Sun. Jun 7th, 2020

k3OS v0.10.2 releases: the first Kubernetes operating system

2 min read

Rancher Labs introduced k3OS, the industry’s first extremely lightweight operating system for Kubernetes. It has extremely low resource consumption, minimal operation, and second-level boot, which greatly simplifies in low-resource computing environments. Kubernetes operation, improve the security of Kubernetes operation and maintenance and fully enable edge computing scenarios.

k3OS is a linux distribution designed to remove as much as possible OS maintaince in a Kubernetes cluster. It is specifically designed to only have what is need to run k3s. Additionally the OS is designed to be managed by kubectl once a cluster is bootstrapped. Nodes only need to join a cluster and then all aspects of the OS can be managed from Kubernetes. Both k3OS and k3s upgrades are handled by k3OS.

k3OS can be used for public clouds and virtualized clusters, but in addition, it is of great value in environments where computing resources represented by edge computing are extremely limited. The main features include:

  • supports multiple architectures: k3OS runs on x86 and ARM processors to give you maximum flexibility.
  • runs only the minimum required services: Fewer services means a tiny attack surface, for greater security.
  • doesn’t require a package manager: The required services are built into the distribution image.
  • models infrastructure as code: This makes sure there are no surprises, and that systems come up the same way every time. You can manage system configuration with version control systems, and carry out reliable, repeatable cluster deployments.

Changelog v0.10.2

Security Fixes

  • Bump k3s to v1.17.6+k3s1 #505
    • CVE-2020-10749 – IPv4 only clusters susceptible to MitM attacks via IPv6 rogue router advertisements
    • CVE-2020-8555 – kube-controller-manager SSRF

Bug Fixes

  • Establish /usr/libexec/kubernetes symlink to persistent disk #447 (thanks @zimme)
    This makes the FlexVolume plugin happy.