Releases: necro-cloud/modules
Releases · necro-cloud/modules
valkey v0.1.0
Changes in valkey
From PR: #139 (Issues closed: #136 #137)
- Complete removal of Kubernetes Reflector and Random Provider since its
all being managed using OpenBao and External Secrets Operator - READMEs updated to denote the removal of the components
- Deployment tested to make sure there are no errors and Random Provider
doesn't creep in
From PR: #130 (Issues closed: #120)
- Shifted secrets management for Valkey Credentials to External Secrets
Operator - No dependent module however have setup outputs for other modules to
use - For generating passwords, using External Secrets Operator for the same
From PR: #100 (Issues closed: #99)
- Setup monitoring dashboards for Valkey in an automated fashion
completed - Implemented Deployment of Redis Exporter to expose metrics for the
Valkey Cluster - Allowed network calls to happen to the Valkey Cluster
From PR: #60 (Issues closed: #59)
- Moved example setup to this repository
From PR: #43 (Issues closed: N/A)
- Setup Pod Affinity along with Topology Spread for Valkey Pods (#40)
- Setup Pod Disruption Budget to keep 2 Valkey Pods running (#41)
- Setup Network Policies to restrict network access to Valkey (#42)
From PR: #34 (Issues closed: #33)
- Used native Kubernetes Objects for deploying Valkey instead of using
Bitnami Helm Charts - Preserved features that were being used such as TLS connections
- Deployed a service exposing only the primary pod for usage
openbao v0.1.0
Changes in openbao
From PR: #141 (Issues closed: #138)
- Setup automated deployments of a prepared monitoring dashboard for
observing OpenBao on Grafana completed - OpenBao configured as such to allow scraping of metrics data
From PR: #139 (Issues closed: #136 #137)
- Complete removal of Kubernetes Reflector and Random Provider since its
all being managed using OpenBao and External Secrets Operator - READMEs updated to denote the removal of the components
- Deployment tested to make sure there are no errors and Random Provider
doesn't creep in
From PR: #134 (Issues closed: #121)
- Shifted secrets management for Keycloak and OpenBao Credentials to
External Secrets Operator - No dependent modules. Whatever modules depended on OpenBao has been
already migrated - For generating passwords, using External Secrets Operator for the same
From PR: #126 (Issues closed: #118)
- Shifted secrets management for FerretDB Credentials to External
Secrets Operator - There are currently no dependent modules for FerretDB
- For generating passwords, using External Secrets Operator for the same
From PR: #124 (Issues closed: #117)
- Shifted secrets management for CNPG Credentials to External Secrets
Operator - For dependent modules such as Keycloak, using External Secrets
Operator to pull in the required credentials - For generating passwords, using External Secrets Operator for the same
- Updated Keycloak Deployment to generate DER Format Key on the fly
using init container
From PR: #122 (Issues closed: #116)
- Shifted secrets management for Garage S3 Credentials to External
Secrets Operator - For dependent modules such as CNPG and FerretDB, using External
Secrets Operator to pull in the required credentials - For generating passwords, using External Secrets Operator for the same
From PR: #114 (Issues closed: #111)
- Automated the Deployment of the helm chart to setup the CRDs for the
External Secret Operator - Cluster Secret Store is OpenBao utilizing the Kubernetes
Authentication to authenticate
From PR: #112 (Issues closed: #110)
- Deployment automated for the OpenBao Cluster using the officially
supported Helm Chart with Raft as the storage mechanism, TLS setup,
using a static key for auto unsealing mechanism. - The cluster is being initialized using a Configurator Job which will
initialize and configure the cluster including Kubernetes Authentication
for the External Secrets Operator. - Exposed the UI using the Ingress.
observability v0.1.0
Changes in observability
From PR: #141 (Issues closed: #138)
- Setup automated deployments of a prepared monitoring dashboard for
observing OpenBao on Grafana completed - OpenBao configured as such to allow scraping of metrics data
From PR: #139 (Issues closed: #136 #137)
- Complete removal of Kubernetes Reflector and Random Provider since its
all being managed using OpenBao and External Secrets Operator - READMEs updated to denote the removal of the components
- Deployment tested to make sure there are no errors and Random Provider
doesn't creep in
From PR: #128 (Issues closed: #119)
- Shifted secrets management for Observability Credentials to External
Secrets Operator - No dependent modules whatsoever where credentials are to be synced
- For generating passwords, using External Secrets Operator for the same
From PR: #106 (Issues closed: #105)
- Setup dashboard for monitoring Network Performance utilizing NetObserv
and automation for the same to be deployed on Grafana completed - Implemented network topology setup in Grafana to visualize network
activity
From PR: #103 (Issues closed: #102)
- Setup dashboards for monitoring the Kubernetes Cluster completed and
automated - Node and pod level metrics are being monitored
From PR: #100 (Issues closed: #99)
- Setup monitoring dashboards for Valkey in an automated fashion
completed - Implemented Deployment of Redis Exporter to expose metrics for the
Valkey Cluster - Allowed network calls to happen to the Valkey Cluster
From PR: #97 (Issues closed: #96)
- Setup monitoring dashboards for Keycloak completed with automated
deployments onto Grafana - Enabled metrics monitoring with user events for Keycloak for Otel
Collector to scrape - Allowed network connections to be made from Otel Collector to the
Keycloak instances
From PR: #94 (Issues closed: #93)
- Allowed OTel Collector to scrape for metrics in the Garage Namespace
- Automated the deployment of Garage dashboards to Grafana
- Setup monitoring dashboards for Garage S3 has been completed
From PR: #91 (Issues closed: #90)
- Custom Dashboard for PostgreSQL Database has been setup
- Kube State Metrics has been deployed for extra metrics to be used
- Deployments for FerretDB and PostgreSQL Modules has been updated for
CNPG Metrics to be scraped
From PR: #85 (Issues closed: #77)
- Implementation of deployment of Grafana
- Certificates deployment for Ingress and Internal usage
- Credentials setup for the Observability Platform
From PR: #83 (Issues closed: #76)
- Implementation of deployment of NetObserv
- Updated configuration for Otel Collector to allow pushing logs from
Netobserv - Logs being pushed to Victoria Logs
From PR: #81 (Issues closed: #75)
- Implementation of deployment of OpenTelemetry Collector
- This is hooked up for collecting logs and metrics across the cluster
and send it to the respective components - Logs are routed to the VL deployment and metrics to the VM deployment.
Traces are trashed and handled for errors for now
From PR: #79 (Issues closed: #74)
- Implementation of deployment of VictoriaMetrics
- This will be used for storing metrics across the cluster
- Configured to be deployed on agent nodes
keycloak v0.1.0
Changes in keycloak
From PR: #139 (Issues closed: #136 #137)
- Complete removal of Kubernetes Reflector and Random Provider since its
all being managed using OpenBao and External Secrets Operator - READMEs updated to denote the removal of the components
- Deployment tested to make sure there are no errors and Random Provider
doesn't creep in
From PR: #134 (Issues closed: #121)
- Shifted secrets management for Keycloak and OpenBao Credentials to
External Secrets Operator - No dependent modules. Whatever modules depended on OpenBao has been
already migrated - For generating passwords, using External Secrets Operator for the same
From PR: #124 (Issues closed: #117)
- Shifted secrets management for CNPG Credentials to External Secrets
Operator - For dependent modules such as Keycloak, using External Secrets
Operator to pull in the required credentials - For generating passwords, using External Secrets Operator for the same
- Updated Keycloak Deployment to generate DER Format Key on the fly
using init container
From PR: #97 (Issues closed: #96)
- Setup monitoring dashboards for Keycloak completed with automated
deployments onto Grafana - Enabled metrics monitoring with user events for Keycloak for Otel
Collector to scrape - Allowed network connections to be made from Otel Collector to the
Keycloak instances
From PR: #60 (Issues closed: #59)
- Moved example setup to this repository
From PR: #56 (Issues closed: N/A)
- Pod Affinity along with Topology Spread for Keycloak Pods has been
setup - Pod Disruption Budget to keep 1 Keycloak Pods running has been setup
- Network Policies to restrict network access to Keycloak has been setup
- Cache Stack to JDBC PING for Keycloak has been updated
From PR: #51 (Issues closed: N/A)
- Setup Pod Affinity along with Topology Spread for CNPG Pods
- Setup Pod Disruption Budget to keep 1 CNPG Pods running
- Setup Network Policies to restrict network access to CNPG
helm v0.1.0
Changes in helm
From PR: #139 (Issues closed: #136 #137)
- Complete removal of Kubernetes Reflector and Random Provider since its
all being managed using OpenBao and External Secrets Operator - READMEs updated to denote the removal of the components
- Deployment tested to make sure there are no errors and Random Provider
doesn't creep in
From PR: #114 (Issues closed: #111)
- Automated the Deployment of the helm chart to setup the CRDs for the
External Secret Operator - Cluster Secret Store is OpenBao utilizing the Kubernetes
Authentication to authenticate
From PR: #83 (Issues closed: #76)
- Implementation of deployment of NetObserv
- Updated configuration for Otel Collector to allow pushing logs from
Netobserv - Logs being pushed to Victoria Logs
From PR: #60 (Issues closed: #59)
- Moved example setup to this repository
From PR: #43 (Issues closed: N/A)
- Setup Pod Affinity along with Topology Spread for Valkey Pods (#40)
- Setup Pod Disruption Budget to keep 2 Valkey Pods running (#41)
- Setup Network Policies to restrict network access to Valkey (#42)
From PR: #39 (Issues closed: N/A)
- Upgraded all helm chart versions to the latest one possible (#35)
- Deployment of Calico for Networking Needs (#36)
- Switched deployment of Barman Cloud to Helm Chart (#37)
- Deployment of Helm Modules is on the Kubernetes Server Node (#38)
From PR: #34 (Issues closed: #33)
- Used native Kubernetes Objects for deploying Valkey instead of using
Bitnami Helm Charts - Preserved features that were being used such as TLS connections
- Deployed a service exposing only the primary pod for usage
From PR: #27 (Issues closed: #25)
- Upgraded to CNPG Operator Release 0.26.0 for 1.27.0
- Implementation of Cluster Image Catalog for locking down Image
Versions - Tested changes with full infrastructure deployment
garage v0.1.0
Changes in garage
From PR: #139 (Issues closed: #136 #137)
- Complete removal of Kubernetes Reflector and Random Provider since its
all being managed using OpenBao and External Secrets Operator - READMEs updated to denote the removal of the components
- Deployment tested to make sure there are no errors and Random Provider
doesn't creep in
From PR: #134 (Issues closed: #121)
- Shifted secrets management for Keycloak and OpenBao Credentials to
External Secrets Operator - No dependent modules. Whatever modules depended on OpenBao has been
already migrated - For generating passwords, using External Secrets Operator for the same
From PR: #132 (Issues closed: #116)
- Shifted Garage's RPC secret generation to External Secrets Operator
- Updated README to include the change
From PR: #124 (Issues closed: #117)
- Shifted secrets management for CNPG Credentials to External Secrets
Operator - For dependent modules such as Keycloak, using External Secrets
Operator to pull in the required credentials - For generating passwords, using External Secrets Operator for the same
- Updated Keycloak Deployment to generate DER Format Key on the fly
using init container
From PR: #122 (Issues closed: #116)
- Shifted secrets management for Garage S3 Credentials to External
Secrets Operator - For dependent modules such as CNPG and FerretDB, using External
Secrets Operator to pull in the required credentials - For generating passwords, using External Secrets Operator for the same
From PR: #94 (Issues closed: #93)
- Allowed OTel Collector to scrape for metrics in the Garage Namespace
- Automated the deployment of Garage dashboards to Grafana
- Setup monitoring dashboards for Garage S3 has been completed
From PR: #60 (Issues closed: #59)
- Moved example setup to this repository
From PR: #51 (Issues closed: N/A)
- Setup Pod Affinity along with Topology Spread for CNPG Pods
- Setup Pod Disruption Budget to keep 1 CNPG Pods running
- Setup Network Policies to restrict network access to CNPG
From PR: #50 (Issues closed: N/A)
- Setup Complete for Pod Affinity along with Topology Spread for Garage
Pods - Setup Complete for Pod Disruption Budget to keep 2 Garage Pods running
- Setup Complete for Network Policies to restrict network access to
Garage
ferretdb v0.1.0
Changes in ferretdb
From PR: #139 (Issues closed: #136 #137)
- Complete removal of Kubernetes Reflector and Random Provider since its
all being managed using OpenBao and External Secrets Operator - READMEs updated to denote the removal of the components
- Deployment tested to make sure there are no errors and Random Provider
doesn't creep in
From PR: #126 (Issues closed: #118)
- Shifted secrets management for FerretDB Credentials to External
Secrets Operator - There are currently no dependent modules for FerretDB
- For generating passwords, using External Secrets Operator for the same
From PR: #122 (Issues closed: #116)
- Shifted secrets management for Garage S3 Credentials to External
Secrets Operator - For dependent modules such as CNPG and FerretDB, using External
Secrets Operator to pull in the required credentials - For generating passwords, using External Secrets Operator for the same
From PR: #91 (Issues closed: #90)
- Custom Dashboard for PostgreSQL Database has been setup
- Kube State Metrics has been deployed for extra metrics to be used
- Deployments for FerretDB and PostgreSQL Modules has been updated for
CNPG Metrics to be scraped
From PR: #71 (Issues closed: #69)
- Implementation of Mongo Express Deployment to serve as the UI for
FerretDB - Configured a separate user for Mongo Express to use to authenticate to
FerretDB
From PR: #70 (Issues closed: #68)
- Reworked Authentication Setup for the FerretDB Database
- Updated the structure of the variable clients to better reflect
authentication details for the module - Handling FerretDB authentication through PostgreSQL Database
From PR: #66 (Issues closed: #65)
- Implementation for FerretDB on top of CNPG Cluster
- There's a seperate image used for PostgreSQL which uses DocumentDB
Extension - Configured Backups on S3, Read Replicas, TLS connections, PDB and
Network Policies for the deployment
cnpg v0.1.0
Changes in cnpg
From PR: #139 (Issues closed: #136 #137)
- Complete removal of Kubernetes Reflector and Random Provider since its
all being managed using OpenBao and External Secrets Operator - READMEs updated to denote the removal of the components
- Deployment tested to make sure there are no errors and Random Provider
doesn't creep in
From PR: #124 (Issues closed: #117)
- Shifted secrets management for CNPG Credentials to External Secrets
Operator - For dependent modules such as Keycloak, using External Secrets
Operator to pull in the required credentials - For generating passwords, using External Secrets Operator for the same
- Updated Keycloak Deployment to generate DER Format Key on the fly
using init container
From PR: #122 (Issues closed: #116)
- Shifted secrets management for Garage S3 Credentials to External
Secrets Operator - For dependent modules such as CNPG and FerretDB, using External
Secrets Operator to pull in the required credentials - For generating passwords, using External Secrets Operator for the same
From PR: #91 (Issues closed: #90)
- Custom Dashboard for PostgreSQL Database has been setup
- Kube State Metrics has been deployed for extra metrics to be used
- Deployments for FerretDB and PostgreSQL Modules has been updated for
CNPG Metrics to be scraped
From PR: #60 (Issues closed: #59)
- Moved example setup to this repository
From PR: #56 (Issues closed: N/A)
- Pod Affinity along with Topology Spread for Keycloak Pods has been
setup - Pod Disruption Budget to keep 1 Keycloak Pods running has been setup
- Network Policies to restrict network access to Keycloak has been setup
- Cache Stack to JDBC PING for Keycloak has been updated
From PR: #51 (Issues closed: N/A)
- Setup Pod Affinity along with Topology Spread for CNPG Pods
- Setup Pod Disruption Budget to keep 1 CNPG Pods running
- Setup Network Policies to restrict network access to CNPG
From PR: #50 (Issues closed: N/A)
- Setup Complete for Pod Affinity along with Topology Spread for Garage
Pods - Setup Complete for Pod Disruption Budget to keep 2 Garage Pods running
- Setup Complete for Network Policies to restrict network access to
Garage
From PR: #32 (Issues closed: #30)
- Implementation of PGAdmin Dashboard Deployment
- All passwords and certificates mounted as a volume
- TLS authentication implemented on the POD level
From PR: #27 (Issues closed: #25)
- Upgraded to CNPG Operator Release 0.26.0 for 1.27.0
- Implementation of Cluster Image Catalog for locking down Image
Versions - Tested changes with full infrastructure deployment