Operations | Monitoring | ITSM | DevOps | Cloud

Fleet, Rancher’s built-in GitOps engine, is designed to scale up to thousands of clusters. However, “how far” can it scale in a real world scenario, you might ask? Earlier this year, we wrote about the Fleet benchmark tool and we made a few discoveries that were very instructive, especially concerning resource consumption and its impact on deployments’ performances.

For platform engineers managing multiple Kubernetes clusters, maintaining policy consistency is a constant struggle. Manually applying security rules across a growing fleet of clusters is inefficient and error-prone. This approach creates significant risks: As your environment scales, this operational burden becomes unsustainable. Each out-of-sync policy represents a potential security gap, increasing the cluster’s attack surface.

If you manage Kubernetes at scale with Rancher, you know that UI performance is not just a “nice-to-have”—it’s crucial for productivity. The Rancher team is on a continuous journey to enhance our platform’s ability to handle increasingly complex environments. In this post take a deep dive into an exciting, evolving improvement we’ve been developing: a project codenamed “Vai” (also called UI Server-Side Pagination or SQLite-backed caching).

SUSE Rancher Prime delivers SUSE secure Application Collection and a complete Kubernetes platform, turning an industry crisis into your strategic upgrade.

Kubernetes has revolutionized application deployment and management. However, manually adjusting cluster sizes to meet fluctuating workloads, without constantly under- or over-provisioning resources, quickly drains platform teams’ time and energy. While traditional cloud provider autoscaling tools are functional, they often fall short when it comes to truly dynamic, Kubernetes-aware scaling, especially in a world with diverse infrastructure.

If you’ve ever spent hours chasing a weird issue in your Kubernetes cluster, you’re in good company. Reddit’s r/kubernetes is full of hilarious and painful stories about clusters going off the rails for reasons no monitoring dashboard ever predicted. And while it’s easy to laugh after the fact, each of these moments highlights just how important observability is because these kinds of problems don’t show up on your radar until it’s too late.

Same as in the community, Enterprise developers need tools that are both powerful and flexible. They need to innovate quickly, iterate efficiently‌ and deploy with confidence. This is where the synergy between Rancher Desktop and SUSE Application Collection truly shines, offering a comprehensive environment for modern enterprise developers.

Managing permissions in sprawling Kubernetes landscapes can often feel like untangling an ever-growing knot. As clusters and user bases expand, so does the intricate web of RoleBindings, impacting everything from UI responsiveness to the very stability of etcd. This complexity, if unaddressed, can become a significant hurdle to achieving scalability and maintaining optimal performance in Rancher. SUSE is committed to improving its container management platform.

Managing and deploying applications across multiple Kubernetes clusters presents significant challenges, especially as the number of clusters grows. Traditional methods, like manually applying Helm charts or manifests per cluster, become cumbersome, error-prone, and difficult to scale or maintain consistency for Day 2 operations. While Rancher allows managing Helm chart repositories and apps, this is done on a per-cluster basis via the UI.

In backend engineering, many days follow a familiar rhythm: coffee, code reviews, maybe deploying a new feature. But occasionally, the routine is interrupted by a message that signals a different kind of challenge, like a Slack notification from the security team: “Hey, we’ve identified a potential issue. Need to sync up.” This post details one such instance—our journey addressing CVE-2024-21626, a privilege escalation vulnerability reported in Rancher.