Docker remains a leader in container technology, but Kubernetes is quickly gaining popularity for container orchestration and management.  The open-source project announced the release of version 1.7, and it is loaded with new features focused on security, extensibility and other ways for deploying, scaling and managing containerized applications to be used in the most demanding enterprise environments. 

So, what's new in this release?

Security:

• The Network Policy API is promoted to stable. Network policy, implemented through a network plug-in, allows users to set and enforce rules governing which pods can communicate with each other. 
• Node authorizer and admission control plugin are new additions that restrict kubelet's access to secrets, pods and other objects based on its node.
• Encryption for Secrets, and other resources in etcd, is now available as alpha. 
• Kubelet TLS bootstrapping now supports client and server certificate rotation.
• Audit logs stored by the API server are now more customizable and extensible with support for event filtering and webhooks. They also provide richer data for system audit.
  

• StatefulSet Updates is a new beta feature in 1.7, allowing automated updates of stateful applications such as Kafka, Zookeeper and etcd, using a range of update strategies including rolling updates.
• StatefulSets also now support faster scaling and startup for applications that do not require ordering through Pod Management Policy. This can be a major performance improvement. 
• Local Storage (alpha) was one of most frequently requested features for stateful applications. Users can now access local storage volumes through the standard PVC/PV interface and via StorageClasses in StatefulSets.
• DaemonSets, which create one pod per node already have an update feature, and in 1.7 have added smart rollback and history capability.
• A new StorageOS Volume plugin provides highly-available cluster-wide persistent volumes from local or attached node storage.
  

• API aggregation at runtime is the most powerful extensibility features in this release, allowing power users to add Kubernetes-style pre-built, 3rd party or user-created APIs to their cluster.
• Container Runtime Interface (CRI) has been enhanced with New RPC calls to retrieve container metrics from the runtime. Validation tests for the CRI have been published and Alpha integration with containerd, which supports basic pod lifecycle and image management is now available. Read our previous in-depth post introducing CRI.

Kubernetes 1.7 is available for download on GitHub. To get started with Kubernetes, try one of the these interactive tutorials.