Update quay.io/ceph/ceph Docker tag (main)

[funkypenguin-autochef]

This PR contains the following updates:

Package	Update	Change
quay.io/ceph/ceph	major	v17.2.7-20231107 -> v18.2.0-20231107
rook-ceph-cluster	minor	v1.12.x -> 1.14.x

---

Release Notes

rook/rook (rook-ceph-cluster)

v1.14.4

Compare Source

Improvements

Rook v1.14.4 is a patch release limited in scope and focusing on feature additions and bug fixes to the Ceph operator.

• core: Remove obsolete Ceph Pacific checks (#​14210, @​satoru-takeuchi)
• osd: Add cephcluster status for deprecated OSDs that should be replaced (#​14187, @​travisn)
• mgr: Fix UpdateActiveMgrLabel to retry label update on failure (#​14160, @​rkachach)
• ci: Update ubuntu image from 20.04 to 22.04 (#​14166, @​subhamkrai)

v1.14.3

Compare Source

Improvements

Rook v1.14.3 is a patch release limited in scope and focusing on feature additions and bug fixes to the Ceph operator.

• csi: Fix missing namespace in internal csi cluster config map (#​14154, @​BlaineEXE)
• osd: Limit storageClassDeviceSet names to 40 chars (#​14134, @​subhamkrai)
• mon: Disable the msgr v1 port listening inside the mon pod if msgr2 is required (#​14147, @​travisn)
• external: Restructure external cluster examples manifests (#​13932, @​smoshiur1237)
• mon: Allow mon scale-down when mons are portable (#​14106, @​subhamkrai)
• osd: Legacy LVM-based OSDs on PVCs crash on resize init container (#​14100, @​travisn)
• csi: Update csi sidecars image version (#​14129, @​iPraveenParihar)
• csi: Create csi configmap if csi controller is disabled (#​14125, @​parth-gr)
• operator: Support custom dashboard service labels and annotations (#​14115, @​sfackler)
• external: Add support for rados namespace for rbd EC pools (#​13769, @​parth-gr)
• ci: Use markdownlint to enforce mkdocs compatibility (#​14114, @​BlaineEXE)

v1.14.2

Compare Source

Improvements

Rook v1.14.2 is a patch release limited in scope and focusing on feature additions and bug fixes to the Ceph operator.

• ci: Add K8s 1.30 support (#​14093, @​subhamkrai)
• helm: Use correct metadata and data EC block pool (#​14088, @​travisn)
• csi: Only create CSI config configmap in CSI reconciler (#​14089, @​BlaineEXE)

v1.14.1

Compare Source

Improvements

Rook v1.14.1 is a patch release limited in scope and focusing on feature additions and bug fixes to the Ceph operator.

• crds: More verbose kubectl info for CephBlockPoolRadosNamespace and CephFilesystemSubVolumeGroup (#​14049, @​NymanRobin)
• subvolumegroup: Add support for quota and datapool (#​14036, @​Madhu-1)
• osd: Add option to require healthy PGs during OSD upgrade (#​14040, @​mmaoyu)
• core: Cleanup RADOS namespace with forced deletion annotation (#​14052, @​sp98)
• core: Cleanup Subvolumegroups with forced deletion annotation (#​14026, @​sp98)
• osd: Prevent osd reconcile when device set names duplicated (#​14002, @​travisn)
• doc: Host networking required for CSI driver (#​14023, @​BlaineEXE)
• operator: Ensure cluster owner info is set in LoadClusterInfo (#​14079, @​BlaineEXE)

v1.14.0

Compare Source

Upgrade Guide

To upgrade from previous versions of Rook, see the Rook upgrade guide.

Breaking Changes

• The minimum supported version of Kubernetes is v1.25. Upgrade to Kubernetes v1.25 or higher before upgrading Rook.
• The image repository and tag settings are specified separately in the helm chart values.yaml for the CSI images. Helm users previously specifying the CSI images with the image setting will need to update their values.yaml with the separate repository and tag settings.
• Rook is beginning the process of deprecating CSI network "holder" pods. If there are pods named csi-*plugin-holder-* in the Rook operator namespace, see the holder pod deprecation documentation to disable them. Migration of affected clusters is optional for v1.14, but will be required in a future release.
• The Rook operator config CSI_ENABLE_READ_AFFINITY was removed. v1.13 clusters that have modified this value to be "true" must set the option as desired in each CephCluster as documented here before upgrading to v1.14.

Features

• Kubernetes versions v1.25 through v1.29 are supported. K8s v1.30 will be supported as soon as released.
• Ceph daemon pods using the default service account now use a new rook-ceph-default service account.
• A custom Ceph application can be applied to a CephBlockPool CR.
• Object stores can be created with shared metadata and data pools. Isolation between object stores is enabled via RADOS namespaces. This configuration is recommended to limit the number of pools when multiple object stores are created.
• Support for VolumeSnapshotGroup is available for the RBD and CephFS CSI drivers.
• Support for virtual style hosting for s3 buckets is added in the CephObjectStore, by adding hosting.dnsNames to the object store.
• A static prefix can be specified for the CSI drivers and OBC provisioner (the default prefix is the rook-ceph namespace).
• Azure Key Vault KMS support is added for storing OSD encryption keys.
• Additional status columns added to the kubectl output for Rook CRDs.

v1.13.9

Compare Source

Improvements

Rook v1.13.9 is a patch release limited in scope and focusing on feature additions and bug fixes to the Ceph operator.

• mgr: Fix UpdateActiveMgrLabel to retry label update on failure (#​14160, @​rkachach)
• core: Remove obsolete Ceph Pacific checks (#​14210, @​satoru-takeuchi)
• osd: Add cephcluster status for deprecated OSDs that should be replaced (#​14187, @​travisn)
• osd: Remove support for resize of legacy LVM-based OSDs on PVCs due to crash in resize container (#​14100, @​travisn)
• osd: Prevent osd reconcile when device set names duplicated (#​14002, @​travisn)

v1.13.8

Compare Source

Improvements

Rook v1.13.8 is a patch release limited in scope and focusing on feature additions and bug fixes to the Ceph operator.

• external: Fix v2 port check in external script (#​13982, @​parth-gr)
• security: Update go dependency go-jose to pass Snyk security scan (#​13960, @​subhamkrai)
• osd: Start encrypted OSDs with metadata device using shared key (#​13830, @​cupnes)
• helm: Use toYaml for discovery nodeAffinity (#​13931, @​hhk7734)

v1.13.7

Compare Source

Improvements

Rook v1.13.7 is a patch release limited in scope and focusing on feature additions and bug fixes to the Ceph operator.

• core: Set default ceph version to v18.2.2 (#​13913, @​travisn)
• monitoring: Increase default metrics scraping interval from 5s to 10s (#​13923, @​rkachach)
• exporter: Apply labels from monitoring section of CephCluster to ceph-exporter (#​13902, @​rkachach)

v1.13.6

Compare Source

Improvements

Rook v1.13.6 is a patch release limited in scope and focusing on feature additions and bug fixes to the Ceph operator.

• helm: Replace the master tag in the values.yaml with the release tag (#​13897, @​travisn)
• manifest: Reduce CRD size by removing some descriptions (#​13793, @​rkachach)
• csi: Update CSIDriverOption params during saving cluster config (#​13836, @​Rakshith-R)
• external: Remove requirement for v1 port and allow exclusive v2 mon port configuration (#​13856, @​parth-gr)
• csi: Update sidecars to latest release (#​13846, @​Madhu-1)
• operator: Use Linux container CPU quota (#​13816, @​uhthomas)
• helm: Fix links to obsolete ceph master documentation (#​13877, @​galexrt)

v1.13.5

Compare Source

Improvements

Rook v1.13.5 is a patch release limited in scope and focusing on feature additions and bug fixes to the Ceph operator.

• pool: Skip crush rule update when not needed (#​13772, @​travisn)
• osd: Support OSD creation with a metadata partition (#​13314, @​microyahoo)
• csi: Update Ceph-CSI image to 3.10.2 (#​13736, @​Madhu-1)
• mon: Set mon PDB max unavailable as 2 when there are 5 or more mons. (#​13794, @​sp98)
• external: fix syntax error import-external-cluster.sh (#​13780, @​timolow)
• core: Continue processing PVs for network fencing when no node IPs found (#​13768, @​Madhu-1)
• mgr: Remove unnecessary privileged security context from mgr sidecar container (#​13741, @​rkachach)
• network: Disallow legacy hostNetwork provider when a non-default provider is specified (#​13693, @​obnoxxx)
• csi: Disable CephFS network fencing (#​13806, @​subhamkrai)

v1.13.4

Compare Source

Improvements

Rook v1.13.4 is a patch release limited in scope and focusing on feature additions and bug fixes to the Ceph operator.

• helm: Remove cpu limits from all pods (#​13722, @​travisn)
• core: Set blocking PDB even if no unhealthy PGs appear (#​13511, @​ushitora-anqou)
• mgr: Update the dashboard password when the secret changes (#​13644, @​rkachach)
• core: Skip reconcile if override configmap is unchanged (#​13652, @​travisn)
• core: remove invalid ownerRef from networkFence (#​13728, @​subhamkrai)
• osd: Correctly count the devices when metadataDevice is set (#​13673, @​satoru-takeuchi)
• csi: Update network fence CR name (#​13615, @​riya-singhal31)
• object: Add check specific to name and namespace for ceph cosi driver (#​13623, @​thotz)
• exporter: Don't delete exporter service on daemon deletion (#​13653, @​travisn)
• csi: Fix NetNamespaceFilePath generation with namespace instead of name (#​13663, @​iPraveenParihar)
• csi: Option to set a static csi driver name (#​13622, @​Madhu-1)
• object: Fix the default multisite zonegroup creation (#​13655, @​parth-gr)
• docs: Declare the max supported K8s version (#​13646, @​parth-gr)
• ci: Reformat the python script (#​13645, @​parth-gr)
• object: Watch for updates to the cosidriver CRD (#​13621, @​thotz)
• mgr: Improvements to dashboard configuration handling (#​13604, @​rkachach)

v1.13.3

Compare Source

Improvements

Rook v1.13.3 is a patch release limited in scope and focusing on feature additions and bug fixes to the Ceph operator.

• operator: Increase resource limits to 1.5 CPU (#​13619, @​travisn)
• helm: Remove duplicated toolbox keyring (#​13609, @​eb4x)
• exporter: Skip reconcile on exporter deletion (#​13597, @​travisn)
• manifest: Remove obsolete pg_autoscaler from mgr modules examples (#​13588, @​travisn)
• csi: Make leader election flags configurable (#​13573, @​Madhu-1)
• csi: Update csi provisioner to 3.6.3 (#​13579, @​Madhu-1)
• csi: Update feature gates cmdline args (#​13258, @​iPraveenParihar)

v1.13.2

Compare Source

Improvements

Rook v1.13.2 is a patch release limited in scope and focusing on feature additions and bug fixes to the Ceph operator.

• helm: Update cluster chart and all examples to ceph v18.2.1 (#​13499, @​travisn)
• mds: Increase max limit of mds active daemons (#​13561, @​travisn)
• external: Support the cluster-name legacy flag in the external script (#​13540, @​parth-gr)
• core: Fix error handling on setting watcher (#​13479, @​satoru-takeuchi)
• osd: Create ceph conf and keyring files before osd migration (#​13524, @​sp98)
• doc: Resizing encryptedDevice is not yet supported for host-based clusters (#​13452, @​cupnes)
• manifest: Shorten CRD descriptions to 100 chars (#​13517, @​travisn)
• multus: Use nginx-unprivileged image from quay for multus tool (#​13506, @​BlaineEXE)

v1.13.1

Compare Source

Improvements

Rook v1.13.1 is a patch release limited in scope and focusing on feature additions and bug fixes to the Ceph operator.

• build: Update base and example manifests to ceph v18.2.1 (#​13428, @​BlaineEXE)
• csi: Update default Ceph-CSI version to v3.10.1 (#​13442, @​riya-singhal31)
• csi: Update the CSI-Addons sidecar to v0.8.0 (#​13411, @​nixpanic)
• csi: Implement network fencing for CephFS (#​13348, @​riya-singhal31)
• helm: Allow configuring monitoring interval (#​13408, @​charlie-haley)
• mon: Allow changing hostNetwork settings (#​12369, @​sp98)
• csi: Remove obsolete gRPC metrics service (#​13439, @​iPraveenParihar)
• helm: Fix duplicate tolerations (#​13418, @​jfcoz)
• ci: Run K8s v1.29 in the CI (#​13400, @​subhamkrai)
• docs: Add spec.csi section in the CephCluster documentation (#​13375, @​Rakshith-R)

v1.13.0

Compare Source

Upgrade Guide

To upgrade from previous versions of Rook, see the Rook upgrade guide.

Breaking Changes

• Removed support for Ceph Pacific (v16). Ceph Quincy (v17) and Ceph Reef (v18) are the only currently supported versions.
• The minimum supported Kubernetes version is v1.23
• The minimum supported Ceph-CSI driver is 3.9
• The admission controller is removed. If the admission controller is enabled (it is disabled by default), it is recommended to be disabled before the upgrade. See the upgrade guide for more details.

Features

• Added experimental cephConfig to the CephCluster CR to allow setting Ceph config options in the Ceph MON config store via the CRD. These settings supersede the ceph.conf override settings.
• CephCSI v3.10 is now the default CSI driver version.
  • Per-cluster CSI settings for read affinity moved from the operator configmap settings to the CephCluster CR
• The default CephFS SubvolumeGroup has pinning enabled by default to distribute load across MDS ranks in predictable and stable ways.
• The Ceph exporter daemon is updated to use a Ceph keyring with reduced privileges instead of the admin keyring.
• If the host network setting changes in the CephCluster CR, the mons will now automatically failover to enable the new configuration.
• Allow for additional advanced maintenance and troubleshooting of Ceph daemons, by respecting the label ceph.rook.io/do-not-reconcile for all Ceph daemons. This is helpful when using the debug command in the kubectl rook-ceph plugin.

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• [ ] If you want to rebase/retry this PR, check this box

---

This PR has been generated by Renovate Bot.