May 30, 2018 | Written by: Jason Adelman
Categorized: Compute Infrastructure | DevOps | Hybrid Deployments | Open Source | What's New
Share this post:
IBM® just announced the release of version 18.104.22.168 of IBM Cloud Private which provides guidance for General Data Protection Regulation (GDPR) compliance and adds new capabilities for securing, managing, and scaling your platform. Additionally, 22.214.171.124 includes support for both Microclimate and select open source runtimes. See What’s new in Version 126.96.36.199 in the product documentation for more details. Or read on for the highlights!
General Data Protection Regulation
The new GDPR regulation is now in effect in the European Union. IBM has developed a dedicated web page about IBM Cloud Private platform considerations for GDPR readiness to provide you with information about features that you can configure, and aspects of the product’s use that you should consider to help your organization with GDPR readiness.
Latest version of Kubernetes
IBM Cloud Private continues to evolve in lock step with the community. This release includes version 1.10.0 of Kubernetes.
Tighter security options for administrators
We continue to tighten security on the platform and provide more options for administrators to control access to various parts of the system. The following enhancements are now available in 188.8.131.52:
- Role-Based Access Control (RBAC) for Helm repos and individual charts within a repo. You can now control which teams have access to which charts, limiting who can deploy, update, and delete your most critical applications.
- Use Service IDs and Service API Keys to better control which programs can access services running on your platform and to customize their access privileges.
- Use the IBM Cloud Private CLI to manage Kubernetes Secret passwords that secure communications to key services in the IBM Cloud Private platform. For example, you can set your own password for our built-in MongoDB service that stores authorization and authentication information. You can also set up password rules that ensure only strong passwords are used to protect your system.
- Audit logging of authentication and authorization actions on your system is now available.
- Set up end-to-end TLS encryption for your ELK stack. When enabled, all data passed between the Elasticsearch, Logstash and Kibana components is encrypted and secured with PKI-based authentication.
Certified scalability to 1000 nodes (!)
We continue to increase the scale testing and have now certified IBM Cloud Private to work with up to 1000 nodes. See our blog, Journey to 1000 Nodes, and learn about the challenges we hit as we scaled up and how our architecture addresses them.
Day 2 Management & Usability
IBM Cloud Private was designed from the ground up using a microservices-based architecture. It was therefore natural in version 184.108.40.206 to use Helm to deploy our optional services, such as metering, monitoring, service catalog, ISTIO, and Vulnerability Advisor. This makes future adds, removes, updates and rollbacks of management services much easier. In this release, we start by providing the ability to enable the Vulnerability Advisor post-installation.
Clients also need to change their cluster topology post-installation. For quite some time you had the option to add or remove worker nodes in your cluster. IBM Cloud Private now supports post-installation addition or removal of proxy, management, host groups, and Vulnerability Advisor nodes by using the CLI. We can also leverage a VMware or OpenStack Cloud Provider to provision worker or proxy nodes from images.
Other enhancements that make your management of the product easier includes:
- “Launch” links in the dashboard so that you can directly open an application’s UI with one click
- More catalog filters, so you can find and launch applications faster
- Release notes information for each Helm chart, including the version, what’s new, and any fixes, or enhancements added.
- The internal Helm repository named local-charts can now be added to the Helm CLI as an external repository.
- The ability to use the metering service to measure usage of your own applications as well as IBM products running outside the IBM Cloud Private cluster.
Cloud Foundry Enhancements
IBM Cloud Private now provides a better way to deploy and manage Cloud Foundry. This improved Cloud Foundry now includes a new management console (technology preview), container-to-container networking, integrated monitoring, updated buildpacks, new OpenStack support, and an upgrade to Cloud Foundry version 270.29. For more information, see What’s New in IBM Cloud Private Cloud Foundry Version 220.127.116.11.
Microclimate and Runtimes Support
Whether modernizing existing applications or building new cloud native microservices, cloud-based applications are increasingly composed of components built using multiple programming languages and frameworks. This is why IBM Cloud Private now includes support for Microclimate and open source Java, Node.js and Swift runtimes along with select web and microservice frameworks. Microclimate enables end to end development that lets you rapidly create and edit Java, Node.js and Swift applications and deploy them through an automated DevOps pipeline using Jenkins. (Microclimate replaces Microservice Builder, which was available in earlier releases.) Together Microclimate, Runtimes Support and IBM Cloud Private provides a complete, end-to-end solution for development and deployment on the most popular open source frameworks.
Betas and Technology Previews
Container Storage Interface (CSI) is now available as Beta.
The following features are available as Technology Previews:
- ISTIO is now deployable by Helm
- Horizontal pod auto scaling by using custom metrics
- Installing your cluster by using containerd as a runtime for cluster nodes is available
We invite you to join our open community on ibm-cloud-tech.slack.com and give us your feedback, or ask questions on Stack Overflow tagged ibm-cloud-private.
- We’ve Moved! The IBM Cloud Blog Has a New URL
- Use IBM Cloud Certificate Manager to Obtain Let’s Encrypt TLS Certificates for Your Public Domains
- Are You Ready for SAP S/4HANA Running on Cloud?
- Kubernetes Tutorials: 5 Ways to Get You Building Fast
- Using Portworx to Deploy and Manage an HA MySQL Cluster on IBM Cloud Kubernetes Service
Seamless Integration: Istio and External Services
By defining our own MCP server, we allow users to move to the Istio service mesh without any code and deployment model changes. This means we can easily use Istio to control, observe, connect, and secure services running outside Kubernetes clusters.
What’s Included in the IBM Cloud Developer Tools Version 2.2.0
I’m pleased to announce the latest version of IBM Cloud Developer Tools CLI, which contains some exciting new features.
Introducing IBM Analytics Engine v1.2 and Announcing the Deprecation of IBM Analytics Engine v1.0
We are excited to inform you about the new version of IBM Analytics Engine v1.2 that will be available starting May 15, 2019. Along with this release, Analytics Engine v1.0 will be retired.