Skip to content

v0.11.0

Choose a tag to compare

View all tags
@nastena1606 nastena1606 released this 01 Sep 14:47
· 192 commits to main since this release
v0.11.0
aa5cd31

Release highlights

Support for MySQL 8.4

This release introduces support for Percona Server for MySQL 8.4.x. The Operator supports all major functionality for this latest major version except data-at-rest encryption. However, we do not recommend Percona Server for MySQL 8.4 for production environments yet.

Ensure data security with data-at-rest encryption

Data-at-rest encryption provides robust data protection by encrypting your database files on disk. Data is encrypted automatically, in real time, prior to writing to storage and decrypted when read from storage. The Operator uses the keyring_vault plugin to encrypt tablespace files and binlog. It integrates directly with HashiCorp Vault, giving you a secure and automated solution for managing encryption keys.

With this feature, you can meet your compliance requirements and protect sensitive data without the operational complexity. Learn how to configure it in our documentation.

Note that data-at-rest encryption is currently not supported for Percona Server for MySQL 8.4.x. We plan to add it in future releases.

Support for emptyDir and hostPath volumes

You can now configure the Operator to use emptyDir or hostPath volumes for MySQL Pods, in addition to persistentVolumeClaim volumes. This extends the number of use cases for using the Operator, such as configuring additional storage for the data you don't need to persist when a Pod restarts, ephemeral workloads, testing CI/CD automation against a database and more.

Note the following key points for using volume types:

  • Using hostPath can be risky in production, as it ties your Pod to a specific node and can lead to data loss if the node fails.
  • emptyDir is not for persistent data.
  • persistentVolumeClaim is the recommended way for persistent, portable storage in Kubernetes.

Improved security for user secrets with special characters in passwords

The Operator now generates stronger passwords using the combination of uppercase and lowercase letters, digits, and special characters like ! $ % & ( ) * + , - . < = > ? @ [ ] ^ _ { } ~ #. These have been tested to ensure compatibility across SQL queries, shell scripts, YAML files, and connection strings.

The Operator excludes problematic characters such as ’ “ \ / : | ;.

When you create passwords for user secrets yourself, be sure to stick to the approved character set to ensure your services run smoothly.

Customize connection to MySQL Router via configurable ports

You can now modify existing ports for the MySQL Router service, as well as add new custom ports. This ability enables you to fine-tune the connection to your Percona Server for MySQL cluster. For example, you can separate access to the database for different applications, so that each one connects to the same MySQL Router but gets a tailored experience based on the port.

Automated volume resizing

Kubernetes supports the Persistent Volume expansion as a stable feature since v1.24. Using it with the Operator previously involved manual operations. Now this is automated, and users can resize their PVCs by just changing the value of the resources.requests.storage option in the PerconaServerMySQL custom resource.

Deprecation, rename and removal

  • .spec.pmm.runtimeClassName field has been removed from the crd.yaml and code because it wasn't being used
  • .spec.backup.imagePullSecrets will now be applied to the backup and restore jobs
  • .spec.proxy.haproxy.runtimeClassName will be applied to the HAProxy Pods
  • .spec.pmm.serverUser is removed as not used in PMM3

Changelog

New features

  • K8SPS-126 - It is now possible to resize Persistent Volume Claims by patching the PerconaServerMySQL Custom Resource. Enable, volume expansion, change persistentVolumeClaim.resources.requests.storage and let the Operator do the scaling.

  • K8SPS-421 - Added data-at-rest encryption support

  • K8SPS-445 - Added MySQL 8.4 support

Improvements

  • K8SPS-437 - Removed the spec.pmm.serverUser field as not used in PMM 3

  • K8SPS-406 - Added possibility of adding custom parameters for PMM client via Custom Resource

  • K8SPS-131 - Improve connection configuration by making router ports configurable

  • K8SPS-265 - Added special symbols support in passwords

  • K8SPS-319 - Improve labels by adding MySQL to the Operator name

  • K8SPS-323 - Added support for primary Pod discovery through a Kubernetes Service (Thank you Marjus Cako for reporting this issue)

  • K8SPS-336 - Added the ability to deploy the Operator with hostPath and emptyDir volume types

  • K8SPS-357 - Improved cluster provisioning

  • K8SPS-401 - Added examples of setting up backups on Azure into our CRs

  • K8SPS-418 - Added the ability to specify the time for the Pod to shut down gracefully after receiving a termination signal before it is forcefully killed.

  • K8SPS-414 - Added the ability to configure imagePullSecrets via the Custom Resource

  • K8SPS-415 - Added the ability to configure runtimeClassName via the Custom Resource

  • K8SPS-416 - Added the ability to configure tolerations via the Custom Resource

Bugs Fixed

  • K8SPS-287 - Improved logging to include information about allowUnsafeConfigurations not set when a user tries to scale down a cluster to less than 3 Pods

  • K8SPS-298 - Added an error to the logs about invalid configuration for deploying a cluster with asynchronous replication without a proxy.

  • K8SPS-308 - Fixed the issue with smart update reporting errors for the cluster with async replication

  • K8SPS-381 - Improved restores from Azure blob storage by removing a hardcoded slash

  • K8SPS-394 - Improved the cluster behavior when a user tries to change a replication type on a running cluster. The cluster fails because this operation is not allowed on a running cluster. Added documentation with the recommended steps.

  • K8SPS-396 - Improved the gr-self-healing tests by replacing assert with readiness check for chaos-daemon

  • K8SPS-425 - Fixed the cluster boootstrap process for a group replication clusters with MySQL 8.4

Supported software

The Operator was developed and tested with the following software:

  • Percona Server for MySQL 8.4.5-5
  • Percona Server for MySQL 8.0.42-33
  • XtraBackup 8.4.0-3
  • XtraBackup 8.0.35-33
  • MySQL Router 8.4.5-5
  • MySQL Router 8.0.42
  • HAProxy 2.8.15
  • Orchestrator 3.2.6-17
  • Percona Toolkit 3.7.0
  • PMM Client 3.3.1
  • Cert Manager 1.18.2

Other options may also work, but have not been tested.

Supported platforms

Percona Operators are designed for compatibility with all CNCF-certified Kubernetes distributions. Our release process includes targeted testing and validation on major cloud provider platforms and OpenShift, as detailed below for Operator version 0.9.0:

This list only includes the platforms that the Percona Operators are specifically tested on as part of the release process. Other Kubernetes flavors and versions depend on backward compatibility offered by Kubernetes itself.

Assets 2
Loading