Enhancements¶
This section outlines new features and enhancements introduced in the Mirantis Container Cloud release 2.14.0. For the list of enhancements in the Cluster releases 7.4.0 and 5.21.0 that are supported by the Container Cloud release 2.14.0, see the Cluster releases (managed).
Support of the Equinix Metal provider with private networking
Support of the community CentOS 7.9 version for the OpenStack provider
Configuration of server metadata for OpenStack machines in web UI
Visualization of service mapping in the bare metal IpamHost object
Separation of PXE and management networks for bare metal clusters
User access management through the Container Cloud API or web UI
The ‘Interface Guided Tour’ button in the Container Cloud web UI
Switch of bare metal and StackLight Helm releases from v2 to v3
Support of the Equinix Metal provider with private networking¶
TechPreview
Introduced the Technology Preview support of Container Cloud deployments that are based on the Equinix Metal infrastructure with private networking.
Private networks are required for the following use cases:
Connect the Container Cloud to the on-premises corporate networks without exposing it to the Internet. This can be required by corporate security policies.
Reduce ingress and egress bandwidth costs and the number of public IP addresses utilized by the deployment. Public IP addresses are a scarce and valuable resource, and Container Cloud should only expose the necessary services in that address space.
Testing and staging environments typically do not require accepting connections from the outside of the cluster. Such Container Cloud clusters should be isolated in private VLANs.
Caution
The feature is supported starting from the Cluster releases 7.4.0 and 5.21.0.
Note
Support of the regional clusters that are based on Equinix Metal with private networking will be announced in one of the following Container Cloud releases.
Support of the community CentOS 7.9 version for the OpenStack provider¶
Introduced support of the community version of the CentOS 7.9 operating system for the management, regional, and managed clusters machines deployed with the OpenStack provider. The following CentOS resources are used:
Latest upstream CentOS 7.9 image: CentOS-7-x86_64-GenericCloud-2009.qcow2
Latest CentOS 7.9
.yum
repositories: mirror.centos.org
Learn more
Configuration of server metadata for OpenStack machines in web UI¶
Implemented the possibility to specify the cloud-init
metadata
during the OpenStack machines creation through the Container Cloud web UI.
Server metadata is a set of string key-value pairs that you can configure
in the meta_data
field of cloud-init
.
Learn more
Initial RHEL 8.4 support for the vSphere provider¶
TechPreview
Introduced the initial Technology Preview support of the RHEL 8.4 operating system for the vSphere-based management, regional, and managed clusters.
Caution
Deployment of a Container Cloud cluster based on both RHEL and CentOS operating systems or on mixed RHEL versions is not supported.
Configuration of RAM and CPU for vSphere machines in web UI¶
Implemented the possibility to configure the following settings during a vSphere machine creation using the Container Cloud web UI:
VM memory size that defaults to 16 GB
VM CPUs number that defaults to 8
Learn more
Visualization of service mapping in the bare metal IpamHost object¶
Implemented the following amendments to the ipam/SVC-*
labels to simplify
visualization of service mapping in the bare metal IpamHost object:
All IP addresses allocated from the Subnet` object that has the
ipam/SVC-*
service labels defined will inherit those labelsThe new
ServiceMap
field inIpamHost.Status
contains information about which IPs and interfaces correspond to which Container Cloud services.
Separation of PXE and management networks for bare metal clusters¶
Added the capability to configure a dedicated PXE network that is separated from the management network on management or regional bare metal clusters. A separate PXE network allows isolating sensitive bare metal provisioning process from the end users. The users still have access to Container Cloud services, such as Keycloak, to authenticate workloads in managed clusters, such as Horizon in a Mirantis OpenStack for Kubernetes cluster.
Learn more
User access management through the Container Cloud API or web UI¶
Implemented the capability to manage user access through the Container Cloud API or web UI by introducing the following objects to manage user role bindings:
IAMUser
IAMRole
IAMGlobalRoleBinding
IAMRoleBinding
IAMClusterRoleBinding
Also, updated the role naming used in Keycloak by introducing the following IAM roles with the possibility to upgrade the old-style role names with the new-style ones:
global-admin
bm-pool-operator
operator
user
stacklight-admin
Caution
User management for the MOSK
m:os
roles through API or web UI is on the final development stage and will be announced in one of the following Container Cloud releases. Meanwhile, continue managing these roles using Keycloak.The possibility to manage the
IAM*RoleBinding
objects through the Container Cloud web UI is available for theglobal-admin
role only. The possibility to manage project role bindings using theoperator
role will become available in one of the following Container Cloud releases.
Support matrix of MKE versions for cluster attachment¶
Updated the matrix of supported MKE versions for cluster attachment to improve the upgrade and testing procedures:
Implemented separate Cluster release series to support 2 series of MKE versions for cluster attachment:
Cluster release series 9.x for the 3.3.x version series
Cluster release series 10.x for the 3.4.x version series
Added a requirement to update an existing MKE cluster to the latest available supported MKE version in a series to trigger the Container Cloud upgrade that allows updating its components, such as StackLight, to the latest versions.
When a new MKE version for cluster attachment is released in a series, the oldest supported version of the previous Container Cloud release is dropped.
Switch of bare metal and StackLight Helm releases from v2 to v3¶
Upgraded the bare metal and StackLight Helm releases in the ClusterRelease
and KaasRelease
objects from v2 to v3. Switching of the remaining Ceph and
OpenStack Helm releases to v3 will be implemented in one of the following
Container Cloud releases.