Updated on: April 14, 2021

Hello and welcome to the Tanzu Mission Control What’s New page. Here you find posts about new features, patches, and bug fixes for the platform.

VMware Tanzu Mission Control is a comprehensive API-driven cluster management platform, provided through VMware Cloud services, that allows you to monitor and manage all of your Kubernetes clusters from a single point of control, regardless of where they are hosted.

To learn more about Tanzu Mission Control, visit our website or contact your VMware account executive and ask for a free trial. In the meantime, check out the demo video here

 

What's New April 14, 2021

New Features and Improvements

  • (New Feature update): Tanzu Mission Control now supports viewing and filtering fleet-wide system activity events through the Events page. These are the same events that are currently available through the Event stream API, which do not include the audit log events available on the Audit Logs page.
  • Added CLI support for storage and object namespace quotas.

 

What's New April 9, 2021

New Features and Improvements

  • Improvements to the delete custom roles workflow. Delete workflow shows links to any existing role bindings while trying to delete a custom role.  

 

What's New April 8, 2021

New Features and Improvements

  • (New Feature update) : Tanzu Mission Control now supports the ability to register Tanzu Kubernetes Grid (1.2 & 1.3) management clusters running in vSphere (6.7 & 7.0), which allows you to manage the lifecycle of their Tanzu Kubernetes workload clusters.

 

What's New March 17, 2021

New Features and Improvements

  • Tanzu Mission Control now supports the ability to create custom roles for access management. You can create roles with a customized set of permissions and use these roles to grant access.

 

What's New March 9, 2021

Bug Fixes 

  • Fixed memory and CPU cores data on cluster overview details page. 

 

What's New March 3, 2021

Bug Fixes 

  • Fixed warning access pop-up issue during cluster creation workflow for TKG clusters. 
  • Fixed redirection issue from policy insights to the policy definition. 
  • Bugfix to let a user select a specific target location during backup creation. 

 

What's New February 25, 2021

New Features and Improvements

  • Added ability to create an image policy with enforcement disabled (dry run mode).  
  • Added support for viewing image policy violations through policy insights. 

Bug Fixes 

  • Updated the management cluster health tooltip. 

 

What's New February 24, 2021

New Features and Improvements 

  • Data protection now supports restoring backups to an alternative namespace. You can restore a namespace from a backup to a different namespace in the cluster. This allows you to restore data without changing or disrupting the source namespace in the cluster.

 

What's New February 23, 2021

New Features and Improvements 

  • Network policies support two new recipes, custom-ingress and custom-egress, that allow you to define rules based on IP addresses, pod and namespace selectors, and ports.

 

What's New February 5, 2021

New Features and Improvements 

  • Policy violations and sync issues are now available through the events API. 

 

What's New February 1, 2021

New Features and Improvements 

  • Added support for space characters in identity group names while creating access policy. 

 

What's New January 25, 2021

New Features and Improvements 

  • Added CLI support for adding integrations to a cluster. Tanzu Mission Control supports integrations with Tanzu Observability by Wavefront and Tanzu Service Mesh.

 

What's New January 22, 2021

Bug Fixes

  • Bug fix for clusters that are seen in a disconnected state intermittently.

 

What's New January 19, 2021

New Features and Improvements 

  • Added support for additional custom policy templates.

 

What's New January 14, 2021

New Features and Improvements 

  • (New Feature update) : Custom Roles are now available through the Tanzu Mission Control CLI. With custom roles, you can create roles with a customized set of permissions and assign these roles to users and groups. 
  • (New Feature update) :  Image policy enhancements based on Open Policy Agent-Gatekeeper project are now available in Tanzu Mission Control. With the release of this feature, the previous implementation of the image registry policy "allow registry" recipe is now deprecated. 
  • Added support for setting security policies and custom policies on OpenShift clusters. 

 

What's New December 16, 2020

Feature Shutdown

  • Disabled support for v1alpha API.

 

What's New December 11, 2020

New Features and Improvements 

  • (New Feature update) : The Tanzu Service Mesh integration is now available on the Tanzu Mission Control platform. When the Tanzu Service Mesh service has been enabled on your organization, your Tanzu Mission Control organization administrator can enable the integration for use on clusters that are managed through Tanzu Mission Control. Then, cluster administrators can add Tanzu Service Mesh to managed clusters and designate which namespaces should belong in the mesh. Tanzu Mission Control takes care of the installation of service mesh components in the cluster, provides health status, and onboards it into Tanzu Service Mesh. For advanced configuration, you can open the Tanzu Service Mesh console directly from the Integrations card of the cluster detail page.

  • Released a custom policy template to mitigate the risk of Kubernetes CVE-2020-8554. Details available here

  • Added support for kubeconfig access to workload clusters on Tanzu Kubernetes Grid.

 

What's New December 2, 2020

New Features and Improvements 

  • (New Feature update) : Enabled support for Tanzu Kubernetes Grid on vSphere 7.  You can now register your Tanzu Kubernetes Grid Service Supervisor Clusters, and then manage the lifecycle of workload clusters. 
  • Added support for kubeconfig access to workload clusters on Tanzu Kubernetes Grid Service on vSphere 7. 

Known Issues

  •  All workload clusters must have unique names, even if they belong to distinct Supervisor Clusters.

 

What's New November 30, 2020

New Features and Improvements

Bug Fixes

  • Bug fix for adding multiple host paths while creating a security policy.

Known Issues

  • The first time a user clicks out to the Wavefront console after enabling the Tanzu Observability by Wavefront integration for a cluster, the user is taken to the default Wavefront Kubernetes dashboard instead of to the Kubernetes dashboard that is specific to the cluster where the integration was just enabled. Going back to the TMC cluster detail view and clicking out to Wavefront again (and all subsequent times) takes the user to the Kubernetes dashboard for that cluster as intended.

 

What's New November 18, 2020

New Features and Improvements

  • UI improvements to show IP addresses that are in use during cluster creation.
  • UI improvements to resize columns in data tables. 

Bug Fixes

  • Bug fixes to allow manual inputs for node pool creation. 
  • Bug fixes for data protection credential creation workflow. 

 

What's New November 3, 2020

New Features and Improvements 

  • Added support for baseline security template in security policies aligned with Kubernetes pod security standards. This template is aimed at ease of adoption for common containerized workloads while preventing known escalations.

 

What's New October 28th, 2020

New Features and Improvements 

  • Added management cluster and provisioner fields in the Clusters page.
  • Restic support added by default when enabling data protection on clusters.

 

What's New October 21, 2020

New Features and Improvements 

  • CLI and API update -- A new version (v1alpha1) is now available, in addition to version v1alpha.
  • Upgraded OPA Gatekeeper extension to 3.1.1 for Kubernetes 1.19 compatibility.

 

What's New October 13, 2020

Bug Fixes and Improvements

  • Added AWS Quick Start Guide link to step two of credential creation workflow.
  • Error messaging improvements for custom policies. 
  • Bug fixes for refreshing cluster overview cards. 
  • Added ability to sort data protection backup columns by name or creation time.

 

What's New October 7, 2020

New Features and Improvements 

  • (New Feature update) : Custom policies  are now available in Tanzu Mission Control. To create a custom policy, you must create a template that declaratively defines rules for your Kubernetes objects. After you create a custom policy using this template and assign it to your cluster fleet, Tanzu Mission Control enforces the policy and provides relevant feedback. Custom policies in Tanzu Mission Control are implemented using the Gatekeeper project from Open Policy Agent (OPA).

 

What's New September 17, 2020

New Features and Improvements

  • (New Feature update) : Security policies are now available. You can take advantage of preconfigured templates to enforce fleet-wide security policies for your Kubernetes infrastructure. Tanzu Mission Control lets you customize these templates based on your security needs along with the ability to include or exclude particular namespaces. You can also optionally set a security policy in the dry-run (audit) mode to evaluate its impact before enforcing.
  • (New Feature update) : The Policy insights page in the Tanzu Mission Control console provides a centralized, holistic view of the current state of policy events in your organization. Administrators can view fleet-wide, policy-related information - including sync issues and violations.

 

What's New September 15, 2020

New Features and Improvements

  • Improvements to the add integration modal for Tanzu Observability by Wavefront.

 

What's New September 3, 2020

New Features and Improvements

  • (New Feature update) : Data protection schedules allow you to configure recurring backups for your clusters. Tanzu Mission Control supports schedule creation using a standard set of templates for common and simple recurring schedules. You can also configure more complex schedules using custom cron expressions to provide you with maximum flexibility.

 

What’s New August 18, 2020

Fixes

  • Bug fixes for creating clusters with node pools in different availability zones.

 

What’s New August 11, 2020

New Features and Improvements 

  • UI improvements for "Add Integration" modal in the cluster overview. 

Fixes

  • CLI bug fixes for the "tmc documentation" command.

 

What’s New August 4, 2020

New Features and Improvements 

  • Three new versions of Kubernetes have been released: 1.16.12, 1.17.8, and 1.18.5.

 

What's New July 30, 2020

New Features and Improvements 

  • (New Feature update) Namespace quota policy: You can now set namespace quota policies for your clusters. CPU and memory quotas are now available along with the ability to set label-based namespace selectors. Namespace selectors allow granular control over including or excluding specified namespaces. This helps you have a single place to define fleet-wide namespace quota policies and define exceptions in a streamlined manner. 
  • (New Feature update) Tanzu Observability by Wavefront integration is now available. Tanzu Observability by Wavefront integration allows you install the Wavefront Kubernetes collector on any cluster with a single click through Tanzu Mission Control console. After the collector is successfully installed, you can click out to the Tanzu Observability platform directly from the Tanzu Mission Control console.

 

What's New July 28, 2020

  • User interface workflow improvements while selecting an AWS account credential during cluster creation. 

 

What's New July 22, 2020

New Features and Improvements 

  • (New Feature update)  You can now move clusters between cluster groups. To move a cluster, navigate to the cluster detail page and then choose Move from the Actions dropdown menu. Note that moving a cluster between groups results in a change to the policies inherited from the cluster group. 
  • Added the ability to manually refresh all applied policies. 
  • While creating an access policy, you can now see type-ahead suggestions for your subjects. 
  • User experience improvements to the upgrade cluster pop-up window. 
  • Support for Kubernetes versions: 1.16.11, 1.17.7, 1.18.4

Fixes

  • CLI bug fixes while restoring a backup. 

 

What's New June 24, 2020

New Features and Improvements 

  • (New Feature Update) Data Protection:  You can now take advantage of data protection on clusters managed through Tanzu Mission Control. You can backup and restore clusters, namespaces, and even groups of resources using Kubernetes label selectors. Tanzu Mission Control passes these commands through its cluster agent technology and Velero project executes the backups passing back status, errors, and full backup details. Instead of operating Velero directly in every cluster, Tanzu Mission Control’s UI, CLI, and API allow you to centrally create backups and restores of all of your clusters regardless of where they are located.

 

What's New June 15, 2020

New Features and Improvements 

  • Improved workflow for a new user downloading a kubeconfig by automatically initializing the correct TMC CLI context. 

Fixes

  • Bug fix to prevent creating a node pool with a partially entered name on the UI.

 

What's New June 2, 2020

New Features and Improvements 

  • (New Feature Update) Audit Log Report: You can now generate a report of audit events for your organization. Navigate to the Logs page in Tanzu Mission Control, specify a date range, and get a compressed file with the audit data. The audit log report provides context for you to understand which team members are performing specific operations. You can also see when these operations were applied to the cluster.

 

What's New May 27, 2020

New Features and Improvements 

  • (New Feature Update)- Inspection progress bar has been added to all types of inspections. When you run an inspection on a cluster, you can now view the number of tests completed against the total number of tests.

 

What's New May 19, 2020

Fixes

  • Bug fix to show detailed results with the "Expand" component on the UI for inspections. 
  • Bug fix to reset nodepool VPC private subnet correctly when the selected VPC changes.

 

What's New May 13, 2020

New Features and Improvements 

  • (New Feature Update) Account credential access policy:  This policy type lets you set access control on your account credentials. For example, you can control which users and groups can view and share the AWS account credential configured in your organization. This allows for streamlined billing and better security in scenarios where users in an organization do not want an account credential to be shared with the entire organization. Account credential access is available under Settings in the console. Two new roles credential.admin and credential.view have been added in this release. 
  • (New Feature Update) Provision clusters in existing AWS Virtual Private Network (VPC) : Tanzu Mission Control now lets you deploy and manage Kubernetes clusters inside an existing VPC within your AWS account. This allows existing applications in a VPC to communicate with Kubernetes applications without the hassle and cost of VPC peering. This capability is available for both development and production cluster types. When you select a region while provisioning a cluster, the existing VPCs in that region are displayed for you to choose from.
  • (New Feature Update) Support for CIS Benchmark Inspection Scans: The Center for Internet Security is a nonprofit entity whose mission is to identify, develop, validate, promote, and sustain best-practice solutions for cyber defense. CIS has developed prescriptive tests for establishing a secure configuration posture for Kubernetes. We now have a CIS Kubernetes inspection scan in Tanzu Mission Control that utilizes the implementation provided by kube-bench. Support for the CIS benchmark inspection scan further enables you to tighten the security of your cluster with industry best practices. 

Fixes

  • Bug fix to filter system namespaces. 
  • Bug fix to show the correct tmc cluster validate command when the cluster is in the disconnected state.
  • Fix to handle browser compatibility for Microsoft Edge browsers.

 

What's New May 1, 2020

New Features and Improvements 

  • (New Feature Update) - You can now view policy synchronization errors from the Tanzu Mission Control console. If your policy is not synchronized to the Kubernetes cluster correctly, you can view the errors by clicking on the Sync Issues tab on the Policies page. Details like the error that occurred, and the policy and resources affected can be accessed through Tanzu Mission Control.

 

What's New April 28, 2020

New Features and Improvements 

  • Added description to cluster groups overview.

Fixes

  • Bug fix for CLI to parse boolean inputs in interactive mode.
  • Bug fix for CLI to edit cluster groups on Windows.

 

What's New April 21, 2020

New Features and Improvements 

  • User should now be able to choose their Availability Zone when they choose a 'development' cluster while provisioning. 
  • Customers can now reattach clusters in the event that the TMC cluster agent is removed from the cluster or if an administrator rebuilds the cluster.  When a cluster is reattached TMC preserves the historical data for the cluster and returns the agent to its prior state.
  • Clusters in an 'unknown' status now show instructions to run the `tmc cluster validate` command to help troubleshoot cluster agent connection problems.
  • Added support for Kubernetes version 1.17.3 for provisioned clusters

Fixes

  • Bug fix for kubectl attach command while attaching clusters. Changed the attach command to include double quotes in the UI. 
  • Included cluster group value for unmanaged namespaces.
  • Bug fix to show the correct CPU and memory usage for namespaces.

 

What's New April 13th, 2020

New Features and Improvements 

  • You can now specify a non-default CIDR for pod and service when creating a provisioned cluster. 

Fixes

  • Bug fix to set the right name while attaching a cluster.
  • Bug fix to add/edit labels for managed namespaces in attached clusters.

 

What's New April 8th, 2020

Fixes

  • Disabled node pools AZ dropdown when provisioning a development cluster.
  • Bug fixes to create managed namespaces successfully when failing with error- "Failed to get cluster options".
  • Fixed bug where cluster modal potentially shows incorrect upgrade version selection when re-opened and upgrades to the latest.
  • Fixed showing SSH warning until a region is selected while provisioning a cluster eliminating user confusion about what this warning means.
  • Bug fixes and improved status reporting for creating cluster with the CLI.
  • Added warning while force deleting a provisioned cluster with the CLI.

 

What's New March 20th, 2020

New Features and Improvements 

  • When provisioning a cluster, the region field now defaults to blank value instead of selecting a random region. 

Fixes

  • Changed `kubectl apply` to `kubectl create` in the attach cluster command.
  • Added workspace name to the workload information when you click on the workload.
  • Fixed VMware Cloud Services link on the Automation center page in the console.

 

What's New March 10th, 2020

We are very excited that today marks our first day to be publicly available for purchase by current and future VMware customers.

Fixes and Improvements

  • Bug fixes for editing cluster labels in Tanzu Mission Control.
  • Added node version to the nodes datagrid.
  • Added validation to the credential name in the provider credential workflow. 

 

What's New March 9th, 2020

New Features and Improvements 

  • Filter Unmanaged Kubernetes RBAC: You can now filter system namespaces to view the custom-created, unmanaged RBAC (role bindings created directly on the Kubernetes cluster instead of going through Tanzu Mission Control). 
  • Improved filtering capabilities on workloads.
  • Improved validation of cluster names while creating a cluster.
  • Added workspace information to the workloads view.
  • Improved sorting functionality on multiple tables.

Fixes

  • Bug fixes for viewing the YAML definition in the Tanzu Mission Control console. 
  • Bug fixes for cluster status while upgrading the cluster.
  • Bug fixes for cluster upgrades via CLI. 
  • Bug fix to return the inspection ID while running inspection via CLI.

 

What's New February 20th, 2020

New Features and Improvements 

  • Added support for Kubernetes version 1.16.6 for provisioned clusters.
  • Clusters provisioned through Tanzu Mission Control are now on port 443. (Previously they were on port 6443.)

 

What's New February 14th, 2020

New Features and Improvements 

  • Added support for provisioning clusters in two new regions: eu-central-1 and ap-southeast-1
  • When viewing the access policies for a cluster, you can now see the unmanaged Kubernetes RBAC policies (rolebindings).
  • Included cluster name for namespaces under the Workspaces policy view.

Fixes

  • Security fix to prevent authorized but low-privileged users with access to a provisioned cluster from stealing credentials from control plane nodes.
  • Bug fixes for cluster group details page.
  • Bug fixes for editing network policies.
  • Bug fixes for the "Add Label" interaction in the policy view. 
  • Fixes for usage metrics namespace view for managed namespaces.

 

What's New February 5th, 2020

New Features and Improvements 

  • Added the ability to upgrade provisioned Kubernetes clusters through the console. Previously available through CLI and API, this capability lets you upgrade the control plane and the worker nodes of your Kubernetes cluster.
  • Added the ability to hide Tanzu objects or system objects on the Workloads page for a cluster, to improve readability.
  • Added support for the latest MS Edge (Chromium) Version 80 or later.
  • Improvements in filtering capabilities on data grids in the UI.

Fixes

  • Marked kube-public and kube-node-lease as system namespaces.
  • Fixes to prevent attaching system namespaces.
  • Bug fixes to prevent an infinite loop on filtering in data grids.

 

What's New January 30th, 2020

New Features and Improvements 

  • Added the capability to filter clusters by type: attached and provisioned.
  • Tooltip improvements to the Provider column on the Clusters page.
  • Added account status on the Clusters page. Invalid account status is now shown on the dropdown when you click New Cluster. 
  • Added the capability to delete failed inspections in the console. 
  • Updated validation text for resource names.
  • Visual improvements to the Add Network Policy form.
  • (CLI) Improved CLI documentation for inspections.
  • Improved error reporting for API errors using in-context alerts. 
  • Removed ability to view and manage direct namespace policies for image and network policies

 

What's New January 14th, 2020

New Features and Improvements 

  • Added support for attaching OpenShift clusters.
  • Improvements to show the time taken for inspections to be completed. 
  • Visual improvements to policy tree with links to inherited policies from direct policy view.  
  • Improvements to show node pool creation and deletion errors. 
  • Added warning message for remove cluster workflow (Forget this cluster). 
  • Added inspection ID for failed scans in the Tanzu Mission Control console.
     

Fixes

  • Bugfix for downloading kubeconfig with the correct file name.
  • Fixed infinite loop spinner on the policies page.
  • Fixed incorrect warnings when using the keyboard tab.
  • Fixed UI experience for the add policy form.

 

What's New January 9th, 2020

New Features and Improvements 

  • Attach unmanaged namespaces:  Namespaces in Kubernetes are intended for use in environments with many users spread across multiple teams or projects. In both attached and provisioned clusters, you can create namespaces that you can manage through Tanzu Mission Control using policies. Your clusters can also have unmanaged namespaces that were created externally and don't need to be managed through Tanzu Mission Control. You can now attach unmanaged namespaces in Tanzu Mission Control, so you can manage all of your Kubernetes namespaces through Tanzu Mission Control. This provides the capability to manage all of your namespaces and policies on these namespaces in a centralized way. 
  • Visual improvements to the Tanzu Mission Control console page for connecting an AWS provider account.
  • Improvements to the Detach Cluster functionality with more detailed UI messages. 
  • Added an information box for image registry policies to help users understand the expected input. 
  • Improved the first time experience of the New cluster button when there are no accounts.
  • Added the View policies link from the individual cluster group, cluster, workspace, and namespace. 

Fixes

  • Added validations to the Labels input across all forms. 
  • Bug fixes for handling API errors for failed requests on the policies page.
  • Bug fixes for refreshing SSH options on create cluster form. 
  • Fixed bugs on running inspections. 
  • Fixes on memory calculation on workload page.

 

What's New December 6th, 2019

New Features and Improvements 

Network Policy : Added network policy management to Tanzu Mission Control. A network policy is a specification for how groups of pods are allowed to communicate with each other and network endpoints. These network policies can be set by using predefined custom templates called recipes and can now be applied to workspaces, with support for four different types of recipes (deny all, allow all, deny-all-to-pods, allow-all-to-pods). 

kubectl Namespace Access : For provisioned clusters, users can access managed namespaces and download the kubectl configuration for a particular namespace.This feature lets you download the kubectl configuration for a single namespace and access it using the Tanzu Mission Control CLI which can be used by individual users who do not have access to the entire cluster. 

Getting Started Cards :  Added getting started cards for cluster group views. Improved the getting started card experience for image policies. 

Fixes

  • Bug fixes for node pool editing. 
  • Bug fixes for filtering and pagination on cluster lists. 
  • Removed the endpoint configuration parameter from the download CLI view.
  • Fixes for validations on search parameters across input forms in the UI. 
check-circle-line exclamation-circle-line close-line
Scroll to top icon