.svg){kind=logo}
This past weekend we updated our Palette SaaS platform to version 4.5. As always, you can find the release notes here, but in this blog we’ll put some color on the highlights.
Confession time
Before we go setting off the fireworks for another ‘big bang’ release, we have a confession to make.
Back in the summer we switched to a much faster four week release cycle, as part of our ongoing commitment to getting innovation into your hands as quickly and predictably as possible.
So, since our last 4.4 blog and release in June, we’ve actually made four releases, with more than 100 incremental changes, improvements and fixes across our enterprise, edge and VerteX product editions.
We’re proud to say that this faster release cycle has been non-disruptive to customers and, most importantly, the running of their clusters. (Although if at any time you encounter any issues you can always contact our helpful support team).
The upshot? Consider this blog a highlights reel of some features that have already been battle-tested.
Enterprise focus, enterprise maturity
In case you missed it, Palette turned five this summer. It’s a mature platform trusted by some of the biggest enterprises and government agencies to run production workloads at scale.
We take that burden of responsibility very seriously, and our engineering teams put in the work to reward that trust.
Many of the changes you’ll see now in our release notes are focused on continuous quality improvements, refinements, and extending our support for new integrations and new versions of software in the stack. These changes may not appear as cool as a net-new capability (and believe me, we’ve got plenty of those in the pipe too), but in the real world they’re just as important.
What’s also important to maintaining trust is transparency. That’s why our release notes are so detailed, and why we publish all our security bulletins and lists of known issues. If you’re on dedicated SaaS or self-hosted Palette including air gap you are free to upgrade to new versions at your own pace, and of course our docs site supports versioning so you can find the documentation to match whatever release you’re using.
Three key highlights to share
With all that out of the way, on to the features.
More control at massive scale
When we architected Palette we placed a bet on organizations like yours adopting Kubernetes “at scale”. The Palette agent in each cluster handles the heavy lifting of policy enforcement and state reconciliation, so the central management plane doesn’t become a bottleneck.
We already have customers running hundreds of clusters in data centers and clouds, and thousands of clusters at the edge, so we figured it was time to see what this baby can do.
We’ve now tested the Palette management plane scaling to over 10,000 clusters, with no impact on the stability or performance of the platform of any kind, from the user interface to execution of critical operations. Demoing this in front of customers has been fun: nobody has seen anything like it. A real ‘jaw on the floor’ moment.
Of course, when you have 10,000 (mostly edge) clusters, you need logical and intuitive ways to ‘slice and dice’ that population as you perform management activities upon them.
Maybe you’re a manufacturer and you want to troubleshoot or reconfigure the 100 devices deployed in a single factory. Maybe you want to upgrade devices deployed with a particular customer, or that have a particular model of CPU.
To that end we’ve beefed up the way we list and organize your edge hosts. Now it’s super easy to define and apply custom tags — for example by city, site or building level — enabling you to quickly search, filter and sort your resources by the attributes you care about in our customizable UI. All the neat little features like autocomplete are there, making this a fast and powerful way to get to where you need to go.
Local UI goes from strength to strength
We introduced Local UI as a safe, intuitive way for non-expert field engineers to deploy and interact directly with edge Kubernetes clusters that can’t be connected to a central management plane.
Several of our customers are already using Local UI in earnest, and they’re seeing results. So as of Palette 4.5, we’ve invested in building out what this feature can do:
Multi-node: multi-node clusters are critical to HA deployments. Now you can use Local UI to link edge hosts at a site together to create control plane and worker plane pools.
“Connected mode”: yep, Local UI was built for use in places where edge clusters are permanently disconnected from central management, but we hear you: it would be valuable to have the flexibility to perform some operations locally when needed, even for connected clusters. So as of this release, you can enable essential controls like rebooting, shutting down, and resetting hosts, troubleshooting and network configuration via Local UI for connected clusters.
Quality of life for field engineers: often field engineers are working in sub-optimal conditions, or visiting when there’s an urgent problem to fix. We’ve fast-tracked a load of enhancements to help them be more productive and reduce their workload. Things like automatic K8s certificate renewal, automated local audit logging, UX improvements in our TUI, and a unified way to download crash dumps and other files from local hosts during troubleshooting.
Stronger security at Day 1: With LocalUI, the central platform engineering team builds the cluster configuration and content bundle, then loads the image on a flash drive for the field engineer to use. Now, Palette lets the platform engineer sign their images, preventing the risk of tampering while the files are out in the field.
Agent mode for infrastructure build flexibility
Until now, Palette has had two ways of deploying a Kubernetes cluster.
The first is via Cluster API and its providers, interfacing directly with resources like EC2 or vSphere. Through Palette’s Cluster Profiles you can pick and deploy an OS, Kubernetes distro, CNI, CSI and everything else.
The second is an Appliance mode. We use the foundations of the CNCF Kairos project, a factory that enables customers like you to build and deploy immutable, full-stack system images that include a Linux OS, Kubernetes and add-on software integrations. This approach is unified, and highly secure, ideal for the edge, but also increasingly valued in the data center.
But not all organizations can work with these options. Some businesses don’t allow external tools like Palette to directly access infrastructure-level (cloud, bare metal or VMware) APIs. Others have an existing mandated build process and tooling for operating systems, with security-audited golden images. Kubernetes and everything else needs to be added later, over the top.
For organizations like this, we now offer a new deployment model, called Agent Mode.
With Agent Mode, your existing infosec-approved build processes take care of standing up the machines and providing the OS, and retain responsibility for the full OS lifecycle, such as patching.
With the OS up and running, you use an installer script to install our Agent — either by injecting it into your ISO images yourself, or using cloud-init. With our Agent installed, you now have a Kubernetes-ready host and can build and manage clusters through Palette as normal, sat over the top of your OS and infrastructure.
The key here — and this is a theme for us — is flexibility to fit your infrastructure, security policies and operating model.
Next steps
With 4.5 out in the wild, we’re now hard at work on the next of our incremental releases, and some bigger announcements we’ve got on the slate for the end of 2024. Subscribe to make sure you’re in the know.
If you’re not yet a customer but any of the features we’ve discussed above have piqued your interest, book a demo here to get access to the Palette platform.
If you’re a customer and you have questions about any of the changes in this release, get in touch with your customer success manager or ping us on our community Slack.
