Enhancements¶
This section outlines new features implemented in the Cluster release 16.2.0 that is introduced in the Container Cloud release 2.27.0.
Support for MKE 3.7.8¶
Introduced support for Mirantis Kubernetes Engine (MKE) 3.7.8 that supports Kubernetes 1.27 for the Container Cloud management and managed clusters.
On existing managed clusters, MKE is updated to the latest supported version when you update your managed cluster to the Cluster release 16.2.0.
Note
This enhancement applies to users who follow the update train using major releases. Users who install patch releases, have already obtained MKE 3.7.8 in Container Cloud 2.26.4 (Cluster release 16.1.4).
Learn more
Improvements in the MKE benchmark compliance¶
Analyzed and fixed the majority of failed compliance checks in the MKE benchmark compliance for Container Cloud core components and StackLight. The following controls were analyzed:
Control ID |
Component |
Control description |
Analyzed item |
|---|---|---|---|
5.1.2 |
client-certificate-controller
helm-controller
local-volume-provisioner
|
Minimize access to secrets |
|
5.1.4 |
local-volume-provisioner |
Minimize access to create pods |
|
5.2.5 |
client-certificate-controller
helm-controller
policy-controller
stacklight
|
Minimize the admission of containers with |
Containers with |
Automatic upgrade of Ceph from Quincy to Reef¶
Upgraded Ceph major version from Quincy 17.2.7 (17.2.7-12.cve in the patch release train) to Reef 18.2.3 with an automatic upgrade of Ceph components on existing managed clusters during the Cluster version update.
Ceph Reef delivers new version of RocksDB which provides better IO performance. Also, this version supports RGW multisite re-sharding and contains overall security improvements.
Support for Rook v1.13 in Ceph¶
Added support for Rook v1.13 that contains the Ceph CSI plugin 3.10.x as the default supported version. For a complete list of features and breaking changes, refer to official Rook documentation.
Learn more
Setting a configuration section for Rook parameters¶
Implemented the section option for the rookConfig parameter that
enables you to specify the section where a Rook parameter must be placed.
The use of this option enables restart of only specific daemons related to the
corresponding section instead of restarting all Ceph daemons except Ceph OSD.
Monitoring of I/O errors in kernel logs¶
Implemented monitoring of disk along with I/O errors in kernel logs to detect
hardware and software issues. The implementation includes the dedicated
KernelIOErrorsDetected alert, the kernel_io_errors_total metric that
is collected on the Fluentd side using the I/O error patterns, and general
refactoring of metrics created in Fluentd.
S.M.A.R.T. metrics for creating alert rules on bare metal clusters¶
Added documentation describing usage examples of alert rules based on S.M.A.R.T. metrics to monitor disk information on bare metal clusters.
The StackLight telegraf-ds-smart exporter uses the
S.M.A.R.T. plugin to
obtain detailed disk information and export it as metrics. S.M.A.R.T. is a
commonly used system across vendors with performance data provided as
attributes.
Improvements for OpenSearch and OpenSearch Indices Grafana dashboards¶
Improved performance and UX visibility of the OpenSearch and OpenSearch Indices Grafana dashboards as well as added the capability to minimize the number of indices to be displayed on dashboards.
Learn more
Removal of grafana-image-renderer from StackLight¶
As part of StackLight refactoring, removed grafana-image-renderer from the
Grafana installation in Container Cloud. StackLight uses this component only
for image generation in the Grafana web UI, which can be easily replaced with
standard screenshots.
The improvement optimizes resources usage and prevents potential CVEs that frequently affect this component.