New features¶
Detail on the new features and enhancements introduced in MKE 3.7.0 includes:
ZeroOps: certificate management¶
MKE offers the ability to manage the two root certificate authorities: MKE Cluster Root CA and MKE Client Root CA.
Learn more
ZeroOps: upgrade rollback¶
If your MKE upgrade fails, you can roll back to the previously running MKE version without rebuilding your cluster from a backup.
Learn more
ZeroOps: metrics¶
MKE exposes Prometheus metrics associated with the following core components and functionality:
Kube State Metrics
Kubernetes Workqueue
Kubelet
Kube Proxy
Kube Controller Manager
Kube API Server
Calico
RethinkDB
Learn more
Prometheus memory resources¶
Added MKE configuration file options for the minimum and maximum amount of memory that can be used by the Prometheus container.
etcd event cleanup¶
Manually clean up Kubernetes event objects in etcd using the MKE API.
TLS passthrough¶
Use TLS passthrough to pass un-decrypted data through the NGINX Ingress Controller to your web server.
Learn more
TCP and UDP services¶
Expose TCP and UDP services using NGINX Ingress Controller.
Learn more
Additional NGINX Ingress Controller options¶
Added the following NGINX Ingress Controller options to the MKE configuration file:
ingress_extra_args.http_port
: Sets the container port for servicing HTTP traffic.ingress_extra_args.https_port
: Sets the container port for servicing HTTPS traffic.ingress_extra_args.enable_ssl_passthrough
: Enables SSL passthrough.ingress_extra_args.default_ssl_certificate
: Sets the Secret that contains an SSL certificate to be used as the default HTTPS server.
Setting for NGINX Ingress Controller default ports¶
The NGINX Ingress Controller default ports can be changed in the MKE web UI Admin Settings.
MetalLB¶
Bare metal Kubernetes clusters can leverage MetalLB to create Load Balancer services, offering features such as address allocation and external announcement.
Learn more
Lameduck configuration options¶
The MKE configuration file includes options to enable and disable lameduck in CoreDNS.
Multus CNI¶
MKE provides the option to use Multus CNI, a Kubernetes plugin that enables the attachment of multiple network interfaces to multi-homed Pods.
SAML proxy¶
Use a SAML proxy to secure your MKE deployment while benefiting from the use of SAML authentication.
Learn more
Addition of referral chasing LDAP parameter¶
Added the option to toggle Enable referral chasing in the LDAP configuration settings using the MKE web UI.