Releases: open-telemetry/opentelemetry-operator
Release v0.118.0
0.118.0
🚀 New components 🚀
target allocator: Introduce TargetAllocator CRD (#2422)
See the CRD changelog for more information.
💡 Enhancements 💡
target allocator: Support camelcase matchLabels and matchExpressions in target allocator config (#3350)
🧰 Bug fixes 🧰
collector: Fix config handling with null values. (#3452)
Fix the defaulting webhook errorsrc and dst must not be nilcaused by defaulting a known component with a null value:
e.g.receivers: zipkin:
collector: Prevent mounting secrets to collector when TA is not deployed and mTLS feature gate is enabled (#3456)
Components
Release v0.117.0
Release v0.116.0
0.116.0
💡 Enhancements 💡
target allocator: Process discovered targets asyncchronously (#1842)
This change enables the target allocator to process discovered targets asynchronously.
This is a significant performance improvement for the target allocator, as it allows it to process targets in parallel, rather than sequentially.
This change also introduces new metrics to track the performance of the target allocator.- opentelemetry_allocator_process_targets_duration_seconds: The duration of the process targets operation.
- opentelemetry_allocator_process_target_groups_duration_seconds: The duration of the process target groups operation.
🧰 Bug fixes 🧰
-
operator: Fix the admission webhook to when metrics service address host uses env var expansion (#3513)
This should allow the metrics service address to have the host portion expanded from an environment variable,
like$(env:POD_IP)instead of using0.0.0.0, which is the recommended by the Collector. -
auto-instrumentation: Apache instrumentation sidecar fails to start if target container define lifecycle (#3547) -
collector: Fix deletion of optional resources for OpenTelemetryCollector CRs (#3454)
Components
Release v0.115.0
0.115.0
💡 Enhancements 💡
collector: enables support for pulling scrape config and probe CRDs in the target allocator (#1842)collector: support for creating a service for extensions when ports are specified. (#3460)
🧰 Bug fixes 🧰
-
github action: Add new line character at the end of PrometheusRule file. (#3503) -
auto-instrumentation: Reverts PR 3379 which inadvertently broke users setting JAVA_TOOL_OPTIONS (#3463)
Reverts a previous PR which was causing JAVA_TOOL_OPTIONS to not be overriden when
set by users. This was resulting in application crashloopbackoffs for users relying
on java autoinstrumentation. -
auto-instrumentation: Remove the mapping ofapp.kubernetes.io/instancetoservice.instance.id(#3495)
Technically, this is a breaking change, but we regard it as a bug fix because the previous behavior was incorrect.if you did have multiple container instrumentation and use
app.kubernetes.io/instanceto set theservice.instance.id,
you will now see multiple instances in the UI - which is the correct behavior.You can still use the attribute
resource.opentelemetry.io/service.instance.idto set theservice.instance.id,
which will be shared across all containers in the pod - but this is not recommended for multiple container instrumentation instances.Refer to the semantic conventions
for more information.
Components
Release v0.114.1
0.114.1
🧰 Bug fixes 🧰
auto-instrumentation: Reverts PR 3379 which inadvertently broke users setting JAVA_TOOL_OPTIONS (#3463)
Reverts a previous PR which was causing JAVA_TOOL_OPTIONS to not be overriden when
set by users. This was resulting in application crashloopbackoffs for users relying
on java autoinstrumentation.github action: Add new line character at the end of PrometheusRule file. (#3503)
Components
Release v0.114.0
0.114.0
💡 Enhancements 💡
-
collector: Create RBAC rules for the k8s_cluster receiver automatically. (#3427) -
collector: Create RBAC rules for the k8sobjects receiver automatically. (#3429) -
collector: Add a warning message when one created collector needs extra RBAC permissions and the service account doesn't have them. (#3432) -
target allocator: Added allocation_fallback_strategy option as fallback strategy for per-node allocation strategy, can be enabled with feature flag operator.targetallocator.fallbackstrategy (#3477)If using per-node allocation strategy, targets that are not attached to a node will not
be allocated. As the per-node strategy is required when running as a daemonset, it is
not possible to assign some targets under a daemonset deployment.
Feature flag operator.targetallocator.fallbackstrategy has been added and results in consistent-hashing
being used as the fallback allocation strategy for "per-node" only at this time. -
auto-instrumentation: updated node auto-instrumentation dependencies to the latest version (#3476)- auto-instrumentations-node to 0.53.0
- exporter-metrics-otlp-grpc to 0.55.0
- exporter-prometheus to 0.55.0
-
operator: Replace references to gcr.io/kubebuilder/kube-rbac-proxy with quay.io/brancz/kube-rbac-proxy (#3485)
🧰 Bug fixes 🧰
-
operator: Operator pod crashed if the Service Monitor for the operator metrics was created before by another operator pod. (#3446)Operator fails when the pod is restarted and the Service Monitor for operator metrics was already created by another operator pod.
To fix this, the operator now sets the owner reference on the Service Monitor to itself and checks if the Service Monitor already exists. -
auto-instrumentation: Bump base memory requirements for python and go (#3479)
Components
Release v0.113.1
0.113.1
This release fixes an important bug that caused the operator to crash when prometheus-operator CRDs were present in the cluster. See #3446 for details. This fix is also present in v0.114.0.
🧰 Bug fixes 🧰
operator: Operator pod crashed if the Service Monitor for the operator metrics was created before by another operator pod. (#3446)
Operator fails when the pod is restarted and the Service Monitor for operator metrics was already created by another operator pod.
To fix this, the operator now sets the owner reference on the Service Monitor to itself and checks if the Service Monitor already exists.
Components
Release v0.113.0
0.113.0
💡 Enhancements 💡
operator: Programmatically create theServiceMonitorfor the operator metrics endpoint, ensuring correct namespace handling and dynamic configuration. (#3370)
Previously, theServiceMonitorwas created statically from a manifest file, causing failures when the
operator was deployed in a non-default namespace. This enhancement ensures automatic adjustment of the
serverNameand seamless metrics scraping.collector: Create RBAC rules for the k8s_events receiver automatically. (#3420)collector: Inject environment K8S_NODE_NAME environment variable for the Kubelet Stats Receiver. (#2779)auto-instrumentation: add config for installing musl based auto-instrumentation for Python (#2264)auto-instrumentation: Supporthttp/jsonandhttp/protobufvia OTEL_EXPORTER_OTLP_PROTOCOL environment variable in addition to defaultgrpcfor exporting traces (#3412)target allocator: enables support for pulling scrape config and probe CRDs in the target allocator (#1842)
🧰 Bug fixes 🧰
collector: Fix mutation of deployments, statefulsets, and daemonsets allowing to remove fields on update (#2947)
Components
Release v0.112.0
0.112.0
💡 Enhancements 💡
-
auto-instrumentation: Support configuring Java auto-instrumentation when runtime configuration is provided from configmap or secret. (#1814)
This change allows users to configure JAVA_TOOL_OPTIONS in config map or secret when the name of the variable is defined in the pod spec.
The operator in this case set another JAVA_TOOL_OPTIONS that references the original value
e.g.JAVA_TOOL_OPTIONS=$(JAVA_TOOL_OPTIONS) -javaagent:/otel-auto-instrumentation-java/javaagent.jar. -
auto-instrumentation: Adds VolumeClaimTemplate field to Instrumentation spec to enable user-definable ephemeral volumes for auto-instrumentation. (#3267) -
collector: Add support for persistentVolumeClaimRetentionPolicy field (#3305) -
auto-instrumentation: build musl based auto-instrumentation in Python docker image (#2264) -
auto-instrumentation: An empty line should come before the addition of Include ...opentemetry_agent.conf, as a protection measure against cases of httpd.conf w/o a blank last line (#3401) -
collector: Add automatic RBAC creation for thekubeletstatsreceiver. (#3155) -
auto-instrumentation: Add Nodejs auto-instrumentation image builds for linux/s390x,linux/ppc64le. (#3322)
🧰 Bug fixes 🧰
target allocator: Permission check fixed for the serviceaccount of the target allocator (#3380)target allocator: Change docker image to run as non-root (#3378)
Components
Release v0.111.0
0.111.0
💡 Enhancements 💡
-
auto-instrumentation: set OTEL_LOGS_EXPORTER env var to otlp in python instrumentation (#3330) -
collector: Expose the Collector telemetry endpoint by default. (#3361)The collector v0.111.0 changes the default binding of the telemetry metrics endpoint from
0.0.0.0tolocalhost.
To avoid any disruption we fallback to0.0.0.0:{PORT}as default address.
Details can be found here: opentelemetry-collector#11251 -
auto-instrumentation: Add support for specifying exporter TLS certificates in auto-instrumentation. (#3338)Now Instrumentation CR supports specifying TLS certificates for exporter:
spec: exporter: endpoint: https://otel-collector:4317 tls: secretName: otel-tls-certs configMapName: otel-ca-bundle # otel-ca-bundle ca_file: ca.crt # present in otel-tls-certs cert_file: tls.crt # present in otel-tls-certs key_file: tls.key
- Propagating secrets across namespaces can be done with https://github.com/EmberStack/kubernetes-reflector or https://github.com/zakkg3/ClusterSecret
- Restarting workloads on certificate renewal can be done with https://github.com/stakater/Reloader or https://github.com/wave-k8s/wave
-
collector: Add native sidecar injection behind a feature gate which is disabled by default. (#2376)Native sidecars are supported since Kubernetes version
1.28and are availabe by default since1.29.
To use native sidecars on Kubernetes v1.28 make sure the "SidecarContainers" feature gate on kubernetes is enabled.
If native sidecars are available, the operator can be advised to use them by adding
the--feature-gates=operator.sidecarcontainers.nativeto the Operator args.
In the future this may will become availabe as deployment mode on the Collector CR. See #3356 -
target allocator, collector: Enable mTLS between the TA and collector for passing secrets in the scrape_config securely (#1669)This change enables mTLS between the collector and the target allocator (requires cert-manager).
This is necessary for passing secrets securely from the TA to the collector for scraping endpoints that have authentication. Use theoperator.targetallocator.mtlsto enable this feature. See the target allocator documentation for more details.
🧰 Bug fixes 🧰
-
collector-webhook: Fixed validation ofstabilizationWindowSecondsin autoscaler behaviour (#3345)The validation of
stabilizationWindowSecondsin theautoscaler.behaviour.scale[Up|Down]incorrectly rejected 0 as an invalid value.
This has been fixed to ensure that the value is validated correctly (should be >=0 and <=3600) and the error messsage has been updated to reflect this.