[datadog-operator] update operator version to 1.8.0 (#1494)

* [datadog-operator] update operator version to 1.8.0 * fix tag in template helper * Cleanup operator readme * Update RBAC
DataDog · Aug 19, 2024 · 58ac6c3 · 58ac6c3
1 parent de8f82c
commit 58ac6c3
Show file tree

Hide file tree

Showing 25 changed files with 454 additions and 16,050 deletions.
diff --git a/charts/datadog-operator/CHANGELOG.md b/charts/datadog-operator/CHANGELOG.md
@@ -1,5 +1,10 @@
 # Changelog
 
+## 2.0.0
+
+* Update Datadog Operator version to 1.8.0.
+* Drop support for DatadogAgent `v1alpha1` and conversion webhook.
+
 ## 1.8.5
 
 * Update `datadog-crds` dependency to `1.7.2`.

diff --git a/charts/datadog-operator/Chart.lock b/charts/datadog-operator/Chart.lock
@@ -1,6 +1,6 @@
 dependencies:
 - name: datadog-crds
   repository: https://helm.datadoghq.com
-  version: 1.7.2
-digest: sha256:256e0d475f434d840d83c6ef94a7290ad1e8d74c76c1f1058e6cd4f919435872
-generated: "2024-08-02T09:24:41.011919+02:00"
+  version: 2.0.0
+digest: sha256:39f4d700e87701398d61344f3f816586017a20396c07a4953a60da9c46edc74b
+generated: "2024-08-16T15:47:01.022149-04:00"
diff --git a/charts/datadog-operator/Chart.yaml b/charts/datadog-operator/Chart.yaml
@@ -1,7 +1,7 @@
 apiVersion: v2
 name: datadog-operator
-version: 1.8.6
-appVersion: 1.7.0
+version: 2.0.0
+appVersion: 1.8.0
 description: Datadog Operator
 keywords:
 - monitoring
@@ -17,7 +17,7 @@ maintainers:
   email: support@datadoghq.com
 dependencies:
 - name: datadog-crds
-  version: "=1.7.2"
+  version: "=2.0.0"
   alias: datadogCRDs
   repository: https://helm.datadoghq.com
   condition: installCRDs

diff --git a/charts/datadog-operator/README.md b/charts/datadog-operator/README.md
@@ -1,6 +1,6 @@
 # Datadog Operator
 
-![Version: 1.8.6](https://img.shields.io/badge/Version-1.8.6-informational?style=flat-square) ![AppVersion: 1.7.0](https://img.shields.io/badge/AppVersion-1.7.0-informational?style=flat-square)
+![Version: 2.0.0](https://img.shields.io/badge/Version-2.0.0-informational?style=flat-square) ![AppVersion: 1.8.0](https://img.shields.io/badge/AppVersion-1.8.0-informational?style=flat-square)
 
 ## Values
 
@@ -21,11 +21,6 @@
 | datadogCRDs.crds.datadogMonitors | bool | `true` | Set to true to deploy the DatadogMonitors CRD |
 | datadogCRDs.crds.datadogPodAutoscalers | bool | `true` | Set to true to deploy the DatadogPodAutoscalers CRD |
 | datadogCRDs.crds.datadogSLOs | bool | `false` | Set to true to deploy the DatadogSLO CRD |
-| datadogCRDs.migration.datadogAgents.conversionWebhook.enabled | bool | `false` |  |
-| datadogCRDs.migration.datadogAgents.conversionWebhook.name | string | `"datadog-operator-webhook-service"` |  |
-| datadogCRDs.migration.datadogAgents.conversionWebhook.namespace | string | `"default"` |  |
-| datadogCRDs.migration.datadogAgents.useCertManager | bool | `false` |  |
-| datadogCRDs.migration.datadogAgents.version | string | `"v2alpha1"` |  |
 | datadogMonitor.enabled | bool | `false` | Enables the Datadog Monitor controller |
 | datadogSLO.enabled | bool | `false` | Enables the Datadog SLO controller |
 | dd_url | string | `nil` | The host of the Datadog intake server to send Agent data to, only set this option if you need the Agent to send data to a custom URL |
@@ -35,7 +30,7 @@
 | image.doNotCheckTag | bool | `false` | Permit skipping operator image tag compatibility with the chart. |
 | image.pullPolicy | string | `"IfNotPresent"` | Define the pullPolicy for Datadog Operator image |
 | image.repository | string | `"gcr.io/datadoghq/operator"` | Repository to use for Datadog Operator image |
-| image.tag | string | `"1.7.0"` | Define the Datadog Operator version to use |
+| image.tag | string | `"1.8.0"` | Define the Datadog Operator version to use |
 | imagePullSecrets | list | `[]` | Datadog Operator repository pullSecret (ex: specify docker registry credentials) |
 | installCRDs | bool | `true` | Set to true to deploy the Datadog's CRDs |
 | introspection.enabled | bool | `false` | If true, enables introspection feature (beta). Requires v1.4.0+ |
@@ -80,184 +75,4 @@ To watch all namespaces, the following configuration needs to be used:
 ```yaml
 watchNamespaces:
 - ""
-```
-
-## Migrating to the version 1.0 of the Datadog Operator
-
-### Disclaimer
-
-As part of the General Availability release of the Datadog Operator, we are offering a migration path for our early adopters to migrate to the GA version of the custom resource, `v2alpha1/DatadogAgent`.
-
-The Datadog Operator v1.X reconciles the version `v2alpha1` of the DatadogAgent custom resource, while the v0.X reconciles `v1alpha1`.
-
-### Requirements
-
-If you are using the v1alpha1 with a v0.X version of the Datadog Operator and would like to upgrade, you will need to use the Conversion Webhook feature.
-
-Start by ensuring that you have the minimum required version of the chart and it's dependencies:
-
-```
-NAME                	CHART VERSION	APP VERSION	DESCRIPTION
-datadog/datadog-crds	0.6.1        	1          	Datadog Kubernetes CRDs chart
-```
-
-and for the Datadog Operator chart:
-
-```
-NAME                    	CHART VERSION	APP VERSION	DESCRIPTION
-datadog/datadog-operator	1.1.0        	1.1.0      	Datadog Operator
-```
-
-Then you will need to install the cert manager if you don't have it already, add the chart:
-```
-helm repo add jetstack https://charts.jetstack.io
-```
-and then install it:
-```
- helm install \
-  cert-manager jetstack/cert-manager \
-  --version v1.11.0 \
-  --set installCRDs=true
-```
-
-### Migration
-
-You can update with the following:
-
-```
-helm upgrade \
-    datadog-operator datadog/datadog-operator \
-    --set image.tag=1.7.0 \
-    --set datadogCRDs.migration.datadogAgents.version=v2alpha1 \
-    --set datadogCRDs.migration.datadogAgents.useCertManager=true \
-    --set datadogCRDs.migration.datadogAgents.conversionWebhook.enabled=true
-```
-
-### Notes
-
-Starting at the version 1.0.0 of the datadog-operator chart, the fields `image.tag` has a default values of `1.0.0` and `datadogCRDs.migration.datadogAgents.version` is `v2alpha1`.
-
-We set them in the command here to illustrate the migration of going from a Datadog Operator version < 1.0.0 with a stored version of `v1alpha1` to the GA version of `1.0.0` with a stored version of `v2alpha1`.
-
-### Implementation details
-
-This will create a self-signed `Certificate` (using an `Issuer`) that will be used by the Certificate Manager to mutate the DatadogAgent CRD to document the `caBundle` that the API Server will use to contact the Conversion Webhook.
-
-The Datadog Operator will be running the new reconciler for `v2alpha1` object and will also start a Conversion Webhook Server, exposed on port 9443. This server is the one the API Server will be using to convert v1alpha1 DatadogAgent into v2alpha1.
-
-### Lifecycle
-
-The conversionWebhook is not supposed to be an ever running process, we recommend using it to migrate your objects as a transition.
-
-Once converted, you can store the new version of your DatadogAgent, deactivate the conversion and simply deploy v2alpha1 objects.
-
-### Roadmap
-
-Upon releasing the v2 version of the DatadogAgent object, we will remove v1alpha1 from the CRD as part of a major update of the charts (datadog-crds and datadog-operator).
-
-### Troubleshooting
-
-* I don't see v2alpha1 version of the DatadogAgent resource
-
-The v1alpha1 and the v2alpha1 are `served` so you might need to specify which version you want to see:
-
-```
-kubectl get datadogagents.v2alpha1.datadoghq.com datadog-agent
-```
-
-* The Conversion is not working
-
-The logs of the Datadog Operator pod should show that the conversion webhook is enabled, the server is running, the certificates are watched.
-
-```
-kubectl logs datadog-operator-XXX-YYY
-[...]
-{"level":"INFO","ts":"2023-02-16T16:47:07Z","logger":"controller-runtime.webhook","msg":"Registering webhook","path":"/convert"}
-{"level":"INFO","ts":"2023-02-16T16:47:07Z","logger":"controller-runtime.builder","msg":"Conversion webhook enabled","GVK":"datadoghq.com/v2alpha1, Kind=DatadogAgent"}
-{"level":"INFO","ts":"2023-02-16T16:47:07Z","logger":"setup","msg":"starting manager"}
-{"level":"INFO","ts":"2023-02-16T16:47:07Z","logger":"controller-runtime.webhook.webhooks","msg":"Starting webhook server"}
-{"level":"INFO","ts":"2023-02-16T16:47:07Z","logger":"controller-runtime.certwatcher","msg":"Updated current TLS certificate"}
-{"level":"INFO","ts":"2023-02-16T16:47:07Z","logger":"controller-runtime.webhook","msg":"Serving webhook server","host":"","port":9443}
-{"level":"INFO","ts":"2023-02-16T16:47:07Z","msg":"Starting server","path":"/metrics","kind":"metrics","addr":"0.0.0.0:8383"}
-{"level":"INFO","ts":"2023-02-16T16:47:07Z","msg":"Starting server","kind":"health probe","addr":"0.0.0.0:8081"}
-{"level":"INFO","ts":"2023-02-16T16:47:07Z","logger":"controller-runtime.certwatcher","msg":"Starting certificate watcher"}
-[...]
-```
-
-* Check the service registered for the conversion for a registered Endpoint
-
-```
-kubectl describe service datadog-operator-webhook-service
-[...]
-Name:              datadog-operator-webhook-service
-Namespace:         default
-[...]
-Selector:          app.kubernetes.io/instance=datadog-operator,app.kubernetes.io/name=datadog-operator
-[...]
-Port:              <unset>  443/TCP
-TargetPort:        9443/TCP
-Endpoints:         10.88.3.28:9443
-```
-
-* Verify the registered service for the conversion webhook
-
-```
-kubectl describe crd datadogagents.datadoghq.com
-[...]
-  Conversion:
-    Strategy:  Webhook
-    Webhook:
-      Client Config:
-        Ca Bundle:  LS0t[...]UtLS0tLQo=
-        Service:
-          Name:       datadog-operator-webhook-service
-          Namespace:  default
-          Path:       /convert
-          Port:       443
-      Conversion Review Versions:
-        v1
-```
-
-* The CRD does not have the `caBundle`
-
-Make sure that the CRD has the correct annotation: `cert-manager.io/inject-ca-from: default/datadog-operator-serving-cert` and check the logs of the `cert-manager-cainjector` pod.
-
-If you do not see anything standing out, setting the log level to 5 (debug) might help:
-
-```
-kubectl edit deploy cert-manager-cainjector -n cert-manager
-[...]
-    spec:
-      containers:
-      - args:
-        - --v=5
-[...]
-```
-
-You should see logs such as:
-
-```
-[...]
-I0217 08:11:15.582479       1 controller.go:178] cert-manager/certificate/customresourcedefinition/generic-inject-reconciler "msg"="updated object" "resource_kind"="CustomResourceDefinition" "resource_name"="datadogagents.datadoghq.com" "resource_namespace"="" "resource_version"="v1"
-I0217 08:25:24.989209       1 sources.go:98] cert-manager/certificate/customresourcedefinition/generic-inject-reconciler "msg"="Extracting CA from Certificate resource" "certificate"="default/datadog-operator-serving-cert" "resource_kind"="CustomResourceDefinition" "resource_name"="datadogagents.datadoghq.com" "resource_namespace"="" "resource_version"="v1"
-[...]
-```
-### Rollback
-
-If you migrated to the new version of the Datadog Operator using v2alpha1 but want to rollback to the former version, we recommend:
-- Scaling the Datadog Operator deployment to 0 replicas.
-  ```
-  kubectl scale deploy datadog-operator --replicas=0
-  ```
-- Upgrading the chart to have v1alpha1 stored and for the Datadog Operator to use the 0.8.X image.
-  ```
-  helm upgrade \
-    datadog-operator datadog/datadog-operator \
-    --set image.tag=0.8.4 \
-    --set datadogCRDs.migration.datadogAgents.version=v1alpha1 \
-    --set datadogCRDs.migration.datadogAgents.useCertManager=false \
-    --set datadogCRDs.migration.datadogAgents.conversionWebhook.enabled=false
-  ```
-- Redeploy the previous DatadogAgent v1alpha1 object.
-
-Note: The Daemonset of the Datadog Agents will be rolled out in the process.
+```