diff --git a/assets/js/release-toc.js b/assets/js/release-toc.js
new file mode 100644
index 000000000..42858fccc
--- /dev/null
+++ b/assets/js/release-toc.js
@@ -0,0 +1,58 @@
+/////////////////////////// Table of Contents Script ///////////////////////////
+
+/*
+ * This script is used to generate a table of contents for the
+ * release notes pages.
+*/
+
+// Use jQuery filter to get an array of all the *release* h2 elements
+const releases = $('h2').filter(
+ (_i, el) => !el.id.match(/checkpoint-releases/)
+);
+
+// Extract data about each release from the array of releases
+releaseData = releases.map((_i, el) => ({
+ name: el.textContent,
+ id: el.id,
+ class: el.getAttribute('class'),
+ date: el.getAttribute('date')
+}));
+
+// Use release data to generate a list item for each release
+getReleaseItem = (releaseData) => {
+ var li = document.createElement("li");
+ if (releaseData.class !== null) {
+ li.className = releaseData.class;
+ }
+ li.innerHTML = `<a href="#${releaseData.id}">${releaseData.name}</a>`;
+ li.setAttribute('date', releaseData.date);
+ return li;
+}
+
+// Use jQuery each to build the release table of contents
+releaseData.each((_i, release) => {
+ $('#release-toc ul')[0].appendChild(getReleaseItem(release));
+});
+
+/*
+ * This script is used to expand the release notes table of contents by the
+ * number specified in the `show` attribute of `ul.release-list`.
+ * Once all the release items are visible, the "Show More" button is hidden.
+*/
+$('#release-toc .show-more').click(function () {
+ const itemHeight = 1.885; // Item height in rem
+ const releaseNum = releaseData.length;
+ const maxHeight = releaseNum * itemHeight;
+ const releaseIncrement = Number($('#release-list')[0].getAttribute('show'));
+ const currentHeight = Number(
+ $('#release-list')[0].style.height.match(/\d+\.?\d+/)[0]
+ );
+ const potentialHeight = currentHeight + releaseIncrement * itemHeight;
+ const newHeight = potentialHeight > maxHeight ? maxHeight : potentialHeight;
+
+ $('#release-list')[0].style.height = `${newHeight}rem`;
+
+ if (newHeight >= maxHeight) {
+ $('#release-toc .show-more').fadeOut(100);
+ }
+});
diff --git a/assets/styles/layouts/_article.scss b/assets/styles/layouts/_article.scss
index e2a23703c..f4a6d5fb6 100644
--- a/assets/styles/layouts/_article.scss
+++ b/assets/styles/layouts/_article.scss
@@ -56,6 +56,16 @@
color: $r-dreamsicle;
}
+ &.checkpoint::before {
+ content: '\e93b';
+ font-family: 'icomoon-v4';
+ font-size: 2.25rem;
+ color: $br-new-magenta;
+ display: inline;
+ margin: 0 .5rem 0 0;
+ vertical-align: top;
+ }
+
&[metadata]::after {
content: attr(metadata);
margin-left: .65rem;
@@ -203,6 +213,7 @@
"article/pagination-btns",
"article/product-tags",
"article/related",
+ "article/release-toc",
"article/scrollbars",
"article/svgs",
"article/tabbed-content",
@@ -307,6 +318,10 @@
&.magenta {
color: $p-comet;
}
+
+ &.pink {
+ color: $br-new-magenta;
+ }
}
/////////////////////////// Getting Started Buttons //////////////////////////
diff --git a/assets/styles/layouts/article/_release-toc.scss b/assets/styles/layouts/article/_release-toc.scss
new file mode 100644
index 000000000..e30c158c2
--- /dev/null
+++ b/assets/styles/layouts/article/_release-toc.scss
@@ -0,0 +1,68 @@
+#release-toc {
+ margin: 2rem 0 3rem;
+
+ ul {
+ list-style: none;
+ overflow: hidden;
+ padding-left: 0;
+ margin-bottom: .75rem;
+ transition: height .2s;
+
+ li {
+ line-height: 1.2em;
+ margin: .5rem 0;
+
+ &::after {
+ content: attr(date);
+ font-size: 1rem;
+ margin-left: .5rem;
+ color: rgba($article-text, .5);
+ }
+ }
+ }
+
+ &.clustered {
+ ul {
+ padding-left: 1.5rem;
+
+ .checkpoint {
+ margin-left: -1.5rem;
+
+ &::before {
+ content: '\e93b' !important;
+ font-family: 'icomoon-v4';
+ color: $br-new-magenta;
+ display: inline-block;
+ margin: 0 .5rem 0 0;
+ vertical-align: top;
+ }
+ }
+ }
+ }
+
+ .show-more {
+ color: $article-link;
+ transition: color .2s;
+ font-weight: $medium;
+ font-size: 1rem;
+
+ &::before {
+ content: '\e935';
+ font-family: 'icomoon-v4';
+ font-size: .9rem;
+ color: $article-bg;
+ background: $article-link;
+ border-radius: 50%;
+ margin-right: .5rem;
+ transition: background .15s;
+ }
+
+ &:hover {
+ cursor: pointer;
+ color: $article-link-hover;
+ &::before {
+ background: $article-link-hover;
+ }
+ }
+ }
+}
diff --git a/content/influxdb/clustered/reference/release-notes/clustered.md b/content/influxdb/clustered/reference/release-notes/clustered.md
new file mode 100644
index 000000000..5659b13be
--- /dev/null
+++ b/content/influxdb/clustered/reference/release-notes/clustered.md
@@ -0,0 +1,1156 @@
+---
+title: InfluxDB Clustered release notes
+description: >
+ ....
+menu:
+ influxdb_clustered:
+ parent: Release notes
+ name: InfluxDB Clustered
+ identifier: clustered-release-notes
+weight: 201
+---
+
+{{% note %}}
+## Checkpoint releases {.checkpoint}
+
+Some InfluxDB Clustered releases are checkpoint releases that introduce a
+breaking change to an InfluxDB component.
+When [upgrading InfluxDB Clustered](/influxdb/clustered/admin/upgrade/),
+**always upgrade to each checkpoint release first, before proceeding to newer versions**.
+
+Checkpoint releases are only made when absolutely necessary and are clearly
+identified below with the <span class="cf-icon Shield pink"></span> icon.
+{{% /note %}}
+
+{{< release-toc >}}
+
+---
+
+## 20240819-1176644 {date="2024-08-19" .checkpoint}
+
+### Quickstart
+
+```yaml
+spec:
+ package:
+ image: us-docker.pkg.dev/influxdb2-artifacts/clustered/influxdb:20240819-1176644
+```
+
+### Highlights
+
+#### `admin` section is no longer required
+
+Previously, an identity provider setup was required through the `admin` section
+of the `AppInstance` resource, for example:
+
+```yaml
+apiVersion: kubecfg.dev/v1alpha1
+kind: AppInstance
+metadata:
+ name: influxdb
+ namespace: influxdb
+spec:
+ package:
+ image: <IMAGE>
+ apiVersion: influxdata.com/v1alpha1
+ spec:
+ ## ...snip
+ admin:
+ users:
+ - ...
+ dsn:
+ valueFrom:
+ ...
+ identityProvider: <PROVIDER>
+ jwksEndpoint: <JWKS_ENDPOINT>
+```
+
+This section is no longer required and will no longer result in a schema
+validation error when omitted.
+When the `admin` section is omitted, the `admin-token` `Secret` can be used
+instead to get started quickly.
+
+{{% note %}}
+We still highly recommend OAuth for production; however, this lets you run an
+InfluxDB Cluster with out having to integrate with an identity provider.**
+{{% /note %}}
+
+### Upgrade notes
+
+This release includes some preparatory work for changes being made to database
+schemas and tooling for internal services. It does not have an impact to
+customer workloads.
+
+### Changes
+
+#### Deployment
+
+- Various Grafana dashboard updates.
+- A best-effort, pre-populated `influxctl` config file is provided as a
+ `ConfigMap` for your convenience.
+- Limit garbage collector replicas to 1, see the
+ [documentation](/influxdb/clustered/reference/internals/storage-engine/#garbage-collector-scaling-strategies)
+ for further details.
+
+#### Database engine
+
+- Improved efficiency of system table queries.
+- Fixes for InfluxQL handling of `0` divisor.
+- Improve router performance when retrieving statistics.
+- Support InfluxQL queries over FlightSQL.
+- Various dependency updates.
+
+#### Configuration
+
+- Added schema definitions for `admin.users`.
+
+---
+
+## 20240717-1117630 {date="2024-07-17"}
+
+### Quickstart
+
+```yaml
+spec:
+ package:
+ image: us-docker.pkg.dev/influxdb2-artifacts/clustered/influxdb:20240717-1117630
+```
+
+### Highlights
+
+#### Experimental license enforcement
+
+This release introduces a new feature flag, `useLicensedBinaries`, that causes
+InfluxDB to execute IOx components a container image implementing a new license
+enforcement mechanism. License enforcement mechanisms include:
+
+- A proper `License` Custom Resource manifest must be installed in the
+ namespace to which InfluxDB Clustered is deployed. Only one `License` named
+ `iox-license` may be deployed per namespace.
+- Without a valid `License`, IOx pods crashloop with error logs indicating that
+ no valid license can be loaded.
+ - A valid `License` is one that is properly signed by InfluxData and has not
+ exceeded its hard expiration date.
+- One month before the `License` expires, all components begin logging
+ pending expiry warning messages. These are visible with `kubectl log -n
+ <namespace> <pod>`.
+- If a valid `License` expires while the system is running, it enters a grace
+ period.
+- During the `License`'s grace period, the following happens:
+ - Throughout the grace period, all components gradually increase the
+ frequency of license expiry warnings.
+ - One week into the grace period, the InfluxDB 3.0 Querier begins returning
+ `FailedPrecondition` gRPC responses for the first 5 minutes of every hour.
+ - One month into the grace period, the InfluxDB 3.0 Querier begins returning
+ `FailedPrecondition` gRPC responses 100% of the time until the grace period
+ ends.
+- At the end of the `License` grace period, all IOx components shutdown as
+ this is the "hard expiration" date when the binaries no longer consider
+ the `License` valid.
+
+This feature is being released on an experimental, opt-in basis while we work
+with a small group of customers before making requiring licenses to run
+InfluxDB Clustered. Before enabling the feature, please be sure you have a
+`License` manifest provided to you by your InfluxData sales representative.
+
+#### Default querier count increased
+
+Prior to this release, the number of queriers which were spawned from the
+default configuration was 1.
+This has now been increased to 3. If you have previously overwritten the default
+in the `AppInstance` resource, it is no longer required:
+
+```yaml
+apiVersion: kubecfg.dev/v1alpha1
+kind: AppInstance
+metadata:
+ name: influxdb
+ namespace: influxdb
+spec:
+ ...
+ resources:
+ querier:
+ requests:
+ #replicas: 3 # No longer required!
+```
+
+If you wish to keep the number of queriers to 1, you must override the
+`replicas` as shown above.
+Refer to the schema for further details.
+
+This new configuration serves as a scalable default installation for
+InfluxDB Clustered.
+
+### Changes
+
+#### Deployment
+
+- Ingesters now have a `terminationGracePeriodSeconds` value of `600` to provid
+ enough time to persist all buffered data.
+
+#### Database engine
+
+- Changed default `INFLUXDB_IOX_COMPACTION_*_CONCURRENCY` to be set based on
+ available memory rather than available cores.
+- Improved metadata caching and queries.
+- Improved cache read efficiency.
+- Improved cache cleaning.
+- Fixed some I/O delays on query planning.
+- Better handling for resizing worker pools.
+- Faster recovery from ingester crashes.
+- Faster graceful shutdown of terminating ingester pods.
+- Fixed a rare issue where ingesters could become unresponsive after hitting
+ memory limits.
+- Added per-table column limit, to prevent unintended schema expansion.
+- Reduced intermediate compactor writes to object storage.
+- Increase compactor throughput.
+- Numerous telemetry improvements.
+- Reduced write thrashing in the catalog.
+- Fixed errors with queries that use gap filling.
+- Fixed errors with multiple rounds of bulk ingestion.
+- Tuned garbage collector.
+- Fixed some intermittent failures in bulk ingest.
+- Reduced some network gossip between IOx pods.
+- Fixed some inconsistent results on leading edge queries.
+- Fixed WAL storage leak during ingester crash recovery.
+- Improved garbage collection of data beyond the retention limit.
+
+---
+
+## 20240605-1035562 {date="2024-06-05" .checkpoint}
+
+### Quickstart
+
+```yaml
+spec:
+ package:
+ image: us-docker.pkg.dev/influxdb2-artifacts/clustered/influxdb:20240605-1035562
+```
+
+### Highlights
+
+Multiple improvements to compaction, pruning, and performance of concurrent queries.
+
+#### Feature flag: `noPrometheus`
+
+The introduction of the `noPrometheus` feature flag removes the `StatefulSet`
+and other resources related to a bare-bones installation of Prometheus that
+could be used for basic monitoring of InfluxDB Clustered.
+
+This feature flag is useful in cases where you already have an installation of
+Prometheus and you wish to use it to monitor your InfluxDB cluster.
+
+Refer to the `AppInstance` schema for further details regarding feature flags.
+
+### Upgrade notes
+
+Air-gapped installations need to prefetch the new granite image.
+
+```
+us-docker.pkg.dev/influxdb2-artifacts/granite/granite@sha256:1683f97386f8af9ce60662ae4ff423770fee166b11378583e211ea30dc849633
+```
+
+For more information, see the
+[documentation](/influxdb/clustered/install/configure-cluster/?t=Private+registry+%28air-gapped%29#public-registry-non-air-gapped).
+
+### Changes
+
+#### Deployment
+
+- Updated Granite components to reference a single image, reducing the overall
+ image size.
+- Added Grafana licensing dashboard.
+- Added the `noPrometheus` feature flag.
+
+#### Database engine
+
+- Ingesters now provide a soft, best-effort memory limit.
+ - Provided by `INFLUXDB_IOX_RAM_SOFT_LIMIT_BYTES`, which applies a ceiling
+ from a percentage of the container memory to avoid `OOMKilled` scenarios.
+ - Upon reaching this limit, InfluxDB Clustered attempts to persist all
+ buffered data is and returns a resource exhaustion error for write requests
+ until memory usage is below 50%.
+- Catalog cache write batching.
+- Multiple compactor improvements.
+- Improved performance of some metadata queries.
+- Improved concurrent query performance.
+ - Adjusted querier partitions assigned to large queries to reduce latency of
+ sub-second queries and prevent resource bottlenecks cause by long running
+ queries.
+ - This can be tuned with the `INFLUXDB_IOX_NUM_QUERY_PARTITIONS` environment
+ variable.
+- Improved reporting for InfluxQL syntax errors.
+
+---
+
+## 20240430-976585 {date="2024-04-30"}
+
+### Quickstart
+
+```yaml
+spec:
+ package:
+ image: us-docker.pkg.dev/influxdb2-artifacts/clustered/influxdb:20240430-976585
+```
+
+### Highlights
+
+- Added configuration settings for an optional Prometheus `ServiceMonitor`
+ under `observability.serviceMonitor`
+ - The feature flag is now deprecated, and will be removed in a future release.
+
+ {{% warn %}}
+ Using this setting will delete and recreate the existing serviceMonitor resource that was provided by the feature flag.
+ {{% /warn %}}
+
+#### Deployment
+
+- Removed Nginx server snippet annotations (`nginx.ingress.kubernetes.io/server-snippet`).
+- Added `observability` key in the `AppInstance` resource.
+
+#### Database engine
+
+- Improved `NULL` handling for InfluxQL.
+
+---
+
+## 20240418-955990 {date="2024-04-18"}
+
+### Quickstart
+
+```yaml
+spec:
+ package:
+ image: us-docker.pkg.dev/influxdb2-artifacts/clustered/influxdb:20240418-955990
+```
+
+### Highlights
+
+#### Minimum `influxctl` version
+
+If a user observes an unimplemented gRPC error when running `influxctl database`
+commands, then the user should upgrade to `influxctl` v2.8.0 or later and
+ensure they are running InfluxDB Clustered [20240326-922145](#20240326-922145)
+or newer.
+
+If upgrading InfluxDB Clustered is not an option, you can continue to use a
+version of `influxctl` prior to v2.8.0.
+
+### Changes
+
+#### Deployment
+
+- Routers now calculate the value of write replication based on the number of
+ running ingesters.
+ - This can be tuned through the `INFLUXDB_IOX_RPC_WRITE_REPLICAS` environment
+ variable; however, high values can impact the performance of the system.
+
+#### Database engine
+
+- Router cache entries for namespace and retention periods are updated
+ immediately via gossip.
+ - Pod restarts are no longer required to immediately see updates.
+- Fixes to InfluxQL gap-filling mechanism, `FILL`.
+
+---
+
+## 20240326-922145 {date="2024-03-26"}
+
+### Quickstart
+
+```yaml
+spec:
+ package:
+ image: us-docker.pkg.dev/influxdb2-artifacts/clustered/influxdb:20240325-920726
+```
+
+### Highlights
+
+#### Lower defaults for garbage collection
+
+Prior to this release, the garbage collector was set at 100 days before objects,
+that were no longer returned by queries, were deleted from object store.
+This has been reduced to 30 days.
+High values lead to a situation where there are many dangling objects and
+therefore many unnecessary references in the catalog, which increases
+operational burden and cost.
+
+#### Added support for nodeAffinity at the per-component level
+
+Introduces the `nodeAffinity` setting for individual components within
+InfluxDB Clustered. Previously, the scheduling of pods was influenced by the
+Kubernetes scheduler's default behavior. For further details, please consult the
+[documentation](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity).
+
+### Changes
+
+#### Deployment
+
+- Support for environment variable modifications to specific components.
+- Update optional Grafana component to version 10.3.4.
+ - This upgrade from 9.x brings with it support for the SQL query type in the
+ InfluxDB data source.
+
+#### Database engine
+
+- Various additional metrics and performance improvements.
+- Improve compactor concurrency heuristics.
+- Fix gRPC reflection to only include services served by a particular listening
+ port.
+
+ {{% note %}}
+ `arrow.flight.protocol.FlightService` is known to be missing in the
+ `iox-shared-querier`'s reflection service even though `iox-shared-querier`
+ does run that gRPC service.
+ {{% /note %}}
+
+---
+
+## 20240227-883344 {date="2024-02-27"}
+
+### Quickstart
+
+```yaml
+spec:
+ package:
+ image: us-docker.pkg.dev/influxdb2-artifacts/clustered/influxdb:20240227-883344
+```
+
+### Changes
+
+#### Deployment
+
+- Gossip communication between the `global-router`, `iox-shared-compactor`, and
+ iox-shared-ingester` now works as expected.
+- Provide sane defaults to the `global-router` for maximum number of concurrent
+ requests.
+- Lower the number of ndots for `dnsConfig` for IOx components.
+
+#### Database engine
+
+- `SHOW TAG VALUES` no longer causes a crash in the querier when the database
+ has a large number of measurements.
+- Number of partitions scanned over in the querier is now limited for safety.
+
+---
+
+## 20240214-863513 {date="2024-02-14" .checkpoint}
+
+### Quickstart
+
+```yaml
+spec:
+ package:
+ image: us-docker.pkg.dev/influxdb2-artifacts/clustered/influxdb:20240214-863513
+```
+
+### Highlights
+
+#### Grafana dashboards by default
+
+Previously, the `grafana` feature flag had to be enabled in order to have these
+dashboards created. This now occurs by default and the feature flag is reserved
+entirely for the creation of a Grafana `Deployment` and remains experimental.
+
+The contents of these dashboards are placed within various `ConfigMap` resources,
+under common format `grafana-dashboard-<uid>`. They can either be imported or
+mounted into your existing Grafana instance.
+
+### Upgrade notes
+
+#### Consolidated authentication
+
+An authentication component, previously known as `authz`, has been consolidated
+into the `token-management` service.
+
+There is now a temporary `Job` in place, `delete-authz-schema`, that
+automatically removes the `authz` schema from the configured PostgreSQL database.
+
+### Changes
+
+#### Documentation
+
+- Fixed Google example in `example-customer.yml` file.
+
+#### Deployment
+
+- Fixed a logical error in the configuration when using Google Workload Identity
+ caused the `INFLUXDB_IOX_OBJECT_STORE` variable to be set to `memory` instead
+ of `google`.
+- Compactor configuration concurrency is now derived from CPU limit of the pod.
+- Compactor now has a lower L1 compaction threshold.
+
+#### Database engine
+
+- Correctly validate string length for column sizes.
+- FlightSQL support for prepared statements.
+- Improve metrics exposed by the compactor.
+- Further optimizations to `LIMIT` queries.
+- Add `SPREAD`, `MODE`, and `ELAPSED` support for InfluxQL.
+- Add `EXPLAIN` to all supported statements in InfluxQL.
+- Tracing correctly exposes HTTP path metrics.
+- Dependency updates.
+
+---
+
+## 20240111-824437 {date="2024-01-11"}
+
+### Quickstart
+
+```yaml
+spec:
+ package:
+ image: us-docker.pkg.dev/influxdb2-artifacts/clustered/influxdb:20240111-824437
+```
+
+### Highlights
+
+#### Ingress improvements
+
+- Ingress no longer requires a host name to be specified.
+- When a TLS secret is not specified, the TLS annotations are not generated.
+
+##### Istio support
+
+This release includes first class support for Istio via the `Gateway` and
+`VirtualService` resources.
+
+This is enabled through the `ingress` key of the `AppInstance` resource--for example:
+
+```yaml
+package:
+ spec:
+ ingress:
+ template:
+ kind: 'Gateway'
+ apiVersion: 'networking.istio.io/v1beta1'
+ ## At present the 'selector' field is only used for Istio, this maps
+ ## directly to the Gateway selector to decide which Istio ingress controller
+ ## pods should serve the configured Gateway.
+ selector:
+ istio: 'ingressgateway'
+```
+
+Note that the use of `Gateway` implies the need for `VirtualService` resources,
+these are automatically created for you.
+
+
+### Upgrade notes
+
+As part of a `partition_id` migration that runs, if you have more than 10
+million rows in the `parquet_file` table, reach out to your Sales representative
+before proceeding. You can confirm this with the following query:
+
+```sql
+SELECT count(*) FROM iox_catalog.parquet_file
+```
+
+### Changes
+
+#### Database engine
+
+- `partition_id` is now used to consistently address a partition in the catalog.
+ This requires a migration which may take some time to complete.
+- Bug fixes and dependency updates.
+
+---
+
+## 20231213-791734 {date="2023-12-13"}
+
+### Quickstart
+
+```yaml
+spec:
+ package:
+ image: us-docker.pkg.dev/influxdb2-artifacts/clustered/influxdb:20231213-791734
+```
+
+### Highlights
+
+#### Labels/annotations
+
+- You can now add custom annotations and labels in pods by specifying them under
+ `spec.package.spec.components.*.metadata`
+- Common settings for all components can be specified under
+ `spec.package.spec.components.common`. This is useful when you need to
+ configure common node selectors, taint tolerations, and annotations to adapt
+ the workload to requirements of your specific execution environment.
+
+#### Contour ingress support
+
+Services are now properly annotated to support the Contour Ingress controller.
+
+### Changes
+
+#### Database engine
+
+- Empty string values for `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` are ignored.
+- Dependency updates.
+- Query performance improvements.
+- Ingester active persist tasks are tracked as a metric.
+- WAL rotation logs moved from debug to info log level.
+- Fixed an issue where the compactor could get stuck until reboot.
+- Fixed an issue where the compactor might panic.
+- Added L2 -> L2 compactions when there are many small L2 files.
+
+---
+
+## 20231117-750011 {date="2023-11-17"}
+
+### Quickstart
+
+```yaml
+spec:
+ package:
+ image: us-docker.pkg.dev/influxdb2-artifacts/clustered/influxdb:20231117-750011
+```
+
+### Highlights
+
+{{% warn %}}
+**This release fixes a regression in the database engine that was introduced in
+[20231115-746129](#20231115-746129).**
+{{% /warn %}}
+
+### Changes
+
+#### Deployment
+
+- Add support for tuning per-component log filters.
+- Add support for `tolerations` at the per-component level.
+
+---
+
+## 20231115-746129 {date="2023-11-15"}
+
+### Quickstart
+
+```yaml
+spec:
+ package:
+ image: us-docker.pkg.dev/influxdb2-artifacts/clustered/influxdb:20231115-746129
+```
+
+### Highlights
+
+#### Ingress templating
+
+This update enables custom annotations on the `Ingress` resources.
+This is useful when configuration ingress alongside third-party software, such
+as `cert-manager`.
+
+##### OpenShift `Route`
+
+Along with the ingress templating feature, this version includes OpenShift
+`Route` support.
+Specify the `apiVersion` and `kind` of the `ingress` configuration to align
+with `Route`s and change the typical `Ingress` objects to their `Route` equivalent.
+
+```yaml
+spec:
+ package:
+ spec:
+ ingress:
+ template:
+ apiVersion: "route.openshift.io/v1"
+ kind: "Route"
+```
+
+#### Support for Google Cloud Storage (GCS)
+
+We now expose a `google` object within the `objectStore` configuration, which
+enables support for using Google Cloud's GCS as a backing object store for IOx
+components. This supports both
+[GKE workload identity](https://cloud.google.com/kubernetes-engine/docs/how-to/workload-identity)
+and [IAM Service Account](https://cloud.google.com/kubernetes-engine/docs/tutorials/authenticating-to-cloud-platform#step_3_create_service_account_credentials)
+authentication methods.
+
+#### Support for bypassing identity provider configuration for database/token management
+
+We now generate a valid access token for managing Databases and Tokens and store
+it as a secret within the namespace that InfluxDB is deployed. Use this token in
+lieu of configuring an identity provider with `influxctl` for interacting with
+the cluster.
+**This access token is intended only for testing and is not recommended for use in production**.
+
+This feature requires `influxctl` version 2.2.0 or later. To use the access
+token, you first need to copy it to a file by running the following command:
+
+<!-- pytest.mark.skip -->
+
+```bash
+kubectl get secrets/admin-token --template={{.data.token}} -n <your_influxdb_namespace> | base64 -d > token.json
+```
+
+After that, you need to tell `influxctl` where to find the access token by
+adding the following lines to your `profile.toml` file.
+
+```toml
+[profile.auth.token]
+token_file = "/path/to/token.json"
+```
+
+This is a long-lived access token. Currently, the only way to revoke the token
+is to perform the following actions in this order:
+
+1. Delete the `rsa-keys` secret from your Clustered context and namespace.
+2. Rerun the `key-gen` job.
+3. Restart the `authz` service.
+
+If you want to create a new admin token after revoking the existing one, re-run
+the `create-admin-token` job.
+
+### Changes
+
+#### Deployment
+
+- Increase HTTP write request limit from 10MB to 50MB.
+- Added support for [Telegraf Operator](https://github.com/influxdata/telegraf-operator).
+ We have added the `telegraf.influxdata.com/port` annotation to all the pods.
+ No configuration is required. We don't yet provide a way to specify the
+ `telegraf.influxdata.com/class` annotation, which means the pods use the
+ default Telegraf operator class (called `default`).
+- Implement `ingress.template` for `Ingress` and openshift `Route`.
+- Add `nodeSelector` support.
+- Add Google Cloud support.
+- Fix JSONSchema for `value` and `valueFrom` configuration.
+- Remove `AWS_ACCESS_KEY_ID` and AWS_SECRET_ACCESS_KEY` environment variabless
+ when [EKS IRSA](#eks-irsa) is enabled.
+
+#### Database engine
+
+- Ingester performance improvements.
+- Query pruning improvements where, in many cases, less data is fetched.
+- New compactor metrics.
+- Compactor tuning: autoscale L1 compaction threshold based on load.
+- FlightSQL query gRPC keep-alive fixes.
+- Log some querier configs during startup.
+- Bulk ingest gRPC API improvements.
+- Add `partition_template` column to `system.tables` table.
+- Add `last_new_file_created_at`, ` last_deleted_file_at`, `num_files` ,
+ `total_size_mb` columns to `system.partitions` table.
+- Enable gossip cache distribution for faster cache coherence between nodes.
+
+---
+
+## 20231024-711448 {date="2023-10-24"}
+
+### Quickstart
+
+```yaml
+spec:
+ package:
+ image: us-docker.pkg.dev/influxdb2-artifacts/clustered/influxdb:20231024-711448
+```
+
+### Highlights
+
+#### Additional `AppInstance` parameters
+
+This includes an addition to the `AppInstance` `package` specification with a
+new key: `hostingEnvironment`.
+Going forward, this object will be updated with various environment-specific
+functionality aimed at where you _host_ InfluxDB Clustered, such as `aws` or
+`openshift`.
+
+##### EKS IRSA
+
+With the addition of the `hostingEnvironment` configuration to the `AppInstance`
+resource, InfluxDB now supports passing an `eksRoleArn`.
+This role ARN is placed onto the IOx `ServiceAccount`.
+Please ensure that the role you provide has AWS S3 permissions.
+
+##### OpenShift
+
+InfluxDB Clustered now also support the `openshift` key under the
+`hostingEnvironment` object. This specifies OpenShift tailored configuration for
+your environment.
+
+At the moment this simplifies the installation process by removing
+`securityContext` from all pods since it is specified by your cluster's
+configuration instead.
+
+#### Ingress configuration
+
+A backwards-compatible change to the ingress configuration that makes the
+ingress use more fine-grained rules to avoid overriding other ingress rules.
+You may want to review the details if you have customized the Kubernetes
+manifests regarding the ingress resources.
+
+##### v1 write endpoint
+
+An endpoint has been exposed for the v1 write path, under `/write`.
+
+### Changes
+
+#### Database engine
+
+- Honor `SSL_CERT_FILE` for PostgreSQL connections.
+- Wait for gRPC when shutting down the querier.
+
+#### Deployment
+
+- Add defined `resources` to `authzpuller`.
+
+---
+
+## 20231004-666907 {date="2023-10-04" .checkpoint}
+
+### Quickstart
+
+```yaml
+spec:
+ package:
+ image: us-docker.pkg.dev/influxdb2-artifacts/clustered/influxdb:20231004-666907
+```
+
+### Highlights
+
+#### Object store custom certificates
+
+Support for custom certificates has been implemented since version
+[20230912-619813](#20230912-619813).
+Unfortunately, due to a bug, our Object store client didn't use the custom certificates.
+This release fixes that so you can use the existing configuration for custom
+certificates to also specify the certificate and certficate authority used by
+your object store.
+
+#### Resource limits
+
+Until now, the configuration spec only exposed the Kubernetes resource
+_requests_ and not the limits.
+Setting the limits is important for proper cluster capacity configuration.
+This release fixes this deficiency.
+
+_See [Scale components in your cluster](/influxdb/clustered/admin/scale-cluster/#scale-components-in-your-cluster)._
+
+#### Object store configuration
+
+A backwards-compatible change has been made to object store configuration.
+This now enables the use of Azure blob storage.
+
+#### Installation documentation moved to the documentation site
+
+The "Install InfluxDB Clustered" instructions (formerly known as "GETTING_STARTED")
+are now available on the public
+[InfluxDB Clustered documentation](https://docs.influxdata.com/influxdb/clustered/install/).
+
+The `example-customer.yml` (also known as `myinfluxdb.yml`) example
+configuration file still lives in the release bundle alongside the `RELEASE_NOTES`.
+
+### Upgrade notes
+
+You **must** update to this release before updating to any subsequent release.
+This ensure as schema migration is sequenced properly otherwise a Kubernetes
+cluster running pods with different versions will impact write availability.
+
+### Changes
+
+#### Deployment
+
+- Add support for setting resource limits.
+
+#### Documentation
+
+- Prior to this release, the example query for the sample data
+ (`air-sensor-data.lp`) was incorrect.
+
+#### Database engine
+
+- Use system certificate store.
+
+---
+
+## 20230922-650371 {date="2023-09-22"}
+
+### Quickstart
+
+```yaml
+spec:
+ package:
+ image: us-docker.pkg.dev/influxdb2-artifacts/clustered/influxdb:20230922-650371
+```
+
+### Highlights
+
+#### Configuration simplification
+
+This release simplifies the configuration of the admin interface.
+The `internalSigningKey` configuration section is now optional and is
+autogenerated.
+
+### Upgrade notes
+
+We simplified the ingress rules, which may require some changes _if_ you have
+custom Ingress resources pointing to the underlying services.
+Otherwise, no changes are necessary.
+
+#### Details
+
+- Ingress that previously pointed to the `account` service should now point to
+ the `gateway` service--for example: `/account.v1.AccountService`.
+- Ingress that previously pointed to the `authz` service can be removed--for
+ example: `/authz.public.v1.AuthzPublicService`.
+- Ingress that previously pointed to the `database-management` service should
+ now point to the `gateway` service--for example:
+ `/database_management.v1.DatabaseService`.
+- Ingress that previously pointed to the `token-management` service should now
+ point to the `gateway` service--for example:
+ `/token_management.public.v1.TokenManagementPublicService`.
+
+### Changes
+
+#### Deployment
+
+- Update reference version of kubit to 0.0.11.
+- Update the default number of routers to match ingesters (3).
+- Ensure custom certificates are available to all components.
+
+#### Database engine
+
+- Catalog cache convergence improvements.
+- Retry after out of memeory (OOM) errors.
+
+---
+
+## 20230915-630658 {date="2023-09-15"}
+
+### Quickstart
+
+```yaml
+spec:
+ package:
+ image: us-docker.pkg.dev/influxdb2-artifacts/clustered/influxdb:20230915-630658
+```
+
+### Highlights
+
+#### Persistent volume fixes
+
+This release fixes am issue involving volume permissions in some volume
+provisioners (for example, EBS).
+No action is required for upgrades.
+
+### Changes
+
+- Removed the "Generate internal signing key" section from the "Getting started"
+ documentation.
+- Updated `Volume` permissions to fix issues in some environments.
+
+---
+
+## 20230914-628600 {date="2023-09-14"}
+
+### Quickstart
+
+```yaml
+spec:
+ package:
+ image: us-docker.pkg.dev/influxdb2-artifacts/clustered/influxdb:20230914-628600
+```
+
+### Highlights
+
+#### Updated Azure AD documentation
+
+The `Appendix` / `Configuring Identity Provider` / `Azure` section of the
+"Geting started" documentation has been updated:
+
+```diff
+- https://login.microsoftonline.com/{AZURE_TENANT_ID}/.well-known/openid-configuration
++ https://login.microsoftonline.com/{AZURE_TENANT_ID}/v2.0/.well-known/openid-configuration
+```
+
+### Changes
+
+#### Deployment
+
+- Documentation fixes.
+- Generate JWT signing keys automatically.
+
+#### Database engine
+
+- Various minor fixes.
+
+---
+
+## 20230912-619813 {date="2023-09-12"}
+
+### Quickstart
+
+```yaml
+spec:
+ package:
+ image: us-docker.pkg.dev/influxdb2-artifacts/clustered/influxdb:20230912-619813
+```
+
+### Highlights
+
+#### Custom CA certificates {note="(Optional)"}
+
+InfluxDB processes inbound API requests (_ingress_) and issues outbound API
+request to external services (_egress_).
+The _ingress_ transport security parameters (TLS) are configured in the
+`ingress` section. InfluxDB can work with any certificate signed with any
+Certificate Authority (accepting that CA is then a matter of InfluxDB client's
+configuration, outside of the scope of this document).
+
+_Egress_ connections to TLS secured endpoints (`https` or TLS secured postgres)
+are verified by a set of built-in certificate authorities (we use Debian's
+[ca-certificates](https://packages.debian.org/stable/ca-certificates)).
+
+You may need to override the list of accepted CAs if your InfluxDB cluster is
+configured to access dependencies that use certificates issued by your private CA.
+In some cases your network setup may even involve an auditing MitM proxy that
+issues their own certificates.
+
+This release includes an optional feature that allows you to specify your own CA
+list. The custom CA replaces the standard set of CA certificates. The custom
+certificate file can contain one or more PEM encoded CA certificates.
+
+<!-- pytest.mark.skip -->
+
+```bash
+kubectl -n influxdb create configmap custom-ca --from-file=ca.pem
+```
+
+```yaml
+....
+kind: AppInstance
+spec:
+ ...
+ spec:
+ ...
+ egress:
+ customCertificates:
+ valueFrom:
+ configMapKeyRef:
+ key: ca.pem
+ name: custom-ca
+ ...
+```
+
+### Changes
+
+#### Deployment
+
+- Allow users to specify custom certificate authorities for egress calls.
+
+#### Database engine
+
+- Fix health probe livelock.
+- Handle oversized files in the compactor.
+- Various minor optimizations.
+
+---
+
+## 20230911-604209 {date="2023-09-11"}
+
+### Quickstart
+
+```yaml
+spec:
+ package:
+ image: us-docker.pkg.dev/influxdb2-artifacts/clustered/influxdb:20230911-604209
+```
+
+### Highlights
+
+This release contains a breaking change to the monitoring subsystem that
+requires manual intervention to unblock.
+More details in the Upgrade notes section below.
+
+### Upgrade notes
+
+#### Prometheus StatefulSet
+
+This release contains a change to the prometheus `StatefulSet` resources that
+cannot be reconciled automatically by the operator.
+You must delete the stateful set manually.
+The operator will then automatically re-create the resources.
+
+<!-- pytest.mark.skip -->
+
+```bash
+kubectl -n influxdb delete sts prometheus
+```
+
+### Changes
+
+#### Documentation
+
+- Update active directory documentation.
+
+#### Deployment
+
+- Set `serviceName` in Prometheus deployment.
+- Ensure granite ingress has hostname declared.
+
+#### Database engine
+
+- Various dependency updates.
+- Adjust compactor catalog query rate limiter for small clusters.
+
+---
+
+## 20230908-600131 {date="2023-09-08"}
+
+### Quickstart
+
+```yaml
+spec:
+ package:
+ image: us-docker.pkg.dev/influxdb2-artifacts/clustered/influxdb:20230908-600131
+```
+
+### Highlights
+
+#### Default storage class
+
+The `storageClassName` parameters are no longer required.
+InfluxDB uses the cluster's default storage class unless you override it in your
+configuration.
+
+### Changes
+
+#### Deployment
+
+- Remove unnecessary Grafana dashboards.
+- Make storage class optional.
+
+---
+
+## 20230907-597343 {date="2023-09-07"}
+
+### Quickstart
+
+```yaml
+spec:
+ package:
+ image: us-docker.pkg.dev/influxdb2-artifacts/clustered/influxdb:20230907-597343
+```
+
+### Upgrade Notes
+
+This release requires a new configuration block:
+
+```yaml
+monitoringStorage:
+ storage: 1Gi
+ storageClassName: <your_storage_class>
+```
+
+### Changes
+
+#### Deployment
+
+- Make gRPC ingress work with the Traefik ingress controller.
+- Add `hosts` field to ingress specification.
+- Several fixes in ingress layer for the admin control plane.
+
+#### Database engine
+
+- Add support for `FILL(linear)` for selector functions in InfluxQL.
+- Prevent sort order mismatches from creating overlapping chains.
+- Minor performance optimizations.
+- Change `loglevel` to `info` on "No compaction job found" errors.
diff --git a/layouts/partials/footer/javascript.html b/layouts/partials/footer/javascript.html
index 4b4e310f5..3cf4bc3bd 100644
--- a/layouts/partials/footer/javascript.html
+++ b/layouts/partials/footer/javascript.html
@@ -18,12 +18,14 @@
{{ $fluxInfluxDBVersions := resources.Get "/js/flux-influxdb-versions.js" }}
{{ $v3Wayfinding := resources.Get "/js/v3-wayfinding.js"}}
{{ $codePlaceholders := resources.Get "/js/code-placeholders.js" }}
+{{ $releaseTOC := resources.Get "/js/release-toc.js" }}
{{ $footerjs := slice $versionSelector $contentInteractions $searchInteractions $listFilters $modals $influxdbURLs $featureCallouts $tabbedContent $apiLibs $notifications $keybindings $codeControls $pageFeedback $homepageInteractions $fluxInfluxDBVersions | resources.Concat "js/footer.bundle.js" | resources.Fingerprint }}
{{ $fluxGroupKeyjs := $fluxGroupKeys | resources.Fingerprint }}
{{ $dateTimejs := $dateTime | resources.Fingerprint }}
{{ $influxdbGSTimestampsjs := $influxdbGSTimestamps | resources.Fingerprint }}
{{ $v3Wayfindingjs := $v3Wayfinding | resources.Fingerprint }}
{{ $codePlaceholdersjs := $codePlaceholders | resources.Fingerprint }}
+{{ $releaseTOCjs := $releaseTOC | resources.Fingerprint }}
<!-- Load cloudUrls array -->
<script type="text/javascript">
@@ -76,5 +78,10 @@
<script type="text/javascript" src="{{ $codePlaceholdersjs.RelPermalink }}"></script>
{{ end }}
+<!-- Load code release-toc js when release-toc shortcode is present -->
+{{ if .Page.HasShortcode "release-toc" }}
+<script type="text/javascript" src="{{ $releaseTOCjs.RelPermalink }}"></script>
+{{ end }}
+
<!-- Load footer.js -->
<script type="text/javascript" src="{{ $footerjs.RelPermalink }}"></script>
\ No newline at end of file
diff --git a/layouts/shortcodes/release-toc.html b/layouts/shortcodes/release-toc.html
new file mode 100644
index 000000000..ac2f249e1
--- /dev/null
+++ b/layouts/shortcodes/release-toc.html
@@ -0,0 +1,10 @@
+{{- $productPathData := findRE "[^/]+.*?" .Page.RelPermalink -}}
+{{- $currentVersion := index $productPathData 1 -}}
+{{- $show := .Get "show" | default 12 -}}
+
+<div id="release-toc" class="{{ $currentVersion }}">
+ <ul id="release-list" style="height: calc({{ $show }} * 1.885rem);" show="{{ $show }}">
+ <!-- PLACEHOLDER FOR JS-GENERATED LIST ITEMS -->
+ </ul>
+ <span class="show-more">Show more</span>
+</div>
\ No newline at end of file