From bb3dc06219d5e5396f67932060a33b6a7878c41f Mon Sep 17 00:00:00 2001
From: Alejandro Acevedo <alejandro.acevedo@suse.com>
Date: Tue, 7 Jan 2025 13:23:55 +0100
Subject: [PATCH 1/6] STAC-21887: Replace for xml version of the example

---
 setup/security/authentication/troubleshooting.md | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/setup/security/authentication/troubleshooting.md b/setup/security/authentication/troubleshooting.md
index 9c3d0dd83..4ddc57f38 100644
--- a/setup/security/authentication/troubleshooting.md
+++ b/setup/security/authentication/troubleshooting.md
@@ -17,14 +17,14 @@ stackstate:
   components:
     server:
       additionalLogging: |
-        logger("org.pac4j.core.engine", DEBUG)
-        logger("org.pac4j.oidc.profile.creator", DEBUG)
-        logger("org.pac4j.oidc.credentials.authenticator", DEBUG)
+        <logger name="org.pac4j.core.engine" level="DEBUG"/>
+        <logger name="org.pac4j.oidc.profile.creator" level="DEBUG"/>
+        <logger name="org.pac4j.oidc.credentials.authenticator" level="DEBUG"/>
     api:
       additionalLogging: |
-        logger("org.pac4j.core.engine", DEBUG)
-        logger("org.pac4j.oidc.profile.creator", DEBUG)
-        logger("org.pac4j.oidc.credentials.authenticator", DEBUG)
+        <logger name="org.pac4j.core.engine" level="DEBUG"/>
+        <logger name="org.pac4j.oidc.profile.creator" level="DEBUG"/>
+        <logger name="org.pac4j.oidc.credentials.authenticator" level="DEBUG"/>
 ```
 
 Now run the `helm upgrade` command you used before but include this one extra yaml file (so `helm upgrade .... --values debug-auth.yaml`) to enable debug logging. No pods will be restarting, the logging configuration changes will be loaded automatically after about 30 seconds.

From 81218380ba7c465b91c52989cb34d3bcd58566b0 Mon Sep 17 00:00:00 2001
From: Alejandro Acevedo <aacevedo@stackstate.com>
Date: Wed, 8 Jan 2025 13:24:47 +0100
Subject: [PATCH 2/6] STAC-22815: Document 4000 profile

---
 k8s-suse-rancher-prime.md                | 25 ++++++++++++------------
 setup/install-stackstate/requirements.md | 23 +++++++++++-----------
 2 files changed, 25 insertions(+), 23 deletions(-)

diff --git a/k8s-suse-rancher-prime.md b/k8s-suse-rancher-prime.md
index de045e081..5c3b522ac 100644
--- a/k8s-suse-rancher-prime.md
+++ b/k8s-suse-rancher-prime.md
@@ -23,21 +23,22 @@ To install SUSE Observability, ensure that the nodes have enough CPU and memory
 
 There are different installation options available for SUSE Observability. It is possible to install SUSE Observability either in a High-Availability (HA) or single instance (non-HA) setup. The non-HA setup is recommended for testing purposes or small environments. For production environments, it is recommended to install SUSE Observability in a HA setup.
 
-The HA production setup can support from 150 up to 500 Nodes (a Node is counted as<= 4 vCPU and <= 16GB Memory) under observation.
+The HA production setup can support from 150 up to 4000 Nodes (a Node is counted as <= 4 vCPU and <= 16GB Memory) under observation.
 The Non-HA setup can support up to 100 Nodes under observation.
 
-| | trial | 10 non-HA | 20 non-HA | 50 non-HA | 100 non-HA | 150 HA | 250 HA | 500 HA |
-| --- | --- | --- | --- | --- | --- | --- | --- | --- |
-| **CPU Requests** | 7,5 | 7,5 | 10,5 | 15 | 25 | 49 | 62 | 86.5 |
-| **CPU Limits** | 16 | 16 | 21,5 | 30,5 | 50 | 103 | 128 | 176 |
-| **Memory Requests** | 22Gi | 22Gi | 28Gi | 32.5Gi | 51Gi | 67Gi | 143Gi | 161.5Gi |
-| **Memory Limits** | 23Gi | 23Gi | 29Gi | 33Gi | 51,5Gi | 131Gi | 147.5Gi | 166Gi |
+| | trial | 10 non-HA | 20 non-HA | 50 non-HA | 100 non-HA | 150 HA | 250 HA | 500 HA | 4000 HA |
+| --- | --- | --- | --- | --- | --- | --- | --- | --- |  --- |
+| **CPU Requests** | 7,5 | 7,5 | 10,5 | 15 | 25 | 49 | 62 | 86.5 | 210 |
+| **CPU Limits** | 16 | 16 | 21,5 | 30,5 | 50 | 103 | 128 | 176 | 278 |
+| **Memory Requests** | 22Gi | 22Gi | 28Gi | 32.5Gi | 51Gi | 67Gi | 143Gi | 161.5Gi | 256Gi |
+| **Memory Limits** | 23Gi | 23Gi | 29Gi | 33Gi | 51,5Gi | 131Gi | 147.5Gi | 166Gi |317.5Gi |
 
 {% hint style="info" %}
 The requirement shown for profile represent the total amount of resources needed to run the Suse Observability server.
 To ensure that all different services of Suse Observability server can be allocated:
 * For non-HA installations the recommended node size is 4VCPU, 8GB
-* For HA installations the min recommended node size is 8VCPU, 16GB
+* For HA installations up to 500 nodes the min recommended node size is 8VCPU, 16GB
+* For 4000 nodes HA installations the min recommended node size is 16VCPU, 32GB
 {% endhint %}
 
 {% hint style="info" %}
@@ -56,10 +57,10 @@ SUSE Observability uses persistent volume claims for the services that need to s
 
 For our different installation profiles, the following are the defaulted storage requirements:
 
-| | trial | 10 non-HA | 20 non-HA | 50 non-HA | 100 non-HA | 150 HA | 250 HA | 500 HA |
-| --- | --- | --- | --- | --- | --- | --- | --- | --- |
-| **Retention (days)** | 3 | 30 | 30 | 30 | 30 | 30 | 30 | 30 |
-| **Storage requirement** | 125GB | 280GB | 420GB | 420GB | 600GB | 2TB | 2TB | 2.5TB |
+| | trial | 10 non-HA | 20 non-HA | 50 non-HA | 100 non-HA | 150 HA | 250 HA | 500 HA | 4000 HA
+| --- | --- | --- | --- | --- | --- | --- | --- | --- | --- |
+| **Retention (days)** | 3 | 30 | 30 | 30 | 30 | 30 | 30 | 30 | 30 |
+| **Storage requirement** | 125GB | 280GB | 420GB | 420GB | 600GB | 2TB | 2TB | 2.5TB | 2.5TB | 5.5 TB
 
 For more details on the defaults used, see the page [Configure storage](/setup/install-stackstate/kubernetes_openshift/storage.md).
 
diff --git a/setup/install-stackstate/requirements.md b/setup/install-stackstate/requirements.md
index 628c1e1fb..d6d5c1f02 100644
--- a/setup/install-stackstate/requirements.md
+++ b/setup/install-stackstate/requirements.md
@@ -22,18 +22,19 @@ There are different installation options available for SUSE Observability. It is
 
 In the table below you can find the resource requirements for the different installation options. For the HA setup you can find different installation profiles depending on the size of the environment being observed.
 
-| | 10 non-HA | 20 non-HA | 50 non-HA | 100 non-HA | 150 HA | 250 HA | 500 HA |
-| --- | --- | --- | --- | --- | --- | --- | --- |
-| **CPU Requests** | 7,5 | 10,5 | 15 | 25 | 49 | 62 | 86.5 |
-| **CPU Limits** | 16 | 21,5 | 30,5 | 50 | 103 | 128 | 176 |
-| **Memory Requests** | 22Gi | 28Gi | 32.5Gi | 51Gi | 67Gi | 143Gi | 161.5Gi |
-| **Memory Limits** | 23Gi | 29Gi | 33Gi | 51,5Gi | 131Gi | 147.5Gi | 166Gi |
+| | trial | 10 non-HA | 20 non-HA | 50 non-HA | 100 non-HA | 150 HA | 250 HA | 500 HA | 4000 HA |
+| --- | --- | --- | --- | --- | --- | --- | --- | --- |  --- |
+| **CPU Requests** | 7,5 | 7,5 | 10,5 | 15 | 25 | 49 | 62 | 86.5 | 210 |
+| **CPU Limits** | 16 | 16 | 21,5 | 30,5 | 50 | 103 | 128 | 176 | 278 |
+| **Memory Requests** | 22Gi | 22Gi | 28Gi | 32.5Gi | 51Gi | 67Gi | 143Gi | 161.5Gi | 256Gi |
+| **Memory Limits** | 23Gi | 23Gi | 29Gi | 33Gi | 51,5Gi | 131Gi | 147.5Gi | 166Gi |317.5Gi |
 
 {% hint style="info" %}
 The requirement shown for profile represent the total amount of resources needed to run the Suse Observability server.
 To ensure that all different services of Suse Observability server can be allocated:
 * For non-HA installations the recommended node size is 4VCPU, 8GB
-* For HA installations the min recommended node size is 8VCPU, 16GB
+* For HA installations up to 500 nodes the min recommended node size is 8VCPU, 16GB
+* For 4000 nodes HA installations the min recommended node size is 16VCPU, 32GB
 {% endhint %}
 
 These are just the upper and lower bounds of the resources that can be consumed by SUSE Observability in the different installation options. The actual resource usage will depend on the features used, configured resource limits and dynamic usage patterns, such as Deployment or DaemonSet scaling. For our Self-hosted customers, we recommend to start with the default requirements and monitor the resource usage of the SUSE Observability components.
@@ -52,10 +53,10 @@ SUSE Observability uses persistent volume claims for the services that need to s
 
 For our different installation profiles, the following are the defaulted storage requirements:
 
-| | trial | 10 non-HA | 20 non-HA | 50 non-HA | 100 non-HA | 150 HA | 250 HA | 500 HA |
-| --- | --- | --- | --- | --- | --- | --- | --- | --- |
-| **Retention (days)** | 3 | 30 | 30 | 30 | 30 | 30 | 30 | 30 |
-| **Storage requirement** | 125GB | 280GB | 420GB | 420GB | 600GB | 2TB | 2TB | 2.5TB |
+| | trial | 10 non-HA | 20 non-HA | 50 non-HA | 100 non-HA | 150 HA | 250 HA | 500 HA | 4000 HA
+| --- | --- | --- | --- | --- | --- | --- | --- | --- | --- |
+| **Retention (days)** | 3 | 30 | 30 | 30 | 30 | 30 | 30 | 30 | 30 |
+| **Storage requirement** | 125GB | 280GB | 420GB | 420GB | 600GB | 2TB | 2TB | 2.5TB | 2.5TB | 5.5 TB
 
 {% hint style="info" %}
 The storage estimates presented take into account a default of 14 days of retention for NONHA and 1 month for HA installations. For short lived test instances the storage sizes can be further reduced.

From 793e04c169c6e9ece64b079fd40ffdd192c31b48 Mon Sep 17 00:00:00 2001
From: Alejandro Acevedo <aacevedo@stackstate.com>
Date: Wed, 8 Jan 2025 16:23:49 +0100
Subject: [PATCH 3/6] STAC-22185: Fix duplicate cell

---
 k8s-suse-rancher-prime.md                | 2 +-
 setup/install-stackstate/requirements.md | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/k8s-suse-rancher-prime.md b/k8s-suse-rancher-prime.md
index 5c3b522ac..4c8064bcd 100644
--- a/k8s-suse-rancher-prime.md
+++ b/k8s-suse-rancher-prime.md
@@ -60,7 +60,7 @@ For our different installation profiles, the following are the defaulted storage
 | | trial | 10 non-HA | 20 non-HA | 50 non-HA | 100 non-HA | 150 HA | 250 HA | 500 HA | 4000 HA
 | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- |
 | **Retention (days)** | 3 | 30 | 30 | 30 | 30 | 30 | 30 | 30 | 30 |
-| **Storage requirement** | 125GB | 280GB | 420GB | 420GB | 600GB | 2TB | 2TB | 2.5TB | 2.5TB | 5.5 TB
+| **Storage requirement** | 125GB | 280GB | 420GB | 420GB | 600GB | 2TB | 2TB | 2.5TB | 5.5TB
 
 For more details on the defaults used, see the page [Configure storage](/setup/install-stackstate/kubernetes_openshift/storage.md).
 
diff --git a/setup/install-stackstate/requirements.md b/setup/install-stackstate/requirements.md
index d6d5c1f02..76fd9181f 100644
--- a/setup/install-stackstate/requirements.md
+++ b/setup/install-stackstate/requirements.md
@@ -56,7 +56,7 @@ For our different installation profiles, the following are the defaulted storage
 | | trial | 10 non-HA | 20 non-HA | 50 non-HA | 100 non-HA | 150 HA | 250 HA | 500 HA | 4000 HA
 | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- |
 | **Retention (days)** | 3 | 30 | 30 | 30 | 30 | 30 | 30 | 30 | 30 |
-| **Storage requirement** | 125GB | 280GB | 420GB | 420GB | 600GB | 2TB | 2TB | 2.5TB | 2.5TB | 5.5 TB
+| **Storage requirement** | 125GB | 280GB | 420GB | 420GB | 600GB | 2TB | 2TB | 2.5TB | 5.5TB
 
 {% hint style="info" %}
 The storage estimates presented take into account a default of 14 days of retention for NONHA and 1 month for HA installations. For short lived test instances the storage sizes can be further reduced.

From f6f1e1772cdd20346f1cfb1f67da891360f09f9b Mon Sep 17 00:00:00 2001
From: Bram Schuur <bschuur@stackstate.com>
Date: Mon, 27 Jan 2025 16:02:35 +0100
Subject: [PATCH 4/6] STAC-22253: Add release notes and propose 2.3.0 release

---
 SUMMARY.md                    |  1 +
 setup/release-notes/v2.3.0.md | 36 +++++++++++++++++++++++++++++++++++
 2 files changed, 37 insertions(+)
 create mode 100644 setup/release-notes/v2.3.0.md

diff --git a/SUMMARY.md b/SUMMARY.md
index 4aa8bc4ad..7c90705af 100644
--- a/SUMMARY.md
+++ b/SUMMARY.md
@@ -129,6 +129,7 @@
   * [v2.1.0 - 29/Oct/2024](setup/release-notes/v2.1.0.md)
   * [v2.2.0 - 09/Dec/2024](setup/release-notes/v2.2.0.md)
   * [v2.2.1 - 10/Dec/2024](setup/release-notes/v2.2.1.md)
+  * [v2.3.0 - 28/Jan/2025](setup/release-notes/v2.3.0.md)
 * [Upgrade SUSE Observability](setup/upgrade-stackstate/README.md)
   * [Migration from StackState](setup/upgrade-stackstate/migrate-from-6.md)
   * [Steps to upgrade](setup/upgrade-stackstate/steps-to-upgrade.md)
diff --git a/setup/release-notes/v2.3.0.md b/setup/release-notes/v2.3.0.md
new file mode 100644
index 000000000..f8252bce0
--- /dev/null
+++ b/setup/release-notes/v2.3.0.md
@@ -0,0 +1,36 @@
+---
+description: SUSE Observability Self-hosted
+---
+
+# v2.3.0 - 28/Jan/2025
+
+## Release Notes SUSE Observability version 7.0.0-snapshot.20250124171607-master-8a3bd61 Helm Chart version 2.3.0
+
+### New Features & Enhancements
+* Support for a 4000 Nodes HA deployment profile was added.
+* The following libraries and container images were upgraded to improve security of Suse Observability.
+  * HDFS
+  * Avro
+  * Protobuf
+  * Pac4j
+  * Logback
+  * Sts-toolbox
+  * All Suse Observability base images
+  * Kafka and Kafka operator
+  * Victoria metrics
+  * Container tools
+  * Minio
+  * Nginx prometheus exporter
+  * ElasticSearch prometheus Exporter
+
+### Bug Fixes
+* Fix issue where the vmrestore docker image could not be pulled from the rancher docker repositories.
+* Fixed an issue where helm install would fail due to the suse-observability-backup-conf job exiting so fast that helm does not observe it.
+* Fix bug where fullComponents() in scriptAPI would fail with a `Could not find elements` message.
+
+### Breaking changes
+* Using `stackstate.components.all.image.pullSecretUserName` for defining pull-secrets was removed from the suse-observability helm chart. The way to define a pullsecret is through the `suse-observability-values` chart or through `pull-secret.credentials`.
+
+## Agent Bug Fixes
+* Fix SUSE Observability agent not installing due to a pull secret not yet being created during running of a helm prehook.
+* Fix issue where the SUSE Observability agent prevents containerd tmpmounts to be unmounted

From 601fe7a1c63e4a5756c8c6cf72da69928f0ffe1d Mon Sep 17 00:00:00 2001
From: Bram Schuur <bschuur@stackstate.com>
Date: Thu, 30 Jan 2025 08:53:40 +0100
Subject: [PATCH 5/6] STAC-22253: Drop platform version and bump date

---
 SUMMARY.md                    | 2 +-
 setup/release-notes/v2.3.0.md | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/SUMMARY.md b/SUMMARY.md
index 7c90705af..d1fc06369 100644
--- a/SUMMARY.md
+++ b/SUMMARY.md
@@ -129,7 +129,7 @@
   * [v2.1.0 - 29/Oct/2024](setup/release-notes/v2.1.0.md)
   * [v2.2.0 - 09/Dec/2024](setup/release-notes/v2.2.0.md)
   * [v2.2.1 - 10/Dec/2024](setup/release-notes/v2.2.1.md)
-  * [v2.3.0 - 28/Jan/2025](setup/release-notes/v2.3.0.md)
+  * [v2.3.0 - 30/Jan/2025](setup/release-notes/v2.3.0.md)
 * [Upgrade SUSE Observability](setup/upgrade-stackstate/README.md)
   * [Migration from StackState](setup/upgrade-stackstate/migrate-from-6.md)
   * [Steps to upgrade](setup/upgrade-stackstate/steps-to-upgrade.md)
diff --git a/setup/release-notes/v2.3.0.md b/setup/release-notes/v2.3.0.md
index f8252bce0..25c9a8791 100644
--- a/setup/release-notes/v2.3.0.md
+++ b/setup/release-notes/v2.3.0.md
@@ -2,9 +2,9 @@
 description: SUSE Observability Self-hosted
 ---
 
-# v2.3.0 - 28/Jan/2025
+# v2.3.0 - 30/Jan/2025
 
-## Release Notes SUSE Observability version 7.0.0-snapshot.20250124171607-master-8a3bd61 Helm Chart version 2.3.0
+## Release Notes SUSE Observability Helm Chart version 2.3.0
 
 ### New Features & Enhancements
 * Support for a 4000 Nodes HA deployment profile was added.

From 14c5e63950e0ca4bf18a5de9b5f00a9fb4d05b78 Mon Sep 17 00:00:00 2001
From: Bram Schuur <bschuur@stackstate.com>
Date: Thu, 30 Jan 2025 09:01:58 +0100
Subject: [PATCH 6/6] STAC-22253: Work out comments

---
 setup/release-notes/v2.3.0.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/setup/release-notes/v2.3.0.md b/setup/release-notes/v2.3.0.md
index 25c9a8791..dfbd3f30e 100644
--- a/setup/release-notes/v2.3.0.md
+++ b/setup/release-notes/v2.3.0.md
@@ -8,7 +8,7 @@ description: SUSE Observability Self-hosted
 
 ### New Features & Enhancements
 * Support for a 4000 Nodes HA deployment profile was added.
-* The following libraries and container images were upgraded to improve security of Suse Observability.
+* The following libraries and container images were upgraded to fix CVEs in Suse Observability.
   * HDFS
   * Avro
   * Protobuf
@@ -29,7 +29,7 @@ description: SUSE Observability Self-hosted
 * Fix bug where fullComponents() in scriptAPI would fail with a `Could not find elements` message.
 
 ### Breaking changes
-* Using `stackstate.components.all.image.pullSecretUserName` for defining pull-secrets was removed from the suse-observability helm chart. The way to define a pullsecret is through the `suse-observability-values` chart or through `pull-secret.credentials`.
+* Using `stackstate.components.all.image.pullSecretUserName` for defining pull-secrets was removed from the suse-observability helm chart. The way to define a pull secret is through the `suse-observability-values` (see [air-gapped installation instructions](/k8s-suse-rancher-prime-air-gapped.md#installing-suse-observability)) or through `pull-secret.credentials` in the `suse-observability` chart.
 
 ## Agent Bug Fixes
 * Fix SUSE Observability agent not installing due to a pull secret not yet being created during running of a helm prehook.