Release Notes

Rackspace Kubernetes-as-a-Service

Last updated: Feb 11, 2022

This document describes new features and known and resolved issues in Rackspace Kubernetes-as-a-Service (KaaS) v6.0.2.

Rackspace KaaS v6.0.2 enables you to deploy Kubernetes clusters and managed services on Rackspace Private Cloud Powered by OpenStack.

Contents

• Preface
• Known issues
• What’s new in 6.0.2
• What’s new in 6.0.1
• What’s new in 6.0.0
• What’s new in 5.1.0
• What’s new in 5.0.0
• What’s new in 4.0.0
• What’s new in 3.0.0
• What’s new in 2.1.0
• What’s new in 2.0.0
• What’s new in 1.5.0
• What’s new in 1.4.0
• What’s new in 1.3.0
• What’s new in 1.2.0
• What’s new in 1.1.1
• What’s new in 1.1.0
• What’s new in 1.0.x
  • General changes and improvements
  • Kubernetes
  • Rackspace KaaS Control Panel
  • Private Docker image registry
  • Monitoring
  • Logging
  • Networking
  • Storage
• List of components and versions
• Document history and additional information
• Disclaimer

Preface

Rackspace offers 24x7x365 support for Rackspace Kubernetes-as-a-Service (KaaS). To learn about support for your cloud or to take advantage of our training offerings, open a support ticket or contact your Account Manager.

Known issues

This page lists known issues in RPCO release v6.0.2.

There are no known issues at this time.

What’s new in 6.0.2

The 6.0.2 release of Rackspace KaaS includes the following updates:

• Upgrades the following managed service versions: - Harbor v2.2.1

What’s new in 6.0.1

The 6.0.1 release of Rackspace KaaS includes the following updates:

• Upgrades the following managed service versions: - Harbor v2.2.0 - Nginx Ingress Controller v0.44.0

What’s new in 6.0.0

The 6.0.0 release of Rackspace KaaS includes the following updates:

• Adds support for Rackspace KaaS on Kubernetes 1.19
• Upgrades the following managed service versions: - Fluentd v3.1.0 - Kubernetes Dashboard v2.0.5

What’s new in 5.1.0

The 5.1.0 release of Rackspace KaaS includes the following updates:

• Removes limitation of single Prometheus to matching expressions on Service Monitors, Rules, and Pod Monitors
• Upgrades the following managed service versions: - Harbor v2.1.1 - Cert manager v1.0.3

What’s new in 5.0.0

The 5.0.0 release of Rackspace KaaS includes the following updates:

• Adds support for Rackspace KaaS on Kubernetes 1.17
• Prometheus-customer managed service has been removed. Only one single Prometheus instance will be used
• Upgrades the following managed service versions: - Harbor v2.1.0 - Nginx Ingress Controller v0.35.0

What’s new in 4.0.0

The 4.0.0 release of Rackspace KaaS includes the following updates:

• Adds support for Rackspace KaaS on Kubernetes 1.16
• Upgrades the following managed service versions: - AlertManager v0.20.0 - Cert-Manager v0.15.2 - Dashboard v2.0.3 - Dex v2.24.0 - ElasticSearch v7.6.2 - External DNS v0.7.2 - Grafana v7.0.3 - Harbor v1.10.2 - Kibana v7.6.2 - Kube2iam (For EKS clusters) v0.10.9 - Kubernetes Access Manager v4.0.0 - Metrics Server v0.3.6 - Nginx Ingress Controller v0.32.0 - Oauth2-Proxy v5.1.0 - Prometheus v2.18.1 - Velero v1.4.0
• Re-enabled Kubernetes Dashboard (and integration with Dex)
• Cluster creation is now managed through RKE instead of Kubespray

What’s new in 3.0.0

The 3.0.0 release of Rackspace KaaS includes the following updates:

• Added cert-manager, a service for automating the management and issuance of TLS certificates from various issuing sources.
• Added dex, a service for centralizing authentication for various applications, including managed services and Kubernetes, by using a customer’s authentication provider, such as Okta, ADFS, and so on.
• Added Istio, a service to provide authentication, encryption, telemetry, and traffic management between applications running on Kubernetes.
• Added kube2iam, a service for Kubernetes pods to use AWS resources, such as Route 53 and S3, by using dynamic, per-pod credentials.
• Added Kubernetes Access Manager (KAM), a service for providing Kubernetes access to dex users.
• Added metrics-server, a service for aggregating the metrics endpoint inside Kubernetes.
• Added oauth2-proxy, a service to provide an authentication portal in front of each managed service (excluding harbor).
• Added support for AWS EKS 1.14.
• Changed Kubernetes version requirement to 1.14.
• Changed Kubernetes on OpenStack authentication to use keystone via dex and KAM.
• Removed the Control Panel as we refactor the most commonly used components into other services.
• Removed the kube-dashboard temporarily while we finalize integration with dex.

What’s new in 2.1.0

The 2.1.0 release of Rackspace KaaS includes the following update:

• Updated the Fluentd® configuration file.
  The chunk_limit_size parameter was set to 16M and queue_limit_length increased to 64 to enable Prometheus monitoring.

What’s new in 2.0.0

The 2.0.0 release of Rackspace KaaS includes the following updates:

• Introduced a new deployment and lifecycle management tool.
  A new lifecycle management tool called kaasctl has been added to the KaaS toolchain. The tool incorporates new operational logic that enables support for multi-cloud deployment, simplifies operations, and enables seamless upgrades with zero downtime. New Kubespray workflows replace the legacy deployment logic.
• Addressed CVE-2019-5736.
  KaaS 2.0.0 addresses the CVE-2019-5736 vulnerability in all new and existing clusters. All the affected images were updated with the latest CoreOS version.
• Upgraded the Kubernetes version to 1.11.5.
• Upgraded Heptio Velero to 0.10.1.
• Upgraded the Kubernetes Dashboard version to 1.10.1.

What’s new in 1.5.0

The 1.5.0 release of Rackspace KaaS includes the following updates:

• Added support for Red Hat OpenStack Platform 13 (OSP 13).
  Rackspace KaaS can now run in RPCR environments that use OSP 13.
• Added ExternalDNS support.
  ExternalDNS allows Kubernetes resources to be discoverable by public DNS servers.
• Added integration with external authentication providers.
  Groups created in external authentication systems, such as Microsoft® Active Directory™, can be mapped to Kubernetes roles through OpenStack Identity service (keystone) roles.
• Added support for Grafana email alerting.
  Grafana can now use an SMTP server deployed by the Kubernetes Installer to support email notification.
• Upgraded the Kubernetes version to 1.10.11.
  The version of Kubernetes has been updated to 1.10.11.
• Fixed the Clair scanning issue.
  Fixed the issue with an error in the Harbor web UI that appeared while browsing a repository image.

What’s new in 1.4.0

The 1.4.0 release of Rackspace KaaS includes the following updates:

• Kubernetes namespace and role management in the KaaS Control Panel.
  Added the ability to perform the create, read, update, and delete (CRUD) operations with Kubernetes namespaces and roles from the KaaS Control Panel.
• Simplified the cluster domain name format.
  Changed the format of the Kubernetes cluster domain name generation for managed services. For example, if previously Kibana was available at kubernetes-<slug>.<slug>.mk8s.systems/kibana, it is now served at kibana.<slug>.mk8s.systems. This change applies to all managed services.
• Added support for Heptio Ark.
  Heptio Ark provides disaster recovery for Kubernetes cluster resources. The utility enables cluster administrators to create volume snapshots, back up and restore Kubernetes applications, as well as replicate environments for testing or development purposes.
• Added support for RPCO Queens.
  This version of KaaS is compatible with RPCO v17.1.

What’s new in 1.3.0

The 1.3.0 release of Rackspace Kubernetes-as-a-Service (KaaS) is focused on improvements and bug fixes. This release includes the following updates:

• The Prometheus Alertmanager has been removed.
  The Alertmanager has been removed from the default Rackspace KaaS deployment. The recommended method of configuring alert notifications is to use Grafana with one of the supported options, such as Slack, PagerDuty, or a webhook.
• Single sign-on to VMware Harbor.
  The new single sign-on (SSO) button has been added to the VMware Harbor UI to enable users to log in by using the same credentials they use to log in to the KaaS Control Panel. All users that are authenticated by using SSO have non-admin privileges. To add Harbor admin users, log in with your OpenStack username and a token generated in the KaaS Control Panel.

What’s new in 1.2.0

The 1.2.0 release of Rackspace Kubernetes-as-a-Service (KaaS) includes the following updates:

• Kubernetes 1.10 support.
  Rackspace KaaS updated the Kubernetes version to 1.10 and enabled all stable features. For more information, see Kubernetes 1.10.5 changelog.
• Single sign-on to all user interfaces.
  You can now log in to all user interfaces using the same credentials you use to log in to the KaaS Control Panel. After you log in to the KaaS Control Panel, you can access all user interfaces seamlessly with the same web browser session. The only exception is the Harbor UI for which you need to use a token generated in the KaaS Control Panel with your OpenStack username.

What’s new in 1.1.1

The 1.1.1 release of Rackspace Kubernetes-as-a-Service (KaaS) extends its multi-cloud platform portfolio by adding support for Rackspace Private Cloud Powered by Red Hat (RPCR). The supported version of Red Hat® OpenStack® Platform is 12.

What’s new in 1.1.0

The 1.1.0 release of Rackspace Kubernetes-as-a-Service (KaaS) includes the following updates:

• The Kubernetes Web UI (Dashboard) is enabled by default.
  Rackspace KaaS deploys the Kubernetes Dashboard for all Kubernetes clusters. Users can access the Kubernetes Dashboard by using the following URL https://<cluster-name>.<dns-zone>/dashboard and their Kubernetes administrative user credentials.
• Single sign-on to Kibana and Prometheus.
  Users can now log in to Kibana and Prometheus using the same credentials they use to log in to the Rackspace KaaS Control Panel. After you log in to the Rackspace KaaS Control Panel, you can access Kibana and Prometheus seamlessly with the same web browser session.

What’s new in 1.0.x

Rackspace Kubernetes-as-a-Service (KaaS) 1.0.x is based on the upstream Kubernetes® project. This release is compatible with Rackspace Private Cloud Powered by OpenStack (RPCO) v14.

These release notes list some of the significant updates to the Rackspace KaaS components. These release notes are provided for your awareness. It is not a statement of support. For more information about supported features and configurations, contact your Rackspace Sales team or support specialist.

General changes and improvements

Rackspace Kubernetes-as-a-Service (KaaS) 1.0.x is the first generally available release of Rackspace KaaS. The release introduces the new Rackspace offering that enables you to run one or multiple Kubernetes clusters on top of your OpenStack environment. Additionally, Rackspace KaaS includes many managed services that simplify Kubernetes operations and management.

For the complete list of components and versions, see List of components and versions.

Kubernetes

Rackspace KaaS is based on the upstream version of Kubernetes and supports all features and tools supported by the corresponding version of the Kubernetes platform.

• Project release notes: Kubernetes Release Notes

Rackspace KaaS Control Panel

The Rackspace KaaS Control Panel is a web-based graphical user interface that enables users to generate the authentication tokens that are needed to interact with their Kubernetes clusters. Kubernetes cluster administrators can also use the Rackspace KaaS Control Panel to efficiently manage the Kubernetes role-based access control (RBAC) configuration for their OpenStack users.

Private Docker image registry

The Rackspace KaaS private Dockeri@ registry is based on VMware® Harbor™. The private Docker registry enables you to store your container images in a secure location to which only authorized users have access. Rackspace KaaS extends Harbor to use the same credentials from the OpenStack Identity service for storing and retrieving container images.

• Project release notes: VMware Harbor

Monitoring

Based on Prometheus and Grafana®, which combined provide a unified infrastructure to store, process, and visualize the collected data to help you monitor the health of your Kubernetes cluster.

• Project release notes:
  • Prometheus release notes
  • Grafana release notes

Logging

A highly-available Elasticsearch™, Fluentd™, and Kibana (EFK) stack provides insights to resource utilization inside the Kubernetes cluster.

• Project release notes:
  • Elasticsearch release notes
  • Kibana release notes
  • Fluentd release notes

Networking

Rackspace KaaS uses Flannel to enable overlay networking and Calico to enable network policy enforcement.

• Project release notes:
  • Calico release notes
  • Flannel release notes

Storage

Rackspace KaaS provisions persistent volumes (PV) through OpenStack Block Storage (cinder), which uses Ceph as a storage backend. Ceph is provisioned as part of RPCO and uses the corresponding version. For more information, see the Rackspace Private Cloud Release Notes v14.

List of components and versions

The following tables list open-source components and versions that are used in the Managed Kubernetes solution.

Note: Rackspace KaaS uses the corresponding versions of components listed in the CentOS 7-8.2003 release notes. Rackspace KaaS tests and incorporates newer releases of CentOS as needed.