MongoDB Kubernetes Operator

MongoDB Kubernetes Operator 0.7.7

WARNING
The default values file in the helm chart for this release of the MongoDB Kubernetes Community Operator points to an older operator image: 0.7.6. Please use a newer version of the chart.

Kubernetes Operator

• Changes
  • Fix TLS configuration to allow enabling both server encryption and secure Prometheus connections (#1127)
  • Fix TLS validation to correctly indicate an incomplete configuration

Updated Image Tags

• mongodb-kubernetes-operator:0.7.7
• mongodb-agent:12.0.15.7646-1
• mongodb-kubernetes-readinessprobe:1.0.12
• mongodb-kubernetes-operator-version-upgrade-post-start-hook:1.0.6

All the images can be found in:

https://quay.io/mongodb

MongoDB Kubernetes Operator

MongoDB Kubernetes Operator 0.7.6

Kubernetes Operator

• Changes
  • mongodb-kubernetes-operator image is now rebuilt daily, incorporating updates to system packages and security fixes. The operator binary is built only once during the release process and used without changes in daily rebuild.
  • Improved security by introducing readOnlyRootFilesystem property to all deployed containers. This change also introduces a few additional volumes and volume mounts.
  • Improved security by introducing allowPrivilegeEscalation set to false for all containers.

Updated Image Tags

• mongodb-kubernetes-operator:0.7.6
• mongodb-agent:12.0.10.7591-1
• mongodb-kubernetes-readinessprobe:1.0.11
• mongodb-kubernetes-operator-version-upgrade-post-start-hook:1.0.5

All the images can be found in:

https://quay.io/mongodb

MongoDB Kubernetes Operator

MongoDB Kubernetes Operator 0.7.5

Upgrade breaking change notice

Versions 0.7.3, 0.7.4 have an issue that breaks deployment of MongoDB replica set when:

• TLS is enabled
• Replica set was deployed using the operator with version <=0.7.2

If above conditions are met, it is strongly advised to upgrade the MongoDB Kubernetes Operator to version 0.7.5 or higher.

Kubernetes Operator

• Bug fixes

  • Fixed ignoring changes to existing volumes in the StatefulSet, i.e. changes of the volumes' underlying secret. This could cause that TLS enabled MongoDB deployment was not able to locate TLS certificates when upgrading the operator to versions 0.7.3 or 0.7.4.

• Security fixes

  • The operator, readiness and versionhook binaries are now built with 1.18.5 which addresses security issues.

MongoDB Kubernetes Operator

MongoDB Kubernetes Operator 0.7.4

Upgrade breaking change notice

Versions 0.7.3, 0.7.4 have an issue that breaks deployment of MongoDB replica set when:

• TLS is enabled
• Replica set was deployed using the operator with version <=0.7.2

If above conditions are met, it is strongly advised to upgrade the MongoDB Kubernetes Operator to version 0.7.5 or higher.

Kubernetes Operator

• Bug fixes
  • The names of connection string secrets generated for configured users are RFC1123 validated.
• Changes
  • Support for changing port number in running cluster.

MongoDBCommunity Resource

• Changes

  • Adds an optional field users[i].connectionStringSecretName for deterministically setting the name of the connection string secret created by the operator for every configured user.

• Bug fixes

  • Allows for arbiters to be set using spec.arbiters attribute. Fixes a condition where arbiters could not be added to the Replica Set.

Updated Image Tags

• mongodb-kubernetes-operator:0.7.4
• mongodb-agent:11.12.0.7388-1
• mongodb-kubernetes-readinessprobe:1.0.9
• mongodb-kubernetes-operator-version-upgrade-post-start-hook:1.0.4

All the images can be found in:

https://quay.io/mongodb

MongoDB Kubernetes Operator

MongoDB Kubernetes Operator 0.7.3

Upgrade breaking change notice

Versions 0.7.3, 0.7.4 have an issue that breaks deployment of MongoDB replica set when:

• TLS is enabled
• Replica set was deployed using the operator with version <=0.7.2

If above conditions are met, it is strongly advised to upgrade the MongoDB Kubernetes Operator to version 0.7.5 or higher.

Kubernetes Operator

• Changes
  • The Operator can correctly scale arbiters up and down. When arbiters are
    enabled (this is, when spec.arbiters > 0), a new StatefulSet will be
    created to hold the Pods that will act as arbiters. The new StatefulSet will
    be named <mongodb-resource>-arb.
  • Add support for exposing Prometheus metrics from the ReplicaSet
• Bug fixes
  • The operator will watch for changes in the referenced CA certificates as well as server certificates

MongoDBCommunity Resource

• Changes
  • Exposing Prometheus metrics is now possible by configuring spec.prometheus.

Updated Image Tags

• mongodb-kubernetes-operator:0.7.3
• mongodb-agent:11.12.0.7388-1
• mongodb-kubernetes-readinessprobe:1.0.8
• mongodb-kubernetes-operator-version-upgrade-post-start-hook:1.0.4

All the images can be found in:

https://quay.io/mongodb

MongoDB Kubernetes Operator

MongoDB Kubernetes Operator 0.7.2

Kubernetes Operator

• Bug fixes
  • Adds missing roles for Database Pods.
  • Fixes OpenShift install.

MongoDBCommunity Resource

• No changes

Updated Image Tags

• mongodb-kubernetes-operator:0.7.2

All the images can be found in:

https://quay.io/mongodb

MongoDB Kubernetes Operator

MongoDB Kubernetes Operator 0.7.1

Kubernetes Operator

• Changes
  • MongoDB database of the statefulSet is managed using distinct Role, ServiceAccount and RoleBinding.
  • TLS Secret can also contain a single "tls.pem" entry, containing the concatenation of the certificate and key
    • If a TLS secret contains all of "tls.key", "tls.crt" and "tls.pem" entries, the operator will raise an error if the "tls.pem" one is not equal to the concatenation of "tls.crt" with "tls.key"
  • Readinessprobe reports MongoDB running as Arbitrer as Running & Healthy.
  • The CLUSTER_DOMAIN environment variable can be set on the Operator Pod to configure the Kubernetes cluster's Domain, in case this one differs from the default cluster.local.

MongoDBCommunity Resource

• Changes
• Specifying spec.additionalMongodConfig.storage.dbPath will now be respected correctly.

Updated Image Tags

• mongodb-kubernetes-operator:0.7.1
• mongodb-kubernetes-readinessprobe:1.0.6
• mongodb-kubernetes-operator-version-upgrade-post-start-hook:1.0.3

All the images can be found in:

https://quay.io/mongodb

MongoDB Kubernetes Operator v0.7.0

MongoDB Kubernetes Operator 0.7.0

Kubernetes Operator

• Changes
  • Members of a Replica Set can be configured as arbiters.
  • Reduce the number of permissions for operator role.
  • Support SHA-1 as an authentication method.
  • Upgraded mongodbcommunity.mongodbcommunity.mongodb.com CRD to v1 from v1beta1
    • Users upgrading their CRD from v1beta1 to v1 need to set: spec.preserveUnknownFields to false in the CRD file config/crd/bases/mongodbcommunity.mongodb.com_mongodbcommunity.yaml before applying the CRD to the cluster.
  • Made service name configurable in mongdb custom resource with statefulSet.spec.serviceName

Updated Image Tags

• mongodb-kubernetes-operator:0.7.0

All the images can be found in:

https://quay.io/mongodb

MongoDB Kubernetes Operator

MongoDB Kubernetes Operator 0.6.2

Kubernetes Operator

• Changes
  • stability improvements when changing version of MongoDB.
  • increased number of concurrent resources the operator can act on.
  • mongodb will now send its log to stdout by default.
  • changed the default values for MONGODB_REPO_URL and MONGODB_IMAGE in the operator deployment

Updated Image Tags

• mongodb-kubernetes-operator:0.6.2

All the images can be found in:

https://quay.io/mongodb

MongoDB Kubernetes Operator

MongoDB Kubernetes Operator 0.6.1

Kubernetes Operator

• Bug fixes

  • when deleting MongoDB Resource cleanup related resources (k8s services, secrets).

• Changes

  • fixed an issue where the operator would reconcile based on events emitted by itself in certain situations.
  • support connection strings using SRV.
  • expose connection strings (including auth/tls values) for deployments as secrets for easy of use. Secrets name template: <MongoDB resource name>-<db>-<user>

MongoDB Agent ReadinessProbe

• Changes
  • Readiness probe now patches pod annotations rather than overwriting them.

Miscellaneous

Ubuntu-based agent images are now based on Ubuntu 20.04 instead of Ubuntu 16.06

Updated Image Tags

• mongodb-kubernetes-operator:0.6.1
• mongodb-kubernetes-readinessprobe:1.0.4

All the images can be found in:

https://quay.io/mongodb