Releases: adyanth/cloudflare-operator
Change in default protocol selection
This release changes the default protocol selection from TCP to HTTP since most of the use cases targetted by this operator is HTTP. It also brings documentation for the configuration of the operator and various other moving components.
What's Changed
- Better default protocol selection logic by @adyanth in #44
- Configuration Documentation by @adyanth in #46
Full Changelog: v0.7.1...v0.8.0
Contributors
Assets 2
Expose cloudflared metrics
This minor release exposes metrics from cloudflared pod on the metrics port (2000). This allows the metrics to be utilized by monitoring services such as Prometheus.
What's Changed
Full Changelog: v0.7.0...v0.7.1
Contributors
Assets 2
Managed DNS and more!
This release introduces managed DNS records, where another TXT record is added with the format _managed.<fqdn>. This is used to keep track of records that are managed by the operator, which also contains information on which tunnel generated this and the ID of the DNS record managed by it.
This release also adds a configuration for a fallback target which can be used to point to the ingress controller and use this in a "manual" mode without using it to create/delete DNS records.
Further, this fixes the global caPool and noTlsVerify behaviour and enables leader election in case multiple instances of the controller is being run.
What's more, ARM (32 and 64bit) images are available for all the Raspberry Pi clusters out there! Point to note is that the cloudflared image is not multi-arch, so remember to set the tunnel.spec.image to the ARM based image for now.
What's Changed
- Move caPool and noTlsVerify to global config.yaml by @adyanth in #32
- Fallback target for cloudflared by @adyanth in #35
- Manage DNS entries by @adyanth in #34
Full Changelog: v0.6.1...v0.7.0
Contributors
Assets 2
TLS options
This adds on to the previous (deleted, find the description below) release to add noTlsVerify and caPool annotations for each service.
This was necessary since global ones introduced before does not seem to work: cloudflare/cloudflared#585
v0.6.0
This introduces two new fields in the spec which are useful when the target is serving HTTPS.
noTlsVerifyallows you to skip TLS checks for self signed certificates.originCaPoolallows you to select a Secret containing the Root CA who signed the certificate for the HTTPS endpoints.
Allow target overrides!
This release allows you to override the targets to anything rather than the default of the service. This means that you can now point cloudflared to your ingress rather than the service for example.
Modified release
- Adds a resource request along with limits for the
cloudflareddeployment so that guaranteed QoS is not allocated by K8s, but Burstable is used. - Fixed bug #26
Bugfix: Do not override labels
A bug which caused any custom labels set by users to be overwritten was fixed.
Introducing ClusterTunnel Resource!
ClusterTunnels can service the entire Kubernetes cluster with a single tunnel. The Tunnel resource is now strictly namespace scoped, so it would not tunnel traffic from services across namespaces.
Annotations needed for Service Resources is now vastly simplified. Just one annotation is needed as shown below:
- For Tunnels:
cfargotunnel.com/tunnel: tunnel-name - For ClusterTunnels:
cfargotunnel.com/cluster-tunnel: cluster-tunnel-name
Customizable `cloudflared` Image
cloudflared image can now be set to any version, or even a custom build if needed. Use the spec.Image to set the Deployment image.
Service and Tunnel CR operator!
Second release of the Service and Tunnel CR Operator which can provision and deploy Cloudflare Tunnels using Custom resources and Annotations. Now with proper license and better code quality.