Skip to content

Releases - June 2023

v1.26-SaaS

30 June, 2023

This section below provides a brief description of the new functionality and enhancements in this release.

Amazon EKS

Convert to Managed

'Convert to Managed' capability for brownfield EKS clusters has been enhanced to include the following configurations:

  • Managed Addons
  • Managed Nodegroup Node Taints
  • Managed Nodegroup Tags
  • Managed Nodegroup Security Groups
  • CNI Provider and custom CNI parameters
  • Cluster Tags

If the brownfield EKS clusters have these configurations, they will be saved as part of the cluster configuration and also exposed through the user interface (UI).

Azure AKS

Kubernetes v1.26

New AKS clusters can now be provisioned based on Kubernetes v1.26. Existing clusters managed by the controller can be upgraded "in-place" to v1.26.

1.26 version

Enhanced Declarative Specs

The schema for declarative specifications has been enhanced to address all the functionality supported with AKS clusters.

CLI Enhancements

The RCTL CLI now uses declarative cluster specifications for lifecycle management for clusters of this type.

Users can use the declarative cluster specification to provision clusters (Day-1 operations). For changes in Day-2, they just need to make the updates in the cluster specification YAML and use RCTL to apply. The controller will automatically identify the changes, map that to the required action and achieve the desired state.

rctl apply -f aks_cluster_spec.yaml

Google GKE

Kubernetes v1.26 and v1.25

New GKE clusters can now be provisioned based on Kubernetes v1.26 and v1.25. Existing clusters managed by the controller can be upgraded "in-place" to these versions.

GitOps for GKE Lifecycle Management

Lifecycle of Google GKE Clusters can now be managed using GitOps with the integrated System Sync automation framework. This feature ensures that the state of the GKE cluster is "always in sync" with the declarative cluster spec in the configured Git repository. With this feature:

  • Users can use the convenience of the web console to configure and provision a GKE cluster and have the controller automatically generate and bootstrap the configured Git repository with the GKE cluster's declarative cluster specification.

  • Users can make changes to the GKE cluster using the convenience of the web console and the changes to the cluster spec will be automatically written back to the configured Git repository.

Pre-bootstrap commands

It is now possible to add custom kubectl commands to the pre-bootstrap scripts for execution.

Upstream Kubernetes for Bare Metal and VMs

Supported Worker Nodes

Windows Server 2022 is now supported for worker nodes for upstream Kubernetes cluster provisioning and lifecycle management.

Rocky Linux 9 Support

Rocky Linux 9 is now a supported OS for upstream Kubernetes cluster provisioning and lifecycle management. This will enable users to harness the capabilities and benefits offered by Rocky Linux 9.

EKS Anywhere on Bare Metal

Lifecycle Management

Customers can now remotely configure, provision and upgrade EKS Anywhere clusters on bare metal in data centers and edge environments.

Clusters

Resources

An additional column, "Controlled By" is now available on the Resources page to highlight the relationship between Deployment, ReplicaSet and Pods.

Resources Page

Dry Run

'Dry run' can be used to obtain information about the operations that will be performed during cluster provisioning. By executing the dry run command, you can preview the operations that would take place without actually applying them. This is currently supported for Amazon EKS, Azure AKS and Imported cluster types.

rctl apply -f cluster_spec.yaml --dry-run

RBAC

Custom Roles

It is now possible to create Custom Roles that overlay attribute based access policies on top of the existing base roles. This release supports a specific use case where a Namespace admin base role can be provided 'cluster read' and 'cluster read/write' permissions based on parameters such as cluster type, names and labels.

ABAC rule

Custom Roles

Important

Limited Access - This capability is enabled selectively for Orgs and is not available to all Prod Orgs. Please contact Support to have this feature enabled.

Monitoring & Visibility

Enhanced Declarative Specs

Declarative spec for blueprint has been enhanced to support Prometheus managed add-on customization options (e.g. specification of existing kube state metrics).

Cost Management

FinOps role

A new role specifically targeted for FinOps personas has been introduced with this release. A FinOps Admin role includes the necessary permissions to perform the following operations:

  • Read access to cost metrics for the entire org

  • Create chargeback groups

  • Generate chargeback reports

  • Create cost management tags and assign them to project

FinOps Admin

OPA Gatekeeper

Dashboard improvements

Reported time for the violation has now been added as a column for both Violations: Action Required and Violations: Admission Requests in the centralized OPA Gatekeeper dashboard.

OPA Gatekeeper

Catalog

Additions to System Catalog

The System Catalog has been updated to add support for the following repositories.

Category Description
Ingress controller ngrok
Vector Databases Milvus
Security Crowdstrike Falcon
Amazon EKS AWS EFS driver
DNS ExternalDNS
Load Balancer Avi Networks

Bug Fixes

Bug ID Description
RC-26792 Unable to import EKS cluster with no route table for explicit subnets on VPCs
RC-24280 GitOps: Sharing a pipeline with system sync enabled with other projects fails
RC-27188 UI: Top violation items in the list in the centralized OPA Gatekeeper dashboard are not aligned
RC-27203 UI: Default network policy installation profile is not listed in the blueprint wizard if there are no custom profiles
RC-27555 UI: Configure add-ons button is placed out of frame in blueprint wizard
RC-26453 Unable to update security groups for a managed node group using Terraform

v1.25 Update 1 - SaaS

1 June, 2023

This section below provides a brief description of the new functionality and enhancements in this release.

Amazon EKS

Kubernetes v1.26

New EKS clusters can now be provisioned based on Kubernetes v1.26.

Important

Support for upgrading existing clusters managed by the controller "in-place" to Kubernetes v1.26 will be available with an upcoming release

Projects

Tag groups

With this release, customers can create 'tag groups' with one or more key-value pair(s) and associate them with a project. These can be used to identify certain attributes associated with a project. As an example, from a cost management perspective, these tags can be used to identify the cost center ID, business group, billing approver ID etc.

Important

Tag groups can be created and associated to projects via RCTL CLI, Swagger API and Terraform Provider. Support for doing this through UI will be added in a future release

Catalog

Additions to System Catalog

The System Catalog has been updated to add support for the following repositories.

Category Description
Observability ADOT
Vector Databases Weaviate
Vector databases Qdrant