Rancher + Portworx: Making Kubernetes “Stateful & Survivable”

This podcast episode of The Bottom Line Up Front breaks down the functionalities of SUSE Rancher Prime for Kubernetes management and Portworx from EverPure for stateful data management. The episode highlights the comprehensive tools offered by Rancher Prime for deploying, managing, and operating Kubernetes clusters across various environments, emphasizing ease of use through a unified console. Similarly, Portworxs provides enhanced storage solutions for Kubernetes, ensuring high availability, disaster recovery, and efficient data management. The podcast emphasizes the significance of these technologies in terms of federal and DoD operational needs such as Zero Trust, RMF sustainment, and cost savings, while offering advice on implementing these tools with the help of ATP Gov.

• 00:00 Introduction
• 00:51 Deep Dive into Suse Rancher Prime
• 02:33 Hands-On with Rancher Prime
• 03:43 Portworx from EverPure
• 04:35 Portworx in Action
• 06:20 Federal and DOD Implications
• 07:01 Implementation Considerations
• 08:23 Conclusion and Contact Information

This episode is brought to you by ATP Gov. Visit us online at www.atpgov.com or follow us on LinkedIn.

[00:00:00] Welcome to the Bottom Line Upfront, the podcast that cuts through the noise to deliver distilled insights from today’s most important technical webinars, presentations and demonstrations designed for federal and military IT leaders. Each episode breaks down complex technologies into mission ready takeaways, so you get the key points.

Fast. Whether it’s cybersecurity, cloud, architecture, or emerging defense technologies, we highlight what matters most and how trusted integrators like a TP gov can help implement and operationalize these solutions across your agency or command. No fluff. No filler, just the bottom line upfront. Today on the Bluff, we’re gonna translate what was shown on the keyboards into what matters for mission outcomes.

Taking a hands-on look at Seuss Rancher Prime for Kubernetes Management and Port Works from Pure Storage for stateful data. So let’s talk about what Rancher Prime actually delivers. So why Seuss Rancher Prime in the first place? What suse Branch of Prime [00:01:00] does is it pulls together all of the components to give you everything you need to deploy, run and manage your Kubernetes clusters and the containerized workloads that run on top of them.

One console for Data Center to Edge, Kubernetes. Rancher centrally manages all downstream clusters, whether on-prem in AWS Azure or GCP at the edge or imported from any CNCF certified distribution. The goal, common skills, and one interface regardless of where the clusters live. Rancher also includes curated application charts with vulnerability reduction in base images, plus Prometheus and Grafana for cluster health and performance.

As far as you’re concerned, you’re doing it through the rancher interface. It’s a common set of skills that are needed for all of the different features we talked about today. From the console, you can provision clusters, take snapshots, upgrade Kubernetes versions, [00:02:00] node by node with draining and coordinating handle automatically, and enforce roll space access control via unified identity providers.

Click on the kebab menu on the right side of cluster one, and you can click on take a snapshot or restore a snapshot or rotate certificates or edit config, and we’ll look at that one in just a second. You could also do a Cobe CTL shell. Into that particular cluster, so you don’t have to do a lot of external.

Let me go to a terminal prop somewhere and do it. I can do it right from within this interface. During the lab, we were able to see engineers logging into rancher, deploying monitoring through Prometheus and Grafana, performing a snapshot, executing a cluster upgrade with automated node draining, as well as configuring roll space access control.

The scenario was. Giving new HR users namespace scopes rights, and deploying a simple engine X workload. So we’re gonna go through a scenario where we’ve hired a brand new person, and this [00:03:00] brand new person is John Smith. Now John is in the HR department and John is tasked with deploying. So applications for hr, but the HR department isn’t big enough to warrant having its own cluster.

So one of the beautiful things about Kubernetes and its design, they came up with this idea of namespace to be a way to logically separate. Run Kubernetes resources. When I say Kubernetes resources, their applications, and, and that like, so the bottom line of the demonstration was rancher reduces operational variance across environments and makes Kubernetes governance and upgrades routine and not heroic.

That’s critical for a TO sustainment and continuous compliance. So let’s talk about how Port works from Pure Storage makes Kubernetes stateful and survivable. We’ve got some business continuity and disaster recovery challenges, right? So a lot of the, you know, solutions for the Kubernetes environment are DIY, right?

Wire it up yourself with Port [00:04:00] Works solution, right? All of that business continuity, disaster recovery, high availability, it’s all built into the product. It’s all wired in together. So it gives you solid foundation for that recovery. Port Works runs on worker nodes, consumes block devices like San Cloud disk and VME to create software-defined storage clusters.

Volumes can be replicated across nodes with encryption, snapshots, throttling, and Kubernetes aware scheduling. When a node fails, stork notifies the Kubernetes scheduler to reschedule pods where volume replicas already exist. That means fast pod recovery with the same data. The demo showed us a MongoDB app surviving a simulated node reboot with orders completely intact.

Uh, this is a simulated node failure. We’re gonna watch what happens to our Mongo pod. You can see that it is running on Rancher three. It’s been up for about seven minutes, and it is still in a running state. That node is shutting down. It is orderly because we shut it down, but it’s still going to the same thing.

That node is going to go down. [00:05:00] We are going to see that this happens. Um, so we have a component called Stork, which is our storage orchestrator runtime for Kubernetes. Stork monitors the status of all of our Port works nodes in the cluster. And so when it sees a node goes down, it will tell the Kubernetes scheduler, Hey, we need to reschedule pods that were consuming port works volumes that were on that node.

We need to get them rescheduled. And so you can see that’s happened. Additionally rules watch over PVC usage and resize volumes online. This prevents midnight outages from log growth while alerting operations to investigate. No paging on-call analysts unless absolutely necessary. Point in time volume snapshots, create quick restore points and group snapshots.

Create multi-volume consistency. Think about the interoperation of technologies like Cassandra, Kafka, and Mongo clusters. Snapshots can also be offloaded to S3 compatible object stores or public clouds, supporting retention of [00:06:00] off cluster recovery. Disaster recovery options include asynchronous and synchronous with stretched clusters.

So the bottom line for Port Works is the Stateful data backbone for mission apps running on Kubernetes. It provides resilience, automation, and compliance friendly operations that traditional sands can’t deliver inside of Kubernetes. So why does this matter in federal and DOD terms? Ranchers Unified Management and Port Works replication keeps mission apps running as nodes or links drop.

This is ideal for austere tactical or ship and airborne scenarios, routine upgrades, snapshots and observability, reduce drift and help maintain RMF controls and continuous monitoring. The centralized roles based access control and integration with identity providers supports lease privilege and auditability across clusters.

Using curated charts and hardened images supports vulnerability management strategies and autopilot eliminates over provisioning, yet protects against surprise growth, offering o and m savings [00:07:00] without sacrificing availability. So if you want a mission ready Kubernetes platform with stateful resilience and automation, here are some items to consider before building your implementation with Seuss Rancher and Port Works.

Tailor your data center to edge designs and align them to zero trust, STIG friendly baselines, as well as Kubernetes hardening and logging into telemetry patterns. Create rapid labs by mirroring your enclaves, whether on-prem, GovCloud, regions, or classified segments with repeatable terraform and helm pipelines.

Develop procedures and playbooks for Kubernetes upgrades, snapshot and restore disaster recovery failover and autopilot rules. Always factoring compliance and a TO support by documenting artifacts, things like diagrams, control narratives, and parameter sets to speed. RMF packages, plus alerting via Prometheus and alert manager for SOC workflows, all while mapping to relevant controls, for example, access control, configuration management, and contingency planning.

Make sure you coordinate with your [00:08:00] vendor licensing and support and multi-vendor integration. This is where a TP gov can help you streamline the process through common federal procurement paths. And finally, consider your hands-on enablement for platform teams and app teams, including cluster ops, storage ops, roles based access control, governance, and disaster recovery drills, along with developing your handoff plans to other parts of your sock.

So what is the bottom line upfront? Rancher Prime is a centralized, multi cluster Kubernetes management across your on-prem, your cloud, and your edge. It comes built in with Prometheus and Grafana for observability with a curated app catalog. It includes snapshots, automated upgrades, roles based access control, and app deployment.

Port works, adds high availability storage, stork driven failover, autopilot resizing snapshots, group snapshots, cloud snaps, and disaster recovery. What’s the value to Federal Zero Trust Alignment, RMF sustainment and o and m savings. If you’re adopting Kubernetes [00:09:00] for mission applications, Seuss Rancher Prime gives you Unified Secure Data Center to Edge Cluster Management.

While Port Works adds the stateful resilient storage layer, together, they simplify operations and keep critical workloads available across austere, disconnected, or multi-cloud environments. So if you want a mission ready Kubernetes platform with Stateful Resilience, our team at a TB gov can help you integrate and harden this stack from pilot to production.

Be sure to reach out to atp gov today@www.atpgov.com, or email info@atpgov.com, or check us out on social media on LinkedIn. Thanks for listening, and be sure to subscribe to the bottom line upfront wherever you get your podcasts. And stay tuned for more distilled insights from the front lines of tech and national security.

So until next time, stay secure. Stay mission ready.

The Bottom Line Up Front, is ATP Gov’s podcast that cuts through the noise to deliver distilled insights from today’s most important technical webinars, presentations and demonstrations designed for federal and military IT leaders. Each episode breaks down complex technologies into mission ready takeaways, so you get the key points.

Fast.

Whether it’s cybersecurity, cloud, architecture, or emerging defense technologies, we highlight what matters most and how trusted integrators like ATP Gov can help implement and operationalize these solutions across your agency or command.

No fluff. No filler, just the bottom line up front.