Enhancements

This section outlines new features and enhancements introduced in the Mirantis Container Cloud release 2.14.0. For the list of enhancements in the Cluster releases 7.4.0 and 5.21.0 that are supported by the Container Cloud release 2.14.0, see the Cluster releases (managed).


Support of the Equinix Metal provider with private networking

Introduced support of Container Cloud deployments that are based on the Equinix Metal infrastructure with private networking.

Private networks are required for the following use cases:

  • Connect the Container Cloud to the on-premises corporate networks without exposing it to the Internet. This can be required by corporate security policies.

  • Reduce ingress and egress bandwidth costs and the number of public IP addresses utilized by the deployment. Public IP addresses are a scarce and valuable resource, and Container Cloud should only expose the necessary services in that address space.

  • Testing and staging environments typically do not require accepting connections from the outside of the cluster. Such Container Cloud clusters should be isolated in private VLANs.

Caution

The feature is supported starting from the Cluster releases 7.4.0 and 5.21.0.

Note

Support of the regional clusters that are based on Equinix Metal with private networking will be announced in one of the following Container Cloud releases.


Support of the community CentOS 7.9 version for the OpenStack provider

Introduced support of the community version of the CentOS 7.9 operating system for the management, regional, and managed clusters machines deployed with the OpenStack provider. The following CentOS resources are used:


Configuration of server metadata for OpenStack machines in web UI

Implemented the possibility to specify the cloud-init metadata during the OpenStack machines creation through the Container Cloud web UI. Server metadata is a set of string key-value pairs that you can configure in the meta_data field of cloud-init.

Learn more

Add a machine


Initial RHEL 8.4 support for the vSphere provider

TechPreview

Introduced the initial Technology Preview support of the RHEL 8.4 operating system for the vSphere-based management, regional, and managed clusters.

Caution

Deployment of a Container Cloud cluster based on both RHEL and CentOS operating systems or on mixed RHEL versions is not supported.


Configuration of RAM and CPU for vSphere machines in web UI

Implemented the possibility to configure the following settings during a vSphere machine creation using the Container Cloud web UI:

  • VM memory size that defaults to 16 GB

  • VM CPUs number that defaults to 8

Learn more

Add a machine


Visualization of service mapping in the bare metal IpamHost object

Implemented the following amendments to the ipam/SVC-* labels to simplify visualization of service mapping in the bare metal IpamHost object:

  • All IP addresses allocated from the Subnet` object that has the ipam/SVC-* service labels defined will inherit those labels

  • The new ServiceMap field in IpamHost.Status contains information about which IPs and interfaces correspond to which Container Cloud services.


Separation of PXE and management networks for bare metal clusters

Added the capability to configure a dedicated PXE network that is separated from the management network on management or regional bare metal clusters. A separate PXE network allows isolating sensitive bare metal provisioning process from the end users. The users still have access to Container Cloud services, such as Keycloak, to authenticate workloads in managed clusters, such as Horizon in a Mirantis OpenStack for Kubernetes cluster.


User access management through the Container Cloud API or web UI

Implemented the capability to manage user access through the Container Cloud API or web UI by introducing the following objects to manage user role bindings:

  • IAMUser

  • IAMRole

  • IAMGlobalRoleBinding

  • IAMRoleBinding

  • IAMClusterRoleBinding

Also, updated the role naming used in Keycloak by introducing the following IAM roles with the possibility to upgrade the old-style role names with the new-style ones:

  • global-admin

  • bm-pool-operator

  • operator

  • user

  • stacklight-admin

Caution

  • User management for the MOS m:os roles through API or web UI is on the final development stage and will be announced in one of the following Container Cloud releases. Meanwhile, continue managing these roles using Keycloak.

  • The possibility to manage the IAM*RoleBinding objects through the Container Cloud web UI is available for the global-admin role only. The possibility to manage project role bindings using the operator role will become available in one of the following Container Cloud releases.


Support matrix of MKE versions for cluster attachment

Updated the matrix of supported MKE versions for cluster attachment to improve the upgrade and testing procedures:

  • Implemented separate Cluster release series to support 2 series of MKE versions for cluster attachment:

    • Cluster release series 9.x for the 3.3.x version series

    • Cluster release series 10.x for the 3.4.x version series

  • Added a requirement to update an existing MKE cluster to the latest available supported MKE version in a series to trigger the Container Cloud upgrade that allows updating its components, such as StackLight, to the latest versions.

    When a new MKE version for cluster attachment is released in a series, the oldest supported version of the previous Container Cloud release is dropped.


The ‘Interface Guided Tour’ button in the Container Cloud web UI

Added the Interface Guided Tour button to the Container Cloud web UI Help section for a handy access to the guided tour that steps you through the web UI key features of the multi-cluster multi-cloud Container Cloud platform.


Switch of bare metal and StackLight Helm releases from v2 to v3

Upgraded the bare metal and StackLight Helm releases in the ClusterRelease and KaasRelease objects from v2 to v3. Switching of the remaining Ceph and OpenStack Helm releases to v3 will be implemented in one of the following Container Cloud releases.