Updated on: April 21, 2022

Hello and welcome to the Tanzu Mission Control What’s New page. Here you find posts about new features, patches, and bug fixes for the platform.

VMware Tanzu Mission Control is a comprehensive API-driven cluster management platform, provided through VMware Cloud services, that allows you to monitor and manage all of your Kubernetes clusters from a single point of control, regardless of where they are hosted.

To learn more about Tanzu Mission Control, visit our website or contact your VMware account executive and ask for a free trial. In the meantime, check out the demo video here

 

What's New April 21, 2022

New Features and Improvements

  • Updated access policy UI in the Tanzu Mission Control console

    Access policies have been moved to a new top-level page in the Tanzu Mission Control console from the previous location on the Access tab of the Policy > Assignments page. To view, create, and edit access policies, click Access in the left navigation pane of the Tanzu Mission Control console. For more information, see Managing Access to Your Resources in Using VMware Tanzu Mission Control.

  • Improvement to policy workflow in the Tanzu Mission Control console

    Assigning a policy using the Tanzu Mission Control console has been simplified to show only applicable organizational view (Clusters or Workspaces) when applying a policy. For example, the image registry policy now shows only the Workspaces view.

 

What's New April 6, 2022

New Features and Improvements

 

What's New March 29, 2022

New Features and Improvements

  • Updated Velero to version 1.8.1
    The version of Velero used by the data protection features of Tanzu Mission Control is updated to 1.8.1. With this update, Tanzu Mission Control configures Velero with restic integration to include all volumes in the backup. To exclude volumes from being backed up using restic, you must annotate the pods that contain those volumes. For more information about using the opt-out approach with restic, see the documentation for Velero.
    Prior to this update, Tanzu Mission Control created backups using restic with opt-in approach by default. This update makes no changes to existing backups. Backups that were scheduled prior to this update continue to function how they were defined.

 

What's New February 25, 2022

New Features and Improvements

  • Improved UI for label selectors in data protection
    When creating or restoring a backup using the Tanzu Mission Control console, you can identify groups of resources using Kubernetes label selectors. The new user interface allows you to specify the key and values for the selector, and choose an operator from a dropdown list.

 

What's New February 17, 2022

New Features and Improvements

  • Added support for Tanzu Kubernetes Grid 1.5.x
    Tanzu Mission Control now supports full lifecycle management of Tanzu Kubernetes Grid versions 1.5.0 and 1.5.1, as well as version 1.4.2.

 

What's New February 14, 2022

New Features and Improvements

  • Configure volumes for workload clusters in Tanzu Kubernetes Grid Service
    Tanzu Mission Control now allows you to add volumes to your workload clusters running in Tanzu Kubernetes Grid Service. When you provision a cluster, you can add one or more volumes both for the control plane and for worker node pools. You can also add volumes when configuring node pools for an existing cluster. For more information, see Provision a Cluster in vSphere with Tanzu in Using VMware Tanzu Mission Control.

  • Configure the collector for Tanzu Observability
    You can now modify the configuration for the Tanzu Observability integration installed on a cluster using Tanzu Mission Control. You can modify the collector agent (which collects metrics from your cluster and then sends the data to your Tanzu Observability account) to adjust the metrics and frequency of collection, adding or restricting metrics to fit your specific requirements. You can also reset the collector agent configuration back to the TMC default set after modifying it. For more information, see Edit the Configuration of Your Tanzu Observability Collector in Using VMware Tanzu Mission Control.

 

What's New February 8, 2022

New Features and Improvements

  • Added support for creating and managing cluster secrets
    Tanzu Mission Control now allows you to create and manage cluster secrets. You can create an image pull secret in a single namespace and optionally make it available for use by all namespaces in the cluster, providing a single place to manage all registry secrets for that cluster. Namespaces in a managed cluster can use a secret to authenticate to private registries, including registries that store Tanzu Application Platform components. For more information, see Managing Cluster Secrets.

 

What's New February 7, 2022

New Features and Improvements

 

What's New February 1, 2022

New Features and Improvements

  • Added Terraform provider support for Tanzu Mission Control  
    Tanzu Mission Control Terraform Provider brings support for lifecycle management of Tanzu Kubernetes Grid clusters, as well as the ability to attach conformant Kubernetes clusters, including public cloud provider clusters. You can now define and declare resources in code files and automate their DevOps pipelines through Terraform. For more information, visit the Tanzu Mission Control Provider documentation at terraform.io and the repository in GitHub.

 

What's New January 28, 2022

New Features and Improvements

  • Added proxy configuration support for Tanzu Kubernetes Grid Service clusters

    Tanzu Mission Control now lets you register and manage Tanzu Kubernetes Grid Service clusters running in vSphere with Tanzu environments that reside on private networks and behind firewalls. You can create a proxy configuration object for a Tanzu Kubernetes Grid Service cluster running in vSphere with Tanzu (vSphere 7.0.3a or newer), that you can use for the following tasks:

    • registering a Supervisor Cluster
    • adding workload clusters into TMC management
    • provisioning new workload clusters

    Note: Tanzu Mission Control supports only proxies that do not require authentication and proxies that use basic HTTP authentication.

    For more information, see Create a Proxy Configuration Object ..., in Using VMware Tanzu Mission Control.

 

What's New January 18, 2022

New Features and Improvements

  • Added subscription and usage tracking
    Curious how much time is left on your subscription, which tier you purchased, or how much Tanzu Mission Control you're consuming? Now you can keep track of all this and more on the Subscription tab of the Administration page. 
    To report usage, Tanzu Mission Control collects Kubernetes CPU information and approximates 2 Kubernetes CPUs = 1 Physical Core. For CPU-based subscriptions in vSphere environments, you can have up to 32 cores per CPU.
     
  • Added Launchpad to make it easier to get started
    If you're new to Tanzu Mission Control, click on the Launchpad page to get connected to resources that will get you up and running.

 

What's New January 7, 2022

New Features and Improvements

  • Added support for Tanzu Kubernetes Grid 1.4.1
    Tanzu Mission Control now supports full lifecycle management of Tanzu Kubernetes Grid 1.4.1 clusters deployed on vSphere and Azure. This update includes support for multiple node pools, Avi load balancer, non-standard API port, and proxy configuration. 

 

What's New December 1, 2021

New Features and Improvements

  • Added support for installing packages from Catalog

    VMware Tanzu Mission Control now offers a catalog feature that enables you to deploy software consistently and continuously to different types of Kubernetes clusters. The catalog allows you to declaratively deploy software to your managed Kubernetes clusters hosted in AWS, GCP, or Azure, leveraging the power of Carvel.

    The catalog page of the Tanzu Mission Control console shows the collection of packages in the Tanzu Standard repository available for deployment on managed clusters. You can also add your own Carvel package repositories to make those packages available for installation. (Registry authentication is not supported.)

    The Tanzu Mission Control catalog feature supports deployment to the following types of clusters managed by Tanzu Mission Control:

    • EKS (AWS)
    • AKS (Azure)
    • GKE (GCP)
    • Kind
    • Tanzu Kubernetes Grid Service workload clusters 
    • Tanzu Kubernetes Grid workload clusters (version 1.4 and later)

    The TMC catalog does not support deployment to the following types of clusters:

    • Tanzu Kubernetes Grid Service Supervisor Clusters
    • Tanzu Kubernetes Grid management clusters
    • Tanzu Kubernetes Grid workload clusters (version 1.3 and earlier)
    • Tanzu Standard packages are not supported on clusters where PSP is enabled.

    If you have previously installed Carvel's kapp-controller on your cluster, you must remove the installation and all related resources before using the catalog feature.

    For more information, see Managing Packages in Your Cluster.

 

What's New November 16, 2021

New Features and Improvements

  • Updated Velero to version 1.6.3
    The version of Velero used by the data protection features of Tanzu Mission Control is updated to 1.6.3, which provides compatibility with Kubernetes version 1.22. With this update, Tanzu Mission Control configures Velero with restic integration as the default option for Kubernetes volume backup. To include volumes to be backed up using restic, you must annotate the pods that contain the volumes. For more information about opting in with restic, see the documentation for Velero.

 

What's New November 5, 2021

New Features and Improvements

  • Support for kubeconfig access to TKGI clusters
    Tanzu Mission Control now supports kubeconfig access for Tanzu Kubernetes Grid Integrated Edition. Through Tanzu Mission Control, you can download the kubeconfig file for attached TKGI clusters (version 1.10 and above) to access these clusters.

 

What's New November 3, 2021

New Features and Improvements

  • Support for cached resources in Gatekeeper-based custom policies 
    Tanzu Mission Control now supports cached resources in custom policies based on the OPA Gatekeeper project. If a custom policy requires access to the state of other Kubernetes resources, the data inventory can be cached using custom policies in Tanzu Mission Control. For more information, see Create a Policy Template in Using VMware Tanzu Mission Control.

 

What's New October 20, 2021

New Features and Improvements

  • Support for kubeconfig access to public cloud clusters

    Tanzu Mission Control now supports kubeconfig access for the following types of attached clusters:

    • Amazon Elastic Kubernetes Service (EKS)
    • Azure Kubernetes Service (AKS)
    • Google Kubernetes Engine (GKE)

    Users can download the kubeconfig file to access these clusters. Tanzu Mission Control deploys Pinniped (an open source community standard) to support authentication into the cluster. For more information, see Enable Access to Public Cloud Clusters Through Tanzu Mission Control in Using VMware Tanzu Mission Control.

 

What's New October 8, 2021

New Features and Improvements

  • Restore individual namespaces from a full cluster backup
    The data protection features of Tanzu Mission Control now allow you to restore a selected namespace from a cluster backup. You can select individual namespaces to restore. Additionally, you can provide an alternative name when restoring a namespace, allowing you to restore without overwriting an existing namespace.

 

What's New October 5, 2021

New Features and Improvements

 

What's New September 29, 2021

New Features and Improvements

  • Tanzu Observability Integration at the Cluster Group Level
    You can now add a cluster group to observability. Tanzu Mission Control allows you to add all clusters in a cluster group to the integration with Tanzu Observability by Wavefront. With this feature, you select a cluster group and identify the Tanzu Observability credential to use, and then Tanzu Mission Control installs the Tanzu Observability collector extension to all the clusters in the cluster group. The collector extension is also installed on clusters that are subsequently added to the cluster group.  For more information, see Add a Cluster Group to Observability in Using Tanzu Mission Control.

 

What's New September 8, 2021

New Features and Improvements

  • Proxy Configuration
    You can now create a proxy configuration object in Tanzu Mission Control that stores proxy connection information for your clusters. You can use the proxy configuration when performing operations in Tanzu Mission Control that require communication with clusters that run behind a proxy, such as attaching a cluster, registering a TKG management cluster, provisioning a cluster, and more. For more information, see Connecting Through a Proxy in Using Tanzu Mission Control.

 

What's New June 24, 2021

New Features and Improvements

  • (New Feature update):  Tanzu Mission Control now allows platform operators to centrally manage and make available credentials for use by the Tanzu Observability integration. This new feature encourages the best practice use of Tanzu Observability service account credentials rather than personal API tokens when adding the integration to a cluster.
    As a platform operator, you can create new service account credentials in the Tanzu Observability console. Then, using the Tanzu Mission Control Administration page, you can add it as a new Tanzu Observability credential and make it available to users through an account access policy. Cluster administrators can then select an available credential from a list when adding Tanzu Observability to the cluster.
    For more information, see Create a Tanzu Observability Credential Object in Using Tanzu Mission Control.

 

What's New June 9, 2021

New Features and Improvements

  • (New Feature update):  Storage and object limits are now supported in quota policies implemented through the Tanzu Mission Control console. Additionally, the Policy insights page shows alerts when resource requests approach or meet quota policy limits.
  • (New Feature update):  Tanzu Mission Control now allows you to bring your own storage solution for data protection. With customer-provisioned target locations, you can provide the endpoint URL and credentials for an existing AWS S3 or S3-compatible storage location, and share it across cluster groups. After configuring a target location, you can use it when performing cluster backups.

 

What's New May 26, 2021

New Features and Improvements

 

What's New May 6, 2021

Bug Fixes

  • Fixed color of the UI components to match the light color theme.

 

What's New May 5, 2021

Bug Fixes

  • Fixed the display of conformance and Lite inspection test result details.

 

What's New May 4, 2021

Bug Fixes

  • Fixed the count of worker nodes on the cluster detail page when the total worker nodes count is more than 50.
  • Changed the cluster upgrade button as primary action, instead of inside Actions dropdown.

 

What's New April 30, 2021

New Features and Improvements

 

What's New April 21, 2021

New Features and Improvements

  • Improved filter and search interface on the Clusters page of the Tanzu Mission Control console. The user interface elements for searching and filtering are more visually obvious and easier to use.

 

What's New April 14, 2021

New Features and Improvements

  • (New Feature update): Tanzu Mission Control now supports viewing and filtering fleet-wide system activity events through the Events page. These are the same events that are currently available through the Event stream API, which do not include the audit log events available on the Audit Logs page.
  • Added CLI support for storage and object namespace quotas.

 

What's New April 9, 2021

New Features and Improvements

  • Improvements to the delete custom roles workflow. Delete workflow shows links to any existing role bindings while trying to delete a custom role.  

 

What's New April 8, 2021

New Features and Improvements

  • (New Feature update) : Tanzu Mission Control now supports the ability to register Tanzu Kubernetes Grid (1.2 & 1.3) management clusters running in vSphere (6.7 & 7.0), which allows you to manage the lifecycle of their Tanzu Kubernetes workload clusters.

 

What's New March 17, 2021

New Features and Improvements

  • Tanzu Mission Control now supports the ability to create custom roles for access management. You can create roles with a customized set of permissions and use these roles to grant access.

 

What's New March 9, 2021

Bug Fixes 

  • Fixed memory and CPU cores data on cluster overview details page. 

 

What's New March 3, 2021

Bug Fixes 

  • Fixed warning access pop-up issue during cluster creation workflow for TKG clusters. 
  • Fixed redirection issue from policy insights to the policy definition. 
  • Bugfix to let a user select a specific target location during backup creation. 

 

What's New February 25, 2021

New Features and Improvements

  • Added ability to create an image policy with enforcement disabled (dry run mode).  
  • Added support for viewing image policy violations through policy insights. 

Bug Fixes 

  • Updated the management cluster health tooltip. 

 

What's New February 24, 2021

New Features and Improvements 

  • Data protection now supports restoring backups to an alternative namespace. You can restore a namespace from a backup to a different namespace in the cluster. This allows you to restore data without changing or disrupting the source namespace in the cluster.

 

What's New February 23, 2021

New Features and Improvements 

  • Network policies support two new recipes, custom-ingress and custom-egress, that allow you to define rules based on IP addresses, pod and namespace selectors, and ports.

 

What's New February 5, 2021

New Features and Improvements 

  • Policy violations and sync issues are now available through the events API. 

 

What's New February 1, 2021

New Features and Improvements 

  • Added support for space characters in identity group names while creating access policy. 

 

What's New January 25, 2021

New Features and Improvements 

  • Added CLI support for adding integrations to a cluster. Tanzu Mission Control supports integrations with Tanzu Observability by Wavefront and Tanzu Service Mesh.

 

What's New January 22, 2021

Bug Fixes

  • Bug fix for clusters that are seen in a disconnected state intermittently.

 

What's New January 19, 2021

New Features and Improvements 

  • Added support for additional custom policy templates.

 

What's New January 14, 2021

New Features and Improvements 

  • (New Feature update) : Custom Roles are now available through the Tanzu Mission Control CLI. With custom roles, you can create roles with a customized set of permissions and assign these roles to users and groups. 
  • (New Feature update) :  Image policy enhancements based on Open Policy Agent-Gatekeeper project are now available in Tanzu Mission Control. With the release of this feature, the previous implementation of the image registry policy "allow registry" recipe is now deprecated. 
  • Added support for setting security policies and custom policies on OpenShift clusters. 

 

What's New December 16, 2020

Feature Shutdown

  • Disabled support for v1alpha API.

 

What's New December 11, 2020

New Features and Improvements 

  • (New Feature update) : The Tanzu Service Mesh integration is now available on the Tanzu Mission Control platform. When the Tanzu Service Mesh service has been enabled on your organization, your Tanzu Mission Control organization administrator can enable the integration for use on clusters that are managed through Tanzu Mission Control. Then, cluster administrators can add Tanzu Service Mesh to managed clusters and designate which namespaces should belong in the mesh. Tanzu Mission Control takes care of the installation of service mesh components in the cluster, provides health status, and onboards it into Tanzu Service Mesh. For advanced configuration, you can open the Tanzu Service Mesh console directly from the Integrations card of the cluster detail page.

  • Released a custom policy template to mitigate the risk of Kubernetes CVE-2020-8554. Details available here

  • Added support for kubeconfig access to workload clusters on Tanzu Kubernetes Grid.

 

What's New December 2, 2020

New Features and Improvements 

  • (New Feature update) : Enabled support for Tanzu Kubernetes Grid on vSphere 7.  You can now register your Tanzu Kubernetes Grid Service Supervisor Clusters, and then manage the lifecycle of workload clusters. 
  • Added support for kubeconfig access to workload clusters on Tanzu Kubernetes Grid Service on vSphere 7. 

Known Issues

  •  All workload clusters must have unique names, even if they belong to distinct Supervisor Clusters.

 

What's New November 30, 2020

New Features and Improvements

Bug Fixes

  • Bug fix for adding multiple host paths while creating a security policy.

Known Issues

  • The first time a user clicks out to the Wavefront console after enabling the Tanzu Observability by Wavefront integration for a cluster, the user is taken to the default Wavefront Kubernetes dashboard instead of to the Kubernetes dashboard that is specific to the cluster where the integration was just enabled. Going back to the TMC cluster detail view and clicking out to Wavefront again (and all subsequent times) takes the user to the Kubernetes dashboard for that cluster as intended.

 

What's New November 18, 2020

New Features and Improvements

  • UI improvements to show IP addresses that are in use during cluster creation.
  • UI improvements to resize columns in data tables. 

Bug Fixes

  • Bug fixes to allow manual inputs for node pool creation. 
  • Bug fixes for data protection credential creation workflow. 

 

What's New November 3, 2020

New Features and Improvements 

  • Added support for baseline security template in security policies aligned with Kubernetes pod security standards. This template is aimed at ease of adoption for common containerized workloads while preventing known escalations.

 

What's New October 28th, 2020

New Features and Improvements 

  • Added management cluster and provisioner fields in the Clusters page.
  • Restic support added by default when enabling data protection on clusters.

 

What's New October 21, 2020

New Features and Improvements 

  • CLI and API update -- A new version (v1alpha1) is now available, in addition to version v1alpha.
  • Upgraded OPA Gatekeeper extension to 3.1.1 for Kubernetes 1.19 compatibility.

 

What's New October 13, 2020

Bug Fixes and Improvements

  • Added AWS Quick Start Guide link to step two of credential creation workflow.
  • Error messaging improvements for custom policies. 
  • Bug fixes for refreshing cluster overview cards. 
  • Added ability to sort data protection backup columns by name or creation time.

 

What's New October 7, 2020

New Features and Improvements 

  • (New Feature update) : Custom policies  are now available in Tanzu Mission Control. To create a custom policy, you must create a template that declaratively defines rules for your Kubernetes objects. After you create a custom policy using this template and assign it to your cluster fleet, Tanzu Mission Control enforces the policy and provides relevant feedback. Custom policies in Tanzu Mission Control are implemented using the Gatekeeper project from Open Policy Agent (OPA).

 

What's New September 17, 2020

New Features and Improvements

  • (New Feature update) : Security policies are now available. You can take advantage of preconfigured templates to enforce fleet-wide security policies for your Kubernetes infrastructure. Tanzu Mission Control lets you customize these templates based on your security needs along with the ability to include or exclude particular namespaces. You can also optionally set a security policy in the dry-run (audit) mode to evaluate its impact before enforcing.
  • (New Feature update) : The Policy insights page in the Tanzu Mission Control console provides a centralized, holistic view of the current state of policy events in your organization. Administrators can view fleet-wide, policy-related information - including sync issues and violations.

 

What's New September 15, 2020

New Features and Improvements

  • Improvements to the add integration modal for Tanzu Observability by Wavefront.

 

What's New September 3, 2020

New Features and Improvements

  • (New Feature update) : Data protection schedules allow you to configure recurring backups for your clusters. Tanzu Mission Control supports schedule creation using a standard set of templates for common and simple recurring schedules. You can also configure more complex schedules using custom cron expressions to provide you with maximum flexibility.

 

What’s New August 18, 2020

Fixes

  • Bug fixes for creating clusters with node pools in different availability zones.

 

What’s New August 11, 2020

New Features and Improvements 

  • UI improvements for "Add Integration" modal in the cluster overview. 

Fixes

  • CLI bug fixes for the "tmc documentation" command.

 

What’s New August 4, 2020

New Features and Improvements 

  • Three new versions of Kubernetes have been released: 1.16.12, 1.17.8, and 1.18.5.

 

What's New July 30, 2020

New Features and Improvements 

  • (New Feature update) Namespace quota policy: You can now set namespace quota policies for your clusters. CPU and memory quotas are now available along with the ability to set label-based namespace selectors. Namespace selectors allow granular control over including or excluding specified namespaces. This helps you have a single place to define fleet-wide namespace quota policies and define exceptions in a streamlined manner. 
  • (New Feature update) Tanzu Observability by Wavefront integration is now available. Tanzu Observability by Wavefront integration allows you install the Wavefront Kubernetes collector on any cluster with a single click through Tanzu Mission Control console. After the collector is successfully installed, you can click out to the Tanzu Observability platform directly from the Tanzu Mission Control console.

 

What's New July 28, 2020

  • User interface workflow improvements while selecting an AWS account credential during cluster creation. 

 

What's New July 22, 2020

New Features and Improvements 

  • (New Feature update)  You can now move clusters between cluster groups. To move a cluster, navigate to the cluster detail page and then choose Move from the Actions dropdown menu. Note that moving a cluster between groups results in a change to the policies inherited from the cluster group. 
  • Added the ability to manually refresh all applied policies. 
  • While creating an access policy, you can now see type-ahead suggestions for your subjects. 
  • User experience improvements to the upgrade cluster pop-up window. 
  • Support for Kubernetes versions: 1.16.11, 1.17.7, 1.18.4

Fixes

  • CLI bug fixes while restoring a backup. 

 

What's New June 24, 2020

New Features and Improvements 

  • (New Feature Update) Data Protection:  You can now take advantage of data protection on clusters managed through Tanzu Mission Control. You can backup and restore clusters, namespaces, and even groups of resources using Kubernetes label selectors. Tanzu Mission Control passes these commands through its cluster agent technology and Velero project executes the backups passing back status, errors, and full backup details. Instead of operating Velero directly in every cluster, Tanzu Mission Control’s UI, CLI, and API allow you to centrally create backups and restores of all of your clusters regardless of where they are located.

 

What's New June 15, 2020

New Features and Improvements 

  • Improved workflow for a new user downloading a kubeconfig by automatically initializing the correct TMC CLI context. 

Fixes

  • Bug fix to prevent creating a node pool with a partially entered name on the UI.

 

What's New June 2, 2020

New Features and Improvements 

  • (New Feature Update) Audit Log Report: You can now generate a report of audit events for your organization. Navigate to the Logs page in Tanzu Mission Control, specify a date range, and get a compressed file with the audit data. The audit log report provides context for you to understand which team members are performing specific operations. You can also see when these operations were applied to the cluster.

 

What's New May 27, 2020

New Features and Improvements 

  • (New Feature Update)- Inspection progress bar has been added to all types of inspections. When you run an inspection on a cluster, you can now view the number of tests completed against the total number of tests.

 

What's New May 19, 2020

Fixes

  • Bug fix to show detailed results with the "Expand" component on the UI for inspections. 
  • Bug fix to reset nodepool VPC private subnet correctly when the selected VPC changes.

 

What's New May 13, 2020

New Features and Improvements 

  • (New Feature Update) Account credential access policy:  This policy type lets you set access control on your account credentials. For example, you can control which users and groups can view and share the AWS account credential configured in your organization. This allows for streamlined billing and better security in scenarios where users in an organization do not want an account credential to be shared with the entire organization. Account credential access is available under Settings in the console. Two new roles credential.admin and credential.view have been added in this release. 
  • (New Feature Update) Provision clusters in existing AWS Virtual Private Network (VPC) : Tanzu Mission Control now lets you deploy and manage Kubernetes clusters inside an existing VPC within your AWS account. This allows existing applications in a VPC to communicate with Kubernetes applications without the hassle and cost of VPC peering. This capability is available for both development and production cluster types. When you select a region while provisioning a cluster, the existing VPCs in that region are displayed for you to choose from.
  • (New Feature Update) Support for CIS Benchmark Inspection Scans: The Center for Internet Security is a nonprofit entity whose mission is to identify, develop, validate, promote, and sustain best-practice solutions for cyber defense. CIS has developed prescriptive tests for establishing a secure configuration posture for Kubernetes. We now have a CIS Kubernetes inspection scan in Tanzu Mission Control that utilizes the implementation provided by kube-bench. Support for the CIS benchmark inspection scan further enables you to tighten the security of your cluster with industry best practices. 

Fixes

  • Bug fix to filter system namespaces. 
  • Bug fix to show the correct tmc cluster validate command when the cluster is in the disconnected state.
  • Fix to handle browser compatibility for Microsoft Edge browsers.

 

What's New May 1, 2020

New Features and Improvements 

  • (New Feature Update) - You can now view policy synchronization errors from the Tanzu Mission Control console. If your policy is not synchronized to the Kubernetes cluster correctly, you can view the errors by clicking on the Sync Issues tab on the Policies page. Details like the error that occurred, and the policy and resources affected can be accessed through Tanzu Mission Control.

 

What's New April 28, 2020

New Features and Improvements 

  • Added description to cluster groups overview.

Fixes

  • Bug fix for CLI to parse boolean inputs in interactive mode.
  • Bug fix for CLI to edit cluster groups on Windows.

 

What's New April 21, 2020

New Features and Improvements 

  • User should now be able to choose their Availability Zone when they choose a 'development' cluster while provisioning. 
  • Customers can now reattach clusters in the event that the TMC cluster agent is removed from the cluster or if an administrator rebuilds the cluster.  When a cluster is reattached TMC preserves the historical data for the cluster and returns the agent to its prior state.
  • Clusters in an 'unknown' status now show instructions to run the `tmc cluster validate` command to help troubleshoot cluster agent connection problems.
  • Added support for Kubernetes version 1.17.3 for provisioned clusters

Fixes

  • Bug fix for kubectl attach command while attaching clusters. Changed the attach command to include double quotes in the UI. 
  • Included cluster group value for unmanaged namespaces.
  • Bug fix to show the correct CPU and memory usage for namespaces.

 

What's New April 13th, 2020

New Features and Improvements 

  • You can now specify a non-default CIDR for pod and service when creating a provisioned cluster. 

Fixes

  • Bug fix to set the right name while attaching a cluster.
  • Bug fix to add/edit labels for managed namespaces in attached clusters.

 

What's New April 8th, 2020

Fixes

  • Disabled node pools AZ dropdown when provisioning a development cluster.
  • Bug fixes to create managed namespaces successfully when failing with error- "Failed to get cluster options".
  • Fixed bug where cluster modal potentially shows incorrect upgrade version selection when re-opened and upgrades to the latest.
  • Fixed showing SSH warning until a region is selected while provisioning a cluster eliminating user confusion about what this warning means.
  • Bug fixes and improved status reporting for creating cluster with the CLI.
  • Added warning while force deleting a provisioned cluster with the CLI.

 

What's New March 20th, 2020

New Features and Improvements 

  • When provisioning a cluster, the region field now defaults to blank value instead of selecting a random region. 

Fixes

  • Changed `kubectl apply` to `kubectl create` in the attach cluster command.
  • Added workspace name to the workload information when you click on the workload.
  • Fixed VMware Cloud Services link on the Automation center page in the console.

 

What's New March 10th, 2020

We are very excited that today marks our first day to be publicly available for purchase by current and future VMware customers.

Fixes and Improvements

  • Bug fixes for editing cluster labels in Tanzu Mission Control.
  • Added node version to the nodes datagrid.
  • Added validation to the credential name in the provider credential workflow. 

 

What's New March 9th, 2020

New Features and Improvements 

  • Filter Unmanaged Kubernetes RBAC: You can now filter system namespaces to view the custom-created, unmanaged RBAC (role bindings created directly on the Kubernetes cluster instead of going through Tanzu Mission Control). 
  • Improved filtering capabilities on workloads.
  • Improved validation of cluster names while creating a cluster.
  • Added workspace information to the workloads view.
  • Improved sorting functionality on multiple tables.

Fixes

  • Bug fixes for viewing the YAML definition in the Tanzu Mission Control console. 
  • Bug fixes for cluster status while upgrading the cluster.
  • Bug fixes for cluster upgrades via CLI. 
  • Bug fix to return the inspection ID while running inspection via CLI.

 

What's New February 20th, 2020

New Features and Improvements 

  • Added support for Kubernetes version 1.16.6 for provisioned clusters.
  • Clusters provisioned through Tanzu Mission Control are now on port 443. (Previously they were on port 6443.)

 

What's New February 14th, 2020

New Features and Improvements 

  • Added support for provisioning clusters in two new regions: eu-central-1 and ap-southeast-1
  • When viewing the access policies for a cluster, you can now see the unmanaged Kubernetes RBAC policies (rolebindings).
  • Included cluster name for namespaces under the Workspaces policy view.

Fixes

  • Security fix to prevent authorized but low-privileged users with access to a provisioned cluster from stealing credentials from control plane nodes.
  • Bug fixes for cluster group details page.
  • Bug fixes for editing network policies.
  • Bug fixes for the "Add Label" interaction in the policy view. 
  • Fixes for usage metrics namespace view for managed namespaces.

 

What's New February 5th, 2020

New Features and Improvements 

  • Added the ability to upgrade provisioned Kubernetes clusters through the console. Previously available through CLI and API, this capability lets you upgrade the control plane and the worker nodes of your Kubernetes cluster.
  • Added the ability to hide Tanzu objects or system objects on the Workloads page for a cluster, to improve readability.
  • Added support for the latest MS Edge (Chromium) Version 80 or later.
  • Improvements in filtering capabilities on data grids in the UI.

Fixes

  • Marked kube-public and kube-node-lease as system namespaces.
  • Fixes to prevent attaching system namespaces.
  • Bug fixes to prevent an infinite loop on filtering in data grids.

 

What's New January 30th, 2020

New Features and Improvements 

  • Added the capability to filter clusters by type: attached and provisioned.
  • Tooltip improvements to the Provider column on the Clusters page.
  • Added account status on the Clusters page. Invalid account status is now shown on the dropdown when you click New Cluster. 
  • Added the capability to delete failed inspections in the console. 
  • Updated validation text for resource names.
  • Visual improvements to the Add Network Policy form.
  • (CLI) Improved CLI documentation for inspections.
  • Improved error reporting for API errors using in-context alerts. 
  • Removed ability to view and manage direct namespace policies for image and network policies

 

What's New January 14th, 2020

New Features and Improvements 

  • Added support for attaching OpenShift clusters.
  • Improvements to show the time taken for inspections to be completed. 
  • Visual improvements to policy tree with links to inherited policies from direct policy view.  
  • Improvements to show node pool creation and deletion errors. 
  • Added warning message for remove cluster workflow (Forget this cluster). 
  • Added inspection ID for failed scans in the Tanzu Mission Control console.
     

Fixes

  • Bugfix for downloading kubeconfig with the correct file name.
  • Fixed infinite loop spinner on the policies page.
  • Fixed incorrect warnings when using the keyboard tab.
  • Fixed UI experience for the add policy form.

 

What's New January 9th, 2020

New Features and Improvements 

  • Attach unmanaged namespaces:  Namespaces in Kubernetes are intended for use in environments with many users spread across multiple teams or projects. In both attached and provisioned clusters, you can create namespaces that you can manage through Tanzu Mission Control using policies. Your clusters can also have unmanaged namespaces that were created externally and don't need to be managed through Tanzu Mission Control. You can now attach unmanaged namespaces in Tanzu Mission Control, so you can manage all of your Kubernetes namespaces through Tanzu Mission Control. This provides the capability to manage all of your namespaces and policies on these namespaces in a centralized way. 
  • Visual improvements to the Tanzu Mission Control console page for connecting an AWS provider account.
  • Improvements to the Detach Cluster functionality with more detailed UI messages. 
  • Added an information box for image registry policies to help users understand the expected input. 
  • Improved the first time experience of the New cluster button when there are no accounts.
  • Added the View policies link from the individual cluster group, cluster, workspace, and namespace. 

Fixes

  • Added validations to the Labels input across all forms. 
  • Bug fixes for handling API errors for failed requests on the policies page.
  • Bug fixes for refreshing SSH options on create cluster form. 
  • Fixed bugs on running inspections. 
  • Fixes on memory calculation on workload page.

 

What's New December 6th, 2019

New Features and Improvements 

Network Policy : Added network policy management to Tanzu Mission Control. A network policy is a specification for how groups of pods are allowed to communicate with each other and network endpoints. These network policies can be set by using predefined custom templates called recipes and can now be applied to workspaces, with support for four different types of recipes (deny all, allow all, deny-all-to-pods, allow-all-to-pods). 

kubectl Namespace Access : For provisioned clusters, users can access managed namespaces and download the kubectl configuration for a particular namespace.This feature lets you download the kubectl configuration for a single namespace and access it using the Tanzu Mission Control CLI which can be used by individual users who do not have access to the entire cluster. 

Getting Started Cards :  Added getting started cards for cluster group views. Improved the getting started card experience for image policies. 

Fixes

  • Bug fixes for node pool editing. 
  • Bug fixes for filtering and pagination on cluster lists. 
  • Removed the endpoint configuration parameter from the download CLI view.
  • Fixes for validations on search parameters across input forms in the UI. 
check-circle-line exclamation-circle-line close-line
Scroll to top icon