Pivotal Container Service® (PKS) 1.2 means business; enterprise-grade Kubernetes business, running in production.
It’s just over 6 months since we launched PKS as the best way for enterprises to run Kubernetes on-prem or in any cloud. We saw Kubernetes early adopters plagued by complexity managing their infrastructure—problems we’d already helped to solve for enterprise customers across every industry vertical using Pivotal Cloud Foundry®.
PKS combines our experience and proven infrastructure automation with Kubernetes—everything you need to run Kubernetes, in production, on any cloud.
With the GA of PKS 1.2, we’ve further extended the range of clouds available to run the latest release of Kubernetes, certified compatible by the CNCF. PKS 1.2 also includes a range of production-ready capabilities that enhance security, availability and reliability for Kubernetes workloads.
Let’s dig into PKS 1.2.
The Latest Kubernetes 1.11 Features With Enterprise Support From Pivotal
As with every release of PKS, we’ve updated the fully supported distribution of Kubernetes that ships with the product. For PKS 1.2 that’s Kubernetes 1.11—the latest GKE compatible, stable, version of Kubernetes. PKS 1.2 is also certified against CNCF standards for Kubernetes conformance, assuring workload and application portability from PKS to all other certified Kubernetes distributions. And, thanks to the BOSH underpinnings of PKS, upgrading with zero downtime comes as standard.
AWS Support—Welcome to the PKS Multi-Cloud Family!
PKS 1.2 adds much-requested AWS support to the already supported vSphere and Google Cloud IaaS targets. And for Azure fans, we plan to add Azure support in the near future.
Why does this matter? According to a recent study, most organizations run on multiple clouds already—whether by design or just organic growth. The same study concludes that for maximum speed and efficiency, consistency across clouds becomes critical both for developers and their workloads and operations teams. Having PKS available on every cloud in a multi-cloud operation provides that consistency, a standard Kubernetes dial-tone for developers and the PKS platform for IT and operations.
Check out This Video for a Walkthrough of PKS 1.2 Deployment and Operation on AWS:
High Availability for Kubernetes Cluster Management and Workload Nodes Across Availability Zones
In most cases, production-ready means a highly-available (HA) Kubernetes API, achieved by multiple Kubernetes master and etcd nodes distributed across availability zones (AZs) with fail-over capability. PKS 1.1 introduced the multi-master in Beta; with PKS 1.2 multi-master is now fully supported for production use.
Kubernetes RBAC Integrated With Enterprise Directory, Security and Convenience
Kubernetes identifies two security roles; the cluster creator and cluster user. The cluster creator assigns RBAC (resource-based-access-control) permissions to the cluster user, defining what operations they are permitted to perform on the cluster. PKS manages these roles using the UAA (User Access & Authentication) service, and now synchronizes the users with an organization’s users and groups in their existing LDAP-based directory.
For more details on Kubernetes RBAC, UAA and LDAP Synchronization watch this video:
Application Observability; Developers Control Logging to Get Just The Info They Need
There’s no reason developers should have to wade through each others’ irrelevant log info to understand what their application is doing.
It could even be a security exposure for them to see more than their own applications’ activity, so we need a way to limit the scope of what they can access. But in the age of automation we don’t want the overhead of manually raising an IT ticket to filter and split log streams. Enter PKS 1.2. Using the new PKS CRD for “sink,” developers can self-service configure the destination for their node system logs, Kubernetes cluster events as well as stdout and stderr from the pods and route to log analysers such as VMware’s vRealise Log Insight, Elastic Stack, or Splunk.
This video walks through the details of self-service logs in PKS:
vRealize Automation Integration, Automate Kubernetes Clusters Alongside Your Infrastructure
Kubernetes is essentially infrastructure, so why not automate it alongside your existing infrastructure?
If that sounds like you, then the latest VRa 7.5 updates include integration with PKS 1.2 for cluster creation, management, and deployment of workloads to the cluster.
This short video shows how vRealize Automation can be used to discover a PKS endpoint, download kubeconfig for an existing cluster, create a cluster, and deploy NGINX to the cluster from a template:
Size your own NSX T-Shirt: Customize Network preferences on cluster creation using Network Profiles
Prior to 1.2, PKS operators could customize cluster creation using a plan, but NSX network options such as Load Balancer Size were not included and would take a fixed value (for example: Load Balancer = small). With the new Network Profile feature, operators will be able to provide custom values for network options on cluster creation, selecting their choice of Load Balancer size.
And There’s More…
PKS keeps improving, and PKS 1.2 includes many more features, such as faster, parallelized node creation on cluster creation, security and credential handling improvements, simplified NSX installation, and TLS termination at the NSX load balancer or the new Xenial 16.04 stemcell. That’s the beauty of PKS; your developers take advantage of the latest Kubernetes features while the underlying operational platform advances in lock-step. Using a CD pipeline such as Concourse for automated updates to PKS and the underlying operating system means you automatically stay up to date and reduce stress without any disruption.
Organizations are confidently taking Kubernetes into production with PKS 1.2. Look out for their stories on the Pivotal blog in the very near future, and start your journey to Kubernetes production with PKS today. Pivotal’s SpringOne Platform conference has lots of great Kubernetes and PKS sessions to help get started. If you missed the live conference, you can catch all the recorded sessions after the event.
Forward-looking statements. This blog contains statements relating to Pivotal’s expectations, projections, beliefs and prospects which are "forward-looking statements” within the meaning of the federal securities laws and by their nature are uncertain. Words such as "believe," "may," "will," "estimate," "continue," "anticipate," "intend," "expect," "plans," and similar expressions are intended to identify forward-looking statements. Such forward-looking statements are not guarantees of future performance, and you are cautioned not to place undue reliance on these forward-looking statements. Actual results could differ materially from those projected in the forward-looking statements as a result of many factors, including but not limited to: (i) our limited operating history as an independent company, which makes it difficult to evaluate our prospects; (ii) the substantial losses we have incurred and the risks of not being able to generate sufficient revenue to achieve and sustain profitability; (iii) our future success depending in large part on the growth of our target markets; (iv) our future growth depending largely on Pivotal Cloud Foundry and our platform-related services; (v) our subscription revenue growth rate not being indicative of our future performance or ability to grow; (vi) our business and prospects being harmed if our customers do not renew their subscriptions or expand their use of our platform; (vii) any failure by us to compete effectively; (viii) our long and unpredictable sales cycles that vary seasonally and which can cause significant variation in the number and size of transactions that can close in a particular quarter; (ix) our lack of control of and inability to predict the future course of open-source technologies, including those used in Pivotal Cloud Foundry; and (x) any security or privacy breaches. All information set forth in this release is current as of the date of this release. These forward-looking statements are based on current expectations and are subject to uncertainties, risks, assumptions, and changes in condition, significance, value and effect as well as other risks disclosed previously and from time to time in documents filed by us with the U.S. Securities and Exchange Commission (SEC), including our prospectus dated April 19, 2018, and filed pursuant to Rule 424(b) under the U.S. Securities Act of 1933, as amended. Additional information will be made available in our quarterly report on Form 10-Q and other future reports that we may file with the SEC, which could cause actual results to vary from expectations. We disclaim any obligation to, and do not currently intend to, update any such forward-looking statements, whether written or oral, that may be made from time to time except as required by law.
About the AuthorFollow on Twitter Follow on Linkedin More Content by John Allwright