v3.7 Update 3 - SaaS¶
11 Nov, 2025
Blueprints¶
Support for Kustomize Add-ons¶
Benefit
Simplifies management and deployment of by leveraging native Kustomize capabilities.
Support is being added for Kustomize with this enhancement. Kustomize is a natively supported Kubernetes tool that allows users to customize raw, template-free YAML files for multiple environments.
With this update, a new add-on type called “Kustomize”, in addition to the existing Helm 3 and K8s YAML options is being made available. The workflow remains consistent with the current experience for Helm 3 and YAML-based add-ons, providing users with a familiar and unified deployment model.
Ability to Pull Artifacts from Remote URLs¶
Benefit
Provides more flexibility and reduces operational overhead by enabling direct deployment of Kubernetes manifests from external sources.
In some cases, customers want to deploy Kubernetes manifests directly from the internet without manually downloading and managing them in internal repositories. To support this, a new option — “Pull files from URL” — is being introduced.
In addition to the existing “Upload files manually” and “Pull files from repository” options, users can now specify a remote URL to automatically fetch and deploy artifacts, streamlining the workflow and minimizing manual steps.
v1.1.53 - Terraform Provider¶
This update of the Terraform provider includes the following improvements and bug fixes.
Enhancements¶
The following enhancements have been added in this release:
-
rafay_addon and rafay_workload: Enhanced to add Web YAML and Kustomize support in these resources. You can find the example references in the documentation.
-
Credential Fetching: Enhanced to support fetching credentials like API key from secret management tools like Vault. For example you can configure the provider to fetch credentials from Vault using:
provider "rafay" {
api_key = data.vault_kv_secret_v2.rafay.data.api_key
rest_endpoint = data.vault_kv_secret_v2.rafay.data.endpoint
project = data.vault_kv_secret_v2.rafay.data.project
}
For more information, see the direct credentials in provider configuration documentation.
Bug Fixes¶
| Bug ID | Description |
|---|---|
| RC-44366 | Workloads: Fixed an issue where listing v3 workloads incorrectly included non-v3 type workloads |
| RC-44894 | ZTKA: Fixed an issue where the relay-agent service would restart when handling a high volume of requests. Note that this fix requires a blueprint sync and a base blueprint version of 3.7 or higher |
v3.7 Update 2 - SaaS¶
04 Nov, 2025
Upstream Kubernetes for Bare Metal and VMs¶
Automated Binary Cleanup on Cluster and Node Deletion¶
Benefit
Ensures complete cleanup of binaries and libraries installed during cluster provisioning, preventing leftover artifacts and reducing manual cleanup efforts.
When deleting a cluster or node, the platform now automatically runs conjurer -d to remove all binaries and libraries that were installed during cluster bring-up or conjurer execution. This enhancement ensures:
-
Cluster Deletion: During cluster deletion,
conjurer -dis executed at the end of the process to remove all binaries installed on the nodes as part of cluster provisioning or conjurer runs. -
Node Deletion: When deleting a node that is up and running, the platform removes the node from the platform and automatically runs
conjurer -don the node to remove all installed libraries that were added during cluster bring up.
This automated cleanup process helps maintain clean infrastructure and prevents accumulation of leftover binaries and libraries on nodes.
Bug Fixes¶
| Bug ID | Description |
|---|---|
| RC-44915 | Upstream K8s: Fixed an issue where Day 2 master node addition failed post an upgrade from Kubernetes 1.32 to 1.33. |
| RC-44692 | Upstream K8s: Fixed an issue where node addition failed when nodes were in different subnets while using Calico CNI. |