Due to upgrade issues with the Envoy gateway and the offline installation environments, upgrading to MKE 4k 4.1.3 is not recommended. These issues are fixed in the 4.1.4 release. For version 4.1.3, Mirantis only supports fresh installations.
Features Summary#
The feature summary offers a high-level view of MKE 4k product functionality.
| Feature | Detail | Learn more |
|---|---|---|
| Authentication | MKE 4k uses Dex for authentication, which serves as a proxy between MKE 4k clusters and authentication providers. Dex supports the following authentication protocols: * Basic authentication * OIDC * SAML * LDAP SCIM, which is supported in MKE 3, is not supported in MKE 4k. |
Configure OIDC service for MKE, Configure SAML service for MKE, Configure LDAP service for MKE 4k |
| Authorization | MKE 4k uses standard Kubernetes RBAC authorization. | Authorization |
| Backup and restore | MKE 4k supports backup and restore operations. | Backup and Restore. |
| Container Network Interface | MKE 4k supports Calico OSS (operating in KDD mode) as the CNI for cluster networking. | Network configuration |
| CoreDNS Lameduck | MKE 4k supports the use of lameduck mode for CoreDNS. | CoreDNS Lameduck: Configuration |
| GPU Feature Discovery | MKE 4k supports running workloads on NVIDIA GPU nodes and GPU node discovery. NVIDIA MIG is not supported. | NVIDIA GPU Workloads |
| Ingress | Ingress controllers abstract the complexity of Kubernetes application traffic routing and provide a bridge between Kubernetes services and external ones. | Ingress, Gateway API, Kubernetes Ingress, TCP and UDP services |
| Kubernetes | MKE 4k deploys Kubernetes 1.32. | Kubernetes components |
| Licensing | MKE 4k requires the use of a license for lawful use. | Licensing MKE 4k |
| Load balancing | MKE 4k supports the use of MetalLB to create Load Balancer services, offering such features as address allocation and external announcement. | MetalLB load balancer |
| Logging, Monitoring and Alerting | MKE 4k monitoring setup is based on the kube-prometheus-stack, which offers a comprehensive solution for collecting, storing, and visualizing metrics. | Monitoring tool: Prometheus, Monitoring tool: cAdvisor |
| MKE 4k CLI (mkectl) | The MKE 4k CLI tool, mkectl, can be installed automatically using an install.sh script, or it can be installed manually. | Install the MKE 4k CLI (mkectl) |
| MKE 4k Dashboard | MKE 4k provides a web-based user interface that enables the management of Kubernetes resources in an MKE-managed cluster. | MKE 4k Dashboard |
| Node Feature Discovery (NFD) | Node Feature Discovery (NFD) detects the hardware features that are available on each node in a Kubernetes cluster, and advertises the detected features through node labels. | Node Feature Discovery: Configuration (NFD) |
| NodeLocalDNS | NodeLocalDNS runs a local DNS caching agent on each node in the MKE 4k cluster, improving performance by caching DNS responses locally and reducing latency, compared to resolving external DNS records through a centralized CoreDNS service. | NodeLocalDNS |
| Policy Controller | MKE 4k allows installation of third-party policy controllers for Kubernetes. Currently, OPA Gatekeeper is the only supported policy controller. | OPA Gatekeeper |
| Support Bundle | Support bundles for MKE 4k can be generated directly from the command line. | Create a support bundle |
| Telemetry | MKE 4k can be set to automatically record and transmit data to Mirantis through an encrypted channel, for monitoring and analysis purposes. | Enable telemetry through the MKE 4k CLI, Enable telemetry through the MKE 4k web UI |
| Airgap (offline installation) | MKE 4k can be deployed in an airgap environment. | Offline Installation |
| Networking: Multus | Multus CNI support | Multus |
| Child clusters | MKE 4k 4.1.1, equipped with Mirantis k0rdent Enterprise 1.1.0 by default, enables the deployment of MKE 4k child clusters from an MKE 4k mothership cluster. | Child clusters |
| Custom CA certificates | MKE 4k supports custom registries with TLS certificates from private, self-signed Certificate Authorities (CAs). | TLS certificates |
| SSH bastion jump host | MKE 4k supports access to cluster nodes through an SSH bastion jump host. | Set up SSH bastion host |
| Disaster recovery | MKE 4k offers a disaster recovery process that involves the bootstrapping of a new cluster, creation of a single node cluster from a backup, and the subsequent joining of manager and worker nodes to that new cluster. host. | Disaster recovery |