Portworx Enterprise Operator 1.4.5

Update

• The Operator now supports running Portworx in a Kubernetes cluster with PodSecurityPolicies (PSP) enabled. By default, PSP support is disabled, but you can enable it by adding the portworx.io/pod-security-policy: "true" annotation to the StorageCluster object.
• All Operator-created Portworx storage classes now have the allowVolumeExpansion value set to true.
• The Operator now sets the default io_profile to db_remote for all database-related Portworx storage classes it creates.

Bug Fixes

• The Operator now uses the correct Prometheus endpoint for the default Autopilot provider configuration.
• The stork-scheduler now includes extra permissions to support running in Kubernetes versions greater than 1.21.

Portworx Enterprise Operator 1.4.4

Update

• Added generic volume support for Portworx, Stork, and Autopilot pods. The volume source can be a Kubernetes Secret, ConfigMap, or HostPath with a similar schema to the Kubernetes volume source schema.

Portworx Enterprise Operator 1.4.3

Update

• You can now overwrite the default PVC Controller ports using the portworx.io/pvc-controller-port and portworx.io/pvc-controller-secure-port annotations on the StorageCluster object.
• Added the NODE_NAME environment variable to the Portworx pod, representing the Kubernetes node name. This will be used by Portworx for CSI cloud drive management.
• The Prometheus remoteWriteEndpoint now takes the complete HTTP endpoint URL, allowing you to specify the protocol (HTTP, HTTPS). It does not append a protocol to the given URL.

Bug fixes

• Added missing pod permissions to the CSI Resizer service account, which prevented it from listing the pods.

Portworx Enterprise Operator 1.4.2

Bug Fixes

• The operator adds "cluster-autoscaler.kubernetes.io/safe-to-evict": "true" annotation on Portworx pods on nodes where Portworx is not running any storage or KVDB node. This allows cluster autoscaler to safely evict Portworx pods.

Portworx Enterprise Operator 1.4.1

Update

• Added PodDisruptionBudgets for Portworx storage nodes and internal KVDB nodes. This ensures that during Kubernetes cluster upgrades, Portworx and internal KVDB always maintain quorum.
• The operator now does not overwrite the user changes done to Stork ConfigMap, if the reconciliation is disabled by explicitly adding the operator.libopenstorage.org/reconcile: "false" annotation on the ConfigMap.

Bug Fixes

• The operator does not raise unnecessary warning events during initialization.
• Fixed mount issue of containerd.sock on K3s 1.19+
• The operator delays the creation of Portworx pods on cordoning/draining, ensuring Portworx pods do not interfere with Kubernetes drain and upgrade operations.
• Avoid deleting keys from Kubernetes secret for PX-Security, when the secret is used for storing both system and shared secret keys. This adds support for pre-existing secrets from older model of enabling security.

Portworx Enterprise Operator 1.4.0

Update

• Changed the operator object version from v1alpha1 to v1
• Added support for enabling and configuring PX-Security
• Added support for installing Portworx on K3s
• Added an option to enable/disable auto-updating of Portworx components
• Air-gapped installs can now use a ConfigMap as the version manifest. The operator uses this version manifest to decide which Portworx component versions to install in the cluster.
• The StorageNode status now shows storage capacity stats.
• Portworx pods now have the storage=true label if they are storage nodes.
• The operator now creates KVDB pods to represent the health and placement of internal KVDB nodes.
• Added the hostNetwork option in the Stork sub-section under the StorageCluster spec.
• Portworx now uses the StorageCluster's namespace for leader election objects instead of a hard-coded namespace.

Bug Fixes

• Removed the AUTO_NODE_RECOVERY_TIMEOUT_IN_SECS environment override from Portworx pod spec starting Portworx version 2.6.0.
• The operator does not create new pods if the cluster machine is being drained or deleted.
• Fixed the stork-scheduler and pvc-controller deployments for Kubernetes version >= 1.18.7.
• The operator now uses the /var/lib/kubelet/csi-plugins directory for CSI when running on Kubernetes versions lower than 1.17. This suppresses the harmless gRPC error messages from Kubelet.
• Fixed Prometheus deployment when deployed outside of the kube-system namespace.
• The operator now deletes the px-node-wiper ClusterRole and ClusterRoleBinding after it completes cluster deletion.
• The operator doesn't raise noisy gRPC connection events when Portworx is still initializing.
• Operator CRDs now update on operator version updates.
• The operator now uses the REGISTRY_SECRET environment variable instead of the deprecated REGISTRY_SECRET when passing to Portworx pods.
• Fixed incorrect Initializing status on the StorageNode object even though the Portworx node was online.
• Portworx components no longer update automatically, even though component versions for a given Portworx version have changed in the version manifest.
• The operator now uses the version manifest for Node Wiper, Prometheus and CSI images instead of hard-coded versions.
• The operator now uses the StorageCluster's imagePullSecret and customImageRegistry for the Prometheus StatefulSet.
• Portworx now reports the correct cluster and node status when using PX-Security.

Portworx Enterprise Operator 1.3.4

Update

• Added support for pulling images from an external registry with a flat directory structure. Images can now be fetched from a path that does not consist of a repository/namespace. For instance, external.registry.io/oci-monitor:2.5.6.

Bug fixes

• Fixed a Stork webhook error when running outside of the kube-system namespace.
• Portworx now uses the correct kubelet path when running in a PKS environment.

Portworx Enterprise Operator 1.3.3

Update

• Introducing Portworx Operator Essentials. This free version of the Portworx Operator deploys Portworx Essentials clusters.
• Your Portworx cluster automatically switches to Enterprise licenses on switching from the Essentials to the Enterprise Operator.

Bug fixes

• Added a missing webhook controller port to the Stork service.

Portworx Enterprise Operator 1.3.2

Bug fixes

• Removing StorageCluster owner references from cluster-scoped and cross namespaces objects. Kubernetes does not recommend cross namespaces ownership of objects for garbage collection.
• Deleting all components on StorageCluster deletion. This will ensure all objects are deleting even if Kubernetes garbage collection does not work as expected.

Portworx Enterprise Operator 1.3.0

Updates

• Added support for tolerations. Tolerations can now be added to all Portworx pods to tolerate node taints

spec:
  placement:
    tolerations:
    - key: "key"
      operator: "Equal"
      value: "value"
      effect: "NoExecute"

• Node affinity policy previously was applied to only Portworx pods. Now it will apply to all other component pods deployed by the operator.
• The operator now allows you to specify KVDB device for internal KVDB during installation

spec:
  storage:
    kvdbDevice: /dev/sdd
    useAll: true

• The operator now logs install events and statuses on StorageNode objects during Portworx initialization (needs Portworx 2.5.0+)
• Support using custom namespace for storing Portworx secrets. By default the StorageCluster's namespace is used to store the secrets used by Portworx. Using PX_SECRETS_NAMESPACE environment variable, the default secrets namespace can be changed to a custom namespace.

Bug fixes

• Operator now passes appropriate environment variables to Stork for it to detect the Portworx service when using DR feature
• Cluster wiper pods now use the image pull policy given in the cluster object
• Changing customImageRegistry or imagePullSecrets will update existing pods immediately
• CSI pods will now start in OpenShift when the cluster is deployed outside the kube-system namespace.
• Portworx volume provisioning should now work even when running outside of the kube-system namespace and when not using the default 9001 port.
• Cluster wipe operations should now work when running outside of the kube-system namespace.
• Operator no longer raises warning events when some Portworx pods in the cluster are not running in the current Kubernetes cluster.