This section outlines new features and enhancements introduced in the Container Cloud patch release 2.25.1 along with Cluster releases 17.0.1 and 16.0.1.
Support for MKE 3.7.2¶
Introduced support for Mirantis Kubernetes Engine (MKE) 3.7.2 on Container Cloud management and managed clusters. On existing managed clusters, MKE is updated to the latest supported version when you update your cluster to the patch Cluster release 17.0.1 or 16.0.1.
MKE options managed by Container Cloud¶
To simplify MKE configuration through API, moved management of MKE parameters
controlled by Container Cloud from
Now, Container Cloud overrides only a set of MKE configuration parameters that
are automatically managed by Container Cloud.
Improvements in the MKE benchmark compliance for StackLight¶
Analyzed and fixed the majority of failed compliance checks in the MKE benchmark compliance for StackLight. The following controls were analyzed:
Minimize the admission of containers with the
Minimize the admission of root containers
Kubernetes network policies in StackLight¶
Introduced Kubernetes network policies for all StackLight components. The
feature is implemented using the
networkPolicies parameter that is enabled
The Kubernetes NetworkPolicy resource allows controlling network connections to and from Pods within a cluster. This enhances security by restricting communication from compromised Pod applications and provides transparency into how applications communicate with each other.
External vSphere CCM with CSI supporting vSphere 6.7 on Kubernetes 1.27¶
Switched to the external vSphere cloud controller manager (CCM) that uses vSphere Container Storage Plug-in 3.0 for volume attachment. The feature implementation implies an automatic migration of PersistentVolume and PersistentVolumeClaim.
The external vSphere CCM supports vSphere 6.7 on Kubernetes 1.27 as compared to the in-tree vSphere CCM that does not support vSphere 6.7 since Kubernetes 1.25.
The major Cluster release 14.1.0 is the last Cluster release for the vSphere provider based on MCR 20.10 and MKE 3.6.6 with Kubernetes 1.24. Therefore, Mirantis highly recommends updating your existing vSphere-based managed clusters to the Cluster release 16.0.1 that contains newer versions on MCR and MKE with Kubernetes. Otherwise, your management cluster upgrade to Container Cloud 2.25.2 will blocked.
For the update procedure, refer to Operations Guide: Update a patch Cluster release of a managed cluster.
Since Container Cloud 2.25.1, the major Cluster release 14.1.0 is deprecated. Greenfield vSphere-based deployments on this Cluster release are not supported. Use the patch Cluster release 16.0.1 for new deployments instead.