> ## Documentation Index > Fetch the complete documentation index at: https://docs.streamnative.io/llms.txt > Use this file to discover all available pages before exploring further. # Release Note v0.17 StreamNative Private Cloud is an enterprise product which brings specific controllers for Kubernetes by providing specific Custom Resource Definitions (CRDs) that extend the basic Kubernetes orchestration capabilities to support the setup and management of StreamNative components. This release note summarizes the operator changes introduced between `v0.16.1` and `v0.17.5`, including the `v0.17.0` release on March 9, 2026 and the `v0.17.5` follow-up release on March 25, 2026. ## What's Changed ### 🚀 New Features #### Kafka on Ursa and Compaction Scheduler * **Ursa-backed KafkaCluster**: Added support for running `KafkaCluster` with the Ursa engine * **Compaction Scheduler**: Added compaction scheduler support for Ursa clusters and Kafka workloads * **Iceberg Catalog Integrations**: Added cluster-level Iceberg catalog support for `opencatalog`, `s3table`, `unity`, and `BigLake` * **Catalog Credentials**: Added support for configuring catalog credentials for the Kafka compaction scheduler * **Cluster Name Support**: Added `clusterName` support to the Kafka compaction scheduler #### Kafka Toolset and Resource Management * **Kafka Toolset Support**: Added dedicated Kafka cluster toolset support * **Toolset Image Override**: Added image override support and `-kafka-toolset` naming for Kafka toolsets * **Kafka Resource Management**: Expanded operator-side management of Kafka resources, including cruise control and entity operator handling * **Custom Labels for Compaction**: Added custom pod labels and KafkaCluster label propagation for compaction workloads #### Functions Worker and Function Mesh * **OrcaRegistry Mode**: Added `OrcaRegistry` mode support for Pulsar Functions Worker * **Function Mesh CR Labels**: Added `CRLabels` support for Function Mesh custom resources * **Detector and Toolset mTLS Auth**: Added mTLS client authentication support for detector and toolset workloads #### Networking and Service Exposure * **ListenerName Support**: Added `ListenerName` to pin gateway listener names * **Oxia Namespace Flexibility**: Added support for using a separate Oxia namespace for Kafka clusters * **Pod Scrape Labels**: Added scrape labels to generated pod templates ### 🔧 Enhancements #### Kafka and Storage Defaults * **Ursa Storage Defaults**: Tuned default Ursa Kafka storage settings * **Override Precedence**: Ensured custom Kafka configuration overrides Ursa storage defaults * **Compaction Defaults**: Updated default configuration for the compaction scheduler * **Config Reload Behavior**: Restart compaction workloads when relevant ConfigMaps change #### Istio and Service Generation * **Oxia Istio Handling**: Improved Istio resource handling for Oxia when mTLS is disabled * **Zookeeper Istio FQDN**: Updated Zookeeper Istio configuration for FQDN handling and mTLS none mode * **gRPC-aware Routing**: Updated Oxia routing to use gRPC-aware Istio behavior for port `6648` ### 🐛 Bug Fixes #### Kafka and Compaction Fixes * **OIDC Issuer Cleanup**: Cleaned up `oidcIssuers` dynamic configuration when annotations are removed * **Schema Registry Header File**: Fixed `kopSchemaRegistryHttpHeaderAuthorizationFile` handling * **Metadata Store Namespace**: Fixed Oxia namespace resolution for the Kafka compaction scheduler * **Topic Compaction Guardrails**: Blocked unsupported topic compaction scenarios for Kafka cluster compaction * **Iceberg Config Prefix**: Fixed the prefix for Kafka Iceberg configuration #### Functions Worker and Core Platform Fixes * **Catalog RBAC Ownership**: Removed cross-namespace owner references for catalog RBAC resources * **Custom Labels in Runtime Config**: Corrected custom label handling in Functions Worker runtime configuration * **BookKeeper OnDelete Updates**: Allowed StatefulSet updates when BookKeeper uses the `OnDelete` strategy #### Security and Image Fixes * **OpenTelemetry CVE Fix**: Upgraded OpenTelemetry dependency versions in `v0.17.1` * **Base Image CVE Fix**: Upgraded Dockerfile base images in `v0.17.2` * **Image Correction**: Included follow-up image fixes in the `v0.17.3` release line ### 📦 Dependencies #### Updated Generated Assets * **CRD Refresh**: Regenerated CRDs and deepcopy assets for Kafka, compaction scheduler, Functions Worker, coordinator, broker, and related APIs * **Dependency Refresh**: Updated test and build dependencies, default images, and supporting libraries across the operator ### 🚨 Breaking Changes #### Resource and Configuration Changes * **Expanded KafkaCluster API Surface**: `KafkaCluster` gains substantial new compaction, catalog, networking, and Ursa-related configuration * **Toolset Naming Changes**: Kafka toolsets now use distinct `-kafka-toolset` naming and image handling * **Functions Worker Modes**: Functions Worker configuration now supports additional registry and label options that may affect generated resources * **Istio Routing Behavior**: Istio and Oxia routing behavior changed for mTLS none mode and gRPC-aware service exposure ### 🔄 Migration Notes #### From v0.16.1 to v0.17.5 * **Apply Updated CRDs First**: Apply the latest CRDs and RBAC manifests before upgrading the operator * **Review KafkaCluster Specs**: If you use `KafkaCluster`, review new Ursa, compaction scheduler, catalog, listener, and label-related fields before rollout * **Review Toolset Deployments**: If you use toolset workloads for Kafka, validate naming, image override behavior, and generated init containers after upgrade * **Review Functions Worker Config**: If you use Functions Worker, validate `OrcaRegistry` mode, catalog RBAC, and custom label behavior after upgrade * **Review Istio and Oxia Behavior**: If you expose Zookeeper, Oxia, or Kafka through Istio, verify routing behavior in mTLS none mode and confirm gRPC traffic handling on port `6648` * **Review Iceberg Integrations**: If you use compaction with Iceberg catalogs, validate catalog mode, credentials, and provider-specific fields such as BigLake `userProject` * **Review Security-related Images**: If you pin images or scan CVEs, review the image and dependency updates shipped across `v0.17.1` to `v0.17.3` ### 📋 Upgrade Instructions 1. **Backup**: Create a backup of your current configuration and state 2. **Update CRDs**: Apply the latest CRDs and RBAC manifests before upgrading the operator 3. **Deploy Operator**: Upgrade the operator to `v0.17.5` 4. **Validate Kafka Workloads**: Verify `KafkaCluster`, compaction scheduler, and toolset reconciliation if you use Kafka on Ursa or Iceberg integrations 5. **Validate Functions Worker**: Check Functions Worker configuration, catalog RBAC, and runtime labels after rollout 6. **Validate Istio Paths**: Verify Oxia, Zookeeper, and Kafka routing behavior after the Istio-related changes 7. **Monitor**: Monitor controller logs, reconciliation status, StatefulSet updates, and workload readiness after the upgrade ### 🎯 Performance Improvements * **Kafka Storage Tuning**: Improved default storage-related tuning for Kafka on Ursa * **Compaction Reliability**: Improved compaction workload restart behavior when configuration changes * **Observability Defaults**: Added scrape labels and optional OTEL metrics enablement for compaction-related workloads ### 📚 Documentation * Added proposals and generated API updates for Functions Worker registry mode and BookKeeper StatefulSet update safety * Refreshed generated CRD surface for Kafka compaction, toolset, coordinator, broker, and Istio-related APIs * Expanded operator configuration support for Iceberg catalogs, BigLake, listener naming, mTLS client auth, and Kafka on Ursa