Elastic Cloud on Kubernetes version 2.0.0

edit

Elastic Cloud on Kubernetes version 2.0.0

edit

Breaking changes

edit

Operator Lifecycle Manager (OLM) and OpenShift OperatorHub users that run with automatic upgrades enabled, are advised to set the set-default-security-context operator flag explicitly before upgrading to ECK 2.0. If not set ECK can fail to auto-detect the correct security context configuration and Elasticsearch Pods may not be allowed to run.

New features

edit
  • Allow K8S node labels to be propagated as Pod annotations #5054 (issue: #3933)

Enhancements

edit
  • Allow users to disable version validation to downgrade clusters #5272 (issue: #5259)
  • Add support for transport TLS certificate other/common name suffix #5189 (issue: #5148)
  • Bump the operator memory limit to 1Gi for larger deployments #5185 (issue: #5177)
  • Move config hash stored in Pod labels to Pod annotations #5175 (issue: #5071)
  • Elastic Maps Server: no Elasticsearch connection required since 7.14 #5172
  • Add autodetect option to security context configuration #5150 (issue: #5061)
  • Stop using deprecated host field in Beat configs #5113 (issue: #4954)
  • Stop using deprecated xpack.fleet.agents.elasticsearch.host Kibana config #5112 (issue: #5091)
  • Set Enterprise Search config kibana.host defaults in advance of 8.0 #5109 (issue: #4952)
  • Support trial licenses inside enterprise_trial orchestration licenses #5097
  • Include license expiry date in licensing config map #5013 (issue: #5008)
  • Reuse existing private key for CA rotation #4947 (issue: #507)
  • Use node shutdown API for rolling upgrades and downscales #4597

Bug fixes

edit
  • Fix Stack Monitoring with custom certificate without CA #5310 (issue: #5309)
  • Enterprise Search: avoid generating invalid config in the presence of user overrides #5298 (issue: #5290)
  • Change upgrade path validation for 8.0 to only allow 7.17 #5261 (issue: #5258)
  • Adjust Agent startup command to Ubuntu base image #5253 (issue: #5250)
  • Do not delete last master-eligible node if other nodes are not up-to-date #5242 (issue: #5241)
  • Add missing nodes resource RBAC permission in recipes #5178
  • Main go routine does not exit if there’s no error #5106

Documentation improvements

edit
  • Document node labels propagation feature #5254 (issue: #5098)
  • Update Kubernetes/OCP compatibility statements for ECK 2.0 #5239

Misc

edit
  • Update golang Docker tag to v1.17.6 #5234
  • Update module sigs.k8s.io/controller-tools to v0.8.0 #5233
  • Update module go.uber.org/zap to v1.20.0 #5224
  • Update module github.com/go-logr/logr to v1.2.2 #5220
  • Update k8s to v0.23.1 #5219
  • Update module github.com/hashicorp/vault/api to v1.3.1 #5208
  • Update module k8s.io/klog/v2 to v2.40.1 #5184
  • Update module github.com/spf13/viper to v1.10.1 #5171
  • Update module github.com/spf13/cobra to v1.3.0 #5163
  • Update module sigs.k8s.io/controller-runtime to v0.11.0 #5161
  • Update module github.com/elastic/go-ucfg to v0.8.4 #5037
  • Update registry.access.redhat.com/ubi8/ubi-minimal Docker tag to v8.5 #5034
  • Update golang Docker tag to v1.17.3 #5018
  • Update module sigs.k8s.io/kustomize/kyaml to v0.12.0 #5004
  • Update module go.elastic.co/apm/module/apmelasticsearch to v1.14.0 #5002
  • Update module go.elastic.co/apm to v1.14.0 #5001