With release v1.1.0 we worked on improving existing features and completing our work to make LINSTOR itself resilient to node failure.
Breaking (PLEASE READ!)
- The LINSTOR controller image given in
operator.controller.controllerImagehas to have its entrypoint set tok8s-await-election v0.2.0or newer. Learn more in the upgrade guide.
Added
- LINSTOR controller can be started with multiple replicas. See
operator.controller.replicas.
NOTE: This requires support from the container. You needpiraeus-server:v1.8.0or newer. - The
pv-hostpathhelper chart automatically sets up permissions for non-root etcd containers. - Disable securityContext enforcement by setting
global.setSecurityContext=false. - Add cluster roles to work with OpenShift's SCC system.
- Control volume placement and accessibility by using CSIs Topology feature. Controlled by setting
csi.enableTopology. - All pods use a dedicated service account to allow for fine-grained permission control.
- The new helm section
psp.*can automatically configure the ServiceAccount
of all components to use the appropriate PSP roles.
Changed
- Default values:
operator.controller.controllerImage:quay.io/piraeusdatastore/piraeus-server:v1.9.0operator.satelliteSet.satelliteImage:quay.io/piraeusdatastore/piraeus-server:v1.9.0operator.satelliteSet.kernelModuleInjectionImage:quay.io/piraeusdatastore/drbd9-bionic:v9.0.25stork.storkImage:docker.io/openstorage/stork:2.5.0
- linstor-controller no longer starts in a privileged container.
Removed
- legacy CRDs (LinstorControllerSet, LinstorNodeSet) have been removed.
v1alphaCRD versions have been removed.- default pull secret
drbdiocredremoved. To keep using it, use--set drbdRepoCred=drbdiocred.