Today (just in time before mid-summer celebrations) we're proud to announce that Kontena Pharos 2.4, the latest release of our Kubernetes distribution, is now available. This version is the first to ship with Kontena Lens 1.6, Kontena Stats, Terraform 0.12 support and a bunch of other new features. In addition, we have improved the existing features, squashed bugs and updated most of the core components to their latest stable upstream versions.

Kontena Lens 1.6

As you might have noticed, Kontena Lens will become a standalone product. It will work with any supported Kubernetes distribution (e.g. Kontena Pharos, Google GKE, Amazon EKS, Azure AKS, Kubespray etc). For the time being, we will keep on packaging Kontena Lens as part of Kontena Pharos PRO version until the standalone product is ready. In order to make smooth transition, we have already implemented a number of features that will help us separate Kontena Lens from the Kontena Pharos distribution.

screenshot

The greatest new feature of Kontena Lens 1.6 is the time series graphs. Kontena Lens integrates tightly to Kontena Stats and can display insightful metrics from Prometheus. At this point, time series graphs are displayed for nodes and pods but we're adding graphs to all of the key components in the upcoming releases.

Terminal Improvements

Kontena Lens terminal is one of the most liked features of Kontena Lens. We’ve improved it so that users can install custom binaries more easily. We’ve added ~/.local/bin directory where users can add custom binaries permanently. Also users can tweak their bash experience by editing the newly added .bash_profile file. Also, the fzf package has been added to the terminal image, so that users can use binaries that depend on that package, for example kube-fzf

Kubeconfig export

If you are using service accounts to operate Kubernetes with kubectl, you can now download the kubeconfig file also for a service account from Lens.

Easier way to create secrets

Creating Kubernetes secrets can be a bit tricky since you need to Base64 encode the values in YAML. To make this easier, we’ve added a dialog for creating secrets easily.

Updates to Licensing

Starting from Kontena Lens version 1.6, you'll need to assing a license to keep on using the product beyond the evaluation period. See below to learn more about this update.

Kontena Stats

Previous versions of Kontena Pharos shipped with the Metrics Server which mainly implements the metrics API for Kubernetes (used by kubectl top & horizontal pod autoscaler). This release includes the Kontena Stats addon which provides a turn-key solution for more broader metrics collection, powered by Prometheus. Kontena Stats will scrape Kubernetes API, nodes and your application metrics automatically and expose those via a multi-tenant API. The standard (single-tenant) Prometheus API is also available but it has been secured by default via network policies. These metrics are mainly consumed by Kontena Lens but it's easy to integrate metrics and alerts for different use cases (custom alert managers, Grafana etc...).

Kontena Universal Loadbalancer

People have also been facing problems when running Kubernetes on on-premise or on some “smaller” cloud providers because of the fact that there’s no implementation for services of type LoadBalancer. There are lots of applications and other building blocks which require those kind of services. To help with that we’ve bundled a universal load balancer into this Pharos release. It’s essentially an operator which exposes the given load balancer type services as node ports and exposes the information on the service details. This allows you to run type: LoadBalancer service in any environment. For a more detailed explanation and demo see the earlier blog article we wrote on the topic.

Terraform 0.12 Support

The new version of Terraform includes enhancements to the configuration language
such as the for -expression which can be utilized to iterate
over the provisioned hosts to generate full Pharos hosts: entries for each. With the new more flexible syntax it is possible
to update any value in the Pharos cluster configuration file, not only the list of hosts and addon configuration like before. The old format is still supported. See the documentation to get started.

Individual Worker Node Provisioning

It’s now possible to bring up new worker nodes and join them into an existing cluster by running pharos worker up. The command can be run locally on the new host and can be used for example in auto-scaling setups to bootstrap the workers after creation.

Cert-manager 0.7

Cert-manager addon has been updated to version 0.7.2. It comes with lots of fixes and some new notable features such as:

  • New CA Injector controller for injecting CA bundles into Kubernetes
  • {Validating,Mutating}WebhookConfiguration & APIService resources.
  • Support for ARM platforms
  • Easier debugging of ACME challenge issues

For full Cert Manager changelogs see here and here.

Kontena Storage 0.9

This release bumps Kontena Storage Rook operator to version 0.9 and Ceph to version 13.2. This will bring us closer to the Rook 1.0 series and which we are going to upgrade to in the next release cycle. We have also written a quite extensive migration procedure for existing storage clusters. This should make upgrading from Kontena Pharos 2.3 very simple. Still we recommend to test the upgrade procedure on a test cluster and have working backups at hand before applying the upgrade to a production cluster.

In addition to Rook and Ceph upgrades, Kontena Storage includes a new metrics collection component which exposes PersistentVolumeClaim metrics to Prometheus. This includes all the standard metrics, like disk usage and volume size, which are usually only available when Kubernetes is used with cloud-providers (like AWS or GCP).

Intelligent Network Mesh

One of the biggest troubles running Kubernetes on multi-datacenter type of deployment is to configure the networking properly. With overlay networking we can create the pod network so that it spans across datacenters securely but there are some components in the cluster needing access to host level APIs. One such example is Metrics Server which gathers stats from Kubelet APIs. And for that access metrics server relies on the fact that a given node reports it’s addresses on the node object. Metrics server running in DC-1 cannot access the kubelet running on a node in DC-2. For these kind of cases we’ve enhanced our multi DC networking support so that it will automatically create networking configuration so that the other DC’s nodes internal addresses can be routed through the overlay network. This not only makes it possible to use node internal addresses between DC’s but it also makes it secure as the DC-to-DC connections are by default configured to be IPSec encrypted.

Improved Upgrade Rollout

Pharos detects when an upgrade to a container runtime (Docker or CRI-O) underneath Kubernetes might cause bad things to happen and switches to a rolling rollout mode automatically. Previously this logic was only available for Kontena Pharos PRO users but starting from this release it will be included in the OSS version as well! We didn't just move the functionality to OSS version but we also improved it quite a bit:

  • the rollout was done previously node by node, now we can do it concurrently to ~10% of nodes in a cluster
  • rollout first drains a node and then clears the container runtime state, basically the node starts from a fresh state after the container runtime has been upgraded
  • rollout also detects if there are mounts hanging around and starts the cleanup after all pods mountpoints are gone from the host

Improved Out-of-Tree Cloud Provider Support

In the past out-of-tree cloud controllers (cloud controllers that are not included in the Kubernetes source code) were kind of second class citizens. Kontena Pharos supported those via cloud.provider: external but it left all of the configuration to users.

The Kubernetes project itself has stated that it wants to push all cloud providers to the out-of-tree model (basically all in-tree cloud provider functionality will be deprecated). This means that Kontena Pharos had to prepare for this big shift in how the cloud providers are handled.

This release introduces a new external cloud provider config and also ships with few new cloud provider implementations (Pharos, Packet and Hetzner Cloud).

See the documentation for more details and usage.

Pharos Cloud Controller

Pharos CC is a universal cloud controller (pharos). This cloud controller uses metadata that Pharos CLI has injected into node objects and based on those it will set external and internal IP addresses to the nodes. In addition to setting the basic stuff, Pharos cloud controller can automatically clean up old nodes from Kubernetes api (this requires additional label to a node pharos-node.kontena.io/ephemeral=).

Kubernetes 1.14

As always, Kontena Pharos comes with the latest stable upstream Kubernetes, version 1.14.3. This includes all the latest fixes, including some security related fixes. Here are some highlights of the new features included in 1.14 release:

Full Kubernetes 1.14 series changelog can be found here.

Updates to Licensing

As mentioned earlier, we are preparing for the release of Kontena Lens as a standalone product. It will be a commercial product that will support a number of Kubernetes distributions. Naturally, we will support Kontena Pharos OSS and PRO versions, but in addition, the users of Google GKE, Amazon EKS and Azure AKS (among others) will be able to enjoy the world-class management system to take control of their Kubernetes clusters.

Making Kontena Lens available as a standalone product requires some changes to our licensing and pricing. In the past, it was possible to use Kontena Lens with a Kontena Pharos PRO license. Since the product is going to be standalone, Kontena Lens 1.6 (and any version beyond) will require a separate Kontena Lens license. You can obtain a Kontena Lens license from the Kontena Account. Finally, since Kontena Lens will require a separate license, we have decided to reduce the price of the Kontena Pharos PRO license.

All Kontena Pharos PRO license subscriptions made before this update will be called "legacy". The pricing does not change. You can no more use these licenses to run Kontena Lens version 1.6 or above but we will provide a separate Kontena Lens license for each legacy license you may have, free of charge.

Release Notes

Check the release notes for a complete list of notable features and fixes.

About Kontena Inc.

Kontena Inc. is specialized in creating the most developer friendly solutions for running containers. Kontena's products are built on open source technology developed and maintained by Kontena. Kontena was founded in 2015 and has offices in Helsinki, Finland and New York, USA. More information: www.kontena.io.

Image credits Visit Finland.