diff --git a/docs/parameters.md b/docs/parameters.md index 4131890f..0d192834 100644 --- a/docs/parameters.md +++ b/docs/parameters.md @@ -37,7 +37,7 @@ Common settings for the Operator. | **NODE_MEM_LIMIT_MIB** | Memory limit for the Cassandra node containers. | 4096 | | **NODE_DISK_SIZE_GIB** | Disk size (in GiB) for the Cassandra node containers. | 20 | | **NODE_STORAGE_CLASS** | The storage class to be used in volumeClaimTemplates. By default, it is not required and the default storage class is used. | | -| **NODE_DOCKER_IMAGE** | Cassandra node Docker image. | mesosphere/cassandra:3.11.7-1.0.2 | +| **NODE_DOCKER_IMAGE** | Cassandra node Docker image. | mesosphere/cassandra:3.11.7-1.0.3 | | **NODE_DOCKER_IMAGE_PULL_POLICY** | Cassandra node Docker image pull policy. | Always | | **POD_MANAGEMENT_POLICY** | Parallel startup may decrease the startup time of big clusters but lead to failing pods in the beginning when two nodes try to join at the very same time. | OrderedReady | | **OVERRIDE_CLUSTER_NAME** | Override the name of the Cassandra cluster set by the operator. This shouldn't be explicit set, unless you know what you're doing. | | @@ -92,7 +92,7 @@ Configuration related to backup and restore of the Cassandra Cluster. | **BACKUP_MEDUSA_CPU_LIMIT_MC** | CPU limit for the Medusa backup containers. | 500 | | **BACKUP_MEDUSA_MEM_MIB** | Memory request for the Medusa backup containers. | 256 | | **BACKUP_MEDUSA_MEM_LIMIT_MIB** | Memory limit for the Medusa backup containers. | 512 | -| **BACKUP_MEDUSA_DOCKER_IMAGE** | Medusa backup Docker image which is used to make backups. | mesosphere/kudo-cassandra-medusa:0.6.0-1.0.2 | +| **BACKUP_MEDUSA_DOCKER_IMAGE** | Medusa backup Docker image which is used to make backups. | mesosphere/kudo-cassandra-medusa:0.6.0-1.0.3 | | **BACKUP_MEDUSA_DOCKER_IMAGE_PULL_POLICY** | The Pull policy for the Medusa Docker Image. | Always | | **BACKUP_NAME** | The name of the backup to create or restore. | | @@ -132,7 +132,7 @@ Metrics can be exported with the Prometheus Metrics Exporter. | **PROMETHEUS_EXPORTER_CPU_LIMIT_MC** | CPU limit for the Prometheus exporter containers. | 1000 | | **PROMETHEUS_EXPORTER_MEM_MIB** | Memory request for the Prometheus exporter containers. | 512 | | **PROMETHEUS_EXPORTER_MEM_LIMIT_MIB** | Memory limit for the Prometheus exporter containers. | 512 | -| **PROMETHEUS_EXPORTER_DOCKER_IMAGE** | The docker image of the Prometheus exporter. | mesosphere/cassandra-prometheus-exporter:2.3.4-1.0.2 | +| **PROMETHEUS_EXPORTER_DOCKER_IMAGE** | The docker image of the Prometheus exporter. | mesosphere/cassandra-prometheus-exporter:2.3.4-1.0.3 | | **PROMETHEUS_EXPORTER_DOCKER_IMAGE_PULL_POLICY** | Prometheus exporter Docker image pull policy. | Always | ## Recovery Controller @@ -143,7 +143,7 @@ fails. | Name | Description | Default | | ------------------------------------------------ | ------------------------------------------------------------------ | ---------------------------------------------- | | **RECOVERY_CONTROLLER** | Needs to be true for automatic failure recovery and node eviction. | False | -| **RECOVERY_CONTROLLER_DOCKER_IMAGE** | Docker image for the recovery controller. | mesosphere/kudo-cassandra-recovery:0.0.2-1.0.2 | +| **RECOVERY_CONTROLLER_DOCKER_IMAGE** | Docker image for the recovery controller. | mesosphere/kudo-cassandra-recovery:0.0.2-1.0.3 | | **RECOVERY_CONTROLLER_DOCKER_IMAGE_PULL_POLICY** | Recovery controller Docker image pull policy. | Always | | **RECOVERY_CONTROLLER_CPU_MC** | CPU request for the Recovery controller container. | 50 | | **RECOVERY_CONTROLLER_CPU_LIMIT_MC** | CPU limit for the Recovery controller container. | 200 | @@ -423,6 +423,6 @@ require changes to the used docker image. All parameters that are not assigned to a specific group. -| Name | Description | Default | -| ---- | ----------- | ------- | - +| Name | Description | Default | +| --------------------------------- | --------------------------------------------------------------------------------------------------------------------------- | ------- | +| **PERMISSIONS_CACHE_MAX_ENTRIES** | The maximum number of entries that are held by the standard authentication cache and row-level access control (RLAC) cache. | 1000 | diff --git a/metadata.sh b/metadata.sh index bf64af03..f0c68a20 100644 --- a/metadata.sh +++ b/metadata.sh @@ -20,7 +20,7 @@ export OPERATOR_NAME="cassandra" # More details about KUDO Versioning: # https://github.com/kudobuilder/kudo/pull/1028 # NOTE: Keep the version in tests in sync, see https://github.com/mesosphere/kudo-cassandra-operator/issues/136 -export OPERATOR_VERSION="1.0.2" +export OPERATOR_VERSION="1.0.3" # This should be an empty string on stable branches and "-SNAPSHOT" on # non-stable branches. diff --git a/operator/operator.yaml b/operator/operator.yaml index 94baad09..601f1fed 100644 --- a/operator/operator.yaml +++ b/operator/operator.yaml @@ -1,6 +1,6 @@ apiVersion: kudo.dev/v1beta1 name: "cassandra" -operatorVersion: "1.0.2" +operatorVersion: "1.0.3" kudoVersion: "0.17.0" kubernetesVersion: "1.16.0" appVersion: "3.11.7" diff --git a/operator/params.yaml b/operator/params.yaml index fecb222c..d4310afc 100644 --- a/operator/params.yaml +++ b/operator/params.yaml @@ -172,7 +172,7 @@ parameters: type: string description: "Cassandra node Docker image." hint: "Docker Image for Cassandra." - default: "mesosphere/cassandra:3.11.7-1.0.2" + default: "mesosphere/cassandra:3.11.7-1.0.3" advanced: true group: general @@ -469,7 +469,7 @@ parameters: hint: "The Medusa Docker Image." description: "Medusa backup Docker image which is used to make backups." type: string - default: "mesosphere/kudo-cassandra-medusa:0.6.0-1.0.2" + default: "mesosphere/kudo-cassandra-medusa:0.6.0-1.0.3" advanced: true group: backup @@ -627,7 +627,7 @@ parameters: type: string hint: "Prometheus Docker Image." description: "The docker image of the Prometheus exporter." - default: "mesosphere/cassandra-prometheus-exporter:2.3.4-1.0.2" + default: "mesosphere/cassandra-prometheus-exporter:2.3.4-1.0.3" advanced: true group: metrics @@ -1023,6 +1023,10 @@ parameters: required: false group: security + - name: PERMISSIONS_CACHE_MAX_ENTRIES + description: "The maximum number of entries that are held by the standard authentication cache and row-level access control (RLAC) cache." + default: "1000" + - name: PERMISSIONS_VALIDITY_IN_MS displayName: "Permissions Validity Period" type: integer @@ -2133,7 +2137,7 @@ parameters: description: "Docker image for the recovery controller." hint: "Docker Image." type: string - default: "mesosphere/kudo-cassandra-recovery:0.0.2-1.0.2" + default: "mesosphere/kudo-cassandra-recovery:0.0.2-1.0.3" advanced: true group: recovery diff --git a/operator/templates/generate-cassandra-yaml.yaml b/operator/templates/generate-cassandra-yaml.yaml index cbdf4b4e..5f4fa87f 100644 --- a/operator/templates/generate-cassandra-yaml.yaml +++ b/operator/templates/generate-cassandra-yaml.yaml @@ -240,6 +240,15 @@ data: permissions_update_interval_in_ms: {{ .Params.PERMISSIONS_UPDATE_INTERVAL_IN_MS }} {{ end }} + # The maximum number of entries that are held by the standard authentication + # cache and row-level access control (RLAC) cache. With the default value of 1000, + # the RLAC permissions cache can have up to 1000 entries in it, and the standard + # authentication cache can have up to 1000 entries. This single option applies to + # both caches. + {{ if .Params.PERMISSIONS_CACHE_MAX_ENTRIES }} + permissions_cache_max_entries: {{ .Params.PERMISSIONS_CACHE_MAX_ENTRIES }} + {{ end }} + # Validity period for credentials cache. This cache is tightly coupled to # the provided PasswordAuthenticator implementation of IAuthenticator. If # another IAuthenticator implementation is configured, this cache will not diff --git a/templates/operator/params.yaml.template b/templates/operator/params.yaml.template index 84cfb73b..82fd1291 100644 --- a/templates/operator/params.yaml.template +++ b/templates/operator/params.yaml.template @@ -1023,6 +1023,10 @@ parameters: required: false group: security + - name: PERMISSIONS_CACHE_MAX_ENTRIES + description: "The maximum number of entries that are held by the standard authentication cache and row-level access control (RLAC) cache." + default: "1000" + - name: PERMISSIONS_VALIDITY_IN_MS displayName: "Permissions Validity Period" type: integer