Over a million developers have joined DZone.

Kubernetes 1.10 Released

DZone's Guide to

Kubernetes 1.10 Released

The next iteration of Kubernetes is here! Check out some of the newest features in alpha and beta, and the biggest feature they are showing.

· Cloud Zone ·
Free Resource

Learn how to migrate and modernize stateless applications and run them in a Kubernetes cluster.

Kubernetes 1.10 was recently released, adding handfuls of new features to the orchestration platform. You can read the changelog on GitHub.

Kubernetes 1.10 and TLS Bootstrapping

One big thing in 1.10 is the promotion of TLS bootstrapping to stable, which is taking the spotlight for this release. In short, this update allows a kubelet to join a TLS-secured cluster automatically. Previously, the cluster admin would be responsible for assigning TLS assets to the kubelet, or the kubelet needed to self-sign a certificate.

With the new TLS bootstrapping functionality, a kubelet will instead generate a private key and then submit a certificate signing request (CSR) for the certificate to be signed at the cluster level. In the past, TLS support has been a big differentiator between Kubernetes and Docker's native cluster management, and this change brings both tools on par with one another.

Kubernetes 1.10: Notable Changes

Aside from TLS bootstrapping, the 1.10 release has a bunch of new features in alpha, and a handful of features moving from alpha to beta. There's a great comprehensive list on the Kubernetes blog. Here are a couple notable changes:

  • Better Windows support: Windows Container Configuration is in CRI (Container Runtime Interface), and 1.10 also includes experimental support of Hyper-V containers
  • Pod Security Policy: This policy (PSP) defines the security features that pods and containers can use, and gives administrators more control over pod security.
  • Out-of-tree CSI Volume Plugins: CSI, the Container Storage Interface, is a standard for providing storage to Kubernetes. This change makes it possible for volume plugins to be developed out-of-tree (outside the main Kubernetes repo), which makes it easier for third-party storage tools to develop plugins for Kubernetes as they are no longer bound to the main repo and release schedule.

My favorite upcoming alpha feature is debug containers, which was slated for 1.10 but is targeting 1.11 for alpha right now. However, it's pretty cool, so I'll still include it in this list so we can all keep an eye on it! Troubleshooting running containers can get a bit tricky, and now it's possible to run debugging utilities on any container, even if the original image didn't include debugging tools.

New to Kubernetes or container orchestration? If you're a Docker for Mac or Docker for Windows user, you can run a Kubernetes cluster locally with each of those tools. I'm also a big fan of the application quickstart guide on Google Cloud.

Will you be at KubeCon/CloudNativeCon in Copenhagen in May? I'll be speaking on distributed consensus in Kubernetes, etcd, and Docker. Come say hi!

Join us in exploring application and infrastructure changes required for running scalable, observable, and portable apps on Kubernetes.

cloud ,kubernetes ,announcement ,kubernetes 10 ,tls bootstrap

Published at DZone with permission of

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}