New and notableedit
New and notable changes in version 1.9.1 of Elastic Cloud on Kubernetes. See Elastic Cloud on Kubernetes version 1.9.1 for the full list of changes.
Mitigate CVE-2021-44228 in vulnerable Elasticsearch clustersedit
This release introduces a preemptive measure to mitigate Log4Shell vulnerability in Elasticsearch versions below
- When using the Red Hat certified version of the operator, automatic upgrades from previous versions of ECK do not work. To upgrade uninstall the old ECK operator and install the new version manually. Because CRDs remain in place after uninstalling, this operation should not negatively affect existing Elastic Stack deployments managed by ECK.
On Openshift versions 4.6 and below, when installing or upgrading to 1.9.[0,1], the operator will be stuck in a state of
Installingwithin the Openshift UI, and seen in a
CrashLoopBackoffwithin Kubernetes because of Webhook certificate location mismatches. More information and workaround can be found in this issue.
When using the
elasticsearchRefmechanism with Elastic Agent in version 7.17 and later its Pods will enter a
CrashLoopBackoff. The issue will be fixed in ECK 2.0 for Elasticsearch versions 8.0 and above. A workaround is described in this issue.