Replicated Release Roundup

Summer may be winding down, but the Replicated Product & Engineering teams are moving full steam ahead on our product roadmap! It’s time for another fresh batch of exciting capabilities newly available in KOTS (Kubernetes Off-The-Shelf), our embedded K8s installer (kURL), and Vendor Web. Check out the recently shipped features and release highlights for August 2021 below.

What’s New in Vendor Web

Vendor  Web: Improved Security in Vendor Web Tokens

We continue to evolve the security posture inherent to Vendor Web, this month with the addition of User API Tokens in Vendor Web to allow for programmatic access to the Vendor Web API on a per-user basis. When created, these tokens are scoped to ‘at-or-below’ the user’s RBAC settings and can only be used by whomever creates them. The token is displayed once for enhanced security, so be sure to save the details to somewhere like a password vault! 

This is the first user-accessible feature in our work to refactor Vendor Web Tokens for improved security and control for vendors that are looking for programmatic access to Vendor Web. When compared to our existing Team Tokens, we hope you see the benefits and direction our team is headed in with regard to API tokens for Vendor Web. Below is an example of where you can check these out while logged into Vendor Web:

vendorweb tokens

What’s New for KOTS

KOTS: Removal of MinIO Dependencies Continue

For vendors who have raised concerns about MinIO’s adoption of the GNU GPLv3 license, our team has continued our work towards removing any required MinIO usage. This month, we have brought vendors the option to remove MinIO instances that are created when KOTS snapshots are configured to use NFS or Host Path storage locations. Vendors received a first email and a follow-up email with additional detail. Have questions? Feel free to reach out to Customer Success (@cs-team) or ask the Product team (@pm) on your team’s Replicated Slack channel! 

We continue our work to reduce any required use of MinIO within Replicated products and will continue to share updates along the way.

What’s New for Embedded K8s Installer (kURL)

Embedded K8s Installer: Streamlined Load Balancing for HA Installs

HA installs just got easier for end users! Until now, HA installs have required an external load balancer that supports hairpinning — a burdensome step for end users. Now, the EKCO add-on will leverage HAProxy to provide support for internal load balancing which will make HA installs smoother for end users. HA installs will still prompt for a load balancer address, but if you don’t enter an address and you have EKCO 0.11.0+ installed, the internal load balancer will be used. Since the prompt will eventually be removed, use one of these two options to specify your load balancer preference instead.
    1. kURL spec YAML: enableInternalLoadBalancer: true
    2. Command-line flag when installing: —load-balancer-address=

Embedded K8s Installer: Ability to Require Customer License Agreement Prior to Install

We continue to listen to our vendors for their feedback on our product, and this month we had a great new improvement thanks to vendor feedback! One vendor surfaced the pain point of needing their customers to agree to their license before they began modifying their customer’s environment. As a result, we’ve added the option for vendors to require an agreement before the embedded K8s installer begins installing a cluster. This feature is fully functional for online installs but will remain in beta until it is available for air gap installs too. Check out the install guide here for more. install one install two

Embedded K8s Installer: Automatic Container Runtime Migration

Dockershim, which allows Kubernetes to use Docker as a container runtime, was deprecated as of Kubernetes v1.20, and dockershim will be completely removed in some version after 1.22. Additionally, kURL only supports containerd for CentOS, RHEL, and Oracle Linux versions 8.x. As a result, it’s important to transition your clusters from Docker to containerd for ongoing compatibility. Toward that end, we’ve added support for automatic migrations from Docker to containerd. If Docker has been installed by kURL but a subsequent upgrade of that cluster specifies containerd as the container runtime instead, the cluster will be migrated to containerd and Docker will be uninstalled.  This is an important step in our larger transition to containerd as our default container runtime. Read more in our containerd add-on documentation here

That’s it for the August release highlights! Want to learn more about these new features and what Replicated does to help vendors and customers install and manage modern apps on-prem? We would love to show you — click here to schedule a demo.