This week marked the release of Kubernetes 1.16 and, like previous releases, delivers a range of exciting new features and enhancements that showcase its rapid velocity and maturity, driven by a community of more than 32,000 individual contributors. At StackRox, we have always viewed one of the greatest advantages of Kubernetes’ design to be its inherent extensibility and scalability, which continues to be evidenced by several updates in this latest version. We think the following themes and features in 1.16 are particularly noteworthy, because they make it easier for users to adapt Kubernetes to their operational requirements.
Extensibility with custom resources and storage volume enhancements
It has been said that “Kubernetes is a platform for building platforms,” which is only possible with open extensions. One of the most obvious ways Kubernetes enables extensibility is with custom resource definitions (CRDs). We have seen customers starting to think about how this feature can be leveraged to build tools like Operators, and the community at large has been using CRDs for important projects such as Istio. In 1.16, CRDs are graduated to general availability, portending further adoption across the community - we look forward to seeing how people continue to innovate using these building blocks.
For more details on the specific changes encompassed by this CRD API update, please see these relevant links:
Overall support for running stateful workloads on Kubernetes has continued to advance in the last couple years, and key pillars of that effort have focused on persistent storage and the Container Storage Interface (CSI). Customers have often voiced the need for greater flexibility when it comes to storage management, and 1.16 now graduates key storage features to beta, including the ability to:
Scalability and performance with network endpoints and resource allocation management
From early on, the Kubernetes community prioritized and invested in the scalability of the platform. Yet as organizations continue to run Kubernetes at larger scale, in production, newer challenges have surfaced. Version 1.16 takes a big step towards enabling better scalability for network endpoints, especially during scenarios such as rolling upgrades, with a new alpha feature called Endpoint Slices. Rather than storing all service endpoints in a single resource, which requires propagating the full resource to every single watcher every time an update is made, these endpoints are now split across multiple resources to significantly reduce the amount of data that must be transferred each time. The release announcement cites an astounding 200x reduction in data transferred per update for a 5,000-node cluster with 20,000 network endpoints. You can read more details about Endpoint Slices here.
Customers are increasingly using Kubernetes to run compute-intensive workloads, for which low latency and high throughput are critical. In this latest release, Kubernetes adds a new Node Topology Manager (in alpha) to achieve more effective resource allocation and workload performance.
And for users who need more flexible network configurations, this release also adds support for assigning either IPv4 or IPv6 addresses (in alpha) to pods and services rather than having to choose one for your entire cluster.
Operational excellence with better metrics
Instrumentation and the metrics it produces are a hallmark of operational excellence, which is why the Kubernetes community has an Instrumentation Special Interest Group with published guidelines for instrumentation based on Prometheus. In 1.16, the community can celebrate a milestone in accomplishing a major overhaul of Kubernetes metrics to ensure increased consistency and stability for how these metrics can be consumed. As part of this effort, a number of metrics have also been deprecated.
Why it matters
The features and enhancements in version 1.16 help address the growing need across the community for extensibility, scalability, and operational excellence when using Kubernetes. We have heard the need for these capabilities from our own customers. This release will go a long way towards enabling users to meet their varied operational requirements for running containerized, business-critical workloads in production, at scale, to drive organizational innovation and agility.
Come see Kubernetes-native security in action at KubeCon
Version 1.16 is the last Kubernetes release before KubeCon in November. We hope to see you there — we would love to share war stories of running Kubernetes in production, chat about the latest and greatest features, and show you how the StackRox Kubernetes Security Platform can help you secure your Kubernetes environments.