From 607442b9b2e3c9cdf737fe13eab3bde6a543cc7d Mon Sep 17 00:00:00 2001 From: Kyriakos Akriotis Date: Fri, 20 Feb 2026 12:33:48 +0000 Subject: [PATCH 1/6] added announcement placeholder and new card in landing page #48 --- blog/2026-02-25-release-0-3-9-rc.1.md | 14 +++++++++++ src/pages/index.tsx | 34 ++++++++++++++++----------- 2 files changed, 34 insertions(+), 14 deletions(-) create mode 100644 blog/2026-02-25-release-0-3-9-rc.1.md diff --git a/blog/2026-02-25-release-0-3-9-rc.1.md b/blog/2026-02-25-release-0-3-9-rc.1.md new file mode 100644 index 0000000..08f9ea0 --- /dev/null +++ b/blog/2026-02-25-release-0-3-9-rc.1.md @@ -0,0 +1,14 @@ +--- +slug: release-0-3-9 +title: 0.3.9-rc.1 +authors: [tykobot] +tags: [release] +--- + +## What's Changed + +### 0.3.9-rc.1 + +:::warning +Updating from versions earlier than **0.3.8-rc.4** will cause the existing `Pods` to be replaced, because the annotation hash used for `StatefulSet` changes is now calculated differently. +::: diff --git a/src/pages/index.tsx b/src/pages/index.tsx index 77b42e0..7549a80 100644 --- a/src/pages/index.tsx +++ b/src/pages/index.tsx @@ -3,7 +3,7 @@ import Layout from "@theme/Layout"; import Link from "@docusaurus/Link"; import useBaseUrl from '@docusaurus/useBaseUrl'; import useDocusaurusContext from "@docusaurus/useDocusaurusContext"; -import { BarChart3, Lock, HeartPulse, Rocket, CircleFadingArrowUp, Ship, Cable } from "lucide-react"; +import { BarChart3, Lock, HeartPulse, Rocket, CircleFadingArrowUp, Ship, Cable, HandPlatter } from "lucide-react"; export default function Home(): JSX.Element { const { siteConfig } = useDocusaurusContext(); @@ -33,7 +33,7 @@ export default function Home(): JSX.Element {

- Get Started -> + Get Started -{">"} GitHub @@ -112,7 +112,7 @@ export default function Home(): JSX.Element {

{s.desc}

- Learn more -> + Learn more -{">"} @@ -151,24 +151,24 @@ export default function Home(): JSX.Element { const features = [ { - title: "Self‑healing clusters", + title: "Self-healing clusters", desc: "Automated failover, quorum recovery, and raft re-evaluation keep your Typesense clusters healthy without any manual intervention.", icon: , }, { - title: "Zero‑downtime updates", + title: "Zero-downtime updates", desc: "Rolling updates with safe orchestration ensure your clusters stay online while you upgrade or downgrade their Typesense version.", icon: , }, { - title: "Kubernetes‑native", - desc: "Built with Go & Operator SDK, following Kubernetes best‑practices. Extend TyKO to your needs if you wish.", - icon: , - }, - { - title: "Batteries‑included", - desc: "Ingress, Services, StatefulSets, ConfigMaps, Secrets, PodMetrics and many more, all managed for you.", + title: "Batteries-included", + desc: "StatefulSets, ConfigMaps, Secrets, Services, PodMetrics, HttpRoutes and many more, all managed for you.", icon: , + }, + { + title: "Ingress & Gateway APIs support", + desc: "Expose Typesense securely using Kubernetes Ingress or the Gateway API. Integrates with Shared Gateways & TLS termination.", + icon: , }, { title: "Observability", @@ -177,8 +177,14 @@ const features = [ }, { title: "Production-ready", - desc: "Opinionated defaults for secure production‑ready clusters and sane resource limits.", - icon: , + desc: "Opinionated defaults for secure production-ready clusters and sane resource limits.", + icon: , + }, + + { + title: "Kubernetes-native", + desc: "Built with Go & Operator SDK, following Kubernetes best-practices. Extend TyKO to your needs if you wish.", + icon: , }, ] as const; From ff1dd83724dce8fdcc68611fba1387fcefa6a88b Mon Sep 17 00:00:00 2001 From: Kyriakos Akriotis Date: Fri, 20 Feb 2026 13:00:22 +0000 Subject: [PATCH 2/6] added s3 card in landing page, updated zero-downtime updates #48 #35 --- src/pages/index.tsx | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/src/pages/index.tsx b/src/pages/index.tsx index 7549a80..f2f3fee 100644 --- a/src/pages/index.tsx +++ b/src/pages/index.tsx @@ -3,7 +3,7 @@ import Layout from "@theme/Layout"; import Link from "@docusaurus/Link"; import useBaseUrl from '@docusaurus/useBaseUrl'; import useDocusaurusContext from "@docusaurus/useDocusaurusContext"; -import { BarChart3, Lock, HeartPulse, Rocket, CircleFadingArrowUp, Ship, Cable, HandPlatter } from "lucide-react"; +import { BarChart3, Lock, HeartPulse, Rocket, CircleFadingArrowUp, Ship, Cable, HandPlatter, Archive } from "lucide-react"; export default function Home(): JSX.Element { const { siteConfig } = useDocusaurusContext(); @@ -157,7 +157,7 @@ const features = [ }, { title: "Zero-downtime updates", - desc: "Rolling updates with safe orchestration ensure your clusters stay online while you upgrade or downgrade their Typesense version.", + desc: "Rolling updates with safe orchestration ensure you are always stay operational while you upgrade, downgrade or resize your Typesense clusters.", icon: , }, { @@ -165,7 +165,7 @@ const features = [ desc: "StatefulSets, ConfigMaps, Secrets, Services, PodMetrics, HttpRoutes and many more, all managed for you.", icon: , }, - { + { title: "Ingress & Gateway APIs support", desc: "Expose Typesense securely using Kubernetes Ingress or the Gateway API. Integrates with Shared Gateways & TLS termination.", icon: , @@ -180,7 +180,11 @@ const features = [ desc: "Opinionated defaults for secure production-ready clusters and sane resource limits.", icon: , }, - + { + title: "S3-compatible storage support", + desc: "Persist data on any S3-compatible object storage. Works with OBS, AWS S3, RustFS and many more for vendor-neutral storage.", + icon: , + }, { title: "Kubernetes-native", desc: "Built with Go & Operator SDK, following Kubernetes best-practices. Extend TyKO to your needs if you wish.", From 4b37d0698e97cb9ef0da2c3ce138383c6e4949d3 Mon Sep 17 00:00:00 2001 From: Kyriakos Akriotis Date: Fri, 20 Feb 2026 13:04:13 +0000 Subject: [PATCH 3/6] change the define your cluster card text #48 --- src/pages/index.tsx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/pages/index.tsx b/src/pages/index.tsx index f2f3fee..a638a9d 100644 --- a/src/pages/index.tsx +++ b/src/pages/index.tsx @@ -200,7 +200,7 @@ const steps = [ }, { title: "Define your Cluster", - desc: "Apply a TypesenseCluster YAML with the version, sizing and storage type you need.", + desc: "Apply a single manifest with the version, size and storage you need.", href: "/docs/crds/crds-examples", }, { From c6859e932671c466ae26c327e1ebdd3888eca9da Mon Sep 17 00:00:00 2001 From: Kyriakos Akriotis Date: Fri, 20 Feb 2026 13:32:59 +0000 Subject: [PATCH 4/6] added crd, examples and gateway warning #48 --- docs/crds/examples.md | 46 +++++++++++++++++++++++++++++++++++++++++++ docs/crds/index.mdx | 23 ++++++++++++++++++++++ 2 files changed, 69 insertions(+) diff --git a/docs/crds/examples.md b/docs/crds/examples.md index 2b00e33..a4d677b 100644 --- a/docs/crds/examples.md +++ b/docs/crds/examples.md @@ -473,6 +473,52 @@ To expose your Typesense cluster via an `Ingress`, certain prerequisites must al ::: +## Gateway HttpRoutes + +```yaml +apiVersion: ts.opentelekomcloud.com/v1alpha1 +kind: TypesenseCluster +metadata: + name: tsc +spec: + image: typesense/typesense:30.1 + replicas: 3 + storage: + storageClassName: standard + enableCors: true + corsDomains: "https://docs.example.com" + httpRoutes: + - name: public + parentRef: + name: traefik-gateway + namespace: kube-system + hostnames: + - typesense.docs.example.com + - search.docs.example.com + enabled: true + - name: private + parentRef: + name: traefik-gateway + namespace: kube-system + section: web + hostnames: + - typesense-int.docs.example.com + enabled: true + referenceGrant: true +``` + +:::warning + +**The operator does not configure or manage Gateways. Gateway setup is intentionally left out of scope because it is highly platform-specific and tightly coupled to cluster networking, security, and organizational policies. All required Gateway resources must be provisioned and maintained in advance by your platform or cluster engineering team.** + +To expose your Typesense cluster via a `Gateway`, certain prerequisites must already be present in your Kubernetes cluster: + +:white_check_mark: You will need an gateway controller present (example is using [Traefik Gateway Controller](https://doc.traefik.io/traefik/reference/routing-configuration/kubernetes/gateway-api/)).
+:white_check_mark: You will need a `GatewayClass` and a `Gateway` configured.
+:white_check_mark: You will need [cert-manager](https://cert-manager.io/) present that takes care of the TLS certiicates.
+ +::: + ## Metrics ```yaml diff --git a/docs/crds/index.mdx b/docs/crds/index.mdx index b83318c..f6af834 100644 --- a/docs/crds/index.mdx +++ b/docs/crds/index.mdx @@ -41,6 +41,7 @@ Typesense Kubernetes Operator is controlling the lifecycle of multiple Typesense | serviceAnnotations | user-defined annotations | X | | | storage | check `StorageSpec` [below](#storagespec-optional) | | | | ingress | check `IngressSpec` [below](#ingressspec-optional) | X | | +| httpRoutes | array of `HttpRouteSpec`; check [below](#ingressspec-optional) | X | | | scrapers | array of `DocSearchScraperSpec`; check [below](#docsearchscraperspec-optional) | X | | | metrics | check `MetricsSpec` [below](#metricsspec-optional) | X | | | healthcheck | check `HealthCheckSpec` [below](#healthcheckspec-optional) | X | | @@ -131,6 +132,28 @@ Although in official Typesense documentation under _Production Best Practices_ - It is highly recommended, from this operator's perspective, to always expose Typesense behind a reverse proxy (using the `referer` option). ::: +### HttpRouteSpec (optional) + +| Name | Description | Optional | Default | +| -------------- | -------------------------------------------------------------------------------------------------------- | -------- | ------------------------ | +| name | name of the route | | | +| enabled | enable this route | X | true | +| parentRef | reference to the parent `Gateway`; check `GatewayParentRef` [below](#gatewayparentref) | | | +| hostnames | array of hostnames to match for this route | | | +| path | path to match for this route | X | / | +| pathType | interpretation of the path matching | X | `ImplementationSpecific` | +| labels | user-defined labels | X | | +| annotations | user-defined annotations | X | | +| referenceGrant | enable cross-namespace reference to the parent `Gateway` | X | false | + +#### GatewayParentRef + +| Name | Description | Optional | Default | +| ----------- | -------------------------------------------------------------- | -------- | ------- | +| name | name of the parent `Gateway` | | | +| namespace | namespace of the parent `Gateway` | | | +| sectionName | section of the parent `Gateway` to route to (e.g. "websecure") | X | | + ### DocSearchScraperSpec (optional) | Name | Description | Optional | Default | From 909a5e4b088d915e914af44fd4d5189f59bf4521 Mon Sep 17 00:00:00 2001 From: Kyriakos Akriotis Date: Mon, 23 Feb 2026 07:07:47 +0000 Subject: [PATCH 5/6] added admonitions for ingress and httproutes #48 --- docs/crds/examples.md | 6 ++-- docs/crds/index.mdx | 71 ++++++++++++++++++++++++++++++++----------- 2 files changed, 57 insertions(+), 20 deletions(-) diff --git a/docs/crds/examples.md b/docs/crds/examples.md index a4d677b..0e53365 100644 --- a/docs/crds/examples.md +++ b/docs/crds/examples.md @@ -513,9 +513,9 @@ spec: To expose your Typesense cluster via a `Gateway`, certain prerequisites must already be present in your Kubernetes cluster: -:white_check_mark: You will need an gateway controller present (example is using [Traefik Gateway Controller](https://doc.traefik.io/traefik/reference/routing-configuration/kubernetes/gateway-api/)).
-:white_check_mark: You will need a `GatewayClass` and a `Gateway` configured.
-:white_check_mark: You will need [cert-manager](https://cert-manager.io/) present that takes care of the TLS certiicates.
+☑️ You will need a gateway controller present (example is using [Traefik Gateway Controller](https://doc.traefik.io/traefik/reference/routing-configuration/kubernetes/gateway-api/)).
+☑️ You will need a `GatewayClass` and a `Gateway` configured.
+☑️ You will need [cert-manager](https://cert-manager.io/) present that takes care of the TLS certiicates.
::: diff --git a/docs/crds/index.mdx b/docs/crds/index.mdx index f6af834..5d78300 100644 --- a/docs/crds/index.mdx +++ b/docs/crds/index.mdx @@ -40,8 +40,8 @@ Typesense Kubernetes Operator is controlling the lifecycle of multiple Typesense | podsInheritStatefulSetAnnotations | propagate all `StatefulSet` annotations to `Pods` | X | false | | serviceAnnotations | user-defined annotations | X | | | storage | check `StorageSpec` [below](#storagespec-optional) | | | -| ingress | check `IngressSpec` [below](#ingressspec-optional) | X | | -| httpRoutes | array of `HttpRouteSpec`; check [below](#ingressspec-optional) | X | | +| ingress | check `IngressSpec` [below](#ingressspec-deprecated) | X | | +| httpRoutes | array of `HttpRouteSpec`; check [below](#httproutespec-optional) | X | | | scrapers | array of `DocSearchScraperSpec`; check [below](#docsearchscraperspec-optional) | X | | | metrics | check `MetricsSpec` [below](#metricsspec-optional) | X | | | healthcheck | check `HealthCheckSpec` [below](#healthcheckspec-optional) | X | | @@ -90,7 +90,28 @@ For more information about installing and configuring **JuiceFS** and **JuiceFS ::: -### IngressSpec (optional) +### IngressSpec (deprecated) + +:::warning + +As of **v0.3.9**, following the events triggered by the Ingress NGINX retirement in March 2026 (see [here](https://www.kubernetes.dev/blog/2025/11/12/ingress-nginx-retirement/) the announcement of the Kubernetes SIG Network and the Security Response Committee), +Ingress API support is deprecated in favor of the more flexible and powerful Gateway API. + +Although the operator will continue to support `Ingress` resources for the foreseeable future without any breaking changes, +**no new features or maintainance updates will be made to the `Ingress` implementation**. + +For that reason, it is recommended to transition to use `HttpRoute` for new deployments or when updating existing ones. + +Additionally, bear in mind that the Kubernetes project itself recommends the following regarding Ingress API (exerpt from the [Kubernetes documentation/Ingress](https://kubernetes.io/docs/concepts/services-networking/ingress/)): + +"_The Kubernetes project recommends using Gateway instead of Ingress. The Ingress API has been frozen._ + +_This means that:_ + +_-The Ingress API is generally available, and is subject to the stability guarantees for generally available APIs. The Kubernetes project has no plans to remove Ingress from Kubernetes._ +_-The Ingress API is no longer being developed, and will have no further changes or updates made to it._" + +::: | Name | Description | Optional | Default | | ---------------------- | -------------------------------------------------------------------------------- | -------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | @@ -119,13 +140,11 @@ For more information about installing and configuring **JuiceFS** and **JuiceFS | volumeMounts | additional mounts in the container | X | | :::note -This feature makes use of the existence of [cert-manager](https://cert-manager.io/) in the cluster, but **does not** actively enforce it with an error. If no clusterIssuer is specified a valid certificate must be stored in a secret and the secret name must be provided in the tlsSecretName config. +1️⃣ This feature makes use of the existence of [cert-manager](https://cert-manager.io/) in the cluster, but **does not** actively enforce it with an error. If no clusterIssuer is specified a valid certificate must be stored in a secret and the secret name must be provided in the tlsSecretName config. If you are targeting [Open Telekom Cloud](https://www.open-telekom-cloud.com/en), you might be interested in provisioning additionally the designated DNS solver webhook for Open Telekom Cloud. You can find it [here](https://github.com/akyriako/cert-manager-webhook-opentelekomcloud). -::: -:::caution -Although in official Typesense documentation under _Production Best Practices_ -> _Configuration_ is stated: +2️⃣ Although in official Typesense documentation under _Production Best Practices_ -> _Configuration_ is stated: "_Typesense comes built-in with a high performance HTTP server that is used by likes of Fastly in their edge servers at scale. So Typesense can be directly exposed to incoming public-facing internet traffic, without the need to place it behind another web server like Nginx/Apache or your backend API._" @@ -134,17 +153,35 @@ It is highly recommended, from this operator's perspective, to always expose Typ ### HttpRouteSpec (optional) -| Name | Description | Optional | Default | -| -------------- | -------------------------------------------------------------------------------------------------------- | -------- | ------------------------ | -| name | name of the route | | | -| enabled | enable this route | X | true | +| Name | Description | Optional | Default | +| -------------- | -------------------------------------------------------------------------------------- | -------- | ------------------------ | +| name | name of the route | | | +| enabled | enable this route | X | true | | parentRef | reference to the parent `Gateway`; check `GatewayParentRef` [below](#gatewayparentref) | | | -| hostnames | array of hostnames to match for this route | | | -| path | path to match for this route | X | / | -| pathType | interpretation of the path matching | X | `ImplementationSpecific` | -| labels | user-defined labels | X | | -| annotations | user-defined annotations | X | | -| referenceGrant | enable cross-namespace reference to the parent `Gateway` | X | false | +| hostnames | array of hostnames to match for this route | | | +| path | path to match for this route | X | / | +| pathType | interpretation of the path matching | X | `ImplementationSpecific` | +| labels | user-defined labels | X | | +| annotations | user-defined annotations | X | | +| referenceGrant | enable cross-namespace reference to the parent `Gateway` | X | false | + +:::warning + +1️⃣ **The operator does not configure or manage Gateway(s). A `Gateway` setup is intentionally left out of scope because it is highly platform-specific and tightly coupled to cluster networking, security, +and organizational policies. All required `Gateway` resources must be provisioned and maintained in advance by your platform or cluster engineering team.** + +To expose your Typesense cluster via a `Gateway`, certain prerequisites must already be present in your Kubernetes cluster: + +🚧 You will need: + +- a gateway controller present (example is using [Traefik Gateway Controller](https://doc.traefik.io/traefik/reference/routing-configuration/kubernetes/gateway-api/)).
+- a `GatewayClass` and a `Gateway` configured.
+- [cert-manager](https://cert-manager.io/) to be present that takes care of the TLS certiicates.
+ +2️⃣ Activating the `HttpRoute` confiruration will automatically deactivate/ignore the `Ingress` one if it exists, but the `Ingress` resource which might be present in the cluster +will not be automatically deleted. It can be safely deleted manually, if not needed anymore. + +::: #### GatewayParentRef From ba66807326c1e4f43c19e8333a96718a577a8413 Mon Sep 17 00:00:00 2001 From: Kyriakos Akriotis Date: Fri, 27 Feb 2026 13:36:39 +0000 Subject: [PATCH 6/6] added crd and release for 040rc1 #48 --- blog/2026-02-19-typesense30docscraper.md | 2 ++ blog/2026-02-25-release-0-3-9-rc.1.md | 14 -------------- blog/2026-02-27-release-0-4-0-rc.1.md | 17 +++++++++++++++++ docs/crds/index.mdx | 2 +- docusaurus.config.ts | 12 +++++++----- 5 files changed, 27 insertions(+), 20 deletions(-) delete mode 100644 blog/2026-02-25-release-0-3-9-rc.1.md create mode 100644 blog/2026-02-27-release-0-4-0-rc.1.md diff --git a/blog/2026-02-19-typesense30docscraper.md b/blog/2026-02-19-typesense30docscraper.md index 5c318c3..a79ddb1 100644 --- a/blog/2026-02-19-typesense30docscraper.md +++ b/blog/2026-02-19-typesense30docscraper.md @@ -27,3 +27,5 @@ TyKO `0.3.7` is the first version tested with Typesense 30.x+, therefore is the **Any earlier versions combinations might lead to undefined behavior and/or potential index corruption.** ::: + + diff --git a/blog/2026-02-25-release-0-3-9-rc.1.md b/blog/2026-02-25-release-0-3-9-rc.1.md deleted file mode 100644 index 08f9ea0..0000000 --- a/blog/2026-02-25-release-0-3-9-rc.1.md +++ /dev/null @@ -1,14 +0,0 @@ ---- -slug: release-0-3-9 -title: 0.3.9-rc.1 -authors: [tykobot] -tags: [release] ---- - -## What's Changed - -### 0.3.9-rc.1 - -:::warning -Updating from versions earlier than **0.3.8-rc.4** will cause the existing `Pods` to be replaced, because the annotation hash used for `StatefulSet` changes is now calculated differently. -::: diff --git a/blog/2026-02-27-release-0-4-0-rc.1.md b/blog/2026-02-27-release-0-4-0-rc.1.md new file mode 100644 index 0000000..b4a7dcf --- /dev/null +++ b/blog/2026-02-27-release-0-4-0-rc.1.md @@ -0,0 +1,17 @@ +--- +slug: release-0-4-0-rc-1 +title: 0.4.0-rc.1 +authors: [tykobot] +tags: [release] +--- + +## What's Changed + +### 0.4.0-rc.1 + +* 219 upgrade operator sdk by @akyriako in https://github.com/akyriako/typesense-operator/pull/240 +* 183 add support for gateway api by @akyriako in https://github.com/akyriako/typesense-operator/pull/244 + +**Full Changelog**: https://github.com/akyriako/typesense-operator/compare/typesense-operator-0.3.8...typesense-operator-0.4.0-rc.1 + + diff --git a/docs/crds/index.mdx b/docs/crds/index.mdx index 5d78300..2e349db 100644 --- a/docs/crds/index.mdx +++ b/docs/crds/index.mdx @@ -94,7 +94,7 @@ For more information about installing and configuring **JuiceFS** and **JuiceFS :::warning -As of **v0.3.9**, following the events triggered by the Ingress NGINX retirement in March 2026 (see [here](https://www.kubernetes.dev/blog/2025/11/12/ingress-nginx-retirement/) the announcement of the Kubernetes SIG Network and the Security Response Committee), +As of **v0.4.0-rc.1**, following the events triggered by the Ingress NGINX retirement in March 2026 (see [here](https://www.kubernetes.dev/blog/2025/11/12/ingress-nginx-retirement/) the announcement of the Kubernetes SIG Network and the Security Response Committee), Ingress API support is deprecated in favor of the more flexible and powerful Gateway API. Although the operator will continue to support `Ingress` resources for the foreseeable future without any breaking changes, diff --git a/docusaurus.config.ts b/docusaurus.config.ts index 662c5dd..442e53b 100644 --- a/docusaurus.config.ts +++ b/docusaurus.config.ts @@ -1,5 +1,5 @@ -import {themes as prismThemes} from 'prism-react-renderer'; -import type {Config} from '@docusaurus/types'; +import { themes as prismThemes } from 'prism-react-renderer'; +import type { Config } from '@docusaurus/types'; import type * as Preset from '@docusaurus/preset-classic'; import type { Options as UmamiOptions } from '@dipakparmar/docusaurus-plugin-umami'; @@ -61,6 +61,8 @@ const config: Config = { onInlineTags: 'warn', onInlineAuthors: 'warn', onUntruncatedBlogPosts: 'warn', + blogSidebarTitle: 'All posts', + blogSidebarCount: 'ALL', }, theme: { customCss: './src/css/custom.css', @@ -85,13 +87,13 @@ const config: Config = { position: 'left', label: 'Docs', }, - {to: '/blog', label: 'Releases', position: 'left'}, + { to: '/blog', label: 'Releases', position: 'left' }, // { // type: 'docsVersionDropdown', // position: 'right' // }, - { - href: 'https://github.com/akyriako/typesense-operator', + { + href: 'https://github.com/akyriako/typesense-operator', position: 'right', className: 'navbar--github-link', "aria-label": 'GitHub',