New features

Detail on the new features and enhancements introduced in MKE 3.7.0 includes:

ZeroOps: certificate management

MKE offers the ability to manage the two root certificate authorities: MKE Cluster Root CA and MKE Client Root CA.

ZeroOps: upgrade rollback

If your MKE upgrade fails, you can roll back to the previously running MKE version without rebuilding your cluster from a backup.

Learn more

Perform the upgrade

ZeroOps: metrics

MKE exposes Prometheus metrics associated with the following core components and functionality:

  • Kube State Metrics

  • Kubernetes Workqueue

  • Kubelet

  • Kube Proxy

  • Kube Controller Manager

  • Kube API Server

  • Calico

  • RethinkDB

Prometheus memory resources

Added MKE configuration file options for the minimum and maximum amount of memory that can be used by the Prometheus container.

etcd event cleanup

Manually clean up Kubernetes event objects in etcd using the MKE API.

TLS passthrough

Use TLS passthrough to pass un-decrypted data through the NGINX Ingress Controller to your web server.

TCP and UDP services

Expose TCP and UDP services using NGINX Ingress Controller.

Additional NGINX Ingress Controller options

Added the following NGINX Ingress Controller options to the MKE configuration file:

  • ingress_extra_args.http_port: Sets the container port for servicing HTTP traffic.

  • ingress_extra_args.https_port: Sets the container port for servicing HTTPS traffic.

  • ingress_extra_args.enable_ssl_passthrough: Enables SSL passthrough.

  • ingress_extra_args.default_ssl_certificate: Sets the Secret that contains an SSL certificate to be used as the default HTTPS server.

Setting for NGINX Ingress Controller default ports

The NGINX Ingress Controller default ports can be changed in the MKE web UI Admin Settings.


Bare metal Kubernetes clusters can leverage MetalLB to create Load Balancer services, offering features such as address allocation and external announcement.

Learn more

Deploy MetalLB

Lameduck configuration options

The MKE configuration file includes options to enable and disable lameduck in CoreDNS.

Multus CNI

MKE provides the option to use Multus CNI, a Kubernetes plugin that enables the attachment of multiple network interfaces to multi-homed Pods.

SAML proxy

Use a SAML proxy to secure your MKE deployment while benefiting from the use of SAML authentication.

Learn more

Set up SAML proxy

Addition of referral chasing LDAP parameter

Added the option to toggle Enable referral chasing in the LDAP configuration settings using the MKE web UI.