Skip to content

v0.0.22

Latest
Latest
Compare
Choose a tag to compare
@yorugac yorugac released this 30 Jun 10:07
· 10 commits to main since this release
v0.0.22
caafdb2

🪛⚠️ A breaking maintenance update

k6-operator was initially created several years ago, and since then Kubernetes libraries have changed certain implementation approaches quite a lot, most noticeably around authentication proxy for metrics. We have been receiving user requests to switch to the new approach. Additionally, the image kube-rbac-proxy is no longer officially recommended for a default layout and we should not continue to rely on it.

That said and since our goal is to simplify the default setup of k6-operator as part of v1 preparations, in this release, there has been a refactoring of code and manifests which correspond to the update of kubebuilder to v4. Depending on your setup, some of the changes may be breaking. Here are the key changes from the user's perspective:

  1. kube-rbac-proxy is no longer part of the Deployment. There is only one container now.
  • As a consequence, the next Helm chart no longer contains authProxy section.
  • In default RBAC, instead of proxy-role, there is now metrics-auth-role.
  1. The CLI arguments to k6-operator were renamed:
  • metrics-addr to metrics-bind-address (default is 8080).
  • health-addr to health-probe-bind-address (default is 8081).
  • enable-leader-election to leader-elect (default is false).
  1. The Deployment now has the liveness & readiness probes enabled by default (/healthz endpoint on 8081), as well as a default securityContext:
# pod's
securityContext:
  runAsNonRoot: true

# container's
securityContext:
  allowPrivilegeEscalation: false
  capabilities:
    drop:
      - "ALL"

Full changes in manifests can be seen in the PR.

❓ Do I need to change my tests or setup?

These changes did not impact the core functionality of k6-operator, and the tests do not need to be changed.

This is a change in the app's CLI and default manifests, which mostly impacts how metrics are handled. Firstly, if the CLI arguments are passed to the k6-operator externally, change them to new values as shown above. Next, if you rely on kube-rbac-proxy for metrics authentication, refer to this documentation and adjust your setup accordingly as part of this upgrade. If you believe that your use case is not fully supported by k6-operator, you're very welcome to open the issue and a PR with the details.

✨ New features

Thanks to our contributors, this release also features several new additions.

k6-operator now has support for native sidecars; issue. They can be specified with the initContainers[*].restartPolicy field as per official Kubernetes documentation. Thanks, @stytchiz!

In addition to WATCH_NAMESPACE environment variable, it's now possible to watch several namespaces at once via WATCH_NAMESPACES; issue. An example:

- name: WATCH_NAMESPACES
  value: "some-ns,some-other-ns"

Thanks, @chris-pinola-rf!

The starter pod can also be configured with custom resources, just as other pods, if hard-coded values are not suitable; issue. Thanks, @seanankenbruck!

📦 Helm

As described above, the Helm chart has been changed during the kubebuilder update: authProxy section was removed and RBAC objects were changed. See this PR for details.

In addition, there was a bug fix for ServiceMonitor's namespaceSelector, released as the 3.13.1 chart. Thanks, @jdegendt!

It is now possible to switch off the installation of ClusterRoles and ClusterRoleBindings objects by setting rbac.namespaced: true; issue. Thanks, @stytchiz!

📜 Documentation

There was an addition for automatic internal Grafana documentation for k6-operator repo. Thanks, @the-it!

Full Changelog: v0.0.21...v0.0.22

Contributors

the-it, seanankenbruck, and 3 other contributors
Assets 2
Loading