V.2 of Nutanix’s Karbon front end wrapper for Kubernetes will enable Kubernetes clusters to run in a network-free isolation zone.
At time of writing, Nutanix had not officially announced Karbon 2.0, but Alexander Ervik Johnsen, Nutanix senior system engineer, discussed some features of the upgrade last week in a blog – currently 404ing: “Nutanix Karbon 2.0 introduces the availability of the Karbon Air Gap and Kubernetes upgrades. You can upgrade the Kubernetes version of your cluster using … karbonctl and use the Karbon Air Gap to manage your Kubernetes clusters off-line.”
Nutanix Karbon, introduced last April, is a wrapper around Kubernetes that makes it simpler to use and so set up and run cloud-native applications.
A defence against infection from computer malware and ransomware is to store data offline in tape cartridges, separated from network access by a physical air gap. Another, called logical air-gapping, is to run applications with no network access, where that is feasible.
Until now that was not possible with Kubernetes-orchestrated containerised workloads. In operation, Kubernetes requires access to registries on the internet to download various containers.
Mind the Air Gap
“The Air Gap uses a local Docker registry, hosted on a separate VM, to provide Karbon services,” Ervik Johnsen wrote. “Deploying the Air Gap requires Internet access to download the deployment package from the Nutanix Support Portal and transfer it to a local web server. For [further] deployment steps, refer to ‘Deploying the Karbon Air Gap’ in the Nutanix Karbon Guide.”
With Karbon 2.0, users can download a bundle of containers from the Nutanix Support Portal and upload it to an air-gapped Nutanix environment.
Either Nutanix, a system integrator or the customer puts the downloaded deployment package binaries on a mobile storage device, takes it to the site, and installs the binaries there.
With Karbon 2.0, Nutanix has enabled access to Karbon through the Prism management utility, allowing administrators to use their Prism Central + Active Directory (AD) setup to add ‘read-only’ Prism users.
Nutanix Karbon 2.0 also allows IT admins to initiate one-click upgrades to upgrade Kubernetes on their clusters. Until now a Kubernetes upgrade could mean redeploying clusters or applications.