Skip to content

Platform Lifecycle & Compatibility

The core value of Cyberun Cloud lies in "Validated Stability." We do not blindly chase the bleeding edge; instead, we ensure every line of configuration meets enterprise production standards through rigorous Release Engineering.

This document outlines our component selection philosophy and version support strategy.

Versioning Policy

We adhere to a "Follow Upstream LTS" principle, ensuring platform components are always within their security maintenance windows.

1. Kubernetes Core

  • Policy: N-2 Support. We actively support the latest 3 minor versions of upstream Kubernetes.
  • Upgrade Cadence: When a new upstream stable version is released, we conduct a 4-8 week compatibility test period (including regression testing for CSI storage drivers and CNI plugins) before pushing it to managed environments.

2. Linux Kernel & OS

  • Baseline: Based on Ubuntu LTS or similar enterprise-grade distributions.
  • Kernel Requirement: We lock to the HWE (Hardware Enablement) kernel branch to ensure native support for the latest eBPF features (required by Cilium) and NVMe performance optimizations.

3. Cloud-Native Networking (Cilium)

  • Selection Standard: We strictly use the Stable branch and ensure the version has passed large-scale WireGuard stress testing.
  • Feature Locking: All eBPF capabilities (e.g., Hubble observability, L7 policies) are locked at the code level to prevent accidental breakage during upgrades.

Validation Pipeline

Before any change reaches your production environment, it must pass our rigorous "Three-Tier Validation Funnel":

  1. Unit Compatibility: Automated validation of Helm Chart schemas and dependencies.
  2. Integration Test: Simulating a full-stack deployment in a sandbox environment, including automated K8s upgrade tests and disaster recovery drills.
  3. Canary Release: Updates are first pushed to internal Edge nodes. Only after 48 hours of fault-free operation are they marked as Stable and distributed to partners.

Note: Specific component versions may update automatically via GitOps for security patches. Please refer to versions.yaml in your delivery repository or Release Notes for real-time information.