Enhancements

Detail on the enhancements introduced in MKE 3.9.3 includes:

[MKE-13303] Introduction of cluster_config.etcd_request_quota parameter

Users can now set the new cluster_config.etcd_request_quota configuration file parameter to configure the etcd --max-request-bytes option.

[FIELD-8070] Kubernetes Secrets encryption at rest now configurable in etcd

MKE now supports configuring Kubernetes Secrets encryption at rest in etcd. Both the aescbc (default) and the recommended aesgcm providers are available, making it easier to meet modern security requirements and migrate existing clusters without disruption.

[MKE-13229] Kubernetes Descheduler Support

MKE now supports the Kubernetes Descheduler as an optional, operator-managed component that automatically evicts and reschedules suboptimally placed Pods.

When enabled through the MKE Kubernetes configuration API, MKE deploys the descheduler into kube-system — including its Deployment, ServiceAccount, ClusterRole, and RBAC bindings — on control-plane nodes at system-cluster-critical priority. Operators control the replica count and flags (such as the descheduling interval, which defaults to 5 minutes).

You can manage descheduling policy using a ConfigMap named ucp-descheduler-policy that MKE creates with an empty profile on first enable and never overwrites. MKE reconciles descheduler state continuously, rolling the deployment automatically when image version, replica count, flags, or policy content drift from the desired state. Note that disabling the feature removes all descheduler resources from the cluster.

For detailed information, refer to Configure Kubernetes descheduler.

[MKE-13706] Metrics server support

MKE now supports the optional Kubernetes Metrics Server, a scalable, efficient source of container resource metrics that collects CPU and memory usage data from the Kubelet on each node and exposes them through the Kubernetes Metrics API.

Metrics Server is configurable through the MKE configuration file.

For detailed information, refer to Collect MKE cluster metrics with metrics-server.