With release v1.1.0 we worked on improving existing features and completing our work to make LINSTOR itself resilient to node failure.
Breaking (PLEASE READ!)
- The LINSTOR controller image given in
operator.controller.controllerImage
has to have its entrypoint set tok8s-await-election v0.2.0
or newer. Learn more in the upgrade guide.
Added
- LINSTOR controller can be started with multiple replicas. See
operator.controller.replicas
.
NOTE: This requires support from the container. You needpiraeus-server:v1.8.0
or newer. - The
pv-hostpath
helper chart automatically sets up permissions for non-root etcd containers. - Disable securityContext enforcement by setting
global.setSecurityContext=false
. - Add cluster roles to work with OpenShift's SCC system.
- Control volume placement and accessibility by using CSIs Topology feature. Controlled by setting
csi.enableTopology
. - All pods use a dedicated service account to allow for fine-grained permission control.
- The new helm section
psp.*
can automatically configure the ServiceAccount
of all components to use the appropriate PSP roles.
Changed
- Default values:
operator.controller.controllerImage
:quay.io/piraeusdatastore/piraeus-server:v1.9.0
operator.satelliteSet.satelliteImage
:quay.io/piraeusdatastore/piraeus-server:v1.9.0
operator.satelliteSet.kernelModuleInjectionImage
:quay.io/piraeusdatastore/drbd9-bionic:v9.0.25
stork.storkImage
:docker.io/openstorage/stork:2.5.0
- linstor-controller no longer starts in a privileged container.
Removed
- legacy CRDs (LinstorControllerSet, LinstorNodeSet) have been removed.
v1alpha
CRD versions have been removed.- default pull secret
drbdiocred
removed. To keep using it, use--set drbdRepoCred=drbdiocred
.