Software and services company Pivotal, along with cloud computing and platform virtualization software and services provider VMWare, today announced the general availability of Pivotal Container Services (PKS) 1.1. The latest version packs in support for Kubernetes 1.10, integration with vRealize Log Insight, Wavefront by VMWare, Harbor 1.5 integration, and features improvements to network management and security as well as support for HTTP/HTTPS proxies.
The four areas of focus for version 1.1 of PKS were “developer productivity, high availability, management and operations, and networking and security,” Narayan Mandaleeka, cloud-native apps senior product line manager at VMware, wrote in a post on the company’s blog.
With the updated support for Kubernetes 1.10, PKS is bringing in the container management platform’s enhanced storage, node and resource management, in addition to programmability and security. This comes with the ability to deploy PKS behind an HTTP or HTTPS proxy, bringing the platform in line with the production-ready security requirements of Kubernetes.
The focus on high availability brings multi-AZ support into PKS 1.1, allowing for improved availability by more evenly spreading cluster nodes between multiple availability zones in case one experiences downtime. According to the companies, this allows the managed infrastructure to tolerate failures at four layers: the pod level, the process level, the VM level and the AZ level.
“If an AZ goes down, your Kubernetes clusters will still be online serving traffic,” Fred Melo, a technical director at Pivotal, wrote in the company’s announcement. “We added this fourth level for Kubernetes to give customers the level of operational excellence required by complex distributed systems.”
And with the vRealize Log Insight integration, PKS 1.1 aims to provide much deeper traceability within containers by providing intelligently aggregated, tagged and compiled logs including “searchable tags such as cluster, pod, namespace and container,” Mandaleeka wrote. This is all managed through the PKS 1.1 Operations Manager, and allows for “SSL encryption of log data in transit, as well as log limiting/throttling to prevent overflow or loss of data to the Log Insight endpoint.”
A beta feature in PKS 1.1 designed for improved availability is HA clusters or “multi-masters,” which allows users to deploy multiple master etcd nodes in clusters across multiple availability zones and will designate another deployed master if a VM or AZ goes down.
“If you lose a master node, you’ve lost the cluster state,” Pivotal’s Melo wrote. “But at least your workers are processing traffic. If you’re on a single AZ – and you lose that entire AZ – your workloads are gone. That’s why we’re releasing multi-AZ first, with HA clusters as a fast follow.”
Further operations and management features include PKS 1.1’s Wavefront by VMWare integration, which will collect and send metrics to Wavefront as needed to provide DevOps or SREs insights towards troubleshooting availability and performance problems in containerized applications. This can be configured to send alerts through the Kubernetes KPI via email or DevOps tools.
With administration as an additional focus, PKS 1.1 expands its ability to break a Kubernetes cluster into multiple namespaces with the ability to do the same for multiple clusters.
“This feature allows the highest level of isolation between tenants,” Melo explained. “Each tenant can have its own entire cluster…which also makes it straightforward to create completely isolated environments. Let’s say you want to create a new Kubernetes cluster with complete isolation. Just add a few details to your pks create cluster command in the API or CLI. PKS will then automatically deploy a new NSX-T logical switch and accompanying separate network. Do you prefer to use a single cluster or multiple K8s clusters for multiple tenants? Take your pick! PKS gives you the power to adjust the level of tenancy control and isolation to suit your requirements.”
PKS 1.1 also supports deployments on Dell EMC Pivotal Ready Architecture, which Melo says “will be especially attractive if you want to automate the lifecycle management of your infrastructure.”