From 21f72037c5b0718b34de529e4329497283e46551 Mon Sep 17 00:00:00 2001 From: Alexander Marshalov <_@marshalov.org> Date: Mon, 11 Sep 2023 09:29:55 +0200 Subject: [PATCH] prepare for release (#752) --- ...operator.victoriametrics.com_vmagents.yaml | 5 +++-- config/webhook/manifests.yaml | 1 - docs/CHANGELOG.MD | 12 +++++++++-- internal/config/config.go | 16 +++++++-------- vars.MD | 20 +++++++++---------- 5 files changed, 31 insertions(+), 23 deletions(-) diff --git a/config/crd/bases/operator.victoriametrics.com_vmagents.yaml b/config/crd/bases/operator.victoriametrics.com_vmagents.yaml index 6fb0937a..42b1b499 100644 --- a/config/crd/bases/operator.victoriametrics.com_vmagents.yaml +++ b/config/crd/bases/operator.victoriametrics.com_vmagents.yaml @@ -2208,8 +2208,9 @@ spec: label: additionalProperties: type: string - description: Optional labels in the form 'name=value' to add to - all the metrics before sending them + description: Labels in the form 'name=value' to add to all the + metrics before sending them. This overrides the label if it + already exists. type: object maxBlockSize: description: The maximum size in bytes of unpacked request to diff --git a/config/webhook/manifests.yaml b/config/webhook/manifests.yaml index 12708c3f..f8e6d41c 100644 --- a/config/webhook/manifests.yaml +++ b/config/webhook/manifests.yaml @@ -2,7 +2,6 @@ apiVersion: admissionregistration.k8s.io/v1 kind: ValidatingWebhookConfiguration metadata: - creationTimestamp: null name: validating-webhook-configuration webhooks: - admissionReviewVersions: diff --git a/docs/CHANGELOG.MD b/docs/CHANGELOG.MD index 932ba1a9..714fabf9 100644 --- a/docs/CHANGELOG.MD +++ b/docs/CHANGELOG.MD @@ -2,10 +2,18 @@ ## Next release +- TODO + + +## [v0.38.0](https://github.com/VictoriaMetrics/operator/releases/tag/v0.38.0) - 11 Sep 2023 + +**Default version of VictoriaMetrics components**: `v1.93.4` + ### Fixes -* [vmuser](https://docs.victoriametrics.com/operator/api.html#vmuser): [Enterprise] fixes ip_filters indent for url_prefix. Previously it wasn't possible to use ip_filters with multiple target refs -* [vmoperator](https://docs.victoriametrics.com/operator/): turn off `EnableStrictSecurity` by default. Before, upgrade operator to v0.36.0+ could fail components with volume attached, see [this issue](https://github.com/VictoriaMetrics/operator/issues/749) for details. +- [vmuser](https://docs.victoriametrics.com/operator/api.html#vmuser): [Enterprise] fixes ip_filters indent for url_prefix. Previously it wasn't possible to use ip_filters with multiple target refs +- [vmoperator](https://docs.victoriametrics.com/operator/): turn off `EnableStrictSecurity` by default. Before, upgrade operator to v0.36.0+ could fail components with volume attached, see [this issue](https://github.com/VictoriaMetrics/operator/issues/749) for details. +- [vmoperator](https://docs.victoriametrics.com/operator/): bump default version of VictoriaMetrics components to [1.93.4](https://github.com/VictoriaMetrics/VictoriaMetrics/releases/tag/v1.93.4). ### Features diff --git a/internal/config/config.go b/internal/config/config.go index 72c82196..f859a4a8 100644 --- a/internal/config/config.go +++ b/internal/config/config.go @@ -54,7 +54,7 @@ type BaseOperatorConf struct { PSPAutoCreateEnabled bool `default:"false"` VMAlertDefault struct { Image string `default:"victoriametrics/vmalert"` - Version string `default:"v1.93.3"` + Version string `default:"v1.93.4"` Port string `default:"8080"` UseDefaultResources bool `default:"true"` Resource struct { @@ -73,7 +73,7 @@ type BaseOperatorConf struct { } VMAgentDefault struct { Image string `default:"victoriametrics/vmagent"` - Version string `default:"v1.93.3"` + Version string `default:"v1.93.4"` ConfigReloadImage string `default:"quay.io/prometheus-operator/prometheus-config-reloader:v0.58.0"` Port string `default:"8429"` UseDefaultResources bool `default:"true"` @@ -93,7 +93,7 @@ type BaseOperatorConf struct { VMSingleDefault struct { Image string `default:"victoriametrics/victoria-metrics"` - Version string `default:"v1.93.3"` + Version string `default:"v1.93.4"` Port string `default:"8429"` UseDefaultResources bool `default:"true"` Resource struct { @@ -114,7 +114,7 @@ type BaseOperatorConf struct { UseDefaultResources bool `default:"true"` VMSelectDefault struct { Image string `default:"victoriametrics/vmselect"` - Version string `default:"v1.93.3-cluster"` + Version string `default:"v1.93.4-cluster"` Port string `default:"8481"` Resource struct { Limit struct { @@ -129,7 +129,7 @@ type BaseOperatorConf struct { } VMStorageDefault struct { Image string `default:"victoriametrics/vmstorage"` - Version string `default:"v1.93.3-cluster"` + Version string `default:"v1.93.4-cluster"` VMInsertPort string `default:"8400"` VMSelectPort string `default:"8401"` Port string `default:"8482"` @@ -146,7 +146,7 @@ type BaseOperatorConf struct { } VMInsertDefault struct { Image string `default:"victoriametrics/vminsert"` - Version string `default:"v1.93.3-cluster"` + Version string `default:"v1.93.4-cluster"` Port string `default:"8480"` Resource struct { Limit struct { @@ -184,7 +184,7 @@ type BaseOperatorConf struct { DisableSelfServiceScrapeCreation bool `default:"false"` VMBackup struct { Image string `default:"victoriametrics/vmbackupmanager"` - Version string `default:"v1.93.3-enterprise"` + Version string `default:"v1.93.4-enterprise"` Port string `default:"8300"` UseDefaultResources bool `default:"true"` Resource struct { @@ -202,7 +202,7 @@ type BaseOperatorConf struct { } VMAuthDefault struct { Image string `default:"victoriametrics/vmauth"` - Version string `default:"v1.93.3"` + Version string `default:"v1.93.4"` ConfigReloadImage string `default:"quay.io/prometheus-operator/prometheus-config-reloader:v0.48.1"` Port string `default:"8427"` UseDefaultResources bool `default:"true"` diff --git a/vars.MD b/vars.MD index 271f8be3..55fdd22d 100644 --- a/vars.MD +++ b/vars.MD @@ -10,7 +10,7 @@ aliases: - /operator/vars.html --- # Auto Generated vars for package config - updated at Sat Sep 2 13:59:49 UTC 2023 + updated at Mon Sep 11 07:21:27 UTC 2023 | varible name | variable default value | variable required | variable description | @@ -20,7 +20,7 @@ aliases: | VM_CUSTOMCONFIGRELOADERIMAGE | victoriametrics/operator:config-reloader-v0.32.0 | false | - | | VM_PSPAUTOCREATEENABLED | false | false | - | | VM_VMALERTDEFAULT_IMAGE | victoriametrics/vmalert | false | - | -| VM_VMALERTDEFAULT_VERSION | v1.93.3 | false | - | +| VM_VMALERTDEFAULT_VERSION | v1.93.4 | false | - | | VM_VMALERTDEFAULT_PORT | 8080 | false | - | | VM_VMALERTDEFAULT_USEDEFAULTRESOURCES | true | false | - | | VM_VMALERTDEFAULT_RESOURCE_LIMIT_MEM | 500Mi | false | - | @@ -31,7 +31,7 @@ aliases: | VM_VMALERTDEFAULT_CONFIGRELOADERMEMORY | 25Mi | false | - | | VM_VMALERTDEFAULT_CONFIGRELOADIMAGE | jimmidyson/configmap-reload:v0.3.0 | false | - | | VM_VMAGENTDEFAULT_IMAGE | victoriametrics/vmagent | false | - | -| VM_VMAGENTDEFAULT_VERSION | v1.93.3 | false | - | +| VM_VMAGENTDEFAULT_VERSION | v1.93.4 | false | - | | VM_VMAGENTDEFAULT_CONFIGRELOADIMAGE | quay.io/prometheus-operator/prometheus-config-reloader:v0.58.0 | false | - | | VM_VMAGENTDEFAULT_PORT | 8429 | false | - | | VM_VMAGENTDEFAULT_USEDEFAULTRESOURCES | true | false | - | @@ -42,7 +42,7 @@ aliases: | VM_VMAGENTDEFAULT_CONFIGRELOADERCPU | 100m | false | - | | VM_VMAGENTDEFAULT_CONFIGRELOADERMEMORY | 25Mi | false | - | | VM_VMSINGLEDEFAULT_IMAGE | victoriametrics/victoria-metrics | false | - | -| VM_VMSINGLEDEFAULT_VERSION | v1.93.3 | false | - | +| VM_VMSINGLEDEFAULT_VERSION | v1.93.4 | false | - | | VM_VMSINGLEDEFAULT_PORT | 8429 | false | - | | VM_VMSINGLEDEFAULT_USEDEFAULTRESOURCES | true | false | - | | VM_VMSINGLEDEFAULT_RESOURCE_LIMIT_MEM | 1500Mi | false | - | @@ -53,14 +53,14 @@ aliases: | VM_VMSINGLEDEFAULT_CONFIGRELOADERMEMORY | 25Mi | false | - | | VM_VMCLUSTERDEFAULT_USEDEFAULTRESOURCES | true | false | - | | VM_VMCLUSTERDEFAULT_VMSELECTDEFAULT_IMAGE | victoriametrics/vmselect | false | - | -| VM_VMCLUSTERDEFAULT_VMSELECTDEFAULT_VERSION | v1.93.3-cluster | false | - | +| VM_VMCLUSTERDEFAULT_VMSELECTDEFAULT_VERSION | v1.93.4-cluster | false | - | | VM_VMCLUSTERDEFAULT_VMSELECTDEFAULT_PORT | 8481 | false | - | | VM_VMCLUSTERDEFAULT_VMSELECTDEFAULT_RESOURCE_LIMIT_MEM | 1000Mi | false | - | | VM_VMCLUSTERDEFAULT_VMSELECTDEFAULT_RESOURCE_LIMIT_CPU | 500m | false | - | | VM_VMCLUSTERDEFAULT_VMSELECTDEFAULT_RESOURCE_REQUEST_MEM | 500Mi | false | - | | VM_VMCLUSTERDEFAULT_VMSELECTDEFAULT_RESOURCE_REQUEST_CPU | 100m | false | - | | VM_VMCLUSTERDEFAULT_VMSTORAGEDEFAULT_IMAGE | victoriametrics/vmstorage | false | - | -| VM_VMCLUSTERDEFAULT_VMSTORAGEDEFAULT_VERSION | v1.93.3-cluster | false | - | +| VM_VMCLUSTERDEFAULT_VMSTORAGEDEFAULT_VERSION | v1.93.4-cluster | false | - | | VM_VMCLUSTERDEFAULT_VMSTORAGEDEFAULT_VMINSERTPORT | 8400 | false | - | | VM_VMCLUSTERDEFAULT_VMSTORAGEDEFAULT_VMSELECTPORT | 8401 | false | - | | VM_VMCLUSTERDEFAULT_VMSTORAGEDEFAULT_PORT | 8482 | false | - | @@ -69,7 +69,7 @@ aliases: | VM_VMCLUSTERDEFAULT_VMSTORAGEDEFAULT_RESOURCE_REQUEST_MEM | 500Mi | false | - | | VM_VMCLUSTERDEFAULT_VMSTORAGEDEFAULT_RESOURCE_REQUEST_CPU | 250m | false | - | | VM_VMCLUSTERDEFAULT_VMINSERTDEFAULT_IMAGE | victoriametrics/vminsert | false | - | -| VM_VMCLUSTERDEFAULT_VMINSERTDEFAULT_VERSION | v1.93.3-cluster | false | - | +| VM_VMCLUSTERDEFAULT_VMINSERTDEFAULT_VERSION | v1.93.4-cluster | false | - | | VM_VMCLUSTERDEFAULT_VMINSERTDEFAULT_PORT | 8480 | false | - | | VM_VMCLUSTERDEFAULT_VMINSERTDEFAULT_RESOURCE_LIMIT_MEM | 500Mi | false | - | | VM_VMCLUSTERDEFAULT_VMINSERTDEFAULT_RESOURCE_LIMIT_CPU | 500m | false | - | @@ -88,7 +88,7 @@ aliases: | VM_VMALERTMANAGER_RESOURCE_REQUEST_CPU | 30m | false | - | | VM_DISABLESELFSERVICESCRAPECREATION | false | false | - | | VM_VMBACKUP_IMAGE | victoriametrics/vmbackupmanager | false | - | -| VM_VMBACKUP_VERSION | v1.93.3-enterprise | false | - | +| VM_VMBACKUP_VERSION | v1.93.4-enterprise | false | - | | VM_VMBACKUP_PORT | 8300 | false | - | | VM_VMBACKUP_USEDEFAULTRESOURCES | true | false | - | | VM_VMBACKUP_RESOURCE_LIMIT_MEM | 500Mi | false | - | @@ -97,7 +97,7 @@ aliases: | VM_VMBACKUP_RESOURCE_REQUEST_CPU | 150m | false | - | | VM_VMBACKUP_LOGLEVEL | INFO | false | - | | VM_VMAUTHDEFAULT_IMAGE | victoriametrics/vmauth | false | - | -| VM_VMAUTHDEFAULT_VERSION | v1.93.3 | false | - | +| VM_VMAUTHDEFAULT_VERSION | v1.93.4 | false | - | | VM_VMAUTHDEFAULT_CONFIGRELOADIMAGE | quay.io/prometheus-operator/prometheus-config-reloader:v0.48.1 | false | - | | VM_VMAUTHDEFAULT_PORT | 8427 | false | - | | VM_VMAUTHDEFAULT_USEDEFAULTRESOURCES | true | false | - | @@ -127,4 +127,4 @@ aliases: | VM_PODWAITREADYINTERVALCHECK | 5s | false | - | | VM_PODWAITREADYINITDELAY | 10s | false | - | | VM_FORCERESYNCINTERVAL | 60s | false | configures force resync interval for VMAgent, VMAlert, VMAlertmanager and VMAuth. | -| VM_ENABLESTRICTSECURITY | true | false | EnableStrictSecurity will add default `securityContext` to pods and containers created by operatorDefault PodSecurityContext include:1. RunAsNonRoot: true2. RunAsUser/RunAsGroup/FSGroup: 65534'65534' refers to 'nobody' in all the used default images like alpine, busybox.If you're using customize image, please make sure '65534' is a valid uid in there or specify SecurityContext.3. FSGroupChangePolicy: &onRootMismatchIf KubeVersion>=1.20, use `FSGroupChangePolicy="onRootMismatch"` to skip the recursive permission changewhen the root of the volume already has the correct permissions4. SeccompProfile:type: RuntimeDefaultUse `RuntimeDefault` seccomp profile by default, which is defined by the container runtime,instead of using the Unconfined (seccomp disabled) mode.Default container SecurityContext include:1. AllowPrivilegeEscalation: false2. ReadOnlyRootFilesystem: true3. Capabilities:drop:- all | +| VM_ENABLESTRICTSECURITY | false | false | EnableStrictSecurity will add default `securityContext` to pods and containers created by operatorDefault PodSecurityContext include:1. RunAsNonRoot: true2. RunAsUser/RunAsGroup/FSGroup: 65534'65534' refers to 'nobody' in all the used default images like alpine, busybox.If you're using customize image, please make sure '65534' is a valid uid in there or specify SecurityContext.3. FSGroupChangePolicy: &onRootMismatchIf KubeVersion>=1.20, use `FSGroupChangePolicy="onRootMismatch"` to skip the recursive permission changewhen the root of the volume already has the correct permissions4. SeccompProfile:type: RuntimeDefaultUse `RuntimeDefault` seccomp profile by default, which is defined by the container runtime,instead of using the Unconfined (seccomp disabled) mode.Default container SecurityContext include:1. AllowPrivilegeEscalation: false2. ReadOnlyRootFilesystem: true3. Capabilities:drop:- allturn off `EnableStrictSecurity` by default, see https://github.com/VictoriaMetrics/operator/issues/749 for details |