Use stderr log sink with new logging functionality in CRDB v21.1 and beyond

[piyush-singh]

As noted in #613, we do not take advantage of the new CRDB logging capabilities in the Operator. Currently we are using the --logtostderr flag which will be deprecated after 21.1. This flag is also insecure and leaks sensitive information (key values for example) to stderr. We opted to use this flag because we followed the start pattern from the helm chart.

Instead, going forward, we will want to use the new logging facilities built into CockroachDB in v21.1 going forward. This will allow us to send logs to stderr as a sink with proper redaction. This will require us to check the version of CockroachDB on startup and pass a different --log flag for v21.1 and beyond. The proper flag is:

--log='sinks: {stderr: {channels: OPS, redact: true}}'

This will require:

• Grabbing the CRDB version before issuing the start command
• A new set of end-to-end tests to confirm logging is configured properly on startup
• Thinking through how to properly handle this on version upgrades from versions prior to v21.1