|
2 | 2 |
|
3 | 3 | ## Kubernetes Operator |
4 | 4 |
|
5 | | -* Changes |
6 | | - * `mongodb-kubernetes-operator` image is now rebuilt daily, incorporating updates to system packages and security fixes. The operator binary is built only once during the release process and used without changes in daily rebuilt |
7 | | - |
8 | | -# MongoDB Kubernetes Operator 0.7.5 |
9 | | - |
10 | 5 | - Changes |
11 | | - - The Operator uses now `allowPrivilegeEscalation` set to `false` for all containers. |
12 | | - |
13 | | -## Upgrade breaking change notice |
14 | | -Versions 0.7.3, 0.7.4 have an issue that breaks deployment of MongoDB replica set when: |
15 | | -* TLS is enabled |
16 | | -* Replica set was deployed using the operator with version <=0.7.2 |
17 | | - |
18 | | -If above conditions are met, it is strongly advised to upgrade the MongoDB Kubernetes Operator to version 0.7.5 or higher. |
19 | | - |
20 | | -## Kubernetes Operator |
21 | | - |
22 | | -- Bug fixes |
23 | | - - Fixed ignoring changes to existing volumes in the StatefulSet, i.e. changes of the volumes' underlying secret. This could cause that TLS enabled MongoDB deployment was not able to locate TLS certificates when upgrading the operator to versions 0.7.3 or 0.7.4. |
24 | | - |
25 | | -- Security fixes |
26 | | - - The operator, readiness and versionhook binaries are now built with 1.18.5 which addresses security issues. |
27 | | - |
28 | | -# MongoDB Kubernetes Operator 0.7.4 |
29 | | - |
30 | | -## Kubernetes Operator |
31 | | - |
32 | | -- Bug fixes |
33 | | - - The names of connection string secrets generated for configured users are RFC1123 validated. |
34 | | -- Changes |
35 | | - - Support for changing port number in running cluster. |
36 | | - - Security Context is now defined on pod level (previously was on container level) |
37 | | - - Our containers now use the `readOnlyRootFilesystem` setting. |
38 | | - |
39 | | -## MongoDBCommunity Resource |
40 | | - |
41 | | -- Changes |
42 | | - - Adds an optional field `users[i].connectionStringSecretName` for deterministically setting the name of the connection string secret created by the operator for every configured user. |
43 | | - |
44 | | -- Bug fixes |
45 | | - - Allows for *arbiters* to be set using `spec.arbiters` attribute. Fixes a condition where *arbiters* could not be added to the Replica Set. |
| 6 | + - `mongodb-kubernetes-operator` image is now rebuilt daily, incorporating updates to system packages and security fixes. The operator binary is built only once during the release process and used without changes in daily rebuilt |
| 7 | + - Improved security by introducing `readOnlyRootFilesystem` property to all deployed containers. This change also introduces a few additional volumes and volume mounts. |
| 8 | + - Improved security by introducing `allowPrivilegeEscalation` set to `false` for all containers. |
46 | 9 |
|
47 | 10 | ## Updated Image Tags |
48 | 11 |
|
49 | | -- mongodb-kubernetes-operator:0.7.4 |
50 | | -- mongodb-agent:11.12.0.7388-1 |
51 | | -- mongodb-kubernetes-readinessprobe:1.0.9 |
52 | | -- mongodb-kubernetes-operator-version-upgrade-post-start-hook:1.0.4 |
| 12 | +- mongodb-kubernetes-operator:0.7.6 |
| 13 | +- mongodb-agent:12.0.10.7591-1 |
| 14 | +- mongodb-kubernetes-readinessprobe:1.0.11 |
| 15 | +- mongodb-kubernetes-operator-version-upgrade-post-start-hook:1.0.5 |
53 | 16 |
|
54 | 17 | _All the images can be found in:_ |
55 | 18 |
|
|
0 commit comments