What’s new in MicroK8s v1.25?
We are pleased to bring you Kubernetes v1.25, try it out with:
sudo snap install microk8s --classic --channel=1.25That’s how easy is to install MicroK8s, the zero-ops Kubernetes for developer workstations, edge and IoT.
If you haven’t used MicroK8s before here are a few tips:
microk8s status --wait-readywill wait for the K8s cluster to get ready and report its status along with the enabled addons.microk8s kubectl get all -Awill get you a view of the cluster. Notice how kubectl is already part of the MicroK8s distribution.microk8s enable dnswill enable the dns addon.microk8s configwill get you the kubeconfig file to access your cluster.microk8s helmis helm!
Have fun exploring the new release!
What kept us busy the past four months
Strict confinement goes into general availability
You already know that MicroK8s is a snap. As such it packages all Kubernetes binaries, the CNI, the datastore and all of their dependencies. This kind of packaging allows for transparent in-place upgrades. Every time there is a new patch your cluster will be upgraded. Snaps are a perfect match for projects that release often. In the case of Kubernetes that is once every couple of weeks.
Another aspect of snaps is that snapped applications can be placed in a strictly confined “jail”. This offers an extra layer of security as Kubernetes workloads cannot escape the confinement imposed. Of course, in most cases you trust the running workload. You trust that it will not be exploited or that it will not crash taking the entire node down with it. But if your relationship with hosted workloads is not build on trust a strictly confined MicroK8s may be what you are looking for.
Try out the strictly confined K8s with:
snap install microk8s --channel=1.25-strictIf for some reason you find the AppArmor profiles imposed are too restrictive, try the --devmode option:
sudo snap install microk8s --channel=1.25-strict --devmodeNotice how the --classic flag is missing. In a classic snap workloads have access to the host system like any other apt/rpm based package.
Addons go from strength to strength
With the introduction of core & community addon repositories we were given the flexibility to further grow the ecosystem of MicroK8s-friendly applications. You will be please to find a set of new addons you can try with microk8s enable <addon>:
kube-ovn,the well known CNI,cert-manager,to issue certificates,nfs,community owned NFS operator,osm-edge,community owned addon to install a fork of Open Source Mesh
Noteworthy improvements among existing addons include the option to set the storage class in the registry addon and to set host paths for the existing hostpath-storage storage classes.
Power9 architecture support
Never owned a Power9 machine? Well… me neither but this did not stop us from supporting this architecture. Best thing about this work is how easy snap packaging makes it. We literally had to click on a checkbox to build our snap in this rather exotic architecture.
Shrinking snap size
Lots of work has gone under the hood to make MicroK8s as small as possible we managed to drop the snap size from 230MB down to 170MB. Apart from the obvious improvements in installations time this reduction should also yield significant memory footprint and performance benefits.
A huge “thank you”!
To our contributors:
- @balchua, for the work on the hostpath classes and for maintaining the Linkerd, Jaeger, MetalLB, Keda addons
- @Orzelius, for the ingress work
- @jkosik, for working on hostpath-storage, the NFS and ArgoCD addons
- @sudeephb, for the registry improvements
- @MFAshby, for the AppArmor confinement fixes
- @ortegarenzy, for the kubelet token fix
- @naqvis, for the osm-edge addon
- @dud225, for the dashboard update and the contributions to Multus
- @eliaskoromilas, for his work on the inaccel addon
- @balasu, for his Portainer contributions
- @csantanapr, for the work on Knative
