CommunityDEENDEENProductsCore ServicesRoadmapRelease NotesService descriptionCertifications and attestationsPrivate CloudManaged ServicesBenefitsSecurity/DSGVOSustainabilityOpenStackMarket leaderPricesPricing modelsComputing & ContainersStorageNetworkDatabase & AnalysisSecurityManagement & ApplicationsPrice calculatorSolutionsIndustriesHealthcarePublic SectorScience and researchAutomotiveMedia and broadcastingRetailUse CasesArtificial intelligenceHigh Performance ComputingBig data and analyticsInternet of ThingsDisaster RecoveryData StorageTurnkey solutionsTelekom cloud solutionsPartner cloud solutionsSwiss Open Telekom CloudReferencesPartnerCIRCLE PartnerTECH PartnerBecome a partnerAcademyTraining & certificationsEssentials trainingFundamentals training coursePractitioner online self-trainingArchitect training courseCertificationsCommunityCommunity blogsCommunity eventsLibraryStudies and whitepaperWebinarsBusiness NavigatorSupportSupport from expertsAI chatbotShared ResponsibilityGuidelines for Security Testing (Penetration Tests)Mobile AppHelp toolsFirst stepsTutorialStatus DashboardFAQTechnical documentationNewsBlogFairs & eventsTrade pressPress inquiriesCommunity

0800 3304477 24 hours a day, seven days a week

Write an E-mail 

Book now and claim starting credit of EUR 250
ProductsCore ServicesPrivate CloudManaged ServicesBenefitsPricesPricing modelsPrice calculatorSolutionsIndustriesUse CasesTurnkey solutionsSwiss Open Telekom CloudReferencesPartnerCIRCLE PartnerTECH PartnerBecome a partnerAcademyTraining & certificationsCommunityLibraryBusiness NavigatorSupportSupport from expertsHelp toolsTechnical documentationNewsBlogFairs & eventsTrade pressPress inquiries
  • 0800 330447724 hours a day, seven days a week
  • Write an E-mail 
Book now and claim starting credit of EUR 250
HomeSupportRelease NotesCCE – Kubernetes v1.13, Encryption and further features

CCE – Kubernetes v1.13, Encryption and further features

CCE uses now Kubernetes version 1.13.10 which incorporates the Docker engine v18.09. Automatic migration from 1.11 to 1.13 is currently not possible.

The other parts of this release contain the following features:

Encryption

  • The purpose of the feature is the possibility to encrypt EVS and SFS volumes with KMS directly in CCE console using Persistent Volume Claim. You can navigate under CCE console to Resource Management -> Storage section and create EVS / SFS for a specific cluster and namespace.
  • More information about Persistent Volume Claim you can find on Kubernetes site: https://v1-13.docs.kubernetes.io/docs/concepts/storage/persistent-volumes/.

EulerOS 2.5

EulerOS 2.5 is now for CCE as hardened Kubernetes operating system available and contains the last fixed security vulnerabilities.

Multi-IP segments and node pool in CCE cluster

As a part of the current CCE release, there are two new network sub-features released.

  • Support to add different subnets in a Kubernetes cluster. This feature can be useful for IP segment isolation and node expansion.
  • Possibility to create custom node pools to improve autoscaling ability. A node pool is a group of compute nodes with the same node type (VM or BMS), specifications, and labels.

Kubernetes login

CCE got a new log-in option to CCE Kubernetes clusters with the IAM credentials that are used to authenticate to the API of the OTC. Native Kubernetes APIs are accessible with credentials taken from IAM token.

CA certificate download

CA certificate files are possible to download from the OTC console. Moreover, there is also a possibility to upload their own CA certificates during cluster creation.

Upgrade of multiple instances

The new feature allows for upgrading multiple instances at the same time. This parallelism allows improving the upgrade speed of a cluster.

Online YAML Configuration

OTC supports now an online YAML configuration. You can use your own configuration YAML files to administrate a Kubernetes cluster.

Cluster management permission control

Now we have two possibilities to manage cluster permissions.

  • A Cluster-level permission management - by using IAM fine-grained authorization.
  • And the Namespace-level permission management - by using Kubernetes RBAC authorization.

Network policy

Network policy feature enables specification of rules how pods are allowed to communicate with each other.

Affinity and Autoscaling improvement

Feature improvement brings the possibility to update Affinity rules for existing deployments and improve the stability of auto-scaling.

 
Further information can be found in the CCE area of the Help Center.

Back to overview Release Notes 
 

Do you have questions?

We answer your questions about testing, booking and use – free of charge and individually. Try it! 
Hotline: 24 hours a day, 7 days a week
0800 3304477 from Germany / 00800 33044770 from abroad

Write an E-mail
Cloud Container Engine

The Open Telekom Cloud Community

This is where users, developers and product owners meet to help each other, share knowledge and discuss.

Discover now

Free expert hotline

Our certified cloud experts provide you with personal service free of charge.

 0800 3304477 (from Germany)

 +800 33044770 (from abroad)

 24 hours a day, seven days a week

Write an E-Mail

Our customer service is available free of charge via E-Mail

Write an E-Mail

AIssistant

Our AI-powered search helps with your cloud needs.

In order to use our AI-powered seach you must first accept the cookies for services by other companies.

Accept the cookies for services by other companies