All notable changes to this project will be documented in this file.
- The lifetime of auto generated TLS certificates is now configurable with the role and roleGroup
config property
requestedSecretLifetime. This helps reducing frequent Pod restarts (#660). - Run a
containerdebugprocess in the background of each "druid" container to collect debugging information (#667).
- Fix OIDC endpoint construction in case the
rootPathdoes have a trailing slash (#656). - BREAKING: Use distinct ServiceAccounts for the Stacklets, so that multiple Stacklets can be deployed in one namespace. Existing Stacklets will use the newly created ServiceAccounts after restart (#657).
- The operator can now run on Kubernetes clusters using a non-default cluster domain.
Use the env var
KUBERNETES_CLUSTER_DOMAINor the operator Helm chart propertykubernetesClusterDomainto set a non-default cluster domain (#637).
- Reduce CRD size from
2.4MBto183KBby accepting arbitrary YAML input instead of the underlying schema for the following fields (#584):podOverridesaffinityextraVolumes
- Replace
lazy_staticwithstd::cell::LazyCell(#604). - Promote Druid
30.0.0to LTS, deprecate26.0.0(#631).
- BREAKING: The fields
connectionandhostonS3Connectionas well asbucketNameonS3Bucketare now mandatory (#632). - Failing to parse one
DruidCluster/AuthenticationClassshould no longer cause the whole operator to stop functioning (#638).
- Add support for specifying additional extensions to load (#547, #563).
- Add support for OIDC as authentication method ([#573]).
- Support Apache Druid
30.0.0as experimental version (#583).
- Bump
stackable-operatorfrom0.64.0to0.70.0(#585). - Bump
product-configfrom0.6.0to0.7.0(#585). - Bump other dependencies (#587).
- Deprecate support for Apache Druid
28.0.1(#583).
- [BREAKING] Move the DB credentials
userandpasswordout of the CRD into a secret containing the keysusernameandpassword(#557). - Processing of corrupted log events fixed; If errors occur, the error messages are added to the log event (#572).
- Remove support for Apache Druid version 27.0.0 (#583).
- Various documentation of the CRD (#494).
- Helm: support labels in values.yaml (#509).
- Support druid
28.0.1(#518).
operator-rs0.56.1->0.57.0(#494).
- Default stackableVersion to operator version (#458).
- Configuration overrides for the JVM security properties, such as DNS caching (#464).
- Support PodDisruptionBudgets (#477).
- Add support for version 27.0.0 (#480).
- Add integration test for OpenID Connect with Keycloak (#481).
- Support graceful shutdown (#486).
vector0.26.0->0.33.0(#459, #480).operator-rs0.44.0->0.55.0(#458, #474, #477, #480).- Let secret-operator handle certificate conversion (#474).
- Remove support for version 0.23.0, 24.0.0 (#480).
- Generate OLM bundle for Release 23.4.0 (#436).
- Missing CRD defaults for
status.conditionsfield (#439). - Support for Druid
26.0.0(#442). - Set explicit resources on all containers (#444).
- Support podOverrides (#450).
- Operator-rs:
0.42.2->0.44.0(#434, #452). - Use 0.0.0-dev product images for tests and examples (#435)
- Use testing-tools 0.2.0 (#435)
- Tls tests now run on OpenShift (#445)
- Added kuttl test suites (#447)
- Increase the size limit of log volumes (#[452])
- All usages of the minio/minio chart replace them with the bitnami/minio chart (#445)
- Add support for non-TLS LDAP authentication. (#374)
- Add support for TLS LDAP authentication (#408)
- Deploy default and support custom affinities (#406)
- Log aggregation added (#407)
- Added the ability to mount extra volumes for files that may be needed for ingestion tasks to work (#415)
- Cluster status conditions (#421)
- Extend cluster resources for status and cluster operation (paused, stopped) (#422)
- Use operator-rs
build_rbac_resourcesmethod (#425) - Openshift compatibility (#425)
- [BREAKING] Support specifying Service type.
This enables us to later switch non-breaking to using
ListenerClassesfor the exposure of Services. This change is breaking, because - for security reasons - we default to thecluster-internalListenerClass. If you need your cluster to be accessible from outside of Kubernetes you need to setclusterConfig.listenerClasstoexternal-unstableorexternal-stable(#423). - Upgrade to
operator-rs0.40.2(#374, #380, #404, #406, #408, #422, #425) - Merging and validation of the configuration refactored (#404)
- Configuration overrides for certain properties did not work and now work again (#387)
- Fix OOM error with manual buffer size specification (#380)
- BREAKING: Support for TLS encryption (activated per default -> port changes) and TLS authentication (#333)
- Use emptyDir for segment cache on historicals (#342)
- BREAKING: Use Product image selection instead of version.
spec.versionhas been replaced byspec.image(#356) - BREAKING: Reworked top level configuration. Deep storage, Ingestion spec, discovery config maps, authentication etc. are now subfields of
spec.clusterConfiginstead of being top level underspec(#333, #366) - BREAKING: Removed tools image from init container and replaced with Druid product image. This means the latest stackable version has to be used in the product image selection (#358)
- Updated stackable image versions (#339)
- Upgrade to
operator-rs0.30.1(#340, #347, #362) - Do not run init container as root anymore and avoid chmod and chown (#353)
- Fixed role group node selector (#362)
- Bitnami Helm chart 12.1.5 for kuttl tests. (#363)
- Retired support for 0.22.1 as it is not build anymore via the docker actions (#339)
- Cpu and memory limits are now configurable (#298)
- Stale resources are now deleted (#310)
- Support Druid 24.0.0 (#317)
- Refactor role configuration with per role structs like
BrokerConfig,HistoricalConfig, etc (#332) - Added
HistoricalStorageandDruidStorage(as catch-all storage configuration) (#332)
operator-rs0.22.0->0.25.2(#310)
- BREAKING: HDFS deep storage now configurable via HDFS discovery config map instead of an url to a HDFS name node (#262)
- Include chart name when installing with a custom release name (#263, #264)
- Add missing role to read S3Connection and S3Bucket objects (#281)
- Readiness probe added (#241)
- Support S3 path style access (#245)
- Support S3 TLS verification (#255)
- Support Druid 0.23.0 (#255)
- BREAKING: The deep storage on s3 and the s3 config for ingestion have been changed to use the operator-rs commons::s3 structs (#228)
operator-rs0.15.0->0.21.0(#228)- [BREAKING] Specifying the product version has been changed to adhere to ADR018 instead of just specifying the product version you will now have to add the Stackable image version as well, so
version: 3.5.8becomes (for example)version: 3.5.8-stackable0.1.0(#238)
- Fixed wrong file permissions on mounted secrets (#244)
- Reconciliation errors are now reported as Kubernetes events (#178)
- Use cli argument
watch-namespace/ env varWATCH_NAMESPACEto specify a single namespace to watch (#183) - BREAKING: Local backend storage (deep-storage) has been replaced with HDFS-storage, affecting the CRD (#187)
- BREAKING: The corresponding local-storage label has been removed, affecting the CRD (#124)
- Make the inclusion of the druid-s3-extension dependent on the Custom Resource definition (#192)
- Many configuration properties are not hardcoded anymore, product-config expanded (#195)
operator-rs0.10.0->0.15.0(#178, #183, #195, #187)snafu0.6->0.7(#178)
- Monitoring scraping label
prometheus.io/scrape: true(#155)
- Removed the option to set a namespace for the zookeeper reference (#140)
operator-rs0.8.0→0.10.0(#155)
operator-rs0.7.0→0.8.0(#123)- Fixed a port reference in the role services (#102)
- Shut down gracefully (#101)
- Added the discovery ConfigMap creation (#102)