Jump to contentJump to page navigation: previous page [access key p]/next page [access key n]
documentation.suse.com / Layered Stack Deployment of K3s / Component model
Applies to SUSE Linux Enterprise Micro 5.1, K3s 1.20.14

4 Component model

This section describes the various components being used to create a K3s solution deployment, in the perspective of top to bottom ordering. When completed, the K3s instance can be used as the application infrastructure for cloud-native workloads and can be imported into SUSE Rancher for management.

4.1 Component overview

By using:

  • Software

    • Kubernetes Platform - K3s

    • Linux Operating System - SUSE Linux Enterprise Micro

  • Compute Platform

    • Hewlett Packard Enterprise ProLiant

    • Hewlett Packard Enterprise Synergy

you can create the necessary infrastructure and services. Further details for these components are described in the following sections.

4.2 Software - K3s

K3s is packaged as a single binary, which is about 50 megabytes in size. Bundled in that single binary is everything needed to run Kubernetes anywhere, including low-powered IoT and Edge-based devices. The binary includes:

  • the container runtime

  • important host utilities such as iptables, socat and du

The only OS dependencies are the Linux kernel itself and a proper dev, proc and sysfs mounts (this is done automatically on all modern Linux distributions). K3s bundles the Kubernetes components:

  • kube-apiserver,

  • kube-controller-manager,

  • kube-scheduler,

  • kubelet and

  • kube-proxy

into combined processes that are presented as a simple server and agent model, as represented in the following figure:

K3s overview
Figure 4.1: Component Overview - K3s

K3s can run as a complete cluster on a single node or can be expanded into a multi-node cluster. Besides the core Kubernetes components, these are also included:

  • containerd,

  • Flannel,

  • CoreDNS,

  • ingress controller and

  • a simple host port-based service load balancer.

All of these components are optional and can be swapped out for your implementation of choice. With these included components, you get a fully functional and CNCF-conformant cluster so you can start running apps right away. K3s is now a CNCF Sandbox project, being the first Kubernetes distribution ever to be adopted into sandbox.

Tip
Tip

Learn more information about K3s

As K3s can be deployed on a single or multiple nodes, the next sections describe the suggested component layering approach.

4.3 Software - SUSE Linux Enterprise Micro

SUSE Linux Enterprise Micro combines the assurance of enterprise-grade security and compliance with the immutability and portability of a modern, lightweight operating system. The top 4 features are:

Immutable OS

Immutable design ensures the OS is not altered during runtime and runs reliably every single time. Security signed and verified transactional updates are easy to rollback if things go wrong.

Security and Compliance

Fully open source and built using open standards, SUSE Linux Enterprise Micro leverages SUSE Linux Enterprise common code base, to provide FIPS 140-2, DISA SRG/STIG, integration with CIS and Common Criteria certified configurations. Includes fully supported security framework (SELinux) with policies.

Architectural Flexibility

Both Arm and x86-64 architectures are supported so you can deploy edge applications with confidence across multiple architectures.

Kubernetes-Ready

You can easily combine SUSE Linux Enterprise Micro with the latest cloud-native technologies including SUSE Rancher, Rancher Kubernetes Engine, Longhorn persistent block storage, and K3s, the world’s most popular Kubernetes distribution for use in low resource, distributed edge locations.

As a result, you get an ultra-reliable infrastructure platform that is also simple to use and comes out-of-the-box with best-in-class compliance. Furthermore, SUSE’s flexible subscription model ensures enterprise assurance for any edge, embedded or IoT deployment without vendor lock-in. A free, evaluation copy can be downloaded or if the organization already has subscriptions, both install media and updates can be obtained from SUSE Customer Center.

4.4 Compute Platform

Leveraging the enterprise grade functionality of the operating system mentioned in the previous section, many compute platforms can be the foundation of the deployment:

  • Virtual machines on supported hypervisors or hosted on cloud service providers

  • Physical, baremetal or single-board computers, either on-premises or hosted by cloud service providers

Note
Note

To complete self-testing of hardware with SUSE YES Certified Process, you can download and install the respective SUSE operating system support-pack version of SUSE Linux Enterprise Server and the YES test suite. Then run the tests per the instructions in the test kit, fixing any problems encountered and when corrected, re-run all tests to obtain clean test results. Submit the test results into the SUSE Bulletin System (SBS) for audit, review and validation.

Tip
Tip

Certified systems and hypervisors can be verified via SUSE YES Certified Bulletins and then can be leveraged as supported nodes for this deployment, as long as the certification refers to the respective version of the underlying SUSE operating system required.

Even with the broad certification and support model across the range of available HPE platform models, the following table summarizes which might be a best-practice selection for the various deployment types and focus areas:

Table 4.1: Hewlett Packard Enterprise Platform Matrix for Deployment Types
System PlatformBaremetalHypervisorVirtual Machine

ProLiant

DL360,DL380

DL360,DL380

(hosting)

Synergy

SY480

SY480

(hosting)

As listed in the previous table, multiple server product-line and model options abound in the HPE server portfolio, as detailed in the following sections.

4.4.1 Hewlett Packard Enterprise iLO

The Hewlett Packard Enterprise iLO [iLO] arms you with the tools to manage your servers efficiently, resolve issues quickly, and keep your business running – from anywhere in the world, allowing you to manage your entire server environment with ease. Upgrade the basic iLO license for additional functionality, such as graphical remote console, multi-user collaboration, video record/playback, remote management, and much more. The latest iLO innovations include:

  • Security and performance

  • Support for Simple Certificate Enrollment Protocol [SCEP]

  • Enablement for 802.1x protocol to securly onboarc servers into a network

  • Redfish API Conformance

4.4.2 HPE ProLiant DL Rack Servers

The HPE ProLiant DL family of servers are the most flexible, reliable, and performance-optimized HPE ProLiant rack servers—ever. HPE continues to provide industry-leading compute innovations. The new HPE ProLiant rack portfolio, with flexible choices and versatile design, along with improved energy efficiencies, ultimately lowers your TCO. Integrated with a simplified, but comprehensive management suite and industry-leading support, the HPE ProLiant rack portfolio delivers a more reliable, fast, and secure infrastructure solution, helps increase IT staff productivity, and accelerates service delivery. In addition, the rack portfolio is performance-optimized for multiapplication workloads to significantly increase the speed of IT operations and enable IT to respond to business needs of any size, faster.

Specific models that offer relevant choices for Enterprise Kubernetes are:

HPE ProLiant DL380

The industry-leading HPE DL380 2P/2U server with world-class performance and supreme versatility for multi-workload compute server delivers the latest in security, performance and expandability, backed by a comprehensive warranty. Standardize on the industry’s most trusted compute platform. The HPE DL380 server is securely designed to reduce costs and complexity, featuring:

  • the First, Second, Third Generation Intel Xeon Processor Scalable Family with up to a 60% performance gain1 and 27% increase in cores2

  • the HPE 2933 MT/s DDR4 SmartMemory supporting 3.0 TB

  • support of 12 Gb/s SAS, and up to 20 NVMe drive plus a broad range of compute options

  • HPE Persistent Memory offers unprecedented levels of performance for databases and analytic workloads to run everything from the most basic to mission-critical applications and deploy with confidence.

HPE ProLiant DL360

Adaptable for diverse workloads and environments, the compact 1U HPE DL360 server delivers security, agility and flexibility without compromise. It supports:

  • the Intel Xeon Scalable processor with up to a 60% performance gain1 and 27% increase in cores2

  • along with 2933 MT/s HPE DDR4 SmartMemory supporting up to 3.0 TB2 with an increase in performance of up to 82%3

  • the added performance that HPE Persistent Memory6, HPE NVDIMMs7 and 10 NVMe bring, the HPE DL360 means business. Deploy, update, monitor and maintain with ease

  • automating essential server life cycle management tasks with HPE OneView and HPE Integrated Lights Out to deploy this 2P secure platform for diverse workloads in space constrained environments.

Note
Note

HPE Servers Support & OS Certification Matrices outlines the minimum version of SLE required for installation, yet later service pack releases may also be used and supported.

4.4.3 HPE Synergy Servers

HPE Synergy, the first Composable Infrastructure, empowers IT to create and deliver new value easily and continuously. This single infrastructure reduces operational complexity for traditional workloads and increases operational velocity for the new breed of applications and services. Through a single interface, HPE Synergy composes compute, storage and fabric pools into any configuration for any application. It also enables a broad range of workloads — from bare metal, to virtual machines, to containers, to operational models like hybrid cloud and DevOps. HPE Synergy enables IT to rapidly react to new business demands with the following components:

  • HPE Synergy 12000 Frames are uniquely architected as Composable Infrastructure (CI) to match the powerful 'infrastructure-as-code' capabilities of the HPE intelligent software architecture. Flexible access to compute, storage, and fabric resources allows for use and re-purposing. Linking multiple HPE Synergy Frames efficiently scales the infrastructure with a dedicated single view of the entire management network.

    • Creating multiple composable domains in the infrastructure can efficiently deliver available resources to the business. HPE Synergy Frames reduce complexity by using intelligent auto-discovery to find all available resources to accelerate workload deployments. This drives IT efficiency as the business grows and delivers balanced performance across resources to increase solution effectiveness.

  • With HPE Synergy SY480 Compute Module, one gains operational efficiency and control, and can deploy IT resources quickly for any workload through a single interface. HPE Synergy is a powerful software-defined solution. HPE Synergy Composable Compute resources create pools of flexible compute capacity that can be configured almost instantly to rapidly provision infrastructure for a broad range of applications. The HPE Synergy SY480 Compute Module delivers an efficient and flexible two-socket workhorse to support most demanding workloads. Powered by:

    • Intel Xeon Scalable Family of processors

    • up to 4.5 TB DDR4, more storage capacity and controllers

    • a variety of GPU options within a composable architecture HPE Synergy SY480 Compute Module is the ideal platform for general-purpose enterprise workload performance now and in the future.

Note
Note

HPE Servers Support & OS Certification Matrices outlines the minimum version of SLE required for installation, yet later service pack releases may also be used and supported.

Note
Note

A sample bill of materials, in the Chapter 9, Appendix, cites the necessary quantites of all components, along with a reference to the minimum resource requirements needed by the software components.