Shulou(Shulou.com)06/02 Report--

Kubernetes 1.14 has been officially released, and this is the first update of Kubernetes in 2019!

Kubernetes 1.14 consists of 31 enhancements: 10 features are in the Stable phase, 12 features are in the Beta test phase, and 7 new features are added. The theme of Kubernetes 1.14 is "extensibility", which has the most enhancements to the Stable phase compared to any previous release of Kubernetes.

The most significant update to this new release is undoubtedly production-level support for Windows nodes. In addition, there are updates to Kubectl, Persistent Local Volumes, PID restrictions, and so on, which we will follow one by one.

Production-level support for Windows nodes

With the release of Kubernetes 1.14, the Windows node support in Kubernetes is now in the Beta testing stage, and users can do more experiments to further experience the value of "Kubernetes for Windows container".

Kubernetes now officially supports the addition of Windows nodes as work nodes and the ability to schedule Windows containers. The vast ecosystem of Windows applications can now take advantage of the power of the Kubernetes platform. Enterprises that use both Windows and Linux applications no longer have to look for two separate orchestrations to manage their Windows and Linux workloads respectively, and the operational efficiency of the entire deployment can be greatly improved.

In this update, the main features supported by the Windows container in Kubernetes include:

Worker nodes and containers can use Windows Server 2019

Support out-of-tree network connections using Azure-CNI, OVN-Kubernetes, and Flannel

Improved support for pod, service types, workload controllers, and metrics / quotas to closely match the functionality provided by the Linux container

In terms of Kubernetes Windows network connection, among the three network plug-ins currently supported: Azure-CNI, OVN-Kubernetes and Flannel, Azure-CNI can only be used in Azure, and OVN-Kubernetes needs hardware support, so most users will use Flannel,Flannel as the network plug-in pushed by the community. Flannel's support for Windows is realized by Rancher Labs engineer Frank Mai Mak Weijia. His contribution to Windows network support includes two aspects: one is the support for CNI, including win-bridge and win-overlay, as well as the support for meta/flannel; the other is the Windows support for Flannel.

Rancher Labs engineer Mak Weijia is the main contributor to Windows Flannel network.

Important updates to Kubectl

New Kubectl documentation and Logo

Kubectl's documentation has been rewritten from scratch, focusing on using declarative Resource Config to manage resources. The document has been published as a stand-alone book format as a stand-alone site, and links are available from the k8s.io document:

Https://kubectl.docs.kubernetes.io .

Meanwhile, kubectl has a new logo and mascot (pronounced kubee-cuddle):

Kustomize integration

Users can now obtain the declarative resource configuration creation capabilities of kustomize in kubectl through the-k flag (such as apply, get, and so on) and the kustomize subcommand. Kustomize uses Kubernetes native concepts to help users create and reuse Resource Config. Users can now use kubectl apply-k dir / to apply directories to the cluster along with kustomization.yaml. Users can also send custom resource configurations directly to stdout without having to apply them through kubectl kustomize dir /. New features can be further viewed in the documentation: https://kubectl.docs.kubernetes.io

The kustomize subcommand will continue to be developed in the kustomize repo owned by Kubernetes. The latest kustomize features will be released as separate kustomize binaries (released to kustomize repo), at a more frequent pace, and will be updated in kubectl before each Kubernetes release.

The kubectl plug-in mechanism enters the Stable state one by one

The kubectl plug-in mechanism allows developers to issue their own custom Kubectlsubcommands in the form of separate binaries. Developers can further extend kubectl with new and more advanced features and additional porcelain (for example, adding set-ns commands).

The plug-in must have a kubectl- name prefix and exist in the user's $PATH. This time GA, the plug-in mechanism has been greatly simplified, and similar to the git plug-in system.

Persistent Local Volumes is now GA

The Persistent Local Volumes feature has now entered the Stable state, and users can use locally attached storage as the source of persistent volumes. The main use cases for persistent local storage are distributed file systems and databases, mainly for performance and cost reasons. On cloud providers, local SSD has better performance than remote disks. On bare metal, in addition to performance, local storage is usually cheaper, and using it is a necessary condition for configuring a distributed file system.

PID restriction has entered the Beta stage

The process ID (PID) is the basic resource on the Linux host. When other resources have not yet reached the maximum limit, most users do not want the host to be unstable because the task limit is reached. Administrators need mechanisms to ensure that user pod does not cause PID exhaustion, which prevents host daemons (such as runtime, kubelet, and so on) from running. In addition, it is important to restrict PID between pod to ensure that they do not have too much impact on other workloads on the node.

Administrators can now provide PID isolation for pod-to-pod by defaulting to the number of PID per pod, which is already a Beat state. In addition, administrators can reserve a large number of assignable PID for user pod through assignable nodes, thus enabling node-to-pod PID isolation as an alpha feature. In the next new version of Kubernetes, this feature is expected to switch to the Beta version.

Other feature updates worth paying attention to

Pod priority and preemption mechanism: this feature enables the Kubernetes scheduler to schedule the more important Pod first, and when the cluster runs out of resources, it removes the less important pod to create space for the more important Pod. The importance of Pod is specified by priority.

Pod Readiness Gates: an extension point that provides external feedback for pod readiness.

Enhance the default RBAC discovery clusterrolebindings: remove discovery from the API set, and unauthenticated access is no longer allowed by default, thereby improving the privacy of CRD and the default security state of the default cluster.

Download using Kubernetes 1.14

For functional updates included in Kubernetes 1.14, please see Release Notes:

Https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.14.md#kubernetes-v114-release-notes

You can download and use the new Kubernetes 1.14 on GitHub:

Https://github.com/kubernetes/kubernetes/releases/tag/v1.14.0

As an open source enterprise Kubernetes platform, Rancher can manage all cloud, all distributions and all Kubernetes clusters. Optimized and concise UI, easy-to-use operation experience, but also has integrated CI/CD, monitoring, logging, RBAC and other enhanced functions, is the best choice for enterprises landing Kubernetes. Rancher will add support for Kubernetes 1.14 in Rancher 2.2.1, which will be released in April.

Later, we will share more technical articles about Windows container and network in Kubernetes 1.14. Remember to keep paying attention.

About Rancher Labs

Founded by Silicon Valley cloud computing leader Liang Sheng, the father of CloudStack, Rancher Labs is committed to creating innovative open source software to help enterprises run containers and Kubernetes in a production environment. The flagship product Rancher is an open source enterprise Kubernetes platform that is the first and only platform in the industry that can manage all clouds, all distributions, and all Kubernetes clusters. It solves the difficulties of different infrastructure that enterprise users may face in the production environment, and improves the poor ease of use of Kubernetes native UI and the steep learning curve, which is the best choice for enterprises to land Kubernetes.

Rancher has more than 100 million downloads worldwide and more than 20000 corporate customers. Global famous companies such as China Life Insurance, Huawei, Ping an of China, Minsheng Bank, Industrial Bank, SAIC, Haier, Michelin, Trina, Toyota, Honda, Honeywell, Jinfeng, PricewaterhouseCoopers, Hainan Airlines, Xiamen Airlines, Evergrande, China Pacific, BNP Paribas, Bank of America, HSCIS Hang Seng Index, China Water Conservancy, Blizzard, CCTV and so on are all paying customers of Rancher.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.