Support for air gap instance records. Enterprise Portal allows users to create air gap instance records either manually or with a support bundle. Since air gap instances are not connected to the internet, these air gap instance records can be used to create a record of the instance for the purpose of tracking updates. To get access to the Enterprise Portal BETA, reach out to your account representative.
Improved handling for certificate authorities (Embedded Cluster 2.6.0). In 2.6.0, Embedded Cluster automatically uses whatever existing CA is trusted on the host rather than requiring the user to manually specify a CA with the [.inline]--private-ca[.inline]. This update aligns with existing standards for handling CAs used by other Linux tooling like [.inline]curl[.inline]. Additionally, as part of this change, the [.inline]--private-ca[.inline] flag is deprecated.
Added support for Kubernetes 1.31 (Embedded Cluster 2.6.0).
External image registries show the image path. For images stored in external registries, the full image path is now displayed on the Vendor Portal Images page. This update makes it easier for vendors to reference the correct image location in their Helm charts so the images can be pulled through the Replicated proxy registry.
Better minimal RBAC support for the SDK (SDK 1.7.0). The SDK’s new minimalRBAC Helm value enables the SDK to create the least permissive role required to work with the vendor’s application. This improvement allows vendors to better serve enterprises that are security-minded and don’t want to give applications more access than they need. (Docs)
SDK image can be pulled from proxy.replicated.com or a custom domain (SDK 1.7.0). The SDK image can now be pulled through the Replicated proxy registry. This helps minimize the number of endpoints that enterprise customers must allowlist, and also allows vendors to use their proxy registry custom domain when pulling the SDK image. Docs.
Access the Replicated SDK API endpoints over HTTPS (SDK 1.6.0). Enterprises can now put a TLS certificate and key in a Kubernetes Secret and provide the name of that Secret to the SDK Helm chart using the [.inline]tlsCertSecretName[.inline] value. This can be useful for enterprise customers that require communication between Kubernetes Pods to occur over HTTPS. Docs.