New Evergreen Release of Kubernetes 1.9.4 on DC/OS
For more than five years, DC/OS has enabled some of the largest, most sophisticated enterprises in the world to achieve unparalleled levels of efficiency, reliability, and scalability from their IT infrastructure. But now it is time to pass the torch to a new generation of technology: the D2iQ Kubernetes Platform (DKP). Why? Kubernetes has now achieved a level of capability that only DC/OS could formerly provide and is now evolving and improving far faster (as is true of its supporting ecosystem). That’s why we have chosen to sunset DC/OS, with an end-of-life date of October 31, 2021. With DKP, our customers get the same benefits provided by DC/OS and more, as well as access to the most impressive pace of innovation the technology world has ever seen. This was not an easy decision to make, but we are dedicated to enabling our customers to accelerate their digital transformations, so they can increase the velocity and responsiveness of their organizations to an ever-more challenging future. And the best way to do that right now is with DKP.
The DC/OS package for Kubernetes 1.9.4, which fixed a critical security vulnerability found in Kubernetes itself, is now generally available.
As stated in the Github issue, the vulnerability affects most versions of Kubernetes after 1.3. DC/OS announced the general availability of open source Kubernetes version 1.9.3 on DC/OS 1.11 last week. The Kubernetes team at Mesosphere had the new package and documentation ready for customers the day of its release. This release also fixed an issue with the DC/OS SDK that affected the Kubernetes service.
The Kubernetes security vulnerability compromised clusters that allowed untrusted users access to the pod specification and would be more likely to affect shared clusters more than clusters that are used by a single team within an organization.
This security vulnerability was quickly patched by the active and large Kubernetes community and highlights another important reason for having a constant awareness of newly discovered security vulnerabilities, a painless upgrade path, and the option to have the newest version soon after a Kubernetes release.
DC/OS 1.11 includes enhanced security for Kubernetes that enforces secure configuration settings for authentication, authorization and secure networking. DC/OS 1.11 can be configured to secure application and data services traffic using SSL/TLS.
The documentation on Kubernetes 1.9.4 on DC/OS 1.11 is available on Mesosphere's site. The Mesosphere team will release Kubernetes 1.9.5 as it becomes available in the coming week to addresses other issues found in Kubernetes.
Getting Started with DC/OS 1.11 and Kubernetes 1.9.4, Batteries Included
Push-Button Kubernetes for Existing Customers
Once existing customers have updated to DC/OS 1.11, they should use the Kubernetes 1.9.4 package. For more information see official documentation.
Quickstart for New Open Source DC/OS Users
For those that are new to DC/OS, there is now a Quickstart (including Terraform templates for AWS, Microsoft Azure, and Google Cloud) to get you up and running quickly.