Kublr Release 1.22.1 (2022-02-09)

Kublr Quick Start

sudo docker run --name kublr -d --restart=unless-stopped -p 9080:9080 kublr/kublr:1.22.1

Follow the full instructions in Quick start for Kublr Demo/Installer.

The Kublr Demo/Installer is a lightweight, dockerized, limited-functionality Kublr Platform which can be used to:

Test setup and management of a standalone Kubernetes cluster
Setup a full-featured Kublr Platform

The Kublr Demo/Installer stores all of the data about the created clusters inside the Docker container. If you delete the Docker container you will lose all data about the created clusters and the Kublr platforms. However, you will not lose the clusters and the platforms themselves.

We recommend using the Kublr Demo/Installer to verify if a Kubernetes cluster can be created in your environment and to experiment with it. To manage a real cluster and experience all features, you can create a full-featured Kublr Platform in a cloud or on-premise.

Overview

The Kublr 1.22.1 patch release includes bug fixes in Kublr feature Logging where some Kubernetes audit logs were misformatted and moved to DLQ; CVE-2021-44228 Log4J in SearchGuard modules; MongoDB migration issue on BareMetal; minor Kublr agent Kubernetes versions updates; and Alertmanager configurability improvements.

Important Fixes and Improvements

Kubernetes updated to v1.22.5, v1.21.8, v1.20.14 by default
Controlpane MongoDB migration issue fixed on BareMetal instalation
Centralized Log collection:
- SearchGuard init roles/roles_mapping issue fixed
- CVE-2021-44228: Log4J 0-day Vulnerability mitigation included in searchguard modules
- fluentbit log exporter passes Kubernetes audit logs in wrong format
- Kibana index pattern auto fix Kubernetes cron job
Centralized monitoring:
- Alertmanager customization templates
- alert inhibition rules support
- minor alert rules improvements
Ingress controller watch on rules without spec.inressClassName
Minor UI improvements

CNCF Kubernetes Conformance tests:

https://github.com/cncf/k8s-conformance/tree/master/v1.22/kublr
https://github.com/cncf/k8s-conformance/tree/master/v1.21/kublr
https://github.com/cncf/k8s-conformance/tree/master/v1.20/kublr
https://github.com/cncf/k8s-conformance/tree/master/v1.19/kublr (Deprecated in 1.23.0, End of support in 1.24.0)

AirGap Artifacts list

Additionally, you need to download the BASH scripts from https://repo.kublr.com

You also need to download Helm package archives and Docker images:

Supported Kubernetes versions

v1.22

https://repo.kublr.com/repository/arc/agent/1.22.5/kublr-agent-load-gobins-1.22.5-10.sh
https://dl.kublr.com/agent/1.22.5/kublr-agent-1.22.5-10.tar.gz
https://repo.kublr.com/repository/arc/agent/1.22.5/kublr-agent-load-images-1.22.2-10.sh
(optional if the control plane 1.22.1 images are imported already)
https://dl.kublr.com/agent/1.22.5/kublr-agent-images-1.22.5-10.tar.gz
(optional if the control plane 1.22.1 images are imported already)

v1.21

v1.20

v1.19 (Deprecated in 1.23.0, End of support in 1.24.0)

Components versions

Kubernetes

Component	Version	Kublr Agent	Notes
Kubernetes	1.22	1.22.5-10	default v1.22.5
	1.21	1.21.8-25
	1.20	1.20.14-31
	1.19	1.19.16-58	Deprecated in 1.23.0

Kublr Control Plane

Component	Version
Kublr Operator	1.22.1-8
Kublr Control Plane	1.22.1-40

Kublr Platform Features

Component	Version
Kubernetes
Dashboard	v2.2.0
Cluster autoscaller	1.8.4
Kublr System	1.22.1-5
LocalPath Provisioner (helm chart version)	0.0.12-8
Ingress	1.22.1-7
nginx ingress controller (helm chart version)	4.0.10
cert-manager (helm chart version)	1.5.3
Centralized Logging	1.22.1-22
ElasticSearch	7.10.2
Kibana	7.10.2
SearchGuard	52.3.0
SearchGuard Kibana plugin	52.2.0
SearchGuard Admin	7.10.2-52.3.0
RabbitMQ	3.9.5
Curator	5.8.1
Logstash	7.10.2
Fluentd	3.3.0
Fluentbit	1.8.10
Centralized Monitoring	1.22.1-11
Prometheus	2.28.1
Kube State Metrics (helm chart version)	3.4.2
AlertManager	0.22.0
Grafana	7.5.10
Victoria Metrics
Cluster	0.8.2
Agent	0.6.5
Alert	0.3.5
Kublr KubeDB (Deprecated in 1.22.0, End of support in 1.23.0)	1.22.1-4
kubedb (helm chart version)	v0.14.0-alpha.2

Known issues and limitations

Kublr feature Ingress 1.22.1-7 included in Kublr 1.22 only supports Kubernetes v1.19 and above, so for Kubernetes v1.18 clusters please use Kublr feature Ingress 1.21.2-24 (the version can be overridded in the custom cluster spec).
Kublr feature KubeDB reaches end of support in Kublr v1.22.0 and is not supported on Kubernetes v1.22 and above. Please remove the feature from the cluster specification after Kublr Control Plane upgrade:
```
spec:
  features:
    kubedb:
      enabled: false
```
When upgrading a Kubernetes v1.22, Kublr feature Ingress must first be upgraded to v1.22.1-7. If applications deployed to the cluster are using Kublr-managed ingress controller, review their ingress rules before upgrading and make sure that spec.ingressClassName proerty is set to nginx.
Upgrading to the new Kublr Logging version will override kublr predefined SearchGuard roles (kublr:*, sg_kublr_kibana_user, sg_curator, sg_hooks, sg_kublr_logstash, sg_monitor) and role mappings (kublr:*, sg_kublr_logstash, sg_kublr_kibana_user, sg_curator, sg_hooks, sg_monitor, SGS_KIBANA_SERVER, SGS_LOGSTASH, SGS_ALL_ACCESS, SGS_KIBANA_USER).
Please refer to support portlal howto backups existing customization before upgrading.
Kublr feature logging with fluentbit log collector uses new Elasticsearch index template named kublr-logs instead of the legacy kublr-index-template. By default ES index templates are updated by Kublr once every 24 hours, so when plannig to switch from fluentd to fluentbit, it is recommended to first upgrade the control plane, and perform the switch 24 hours later.
Ingress controller upgrade process requires that all ingress controller pods are restarted.