Spring has arrived, the flowers are blooming and, for us Kubernetes fans, CNCF’s KubeCon Europe conference has just begun in Valencia! Here at Catalogic, the CloudCasa team has spent the last few months trying to top our February release by developing another set of great new features.
This update marks the introduction of Microsoft Azure account integration for CloudCasa. This works similarly to the existing AWS account support. With Azure integration, CloudCasa now supports automatic discovery of AKS clusters, backups of AKS cluster metadata, and optional automatic creation of AKS clusters on restore.
To link CloudCasa to your Azure account, simply go to the Cloud Accounts page under the Configuration tab and click the “Add cloud account” button. Then select “Microsoft Azure.” You can then click on the “Deploy to Azure” button to open a Create ARM template page in the Azure Portal. Deploying the ARM template will grant CloudCasa the permissions it needs, and only the permissions it needs, to discover, back up, and restore AKS clusters.
Database service backups and cloud account security scanning are not currently supported for Azure. In the future, we expect to have feature parity with AWS.
If you are using AKS clusters, we highly recommend linking your Azure accounts!
In our February update, we introduced organizations and basic user roles. With this release we’ve introduced full role-based access control (RBAC). Roles are now definable by an administrator, and individual users can be assigned multiple roles. User groups can also be defined, and roles can be assigned to groups as well. The permissions a user has are the union of the permissions granted by the roles assigned to them and the permissions granted by the roles assigned to the groups they belong to.
To allow administration of roles and groups, new roles and user groups pages have been added under User Management in the Configuration tab. Built-in roles are not currently editable, but you can clone them to create new modifiable roles. We expect to remove this limitation in a future release.
In the near future, we will introduce the ability to extend access control restrictions to individual resources rather than just resource types. Our API already supports this level of control.
With the default role definitions, the system will behave the same as before. If you don’t need the access control functionality provided by these new features, you don’t need to do anything and shouldn’t notice a difference.
You’ll notice that we’ve again made some significant changes to the UI. The Protection and Security tabs now have left-hand navigation bars like the Configuration tab, and some new pages have been added. In particular, we have added a summary dashboard for each cluster that is reachable from Protection/Clusters/Overview.
We’ve also changed to a new table design for most tables in the product. The new design looks similar to the previous design, but gives you more powerful options for filtering, sorting, searching, and column visibility. A line above the table now includes a search field, quick select options, and a filter button. A menu reachable from the “three dots” icon in the upper right corner of the table controls column visibility.
A final small, but useful UI change: Cloud icons now indicate clusters that are linked to configured cloud accounts and backups that contain cloud metadata.
We are pleased to announce that we have tested and certified CloudCasa to work with the Longhorn V1.3.0 release candidate (1.3.0-RC1). This version has a CSI driver that allows creation of proper volume snapshots. Previous versions of Longhorn would cause timeout failures for CloudCasa backup jobs when they attempted to create snapshots.