Release Notes
Release notes for v1.6 releases.
1.6.15
Enhancements
- Add support for DataPower firmware version
10.5.0.12
, available in the10.5-lts
channel.
License change
DataPower firmware version 10.5.0.12
has different licenses from previous 10.5.0.x
LTS versions. When upgrading your DataPowerService
, you will need to update the license
spec to reflect the new license. See the Licenses Guide for reference.
Platform
- Add support for OpenShift 4.16.
- Add support for Kubernetes 1.30.
- Remove support for Kubernetes 1.27.
- For a full list of supported platforms, see Supported Platforms.
Known issues
1.6.14
Enhancements
DataPowerService API changes
- The resources spec has been expanded, and now allows specifying both CPU
requests
andlimits
. Previously, onlyrequests
was allowed and the DataPower Operator would use the same value forlimits
when creating the StatefulSet. - CPU request and limit minimums have been lowered:
- Minimum CPU request is now
100m
. - Minimum CPU limit is now
500m
.
- Minimum CPU request is now
1.6.13
Enhancements
Platform
- Add support for Kubernetes 1.29.
- Remove support for Kubernetes 1.26.
- Remove support for OpenShift 4.10.
OLM
datapower-operator-catalog
is now a multi-architecture image and file-based catalog.- The remaining DataPower Operator and Operand images are still
amd64
only. - This change should be transparent and cause no side-effects.
- The remaining DataPower Operator and Operand images are still
1.6.12
Enhancements
MustGather API
In this release, we have back-ported the DataPowerMustGather
(introduced in 1.8.0
) and DataPowerMustGatherManager
(introduced in 1.9.0
) APIs to the v1.6
stream.
Platform
- Add OpenShift 4.14 support.
1.6.11
Enhancements
Fixes
- Set
fsGroup
in DataPowerpodSecurityContext
when running on Kubernetes.- When
runAsRoot
is enabled in theDataPowerService
, thefsGroup
will be set to0
. - Otherwise, the
fsGroup
will be set to1000
. - This fix does not apply to OpenShift environments.
- When
- Fix an issue which caused application domain configuration to be pulled into the
default
domain when using both thedomains
API in theDataPowerService
and persistence for theconfig:///
directory. - Fix an issue which would cause the DataPower Operator pod to crash when running on a pre-release version of OpenShift.
Platform
- Add support for Kubernetes 1.28.
- Remove support for Kubernetes 1.25.
1.6.10
DataPowerService API changes
- A new property,
env
, has been added tojaegerTracing
to allow for customization of thejaeger-tracing-agent
container environment variables.
Fixes
- Fix an issue which caused changes to the DataPowerService
jaegerTracing
spec to not be reconciled to the StatefulSet.
1.6.9
Enhancements
- Add support for DataPower firmware version
10.5.0.7
, available in the10.5-lts
channel. - Add support for DataPower firmware version
10.5.0.5R
, available in the10.5-lts
channel. - Add support for DataPower firmware version
10.5.0.4R
, available in the10.5-lts
channel. - Add support for DataPower firmware version
10.0.1.15
, available in the10.0-lts
channel.
Fixes
- Fix an issue which would cause the
datapower-operator
pod to crash if itsownerReference
on thedatapower-operator-conversion-webhook
Deployment was removed or missing. - Remove unnecessary permissions from the default minimal ServiceAccount created for a DataPowerService operand when one is not provided by the user in serviceAccountName.
Platform
- Remove support for Kubernetes 1.24.
1.6.8
Enhancements
DataPowerService API changes
Several changes were made to the domains
spec in the v1beta3
API, including:
dpApp
is now optional.dpApp.config
is now optional.
The goal of these changes is to make working with the domains
spec as flexible as possible. Now, the only required field is name
, and providing only this field is enough to create a domain in the DataPower operand.
Optionally, any other properties can be provided (dpApp
, certs
, settings
, passwordMap
, etc.) to incrementally build up your domain's configuration as desired.
Fixes
- Fix an issue in the DataPowerService
v1beta3
API validation webhook which would cause validation failures when running on an unsupported OCP version (e.g. 4.11). Instead, this is now raised as aWarning
condition on the DataPowerService custom resource. - Fix an issue which caused changes to the DataPowerService
jaegerTracing
spec to not be reconciled to the StatefulSet. - Fix an issue in which the DataPowerService
status.labelSelector
was not kept up-to-date.- In addition, this field's value is now a minimal set of labels similar to what's used in the StatefulSet's headless Service.
- Fix an issue which caused the DataPowerService
status.replicas
not to be reconciled, resulting in thescale
subresource'sstatus
always reporting zero replicas.
Platform
- Add support for Kubernetes 1.27.
1.6.7
Enhancements
DataPowerService API changes
Several changes were made to the domains
spec in the v1beta3
API, including:
New properties
settings
- abstraction for thedomain-settings
object.passwordMap
- createpassword-alias
objects from Secrets.
Deprecations
passphraseSecret
- replaced bysettings.passphrase
.
Status Conditions
DataPowerService status.conditions
now supports cumulative conditions, for more details see Conditions.
Fixes
- Fix an issue that would cause the operator to crash when handling a large amount of pod events.
- Fix an issue that would cause the operator to crash when reconciling a DataPowerService which defines a domain with no
dpApp.config
.- Note: the validation webhook will now reject such config.
- Fix an issue that would cause StatefulSet rollouts due to transient errors during CP4I discovery.
- Fix known issue: Airgap install failure due to 'unable to retrieve source image docker.io'.
- Changes to a DataPowerService domain's
passphrase
Secret will now be reconciled.
Meta
- The Domain Configuration guide page has been rewritten, and the API docs for the
domains
property have been moved to a dedicated page.
1.6.6
Enhancements
Platform
- Add OpenShift 4.12 support.
- Add Kubernetes 1.26 support.
- Remove Kubernetes 1.23 support.
Changes
- Default logging timestamp format for
datapower-operator
anddatapower-operator-conversion-webhook
Pods is nowrfc3339nano
(wasepoch
). This can be changed by modifying the--zap-time-encoding
argument in the respective Deployment resource; or more info, see Logging. - Improve resilience in conversion-webhook failover algorithm. For more details, see orphaned webhooks.
- The DataPower Operator version is now annotated (
datapower.ibm.com/operator-version
) on all owned CustomResourceDefinitions. - Clarify log messages from DataPowerMonitor controller when reconciling resources paused by an in-progress DataPowerRollout.
Fixes
- Fix an issue in which changes to DataPowerService
hostAliases
would not propagate to the StatefulSet. - Fix an issue which caused DataPowerRollout reconcilation to fail under certain scenarios with a long
namespace
. - Fix an issue in DataPowerService validation which allowed multiple
domains
to be specified with the samename
, resulting in StatefulSet errors. - Fix an issue that would prevent a new operator instance from being able to adopt / recover a degraded conversion-webhook Deployment in a separate namespace.
- Fix an issue which could cause the operator to crash after creating the StatefulSet.
1.6.5
Enhancements
- Add support for DataPower firmware version
10.5.0.3
, available in the10.5-lts
channel. - Add support for DataPower firmware version
10.0.1.11
, available in the10.0-lts
channel. - New properties in
v1beta3
DataPowerService API:healthCheck
- Configuration for DataPower Health Check service.readinessTimeoutSeconds
- Configure a readiness timeout for DataPower Pods.hostAliases
- Configure static host alias entries for DataPower.
Changes
- Update the minimum values allowed in
resources
for experimentation.- Reduce minimum CPU request to 0.5 CPU, or
500m
. Default remains 1 CPU for nonproduction and 4 CPU for production. - Reduce minimum Memory request / limit to 2 GB, or
2Gi
. Default request remains4Gi
and default limit remains8Gi
.
- Reduce minimum CPU request to 0.5 CPU, or
- The operator now controls the
livenessProbe
configuration for new DataPowerService versions. See the updated API docs for details.
Fixes
- Fix an issue in the
DataPowerRollout
controller which would prevent anautomatic
rollout from progressing if thegateway-peering
configurations were incongruent among the pods. - Fix an issue in the webhook Secret initialization that would cause the operator to crash if
cert-manager
was installed incorrectly. - Fix a port conflict between the Prometheus
snmp_exporter
process and the new DataPowerweb-mgmt
interface.- Prometheus
snmp_exporter
listener port changed from63512
to9116
.
- Prometheus
1.6.4
Enhancements
- Add support for DataPower firmware version
10.0.1.10
, available in the10.0-lts
channel.
Changes
datapower-limited
image location has changed toicr.io/cpopen/datapower/datapower-limited
, see Pulling images from the IBM Entitled Registry.
v1.2-eus EOL
- The
v1.2-eus
DataPower Operator channel reaches end-of-life October 31, 2022. Thev1.6
DataPower Operator is now the maintaining LTS stream for10.0.1
DataPower operand. - Add
10.0-lts
channel and versions to the Available versions offered by the Operator, enabling upgrade experience within IBM Cloud Pak for Integration.
1.6.3
Enhancements
- Add support for DataPower firmware version
10.5.0.2
, available in the10.5-lts
channel.
Platform
- Add support for Kubernetes 1.25.
Fixes
- Fix image formats to ensure backward compatibility to Docker Image Manifest Version 2, Schema 2 (
v2s2
). - Fix DataPowerService
status.versions
to remove versions older than the currentstatus.versions.reconciled
. - Fix search algorithm used by the
datapower-operator-conversion-webhook
management routine, resolving an issue that would result in the following error being logged during operator boot:Something went wrong when creating conversion webhook deployment
.
1.6.2
- Add support for DataPower firmware version
10.0.1.9
, available in the10.0-lts
channel.
1.6.1
Enhancements
- Add support for DataPower firmware version
10.5.0.1
, available in the10.5-lts
channel.
Platform
- Add support for Kubernetes 1.24.
Fixes
- Fix an issue that may occur when attempting to reinstall the operator on OCP 4.8+.
1.6.0
Enhancements
- Add support for DataPower firmware version
10.5.0.0
, available in the10.5-lts
channel. - Add support for DataPower firmware version
10.0.1.8
, available in the10.0-lts
channel.
Phased Rollout
This release of the DataPower Operator brings a notable feature, the ability to perform phased rollouts of the DataPower StatefulSet. For relevant documentation, check out:
DataPowerService
New properties available in v1beta3
of the DataPowerService
CRD:
- terminationGracePeriodSeconds
- createServiceBinding
propagationFormat
added to jaegerTracing- updateStrategy
Other notable changes:
- Validate
jaegerTracing.tls.collectorEndpoint.serverName
to prevent DataPower Gateway pod(s) from failing to becomeReady
.
Platform
- Required minimum OpenShift Container Platform (OCP) version is now 4.10.
- Required minimum Kubernetes version is now 1.23.
Fixes
- Fix an issue relating to CP4I discovery, leading to unnecessary DataPower StatefulSet updates.