This section outlines new features and enhancements introduced in the Mirantis Container Cloud release 2.15.0. For the list of enhancements in the Cluster releases 7.5.0 and 5.22.0 that are supported by the Container Cloud release 2.15.0, see the Cluster releases (managed).

Automatic upgrade of bare metal host operating system during cluster update

Introduced automatic upgrade of Ubuntu 18.04 packages on the bare metal hosts during a management or managed cluster update.

Mirantis Container Cloud uses life cycle management tools to update the operating system packages on the bare metal hosts. Container Cloud may also trigger restart of the bare metal hosts to apply the updates, when applicable.


During managed cluster update to the latest Cluster releases available in Container Cloud 2.15.0, hosts are restarted to apply the latest supported Ubuntu 18.04 packages and update kernel to version 5.4.0-90.101.

If Ceph is installed in the cluster, the Container Cloud orchestration securely pauses the Ceph OSDs on the node before restart. This allows avoiding degradation of the storage service.

Dedicated subnet for externally accessible Kubernetes API endpoint


Implemented a capability to add a dedicated subnet for the externally accessible Kubernetes API endpoint of a baremetal-based managed cluster.

HAProxy instead of NGINX for vSphere, Equinix Metal, and bare metal providers

Implemented a health check mechanism to verify target server availability by reworking the high availability setup for the Container Cloud manager nodes of the vSphere, Equinix Metal, and bare metal providers to use HAProxy instead of NGINX. This change affects only the Ansible part. HAproxy deploys as a container managed directly by containerd.

Additional regional cluster on Equinix Metal with private networking

Extended the regional clusters support by implementing the capability to deploy an additional regional cluster on Equinix Metal with private networking. This provides the capability to create managed clusters in the Equinix Metal regions with private networking in parallel with managed clusters of other supported providers within a single Container Cloud deployment.


To decrease network traffic cost and not to complicate the network infrastructure, you must deploy managed clusters in the same region as the regional cluster to have both clusters deployed in the same metro.

For example, if you have a management cluster with region-one in Frankfurt and a regional cluster with region-two in Silicon Valley, create all Frankfurt-based managed clusters in region-one and all Silicon Valley based managed clusters in region-two.

Scheduled Container Cloud auto-upgrade


Introduced the initial Technology Preview support for a scheduled Container Cloud auto-upgrade using the MCCUpgrade object named mcc-upgrade in Kubernetes API.

An Operator can delay or reschedule Container Cloud auto-upgrade that allows:

  • Blocking Container Cloud upgrade process for up to 7 days from the current date and up to 30 days from the latest Container Cloud release

  • Limiting hours and weekdays when Container Cloud upgrade can run


Only the management cluster admin has access to the MCCUpgrade object. You must use kubeconfig generated during the management cluster bootstrap to access this object.


Scheduling of the Container Cloud auto-upgrade using the Container Cloud web UI will be implemented in one of the following releases.

Cluster and machine maintenance mode

Implemented the maintenance mode for management and managed clusters and machines to prepare workloads for maintenance operations.

  • To enable maintenance mode on a machine, first enable maintenance mode on a related cluster.

  • To disable maintenance mode on a cluster, first disable maintenance mode on all machines of the cluster.


Cluster upgrades and configuration changes (except of the SSH keys setting) are unavailable while a cluster is under maintenance. Make sure you disable maintenance mode on the cluster after maintenance is complete.

Improvements for monitoring of machine deployment live status

Implemented the following improvements to the live status of a machine deployment that you can monitor using the Container Cloud web UI:

  • Increased the events coverage

  • Added information about cordon and drain (if a node is being cordoned, drained, or uncordoned) to the Kubelet and Swarm machine components statuses.

These improvements are implemented for all supported Container Cloud providers.

Deprecation of iam-api and IAM CLI

Deprecated the iam-api service and IAM CLI (the iamctl command). The logic of the iam-api service required for Container Cloud is moved to scope-controller. The iam-api service is used by IAM CLI only to manage users and permissions. Instead of IAM CLI, Mirantis recommends using the Keycloak web UI to perform necessary IAM operations.

The iam-api service and IAM CLI will be removed in one of the following Container Cloud releases.

Switch of Ceph Helm releases from v2 to v3

Upgraded the Ceph Helm releases in the ClusterRelease object from v2 to v3. Switching of the remaining OpenStack Helm releases for Mirantis OpenStack for Kubernetes to v3 will be implemented in one of the following Container Cloud releases.

Documentation enhancements

On top of continuous improvements delivered to the existing Container Cloud guides, added the following procedures: