Kubernetes 1.21 available from Canonical
Tags: Charmed Kubernetes , features , k8s , kubeadm , kubernetes , MicroK8s , Release , Support
Today, Canonical announces full enterprise support for Kubernetes 1.21, from cloud to edge. Canonical Kubernetes support covers MicroK8s, Charmed Kubernetes and kubeadm. Starting with 1.21, moving forward Canonical commits to supporting N-2 releases as well as providing extended security maintenance (ESM) and patching for N-4 releases in the stable release channel. This allows customers to get new features and product updates for all upstream supported versions and access extended security updates from Canonical for versions no longer supported by the upstream, thus aligning with all major cloud providers for enterprise hybrid cloud Kubernetes deployments.
“Canonical Kubernetes is about removing complexity around Kubernetes operations from cloud to edge. We bring certified Kubernetes distributions to allow users to bootstrap their Kubernetes journey, as well as a large tooling ecosystem and automation framework combination, for businesses to reap the K8s benefits and focus on innovation in the growing cloud-native landscape. Our users benefit from the latest features of Kubernetes, as soon as they become available upstream”, commented Alex Chalkias, Product Manager for Kubernetes at Canonical.
MicroK8s is a lightweight, zero-ops, conformant Kubernetes for edge and IoT. 1.21 expands MicroK8s’ tooling catalogue with support, among others, for the latest version of the NVIDIA GPU operator, the popular multi-cloud storage solution OpenEBS, and the OpenFaaS serverless platform. MicroK8s enables developers to iterate rapidly by simplifying their Kubernetes experience and offers the security and robustness necessary in production deployments.
Charmed Kubernetes is an enterprise-scale, composable Kubernetes ideal for multi-cloud deployments and compatible with both cloud services and legacy application architectures. With release 1.21, Charmed Kubernetes users benefit from support for Calico eBPF, allowing users to test the latest Linux kernel networking capabilities in Kubernetes. New Charmed operators for DNS and the Kubernetes dashboard are also available. Charmed Operators wrap applications and services around code alongside metadata and other dependencies to automate lifecycle operations. Charmed Kubernetes and its ecosystem is driven by operators for a streamlined Kubernetes and container deployment and operations experience.
What’s new in Kubernetes 1.21
All upstream Kubernetes 1.21 features are available in MicroK8s and Charmed Kubernetes. Additionally, the following features are new in Canonical Kubernetes 1.21. For the full list of features, you can refer to the Charmed Kubernetes and MicroK8s release notes.
MicroK8s 1.21 highlights
- New OpenEBS add-on for container attached storage. Try it using
microk8s enable openebs
- New OpenFaaS add-on for serverless development. You can try it with
microk8s enable openfaas
- GPU support is now offered via the NVidia operator. Check here for known issues.
microk8s kubectl apply -fdeployments now work with local files on Windows and MacOS
- Update to support distributions with iptables-nft
- Support for remote builds. Try building the snap with
snapcraft remote-build --build-on=amd64,arm64
- Version updates for Containerd, CoreDNS, Fluentd, Helm, Ingress, Jaeger, KEDA, Linkerd and Prometheus
Charmed Kubernetes 1.21 highlights
- CoreDNS operator
- Kubernetes dashboard operator
- Calico eBPF support
- Conformance with CNTT guidelines
Notable changes in upstream Kubernetes 1.21
The following are the most significant changes in upstream Kubernetes 1.21. For the full list of changes, you can read the changelog.
Memory allocation can be crucial for the performance of some applications, such as databases. Also, memory should be used wisely, both for the sake of the application and the entire cluster’s resources. The new Memory manager guarantees memory allocation via a dedicated QoS class.
In Kubernetes, not all workloads are the same. The scheduler is the entity that deploys the workloads on nodes. In 1.21, a developer is able to define nominated nodes for workloads and node affinity into a deployment. The two scheduler features add flexibility and control and make it easier to manage larger-scale deployments.
Autoscaling is one of Kubernetes’s greatest features. Nevertheless, there have been issues in the past with downscaling after a load spike passed. There are now two new strategies for downscaling: semi-random and cost-based. These remove the need for manual checks before downscaling a deployment. This means that Kubernetes became friendlier to workloads that require high availability.
Jobs can now be associated with an index so that the job controller can check the annotation when creating pods. This enhancement simplifies deploying highly parallelisable workloads into Kubernetes -a very interesting addition, especially for HPC use cases.
Network policy port ranges
This greatly simplifies configuration files when users want to define network policies for multiple consecutive ports. Instead of having separate policies for each port, now a single network policy can be applied to a range of ports.
Depreciation of Pod Security Policy
Pod Security Policies (PSPs) restrict what can be done within the scope of a deployment, such as setting execution limits to a list of users or granting resource access for things like network or volumes. PSP have been in beta for a while now, with no sign of effort made to take the feature stable state.
As a result, PSP are being marked as deprecated in Kubernetes 1.21 and will be completely removed in Kubernetes 1.25. Moving forward users should consider Open Policy Gatekeeper (OPA) for policy enforcement. Canonical Kubernetes will support OPA in its distributions and is looking forward to discussing with users to ensure all their policy requirements can be met.
Canonical Kubernetes channels
- #cdk and #microk8s on the Kubernetes Slack
- Twitter – @canonical, @ubuntu
What is Kubernetes?
Kubernetes, or K8s for short, is an open source platform pioneered by Google, which started as a simple container orchestration tool but has grown into a platform for deploying, monitoring and managing apps and services across clouds.