All notable changes to this project will be documented in this file.
- API Version Migration: The operator now uses an image that removes
v1alpha1entirely and keeps onlyv1beta1. - Operator and CockroachDB pre-upgrade validation now require the previous fully migrated state before upgrading to this version.
This means
v1alpha1must not be served,v1beta1must be served and stored, and CRDstoredVersionsmust be["v1beta1"]. - See MIGRATION_v1alpha1_to_v1beta1.md for detailed instructions.
- Insecure cluster support. Set
cockroachdb.tls.enabled: falseand disableselfSigner,certManager, andexternalCertificatesto run without TLS. Intended for non-production use only. - Namespace scoping for the operator via
watchNamespaces. Set to a single namespace or a comma-separated list to restrict which namespaces the operator reconciles. Defaults to""(all namespaces). See Namespace Scoping for details. - Configurable
appLabelfor the operator Deployment selector and pod labels. Defaults tocockroach-operatorto preserve backward compatibility. Changing this on an existing installation requireshelm upgrade --forcesince the Deployment selector is immutable. - Added dedicated PVC support for CockroachDB log storage via
cockroachdb.crdbCluster.log.logsStore. - Added inline log configuration support via
cockroachdb.crdbCluster.log.config, which renders a ConfigMap consumed by the CockroachDB operator. Usecockroachdb.crdbCluster.loggingConfigMapNameto supply a custom ConfigMap name, andcockroachdb.crdbCluster.loggingConfigVarsto expand environment variables within the log configuration. - Added
selfSignedOperatorCertssupport in the operator chart, allowing the operator to self-generate its own webhook TLS certs.
-
Cluster-scoped resources now use a
cockroachdb-prefix. In namespace-scoped mode they also include the release namespace as a suffix.Resource Old name New name (cluster-scoped) New name (namespace-scoped) PriorityClass cockroach-operatorcockroachdb-operatorcockroachdb-operator-<ns>ClusterRole cockroach-operator-rolecockroachdb-operator-rolecockroachdb-operator-role-<ns>ClusterRoleBinding cockroach-operator-defaultcockroachdb-operatorcockroachdb-operator-<ns>where
<ns>is the Helm release namespace. After upgrading, remove the stale resources once the operator is healthy:kubectl delete priorityclass cockroach-operator kubectl delete clusterrole cockroach-operator-role kubectl delete clusterrolebinding cockroach-operator-default
- Running more than one operator watching the same namespace should be avoided as both operators independently reconcile the same clusters, leading to unpredictable behavior.
- When transitioning from a cluster-scoped operator to namespace-scoped operators, the cluster-scoped operator continues reconciling all namespaces, including those watched by the namespace-scoped operators, until it is uninstalled. Complete the transition quickly and uninstall the cluster-scoped operator once the namespace-scoped operators are healthy.
- Upgraded CockroachDB to v26.1.0.
- Fixed a bug that prevented setting CockroachDB cluster settings when a custom sql port was used.
- Upgraded CockroachDB to v25.4.4.
- Fixed a bug that prevented setting CockroachDB cluster settings with the CockroachDB operator.
- Fixed a bug that caused repeated PodDisruptionBudget recreation on clusters with the default name
cockroachdb.
- API Version Migration: v1alpha1 API serving is now disabled. Only v1beta1 is served.
⚠️ CRITICAL: CockroachDB charts MUST be upgraded to the previous version (25.4.3-preview+1) before upgrading to this version.- 📖 See MIGRATION_v1alpha1_to_v1beta1.md for detailed instructions.
- Updated the Operator to disable v1alpha1 API serving.
- Pre-upgrade validation hook in the operator chart to prevent upgrade if CockroachDB charts still use v1alpha1 Helm manifests.
- Automatic detection of new vs. existing installations (new users can upgrade directly).
- Pre-upgrade validation in the CockroachDB chart to enforce operator-first upgrade for Phase 2.
- Scoped PodDisruptionBudget to a single CockroachDB cluster to prevent conflicts in multi-cluster deployments.
- API Version Migration (v1alpha1 to v1beta1): The CockroachDB custom resources are migrating from
v1alpha1tov1beta1. CockroachDB chart now usesv1beta1templates.- IMPORTANT: Operator MUST be upgraded before CockroachDB chart.
- See MIGRATION_v1alpha1_to_v1beta1.md for upgrade instructions.
- Updated the Operator to support multiple CRD versions (v1alpha1, v1beta1) simultaneously.
- Pre-upgrade validation hook to ensure smooth upgrades owing to CR version updates and prevent upgrade order issues.
- Relaxed the K8s secret dependency during initial deployment on Azure.
- Updated the Operator image to fix pkill command failures within the cert-reloader container.
- Updated the CockroachDB version to v25.4.0.
- Added WAL failover custom path support in CockroachDB operator.
- Added virtual cluster support in CockroachDB operator.
- Added
--enable-k8s-node-controllerflag in CockroachDB operator to handle K8s node decommission feature.
- Removed the following deprecated fields in favor of the corresponding podTemplate fields:
- cockroachdb.crdbcluster.resources
- cockroachdb.crdbcluster.podLabels
- cockroachdb.crdbcluster.env
- cockroachdb.crdbcluster.topologySpreadConstraints
- cockroachdb.crdbcluster.podAnnotations
- cockroachdb.crdbcluster.nodeSelector
- cockroachdb.crdbcluster.affinity
- cockroachdb.crdbcluster.tolerations
loggingConfigVarsfield for supporting multiple environment configuration variables in theloggingConfigMap.
startFlags,podTemplatefields for overriding CockroachDB start command and pod spec.localityMappingsfield to allow granular mapping of Kubernetes node label to CockroachDB node locality.
- Removed the deprecated
flagsfield; usestartFlagsinstead. - Removed the
joinfield; specify it usingstartFlags.
- release: advance app version to v25.2.0