Rancher Labs Introduces Lightweight Operating System for k3s to Improve Security for Kubernetes OperationsApril 25, 2019
Rancher Labs, a leading provider of container management software, announced k3OS, a new operating system purpose-built for its popular k3s Kubernetes distribution. Announced in February, k3s is a lightweight Kubernetes distribution designed for developers and operators looking to run Kubernetes in resource-constrained environments. With k3OS, Kubernetes cluster configuration and the underlying OS configuration are defined using the same declarative syntax as other Kubernetes resources. This enables developers and operators to install and upgrade k3s and the underlying operating system at the same time. It also allows them to benefit from modeling infrastructure-as-code for reliable, repeatable cluster deployments. This approach simplifies the administrator experience and makes k3s clusters even more secure when running in low-touch computing environments.
“While Kubernetes can be installed on any Linux distribution, separately patching and upgrading it along with the underlying operating system can be complex. A misconfiguration or security hole in system services can compromise the entire Kubernetes cluster. With k3OS, users never have to worry about unscheduled operating system upgrades, and security patches will be applied for the entire software stack in just one step,” said Sheng Liang, CEO and co-founder of Rancher Labs. “As a combined Linux and Kubernetes distro, k3s running on k3OS will have the smallest attack surface and the simplest upgrade process of any Kubernetes installation.”
An Ideal OS for Low-Touch Kubernetes Operations
Although k3OS works in public clouds and virtualization clusters,
it is particularly useful in low-touch environments like edge computing.
“As the second largest wind turbine
manufacturer in the world, we’ve been working with Rancher over the last year
to develop the new Kubernetes distro k3s,” says Wei Zhang, VP of
technology at Goldwind Smart Energy. “k3OS is the next step of technology
evolution that helps bring our vision of fully automated and highly secure
Kubernetes clusters on thousands of edge locations world-wide.”
Key features of k3OS include:
- Fast install: k3OS boots in 10 seconds, with k3s immediately available.
- Easy configuration: Cloud-initenables automatic configuration of k3s during the boot sequence, turning it from a generic image into a configured k3s instance quickly and easily.
- Simplified patches and upgrades: Administrators can manage the Kubernetes distro and Linux distro from a common set of YAML files, and leverage Kubernetes to orchestrate the rollout of operating system upgrades.
- Purpose-built for k3s: Essential system services such as ssh, udev, bash and iptables are built into the distribution image. No package manager is required.
- Ubuntu kernel: Rancher leverages the excellent track record of Canonical’s Ubuntu server kernel team to ensure timely security updates for k3OS and comprehensive device support.
support: x86_64 support available now & Arm support available soon.
“GitLab provides a complete solution
for the entire DevOps lifecycle. By working with k3OS and k3s, GitLab continues
its investment in cloud native technologies, providing users the ability to
control the deployment and configuration of Kubernetes and Linux with a single
operational process,” said Brandon Jung, VP of Alliances at GitLab. “GitLab
looks forward to working with customers implementing k3OS and k3s. ”
Rancher Labs plans to ship a production-ready GA release later this year. In the meantime, developers who are interested in downloading, installing and playing with this new purpose-built operating system should follow the project on k3OS.io.