v3.4 Preview - SaaS¶
Expected roll out date to Prod Orgs - May 04, 2025
Upstream Kubernetes for Bare Metal and VMs¶
Enhanced Bulk Add/Delete Response in RCTL¶
Enhancements have been made to the RCTL experience when adding or deleting nodes in Upstream Kubernetes clusters.
Previously, when performing bulk node operations (add/delete), the response from RCTL did not clearly indicate which nodes were impacted. With this enhancement, the response message now includes the names of the affected nodes, providing users with clearer visibility and traceability.
This helps users confirm exactly which nodes were successfully added or removed from their upstream cluster.
Sample Response¶
Below is an example of the enhanced response returned when performing a bulk operation using RCTL:
{
"taskset_id": "9dk3emn",
"operations": [
{
"operation": "NodeAddition",
"resource_name": "test-21",
"status": "PROVISION_TASK_STATUS_PENDING"
},
{
"operation": "BulkNodeUpdate",
"resource_name": "test-21",
"status": "PROVISION_TASK_STATUS_PENDING"
},
{
"operation": "BulkNodeDelete",
"resource_name": "test-21",
"status": "PROVISION_TASK_STATUS_PENDING"
}
],
"comments": "Node add operation will be performed on: test-44, test-45. Node delete operation will be performed on: test-43. Node update operation will be performed on: test-41. The status of the operations can be fetched using taskset_id",
"status": "PROVISION_TASKSET_STATUS_PENDING"
}
Preflight Checks for MKS Clusters via RCTL¶
As part of provisioning clusters using RCTL with a cluster configuration file, users can now initiate MKS-specific Conjurer preflight checks directly using a new command-line flag.
Use the following command to invoke conjurer preflights during cluster provisioning:
./rctl apply -f <cluster.yaml> --mks-prechecks
Sample Response¶
Running Preflight-Check command on node: mks-node-5 (x.x.x.x)
Ubuntu detected. Checking and installing bzip2 if necessary...
[+] Performing pre-tests
[+] Operating System check
[+] CPU check
[+] Memory check
[+] Internet connectivity check
[+] Connectivity check to rafay registry
[+] DNS Lookup to the controller
[+] Connectivity check to the Controller
[+] Multiple default routes check
[+] Time Sync check
[+] Storage check
Detected device: /dev/loop0, mountpoint: /snap/core18/2829, type: loop, size: 55.7M, fstype: null
Detected device: /dev/loop1, mountpoint: /snap/oracle-cloud-agent/72, type: loop, size: 77.3M, fstype: null
Detected device: /dev/loop2, mountpoint: /snap/snapd/21759, type: loop, size: 38.8M, fstype: null
Detected device: /dev/sda, mountpoint: null, type: disk, size: 46.6G, fstype: null
Detected device: /dev/sda1, mountpoint: /, type: part, size: 45.6G, fstype: ext4
Detected device: /dev/sda14, mountpoint: null, type: part, size: 4M, fstype: null
Detected device: /dev/sda15, mountpoint: /boot/efi, type: part, size: 106M, fstype: vfat
Detected device: /dev/sda16, mountpoint: /boot, type: part, size: 913M, fstype: ext4
Detected device: /dev/sdb, mountpoint: null, type: disk, size: 150G, fstype: null
Potential storage device: /dev/sdb
[+] Hostname underscore check
[+] DNS port check
[+] Nameserver Rotate option check for /etc/resolv.conf
[+] Checking for Warnings
[+] Checking for Fatal errors
[+] Checking for hard failures
-------------------------------------
Preflight-Checks ran successfully on 1 node
mks-node-5 (129.146.83.94)
Note
To leverage this flag, please download the latest RCTL binary. The --mks-prechecks flag is supported in the latest version.
For more information about this feature, click here.
Enhancement: Improved DNS Configuration Resilience¶
We have enhanced the handling of DNS configuration to provide better stability and resilience.
What Changed¶
- Dynamic DNS Reconfiguration Handling
In some environments, Network Manager may update node DNS settings, causing Consul to fail service discovery and destabilize the cluster. - The system now detects these changes automatically.
- It fetches the correct host IP using updated IP configuration.
-
DNS settings are validated and aligned with
/etc/resolv.confand DNS discovery config to maintain consistent behavior. -
Handling of
rotateFlag inresolv.conf
When therotateoption is enabled inresolv.conf, DNS requests are round-robined across available servers, which can lead to intermittent discovery failures for Consul. - We now warn users when the
rotateflag is detected (via theconjurerbinary). - During day-2 operations, the system will automatically remove the
rotateflag** to ensure consistent DNS resolution and avoid cluster issues.
These enhancements help avoid DNS-related instability and ensure reliable and consistent service discovery in upstream Kubernetes clusters, even in dynamic or custom network environments.
Note
This enhancement is applicable only for newly created upstream MKS clusters. Support for existing clusters will be included in the next release.
Backup & Restore¶
Agent update¶
This enhancement enables users to upgrade an existing Data Agent from version v1.9.3 to v1.15.1.
The upgrade can be performed using either the UI or RCTL.
As part of the upgrade to v1.15.1, users can optionally enable new capabilities introduced in this version, including:
Enable CSI: Enables support for volume snapshots using the Container Storage Interface (CSI).SSE-C Encryption Key: Allows users to configure server-side encryption with customer-provided keys for enhanced data security.
These features are available only in version v1.15.1 and are not supported in earlier version.
For more information about this feature, click here.
Amazon EKS¶
Day 2 Tag Updates for Self-Managed Node Groups¶
Previously, updating tags on self-managed node groups during Day 2 operations was not supported. Attempting to modify or add tags would result in a validation error, preventing the update from being applied.
With this release, users can now update tags on self-managed node groups as part of Day 2 operations, offering improved flexibility and lifecycle management for EKS clusters.
Platform as a Service (PaaS)¶
Info
The PaaS feature is feature flagged. The enhancements described below are available to customer orgs only if the feature flag is enabled.
Partner-Level Dashboards¶
Partner-level dashboards that will offer insights into various usage metrics, with the ability to filter data by organization will be available. These dashboards can help answer questions such as:
- How many SKUs or profiles have been created?
- How many instances have been launched, by whom, and under which organizations?
- Which profiles are most frequently used for instance creation?
- Are there any instances currently in a failed or unhealthy state?
- When were instances created, and how long have they been running?
- What are the usage trends over time for instance creation?
- Who are the most active users across organizations?
For more information about this feature, click here.
Metrics for VM instances¶
The platform currently provides utilization metrics for instances based on Kubernetes clusters. Similar metrics—such as GPU and memory utilization are being extended to support VM-based instances as well. Users can filter by time range and view historical metrics going back up to one week.
User Management¶
Authentication¶
Several enhancements are being implemented to strengthen authentication, including stricter policies that prevent local users from reusing previously used passwords.
Namespaces¶
Label Associations¶
A previous release introduced support for configuring namespace labels at the project level. Upcoming enhancements focus on performance optimization and improvements to the reconciliation loop for more efficient and reliable label management.
Environment Manager¶
Skip Resource Execution¶
This enhancement enables selective execution of specific resources during an environment deployment. It is particularly useful in cases where only certain resources such as DNS updates for failover require changes, allowing all other unchanged resources to be skipped from execution.
Note
This feature will initially be supported with non-UI interfaces. Support with UI interface will be added in a subsequent release.
For more information about this feature, click here.
System Templates¶
The following templates are be being added to the Catalog.
K8s Multi-Tenancy¶
| # | Template Name | Description |
|---|---|---|
| 1 | system-naas-anyk8s |
Implement namespace based multi-tenancy with required security controls to reduce infrastructure costs |
Bug Fixes¶
| Bug ID | Description |
|---|---|
| RC-41391 | Fixed an issue where applying a blueprint update failed with a CNI NotFound error. |
| RC-41275 | Resolved a failure in EKS cluster creation when using the Ubuntu2204 AMI family. |
| RC-40459 | Upstream Kubernetes: Fixed an issue where the node page navigation would hang and freeze. |