2.11 Release Notes

Version Compatibility Matrix

Component Versions
Nirmata Managed Kubernetes
1.17 1.16 1.15 1.14
GKE
1.16 1.15 1.14
EKS
1.16 1.15 1.14
AKS
1.18 1.17 1.16 1.15
Kyverno
1.1.3

Migrating Nirmata 2.9 to 2.11

IMPORTANT The migration from Nirmata Private Edition 2.9 to 2.11 requires a down time due significant time taken to migrate the data to the new database schema. The two services involved are cluster and environments:

  1. Backup the database.
  2. Run nadm generate.
  3. Copy cluster, config and environments yaml files to current directory.
  4. Change replicas on cluster, config and environments yaml files in current directory to 1.
  5. Remove cluster readiness probe to make sure it won’t timeout during cluster service upgrade.
  6. Apply config yaml in current directory and wait for it to update.
  7. Apply cluster yaml in current directory and wait for it to update.
  8. Log into UI and wait for all clusters to be seen.
  9. Apply cluster yaml in current directory and wait for it to update.
  10. Monitor the environments service logs. The following message indicates the upgrade is complete.
    • INFO c.n.e.EnvironmentsDataMigration - Data Migration Completed
    • INFO com.nirmata.bootstrap.DefaultService - All service modules ready!
  11. Apply services directory normally.

What’s New in Nirmata 2.11

  • Support ServiceNow as a notification type.
  • Ability to use custom cloud formation template for EKS cluster creation.
  • Support an exclude list for environments auto-sync and add system environments.
  • Support custom AMI in EKS cluster creation menu.
  • Enable/Disable alarms for workload policies.
  • Support global account for Git credentials to be used across environments.
  • gitops integration – option to use a global git username/password.
  • Jira Integration - An option to use a global username/password/jira url , and only modify the project settings.
  • Display namespace capacity.
  • Generate Kyverno policy to customize Vault settings for a cluster.
  • Support service linked roles for EKS clusters on AWS.
  • Provide ability to pick image from different registries for applications.
  • Application Catalog - Bulk delete apps.
  • Allow apiVersion for all resources to be changed by user.
  • Make Calico or kube-router the default network plug-in (to support network policies).
  • Display number of active users in the admnin view.
  • Add Vault Agent Injector as a catalog add-on.
  • Add user settings when creating EKS worker nodes.
  • Support service linked roles for EKS clusters on AWS.
  • Support OIDC.
  • Ability to create service without a pod target in the catalog app.

Enhancements

  • Add node affinity for pods and persistent volumes.
  • Search in Helm version drop down list.
  • Previous and next button is not displaying while looking policy violation details.
  • YAML editor (ace editor) should be used for helm chart values file.
  • Alarms for Velero backup.
  • Allow an empty application to be deployed.
  • Signup page changes for AWS marketplace.
  • kubeconfig downloads should be named by cluster and not be zipped.
  • Kyverno support for k8s 1.12.3.
  • Add manual sync option for Git.
  • PodStatistics should show actual cpu and memory usage.
  • Add Integrations panel for all integrations.
  • Support AWS access key and secret for AWS cloud credentials.
  • Add cluster mode, cloud provider and node count information to the nctl cluster get output.
  • Add tab for Alarms at the cluster overview tab same like alarms tab in environment.
  • kube-router run in overlay mode.
  • Optimize event processing.
  • System environments need to be filtered by default.
  • Add search application option inside catalog.
  • Outside etcd cluster support.
  • Support multiple security groups when creating EKS clusters.
  • Volume Mount UI should support SubPath parameter (supported from Kubernetes v1.15).

Fixes

  • Unable to select a helm chart by chart version.
  • Nirmata limits changed.
  • Pod failure reason not visible in UI.
  • Display number of users.
  • Nirmata not displayng init container logs.
  • Environment change management for secrets and config maps.
  • Container status and specification show different image version.
  • Inventory reports show cores when it should be milicores.
  • Secrets displayed in default app as well as creating app.
  • Error if you install 2nd app with same pull secret.
  • Deleting one app with a pull secret removes the pull secret used by other app.
  • Deleting a property from a service fails.
  • gcp host-group delete does not work and gets stuck forever.
  • Jira integration not working at NIBR.
  • Cluster Service throw error - failing to create/update the node.