Spectro Cloud Palette Edge improvements increase security in edge Kubernetes environments

0

Spectro Cloud announced a new suite of Edge features including a secure “immutable” stack and a new Hardened Edge Kubernetes distribution.

Kubernetes at the Edge has attracted the interest of companies around the world trying to improve competitiveness and agility. To date, however, K8s on the edge has not realized its true potential. Why? A study by Dimensional Research found that 72% of Kubernetes users say, “It’s too difficult to deploy and manage Kubernetes on edge devices.”

The Palette Edge platform, first launched in March 2022, has earned Spectro Cloud recognition as a 2022 Gartner Cool Vendor in Edge Computing, solving this problem and enabling organizations to redefine how cost-effective they are running Edge K8s clusters Deploy and manage at scale, including in locations with small form factor devices, with no on-site IT skills and marginal connectivity.

Palette Edge offers continuous upgrades due to its A/B OS partition, resilient multi-node design, and support for ARM and x86 architectures, including Intel’s Trusted Platform, even in single-server Edge deployments without downtime and patch management module (TPM).

Palette Edge derives its functionality from Spectro Cloud’s core Palette platform, which enables enterprises to manage K8s clusters throughout their lifecycle across public clouds, virtualized or bare metal data centers, and edge locations.

Extending the Cloud Native Computing Foundation (CNCF) Cluster API, Palette enables IT teams to model their full Kubernetes stacks from operating system to application in a true declarative model by creating project-curated, reusable cluster profiles and At the same time, systems, K8s distributions and tools from the broad K8s ecosystem offer a selection of operating options.

Palette is built to scale, offering centralized and automated management combined with decentralized orchestration and policy enforcement—together enabling virtually unlimited scaling from a few to tens of thousands of clusters.

Palette Edge extends this core foundation of Palette and adds security, visibility and usability features, setting a new industry standard for deploying and centrally managing Edge K8s at scale, lowering total cost of ownership and risk for organizations of all sizes that expand to the edge.

Palette Edge is purpose-built to support key industry use cases including IoT device management and orchestration, data ingestion, streaming, analytics and AI inference.

“We see Edge as a game changer to help clinicians achieve better patient outcomes by bringing technology closer to the user,” said Vignesh Shetty, SVP & GM Edison AI and Platform at GE Healthcare Digital. “The need for a secure, cost-effective approach to managing Kubernetes at the edge at scale is more relevant than ever.”

The new Palette Edge addresses the top priorities for Edge K8s users with:

Security for Kubernetes at the edge: Spectro Cloud research has found that security is the number one concern when adopting Edge Kubernetes.

Edge Kubernetes devices deployed in remote, unmonitored locations are particularly vulnerable to intentional tampering and unintentional configuration drift when their operating system, distribution, and other software elements become noncompliant through ad hoc configuration changes.

Palette Edge now enables operations teams to create highly secure configurations for edge devices, including their preferred Kubernetes distribution and underlying operating system, which, once deployed, become immutable, read-only and unmodifiable by the application user, just like the firmware on a smartphone. The now immutable stack also allows for continuous upgrades without downtime due to a resilient deployment design.

Range of extended Kubernetes Edge (PXK-E): This new edge-optimized Kubernetes distribution version of Spectro Cloud’s CNCF upstream Kubernetes distribution is now available to all Palette customers.

PXK-E includes Palette’s new immutability capability along with NIST 800 security hardening. It is certified with 50+ native open source and commercial cloud integrations, providing high availability and continuous upgrades with zero downtime, even in single-server configurations.

With Palette Edge, organizations can choose the PXK-E distribution or Palette-optimized versions of any other K8s distribution verified and supported by Spectro Cloud.

A NOC-like dashboard: Now organizations scaling to thousands or tens of thousands of edge devices have the ability to manage their fleet more easily and with greater control than ever before.

Palette Edge’s Network Operations Center (NOC)-like dashboard provides an intuitive user experience with live status for important events, as well as advanced capabilities to filter, tag, and drill down clusters by location, status, or other attributes. Importantly, operators can define powerful workflows for managing clusters with almost limitless possibilities: for example, they can phase the deployment of cluster updates by location for canary tests, or schedule patches to follow the sun.

Edge device onboarding: In Edge Kubernetes projects, organizations can find deploying new devices in remote locations incredibly problematic; expensive truck rolls are often required for field service technology.

Palette Edge makes it easy for non-experts to spin up a new device and add it to a managed cluster using a variety of methods such as: B. via the Palette Edge user interface, using its open API, the Spectro Cloud Terraform provider or by simply scanning a QR code on the Edge device itself.

The features provided in this new Palette Edge version reflect real customer needs of K8s on the edge. To address them and also contribute to the broader cloud-native community, Spectro Cloud is now leading an open-source project that provides resilient immutability at the edge: Kairos.

This is another example that demonstrates Spectro Cloud’s continued commitment to fostering innovation as a member of CNCF and Linux Foundation, and contributing to large-scale Kubernetes ecosystem projects such as Cluster API and the Cluster API Provider for Canonical MAAS.

These new capabilities are available in Spectro Cloud’s Palette Edge Edition, further positioning Palette as the first choice for enterprises running Kubernetes at scale at the edge, enabling them to bring modern applications and data close to their end users.

Palette Edge customers are already realizing benefits by eliminating otherwise-necessary on-site technical visits to edge locations, which can result in up to a 90% reduction in operational costs.

“A key use case for 5G edge computing is ultra-low latency, mission-critical workloads. This means that cybersecurity is a fundamental principle for Edge and not an afterthought. Spectro Cloud delivers a customer solution for delivering modern apps at the edge that easily integrate with end-to-end zero trust architectures,” said Dr. Ken Urquhart, Global Vice President, 5G at Zscaler.

“This brand new set of features makes Edge K8s locations as easy as cloud for our customers,” said Tenry Fu, co-founder and CEO of Spectro Cloud.

“With a platform that can scale to tens of thousands of edge locations, requirements such as security, resiliency and ease of use can change the game, and that’s what we’ve focused on in the latest release. At Spectro Cloud, we’re passionate advocates of the innovations emerging from the open source community, and we couldn’t be more excited to partner with some of the most exciting projects to deliver some of these new capabilities,” continued Fu.

Share.

Comments are closed.