To quickly get started with Kublr, run the following command in your terminal:
sudo docker run --name kublr -d --restart=unless-stopped -p 9080:9080 kublr/kublr:1.26.0
The Kublr Demo/Installer docker container can be run on ARM-based PC, such as MacBook M1.
Follow the full instructions in Quick start for Kublr Demo/Installer.
The Kublr Demo/Installer is a lightweight, dockerized, limited-functionality Kublr Platform with a base trial license. It can be used for the following purposes:
The Kublr Demo/Installer stores all data about created clusters inside the Docker container. If you delete the container, you will lose all data about the created clusters and the Kublr platforms. However, you will not lose the clusters and platforms themselves.
The Kublr 1.26.0 release introduces several new features and improvements, including:
All Kublr components are checked for vulnerabilities using Aquasecurity trivy scaner. In addition to these major features, the release also includes various other improvements and fixes.
Version | Kublr Agent | Notes |
---|---|---|
1.26 | 1.26.4-2 | Default version: v1.26.4 |
1.25 | 1.25.9-12 | |
1.24 | 1.24.13-2 | |
1.23 | 1.23.17-4 | Deprecated in 1.27.0 |
1.22 | 1.22.17-10 | End of support in 1.27.0 |
New versions of Kubernetes:
Kubernetes v1.26 (v1.26.4 by default) support
Kublr 1.26 CNCF Kubernetes conformance
Before upgrading your managed cluster, make sure to upgrade all Kublr components to v1.26.0 or above. Note that if you use Pod Security Policies (PSP) in your application deployments, be aware of the PSP end of support in Kubernetes v1.25.0.
Deprecations:
Kubernetes node-role enhancement
Kublr now applies a “node-role” label to its control plane Nodes. The label key has been renamed from node-role.kubernetes.io/master to node-role.kubernetes.io/control-plane. Kublr also uses the same “node-role” key for a taint applied to control plane Nodes, which has also been renamed to “node-role.kubernetes.io/control-plane”. For more information, refer to the Kubernetes Enhancement Proposal.
Kublr CRDs migrate to free form
Seccomp annotation is enabled by default
If you need to disable the default seccomp profile, use the following cluster spec:
spec:
master:
kublrAgentConfig:
kublr:
security:
seccompdefault: false
SELinux: Added the right context for Kublr secrets and persistent data
Kublr Control Plane MongoDB migrates to v5.0.17
VictoriaMetrics cluster v0.9.62 and Agent v0.8.37 are now included in Kublr Centralized Monitoring and can be enabled via the UI
Kublr Agents:
Kublr Control Plane:
Azure:
vSphere:
Centralized Log Collection:
Stability, Reliability, and Security:
To use Kublr in an airgap environment, you will need to download the following BASH scripts from the repository at https://repo.kublr.com:
You will also need to download the following Helm package archive and Docker images lists:
Component | Version |
---|---|
Kublr Operator | 1.26.0 |
Kublr Control Plane | 1.26.0 |
Component | Version |
---|---|
Kubernetes | |
Dashboard | v2.7.0 |
Kublr System | 1.26.0 |
LocalPath Provisioner (helm chart version) | 0.0.24-15 |
Ingress | 1.26.0 |
nginx ingress controller (helm chart version) | 4.7.0 |
cert-manager (helm chart version) | 1.10.2 |
Centralized Logging | 1.26.0 |
ElasticSearch | 7.10.2 |
SearchGuard | 53.6.0 |
Kibana | 7.10.2 |
SearchGuard Kibana plugin | 53.0.0 |
SearchGuard Admin | 7.10.2-53.6.0 |
OpenSearch (helm chart version) | 2.6.2 |
OpenSearch Dashboards | (helm chart version) |
RabbitMQ | 3.9.5 |
Curator | 5.8.1 |
Logstash | 7.10.2 |
Fluentd | 3.3.2 |
Fluentbit | 1.9.10 |
Centralized Monitoring | 1.26.0 |
Prometheus | 2.37.8 LTS |
Kube State Metrics (helm chart version) | 5.6.4 |
AlertManager | 0.25.0 |
Grafana | 8.5.22 |
Victoria Metrics | |
Cluster | 0.9.62 |
Agent | 0.8.37 |
Alert | 0.6.0 |
For Kublr Kubernetes clusters deployed on vSphere, you may encounter an update error that requires manual unmounting of CD/DVD drive 1 from each virtual machine using the vCenter console.
Elasticsearch is only supported on the AMD64 architecture. If you are using an ARM64 cluster, you can use tag 7.17.9 for the cluster nodes. Refer to the following link for more information: Use Elasticsearch v7.16.3 or Above.
vSphere CSI limitation: Please refer to the VMWare documentation for information on vSphere functionality supported by the vSphere Container Storage Plug-in.
CRI change limitation: When deploying an Ingress controller in hostPort mode (typically for vSphere or BareMetal installations), DNAT rules may not be cleaned properly. This is an open issue in the Felix project. If your Ingress NGINX controller connection times out, please reboot the worker nodes.
SUSE SLES 12 sp5 can’t be run with ContainerD CRI (Docker is end of support in Kuberntes v1.24.0). Kublr can’t find the correct way for automatically installing containerd-ctr utilities, but fully supports Kubernetes installation with preinstalled ContainerD CRI and containerd-ctr utilities.
Google Cloud Platform SUSE SLES 15 sp4 can’t use the Google Cloud Engine CSI PD driver. The root cause is the relocation of /lib/udev
to /var/lib/udev
on the root file system. Please use custom CSI drivers installation and disable Kublr CSI support via the cluster spec:
spec:
kublrAgentConfig:
kublr:
features:
csi_drivers:
auto_behavior: manual