Skip to content

June

v4.2 Update 1 - SaaS

Amazon EKS

Kubernetes v1.36

New EKS clusters can now be provisioned based on Kubernetes v1.36. Existing clusters can also be upgraded in-place to Kubernetes v1.36.

Note

Kubernetes v1.36 Ubuntu AMIs are not yet published by AWS. As a result, you cannot create or upgrade Ubuntu node groups on Kubernetes v1.36 clusters until AWS makes these AMIs available.

MCP Server Support

The Rafay MCP Server is now enabled for all organizations. This release provides read-only access to supported Rafay resources and to queries related Kubernetes resources on clusters via ZTKA (kubectl).

Bug Fixes

This release also includes bug fixes.

v4.2 - SaaS

Upstream Kubernetes for Bare Metal and VMs

Simplified MKS Version Selection

Users can now specify the Kubernetes version in major.minor format (for example, 1.34) when creating or upgrading MKS clusters using rctl or TF Provider. The platform automatically resolves the request to the latest supported patch release (for example, 1.34.7) during provisioning.

Benefit

Simplifies cluster lifecycle management by automatically adopting the latest patch release within a Kubernetes minor version, reducing template maintenance and operational overhead.

This behavior aligns with managed Kubernetes services such as Amazon EKS. The UI continues to require the full major.minor.patch version format.

Amazon EKS

Simplified Cross-Account Trust for Child Accounts

The cross-account access model used by the Cross Account Role ARN workflow for EKS lifecycle management in child accounts has been improved. Previously both the master and child accounts had to trust Rafay's delegate account. Now only the master account needs to trust Rafay's delegate account and each child account simply trusts the master account child accounts no longer need to reference Rafay's delegate account at all. Both the existing and new trust configurations continue to work.

Benefit

Simplifies onboarding by removing the need to grant Rafay's delegate account direct trust in every child account.

Aligns with AWS best practices by keeping cross-account trust scoped through the master account.

Combined Cluster Lifecycle Operations

Customers can now update cluster blueprints and perform managed node group upgrades (Kubernetes version and/or node image upgrades) as part of a single operation. Rafay automatically orchestrates the required workflow and execution order, eliminating the need to perform these changes sequentially.

Benefit

Reduces maintenance windows and operational complexity by enabling multiple cluster lifecycle changes to be executed in a single coordinated workflow.

Supported Scenarios

  • Blueprint + Kubernetes Upgrade
    Update the cluster blueprint and upgrade the managed node group's Kubernetes version through a single operation.

  • Blueprint + Node Image Upgrade
    Apply a new blueprint version while simultaneously upgrading the underlying node image for managed node groups.

  • Service Account & Add-on Updates
    Service account updates and add-on updates can also be combined and applied in a single operation.

Delete Protection

Support has been added for Amazon EKS Delete Protection to help prevent accidental cluster deletion. When enabled, a cluster cannot be deleted until delete protection is explicitly disabled, providing an additional safeguard for production and mission-critical environments.

Benefit

Helps prevent accidental cluster removal and reduces the risk of service disruption by adding an extra layer of protection for critical environments.

EKS Delete Protection

For more information about configuring Delete Protection for Amazon EKS clusters, see the EKS Provisioning documentation.

Google GKE

Kubernetes v1.35

Added support for Kubernetes v1.35 for both new cluster creation and cluster upgrades.

GKE Kubernetes v1.35

GKE Release Channel Support

Rafay now supports Google Kubernetes Engine (GKE) Release Channels, allowing customers to select and manage the release channel for each cluster during new cluster provisioning.

Benefit

Provides greater control over Kubernetes upgrade timing by allowing organizations to align GKE upgrades with internal testing, change management, and promotion processes.

GKE Release Channels determine the cadence at which Kubernetes versions and platform updates are made available and automatically applied to clusters. With this release, customers can configure the appropriate channel for each cluster based on their operational requirements and risk tolerance.

New clusters only

In this release, release channel support is available only for new clusters. Support for existing clusters will be available in a future release.

Customers can now:

  • Select a release channel during cluster creation (Day 0 operations)
  • Align cluster upgrade schedules with internal governance and release processes
  • Prevent unexpected upgrades in production environments

Release channel

For more information about configuring GKE release channels during cluster provisioning, see the GKE Provisioning documentation.

Azure AKS

Kubernetes v1.35

Added support for Kubernetes v1.35 for both new cluster creation and cluster upgrades.

AKS Kubernetes v1.35

Native MCP Server Support

Operations

Rafay now provides a native Model Context Protocol (MCP) Server that enables MCP-compatible AI assistants to interact with Rafay-managed infrastructure using natural language. Customers can deploy the MCP Server within their own environment and connect it to their preferred AI clients while maintaining existing security and governance controls.

Rafay MCP Server is integrated with Rafay's RBAC model and platform intelligence, ensuring AI assistants only access data and perform actions that the user is authorized to access.

In this release, you can list and describe a defined set of Rafay resources. You can also list and describe Kubernetes resources directly on clusters, where the MCP Server uses ZTKA (Zero Trust Kubectl Access) to interact with the cluster. This helps users quickly identify issues, understand fleet-wide health, and troubleshoot deployments.

The following Rafay resources are supported in this release:

  • Clusters
  • Blueprints
  • Add-ons
  • Workloads
  • Environments and related resources (config contexts, environment templates, resource templates, and workflow handlers)
  • Agents
  • Namespaces

The MCP Server exposes the following tools in this release:

  • rafay_list — List supported Rafay resources.
  • rafay_get — Retrieve information about a specific resource.
  • rafay_describe — Get a detailed, human-readable description of a resource.
  • rafay_execute — Run supported read-only queries and troubleshooting requests.

Current Scope

This release is read-only for discovery and troubleshooting. Full create, update, and delete support for end-to-end lifecycle management is planned for a future release.

Example Queries

  • Which clusters in my fleet are currently unhealthy?
  • Summarize the health status of all clusters across projects.
  • Identify failed blueprint deployments in the last 24 hours.
  • Why is a specific workload or pod unhealthy?
  • What recent deployment failures require attention?
  • Which clusters are not compliant with the approved blueprint version?

MCP server

For more information, see the MCP Server documentation and the Bring Rafay Into Your AI Workflows with the Rafay MCP Server blog post.

Environment Manager

HPA Support for Function Workflow Handlers

Environment Manager now supports Horizontal Pod Autoscaling (HPA) for Function Workflow Handlers. Administrators can configure autoscaling policies based on CPU and memory values or utilization, allowing function handlers to automatically scale between configured minimum and maximum replica counts as workflow demand changes.

Benefit

Improves scalability and performance for workflow execution by automatically scaling function handlers based on demand

Function Workflow Handlers are designed to process large numbers of requests efficiently. With HPA enabled, the platform can dynamically add capacity as request volume increases.

Note: HPA support requires the latest agent version and must be explicitly enabled. Existing environment templates continue to operate without change.

HPA

For more information about configuring Horizontal Pod Autoscaling (HPA) for Function Workflow Handlers, see the HPA Configuration documentation.

GitOps

Agent Upgrades via non-UI interfaces

Rafay now supports GitOps agent upgrades through non-UI interfaces, including APIs, RCTL, Terraform Provider, and GitOps. Previously, GitOps agent upgrades could only be performed through the Rafay UI.

Benefit

Enables automated GitOps agent lifecycle management without relying on manual UI operations.

Workloads

Enhanced Support for Multiple Helm Values Files

Rafay now supports multiple Helm values files across both chart repositories and external override repositories. All referenced values files are processed and merged in the specified order during workload deployment.

Benefit

Enables flexible configuration management by allowing teams to separate application charts from environment-specific overrides while supporting layered Helm configurations across multiple repositories.

This enhancement supports the following deployment models:

  • Helm chart and values files stored in the same Git repository
  • Helm chart stored in one Git repository with values files stored in a separate override repository
  • Helm chart stored in an Artifactory Helm repository with values files stored in an override Git repository

Customers can now define multiple values files from both the chart source and external override repositories, enabling reusable base configurations with environment-specific customization layers.

Previously, when multiple values files were referenced from an external repository, only the first values file was processed. This limitation has been removed, and all specified values files are now correctly merged and applied during deployment.

Multiple values files

v1.1.65 - Terraform Provider

An updated version of the Terraform provider is now available.

The following enhancements are included in this release:

rafay_eks_cluster: Added delete protection support. For an example with this field, see eks_cluster.

rafay_gke_cluster: Added release channel support. For an example with this field, see gke_cluster.

Environment Manager resources — Added optional multi_select support in input variables, allowing selection of multiple keys/values from restricted options. When enabled the value field holds a JSON array of the selected keys/values.

Affected resources:

  • rafay_config_context
  • rafay_driver
  • rafay_environment
  • rafay_environment_template
  • rafay_resource_template
  • rafay_workflow_handler

Note

Windows ARM 32-bit is no longer supported.