Open Telekom Cloud for Business Customers

CCE – Kubernetes v1.13, Encryption and further features

CCE uses now Kubernetes version 1.13.10 which incorporates the Docker engine v18.09. Automatic migration from 1.11 to 1.13 is currently not possible.

The other parts of this release contain the following features:

Encryption

  • The purpose of the feature is the possibility to encrypt EVS and SFS volumes with KMS directly in CCE console using Persistent Volume Claim. You can navigate under CCE console to Resource Management -> Storage section and create EVS / SFS for a specific cluster and namespace.
  • More information about Persistent Volume Claim you can find on Kubernetes site: https://v1-13.docs.kubernetes.io/docs/concepts/storage/persistent-volumes/.

EulerOS 2.5

EulerOS 2.5 is now for CCE as hardened Kubernetes operating system available and contains the last fixed security vulnerabilities.

Multi-IP segments and node pool in CCE cluster

As a part of the current CCE release, there are two new network sub-features released.

  • Support to add different subnets in a Kubernetes cluster. This feature can be useful for IP segment isolation and node expansion.
  • Possibility to create custom node pools to improve autoscaling ability. A node pool is a group of compute nodes with the same node type (VM or BMS), specifications, and labels.

Kubernetes login

CCE got a new log-in option to CCE Kubernetes clusters with the IAM credentials that are used to authenticate to the API of the OTC. Native Kubernetes APIs are accessible with credentials taken from IAM token.

CA certificate download

CA certificate files are possible to download from the OTC console. Moreover, there is also a possibility to upload their own CA certificates during cluster creation.

Upgrade of multiple instances

The new feature allows for upgrading multiple instances at the same time. This parallelism allows improving the upgrade speed of a cluster.

Online YAML Configuration

OTC supports now an online YAML configuration. You can use your own configuration YAML files to administrate a Kubernetes cluster.

Cluster management permission control

Now we have two possibilities to manage cluster permissions.

  • A Cluster-level permission management - by using IAM fine-grained authorization.
  • And the Namespace-level permission management - by using Kubernetes RBAC authorization.

Network policy

Network policy feature enables specification of rules how pods are allowed to communicate with each other.

Affinity and Autoscaling improvement

Feature improvement brings the possibility to update Affinity rules for existing deployments and improve the stability of auto-scaling.

 
Further information can be found in the CCE area of the Help Center.

 

Do you have questions?

We answer your questions about testing, booking and use – free of charge and individually. Try it! 
Hotline: 24 hours a day, 7 days a week
0800 3304477 from Germany / 00800 33044770 from abroad

  • Communities

    The Open Telekom Cloud Community

    This is where users, developers and product owners meet to help each other, share knowledge and discuss.

    Discover now

  • Telefon

    Free expert hotline

    Our certified cloud experts provide you with personal service free of charge.

     0800 3304477 (from Germany)

     
    +800 33044770 (from abroad)

     
    24 hours a day, seven days a week

  • E-Mail

    Our customer service is available free of charge via E-Mail

    Write an E-Mail