Skip to content

Mar

v3.2 Update 2 - SaaS

25 Mar, 2025

Ingress NGINX Add-on Versions Updated in Helm Catalog

New patched versions of the Ingress NGINX add-on have been added to the Helm catalog, addressing a critical unauthenticated Remote Code Execution (RCE) vulnerability.
More info: wiz.io blog

Added Versions

  • v1.12.1
  • v1.11.5

These versions are now available in the Helm catalog and can be used while creating or updating blueprints.

Action Required

  • Create a new blueprint version using the updated Ingress NGINX add-on from the catalog
  • Apply the updated blueprint to your clusters to roll out the fix.

Ingress NGINX Version Update

v1.1.44 - Terraform Provider

11 Mar, 2025

A new version of the Terraform provider has been released.

This version includes the following bug fix.

Bug Fix

Bug ID Description
RC-40716 Fixed an issue where AKS cluster blueprint sync was failing due to the create_account operation.

v3.2 Update 1 - SaaS

05 Mar, 2025

The section below outlines enhancements introduced in this update.

Platform as a Service (PaaS)

Info

The PaaS feature is feature flagged. The enhancements described below are available to customer orgs only if the feature flag is enabled.

Clone Profiles

Administrators can now clone compute and service profiles. This substantially reduces the administrative burden associated with creation of new compute and service profiles. Typical use cases are:

  • Clone to same project e.g. admin wants to create a new profile based on an existing profile
  • Clone to a different project e.g. admin wants to onboard a new user or team in a new project

Clone Profile

Note

Please ensure that the environment template associated with the compute/service profile is also shared/available in the new project.

List Service Instances on Compute Instances

Service instances can be launched into compute instances. Users may not know which service instances have been deployed on a specific compute instance. With this enhancement, compute instances listed in the PaaS Studio and the end user facing Developer Hub now display the service instances deployed on it. For example, in the image below, the end user can immediately tell that a service called "qa-notebook" has been deployed to the compute instance "small-qa".

Service Instances on Compute Instance

Global Settings for Providers

Service Providers (e.g. NCPs) and Enterprises providing GPU Cloud or org-wide PaaS can use the Rafay Operations Console to centrally manage settings for compute and service profiles that are shared with downstream customer's Orgs (i.e. tenants). These settings can be configured to apply to "ALL" or "SPECIFIC compute and service profiles. For example,

Centralized Agents

Associate "agents" for workflow execution in compute and service profiles. When end users in downstream orgs launch compute and service instances, the associated environment template will ALWAYS utilize the agent configured under global settings for execution of the workflow.

In the example below, the service provider has specified three "agents" in the global settings YAML file. With this specified centrally, there is no longer the need to explicitly specify agents in the environment template or the compute/service profile.

agents:
  - alpha
  - beta
  - gamma

Soft Limit Enforcement for Compute Profiles

Centrally manage "soft limits" (aka quotas) for compute profiles to help enforce "max compute instances" for a specific compute profile that can be deployed in a customer Org. For example, the provider may wish to enforce "soft limits" for the max number of compute instances for a specific compute profile.

  • Specify a max-instance quota of "5" for the "small" compute profile
  • Downstream Orgs "Apple" and "Mango" can now each launch and operate a maximum of "5" compute instances of type "small"
  • Users will be shown an error message enforcing the quota/soft limit if they attempt to launch a 6th compute instance.
profiles:
  - name: small
    quota:
      max-instances: 5

In the image below, you can see the

Global Settings for All Orgs

Org Specific Settings

Org Administrators can also centrally manage settings for compute and service profiles for specific their tenant orgs.

Usage APIs for Billing

Fine grained APIs are now available for service providers to programmatically retrieve data to perform billing related calculations.

  • 1. Instance Usage for All Orgs This API provides aggregate usage per instance and the respective billable parameters across all the Orgs.

  • 2. Instance Usage API for Org This API provides aggregate usage per instance and the respective billable parameters for a given Org.

  • 3. Profile Usage for All Orgs This API provides aggregate usage per profile (i.e. SKU) and the respective billable parameters across all the Orgs.

  • 4. Profile Usage for Org This API provides aggregate usage per profile (i.e. SKU) and the respective billable parameters for a given Org.

Info

Navigate to Rafay's Open API Explorer to explore the new Billing APIs

Sequence for Compute & Service Profiles

PaaS Admins can now specify in what sequence/order the compute and service profiles will be presented to end users in the Developer Hub.

  • The profiles with the heaviest weights sink
  • If there is no weight configured, it is considered infinity
  • The order of the profiles with weights 10, 30, 40, 100 would present the profiles in a sequence "1, 2, 3 and 4" in the Developer Hub.

Weights for Profiles