Laboratory Numerator: Steering Wheel Container Management System

The main articles are:

• IT Service Management (ITSM)
• IT containers

"Helm" - container orchestration environment management platform. It is a boxed solution that works on both Western and domestic operating systems. The platform allows you to create and manage a Kubernetes cluster in automatic and semi-automatic mode, analyze configurations for CIS Benchmark compliance, check for vulnerabilities in container images and compliance with best information security practices in terms of application software configuration.

2024

Compatibility with ELMA365

"Laboratory Numerator" and ELMA confirmed the compatibility of their solutions. The company was informed about this on October 14, 2024.

The Steering Wheel platform from the Numerator Laboratory has become available to companies that plan or already automate business processes on the Low-code ELMA365 platform.

Platform compatibility will allow easy installation and further operation of Low-code products. Prior to integration with SteeringWheel, customers had to install their own infrastructure for ELMA365 deployment. Now the ready-made option has appeared on the marketplace of domestic solutions (added in the release of "Steering Wheel 2.7"), which hosts pre-configured repositories of technological partner products, and can be installed in one click. Thus, administrators can quickly install the ELMA365 platform, and users can get online access to it. At the same time, all tasks for deploying the infrastructure layer are solved automatically.

ELMA365 is a product that is deployed in a containerized load format in a Kubernetes cluster. Using the Steering Wheel platform minimizes the cost of preparing and maintaining the environment necessary for the operation of the application ELMA365 in the customer landscape, "said Alexander Zakhvatkin, architect of ELMA cloud platforms.

The "steering wheel" was conceived as a container management environment that could simplify the life of administrators. At the same time, we understand that container environments operate various kinds of application systems, and test compatibility with the solutions that enterprise customers need so much. ELMA365 is one of them, said Aleksandr Chistov, Product Director of the Numerator Laboratory. - Within our platform, we strive to create an ecosystem of compatible application software so that customers have a variety of choices and can install the necessary system in one click.

2.7 Wheel with Custom Role Creation Interface

Steering Wheel 2.7 will make it easier to manage a large container infrastructure. The developer announced this on August 27, 2024.

Helm is a Kubernetes cluster management platform from Laboratory Numerator. In version 2.7, the main updates affected the infrastructure. In particular, the developers added support for Red OS 8, management of IP address pools, and also provided management of groups of nodes in the interface with the ability to flexibly manage configuration.

The updated platform architecture implements an interface for creating custom roles. This functionality allows you to even more accurately manage access - now, in one window, the administrator can point access to users and groups at once to all the necessary platform components:

• to the management cluster in isolation;
• management cluster and client clusters;
• Nijmspace of the client cluster or individual Nijmspace resources;
• ArgoCD;

- OpenSearch.

The graphical interface provides the ability to create cluster node groups. This will allow cluster administrators without a deep understanding of the features of internal mechanisms:

• Fine-tune virtual machine templates in the cluster - for example, using virtual machines with a specific number of cores, memory, and disk sizes for different targets in the cluster.
• Separate nodes by activity using roles to better monitor performance - for example, so that the system load does not affect the performance of application services.
• Create different host configurations for different groups, such as Container Runtime settings.

Improvements to the platform also affected information security. In particular, the developers implemented:

• Authorization to clusters from the CLI
• Manage Seccomp profiles on loads and nodes
• Advanced Audit Policy for Cluster Users and Administrators.

In the updated release of the platform, a marketplace of domestic solutions appeared, which hosts pre-configured repositories of technology partner products. In particular, the repository of Nimbius, one of the products of the Numerator Laboratory, is available here.

In this release, we focused on point-to-point but deep platform refinements based on the requests of our customers. The updates mostly affected low-level components. At the same time, the functionality of the product is becoming more familiar and comfortable to use for engineers and administrators of our customers, - said Alexander Krasnov, technical director of the Steering Wheel platform of the Numerator Laboratory. - In the next release, we plan to expand the mechanisms for ensuring disaster tolerance of the platform.

"Steering wheel" 2.6 with support for Alt Linux 8 SP10 and "Red OS" 7.3.4

The Numerator Laboratory on July 16, 2024 introduced the Steering Wheel 2.6 version, which added Alt Linux support and a number of functions to the management interface.

The platform has a built-in infrastructure provider. It allows you to quickly and efficiently deploy clusters on physical and virtual machines, configure manual or automatic scaling, and transfer hosts between Kubernetes clusters. This makes it possible to deploy and maintain SteeringWheel clusters, regardless of the type of virtualization platform used, on any physical servers and, if necessary, using both physical and virtual machines at the same time.

Support for operating systems Alt Linux 8 SP10 and Ed OS 7.3.4 was also added.

In response to requests from large customers, functionality was added, including:

• Create and manage clusters of different versions of Kubernetes within the same platform
• delayed updating of clusters with allocation of a process window.

Improvements in information security were also implemented, namely:

• End-to-end authorization has been added to ARGO CD and OpenSearch, which ensures secure transition between services and eliminates unauthorized privileged access by the user;
• A security policy management interface ("policy manager") has been created that allows you to flexibly manage policy objects and receive notifications about identified attempts to violate them;
• A unique mechanism has been added that forms an access tree by user or group. It will allow administrators from a single window to obtain accurate information about the user's access to all clusters/namespaces.

In this release of the platform, the graphical interface has become even more convenient. In addition to managing Helm charts and connecting user repositories, the ability to manage custom Kubernetes resources was added to it. There were also integration platforms with user directories (previously this required the connection of engineers at the time of deployment) and the ability to manage cluster objects both using the usual graphical interface and using YAML manifests.

We implement most of the updates at the request of our customers. In release 2.6, we focused on expanding the platform's infrastructure compatibility, ease of monitoring the state and behavior of the system in terms of information security, strengthening security and further optimizing the user interface to improve usability, "said Alexander Chistov, Product Director of the Numerator Laboratory. - In particular, Alt Linux support was added in this version. Now "Steering Wheel" is the only platform that provides automated deployment of clusters on all four popular Russian operating systems.

Compatibility with Luntry Software

The Russian developer of the Laboratory Numerator and CloudRan software, the developer of the Luntry container security platform, tested the compatibility of their solutions. Now companies that choose the Steering Wheel platform from the Numerator Laboratory have an increased level of information security available within all Kubernetes clusters. This was announced on June 26, 2024 by representatives of the "Numerator Laboratory."

According to the company, more than half of Russian companies from the list of RBK-500 use containerization technologies. And the trend of import substitution pushes to the fact that more and more organizations choose domestic orchestrators to manage containers.

The Steering Wheel is an on-premium platform for managing Kubernetes clusters. The solution allows you to automate routine operations and organize a secure environment for developing services and quickly bringing products to market. The dynamism and speed of infrastructure changes lead to an increase in the attack surface and the emergence of unique penetration models. Therefore, in addition to the basic protection methods, it is necessary to ensure the security of the container orchestration environment and the transparency of all interactions within K8s clusters. Ensuring the optimal level of security falls on a separate class of security tools - Security Observability solutions. These include Luntry, a Russian platform that provides the optimal level of security throughout the entire life cycle of container applications and orchestration tools based on Kubernetes.

The Numerator Laboratory tested the compatibility of the Steering Wheel platform and the Luntry software. The results of the tests confirmed that the products are compatible with each other, and their joint use will be able to meet the information security requirements imposed in large businesses and government organizations.

On the part of our customers, we see an increasing demand for the use of both orchestration tools and superimposed information security tools that ensure the security of Kubernetes clusters and running applications. Luntry software protects container applications in dynamically changing environments. In the near future, our platform will be certified for compatibility with the products of all major players in this market. noted Alexander Chistov, Product Director of "Laboratory Numerator"

The main difficulty for ensuring the safety of containers is their dynamism and speed of change. At the same time, a large number of different teams are working on such an infrastructure: developers, DevOps engineers, information security specialists, etc. It is important to ensure security at all stages of life, to establish effective interaction between teams by providing them with a single picture and access to up-to-date information about their microservice infrastructure. narrated by Andrey Ganyushkin, Commercial Director of Luntry

2.5 "SteeringWheel" with Session Manager

The Steering Wheel platform received an update to version 2.5. The developer announced this on February 21, 2024.

Helm is a container orchestration platform from Laboratory Numerator. In version 2.5, the user management system was updated, changes were implemented at the information security level and a number of functions were added to the management interface.

A distinctive feature of this release is the ability to connect an external user authentication service using the OIDC OAuth 2.0 protocol (Blitz and Keycloak). The updated version also adds FreeIPA and SambaDC user directories. This provides full integration with all popular directories such as Active Directory and OpenLDAP. These solutions make it easy to integrate the platform into the enterprise IT ecosystem.

Version 2.5 implements significant changes in terms of information security:

• A session manager has been implemented that allows you to control all active user sessions. It creates a transparent security system that prevents unwanted connections.
• Added interfaces for displaying alerts (VM Alerts) and security events (Kubernetes Audit Policy). This helps monitor cluster object health checks and view the cluster security log in real time mode without switching to third-party resources.

In addition to security improvements, this release offers an interface for integration providers virtualizations with Bas.DynamiX and OpenStack. This solution allows you to manage client clusters with these providers directly from the SteeringWheel platform GUI.

We pay great attention to feedback from our customers and promptly make improvements to new versions of the platform, - said Alexander Chistov, Product Director of the Numerator Laboratory. - In release 2.5, at the request of users, we also implemented a graphical network policy editor that allows you to configure in detail the relationships of objects inside and outside the cluster. Thus, controlling incoming and outgoing traffic in the cluster significantly increases the level of information security.

2023

"Steering wheel" version 2.4 with support for Ubuntu 22.04.3 LTS and RedOS 7.3.3

The SteeringWheel platform has been upgraded to version 2.4. The Numerator Laboratory announced this on December 19, 2023.

A "helm" is an container orchestrator that allows you to create and manage clusters, Kubernetes deploy them, and manage configurations. Release 2.4 included updates at the level, information security expansion of the list of supported OS Linux and cluster management for advanced users.

The SteeringWheel platform is compatible with a dozen of the most common Linux operating systems with various kernel versions, such as Astra Linux, RED OS, ROSA OS, Ubuntu and others. Release 2.4 adds support for Ubuntu 22.04.3 LTS and RedOS 7.3.3 operating systems. This will allow customers to use the usual Linux distributions to implement the platform into the company's infrastructure.

When developing the Steering Wheel platform, the Numerator Laboratory team pays special attention to information security requirements. In the platform, in terms of information security, the following are implemented:

• The ability to install the platform in a closed environment, which eliminates the risks of unauthorized software entering the customer's work machines.
• Analyze images for vulnerabilities, check for compliance with security policies and scan applications for CIS Benchmark compliance in the interface for information security specialists. The company will be able to receive reports on these checks in various formats for further analysis and construction of infographics.
• Set the lifetime of the user token. This allows you to manage the maximum session time based on your own security regulations.

The new release has expanded the functionality for managing nodes:

• The node configuration interface is simplified. This allowed to reduce the threshold for users to enter into fine tuning, including Kubelet, Container Runtime.
• Added actions with nodes that allow you to quickly and conveniently redistribute the load and configure the system painlessly, even when changes are needed in the production environment.
• Auto-scale protection has been added, which helps to protect nodes from deletion when the load is reduced in clusters with automatic configuration.

The SteeringWheel platform allows you to speed up the development process and bring new products to market faster. We aim to ensure that working with our platform is as convenient as possible for teams, "said Alexander Chistov, Product Director of the Numerator Laboratory. - For example, in release 2.4, the Kubelet setup appeared. What used to have to be configured with a long and complex manifest is now available from the GUI. We have developed detailed configuration documentation. If you have additional questions, commands can open a request for a service desk directly from the SteeringWheel interface.

Compatibility with Red Software

The Russian software developer Laboratory Numerator and RED SOFTWARE have confirmed the compatibility of the container management platform based on Kubernetes Steering Wheel with the software products RED OS and RED Virtualization. The solutions are included in the register of Russian software, which allows customer companies to implement the software stack, adhering to the requirements for the transition to Russian solutions. This was announced on August 21, 2023 by RED SOFT.

source = "Laboratory numerator")

"Helm" - on-premium container orchestration cluster management platform. The platform allows you to automate routine and complex operations and reduce the time-to-market of the developed application into test and production environments. The Steering Wheel is compatible with Russian operating systems, virtualization platforms and business applications. The implementation of the platform allows you to seamlessly switch from commercial Western container orchestration products to a Russian solution with advanced vendor support.

RED OS is a Russian operating system of the Linux family for servers and workstations, providing a universal environment for using application software. This is a composite software product built on the RPM-format package base that meets the POSIX and LSB 4.1 (Linux Standard Base) requirements. RED OS development is carried out in the closed RED SOFT circuit, the source codes and packages are located in the RED OS own repository located in the Russian Federation.

RED Virtualization provides centralized management of virtualization servers, virtual machines, clusters, and other virtualization environment objects.

We continue to actively develop partnerships with Russian vendors. Enterprise customers need to switch to an import-independent stack in a fairly short time. The key task is to ensure the compatibility of the selected solutions. Together with our partners, we offer a reliable and stable software stack, noted Maria Belyaeva, director of product development at the Numerator Laboratory.

A high-quality and timely replenishment of ecosystems RED OS allows you to offer customers an optimal set of Russian tools productions for solving problems of a wide range. This approach helps to ensure a fast and efficient transition to an import-independent stack, said Rustam Rustamov, Deputy General Director of RED SOFT.

Astra Linux Special Edition Compatibility

Astra Group of Companies and the Russian developer of the Laboratory Numerator software have completed compatibility testing of the Astra Linux Special Edition operating system and the domestic environment management platform of the Steering Wheel container orchestra. This was reported on June 13, 2023 in the Astra Group of Companies. Read more here.

Release 2.2 with the ability to scan images of containers based on "Red OS" and Astra Linux

The Laboratory Numerator company on July 6, 2023 presented release 2.2 of the Steering Wheel container management platform. The updated release includes improvements at the level of platform updates, interface, information security and disaster recovery.

As part of release 2.2, a number of updates were implemented:

• Increased the list of infrastructure providers in the automatic deployment of the platform - Bare Metal, vSphere. The update allowed you to automate processes and reduce the cost of maintenance.
• Scanning of container images based on RED OS and Astra Linux is implemented.
• Added display of information from the Information Security Threats Data BankFSTEC of Russia.
• Updated the graphical interface for managing application loads, added the collection of metrics and logs of application software. This allowed you to reduce the labor costs of administrators when working with the system.
• Simplified platform upgrade process to minimize downtime and enable online cluster upgrade.
• Added backup module and implemented cluster configuration recovery to simplify DR building.
• The built-in functionality for information security specialists has been expanded at the level of application software validation policies, role model and interface for the convenience of configuring security policies.

The team of the "Laboratory Numerator" aims to constantly develop its product. We are expanding our partnerships with Russian market players by offering a solution with advanced technical support. As of July 2023, our portfolio already includes several pilot projects with domestic vendors and large Russian companies. Within the framework of the cases being implemented, we promptly make updates, offering a really mature, ready-to-use solution to the market, - said Maria Belyaeva, director of product development at the Numerator Laboratory.

Compatibility with ZIIoT Industrial Data Platform

  The company "Zyfra" announced on March 6, 2023 that it had deployed the software product ZIIoT (Zyfra Industrial IoT Platform) on the domestic system for managing containers "Steering Wheel" from the "Laboratory Numerator." According to the results of the pilot, the joint work of domestic software products was tested. The test results showed the compatibility of solutions, thanks to which it is possible to recommend their joint use for the digitalization of industrial enterprises. ZIIoT and Steering Wheel together provide independence from imported solutions and allow enterprises to reduce the time and resources required to deploy their own IT applications to solve production problems. Read more here.

2022: Market Entry

In the portfolio of solutions IT- the company Jet Infosystems"" appeared "Steering Wheel" - the Russian a management platform containers based on that Kubernetes meets the security and fault tolerance requirements presented by big business and. state organizations The product is registered in (register of Russian software No. 13933). This was reported to Jet Infosystems on October 31, 2022.

The developer of the product is Laboratory Numerator, one of the owners of which is Jet Infosystems (according to the Unified State Register of Legal Entities with a 70% stake since May 2019). The platform was announced by the developers on October 5, 2022.

As of the end of October 2022, Jet Infosystems completed a pilot project industrial in the company, and also conducts several pilots testings in companies oilgas transport and the sector.

Big business continues to develop digital services. As a recent study conducted in Russia showed, 84% of companies will continue digitalization in full or even increase investments in it. As the volume of our own development grows, so does the demand for import-independent container management systems as a necessary platform for microservice applications.

Specialists of Jet Infosystems conducted the first pilot project using the Steering Wheel in an industrial company: they placed industrial software on the platform and checked its performance. As a result, it was possible to preserve all the functions necessary for the customer, which were previously provided by the western orchestration platform on which the software worked.

We have accumulated a lot of expertise on the implementation of container platforms and know what kind of opportunities our customers need. The SteeringWheel platform is not a copy of OpenShift or Tanzu. But it has exactly the functionality that is 100% in demand: more flexible configuration management of system services, management using the REST API, as well as support for Open Source and domestic operating systems Astra Linux, ROSA and RED OS. This is exactly what the market needs now, "said Yuri Semenyukov, head of the infrastructure solutions department at Jet Infosystems.

The functionality of the SteeringWheel includes the creation and management of container orchestration clusters, network access to application services and access to cluster resources based on the role model. Also, using the platform, you can monitor the state of the system components of clusters and application services, configure various configurations taking into account the requirements of information security.

There is a severe shortage of IT specialists in the market, and this gives rise to the need for companies in ready-made container management solutions. They are especially needed by large customers developing the On-premium infrastructure with a large number of clusters that need to be centrally managed, - said Maria Belyaeva, director of product development at the Numerator Laboratory. - With our platform, thanks to high automation, companies will be able to focus on creating digital products and not waste time adapting, operating and supporting the platform.