This topic provides information about the technical support for the StackRox Kubernetes Security Platform and details about other supported software and infrastructure. Review this information before you install the StackRox Kubernetes Security Platform.
Red Hat has closed the transaction to acquire StackRox , and it now offers the StackRox Kubernetes Security Platform as Red Hat Advanced Cluster Security for Kubernetes (ACS) as an acquired offering.
For more details about the supported browsers, platforms, and support life cycle, see the new Red Hat Advanced Cluster Security for Kubernetes Support Policy.
- If you have an existing support relationship with us, we’ll honor it for its duration. Other platforms not listed in the new support policy are grandfathered with the support policy on this page.
We support the StackRox Kubernetes Security Platform versions for up to 6 months after its release, which corresponds to the previous 9 released versions. We’ll make reasonable efforts and assist you in supporting some older versions. However, we might request you to upgrade to a newer released version of the StackRox Kubernetes Security Platform for full support.
For the StackRox Kubernetes Security Platform, we support:
- The latest released version (which we’ll refer to as N).
- 9 earlier versions.
The support window of the StackRox Kubernetes Security Platform versions is known as N-9: (N (Latest release) - 9 (earlier versions)).
Along with our N-9 support window, we might support version N-10 to N-13, depending on a case-by-case basis. We won’t support any earlier versions than N-13.
We support a platform version based on the upstream (or vendor) product’s support lifecycle for that version. When a platform version support reaches its end-of-life (EOL) or isn’t actively maintained, we no longer support it.
We don’t support:
- installing the StackRox Kubernetes Security Platform on Minikube and other similar single-node clusters.
- Amazon Elastic File System (Amazon EFS), use the Amazon Elastic Block Store (Amazon EBS) with the default GP2 volume type instead.
- older CPUs that don’t have the Streaming SIMD Extensions (SSE) 4.2 instruction set, for example Intel processors older than Sandy Bridge and AMD processors older than Bulldozer. (Both of these processors were released in 2011.)
|Ubuntu||16.04 LTS, 18.04 LTS, and 20.04 LTS with standard or cloud-provider-specific kernel versions.|
|Red Hat Enterprise Linux||7.3 till 7.9, 8.0 and newer|
|Fedora CoreOS||Stable stream 32.20200824.3.0 and newer|
|Flatcar Container Linux||2023.4.0 and newer|
|Google COS||77 and newer|
|Garden Linux||27.0 and newer|
CRI-O and runC support is available starting from the StackRox Kubernetes Security Platform version 188.8.131.52.
|Container orchestrators and platforms||Version|
|Kubernetes1||1.15 and newer|
|OpenShift||3.10, 3.11, 4.1 and newer|
|DC/OS Kubernetes2||2.0.0 and newer|
- We support new versions of Kubernetes within 3 months of their open-source general-availability release. You may need to upgrade the StackRox Kubernetes Security Platform to get support for the latest Kubernetes versions. See the Kubernetes support section for more details.
- DC/OS support is available starting from the StackRox Kubernetes Security Platform version 184.108.40.206.
The following table lists the minimum version of the StackRox Kubernetes Security Platform we support based on the Kubernetes version.
|Kubernetes version||StackRox minimum support version|
|1.15, 1.16, 1.17||220.127.116.11|
We support recent Kubernetes and OpenShift versions, and test on managed Kubernetes service from all major cloud providers, including:
Collector won’t install on GKE clusters if you enable secure boot because third-party unsigned (not signed by Google’s CA) kernel modules can’t be loaded when secure boot is enabled.
Along with other types of clusters, we also support clusters created by using the kops - Kubernetes Operations tool with the default configurations on Amazon Web Services (AWS).
We're happy to help! Reach out to us to discuss questions, issues, or feature requests.