Changelog¶
v0.26.0 - 2024-11-21¶
- Add kind:
Flink
- Add
Clickhouse
fielduserConfig.recovery_basebackup_name
, typestring
: Name of the basebackup to restore in forked service - Add
Grafana
fielduserConfig.auth_generic_oauth.use_refresh_token
, typeboolean
: Set to true to use refresh token and check access token expiration - Add
Kafka
fielduserConfig.schema_registry_config.retriable_errors_silenced
, typeboolean
: If enabled, kafka errors which can be retried or custom errors specified for the service will not be raised, instead, a warning log is emitted - Add
Kafka
fielduserConfig.schema_registry_config.schema_reader_strict_mode
, typeboolean
: If enabled, causes the Karapace schema-registry service to shutdown when there are invalid schema records in the_schemas
topic - Add
Kafka
fielduserConfig.single_zone
, typeobject
: Single-zone configuration - Change
Kafka
fielduserConfig.kafka_version
: enum remove3.5
,3.6
- Add
MySQL
fielduserConfig.mysql.log_output
, typestring
: The slow log output destination when slow_query_log is ON - Add
OpenSearch
fielduserConfig.azure_migration.indices
, typestring
: A comma-delimited list of indices to restore from the snapshot. Multi-index syntax is supported - Add
OpenSearch
fielduserConfig.gcs_migration.indices
, typestring
: A comma-delimited list of indices to restore from the snapshot. Multi-index syntax is supported - Add
OpenSearch
fielduserConfig.s3_migration.indices
, typestring
: A comma-delimited list of indices to restore from the snapshot. Multi-index syntax is supported - Change
PostgreSQL
fielduserConfig.additional_backup_regions
: deprecated - Add
OpenSearch
fielduserConfig.azure_migration.restore_global_state
, typeboolean
: If true, restore the cluster state. Defaults to false - Add
OpenSearch
fielduserConfig.gcs_migration.restore_global_state
, typeboolean
: If true, restore the cluster state. Defaults to false - Add
OpenSearch
fielduserConfig.opensearch.search_backpressure
, typeobject
: Search Backpressure Settings - Add
OpenSearch
fielduserConfig.opensearch.shard_indexing_pressure
, typeobject
: Shard indexing back pressure settings - Add
OpenSearch
fielduserConfig.s3_migration.restore_global_state
, typeboolean
: If true, restore the cluster state. Defaults to false - Change
Redis
fielduserConfig.redis_timeout
: maximum→31536000
2073600
- Add
OpenSearch
fielduserConfig.azure_migration.include_aliases
, typeboolean
: Whether to restore aliases alongside their associated indexes. Default is true - Add
OpenSearch
fielduserConfig.gcs_migration.include_aliases
, typeboolean
: Whether to restore aliases alongside their associated indexes. Default is true - Add
OpenSearch
fielduserConfig.s3_migration.include_aliases
, typeboolean
: Whether to restore aliases alongside their associated indexes. Default is true - Add
ServiceIntegration
fieldautoscaler
, typeobject
: Autoscaler specific user configuration options - Add
ServiceIntegrationEndpoint
fieldautoscaler
, typeobject
: Autoscaler configuration values - Change
Grafana
fielduserConfig.alerting_enabled
: deprecated - Change
OpenSearch
fielduserConfig.opensearch.auth_failure_listeners.internal_authentication_backend_limiting.allowed_tries
: minimum→0
1
- Change
OpenSearch
fielduserConfig.opensearch.auth_failure_listeners.ip_rate_limiting.block_expiry_seconds
: minimum→1
0
- Change
OpenSearch
fielduserConfig.opensearch.auth_failure_listeners.ip_rate_limiting.time_window_seconds
: minimum→1
0
- Change
Cassandra
fielduserConfig.cassandra_version
: enum remove4
- Change
PostgreSQL
fielduserConfig.pg_version
: enum remove12
- Add
OpenSearch
fielduserConfig.opensearch.search.insights.top_queries
, typeobject
v0.25.0 - 2024-09-19¶
- Fix
KafkaTopic
: fails to create a topic with the replication factor set more than running Kafka nodes - Fix
ServiceIntegration
: sends empty source and destination projects - Fix
KafkaSchema
: poll resource availability - Add
KafkaSchema
fieldschemaType
, typestring
: Schema type - Add
Kafka
fielduserConfig.follower_fetching
, typeobject
: Enable follower fetching - Add
Kafka
fielduserConfig.kafka_sasl_mechanisms
, typeobject
: Kafka SASL mechanisms - Change
Kafka
fielduserConfig.kafka.sasl_oauthbearer_sub_claim_name
: pattern→^[^\r\n]*$
^[^\r\n]*\S[^\r\n]*$
- Add
MySQL
fielduserConfig.migration.ignore_roles
, typestring
: Comma-separated list of database roles, which should be ignored during migration (supported by PostgreSQL only at the moment) - Add
PostgreSQL
fielduserConfig.migration.ignore_roles
, typestring
: Comma-separated list of database roles, which should be ignored during migration (supported by PostgreSQL only at the moment) - Add
PostgreSQL
fielduserConfig.pgbouncer.max_prepared_statements
, typeinteger
: PgBouncer tracks protocol-level named prepared statements related commands sent by the client in transaction and statement pooling modes when max_prepared_statements is set to a non-zero value - Add
Redis
fielduserConfig.migration.ignore_roles
, typestring
: Comma-separated list of database roles, which should be ignored during migration (supported by PostgreSQL only at the moment) - Add
Redis
fielduserConfig.backup_hour
, typeinteger
: The hour of day (in UTC) when backup for the service is started - Add
Redis
fielduserConfig.backup_minute
, typeinteger
: The minute of an hour when backup for the service is started - Add
Grafana
fielduserConfig.wal
, typeboolean
: Setting to enable/disable Write-Ahead Logging. The default value is false (disabled) - Add
OpenSearch
fielduserConfig.azure_migration
, typeobject
: Azure migration settings - Add
OpenSearch
fielduserConfig.gcs_migration
, typeobject
: Google Cloud Storage migration settings - Add
OpenSearch
fielduserConfig.index_rollup
, typeobject
: Index rollup settings - Add
OpenSearch
fielduserConfig.s3_migration
, typeobject
: AWS S3 / AWS S3 compatible migration settings - Change
OpenSearch
fielduserConfig.openid.connect_url
: pattern^[^\r\n]*$
- Change
OpenSearch
fielduserConfig.opensearch.script_max_compilations_rate
: pattern^[^\r\n]*$
- Change
OpenSearch
fielduserConfig.saml.idp_metadata_url
: pattern^[^\r\n]*$
v0.24.0 - 2024-07-16¶
- Fix
PostgreSQL
: wait for a valid backup to create read replica - Fix
ClickhouseGrant
: grant privileges for an unknown table (Clickhouse can do that) - Fix
ClickhouseGrant
: track the state to revoke only known privileges - Add
Cassandra
fielduserConfig.cassandra.read_request_timeout_in_ms
, typeinteger
: How long the coordinator waits for read operations to complete before timing it out - Add
Cassandra
fielduserConfig.cassandra.write_request_timeout_in_ms
, typeinteger
: How long the coordinator waits for write requests to complete with at least one node in the local datacenter - Add
OpenSearch
fielduserConfig.opensearch.knn_memory_circuit_breaker_enabled
, typeboolean
: Enable or disable KNN memory circuit breaker. Defaults to true - Add
OpenSearch
fielduserConfig.opensearch.knn_memory_circuit_breaker_limit
, typeinteger
: Maximum amount of memory that can be used for KNN index. Defaults to 50% of the JVM heap size - Change
PostgreSQL
fielduserConfig.pg.log_line_prefix
: enum→['%m [%p] %q[user=%u,db=%d,app=%a] ', '%t [%p]: [%l-1] user=%u,db=%d,app=%a,client=%h ', 'pid=%p,user=%u,db=%d,app=%a,client=%h ']
['%m [%p] %q[user=%u,db=%d,app=%a] ', '%t [%p]: [%l-1] user=%u,db=%d,app=%a,client=%h ', 'pid=%p,user=%u,db=%d,app=%a,client=%h ', 'pid=%p,user=%u,db=%d,app=%a,client=%h,txid=%x,qid=%Q ']
v0.23.0 - 2024-07-12¶
- Ignore
http.StatusBadRequest
onClickhouseGrant
deletion - Retry conflict error when k8s object saved to the storage
- Fix
ClickhouseGrant
invalid remote and local privileges comparison - Fix
ClickhouseGrant
: doesn't escape role name to grant - Fix
ClickhouseUser
: password was reset due to an incorrect processing cycle
v0.22.0 - 2024-07-02¶
- Ignore
ClickhouseRole
deletion error (missing database) - Ignore
ClickhouseGrant
deletion errors (missing database, service, role) - Do not block service operations in
REBALANCING
state
v0.21.0 - 2024-06-25¶
- Add kind:
ClickhouseGrant
- Add
KafkaConnect
fielduserConfig.secret_providers
, typearray
: Configure external secret providers in order to reference external secrets in connector configuration - Add
Kafka
fielduserConfig.kafka_connect_secret_providers
, typearray
: Configure external secret providers in order to reference external secrets in connector configuration - Add
Kafka
fielduserConfig.letsencrypt_sasl_privatelink
, typeboolean
: Use Letsencrypt CA for Kafka SASL via Privatelink - Add
ServiceIntegration
fielddatadog.mirrormaker_custom_metrics
, typearray
: List of custom metrics - Add
ServiceIntegration
fieldkafkaMirrormaker.kafka_mirrormaker.consumer_auto_offset_reset
, typestring
: Set where consumer starts to consume data - Add
ServiceIntegration
fieldkafkaMirrormaker.kafka_mirrormaker.consumer_max_poll_records
, typeinteger
: Set consumer max.poll.records. The default is 500 - Change
PostgreSQL
fielduserConfig.pgaudit
: deprecated - Breaking change
ServiceIntegrationEndpoint
fieldexternalPostgresql.ssl_mode
: enum→[allow, disable, prefer, require, verify-ca, verify-full]
[require, verify-ca, verify-full]
v0.20.0 - 2024-06-05¶
- Add kind:
ServiceIntegrationEndpoint
- Add
ServiceIntegration
flink_external_postgresql
type - Add
ServiceIntegration
fielddatadog.datadog_pgbouncer_enabled
, typeboolean
: Enable Datadog PgBouncer Metric Tracking - Fix
ServiceIntegration
deletion when instance has no id set - Fix service types
disk_space
field validation - Fix resources
project
,serviceName
fields validation - Fix
ConnectionPool
doesn't check service user precondition - Remove
CA_CERT
secret key forGrafana
,OpenSearch
,Redis
, andClickhouse
. Can't be used with these service types ddog-gov.com, us3.datadoghq.com, us5.datadoghq.com]` - Change
ServiceIntegrationEndpoint
fieldexternalKafka.ssl_endpoint_identification_algorithm
: enum→[, https]
[https]
- Remove
ClickhouseUser
webhook. Doesn't do any validation or mutation - Change
Kafka
fielduserConfig.kafka_version
: enum→[3.4, 3.5, 3.6]
[3.4, 3.5, 3.6, 3.7]
- Change
ServiceIntegrationEndpoint
fielddatadog.site
: enum→ `[ap1.datadoghq.com, datadoghq.com, datadoghq.eu,[datadoghq.com, datadoghq.eu, ddog-gov.com, us3.datadoghq.com, us5.datadoghq.com]
- Move immutable fields validation from webhooks to CRD validation rules
v0.19.0 - 2024-04-18¶
- Add kind:
ClickhouseRole
- Unified User-Agent format with the Terraform Provider
- Unify cluster role permissions
- Add missing role permissions to
KafkaACL
v0.18.1 - 2024-04-02¶
- Add
KafkaSchemaRegistryACL
kind - Add
ClickhouseDatabase
kind - Fix secret creation for kinds with no secrets
- Include the Kubernetes version in the Go client's user agent
- Replace
Database
kind validations and default values with CRD validation rules - Perform upgrade tasks to check if PG service can be upgraded before updating the service
- Expose project CA certificate to service secrets:
REDIS_CA_CERT
,MYSQL_CA_CERT
, etc. - Add
KafkaTopic
fieldconfig.local_retention_bytes
, typeinteger
: local.retention.bytes value - Add
KafkaTopic
fieldconfig.local_retention_ms
, typeinteger
: local.retention.ms value - Add
KafkaTopic
fieldconfig.remote_storage_enable
, typeboolean
: remote_storage_enable - Change
Cassandra
fielduserConfig.cassandra_version
: pattern^[0-9]+(\.[0-9]+)?$
- Change
Cassandra
fielduserConfig.project_to_fork_from
: pattern^[a-z][-a-z0-9]{0,63}$|^$
- Change
Cassandra
fielduserConfig.service_to_fork_from
: pattern^[a-z][-a-z0-9]{0,63}$|^$
- Change
Cassandra
fielduserConfig.service_to_join_with
: pattern^[a-z][-a-z0-9]{0,63}$
- Change
Clickhouse
fielduserConfig.project_to_fork_from
: pattern^[a-z][-a-z0-9]{0,63}$|^$
- Change
Clickhouse
fielduserConfig.service_to_fork_from
: pattern^[a-z][-a-z0-9]{0,63}$|^$
- Change
Grafana
fielduserConfig.project_to_fork_from
: pattern^[a-z][-a-z0-9]{0,63}$|^$
- Change
Grafana
fielduserConfig.service_to_fork_from
: pattern^[a-z][-a-z0-9]{0,63}$|^$
- Change
Kafka
fielduserConfig.kafka.sasl_oauthbearer_expected_audience
: pattern^[^\r\n]*$
- Change
Kafka
fielduserConfig.kafka.sasl_oauthbearer_expected_issuer
: pattern^[^\r\n]*$
- Change
Kafka
fielduserConfig.kafka.sasl_oauthbearer_sub_claim_name
: pattern^[^\r\n]*$
- Change
MySQL
fielduserConfig.mysql.default_time_zone
: pattern^([-+][\d:]*|[\w/]*)$
- Change
MySQL
fielduserConfig.project_to_fork_from
: pattern^[a-z][-a-z0-9]{0,63}$|^$
- Change
MySQL
fielduserConfig.service_to_fork_from
: pattern^[a-z][-a-z0-9]{0,63}$|^$
- Change
OpenSearch
fielduserConfig.openid.client_id
: pattern^[^\r\n]*$
- Change
OpenSearch
fielduserConfig.openid.client_secret
: pattern^[^\r\n]*$
- Change
OpenSearch
fielduserConfig.openid.header
: pattern^[^\r\n]*$
- Change
OpenSearch
fielduserConfig.openid.jwt_header
: pattern^[^\r\n]*$
- Change
OpenSearch
fielduserConfig.openid.jwt_url_parameter
: pattern^[^\r\n]*$
- Change
OpenSearch
fielduserConfig.openid.roles_key
: pattern^[^\r\n]*$
- Change
OpenSearch
fielduserConfig.openid.scope
: pattern^[^\r\n]*$
- Change
OpenSearch
fielduserConfig.openid.subject_key
: pattern^[^\r\n]*$
- Change
OpenSearch
fielduserConfig.project_to_fork_from
: pattern^[a-z][-a-z0-9]{0,63}$|^$
- Change
OpenSearch
fielduserConfig.saml.idp_entity_id
: pattern^[^\r\n]*$
- Change
OpenSearch
fielduserConfig.saml.roles_key
: pattern^[^\r\n]*$
- Change
OpenSearch
fielduserConfig.saml.sp_entity_id
: pattern^[^\r\n]*$
- Change
OpenSearch
fielduserConfig.saml.subject_key
: pattern^[^\r\n]*$
- Change
OpenSearch
fielduserConfig.service_to_fork_from
: pattern^[a-z][-a-z0-9]{0,63}$|^$
- Change
PostgreSQL
fielduserConfig.pg.timezone
: pattern^[\w/]*$
- Change
PostgreSQL
fielduserConfig.pg_service_to_fork_from
: pattern^[a-z][-a-z0-9]{0,63}$|^$
- Change
PostgreSQL
fielduserConfig.project_to_fork_from
: pattern^[a-z][-a-z0-9]{0,63}$|^$
- Change
PostgreSQL
fielduserConfig.service_to_fork_from
: pattern^[a-z][-a-z0-9]{0,63}$|^$
- Change
Redis
fielduserConfig.project_to_fork_from
: pattern^[a-z][-a-z0-9]{0,63}$|^$
- Change
Redis
fielduserConfig.service_to_fork_from
: pattern^[a-z][-a-z0-9]{0,63}$|^$
- Add
OpenSearch
fielduserConfig.opensearch.plugins_alerting_filter_by_backend_roles
, typeboolean
: Enable or disable filtering of alerting by backend roles. Requires Security plugin - Change
Redis
fielduserConfig.redis_notify_keyspace_events
: pattern→^[KEg\$lshzxeA]*$
^[KEg\$lshzxentdmA]*$
- Add
PostgreSQL
fielduserConfig.pgaudit
, typeobject
: System-wide settings for the pgaudit extension - Add
ServiceIntegration
fielddatadog.opensearch.cluster_stats_enabled
, typeboolean
: Enable Datadog Opensearch Cluster Monitoring
v0.17.0 - 2024-02-01¶
- Bump k8s deps to 1.26.13
- Add
OpenSearch
fielduserConfig.opensearch.enable_security_audit
, typeboolean
: Enable/Disable security audit - Add
Kafka
fielduserConfig.kafka_rest_config.name_strategy
, typestring
: Name strategy to use when selecting subject for storing schemas - Add
Redis
fielduserConfig.redis_version
, typestring
: Redis major version - Add
Grafana
fielduserConfig.auth_github.auto_login
, typeboolean
: Allow users to bypass the login screen and automatically log in - Add
Grafana
fielduserConfig.auth_github.skip_org_role_sync
, typeboolean
: Stop automatically syncing user roles - Change
Clickhouse
fielduserConfig.additional_backup_regions
: deprecated - Change
Grafana
fielduserConfig.additional_backup_regions
: deprecated - Change
KafkaConnect
fielduserConfig.additional_backup_regions
: deprecated - Change
Kafka
fielduserConfig.additional_backup_regions
: deprecated - Change
OpenSearch
fielduserConfig.additional_backup_regions
: deprecated - Change
Redis
fielduserConfig.additional_backup_regions
: deprecated - Change
Cassandra
fielduserConfig.cassandra_version
: enum→[3, 4, 4.1]
[4, 4.1]
- Change
Kafka
fielduserConfig.kafka_version
: enum→[3.1, 3.3, 3.4, 3.5, 3.6]
[3.4, 3.5, 3.6]
- Change
PostgreSQL
fielduserConfig.pg_version
: enum→[11, 12, 13, 14, 15, 16]
[12, 13, 14, 15, 16]
- Add
Cassandra
fieldtechnicalEmails
, typearray
: Defines the email addresses that will receive alerts about upcoming maintenance updates or warnings about service instability - Add
Clickhouse
fieldtechnicalEmails
, typearray
: Defines the email addresses that will receive alerts about upcoming maintenance updates or warnings about service instability - Add
Grafana
fieldtechnicalEmails
, typearray
: Defines the email addresses that will receive alerts about upcoming maintenance updates or warnings about service instability - Add
KafkaConnect
fieldtechnicalEmails
, typearray
: Defines the email addresses that will receive alerts about upcoming maintenance updates or warnings about service instability - Add
Kafka
fieldtechnicalEmails
, typearray
: Defines the email addresses that will receive alerts about upcoming maintenance updates or warnings about service instability - Add
MySQL
fieldtechnicalEmails
, typearray
: Defines the email addresses that will receive alerts about upcoming maintenance updates or warnings about service instability - Add
OpenSearch
fieldtechnicalEmails
, typearray
: Defines the email addresses that will receive alerts about upcoming maintenance updates or warnings about service instability - Add
PostgreSQL
fieldtechnicalEmails
, typearray
: Defines the email addresses that will receive alerts about upcoming maintenance updates or warnings about service instability - Add
Redis
fieldtechnicalEmails
, typearray
: Defines the email addresses that will receive alerts about upcoming maintenance updates or warnings about service instability - Add
Cassandra
fieldconnInfoSecretTargetDisabled
, typeboolean
: When true, the secret containing connection information will not be created, defaults to false - Add
Clickhouse
fieldconnInfoSecretTargetDisabled
, typeboolean
: When true, the secret containing connection information will not be created, defaults to false - Add
ClickhouseUser
fieldconnInfoSecretTargetDisabled
, typeboolean
: When true, the secret containing connection information will not be created, defaults to false - Add
ConnectionPool
fieldconnInfoSecretTargetDisabled
, typeboolean
: When true, the secret containing connection information will not be created, defaults to false - Add
Grafana
fieldconnInfoSecretTargetDisabled
, typeboolean
: When true, the secret containing connection information will not be created, defaults to false - Add
Kafka
fieldconnInfoSecretTargetDisabled
, typeboolean
: When true, the secret containing connection information will not be created, defaults to false - Add
MySQL
fieldconnInfoSecretTargetDisabled
, typeboolean
: When true, the secret containing connection information will not be created, defaults to false - Add
OpenSearch
fieldconnInfoSecretTargetDisabled
, typeboolean
: When true, the secret containing connection information will not be created, defaults to false - Add
PostgreSQL
fieldconnInfoSecretTargetDisabled
, typeboolean
: When true, the secret containing connection information will not be created, defaults to false - Add
Project
fieldconnInfoSecretTargetDisabled
, typeboolean
: When true, the secret containing connection information will not be created, defaults to false - Add
Redis
fieldconnInfoSecretTargetDisabled
, typeboolean
: When true, the secret containing connection information will not be created, defaults to false - Add
ServiceUser
fieldconnInfoSecretTargetDisabled
, typeboolean
: When true, the secret containing connection information will not be created, defaults to false
v0.16.1 - 2023-12-15¶
- Check VPC for running services before deletion. Prevents VPC from hanging in the DELETING state
- Expose
KAFKA_SCHEMA_REGISTRY_URI
andKAFKA_REST_URI
toKafka
secret - Expose
CONNECTIONPOOL_NAME
inConnectionPool
secret - Fix
CONNECTIONPOOL_PORT
exposes service port instead of pool port - Fix
SERVICEUSER_PORT
whensasl
is the only authentication method - Change
PostgreSQL
fielduserConfig.pg_qualstats.enabled
: deprecated - Change
PostgreSQL
fielduserConfig.pg_qualstats.min_err_estimate_num
: deprecated - Change
PostgreSQL
fielduserConfig.pg_qualstats.min_err_estimate_ratio
: deprecated - Change
PostgreSQL
fielduserConfig.pg_qualstats.track_constants
: deprecated - Change
PostgreSQL
fielduserConfig.pg_qualstats.track_pg_catalog
: deprecated
v0.16.0 - 2023-12-07¶
- Set conditions on errors:
Preconditions
,CreateOrUpdate
,Delete
. Thanks to @atarax - Fix object updates lost when reconciler exits before the object is committed
- Add
Kafka
fielduserConfig.kafka.transaction_partition_verification_enable
, typeboolean
: Enable verification that checks that the partition has been added to the transaction before writing transactional records to the partition - Add
Cassandra
fielduserConfig.service_log
, typeboolean
: Store logs for the service so that they are available in the HTTP API and console - Add
Clickhouse
fielduserConfig.service_log
, typeboolean
: Store logs for the service so that they are available in the HTTP API and console - Add
Grafana
fielduserConfig.service_log
, typeboolean
: Store logs for the service so that they are available in the HTTP API and console - Add
KafkaConnect
fielduserConfig.service_log
, typeboolean
: Store logs for the service so that they are available in the HTTP API and console - Add
Kafka
fielduserConfig.kafka_rest_config.name_strategy_validation
, typeboolean
: If true, validate that given schema is registered under expected subject name by the used name strategy when producing messages - Add
Kafka
fielduserConfig.service_log
, typeboolean
: Store logs for the service so that they are available in the HTTP API and console - Add
MySQL
fielduserConfig.service_log
, typeboolean
: Store logs for the service so that they are available in the HTTP API and console - Add
OpenSearch
fielduserConfig.service_log
, typeboolean
: Store logs for the service so that they are available in the HTTP API and console - Add
PostgreSQL
fielduserConfig.pg_qualstats
, typeobject
: System-wide settings for the pg_qualstats extension - Add
PostgreSQL
fielduserConfig.service_log
, typeboolean
: Store logs for the service so that they are available in the HTTP API and console - Add
Redis
fielduserConfig.service_log
, typeboolean
: Store logs for the service so that they are available in the HTTP API and console
v0.15.0 - 2023-11-17¶
- Upgrade to Go 1.21
- Add option to orphan resources. Thanks to @atarax
- Fix
ServiceIntegration
: do not send empty user config to the API - Add a format for
string
type fields to the documentation - Generate CRDs changelog
- Add
Clickhouse
fielduserConfig.private_access.clickhouse_mysql
, typeboolean
: Allow clients to connect to clickhouse_mysql with a DNS name that always resolves to the service's private IP addresses - Add
Clickhouse
fielduserConfig.privatelink_access.clickhouse_mysql
, typeboolean
: Enable clickhouse_mysql - Add
Clickhouse
fielduserConfig.public_access.clickhouse_mysql
, typeboolean
: Allow clients to connect to clickhouse_mysql from the public internet for service nodes that are in a project VPC or another type of private network - Add
Grafana
fielduserConfig.unified_alerting_enabled
, typeboolean
: Enable or disable Grafana unified alerting functionality - Add
Kafka
fielduserConfig.aiven_kafka_topic_messages
, typeboolean
: Allow access to read Kafka topic messages in the Aiven Console and REST API - Add
Kafka
fielduserConfig.kafka.sasl_oauthbearer_expected_audience
, typestring
: The (optional) comma-delimited setting for the broker to use to verify that the JWT was issued for one of the expected audiences - Add
Kafka
fielduserConfig.kafka.sasl_oauthbearer_expected_issuer
, typestring
: Optional setting for the broker to use to verify that the JWT was created by the expected issuer - Add
Kafka
fielduserConfig.kafka.sasl_oauthbearer_jwks_endpoint_url
, typestring
: OIDC JWKS endpoint URL. By setting this the SASL SSL OAuth2/OIDC authentication is enabled - Add
Kafka
fielduserConfig.kafka.sasl_oauthbearer_sub_claim_name
, typestring
: Name of the scope from which to extract the subject claim from the JWT. Defaults to sub - Change
Kafka
fielduserConfig.kafka_version
: enum→[3.1, 3.3, 3.4, 3.5]
[3.1, 3.3, 3.4, 3.5, 3.6]
- Change
Kafka
fielduserConfig.tiered_storage.local_cache.size
: deprecated - Add
OpenSearch
fielduserConfig.opensearch.indices_memory_max_index_buffer_size
, typeinteger
: Absolute value. Default is unbound. Doesn't work without indices.memory.index_buffer_size - Add
OpenSearch
fielduserConfig.opensearch.indices_memory_min_index_buffer_size
, typeinteger
: Absolute value. Default is 48mb. Doesn't work without indices.memory.index_buffer_size - Change
OpenSearch
fielduserConfig.opensearch.auth_failure_listeners.internal_authentication_backend_limiting.authentication_backend
: enum[internal]
- Change
OpenSearch
fielduserConfig.opensearch.auth_failure_listeners.internal_authentication_backend_limiting.type
: enum[username]
- Change
OpenSearch
fielduserConfig.opensearch.auth_failure_listeners.ip_rate_limiting.type
: enum[ip]
- Change
OpenSearch
fielduserConfig.opensearch.search_max_buckets
: maximum→65536
1000000
- Change
ServiceIntegration
fieldkafkaMirrormaker.kafka_mirrormaker.producer_max_request_size
: maximum→67108864
268435456
v0.14.0 - 2023-09-21¶
- Make
projectVpcId
andprojectVPCRef
mutable - Fix panic on
nil
user config conversion - Use aiven-go-client with context support
- Deprecate
Cassandra
kind optionadditional_backup_regions
- Add
Grafana
kind optionauto_login
- Add
Kafka
kind propertieslog_local_retention_bytes
,log_local_retention_ms
- Remove
Kafka
kind optionremote_log_storage_system_enable
- Add
OpenSearch
kind optionauth_failure_listeners
- Add
OpenSearch
kind Index State Management options
v0.13.0 - 2023-08-18¶
- Add TieredStorage support to
Kafka
- Add
Kafka
version3.5
- Add
Kafka
spec propertyscheduled_rebalance_max_delay_ms
- Mark deprecated
Kafka
spec propertyremote_log_storage_system_enable
- Add
KafkaConnect
spec propertyscheduled_rebalance_max_delay_ms
- Add
OpenSearch
spec propertyopenid
- Use updated go client with enhanced retries
v0.12.3 - 2023-07-13¶
- Expose
KAFKA_SCHEMA_REGISTRY_HOST
andKAFKA_SCHEMA_REGISTRY_PORT
forKafka
- Expose
KAFKA_CONNECT_HOST
,KAFKA_CONNECT_PORT
,KAFKA_REST_HOST
andKAFKA_REST_PORT
forKafka
. Thanks to @Dariusch
v0.12.2 - 2023-06-20¶
- Make conditions and state optional attributes of service status. Thanks to @mortenlj
- Remove deprecated
unclean_leader_election_enable
fromKafkaTopic
kind config - Expose
KAFKA_SASL_PORT
forKafka
kind ifSASL
authentication method is enabled - Add
redis
options to datadogServiceIntegration
- Add
Cassandra
version3
- Add
Kafka
versions3.1
and3.4
- Add
kafka_rest_config.producer_max_request_size
option - Add
kafka_mirrormaker.producer_compression_type
option
v0.12.0 - 2023-05-10¶
- Fix service tags create/update. Thanks to @mortenlj
- Add prefix name option for secrets. Thanks to @jordiclariana
- Add
clusterRole.create
option to Helm chart. Thanks to @ryaneorth - Use kind name as default prefix for secrets to avoid collisions. Please migrate your applications before legacy names removed
- Fix secrets creation on openshift
- Add
OpenSearch.spec.userConfig.idp_pemtrustedcas_content
option. Specifies the PEM-encoded root certificate authority (CA) content for the SAML identity provider (IdP) server verification.
v0.11.0 - 2023-04-25¶
- Add
ServiceIntegration
kindSourceProjectName
andDestinationProjectName
fields - Add
ServiceIntegration
fieldsMaxLength
validation - Add
ServiceIntegration
validation: multiple user configs cannot be set - Fix
ServiceIntegration
, should not requiredestinationServiceName
orsourceEndpointID
field - Fix
ServiceIntegration
, add missingexternal_aws_cloudwatch_metrics
type config serialization - Update
ServiceIntegration
integration type list - Add
annotations
andlabels
fields toconnInfoSecretTarget
- Allow to disable capabilities check to install webhooks. Thanks to @amstee
- Set
OpenSearch.spec.userConfig.opensearch.search_max_buckets
maximum to65536
v0.10.0 - 2023-04-17¶
- Mark service
plan
as a required field - Add
minumim
,maximum
validations fornumber
type - Move helm charts to the operator repository
- Add helm charts generator
- Remove
ip_filter
backward compatibility - Fix deletion errors omitted
- Add service integration
clickhouseKafka.tables.data_format-property
enumRawBLOB
value - Update OpenSearch
userConfig.opensearch.email_sender_username
validation pattern - Add Kafka
log_cleaner_min_cleanable_ratio
minimum and maximum validation rules - Remove Kafka version
3.2
, reached EOL - Remove PostgreSQL version
10
, reached EOL - Explicitly delete
ProjectVPC
byID
to avoid conflicts - Speed up
ProjectVPC
deletion by exiting onDELETING
status - Fix missing RBAC permissions to update finalizers for various controllers
- Refactor
ClickhouseUser
controller - Mark
ClickhouseUser.spec.project
andClickhouseUser.spec.serviceName
as immutable - Remove deprecated service integration type
signalfx
- Add build version to the Aiven client user-agent
v0.9.0 - 2023-03-03¶
AuthSecretRef
fields marked as required- Generate user configs for existing service integrations:
datadog
,kafka_connect
,kafka_logs
,metrics
- Add new service integrations:
clickhouse_postgresql
,clickhouse_kafka
,clickhouse_kafka
,logs
,external_aws_cloudwatch_metrics
- Add
KafkaTopic.Spec.topicName
field. Unlike themetadata.name
, supports additional characters and has a longer length.KafkaTopic.Spec.topicName
replacesmetadata.name
in future releases and will be marked as required. - Accept
false
value fortermination_protection
property - Fix
min_cleanable_dirty_ratio
. Thanks to @TV2rd
v0.8.0 - 2023-02-15¶
Important: This release brings breaking changes to the userConfig
property.
After new charts are installed, update your existing instances manually using the kubectl edit
command
according to the API reference.
Note: It is now recommended to disable webhooks for Kubernetes version 1.25 and higher, as native CRD validation rules are used.
- Breaking change:
ip_filter
field is now ofobject
type - Breaking change: Update user configs for following kinds: PostgreSQL, Kafka, KafkaConnect, Redis, Clickhouse, OpenSearch
- Add CRD validation rules for immutable fields
- Add user config field validations (enum, minimum, maximum, minLength, and others)
- Add
serviceIntegrations
on service types. Only theread_replica
type is available. - Add KafkaTopic
min_cleanable_dirty_ratio
config field support - Add Clickhouse
spec.disk_space
property - Use updated aiven-go-client with retries
- Add
linux/amd64
build. Thanks to @christoffer-eide
v0.7.1 - 2023-01-24¶
- Add Cassandra Kind
- Add Grafana Kind
- Recreate Kafka ACL if modified. Note: Modification of ACL created prior to v0.5.1 won't delete existing instance at Aiven. It must be deleted manually.
- Fix MySQL webhook
v0.6.0 - 2023-01-16¶
- Remove
never
from choices of maintenance dow - Add
development
flag to configure logger's behavior - Add user config generator (see
make generate-user-configs
) - Add
genericServiceHandler
to generalize service management - Add MySQL Kind
v0.5.2 - 2022-12-09¶
- Fix deployment release manifest generation
v0.5.1 - 2022-11-28¶
- Fix
KafkaACL
deletion
v0.5.0 - 2022-11-27¶
- Add ability to link resources through the references
- Add
ProjectVPCRef
property toKafka
,OpenSearch
,Clickhouse
andRedis
kinds to getProjectVPC
ID when resource is ready - Improve
ProjectVPC
deletion, deletes by ID first if possible, then tries by name - Fix
client.Object
storage update data loss
v0.4.0 - 2022-08-04¶
- Upgrade to Go 1.18
- Add support for connection pull incoming user
- Fix typo on config/samples/kafka disk_space
- Add tags support for project and service resources
- Enable termination protection
v0.2.0 - 2021-11-17¶
features:
- add Redis CRD
improvements:
- watch CRDs to reconcile token secrets
fixes:
- fix RBACs of KafkaACL CRD
v0.1.1 - 2021-09-13¶
improvements:
- update helm installation docs
fixes:
- fix typo in a kafka-connector kuttl test
v0.1.0 - 2021-09-10¶
features:
- initial release