Platform9 Managed Kubernetes 5.4 Release

Platform9 Managed Kubernetes (PMK) release version 5.4 is now available. This new version brings support for Kubernetes 1.21, new dashboards for Workloads and Storage, the containerd runtime, and other fixes and improvements.

Platform9 is also excited to announce the Profile Engine, which is a new cluster governance and policy management feature that leverages the SaaS Management Plane to ensure cluster conformance.

Profile Engine

Profile Engine enables GitOps style automation in multicloud environments by allowing administrators to define cluster configurations as desired state templates, and then deploy those to any target cluster. The deployment process updates the target cluster’s state to ensure it conforms to the profile. Comparison and drift analytics are built in to detect changes from compliant configurations so users can take appropriate corrective actions. By treating cluster configuration via declarative profiles, which can be treated as versioned source code, it is easier to provision multiple clusters for new applications or teams, to rebuild clusters, or to compare clusters and analyze differences. Furthermore, the Profile Engine ensures consistency, compliance, and standardization to combat sprawl, security holes, and a lack of policy conformance.

RBAC Profiles are collections of Roles, Cluster Roles, Cluster Bindings and Cluster Role Bindings that are stored in the Platform9 SaaS Management Plane. Profiles act as a template for clusters managed by PMK. RBAC Profiles are created from existing clusters, which can then be customized and deployed to other PMK attached clusters.

Figure 1: RBAC Profiles

Drift Analytics will compare the current RBAC configuration for a cluster to the desired RBAC Profile. Compliance for clusters managed by PMK can be determined and quickly resolved.

Figure 2: Drift Analysis

The Impact Analysis will drill down into what changes will be made, if any, based on the desired Profile.

Figure 3: Impact Analysis

Profiles Engine FAQ : Our FAQ has answers to a few frequently asked questions.
Check out our documentation for more information on the Profile Engine.

Workload Dashboards

Pods/Deployments/Service/Namespaces allow you to drill down to see more information in the UI.
View the YAML in the UI
View Logs in the UI

The Workloads Dashboard has been overhauled in this first set of updates. Labels have received highlighting to make them more visible, Pods are now link to a more detailed overview, and the Kubernetes Dashboard link has been moved to its own section.

Figure 4: Pods View

Here is an overview of a Pod that is running in one of the clusters. In the Containers section there is information provided related to the name, resource usage, and the status of the container. Details related to Labels and Annotations are also available, which can provide useful information when troubleshooting resource configuration issues.

Figure 5: Pods Overview

Services have also been updated to provide more information. In the main view the Labels and Selectors stand out with updated highlighting.

Figure 6: Services View

A YAML section has been added which provides access to the configuration of the resource. Updates can be made, if desired.

Figure 7: Services YAML

Logs have been added to the UI. Viewing the Logs within a Service will also show details about Pods associated with the service based on labels.

Figure 8: Service Logs

These features increase the usability of the UI, allowing for less time on the Command Line.

Storage Dashboard

Changes from Storage Class to Storage
Additional Options Viewable – PV, PVC, CSI Drivers, Storage Providers
Detailed overview of PV/PVCs within a Storage Class

The Storage Dashboard has been completely overhauled and updated. Additional options have been added, which will provide a more detailed view of the Storage configuration of the cluster.

Starting off we have a new overview for the Storage Classes section. A parameters section has been added, as well as a clickable name which will drill down into more information about the Storage Class.

Figure 9: Storage Classes View

Adding a Storage Class has been updated as well. The Wizard allows for configuration and then provides the YAML for review.

Figure 10: Storage Class Configuration

An Overview has been added for Storage Classes. Now we are able to view Persistent Volumes and Persistent Volume Claims associated with the Storage Class. This provides a quick overview of the current usage of a Storage Class.

Figure 11: Storage Class Overview

CSI Drivers has also been added. This provides additional information about which CSI Drivers are being used as well as the driver name and capabilities. PV/PVC usage totals for the drivers are also listed.

Figure 12: CSI Driver View

Platform9 CLI

1.9 is Released
Bug Fixes and Minor Changes
Added Support for MFA Authentication

The CLI can be updated with the following command:

bash <(curl -sL https://pmkft-assets.s3-us-west-1.amazonaws.com/pf9ctl_setup)

Platform9 OVA

Better support for VMware OVA Template Controls

Users can provide their Platform9 credentials when deploying the OVA, which will automatically configure the Platform9 CLI. When the deployment has finished, the node will also be attached to the cluster automatically.

VirtualBox OVA : https://pmkft-assets.s3.us-west-1.amazonaws.com/OVA_Images/Platform9_VirtualBox.ova

VMware OVA : https://pmkft-assets.s3.us-west-1.amazonaws.com/OVA_Images/Platform9_vmware.ova

Upgrade Strategies

Customers want flexibility in how and when they upgrade their clusters in production. This release provides three options to upgrade:

Sequential: Worker nodes are upgraded in sequence in a rolling fashion
Parallel Percentage: Users can specify a percentage of nodes to be upgraded simultaneously
Batch: Users can manually select nodes

CIS Benchmark

Platform9 is now CIS Benchmark compliant, extending our security posture that includes SoC2 compliance, encrypted networking between Clusters, Pods, and Nodes, encryption at-rest, and ZeroTrust SaaS architecture.

Other Notable Updates

Platform9 now supports Kubernetes 1.21.
Added the new ability to select either Docker or Containerd as the Container runtime when creating clusters running Kubernetes 1.21.
Users can now change their MetalLB IP Range configuration at any stage of the cluster lifecycle.
Changed Kubernetes Control Plane scaling options to allow new nodes to be added when the cluster has failed quorum.
KubeVirt has been moved into the Platform9 Add-on framework. Users can now dynamically enable and disable KubeVirt at any time during a clusters’ lifecycle.

Release Notes : To see more, check out our release notes.

Early Access Features

KubeVirt

KubeVirt: Platform9 now supports KubeVirt as part of our Early Access program.
New: KubeVirt Early Access — View running Virtual Machine details with the VM Details dashboard.
New: KubeVirt Early Access — View all running virtual machines on the KubeVirt dashboards.

The first new dashboard is for Virtual Machines. Information is viewable related to Disks and Interfaces. There are options to Start/Stop/Restart/Edit/Delete.

Figure 13: KubeVirt Virtual Machines

The next section is VM Instances, which provides information about Network Interfaces, Node IP, Status, Age, Guest OS, and other useful information. The Guest OS and other information should be viewable with qemu guest agent installed on the VMs.

Figure 14: KubeVirt VM Instances

Next Steps

Check out our getting started tutorials at Platform9 Learn.

Author
Recent Posts

Mike Petersen

Technical Marketing Engineer at Platform9

Mike has been part of the Open Source world for the last 15+ years. He started out administering linux systems then progressed to OpenStack and is currently living in the Kubernetes world. He has contributed to different projects from Knative to Tekton to OpenStack. Now, Mike is working to spread awareness of Platform9 Managed Kubernetes and the Kubernetes ecosystem in general.