This section outlines new features and enhancements introduced in the Mirantis Container Cloud release 2.18.0. For the list of enhancements in the Cluster releases 11.2.0 and 7.8.0 that are introduced by the Container Cloud release 2.18.0, see the Cluster releases (managed).
Booting a machine from a block storage volume for OpenStack provider
Enablement of Salesforce propagation to all clusters using web UI
Ubuntu kernel update for bare metal clusters¶
Updated the Ubuntu kernel version to 5.4.0-109-generic for bare metal non-MOSK-based management, regional, and managed clusters to apply Ubuntu 18.04 or 20.04 security and system updates.
During a baremetal-based cluster update to Container Cloud 2.18 and to the latest Cluster releases 11.2.0 and 7.8.0, hosts will be restarted to apply the latest supported Ubuntu 18.04 or 20.04 packages. Therefore:
Depending on the cluster configuration, applying security updates and host restart can increase the update time for each node to up to 1 hour.
Cluster nodes are updated one by one. Therefore, for large clusters, the update may take several days to complete.
Support for Ubuntu 20.04 on greenfield vSphere deployments¶
Implemented full support for Ubuntu 20.04 LTS (Focal Fossa) as the default host operating system that now installs on management, regional, and managed clusters for the vSphere cloud provider.
Upgrading from Ubuntu 18.04 to 20.04 on existing deployments is not supported.
Booting a machine from a block storage volume for OpenStack provider¶
Implemented initial Technology Preview support for booting of the OpenStack-based machines from a block storage volume. The feature is beneficial for clouds that do not have enough space on hypervisors. After enabling this option, the Cinder storage is used instead of the Nova storage.
Using the Container Cloud API, you can boot the Bastion node, or the required management, regional, or managed cluster nodes from a volume.
The ability to enable the boot from volume option using the Container Cloud web UI for managed clusters will be implemented in one of the following Container Cloud releases.
IPSec encryption for the Kubernetes workloads network¶
TechPreview Experimental since 2.19.0
Implemented initial Technology Preview support for enabling IPSec encryption for the Kubernetes workloads network. The feature allows for secure communication between servers.
You can enable encryption for the Kubernetes workloads network on greenfield
deployments during initial creation of a management, regional, and managed
cluster through the
Cluster object using the
For the Azure cloud provider, the feature is not supported. For details, see MKE documentation: Kubernetes network encryption.
For the bare metal cloud provider and MOSK-based deployments, the feature support will become available in one of the following Container Cloud releases.
For existing deployments, the feature support will become available in one of the following Container Cloud releases.
Support for MITM proxy¶
Implemented the initial Technology Preview support for man-in-the-middle (MITM) proxies on offline OpenStack and non-MOSK-based bare metal deployments. Using trusted proxy CA certificates, the feature allows monitoring all cluster traffic for security and audit purposes.
Support for custom Docker registries¶
Implemented support for custom Docker registries configuration in the
Container Cloud management, regional, and managed clusters. Using the
ContainerRegistry custom resource, you can configure CA certificates on
machines to access private Docker registries.
For MOSK-based deployments, the feature support is available since Container Cloud 2.18.1.
Upgrade sequence for machines¶
Implemented initial Technology Preview support for machines upgrade index that allows prioritized machines to be upgraded first. During a machine or a machine pool creation, you can use the Container Cloud web UI Upgrade Index option to set a positive numeral value that defines the order of machine upgrade during cluster update.
To set the upgrade order on an existing cluster, use the Container Cloud API:
For a machine that is not assigned to a machine pool, add the
upgradeIndexfield with the required value to the
spec:providerSpec:valuesection in the
For a machine pool, add the
upgradeIndexfield with the required value to the
spec:machineSpec:providerSpec:valuesection of the
MachinePoolobject to apply the upgrade order to all machines in the pool.
The first machine to upgrade is always one of the control plane machines with the lowest
upgradeIndex. Other control plane machines are upgraded one by one according to their upgrade indexes. If the
false, worker machines are upgraded only after the upgrade of all control plane machines finishes. Otherwise, they are upgraded after the first control plane machine, concurrently with other control plane machines.
If two or more machines have the same value of
upgradeIndex, these machines are equally prioritized during upgrade.
Changing of the machine upgrade index during an already running cluster update or maintenance is not supported.
Enablement of Salesforce propagation to all clusters using web UI¶
Simplified the ability to enable automatic update and sync of the Salesforce configuration on all your clusters by adding the corresponding check box to the Salesforce settings in the Container Cloud web UI.
On top of continuous improvements delivered to the existing Container Cloud guides, added the following documentation: