- Helm version tagging now utilizes
.Values.image.tagwhen set.
- Added additional values to separate out
db:prepareanddb:migratejobs and whether they should run:
mastodon:
hooks:
dbPrepare:
enabled: true
dbMigrate:
enabled: true- Services for web & streaming now use
ipFamilyPolicy: PreferDualStack. This will cause upgrades on existing deployments to fail, as kubernetes cannot patch this field. Please remove both service objects before runninghelm upgrade(services aremastodon-webandmastodon-streamingby default).
- Added prometheus metrics config for web and sidekiq pods (feature will be available with Mastodon v4.4).
mastodon:
metrics:
prometheus:- Added ability to automatically upload assets to an S3 bucket:
mastodon:
hooks:
s3Upload:- Added OpenTelemetry metrics:
mastodon:
otel:
---
mastodon:
sidekiq:
otel:
---
mastodon:
web:
otel:- Fine-grained control of labels and annotations for both pods and deployments.
- Additional redis options for separate instances (app, sidekiq, cache).
- Configurable PodDisruptionBudgets for web and streaming pods.
- Various database migrations fixes
- Fixed first-time install DB setup on self-managed databases
- Fixed running migrations through a connection pooler.
- Removed old, unused jobs:
- chewy upgrade (use
tootctl search deployinstead) - assets precompile
- chewy upgrade (use
-
Added values for Active Record Encryption in Redis:
mastodon: secrets: activeRecordEncryption: primaryKey: deterministicKey: keyDerivationSalt:
-
Small bugfix related to automatic secret generation
- Updated major versions of chart dependencies (postgres, redis, elasticsearch)
-
adds support for multiple Sidekiq deployments to be configured to manage different sets of queues.
-
smtp: replaces
enable_starttls_autoboolean withenable_starttlssetting that defaults toauto. -
adds support for statsd publishing:
mastodon: metrics: statsd: address: -
allows disabling the included redis deployment in order to use an existing external redis server:
redis: enabled: false -
adds support for authorized fetch:
mastodon: authorizedFetch: true -
removed the
HorizontalPodAutoscalerand the global autoscaling configuration.
A number of other configuration options have been added, see values.yaml.
skipped
The annotations previously defaulting to nginx have been removed and support for ingressClassName has been added.
ingress:
annotations:
kubernetes.io/ingress.class: nginx
kubernetes.io/tls-acme: "true"To restore the old functionality simply add the above snippet to your values.yaml,
but the recommendation is to replace these with ingress.ingressClassName and use
cert-manager's issuer/cluster-issuer instead of tls-acme.
If you're uncertain about your current setup leave ingressClassName empty and add
kubernetes.io/tls-acme to ingress.annotations in your values.yaml.
Because of the changes in #19706 the upgrade may fail with the following error:
Error: UPGRADE FAILED: cannot patch "mastodon-sidekiq"
If you want an easy upgrade and you're comfortable with some downtime then simply delete the -sidekiq, -web, and -streaming Deployments manually.
If you require a no-downtime upgrade then:
- run
helm templateinstead ofhelm upgrade - Copy the new -web and -streaming services into
services.yml - Copy the new -web and -streaming deployments into
deployments.yml - Append -temp to the name of each deployment in
deployments.yml kubectl apply -f deployments.ymlthen wait until all pods are readykubectl apply -f services.yml- Delete the old -sidekiq, -web, and -streaming deployments manually
helm upgradelike normalkubectl delete -f deployments.ymlto clear out the temporary deployments
If you've previously installed the chart and you're having problems with
postgres not accepting your password then make sure to set username to
postgres and password and postgresPassword to the same passwords.
postgresql:
auth:
username: postgres
password: <same password>
postgresPassword: <same password>And make sure to set password to the same value as postgres-password
in your mastodon-postgresql secret:
kubectl edit secret mastodon-postgresql