kafka zookeeper error after installation:
```
2024-09-15 02:44:33,289 ERROR Failed to verify hostname: kafka-service-zookeeper-2.kafka-service-zookeeper-nodes.tenant-stage.svc.cozy.local (org.apache.zookeeper.common.ZKTrustManager) [ListenerHandler-/0.0.0.0:3888]
javax.net.ssl.SSLPeerUnverifiedException: Certificate for <kafka-service-zookeeper-2.kafka-service-zookeeper-nodes.tenant-stage.svc.cozy.local> doesn't match any of the subject alternative names: [kafka-service-zookeeper-client, *.kafka-service-zookeeper-nodes.tenant-stage.svc.cluster.local, *.kafka-service-zookeeper-nodes.tenant-stage.svc, kafka-service-zookeeper-2.kafka-service-zookeeper-nodes.tenant-stage.svc, kafka-service-zookeeper-client.tenant-stage.svc.cluster.local, kafka-service-zookeeper-client.tenant-stage.svc, kafka-service-zookeeper-2, kafka-service-zookeeper-2.kafka-service-zookeeper-nodes.tenant-stage.svc.cluster.local, *.kafka-service-zookeeper-client.tenant-stage.svc, kafka-service-zookeeper-client.tenant-stage, *.kafka-service-zookeeper-client.tenant-stage.svc.cluster.local]
```
certs sans by default:
```
klin@asus:~/cozy$ openssl x509 -in zookeeper.crt -text -noout | grep -A1 "Subject Alternative Name"
X509v3 Subject Alternative Name:
DNS:kafka-service-zookeeper-0.kafka-service-zookeeper-nodes.tenant-stage.svc.cluster.local, DNS:*.kafka-service-zookeeper-nodes.tenant-stage.svc.cluster.local, DNS:kafka-service-zookeeper-client, DNS:kafka-service-zookeeper-0, DNS:kafka-service-zookeeper-client.tenant-stage.svc.cluster.local, DNS:kafka-service-zookeeper-client.tenant-stage.svc, DNS:kafka-service-zookeeper-client.tenant-stage, DNS:*.kafka-service-zookeeper-nodes.tenant-stage.svc, DNS:*.kafka-service-zookeeper-client.tenant-stage.svc, DNS:kafka-service-zookeeper-0.kafka-service-zookeeper-nodes.tenant-stage.svc, DNS:*.kafka-service-zookeeper-client.tenant-stage.svc.cluster.local
```
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **New Features**
- Introduced a new configuration option for specifying a custom DNS
domain for Kubernetes services within the Kafka operator, enhancing
service discovery and networking capabilities.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Sometimes Kamaji can be killed due to defult limits let's expand them a
little
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **New Features**
- Introduced resource management configurations for the `kamaji`
service, enhancing control over CPU and memory allocation.
- Added specifications for resource limits and requests to improve
stability and performance in a Kubernetes environment.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **Chores**
- Expanded the `.gitignore` file to include additional user-specific and
generated files, improving version control management.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Signed-off-by: George Gaál <gb12335@gmail.com>
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **New Features**
- Upgraded various container images to version `v0.14.0`, enhancing
application performance and potentially introducing new features and bug
fixes.
- **Bug Fixes**
- Improved version tracking for packages by updating commit hashes,
enhancing clarity and traceability.
- **Chores**
- Updated configuration files to reflect the new image versions for
components, ensuring the latest updates are utilized across the
application.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **New Features**
- Updated Clickhouse application to version 0.4.0, indicating new
enhancements.
- Improved user credential management by dynamically generating
passwords or using provided ones, enhancing security.
- Introduced a new Kubernetes Role for managing access to services and
secrets, ensuring better control over resource interactions.
- **Bug Fixes**
- Corrected the reference for accessing the storage class value to
ensure proper retrieval.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **New Features**
- Updated application version from 0.3.0 to 0.4.0, indicating a new
release.
- Introduced a new Kubernetes Role for managing access to
dashboard-related resources, enhancing security.
- Improved user credential management with dynamic password generation
in the initialization script, enhancing security practices.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **New Features**
- Enhanced database user management with role definitions for `admin`
and `readonly` users.
- Introduced support for additional environment variables in the MariaDB
operator deployment.
- Added new RBAC roles for viewing and editing MariaDB resources.
- **Changes**
- Updated configuration structure for database and user management,
shifting from arrays to objects.
- Improved webhook certificate management with revision history control.
- Updated image repository for the MariaDB operator.
- **Bug Fixes**
- Adjusted permissions in RBAC configuration for better security and
resource management.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **New Features**
- Updated RabbitMQ chart version to 0.4.0 and application version to
3.13.2.
- Added new configuration options for users and virtual hosts in the
application.
- Introduced a new Kubernetes Role for managing access to secrets and
services.
- Enhanced RabbitMQ configuration for automated user and permission
management.
- **Documentation**
- Improved README with a section on configuration parameters for better
user guidance.
- **Chores**
- Added a new YAML configuration file for comprehensive RabbitMQ cluster
management.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
Changed tls host to be the same as ingress host
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **New Features**
- Updated the default host value in the SeaweedFS configuration to
support S3-compatible endpoints.
- **Bug Fixes**
- Corrected the hostname configuration to reflect the new service access
method.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **New Features**
- Enhanced monitoring capabilities for Kubernetes deployments, including
checks for `vmalert`, `vlogs`, and `vmcluster`.
- **Updates**
- Updated container images for `cozystack` and `darkhttpd` to version
`v0.13.0`.
- Version mapping updates for `ferretdb`, `kubernetes`, and
`virtual-machine` packages.
- Updated image tags and digests for Kubeapps components to version
`v0.13.0`.
- Updated image tag for Kamaji to version `v0.13.0`.
- Added new pod metadata labels to the `vmalertmanager` configuration.
- **Bug Fixes**
- Improved operational status checks for Kubernetes resources using
JSONPath expressions.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
This PR introduces different values files for `cozy-cilium` chart, and
`valuesFiles` for fluxcd.
This might be useful in cases where same chart reused for multiple
configurations
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **New Features**
- Introduced multiple values files for enhanced configuration management
in Cilium deployments.
- Added new YAML configurations for Cilium, allowing for tailored
networking settings in Kubernetes.
- **Bug Fixes**
- Removed deprecated configuration parameters to simplify deployment and
management of Cilium.
- **Documentation**
- Updated Helm templates to support conditional inclusion of values
files, improving flexibility in chart rendering.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
This PR enables SCTP support in Cilium.
It is required to use with kube-ovn configuration as it is fixes
`externalTrafficPolicy: Local` issues:
- https://github.com/kubeovn/kube-ovn/issues/4457
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **New Features**
- Updated version of the Kubernetes application to 0.10.0.
- Enhanced network configuration for improved pod performance, including
support for live migration.
- Introduced a new network section for better integration with
Kubernetes networking features.
- **Bug Fixes**
- Improved network interface management for better flexibility and
control.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **New Features**
- Updated version identifiers for the `ferretdb`, `virtual-machine`,
`monitoring`, and `seaweedfs` packages to enhance clarity and
traceability.
- Added new version entry for `monitoring` version `1.4.0`.
- **Improvements**
- Upgraded the `cozystack` component to a newer image version
(`v0.13.0`), potentially including bug fixes and performance
enhancements.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
This release includes fix for C# library
https://github.com/FerretDB/FerretDB/issues/4475#issuecomment-2315663589
as well many other improovments
https://github.com/FerretDB/FerretDB/releases/tag/v1.24.0
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **New Features**
- Updated the application to version 1.24.0, bringing enhancements and
improvements.
- Upgraded the container image to version 1.24.0 for the `ferretdb`
application, ensuring access to the latest features and fixes.
- **Chores**
- Incremented the chart version from 0.2.0 to 0.3.0 to reflect the new
release.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
This PR introduces new functionality for running e2e-tests in
k8s-cluster.
`make test` from a root invokes deploying of new sandbox for testing
cozystack.
from `packages/core/testing`:
`make test` - runs the end-to-end tests.
`make exec` - opens an interactive shell in the sandbox container.
`make login` - downloads the kubeconfig into a temporary directory and
runs a shell with the sandbox environment; mirrord must be installed.
`make proxy` - enables a SOCKS5 proxy; mirrord and gost must be
installed.
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
