Canonical Kubernetes 1.28 is planned to be generally available on 15th August 2023

Kubernetes 1.28 is currently planned to be released on the 15th of August 2023. Canonical Kubernetes 1.28 is scheduled to release swiftly afterwards, with MicroK8s 1.28 expected to be generally available within 24 hours of upstream, and Charmed Kubernetes expected to follow within days.

We consistently follow the upstream release cadence to provide our users and customers with the latest improvements and fixes, together with security maintenance and enterprise support for Kubernetes on Ubuntu.  This blog is a quick overview of the latest development and highlights that will be available in Canonical Kubernetes 1.28. 

What’s new in upstream Kubernetes 1.28

Kubernetes 1.28 is tracking 59 new enhancements, of which 33 are alpha, 19 are beta and 15 are stable. Below are some of the expected features in the new release. You can also have a look at the (currently in draft) release notes for 1.28

• Sidecar Containers: (alpha) Kubernetes introduces the built-in support for sidecar containers pattern.
• CEL for Admission Control: (beta) Allows cluster administrators to easily define dynamic admission controls and validation rules for cluster resources, without the need to run a separate admission server and setting up ValidatingWebhookConfiguration resources.
• Kubelet limit of Parallel Image Pulls: (beta) Allows cluster administrators to configure the maximum number of parallel image pulls that can be performed by the kubelet.
• Field status.hostIPs added for Pod: (alpha) Make it easier for pods to access the list of IP addresses of the node where they are running on.
• Non graceful node shutdown: (stable) Handle non-graceful node shutdowns.
• Structured Authorization Config: (alpha) Allow cluster administrators to have a structured configuration file for authorizers and multiple webhook authorization webhooks on the kube-apiserver.
• Expanded DNS Configuration: (stable) Allow kubernetes to have expanded DNS(Domain Name System) configuration, allowing up to 32 DNS search paths.

What’s new in Canonical Kubernetes 1.28

All upstream Kubernetes 1.28 features are available in Canonical Kubernetes for both its distributions, MicroK8s and Charmed Kubernetes. The following additional highlights are new in Canonical Kubernetes 1.28. 

MicroK8s 1.28 highlights

It is already possible to start testing and experimenting with MicroK8s 1.28 on the edge channel – this MicroK8s version includes the latest updates from upstream Kubernetes 1.28.

How to install MicroK8s 1.28 edge channel:

# sudo snap install microk8s –classic –channel=1.28/edge

Please see the documentation for more details on getting started with MicroK8s. 

CIS compliance

The Kubernetes CIS (Center for Internet Security) benchmark is a set of best practices and security guidelines designed to enhance the security of Kubernetes clusters.  The CIS benchmark provides organizations with a comprehensive checklist of security configurations and recommendations to ensure the secure deployment and operation of Kubernetes clusters.

MicroK8s has developed an addon to evaluate the CIS conformance out of the box. This enhancement will give concrete information of actions to be taken in the cluster to be CIS conformance. More information on MicroK8s CIS hardening.

MicroK8s Charm

Juju is an open source orchestration engine which simplifies the deployment, integration and lifecycle management of applications and infrastructure. By using Juju, it is possible to control the whole stack from the substrate to the applications, in a single interface.

The MicroK8s Charm will ensure that a MicroK8s cluster can be bootstrapped by Juju, enabling provisioning and lifecycle management of the cluster and the applications running on it.

Try it now! The edge version of the charm is available to test – see the documentation for more details.

Dual stack support 

It was previously possible to configure dual-stack (concurrent IPv4 and IPv6 support) in a MicroK8s cluster thanks to the guidelines prepared by MicroK8s community members. From MicroK8s Kubernetes 1.28, dual-stack support is integrated with MicroK8s, adding IPv4/IPv6 configuration capabilities to all MicroK8s clusters. 

The Kubernetes dual-stack feature enables clusters to make use of the full potential of IPv4 and IPv6 protocols simultaneously, providing for legacy apps without compromising on address space.

More information about dual stack is available upstream.

MicroCeph addon

MicroCeph is an open-source distributed storage system providing optimum performance in environments with limited physical resources. With the addition of MicroCeph to MicroK8s, use cases like edge computing and IoT can deploy Kubernetes with integrated high performance storage for object, block and file-level storage.

MicroCeph streamlines Ceph cluster management by simplifying key distribution, service placement and disk administration for quick, effortless deployment and operations. MicroCeph is available for MicroK8s as an addon, simplifying enablement to a single command.

You can find the full list of available addons in the MicroK8s documentation.

 Charmed Kubernetes 1.28 highlights

COS integrator charm

The Canonical Observability Stack (COS) gathers, processes, visualizes and alerts on telemetry signals generated by workloads running both within, and outside of, Juju. Providing an out-of-the-box observability suite relying on the best-in-class open-source observability tools.

COS  provides a unified,  central platform for monitoring, logging, and tracing of various components across diverse environments, such as on-premises, cloud, and hybrid setups. This unified approach eliminates the need for multiple tools, reducing complexity and streamlining operations by support or maintenance teams.

The COS integrator charm makes it easy for Charmed Kubernetes users to access the observability metrics and KPIs while managing a Charmed Kubernetes Cluster. 

Join us Live!

Discuss the upcoming upstream features of 1.28 with Canonical’s engineers at our special preview event – everybody is welcome!

Friday 21st of July, 1:30 pm GMT 

Video call link: https://lnkd.in/dVKKB4rc 

Learn more about Canonical Kubernetes or talk to our team

• ubuntu.com/kubernetes
• microk8s.io
• #canonical-kubernetes and #microk8s on the Kubernetes Slack
• Discourse
• Twitter – @canonical, @ubuntu