diff --git a/ci/vale/dictionary.txt b/ci/vale/dictionary.txt index 0fa522e5a4d..32c58474583 100644 --- a/ci/vale/dictionary.txt +++ b/ci/vale/dictionary.txt @@ -1604,6 +1604,7 @@ MXNet myapp myblog mydestination +mydockerhubusername mydomain myhostname mynewdomain diff --git a/docs/guides/applications/containers/installing-docker-shortguide/index.md b/docs/guides/applications/containers/installing-docker-shortguide/index.md index c00d89b57f8..54499a39a77 100644 --- a/docs/guides/applications/containers/installing-docker-shortguide/index.md +++ b/docs/guides/applications/containers/installing-docker-shortguide/index.md @@ -22,4 +22,4 @@ To install Docker CE (Community Edition), follow the instructions within one of - [Installing and Using Docker on CentOS and Fedora](/docs/guides/installing-and-using-docker-on-centos-and-fedora/) -For complete instructions on even more Linux distributions, reference the [Install Docker Engine](https://docs.docker.com/engine/install/) section of Docker's official documentation. +To see installation instructions for other Linux distributions or operating systems like Mac or Windows, reference Docker's official documentation here: [Install Docker Engine](https://docs.docker.com/engine/install/) diff --git a/docs/guides/kubernetes/_shortguides/lke-network-firewall-information-shortguide/index.md b/docs/guides/kubernetes/_shortguides/lke-network-firewall-information-shortguide/index.md deleted file mode 100644 index d6852876635..00000000000 --- a/docs/guides/kubernetes/_shortguides/lke-network-firewall-information-shortguide/index.md +++ /dev/null @@ -1,48 +0,0 @@ ---- -slug: lke-network-firewall-information-shortguide -title: "Network and Filewall Information for Linode Kubernetes Engine Clusters" -description: 'Language that describes the options for creating workloads on Linode Kubernetes Engine that are accessible from the Internet, and directions for creating firewall rules for your nodes.' -authors: ["Linode"] -contributors: ["Linode"] -published: 2020-04-06 -modified: 2022-11-22 -keywords: [] -license: '[CC BY-ND 4.0](https://creativecommons.org/licenses/by-nd/4.0)' -headless: true -show_on_rss_feed: false -tags: ["kubernetes"] -aliases: ['/kubernetes/lke-network-firewall-information-shortguide/'] ---- - -In an LKE cluster, some entities and services are only accessible from within that cluster while others are publicly accessible (reachable from the internet). - -**Private (accessible only within the cluster)** - -- Pod IPs, which use a per-cluster virtual network in the range 10.2.0.0/16 -- ClusterIP Services, which use a per-cluster virtual network in the range 10.128.0.0/16 - -**Public (accessible over the internet)** - -- NodePort Services, which listen on all Nodes with ports in the range 30000-32768. -- LoadBalancer Services, which automatically deploy and configure a NodeBalancer. -- Any manifest which uses `hostNetwork`: true and specifies a port. -- Most manifests which use `hostPort` and specify a port. - -Exposing workloads to the public internet through the above methods can be convenient, but this can also carry a security risk. You may wish to manually install firewall rules on your cluster nodes. The following policies are needed to allow communication between the node pools and the control plane and block unwanted traffic: - -- **Allow kubelet health checks:** TCP port 10250 from 192.168.128.0/17 Accept -- **Allow Wireguard tunneling for kubectl proxy:** UDP port 51820 from 192.168.128.0/17 Accept -- **Allow Calico BGP traffic:** TCP port 179 from 192.168.128.0/17 Accept -- **Allow NodePorts for workload services:** TCP/UDP port 30000 - 32767 192.168.128.0/17 Accept -- **Block all other TCP traffic:** TCP All Ports All IPv4/All IPv6 Drop -- **Block all other UDP traffic:** UDP All Ports All IPv4/All IPv6 Drop -- **Block all ICMP traffic:** ICMP All Ports All IPv4/All IPv6 Drop -- IPENCAP for IP ranges 192.168.128.0/17 for internal communication between node pools and control plane. - -For additional information, [please see this community post](https://www.linode.com/community/questions/19155/securing-k8s-cluster). Future LKE release may allow greater flexibility for the network endpoints of these types of workloads. - -Please note, at this time, nodes should be removed from the Cloud Firewall configuration before removing/recycling of node pools within the Kubernetes configuration. Also, when adding node pools to the Kubernetes cluster, Cloud Firewall must be updated with the new node pool(s). Failure to add the new nodes creates a security risk. - -{{< note >}} -All new LKE clusters create a service named `Kubernetes` in the `default` namespace designed to ease interactions with the control plane. This is a standard service for LKE clusters. -{{< /note >}} \ No newline at end of file diff --git a/docs/guides/kubernetes/how-to-deploy-a-static-site-on-linode-kubernetes-engine/index.md b/docs/guides/kubernetes/how-to-deploy-a-static-site-on-linode-kubernetes-engine/index.md index 2709eb65b14..e09a9e48267 100644 --- a/docs/guides/kubernetes/how-to-deploy-a-static-site-on-linode-kubernetes-engine/index.md +++ b/docs/guides/kubernetes/how-to-deploy-a-static-site-on-linode-kubernetes-engine/index.md @@ -14,12 +14,12 @@ external_resources: aliases: ['/kubernetes/how-to-deploy-a-static-site-on-linode-kubernetes-engine/','/applications/containers/kubernetes/how-to-deploy-a-static-site-on-linode-kubernetes-engine/','/applications/containers/kubernetes/static-site-linode-kubernetes-engine/'] --- -*Linode Kubernetes Engine (LKE)* allows you to easily create, scale, and manage Kubernetes clusters to meet your application's demands, reducing the often complicated cluster set-up process to just a few clicks. Linode manages your Kubernetes master node, and you select how many Linodes you want to add as worker nodes to your cluster. +*Linode Kubernetes Engine (LKE)* allows you to easily create, scale, and manage Kubernetes clusters to meet your application's demands, reducing the often complicated cluster set-up process to just a few clicks. Linode manages your Kubernetes master node, and you select how many Compute Instances you want to add as worker nodes to your cluster. Deploying a static site using an LKE cluster is a great example to follow when learning Kubernetes. A [container](/docs/guides/kubernetes-reference/#container) image for a static site can be written in less than ten lines, and only one container image is needed. Therefore, it's often less complicated to deploy a static site on Kubernetes than some other applications that require multiple components. {{< note type="alert" >}} -Following the instructions in this guide creates billable resources on your account in the form of Linodes and NodeBalancers. You are billed an hourly rate for the time that these resources exist on your account. Be sure to follow the [tear-down section](#tear-down-your-lke-cluster-and-nodebalancer) at the end of this guide if you do not wish to continue using these resources. +Following the instructions in this guide creates billable resources on your account in the form of Compute Instances and NodeBalancers. You are billed an hourly rate for the time that these resources exist on your account. Be sure to follow the [tear-down section](#tear-down-your-lke-cluster-and-nodebalancer) at the end of this guide if you do not wish to continue using these resources. {{< /note >}} ## In this Guide @@ -42,19 +42,11 @@ This guide shows you how to: - [Sign up for a Docker Hub Account](#sign-up-for-a-docker-hub-account) - [Install Hugo](#install-hugo) -- Finally, you need to create a cluster on LKE, if you do not already have one: +- Finally, you need to create an LKE cluster, if you do not already have one: - - To create a cluster in the Linode Cloud Manager, review the [Deploy a Cluster with Linode Kubernetes Engine](/docs/products/compute/kubernetes/) guide. + - To create a cluster from the Cloud Manager, review the [Deploy a Cluster with Linode Kubernetes Engine](/docs/products/compute/kubernetes/) guide. Specifically, follow the [Create an LKE Cluster](/docs/products/compute/kubernetes/guides/create-cluster/) and [Connect to your LKE Cluster with kubectl](/docs/products/compute/kubernetes/guides/kubectl/) sections. - {{< note >}} - Specifically, follow the [Create an LKE Cluster](/docs/products/compute/kubernetes/guides/create-cluster/) and [Connect to your LKE Cluster with kubectl](/docs/products/compute/kubernetes/guides/kubectl/) sections. - {{< /note >}} - - - To create a cluster from the Linode API, review the [Deploy and Manage a Cluster with Linode Kubernetes Engine and the Linode API](/docs/products/compute/kubernetes/guides/deploy-and-manage-cluster-with-the-linode-api/) tutorial. - - {{< note >}} - Specifically, follow the [Create an LKE Cluster](/docs/products/compute/kubernetes/guides/deploy-and-manage-cluster-with-the-linode-api/#create-an-lke-cluster) section. - {{< /note >}} + - To create a cluster via the Linode API, review the [Deploy and Manage a Cluster with Linode Kubernetes Engine and the Linode API](/docs/products/compute/kubernetes/guides/deploy-and-manage-cluster-with-the-linode-api/) tutorial. Specifically, follow the [Create an LKE Cluster](/docs/products/compute/kubernetes/guides/deploy-and-manage-cluster-with-the-linode-api/#create-an-lke-cluster) section. ### Install kubectl @@ -76,7 +68,7 @@ You use [Docker Hub](https://hub.docker.com/) to store your Docker image. If you ### Install Hugo -A *static site generator* (SSG) is usually a command line tool that takes text files written in a markup language like [Markdown](https://daringfireball.net/projects/markdown/), applies a stylized template to the content, and produces valid HTML, CSS, and JavaScript files. Static sites are prized for their simplicity and speed, as they do not generally have to interact with a database. +A *static site generator* (SSG) is a command line tool that takes text files written in a markup language like [Markdown](https://daringfireball.net/projects/markdown/), applies a stylized template to the content, and produces valid HTML, CSS, and JavaScript files. Static sites are prized for their simplicity and speed, as they do not generally have to interact with a database. The Linode documentation website, and this guide, employ [Hugo](https://gohugo.io). Hugo is a powerful and fast SSG written in the [Go](/docs/guides/install-go-on-ubuntu/#what-is-go) programming language, but you can choose one that best suits your needs by reading our [How to Choose a Static Site Generator guide](/docs/guides/how-to-choose-static-site-generator/). @@ -138,11 +130,9 @@ In this section you creates a static site on your workstation using Hugo. git submodule add https://github.com/budparr/gohugo-theme-ananke.git themes/ananke ``` - {{< note >}} Git submodules allow you to include one Git repository within another, each maintaining their own version history. To view a collection of Hugo themes, visit the [Hugo theme collection](https://themes.gohugo.io/). - {{< /note >}} -1. In the text editor of your choice, open the `config.toml` file and add the following line to the end: +1. In the text editor of your choice, open the `hugo.toml` file and add the following line to the end: ```file theme = "ananke" @@ -150,6 +140,20 @@ In this section you creates a static site on your workstation using Hugo. This line instructs Hugo to search for a folder named `ananke` in the `themes` directory and applies the templating it finds to the static site. + {{< note title="Older Hugo versions use config.toml" >}} + If you are using an older version of Hugo, you may see a `config.toml` file instead of `hugo.toml`. Should any errors persist, you can rename the file to the alternative name using one of the commands below: + ```command + mv hugo.toml config.toml + ``` + ```command + mv config.toml hugo.toml + ``` + Alternatively, you can duplicate the file and its contents to a second file using the other name and then link the two. This allows both files to exist without conflict: + ```command + ln hugo.toml config.toml + ``` + {{< /note >}} + 1. Add an example first post to your Hugo site: ```command @@ -167,8 +171,8 @@ In this section you creates a static site on your workstation using Hugo. ```file {title="lke-example/content/posts/first_post.md" lang=md} --- title: "First_post" - date: 2019-07-29T14:22:04-04:00 - draft: false + date: 2024-07-17T14:41:25-04:00 + draft: true --- ``` @@ -177,7 +181,7 @@ In this section you creates a static site on your workstation using Hugo. ```file {title="lke-example/content/posts/first_post.md" lang=md} --- title: "First Post About LKE Clusters" - date: 2019-07-29T14:22:04-04:00 + date: 2024-07-17T14:41:25-04:00 draft: false --- @@ -259,8 +263,8 @@ In this section you create a Docker container for your static site, which you th 1. Add the following contents to the `Dockerfile`. Each command has accompanying comments that describe their function: ```file {title="lke-example/Dockerfile"} - # Install the latest Debian operating system. - FROM alpine:3.12.0 as HUGO + # Install the latest Alpine operating system. + FROM alpine:3.20.1 as HUGO # Install Hugo. RUN apk update && apk add hugo @@ -294,19 +298,15 @@ In this section you create a Docker container for your static site, which you th .gitignore ``` - {{< note >}} This file, similar to the `.gitignore` file you created in the previous section, allows you to ignore certain files within the working directory that you want to leave out of the container. Because you want the container to be the smallest size possible, the `.dockerignore` file includes the `public/` folder and some hidden folders that Git creates. - {{< /note >}} -1. Run the Docker `build` command. Replace `mydockerhubusername` with your Docker Hub username. The period at the end of the command tells Docker to use the current directory as its build context. +1. Run the Docker `build` command. Replace {{< placeholder "mydockerhubusername" >}} with your Docker Hub username. The period at the end of the command tells Docker to use the current directory as its build context. ```command - docker build -t mydockerhubusername/lke-example:v1 . + docker build -t {{< placeholder "mydockerhubusername" >}}/lke-example:v1 . ``` - {{< note >}} - In the example below, the container image is named `lke-example` and has been given a version tag of `v1`. Feel free to change these values. - {{< /note >}} + In the example, the container image is named `lke-example` and has been given a version tag of `v1`. Feel free to change these values. 1. Docker downloads the required Debian and NGINX images, as well as install Hugo into the image. Once complete, you should see output similar to the following: @@ -455,10 +455,10 @@ In this section, you create a [Deployment](/docs/guides/kubernetes-reference/#de 1. Create a Service manifest file to provide load balancing for the deployment. Load balancing ensures that traffic is balanced efficiently across multiple backend nodes, improving site performance and ensuring that your static site is accessible should a node go down. - Specifically, the Service manifest that is used in this guide triggers the creation of a Linode [NodeBalancer](/docs/products/networking/nodebalancers/get-started/). + Specifically, the Service manifest that is used in this guide triggers the creation of a [NodeBalancer](/docs/products/networking/nodebalancers/get-started/). - {{< note >}} - The NodeBalancer's creation is controlled through the [Linode Cloud Controller Manager (CCM)](/docs/guides/kubernetes-reference/#linode-cloud-controller-manager). The CCM provides a number of settings, called `annotations`, that allow you to control the functionality of the NodeBalancer. To learn more about the CCM, read our [Installing the Linode CCM on an Unmanaged Kubernetes Cluster](/docs/guides/install-the-linode-ccm-on-unmanaged-kubernetes/) guide. + {{< note title="Cloud Controller Manager (CCM)" >}} + The NodeBalancer's creation is controlled through the [Cloud Controller Manager (CCM)](/docs/guides/kubernetes-reference/#linode-cloud-controller-manager). The CCM provides a number of settings, called `annotations`, that allow you to control the functionality of the NodeBalancer. To learn more about the CCM, read our [Installing the Linode CCM on an Unmanaged Kubernetes Cluster](/docs/guides/install-the-linode-ccm-on-unmanaged-kubernetes/) guide. {{< /note >}} 1. Name the file `static-site-service.yaml`, save it to your `manifests` directory, and enter the contents of this snippet: @@ -510,13 +510,13 @@ In this section, you create a [Deployment](/docs/guides/kubernetes-reference/#de ## General Network and Firewall Information -{{% content "lke-network-firewall-information-shortguide" %}} +To learn more about networking within LKE, open ports, and configuring firewall rules, see [General Network and Firewall Information](/docs/products/compute/kubernetes/get-started/#general-network-and-firewall-information). ## Next Steps If you'd like to continue using the static site that you created in this guide, you may want to assign a domain to it. Review the [DNS Records: An Introduction](/docs/guides/dns-overview/) and [DNS Manager](/docs/products/networking/dns-manager/) guides for help with setting up DNS. When setting up your DNS record, use the external IP address that you noted at the end of the previous section. -If you would rather not continue using the cluster you just created, review the [tear-down section](#tear-down-your-lke-cluster-and-nodebalancer) to remove the billable Linode resources that were generated. +If you would rather not continue using the cluster you just created, review the [tear-down section](#tear-down-your-lke-cluster-and-nodebalancer) to remove any billable resources that were generated. ## Tear Down your LKE Cluster and NodeBalancer @@ -532,7 +532,7 @@ If you would rather not continue using the cluster you just created, review the kubectl delete -f static-site-service.yaml ``` -- To remove the LKE Cluster and the associated nodes from your account, navigate to the [Linode Cloud Manager](https://cloud.linode.com): +- To remove the LKE Cluster and the associated nodes from your account, navigate to the [Cloud Manager](https://cloud.linode.com): 1. Click on the **Kubernetes** link in the sidebar. A new page with a table which lists your clusters appears. diff --git a/docs/products/compute/compute-instances/guides/create/create-instance-distribution.jpg b/docs/products/compute/compute-instances/guides/create/create-instance-distribution.jpg index 5099ac5d6ef..c89404c99e1 100644 Binary files a/docs/products/compute/compute-instances/guides/create/create-instance-distribution.jpg and b/docs/products/compute/compute-instances/guides/create/create-instance-distribution.jpg differ diff --git a/docs/products/compute/compute-instances/guides/create/index.md b/docs/products/compute/compute-instances/guides/create/index.md index 639074997e2..09b80a18904 100644 --- a/docs/products/compute/compute-instances/guides/create/index.md +++ b/docs/products/compute/compute-instances/guides/create/index.md @@ -3,7 +3,7 @@ title: "Create a Compute Instance" title_meta: "Create a Compute Instance on the Linode Platform" description: "Learn how to create a new Compute Instance, including choosing a distribution, region, and plan size." published: 2022-04-19 -modified: 2024-06-20 +modified: 2024-07-22 keywords: ["getting started", "deploy", "linode", "linux"] aliases: ['/guides/creating-a-compute-instance/','/products/compute/dedicated-cpu/guides/deploy/'] --- diff --git a/docs/products/compute/kubernetes/get-started/index.md b/docs/products/compute/kubernetes/get-started/index.md index c6b30fbc46c..41488fb69f5 100644 --- a/docs/products/compute/kubernetes/get-started/index.md +++ b/docs/products/compute/kubernetes/get-started/index.md @@ -47,11 +47,11 @@ Visit the [Kubernetes documentation](https://kubernetes.io/docs/tasks/tools/inst ### Create an LKE Cluster -1. Log into your [Linode Cloud Manager](https://cloud.linode.com/) account. +1. Log into your [Cloud Manager](https://cloud.linode.com/) account. -1. From the Linode dashboard, click the **Create** button in the top right-hand side of the screen and select **Kubernetes** from the dropdown menu. +1. Select Kubernetes from the left navigation menu and then click **Create Cluster**. -1. The **Create a Kubernetes Cluster** page appears. At the top of the page, you are required to select the following options: +1. The **Create a Kubernetes Cluster** page appears. At the top of the page, you are required to select the following options: - In the **Cluster Label** field, provide a name for your cluster. The name must be unique between all of the clusters on your account. This name is how you identify your cluster in the Cloud Manager’s Dashboard. @@ -59,27 +59,27 @@ Visit the [Kubernetes documentation](https://kubernetes.io/docs/tasks/tools/inst - From the **Version** dropdown menu, select a Kubernetes version to deploy to your cluster. -1. In the **Add Node Pools** section, select the [hardware resources](/docs/products/compute/compute-instances/plans/choosing-a-plan/#compute-resources) for the Linode worker node(s) that make up your LKE cluster. To the right of each plan, select the plus `+` and minus `-` to add or remove a Linode to a node pool one at time. +1. In the **Add Node Pools** section, select the [hardware resources](/docs/products/compute/compute-instances/plans/choosing-a-plan/#compute-resources) for the Linode worker node(s) that make up your LKE cluster. To the right of each plan, select the plus `+` and minus `-` to add or remove a Linode to a node pool one at time. -1. Once you're satisfied with the number of nodes in a node pool, select **Add** to include it in your configuration. If you decide that you need more or fewer hardware resources after you deploy your cluster, you can always [edit your Node Pool](#edit-or-remove-existing-node-pools). +1. Once you're satisfied with the number of nodes in a node pool, select **Add** to include it in your configuration. If you decide that you need more or fewer hardware resources after you deploy your cluster, you can always [edit your Node Pool](#edit-or-remove-existing-node-pools). -1. Once a pool has been added to your configuration, it is listed in the **Cluster Summary** on the right-hand side of the Cloud Manager detailing your cluster's hardware resources and monthly cost. Additional pools can be added before finalizing the cluster creation process by repeating the previous step for each additional pool. +1. Once a pool has been added to your configuration, it is listed in the **Cluster Summary** on the right-hand side of the Cloud Manager detailing your cluster's hardware resources and monthly cost. Additional pools can be added before finalizing the cluster creation process by repeating the previous step for each additional pool. -1. When you are satisfied with the configuration of your cluster, click the **Create Cluster** button on the right hand side of the screen. Your cluster's detail page appears, and your Node Pools are listed on this page. From this page, you can [edit your existing Node Pools](#edit-or-remove-existing-node-pools), [access your Kubeconfig file](#access-and-download-your-kubeconfig), and view an overview of your cluster's resource details. +1. When you are satisfied with the configuration of your cluster, click the **Create Cluster** button on the right hand side of the screen. Your cluster's detail page appears, and your Node Pools are listed on this page. From this page, you can [edit your existing Node Pools](#edit-or-remove-existing-node-pools), [access your Kubeconfig file](#access-and-download-your-kubeconfig), and view an overview of your cluster's resource details. ### Access and Download your kubeconfig -1. To access your cluster's kubeconfig, log in to your Cloud Manager account and navigate to the **Kubernetes** section. +1. To access your cluster's kubeconfig, log in to your Cloud Manager account and navigate to the **Kubernetes** section. -1. From the Kubernetes listing page, click on your cluster's **more options ellipsis** and select **Download kubeconfig**. The file is saved to your computer's `Downloads` folder. +1. From the Kubernetes listing page, click on your cluster's **more options ellipsis** and select **Download kubeconfig**. The file is saved to your computer's `Downloads` folder. -1. Open a terminal shell and save your kubeconfig file's path to the `$KUBECONFIG` environment variable. In the example command, the kubeconfig file is located in the `Downloads` folder, but you should alter this line with this folder's location on your computer: +1. Open a terminal shell and save your kubeconfig file's path to the `$KUBECONFIG` environment variable. In the example command, the kubeconfig file is located in the `Downloads` folder, but you should alter this line with this folder's location on your computer: ```command export KUBECONFIG=~/Downloads/kubeconfig.yaml ``` -1. View your cluster's nodes using kubectl. +1. View your cluster's nodes using kubectl. ```command kubectl get nodes @@ -87,7 +87,38 @@ Visit the [Kubernetes documentation](https://kubernetes.io/docs/tasks/tools/inst ## General Network and Firewall Information -{{% content "lke-network-firewall-information-shortguide" %}} +In an LKE cluster, some entities and services are only accessible from within that cluster while others are publicly accessible (reachable from the internet). + +**Private (accessible only within the cluster):** + +- Pod IPs, which use a per-cluster virtual network in the range 10.2.0.0/16 +- ClusterIP Services, which use a per-cluster virtual network in the range 10.128.0.0/16 + +**Public (accessible over the internet):** + +- NodePort Services, which listen on all Nodes with ports in the range 30000-32768 +- LoadBalancer Services, which automatically deploy and configure a NodeBalancer +- Any manifest which uses `hostNetwork`: true and specifies a port +- Most manifests which use `hostPort` and specify a port + +Exposing workloads to the public internet through the above methods can be convenient, but this can also carry a security risk. You may wish to manually install firewall rules on your cluster nodes. The following policies are needed to allow communication between the node pools and the control plane and block unwanted traffic: + +- **Allow kubelet health checks:** TCP port 10250 from 192.168.128.0/17 Accept +- **Allow Wireguard tunneling for kubectl proxy:** UDP port 51820 from 192.168.128.0/17 Accept +- **Allow Calico BGP traffic:** TCP port 179 from 192.168.128.0/17 Accept +- **Allow NodePorts for workload services:** TCP/UDP port 30000 - 32767 192.168.128.0/17 Accept +- **Block all other TCP traffic:** TCP All Ports All IPv4/All IPv6 Drop +- **Block all other UDP traffic:** UDP All Ports All IPv4/All IPv6 Drop +- **Block all ICMP traffic:** ICMP All Ports All IPv4/All IPv6 Drop +- IPENCAP for IP ranges 192.168.128.0/17 for internal communication between node pools and control plane. + +For additional information, [please see this community post](https://www.linode.com/community/questions/19155/securing-k8s-cluster). Future LKE release may allow greater flexibility for the network endpoints of these types of workloads. + +Please note, at this time, nodes should be removed from the Cloud Firewall configuration before removing/recycling of node pools within the Kubernetes configuration. Also, when adding node pools to the Kubernetes cluster, Cloud Firewall must be updated with the new node pool(s). Failure to add the new nodes creates a security risk. + +{{< note >}} +All new LKE clusters create a service named `Kubernetes` in the `default` namespace designed to ease interactions with the control plane. This is a standard service for LKE clusters. +{{< /note >}} ## Next Steps diff --git a/docs/products/compute/kubernetes/guides/deploy-and-manage-cluster-with-the-linode-api/index.md b/docs/products/compute/kubernetes/guides/deploy-and-manage-cluster-with-the-linode-api/index.md index 5baabade616..747188df84e 100644 --- a/docs/products/compute/kubernetes/guides/deploy-and-manage-cluster-with-the-linode-api/index.md +++ b/docs/products/compute/kubernetes/guides/deploy-and-manage-cluster-with-the-linode-api/index.md @@ -730,10 +730,6 @@ curl -H "Authorization: Bearer $TOKEN" \ https://api.linode.com/v4/lke/clusters/12345 ``` -## General Network and Firewall Information - -{{% content "lke-network-firewall-information-shortguide" %}} - ## Where to Go From Here? Now that you have created an LKE cluster, you can start deploying workloads to it. Review these guides for further help: diff --git a/docs/products/platform/accounts/guides/2fa/index.md b/docs/products/platform/accounts/guides/2fa/index.md index c44962c1c76..902feb321aa 100644 --- a/docs/products/platform/accounts/guides/2fa/index.md +++ b/docs/products/platform/accounts/guides/2fa/index.md @@ -9,10 +9,10 @@ tags: ["security","cloud manager"] aliases: ['/guides/2fa/'] --- -2FA (*two-factor authentication*) increases the security of your Linode account by requiring two forms of authentication: your password and an expiring token, also called an OTP (one-time passcode) or 2FA code. This follows the security principle of authenticating with something you *know* (a password) and something you *have* (the device used to generate the token). This additional layer of security reduces the risk that an unauthorized individual can gain access to your Linode account. **Linode highly recommends enabling 2FA**. +2FA (*two-factor authentication*) increases the security of your Linode Cloud Manager account by requiring two forms of authentication: your password and an expiring token, also called an OTP (one-time passcode) or 2FA code. This follows the security principle of authenticating with something you *know* (a password) and something you *have* (the device used to generate the token). This additional layer of security reduces the risk that an unauthorized individual can gain access to your Linode Cloud Manager account. **Akamai highly recommends enabling 2FA**. {{< note type=warning noTitle=true >}} -Managing 2FA through Linode is only available if *Linode* is selected as the **Login Method**. If you select a third-party authentication provider (such as Google or GitHub), 2FA is managed directly through that provider and not through Linode. +Managing 2FA through Cloud Manager is only available if *Cloud Manager* is selected as the **Login Method**. If you select a third-party authentication provider (such as Google or GitHub), 2FA is managed directly through that provider and not through Cloud Manager. {{< /note >}} {{< note title="Account protection for users without 2FA enabled" >}} @@ -35,7 +35,7 @@ The primary downsides of using your password manager as your OTP provider are se ### Use a Dedicated Authenticator App -There are quite a few free (and paid) third-party authenticator applications available. They are typically more secure than using your password manager's OTP functionality as a malicious actor cannot gain access to your Linode account (or any other 2FA protected account) unless they know your password and have access to the particular device on which the authenticator app is installed, typically your smartphone. +There are quite a few free (and paid) third-party authenticator applications available. They are typically more secure than using your password manager's OTP functionality as a malicious actor cannot gain access to your Cloud Manager account (or any other 2FA protected account) unless they know your password and have access to the particular device on which the authenticator app is installed, typically your smartphone. - [Authy](https://authy.com/features/setup/) - [Duo Mobile](http://guide.duosecurity.com/third-party-accounts) @@ -44,15 +44,15 @@ There are quite a few free (and paid) third-party authenticator applications ava ## Enabling 2FA -Enable two-factor authentication to start using it with your Linode account. +Enable two-factor authentication to start using it with your Cloud Manager account. 1. Log in to the [Cloud Manager](https://cloud.linode.com). -1. Navigate to the Login & Authentication page of your profile by clicking on your **username** in the top right of the screen. Select **Login & Authentication** from the dropdown menu. +1. Click your username in the top right of the screen and select **Login & Authentication**. ![Click your username and select Login & Authentication](profile-link.png) -1. Within the **Login Method** section, select **Linode** as the login provider. If you configure a third-party provider (such as Google or GitHub), you instead can manage 2FA directly through that provider and not through Linode. +1. Within the **Login Method** section, select **Cloud Manager** as the login provider. If you configure a third-party provider (such as Google or GitHub), you instead can manage 2FA directly through that provider and not through Cloud Manager. ![Screenshot of the Login Method section](login-provider.png) @@ -66,7 +66,7 @@ Enable two-factor authentication to start using it with your Linode account. 1. Open the app for your preferred 2FA provider on your smartphone or desktop. For help choosing a provider, see [Choosing a 2FA Provider](#choosing-a-2fa-provider). -1. The next step is to configure the app to automatically generate OTP tokens for use with Linode's 2FA feature. The process varies depending on the app you are using. Within most dedicated authenticator apps, you can add an account. For password managers, edit or add a Linode login entry and add a one-time passcode (1Password), two-factor code (Keeper), or the equivalent field within your app. Then either scan the Cloud Manager's 2FA QR code or manually enter the secret key (also called a setup key or code). On mobile devices, you can use your phone's camera to scan the QR code. Desktop applications instead can typically scan the QR through their own custom screen capture tool. If you need further help, you can consult the documentation for your 2FA provider. +1. The next step is to configure the app to automatically generate OTP tokens for use with Cloud Manager's 2FA feature. The process varies depending on the app you are using. Within most dedicated authenticator apps, you can add an account. For password managers, edit or add a Cloud Manager login entry and add a one-time passcode (1Password), two-factor code (Keeper), or the equivalent field within your app. Then either scan the Cloud Manager's 2FA QR code or manually enter the secret key (also called a setup key or code). On mobile devices, you can use your phone's camera to scan the QR code. Desktop applications instead can typically scan the QR through their own custom screen capture tool. If you need further help, you can consult the documentation for your 2FA provider. 1. Once 2FA has been configured in your 2FA provider, a time-sensitive OTP token is generated. This token refreshes every 30 seconds. Copy this token and, within the Cloud Manager, paste it to the **Token** field and click **Confirm Token**. @@ -82,7 +82,7 @@ If 2FA is enabled on your account, you must enter the OTP generated by your 2FA 1. Enter your username and password and click **Log in**. If you wish, you can also select *Trust this device for 30 days* to stay logged in for 30 days. If 2FA is enabled on your account, a form appears requesting your OTP token or scratch code. -1. Open the authenticator app you are using to manage your 2FA and OTP tokens. Within this app, open the Linode account or login entry to view the time-sensitive OTP code. +1. Open the authenticator app you are using to manage your 2FA and OTP tokens. Within this app, open the Linode Cloud Manager account or login entry to view the time-sensitive OTP code. 1. Enter your OTP token into the **Token** field in the Cloud Manager and then click the **Verify** button. Provided the token is correct, you are successfully logged in. @@ -108,7 +108,7 @@ If you need to switch your 2FA provider or change the device in use by your two- ## Disabling 2FA -You can disable two-factor authentication for your Linode account at any time. Here's how: +You can disable two-factor authentication for your Cloud Manager account at any time. Here's how: 1. Log in to the [Cloud Manager](https://cloud.linode.com). diff --git a/docs/products/platform/accounts/guides/2fa/login-provider.png b/docs/products/platform/accounts/guides/2fa/login-provider.png index 1a357332103..fd62415872d 100644 Binary files a/docs/products/platform/accounts/guides/2fa/login-provider.png and b/docs/products/platform/accounts/guides/2fa/login-provider.png differ diff --git a/docs/products/platform/accounts/guides/2fa/profile-link.png b/docs/products/platform/accounts/guides/2fa/profile-link.png index 311fa4cdbd9..ea8701c199a 100644 Binary files a/docs/products/platform/accounts/guides/2fa/profile-link.png and b/docs/products/platform/accounts/guides/2fa/profile-link.png differ diff --git a/docs/products/platform/accounts/guides/2fa/tpa-options.png b/docs/products/platform/accounts/guides/2fa/tpa-options.png deleted file mode 100644 index 426ad2b7ba5..00000000000 Binary files a/docs/products/platform/accounts/guides/2fa/tpa-options.png and /dev/null differ diff --git a/docs/products/platform/accounts/guides/third-party-authentication/confirm-disable-tpa.png b/docs/products/platform/accounts/guides/third-party-authentication/confirm-disable-tpa.png index ac981fa4237..52335d111a8 100644 Binary files a/docs/products/platform/accounts/guides/third-party-authentication/confirm-disable-tpa.png and b/docs/products/platform/accounts/guides/third-party-authentication/confirm-disable-tpa.png differ diff --git a/docs/products/platform/accounts/guides/third-party-authentication/index.md b/docs/products/platform/accounts/guides/third-party-authentication/index.md index 914d9a38c8d..8e5eb1b0ed7 100644 --- a/docs/products/platform/accounts/guides/third-party-authentication/index.md +++ b/docs/products/platform/accounts/guides/third-party-authentication/index.md @@ -3,56 +3,59 @@ title: "Enable Third Party Authentication on Your User Account" title_meta: "Enable Third Party Authentication on Your Linode User Account" description: "This guide shows how you can enable Third-Party Authentication (TPA) on your Linode account so you can sign in to Cloud Manager using third party credentials." published: 2021-04-23 -modified: 2022-11-21 +modified: 2024-07-23 keywords: ['tpa','third party authentication','github','account','password'] tags: ["linode platform","security","cloud manager"] image: enable-tpa-hero.png aliases: ['/platform/manager/third-party-authentication/','/guides/third-party-authentication/'] --- -Linode Cloud Manager supports Third-Party Authentication (TPA). This allows you to log in to the Linode Cloud Manager with another provider's login credentials. +Cloud Manager supports third-party authentication (TPA). This allows you to log in to Cloud Manager with another provider's login credentials. {{< note >}} -Enabling TPA disables Two-Factor Authentication (2FA) on your Linode account. You should enable 2FA with the TPA provider with which you choose to authenticate to Linode. +Enabling TPA disables two-factor authentication (2FA) on your user account. You should enable 2FA with the TPA provider with which you choose to authenticate to Cloud Manager. Additionally, enabling TPA disables password authentication in the Lish console. You can still authenticate to Lish with an SSH key. For more information on SSH key authentication with Lish, visit our [Using the Lish Console](/docs/products/compute/compute-instances/guides/lish/#add-your-public-key) guide. {{< /note >}} +{{< note title="Single sign-on (SSO) with Akamai Control Center">}} +Separate from your selected login provider, you can also log in to Cloud Manager using your [Akamai Control Center](https://control.akamai.com/) account credentials. To learn more about this feature, see [Single sign-on (SSO) with Akamai Control Center](/docs/products/platform/accounts/guides/user-security-controls/#single-sign-on-sso-with-akamai-control-center). +{{< /note >}} + ## Enabling Third-Party Authentication -1. To get started with TPA, log in to the [Cloud Manager](https://cloud.linode.com) using your existing username and password. +1. To get started with TPA, log in to [Cloud Manager](https://cloud.linode.com) using your existing username and password. -1. Navigate to the Login & Authentication page of your profile by clicking on your **username** in the top right of the screen and selecting **Login & Authentication** from the dropdown menu. +1. Click your username in the top right of the screen and select **Login & Authentication**. - ![Click your username and select Login & Authentication](profile-link.png "Click your username and select Login & Authentication") + ![Click your username and select Login & Authentication](profile-link.png) -1. Within the **Login Method** section, select the *Login Provider* you'd like to use for authentication. You can chose to use your own Linode credentials or chose from several Third-Party Authentication (TPA) providers, such as Google and GitHub. Only one login provider can be active at a time. Once selected, you will be asked to confirm that you'd like to enable TPA with this provider. +1. Within the **Login Method** section, select the *Login Provider* you'd like to use for authentication. You can chose to use your own Cloud Manager credentials or chose from several third-party authentication (TPA) providers, such as Google and GitHub. Only one login provider can be active at a time. Once selected, you will be asked to confirm that you'd like to enable TPA with this provider. - ![Select the Login Method](tpa-options.png "Select the Login Method") + ![Select the Login Method](tpa-options.png) {{< note type="alert" >}} - Enabling Third-Party Authentication disables your current Linode password and Two-Factor Authentication on your Linode account. Any Two-Factor Authentication you require will be handled by the TPA provider you choose. + Enabling third-party authentication disables your current Cloud Manager password and 2FA settings. If you would like to continue using 2FA, make sure it is handled by your chosen TPA provider. {{< /note >}} -1. You will be taken to the TPA provider's website, where you will be prompted to give account access to Linode. You will see a list of permissions that will be granted to Linode. Confirm that you would like to grant Linode the required permissions. +1. Once a TPA provider is selected, you are taken to that provider's website and are prompted to give access to your Linode user account. Review the list of permissions and confirm. -1. After granting permissions, you will see a confirmation screen. You can now log in to your Cloud Manager account using the TPA provider. +1. After granting permissions, you will see a confirmation screen. You can now log in to your user account through the selected TPA provider. ## Disabling Third-Party Authentication - 1. Log in to the [Cloud Manager](https://cloud.linode.com) using your TPA credentials. 1. Navigate to the Login & Authentication page of your profile by clicking on your **username** in the top right of the screen. Select **Login & Authentication** from the dropdown menu. - ![Click your username and select Login & Authentication](profile-link.png "Click your username and select Login & Authentication") + ![Click your username and select Login & Authentication](profile-link.png) -1. Within the **Login Method** section, select **Linode** as the login provider. +1. Within the **Login Method** section, select **Cloud Manager** as the login provider. - ![Select the Login Method](tpa-options.png "Select the Login Method") + ![Select the Login Method](tpa-options.png) -1. A prompt will appear confirming your intent to disable Third-Party Authentication. You will need to click on the **Reset Password** button to send a password reset link to your email. This will be delivered to the email address associated with the Linode account, and not the email associated with the TPA provider. You will need to follow the link in that email to reset your Linode Cloud Manager password. +1. A prompt will appear confirming your intent to disable third-party authentication. You will need to click on the **Reset Password** button to send a password reset link to your email. This will be delivered to the email address associated with your user account, and not the email associated with the TPA provider. You will need to follow the link in that email to reset your user's password. ![Send password reset email.](confirm-disable-tpa.png) -1. Once reset, you can use your new password to log in to Linode Cloud Manager. +1. Once reset, you can use your new password to log in to Cloud Manager. \ No newline at end of file diff --git a/docs/products/platform/accounts/guides/third-party-authentication/profile-link.png b/docs/products/platform/accounts/guides/third-party-authentication/profile-link.png index 311fa4cdbd9..ea8701c199a 100644 Binary files a/docs/products/platform/accounts/guides/third-party-authentication/profile-link.png and b/docs/products/platform/accounts/guides/third-party-authentication/profile-link.png differ diff --git a/docs/products/platform/accounts/guides/third-party-authentication/tpa-options.png b/docs/products/platform/accounts/guides/third-party-authentication/tpa-options.png index 426ad2b7ba5..fd62415872d 100644 Binary files a/docs/products/platform/accounts/guides/third-party-authentication/tpa-options.png and b/docs/products/platform/accounts/guides/third-party-authentication/tpa-options.png differ diff --git a/docs/products/platform/accounts/guides/user-security-controls/index.md b/docs/products/platform/accounts/guides/user-security-controls/index.md index 46cd050cea8..35199c877ea 100644 --- a/docs/products/platform/accounts/guides/user-security-controls/index.md +++ b/docs/products/platform/accounts/guides/user-security-controls/index.md @@ -2,26 +2,26 @@ title: "Security Controls for User Accounts" description: "Learn how to protect your Linode account using security measures and controls built-in to the Linode platform." published: 2022-06-24 -modified: 2023-08-15 +modified: 2024-07-23 keywords: ["two-factor authentication", "password", "security", "Linode Cloud Manager", "token"] tags: ["security","cloud manager"] aliases: ['/linode-manager-security/','/security/authentication/linode-manager-security-controls/','/security/linode-manager-security-controls-new-manager/','/platform/manager/keep-your-linode-account-safe/','/security/linode-manager-security-controls/','/security/authentication/two-factor-authentication/linode-manager-security-controls/','/guides/linode-manager-security-controls/','/guides/user-security-controls/'] --- -To protect your Linode user account against unauthorized access, there are several security controls you can implement. This guide covers several of these controls, including 2FA, security questions, and phone verification. +To protect your customer account against unauthorized access, there are several security controls you can implement. This guide covers several of these controls, including 2FA, security questions, and phone verification. ## 2FA (Two-Factor Authentication) -2FA (*two-factor authentication*) increases the security of your Linode account by requiring two forms of authentication: your password and an expiring token, also called a one-time passcode (OTP) or 2FA code. This follows the security principle of authenticating with something you *know* (a password) and something you *have* (the device used to generate the token). This additional layer of security reduces the risk that an unauthorized individual can gain access to your Linode account. +2FA (*two-factor authentication*) increases the security of your user account by requiring two forms of authentication: your password and an expiring token, also called a one-time passcode (OTP) or 2FA code. This follows the security principle of authenticating with something you *know* (a password) and something you *have* (the device used to generate the token). This additional layer of security reduces the risk that an unauthorized individual can gain access to your user account. If you *do not* have 2FA enabled and have not logged in to your account in 30 days, an OTP is sent to the email address associated with your user account. Should you not complete the login attempt within 60 minutes, the code expires and another login attempt is required to generate a new code. -**Linode highly recommends enabling 2FA**. See [Managing Two-Factor Authentication (2FA) on a User Account](/docs/guides/2fa/) to learn how to enable 2FA. To assist with account lockouts and recovery, you must first configure three [security questions](#security-questions) on your account before enabling 2FA. +**Akamai highly recommends enabling 2FA**. See [Managing Two-Factor Authentication (2FA) on a User Account](/docs/guides/2fa/) to learn how to enable 2FA. To assist with account lockouts and recovery, you must first configure three [security questions](#security-questions) on your account before enabling 2FA. ![Screenshot of the 2FA setting in Cloud Manager](2fa.png) {{< note type=warning noTitle=true >}} -Managing 2FA through Linode is only available if *Linode* is selected as the **Login Method**. If you select a third-party authentication provider (such as Google or GitHub), 2FA is managed directly through that provider and not through Linode. +Managing 2FA through Cloud Manager is only available if *Cloud Manager* is selected as the **Login Method**. If you select a third-party authentication provider (such as Google or GitHub), 2FA is managed directly through that provider and not through Cloud Manager. {{< /note >}} ## Security Questions @@ -46,11 +46,11 @@ You can configure three security questions on your user account. Security questi ## Phone Verification -A verified phone number provides our team with a secure method of verifying access to your Linode user account. It is required for all new accounts created on or after June 27th, 2022, though any existing user can add a verified phone number to increase the security on their account. +A verified phone number provides our team with a secure method of verifying access to your account. It is required for all new accounts created on or after June 27th, 2022, though any existing user can add a verified phone number to increase the security on their account. ![Screenshot of the Phone Verification Setting in Cloud Manager](phone-verification.png) -This phone number is only ever used to verify your identity when attempting to authenticate to a user account when contacting Linode Support. An SMS message with a verification code is sent to that phone number. Once received, you can provide that verification code to the Support representative you are in contact with. If you receive a verification SMS without contacting us, do not pass along the verification code to anyone. +This phone number is only ever used to verify your identity when attempting to authenticate to a user account when contacting our [Support team](https://www.linode.com/support/). An SMS message with a verification code is sent to that phone number. Once received, you can provide that verification code to the Support representative you are in contact with. If you receive a verification SMS without contacting us, do not pass along the verification code to anyone. {{< note >}} Standard carrier messaging fees apply for each SMS message. @@ -58,7 +58,7 @@ Standard carrier messaging fees apply for each SMS message. ### Adding a Verified Phone Number -1. Log in to the [Cloud Manager](https://cloud.linode.com) and navigate to the [Login & Authentication](https://cloud.linode.com/profile/auth) page of your user profile. To do this, click on your username in the top right of the Cloud Manager and select **Login & Authentication** from the dropdown menu. +1. Log in to [Cloud Manager](https://cloud.linode.com) and navigate to the [Login & Authentication](https://cloud.linode.com/profile/auth) page of your user profile. To do this, click on your username in the top right of the Cloud Manager and select **Login & Authentication** from the dropdown menu. 1. Scroll down to **Phone Verification** under the **Security Settings** section. Here, you can view, add, and remove your verified phone number. @@ -72,4 +72,16 @@ Standard carrier messaging fees apply for each SMS message. ## Multiple User Accounts -Organizations that require multiple individuals to access the same customer account should create separate *user accounts* for each individual. Once you've created the accounts, you can assign permissions to restrict access to certain Linode services and areas of the Cloud Manager. This is useful for providing all team members access to a single Linode account, allowing a billing department to view invoices and billing details, or granting access to outside developers. For more information, see our guide on [Accounts and Passwords](/docs/products/platform/accounts/guides/manage-users/). \ No newline at end of file +Organizations that require multiple individuals to access the same customer account should create separate *user accounts* for each individual. Once you've created a user account, you can assign permissions to restrict access to certain services and areas of the Cloud Manager. This is useful for providing all team members access to a single customer account, allowing a billing department to view invoices and billing details, or granting access to outside developers. For more information, see our guide on [Accounts and Passwords](/docs/products/platform/accounts/guides/manage-users/). + +## Single sign-on (SSO) with Akamai Control Center + +You can also log in to Cloud Manager using your [Akamai Control Center](https://control.akamai.com/) account credentials. + +- You must have an Akamai Control Center account to use this feature and your email address within that account must match the email address on your Cloud Manager user account. + +- When logging in with Akamai Control Center, any other login provider security settings (such as passwords and 2FA) are ignored for that login session. **Make sure your Control Center account is protected by a secure password and 2FA.** + +- This feature does not replace your login provider, which means you can also continue using your selected login provider (Cloud Manager, GitHub, or Google) to log in to Cloud Manager. + +To use this feature, select **Akamai Control Center** as the provider when logging in to Cloud Manager. You are automatically logged in to the Cloud Manager user that matches the email for the currently logged in Control Center user. If multiple Cloud Manager users match this email address, you can select which user to log in as. \ No newline at end of file diff --git a/docs/products/platform/get-started/_index.md b/docs/products/platform/get-started/_index.md index e555738a4de..3167072a05d 100644 --- a/docs/products/platform/get-started/_index.md +++ b/docs/products/platform/get-started/_index.md @@ -2,7 +2,7 @@ title: "Getting Started on the Linode Platform" description: "Learn how to create an account and use the Linode Cloud Platform." published: 2018-11-05 -modified: 2024-06-03 +modified: 2024-07-23 tab_group_main: is_root: true title: Get Started @@ -49,8 +49,13 @@ First, you need to create a Linode account to start using our services. If you a 1. Most accounts are activated instantly and you can start adding services right away. A small number of accounts may require manual review prior to activation. {{% content "email-warning-shortguide" %}} + Once your account has been created, consider **enabling 2FA** to prevent unauthorized access. Anyone that has access to your account may be able to delete your services, add new ones, and reset the root password on your Compute Instances to gain access to them. See [Cloud Manager Security Controls](/docs/products/platform/accounts/guides/user-security-controls/) for instructions on enabling 2FA. If you are logging in with a third party provider, consider adding 2FA through that provider. +{{< note title="Single sign-on (SSO) with Akamai Control Center">}} +You can log in to Cloud Manager using your [Akamai Control Center](https://control.akamai.com/) account, provided your user email address is identical within both systems. To use this feature, select **Akamai Control Center** as the provider when logging in to Cloud Manager. You are automatically logged in to the Cloud Manager user that matches the email for the currently logged in Control Center user. If multiple Cloud Manager users match this email address, you can select which user to log in as. For more details, see [Single sign-on (SSO) with Akamai Control Center](/docs/products/platform/accounts/guides/user-security-controls/#single-sign-on-sso-with-akamai-control-center). +{{< /note >}} + ## Navigate the Cloud Manager Linode's [Cloud Manager](https://cloud.linode.com/) is the primary gateway to our platform. It enables you to manage your account, view your bills, add services, and much more. Here are some of the main sections you might want to look through: diff --git a/docs/release-notes/lke/v1.72.0.md b/docs/release-notes/lke/v1.72.0.md new file mode 100644 index 00000000000..cc12fe205ef --- /dev/null +++ b/docs/release-notes/lke/v1.72.0.md @@ -0,0 +1,9 @@ +--- +title: Linode Kubernetes Engine v1.72.0 +date: 2024-05-06 +version: 1.72.0 +--- + +### Added + +- Added support for custom labels and taints, which can be applied to node pools through the Linode API. Review the [Add Labels and Taints to your LKE Node Pools](/docs/products/compute/kubernetes/guides/deploy-and-manage-cluster-with-the-linode-api/#add-labels-and-taints-to-your-lke-node-pools) documentation and the [Create a node pool](https://techdocs.akamai.com/linode-api/reference/post-lke-cluster-pools) API endpoint documentation for more details. \ No newline at end of file diff --git a/docs/release-notes/lke/v1.75.0.md b/docs/release-notes/lke/v1.75.0.md new file mode 100644 index 00000000000..915316eab73 --- /dev/null +++ b/docs/release-notes/lke/v1.75.0.md @@ -0,0 +1,10 @@ +--- +title: Linode Kubernetes Engine v1.75.0 +date: 2024-06-19 +version: 1.75.0 +--- + +### Changed + +- Upgraded clusters using Kubernetes 1.30 to patch version 1.30.2 +- Upgraded Block Storage CSI driver to [v0.8.0](https://github.com/linode/linode-blockstorage-csi-driver/releases/tag/v0.8.0) \ No newline at end of file diff --git a/docs/release-notes/lke/v1.77.0.md b/docs/release-notes/lke/v1.77.0.md new file mode 100644 index 00000000000..e28e1dc3f64 --- /dev/null +++ b/docs/release-notes/lke/v1.77.0.md @@ -0,0 +1,13 @@ +--- +title: Linode Kubernetes Engine v1.77.0 +date: 2024-07-16 +version: 1.77.0 +--- + +### Added + +- This release includes CoreDNS autoscaling, based on the [cluster-proportional-autoscaler](https://github.com/kubernetes-sigs/cluster-proportional-autoscaler) project. The number of CoreDNS pods now scales based on the number of nodes in the LKE cluster. + +### Changed + +- Removed support for Kubernetes v1.27 \ No newline at end of file