All notable changes to this project will be documented in this file.
- Add conversion webhook (#937).
- Support objectOverrides using
.spec.objectOverrides. See objectOverrides concepts page for details (#927). - Added support for OPA/TLS (#928).
- Added experimental support for
4.1.1(#929) - Enable the restart-controller, so that the Pods are automatically restarted on config changes (#930, #932).
- Bump stackable-operator to 0.108.0 and strum to 0.28 (#943, #945).
- Gracefully shutdown all concurrent tasks by forwarding the SIGTERM signal (#934).
- Refactor: move server configuration properties from the command line to configuration files. (#911).
- Add support for ZooKeeper to KRaft migration (#923), (#933).
- Bump testing-tools to
0.3.0-stackable0.0.0-dev(#925).
- Fix "404 page not found" error for the initial object list (#945).
- Refactor: remove unused RBAC cluster role (#914).
- Refactor: remove superfluous and partly misconfigured Kafka listeners CLIENT_AUTH and CONTROLLER_AUTH (#915).
- Remove support for
3.7.2and4.1.0(#929)
-
Helm: Allow Pod
priorityClassNameto be configured (#890). -
Add experimental support for Kafka KRaft mode (#889).
-
Add experimental support for Kafka
4.1.0(#889). -
Add
prometheus.io/path|port|schemeannotations to metrics service (#897). -
Add
client.propertiesto the Kafka configuration config map (#898).Use this file together with the Kafka client shell scripts and preconfigured TLS settings. Unfortunately, when Kerberos is enabled this file is incomplete and must be edited first before it can be used.
-
Add end-of-support checker (#895).
EOS_CHECK_MODE(--eos-check-mode) to set the EoS check mode. Currently, only "offline" is supported.EOS_INTERVAL(--eos-interval) to set the interval in which the operator checks if it is EoS.EOS_DISABLED(--eos-disabled) to disable the EoS checker completely.
- Deprecate support for Kafka
3.7.2(#892). - BREAKING: The
<cluster>-<role>-<rolegroup>rolegroup service was replaced with a<cluster>-<role>-<rolegroup>-headlessand<cluster>-<role>-<rolegroup>-metricsrolegroup service (#897). - Small cleanups and updates (#900)
- remove the metrics port from services that don't need it
- use the new
server.yamlfor jmx configuration - update metrics tests
- update monitoring doc
- Replace
kcatwith Kafka client scripts wherever possible (#898). At the moment,kcatis still used for liveliness probes and Kerberos tests. - Bump stackable-operator to
0.100.1(#906).
- Adds new telemetry CLI arguments and environment variables (#851).
- Use
--file-log-max-files(orFILE_LOG_MAX_FILES) to limit the number of log files kept. - Use
--file-log-rotation-period(orFILE_LOG_ROTATION_PERIOD) to configure the frequency of rotation. - Use
--console-log-format(orCONSOLE_LOG_FORMAT) to set the format toplain(default) orjson.
- Use
- Add support for Kafka 3.9.1 (#866).
- Add RBAC rule to helm template for automatic cluster domain detection (#878).
- BREAKING: Replace stackable-operator
initialize_loggingwith stackable-telemetryTracing(#840, #847, #851).- The console log level was set by
KAFKA_OPERATOR_LOG, and is now set byCONSOLE_LOG_LEVEL. - The file log level was set by
KAFKA_OPERATOR_LOG, and is now set byFILE_LOG_LEVEL. - The file log directory was set by
KAFKA_OPERATOR_LOG_DIRECTORY, and is now set byFILE_LOG_DIRECTORY(or via--file-log-directory <DIRECTORY>). - Replace stackable-operator
print_startup_stringwithtracing::info!with fields.
- The console log level was set by
- BREAKING: Inject the vector aggregator address into the vector config using the env var
VECTOR_AGGREGATOR_ADDRESSinstead of having the operator write it to the vector config (#844). - test: Bump to Vector
0.46.1(#855). - Use versioned common structs (#861).
- BREAKING: Previously this operator would hardcode the UID and GID of the Pods being created to 1000/0, this has changed now (#862)
- The
runAsUserandrunAsGroupfields will not be set anymore by the operator - The defaults from the docker images itself will now apply, which will be different from 1000/0 going forward
- This is marked as breaking because tools and policies might exist, which require these fields to be set
- The
- BREAKING: Bump stackable-operator to 0.94.0 and update other dependencies (#878).
- The default Kubernetes cluster domain name is now fetched from the kubelet API unless explicitly configured.
- This requires operators to have the RBAC permission to get nodes/proxy in the apiGroup "". The helm-chart takes care of this.
- The CLI argument
--kubernetes-node-nameor env variableKUBERNETES_NODE_NAMEneeds to be set. The helm-chart takes care of this.
- The operator helm-chart now grants RBAC
patchpermissions onevents.k8s.io/events, so events can be aggregated (e.g. "error happened 10 times over the last 5 minutes") (#879).
- Use
jsonfile extension for log files (#846). - Fix a bug where changes to ConfigMaps that are referenced in the KafkaCluster spec didn't trigger a reconciliation (#844).
- Allow uppercase characters in domain names (#878).
- test: ZooKeeper 3.9.2 removed (#853).
- Support for Kafka 3.7.1 and 3.8.0 removed (#860).
- Remove the
-nodeportdiscovery ConfigMap (#868). - Remove the
lastUpdateTimefield from the stacklet status (#878). - Remove role binding to legacy service accounts (#878).
- The
-nodeportdiscovery ConfigMaps have been deprecated for removal (#813).- Any existing uses should be migrated to the primary discovery ConfigMap instead.
- The lifetime of auto generated TLS certificates is now configurable with the role and roleGroup
config property
requestedSecretLifetime. This helps reduce frequent Pod restarts (#796). - Run a
containerdebugprocess in the background of each Kafka container to collect debugging information (#803). - Aggregate emitted Kubernetes events on the CustomResources (#809).
- Support configuring JVM arguments (#819).
- Add Kafka 3.9.0 to tests (#822).
- Bump
stackable-operatorto 0.87.0 andstackable-versionedto 0.6.0 (#830). - Default to OCI for image metadata and product image selection (#810).
- Bump Kafka 3.7.1 to 3.7.2 in tests and getting_started, and bump upgrade testing from 3.7.1->3.8.0 to 3.8.0->3.9.0 (#822).
- docs: Update supported versions list (#835).
- Readiness probe fixed if Kerberos is enabled (#833).
- BREAKING: Use distinct ServiceAccounts for the Stacklets, so that multiple Stacklets can be deployed in one namespace. Existing Stacklets will use the newly created ServiceAccounts after restart (#793).
- Support version
3.8.0(#753). - Add support for Kerberos authentication (#762).
- The operator can now run on Kubernetes clusters using a non-default cluster domain.
Use the env var
KUBERNETES_CLUSTER_DOMAINor the operator Helm chart propertykubernetesClusterDomainto set a non-default cluster domain (#771).
- Reduce CRD size from
479KBto53KBby accepting arbitrary YAML input instead of the underlying schema for the following fields (#750):podOverridesaffinity
- Migrate to exposing Kafka using Listener Operator (#443).
- BREAKING: The existing services will be migrated to the new format. Clients will need to re-read settings from the discovery configmap.
- BREAKING: Kafka is now only accessible from within the Kubernetes cluster by default. Set listener classes manually to expose it to the outside world (again).
- BREAKING: To complete an upgrade to this kafka-operator, all existing Kafka StatefulSets must be deleted manually. This will cause some downtime.
- Include the global Kafka bootstrap service (not the rolegroup-specific) DNS record as SAN entry in the generated certificates used by Kafka. This allows you to access Kafka brokers secured using TLS via the global bootstrap service (#741).
- An invalid
KafkaClusterdoesn't cause the operator to stop functioning (#773).
- Remove versions
3.4.1,3.6.1,3.6.2(#753).
- Support for versions
3.6.2,3.7.1(#723).
- Bump
stackable-operatorfrom0.64.0to0.70.0(#725). - Bump
product-configfrom0.6.0to0.7.0(#725). - Bump other dependencies (#728).
- Support for version
3.5.2(#723). - BREAKING: Remove field/arg
controller_configfromkafka_controller::Ctxstruct andcreate_controllerfunction (#726).
- Various documentation of the CRD (#645).
- Helm: support labels in values.yaml (#657).
- Support new versions
3.5.2,3.6.1(#664).
- Support for versions
2.8.2,3.4.0,3.5.1(#664).
- Processing of corrupted log events fixed; If errors occur, the error messages are added to the log event (#715).
- Default stackableVersion to operator version. It is recommended to remove
spec.image.stackableVersionfrom your custom resources (#611, #613). - Configuration overrides for the JVM security properties, such as DNS caching (#616).
- Support PodDisruptionBudgets (#625).
- Support new versions 2.8.2, 3.4.1, 3.5.1 (#627).
- Document internal clusterId check (#631).
- Support graceful shutdown (#635).
vector0.26.0->0.33.0(#612, #627).operator-rs0.44.0->0.55.0(#611, #621, #625, #627).- [BREAKING]: Let secret-operator handle certificate conversion. Doing so we were able to remove the
prepareinit container with the effect, that you can't configure the log level for this container anymore. You need to remove the fieldspec.brokers.config.logging.container.preparein case you have specified it (#621). - Combine the operator lib and binary crates (#638).
- Removed support for versions 2.7.1, 3.1.0, 3.2.0, 3.3.1 (#627).
- Generate OLM bundle for Release 23.4.0 (#585).
- Fixed upgrade test on Openshift (#585).
- Missing CRD defaults for
status.conditionsfield (#588). - Support Kafka 3.4.0 (#591).
- Add support for resource quotas (#595)
- Support podOverrides (#602)
- Increase the size limit of the log volume (#604)
operator-rs0.40.2->0.44.0(#583, #604).- Use 0.0.0-dev product images for testing (#584)
- Use testing-tools 0.2.0 (#584)
- Added kuttl test suites (#599)
- Enabled logging and log aggregation (#547).
- Deploy default and support custom affinities (#557).
- Openshift compatibility (#572).
- Extend cluster resources for status and cluster operation (paused, stopped) (#574).
- Cluster status conditions (#575).
operator-rs0.30.1->0.40.2(#545, #572, #574, #577).- Bumped stackable versions to "23.4.0-rc1" (#545).
- Bumped kafka stackable versions to "23.4.0-rc2" (#547).
- Use operator-rs
build_rbac_resourcesmethod (#572). - Updated landing page and restructured usage guide (#573).
- Avoid empty log events dated to 1970-01-01 and improve the precision of the log event timestamps (#577).
- Fixed the RoleGroup
selector. It was not used before. (#530) - Updated stackable image versions (#513).
- operator-rs: 0.26.0 -> 0.30.1 (#519, #530).
- Don't run init container as root and avoid chmod and chowning (#524).
- [BREAKING] Use Product image selection instead of version.
spec.versionhas been replaced byspec.image(#482). - [BREAKING]: Removed tools image for init and get-svc container and replaced with Kafka product image. This means the latest stackable version has to be used in the product image selection (#527)
- [BREAKING] Consolidated top-level configuration. Split up TLS encryption and authentication. Moved all top-level fields except
spec.imagebelowspec.clusterConfig(#532).
- Added default resource requests (memory and cpu) for Kafka pods (#485).
- Support for Kafka 3.3.1 (#492).
- Orphaned resources are deleted (#495).
- Change port names from
http/httpstokafka/kafka-tls(#472). - Role and rolegroup configurations are merged correctly (#499).
- operator-rs: 0.22.0 -> 0.26.0 (#495, #499).
- BREAKING: TLS encryption and authentication support for internal and client communications. This is breaking for clients because the cluster is secured per default, which results in a client port change (#442).
- operator-rs: 0.21.1 -> 0.22.0 (#430).
- Include chart name when installing with a custom release name (#429, #431).
- Kafka init container now uses Stackable tools rather than Bitnami kubectl (#434).
- Reconciliation errors are now reported as Kubernetes events (#346).
- Support for Kafka 3.1.0 (#347).
- Use cli argument
watch-namespace/ env varWATCH_NAMESPACEto specify a single namespace to watch (#351). - Optional CRD field
log4jto adapt thelog4j.properties(#364). - PVCs for data storage, cpu and memory limits are now configurable (#405).
- Moved tests from integration tests repo to operator repo (#409).
operator-rs0.10.0→0.21.1(#346, #351, #385, #405).--kafka-broker-clusterroleis now only accepted for therunsubcommand (#349).- BREAKING: Adapted the
opafield in the crd toopaConfigMapNameand fixedauthorizer.class.nametoorg.openpolicyagent.kafka.OpaAuthorizerandopa.authorizer.metrics.enabledtotrue. Other settings can be changed viaconfigOverrides(#364). - BREAKING:
opaConfigMapNamein CRD adapted toopausing theOpaConfigfrom operator-rs (#385). - BREAKING: Specifying the product version has been changed to adhere to ADR018 instead of just specifying the product version you will now have to add the Stackable image version as well, so version: 3.1.0 becomes (for example) version: 3.1.0-stackable0 (#409)
- Complete rework (#256).
operator-rs0.3.0→0.4.0(#214).stackable-opa-crd0.4.1→0.5.0(#214).stackable-zookeeper-crd0.4.1→0.5.0(#214).- Adapted pod image and container command to docker image (#214).
- Adapted documentation to represent new workflow with docker images (#214).
- Added versioning code from operator-rs for up and downgrades (#167).
- Added
ProductVersionto status (#167). - Added
Conditionto status (#167). - Use sticky scheduler (#181)
- Added support for Start, Stop Restart commands (#194).
operator-rs0.2.2→0.3.0(#207).stackable-zookeeper-crd:0.2.0→0.4.1(#207).stackable-opa-crd:0.2.0→0.4.1(#207).kube-rs:0.58→0.60(#167).k8s-openapi0.12→0.13and features:v1_21→v1_22(#167).stackable-zookeeper-crd::utiltostackable-zookeeper-crd::discovery(#194).- Moved CRD availability check to operator-binary (#194).
kube-runtimedependency (#167).
- Fixed Dockerfile to use the correct binary (#167).
- Breaking: Repository structure was changed and the -server crate renamed to -binary. As part of this change the -server suffix was removed from both the package name for os packages and the name of the executable (#157).
- Initial release