Today, we are excited to announce the release of the Kubermatic Kubernetes Platform (KKP), available in both Enterprise Edition (EE) and Community Edition (CE). The open-source Community Edition is driven by a passionate community of users from around the world, with some running thousands of clusters. The Enterprise Edition boasts powerful features designed to help large organizations get the most out of their Kubernetes clusters in terms of governance, security, and management. With both editions, you can take control of your Kubernetes clusters and unlock their full potential.
With this release, KKP users can expect several usability and security improvements, such as a simplified process for MLA stack installation, customizable cluster templates, and enhanced security measures. Additionally, KKP users will be able to leverage improved access control, which will allow them to more securely manage user access to the cluster. These features will provide users with greater insight and control over their deployments, which will lead to improved efficiency and productivity.
KKP 2.22 introduces support for Ubuntu 22.04 LTS, Kubernetes 1.25 & 1.26. The Operating System Manager (OSM) introduced in KKP 2.21 and MachineController also support Kubernetes 1.25 & 1.26.
Read on for these and other key updates with this release:
Create independent control planes by natively accessing KubeOne clusters in KKP
(CE and EE)
This release marks another milestone in bringing cloud and edge services to the next level.
KKP 2.22 onwards KubeOne clusters are managed just like any other external provider - that means as a KKP user you can import KubeOne clusters natively. With a wizard, users can now import KubeOne clusters from Amazon Web Services (AWS), Azure Cloud and Google Cloud Platform (GCP).
Teams can now configure independent control planes that are part of a larger, centralized management system, allowing them to solve challenges on an individual level while operations teams gain leverage to provide support.
This will enable teams to gain greater control over their deployments, allowing them to optimize efficiency and productivity while ensuring a secure and reliable experience.
Experience maximized accessibility with Web terminal
(CE and EE)
Web terminal can also be used to remotely access and manage multiple clusters simultaneously, streamlining the process and saving time. Additionally, it also provides enhanced visibility and control, allowing admins to quickly troubleshoot and manage their clusters more efficiently.
With web terminal, KKP admins can access and carry out activities from their browser directly. Admins can hook into any cluster using the CLI features from a device that only has a browser-they do not need a terminal on it.
Once the session is complete, the connection is dynamically disabled to prevent any nefarious activity.
Run Kubernetes clusters on-premise with KubeVirt cloud provider
(CE and EE)
Teams that have been unable to adopt Kubernetes due to the presence of existing Virtual Machine-based workloads that cannot be easily containerized now have a powerful solution - KubeVirt!
KubeVirt Cloud Provider - KubeVirt combined with Kubermatic eliminates the need for running dedicated platforms to manage virtual machines on-premise and allows the automatic deployment of Kubernetes clusters on them.
With this release, our KubeVirt Cloud Provider is GA!
Teams can now take advantage of the platform’s full capabilities and reap the benefits of a unified development platform. Benefits include:
- Single platform to manage all virtual machines
- Quickly and easily create kubernetes clusters on-premise
Improved user experience with every release
(CE and EE)
As always, our goal with KKP is to make the user experience more intuitive and enjoyable. With KKP 2.22, we have made several changes to the user interface that will further improve the overall usability of our platform. These changes include:
The project and admin panel navigation has been enhanced with secondary levels. With this new grouping of menu points under concise headers it will be easier to find what you are looking for. This also allows us to expand the interface more easily in the future, ensuring that every new feature will be exactly where you expect it. This includes a redesigned sidebar to accommodate more intuitive navigation.
To gain a better understanding of the seed cluster, users can view the following information
- Credentials are in use
- The number of clusters generated
- Cloud provider where the clusters are hosted
This gives users a comprehensive overview of their seed cluster and allows them to manage it more productively.
Since KKP 2.21, user clusters have been able to run in dual-stack mode on a variety of cloud providers, including AWS, Azure, Equinix Metal, and GCP. This allows users to assign both an IPv4 and IPv6 address to their resources such as pods and Kubernetes services. With KKP 2.22, we have further expanded the list of supported providers, improved the experience on some operating systems, and integrated new Cloud Configuration Management (CCM) tools as they are added to KKP for particular cloud providers.
Cluster templates have not only been enriched with the edit feature, but also with the new customization functionality. ‘Customize template’ allows you to quickly make any number of alternate clusters based on your pre-existing settings without altering the template itself. Making new clusters on the fly has never been easier.
The Smartest way to manage resources and costs with QuotaFlow
With KKP 2.21, KKP admins began managing consumption anywhere, irrespective of an individual provider. Admins can limit the resources consumed by all cloud providers within every project individually.
With KKP 2.22, we have also introduced the possibility of setting default project resource quotas- this is used if no quota is set explicitly.
Users can also view dynamic/live quota gauges: this view represents resource quota forecasts based on adding/editing/removing compute resources, during the cluster creation process.
A simplified approach to application management
(CE and EE)
Since KKP 2.21, as a KKP Admin, you can browse, pick and install applications throughout the user clusters. With KKP 2.22, we have introduced even more improvements:
- Application upgrades: Now you can easily change the version of an Application directly in the UI.
- Extends application’s CRDs with DeployOptions.HelmDeployOptions to control how applications are deployed with Helm. (allow to specify equivalent of – wait, –timeout, –atomic flags). When DeployOptions are defined at ApplicationDefinition level, it acts as a default for all ApplicationInstallation. However, it can be overridden at ApplicationInstallation level.
- Application reconciliation: Allow to periodically force the reconciliation even if Application Installation CR has not changed.
- The installation or upgrade of an application is automatically stopped if the maximum number (5) of tries is exceeded
Enhanced enterprise security with every release
(CE and EE)
With KKP 2.22, accessing clusters securely via OIDC authentication for kubeconfig elevates access control and lets admins run safer environments
- Instead of a service account, the OIDC account will authenticate within kubeconfig. This way the KKP admin can set up user-level access control, allowing them to specify exactly which team members can access which clusters
- With the IP allowlist, KKP admins can restrict access to the kubernetes clusters to only those IP addresses specified in the allowlist. This helps ensure that only authorized members of the organization can access cluster credentials and helps prevent malicious actors from accessing the cluster.
What’s next for KKP?
To better serve the open source endeavor, we strive to create an ecosystem that allows members to suggest their requirements. As a step in this direction, we are happy to announce that in the near future, we will include support for Vultr, as per the request by @2000yeshu and in line with community-led requests. Stay tuned for more!
At Kubermatic, we take customer feedback and expectations very seriously. That’s why we have a specialized team that’s responsible for analyzing all of the feedback that we receive. This team plays a crucial role in ensuring that our product is always aligned with the needs of our customers.
Our primary objective is to make sure that our product is result-oriented. This means that we are constantly working to improve the effectiveness and efficiency of our product so that it delivers the best possible results for our customers.
In addition to being result-oriented, we also place a strong emphasis on security.Our team works tirelessly to identify and address any potential security risks, and we implement the best practices and technologies to keep our platform as secure as possible.
Finally, we are committed to providing excellent product support. Our customers can always count on us to be there when they need us, and we work hard to ensure that they have a positive experience when they interact with us. Whether it’s answering a question, fixing a bug, or providing guidance on how to use our platform, we are here to help.