Known Limitations

Only the "default" namespace is available. You cannot use --all-namespaces in queries

By Design, looking at ways to extend this in the future.

Secrets are not encoded and are stored as plain text.

Secrets need to be bind-mounted to the running container, so cannot be encoded at rest.

Storage resources (Persistent Volumes and Persistent Volume Claims) are not supported

• Volumes using hostPath, configMap and secret are supported

As the devices are single node, and any data stored is "transitory" its not deemed important for long-term persistence. As such, only hostPath storage (bind-mounts) are supported.

DaemonSet and StatefulSet workloads are not supported

These are assumed not needed for IIoT use cases at the far edge.

Only the Portainer Edge agent async capabilities are supported

Portainer async agent is the preferred way of managing far-edge devices

Deploying workloads from private registries is currently not supported

Current constraint, looking at ways to address this.

kubectl exec is not supported

Current constraint, looking at ways to address this.

Helm will fail the installation if a resource that a chart depends on is not supported

By Design. Make sure to include only resources that are supported by k2d when deploying your Helm charts.

kubectl —dry-run=server does not simulate the operations on the server and instead returns the applied resource

This is assumed not needed for IIoT use cases at the far edge.

CRDs are not supported

These are assumed not needed for IIoT use cases at the far edge.

Service Accounts are not supported

By Design, looking at ways to extend this in the future.

Ingress and LB network service types are not supported

By Design, looking at ways to extend this in the future.