Releases: mongodb/mongodb-enterprise-kubernetes
Releases · mongodb/mongodb-enterprise-kubernetes
MongoDB Enterprise Kubernetes Operator 1.9.2
MongoDB Enterprise Kubernetes Operator 1.9.2
Miscellaneous
- Fix errors with CSV
MongoDB Enterprise Kubernetes Operator 1.9.1
MongoDB Enterprise Kubernetes Operator 1.9.1
Kubernetes Operator
- Bug fixes
- Fixes an issue where the service-account-name could not be specified in the StatefulSet podSpec override.
- Removed unnecessary
delete servicepermission from operator role.
MongoDB Resource
- Bug fixes
- Fixes an issue where updating a role in
spec.security.authentication.rolesby removing theprivilegesarray would cause the resource to enter a bad state
- Fixes an issue where updating a role in
MongoDBOpsManager Resource
- Breaking Changes
- The new Application Database image
mongodb-enterprise-appdb:10.2.15.5958-1_4.2.11-entwas released. The image needs
to be downloaded to the local repositories otherwise MongoDBOpsManager resource won't start. The image contains a new bundled MongoDB4.2.11-entinstead of4.2.2-ent.
- The new Application Database image
- Changes
- Ops Manager user now has "backup", "restore" and "hostManager" roles, allowing for backups/restores on the AppDB.
- If
spec.applicationDatabase.versionis omitted the Operator will use4.2.11-entas a default MongoDB.
MongoDB Enterprise Kubernetes Operator 1.9.0
Kubernetes Operator
- Bug fixes
- Fixes an issue where connections were not closed leading to too many file
descriptors open.
- Fixes an issue where connections were not closed leading to too many file
MongoDB Resource
- Changes
- Continuous backups can now be configured with the MongoDB CRD. Set
spec.backup.enabledtotrue. Note: You must have an Ops Manager resource already configured with backup. See the docs for more information.
- Continuous backups can now be configured with the MongoDB CRD. Set
MongoDBOpsManager Resource
- Changes
- A StatefulSet resource that holds the Ops Manager Backup Daemon will be
deleted and recreated in order to change thematchLabelsattribute,
required for a newServiceto allow for Queryable Backups feature to work.
This is a safe operation. - Changed the way the Operator collects statuses of MongoDB Agents running in
Application Database Pods.
- A StatefulSet resource that holds the Ops Manager Backup Daemon will be
Updated Image Tags
- mongodb-enterprise-operator: 1.9.0
MongoDB Enterprise Kubernetes Operator 1.8.2
Ops Manager Resource
Bug Fixes
- Fixes an issue when
MongoDBOpsManagerresource gets toFailingstate when both external connectivity and backups are enabled
Docker Images Released
Operator
Ubuntu 16.04: quay.io/mongodb/mongodb-enterprise-operator:1.8.2
UBI8: quay.io/mongodb/mongodb-enterprise-operator-ubi:1.8.2
MongoDB Enterprise Kubernetes Operator 1.8.1
Known Issues
- When both external connectivity and backups are enabled in Ops Manager at the same time, the Ops Manager resource will Fail to reconcile.
Bug fixes
- Fixed a bug where spec.security.authentication.ignoreUnknownUsers could not be modified after a MongoDB resource was created.
- Failed queryable backups have been fixed. The operator now creates a Kubernetes Service that Ops Manager will use to access backups.
- Fixed an issue that would make it impossible to move from non-TLS to a TLS enabled AppDB.
Improvements
- Init containers will not run as root.
- Ops Manager Backup daemon will run in unprivileged mode.
- To manage Database Pod resources, the spec.podSpec.podTemplate MongoDB Custom Resource attribute should be used. See samples/mongodb/podspec directory with sample MongoDB resource definitions for each type of resource supported. The different spec.podSpec.{cpu, cpuLimits, memory, memoryLimits} will be deprecated soon.
New Images
- Init-database 1.0.1:
- Ubi: quay.io/mongodb/mongodb-enterprise-init-database-ubi:1.0.1
- Ubuntu: quay.io/mongodb/mongodb-enterprise-init-database:1.0.1
- Init-ops-manager 1.0.3:
- Ubi: quay.io/mongodb/mongodb-enterprise-init-ops-manager-ubi:1.0.3
- Ubuntu: quay.io/mongodb/mongodb-enterprise-init-ops-manager:1.0.3
- Init-appdb 1.0.5:
- Ubi: quay.io/mongodb/mongodb-enterprise-init-appdb-ubi:1.0.5
- Ubuntu: quay.io/mongodb/mongodb-enterprise-init-appdb:1.0.5
New Ops Manager Images
- Version 4.4.5
- Ubi: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi:4.4.5
- Ubuntu: quay.io/mongodb/mongodb-enterprise-ops-manager:4.4.5
- Version 4.2.21:
- Ubi: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi:4.2.21
- Ubuntu: quay.io/mongodb/mongodb-enterprise-ops-manager:4.2.21
- Version 4.2.20:
- Ubi: quay.io/mongodb/mongodb-enterprise-ops-manager-ubi:4.2.20
- Ubuntu: quay.io/mongodb/mongodb-enterprise-ops-manager:4.2.20
Note: quay.io/mongodb/mongodb-enterprise-init-ops-manager:1.0.2 will support new release versions.
A list of the packages installed, and any security vulnerabilities detected in our build process, are outlined here
For the MongoDB Enterprise Operator
https://quay.io/repository/mongodb/mongodb-enterprise-operator?tab=tags
And for the MongoDB Enterprise Database
https://quay.io/repository/mongodb/mongodb-enterprise-database?tab=tags
MongoDB Enterprise Kubernetes Operator 1.8.0
Breaking Changes
- The Mongodb Enterprise Database image now requires an init container. If using a private repository, the
INIT_DATABASE_IMAGE_REPOSITORYenvironment variable must be configured in the operator deployment, and the new init container must exist inside this repository.
New features
- AppDB can now be configured with SCRAM-SHA-256 authentication when using Ops Manager 4.4 or newer
- Agent client certificate authentication can now be used in conjunction with any other authentication mechanism using the new configuration field
spec.security.authentication.requireClientTLSAuthentication- If enabling ClientTLSAuthentication, the client TLS certificate used by the MongoDB agents can be configured using
spec.security.authentication.agents.clientCertificateSecretRef
Bug fixes
- Fixed an issue where the operator would choose an incorrect project name when creating MongoDBUsers.
- Fixed an issue where the MongoDBOpsManager CRD had the CA path in the incorrect location.
- Fixed an issue in which the parameters passed through spec.agent.startupOptions would not be correctly recognized by the agent
- Fixed an issue which could cause a potential deadlock when certain configuration options were modified in parallel.
Improvements
- Changed the default permissions of volumes created from secret from 0644 to 0640
- Changed the validation of the opsmanager spec.version field to allow for tags that do not match semver versioning. The field must start with the Major.Minor.Patch string that represent the OpsManager version
Known Issues
- When enabling queryable backup, you will need to manually create two additional services: one exposing the queryable backup port (default: 25999) for the Ops Manager pod, and one for the backup daemon pod, to ensure that it is resolvable from the Ops Manager pod
A list of the packages installed, and any security vulnerabilities detected in our build process, are outlined here
For the MongoDB Enterprise Operator
https://quay.io/repository/mongodb/mongodb-enterprise-operator?tab=tags
And for the MongoDB Enterprise Database
https://quay.io/repository/mongodb/mongodb-enterprise-database?tab=tags
MongoDB Enterprise Kubernetes Operator 1.7.1
New features
- LDAP : added “spec.security.authentication.agents.automationLdapGroupDN” field to the CRD
- Make agent.auth mandatory if more than one auth mode is specified
- Added the possibility to specify agent startup parameters:
- “spec.agent.startupOptions” for replica sets/standalone
- “spec.configSrv.agent.startupOptions”, “spec.mongos.agent.startupOptions”, “spec.shard.agent.startupOptions” for sharded clusters
- “spec.applicationDatabase.agent.startupOptions” for AppDB
Bug fixes
- MongoDBOpsManager resource:
- Backing databases with SCRAM-SHA authentication enabled can be of any version if Ops Manager has version 4.4 and above
- AppDB Monitoring is now correctly configured in Ops Manager when TLS is configured for the AppDB
The Ops Manager CA configuration property has moved from "spec.applicationDatabase.security.tls.ca" to "spec.security.tls.ca"
- MongoDB resource:
- Fixed issue where MongoDB 4.4 Replica Sets and Sharded Clusters could not be scaled correctly
- Fixed an issue in which the operator couldn’t enable agent authentication if only LDAP authentication for the deployment was enabled
- SCRAM users creation operation and enabling SCRAM authentication in MongoDB resource operation can be done in any order
Backup automation config is now removed before launching the agent
Known Issues
- ‘spec.applicationDatabase.version” field should not be configured for MongoDBOpsManager resource if AppDB has TLS enabled
AppDB MongoDB version 4.4+ is not supported - 1.7.0 release of the Operator made changes to the Deployment configuration which may require to delete the ‘mongodb-enterprise-operator’ Deployment before the upgrade. This is a safe operation as the existing Custom Resources won’t be affected.
- If using TLS certificates signed with a custom certificate authority, the following should be taken into consideration:
- The “version” of spec.applicationDatabase should not be set (the default version will be used)
- Ops Manager will have to be configured in “Local Mode”. Every MongoDB version required will need to be copied to Ops Manager in order to be fetched from the database images.
MongoDB Enterprise Kubernetes Operator 1.7.0
The 1.7.x releases will be the last versions to support OpenShift 3.11. Please, make sure to stay with the 1.7.x release series in order to support OpenShift 3.11. Planned EOL for 1.7.x is July 2021.
New Features:
- LDAP can be enabled as an authentication and authorization mechanism. Please refer to the samples in
samples/mongodb/authentication/ldapdirectory for examples on how to enable LDAP for your Replica Set and Sharded Clusters. - All UBI images are now based on UBI8 (was UBI7 previously)
Bug fixes:
- Fixed a bug preventing ReplicaSet to scale down from 3 to 1 members
Known Issues:
- AppDBs with TLS are currently not configured for monitoring by Ops Manager
MongoDB Enterprise Kubernetes Operator 1.6.1
MongoDB Ops Manager Resource Changes
- Ops Manager image for version 4.4.0 is available.
Bug Fixes
- Fixes a bug where the Kubernetes Operator did not store a configuration of your deployed resources in a secret.
- Fixes a bug where the Kubernetes Operator did not allow passwords of any length or complexity for Application Database, oplog store, and blockstore database resources defined in Ops Manager resources.
- Fixes a bug where the authentication configuration was not removed from Ops Manager or Cloud Manager projects when you remove a MongoDB database resource.
Docker Images Released
Operator
- Ubuntu 16.04:
quay.io/mongodb/mongodb-enterprise-operator:1.6.1 - UBI7:
quay.io/mongodb/mongodb-enterprise-operator-ubi:1.6.1
Database
- Ubuntu 16.04:
quay.io/mongodb/mongodb-enterprise-database:1.6.1 - UBI7:
quay.io/mongodb/mongodb-enterprise-database-ubi:1.6.1
Ops Manager:
- Ubuntu 16.04:
quay.io/mongodb/mongodb-enterprise-ops-manager:4.4.0 - UBI7:
quay.io/mongodb/mongodb-enterprise-ops-manager-ubi:4.4.0
Init AppDB:
- Ubuntu 16.04:
quay.io/mongodb/mongodb-enterprise-init-appdb:1.0.2 - UBI7:
quay.io/mongodb/mongodb-enterprise-init-appdb-ubi:1.0.2
MongoDB Enterprise Kubernetes Operator 1.6.0
New features
- LDAP can be enabled as an authentication mechanism (authorisation support will be available in the next release), please refer to the samples in the samples/mongodb/authentication/ldap directory.
- Operator will not delete OpsManager Cluster records when backup is enabled to preserve backup history.
Bug fixes
- Operator raises errors when projectName contains blank spaces
- Enable the Monitoring function for all the pods deployed via the K8s Operator