General
The following tables summarizes requirements and support policy for various features/capabilities offered by the platform.
Supported K8s versions by providers¶
| Provider | Cluster Lifecycle | Imported |
|---|---|---|
| Amazon EKS | Supported versions | Versions supported by the provider |
| Azure AKS | Supported versions | Versions supported by the provider |
| Google GKE | Supported versions | Versions supported by the provider |
| Upstream Kubernetes (MKS) on Bare Metal and VMs | Supported versions | N/A |
Recommended: Default CNI Support via System Blueprints (MKS)¶
Rafay now supports adding CNI plugins either via default system blueprints or through custom configurations (BYO-CNI) in MKS clusters. The following CNIs and their versions are currently supported through system default blueprints:
| Blueprint Name | CNI Plugin(s) and Version(s) |
|---|---|
| default-upstream-calico | Calico v3.29.0 |
| default-upstream-cilium | Cilium v1.16.4 |
| default-upstream-kubeovn | Kube-OVN v1.13.0 |
| default-upstream-kubeovn-chaining | Kube-OVN v1.13.0, Cilium v1.16.4 |
Recommended: Use these default system blueprints to leverage the latest CNI versions and simplify lifecycle management of cluster networking.
Info
For more details on default CNI blueprints, see Default CNI Blueprints
Supported Network Plugins by Cluster Type¶
| Cluster Type | Network Plugin(s) | Customization Allowed |
|---|---|---|
| MKS | Cilium 1.15.7, Cilium 1.14.1, Calico 3.28.1, Calico 3.26.1, Canal-Calico-3.24.5-Flannel-0.15.1, Kube-OVN | Calico, Cilium, Kube-OVN |
| EKS | aws-cni, Calico 3.24.5, Cilium | Calico, Cilium |
| AKS | Kubenet (None, Calico), Azure CNI (None, Calico, Azure) | - |
| GKE | GCP Networking Stack | - |
MKS Platform Version Support¶
The following table shows the supported component versions for each MKS platform version:
| Platform Version | CRI Version | ETCD Version | Salt Minion Version |
|---|---|---|---|
| v1.0.0 | 2.0.4 | 3.5.21 | 3006.9 |
Platform Version Details
For more detailed information about MKS platform versioning and component compatibility, please refer to our Platform Versioning Documentation.
Supported EKS managed add-ons corresponding to Kubernetes version¶
| Managed Addon | K8s version | Addon Version |
|---|---|---|
| Kube-proxy | 1.32 | v1.32.0-eksbuild.2 |
| 1.31 | v1.31.2-eksbuild.3 | |
| 1.30 | v1.30.3-eksbuild.5 | |
| 1.29 | v1.29.7-eksbuild.5 | |
| 1.28 | v1.28.4-eksbuild.4 | |
| 1.27 | v1.27.8-eksbuild.4 | |
| 1.26 | v1.26.11-eksbuild.4 | |
| 1.25 | v1.25.16-eksbuild.2 | |
| 1.24 | v1.24.17-eksbuild.8 | |
| 1.23 | v1.23.17-eksbuild.9 | |
| CoreDNS | 1.32 | v1.11.4-eksbuild.2 |
| 1.31 | v1.11.3-eksbuild.1 | |
| 1.30 | v1.11.3-eksbuild.1 | |
| 1.29 | v1.11.3-eksbuild.1 | |
| 1.28 | v1.10.1-eksbuild.7 | |
| 1.27 | v1.10.1-eksbuild.7 | |
| 1.26 | v1.9.3-eksbuild.11 | |
| 1.25 | v1.9.3-eksbuild.11 | |
| 1.24 | v1.9.3-eksbuild.11 | |
| 1.23 | v1.8.7-eksbuild.10 | |
| VPC CNI | 1.32 | v1.19.2-eksbuild.1 |
| 1.31 | v1.19.0-eksbuild.1 | |
| 1.30 | v1.18.3-eksbuild.3 | |
| 1.29 | v1.16.2-eksbuild.1 | |
| 1.28 | v1.16.2-eksbuild.1 | |
| 1.27 | v1.16.2-eksbuild.1 | |
| 1.26 | v1.16.2-eksbuild.1 | |
| 1.25 | v1.16.2-eksbuild.1 | |
| 1.24 | v1.16.2-eksbuild.1 | |
| 1.23 | v1.16.2-eksbuild.1 |
Provider support for Environment Manager¶
Certified OpenTofu versions¶
- 1.6.2
- 1.7.2
- 1.8.0
Identity Providers for SSO¶
Certified IDPs¶
- Okta
- PingOne
- Entra ID
- Duo SSO
- ADFS (Active Directory Federation Services)
- Authentik
- AWS SSO
- Google Workspace
- KeyCloak
Note
Any SAML 2.0 based IDP provider is supported. For more details, refer here
GitOps Pipeline Triggers¶
Supported providers for Webhook based triggers¶
- Github
- Gitlab
- BitBucket
- Azure Repos
Note
Cron Job based triggers can be leveraged for any Git compatible provider that is not in the list above. For more details, refer here
Managed System Add-ons & Services¶
| Managed System Add-ons & Services | OSS Component(s) | Supported Distros |
|---|---|---|
| Managed Storage | Rook-Ceph | Upstream k8s |
| Ingress Controller (Deprecated) | Ingress NGINX | All |
| Monitoring & Alerting | Prometheus | All |
| Metrics Server | All | |
| Alert Manager | All | |
| Secrets Store CSI Driver | Secret Store CSI driver + AWS Secrets Manager provider specific plugin | Amazon EKS |
| Policy Management | OPA Gatekeeper | All |
| Backup & Restore | Velero | All |
| Network Policy | Cilium | Refer here for more details |
| Cost Management | OpenCost | All |
| Local Storage | OpenEBS | Upstream K8s |
Resources Character Limits¶
The table below provides the maximum allowed character limits for various resources:
| Resource | Resource Type | Maximum Length |
|---|---|---|
| Addon | 63 | |
| Cluster | EKS | 63 |
| AKS | 30 | |
| GKE | 30 | |
| Upstream | 30 | |
| Imported | 30 | |
| Cluster Override | 253 | |
| Namespace | 45 | |
| Project | 256 | |
| Workload | 63 |
Note: Alphanumeric characters (a-z, 0-9) and hyphen are allowed, with the exception that hyphen cannot be placed at the beginning or the end