Language Selection

English French German Italian Portuguese Spanish

Rancher Labs Releases Slim OS for Its Edge-Focused K3s Platform

Filed under
OS
Ubuntu

Rancher Labs has developed an operating system for its recently launched edge-specific k3s Kubernetes distribution designed for resource-constrained environments and easier management when deployed within the k3s environment.

Sheng Liang, CEO and co-founder of Rancher Labs, said the conveniently named k3OS uses the same declarative syntax as other Kubernetes resources. This allows a user to install and upgrade the k3s platform and the k3OS at the same time.

Users can also use the k3OS platform to model infrastructure-as-a-code, which allows for repeatable cluster deployments and should make the k3s clusters more secure when running in isolated environments. It also has a reduced attack surface that further bolsters its security posture.

Read more

SDTimes on Rancher Labs

  • Rancher Labs combined Linux with Kubernetes in new OS platform

    Rancher Labs today released a new operating system built for its k3s Kubernetes distribution to simplify administration and make k3s clusters even more secure.

    Before k3OS, users of Rancher Labs’ k3s still had to manage the underlying Linux operating system separately, Sheng LIangi, CEO and co-founder of Rancher, told SD Times leading up to the announcement. “We’re combining Kubernetes and our own Linux distribution to manage Linux through Kubernetes,” Liang said. “We treat it as a whole thing. If nodes need to be rebooted, Kubernetes can orchestrate that.” This, he added, decreases the complexity of managing k3s Kubernetes clusters.

    k3OS is based on the Ubuntu kernel with tools from Alpine Linux, LIang explained. By combining Kubernetes and Linux, organizations that haven’t been updating the OS because they’re focused on Kubernetes won’t have to worry. “Even rebooting the operating system can cause an outage” in places where Kubernetes and the operating system are decoupled, Liang said. “Kubernetes clusters are supposed to fail one at a time; they’re not meant to be taken down all at once.”

K3OS: A Kubernetes OS Distro for Edge Computing

  • K3OS: A Kubernetes OS Distro for Edge Computing

    On the heels of its release of k3s, a lightweight Kubernetes distribution designed for the edge, Rancher Labs has announced an accompanying operating system called k3OS.

    The k3OS preview release is available with support for x86 and ARM64. With k3OS, Kubernetes cluster configuration and the underlying OS configuration are defined with the same declarative syntax as other Kubernetes resources, meaning both can be managed together.

    Rancher has been working with a number of customers including wind turbine company Goldwind Smart Energy on using Kubernetes in resource-constrained environments.

    “These customers view Kubernetes less as an application layer, more of a foundational layer,” said Sheng Liang, CEO and co-founder of Rancher Labs.

    “Some of them came from Linux, but many of them actually came from embedded Windows, like Windows XP. They’d have Windows XP running some of these applications sort of like an embedded sort of thing. Running in energy platforms and that sort of thing … If you walk up to an ATM machine or a subway station.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Security Leftovers

  • Why Are Cryptographers Being Denied Entry into the US?

    Is there some cryptographer blacklist? Is something else going on? A lot of us would like to know.

  • Security Engineering: Third Edition

    Today I put online a chapter on Who is the Opponent, which draws together what we learned from Snowden and others about the capabilities of state actors, together with what we’ve learned about cybercrime actors as a result of running the Cambridge Cybercrime Centre. Isn’t it odd that almost six years after Snowden, nobody’s tried to pull together what we learned into a coherent summary?

    There’s also a chapter on Surveillance or Privacy which looks at policy. What’s the privacy landscape now, and what might we expect from the tussles over data retention, government backdoors and censorship more generally?

  • Google halts some business with China's Huawei: report

    Huawei will reportedly no longer be able to access Android updates, the Gmail app, the Google Play store and new versions of Google phones outside of China.

  • Google restricts Huawei's use of Android

    Existing Huawei smartphone users will be able to update apps and push through security fixes, as well as update Google Play services.

    But when Google launches the next version of Android later this year, it may not be available on Huawei devices.

    Future Huawei devices may no longer have apps such as YouTube and Maps.

  • Forget Huawei, The Internet Of Things Is The Real Security Threat
    We've noted for a while how a lot of the US protectionist security hysteria surrounding Huawei isn't supported by much in the way of hard data. And while it's certainly possible that Huawei helps the Chinese government spy, the reality is that Chinese (or any other) intelligence services don't really need to rely on Huawei to spy on the American public. Why? Because people around the world keep connecting millions of internet of broken things devices to their home and business networks that lack even the most rudimentary of security and privacy protections. Week after week we've documented how these devices are being built with both privacy and security as a distant afterthought, resulting in everything from your television to your refrigerator creating both new attack vectors and wonderful new surveillance opportunities for hackers and state actors.

today's howtos

Android Leftovers

A Look At The MDS Cost On Xeon, EPYC & Xeon Total Impact Of Affected CPU Vulnerabilities

This weekend I posted a number of benchmarks looking at the performance impact of the new MDS/Zombieload vulnerabilities that also included a look at the overall cost of Spectre/Meltdown/L1TF/MDS on Intel desktop CPUs and AMD CPUs (Spectre). In this article are similar benchmarks but turning the attention now to Intel Xeon hardware and also comparing those total mitigation costs against AMD EPYC with its Spectre mitigations. This article offers a look at the MDS/Zombieload mitigations on a 1st Gen Skylake Xeon Scalable server as well as a Kabylake Xeon E3 server for reference. Following that is a look at the total CPU vulnerability mitigation costs for 1st Gen Xeon Scalable, 2nd Gen Xeon Scalable (Cascade Lake), and an AMD EPYC 2P server as well for its Spectre mitigations. As expected given Intel's guidance last week of their latest Xeon processors being mitigated for MDS, indeed, the dual Xeon Platinum 8280 Cascade Lake server reported it was not affected by the MDS mitigations and thus not enabled. So for the MDS tests up first it's just some reference results using a dual Xeon Gold 6138 Skylake server running Ubuntu 19.04 with the Linux 5.0 patched kernel and reference results side-by-side for a separate Xeon E3-1275 v6 server. Read more