Radius Method Logo
Sign up now

Edge Ready Highly Available Kubernetes with Zarf, Big Bang and Iron Bank

By Danny Gershman

Radius Method has developed a custom Zarf init package for bootstrapping K3S clusters that addresses the unique challenges of creating edge-ready, highly available Kubernetes deployments. This solution combines the power of Zarf, Big Bang, and Iron Bank to deliver secure, resilient infrastructure that can withstand failures and ensure business continuity.

The Challenge of Edge Computing

Edge computing environments present unique challenges for Kubernetes deployments. Traditional cloud-native approaches often assume reliable network connectivity and centralized infrastructure management. However, edge deployments must operate in isolated, resource-constrained environments where high availability is critical but traditional clustering approaches may not be feasible.

Our Solution: Custom Zarf Init Package

Our approach uses two distinct Zarf packages to achieve high availability:

  • "Full" package: Used for the initial control plane node deployment
  • "Minimal" package: Used for adding additional nodes to the cluster

This dual-package approach allows for flexible scaling while maintaining the security and isolation benefits that Zarf provides.

Deployment Process

The deployment process is streamlined into simple, repeatable commands:

# Pull full package for initial cluster node
zarf package pull oci://ghcr.io/radiusmethod/zarf-init-bigbang-k3s-ha/full:v${ZARF_VERSION}

# Install initial control plane node
sudo zarf package deploy zarf-packages/zarf-init-amd64-v${ZARF_VERSION}.tar.zst --components=k3s,git-server

# Add additional nodes using minimal package
sudo zarf package deploy zarf-packages/zarf-init-amd64-v${ZARF_VERSION}.tar.zst --set K3S_CMD="agent"

Key Technologies

Zarf: An open-source tool designed for deploying Kubernetes applications in disconnected environments. Zarf packages everything needed for deployment, including container images, Helm charts, and configuration files.

Big Bang: The U.S. Air Force's collection of Helm charts designed for secure application deployment. Big Bang provides a comprehensive suite of security tools and applications that are pre-configured for government and enterprise use.

Iron Bank: A repository of continuously updated and security-vetted container images. These images undergo rigorous security scanning and compliance verification, making them suitable for high-security environments.

Benefits of This Approach

  • Security: All components use hardened, security-vetted images from Iron Bank
  • Reliability: High availability configuration ensures business continuity
  • Simplicity: Streamlined deployment process reduces complexity and potential errors
  • Compliance: Built-in security controls meet government and enterprise requirements
  • Edge-Ready: Designed specifically for resource-constrained, disconnected environments

This solution represents a significant step forward in making enterprise-grade Kubernetes accessible and secure for edge computing deployments, combining the best of open-source innovation with enterprise security requirements.