StreamNative Private Cloud is an enterprise product which brings specific controllers for Kubernetes by providing specific Custom Resource Definitions (CRDs) that extend the basic Kubernetes orchestration capabilities to support the setup and management of StreamNative components. This release note summarizes the operator changes introduced betweenDocumentation Index
Fetch the complete documentation index at: https://docs.streamnative.io/llms.txt
Use this file to discover all available pages before exploring further.
v0.15.0 and v0.16.1, including the v0.16.0 release on January 26, 2026 and the v0.16.1 follow-up release on February 10, 2026.
What’s Changed
🚀 New Features
Workspace and Connection Support
- Connection CRD: Added a new
ConnectionCRD for Workspace-related integration flows - Connection Controller: Added a dedicated controller and reconciler for
Connectionresources - Generated Config Support: Added connection-specific config generation and end-to-end tests
Schema Registry Enhancements
- Schema Registry Auth Config: Added new auth configuration support for schema registry
- Oxia Integration: Added Oxia-related schema registry configuration, including
oxiaSchemaRegistryUrl - Oxia Auth Support: Added Oxia authentication configuration support in
v0.16.1
Kafka and Functions Improvements
- Kafka REST Proxy OIDC: Added OIDC support for
KafkaRestProxywith configuration derived fromKafkaCluster - Functions Worker Istio Reconciliation: Added support for Istio gateway reconciliation in functions worker deployments
- Cruise Control and Entity Operator Wiring: Moved more Kafka-side cruise control and entity operator logic into the operator
Broker Networking
- Per-Broker Service: Added support for per-broker services
- Istio Decoupling: Decoupled per-pod service generation from Istio installation requirements
🔧 Enhancements
Broker and Runtime Defaults
- Broker Environment Handling: Improved
POD_IDenvironment handling for broker pods - Message Size Defaults: Improved default values for
bookkeeper.nettyMaxFrameSizeBytesandbroker.maxMessageSize - HPA Metric Targeting: Scoped broker HPA metrics to the
pulsar-brokercontainer only
Authentication and Metrics
- FullMetrics AuthConfig: Added
AuthConfigsupport to decouple FullMetrics from the API key service - Webhook Feature Flag: Added the master webhook feature flag
SN_OPERATOR_WEBHOOK_ENABLE
🐛 Bug Fixes
Schema Registry and Status Handling
- Status Conflict Handling: Improved handling of update status conflict errors in controllers
- Schema Registry Stateful Validation: Fixed schema registry required field handling for stateful deployment settings
- Schema Registry Oxia Auth: Fixed and completed Oxia authentication wiring for schema registry in
v0.16.1
Networking and Deployment Behavior
- Per-Pod Service Deployment: Fixed the dependency between per-pod service generation and Istio installation
- Functions Worker Istio Resources: Improved reconciliation behavior for functions worker Istio gateway resources
📦 Dependencies
Updated Generated Assets
- CRD Refresh: Regenerated CRDs for
Connection, schema registry, Kafka, and broker-related API updates - RBAC Updates: Updated RBAC manifests to support the new
Connectioncontroller and related reconciler logic
🚨 Breaking Changes
Resource and Deployment Changes
- New Connection CRD:
Connectionis introduced as a new API surface and requires updated CRDs and RBAC manifests - Per-Broker Service Behavior: Networking behavior changes for broker per-pod services, especially in environments that do not install Istio
- Schema Registry Config Surface: Schema registry configuration is expanded to include new auth and Oxia-related options
🔄 Migration Notes
From v0.15.0 to v0.16.1
- Apply Updated CRDs First: Apply the latest CRDs and RBAC manifests before upgrading the operator, especially for the new
ConnectionCRD - Review Workspace Integrations: If you use Workspace-related workflows, validate any manifests or automation that now depend on
Connection - Review Schema Registry Config: If you use schema registry with Oxia or custom authentication, review and validate the new configuration fields after the upgrade
- Review Kafka REST Proxy Auth: If you expose Kafka REST Proxy with OIDC, validate the generated auth configuration derived from
KafkaCluster - Review Broker Networking: If you rely on per-broker services, verify behavior both with and without Istio installed
- Review Webhook Operations: If your deployment toggles admission webhook behavior, review the new
SN_OPERATOR_WEBHOOK_ENABLEflag before rollout
📋 Upgrade Instructions
- Backup: Create a backup of your current configuration and state
- Update CRDs: Apply the latest CRDs and RBAC manifests before upgrading the operator
- Deploy Operator: Upgrade the operator to
v0.16.1 - Validate Schema Registry: Verify schema registry startup and authentication behavior if you use Oxia-backed or auth-enabled deployments
- Validate Workspace Resources: Check
Connectionreconciliation if you use Workspace-related features - Validate Networking: Verify per-broker services, Kafka REST Proxy auth, and functions worker Istio resources after rollout
- Monitor: Monitor controller logs, reconciliation status, and workload readiness after the upgrade
🎯 Performance Improvements
- Broker HPA Accuracy: Reduced noisy HPA metrics by targeting the
pulsar-brokercontainer directly - Broker Startup Defaults: Improved broker defaults for larger frame sizes and message sizes
- Per-Broker Networking: Improved operator-managed broker service generation for more flexible networking topologies
📚 Documentation
- Added generated API and CRD coverage for the new
Connectionresource - Added proposal and implementation artifacts for broker per-pod service support
- Refreshed operator API surface for schema registry auth, Oxia integration, Kafka REST Proxy OIDC, and webhook feature flag support