What's new in version 3.1.0

Get a quick overview of what's added, changed, improved, or deprecated in this release.

IBM® Cloud Private Version 3.1.0 introduces the following new features and enhancements:

New features

Memory

Ensure you review and verify that you meet the increased memory requirements. For more information, see Hardware requirements.

Kubernetes

Catalog

You can now view the catalog by category. See Managing charts and apps.

Image management

You can now control where images are deployed from, enforce Vulnerability Advisor (VA) policies. See Enforcing container image security .

Network

Storage

Security

You can now configure single sign-on (SSO) between IBM Cloud Private and your enterprise identity source. For more information, see Configuring single sign-on.

You can now generate and manage certificates with the shared Kubernetes and IBM Cloud Private service cert-manager (certificate manager). To use cert-manager, see Creating certificates.

IBM Cloud Private enforces image policies. There are multiple ways to create an image enforcement policy and you can create a policy by using the IBM Cloud Private Web console. For more information, see Image security enforcement by using the IBM Cloud Private Web console Opens in a new tab.

IBM Cloud Private CLI

The bx pr command is now cloudctl. You can run cloudctl to view information about your cluster, manage your cluster, install Helm charts, and more. The IBM Cloud Private command line interface (CLI) supports, but no longer requires, the IBM Cloud CLI. For more information, see Managing your cluster with the IBM Cloud Private CLI.

Changes to the IBM Cloud Private CLI are described in the following list:

Istio

You can now connect, secure, control and observe your microservices with Istio service mesh. Istio makes it easy to create a network of deployed services with load balancing, service-to-service authentication, monitoring, and more, without any changes in service code. See Working with Istio for more information.

Vulnerability Advisor

Vulnerability Advisor (VA) now supports cross-architecture image scanning by using QEMU (Quick EMUlator). You can scan Linux® on Power® (ppc64le) CPU architecture images with VA running on Linux® x86_64 nodes. Alternatively, you can scan Linux® x86_64 CPU architecture images with VA running on Linux® on Power® (ppc64le) nodes.

You can also use the Mutation Advisor, a change detection mechanism, to alert personnel to unauthorized modification of critical system files, configuration files, content files, and OS process. See Mutation Advisor.

Management services

There is a updated format for listing the management services in the config.yaml file. See Enabling and disabling IBM Cloud Private management services.

IBM Cloud Private Web console

Audit logging

The audit logging feature in IBM Cloud Private provides the capability to collect audit logs generated by various management services and the Kubernetes API server and send them to Elasticsearch. See Audit logging in IBM Cloud Private.

NVIDIA GPU device plug-in

IBM Cloud Private now uses Kubernetes device plug-in framework for managing graphical processing unit (GPU) devices. For more information about Kubernetes device plug-ins, see Device Plugins Opens in a new tab.

Supported operating systems

IBM Cloud Private now supports Ubuntu 18.04 LTS.

Supported environments

IBM Cloud Private with OpenShift

IBM® and Red Hat have partnered to provide a joint solution that uses IBM Cloud Private and OpenShift. You can now deploy IBM certified software containers that are running on IBM Cloud Private onto Red Hat OpenShift. When you install IBM Cloud Private with OpenShift, IBM Cloud Private provides the IBM Cloud Private experience, management, and operations for applications and uses OpenShift's Kubernetes and Docker registry that is already installed by Red Hat. For more information, see IBM Cloud Private with OpenShift overview.

IBM Cloud Private on AWS Quick Start

This Quick Start automatically deploys IBM Cloud Private into a new virtual private cloud (VPC) on the Amazon Web Services (AWS) Cloud. A regular deployment takes about 60 minutes, and a high availability (HA) deployment takes about 75 minutes to complete. The Quick Start includes AWS CloudFormation templates and a deployment guide. For more information, see IBM Cloud Private on AWS.

Technology previews

The following technology previews are new for this version. For all of the features that are available in IBM® Cloud Private as technology preview code (TPC) only, see the Technology preview section.

Federal Information Processing Standards (FIPS)

Federal Information Processing Standards (FIPS) are information technology standards that are developed by the United States federal government. See IBM Cloud Private platform considerations for FIPS compliance for information about FIPS compliance in IBM Cloud Private.

IBM Cloud Private Cloud Foundry changes

For the details of changes to IBM Cloud Private Cloud Foundry, see What's new in IBM Cloud Private Cloud Foundry Version 3.1.0.

Kibana Helm chart removed from the public repository

Beginning March 8, 2019, the ibmcom/ibm-icplogging-kibana was removed from the public repository in the IBM Cloud Private Catalog. The Kibana instance is installed automatically, and can be enabled. See Kibana for more information.

Moved Helm charts

What changed

  1. With the introduction of IBM Cloud Private Version 3.1.0, the following package versions changed:

  2. Kubernetes is upgraded from Version 1.10.0 to Version 1.11.0.

  3. NGINX Ingress controller is upgraded from Version 0.13.0 to Version 0.16.2.
  4. GlusterFS is upgraded from Version 3.12 to Version 4.0.2.
  5. Calico is upgraded from Version 3.0.4 to Version 3.1.3.
  6. Helm CLI is upgraded from Version 2.7.2 to 2.9.1.

  7. The Logs tab for platform UI pages is no longer available. For information about viewing logs, see Events and logs (cluster management console).