Skip to content

Release v0.145.0

Choose a tag to compare

View all tags
@github-actions github-actions released this 18 Feb 17:52
· 261 commits to main since this release
v0.145.0
deb3ac5
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

0.145.0

πŸ›‘ Breaking changes πŸ›‘

  • collector: Remove operator.collector.default.config feature gate (#4473)

πŸš€ New components πŸš€

  • clusterObservability: Inital implementation of ClusterObservability CRD (#3820)
    This change provides an initial implementation of the Cluster Observability CRD and operator control loop.
    Reconcilation is disabled by default.
    Currently, the CRD is not included in the operator bundle and must be installed manually.
    To enable reconciliation, enable the --feature-gates=+operator.clusterobservability feature gate.

πŸ’‘ Enhancements πŸ’‘

  • target allocator: Add readiness and liveness probe configurations for target allocator CRD (#4639)
  • target allocator: Make the least-weighted target allocation strategy take job name into account. (#3128)
    Uses job name instead of "first match" to when number of targets is equal. The effect is to spread out targets with the same job name across collectors.

🧰 Bug fixes 🧰

  • target allocator: Fix TLS certificate hot-reload for mTLS connections (#4368)
    The Target Allocator now automatically reloads TLS certificates when they are renewed
    by cert-manager. Previously, certificate renewals required a pod restart because
    certificates were only loaded once at startup. The fix uses fsnotify to watch the
    certificate directory and dynamically reloads certificates via the GetCertificate
    callback, enabling seamless certificate rotation without downtime.

  • collector: Configure collector to reload client certificate periodically (#4657)
    When the collector connects to the target allocator over mTLS, certificates were not automatically reloaded after expiration. This adds reload_interval to the TLS configuration, enabling the Prometheus receiver to periodically reload certificates from disk.

    The default interval of 5 minutes provides a good balance between picking up renewed certificates promptly and avoiding unnecessary overhead.

  • operator: Set Kubernetes API server egress network policy port dynamically. (#4411)
    The operator network policy egress rule for the Kubernetes API server was hardcoded to port 6443.
    This PR uses uses endpointslices.discovery.k8s.io -n default kubernetes to get the port and IP addresses of the Kubernetes API server
    for the operator egress network policy.

Components

Assets 4
Loading