While Docker remains a leader in container technology, Kubernetes is gaining popularity for container orchestration and management. The open-source project is ready to release its 1.7 release this week with new features focused on extensibility, security, and other ways for deploying, scaling, and managing containerized applications.
According to Joe Brockmeier in a blog, senior evangelist for Linux Containers at Red Hat, new features in Kubernetes are considered alpha in their first release, which means they’re not turned on by default in the builds. These features are not considered production ready by the community, but once these features are stable, they will continue to appear in Kubernetes “for many subsequent versions,” he said.
A big focus in the 1.7 release is extensibility. This allows Kubernetes to expand its scope and functionality without “bloating” the project, said Brockmeier. New features that focus on extensibility include Custom Resource Definitions (CRDs), which allow extension of the Kubernetes API to provide features that look like first-class APIs to users. CRDs is in beta for Kubernetes 1.7.
Other extensibility features include Extensible External Admission Control, which is in alpha; and API Aggregation, which works on CRDs and will add to Kubernetes’ extensibility by letting user-provided API servers to work with the rest of the Kubernetes API. This is moving to beta in 1.7, according to Brockmeier.
Security is also a big focus for Kubernetes 1.7. Encrypting secrets in etcd is an alpha feature, and it allows sensitive data stored in the etcd key-value store to be encrypted at the datastore level. There’s a new authorization mode and admission plug-in that limits a Kubernetes node’s access to specific APIs, according to Brockmeier. This feature “is designed to limit access to secrets and other information to their own pod, so they can’t access the cluster’s pods globally,” he said.
Other features to look for include DaemonSet Updates, StatefulSet Upgrades, support for “burst mode” with StatefulSets, and the NetworkPolicy feature has been promoted to stable in Kubernetes 1.7.
“Overall, Kubernetes 1.7 represents another strong release from the Kubernetes community,” said Brockmeier. “It delivers a number of features that will help keep Kubernetes at the forefront of deploying, scaling, and managing containerized applications.”