tigera/operator v1.16.0

on GitHub

04 Apr 2021

Included Calico versions

Calico version: v3.18.1
Calico Enterprise version: v3.6.0

Enhancements

• [Calico Enterprise] Enabled tigera plugin for Kibana #1243 (@Brian-McM)
• [Calico Enterprise] inherit nodeReporterPort from felixconfig #1227 (@ozdanborne)
• Add new common version file for projects that have release streams ou… #1150 (@Brian-McM)
• [Calico Enterprise] Add Elasticsearch / Fluentd metrics monitoring #1211 (@Brian-McM)
• [Calico Enterprise] LDAP support for enterpise w/ Authentication CRD #1082 (@rene-dekker)
• [Calico Enterprise] Add eck-operator memory requests/limits to LogStorage CR. #1137 (@vberezny)

Bug fixes

• [Calico Enterprise] Only enable groups params if secrets are present (google oidc) #1232 (@rene-dekker)
• [Calico Enterprise] Validate only operator-managed certificates #1194 (@lmm)
• Add linuxDataplane option and defaulting/extra mounts for BPF #1164 (@fasaxc)
• [Calico Enterprise] Use FQDN elasticsearch and kibana endpoints only for Windows #1151 (@lmm)
• include OS node selector in PodTemplate resource types #1142 (@robbrockbank)
• [Calico Enterprise] Add elasticsearch and kibana cert secrets annotations to kube-controllers #1125 (@lmm)
• [Calico Enterprise] Need to ensure internal manager TLS secret is updated (#1117) #1123 (@lmm)
• [Calico Enterprise] Check that cert is managed by operator by checking cert issuer #1121 (@lmm)

Other changes

• [Calico Enterprise] Update component versions for Enterprise v3.6.0 #1250 (@doublek)
• Improve docs for LinuxDataplaneOption. #1248 (@fasaxc)
• Add rights to access licenkeys for kube-controller #1247 (@asincu)
• Add OIDC Prompt type to Authentication spec #1238 (@rene-dekker)
• Add pull secrets to Elasticsearch metrics deployment #1235 (@Brian-McM)
• Check for nil replicas before accessing #1234 (@caseydavenport)
• Fix previous commit that took out copying the admin secret to the operator namespace #1231 (@Brian-McM)
• [Calico Enterprise] Enable process info by default #1230 (@doublek)
• auto generate product versions in release notes #1229 (@ozdanborne)
• Fix autoscaler to look at labels, not annotations #1222 (@caseydavenport)
• Add a defaulting UT for zero-length IP pools #1219 (@caseydavenport)
• Add Typha prometheus config #1217 (@tmjd)
• Add alternate default values for Registry and ImagePath #1210 (@tmjd)
• Fix validation with HostLocal IPAM #1209 (@tmjd)
• Handle case where there are more Typhas than there are nodes #1204 (@caseydavenport)
• Fix assignment of compliance cert to unused variable #1202 (@rene-dekker)
• Disable waiting on IDS job secret in managed clusters #1201 (@vberezny)
• Fix groups for google connector #1197 (@rene-dekker)
• Expose kube-controllers prometheus metrics #1190 (@caseydavenport)
• Adding checks for export-logs #1174 (@asincu)
• Adjust ImageSet API text #1169 (@caseydavenport)
• typha and namespace adjustments for AKS #1166 (@ozdanborne)
• Standardize intallation enum documentation format #1165 (@caseydavenport)
• Copy ComponentResources struct to eliminate CRD confusion #1163 (@vberezny)
• [Calico Enterprise] Add explanation of unauthenticated for tiered-policy-passthrough #1160 (@tmjd)
• Add watch permissions to kube-controllers on IPAM blocks #1155 (@caseydavenport)
• Fix migration of interface autodetection method #1154 (@caseydavenport)
• Install compliance and intrusion detection if features are active #1148 (@asincu)
• Only merge metadata if it's not set on the desired state #1138 (@caseydavenport)
• Fix the version verification and add separate image dump argument #1136 (@tmjd)
• Move render common and help functions to common package #1135 (@Brian-McM)
• [Calico Enterprise] Add annotation hashes for Manager / KB to roll pods over on kb cert c… #1119 (@Brian-McM)
• [Calico Enterprise] Move managing OIDC elsticsearch user configmap and secret from operator #1118 (@Suraiya-Hameed)
• Adjust SignerName so it renders nicely for the Reference API doc #1113 (@tmjd)
• [master] Fix handling of custom manager TLS certs (#1108) #1112 (@lmm)
• Use 'skipInterface: ^br-.*' for Docker Enterprise ipv4 autodetection … #1110 (@Brian-McM)
• fix maybe-build-release to work on earlier versions of git #1109 (@ozdanborne)
• [Calico Enterprise] [master] Custom certs only need to contain the expected svc DNS names as a subset #1105 (@lmm)
• Disable healthcheck on es client #1100 (@Suraiya-Hameed)