kurrent-io · rb-kurrent · Sep 22, 2025 · Sep 18, 2025 · Sep 22, 2025 · Sep 22, 2025
@@ -380,11 +380,7 @@ kubectl apply -f cluster.yaml
 ## Three Node Secure Cluster (using LetsEncrypt)
 
 Using LetsEncrypt, or any publicly trusted certificate, in an operator-managed KurrentDB cluster
-is not supported.
-
-The recommended workaround is to combine [self-signed certificates within the cluster](
-#three-node-secure-cluster-using-self-signed-certificates) with an Ingress that does TLS
-termination using the LetsEncrypt certificate.
+is not supported in v1.0.0; please upgrade to v1.4.0.
 
 ## Viewing Deployments
 

@@ -445,11 +445,7 @@ kubectl apply -f cluster.yaml
 ## Three Node Secure Cluster (using LetsEncrypt)
 
 Using LetsEncrypt, or any publicly trusted certificate, in an operator-managed KurrentDB cluster
-is not supported.
-
-The recommended workaround is to combine [self-signed certificates within the cluster](
-#three-node-secure-cluster-using-self-signed-certificates) with an Ingress that does TLS
-termination using the LetsEncrypt certificate.
+is not supported in v1.0.0; please upgrade to v1.4.0.
 
 ## Deploying With Scheduling Constraints
 

@@ -445,11 +445,7 @@ kubectl apply -f cluster.yaml
 ## Three Node Secure Cluster (using LetsEncrypt)
 
 Using LetsEncrypt, or any publicly trusted certificate, in an operator-managed KurrentDB cluster
-is not supported.
-
-The recommended workaround is to combine [self-signed certificates within the cluster](
-#three-node-secure-cluster-using-self-signed-certificates) with an Ingress that does TLS
-termination using the LetsEncrypt certificate.
+is not supported in v1.0.0; please upgrade to v1.4.0.
 
 ## Deploying With Scheduling Constraints
 

@@ -441,11 +441,7 @@ kubectl apply -f cluster.yaml
 ## Three Node Secure Cluster (using LetsEncrypt)
 
 Using LetsEncrypt, or any publicly trusted certificate, in an operator-managed KurrentDB cluster
-is not supported.
-
-The recommended workaround is to combine [self-signed certificates within the cluster](
-#three-node-secure-cluster-using-self-signed-certificates) with an Ingress that does TLS
-termination using the LetsEncrypt certificate.
+is not supported in v1.0.0; please upgrade to v1.4.0.
 
 ## Deploying With Scheduling Constraints
 

@@ -0,0 +1,5 @@
+---
+# title is for breadcrumb and sidebar nav
+title: Kubernetes Operator v1.4.0
+order: 1
+---
@@ -0,0 +1,68 @@
+---
+order: 1
+dir:
+  text: "Getting started"
+  link: true
+  order: 1
+---
+
+<CloudBanner />
+
+---
+Welcome to the **KurrentDB Kubernetes Operator** guide. In this guide, we’ll refer to the KurrentDB Kubernetes Operator simply as “the Operator.” Use the Operator to simplify backup, scaling, and upgrades of KurrentDB clusters on Kubernetes.
+
+:::important
+The Operator is an Enterprise-only feature, please [contact us](https://www.kurrent.io/contact) for more information.
+:::
+
+## Why run KurrentDB on Kubernetes?
+
+Kubernetes is the modern enterprise standard for deploying containerized applications at scale. The Operator streamlines deployment and management of KurrentDB clusters.
+
+## Features
+
+* Deploy single-node or multi-node clusters
+* Back up and restore clusters
+* Automate backups with a schedule and retention policies
+* Perform rolling upgrades and update configurations
+
+### New in 1.4.0
+
+* Support configurable traffic strategies for each of server-server and client-server traffic.  This
+  enables the use of LetsEncrypt certificates without creating Ingresses, for example.  See
+  [Traffic Strategies][ts] for details.
+* Support backup scheduling and retention policies.  There is a new [KurrentDBBackupSchedule][bs]
+  CRD with a CronJob-like syntax.  There are also two mechanisms for configuring retention policies:
+  a `.keep` count on `KurrentDBBackupSchedule`, and a new `.ttl` on `KurrentDBBackup`.
+* Support standalone read-only replicas pointed at a remote cluster.  This enables advanced
+  topologies like a having your quorum nodes in one region and a read-only replica in a distant
+  region.  See [Deploying Standalone Read-Only Replicas][ror] for an example.
+* Support template strings in some extra metadata for child resources of the `KurrentDB` object.
+  This allows, for example, to annotate each of the automatically created LoadBalancers with unique
+  external-dns annotations.  See [KurrentDBExtraMetadataSpec][em] for details.
+
+[ts]: ../operations/advanced-networking.md#traffic-strategy-options
+[bs]: resource-types.md#kurrentdbbackupschedulespec
+[ror]: ../operations/database-deployment.md#deploying-standalone-read-only-replicas
+[em]: resource-types.md#kurrentdbextrametadataspec
+
+## Supported KurrentDB Versions
+
+The Operator supports running the following major versions of KurrentDB:
+- v25.x
+- v24.x
+- v23.10+
+
+## Supported Hardware Architectures
+
+The Operator is packaged for the following hardware architectures:
+- x86\_64
+- arm64
+
+## Technical Support
+
+For support questions, please [contact us](https://www.kurrent.io/contact).
+
+## First Steps
+
+Ready to install? Head over to the [installation](installation.md) section.
@@ -0,0 +1,209 @@
+---
+title: Installation
+order: 2
+---
+
+This section covers the various aspects of installing the Operator.
+
+::: important
+The Operator is an Enterprise-only feature, please [contact us](https://www.kurrent.io/contact) for more information.
+:::
+
+## Prerequisites
+
+::: tip
+To get the best out of this guide, a basic understanding of [Kubernetes concepts](https://kubernetes.io/docs/concepts/) is essential.
+:::
+
+* A Kubernetes cluster running any [non-EOL version of Kubernetes](https://kubernetes.io/releases/).
+* Permission to create resources, deploy the Operator and install CRDs in the target cluster.
+* The following CLI tools installed, on your shell’s `$PATH`, with `$KUBECONFIG` pointing to your cluster:
+  * [kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl)
+  * [k9s](https://k9scli.io/topics/install/)
+  * [Helm 3 CLI](https://helm.sh/docs/intro/install/)
+  * A valid Operator license. Please [contact us](https://www.kurrent.io/contact) for more information.
+
+## Configure Helm Repository
+
+Add the Kurrent Helm repository to your local environment:
+
+```bash
+helm repo add kurrent-latest \
+  'https://packages.kurrent.io/basic/kurrent-latest/helm/charts/'
+```
+
+## Install Custom Resource Definitions (CRDs)
+
+The Operator uses Custom Resource Definitions (CRDs) to extend Kubernetes. You can install them automatically with Helm or manually.
+
+The following resource types are supported:
+- [KurrentDB](resource-types.md#kurrentdbspec)
+- [KurrentDBBackup](resource-types.md#kurrentdbbackupspec)
+- [KurrentDBBackupSchedules](resource-types.md#kurrentdbbackupschedulesspec)
+
+Since CRDs are managed globally by Kubernetes, special care must be taken to install them.
+
+### Automatic Install
+
+It's recommended to install and manage the CRDs using Helm. See [Deployment Modes](#deployment-modes) for more information.
+
+### Manual Install
+
+If you prefer to install CRDs yourself:
+
+```bash
+# Download the kurrentdb-operator Helm chart
+helm pull kurrent-latest/kurrentdb-operator --version 1.4.0 --untar
+# Install the CRDs
+kubectl apply -f kurrentdb-operator/templates/crds
+```
+*Expected Output*:
+```
+customresourcedefinition.apiextensions.k8s.io/kurrentdbbackups.kubernetes.kurrent.io created
+customresourcedefinition.apiextensions.k8s.io/kurrentdbs.kubernetes.kurrent.io created
+```
+
+After installing CRDs manually, you should include the `--set crds.enabled=false` flag for the `helm
+install` command, and include one of `--set crds.enabled=false`, `--reuse-values`, or
+`--reset-then-reuse-values` for the `helm upgrade` command.
+
+::: caution
+If you set the value of `crds.keep` to `false` (the default is `true`), helm upgrades and rollbacks
+can result in data loss.  If `crds.keep` is `false` and `crds.enabled` transitions from `true` to
+`false` during an upgrade or rollback, the CRDs will be removed from the cluster, deleting all
+`KurrentDBs` and `KurrentDBBackups` and their associated child resources, including the PVCs and
+VolumeSnapshots containing your data!
+:::
+
+## Deployment Modes
+
+The Operator can be scoped to track Kurrent resources across **all** or **specific** namespaces.
+
+### Cluster-wide
+
+In cluster-wide mode, the Operator tracks Kurrent resources across **all** namespaces and requires `ClusterRole`. Helm creates the `ClusterRole` automatically.
+
+To deploy the Operator in this mode, run:
+
+```bash
+helm install kurrentdb-operator kurrent-latest/kurrentdb-operator \
+  --version 1.4.0 \
+  --namespace kurrent \
+  --create-namespace \
+  --set crds.enabled=true \
+  --set-file operator.license.key=/path/to/license.key \
+  --set-file operator.license.file=/path/to/license.lic
+```
+
+This command:
+- Deploys the Operator into the `kurrent` namespace (use `--create-namespace` to create it). Feel free to modify this namespace.
+- Creates the namespace (if it already exists, leave out the `--create-namespace` flag).
+- Deploys CRDs (this can be skipped by changing to `--set crds.enabled=false`).
+- Applies the Operator license.
+- Deploys a new Helm release called `kurrentdb-operator` in the `kurrent` namespace.
+
+*Expected Output*:
+```
+NAME: kurrentdb-operator
+LAST DEPLOYED: Thu Mar 20 14:51:42 2025
+NAMESPACE: kurrent
+STATUS: deployed
+REVISION: 1
+TEST SUITE: None
+```
+
+Once installed, navigate to the [deployment validation](#deployment-validation) section.
+
+### Specific Namespace(s)
+
+In this mode, the Operator will track Kurrent resources across **specific** namespaces. This mode reduces the level of permissions required. The Operator will create a `Role` in each namespace that it is expected to manage.
+
+To deploy the Operator in this mode, the following command can be used:
+
+```bash
+helm install kurrentdb-operator kurrent-latest/kurrentdb-operator \
+  --version 1.4.0 \
+  --namespace kurrent \
+  --create-namespace \
+  --set crds.enabled=true \
+  --set-file operator.license.key=/path/to/license.key \
+  --set-file operator.license.file=/path/to/license.lic \
+  --set operator.namespaces='{kurrent, foo}'
+```
+
+Here's what the command does:
+- Sets the namespace of where the Operator will be deployed i.e. `kurrent` (feel free to change this)
+- Creates the namespace (if it already exists, leave out the `--create-namespace` flag)
+- Deploys CRDs (this can be skipped by changing to `--set crds.enabled=false`)
+- Configures the Operator license
+- Configures the Operator to operate on resources the namespaces `kurrent` and `foo`
+- Deploys a new Helm release called `kurrentdb-operator` in the `kurrent` namespace
+
+::: important
+Make sure the namespaces listed as part of the `operator.namespaces` parameter already exist before running the command.
+:::
+
+*Expected Output*:
+```
+NAME: kurrentdb-operator
+LAST DEPLOYED: Thu Mar 20 14:51:42 2025
+NAMESPACE: kurrent
+STATUS: deployed
+REVISION: 1
+TEST SUITE: None
+```
+
+Once installed, navigate to the [deployment validation](#deployment-validation) section.
+
+#### Augmenting Namespaces
+
+The Operator deployment can be updated to adjust which namespaces are watched. For example, in addition to the `kurrent` and `foo` namespaces (from the example above), a new namespace `bar` may also be watched using the command below:
+
+```bash
+helm upgrade kurrentdb-operator kurrent-latest/kurrentdb-operator \
+  --version 1.4.0 \
+  --namespace kurrent \
+  --reuse-values \
+  --set operator.namespaces='{kurrent,foo,bar}'
+```
+
+This will trigger:
+- a new `Role` to be created in the `bar` namespace
+- a rolling restart of the Operator to pick up the new configuration changes
+
+## Deployment Validation
+
+Using the k9s tool, navigate to the namespace listing using the command `:namespaces`. It should show the namespace where the Operator was deployed:
+
+![Namespaces](images/install/namespace-list.png)
+
+After stepping in to the `kurrent` namespace, type `:deployments` in the k9s console. It should show the following:
+
+![Operator Deployment](images/install/deployments-list.png)
+
+Pods may also be viewed using the `:pods` command, for example:
+
+![Operator Pod](images/install/pods-list.png)
+
+Pressing the `Return` key on the selected Operator pod will allow you to drill through the container hosted in the pod, and then finally to the logs:
+
+![Operator Logs](images/install/logs.png)
+
+
+## Upgrading an Installation
+
+The Operator can be upgraded using the following `helm` commands:
+
+```bash
+helm repo update
+helm upgrade kurrentdb-operator kurrentdb-operator-repo/kurrentdb-operator \
+  --namespace kurrent \
+  --version {version} \
+  --reset-then-reuse-values
+```
+
+Here's what these commands do:
+- Refresh the local Helm repository index
+- Locate an existing operator installation in namespace `kurrent`
+- Select the target upgrade version `{version}` e.g. `1.4.0`
+- Perform the upgrade, preserving values that were set during installation