github mongodb/mongodb-atlas-kubernetes v2.0.1
on GitHub

latest releases: v2.4.1, v2.4.0, v2.3.1...
10 months ago

What's Changed

!!! Warning, this release contains breaking changes !!!

Breaking changes

  • Improve snapshot distribution management by @helderjs in #1168
    To enable an AtlasBackupSchedule custom resource to be reused by multiple deployments managed by the operator, we have removed replicationSpecId from the AtlasBackupSchedule custom resource. It will now be automatically set for every deployment that references it. As a result of this change, replicationSpecId is no longer configurable in an AtlasBackupSchedule and should be removed.
  • Add deletion protection feature by @helderjs in #1173 See: https://www.mongodb.com/docs/atlas/atlas-operator/#new-default--deletion-protection-in-ak8so-2.0
    With Atlas Kubernetes Operator 2.0, custom resources you delete in Kubernetes are no longer deleted in Atlas by default. Instead, Atlas Kubernetes Operator simply stops managing those resources - avoiding destructive change. The old behavior can be reverted. More info https://www.mongodb.com/docs/atlas/atlas-operator/#new-default--deletion-protection-in-ak8so-2.0
  • Remove legacy deployment by @igor-karpukhin in #1182
    In order to standardize on one deployment type (for non-serverless deployments), we have removed the notion of advancedDeploymentSpec. All deployment options are now supported as part of the deploymentSpec. For the AtlasDeployment resource, the following things were changed:
    spec.deploymentSpec - now contains all fields from the spec.advancedDeploymentSpec.
    spec.advancedDeploymentSpec - is gone. If you used advancedDeploymentSpec before, the only change you need to make is to rename the advancedDeploymentSpec to deploymentSpec in the AtlasDeployment resource. If you used deploymentSpec, you will need to rewrite it to advancedDeploymentSpec format.
  • Force secretRef fields for EncryptionAtREST and AlertConfiguration features by @roothorp in #1203 . This forces use of secrets for all credentials to promote security best practices.
    The following API secrets and credentials were moved from the AtlasProject custom resource to Secrets. Credentials and API secrets should now be stored in Secrets and referenced from the AtlasProject custom resource. The following fields were replaced:
    For the .spec.alertConfiguration.notifications:
    APIToken -> APITokenRef
    DatadogAPIKey -> DatadogAPIKeyRef
    FlowdockTokenAPI -> FlowdockTokenAPIRef
    OpsGenieAPIKey -> OpsGenieAPIKeyRef
    VictorOpsAPIKey -> VictorOpsSecretRef
    VictorOpsRoutingKey -> VictorOpsSecretRef (expected to have both VictorOps values)
    For the .spec.encryptionAtRest:
    • For AWS:
      AccessKeyID, SecretAccessKey, CustomerMasterKeyID and RoleID -> secretRef (expected to contain all those fields with values). Note: although there are fields AccessKeyID, SecretAccessKey they can only be provided for AtlasProject resources that had them before. New projects required to configure CloudProviderAccessRoles feature to enable the Encryption at REST for AWS.
    • For Azure:
      SubscriptionID, KeyVaultName, KeyIdentifier, Secret -> secretRef (expected to contain all those fields with values)
    • For GCP:
      ServiceAccountKey, KeyVersionResourceID -> secretRef (expected to contain all those fields with values)

Fixes

New Contributors

Full Changelog: v1.9.0...v2.0.0

Check out latest releases or
releases around mongodb/mongodb-atlas-kubernetes v2.0.1

Don't miss a new mongodb-atlas-kubernetes release

NewReleases is sending notifications on new releases.

Get notifications