·
1 commit
to release/4.2
since this release
Other Changes
- Implemented enhancement request #5344 to support enabling
readOnlyRootFilesystemin the security context. When this attribute is enabled, the operator will update the temporary directory to within the mount path of an empty volume and adjust other settings to support this use case. - Implemented support for
automountServiceAccountToken. - Added a pair of additional metrics to the operator's metrics endpoint to track the number of managed namespaces (
wko_namespace_count) and the number of domains found in a given namespace (wko_domain_count).
Bug Fixes
- Resolved an issue where the operator and webhook would not consistently have sufficient privilege to list domain and cluster resources on more restrictive Kubernetes cluster environments.
- Updated container scripts to consistently trap SIGKILL and SIGTERM so that these scripts exit cleanly.
- Resolved an issue in the node manager script related to incorrectly using the LOG_HOME_LAYOUT setting.
- Updated the sidecar containers created for the monitoring exporter, Fluentd, and Fluentbit integrations to correctly use the configured container security context.
- Resolved an issue with the domain status
observedGenerationwas not correctly updated following a model-in-image online update. - Improved the resiliency of the operator's periodic listing of namespaces to look for namespaces that should be managed and connected this to the liveness probe so that the operator will restart more consistently if the namespace listing is failing.
- Resolved an issue with configurations for the monitoring exporter that contain
stringValues, such as involving server runtime states.
Full Changelog: v4.2.16...v4.2.17