Features Summary
The feature summary offers a high-level view of MKE 4 product functionality, as well as information on features that Mirantis is working to include in future releases of of the software.
Available features
Features that are available in MKE 4 are detailed in the following table:
Feature | Detail | Learn more |
---|---|---|
Authentication | MKE 4 uses Dex for authentication, which serves as a proxy between MKE clusters and authentication providers. Dex supports the following authentication protocols: * Basic authentication * OIDC * SAML * LDAP SCIM, which is supported in MKE 3, is not supported in MKE 4. | Configure OIDC service for MKE, Configure SAML service for MKE, Configure LDAP service for MKE |
Authorization | MKE 4 uses standard Kubernetes RBAC authorization. | RBAC Migrations |
Backup and restore | MKE 4 supports backup and restoration of cluster data through the use of the Velero add-on. System backup is enabled by default. | Back up using an external storage provider, Back up with an in-cluster storage provider |
Cloud providers | MKE 4 directly supports the use of AWS for managed cloud service provision. Different cloud service providers can be put to use, though doing so requires manual configuration. | Cloud providers: Configuration |
Container Network Interface | MKE 4 supports Calico OSS (operating in KDD mode) as the CNI for cluster networking. | Network configuration |
CoreDNS Lameduck | MKE 4 supports the use of lameduck mode for CoreDNS. | CoreDNS Lameduck: Configuration |
GPU Feature Discovery | MKE 4 supports running workloads on NVIDIA GPU nodes and GPU node discovery. NVIDIA MIG is not supported. | NVIDIA GPU Workloads |
Ingress | Ingress controllers abstract the complexity of Kubernetes application traffic routing and provide a bridge between Kubernetes services and external ones. | Ingress controller, TCP and UDP services |
Kubernetes | MKE 4 deploys Kubernetes 1.31. | Kubernetes components |
Licensing | MKE 4 requires the use of a license for lawful use. | Licensing MKE 4 |
Load balancing | MKE 4 supports the use of MetalLB to create Load Balancer services, offering such features as address allocation and external announcement. | MetalLB load balancer |
Logging, Monitoring and Alerting | MKE 4 monitoring setup is based on the kube-prometheus-stack, which offers a comprehensive solution for collecting, storing, and visualizing metrics. | Monitoring tool: Prometheus, Monitoring tool: Grafana, Monitoring tool: cAdvisor, Monitoring tool: OpsCare (Under development) |
MKE CLI | The MKE CLI tool, mkectl is the MKE 4 CLI tool. It can be installed automatically using an install.sh script, or it can be done manually. | Install the MKE CLI |
MKE Dashboard | MKE 4 provides a web-based user interface that enables the management of Kubernetes resources in an MKE-managed cluster. | MKE Dashboard |
Node Feature Discovery (NFD) | Node Feature Discovery (NFD) detects the hardware features that are available on each node in a Kubernetes cluster, and advertises the detected features through node labels. | Node Feature Discovery: Configuration (NFD) |
Policy Controller | MKE 4 allows installation of third-party policy controllers for Kubernetes. Currently, OPA Gatekeeper is the only supported policy controller. | OPA Gatekeeper |
Support Bundle | Support bundles for MKE 4 can be generated directly from the command line. | Create a support bundle |
Telemetry | MKE 4 can be set to automatically record and transmit data to Mirantis through an encrypted channel, for monitoring and analysis purposes. | Enable telemetry through the MKE CLI, Enable telemetry through the MKE web UI |
Features under development
New features that Mirantis plans to introduce in upcoming MKE 4 releases include:
- Additional cloud providers
- Custom admission controllers: OPA Gatekeeper or Kyverno EE or CE only
- Life Cycle Management for components
- Networking: Cillium
- Offline Bundle
- Scheduled backups
- STIG
In addition, Mirantis is working to integrate various key MKE 3 features into MKE 4, including:
- Two-factor authentication (2FA)
- Audit logging
- etcd enhancements
- CIS Benchmarks
- Client bundle
- Image pruning
- KMS/Vault
- Networking: Multus
- Node Local DNS
- OpsCare Plus
- Storage (CSI)
- Windows function
Unsupported features
Mirantis does not support the following functions:
- Networking: IPVS, eBPF, Unmanaged CNI
- Profiling on Kubernetes and MKE components
- Custom feedback UI
- Account Lockout
- User session properties
- gMSA
- SCIM
- Swarm
- DCT (Docker Content Trust)
Last updated on