VMware Tanzu Mission Control | 06 JUN 2024

Check for additions and updates to these release notes.

Welcome to the Tanzu Mission Control What’s New page. Here you find posts about new features, patches, and bug fixes for the platform.

VMware Tanzu Mission Control is a comprehensive API-driven cluster management platform, provided through VMware Cloud services, that allows you to monitor and manage all of your Kubernetes clusters from a single point of control, regardless of where they are hosted.

To learn more about Tanzu Mission Control, visit our website or contact your VMware account executive and ask for a free trial. In the meantime, check out the demo video here

.

What's New June 6, 2024

New Features and Improvements

  • Added support for CA certs in repository credentials

    Tanzu Mission Control now allows you to configure a private Git repository credential using CA certificates with optional username and password values for Flux Git repositories. 

  • Added support for Istio package deployment

    The catalog features of Tanzu Mission Control now allow you to access and deploy Istio packages (version 1.22.0). 

    For more information about deploying Istio to your clusters, see Add a Package Repository to Your Cluster in Using VMware Tanzu Mission Control.

What's New May 8, 2024

Product Support Notice

  • Deprecation of the Subscription tab

    The Subscription tab in the Tanzu Mission Control console is now in deprecation and will be removed.

    With the transition to Broadcom systems, Tanzu Mission Control no longer receives or stores subscription purchase information, and therefore can no longer display information about the tier and length of your subscription.

    For information about your active subscription and utilization information, you can reach out your Account Team or submit a Broadcom Support request. 

  • Deprecation and removal of the tmc CLI

    The tmc command-line interface will be removed and no longer supported after May 2024. You must complete your transition to the tanzu CLI before May 31, 2024.

    The Tanzu Mission Control  tmc  CLI has been in deprecation since May 2023, after the introduction of the tanzu CLI. 

    For information about tanzu CLI commands, see the VMware Tanzu CLI Reference - Tanzu Mission Control Plugins.

What's New April 25, 2024

New Features and Improvements

  • Updated Velero to version 1.13.2

    The version of Velero used by the data protection features of Tanzu Mission Control is updated to 1.13.2. This Velero update includes bug fixes in CSI snapshot and data mover. Refer to the changelog for details.

What's New March 28, 2024

Product Support Notice

  • Added support for Kubernetes 1.29

    Tanzu Mission Control now supports management of Kubernetes 1.29 clusters running in Amazon Elastic Kubernetes Service (EKS), Azure Kubernetes Service (AKS), and attached conformant Kubernetes clusters. In line with timelines published by Microsoft Azure and Amazon Web Services, TMC support for clusters running older releases of Kubernetes is deprecated as follows:

    • AKS clusters running Kubernetes 1.25 and 1.24 are no longer supported.

    • EKS clusters running Kubernetes 1.25 are in extended support, and 1.24 and 1.23 are no longer supported.

What's New March 5, 2024

New Features and Improvements

  • Updated FluxCD version for continuous delivery and Helm capabilities

    The version of FluxCD used by the continuous delivery (CD) and Helm package management features of Tanzu Mission Control (TMC) is updated to 2.1.x. When you enable CD or Helm on clusters managed through TMC, it installs FluxCD v2.1.x (provided there is no existing installation of TAP).

    This update applies to individual clusters on which you enable CD or Helm, as well as clusters that are part of a cluster group on which you enable CD or Helm.

    Known issue:  Tanzu Application Platform (TAP) uses an earlier version of FluxCD that is incompatible with TMC's upgraded components. You cannot install TAP on clusters with the updated version of FluxCD. To use both TAP and CD/Helm on the same cluster, make sure CD/Helm is disabled and all FluxCD components are removed. Then install TAP through TMC, and you can subsequently enable CD/Helm, which will use the version of FluxCD installed with TAP.

    For more information about enabling CD, see Enable Continuous Delivery for a Cluster or Cluster Group.

    For more information about enabling Helm, see Enable Helm Service on Your Cluster or Cluster Group.

    For more information about installing TAP through TMC, see Install Tanzu Application Platform on a Cluster.

What's New March 4, 2024

New Features and Improvements

  • Updated support for Tanzu Application Platform versions

    Tanzu Mission Control (TMC) now allows you to deploy solutions for Tanzu Application Platform (TAP) versions 1.6.8, 1.7.4, and 1.8.0. You can also update TAP profile versions on a cluster for previously installed TAP solutions in TMC. For more information, see Install Tanzu Application Platform on a Cluster in Using VMware Tanzu Mission Control.

    Known Issue:  There are known issues in TAP, in both 1.7.x and 1.8.x, that prevent using a non-default certificate issuer when you deploy TAP profiles through TMC. If you want to use a non-default certificate issuer, do not use these solutions when deploying TAP through TMC. For more information about the latest updates to TAP, see the Release Notes for TAP 1.8 and the Release Notes for TAP 1.7.

  • Updated Velero to version 1.12.3

    The version of Velero used by the data protection features of Tanzu Mission Control is updated to 1.12.3. This Velero update includes bug fixes in CSI snapshot, data mover, and volume restore. Refer to the changelog for details.

  • Added support for ability to edit a recurring backup schedule

    Tanzu Mission Control now allows you to edit a schedule of recurring backups for your clusters, created at cluster and cluster group level. While editing backup schedule, you can change the advanced options for Kubernetes resources, volume backup options, target location, backup recurrence, and retention period. However, you cannot change the scope of the backup of Kubernetes resources between full cluster, selected namespace, and label selector.

  • Added option to force the deletion of a backup

    Tanzu Mission Control allows you force the deletion of the backup of a cluster. When the configured target location is no longer accessible from the cluster, the backup delete operation cannot complete and keeps running. You now have the option to "force delete" the backup, which removes the backup entry from TMC, and allows you to delete the backup from the target location manually.

What's New February 21, 2024

New Features and Improvements

  • Added lifecycle management support for Tanzu Kubernetes Grid 2.5

    Tanzu Mission Control now supports full lifecycle management of Tanzu Kubernetes Grid 2.5 clusters deployed on vSphere.

    This update includes support for newer versions of Kubernetes and the following new features: 

    • Custom ClusterClass  You can now provision clusters using a custom cluster class. The limitation of using only the default class has been removed.

    • Added photon3 to TKr-1.27.x  You can now choose either photon3 or photon V5 for the cluster's operating system when upgrading a cluster using TKr-1.27.x.

    Known Issue

    • You cannot specify a template for both the cluster and the node pool when provisioning or upgrading a cluster. If multiple templates of the same OVA exist in the vCenter, TMC fails to create/upgrade the cluster.

      As a workaround, remove the duplicated templates before creating or upgrading the cluster.

    Product Support Notice

    • With this update, you can no longer deploy TKG 2.5 clusters to AWS and Azure.

What's New January 31, 2024

New Features and Improvements

  • Added support for user-assigned managed identities in AKS clusters

    Tanzu Mission Control now allows you to specify a user-assigned managed identity when creating an AKS cluster. When you create an AKS cluster through TMC, you have the option to accept the system-assigned managed identity or specify a user-assigned managed identity.

    For more information, see Create an Azure AKS Cluster in Using VMware Tanzu Mission Control. For more information about managed identities in AKS, see Use a managed identity in Azure Kubernetes Service (AKS) in the Azure documentation

  • Added support for adding subscriptions to an existing AKS credential

    Tanzu Mission Control now allows you to add an Azure subscription to an existing AKS credential for lifecycle management. In addition to creating an AKS credential with multiple Azure subscriptions, you can now modify the list of subscriptions associated with the credential after it has already been created. This capability provides additional flexibility in how you manage your Azure accounts and connect subscriptions to TMC. For more information, see Edit an Azure AKS Credential in Using VMware Tanzu Mission Control.

What's New December 4, 2023

New Features and Improvements

  • Added support for custom pod networking in AKS and EKS clusters

    Tanzu Mission Control now supports running worker nodes and pods on different subnets. This feature is supported on clusters provisioned and managed through Tanzu Mission Control in Amazon EKS and Azure AKS. By using a secondary IP address in your cluster's pod network, you can increase the number of available IPs to support scale requirements for your clusters and applications.

  • Added support for installing multicluster TAP profiles

    Tanzu Mission Control now allows you to deploy a multicluster topology for your Tanzu Application Platform. When you install a TAP profile (View, Build, Run, and Iterate) on one or more clusters, Tanzu Mission Control adds the deployed profile to the Tanzu Developer Portal to surface workload and associated object details. Using the TMC console, you can create developer namespaces for Build, Iterate, and Run profile clusters.

    Known issue:  When you perform a multi-cluster deployment of TAP version 1.7.3 through TMC, the Tanzu Developer Portal is unable to view resources from the Build, Run, and Iterate clusters. You can fix this by following the instructions in Update Tanzu Developer Portal to view resources on multiple clusters (in the Tanzu Application Platform documentation) to update the configuration of the View cluster to enable visibility into the the Build, Run, and Iterate clusters.

    For more information, see Install Tanzu Application Platform on Multiple Clusters in Using VMware Tanzu Mission Control.

  • Added support for creating and managing opaque secrets

    Tanzu Mission Control now allows you to create and manage opaque cluster secrets. You can create an opaque secret in a single namespace and optionally make it available for use by all namespaces in the cluster, providing a single place to manage all opaque secrets for that cluster. Namespaces in a managed cluster can use a secret to authenticate to Git repositories, including Git repository location that store Tanzu Application Platform component configurations. 

    For more information, see Managing Cluster Secrets in Using VMware Tanzu Mission Control.

What's New December 1, 2023

New Features and Improvements

  • Updated the Tanzu Mission Control Terraform provider

    Tanzu Mission Control provider allows you to automate your cluster management using Hashicorp's Terraform platform. Terraform provider for Tanzu Mission Control has been continually been updated and enhanced over the last few months.

    With version 1.4.0 of the provider, the following capabilities are now available:

    • Enable Helm and create releases on your clusters from charts through Bitnami

    • Mutation policy creation, application, and modification

    • Transparent & explicit proxy usage for clusters

    • Defining GitOps - attach a Git repo to clusters for sync using FluxCD

    • Set data protection for a cluster along with backup schedules and target location

    • Perform the registration process for a management cluster on Tanzu Kubernetes Grid with TMC via Terraform; including for Tanzu Kubernetes Grid service in vSphere with Tanzu

    • Use a cluster class to provision and manage Tanzu Kubernetes Grid 2.x clusters using Terraform script

    • For EKS clusters, configure an Amazon VPC CNI plugin for managing ENI for your nodes

    For information about using the Tanzu Mission Control provider in Terraform, see https://registry.terraform.io/providers/vmware/tanzu-mission-control/latest/docs.

What's New November 28, 2023

New Features and Improvements

  • Added lifecycle management support for Tanzu Kubernetes Grid 2.4.1

    Tanzu Mission Control now supports full lifecycle management of Tanzu Kubernetes Grid 2.4.1 clusters deployed on vSphere, AWS, and Azure. 

What's New November 22, 2023

New Features and Improvements

  • Support for Kubernetes 1.28

    Amazon Elastic Kubernetes Service (EKS), Azure Kubernetes Service (AKS), and attached conformant Kubernetes clusters running or upgraded to Kubernetes v1.28 are now supported by Tanzu Mission Control. With this release, Kubernetes v1.24 is in deprecation and Kubernetes v1.23 is no longer in standard support for public clouds, inline with documented support timelines published by Amazon Web Services and Microsoft Azure, respectively.

What's New November 17, 2023

New Features and Improvements

  • Added lifecycle management support for Tanzu Kubernetes Grid 2.3.1

    Tanzu Mission Control now supports full lifecycle management of Tanzu Kubernetes Grid 2.3.1 clusters deployed on vSphere, AWS, and Azure. 

What's New November 15, 2023

New Features and Improvements

  • Added support for data protection for cluster groups

    Tanzu Mission Control now allows you to enable data protection for cluster groups. With this feature, you can configure recurring backups for all the clusters in the group, clusters based on names, or clusters based on Tanzu Mission Control labels. This capability allows you to create backups of clusters at scale as any cluster added to the cluster group will automatically inherit the backup schedule.

    Restore operations are supported at the individual cluster level; restore operations are not available at the cluster group level.

    For more information, see Enable Data Protection on a Cluster Group in Using Tanzu Mission Control.

What's New November 6, 2023

Product Support Notice

  • Updated permissions for EKS credentials

    The credential template for lifecycle management of AWS EKS clusters in Tanzu Mission Control has been updated to include new permissions. As a result of this update, your EKS credential might show that it is in an invalid state. If this happens, update your credential, as described in Update Your Credential for an AWS EKS Account in Using VMware Tanzu Mission Control. This scenario impacts lifecycle management of new (create) and existing (update) clusters, but does not impact the management/observability/control of existing clusters.

What's New October 31, 2023

New Features and Improvements

  • Added support for deploying Tanzu Application Platform solution

    Tanzu Mission Control now allows you to deploy Tanzu Application Platform (TAP) with an easy-to-use guided workflow. Using Tanzu Mission Control, you can deploy and configure TAP full profile components on a single cluster. After deploying TAP full profile on the cluster you can access the developer portal URL. Using the TMC console you can edit configurations and create developer namespaces. For more information, see Install Tanzu Application Platform on a Cluster.

What's New October 17, 2023

New Features and Improvements

  • Added CSI snapshot support for Tanzu Kubernetes Grid clusters

    Tanzu Mission Control now extends CSI (container storage interface) snapshot support to TKG clusters running Kubernetes 1.26.5 and later for backing up and restoring Kubernetes volumes. You can now choose the CSI snapshot method during backup and restore operations on TKG clusters. For more details on FSB and CSI snapshot usage, see Data Protection in VMware Tanzu Mission Control Concepts.

  • Updated Velero to version 1.12.0

    The version of Velero used by the data protection features of Tanzu Mission Control is updated to 1.12.0. With this update, Tanzu Mission Control configures Velero with Kopia integration for Kubernetes volume backup when using the FSB (file system backup) method. For more details on FSB usage, see Data Protection in VMware Tanzu Mission Control Concepts.

  • Added support to move CSI snapshot data to the backup target location

    Tanzu Mission Control now lets you move CSI (container storage interface) snapshot data to the backup storage location. CSI snapshot data movement allows you to back up volume snapshots from one cloud provider and restore the data to another cloud provider. For more details on CSI snapshot data movement, see Data Protection in VMware Tanzu Mission Control Concepts.

What's New October 12, 2023

New Features and Improvements

  • Added a new policy insight type: Incompatibility

    Tanzu Mission Control now recognizes a new type of warning for policy insights:  Incompatibility. An incompatibility warning indicates a conflict with the configuration of a component installed on your cluster. For more information, see About Policy Insights in Using VMware Tanzu Mission Control.

What's New October 10, 2023

New Features and Improvements

  • Added support for CA certificate enablement for TSM integration

    You can now integrate with Tanzu Service Mesh (TSM) using self-signed CA certificates.  

    When adding a cluster to TSM in Tanzu Mission Control, you can specify a certificate authority (CA) that the integration will use to authenticate. This allows you to use a corporate CA (like Vanify or Vault) for your TSM integration. For more information, see Add a Cluster to Service Mesh in Using VMware Tanzu Mission Control.

What's New October 5, 2023

New Features and Improvements

  • Added support for AKS credentials with multiple subscriptions

    Tanzu Mission Control now allows you to create a credential for AKS lifecycle management that contains multiple subscriptions. This removes the prior limitation of one subscription per credential. When using the credential to perform lifecycle operations (like creating a new cluster), you specify the subscription you want to use. Subscriptions can be added only when creating the credential. You cannot add a subscription to an existing credential.

    For more information, see Create an Azure AKS Credential in Using VMware Tanzu Mission Control.

What's New September 26, 2023

New Features and Improvements

  • Added lifecycle management support for Tanzu Kubernetes Grid 2.4

    Tanzu Mission Control now supports full lifecycle management of Tanzu Kubernetes Grid 2.4 clusters deployed on vSphere, AWS, and Azure. 

  • Added support for transparent proxy

    Tanzu Mission Control now allows you to connect to Kubernetes clusters behind a traffic proxy running in transparent mode. Adding to the capability of creating a proxy configuration object for proxies running in explicit mode, you can now create a proxy configuration object in Tanzu Mission Control to connect to your clusters running behind a transparent proxy. 

    Tanzu Mission Control supports transparent proxy for attaching conformant Kubernetes clusters, and for lifecycle management of AKS and EKS clusters. Transparent proxy is not supported for lifecycle management of Tanzu Kubernetes Grid clusters.

    For more information, see Connecting Through a Proxy and Create a Proxy Configuration Object in Using VMware Tanzu Mission Control.

What's New September 15, 2023

New Features and Improvements

  • Added ability to download policies as code (YAML/JSON)

    You can now download the code for your policies in either YAML or JSON format from the policy detail pages in Tanzu Mission Control. This capability allows you to treat policies as code so that you can perform versioning, tracking, back up, and other functions. For more information, see Export Policy Code in Using VMware Tanzu Mission Control.

    This capability is not available for access policies.

  • Added support for cluster admin delegation for TSM

    Tanzu Mission Control now allows you to delegate cluster admin permissions when adding a cluster to Tanzu Service Mesh (TSM). This feature allows a platform administrator to delegate injection decision-making to the cluster operator. When this option is enabled, TSM does not specify an inclusion or exclusion model on the cluster namespaces, which effectively delegates the task of labeling namespaces to the cluster operator. For more information, see Add a Cluster to Service Mesh in Using VMware Tanzu Mission Control.

What's New September 1, 2023

Product Support Notice

  • Added support for Kubernetes 1.27 clusters

    Tanzu Mission Control now supports provisioning and attaching Kubernetes v1.27 clusters.

    Amazon Elastic Kubernetes Service (EKS), Azure Kubernetes Service (AKS), Tanzu Kubernetes Grid, and attached conformant Kubernetes clusters are supported.

    With this release, Kubernetes v1.23 is in deprecation and Kubernetes v1.22 is no longer supported.

What's New August 24, 2023

New Features and Improvements

  • Improved visibility for user access permissions

    The User Permissions page in the Tanzu Mission Control console shows the roles and resources associated with the identities (users, groups, and service accounts) in your organization. From the new User Permissions page, you can view the identities in your organization and click to see mapped roles, resources, and other details. For more information, see View Identities and Roles in Using VMware Tanzu Mission Control.

What's New August 17, 2023

New Features and Improvements

  • Added support for backup and restore hooks

    Tanzu Mission Control allows you to configure a custom action during data protection operations. When performing a backup, you can specify one or more commands to execute before or after creating the backup. For example, to create a point-in-time backup of a database application, you can run a hook to pause database transactions before the backup, and resume transactions after the backup is complete. You can also specify commands to run during or after the restore process.

    For more information, see About Backup and Restore Hooks in Using VMware Tanzu Mission Control.

What's New August 4, 2023

New Features and Improvements

  • Added insights for policy settings

    Tanzu Mission Control now provides visibility into Gatekeeper configuration issues. On the Settings tab of the Administration page in the Tanzu Mission Control console, you can define OPA Gatekeeper default configurations that are used to enforce policies. The Settings tab now has an Insights list, which shows cluster-level deviations (such as overrides and violations) from the default configurations that you have defined. 

  • Added support for upgrade and rollback of Tanzu Service Mesh

    Tanzu Mission Control now exposes the ability to upgrade and rollback the Tanzu Service Mesh data plane components using the Tanzu Mission Control console, CLI, and API. This capability allows you to perform and automate cluster lifecycle management tasks from a single place. For more information, see Upgrade Service Mesh in Using VMware Tanzu Mission Control.

What's New August 3, 2023

New Features and Improvements

  • Improved data protection operation details

    Tanzu Mission Control now helps you to understand resources and volumes are part of your backup and restore operations. In addition to improved backup and restore details, you can download logs and resource list directly from Tanzu Mission Control, instead of downloading from Velero. On the Data Protection tab of cluster details page, click the backup or restore to see the details and download logs.

  • Added the ability to pause a recurring backup schedule

    Tanzu Mission Control allows you to configure a schedule of recurring backups for your clusters. Tanzu Mission Control now allows you to pause a recurring backup schedule. This is helpful when you want to skip backups for a period of time, for example, to perform maintenance tasks on the cluster or its storage volumes. Because this is a temporary suspension of the schedule, you have the option to resume the paused backup schedule. After you pause the backup schedule, no further backups are initiated until you resume the backup schedule.

What's New August 1, 2023

New Features and Improvements

  • Added lifecycle management support for Tanzu Kubernetes Grid 2.3

    Tanzu Mission Control now supports full lifecycle management of Tanzu Kubernetes Grid 2.3 clusters deployed on vSphere, AWS, and Azure. This update includes support for newer versions of Kubernetes and the following new features: 

    • Upgrade ClusterClass  You can upgrade the cluster class to the latest version when upgrading the Kubernetes version of a workload cluster.

    • Multiple availability zones  You can provision workload cluster nodes into multiple deployment zones that are predefined on a TKG management cluster running in vSphere. 

    • NodeIPAM  When provisioning a workload cluster, you can allocate IP addresses for the cluster nodes from predefined IPPools on the TKG management cluster.

    • Bring your own CNI  When provisioning a workload cluster, you can set the CNI type to None, and subsequently implement your own CNI for the cluster. 

     

What's New July 28, 2023

New Features and Improvements

  • Updated Tanzu Mission Control Terraform provider

    Tanzu Mission Control allows cluster management and automation using Hashicorp's Terraform platform. This update improves cluster resource and operation support using Terraform.

    With version 1.2.0 of the provider, the following capabilities are now available:

    • resource support - create and update network policy

    • cluster operations - provision Azure Kubernetes Cluster (AKS), including node pools and settings

    • integrations - continuous delivery enablement and Kustomization scopes for cluster

    For information about using the Tanzu Mission Control provider in Terraform, see https://registry.terraform.io/providers/vmware/tanzu-mission-control/latest/docs.

What's New July 27, 2023

New Features and Improvements

  • Added cluster group support for registry secrets

    Tanzu Mission Control now allows you to create a Kubernetes secret for a cluster group and distribute the secret to all clusters in the cluster group. For more information, see Managing Cluster Secrets in Using VMware Tanzu Mission Control.

What's New July 24, 2023

New Features and Improvements

  • Added support for lifecycle management of Azure AKS clusters

    Tanzu Mission Control now supports full lifecycle management of Microsoft Azure AKS clusters. When you connect your Azure account with Tanzu Mission Control, you can manage the lifecycle of new and existing Azure AKS clusters. 

    This includes the ability to create, update/scale, upgrade, and delete AKS clusters and node pools in a connected Azure account. For more information about connecting your Azure account and managing AKS clusters, see Managing the Lifecycle of Azure AKS Clusters in Using VMware Tanzu Mission Control.

What's New July 21, 2023

Product Support Notice

  • Added support for Kubernetes 1.26 clusters and deprecated support for Kubernetes 1.22

    Tanzu Mission Control now supports provisioning and attaching Kubernetes v1.26 clusters.

    Amazon Elastic Kubernetes Service (EKS), Tanzu Kubernetes Grid, and attached conformant Kubernetes clusters are supported as a part of this release. 

    With this new release, Kubernetes v1.22 is in deprecation and Kubernetes v1.21 is no longer supported.

What's New July 6, 2023

New Features and Improvements

  • Cloud Formation template for EKS credentials has been updated

    The Cloud Formation template for EKS credentials has been updated to add loadbalancing permissions including DescribeLoadBalancers, DescribeTags, and DeleteLoadBalancer. This fixes an issue with a left over load balancer when an EKS cluster is deleted. Credentials may appear invalid until you update the credential permissions, but this will have no effect on your clusters. You will be unable to perform new lifecycle operations until you update invalid credentials with the latest permission template as described in Update Your Credential for an AWS EKS Account.

  • Added support for CSI volume snapshots

    In addition to File System Backup (FSB), Tanzu Mission Control now introduces Container Storage Interface (CSI) snapshot support for backing up and restoring Kubernetes volumes. You can now choose FSB as well as CSI snapshot method during backup and restore operations. For more details on FSB and CSI snapshot usage, see Data Protection in VMware Tanzu Mission Control Concepts.

    For information about using FSB and CSI during backup operations in Tanzu Mission Control, see in Back Up the Data Resources in Your Cluster in Using VMware Tanzu Mission Control.

  • Support for restoring partially failed backups

    Tanzu Mission Control now lets you restore partially failed backups. Partially failed backups might be missing some of the resources and volumes that were configured to be backed up. Prior to restoring, review backup operation details and logs to understand which resources and volumes may have been skipped.

What's New June 29, 2023

New Features and Improvements

  • Added support for Kubernetes 1.25 clusters

    Tanzu Mission Control now supports provisioning and attaching Kubernetes v1.25 clusters.

    Amazon Elastic Kubernetes Service (EKS), Tanzu Kubernetes Grid, and attached conformant Kubernetes clusters are supported as a part of this release. 

What's New June 6, 2023

New Features and Improvements

  • Added support for annotation and label mutation policy

    Tanzu Mission Control now supports mutating annotations and labels on a Kubernetes resource. You can create a mutation policy using an annotation or label template. Tanzu Mission Control can mutate key value pairs in annotations and labels based on these templates. For more information, see Mutating Kubernetes Resources in Using VMware Tanzu Mission Control.

What's New May 31, 2023

New Features and Improvements

  • Updated Velero to version 1.10.3

    The version of Velero used by the data protection features of Tanzu Mission Control is updated to 1.10.3. This Velero update includes enhancements, bug fixes, and resolves several CVEs. Refer to the changelog for details. 

  • Added progress reporting for data protection operations

    To provide insight into long-running data protection operations, Tanzu Mission Control now provides progress reporting for backup and restore. While the backup or restore operation proceeds, you can view the number of resources that have been processed out of an estimated total number of resources.

What's New May 24, 2023

New Features and Improvements

  • Added support for local image registry

    Tanzu Mission Control now allows you to register a private container registry, from which you can deploy images to your clusters. This feature offers you complete control over security and vulnerability scanning before deploying container images to production environments.

    This release supports local image registry for Tanzu Kubernetes Grid clusters, version 1.6 and later, running on vSphere.

    For more information, see Managing a Local Image Registry in Using VMware Tanzu Mission Control.

    Tanzu Observability and Tanzu Service Mesh are not supported for use with local image registry.

What's New May 18, 2023

New Features and Improvements

  • Added lifecycle management support for Tanzu Kubernetes Grid 2.2

    Tanzu Mission Control now supports full lifecycle management of Tanzu Kubernetes Grid 2.2 clusters deployed on vSphere, AWS, and Azure. In addition to other enhancements, this update includes support for newer versions of Kubernetes and allows you to use additional image registries when provisioning a class-based cluster.

    For more information about the 2.2 release of Tanzu Kubernetes Grid, see the VMware Tanzu Kubernetes Grid v2.2 Release Notes.

What's New May 16, 2023

New Features and Improvements

  • The command line interface for Tanzu Mission Control is merging into the Tanzu CLI

    VMware Tanzu is moving toward a unified experience for our users. To better serve the greater Tanzu community, the Tanzu Mission Control CLI (tmc) has now migrated into the Tanzu CLI (tanzu). Tanzu Mission Control now uses the tanzu CLI with Tanzu Mission Control plug-ins, allowing you to have a more cohesive Tanzu interaction. This means the tmc CLI will be deprecated over the next 6 months and support will be discontinued as of November 2023.

    You now need only one copy of the tanzu CLI and can download the plug-ins for Tanzu Mission Control, which provides for a common CLI experience across Tanzu products. For example, if you have both Tanzu Kubernetes Grid and Tanzu Mission Control, with this new unified approach you now have a single CLI to run both from. Having a unified CLI reduces the complexity of maintaining and using multiple CLIs for each Tanzu product.

    For more information about the Tanzu Mission Control plug-ins for the unified Tanzu CLI, see the VMware Tanzu CLI - Tanzu Mission Control Plug-ins. For more information about the Tanzu Mission Controls plug-ins for the Tanzu CLI, see the Mapping of CLI Equivalents in the CLI Reference.

What's New May 3, 2023

New Features and Improvements

  • Added cluster group support for installing Helm charts

    Tanzu Mission Control now lets you deploy Helm charts from a Git repository to a cluster group. For more information, see Install a Helm Chart from a Git Repository.

  • Restricted support for installation of packages on non-TKG clusters

    The catalog in Tanzu Mission Control has been updated to restrict the installation of packages from the Tanzu Standard package repository to only workload clusters running in Tanzu Kubernetes Grid. You can no longer use the catalog to install packages from the Tanzu Standard package repository to non-TKG clusters. For non-TKG clusters, you can explore packages in the Helm charts tab. Helm charts are open source from Bitnami, and are not supported by VMware. For information about using the catalog in Tanzu Mission Control, see Managing Packages and Releases in Your Cluster in Using VMware Tanzu Mission Control.

What's New April 26, 2023

New Features and Improvements

  • Enhanced UI for image registry policy

    As part of the ongoing effort to improve your user experience with managing policies in Tanzu Mission Control, the Image registry tab on the Policies assignments page has been updated with a new UI. The revamped UI improves the process of creating an image registry policy from the Policies assignments page, while maintaining the previously available functionality.

    Key improvements include:

    • Cleaner policy creation workflow: A dedicated configuration page for creating image registry policies with a cleaner layout. You can configure your image registry policy with a less crowded and more readable layout.

    • Better policy viewing and editing: You can review and edit image registry policy configurations immediately after creating a policy.

    • In-workflow actionable insights: The policy details page shows an insights table, so you can quickly see if there are any issues with the policy you just created. This allows you to take action now, rather than discover later that something isn’t working as expected.

    • Policy detail visibility: The Image registry tab of the Policies assignments page shows you critical details about the policies you’ve created without having to click into the edit page. You can see all of your image registry policies with the following details:

        Policy name

        Template used

        Enforcement action applied

        Selectors

        View details link

What's New April 25, 2023

New Features and Improvements

  • Added lifecycle management support for pre-existing EKS clusters

    You can now bring existing EKS clusters into full lifecycle management in Tanzu Mission Control. After you have connected an AWS account, you can add the clusters that are already there, and use Tanzu Mission Control to update, scale, upgrade, and delete clusters in your existing EKS cluster fleet. For more information, see Managing the Lifecycle of AWS EKS Clusters in Using VMware Tanzu Mission Control.

What's New March 29, 2023

New Features and Improvements

  • Support for Terraform in Tanzu Mission Control

    Tanzu Mission Control supports cluster management using Terraform. Over the last year, Tanzu Mission Control has implemented support for managing your fleet of Kubernetes clusters using Terraform.

    You can use the Tanzu Mission Control provider in Terraform to:

    • Log in to Tanzu Mission Control.

    • Attach conformant Kubernetes clusters.

    • Manage the lifecycle of workload clusters.

    • Manage the lifecycle of Elastic Kubernetes Service (EKS) clusters.

    • Manage cluster security using access, security, image registry, custom, and namespace quota policies.

    Supported Resources:

    • Clusters and node pools

    • Cluster groups

    • Namespaces and workspaces

    • Policies - access, image registry, security, custom, namespace quota

    • Tanzu Service Mesh integration

    • Credentials - Cluster Proxy, Tanzu Observability, AWS EKS, AWS S3, Azure Blob

    Supported Cluster Operations:

    • Provision Tanzu Kubernetes cluster on vSphere with Tanzu, vSphere, and AWS

    • Provision EKS clusters

    • Create and update cluster node pools and settings

    • Cluster attach

    For information about using the Tanzu Mission Control provider in Terraform, see https://registry.terraform.io/providers/vmware/tanzu-mission-control/latest/docs.

    For more information about the increasing number of features available through the Tanzu Mission Control provider in Terraform, see https://github.com/vmware/terraform-provider-tanzu-mission-control/releases.

What's New March 27, 2023

Product Support Notice

  • Use the latest versions of packages in the Tanzu Standard package repository

    With the upgrade of the Tanzu Standard package repository to v2.1.1_Update1, older versions of packages are also available in the repository. To avoid vulnerabilities in older package versions, move to the latest supported package versions.

    Packages in the Tanzu Standard package repository are supported only on Kubernetes release 1.20 and higher.

    For a list of the supported packages that are included in the updated repository, see the Component Versions section in the Tanzu Kubernetes Grid Release Notes.

What's New March 23, 2023

New Features and Improvements

  • Extended support for catalog deployment

    The catalog in Tanzu Mission Control (which uses Carvel package deployment) now allows you to deploy packages to Tanzu Kubernetes Grid clusters (v2.1 and later), clusters running in Tanzu Application Platform, and clusters running in vSphere with Tanzu (v8.0 and later). 

    You can also deploy packages to non-TKG clusters if you have already installed kapp-controller version 0.41.5 or later on the cluster.

    This extended support requires that you upgrade to the latest Tanzu Mission Control CLI (tmc). Clusters with Kubernetes versions earlier than 1.20 are not supported.

What's New March 21, 2023

New Features and Improvements

  • Added lifecycle management support for Tanzu Kubernetes Grid 2.1.1

    Tanzu Mission Control now supports full lifecycle management of Tanzu Kubernetes Grid 2.1.1 clusters deployed on vSphere, AWS, and Azure.

    With this update, the following features are added:

    • You can use the catalog in Tanzu Mission Control to deploy packages to workload clusters running in Tanzu Kubernetes Grid 2.1.1. (This functionality is not supported for clusters running in Tanzu Kubernetes Grid 2.1.0.)

    • You can use a persistent volume claim (PVC) with pods deployed to clusters running in Tanzu Kubernetes Grid 2.1.1. (This functionality requires a workaround for clusters running in Tanzu Kubernetes Grid 2.1.0).

    • Resolved known issue for support of class-based clusters in TKG 2.1 with NSX ALB. You can now apply the necessary Avi labels when provisioning a cluster in Tanzu Mission Control.

    • Resolved known issue for support of upgraded clusters in TKG 2.1.0. With TKG 2.1.1, there is no significant delay when upgrading a cluster from 1.6.x.

    • Known issue for TKG 2.1.1 and TKG 2.1.0: Tanzu Mission Control does not support provisioning workload clusters using a custom ClusterClass. To provision workload clusters through Tanzu Mission Control, you must use the default ClusterClass.

    • Known issue for TKG 2.1.1 and TKG 2.1.0: Tanzu Kubernetes release  v1.23.15---vmware.1-tkg.1  does not support the default CSI provisioner for Azure and vSphere. Do not use this TKr to provision TKG 2.1.x workload clusters with the default storage class on Azure and vSphere.

    For more information about the 2.1.1 release of Tanzu Kubernetes Grid, see the VMware Tanzu Kubernetes Grid v2.1 Release Notes.

What's New March 15, 2023

New Features and Improvements

  • Added support for service account entity in access policies

    Tanzu Mission Control now allows you to use a Kubernetes service account as an entity type when creating role bindings in access policies. 

What's New March 9, 2023

New Features and Improvements

  • Upgraded Tanzu Standard package repository to 2.1.1

    The Tanzu Standard package repository, which enables you to install packages to your managed clusters has been updated to version 2.1.1 in Tanzu Mission Control.

    With this update, some component versions might have been removed from the repository, and you will need to update your installations of these packages to the latest version in the new Tanzu Standard repository. 

    For a list of the packages that are included in the updated repository, see the Component Versions section in the Tanzu Kubernetes Grid Release Notes.

    For more information about updating an installation on your clusters, see Edit an Installed Package in Using VMware Tanzu Mission Control.

What's New February 23, 2023

New Features and Improvements

  • Added administrative default settings for policies

    Tanzu Mission Control now allows you to specify default policy settings. With this update, you can modify OPA Gatekeeper default configurations which are used to enforce various policies, including security, image registry, mutation, and custom policies. 

    For more information, see Managing Administrative Settings in Using VMware Tanzu Mission Control

  • Added options for policy enforcement

    Tanzu Mission Control now allows you specify the enforcement action to take when you create a security policy, image registry policy, or custom policy. In addition to the default option (deny), you can set up the policy for testing using the dry run and warn options. For example, see Create a Security Policy in Using VMware Tanzu Mission Control.

    For more information about policy enforcement options, see Handling Constraint Violations in the OPA Gatekeeper documentation.

What's New February 17, 2023

Product Support Notice

  • Discontinued support for schema helper APIs

    The Tanzu Mission Control *SchemaHelper APIs in v1alpha1 are now discontinued, and are no longer supported.

    As a result, the schema commands in the Tanzu Mission Control command-line interface (tmc) are also discontinued (for example, tmc cluster schema and tmc workspace schema).

What's New February 3, 2023

New Features and Improvements

  • Upgraded Tanzu Standard package repository

    The Tanzu Standard package repository, which enables you to install packages to your managed clusters has been updated to version 1.6.1 in Tanzu Mission Control. The 1.6.1 version deprecates the following packages:

    • v1.5.3+vmware.4-tkg.1-cert-manager

    • v1.20.2+vmware.1-tkg.1-contour

    • v2.5.3+vmware.1-tkg.1-harbor

    You can upgrade your installations of these packages to the latest version in the new Tanzu Standard repository. For more information, see Edit an Installed Package in Using VMware Tanzu Mission Control.

What's New February 1, 2023

Product Support Notice

  • The aws-hosted environment is discontinued

    As of 31-Jan-2023, the aws-hosted environment is removed from Tanzu Mission Control and is no longer supported.

    To continue to leverage full lifecycle management of AWS-based clusters in Tanzu Mission Control, you can connect an AWS account and use EKS clusters or use Tanzu Kubernetes Grid clusters deployed on AWS. For more information, see Connecting an AWS Account for EKS Cluster Lifecycle Management in Using VMware Tanzu Mission Control.

What's New January 31, 2023

New Features and Improvements

  • UI enhancements on the cluster details page

    The detail page for clusters in the Tanzu Mission Control console has been updated. The functionality previously exposed under the Continuous delivery and Secrets tabs is now consolidated under the Add-ons tab.

  • Added support for installing a Helm chart from a Git repository

    You can now install a Helm chart to a cluster from a Git repository. For more information, see Install a Helm Chart from a Git Repository.

  • Added support for continuous delivery to cluster groups

    Tanzu Mission Control now provides support for continuous delivery to cluster groups. For more information, see Enable Continuous Delivery for a Cluster or Cluster Group.

What's New January 29, 2023

New Features and Improvements

  • Added support for Tanzu Kubernetes Grid 2.1, including ClusterClass

    Tanzu Mission Control now supports full lifecycle management of Tanzu Kubernetes Grid 2.1 clusters deployed on vSphere, AWS, and Azure. Starting in version 2.1 of Tanzu Kubernetes Grid, you can leverage the power of ClusterClass to create consistent workload clusters through Tanzu Mission Control. For more information, see Provision a Cluster using a Cluster Class. For more information about ClusterClass support in TKG, see VMware Tanzu Kubernetes Grid v2.1 Release Notes.

Known Issues for TKG 2.1.0 support

Known Issues for lifecycle management of TKG 2.1.0 clusters

  • Known issue for support of catalog in TKG 2.1

    You cannot install packages to TKG 2.1.0 workload clusters using the catalog in Tanzu Mission Control.

  • Known issue for support of upgraded clusters in TKG 2.1

    When you upgrade a Tanzu Kubernetes Grid management cluster from 1.6.x to 2.1, you might experience a significant delay before Tanzu Mission Control recognizes the cluster as version 2.1. During this delay, Tanzu Mission Control cannot accurately provision new clusters in the management cluster.

    Workaround: As a workaround, you can accelerate this process by deleting the extension-updater pod in the vmware-system-tmc namespace on the management cluster to trigger the TKG version to update.

  • Known issue for support of class-based clusters in TKG 2.1 with NSX ALB

    Tanzu Mission Control cannot deploy new class-based clusters in Tanzu Kubernetes Grid 2.1 that use NSX ALB and are configured with custom service engines.

    Workaround: As a workaround, you can use the tanzu CLI to create the cluster with AVI labels, and then manage it using Tanzu Mission Control.

What's New January 19, 2023

New Features and Improvements

  • Added custom AMI support for EKS LCM

    Tanzu Mission Control now supports the use of custom EC2 AMIs (Amazon Machine Images) when provisioning AWS EKS node pools. For more information, see Create an EKS Cluster in Using VMware Tanzu Mission Control.

What's New January 17, 2023

New Features and Improvements

  • Added mutation policy for pod security

    Tanzu Mission Control now supports the ability to mutate the security context for your containers and pods and make your environments highly secure by default. Released support for mutation security policy with preconfigured templates. Mutating webhooks in Kubernetes enable dynamic admission control for your containers. This feature can be used to modify Kubernetes objects at runtime to enforce custom defaults. For more information, see Create a Mutation Policy in Using VMware Tanzu Mission Control.

What's New January 12, 2023

New Features and Improvements

  • Cluster Inspection Updates

    The version of Sonobuoy used for cluster inspections is upgraded to v0.56.12.

    The CIS Benchmark and Conformance images are upgraded to CIS v1.16 and Conformance v1.25. These upgrades fix critical vulnerabilities in previous versions and enhance the integrity of cluster inspections.

    Added support for running inspection tests on clusters that are using HTTPS_PROXY.

What's New December 16, 2022

New Features and Improvements

  • Added support for custom CA Certificates in target location configuration

    Tanzu Mission Control now allows you configure a custom CA certificate when creating self-provisioned AWS S3 or S3-compatible storage locations for data protection. For more information, see Create a Target Location for Data Protection in Using VMware Tanzu Mission Control.

  • Updated Velero Version

    The version of Velero used by the data protection features of Tanzu Mission Control is updated to 1.9.3. This Velero update includes bug fixes and resolves several CVEs. Refer to the changelog for details.

What's New December 7, 2022

New Features and Improvements

  • Added support for installing Helm charts

    You can now install Helm charts to your clusters through Tanzu Mission Control. After you enable Helm service on your cluster, you can use the Catalog page to install a Helm chart (create a release) from the Bitnami repository. For more information, see Managing Packages and Releases in Your Cluster.

What's New December 5, 2022

New Features and Improvements

  • Events and Audit Log Enhancements

    You now have more options for managing events in Tanzu Mission Control.

    • In addition to cluster management events, the list of events displayed on the Events page in the Tanzu Mission Control console now includes audit events. 

    • You can now filter the list of events by name and type to see only the events you want to see.

    • Three fields (user name, user email, and event state) have been added to the payload for audit events to make the downloadable audit log file more human readable.

    • You can use an API to automate ingestion of events, including audit logs. For instructions  on how to set up automated ingestion of events using a streaming API, visit the VMware developer resource website at https://developer.vmware.com/web/dp/samples?id=7995.

What's New November 16, 2022

New Features and Improvements

  • Added support to configure backup target location to clusters

    Tanzu Mission Control now allows you share a target location for data protection across individual clusters, in addition to sharing it across cluster groups. When configuring a backup storage location, you can select individual clusters that can use the target location when performing cluster backups. For more information, see Create a Target Location for Data Protection in Using VMware Tanzu Mission Control.

  • Added advanced options for configuring data protection on clusters

    In addition to backing up and restoring whole clusters, specific namespaces, and groups of resources using Kubernetes label selectors, Tanzu Mission Control now allows you to include or exclude specific resources and exclude namespaces when you configure advanced options for backup and restore. For more information, see Back Up the Data Resources in Your Cluster and Restore a Backup in Using VMware Tanzu Mission Control.

What's New October 11, 2022

New Features and Improvements

  • Added support for ClusterClass in vSphere 8

    Tanzu Mission Control now allows you to create workload clusters in vSphere with Tanzu using ClusterClass in the Cluster API. 

    Starting in version 8.0 of vSphere, you can leverage the power of ClusterClass to use a predefined template to create workload clusters with a consistent shape in Tanzu Kubernetes Grid Service Supervisor Clusters.

    For more information, see Provision a Cluster in vSphere with Tanzu using a Cluster Class in Using VMware Tanzu Mission Control.

    For more information about ClusterClass support in vSphere 8, see the vSphere with Tanzu 8.0 Release Notes.

What's New October 10, 2022

New Features and Improvements

  • Added lifecycle management support for AWS EKS clusters

    Tanzu Mission Control now allows you to manage the lifecycle of Amazon EKS clusters. You can use the Tanzu Mission Control console, CLI, or API to create, update, upgrade, and delete EKS clusters in a connected AWS account. For more information about connecting your AWS account, see Connecting an AWS Account for EKS Cluster Lifecycle Management.

What's New September 20, 2022

Product Support Notice

  • Deprecation of schema helper APIs

    The Tanzu Mission Control *SchemaHelper APIs in v1alpha1 are deprecated, and will no longer be supported 30 days from now.

    As a result, the schema commands in the Tanzu Mission Control command-line interface (tmc) are also deprecated (for example, tmc cluster schema and tmc workspace schema). 

    The schema helper APIs (which are now deprecated) provided a method to retrieve the schema of the associated API method. For example, the WorkspaceSchemaHelper API returns the schema of the Workspace API. You can still access this information in the Tanzu Mission Control API explorer at https://developer.vmware.com/apis/1263/. To see a list of the deprecated *SchemaHelper APIs, you can search for "schemahelper" in the API explorer.

What's New September 1, 2022

New Features and Improvements

  • Updated Velero to version 1.9.1

    The version of Velero used by the data protection features of Tanzu Mission Control is updated to 1.9.1. This Velero update includes enhancements, bug fixes, upgrade to restic version 0.13.1, and resolves several CVEs. Refer to the changelog for details.

Releases Prior to September 2022

What's New August 17, 2022

New Features and Improvements

  • Added support for proxies that do SSL interception and/or inspection

    Tanzu Mission Control now allows you to manage Tanzu Kubernetes Grid and attached clusters that are running behind proxies that perform SSL interception and/or inspection. You can configure a custom CA certificate when creating your proxy configuration in Tanzu Mission Control, and you can use that proxy configuration when registering Tanzu Kubernetes Grid management clusters, provisioning Tanzu Kubernetes Grid workload clusters, and attaching any conformant Kubernetes cluster. For more information, see Connecting Through a Proxy and Create a Proxy Configuration Object  in Using Tanzu Mission Control.

    Note: Custom CA certificates are not supported for Tanzu Kubernetes Grid Service clusters running on vSphere with Tanzu.

  • Added support to restore a backup from a different cluster

    Tanzu Mission Control now supports backup restoration between different clusters. Tanzu Mission Control allows you to create a backup in one cluster and restore it to a different cluster, even clusters running on different platforms. You can backup and restore clusters, namespaces, and even groups of resources using Kubernetes label selectors.

    Using this feature, you can restore application to cluster on alternate site without changing or disrupting the source cluster. For more information, see Data Protection in VMware Tanzu Mission Control Concepts.

What's New July 7, 2020

New Features and Improvements

  • Added support for specifying a custom operating system during cluster provisioning

    Tanzu Mission Control now allows you to specify the operating system that you want to use for the cluster, when you provision a new workload cluster in a Tanzu Kubernetes Grid management cluster (version 1.5 or later) running in vSphere or AWS. (This functionality is already supported for clusters running in Azure.)

What's New July 6, 2022

New Features and Improvements

  • Added support for continuous delivery from a Git repository

    Tanzu Mission Control now allows you to set up continuous delivery from Git repositories to your clusters. You can create and manage cluster resources (such as namespaces, or installed applications) declaratively using YAML artifacts stored in your Git repositories, which are then synced to your cluster using Flux CD.

    • Create and manage Git repository credentials to make sure your cluster can connect to repositories that require authentication.

    • Connect your cluster to Git repositories. Tanzu Mission Control manages the connection between your cluster and your repository so YAML artifacts from the repository can be synced to the cluster.

    • Sync YAML from a Git repository to a cluster. Tanzu Mission Control uses Flux CD to sync YAML artifacts (such as kustomization files) from your repository to your cluster. This allows you to define cluster resources in a reusable folder in your repository instead of manually creating resources.

    To get started, navigate to your cluster in the Tanzu Mission Control console, and then click on the Continuous Delivery tab. For more information, see Managing Cluster Resources with Continuous Delivery in Using VMware Tanzu Mission Control.

What's New June 21, 2022

New Features and Improvements

  • Added support for Tanzu Community Edition 0.12

    Tanzu Mission Control now supports full lifecycle management of Tanzu Community Edition (TCE) version 0.12 clusters. With this update, registered TCE v0.12 management clusters are displayed as TCE clusters. (TCE v0.11 clusters are displayed as Tanzu Kubernetes Grid clusters.)

What's New June 6, 2022

New Features and Improvements

  • Added new instances in India and Canada

    Tanzu Mission Control now offers an instance of our SaaS service in Mumbai, India. Customers that are subject to regulations that require vendors and software services to be in India can select the Mumbai, India (ap-south-1) region when onboarding with Tanzu Mission Control.

    Along with the recent addition of the Montreal, Canada (ca-central-1) region, Tanzu Mission Control is now available in the following locations:

    • Sydney, Australia

    • Montreal, Canada

    • Mumbai, India

    • Dublin, Ireland

    • Tokyo, Japan

    • Oregon, USA

What's New June 1, 2022

New Features and Improvements

  • Added support for Azure Blob storage backup location

    Tanzu Mission Control now allows you to bring your own Azure Blob storage for data protection. You can provide the Azure subscription and target Azure Blob storage details for an existing Azure Blob storage. After configuring a target location, you can share it across cluster groups to use it when performing cluster backups.

What's New May 20, 2022

New Features and Improvements

  • Added support for additional verbs and non-resource endpoints in custom roles

    Tanzu Mission Control has added new verbs to the custom role verb list for Kubernetes RBAC rules (deletecollection, impersonate, bind, and escalate), as well as the ability to enter your own verbs. The updated custom role workflow also allows you to create Kubernetes RBAC rules for granting access to non-resource URLs, like /healthz, in addition to cluster resources.

  • Added support for aggregated ClusterRoles in custom roles

    Tanzu Mission Control now allows you to aggregate the Kubernetes RBAC rules from multiple custom roles into a single combined custom role. You can apply labels to custom roles, and then create a custom role with an aggregation rule that uses a label selector to match the roles that contain the Kubernetes RBAC rules you want to include in the aggregated ClusterRole. For more information, see Create a Custom Access Role  in Using VMware Tanzu Mission Control and Aggregated ClusterRoles in the Kubernetes documentation.

What's New May 19, 2022

New Features and Improvements

  • Support for v1 version of ConstraintTemplates in Gatekeeper-based custom policies

    Tanzu Mission Control now supports the v1 version of ConstraintTemplates in custom policies based on the OPA Gatekeeper project. Both v1 and v1beta1 versions are supported for creating custom policy templates. For more information, see Create a Policy Template.

What's New April 21, 2022

New Features and Improvements

  • Updated access policy UI in Tanzu Mission Control console

    Access policies have been moved to a new top-level page in the Tanzu Mission Control console from the previous location on the Access tab of the Policy > Assignments page. To view, create, and edit access policies, click Access in the left navigation pane of the Tanzu Mission Control console. For more information, see Managing Access to Your Resources.

  • Improvement to policy workflow in the Tanzu Mission Control console

    Assigning a policy using the Tanzu Mission Control console has been simplified to show only applicable organizational view (Clusters or Workspaces) when applying a policy. For example, the image registry policy now shows only the Workspaces view.

What's New April 6, 2022

New Features and Improvements

What's New March 29, 2022

New Features and Improvements

  • Updated Velero to version 1.8.1

    The version of Velero used by the data protection features of Tanzu Mission Control is updated to 1.8.1. With this update, Tanzu Mission Control configures Velero with restic integration to include all volumes in the backup. To exclude volumes from being backed up using restic, you must annotate the pods that contain those volumes. For more information about using the opt-out approach with restic, see the documentation for Velero.

    Prior to this update, Tanzu Mission Control created backups using restic with opt-in approach by default. This update makes no changes to existing backups. Backups that were scheduled prior to this update continue to function how they were defined.

What's New February 25, 2022

New Features and Improvements

  • Improved UI for label selectors in data protection

    When creating or restoring a backup using the Tanzu Mission Control console, you can identify groups of resources using Kubernetes label selectors. The new user interface allows you to specify the key and values for the selector, and choose an operator from a dropdown list.

What's New February 17, 2022

New Features and Improvements

  • Added support for Tanzu Kubernetes Grid 1.5.x

    Tanzu Mission Control now supports full lifecycle management of Tanzu Kubernetes Grid versions 1.5.0 and 1.5.1, as well as version 1.4.2.

What's New February 14, 2022

New Features and Improvements

  • Configure volumes for workload clusters in Tanzu Kubernetes Grid Service

    Tanzu Mission Control now allows you to add volumes to your workload clusters running in Tanzu Kubernetes Grid Service. When you provision a cluster, you can add one or more volumes both for the control plane and for worker node pools. You can also add volumes when configuring node pools for an existing cluster. For more information, see Provision a Cluster in vSphere with Tanzu in Using VMware Tanzu Mission Control.

  • Configure the collector for Tanzu Observability

    You can now modify the configuration for the Tanzu Observability integration installed on a cluster using Tanzu Mission Control. You can modify the collector agent (which collects metrics from your cluster and then sends the data to your Tanzu Observability account) to adjust the metrics and frequency of collection, adding or restricting metrics to fit your specific requirements. You can also reset the collector agent configuration back to the TMC default set after modifying it. For more information, see Edit the Configuration of Your Tanzu Observability Collector in Using VMware Tanzu Mission Control.

What's New February 8, 2022

New Features and Improvements

  • Added support for creating and managing registry secrets

    Tanzu Mission Control now allows you to create and manage cluster secrets. You can create an image pull secret in a single namespace and optionally make it available for use by all namespaces in the cluster, providing a single place to manage all registry secrets for that cluster. Namespaces in a managed cluster can use a secret authenticate to private registries, including registries that store Tanzu Application Platform components.  For more information, see Managing Cluster Secrets.

What's New February 7, 2022

New Features and Improvements

What's New February 1, 2022

New Features and Improvements

  • Added Terraform provider support for Tanzu Mission Control 

    Tanzu Mission Control Terraform Provider brings support for lifecycle management of Tanzu Kubernetes Grid clusters, as well as the ability to attach conformant Kubernetes clusters, including public cloud provider clusters. You can now define and declare resources in code files and automate their DevOps pipelines through Terraform. For more information, visit the Tanzu Mission Control Provider documentation at terraform.io and the repository in GitHub.

What's New January 28, 2022

New Features and Improvements

  • Added proxy configuration support for Tanzu Kubernetes Grid Service clusters

    Tanzu Mission Control now lets you register and manage Tanzu Kubernetes Grid Service clusters running in vSphere with Tanzu environments that reside on private networks and behind firewalls. You can create a proxy configuration object for a Tanzu Kubernetes Grid Service cluster running in vSphere with Tanzu (vSphere 7.0.3a or newer), that you can use for the following tasks:

    • registering a Supervisor Cluster

    • adding workload clusters into TMC management

    • provisioning new workload clusters

    Note: Tanzu Mission Control supports only proxies that do not require authentication and proxies that use basic HTTP authentication.

    For more information, see Create a Proxy Configuration Object ..., in Using VMware Tanzu Mission Control.

What's New January 18, 2022

New Features and Improvements

  • Added subscription and usage tracking

    Curious how much time is left on your subscription, which tier you purchased, or how much Tanzu Mission Control you're consuming? Now you can keep track of all this and more on the Subscription tab of the Administration page.

    To report usage, Tanzu Mission Control collects Kubernetes CPU information and approximates 2 Kubernetes CPUs = 1 Physical Core. For CPU-based subscriptions in vSphere environments, you can have up to 32 cores per CPU.

  • Added Launchpad to make it easier to get started

    If you're new to Tanzu Mission Control, click on the Launchpad page to get connected to resources that will get you up and running.

What's New January 7, 2022

New Features and Improvements

  • Added support for Tanzu Kubernetes Grid 1.4.1

    Tanzu Mission Control now supports full lifecycle management of Tanzu Kubernetes Grid 1.4.1 clusters deployed on vSphere and Azure. This update includes support for multiple node pools, Avi load balancer, non-standard API port, and proxy configuration.

What's New December 1, 2021

New Features and Improvements

  • Added support for installing packages from Catalog

    VMware Tanzu Mission Control now offers a catalog feature that enables you to deploy software consistently and continuously to different types of Kubernetes clusters. The catalog allows you to declaratively deploy software to your managed Kubernetes clusters hosted in AWS, GCP, or Azure, leveraging the power of Carvel.

    The catalog page of the Tanzu Mission Control console shows the collection of packages in the Tanzu Standard repository available for deployment on managed clusters. You can also add your own Carvel package repositories to make those packages available for installation. (Registry authentication is not supported.)

    The Tanzu Mission Control catalog feature supports deployment to the following types of clusters managed by Tanzu Mission Control:

    • EKS (AWS)

    • AKS (Azure)

    • GKE (GCP)

    • Kind

    • Tanzu Kubernetes Grid Service workload clusters

    • Tanzu Kubernetes Grid workload clusters (version 1.4 and later)

    The TMC catalog does not support deployment to the following types of clusters:

    • Tanzu Kubernetes Grid Service Supervisor Clusters

    • Tanzu Kubernetes Grid management clusters

    • Tanzu Kubernetes Grid workload clusters (version 1.3 and earlier)

    • Tanzu Standard packages are not supported on clusters where PSP is enabled.

    If you have previously installed Carvel's kapp-controller on your cluster, you must remove the installation and all related resources before using the catalog feature.

    For more information, see Managing Packages in Your Cluster.

What's New November 16, 2021

New Features and Improvements

  • Updated Velero to version 1.6.3

    The version of Velero used by the data protection features of Tanzu Mission Control is updated to 1.6.3, which provides compatibility with Kubernetes version 1.22. With this update, Tanzu Mission Control configures Velero with restic integration as the default option for Kubernetes volume backup. To include volumes to be backed up using restic, you must annotate the pods that contain the volumes. For more information about opting in with restic, see the documentation for Velero.

What's New November 5, 2021

New Features and Improvements

  • Support for kubeconfig access to TKGI clusters

    Tanzu Mission Control now supports kubeconfig access for Tanzu Kubernetes Grid Integrated Edition. Through Tanzu Mission Control, you can download the kubeconfig file for attached TKGI clusters (version 1.10 and above) to access these clusters.

What's New November 3, 2021

New Features and Improvements

  • Support for cached resources in Gatekeeper-based custom policies

    Tanzu Mission Control now supports cached resources in custom policies based on the OPA Gatekeeper project. If a custom policy requires access to the state of other Kubernetes resources, the data inventory can be cached using custom policies in Tanzu Mission Control. For more information, see Create a Policy Template in Using VMware Tanzu Mission Control.

What's New October 20, 2021

New Features and Improvements

  • Support for kubeconfig access to public cloud clusters

    Tanzu Mission Control now supports kubeconfig access for the following types of attached clusters:

    • Amazon Elastic Kubernetes Service (EKS)

    • Azure Kubernetes Service (AKS)

    • Google Kubernetes Engine (GKE)

    Users can download the kubeconfig file to access these clusters. Tanzu Mission Control deploys Pinniped (an open source community standard) to support authentication into the cluster. For more information, see Enable Access to Public Cloud Clusters Through Tanzu Mission Control in Using VMware Tanzu Mission Control.

What's New October 8, 2021

New Features and Improvements

  • Restore individual namespaces from a full cluster backup

    The data protection features of Tanzu Mission Control now allow you to restore a selected namespace from a cluster backup. You can select individual namespaces to restore. Additionally, you can provide an alternative name when restoring a namespace, allowing you to restore without overwriting an existing namespace.

What's New October 5, 2021

New Features and Improvements

What's New September 29, 2021

New Features and Improvements

  • Tanzu Observability Integration at the Cluster Group Level

    You can now add a cluster group to observability. Tanzu Mission Control allows you to add all clusters in a cluster group to the integration with Tanzu Observability by Wavefront. With this feature, you select a cluster group and identify the Tanzu Observability credential to use, and then Tanzu Mission Control installs the Tanzu Observability collector extension to all the clusters in the cluster group. The collector extension is also installed on clusters that are subsequently added to the cluster group. For more information, see Add a Cluster Group to Observability in Using Tanzu Mission Control.

What's New September 8, 2021

New Features and Improvements

  • Proxy Configuration

    You can now create a proxy configuration object in Tanzu Mission Control that stores proxy connection information for your clusters. You can use the proxy configuration when performing operations in Tanzu Mission Control that require communication with clusters that run behind a proxy, such as attaching a cluster, registering a TKG management cluster, provisioning a cluster, and more. For more information, see Connecting Through a Proxy in Using Tanzu Mission Control.

Releases Prior to September 2021

What's New June 24, 2021

New Features and Improvements

  • (New Feature update): Tanzu Mission Control now allows platform operators to centrally manage and make available credentials for use by the Tanzu Observability integration. This new feature encourages the best practice use of Tanzu Observability service account credentials rather than personal API tokens when adding the integration to a cluster.

    As a platform operator, you can create new service account credentials in the Tanzu Observability console. Then, using the Tanzu Mission Control Administration page, you can add it as a new Tanzu Observability credential and make it available to users through an account access policy. Cluster administrators can then select an available credential from a list when adding Tanzu Observability to the cluster.

    For more information, see Create a Tanzu Observability Credential Object in Using Tanzu Mission Control.

What's New June 9, 2021

New Features and Improvements

  • (New Feature update): Storage and object limits are now supported in quota policies implemented through the Tanzu Mission Control console. Additionally, the Policy insights page shows alerts when resource requests approach or meet quota policy limits.

  • (New Feature update): Tanzu Mission Control now allows you to bring your own storage solution for data protection. With customer-provisioned target locations, you can provide the endpoint URL and credentials for an existing AWS S3 or S3-compatible storage location, and share it across cluster groups. After configuring a target location, you can use it when performing cluster backups.

What's New May 26, 2021

New Features and Improvements

What's New May 6, 2021

Bug Fixes

  • Fixed color of the UI components to match the light color theme.

What's New May 5, 2021

Bug Fixes

  • Fixed the display of conformance and Lite inspection test result details.

What's New May 4, 2021

Bug Fixes

  • Fixed the count of worker nodes on the cluster detail page when the total worker nodes count is more than 50.

  • Changed the cluster upgrade button as primary action, instead of inside Actions dropdown.

What's New April 30, 2021

New Features and Improvements

What's New April 21, 2021

New Features and Improvements

  • Improved filter and search interface on the Clusters page of the Tanzu Mission Control console. The user interface elements for searching and filtering are more visually obvious and easier to use.

What's New April 14, 2021

New Features and Improvements

  • (New Feature update): Tanzu Mission Control now supports viewing and filtering fleet-wide system activity events through the Events page. These are the same events that are currently available through the Event stream API, which do not include the audit log events available on the Audit Logs page.

  • Added CLI support for storage and object namespace quotas.

What's New April 9, 2021

New Features and Improvements

  • Improvements to the delete custom roles workflow. Delete workflow shows links to any existing role bindings while trying to delete a custom role.

What's New April 8, 2021

New Features and Improvements

  • (New Feature update) : Tanzu Mission Control now supports the ability to register Tanzu Kubernetes Grid (1.2 & 1.3) management clusters running in vSphere (6.7 & 7.0), which allows you to manage the lifecycle of their Tanzu Kubernetes workload clusters.

What's New March 17, 2021

New Features and Improvements

  • Tanzu Mission Control now supports the ability to create custom roles for access management. You can create roles with a customized set of permissions and use these roles to grant access.

What's New March 9, 2021

Bug Fixes

  • Fixed memory and CPU cores data on cluster overview details page.

What's New March 3, 2021

Bug Fixes

  • Fixed warning access pop-up issue during cluster creation workflow for TKG clusters.

  • Fixed redirection issue from policy insights to the policy definition.

  • Bugfix to let a user select a specific target location during backup creation.

What's New February 25, 2021

New Features and Improvements

  • Added ability to create an image policy with enforcement disabled (dry run mode).

  • Added support for viewing image policy violations through policy insights.

Bug Fixes

  • Updated the management cluster health tooltip.

What's New February 24, 2021

New Features and Improvements

  • Data protection now supports restoring backups to an alternative namespace. You can restore a namespace from a backup to a different namespace in the cluster. This allows you to restore data without changing or disrupting the source namespace in the cluster.

What's New February 23, 2021

New Features and Improvements

  • Network policies support two new recipes, custom-ingress and custom-egress, that allow you to define rules based on IP addresses, pod and namespace selectors, and ports.

What's New February 5, 2021

New Features and Improvements

  • Policy violations and sync issues are now available through the events API.

What's New February 1, 2021

New Features and Improvements

  • Added support for space characters in identity group names while creating access policy.

What's New January 25, 2021

New Features and Improvements

  • Added CLI support for adding integrations to a cluster. Tanzu Mission Control supports integrations with Tanzu Observability by Wavefront and Tanzu Service Mesh.

What's New January 22, 2021

Bug Fixes

  • Bug fix for clusters that are seen in a disconnected state intermittently.

What's New January 19, 2021

New Features and Improvements

  • Added support for additional custom policy templates.

What's New January 14, 2021

New Features and Improvements

  • (New Feature update) : Custom Roles are now available through the Tanzu Mission Control CLI. With custom roles, you can create roles with a customized set of permissions and assign these roles to users and groups.

  • (New Feature update) : Image policy enhancements based on Open Policy Agent-Gatekeeper project are now available in Tanzu Mission Control. With the release of this feature, the previous implementation of the image registry policy "allow registry" recipe is now deprecated.

  • Added support for setting security policies and custom policies on OpenShift clusters.

What's New December 16, 2020

Feature Shutdown

  • Disabled support for v1alpha API.

What's New December 11, 2020

New Features and Improvements

  • (New Feature update) : The Tanzu Service Mesh integration is now available on the Tanzu Mission Control platform. When the Tanzu Service Mesh service has been enabled on your organization, your Tanzu Mission Control organization administrator can enable the integration for use on clusters that are managed through Tanzu Mission Control. Then, cluster administrators can add Tanzu Service Mesh to managed clusters and designate which namespaces should belong in the mesh. Tanzu Mission Control takes care of the installation of service mesh components in the cluster, provides health status, and onboards it into Tanzu Service Mesh. For advanced configuration, you can open the Tanzu Service Mesh console directly from the Integrations card of the cluster detail page.

  • Released a custom policy template to mitigate the risk of Kubernetes CVE-2020-8554. Details available here.

  • Added support for kubeconfig access to workload clusters on Tanzu Kubernetes Grid.

What's New December 2, 2020

New Features and Improvements

  • (New Feature update) : Enabled support for Tanzu Kubernetes Grid on vSphere 7. You can now register your Tanzu Kubernetes Grid Service Supervisor Clusters, and then manage the lifecycle of workload clusters.

  • Added support for kubeconfig access to workload clusters on Tanzu Kubernetes Grid Service on vSphere 7.

Known Issues

  • All workload clusters must have unique names, even if they belong to distinct Supervisor Clusters.

What's New November 30, 2020

New Features and Improvements

Bug Fixes

  • Bug fix for adding multiple host paths while creating a security policy.

Known Issues

  • The first time a user clicks out to the Wavefront console after enabling the Tanzu Observability by Wavefront integration for a cluster, the user is taken to the default Wavefront Kubernetes dashboard instead of to the Kubernetes dashboard that is specific to the cluster where the integration was just enabled. Going back to the TMC cluster detail view and clicking out to Wavefront again (and all subsequent times) takes the user to the Kubernetes dashboard for that cluster as intended.

What's New November 18, 2020

New Features and Improvements

  • UI improvements to show IP addresses that are in use during cluster creation.

  • UI improvements to resize columns in data tables.

Bug Fixes

  • Bug fixes to allow manual inputs for node pool creation.

  • Bug fixes for data protection credential creation workflow.

What's New November 3, 2020

New Features and Improvements

  • Added support for baseline security template in security policies aligned with Kubernetes pod security standards. This template is aimed at ease of adoption for common containerized workloads while preventing known escalations.

What's New October 28th, 2020

New Features and Improvements

  • Added management cluster and provisioner fields in the Clusters page.

  • Restic support added by default when enabling data protection on clusters.

What's New October 21, 2020

New Features and Improvements

  • CLI and API update -- A new version (v1alpha1) is now available, in addition to version v1alpha.

  • Upgraded OPA Gatekeeper extension to 3.1.1 for Kubernetes 1.19 compatibility.

What's New October 13, 2020

Bug Fixes and Improvements

  • Added AWS Quick Start Guide link to step two of credential creation workflow.

  • Error messaging improvements for custom policies.

  • Bug fixes for refreshing cluster overview cards.

  • Added ability to sort data protection backup columns by name or creation time.

What's New October 7, 2020

New Features and Improvements

  • (New Feature update) : Custom policies are now available in Tanzu Mission Control. To create a custom policy, you must create a template that declaratively defines rules for your Kubernetes objects. After you create a custom policy using this template and assign it to your cluster fleet, Tanzu Mission Control enforces the policy and provides relevant feedback. Custom policies in Tanzu Mission Control are implemented using the Gatekeeper project from Open Policy Agent (OPA).

What's New September 17, 2020

New Features and Improvements

  • (New Feature update) : Security policies are now available. You can take advantage of preconfigured templates to enforce fleet-wide security policies for your Kubernetes infrastructure. Tanzu Mission Control lets you customize these templates based on your security needs along with the ability to include or exclude particular namespaces. You can also optionally set a security policy in the dry-run (audit) mode to evaluate its impact before enforcing.

  • (New Feature update) : The Policy insights page in the Tanzu Mission Control console provides a centralized, holistic view of the current state of policy events in your organization. Administrators can view fleet-wide, policy-related information - including sync issues and violations.

What's New September 15, 2020

New Features and Improvements

  • Improvements to the add integration modal for Tanzu Observability by Wavefront.

What's New September 3, 2020

New Features and Improvements

  • (New Feature update) : Data protection schedules allow you to configure recurring backups for your clusters. Tanzu Mission Control supports schedule creation using a standard set of templates for common and simple recurring schedules. You can also configure more complex schedules using custom cron expressions to provide you with maximum flexibility.

Releases Prior to September 2020

What’s New August 18, 2020

Fixes

  • Bug fixes for creating clusters with node pools in different availability zones.

What’s New August 11, 2020

New Features and Improvements

  • UI improvements for "Add Integration" modal in the cluster overview.

Fixes

  • CLI bug fixes for the "tmc documentation" command.

What’s New August 4, 2020

New Features and Improvements

  • Three new versions of Kubernetes have been released: 1.16.12, 1.17.8, and 1.18.5.

What's New July 30, 2020

New Features and Improvements

  • (New Feature update) Namespace quota policy: You can now set namespace quota policies for your clusters. CPU and memory quotas are now available along with the ability to set label-based namespace selectors. Namespace selectors allow granular control over including or excluding specified namespaces. This helps you have a single place to define fleet-wide namespace quota policies and define exceptions in a streamlined manner.

  • (New Feature update) Tanzu Observability by Wavefront integration is now available. Tanzu Observability by Wavefront integration allows you install the Wavefront Kubernetes collector on any cluster with a single click through Tanzu Mission Control console. After the collector is successfully installed, you can click out to the Tanzu Observability platform directly from the Tanzu Mission Control console.

What's New July 28, 2020

  • User interface workflow improvements while selecting an AWS account credential during cluster creation.

What's New July 22, 2020

New Features and Improvements

  • (New Feature update) You can now move clusters between cluster groups. To move a cluster, navigate to the cluster detail page and then choose Move from the Actions dropdown menu. Note that moving a cluster between groups results in a change to the policies inherited from the cluster group.

  • Added the ability to manually refresh all applied policies.

  • While creating an access policy, you can now see type-ahead suggestions for your subjects.

  • User experience improvements to the upgrade cluster pop-up window.

  • Support for Kubernetes versions: 1.16.11, 1.17.7, 1.18.4

Fixes

  • CLI bug fixes while restoring a backup.

What's New June 24, 2020

New Features and Improvements

  • (New Feature Update) Data Protection: You can now take advantage of data protection on clusters managed through Tanzu Mission Control. You can backup and restore clusters, namespaces, and even groups of resources using Kubernetes label selectors. Tanzu Mission Control passes these commands through its cluster agent technology and Velero project executes the backups passing back status, errors, and full backup details. Instead of operating Velero directly in every cluster, Tanzu Mission Control’s UI, CLI, and API allow you to centrally create backups and restores of all of your clusters regardless of where they are located.

What's New June 15, 2020

New Features and Improvements

  • Improved workflow for a new user downloading a kubeconfig by automatically initializing the correct TMC CLI context.

Fixes

  • Bug fix to prevent creating a node pool with a partially entered name on the UI.

What's New June 2, 2020

New Features and Improvements

  • (New Feature Update) Audit Log Report: You can now generate a report of audit events for your organization. Navigate to the Logs page in Tanzu Mission Control, specify a date range, and get a compressed file with the audit data. The audit log report provides context for you to understand which team members are performing specific operations. You can also see when these operations were applied to the cluster.

What's New May 27, 2020

New Features and Improvements

  • (New Feature Update)- Inspection progress bar has been added to all types of inspections. When you run an inspection on a cluster, you can now view the number of tests completed against the total number of tests.

What's New May 19, 2020

Fixes

  • Bug fix to show detailed results with the "Expand" component on the UI for inspections.

  • Bug fix to reset nodepool VPC private subnet correctly when the selected VPC changes.

What's New May 13, 2020

New Features and Improvements

  • (New Feature Update) Account credential access policy: This policy type lets you set access control on your account credentials. For example, you can control which users and groups can view and share the AWS account credential configured in your organization. This allows for streamlined billing and better security in scenarios where users in an organization do not want an account credential to be shared with the entire organization. Account credential access is available under Settings in the console. Two new roles credential.admin and credential.view have been added in this release.

  • (New Feature Update) Provision clusters in existing AWS Virtual Private Network (VPC) : Tanzu Mission Control now lets you deploy and manage Kubernetes clusters inside an existing VPC within your AWS account. This allows existing applications in a VPC to communicate with Kubernetes applications without the hassle and cost of VPC peering. This capability is available for both development and production cluster types. When you select a region while provisioning a cluster, the existing VPCs in that region are displayed for you to choose from.

  • (New Feature Update) Support for CIS Benchmark Inspection Scans: The Center for Internet Security is a nonprofit entity whose mission is to identify, develop, validate, promote, and sustain best-practice solutions for cyber defense. CIS has developed prescriptive tests for establishing a secure configuration posture for Kubernetes. We now have a CIS Kubernetes inspection scan in Tanzu Mission Control that utilizes the implementation provided by kube-bench. Support for the CIS benchmark inspection scan further enables you to tighten the security of your cluster with industry best practices.

Fixes

  • Bug fix to filter system namespaces.

  • Bug fix to show the correct tmc cluster validate command when the cluster is in the disconnected state.

  • Fix to handle browser compatibility for Microsoft Edge browsers.

What's New May 1, 2020

New Features and Improvements

  • (New Feature Update) - You can now view policy synchronization errors from the Tanzu Mission Control console. If your policy is not synchronized to the Kubernetes cluster correctly, you can view the errors by clicking on the Sync Issues tab on the Policies page. Details like the error that occurred, and the policy and resources affected can be accessed through Tanzu Mission Control.

What's New April 28, 2020

New Features and Improvements

  • Added description to cluster groups overview.

Fixes

  • Bug fix for CLI to parse boolean inputs in interactive mode.

  • Bug fix for CLI to edit cluster groups on Windows.

What's New April 21, 2020

New Features and Improvements

  • User should now be able to choose their Availability Zone when they choose a 'development' cluster while provisioning.

  • Customers can now reattach clusters in the event that the TMC cluster agent is removed from the cluster or if an administrator rebuilds the cluster. When a cluster is reattached TMC preserves the historical data for the cluster and returns the agent to its prior state.

  • Clusters in an 'unknown' status now show instructions to run the `tmc cluster validate` command to help troubleshoot cluster agent connection problems.

  • Added support for Kubernetes version 1.17.3 for provisioned clusters

Fixes

  • Bug fix for kubectl attach command while attaching clusters. Changed the attach command to include double quotes in the UI.

  • Included cluster group value for unmanaged namespaces.

  • Bug fix to show the correct CPU and memory usage for namespaces.

What's New April 13th, 2020

New Features and Improvements

  • You can now specify a non-default CIDR for pod and service when creating a provisioned cluster.

Fixes

  • Bug fix to set the right name while attaching a cluster.

  • Bug fix to add/edit labels for managed namespaces in attached clusters.

What's New April 8th, 2020

Fixes

  • Disabled node pools AZ dropdown when provisioning a development cluster.

  • Bug fixes to create managed namespaces successfully when failing with error- "Failed to get cluster options".

  • Fixed bug where cluster modal potentially shows incorrect upgrade version selection when re-opened and upgrades to the latest.

  • Fixed showing SSH warning until a region is selected while provisioning a cluster eliminating user confusion about what this warning means.

  • Bug fixes and improved status reporting for creating cluster with the CLI.

  • Added warning while force deleting a provisioned cluster with the CLI.

What's New March 20th, 2020

New Features and Improvements

  • When provisioning a cluster, the region field now defaults to blank value instead of selecting a random region.

Fixes

  • Changed `kubectl apply` to `kubectl create` in the attach cluster command.

  • Added workspace name to the workload information when you click on the workload.

  • Fixed VMware Cloud Services link on the Automation center page in the console.

What's New March 10th, 2020

We are very excited that today marks our first day to be publicly available for purchase by current and future VMware customers.

Fixes and Improvements

  • Bug fixes for editing cluster labels in Tanzu Mission Control.

  • Added node version to the nodes datagrid.

  • Added validation to the credential name in the provider credential workflow.

What's New March 9th, 2020

New Features and Improvements

  • Filter Unmanaged Kubernetes RBAC: You can now filter system namespaces to view the custom-created, unmanaged RBAC (role bindings created directly on the Kubernetes cluster instead of going through Tanzu Mission Control).

  • Improved filtering capabilities on workloads.

  • Improved validation of cluster names while creating a cluster.

  • Added workspace information to the workloads view.

  • Improved sorting functionality on multiple tables.

Fixes

  • Bug fixes for viewing the YAML definition in the Tanzu Mission Control console.

  • Bug fixes for cluster status while upgrading the cluster.

  • Bug fixes for cluster upgrades via CLI.

  • Bug fix to return the inspection ID while running inspection via CLI.

What's New February 20th, 2020

New Features and Improvements

  • Added support for Kubernetes version 1.16.6 for provisioned clusters.

  • Clusters provisioned through Tanzu Mission Control are now on port 443. (Previously they were on port 6443.)

What's New February 14th, 2020

New Features and Improvements

  • Added support for provisioning clusters in two new regions: eu-central-1 and ap-southeast-1

  • When viewing the access policies for a cluster, you can now see the unmanaged Kubernetes RBAC policies (rolebindings).

  • Included cluster name for namespaces under the Workspaces policy view.

Fixes

  • Security fix to prevent authorized but low-privileged users with access to a provisioned cluster from stealing credentials from control plane nodes.

  • Bug fixes for cluster group details page.

  • Bug fixes for editing network policies.

  • Bug fixes for the "Add Label" interaction in the policy view.

  • Fixes for usage metrics namespace view for managed namespaces.

What's New February 5th, 2020

New Features and Improvements

  • Added the ability to upgrade provisioned Kubernetes clusters through the console. Previously available through CLI and API, this capability lets you upgrade the control plane and the worker nodes of your Kubernetes cluster.

  • Added the ability to hide Tanzu objects or system objects on the Workloads page for a cluster, to improve readability.

  • Added support for the latest MS Edge (Chromium) Version 80 or later.

  • Improvements in filtering capabilities on data grids in the UI.

Fixes

  • Marked kube-public and kube-node-lease as system namespaces.

  • Fixes to prevent attaching system namespaces.

  • Bug fixes to prevent an infinite loop on filtering in data grids.

What's New January 30th, 2020

New Features and Improvements

  • Added the capability to filter clusters by type: attached and provisioned.

  • Tooltip improvements to the Provider column on the Clusters page.

  • Added account status on the Clusters page. Invalid account status is now shown on the dropdown when you click New Cluster.

  • Added the capability to delete failed inspections in the console.

  • Updated validation text for resource names.

  • Visual improvements to the Add Network Policy form.

  • (CLI) Improved CLI documentation for inspections.

  • Improved error reporting for API errors using in-context alerts.

  • Removed ability to view and manage direct namespace policies for image and network policies

What's New January 14th, 2020

New Features and Improvements

  • Added support for attaching OpenShift clusters.

  • Improvements to show the time taken for inspections to be completed.

  • Visual improvements to policy tree with links to inherited policies from direct policy view.

  • Improvements to show node pool creation and deletion errors.

  • Added warning message for remove cluster workflow (Forget this cluster).

  • Added inspection ID for failed scans in the Tanzu Mission Control console.

Fixes

  • Bugfix for downloading kubeconfig with the correct file name.

  • Fixed infinite loop spinner on the policies page.

  • Fixed incorrect warnings when using the keyboard tab.

  • Fixed UI experience for the add policy form.

What's New January 9th, 2020

New Features and Improvements

  • Attach unmanaged namespaces: Namespaces in Kubernetes are intended for use in environments with many users spread across multiple teams or projects. In both attached and provisioned clusters, you can create namespaces that you can manage through Tanzu Mission Control using policies. Your clusters can also have unmanaged namespaces that were created externally and don't need to be managed through Tanzu Mission Control. You can now attach unmanaged namespaces in Tanzu Mission Control, so you can manage all of your Kubernetes namespaces through Tanzu Mission Control. This provides the capability to manage all of your namespaces and policies on these namespaces in a centralized way.

  • Visual improvements to the Tanzu Mission Control console page for connecting an AWS provider account.

  • Improvements to the Detach Cluster functionality with more detailed UI messages.

  • Added an information box for image registry policies to help users understand the expected input.

  • Improved the first time experience of the New cluster button when there are no accounts.

  • Added the View policies link from the individual cluster group, cluster, workspace, and namespace.

Fixes

  • Added validations to the Labels input across all forms.

  • Bug fixes for handling API errors for failed requests on the policies page.

  • Bug fixes for refreshing SSH options on create cluster form.

  • Fixed bugs on running inspections.

  • Fixes on memory calculation on workload page.

What's New December 6th, 2019

New Features and Improvements

Network Policy : Added network policy management to Tanzu Mission Control. A network policy is a specification for how groups of pods are allowed to communicate with each other and network endpoints. These network policies can be set by using predefined custom templates called recipes and can now be applied to workspaces, with support for four different types of recipes (deny all, allow all, deny-all-to-pods, allow-all-to-pods).

kubectl Namespace Access : For provisioned clusters, users can access managed namespaces and download the kubectl configuration for a particular namespace.This feature lets you download the kubectl configuration for a single namespace and access it using the Tanzu Mission Control CLI which can be used by individual users who do not have access to the entire cluster.

Getting Started Cards : Added getting started cards for cluster group views. Improved the getting started card experience for image policies.

Fixes

  • Bug fixes for node pool editing.

  • Bug fixes for filtering and pagination on cluster lists.

  • Removed the endpoint configuration parameter from the download CLI view.

  • Fixes for validations on search parameters across input forms in the UI.

check-circle-line exclamation-circle-line close-line
Scroll to top icon