We're pleased to announce the general availability of Kontena Pharos 2.0. It's a major step in the evolution of Kontena Pharos - the simple, solid and certified Kubernetes distribution that just works - and brings many new features and improvements that make it easier to deploy, operate and maintain on business critical environments. At the same time, we are also introducing our commercial offering that is based on the Kontena Pharos open source version but adds features like backup, storage management and web-based management UI with built-in user management.

Introduction to Kontena Pharos

Today, solutions that are used to run container workloads are getting more mature. Kubernetes - backed up by Cloud Native Computing Foundation (CNCF) with over 300 members including the world's largest public cloud and enterprise software companies as well as dozens of innovative startups - has become the golden standard for container orchestration. Kontena Pharos is a distribution of Kubernetes (just like Ubuntu is a distribution of Linux) with all you need to run container workloads on any public or private cloud, bare metal or hybrid, and works for everybody, easy.

Most of the Kubernetes users have realised they are not getting any competitive advantage by creating and maintaining their own DIY Kubernetes distributions. Instead, they want to focus on stuff that runs on top of it, their own software. For this purpose, they need certified, robust and well maintained Kubernetes distribution that works for their use case. Some users are settled with managed Kubernetes offerings from major cloud providers while others keep looking for something that works better for their use case. Kontena Pharos is designed for those who are looking for pure Kubernetes experience without restrictions and shortcomings of managed Kubernetes offerings. It's trusted by hundreds of organisations, all around the world.

"We are providing next generation hosting infrastructure that is built on Kubernetes. It provides massive scalability across multiple data centers and cloud providers. The service is built on Kontena Pharos that is probably the most solid and reliable K8S distro out there." - Lauri Kasti, Planeetta Internet

New Licensing Model & Editions

One of the main goals for Kontena Pharos 2.0 release was to find a licensing model that would work for us going forward. As the industry is getting more mature, so is our licensing model. After careful planning and research, we decided to go ahead with open core licensing model where the core is licensed under Apache 2 license and our commercial version that derives directly from the core is licensed under Kontena License. TL;DR You can install and use the commercial version of the software free of charge for evaluation purposes. Any use beyond evaluation will require a subscription license from Kontena.

  • Kontena Pharos OSS is the core of our offering and is available under Apache 2 license. It has more or less all the same features as previous versions of Kontena Pharos plus some improvements we have made available as part of this 2.0 release.
  • Kontena Pharos PRO and Kontena Pharos EE versions are extending Kontena Pharos OSS version with number of useful features targeted primarily for businesses running business critical applications. These versions are available under Kontena License.

kontena-pharos-editions

While Kontena Pharos PRO and EE are licensed under Kontena License, the source code that goes into making these versions is more or less open. You'll find the source code for these features (to suggest improvements, bug fixes etc) from our GitHub repositories.

New Feature: Kontena Lens - The Management UI for Kubernetes

You can use Kontena Lens to monitor and troubleshoot your containerized applications and the cluster itself in real time.

lens-dashboard-1

You can use dashboard to get an overview of applications running on your cluster, see events and logs as well as for creating individual Kubernetes resources (such as Deployments, Jobs, DaemonSets, etc).

Dashboard also provides information on the state of Kubernetes resources in your cluster, and on any errors that may have occurred.

Built-in User Management

Kontena Lens provides built-in user management. You can create new users and groups and give them access to the Kubernetes cluster by defining proper RBAC rules. Users can sign in to Kontena Lens and see only those resources they are allowed. They can also download Kubeconfig file and start operating with the cluster from local machines.

Embedded Terminal

Kontena Lens comes with embedded terminal giving you access to your cluster from everywhere. Kubectl and Helm CLIs are integrated to the terminal making it super easy install new applications and modify resources and, basically, do anything that is possible with kubectl and Helm.

Kontena Lens Embedded Terminal

New Feature: Kontena Storage

Kontena Storage is a unified, distributed storage system designed for excellent performance, reliability and scalability. Kontena Storage is built on top of Rook and it uses Ceph as underlying storage system.

Features:

  • Block storage - ReadWriteOnce persistent volumes
  • Shared filesystem - ReadWriteMany persistent volumes
  • Dashboard - overview of the status of your storage cluster

New Feature: Kontena Backup - Built-in Backup & Restore for Kubernetes Clusters

Kontena Backup provides unified and simple tools to backup cluster resources and persistent volumes. The add-on is build on top of Ark. Kontena backup addon features backing up and restoring cluster resources, including volumes, and also managing backup schedules. You can easily create backups of the entire cluster resources or for individual namespaces. Kontena Backup addon requires S3 compatible storage to operate which you can configure easily through the cluster.yml.

Here’s a brief demo how to work with backups:

asciicast

New Feature: Kontena Magneto - iPXE Bootable Worker Nodes

Kontena Pharos EE includes new iPXE infrastructure automation called Kontena Magneto. Magneto provides API's for managing different ipxe/ignition node profiles and it makes bootstrapping bare-metal boxes joy in any environment.

New Feature: Pod Security Policies

Pod security policies are now enabled by default. Kontena Pharos ships with two built-in policies:

  • 00-pharos-privileged - no restrictions (default), always used for kubernetes/pharos system level pods
  • 99-pharos-restricted - no host namespace and root rights

Privileged policy is the default just to make sure that existing deployments will run smoothly. Restricted policy can be set as default easily via cluster.yml.

New Feature: Helm - The "Package Manager" for Kubernetes

Deploying Helm securely to a RBAC enabled cluster has been quite tricky to do in the past (at least for new users). With our new Helm add-on things are much more straightforward, you can just enable the addon and Tiller (Helm on-cluster backend) is deployed to the kube-system namespace and is only accessible if user has proper rights to it. Happy Helming!

New Feature: Bastion Hosts

It's now possible to define a bastion host that is used as a "jump host" for ssh connections. This should make installation easier to environments where direct SSH access is not allowed.

New Feature: Debian 9 Now Supported as Host OS

Kontena Pharos 2.0 supports Debian 9 (Stretch) as host operating system. Debian 9 support features:

  • Docker / cri-o container runtimes
  • AMD64 / ARM64 architectures

We have also added support for the latest Redhat Enterprise Linux, 7.6.

New Feature: ssh subcommand

We have introduced a new subcommand, pharos ssh, that can be used to launch a ssh session that connects to specified hosts in the cluster configuration.

Updated: Cert-manager 0.5.0

Cert-manager addon has been updated to version from 0.2.5 to 0.5.0.

New features include:

  • ACMEv2 and wildcard certificates
  • Hashicorp Vault issuer
  • Self-signed issuers

Updated: Air-gapped Setups

To make installations to air-gapped environments even more easier we serve all core and add-on images from our own image registry. Image registry address can be changed via cluster.yml.

Updated: Cluster Updates

Kontena Pharos Pro/EE versions can detect when container runtime (or similar) update is unsafe and do a rolling update (with drain/uncordon) to the cluster.

Changelog

Full changelog can be seen here.

About Kontena

Kontena Inc. is specialized in creating the most developer friendly solutions for running containers. Kontena's products are built on open source technology developed and maintained by Kontena. Kontena was founded in 2015 and has offices in Helsinki, Finland and New York, USA. More information: www.kontena.io.