We’re thrilled to announce the release of Kubermatic Kubernetes Platform (KKP) 2.29! This release focuses on empowering AI/ML workloads, expanding OpenStack capabilities, strengthening security, and updating lifecycle and platform support. Let’s explore what’s new:
Powering the next wave of AI applications
With the rise of AI, providing robust support for GPU-accelerated workloads is a top priority. KKP 2.29 introduces several features to streamline the management and operation of AI/ML applications.
- Dynamic Resource Allocation (DRA) Enabled: The necessary feature gates for Dynamic Resource Allocation (DRA) have been enabled across required components, paving the way for more sophisticated third-party resource management.
- Kueue for Batch Processing: The Kueue job scheduler has been added to the default application catalog, providing powerful job queueing and resource management capabilities for batch and AI/ML workloads.
- Enhanced GPU Visibility: The dashboard now parses and displays NVIDIA GPU Operator-related labels on nodes, giving you immediate insight into your GPU resources. We also now expose driver versions in the NVIDIA GPU operator and have enabled default GPU metrics collection.
Upgrading the Application Catalog
We are initiating a strategic revamp of the Application Catalog to enhance its maintainability, scalability, and independence from the main KKP release schedule. The new architecture will feature a dedicated controller that pulls application manifests from an OCI registry. This change will allow for more frequent application updates, detached from the platform release cycle, and will also empower users to define their own custom OCI registries - a critical feature for air-gapped or restricted environments.
Evolving cloud provider management
This release brings several improvements for cloud providers, with a special focus on OpenStack, while also formally deprecating the Equinix Metal provider.
OpenStack gets a boost
- Configurable LoadBalancer Classes: You can now set LoadBalancer Classes directly on the cluster spec for OpenStack environments, with a corresponding endpoint added to the dashboard.
- Custom Subnet CIDRs: KKP 2.29 provides the flexibility to set custom IPv4 and IPv6 CIDRs for OpenStack subnets.
- Skip Router Reconciliation: A new option allows you to skip router reconciliation for OpenStack clusters, providing more control over your networking topology.
- Config Drive Support: You can now enable config drive for OpenStack, improving metadata handling for instances.
Deprecations
Support for the Equinix Metal provider has been officially removed from KKP.
Hardened security and simplified administration
KKP 2.29 introduces several new features to improve security and control for administrators:
- Editable Encryption at Rest: You can now enable or disable the “Encryption at Rest” feature on a running user cluster from the dashboard. KKP will also now clean up encryption secrets when a cluster is deleted or the feature is disabled.
- Restrict Project Modification: A new setting has been added to restrict project modifications to project administrators, preventing non-admin members from making changes.
- Extended Authorization Webhooks: The configuration for authorization webhooks in user clusters has been extended, including support for egress network policies.
- Safe Preset Deletion: The admin interface now provides linkage information for presets, helping prevent the accidental deletion of presets that are currently in use.
Updated lifecycle and platform support
- Kubernetes 1.34 Support: Stay up-to-date with the latest from the community with added support for Kubernetes version 1.34.
- Expanded OS Support: We have officially added support for Rocky Linux 9 and RHEL 9 as user cluster operating systems.
- Cilium Upgrade: Cilium has been upgraded to versions 1.17.7 and 1.18.1.
- Gateway API Installation with KubeLB: When using KubeLB, KKP now automatically installs the Kubernetes Gateway APIs.
- Cluster-Level Registry Mirrors: You can now configure container registry mirrors at the cluster level, providing more flexibility for air-gapped or restricted environments.
A better dashboard experience
- Simplified Cluster Autoscaler Configuration: The configuration for the Cluster Autoscaler has been conveniently moved into the “Initial Nodes” step in the cluster creation wizard.
- A More Powerful Web Terminal: The web terminal image is now equipped with k9s, krew, and oidc-login, giving you more tools right out of the box.
- Native kubectl OIDC Login Support: KKP now supports the kubelogin kubectl plugin, simplifying authentication workflows.
- Enhanced Node Visibility: The dashboard will now display labels for each node in the node list, offering more at-a-glance information.
Have a good time trying out the new features!
We hope you find these new features and improvements valuable for your projects!
Thank you for being a part of the Kubermatic community, and we look forward to your feedback on KKP 2.29. If you find our contributions valuable, we kindly encourage you to leave a star on our GitHub repository. As always, please don’t hesitate to reach out with any questions or suggestions via Contact Us form.
