This is, if I had to guess, a monument to a small team's stubborn insistence that such a thing could be done at all. If I can hope for a reward for them, may it be that they are allowed to hand off maintaining it to another team.
I don’t understand how they are separating security in the virtual mode as they only mention pods. It seems every workload still shares the underlying node, even when in virtual mode.
Take for example the OCI cache on the nodes. What about cache poisoning?
RKE (their Kubernetes deployment and management platform, mostly for various flavours of self managed environments) is pretty popular with the self-managed crowd that needs something to manage their on Orem Kubernetes clusters.
This is, if I had to guess, a monument to a small team's stubborn insistence that such a thing could be done at all. If I can hope for a reward for them, may it be that they are allowed to hand off maintaining it to another team.
Missed the opportunity to call it Kink ...
That's what I'll be calling it
So this is basically vCluster[0] but Rancher branded?
[0] https://github.com/loft-sh/vcluster
Closely related in pupopse, yes. Branded? no.
I don’t understand how they are separating security in the virtual mode as they only mention pods. It seems every workload still shares the underlying node, even when in virtual mode. Take for example the OCI cache on the nodes. What about cache poisoning?
Do Rancher side products generally make it into a stable state such that you would want to run mission-critical systems on?
(Former employee) They tend to either get enough traction very quickly and be supported for years, or not and be abandoned in weeks/months.
RKE (their Kubernetes deployment and management platform, mostly for various flavours of self managed environments) is pretty popular with the self-managed crowd that needs something to manage their on Orem Kubernetes clusters.
Yo dawg...
What does k3k stand for? Can we just put whatever number we want between 2 letters now?
Disclosure as I am working for SUSE on Rancher.
It's Kubernetes in Kubernetes and a reference in k3s which is also a project we are heavily contributing to, at SUSE.
I suspect it’s ‘kubernetes in kubernetes’
k in k
I suspect it's a play on another kubernetes variant, `k3s` ?
Nice, now we need K3Kind