What’s new in Constellation v2.2.0? AWS support, minimal OS images & Terraform integration!

Fabian Kammel


Today we are excited to announce Constellation v2.2.0, our Confidential Kubernetes Engine! We want to highlight three exciting new features:

  1. AWS support
  2. Minimal OS images built with mkosi
  3. Terraform integration completed

For the full list of changes see our changelog and documentation.

AWS Support

Constellation v2.0.0 launched with support for Azure and GCP. Now, we are proud to announce that AWS is also supported.

Constellation uses AWS Nitro-based virtual machines. This enables us to utilize AWS NitroTPMs to generate attestation statements.

Standing up an AWS-based Constellation cluster is as easy as:

$ constellation create --control-plane-nodes 3 --worker-nodes 1

The following Constellation cluster will be created: 3 control-planes nodes of type m6a.xlarge will be created. 1 worker nodes of type m6a.xlarge will be created. Do you want to create this cluster? [y/n]: y Creating Your Constellation cluster was created successfully. $ constellation init Using community license. Please keep your vCPU quota in mind. Your Constellation master secret was successfully written to ./constellation-mastersecret.json Initializing cluster Your Constellation cluster was successfully initialized.

Constellation cluster identifier 2MpU2HszL/oQJH8rq69BgKAD5LVUj8n7Wm7AJ7Ce76g= Kubernetes configuration constellation-admin.conf

You can now connect to your cluster by executing: export KUBECONFIG="$PWD/constellation-admin.conf"

Minimal OS images built with mkosi

We strive to provide the most secure Kubernetes distribution with the smallest attack surface possible! To make good on that promise we have switched from CoreOS-based to Fedora-based images, built with mkosi.

This has the following benefits:

  • A fully declarative description of our images.
  • Reduced the image size from 3GB to 700MB.
  • A faster development cycle with incremental builds.

If you would like to know more, we have written a full story about our mkosi implementation.

Terraform integration

In Constellation v2.1.0 we announced support for Terraform on GCP. We now have extended this support to Azure and AWS.

Regardless of the cloud provider, you are now able to extend and maintain the infrastructure built by Constellation with the tools and processes you are already familiar with.

We already have more exciting features scheduled for the Constellation v2.3.0 milestoneLet us know which features you want to see in the next version of Constellation.