Releases: SolaceProducts/pubsubplus-kubernetes-quickstart
v1.4.0
1. NodePort Service Type Support
New feature enabling direct access to broker services from outside Kubernetes clusters
- Allows configuring NodePort service type in PubSubPlusEventBroker custom resource
- Supports both fixed node port specification and automatic assignment
- Access pattern:
<node-ip>:<node-port>
Example configuration with fixed node ports:
apiVersion: pubsubplus.solace.com/v1beta1
kind: PubSubPlusEventBroker
metadata:
name: node-port-example
spec:
developer: true
service:
type: NodePort
ports:
- name: tcp-semp
protocol: TCP
containerPort: 8080
servicePort: 8080
nodePort: 30080
- name: tcp-smf
protocol: TCP
containerPort: 55555
servicePort: 55555
nodePort: 30555
- name: tcp-web
protocol: TCP
containerPort: 8008
servicePort: 8008
nodePort: 30008
2. DMR Cluster Status Check Enhancement
Improved readiness verification for Dynamic Message Routing clusters
- Enhanced broker readiness check script to verify DMR cluster status
3. Vulnerability fixes
v1.3.0
Enhanced Security Features for PubSub+ Event Broker Operator
1. Read-Only Root Filesystem Support: Available for broker versions 10.9.0 and above
The PubSub+ Event Broker Operator now supports deploying brokers with read-only root filesystems, enhancing your security posture by preventing unauthorized modifications to the container's filesystem. This feature helps meet strict security compliance requirements and promotes immutable infrastructure practices.
How to use:
Add the brokerContainerSecurity.readOnlyRootFilesystem parameter to your broker specification:
apiVersion: pubsubplus.solace.com/v1beta1
kind: PubSubPlusEventBroker
metadata:
name: broker-name
spec:
redundancy: true
brokerContainerSecurity:
readOnlyRootFilesystem: trueImportant notes:
The default value is false for backward compatibility
Only supported with broker versions 10.9.0 and above
Attempting to use this feature with earlier broker versions will cause upgrade failures
2. SELinux and Windows Options Support
The PubSub+ Event Broker Operator now allows you to configure SELinux and Windows options for your broker containers, providing granular security controls for environments with specific SELinux requirements
How to use:
Configure SELinux options in your broker specification:
apiVersion: pubsubplus.solace.com/v1beta1
kind: PubSubPlusEventBroker
metadata:
name: broker-name
spec:
container:
securityContext:
seLinuxOptions:
level: s0:c123,c456
role: object_r
type: svirt_sandbox_file_t
user: system_uThese security enhancements provide more flexibility in meeting your organization's security requirements while deploying PubSub+ Event Brokers in Kubernetes environments.
v1.2.0
This release of the Solace PubSub+ Event Broker Operator includes:
- Disable automatic mounting of service account tokens used for readiness checks
- CVE fixes
v1.1.1
This release of the Solace PubSub+ Event Broker Operator includes:
- Bug fix for PubSub+ Event Broker Scaling Parameter parsing
- Document updates
- CVE fixes
v1.1.0
This release of the Solace PubSub+ Event Broker Operator includes:
- ContainerSecurityContext configuration for PubSub+ broker deployments
- The use of enableServiceLinks for PubSub+ broker deployment
- Support for new scaling parameters for PubSub+ broker deployment
- Improved management of the Monitoring deployment by the Operator
- There are also bugs and CVE fixes.
v1.0.3
This release of the Solace PubSub+ Event Broker Operator includes:
- Supports for toleration
- CVE Fixes
- Updates to documentation to fix broken links
- More deployment samples
v1.0.2
This release of the Solace PubSub+ Event Broker Operator includes:
- CVE Fixes
- Update of the Red Hat Universal Base Image to 9
v1.0.1
- Broker script fixes
- Scripts are now at the same revision level as as PubSub+ Helm v3.3.2
- Fixes in readiness check
- Startup script adjustments
- Fixed monitor verbose readiness check logging
- Scripts are now at the same revision level as as PubSub+ Helm v3.3.2
Initial release v1.0.0
Link updates (#71)