0.35.1

0.35.1 is a patch release with a focused scope, aimed at stabilizing Galera cluster recovery and enhancing our new Kubernetes custom types. For an overview of features introduced in this release series, see the 0.35.0 release notes.

To upgrade from older versions, be sure to follow the UPGRADE GUIDE.

---

We value your feedback! If you encounter any issues or have suggestions, please open an issue on GitHub. Your input is crucial to improve mariadb-operator🦭.

Join us on Slack: MariaDB Community Slack.

What's Changed

• Allow sequence number 0 in Galera cluster recovery by @mmontes11 in #960
• Fix container extra env by @mmontes11 in #962
• Release 0.35.1 by @mmontes11 in #964

Full Changelog: 0.35.0...0.35.1

mariadb-operator-crds-0.35.1

mariadb-operator CRDs

mariadb-operator-0.35.1

Run and operate MariaDB in a cloud native way

0.35.0

mariadb-operator 0.35.0 is out! 🦭

To upgrade from older versions, be sure to follow the UPGRADE GUIDE.

Staging storage for S3 backups

When using S3 storage for backups, a staging area is used for keeping the external backups while they are being processed. By default, this staging area is an emptyDir volume, which means that the backups are temporarily stored in the node's local storage where the Backup/Restore Job is scheduled. In production environments, large backups may lead to issues if the node doesn't have sufficient space, potentially causing the backup/restore process to fail.

To overcome this limitation, you are now able to define your own staging area by setting the stagingStorage field to both the Backup and Restore CRs:

apiVersion: k8s.mariadb.com/v1alpha1
kind: Backup
metadata:
  name: backup
spec:
  storage:
    s3:
      ...
  stagingStorage:
    persistentVolumeClaim:
      resources:
        requests:
          storage: 10Gi
      accessModes:
        - ReadWriteOnce

apiVersion: k8s.mariadb.com/v1alpha1
kind: Restore
metadata:
  name: restore
spec:
  s3:
    ...
  stagingStorage:
    persistentVolumeClaim:
      resources:
        requests:
          storage: 10Gi
      accessModes:
        - ReadWriteOnce

In the examples above, a PVC with the default StorageClass will be used as staging area. Refer to the API reference for more configuration options.

More flexibility configuring Kubernetes types

We have recently slimmed down our CRDs, resulting in a ~81% size decrease. As part of this massive refactor, we have replaced the upstream Kubernetes types and introduce our custom types. In this release, we keep committed to this matter, and we have extended our Kubernetes types to ensure flexibility, including:

• nodeAffinity as expression-driven alternative to nodeSelector
• configMap and secret volume sources support
• env support for both initContainers and sidecarContainers
• resources support in metrics exporter Deployment

Refer to the API reference for more details about this fields.

Kudos to @am6737 for helping with this! 🙏🏻

Enhanced session affinity for MaxScale GUI

In previous releases, the MaxScale GUI Service used sessionAffinity to avoid load balancing, ensuring that GUI requests stayed with the same Pod. This was important because each MaxScale Pod operates as an independent server, maintaining its own user sessions for the GUI.

When using an API gateway in front of the MaxScale GUI Service without sessionAffinity configured, users may experience unexpected logouts, as sessions from one server are invalid on another. To address this, we now point the MaxScale GUI Service to a specific Pod, dynamically updating the target if the selected Pod goes down. This approach ensures consistency and predictability, minimizing the chances of sending GUI requests to new MaxScale Pods whenever possible. See #956.

Refer to the MaxScale docs for further detail.

Support for image digests in Helm chart

You can now specify image digests when installing the operator Helm chart. Instead of providing a tag, you will need to specify a digest under the image values:

image:
  repository: docker-registry3.mariadb.com/mariadb-operator/mariadb-operator
  pullPolicy: IfNotPresent
  digest: sha256:084a927ee9f3918a5c85d283f73822ae205757df352218de0b935853a0765060

webhook:
  enabled: true
  image:
    repository: docker-registry3.mariadb.com/mariadb-operator/mariadb-operator
    pullPolicy: IfNotPresent
    digest: sha256:084a927ee9f3918a5c85d283f73822ae205757df352218de0b935853a0765060

certController:
  enabled: true
  image:
    repository: docker-registry3.mariadb.com/mariadb-operator/mariadb-operator
    pullPolicy: IfNotPresent
    digest: sha256:084a927ee9f3918a5c85d283f73822ae205757df352218de0b935853a0765060

Kudos to @am6737 for this contribution! 🙏🏻

Replication improvements

During an update, make sure that at least one Pod has replication configured before proceeding with the update of the primary. See #947.

Kudos to @BonySmoke for this contribution! 🙏🏻

Various fixes

See #932 #924.

Kudos to @am6737 for these contributions! 🙏🏻

---

We value your feedback! If you encounter any issues or have suggestions, please open an issue on GitHub. Your input is crucial to improve mariadb-operator🦭.

Join us on Slack: MariaDB Community Slack.

What's Changed

• fix: exclude # symbol from password generator by @am6737 in #932
• Feat: Add support for image digest and standardize image reference format by @am6737 in #926
• Fix: crash when SQLJob has unknown dependencies by @am6737 in #924
• Bump github.com/minio/minio-go/v7 from 7.0.77 to 7.0.78 by @dependabot in #936
• feat: add NodeAffinity support to enhance pod scheduling by @am6737 in #935
• Adapt nodeAffinity to reduce CRD size by @mmontes11 in #937
• Fix nodeAffinity defaults by @mmontes11 in #938
• Refactor Kubernetes volume types. Support for ConfigMap and Secret volume sources by @mmontes11 in #941
• Added defaultMode to secret and configMap volume sources by @mmontes11 in #943
• Support for env in Container by @mmontes11 in #944
• Support for resources in metrics Deployment by @mmontes11 in #945
• stagingStorage support for Backup and Restore by @mmontes11 in #946
• MariaDB Updates: Configure Replication Before Updating Primary in Semi-Sync Cluster by @BonySmoke in #947
• Ability to skip reconcile phases in MariaDB controller by @mmontes11 in #954
• Remove sessionAffinity from MaxScale GUI Service. Add first ready Pod to the Service selector to implement sticky sessions by @mmontes11 in #956
• Release 0.35.0 by @mmontes11 in #950

New Contributors

• @am6737 made their first contribution in #932
• @BonySmoke made their first contribution in #947

Full Changelog: v0.0.32...0.35.0

mariadb-operator-crds-0.35.0

mariadb-operator CRDs

mariadb-operator-0.35.0

Run and operate MariaDB in a cloud native way

0.34.0

mariadb-operator 0.34.0 is out! 🦭

This release introduces more intuitive versioning, backup compression, and enhancements to Galera cluster recovery, along with several other new features. See the full details below.

To upgrade from older versions, be sure to follow the UPGRADE GUIDE.

Versioning

Many of you have reported that our previous versioning model was confusing, as we had different versions for the operator image, operator Helm chart and CRD Helm chart. See #891.

In this release, we're introducing a new versioning model where everything (operator image, Helm charts) uses the unified version 0.34.0.

Backup compression

You can now compress backups by specifying the desired compression algorithm in the new compression field:

apiVersion: k8s.mariadb.com/v1alpha1
kind: Backup
metadata:
  name: backup
spec:
  mariaDbRef:
    name: mariadb
  compression: gzip

Currently the following compression algorithms are supported:

• bzip2: Good compression ratio, but slower compression/decompression speed compared to gzip.
• gzip: Good compression/decompression speed, but worse compression ratio compared to bzip2.
• none: No compression.

See #836.

Kudos to @vixns for this contribution! 🙏🏻

Galera cluster recovery

We're continuously refining our Galera recovery process based on the issues you report!

Some of you have encountered situations where the recovery Jobs get stuck with the following error:

[ERROR] mariadbd: Can't lock aria control file '/var/lib/mysql/aria_log_control' for exclusive use, error: 11. Will retry for 30 seconds

This occurs because the MariaDB Pods create exclusive locks on the same PVCs that the Jobs try to mount. To resolve this, the operator now downscales the StatefulSet before initiating the recovery Jobs. See #904.

Another less frequent error is that, after not being able to bootstrap the cluster on the first attempt, the MariaDB Pods return the following error:

[ERROR] WSREP: It may not be safe to bootstrap the cluster from this node. It was not the last one to leave the cluster and may not contain all the updates.

This can occur if a different Pod was selected to bootstrap the cluster during a previous attempt, leaving the previous Pod with the bootstrap configuration. To handle this, the operator now cleans up the bootstrap config on non-bootstrapping Pods. See #910

Run operator in HA

We have extended the operator Helm chart to provide you with everything needed to run the operator in HA:

• Multiple replicas
• Configure Pod anti-affinity
• Configure PodDisruptionBudgets

You can achieve this by providing the following values to the helm chart:

ha:
  enabled: true
  replicas: 3

affinity:
  podAntiAffinity:
    requiredDuringSchedulingIgnoredDuringExecution:
    - labelSelector:
        matchExpressions:
        - key: app.kubernetes.io/name
          operator: In
          values:
          - mariadb-operator
        - key: app.kubernetes.io/instance
          operator: In
          values:
          - mariadb-operator
      topologyKey: kubernetes.io/hostname

pdb:
  enabled: true
  maxUnavailable: 1

See #899.

Kudos to @sennerholm for this contribution! 🙏🏻

Pod role labels

A new label k8s.mariadb.com/role is now added to the MariaDB Pods:

❯ kubectl get mariadbs
NAME             READY   STATUS    PRIMARY            UPDATES                    AGE
mariadb-galera   True    Running   mariadb-galera-0   ReplicasFirstPrimaryLast   79m

❯ kubectl get pods -l k8s.mariadb.com/role=primary
NAME               READY   STATUS    RESTARTS   AGE
mariadb-galera-0   2/2     Running   0          79m

❯ kubectl get pods -l k8s.mariadb.com/role=replica
NAME               READY   STATUS    RESTARTS   AGE
mariadb-galera-1   2/2     Running   0          79m
mariadb-galera-2   2/2     Running   0          79m

See #909.

Kudos to @nocturo for this contribution! 🙏🏻

Mutable maxUserConnections

You may update the maxUserConnections field without having to recreate the User resource.

See #918.

Kudos to @hedgieinsocks for this contribution! 🙏🏻

Extensibility

We have introduced several extensibility improvements for deploying MariaDB:

• Support for extra Service ports. See #912
• Support for named initContainers and sidecarContainers. See #908.

Kudos to @hedgieinsocks for these contributions! 🙏🏻

---

We value your feedback! If you encounter any issues or have suggestions, please open an issue on GitHub. Your input is crucial to improve mariadb-operator🦭.

Join us on Slack: MariaDB Community Slack.

What's Changed

• Remove probes from container builder by @mmontes11 in #890
• Release v0.0.33 by @mmontes11 in #892
• backup compression by @vixns in #836
• Bump github.com/minio/minio-go/v7 from 7.0.76 to 7.0.77 by @dependabot in #896
• Bump github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring from 0.77.0 to 0.77.1 by @dependabot in #895
• Bump ubi8/ubi-micro from 8.10-11 to 8.10-13 by @dependabot in #894
• Compression tweaks by @mmontes11 in #897
• Update DOCKER.md for v0.0.33 by @mariadb-pieterhumphrey in #902
• Update DOCKER.md for .33 by @mariadb-pieterhumphrey in #903
• chore(helm) Adding a PodDisruptionBudget(pdb) by @sennerholm in #899
• Unify versioning by @mmontes11 in #907
• Prevent MariaDB Pods from running while recovering cluster. Introduced clusterUpscaleTimeout and clusterDownscaleTimeout by @mmontes11 in #904
• Allow custom names in sidecar and init containers by @hedgieinsocks in #908
• Add replication role labels by @nocturo in #909
• Disable bootstrap config in Pods during recovery by @mmontes11 in #910
• Skip mariadb.sys resource cleanup by @mmontes11 in #913
• Use printf to add hosts to /etc/hosts by @hedgieinsocks in #916
• Allow adding custom ports in services by @hedgieinsocks in #912
• Added own PodSecurityContext type by @mmontes11 in #914
• Support for securityContext in Exporter by @mmontes11 in #915
• Make maxUserConnections mutable by @hedgieinsocks in #918
• Bump golang from 1.23.1-alpine3.20 to 1.23.2-alpine3.20 by @dependabot in #921
• Bump github.com/gruntwork-io/terratest from 0.47.1 to 0.47.2 by @dependabot in #920
• Release 0.34.0 by @mmontes11 in #917

New Contributors

• @vixns made their first contribution in #836
• @sennerholm made their first contribution in #899
• @hedgieinsocks made their first contribution in #908
• @nocturo made their first contribution in #909

Full Changelog: v0.0.32...0.34.0

olm-0.34.0

Bump helm chart versions to 0.34.0

mariadb-operator-crds-0.34.0

mariadb-operator CRDs

mariadb-operator-0.34.0

Run and operate MariaDB in a cloud native way