October 24, 2023

Palette 4.1 is here. What’s new?

Anton Smith
Anton Smith
Director of Product

We announced Palette 4.0 back in July, bringing with it some pretty big features, like Virtual Machine Orchestrator (VMO), and our “FIPSified” edition for government, Palette VerteX.

But that doesn’t mean we’ve taken our foot off the gas. We’ve just updated Palette to version 4.1, introducing a host of new capabilities large and small. For all the details, check out our release notes, but here’s a whistlestop tour of what’s new and why it matters to you.


We’re seeing more customers than ever turn to Palette to help them navigate the complexities of running Kubernetes at the edge — that’s why we’re pioneering with innovations like EdgeAI and our 2-node HA capabilities, both heading into tech preview soon. 

With 4.1, we’ve added several new capabilities. You can now:

  • Specify hostname, subnet, gateway, and DNS server fields when configuring nodes in an edge cluster — an important extra layer of customization and control, particularly useful when users want to specify static network configurations.
  • Automatically take snapshots of your etcd state store, without any user intervention — providing a way to recover data in the event that your etcd store is corrupted due to sudden power failures and other uncontrolled shutdowns common in edge environments.
  • If you’re a Hashicorp house, you’re in luck: with Palette 4.1 you can now use the import command for edge clusters through Terraform, and we’ve added support for Vault for edge clusters too.


The Spectro Cloud Government team is on the road again, skipping KubeCon to head to TechNet in Hawaii, followed by Alamo Ace with our partners Valiant-X. We’ve been talking to customers and partners and pushing hard to refine and expand VerteX in response to this feedback, making it more flexible and more secure. As a result in 4.1 you can now:

  • Include Non-FIPS infrastructure packs in your Cluster Profiles, with full control to do so provided to administrators.
  • Deploy clusters to the commercial Azure IaaS service, in addition to AWS GovCloud and Azure Government Cloud.
  • Most excitingly, we’re enhancing VerteX in air-gapped environments, for those organizations with strict operational requirements and security standards.

Virtual Clusters

Our customers have surprised us with their creativity, applying Virtual Clusters in a range of use cases beyond what we’d originally scoped. So we’ve invested in beefing up what Virtual Clusters can do, and in 4.1 you’ll find you can:

  • Apply “add on” Cluster Profiles to individual Virtual Clusters from Palette’s cluster mode.
  • Enforce the use of base base add-on profiles across Virtual Clusters, for a more consistent enterprise-wide user experience.
  • Use upstream CNCF Kubernetes as the distribution for Virtual Clusters, in addition to K3s.

Enforcing base add-on profiles is an important new capability that allows platform teams to ensure that every self-service virtual cluster created has platform-team-defined profiles running on them, for example security or monitoring and reporting software.

These features significantly enhance the flexibility and control platform teams have over the deployment and management of virtual clusters. It doesn’t end there, though, as we have also introduced additional Enterprise-grade control with OIDC for virtual clusters.


Last but not least, we continue to enhance our core Palette Enterprise solution for clouds and data centers, with 4.1 bringing:

  • MAAS tag placement, which allows a cluster admin to designate MAAS tags to influence the placement of Kubernetes nodes to specific bare-metal servers managed by MAAS. This is particularly useful for system admins managing a large number of physical machines in MAAS and planning to deploy bare-metal Kubernetes clusters.
  • Support for Azure AKS Control Plane Free Tier for development and AKS Automatic Upgrade Channels for a "set once and forget" upgrade mechanism, ensuring clusters stay updated without missing the latest features or patches from AKS and upstream Kubernetes.
  • Proactive cluster repave notifications, which warn you when certain user specified configuration changes trigger a “repave”, helping you manage interruption to mission-critical systems.
“What is a repave? Palette utilizes a declarative state model for managing clusters and nodes. When a new state is specified as a result of making changes to a cluster, nodes are rebuilt in order to reflect the new state. This is called a ‘repave’. Read more here.”

Palette 4.0 repave
  • The ability to constrain Palette agents to control plane nodes, allowing operators to tighten security even further and introduce tighter network policies.
  • Support for the Rancher RKE2 distribution on AWS with Ubuntu 20.04 LTS — and we expect to extend this support to other cloud providers in subsequent releases.
  • Support for Kubernetes 1.28 “Planternetes” on selected cloud environments, keeping Palette updated with the latest Kubernetes release. Kubernetes 1.28 brings exciting new features, not least of which is sidecar container support.
Kubernetes 1.28

Stay tuned for more!

As always, we’re proud of the innovations we’ve introduced in this 4.1 release, and we remain totally committed to enhancing what Palette can do, in line with your feedback and evolving needs.

We’re already hard at work on version 4.2. Make sure you sign up for email updates and join our Slack community to be the first to hear about what’s new. Until then, please take a look at what’s new in 4.1 and let us know your feedback!

Using Palette
Thought Leadership
Subscribe to our newsletter
By signing up, you agree with our Terms of Service and our Privacy Policy