Update Ironbank to v3.2.0
This MR contains the following updates:
| Package | Update | Change |
|---|---|---|
| eck-operator | minor |
3.1.0 -> 3.2.0
|
| registry1.dso.mil/ironbank/elastic/eck-operator/eck-operator (source) | minor |
3.1.0 -> 3.2.0
|
Complete MR checklist
Assignee
-
Followed upgrade instructions outlined in docs/DEVELOPMENT_MAINTENANCE.md -
Update Docs with new/updated steps as needed -
Tested and Validated Changes made with supporting info like logs or screenshots from test pipelines
Add supporting info below
kubectl get pods -n eck-operator && kubectl get pods -n logging
NAME READY STATUS RESTARTS AGE
elastic-operator-0 2/2 Running 1 (24m ago) 25m
NAME READY STATUS RESTARTS AGE
logging-ek-es-data-0 2/2 Running 0 24m
logging-ek-es-data-1 2/2 Running 0 24m
logging-ek-es-data-2 2/2 Running 0 24m
logging-ek-es-data-3 2/2 Running 0 24m
logging-ek-es-master-0 2/2 Running 0 24m
logging-ek-es-master-1 2/2 Running 0 24m
logging-ek-es-master-2 2/2 Running 0 24m
logging-ek-kb-59fd48fc5d-46bnc 2/2 Running 0 24m
logging-ek-kb-59fd48fc5d-c6fp8 2/2 Running 0 24m
logging-ek-kb-59fd48fc5d-fjjzl 2/2 Running 0 24mReviewer only
-
Tested and Validated changes
Release Notes
elastic/cloud-on-k8s (eck-operator)
v3.2.0
Elastic Cloud on Kubernetes 3.2.0
Release Highlights
Automatic pod disruption budget (Enterprise feature)
ECK now offers better out-of-the-box PodDisruptionBudgets that automatically keep your cluster available as Pods move across nodes. The new policy calculates the number of Pods per tier that can sustain replacement and automatically generates a PodDisruptionBudget for each tier, enabling the Elasticsearch cluster to vacate Kubernetes nodes more quickly, while considering cluster health, without interruption.
User Password Generation (Enterprise feature)
ECK will now generate longer passwords by default for the administrative user of each Elasticsearch cluster. The password is 24 characters in length by default (can be configured to a maximum of 72 characters), incorporating alphabetic and numeric characters, to make password complexity stronger.
Features and enhancements
- Enable certificate reloading for stack monitoring Beats #8833 (issue: #5448)
- Allow configuration of file-based password character set and length #8817 (issues: #2795, #8693)
- Automatically set GOMEMLIMIT based on cgroups memory limits #8814 (issue: #8790)
- Introduce granular PodDisruptionBudgets based on node roles #8780 (issue: #2936)
Fixes
- Gate advanced Fleet config logic to Agent v8.13 and later #8869
- Ensure Agent configuration and state persist across restarts in Fleet mode #8856 (issue: #8819)
- Do not set credentials label on Kibana config secret #8852 (issue: #8839)
- Allow elasticsearchRef.secretName in Kibana helm validation #8822 (issue: #8816)
Documentation improvements
- Update Logstash recipes from to filestream input #8801
- Recipe for exposing Fleet server to outside of the Kubernetes cluster #8788
- Clarify secretName restrictions #8782
- Update ES_JAVA_OPTS comments and explain auto-heap behavior #8753
Dependency updates
- Go 1.24.5 => 1.25.2
- github.com/gkampitakis/go-snaps v0.5.13 => v0.5.15
- github.com/hashicorp/vault/api v1.20.0 => v1.22.0
- github.com/KimMachineGun/automemlimit => v0.7.4
- github.com/prometheus/client_golang v1.22.0 => v1.23.2
- github.com/prometheus/common v0.65.0 => v0.67.1
- github.com/sethvargo/go-password v0.3.1 => REMOVED
- github.com/spf13/cobra v1.9.1 => v1.10.1
- github.com/spf13/pflag v1.0.6 => v1.0.10
- github.com/spf13/viper v1.20.1 => v1.21.0
- github.com/stretchr/testify v1.10.0 => v1.11.1
- golang.org/x/crypto v0.40.0 => v0.43.0
- k8s.io/api v0.33.2 => v0.34.1
- k8s.io/apimachinery v0.33.2 => v0.34.1
- k8s.io/client-go v0.33.2 => v0.34.1
- k8s.io/utils v0.0.0-20241104100929-3ea5e8cea738 => v0.0.0-20250604170112-4c0f3b243397
- sigs.k8s.io/controller-runtime v0.21.0 => v0.22.2
- sigs.k8s.io/controller-tools v0.18.0 => v0.19.0
Configuration
-
If you want to rebase/retry this MR, check this box
This MR was automatically generated by Renovate Bot.
Upgrade Notices
N/A