Releases: elastic/cloud-on-k8s
Releases · elastic/cloud-on-k8s
1.2.2
Elastic Cloud on Kubernetes 1.2.2
Enhancements
- Adjust init container script for Elastic License 2.0 #4191
1.3.1
Elastic Cloud on Kubernetes 1.3.1
Bug fixes
- [Helm] Honour serviceAccount.create value #4003 (issue: #4002)
- Use the public transport CA as remote CA if the remote CA list is empty #3993
- Don't set an ownerRef on secrets users are susceptible to copy around #3992 (issue: #3986)
- Use a custom version of JSON marshalling for license verification #3977
- Use new node_names query param for voting exclusions as of 7.8.0 #3950 (issue: #2951)
1.3.0
Elastic Cloud on Kubernetes 1.3.0
New features
- Make timeouts configurable #3782 (issue: #684)
- Support Elasticsearch volumes expansion #3752 (issues: #325, #3757, #3767)
- Refactor Helm chart for public usage #3711
- Add DeploymentStrategy to Beats CRDs #3633 (issue: #3485)
- Add operator election support #3632 (issue: #709)
Enhancements
- Add license info to telemetry #3859
- Validate whether the storage class allows volume expansion before resizing volumes #3795 (issue: #3767)
- Add external IP addresses to certificate #3791 (issue: #910)
- Support a UBI-only mode in the operator #3789
- Add CRD usage reporting #3784
- Refactor node configuration and add role validation #3694 (issue: #3409)
- Add support for configuration changes under OLM #3639 (issue: #3591)
- Remove unnecessary memory leak mitigation patch #3585
- Add a container suffix flag to the operator #3582 (issue: #3552)
- Allow the operator to be configured from a file #3570 (issue: #3401)
- Reflect currently running version from status.version in additionalPrinterColumns #3549
- Report the lowest running version in the status of each resource #3489 (issue: #2600)
- Add WebhookConfigurationName Flag (#3424) #3425
- Add metadata for transform node role #3411
- Add support for the node.roles setting #3387 (issue: #3324)
- Add node shard allocation awareness by default #3380 (issue: #2827)
- Add metadata for transform node role #3361
Bug fixes
- Don't allow downscales if some shards are unassigned #3883 (issue: #3867)
- Support new authentication configuration format starting EnterpriseSearch 8.x #3728 (issue: #3725)
- Do not reset trial state once a license has been issued. #3662 (issue: #3659)
- Support user provided encrypted keys #3651 (issue: #3650)
- Garbage collect orphaned Beat users #3589
- Update owner references in reconcile resource util function #3574 (issue: #3470)
- Fix volume slice initialization in beat pod builder #3555 (issue: #3554)
- Ensure status.version is reconciled by watching Pods #3534 (issue: #3533)
- Init containers image defaulting #3525 (issue: #3453)
1.2.1
Elastic Cloud on Kubernetes 1.2.1
Enhancements
Bug fixes
1.2.0
Elastic Cloud on Kubernetes 1.2.0
New features
Enhancements
- Add additional Kibana encryption keys #3285 (issue: #2279)
- Name transport service port #3233
- Use _cluster/health API during rolling upgrades #3195 (issue: #3070)
- Set resource limits for the keystore init container #3193 (issue: #2660)
- Relax pod disruption budget for single node clusters #3167
- Switch operator base image to Distroless #3161
- Introduce a restricted role for APM agent configuration #3155
- Do not stop running trial even when ECK is not in trial mode #3150 (issue: #3141)
- Add licence usage metrics #3145 (issue: #3140)
- Add manifest generator #3124 (issue: #2406)
- Add support for APM Agent Config Management #3043 (issue: #1264)
- Add PodTemplate semantic validation for Elasticsearch #3020 (issue: #2266)
- Add port to nodeSet headless service #3011 (issue: #2843)
- Name the webhook service port #2829 (issue: #2771)
- Restrict APM Server user role #2777 (issue: #2661)
Bug fixes
- Do not manage keystore if already initialized #3295 (issue: #3294)
- Only provision Enterprise licenses as of 7.8.1 #3273 (issue: #3272)
- Replace the license observer by a sync call in the reconciliation #3165 (issue: #3163)
- Preserve extra annotations and labels on StatefulSet updates #3149 (issue: #3147)
- Fix APM Server user role #3010 (issue: #2977)
- Fix user http tls certificate watch leak #2975 (issue: #249)
1.1.2
New and notable
This release contains bug fixes especially relevant for
- users with custom certificates configured
- users deploying ECK into dual-stack Kubernetes clusters
as well as some minor bug fixes.
Upgrade notes
In ECK 1.1.0, users using custom certificates would be required to specify a certificate authority (CA), even if the CA was present in the system certificates. This was a regression in 1.1.0 and has been fixed in 1.1.2. Users with custom certificates that are signed by a well-known CA will now function without the user specifying the CA explicitly.
In dual-stack (IPv4 and IPv6) clusters, the ipFamily field of any Service is defaulted and immutable. Previous versions of ECK would try to reset this field and fail. ECK 1.1.2 resolves this behavior and will leave the ipFamily field intact. Note that at this time ECK does not support running on IPv6, this simply allows it to run in Kubernetes clusters with the IPv6DualStack feature flag enabled.
1.1.1
1.1.0
Breaking changes
New features
- Add a tool to recreate a deleted cluster from existing PersistentVolumeClaims #2551
- Add local K8S remote cluster support #2543
- Add basic APM agent instrumentation #2462
Enhancements
- Validate unknown fields in ES v1beta1 #2896
- Sort StatefulSets retrieved for a given ES cluster #2882 (issue: #2864)
- Improve secure string generation #2794
- Rename pause annotation #2783
- Add validation webhook configurations for all resource types #2781
- Surface EULA validation in annotation for trials #2742
- Add automaxprocs #2724
- Make transport service customizable #2691
- Add the transport service DNS name to the CSR #2687
- User-provided config take precedence over operator config #2636
- Validate duplicated nodeSet names #2631
- Stub initial support for Elastic stack version 8.0 #2613
- Get endpoints as part of the diagnostics bundle #2603 (issue: #2602)
- ECK dump: export controller revisions #2538
- Add operator flag to define default container registry #2537
- Rename log.logger to event.dataset as recommended in ECS #2534
- Make readiness probes independent of the host/container network #2528
- Bump controller-tools #2497 (issue: #2490)
- Extend cluster-wide rbac roles for elastic crds #2495
- Control associations across namespaces with ServiceAccount and RBAC #2482
- Allow webhook cert directory to be overridden #2476 (issue: #2463)
- Logging: add minimal support for ECS #2457 (issue: #2002)
- Facilitate filebeat autodiscovery with hints annotation #2439
- Add config validation for unknown fields #2433
- Synchronously request the Cluster UUID #2399 (issue: #2397)
- Ensure Kibana encryption key is specified #2278 (issue: #1738)
Bug fixes
- Check for ECK managed trials when matching licenses to clusters #2942
- Use enterprise_trial as the trial license type #2934
- Upgrade apm agent to latest master commit #2921
- Close client after noop observer comparisons #2916
- Use annotation to track created remote clusters #2891
- Fix trial license validation issues #2889
- Do not use annotations to cache Elasticsearch API calls #2880
- Watch only trial license secret (not trial status) #2879
- Do not reject PVC update when a different unit is used #2857 (issue: #2856)
- Revert transport TLS certs verification from full to certificate #2831 (issue: #2823)
- Fix labels on ES CA secret for Kibana association #2773 (issue: #2698)
- Ensure that HTTP CA cert is always set #2772
- License check: update remote cluster logs and events #2746
- Fix transport certificates reconciliation #2740
- Rename registry field as it clashes with ECS #2737
- Prevent pod deletion while ES node still contains shards #2715
- Association controller bug fixes #2679
- Ensure StatefulSets have been processed by the StatefulSet controller before doing any upgrade #2591 (issues: #2393, #2434)
- Use cert rotate parameter #2541 (issue: #2540)
- Do not mutate object when validating unknown fields #2536
- Mark the Version field required and adapt CRD generation for trivialVersions #2480 (issues: #2395, #2479)
- Cluster bootstrap: ignore ES error when retrieving cluster UUID #2438
1.0.1
1.0.0
Breaking changes:
- Remove v1alpha1 CRD version and generate a single trivial all-in-one flavor
New features:
- Report total memory under management for licensing #2277
Enhancements:
- Report max ERUs in the licensing info configmap #2371
- Readiness probe: do not log tail errors #2366
- Wait 30sec in the preStop hook to account for kube-proxy refresh #2360
- Allow user to override readiness timeout #2260
- Support 7.6 and new stack level enterprise license type #2242
- Minimize downtime during Pod recycling #2233
- Bump ctrl-runtime dependency #2232
- Do not reconcile APM Server if association is not fully configured #2224
- Upgrade from trial to Platinum/Enterprise license #2206
- Remove finalizers #2195
- Downgrade to Basic if user deletes license secret #2188
- Add default requests and limits to the init containers #2186
- Sort seed hosts to avoid unecessary configmap updates #2171
- Turn blacklist into warning events and logs statements #2162
- Autostart trial #2160
- Reconcile all clusters on license change #2145
- Pods upgrade: log a summary of failed predicates #2128
- Add webhook secret and ValidatingWebhookConfiguration certificate management #2126
- Name service ports based on protocol #2083
- Simplify license installation #2073
- Check resource version when deleting a Pod during force-upgrades #2066
- Perform forced rolling upgrade even if ES is reachable #2022
- Refactor expectations with proper garbage collection #2000
- Add multi-namespace cache support #1995
Bug fixes:
- Do not report max ERUs for basic licenses #2377
- Fix v1beta1 webhook #2358
- Preserve environment variable order in Pod specification #2341
- Reuse the same upscaleState across StatefulSets #2339
- Allow node restart even if cluster health is yellow #2330
- Do not upgrade Pods if empty StatefulSet UpdateRevision #2321
- Fix how cluster.initial_master_nodes is set #2315
- Wait for webhook key to be present in filesystem #2312
- Do not fail if annotations file does not exist #2275
- Fix readiness probe #2272
- Change priority order of reconcile results #2250
- Ignore licence error during state update #2245
- Fix init container memory limit when running with CRI-O #2241
- Workaround subresources status update error #2229
- Inherit existing sset.volumeClaimTemplates ownerReferences #2217
- Use a bugfixed version of controllerutil.SetControllerReference #2211
- Update service when labels and annotations are modified #2210
- Fix readiness script in case of operator upgrade #2208
- Restore v1alpha1 in the list of crds #2199
- Do not use env variables ending in _FILE with Elasticsearch #2180
- Ignore and do not use an empty CA #2140
- Fix Kibana to terminate all Pods before restarting during version change #2137
- Perform StatefulSets deletions before replicas downscale #2062
- Always enable native realm #2038
- Fix nil pointer in upgrade predicates #2035
- Use discovery.seed_providers instead of discovery.zen.hosts_provider starting 7.x #2029
- Make association optional for Kibana #2021
- Fix result of the APM Server controller #1991
- Mitigate memory leaks from long RequeueAfter periods #1989
Misc
- Change rolling upgrades predicate log error to info level #2099