- Document remote clusters using API keys. #8181 (issue: #8167)
- Add Kibana to the Enterprise search sample. #8166 (issue: #5090)
- Add explanation line for es ingress 9300 port. #8164 (issue: #7833)
- Clarify high availability recommendations in Elasticsearch orchestration docs. #8151
- Add note on how to access generated Kibana encryption keys. #8150 (issue: #8129)
- Move Troubleshooting section to top level of table of contents. #8145 (issue: #8131)
- Add is_managed: true to Agent policies. #8125 (issue: #7290)
- Adds a secure settings link to K8s docs and note the need to be base64 encoded. #8113
Misc
- Enterprise Search transition to Elasticsearch #8323 (issue: #8308)
- fix(deps): update module golang.org/x/crypto to v0.29.0 #8240
- chore(deps): update registry.access.redhat.com/ubi9/ubi-minimal docker tag to v9.5-1731604394 #8237
- chore(deps): update go to v1.23.3 #8190
- fix(deps): update module github.com/prometheus/common to v0.60.1 #8178
- fix(deps): update k8s versions #8163
- chore(deps): update wolfi (versioned) #8162
- fix(deps): update module github.com/prometheus/client_golang to v1.20.5 #8133
- fix(deps): Bump golang.org/x/crypto from 0.29.0 to 0.31.0 #8341
v2.15.0
Elastic Cloud on Kubernetes 2.15.0
New features
This is a maintenance release with various enhancements, bug fixes, and dependency upgrades, including the transition to Wolfi-based images for improved security.
Enhancements
- Log when k8s resources are created/updated/deleted successfully #8094
- More meaningful error in readiness script #8091 (issue: #8088)
- Update Elastic Maps Server images to multi-arch #8085 (issue: #8034)
- Add more metrics collected by stack monitoring #8048 (issue: #7277)
- Move to Wolfi-based images #7977
Bug fixes
- Ensure Elasticsearch client is closed after each reconciliation #8175 (issue: #8174)
- Fix resetting service type to default when not specified #8165 (issue: #8161)
- Fix Logstash templating issue in Helm chart #8087 (issue: #8000)
- Move ‘$leading_path’ variable definition in eck-operator Helm chart #8075
- Support Kibana basepath in associations #8053 (issue: #7909)
- Fix eck-stack Kibana examples in Helm chart #8041
- Add watcher for StatefulSets in Elastic Agent controller #8011
- Add old readiness probe related ENVs #8009 (issue: #8006)
Documentation improvements
- Clarify high availability recommendations in Elasticsearch orchestration docs #8151
- Add note on how to access generated Kibana encryptionKeys #8150 (issue: #8129)
- Move Troubleshooting section to top level of ToC #8145 (issue: #8131)
- Document manual steps for reconfiguring role mappings after upgrading to ECK 8.15.3 #8112
- Fix broken link to StatefulSet update strategies in documentation #8084
- Emphasize the importance of having snapshot #8051
Misc
- Bump github.com/docker/docker from 26.1.4+incompatible to 26.1.5+incompatible #7996
- chore(deps): update registry.access.redhat.com/ubi9/ubi-minimal docker tag to v9.4-1227.1726694542 #8055
- chore(deps): update wolfi/go to v1.23.2 and wolfi/static #8083
- fix(deps): update k8s controller libraries to v0.31.1 #8056
- fix(deps): update k8s controller tools #8101
- fix(deps): update module cloud.google.com/go/storage to v1.44.0 #8103
- fix(deps): update module dario.cat/mergo to v1.0.1 #8013
- fix(deps): update module github.com/gkampitakis/go-snaps to v0.5.7 #7986
- fix(deps): update module github.com/gobuffalo/flect to v1.0.3 #8071
- fix(deps): update module github.com/google/go-containerregistry to v0.20.2 #7998
- fix(deps): update module github.com/hashicorp/vault/api to v1.15.0 #8104
- fix(deps): update module github.com/masterminds/sprig/v3 to v3.3.0 #8105
- fix(deps): update module github.com/prometheus/client_golang to v1.20.4 #8045
- fix(deps): update module github.com/prometheus/common to v0.60.0 #8106
- fix(deps): update module go.elastic.co/apm/v2 to v2.6.2 #8036
- fix(deps): update module go.uber.org/automaxprocs to v1.6.0 #8107
v2.14.0
Elastic Cloud on Kubernetes 2.14.0
New features
- Ingress support for Elasticsearch and Kibana Helm Charts #7941
- Add option to disable self-signed transport certs #7925 (issue: #6954)
Enhancements
- Use Elasticsearch readiness port #7847 (issue: #7841) Note that this change is also referenced in the bug section as it fixes a bug in the previous implementation of the readiness probe.
- Handle Serverless version in association versions check #7896
- Use hash for secure settings secret updates #7843 (issue: #7842)
- Report memory usage by application #7966 (issue: #7866)
Bug fixes
- Fix Discrepancy between Logstash Helm Chart and docs for pipelinesRef #7958 (issue: #7957)
- Fix Logstash service to preserve user defined labels #7895 (issue: #7855)
- Handle empty NODE_ID in Elasticsearch PreStop hook #7892
- Elasticsearch controller: fix panic and dropped error result during node shutdown #7875
- Do not log registrations to prevent mapping explosion #7869 (issue: #7748)
- Use Elasticsearch readiness port #7847 (issue: #7841)
Documentation improvements
- Document how to connect to unmanaged resources #7965 (issue: #6449)
- Fix typo on SAML Authentication docs page #7950
- [OpenShift Route apiVersion must be route.openshift.io/v1 #7834
Misc
- update docker.io/library/golang docker tag to v1.22.5 #7930
- update github.com/gkampitakis/go-snaps to v0.5.5 #7947
- update github.com/go-logr/logr to v1.4.2 #7850
- update github.com/go-test/deep to v1.1.1 #7916
- update github.com/google/go-containerregistry to v0.20.1 #7934
- update github.com/hashicorp/go-retryablehttp from 0.7.6 to 0.7.7 #7920
- update github.com/hashicorp/vault/api to v1.14.0 #7852
- update github.com/prometheus/client_golang to v1.19.1 #7796
- update github.com/prometheus/common to v0.55.0 #7923
- update github.com/sethvargo/go-password to v0.3.1 #7922
- update github.com/spf13/cobra to v1.8.1 #7903
- update github.com/spf13/viper to v1.19.0 #7864
- update golang.org/x/crypto to v0.25.0 #7932
- update k8s to v0.30.3 #7946
- update module k8s.io/klog/v2 to v2.130.1 #7917
- update registry.access.redhat.com/ubi9/ubi-minimal docker tag to v9.4-1134 #7900
- update sigs.k8s.io/controller-runtime to v0.18.4 #7882
- update sigs.k8s.io/controller-tools to v0.15.0 and k8s to v0.30.0 #7807
v2.13.0
Elastic Cloud on Kubernetes 2.13.0
New features
- ECK Enterprise Search Helm Chart. #7744
Enhancements
- Account for Logstash memory in resource aggregator #7853
- Add Helm annotation to CRDs to prevent accidental deletion. #7811 (issue: #5117)
- Allow disabling of elastic user. #7723 (issue: #7719 )
- Make automountServiceAccountToken configurable on operator Pods via Helm #7690
- Support setting labels and annotations on operator statefulset via Helm #7688
- Fix Logstash keystore performance #7642 (issue: #7027 )
- Support api_key authentication for agent-elasticsearch association #7598
Bug fixes
- Increase default memory for agent #7789
- Correct StatefulSet name label for Logstash pods #7788 (issue: #7742)
- Fix webhook certname in Helm template #7775 (issue: #7771 )
- Support loadBalancerClass in service reconciliation #7706 (issue: #7691 )
- [Autoscaling] Do not delete existing resources #7678
- Fix namespace logged twice #7640
- Fix cluster name label of es scripts config map #7630
Documentation improvements
- Add note that autoscalers are not yet supported by Logstash on ECK #7821 (issue: #7820)
- Update indentation of ldap example #7725
- Add Logstash Plugins on ECK documentation and remove technical preview tags #7702
- Update saml-authentication.asciidoc #7680
- Update stack version in recipes #7651
Misc
- fix(deps): update module github.com/sethvargo/go-password to v0.3.0 #7736
- fix(deps): update module github.com/prometheus/common to v0.53.0 #7735
- fix(deps): update module github.com/hashicorp/vault/api to v1.13.0 #7734
- Bump golang.org/x/net from 0.22.0 to 0.23.0 #7729
- fix(deps): update module go.elastic.co/apm to v2.6.0 #7714
- fix(deps): update module sigs.k8s.io/controller-runtime to v0.17.3 #7705
- fix(deps): update module golang.org/x/crypto to v0.22.0 #7696
- Update buildkite agent image (golang 1.22.2) #7694
- Update docker.io/library/golang docker tag to v1.22.2 #7693
- Bump github.com/docker/docker from 24.0.7+incompatible to 24.0.9+incompatible #7645
- fix(deps): update module github.com/elastic/go-ucfg to v0.8.8 #7641
- fix(deps): update module google.golang.org/api to v0.170.0 #7639
- fix(deps): update module helm.sh/helm/v3 to v3.14.3 #7634
- fix(deps): update module github.com/google/go-containerregistry to v0.19.1 #7632
- fix(deps): update k8s to v0.29.3 #7631
- chore(deps): update registry.access.redhat.com/ubi9/ubi-minimal docker tag to v9.3-1612 #7609
- chore(deps): update docker.io/library/golang docker tag to v1.22.1 #7608
- Bump github.com/go-jose/go-jose/v3 from 3.0.1 to 3.0.3 #7602
- fix(deps): update module github.com/stretchr/testify to v1.9.0 #7593
- fix(deps): update module github.com/prometheus/client_golang to v1.19.0 #7591
v2.12.1
Elastic Cloud on Kubernetes 2.12.1
Bug fixes
v2.12.0
Elastic Cloud on Kubernetes 2.12.0
Enhancements
- Remove noisy stack config policy log line #7582 (issue: #7529)
- Increase the default PVC size for logstash #7540 (issue: #7538)
- Add eck-apm-server Helm Chart #7533 (issue: #7489)
- Add Health to Logstash Status #7528 (issue: #7527)
- Add resourceStatuses back into stack config policy status for backwards compatibility #7500
- Add support for updateStrategy in Logstash #7466
- Add TLS and basic authentication integration to Logstash API server #7408 (issue: #6971)
- Add support for securing the operator metrics endpoint with RBAC and TLS #7567
- Remove Enterprise license restriction from ECK stack Helm charts #7621
Bug fixes
- Fix having multiple
type
keys in eck-beats chart #7523 (issue: #7487) - Use eck-operator UBI image when ubiOnly=true. #7486 (issue: #7485)
- Fix Logstash crashes with env #7475 (issue: #7450)
Documentation improvements
- Fix Logstash quickstart docs using single-quote EOF to avoid expanding variables #7580 (issue: #7572)
- Fix typo in managing-compute-resources documentation #7563
- Update APM Server docs for use since 8.x requiring Kibana #7559 (issue: #7541)
- Remove initContainer section in Logstash plugin docs #7557
- Add caution concerning running differing versions of CRDs + operator #7503
- Fix small typo in uninstall docs #7436
Misc
- fix(deps): update module golang.org/x/crypto to v0.20.0 #7578
- fix(deps): update module go.uber.org/zap to v1.27.0 #7577
- fix(deps): update module github.com/prometheus/common to v0.48.0 #7570
- fix(deps): update k8s to v0.29.2 and controller-runtime to v0.17.2 #7568
- fix(deps): update module github.com/hashicorp/vault/api to v1.12.0 #7550
- chore(deps): update docker.io/library/golang docker tag to v1.22.0 #7549
- fix(deps): update module github.com/google/go-containerregistry to v0.19.0 #7517
- fix(deps): update k8s to v0.29.1 #7505
- chore(deps): update registry.access.redhat.com/ubi9/ubi-minimal docker tag to v9.3-1552 #7501
- fix(deps): update module github.com/google/uuid to v1.6.0 #7496
- fix(deps): update module k8s.io/klog/v2 to v2.120.1 #7484
- fix(deps): update module go.elastic.co/apm/v2 to v2.4.8 #7472
- fix(deps): update module sigs.k8s.io/controller-tools to v0.14.0 #7461
- fix(deps): update module github.com/spf13/viper to v1.18.2 #7458
- fix(deps): update module github.com/prometheus/client_golang to v1.18.0 #7417
- fix(deps): update module github.com/go-logr/logr to v1.4.1 #7409
v2.11.1
Elastic Cloud on Kubernetes 2.11.1
Bug fixes
- Add
resourceStatuses
back into the status subresource section of the Stack Configuration Policy for backwards compatability #7500
v2.11.0
Elastic Cloud on Kubernetes 2.11.0
New features
- Introduce Kibana config field in stack config policy #7324
- Introduce Elasticsearch config and additional secret mounts to stack config policy #7233
- Add StatefulSet as a deployment option for Elastic Agent #7357
Enhancements
- Allow Agent and Elastic stack in different namespaces. #7382 (issue: #7352)
- Support -ubi suffix starting 8.12.0 and 7.17.16 #7368
- Update to ubi9 and use -ubi prefix for operator image #7321
- Allow setting additional operator flags via the Helm chart #7252 (issue: #6091)
- Support configuring "ca-dir" operator setting via helm #7243 (issues: #6091, #6435)
Bug fixes
- Update eck-elasticsearch default secureSettings values to be slice #7397
- Fix recipe name to run Fleet as non-root #7313 (issue: #7312)
Documentation improvements
- Document how to use stack config policies to manage authentication #7381
- Fix secure settings link on stack config policy page #7377
- Document known issue with Kibana 8.11.2 using secure settings #7373 (issue: #7371)
- Add details about rolling restart behavior #7372
- Update node configuration documentation to note reserved settings #7351
- Use
docker.io/bash
for sleep container of max-map-count-setter Daemonset #7332 - Update Beats stack monitoring recipe #7322
- Document basic snapshot repository setup for Azure #7308
- Documentation link replaced with markup in 2.10 release notes #7306
- Make plugin installation via initContainer more robust #7305
- Add additional details on CA requirements. #7271
- Document how to provide container registry credentials in air-gapped environments #7256)
Misc
- Bump golang.org/x/crypto from 0.16.0 to 0.17.0 #7394
- chore(deps): update docker.io/library/golang docker tag to v1.21.5 #7366
- fix(deps): update module github.com/google/go-containerregistry to v0.17.0 #7355
- fix(deps): update module go.elastic.co/apm/v2 to v2.4.7 #7337
- Bump github.com/go-jose/go-jose/v3 from 3.0.0 to 3.0.1 #7329
- chore(deps): update registry.access.redhat.com/ubi9/ubi-minimal docker tag to v9 #7326
- fix(deps): update k8s to v0.28.4 #7319
- fix(deps): update module github.com/spf13/cobra to v1.8.0 #7288
- Update docker v24.0.7+incompatible #7282
- fix(deps): update module k8s.io/klog/v2 to v2.110.1 #7278
- fix(deps): update module github.com/go-logr/logr to v1.3.0 #7272
- fix(deps): update module github.com/google/uuid to v1.4.0 #7270
- fix(deps): update module sigs.k8s.io/controller-runtime to v0.16.3 #7249
- fix(deps): update module github.com/prometheus/common to v0.45.0 #7246
v2.10.0
Elastic Cloud on Kubernetes 2.10.0
Enhancements
- Allow setting additional operator flags via the Helm chart #7252
- Support configuring "ca-dir" operator setting via Helm #7243
- Logstash Elastic Stack Helm Chart #7143
- Support for Logstash secure settings from Kubernetes Secrets using keystore #7024
- Support running Agent as a non-root #6700
Bug fixes
- Update ECK-Beats default values to not include ElasticsearchRef. #7228
- Updating scripts configMap no longer causes Elasticsearch restart #7114 (issue: #6963)
- Remove volumeClaimTemplates status sub-resource from Elasticsearch CRD #7097
- Fix indentation to specify affinity, nodeSelector and tolerations in operator Helm chart #7084
Documentation improvements
- Better sample command outputs in the Agent Fleet documentation #7213
- Improved documentation about how to reset the default user's password #7181 (issue: #7182)
- Removed trailing whitespaces from operator's values.yaml file. #7179 (issue: #7178)
- Update beat/agent doc with missing RBAC rules required from 8.9.0 #7161 (issue: #6946)
- Better documentation of podDisruptionBudget for Elasticsearch.spec #7155
- Kubernetes 1.28 added to supported versions #7147
- Fix incorrect Pod template spec in Logstash docs #7124
- SAML documentation examples no longer use a deprecated callback URL #7117 (issue:#7118)
- SAML documentation examples have a trailing slash in sp.entity_id #7115 (issue: #7116)
- Fix manifest example to update JVM options for Logstash #7113
- Stack monitoring documentation examples updated to use v1alpha1 as Logstash k8s api version #7111
- Update saml-authentication.asciidoc #7101
- Fix sed command to use FIPS compatible operator image in FIPS doc #7076
- Update docs concerning intermediate CAs #7066
- Stack config policies are no longer marked as experimental #7044
- Air-gapped documentation describes how to use a mirrored operator image #7019
- Update Fleet Server quickstart documentation to use emptyDir for agent-data volumes #6563
Misc
- Update module golang.org/x/net to 0.17.0 #7229
- fix(deps): update module go.elastic.co/apm/v2 to v2.4.5 #7218
- fix(deps): update module github.com/google/go-cmp to v0.6.0 #7216
- chore(deps): update docker.io/library/golang docker tag to v1.21.3 #7215
- fix(deps): update module google.golang.org/api to v0.146.0 #7211
- chore(deps): update registry.access.redhat.com/ubi8/ubi-minimal docker tag to v8.8-1072.1696517598 #7210
- fix(deps): update module github.com/spf13/viper to v1.17.0 #7209
- fix(deps): update module golang.org/x/crypto to v0.14.0 #7203
- fix(deps): update module github.com/hashicorp/golang-lru/v2 to v2.0.7 #7193
- fix(deps): update module github.com/prometheus/client_golang to v1.17.0 #7186
- fix(deps): update module sigs.k8s.io/controller-runtime to v0.16.2 #7185
- fix(deps): update module go.uber.org/zap to v1.26.0 #7169
- fix(deps): update k8s to v0.28.2 #7165
- fix(deps): update module github.com/hashicorp/vault/api to v1.10.0 #7152
- Update module github.com/google/go-containerregistry to v0.16.1 #7073
- Update module go.uber.org/automaxprocs to v1.5.3 #7042
- Update module sigs.k8s.io/controller-tools to v0.12.1 #7011
v2.9.0
Elastic Cloud on Kubernetes 2.9.0
Breaking changes
- Add Support for volumeClaimTemplates for Logstash controller #6884
Enhancements
- Enable runAsNonRoot=true for Beats >= 8.8.x #6793
Bug fixes
- Validating policy ID only when running in Fleet mode for Elastic Agent #6938 (issue: #6903)
- Add Selector to Logstash status #6854
Documentation improvements
- Document Logstash connection to external Elasticsearch #6895
Misc
- Update module golang.org/x/text to v0.11.0 #6976
- Update registry.access.redhat.com/ubi8/ubi-minimal Docker tag to v8.8-1014 #6962
- Disable test agent with fleet mode in 8.0.1 #6957 (issues: #6331, #6956)
- Update module go.elastic.co/apm/v2 to v2.4.3 #6942
- Update module github.com/hashicorp/golang-lru/v2 to v2.0.4 #6935
- Update module github.com/imdario/mergo to v1 #6925
- Update module github.com/prometheus/client_golang to v1.16.0 #6909
- Update k8s to v0.27.3 #6908
- Update module golang.org/x/crypto to v0.10.0 #6900
- Update docker.io/library/golang Docker tag to v1.20.5 #6887
- Update module github.com/spf13/viper to v1.16.0 #6867
- Update module github.com/stretchr/testify to v1.8.4 #6866
- Update module sigs.k8s.io/controller-runtime to v0.15.0 #6847
- Update module github.com/prometheus/common to v0.44.0 #6835
- Update module github.com/google/go-containerregistry to v0.15.2 #6817
- Update module golang.org/x/oauth2 to v0.8.0 #6771
- Update module golang.org/x/net to v0.10.0 #6770