Skip to content

Index

Amazon EKS v1.29 using Rafay

Our recent release update in Feb to our Preview environment adds support for a number of new features and enhancements. We will write about the other new features in separate blogs. This blog is focused on our turnkey support for Amazon EKS v1.29.

Both new cluster provisioning and in-place upgrades of existing EKS clusters are supported. As with most Kubernetes releases, this version also deprecates and removes a number of features. To ensure there is zero impact to our customers, we have made sure that every feature in the Rafay Kubernetes Operations Platform has been validated on this Kubernetes version.

This release will be promoted from Preview to Production in a few days and will be made available to all customers.

Note that no action is needed on the part of our SaaS customers with the new release. Once the rollout is completed, all they need to do is learn about the new features and determine how and when they would like to use them.

Google GKE v1.28 Clusters using Rafay

Our recent release update in Jan to our Preview environment adds support for a number of new features and enhancements. We will write about the other new features in separate blogs. This blog is focused on our turnkey support for GKE v1.28.

This version of GKE was Generally Available (GA) starting Jan 2024 and go end of life in Nov 2024

Both new cluster provisioning and in-place upgrades of existing GKE clusters are supported.

This release will be promoted from Preview to Production in a few days and will be made available to all customers.

Kubernetes v1.28

Challenges of Container Vulnerability Management

In the dynamic landscape of modern application development, containers have emerged as the cornerstone of microservices, revolutionizing the way software is deployed and managed. However, as we celebrate the agility and efficiency brought by containers, a critical concern looms large in the background — the chaotic state of vulnerability management within the container ecosystem. Several noteworthy challenges persist :

  • Current-generation container vulnerability scanners lack contextual considerations and actionable suggestions, posing difficulties in effectively addressing and resolving vulnerabilities.

  • Security teams, accustomed to traditional methods, face challenges in adapting to container security, where the absence of clear context and mitigation measures complicates the resolution of issues.

  • Open source container projects exhibit inconsistent practices in disclosing vulnerabilities and providing information about fixed versions, further complicating the task of maintaining a secure environment.

AKS v1.28 Clusters using Rafay

Our recent release update in Jan to our Preview environment adds support for a number of new features and enhancements. We will write about the other new features in separate blogs. This blog is focused on our turnkey support for AKS v1.28.

This version of AKS was Generally Available (GA) starting Nov 2023 and go end of life in Nov 2024 i.e. with a 12 month support runway.

Both new cluster provisioning and in-place upgrades of existing AKS clusters are supported.

This release will be promoted from Preview to Production in a few days and will be made available to all customers.

Kubernetes v1.28

Declarative configuration for Cluster Overrides

Cluster overrides

By default, K8s objects require certain values be set inside their specs that match the cluster's configuration. If this were to done within the add-on (or workload) manifest, it would require that many duplicate add-ons (or workloads) would need to be created for a fleet of clusters. To mitigate this, the platform supports cluster overrides. These allow the customer to use a single add-on (or workload) org wide and dynamically inject values into a manifest as it is being deployed to the cluster.

Examples include:

  • Use of a different license key for a security tool based on the business unit

  • Configuration of different resource requests for a monitoring tool based on environment type (test or prod)

  • Dynamic configuration of cluster name during deployment of a load balancer (e.g. AWS Load Balancer)

Bare Metal Replication And Virtualization Environment (BRAVE)

BRAVE (Bare Metal Replication And Virtualization Environment) offers a virtual, cost-efficient, convenient, automated and on-demand tool for executing use cases requiring bare metal infrastructure.

Cost and complexity of bare metal deployments can be prohibitive for a number of non production use cases such as :

  • Creating on-demand labs for conducting quick proof of concepts, demonstrations or experiments
  • Creating testbed environments for development, debugging and automated testing
  • Performing comprehensive architectural and security assessments through construction of proof of concept deployments.

In-place Upgrades to Amazon EKS v1.28 Clusters using Rafay

In our recent release, we added support for in-place upgrades of EKS clusters based on Kubernetes v1.28.

Our customers have shared with us that they would like to provision new EKS clusters using new Kubernetes versions so that they do not have to plan/schedule for Kubernetes upgrades for these clusters right away. As a result, we generally introduce support for new cluster provisioning for the new Kubernetes version first and then follow up with support for zero touch in-place upgrades.

Note

Organizations that wish to perform sophisticated checks for API deprecation etc are strongly recommended to use Rafay's Fleet Operations for Amazon EKS.