sudo docker run --name kublr -d --restart=unless-stopped -p 9080:9080 kublr/kublr:1.24.0
The Kublr Demo/Installer docker container can be run on ARM-based PC, such as MacBook M1.
Follow the full instructions in Quick start for Kublr Demo/Installer.
The Kublr Demo/Installer is a lightweight, dockerized, limited-functionality with base trial license Kublr Platform which can be used to:
The Kublr Demo/Installer stores all of the data about the created clusters inside the Docker container. If you delete the Docker container you will lose all data about the created clusters and the Kublr platforms. However, you will not lose the clusters and the platforms themselves.
The Kublr 1.24.0 release introduces support for Kubernetes 1.24, AWS Outposts, vSphere CSI drivers, and upgraded Keycloak v20.0.1. It also includes Ubuntu 22.04 support and improvements to the Kublr license management UI.
All Kublr components are checked for vulnerabilities using Aquasecurity trivy scaner. In addition to these major features, the release also includes various other improvements and fixes.
Ubuntu 22.04 support
New versions of Kubernetes
Kubernetes v1.24 (v1.24.8 by default), v1.23 (v1.23.14 by default) support
Deprecations
Keyclaok upgraded to v20.0.1
ContainerD CRI
Kuberntes Pod Security Policy feature is deprecated and will be removed from Kubernetes v1.25
privileged
PodSecurityConfiguration:apiVersion: pod-security.admission.config.k8s.io/v1beta1
kind: PodSecurityConfiguration
defaults:
enforce: "privileged"
enforce-version: "latest"
audit: "privileged"
audit-version: "latest"
warn: "privileged"
warn-version: "latest"
exemptions:
usernames: []
runtimeClasses: []
namespaces: [kube-system,kublr]
Kublr backup controller is deprecated in Kublr v1.23 and will be changed to new implemantation in Kublr v1.25.0
Support for Ubuntu 22.04 has been added.
Support for Kubernetes v1.24 and v1.23 has been added, and v1.20 has been deprecated and will be removed in the next release.
Support for Kubernetes v1.19 and Ubuntu 16.04 have been deprecated and will no longer be supported.
Keycloak has been upgraded to v20.0.1 and the Kublr Control Plane now uses the Bitnami Keycloak Helm chart.
ContainerD CRI now supports insecure registry.
The Kubernetes Pod Security Policy feature has been deprecated and will be removed in Kubernetes v1.25. Pod Security Policies are enabled by default in Kublr agent v1.23 and deprecated and disabled in agent v1.24. Kublr enforces the following baseline
PodSecurityConfiguration:
apiVersion: pod-security.admission.config.k8s.io/v1beta1
kind: PodSecurityConfiguration
defaults:
enforce: "baseline"
enforce-version: "latest"
audit: "baseline"
audit-version: "latest"
warn: "baseline"
warn-version: "latest"
exemptions:
usernames: []
runtimeClasses: []
namespaces: [kube-system,kublr]
The Kublr backup controller is deprecated in Kublr v1.23 and will be replaced with a new implementation in Kublr v1.25.0.
Kublr agents
Kublr Operator:
kublr.features
failureRequeueIn: 20s
failureRequeueInMax: 4m
Kublr Monitoring:
Kublr Logging:
Kublr feature ingress
vSphere:
spec:
kublrAgentConfig:
cloud_controller_manager:
enabled: true
kublr:
features:
csi_drivers:
vsphere: csi
AWS:
Azure:
Stability, Reliability and security
Various UI Improvements
To use Kublr in an airgap environment, you will need to download the following BASH scripts from the repository at https://repo.kublr.com:
You will also need to download the following Helm package archives and Docker images:
Component | Version | Kublr Agent | Notes |
---|---|---|---|
Kubernetes | 1.24 | 1.24.8-4 | default v1.24.8 |
1.23 | 1.23.14-4 | ||
1.22 | 1.22.16-4 | ||
1.21 | 1.21.14-10 | Deprecated in 1.25.0 | |
1.20 | 1.20.14-14 | End of support in 1.25.0 |
Component | Version |
---|---|
Kublr Operator | 1.24.0 |
Kublr Control Plane | 1.24.0 |
Component | Version |
---|---|
Kubernetes | |
Dashboard | v2.4.0 |
Kublr System | 1.24.0 |
LocalPath Provisioner (helm chart version) | 0.0.22-11 |
Ingress | 1.24.0 |
nginx ingress controller (helm chart version) | 4.2.3 |
cert-manager (helm chart version) | 1.5.3 |
Centralized Logging | **1.24.0 * |
ElasticSearch | 7.10.2 |
Kibana | 7.10.2 |
SearchGuard | 52.3.0 |
SearchGuard Kibana plugin | 51.0.0 |
SearchGuard Admin | 7.10.2-52.3.0 |
RabbitMQ | 3.9.5 |
Curator | 5.8.1 |
Logstash | 7.10.2 |
Fluentd | 3.3.0 |
Fluentbit | 1.8.10 |
Centralized Monitoring | 1.23.0 |
Prometheus | 2.37.1 LTS |
Kube State Metrics (helm chart version) | 4.20.2 |
AlertManager | 0.22.0 |
Grafana | 8.5.13 |
Victoria Metrics | |
Cluster | 0.9.32 |
Agent | 0.8.12 |
Alert | 0.4.35 |
For Kublr Kubernetes clusters deployed on vSphere, you must unmount CD/DVD drive 1 from each virtual machine manually using the vCenter console.
vSphere clusters cannot be deleted automatically. You must remove the VMs manually and unregister the cluster after that.
Kublr Control Plane can only be updated from v1.21.0 or above.
Kubernetes v1.24.0 and above is not supported on SUSE Linux.
The Kublr Control Plane ingress SSL certificate is now managed by the Keycloak ingress rule with the name host-name.domain-name-tls.
AWS CSI volume resizer have wrong images, please use latest Kublr agent versions