The third release of 2018 of Kubernetes is now available. Kubernetes 1.12 focuses on internal improvements and graduating features to stable.
Key features of this release include Kubelet TLS Bootstrap and support for Azure Virtual Machine Scale Sets (VMSS). According to the team, these new features are focused on security, availability, resiliency and getting production apps to market. In addition, the release marks an increased maturation and improvement of the container orchestration tool for developers, the team explained.
Kubelet TLS Bootstrap enables the provisioning of TLS client certificates for kubelets. This feature also allows the process of provisioning and distributing signed certificates to become automated.
Previously, the first time a kubelet ran, it needed to be given client credential in an out-of-band process, which put a burden on the operator that had to provision those credential. Because of this tedious process, many operators deploy clusters with a single credential and identity for all kubelets. This setup prevents deployment of node lockdown features, the team explained.
Along with this release, the Kubelet server certificate bootstrap and rotation is now moving to beta. This feature adds a process for generating keys locally and then issuing a Certificate Signing Request to the cluster API server.
Kubernetes 1.12 also adds support for Azure VMSS, which allows users to “create and manage identical, load balanced VMs that automatically increase or decrease based on demand or a set schedule.” According to the company, this enables users to manage and scale multiple VMs and provide high availability and application resiliency.
Kubernetes now supports the scaling of containerized applications with Azure VMSS and the ability to integrate with a cluster autoscaler to automatically adjust the size of Kubernetes clusters.
Other new features being moved to alpha in this release include RuntimeClass and snapshot and restoration functionality for Kubernetes and CSI. New beta features include topology-aware dynamic provisioning, configurable pod process namespace sharing, custom metrics, vertical scaling of pods, and data encryption.