Components for building Enterprise Kubernetes platforms

SUSE RKE/ RKE 2 is a scalable, fully secure and fast deployable Kubernetes platform. It allows you to build a Kubernetes cluster in your organization without incurring large capital expenditures. Like other SUSE solutions, it is available in a full functional scope in the open-source formula with the optional possibility manufacturer support extension.

The RKE 2 distribution is certified by the CNCF and allows you to use the full potential of containerization by means of an enterprise solution. RKE2 meets the FIPS (Federal Information Processing Standards) security standards of the US government as well as the Kubernetes security standards of the CIS Kubernetes Benchmark recommendations. RKE 2 is also the only Kubernetes distribution approved by DISA (Defense Information Systems Agency).

RKE2 is not dependent on running on a specific vendor's operating system or a product of a specific manufacturer - it is an open distribution. Thanks to this, it allows you to avoid vendor-locking in building Kubernetes platforms.

The container revolution and the rapid adoption of the Kubernetes platforms forces the organizations to effectively manage the multiple Kubernetes clusters environments.

SUSE Rancher is an open-source product that offers a comprehensive solution for organizations that need a consistent cluster management process, especially for multiple Kubernetes clusters. It provides functionalities such as:

• integration of Kubernetes cluster management in the cloud and on-premises
• resource monitoring
• central management of users and permissions
• integration with external user data sources and authorization platforms
• management of security policies
• automation of processes such as cluster configuration backup or deployment of Helm applications
• dynamic provisioning of new clusters in different environments

SUSE Rancher is a particularly attractive solution for organizations deploying their first Kubernetes clusters, organizations having an extensive container environment, requiring consistency across multiple clusters, operating in multicloud/hybrid environments, or wanting to avoid the so-called vendor lock-in.

Implementing SUSE Rancher brings the following benefits:

• accelerates the Kubernetes adoption process
• unifies cluster management
• centralizes security policies
• automates many management processes, which contributes to more effective management of Kubernetes clusters in organizations

SUSE Longhorn is an innovative, lightweight distributed storage system for services and applications running on Kubernetes clusters. It is a solution that enables storage management, offering advanced data storage features using the Kubernetes CSI standard.

Longhorn is fully integrable with Kubernetes and acts as a dedicated write and store controller, synchronously replicating volumes across multiple replicas stored across multiple cluster nodes. This ensures that the store meets the high availability and fault tolerance principles.

The Longhorn project offers many advanced functionalities, such as incremental snapshot creation and backup to second-tier storage (NFS or S3-compliant object storage).

In addition, Longhorn is supported and developed by SUSE, a leading open-source software provider, ensuring continuous improvement and community support. Longhorn is gaining popularity among the Kubernetes community and organizations that are looking for a reliable and scalable storage solution for their Kubernetes clusters.

With growing adoption of Kubernetes technology, organizations are looking for solutions to build effective Kubernetes clusters based on their own bare-metal infrastructure.

Harvester is a solution for building and managing Kubernetes infrastructure on bare-metal hosts. Harvester allows you to generate a full Kubernetes cluster infrastructure with a network layer and Kubernetes storage (Longhorn) on bare-metal infrastructure nodes. It enables integration with Rancher, ensuring, among others, cluster expansion directly from the Rancher console based on pools of available virtualized resources provided by Harvester environments.

Thanks to its open nature, Harvester provides flexibility and the ability to adapt to individual needs. It allows you to monitor multiple bare-metal Kubernetes clusters in one place with a single user interface. It also provides the ability to deploy and manage applications in containers, ensuring scalability and performance, and is integrated with other SUSE products.

NeuVector is a comprehensive security solution for Kubernetes clusters adopting the Zero Trust Security model and providing, among others, the following functionalities:

• Container vulnerabilities scanning throughout the whole container lifecycle in the CI/CD process, i.e. the process of its implementation, deployment phase, and runtime.
• Security auditing processed in accordance with the patterns from Docker Bench and CIS Benchmark.
• Security scoring reporting and policy compliance reports.
• Runtime network data scanning on the Kubernetes platform using Deep Packet Inspection.
• Behavioral learning of the application's operational runtime patterns, allowing to distinguish attacks from the normal operation of the application.
• Full 360 security analysis in graphical form, including network communication between containers.
• Preconfigurable security policies by means of templates that allow you to quickly adapt the environment to security standards.
• Segmentation at the level of containers and clusters that allows you to define access restrictions to a given area.

Neu Vector allows you to seamlessly integrate it with the DevOps and GitOps processes in the organization, among others, through use of Security Policy as a Code pattern.