Overview #

Initial goal is reducing cost/effort to run a security focused Internal Developer Platform with a small team.

Opinionated Rancher platforms #

Below guides are to setup Certified Kubernetes on public cloud environments with:

• Karpenter to prefer spot nodes and revert to ondemand if they aren’t available
• Longhorn ready nodes and NVMe disks with best-effort data locality
• Traefik and LetsEncrypt with an cert-manager (ACME)
• Rancher and Fleet for multi cluster admin, gitops and access mgmt.

Install Guides #

• Azure with AKS Automatic
• TODO: AWS with karpenter/eksctl
• TODO: GKE with Autopilot
• TODO: OCI with OKE

References #

• CNCF Landscape
• Internal Developer Platform
• CISA Secure By Design Principles
• DoD Platform One