Skip to content
Rafay Product Documentation
Config Schema
Initializing search
Home
Get Started/Tutorials
Recipes
Releases
Blog
Contact
Rafay Product Documentation
Home
Home
Home
Overview
Overview
Architecture
Organizations
Icons
Automation
Automation
Overview
CLI
CLI
Overview
Setup
Commands
Commands
AddOns
Agents
Backup
Blueprints
Blueprint Schema
Catalog
Clusters
Cloud Credentials
IdP/SSO
Namespaces
Namespace Schema
Network Policy
Overrides
Pipelines
Policy
Projects
Repository
RBAC
Secret Groups
Secret Stores
Service Mesh
Templating
Trigger
Workloads
Legacy
Legacy
Overview
Blueprints
Addons
Agents
Clusters
Credentials
Namespaces
Pipeline
Projects
Repository
Trigger
Workloads
Terraform Provider
APIs
Clusters
Clusters
Home
Overview
Metadata
Metadata
Location
Cluster Labels
Node Labels
Node Taints
Health
Amazon EKS Anywhere
Amazon EKS Anywhere
Bare Metal Provider
Bare Metal Provider
Overview
Supported Environments
Gateway
Provisioning
CLI
Deprovision
Amazon EKS
Amazon EKS
Overview
Supported Environments
Templates
Templates
Create Cluster Template
Create Cluster from Template
CLI for Cluster Template
Credentials
IAM Policy
IAM Policy
Overview
Full
Customer-Managed VPC
Customer-Managed VPC & IAM
Customer-Managed VPC & IAM with Restrictions
Cluster Config
CLI
CLI
Overview
GitOps
GitOps
Overview
Day-2 Operations
Examples
Config Schema
Unified Config Schema
Provision
Day-2 Operations
Convert to Managed
IAM Service Accounts
IAM Service Accounts
Overview
CLI for IRSA
CNI Providers
Control Plane
VPC Networking
VPC Networking
Overview
Custom Networking
Secondary CIDR with VPC
Nodegroups
Nodegroups
Overview
Custom AMI
Wavelength Zone
AWS Tags
Spot Instances
Node Labels
Visibility and Monitoring
RBAC based KubeCTL
Identity Mapping
Deprovision
Upgrade Strategies
k8s Upgrades
AMI Upgrades
Audit
API
Best Practices
FAQ
Troubleshooting
Azure AKS
Azure AKS
Overview
Supported Environments
Templates
Templates
Create Cluster Template
Create Cluster from Template
CLI for Cluster Template
Azure Setup
Credentials
Provision
Convert to Managed
Node Labels
Spot Price
Visibility and Monitoring
Deprovision
K8s Upgrades
Audit
CLI
CLI
Overview
GitOps
GitOps
Overview
Examples
Config Schema
Troubleshooting
Bare Metal/VM
Bare Metal/VM
Approaches
Overview
Supported Environments
Configuration
Preflight Checks
Provisioning
Master Nodes
Worker Nodes
CLI
Config Schema
Kubernetes Access
Kubernetes Upgrades
Node OS Upgrades
Deprovision
Troubleshooting
Retry and Backoff
Reset Node
Storage
Storage
Add Storage
Zero Trust Host Access
Zero Trust Host Access
Overview
Examples
Examples
Single Command-Node
Multiple Command-Node
Command-Cluster
Command History
Edge
Edge
Overview
Simulator
Equinix Metal
Equinix Metal
Overview
Provision Servers
Provision Kubernetes
Google GKE
Google GKE
Overview
Supported Environments
Templates
Templates
Create Cluster Template
Create Cluster from Template
CLI
GCP IAM
Credentials
Provisioning
Provisioning Explained
preBootstrapCommands
CLI
Config Schema
Scale Nodes
Upgrade K8s
Troubleshooting
Imported
Imported
Overview
Imperative
Declarative
Import Failures
Remove Operator
Analysis
Open Stack
Open Stack
Overview
Provision
Deprovision
Lifecycle
FAQ
RedHat OpenShift
RedHat OpenShift
Overview
Provision
Import
Blueprints
Dashboards
Virtual Appliance
Virtual Appliance
Overview
Provision
Deprovision
Lifecycle
vSphere Example
SSH Example
VMware vSphere
VMware vSphere
Overview
Supported Environments
Gateway
Credentials
Provisioning
Custom OS Image
CLI
Config Schema
Scale Nodes
Troubleshooting
Cluster Templates
Cluster Templates
Overview
Multi Tenancy
Multi Tenancy
Overview
Hard Tenancy
Projects
Projects
Overview
Description
Project Tags
Resource Quotas
Cluster Sharing
CLI
Soft Tenancy
Soft Tenancy
Workspace
Namespace
Namespace
Overview
Management
Reconciliation
CLI
Services
Services
Overview
Backup and Restore
Backup and Restore
Overview
Backup Location
Backup Location
Overview
AWS S3 Bucket
Azure Blob Storage
S3 Compatible Storage
CLI
Credentials
Credentials
Overview
AWS
Azure
S3 Compatible
Data Agent
Backup Policy
Backup Job
Restore Policy
Restore Job
Considerations
Blueprints
Blueprints
Overview
Custom Add-Ons
Managed Add-Ons
Managed Add-Ons
Overview
Ingress Controller
Ingress Controller
Background
Managed Ingress
Blueprint Types
Blueprint Types
Default System Blueprints
Default System Blueprints
Overview
Minimal Blueprint
Standard Default Blueprint
Default AKS
Default GKE
Default Openshift
Default Upstream
Custom and Golden Blueprints
Custom and Golden Blueprints
Custom Blueprint
Golden Blueprint
Cluster Fleet Management
Sharing
Cluster Overrides
Update Blueprint
Pod Security Policy (EOL)
Troubleshooting
CLI
CLI
Blueprint CLI
Add-Ons CLI
API
Catalog
Catalog
Overview
Manage Catalogs
CLI
Cost Management
Cost Management
Overview
Cost Profiles
Cloud Credentials
AWS Integration
Azure Integration
Visibility
Chargeback/Showback
CLI
CLI
Profiles
Chargeback Groups
GitOps (Apps & Infra)
GitOps (Apps & Infra)
Overview
Benefits
Pipelines
Stages
Stages
Overview
Approval
Deploy Workload
Infra Provisioner
Infra Provisioner
Overview
CLI
System Sync
Workload Template
Triggers
Triggers
Overview
Troubleshooting
Secret Groups
Secret Groups
Pipeline Secret Groups
CLI
Agents
Network Policy
Network Policy
Background
Overview
Installation Profiles
Network Policy Rules
Network Policy Rules
Overview
Cluster-Wide Network Policy Rules
Namespace Network Policy Rules
Cluster-Wide Network Policies
Namespace Network Policies
Network Visibility
CLI
Policy Mgmt
Policy Mgmt
Overview
Installation Profiles
Constraint Templates
Constraints
Policies
Policy Violations
Visibility
CLI
Secrets Management
Secrets Management
AWS Secrets Manager
AWS Secrets Manager
Secrets Store Add-on
Secret Provider Classes
Configure IRSA
Annotations
CLI
HashiCorp Vault
HashiCorp Vault
Overview
Configure Vault
Use Vault-Helm/YAML
Use Vault-Helm/YAML
ENV Variables
Files
Use Vault-Wizard
Sealers
Sealers
Secret Sealer
Use Secret Sealer
Service Mesh
Service Mesh
Background
Overview
Installation Profiles
Service Mesh Rules
Service Mesh Rules
Overview
Cluster-Wide Rules
Namespace-Wide Rules
Cluster-Wide Policies
Namespace Policies
Visibility
CLI
Common Use cases
Common Use cases
mTLS (Self-signed)
mTLS (Vault)
mTLS (ACM)
Visibility & Monitoring
Visibility & Monitoring
Visibility
Visibility
Overview
Organization
Projects
Cluster
My Clusters
Nodes
Kubernetes Resources
Kubernetes Resources
View/Edit/Delete
Create
Kubernetes Events
Pod Dashboard
Container Dashboard
Configuration
GPU Dashboard
Monitoring
Monitoring
Overview
Alerts
Notifications
Custom Metrics HPA
Zero Trust Kubectl
Zero Trust Kubectl
Background
Overview
KubeCTL
KubeCTL
Browser
KubeCTL CLI
Configuration
RBAC
Audit Trail
Private Kube API Proxy
FAQ
App Deployments
App Deployments
Overview
Kubectl
Helm
Workloads
Workloads
Overview
Helm Charts
k8s YAML
Registry
Registry
Overview
System Registry
Repositories
Repositories
Overview
Public Repos
Private Repos
Lifecycle
Agents
Wizard
Wizard
Overview
Ingress
DNS based GSLB
Containers
Container Registry
Upgrade Strategy
Storage
Policy
Publish
VM Wizard
Certificate
Certificate
Overview
New Certificate
Cluster Overrides
CLI
Zero Trust Debug
Zero Trust Debug
Overview
Developer Tools
Continuous Integration
Continuous Integration
Overview
Common Patterns
Jenkins
Jenkins
Overview
Workload Basics
Workload Wizard
Helm Workloads
YAML Workloads
Provision Upstream k8s
Provision Amazon EKS
CircleCI
GitLab
Azure DevOps
Integrated GitOps
3rd Party GitOps
3rd Party GitOps
ArgoCD
User Management
User Management
Overview
Users
MFA
Groups
Roles
CLI
Single Sign On
Single Sign On
Overview
ADFS
AWS SSO
Azure AD
Duo SSO
Google Workspace
KeyCloak
Okta
Ping One
CLI
Webhooks
Multiple Orgs
Security
Security
Overview
White Listing
Audit Logging
Audit Log Aggregation
Audit Log Aggregation
Overview
CloudWatch
DataDog
Splunk
Compliance
Vulnerabilities
CIS Benchmark
Contact
Self Hosted Controller
Self Hosted Controller
Home
Overview
Supported Versions
Environments
Environments
Bare Metal/VM
Bare Metal/VM
Requirements
Installation
Air Gap Config YAML
Load Balancer Config
Amazon EKS
Amazon EKS
Requirements
Installation
Backup and Restore
AWS EKS Custom ECR
AWS EKS Custom ECR
Requirements
Installation
IRSA Role
Terraform Configuration
Azure AKS
Azure AKS
Requirements
Installation
Backup and Restore
Google GKE
Google GKE
Requirements
Installation
Backup and Restore
Self Hosted v1.24
Self Hosted v1.24
Requirements
Installation
Upgrades
Upgrades
Overview
GKE Self Hoste v1.24
1.5.x to 1.6.x
1.4.x to 1.5.x
Support Matrix
Partners
Partners
Overview
Operations
Cluster Health State
Whitelabeling
Get Started/Tutorials
Get Started/Tutorials
Home
Overview
Kubernetes
Kubernetes
Overview
Install MicroK8s
Kubernetes 101
Kubernetes 101
Part 1: Using Namespaces
Part 2: Using Pods
Part 3: Using Deployments
Part 4: Using Services
Part 5: Using Ingress
Kubernetes 201
Kubernetes 201
Part 1: Using ConfigMaps
Part 2: Using Secrets
Part 3: Using PV
Part 4: Using PVC
Kubernetes 301
Kubernetes 301
Deployments, StatefulSets, DaemonSets
Part 1: Using StatefulSets
Part 2: Using DaemonSets
Basics
Basics
Overview
Prerequisites
Part 1: Create Project
Part 2: User Management
Part 3: Zero Trust Kubectl
Part 4: Namespaces
Part 5: Cluster Blueprints
Part 6: Visibility & Monitoring
Part 7: GitOps Pipelines
Part 8: Policy Management
Part 9: Backup/Restore
Clean Up
Access Control
Access Control
IDP RBAC
IDP RBAC
Overview
Alerts
Notifications
Alerts & Notifications
Alerts & Notifications
Alerts
Notifications
Amazon EKS
Amazon EKS
Home
Backup/Restore
Backup/Restore
Overview
Part 1: Setup Environment
Part 2: Create Resources
Part 3: Backup/Restore
Blue/Green Upgrade
Blue/Green Upgrade
Overview
Part 1: Setup
Part 2: Provision
Part 3: Workload
Part 4: Deprovision
Cluster Lifecycle
Cluster Lifecycle
Overview
Prerequisites
Part 1: Provision
Part 2: Scale
Part 3: Node Group
Part 4: Upgrade
Part 5: Deprovision
Cluster Templates
Cluster Templates
Overview
Part 1: Setup
Part 2: Utilize
CloudWatch
CloudWatch
Overview
Part 1: Setup
Part 2: Provision
Part 3: Blueprint
Part 4: Deprovision
Cluster Autoscaler
Cluster Autoscaler
Overview
Part 1: Setup
Part 2: Blueprint
Part 3: Provision
Part 4: Workload
Part 5: Deprovision
Custom Networking
Custom Networking
Overview
Provision
Deploy Workload
Deprovision
EKS System Sync
EKS System Sync
Overview
Part 1: Setup
Part 2: Sync from Git
Part 3: Sync from System
Fargate
Fargate
Overview
Provision
Deploy Workload
Deprovision
GitOps
GitOps
Overview
Part 1: Setup
Part 2: Provision
Part 3: Pipeline
Part 4: Utilize
Part 5: Deprovision
GPU
GPU
Overview
Part 1: Setup
Part 2: Provision
Part 3: Blueprint
Part 4: Workload
Part 5: Deprovision
Graviton
Graviton
Overview
Provision
Deploy Workload
Deprovision
Karpenter
Karpenter
Overview
Part 1: Setup
Part 2: Provision
Part 3: Blueprint
Part 4: Workload
Part 5: Deprovision
Secrets Manager
Secrets Manager
Overview
Part 1: Provision
Part 2: Blueprint
Part 3: Workload
Part 4: Deprovision
Spot Instances
Spot Instances
Overview
Part 1: Provision
Part 2: Deprovision
Takeover
Takeover
Overview
Import & Takeover
Lifecycle Operations
Deprovision
Standard Operating Model
Standard Operating Model
Overview
Part 1: Setup
Part 2: Provision
Part 3: Deprovision
Windows
Windows
Overview
Part 1: Provision
Part 2: Workload
Part 3: Deprovision
Amazon EKS Anywhere
Amazon EKS Anywhere
Cluster Lifecycle
Cluster Lifecycle
Overview
Part 1: Provision
Part 2: Deprovision
App Lifecycle
App Lifecycle
Workload Lifecycle
Workload Lifecycle
Overview
Part 1: YAML
Part 2: Helm
Part 3: Update
Troubleshooting
Troubleshooting
Overview
Scenario 1: Misconfigured Requests
Scenario 2: Incorrect Container Image
Azure AKS
Azure AKS
Home
Backup/Restore
Backup/Restore
Overview
Part 1: Setup Environment
Part 2: Create Resources
Part 3: Backup/Restore
Cluster Lifecycle
Cluster Lifecycle
Overview
Prerequisites
Part 1: Provision
Part 2: Scale
Part 3: Node Pool
Part 4: Upgrade
Part 5: Deprovision
Cluster Takeover
Cluster Takeover
Overview
Part 1: Provision
Part 2: Deprovision
Cluster Templates
Cluster Templates
Overview
Part 1: Setup
Part 2: Utilize
Standard Operating Model
Standard Operating Model
Overview
Part 1: Setup
Part 2: Provision
Part 3: Deprovision
Blueprints
Blueprints
Blueprint Lifecycle
Blueprint Lifecycle
Overview
Part 1: Create
Part 2: Update
Part 3: Monitor
Add-Ons and Overrides
Add-Ons and Overrides
Overview
Part 1: Create
Part 2: Utilize
Drift Detection
Drift Detection
Overview
Part 1: Detect
Part 2: Block
Namespace Syncronization
Namespace Syncronization
Overview
Part 1: Create
Part 2: Manage
Google GKE
Google GKE
Home
Cluster Lifecycle
Cluster Lifecycle
Overview
Part 1: Provision
Part 2: Scale
Part 3: Upgrade
Part 4: Deprovision
Cluster Templates
Cluster Templates
Overview
Part 1: Setup
Part 2: Utilize
Upstream MKS
Upstream MKS
Home
Backup/Restore
Backup/Restore
Overview
Part 1: Setup Environment
Part 2: Create Resources
Part 3: Backup/Restore
Cluster Lifecycle
Cluster Lifecycle
Overview
Part 1: Provision
Part 2: Scale
Part 3: Upgrade
Part 4: Deprovision
GPU
GPU
Overview
Part 1: Setup
Part 2: Blueprint
Part 3: Workload
Part 4: Deprovision
Managed Storage
Managed Storage
Overview
Part 1: Setup
Part 2: Blueprint
Part 3: Utilize
Part 4: Expand
Standard Operating Model
Standard Operating Model
Overview
Part 1: Setup
Part 2: Provision
Part 3: Deprovision
Windows
Windows
Overview
Part 1: Provision
Part 2: Workload
Part 3: Deprovision
VMware vSphere
VMware vSphere
Cluster Lifecycle
Cluster Lifecycle
Overview
Part 1: Setup
Part 2: Provision
Part 3: Scale
Part 4: Upgrade
Part 5: Deprovision
GitOps
GitOps
AKS System Sync
AKS System Sync
Overview
Part 1: Setup
Part 2: Provision
Part 3: Deprovision
Deployment Strategies
Deployment Strategies
Overview
Setup
Recreate
Rolling Update
Blue-Green
Canary
System Sync
System Sync
Overview
Part 1: Setup
Part 2: Sync Blueprint
Part 3: Sync Workload
EKS System Sync
EKS System Sync
Overview
Part 1: Setup
Part 2: Provision
Part 3: Deprovision
Multi-tenancy
Multi-tenancy
Overview
Project based isolation
Shared clusters
Policy Management
Policy Management
OPA Gatekeeper
OPA Gatekeeper
Overview
Part 1: Setup
Part 2: Policy
Part 3: Blueprint
Part 4: Workload
Turnkey OPA Policies
Turnkey OPA Policies
Overview
Part 1: Setup
Part 2: Apply
Part 3: Test
Network Policy
Network Policy
Overview
Part 1: Setup
Part 2: Network Visibility
Part 3: Namespace Isolation
Part 4: Self-Service via RBAC
Cost Management
Cost Management
Overview
Part 1: Setup
Part 2: Visualization
Part 3: Chargeback/Showback
Service Mesh
Service Mesh
Overview
Part 1: Setup
Part 2: Service Mesh Visibility
Part 3: Enforce strict mTLS
Troubleshooting
Troubleshooting
Workloads
Workloads
Overview
Scenario 1: Misconfigured Requests
Scenario 2: Incorrect Container Image
Zero Trust Kubectl
Zero Trust Kubectl
Overview
Controlled Access
Break Glass
Audit Logs
Recipes
Recipes
Overview
Contributors
AI/ML
AI/ML
Overview
K8sGPT
K8sGPT
Overview
Configure
Test
AlertManager
AlertManager
Slack
PagerDuty
Opsgenie
Microsoft Teams
Backup
Backup
CloudCasa
Velero
Velero
Overview
Credentials - IAM Role
Credentials - IAM User
Credentials - MinIO
Use Velero
Cost Management
Cost Management
Overview
Kubecost
Cert-Manager
Cert-Manager
Overview
Create Addon
Use Cert-Manager
Databases
Databases
Redis
InfluxDB
Developer Self-Service
Developer Self-Service
Backstage
Vclusters
Edge
Edge
Zededa
Zededa
Overview
Provision Cluster
Import Cluster
Functions
Functions
Kubeless
Governance
Governance
OPA Gatekeeper
OPA Gatekeeper
Overview
Policies
Examples
Examples
Container without limits configured
Container without probes configured
Pull container images from only ECR registry
Unique Service Selector
Unique Ingress Host
Run Containers only with selective users
Kyverno
Kyverno
Overview
Policies
GPU
GPU
Overview
Nvidia GPU Operator
Test GPU
Ingress
Ingress
ALB
ALB
Overview
Create
Configure
Access
Ambassador
Citrix
Kong
Kong
Install Kong
Enable Monitoring
Enable Logging
Sample Application
NGINX
NGINX
Overview
Create Blueprint
Test Workload
Load Balancer
Load Balancer
MetalLB
MetalLB
Overview
Create
Configure
Access
Logging
Logging
CloudWatch
OpenSearch
OpenSearch
Overview
Create
Configure
Access
Splunk
Sumologic
New Relic
Monitoring
Monitoring
Amazon Prometheus
Amazon Prometheus
Overview
Create
Configure
Access
CloudWatch
Datadog Agent
Grafana
New Relic
OpsVerse Agent
Prometheus Operator
Splunk Connect
Network Policy
Network Policy
Overview
Calico
Calico
Install
Test
Cilium
Cilium
Install
Secrets
Secrets
AWS Secrets Manager
AWS Secrets Manager
Overview
Create
Configure
Access
Hashicorp Vault
Hashicorp Vault
Overview
Create
Configure
Access
Sealed Secrets
Security
Security
Araali
Kube-bench
Service Mesh
Service Mesh
Istio
Istio
Overview
Use Istio
Linkerd
Linkerd
Overview
Use Linkerd
Storage
Storage
MinIO
Ondat
Portworx
Troubleshooting
Troubleshooting
Sosivio
Releases
Releases
Overview
Production
Production
2023
2023
June
May
Apr
Mar
Feb
Jan
2022
2021
2020
2019
Preview
Preview
Overview
Features
Self Hosted
Self Hosted
2023
Blog
Blog
Index
Archive
Archive
2023
2022
Categories
Categories
AI/ML for Kubernetes
Amazon EKS Anywhere on Bare Metal
Amazon EKS Lifecycle Management
Amazon EKS v1.25
Amazon EKS
AWS
Azure AKS
Backstage
Bare Metal and VM based Environments
Basics of Kubernetes
Best Practices
Challenges
Cluster Templates
Cluster Upgrades
Compliance
Cost Management
Developer Self Service
Discovery
Drift Detection
EBS Volumes
GKE
Hands-on Learning
Infrastructure as Code (IaC)
Infrastructure
Istio Service Mesh
Kubernetes Components
Kubernetes for AI/ML
Kubernetes v1.26
May 2023 Release
New Releases
Platform Teams
Preview Environment
Product Blog
Product Documentation
Rafay Terraform Provider
Security
Solutions for Challenges
Terraform
Training
Upgrade to EKS v1.23
Windows Containers on Kubernetes
Contact
Contact
Email
Slack
AKS Schema
¶
Cluster configuration for AKS clusters