These are the release notes for VMware Tanzu™ SQL with MySQL for Kubernetes.
The Tanzu MySQL for Kubernetes releases support the components listed below:
Tanzu MySQL for Kubernetes Version | Percona Server | Percona XtraBackup |
---|---|---|
1.2.0 | 8.0.26 | 8.0.26 |
1.1.0 | 8.0.25-15 | 8.0.25-17 |
1.0.0 | 8.0.22–13 | 8.0.23–16 |
IMPORTANT: VMware does not support deployments that have been modified by adding layers to the packaged Docker images, or deployments that reference images other than the VMware MySQL Operator. VMware does not support changing the contents of the deployed containers and pods in any way.
Release Date: November 5, 2021
This version of Tanzu MySQL is supported on the following platforms:
Additional Kubernetes environments, such as Minikube, can be used for testing or demonstration purposes.
Security
ClusterIssuer
and creates a default secret when users do not configure their own TLS secrets. For details see Using the Default provided TLS in the Configuring TLS for MySQL Instances page.HA enhancements
imagePullSecretName
no longer required for restores: MySQLRestore required imagePullSecretName
to be provided in the instanceTemplate
. MySQLRestore now defaults to using the imagePullSecretName
that is configured in the Helm chart if the user does not provide the secret.S3 backups cannot exceed 50 GB: AWS limits the multipart upload to 10,000 parts per upload. The Tanzu MySQL default part size is 5MB, which results in an upper limit of 50 GB for the full backup. For more details, see Amazon S3 multipart upload limits.
The following CVEs exist in this release:
kubectl exec
to access a pod. Some examples are:
spec.endpoint
should begin with https://
). For more information about server-side encryption, see the AWS documentation.Release Date: August 17, 2021
spec.version
field in the instance definition to specify which Tanzu MySQL version to deploy. Users can now list instances by version number. For more details, see List Instances By Version.storageClassName
.storageSize
on a running MySQL instance.instanceImage
has been deprecated and removed from the Tanzu MySQL for Kubernetes Helm chart. This release introduces two new chart values, registry
and defaultInstanceVersion
. Users should specify registry: <my.private-registry>
in their values-override.yaml
. For more details, see Installing the Tanzu SQL for Kubernetes Operator.imagePullSecret
has been renamed to imagePullSecretName
for the Helm chart and the MySQL resource, and it's now optional. Users who are maintaining a deployment file for the object should rename the field or drop the field entirely. If omitted, the imagePullSecretName
will default to the Helm chart setting.spec.storageSize
in a MySQL object to scale up the PV (Persistent Volume), if the underlying storage class supports onlineVolumeExpansion
. See Scale storageSize.spec.highAvailability.enabled
to false
in a running HA cluster, the operation fails and returns an error.spec.storageArtifactName
, when the backup starts, thetimeStarted
is now correctly updated.Existing or new 1.0.0 Tanzu MySQL instances require an upgrade: New Tanzu MySQL 1.0.0 instances, or existing 1.0.0 instances that restart, do not reach a Running state. The 1.1.0 Tanzu MySQL Operator tries to grant permissions to the performance_schema.keyring_component_status
system table that is introduced in Percona 8.0.25, and does not exist in Percona 8.0.22 and the 1.0.0 instances. As a workaround, upgrade existing 1.0.0 Tanzu MySQL instances to 1.1.0, and avoid creating new 1.0.0 instances.
Proxy connection limitation: The proxy in an HA instance supports up to 100 connection errors from the same source IP. When the limit is reached, the proxy does not process any further connection requests. For a workaround, restart the proxy pod in order to reset the connection error counter.
imagePullSecretName
required for restores: MySQLRestore requires imagePullSecretName
to be provided in the instanceTemplate
.
S3 backups cannot exceed 50 GB: AWS limits the multipart upload to 10,000 parts per upload. The Tanzu MySQL default part size is 5MB, which results in an upper limit of 50 GB for the full backup. For more details, see Amazon S3 multipart upload limits.
The following CVEs exist in this release:
kubectl exec
to access a pod. Some examples are:
spec.endpoint
should begin with https://
). For more information about server-side encryption, see the AWS documentation.Release Date: April 15, 2021
This is the first generally available (GA) release of VMware Tanzu™ SQL with MySQL for Kubernetes. For an overview of this product, see About Tanzu MySQL for Kubernetes.
MySQL for Kubernetes Operator: VMware Tanzu™ SQL with MySQL for Kubernetes implements the Kubernetes Operator pattern to provision and manage on-demand Tanzu MySQL instances. Tanzu MySQL for Kubernetes supports single-node MySQL database instances.
For more information about Tanzu MySQL for Kubernetes features and compatibility, see Overview. For information about Tanzu MySQL for Kubernetes architecture, see Architecture. For more information about the Kubernetes Operator pattern, see the Kubernetes documentation.
Installation Using Helm: Kubernetes admins can use Helm to install the Tanzu MySQL for Kubernetes Operator. This simplifies the installation process while maintaining flexibility in configuration. For information about how to install the Tanzu MySQL for Kubernetes Operator, see Installing the Operator.
Backup and Restore: Tanzu MySQL for Kubernetes automates on-demand and scheduled full physical backups using the Percona XtraBackup tool. It also automates restoring and managing backups. For more information, see Backing Up and Restoring MySQL Instances.
Sane and Secure Server Defaults: Tanzu MySQL for Kubernetes configures MySQL server settings to optimize for security and performance. Certain server settings, like max-connections
, are auto-tuned based on the compute resources and persistent storage provisioned for the Tanzu MySQL for Kubernetes instance.
To see all MySQL server settings configured, follow the procedure in (Optional) Verify MySQL Server Settings.
MySQL credential management: Tanzu MySQL for Kubernetes uses Kubernetes automation to simplify rotating MySQL user credentials. For more information, see Rotating MySQL Credentials.
High Availability: Support for creating a high-availability cluster configuration with three members. For information, see Architecture and Configuring MySQL Instances for High Availability.
Configure TLS: TanzuMySQL instances only accept encrypted client connections. Users can now configure a TanzuMySQL instance for TLS by creating a TLS Secret. For more information, see Configuring TLS for MySQL Instances.
Allow off-platform connections: Users can connect to a TanzuMySQL instance from outside the Kubernetes cluster using an external load balancer. For more information, see Connect to the MySQL Server with an External IP Address in Accessing MySQL Instances.
Upgrades from beta releases are not supported: Upgrades from beta releases to the VMware Tanzu™ SQL with MySQL for Kubernetes v1.0.0 release are not supported. Download and install the latest version.
Scaling down an HA instance is not supported: Creating an HA instance and scaling back to a single pod is not supported and may incur data loss. The VMware Tanzu™ SQL with MySQL for Kubernetes operator does not prevent you from changing the property, and changing the property will result in unknown behavior. If the pods for an HA instance crash while the cluster and its metadata are still being created, the cluster may not recover automatically.
Pods may restart when creating a HA instance: Proxy pods may spontaneously restart while the cluster is being initialized.
S3 backups cannot exceed 50 GB: AWS limits the multipart upload to 10,000 parts per upload. The Tanzu MySQL default part size is 5MB, which results in an upper limit of 50 GB for the full backup. For more details, see Amazon S3 multipart upload limits.
The following CVEs exist in this release:
spec.storageSize
in a MySQL object to scale the PersistentVolume is not supported. See Scale storageSize for a workaround that expands the PersistentVolume.kubectl exec
to access a pod. Some examples are:
spec.endpoint
should begin with https://
). For more on server-side encryption, see the AWS documentation.