Releases: elastic/cloud-on-k8s
Releases · elastic/cloud-on-k8s
1.4.1
Elastic Cloud on Kubernetes 1.4.1
Bug fixes
1.4.0
Elastic Cloud on Kubernetes 1.4.0
New features
- Add Elastic Agent CRD (standalone mode) #4010
- Add support for multi-arch container images #3897 (issue: #3504)
Enhancements
- Add support for a user-defined transport CA certificate and key #4053 (issue: #2812)
- Add support for DaemonSetUpdateStrategy #4049 (issue: #3839)
- [Helm] Use ValidatingWebhookConfiguration v1 on supported Kubernetes versions #3963 (issues: #3886, #3958)
- Include Beats daemonsets in the diagnostic bundle #3908
- Add support for webhook constraints #3876 (issue: #3431)
- Remove unnecessary metrics from _nodes ES API request #3860 (issue: #3249)
- Allow automatic Elasticsearch nodes discovery #3837 (issues: #3182, #3723)
- Enable webhook dry run on supported Kubernetes versions #3834 (issue: #1233)
- Create one transport certificates Secret per StatefulSet #3828 (issue: #3734)
Bug fixes
- Update client-go to 0.18.14 #4097 (issue: #4087)
- Don't duplicate user-provided Enterprise Search encryption keys when reusing them #4052 (issue: #4051)
- Add a replacement mechanism to work around nil handling in ucfg #4041 (issue: #3718)
- Avoid touching root filesystem in Kibana init script #4023 (issue: #4022)
- Don't allow downscales if some shards are unassigned #3883 (issue: #3867)
- Include secret token in APM Server config checksum #3858 (issue: #523)
- Do not set the default elasticsearch-data volume if claims are provided in the Elasticsearch manifest #3806 (issue: #2574)
1.3.2
Elastic Cloud on Kubernetes 1.3.2
Enhancements
- Adjust init container script for Elastic License 2.0 #4191
1.2.2
Elastic Cloud on Kubernetes 1.2.2
Enhancements
- Adjust init container script for Elastic License 2.0 #4191
1.3.1
Elastic Cloud on Kubernetes 1.3.1
Bug fixes
- [Helm] Honour serviceAccount.create value #4003 (issue: #4002)
- Use the public transport CA as remote CA if the remote CA list is empty #3993
- Don't set an ownerRef on secrets users are susceptible to copy around #3992 (issue: #3986)
- Use a custom version of JSON marshalling for license verification #3977
- Use new node_names query param for voting exclusions as of 7.8.0 #3950 (issue: #2951)
1.3.0
Elastic Cloud on Kubernetes 1.3.0
New features
- Make timeouts configurable #3782 (issue: #684)
- Support Elasticsearch volumes expansion #3752 (issues: #325, #3757, #3767)
- Refactor Helm chart for public usage #3711
- Add DeploymentStrategy to Beats CRDs #3633 (issue: #3485)
- Add operator election support #3632 (issue: #709)
Enhancements
- Add license info to telemetry #3859
- Validate whether the storage class allows volume expansion before resizing volumes #3795 (issue: #3767)
- Add external IP addresses to certificate #3791 (issue: #910)
- Support a UBI-only mode in the operator #3789
- Add CRD usage reporting #3784
- Refactor node configuration and add role validation #3694 (issue: #3409)
- Add support for configuration changes under OLM #3639 (issue: #3591)
- Remove unnecessary memory leak mitigation patch #3585
- Add a container suffix flag to the operator #3582 (issue: #3552)
- Allow the operator to be configured from a file #3570 (issue: #3401)
- Reflect currently running version from status.version in additionalPrinterColumns #3549
- Report the lowest running version in the status of each resource #3489 (issue: #2600)
- Add WebhookConfigurationName Flag (#3424) #3425
- Add metadata for transform node role #3411
- Add support for the node.roles setting #3387 (issue: #3324)
- Add node shard allocation awareness by default #3380 (issue: #2827)
- Add metadata for transform node role #3361
Bug fixes
- Don't allow downscales if some shards are unassigned #3883 (issue: #3867)
- Support new authentication configuration format starting EnterpriseSearch 8.x #3728 (issue: #3725)
- Do not reset trial state once a license has been issued. #3662 (issue: #3659)
- Support user provided encrypted keys #3651 (issue: #3650)
- Garbage collect orphaned Beat users #3589
- Update owner references in reconcile resource util function #3574 (issue: #3470)
- Fix volume slice initialization in beat pod builder #3555 (issue: #3554)
- Ensure status.version is reconciled by watching Pods #3534 (issue: #3533)
- Init containers image defaulting #3525 (issue: #3453)
1.2.1
Elastic Cloud on Kubernetes 1.2.1
Enhancements
Bug fixes
1.2.0
Elastic Cloud on Kubernetes 1.2.0
New features
Enhancements
- Add additional Kibana encryption keys #3285 (issue: #2279)
- Name transport service port #3233
- Use _cluster/health API during rolling upgrades #3195 (issue: #3070)
- Set resource limits for the keystore init container #3193 (issue: #2660)
- Relax pod disruption budget for single node clusters #3167
- Switch operator base image to Distroless #3161
- Introduce a restricted role for APM agent configuration #3155
- Do not stop running trial even when ECK is not in trial mode #3150 (issue: #3141)
- Add licence usage metrics #3145 (issue: #3140)
- Add manifest generator #3124 (issue: #2406)
- Add support for APM Agent Config Management #3043 (issue: #1264)
- Add PodTemplate semantic validation for Elasticsearch #3020 (issue: #2266)
- Add port to nodeSet headless service #3011 (issue: #2843)
- Name the webhook service port #2829 (issue: #2771)
- Restrict APM Server user role #2777 (issue: #2661)
Bug fixes
- Do not manage keystore if already initialized #3295 (issue: #3294)
- Only provision Enterprise licenses as of 7.8.1 #3273 (issue: #3272)
- Replace the license observer by a sync call in the reconciliation #3165 (issue: #3163)
- Preserve extra annotations and labels on StatefulSet updates #3149 (issue: #3147)
- Fix APM Server user role #3010 (issue: #2977)
- Fix user http tls certificate watch leak #2975 (issue: #249)
1.1.2
New and notable
This release contains bug fixes especially relevant for
- users with custom certificates configured
- users deploying ECK into dual-stack Kubernetes clusters
as well as some minor bug fixes.
Upgrade notes
In ECK 1.1.0, users using custom certificates would be required to specify a certificate authority (CA), even if the CA was present in the system certificates. This was a regression in 1.1.0 and has been fixed in 1.1.2. Users with custom certificates that are signed by a well-known CA will now function without the user specifying the CA explicitly.
In dual-stack (IPv4 and IPv6) clusters, the ipFamily field of any Service is defaulted and immutable. Previous versions of ECK would try to reset this field and fail. ECK 1.1.2 resolves this behavior and will leave the ipFamily field intact. Note that at this time ECK does not support running on IPv6, this simply allows it to run in Kubernetes clusters with the IPv6DualStack feature flag enabled.