The new Kubernetes 1.9 gives you more control over clusters, solidifies aspects of the API and improves the extensibility of the underlying system’s architecture. This release is expected to include 38 features spanning security, cluster lifecycle management, APIs, networking, storage and additional functionalities. Of these 38 features, 22 are listed in alpha, 13 are in beta and three have moved to stable.
Below are some preliminary highlights of the release:
Cluster Management Improvements
One of the three significant features that moved to stable in the Kubernetes 1.9 release is Windows Server Containers, which enables Docker containers to run on Microsoft Windows. With 1.9, you will be able to run Windows-based and .NET-based applications inside containers on Kubernetes. It also means that Kubernetes can now claim to be the first fully functional cross-platform cluster manager, solidifying its position as the container orchestrator of choice. For those looking to get started using Kubernetes, check out our previous tutorial for VMware users.
Kubernetes 1.9 includes a significant number of different alpha and beta features that provide more control over a cluster. For instance, a new “kubeadm upgrade” command allows you to more easily upgrade a cluster created automatically by kubeadm.
Another improvement is the new “kubectl diff” command. This lets you view the difference between an object configuration that you declared locally in a spec file and the current state of its corresponding live object running in Kubernetes.
Particularly noteworthy is the introduction of support for out-of-process and out-of-tree cloud providers—that is, pluggable cloud providers. This is a significant improvement because it enables Kubernetes to be extended without modifying the code base. This new extensibility will be important to vendors who want to write their own code in order to manage persistent volumes or load balancers.
You can expect to see extensive configuration innovation of kubeadm with a new “kubeadm phase” command that supports performing only subtasks of the full kubeadm init flow. Combined with its fine-grained configuration capabilities, kubeadm will now be easily consumable by higher-level tools, such as Kubernetes Operations (kops) and Google Kubernetes Engine.
Workloads API
The second significant feature change in this release is that the core workload API (DaemonSet, Deployment, ReplicaSet, StatefulSet) has been moved to the apps group and is now considered stable.
In Kubernetes 1.9, paged list queries from the Kubernetes API can now return large results in portions rather than all at once, reducing the memory and size impact of large queries, which should be especially useful to administrators with large clusters.
An admission control enhancement will intercept requests to the Kubernetes API server before an object persists, but after the request is authenticated. The Kubernetes API server can also generate audit logs for all requests and export the logs into a pluggable backend with the API Audit login. You will also be able to add more structure to event API and change deduplication logic so events won’t overload the cluster.
More Visibility and Extensibility for Storage
There continues to be an impressive list of storage enhancements in the Kubernetes 1.9 release. Users can now expose detailed metrics of the internal state of various storage components—the third and final feature moved to stable—and can also add support for resizing existing persistent volumes.
Additionally, users can prevent the deletion of persistent volume claims that are used by a pod and make local raw block devices (non-networked) available for consumption through a persistent volume source.
Continuing the trend of extending the Kubernetes architecture to be pluggable, the 1.9 release adds support for Container Storage Interface (CSI) volume plugins outside the Kubernetes source code tree and makes locally attached (non-network attached) storage available as a persistent volume source. The end result is a broader ability for Kubernetes to work with different types of disks.
With 1.9, Kubernetes can also run containerized mount utilities in pods instead of on the host.
More Networking Flexibility
The Kubernetes 1.9 release adds support and full capabilities for IPv6 instead of IPv4 networking. You will also be able to implement IPVS-based in-cluster service load balancing.
The new release switches the default DNS plugin from kube-dns to CoreDNS to simplify and improve DNS resolution. In addition, the release enables the use of AWS Network Load Balancer for the LoadBalancer type of service within AWS.
Security Enhancements
One of the new stable features is support for short circuit deny from authorizers. ClusterRole Aggregation adds a way for API extenders to add permissions to existing roles.
Other Notable Additions in Kubernetes 1.9
The new Kubelet configurations can be rolled out in a live cluster, and users will be able to configure containers within a pod that can share a common PID namespace by setting an option in the PodSpec.
Kubernetes is becoming popular for managing workloads that consume accelerators like TensorFlow, so it should come as no surprise that 1.9 includes support for hardware accelerators, making it easier to deploy across multiple machines.
Finally, volume scheduling makes the scheduler aware of a pod’s volume topology constraints, such as zone or node.
You can visit the Kubernetes open source site for the most up-to-date information on the Kubernetes 1.9 release, or visit our Cloud-Native Apps website for the latest developments with VMware. Be sure to stay tuned to the Cloud-Native Apps blog for more information about Kubernetes, and follow us on Twitter (@cloudnativeapps).
