Releases: piraeusdatastore/piraeus-operator
v2.7.0
This release brings two new features.
First, you can now restrict the IP address family used by the Operator to set up the Satellites. By default, the Operator will configure all .status.PodIPs, which in dual stack cluster contains both IPv4 and IPv6 addresses. However, it turns out that users might have a broken IPv6 configuration, which may cause LINSTOR to try to connect to IPv6 when that is not available. Users can now limit the IP address family using the following configuration:
apiVersion: piraeus.io/v1
kind: LinstorSatelliteConfiguration
metadata:
name: ipv4-only
spec:
ipFamilies:
- IPv4Second, the LINSTOR Satellite now tries to detect the host's LVM configuration on start up, reusing locks and udev rules if available. This fixes a long-standing issue where certain device links would disappear during resizes, leading to all kinds of errors on the LINSTOR side.
On the image front, the new LINSTOR 1.29.2 image includes a better backup mechanism for the LINSTOR database, so manual oversight should no longer be required in larger clusters.
Added
- Option to select IP Family to use for LINSTOR control traffic.
Changed
- Reconciliation of a Satellites network interfaces now also deletes unneeded interfaces.
- Satellites try to detect the LVM configuration on the host, reusing locks and udev rules if available.
- Updated images:
- LINSTOR 1.29.2
- LINSTOR CSI 1.6.4
- DRBD Reactor 1.5.0
- LINSTOR HA Controller 1.2.2
v2.6.0
This release only brings one small new feature:
It is now possible to use some basic templating to expand the properties on LinstorSatelliteConfiguration. This may be used to tie a set of Labels to only one property. For example, you might want to assign the node-role.kubernetes.io/... labels to a simple Aux/role in LINSTOR. Now you can do this by setting:
apiVersion: piraeus.io/v1
kind: LinstorSatelliteConfiguration
metadata:
name: node-role
spec:
properties:
- name: Aux/role
expandFrom:
nodeFieldRef: metadata.labels['node-role.kubernetes.io/*']
valueTemplate: "$1"Other than that, this release only bumps the default image versions.
Added
- Support wildcard patterns when referencing property values from node labels and annotations.
Changed
- Updated images:
- LINSTOR 1.29.0
- DRBD 9.2.11
- Latest CSI Sidecars
v2.5.2
This release mostly just bumps default images to their latest versions.
Of note are an update to DRBD which fixes a potential crash which was likely to be triggered in the Kubernets context.
An update to the LINSTOR CSI driver also fixes some caching related issues, notable a fix that affected users with both allowRemoteVolumeAccess policies with "diskless" worker nodes. Previous versions of the plugin could ignore the access policy palcing the diskful resource on unexpected nodes.
As a small new feature, it is possible to configure a separate trust chain for Piraeus-managed TLS resources, i.e. for internalTLS and apiTLS configurations.
Added
- Option to specify custom CA certificate resources for TLS configuration.
- Ensure all Certificate resources have
dnsNamesset.
Changed
- Updated images:
- LINSTOR 1.28.0
- LINSTOR CSI 1.6.3
- DRBD 9.2.10
- DRBD Reactor 1.4.1
- kTLS-utils 0.11
- Latest CSI sidecars
Fixed
- The operator will no longer restart reconciliation on every change to
ServiceAccountresources.
v2.5.1
This release contains mostly updated image dependencies. Noteworthy are a new DRBD release, which fixes a bug that could crash the kernel and was more likely to be triggered in the context of Piraeus, along with compatibility for the newly released Ubuntu 24.04 LTS release.
The new LINSTOR version fixes some issues around new ZFS versions and when using with storage pools of different allocation granularity. Also noteworthy for this release is that we pinned the LINSTOR satellite image to use a specific version of the thin-send-recv tool. This tool, used when creating backups on LVM pools, broke backwards-compatibility in a recent release which we originally shipped in the LINSTOR 1.27.1 images. We've pinned the image to a version that remains backwards-compatible.
The LINSTOR CSI driver gained an update that enables the use of LINSTOR-to-LINSTOR backups from VolumeSnapshot resources.
We have also introduced better caching for LINSTOR API results, so users should see a reduced load on the LINSTOR Controller container.
Added
- Default PriorityClasses for all components
Changed
- New DRBD loader detection for:
- Ubuntu Noble Numbat (24.04)
- Updated images:
- LINSTOR 1.27.1
- LINSTOR CSI 1.6.0
- DRBD 9.2.9
v2.5.0
This release finally adds support for ZFS storage pools. It is also possible to let Piraeus Operator create the zpools, assuming the ZFS module is loaded on the host.
Other than that, this is the usual round of updated images, which always bring a round of bug fixes and new features.
Added
- Support for managing ZFS Storage Pools using
LinstorSatelliteConfiguration.
Changed
- Updated images:
- LINSTOR 1.27.0
- LINSTOR CSI 1.5.0
- High Availability Controller 1.2.1
- Latest CSI sidecars
v2.4.1
This release has lots of small quality of life improvements: there is a new loader image for debian, detection for Rocky Linux and some improved support for SELinux relabelling as well as some improvements on the prometheus monitoring.
Added
- New DRBD loader detection for:
- Debian 12 (Bookworm)
- Rocky Linux 8 & 9
- Report
seLinuxMountcapability for the CSI Driver, speeding up volume mounts with SELinux
relabelling enabled. - Alerts for offline LINSTOR Controller and Satellites.
Changed
- Use node label instead of pod name for Prometheus alerting descriptions.
- Updated images:
- LINSTOR 1.26.2
- DRBD 9.2.8
v1.10.9
This release updates the base images to the latest upstream releases.
This will be the last release of Operator v1
Updates will only happen for Operator v2. Please start the migration process described in upgrade guide.
If you see this release and wonder what happened to the other v1.10.9: there was a typo in the CSI sidecar containers that needed fixing.
Changed
- Default images:
- LINSTOR 1.26.2
- LINSTOR CSI 1.4.0
- DRBD 9.1.19
- Latest CSI sidecars
v2.4.0
This release makes some transparent changes that further improve integration of Piraeus Datastore with Kubernetes.
On the feature side, there is a new webhook for StorageClasses: it validates the parameters section of the LINSTOR CSI plugin, so you will be notified of any typos directly when creating the StorageClass.
Secondly, LINSTOR Satellites are now managed via DaemonSets: this ensures they are not evicted by kubectl drain.
Added
- Validating Webhook for Piraeus StorageClasses.
Breaking
- Use DaemonSet to manage Satellite resources instead of bare Pods. This enables better integration with
common administrative tasks such as node draining. This change should be transparent for users, any patches
applied on the satellite Pods are internally converted to work on the new DaemonSet instead.
Changed
- Change default monitoring address for DRBD Reactor to support systems with IPv6 completely disabled.
- Updated images:
- LINSTOR 1.26.1
- LINSTOR CSI 1.4.0
- DRBD 9.2.7
- High Availability Controller 1.2.0
- Latest CSI sidecars
v2.3.0
This release brings a few existing new features.
First of all, DRBD 9.2.6 gained support for encrypting traffic with TLS. This needs a user space component to set up. This can now automatically be set up by setting .spec.internalTLS.tlsHandshakeDaemon: true in the LinstorSatelliteConfiguration.
Next, sometimes you may want to disable specific components such as the HA Controller. This can be achieved by setting .spec.highAvailabilityController.enabled: false in the LinstorCluster resource. This also works for the controller, csiController´ and csiNode` components.
There is also now an easy way to update the Pod Template used for all components. See the various podTemplate: values in the API reference. This works the same as creating a patch manually, but should be much more user friendly.
Next, we ripped out the NetworkPolicy from the default deployment: This caused users trouble when using some CNIs. There is now a specific guide.
Talking about guides, there are guides on how to set up basic monitoring with Prometheus.
Added
- Add a new option
.spec.internalTLS.tlsHandshakeDaemonto enable deployment oftlshdalongside the LINSTOR
Satellite. - Shortcuts to configure specific components. Components can be disabled by setting
enabled: false, and the deployed
workload can be influenced using thepodTemplatevalue. Available components:LinstorCluster.spec.controllerLinstorCluster.spec.csiControllerLinstorCluster.spec.csiNodeLinstorCluster.spec.highAvailabilityController
- Shortcut to modify the pod of a satellite by adding a
LinstorSatelliteConfiguration.spec.podTemplate, which is
a shortcut for creating a.spec.patchespatch.
Changed
- Fixed service resources relying on default protocol version.
- Moved NetworkPolicy for DRBD out of default deployed resources.
- Updated images:
- LINSTOR 1.25.1
- LINSTOR CSI 1.3.0
- DRBD Reactor 1.4.0
- Latest CSI sidecars
- Add a default toleration for the HA Controller taints to the operator.
v1.10.8
This updates images and fixes a bug where some seldom used values could not be set via the helm chart.
- Default images:
- LINSTOR 1.25.1
- LINSTOR CSI 1.3.0
- DRBD 9.1.17
- DRBD Reactor 1.4.0
- Latest CSI sidecars