Kubermatic Kubernetes Platform 2.15 (KKP) is now available for download and promises users easier installation and less manual work.
It is the second big release of the project dedicated to the central management of Kubernetes cluster automation since it was open sourced in June 2020. KKP was originally developed by German containerisation specialist Loodse, who rebranded as Kubermatic months ago.
Most of the standout features of KKP are still in preview, but should help maintain the platform’s usability in the long run. The newly added etcd-launcher, for example, is built to simplify user cluster management by letting users choose the size of their etcd ring and offer capabilities for automatic recovery from volume or node.
Another new feature is preliminary support for managing external clusters. Teams, who have to manage inhomogenous setups, can add outside clusters by providing KKP with a kubeconfig and the cluster name. The platform uses this information to retrieve information on connected nodes, events, and metrics and can display them alongside Kubermatic clusters in its UI.
Version 2.15 will work with Kubernetes 1.19, which was released in August, and has been updated to use Go 1.15 under the hood. Kubernetes 1.15 and 1.16 will no longer be supported, meaning existing clusters will automatically be upgraded to Kubernetes 1.17 for better reliability.
To make the setup process easier, KKP 2.15 comes with a technical preview for a dedicated installer which is meant to help install and upgrade the project’s operator and components such as nginx-ingress-controller and cert-manager.
Another enhancement is an option to restrict or limit project creation for regular users for admins. The full list of changes can be found in the project’s changelog.
Users who want to update to the new Kubermatic version would be well-advised to check the upgrade notes first, as several breaking changes require some extra attention.
The default credentials for observability platform Grafana and storage product MinIO, for example, have been removed to help make the project more secure. This however means that credentials have to be explicitly set when installing charts and existing charts may require manual migration.
Another change worth noting is the switch from now deprecated Keycloak to OAuth2-Proxy. The syntax here is a bit different, which can lead to issues with Helm that are said to be circumventable by reinstalling the chart.