Elastic Cloud on Kubernetes release notes

Review the changes, fixes, and more in each release of Elastic Cloud on Kubernetes.

ECK now offers better out-of-the-box PodDisruptionBudgets that automatically keep your cluster available as Pods move across nodes. The new policy calculates the number of Pods per tier that can sustain replacement, and automatically generates a PodDisruptionBudget for each tier. This enables the Elasticsearch cluster to vacate Kubernetes nodes more quickly, while considering cluster health, without interruption. The documentation about PodDisruptionBudget has more information and details.

ECK now supports configuring the length of the generated password for the administrative user of each Elasticsearch cluster. While the default length remains 24 characters, this can now be configured up to a maximum of 72 characters. The password incorporates alphabetic and numeric characters to ensure strong complexity. Refer to the managed credentials page for examples and more details.

• Enable certificate reloading for stack monitoring Beats #8833 (issue: #5448)
• Allow configuration of file-based password character set and length #8817 (issues: #2795, #8693)
• Automatically set GOMEMLIMIT based on cgroups memory limits #8814 (issue: #8790)
• Introduce granular PodDisruptionBudgets based on node roles #8780 (issue: #2936)

• Gate advanced Fleet config logic to Agent v8.13 and later #8869
• Ensure Agent configuration and state persist across restarts in Fleet mode #8856 (issue: #8819)
• Do not set credentials label on Kibana config secret #8852 (issue: #8839)
• Allow elasticsearchRef.secretName in Kibana helm validation #8822 (issue: #8816)

• Update Logstash recipes from to filestream input #8801
• Recipe for exposing Fleet server to outside of the Kubernetes cluster #8788
• Clarify secretName restrictions #8782
• Update ES_JAVA_OPTS comments and explain auto-heap behavior #8753

It is now possible to propagate metadata from the parent custom resource to the child resources created by the operator. If you add labels or annotations on an Elasticsearch, Kibana, or Agent resource, for example, these can be automatically propagated to the Pods, Services, and other resources created by the operator. Refer to the Propagate Labels and Annotations page for examples and more details.

To reduce the attack surface and improve overall security UBI images are now based on the UBI micro base image.

• UBI: Use micro image instead of minimal #8704
• Propagate metadata to children #8673 (issue: #2652)
• Allow advanced configuration for fleet-managed Elastic Agents #8623 (issue: #8619)

• Set owner on service account Secret, update it when application is recreated #8716
• fix: Cannot disable TLS in Logstash #8706 (issue: #8600)
• Move from deprecated container input to filestream #8679 (issue: #8667)
• Add automated workaround for 9.0.0 maps issue #8665 (issue: #8655)
• Bump go.mod to v3 #8609
• Helm: Add support for missing remoteClusterServer value #8612
• Add logs volume for Filebeat and Metricbeat in stack monitoring #8606 (issue: #8605)

• [Helm] Fix examples/logstash/basic-eck.yaml #8695

• ECK 3.0.0 adds support for Elastic Stack version 9.0.0. Elastic Stack version 9.0.0 is not supported on ECK operators running versions earlier than 3.0.0.

• Add support for defining dnsPolicy and dnsConfig options for the ECK operator StatefulSet #7999
• Config: Allow escaping dots in keys via [unsplit.key] syntax #8512 (issue: #8499)
• Enable copying of ECK images to Amazon ECR to make it easier for users to find our own ECK operator in the AWS marketplace #8427
• Support new agent image path as of 9.0 #8518
• Remove ubi suffix for 9.x images #8509
• Remove support for 6.x Stack version #8507
• Log resourceVersion on Create and Update #8503
• Remove policyID validation #8449 (issue: #8446)
• Refactor APM server for 9.0.0 #8448 (issue: #8447)
• Improve error messages and events during Fleet setup #8350
• Validate updates to 9.0 go through 8.18 #8559 (issue: #8557)

• Correctly parse managed namespaces when specified as an environment variable #8513 (issue: #7542)

• [DOCS] Updates release notes title (#8599)
• Updates for Istio 1.24 (#8476)
• Fix unresolved attribute in ECK Quickstart (#8432)
• [Docs] Add synthetic monitoring example (#8385) (issue: #6294)
• [docs] Update heap dump command to use the most recent Java process (#8294)
• [DOC] Document the need for an ingest node for Enterprise Search analytics (#8271)