Known Limitations

K2D is designed specifically for the far edge, predominately Industrial IOT, where devices are heavily resource-constrained and generally serve a singular purpose.

We have architecturally constrained the Kubernetes API's we support, so as to focus the use of K2D towards the intended use case. The API's we have elected to support are assumed sufficient to deploy and triage the most common IIoT applications, that run on a single node, and in a stateless manner. As a result, there are limitations in Kubernetes instructions that we support.

We are open to extending these APIs based on feedback, so have you say...

Limitation Reason

Limitation	Reason
Only the "default" namespace is available. You cannot use --all-namespaces in queries	By Design, looking at ways to extend this in the future.
Secrets are not encoded and are stored as plain text.	Secrets need to be bind-mounted to the running container, so cannot be encoded at rest.
Storage resources (Persistent Volumes and Persistent Volume Claims) are not supported Volumes using `hostPath`, `configMap` and `secret` are supported	As the devices are single node, and any data stored is "transitory" its not deemed important for long-term persistence. As such, only hostPath storage (bind-mounts) are supported.
DaemonSet and StatefulSet workloads are not supported	These are assumed not needed for IIoT use cases at the far edge.
Only the Portainer Edge agent async capabilities are supported	Portainer async agent is the preferred way of managing far-edge devices
Deploying workloads from private registries is currently not supported	Current constraint, looking at ways to address this.
`kubectl exec` is not supported	Current constraint, looking at ways to address this.
Helm will fail the installation if a resource that a chart depends on is not supported	By Design. Make sure to include only resources that are supported by k2d when deploying your Helm charts.
`kubectl —dry-run=server` does not simulate the operations on the server and instead returns the applied resource	This is assumed not needed for IIoT use cases at the far edge.
CRDs are not supported	These are assumed not needed for IIoT use cases at the far edge.
Service Accounts are not supported	By Design, looking at ways to extend this in the future.
Ingress and LB network service types are not supported	By Design, looking at ways to extend this in the future.

Only the "default" namespace is available. You cannot use --all-namespaces in queries

By Design, looking at ways to extend this in the future.

Secrets are not encoded and are stored as plain text.

Secrets need to be bind-mounted to the running container, so cannot be encoded at rest.

Storage resources (Persistent Volumes and Persistent Volume Claims) are not supported

Volumes using hostPath, configMap and secret are supported

As the devices are single node, and any data stored is "transitory" its not deemed important for long-term persistence. As such, only hostPath storage (bind-mounts) are supported.

DaemonSet and StatefulSet workloads are not supported

These are assumed not needed for IIoT use cases at the far edge.

Only the Portainer Edge agent async capabilities are supported

Portainer async agent is the preferred way of managing far-edge devices

Deploying workloads from private registries is currently not supported

Current constraint, looking at ways to address this.

kubectl exec is not supported

Current constraint, looking at ways to address this.

Helm will fail the installation if a resource that a chart depends on is not supported

By Design. Make sure to include only resources that are supported by k2d when deploying your Helm charts.

kubectl —dry-run=server does not simulate the operations on the server and instead returns the applied resource

This is assumed not needed for IIoT use cases at the far edge.

CRDs are not supported

These are assumed not needed for IIoT use cases at the far edge.

Service Accounts are not supported

By Design, looking at ways to extend this in the future.

Ingress and LB network service types are not supported

By Design, looking at ways to extend this in the future.

PreviousAdvanced Configuration

Last updated 1 year ago