Pure, open source, Kubernetes-as-a-Service is now generally available on DC/OS 1.11. Operations teams can now deploy and manage a CNCF certified, highly available Kubernetes cluster anywhere with a single command or button push. Furthermore, fixing the cluster usually requires no action by the operators thanks to zero touch self-healing. To provide truly simple management, the numerous monitoring, developer tools, and other solutions that are required for Kubernetes are easily accessible from DC/OS service catalog. The services all have the same high availability deployment and ongoing management features.
Like one would expect in any “as-a-Service” delivery, with the new release of DC/OS, managing many stages of a Kubernetes cluster is distilled into a single command line.
Some of the highlights for this release include:
- Single Click HA Automation – Deploy, scale, upgrade, and manage with a push of a button or single command.
- Google, AWS, and Azure – Mesosphere partnered with Google, worked with AWS, and made it available in Azure to make sure anyone can easily deploy Kubernetes and its cloud native ecosystem in hybrid and edge computing environments.
- Enhanced Security – Possible security holes opened up from inexperienced Kubernetes administrators, like the unsecured administrative console recently used as vector for malware, are locked down by default on a secured DC/OS cluster.
- Evergreen – With this release, we are tracking to the newest release of Kubernetes, and the releases will remain evergreen by adding future Kubernetes releases to the DC/OS Service Catalog soon after they become generally available.
Unify the Cloud Native Landscape With Kubernetes
Kubernetes requires other components that users often ask for by name. The Cloud Native Computing Foundation, which governs the Kubernetes project, has adopted some of these open source technologies like Prometheus for monitoring or Linkerd for service management, and has published a helpful guide to the Cloud Native Landscape.
DC/OS includes over 100 solutions delivered as-a-Service in its service catalog, including the full array that are needed for Kubernetes solutions.
You can browse all the service options in the easy to navigate DC/OS Service Catalog.
Kubernetes-as-a-Service Delivery, Anywhere
With DC/OS, installation and ongoing management of the Kubernetes clusters is automated. Kubernetes with DC/OS has following features to allow operations to easily manage the cluster:
Provisioning: $ dcos package install kubernetes
By default, there are three Kubernetes etcd nodes, three master nodes, three private nodes, and one public worker node. The private nodes (e.g. behind the firewall) are where pods are deployed by default. The public node (e.g. in DMZ) needs to be exposed explicitly by the user.
Upgrading: $ dcos kubernetes update –options=new_options.json
The Kubernetes versions available on DC/OS will track very closely to the releases of Kubernetes. This allows customers to use the latest features of the release, which are often required for “next steps,” and ensure interoperability with public clouds that update to the newest version a few weeks after a Kubernetes release. Updating is a single command once you have the new packages and an updated JSON file.
Scaling: $ dcos kubernetes update –options=options.json
Scaling the Kubernetes nodes up and down in DC/OS simply requires changing the number of nodes in the JSON file and running a single command.
Uninstalling: $ dcos package uninstall –app-id=kubernetes-dev kubernetes
Despite everyone loving their Kubernetes cluster, it is sometimes best to let go and start anew. Killing a Kubernetes cluster in DC/OS is a single command.
Zero Touch Self-Healing and Easy Disaster Recovery
When Kubernetes master or worker node components are no longer working, DC/OS can respawn the resource. DC/OS uses Mesos application-aware scheduling to not only provision but to maintain the desired state of the cluster operator and self-heal when something goes wrong.
If there is a catastrophic failure for all infrastructure, then DC/OS has adopted the Ark tool to provide a simple disaster recovery procedure that allows backing up and restoring the cluster. The commands are natively supported in the DC/OS command line and the Kubernetes cluster can be backed up in cloud provider storage or in one of the data services in DC/OS.
To fully restore a cluster, the command is simply $ dcos kubernetes restore.
Robust Cluster and Network Security
Kubernetes inherits many of the security features of DC/OS. Full Transport Layer Security (TLS) is enabled by default.
Kubernetes will inherit the DC/OS network overlay by default. The container network interface (CNI) is also available. For example, if you want a zero trust, policy driven, network then you can plug in Project Calico. The container networking interface provides a number of options for pure Kubernetes including: Project Calico, Amazon EC2 elastic network interface (ENI), VMware’s NSX, and others.
Getting Started with DC/OS 1.11 and Kubernetes: Batteries Included
Whether you’re an existing Mesosphere customer or a new user who wants to try open source DC/OS, it is easy to get started with Kubernetes on DC/OS today.
Push-Button Kubernetes for Existing Customers
For over 125 Mesosphere customers, after adopting DC/OS 1.11, it is easy to spin up a highly available Kubernetes cluster for production workloads with a single push of a button or single command line. For more information see official documentation.
Quickstart for New Open Source DC/OS Users
For those that are new to DC/OS, there is now a Quickstart to get you up and running quickly. There are Terraform templates for AWS, Microsoft Azure and Google Cloud to help you provision cloud instances, DC/OS, and a Kubernetes cluster with a few commands.