The Platform has introduced the following features and enhancements. Also see the release notes for more information about bug fixes and additional improvements in each release.
The Platform now supports certificate-based authentication to a Kubernetes cluster added to the Platform. Platform Operators can now upload X.509 certificates signed by a Certificate Authority that is trusted by the Kubernetes API server for the Platform to use to authenticate to an added cluster, instead of providing user credentials. See more about authenticating your cluster on the Platform.
The Platform now supports asymmetric cryptography that generates and encrypts a symmetric key, which allows for unique key generation both inter and intra-Platform. The Platform’s new key management enhancements provide isolation between guest applications and the Platform, which significantly limits the ability of attackers deploying malicious applications and gaining access to Platform keys and secrets. See more about the key management enhancements.
Developer Portal actions such as deleting or promoting an applications are now logged as a part of the Platform’s audit logs.
The Platform is now enabled to use Virtual Accounts as the default for managing and running guest application WCF and Windows Services. Virtual Accounts is a Windows Server feature that will automatically create a different user for a deployed workload, allowing for increased isolation for workloads running on the Platform and reducing operational overhead for managing domain service accounts.
The Platform now supports some custom behaviors configuration for WCF services to be hosted on the Platform. Notably, you can now specific serviceDebug, serviceMetadata, dataContractSerializer and serviceThrottling custom behaviors for your WCF Services.
See more about creating guest applications with WCF Services.
Developers are now able to manage environment variables for their WCF services, Windows Services, Java Web Applications, Linux Services (including Docker) guest application through the Developer Portal and Application Management REST API.
Developers can manage subscription assignment for multi-Tentant applications. The ability to manage subscriptions is now controlled by the Manage Users and Subscriptions securable and these actions can be automated by using new endpoints in the Application Management API.
The Apprenda Cloud Platform now supports adding a Kubernetes cluster to your Platform. The Platform will act as a management layer for any added cluster, configuring your applications and handling external routing, without changing the underlaying cluster or Kubernetes configurations. Application resource management polices, container registry controls, custom property assignment, and more can be managed through the Platform and configured before your applications are deployed to the cluster.
Using the Platform to manage your cluster will allow you to further separate the concerns of developers and operators. The on cluster deployments and policy enforcement will continue to be run by Kubernetes, however, developers and operators will be able to leverage the native features of the Platform to simplify application and resource management on the cluster.
Platform Operators are now able to set resource allocation limits for specific Development Teams. Global settings will still be enforced on all Development Teams that don’t have limit overrides set.
See more about assigning resource limits for Development Team.
Platform Operators can now create Application Bootstrap Polices that will affect a component of an application. The Platform will implement these policies when an application is promoted and all deployed instances of that component will have the changes from the policy. This is different from the instance based policies where the Platform performs the changes for the policy when an instance of an application component is deployed.