Nubus for Kubernetes 1.17: Release Highlights

With this blog post, I am starting a new series in which I present the updates of the roughly monthly Nubus for Kubernetes releases. We begin with a look back at version 1.17, which was released at the end of January and brings many improvements for Nubus operators – including the new Structured Logging format for Kubernetes.

Since version 1.17, Nubus for Kubernetes offers a new output format for log entries: Structured Logging. This uses the open standard logfmt and generates log outputs that are easy to process both for humans and log analysis tools.

This makes auditing and monitoring in well-known log analysis tools such as the ELK Stack or Grafana Loki significantly easier. Nubus sends the log entries directly to these or other analysis tools available in the data center, where they can be evaluated together with information from other software solutions.

Details on the log format can be found in the release notes and will also be documented in the Nubus Manual in the future.

The Ingress in a Kubernetes cluster is responsible for managing external access to the services running inside. It primarily acts as a reverse proxy for HTTP connections and for HTTPS encryption. This Kubernetes component is also modular, allowing operators to choose between different implementations.

Currently, Nubus for Kubernetes in the delivered Helm charts only supports the ingress-nginx implementation. This was long the standard but recently an end of it’s maintenance has been announced. Therefore, operators are forced to switch to other Ingress solutions.

With version 1.17, the dependency on ingress-nginx has been reduced, enabling the use of other implementations in the future. With the upcoming release 1.18 all dependencies will be removed and Nubus will be tested with traefik and HA-Proxy Ingress.

The Provisioning component of Univention Nubus ensures that changes from the Univention Directory Manager (UDM), such as new users or groups, are passed on to other systems. Previously, provisioning used its own library, the so-called Transformer, to convert data from the directory service into the Nubus data model.

In version 1.17, this functionality was integrated directly into the UDM REST API. This means that the data model is now consistent throughout, complexity is reduced, and errors caused by different implementations are avoided. For operators, this means more reliable processes with less maintenance effort.

With each release of the Nubus for Kubernetes container images, the underlying open-source software is also updated. Version 1.17 therefore brings numerous small bug fixes and security updates. All details can be found in the release notes.