New Romana v0.9.8 Release

Jan 20, 2017

The whole Romana team is happy to announce the immediate available of Romana v0.9.8. This release is giant step forward toward Romana v1.0 that captures the tremendous operational experience we’ve gained over the past few months from users running Romana in their production environments.

Most Romana users, especially Kubernetes users, won’t notice many changes since at the application level nothing has changed. Romana’s CNI plugin lets Kubernetes users launch pods and apply Network Policies just like before, but Romana v0.9.8 includes dozens of enhancements that simplify operations and increase performance and scalability as well.

Notable software improvements include:

  • Pluggable back-end data store: Romana now supports a pluggable back end data store that supports both relational and key-value data models. Previously, mySQL was used to store Romana configuration state. This was fine for OpenStack deployments. However, our Kubernetes users didn’t run mySQL and wanted a way to deploy Romana with a key-value store like etcd. Today, with Romana v0.9.8, etcd, Zookeeper or Consul can be used, with etcd as the default choice for Kubernetes deployments.

  • High availability: Romana service failover is now supported. Using etcd as the back-end data store simplifies failover since standard master election lets a backup instance take over in the event of master failure.

  • Single tenant operation: Network multi-tenancy is built in to Romana and its addressing model lets simple layer 3 networks define and enforce tenant isolation. However, many users deploy Romana in a single tenant environment and v0.9.8 allows for all address to be managed by a single tenant, increasing the total number of addresses available for pods and isolated segments.

  • New Romana Agent implemented in Go: The original Romana Agent was written in Python. This was helpful during the early days of rapid feature iteration. Now with live production deployments and a stable feature set we made the investment to re-engineer the Agent and implement it in Go. This new Agent not only eliminates a number of installation dependencies, it is also both higher performing and more reliable. Better error checking and logging simplifies operations as well.

  • Network optimizations: Numerous changes to the way Romana applies and updates network configuration and policy on servers are included in v0.9.8. This results in faster pod deployment and policy updates.

From a management and administration perspective, Romana v0.9.8 includes new enhancements to simplify installation and ongoing operations:

  • Improved containerized installation: The new release packages Romana as containers that are more easily installed via kubeadm or kops. The new release now supports kops’ built in CNI networking.

  • Dynamic CIDR assignment: Romana IPAM now tracks addresses and networks across a deployment and can now automatically assign/reclaim network CIDRs to hosts as they are added and dropped from a configuration.

  • Romana Authentication and Authorization: When Romana authorization is enabled, all requests to Romana service endpoints are authenticated.

  • Standardized logging: Romana error messages and logs are now standardized to simplify troubleshooting and diagnostics.

These new features make Romana an excellent choice to automate your Kubernetes network provisioning and to apply network policy to secure your apps.

If you would like to try it for yourself, simply follow the kubeadm or kops installation instructions.

Finally, the entire team would like to thank all the Romana users that helped us with this release. Their questions and feedback was critically important for us to better understand how Romana should operate and how it could be improved to address the network and security concerns of their cloud native deployments.