Summer may be winding down, but the Replicated Product & Engineering teams are moving full steam ahead on our product roadmap! It’s time for another fresh batch of exciting capabilities newly available in our application manager (a/k/a “KOTS” (Kubernetes Off-The-Shelf), our Kubernetes installer (a/k/a “kURL”), and the vendor portal (previously “Vendor Web”). Check out the recently shipped features and release highlights for August 2022 below.
What’s New for the vendor portal
Vendor portal: Google Authentication for people in your domain (Beta)
What’s New for the application manager
Application manager: Preliminary support for branding the admin console (Alpha) (Released in v1.83.0)
Application manager: Air gap bundle supporting image digests and deduplication of shared image layers (Beta) (Compatible support released in v1.82.0)
Application manager: Referencing images by digest, or by digest and tag, is now supported everywhere (Compatible support released in v1.82.0)
Application manager: Updated GitOps workflow makes setting up GitOps even easier (Released in v1.82.0)
Application manager: Reference both an image digest and a tag for most online installations (Released in v1.81.0)
What's New for the Kubernetes installer
Kubernetes installer: Added support for Rook 1.7.x
Kubernetes installer: Migration from Rook 1.0.x to 1.4.x/1.5.x now includes support for air gapped clusters
What’s New for the Replicated Documentation
Replicated documentation: Improved organization of the Enterprise snapshots documentation
Replicated documentation: Updates to address vendor FAQs and fill content gaps
Replicated documentation: More detailed reference content on Redactors
Replicated documentation: More clearly document snapshots requirements and limitations
With this new beta feature, If you’re using Google authentication for the Replicated vendor portal, you can opt to allow all users from your Google Workspace domain to join your same team automatically. This enhancement is should also reduce accidental team creation for new users on the vendor portal, a somewhat common mistake.
New users who join the team with this method will be assigned to the role-based access control (RBAC) policy noted in the drop down. Below is how the setting looks for your team admin user in vendor portal.
The admin console is effectively a part of your product as a vendor – it’s a key piece of the installation process that your customers use and see. So vendors like you will typically want the admin console to fit with your brand. This new alpha feature allows you to provide custom CSS in the `branding` field of the Application custom resource to change the look and feel of the admin console, making it match your branding or style guidelines. Any CSS provided overrides the default styling. This feature will be available for Enterprise customers only.
Here’s a simple example of the current implementation of branding. This shows setting the background color to coral for a sample “Guestbook” application.
And here’s that coral branding color in action on the admin console for the Guestbook app. Pretty sharp!
Referencing images by digest is a security best practice, since the digest is immutable but the tag can easily change. However, air gap bundles previously only supported tags, not digests. Additionally, because air gap bundles packaged each image individually, any image layers common to more than one image were duplicated in the bundle, unnecessarily increasing the bundle size. Image registries only store a layer once regardless of how many images use that layer, so vendors are accustomed to shared layers being deduplicated.
This feature introduced a new air gap bundle format that supports image digests and deduplicates shared image layers. Older versions of the app manager can’t process this new air gap bundle format—the format is only supported in app manager v1.82.0 and later.
This feature is an extension of the update above. Replicated now has full support for referencing an image by tag (already fully supported), digest, or digest and tag together—take your pick! In addition to air gap support mentioned above, image digests now work when a private registry is configured from the Registry Settings page in the admin console. A private registry is most often used for air gap installations, but it can be used for online installations. You now have complete control over how to reference your images, whether you use online or air gap installations.
The user experience for setting up GitOps had some confusing diagrams, long paragraphs of text, and extraneous buttons. This experience has been overhauled to streamline the setup and ongoing management of GitOps.
You can see the simplified GitOps Configuration screen here (without having to click through a diagram first.) The application “Guestbook” is not yet GitOps enabled, so we can select our Git provider, specify the owner and repository, and then create an SSH key.
You’ll then see clearly that the repository access is needed and be provided with an SSH key to copy over. Once that’s done and you’ve added the key, you can hit the button labeled “Test connection to repository” to try it out.
You’ll see a clear message that GitOps is enabled.
If you want to later disable GitOps, that’s also done with just a click of the button shown below.
If you are using Rook, you probably want to be able to keep up with the latest versions of this offering. Adding v1.7 support moves us one step closer bringing our add-on more up-to-date.
Previously only online installs could leverage this functionality. This extends that support to air gapped environments. Once you declare 1.4.x or 1.5.x for Rook in their installer spec, the air gap install process will notify the end customer that they need to download a Rook upgrade package at a provided URL. Later in the upgrade process, the installer will ask for a path to that file. At that point the install will proceed similarly to an Internet-connected install, performing a rolling upgrade through Rook 1.1.9, 1.2.7 and 1.3.11 before installing 1.4.9 (and 1.5.12 if applicable).
We reorganized the Managing Backup and Restore section in the Enterprise documentation to make it easier for you to understand what you need to do to get started with snapshots. This includes the workflow to install and configure Velero, how to set up a storage location for backups, and the key limitations and considerations. Our goal here is making it easier for you and your enterprise customers to back up and restore with snapshots, and to help lessen the support burden.
We made a handful of updates to the documentation to address requests and questions from vendors like you. Specifically, we added information on the firewall openings needed for online installations, provided more detail on what exactly is backed up in a full snapshot, and added an example of how to use Velero restore hooks. These updates should help you to self-serve with our documentation. We received these requests either through the vendor directly on GitHub. Keep ‘em coming!
We updated the reference topic on Redactors to include better introductory content about the purpose of Redactors, detailed descriptions of the fields for the fileSelector and removals objects, and an example of the YAML for a custom redactor. If you’re adding preflight checks and support bundles to your application, you can use the information and examples in this topic to create your own custom Redactors. This should help you adopt and use preflight checks and support bundles, whether you are onboarding now or just getting started with these features.
We’ve updated the snapshots documentation to make sure that critical requirements are clear and discoverable. First, we updated the topics on using a NFS and using a host path as storage destinations for snapshots to clarify the requirements for each (for example, how to set the required user:group permissions). Also, to make it easier to find the snapshots docs and reduce confusion, we updated the titles of many of the topics to replace the term “snapshots” with “backup and restore”. These changes should help you when troubleshooting the backup and restore process, reducing the number of support issues opened by users running into the same issues.
That’s it for the August release highlights! Want to learn more about these new features and what Replicated does to help vendors and customers install and manage modern apps on-prem? We would love to show you -- click here to schedule a demo.