Detail on the new features and enhancements introduced in MKE 3.6.3 includes:
[MKE-9638] Enablement of read-only root filesystem for select MKE containers¶
The following MKE containers are now configured with read-only root filesystems:
[MKE-9632] Health checks added to ucp-sf-notifier container¶
Health checks are now defined for the
ucp-sf-notifier container, the
Salesforce Notifier service task.
[MKE-9577] ucp-kube-ingress-controller container is non-root¶
ucp-kube-ingress-controller container now runs as non-root.
[MKE-9561] ucp-sf-notifier container is non-root¶
ucp-sf-notifier container now runs as non-root.
[MKE-9550] ucp-hardware-info container is non-root¶
ucp-hardware-info container now runs as non-root.
[MKE-9547] k8s components are non-root¶
k8s components now run as non-root.
[MKE-8950] Delivery of container disk usage metric¶
MKE now delivers the
ucp_engine_container_disk_size_rootfs metric, which
Prometheus exposes for the purpose of collecting container disk usage.