Enhancements¶
This section outlines new features and enhancements introduced in the Mirantis Container Cloud release 2.20.0. For the list of enhancements in the Cluster releases 11.4.0 and 7.10.0 that are introduced by the Container Cloud release 2.20.0, see the Cluster releases (managed).
IAM ‘member’ role¶
Added the IAM member
role to the existing IAM roles list. The
Infrastructure Operator with the member
role has the read and write
access to Container Cloud API allowing cluster operations and does not have
access to IAM objects.
Bastion node configuration for OpenStack and AWS manged clusters¶
Implemented the capability to configure the Bastion node on greenfield deployments of the OpenStack-based and AWS-based managed clusters using the Container Cloud web UI. Using the Create Cluster wizard, you can now configure the following parameters for the Bastion node:
OpenStack-based: flavor, image, availability zone, server metadata, booting from a volume
AWS-based: instance type, AMI ID
Note
Reconfiguration of the Bastion node on an existing cluster is not supported.
Mandatory IPAM service label for bare metal LCM subnets¶
Made the ipam/SVC-k8s-lcm
label mandatory for the LCM subnet on new
deployments of management and managed bare metal clusters. It allows the
LCM Agent to correctly identify IP addresses to use on multi-homed bare metal
hosts. Therefore, you must add this label explicitly on new clusters.
Each node of every cluster must now have only one IP address in the LCM
network that is allocated from one of the Subnet
objects having the
ipam/SVC-k8s-lcm
label defined. Therefore, all Subnet
objects used
for LCM networks must have the ipam/SVC-k8s-lcm
label defined.
Note
For MOSK-based deployments, the feature support is available since MOSK 22.4.
Flexible size units for bare metal host profiles¶
Implemented the possibility to use flexible size
units throughout bare
metal host profiles for management, regional, and managed clusters. For
example, you can now use either sizeGiB: 0.1
or size: 100Mi
when
specifying a device size. The size without units is counted in bytes. For
example, size: 120
means 120 bytes.
Caution
Mirantis recommends using only one parameter name type and units
throughout the configuration files. If both sizeGiB
and size
are
used, sizeGiB
is ignored during deployment and the suffix is adjusted
accordingly. For example, 1.5Gi
will be serialized as 1536Mi
.
The size without units is counted in bytes. For example, size: 120
means
120 bytes.
Note
For MOSK-based deployments, the feature support is available since MOSK 22.4.
General availability support for MITM proxy¶
Completed integration of the man-in-the-middle (MITM) proxies support for offline deployments by adding AWS, vSphere, and Equinix Metal with private networking to the list of existing supported providers: OpenStack and bare metal.
With trusted proxy CA certificates that you can now add using the CA Certificate check box in the Add new Proxy window during a managed cluster creation, the feature allows monitoring all cluster traffic for security and audit purposes.
Note
For Azure and Equinix Metal with public networking, the feature is not supported
For MOSK-based deployments, the feature support will become available in one of the following Container Cloud releases.
Configuration of TLS certificates for ‘mcc-cache’ and MKE¶
Implemented the ability to configure TLS certificates for mcc-cache
on
management or regional clusters and for MKE on managed clusters deployed or
updated by Container Cloud using the latest Cluster release.
Note
TLS certificates configuration for MKE is not supported:
For MOSK-based clusters
For attached MKE clusters that were not originally deployed by Container Cloud
Documentation enhancements¶
On top of continuous improvements delivered to the existing Container Cloud
guides, added a document on how to increase the overall storage size for all
Ceph pools of the same device class: hdd
, ssd
, or nvme
. For
details, see Increase Ceph cluster storage size.