Skip to content

v0.9.0
Compare
Choose a tag to compare
@dt-team-kubernetes dt-team-kubernetes released this 29 Sep 08:01
· 22 commits to release-0.9 since this release
v0.9.0
99a1efb
This commit was created on github.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

Warning
This release should not be used, use v0.9.1 or later instead. For more information check out the blog post on upgrade issues from v0.9.0 to a different version.

Installation

For information on how to install the dynatrace-operater please visit our official Documentation.

Upgrade instructions

The Operator can be upgraded from the last release with, the following commands.

Kubernetes (with CSI driver)

kubectl apply -f https://github.com/Dynatrace/dynatrace-operator/releases/download/v0.9.0/kubernetes.yaml
kubectl apply -f https://github.com/Dynatrace/dynatrace-operator/releases/download/v0.9.0/kubernetes-csi.yaml

Kubernetes (default)

kubectl apply -f https://github.com/Dynatrace/dynatrace-operator/releases/download/v0.9.0/kubernetes.yaml

Openshift (with CSI driver)

oc apply -f https://github.com/Dynatrace/dynatrace-operator/releases/download/v0.9.0/openshift.yaml
oc apply -f https://github.com/Dynatrace/dynatrace-operator/releases/download/v0.9.0/openshift-csi.yaml

Openshift (default)

oc apply -f https://github.com/Dynatrace/dynatrace-operator/releases/download/v0.9.0/openshift.yaml

Helm

The Operator's helm chart can be upgraded from the last version with,

helm repo update
helm upgrade dynatrace-operator dynatrace/dynatrace-operator -f <values> --atomic --version="0.9.0"

What's Changed

Warning
Activegate Authtoken support is now enabled by default

  • requires additional api token scope: activeGateTokenManagement.create
  • feature.dynatrace.com/activegate-authtoken=false to disable

  • Improve resilience of the CSI driver

    • split up single container into server and provisioner container: server is available to handle mount/unmount requests if the provisioner uses too much memory
    • in case of issues in the CSI driver application pods are no longer blocked forever, instead empty files are mounted so the pods can start up (no monitoring, but pods are available)
    • defaults to 10 attempts, with each attempt happening when the pod restarts (see container restart policy for information on exponential back-off)

  • Signed images on Dockerhub and GCR using cosign

    • verify image with public key
     cosign verify --key https://github.com/Dynatrace/dynatrace-operator/releases/download/v0.9.0/key.pub \
 	docker.io/dynatrace/dynatrace-operator:v0.9.0
    • verify image without key
     COSIGN_EXPERIMENTAL=1 cosign verify docker.io/dynatrace-operator:v0.9.0

  • Add troubleshoot subcommand to diagnose common setup issues

    • can be run on any pod that uses the operator image 
      kubectl exec deploy/dynatrace-operator -n dynatrace -- dynatrace-operator troubleshoot

  • Update CSI driver container resource requests/limits

    • server (previously part of driver container): 50m cpu / 100Mi memory
    • provisioner (previously part of driver container): 300m cpu / 100Mi memory
    • registrar: 20m cpu / 30Mi memory
    • livenessprobe: 20m cpu / 30Mi memory

Bugfixes 🪲

  • Add tolerations for ARM architecture to Operator components by default
  • Support readOnlyRootFilesystem security context in injected init containers
  • Fix .json format of metadata enrichment file

Core changes 🎉

  • Add nodes/metrics permission to Operator cluster role by default
  • Upgrade operator base image from ubi8-micro to ubi9-micro
  • Restart webhook when OneAgentAPM CRD is present instead of silently failing
  • Add validation for common issue with disabling volume storage when CSI driver is enabled
  • Add tar to operator image
    • allows copying files from container by using kubectl cp

Helm changes ⛑️

  • Add configurable kubeletPath
  • split csidriver.resources to allow configuration of different containers
    • ⚠️ --reuse-values or same values file will no longer set resource requests/limits for provisioner container
    • csidriver.server.resources, csidriver.provisioner.resources, csidriver.registrar.resources and csidriver.livenessprobe.resources can be used to set requests/limits per container
  • Adds toleration for arm and amd to operator components

Full Changelog: v0.8.2...v0.9.0

Assets 10