Platform9 Managed Kubernetes (PMK) release version 5.4 is now available. This new version brings support for Kubernetes 1.21, new dashboards for Workloads and Storage, the containerd runtime, and other fixes and improvements.
Platform9 is also excited to announce the Profile Engine, which is a new cluster governance and policy management feature that leverages the SaaS Management Plane to ensure cluster conformance.
Profile Engine enables GitOps style automation in multicloud environments by allowing administrators to define cluster configurations as desired state templates, and then deploy those to any target cluster. The deployment process updates the target cluster’s state to ensure it conforms to the profile. Comparison and drift analytics are built in to detect changes from compliant configurations so users can take appropriate corrective actions. By treating cluster configuration via declarative profiles, which can be treated as versioned source code, it is easier to provision multiple clusters for new applications or teams, to rebuild clusters, or to compare clusters and analyze differences. Furthermore, the Profile Engine ensures consistency, compliance, and standardization to combat sprawl, security holes, and a lack of policy conformance.
RBAC Profiles are collections of Roles, Cluster Roles, Cluster Bindings and Cluster Role Bindings that are stored in the Platform9 SaaS Management Plane. Profiles act as a template for clusters managed by PMK. RBAC Profiles are created from existing clusters, which can then be customized and deployed to other PMK attached clusters.
Figure 1: RBAC Profiles
Drift Analytics will compare the current RBAC configuration for a cluster to the desired RBAC Profile. Compliance for clusters managed by PMK can be determined and quickly resolved.
Figure 2: Drift Analysis
The Impact Analysis will drill down into what changes will be made, if any, based on the desired Profile.
Figure 3: Impact Analysis
Profiles Engine FAQ : Our FAQ has answers to a few frequently asked questions.
Check out our documentation for more information on the Profile Engine.
- Pods/Deployments/Service/Namespaces allow you to drill down to see more information in the UI.
- View the YAML in the UI
- View Logs in the UI
The Workloads Dashboard has been overhauled in this first set of updates. Labels have received highlighting to make them more visible, Pods are now link to a more detailed overview, and the Kubernetes Dashboard link has been moved to its own section.
Figure 4: Pods View
Here is an overview of a Pod that is running in one of the clusters. In the Containers section there is information provided related to the name, resource usage, and the status of the container. Details related to Labels and Annotations are also available, which can provide useful information when troubleshooting resource configuration issues.
Figure 5: Pods Overview
Services have also been updated to provide more information. In the main view the Labels and Selectors stand out with updated highlighting.
Figure 6: Services View
A YAML section has been added which provides access to the configuration of the resource. Updates can be made, if desired.
Figure 7: Services YAML
Logs have been added to the UI. Viewing the Logs within a Service will also show details about Pods associated with the service based on labels.
Figure 8: Service Logs
These features increase the usability of the UI, allowing for less time on the Command Line.
- Changes from Storage Class to Storage
- Additional Options Viewable – PV, PVC, CSI Drivers, Storage Providers
- Detailed overview of PV/PVCs within a Storage Class
The Storage Dashboard has been completely overhauled and updated. Additional options have been added, which will provide a more detailed view of the Storage configuration of the cluster.
Starting off we have a new overview for the Storage Classes section. A parameters section has been added, as well as a clickable name which will drill down into more information about the Storage Class.
Figure 9: Storage Classes View
Adding a Storage Class has been updated as well. The Wizard allows for configuration and then provides the YAML for review.
Figure 10: Storage Class Configuration
An Overview has been added for Storage Classes. Now we are able to view Persistent Volumes and Persistent Volume Claims associated with the Storage Class. This provides a quick overview of the current usage of a Storage Class.
Figure 11: Storage Class Overview
CSI Drivers has also been added. This provides additional information about which CSI Drivers are being used as well as the driver name and capabilities. PV/PVC usage totals for the drivers are also listed.
Figure 12: CSI Driver View
- 1.9 is Released
- Bug Fixes and Minor Changes
- Added Support for MFA Authentication
The CLI can be updated with the following command:
bash <(curl -sL https://pmkft-assets.s3-us-west-1.amazonaws.com/pf9ctl_setup)
- Better support for VMware OVA Template Controls
Users can provide their Platform9 credentials when deploying the OVA, which will automatically configure the Platform9 CLI. When the deployment has finished, the node will also be attached to the cluster automatically.
Customers want flexibility in how and when they upgrade their clusters in production. This release provides three options to upgrade:
- Sequential: Worker nodes are upgraded in sequence in a rolling fashion
- Parallel Percentage: Users can specify a percentage of nodes to be upgraded simultaneously
- Batch: Users can manually select nodes
Platform9 is now CIS Benchmark compliant, extending our security posture that includes SoC2 compliance, encrypted networking between Clusters, Pods, and Nodes, encryption at-rest, and ZeroTrust SaaS architecture.
Other Notable Updates
- Platform9 now supports Kubernetes 1.21.
- Added the new ability to select either Docker or Containerd as the Container runtime when creating clusters running Kubernetes 1.21.
- Users can now change their MetalLB IP Range configuration at any stage of the cluster lifecycle.
- Changed Kubernetes Control Plane scaling options to allow new nodes to be added when the cluster has failed quorum.
- KubeVirt has been moved into the Platform9 Add-on framework. Users can now dynamically enable and disable KubeVirt at any time during a clusters’ lifecycle.
Release Notes : To see more, check out our release notes.
Early Access Features
- KubeVirt: Platform9 now supports KubeVirt as part of our Early Access program.
- New: KubeVirt Early Access — View running Virtual Machine details with the VM Details dashboard.
- New: KubeVirt Early Access — View all running virtual machines on the KubeVirt dashboards.
The first new dashboard is for Virtual Machines. Information is viewable related to Disks and Interfaces. There are options to Start/Stop/Restart/Edit/Delete.
Figure 13: KubeVirt Virtual Machines
The next section is VM Instances, which provides information about Network Interfaces, Node IP, Status, Age, Guest OS, and other useful information. The Guest OS and other information should be viewable with qemu guest agent installed on the VMs.
Figure 14: KubeVirt VM Instances
Check out our getting started tutorials at Platform9 Learn.
- Using MetalLB to add the LoadBalancer Service to Kubernetes Environments - February 28, 2022
- How to Set Up Knative Serving on Kubernetes - February 2, 2022
- How to Create a Virtual Machine Using KubeVirt – A Detailed Walkthrough - December 1, 2021