CoreOS is extending its Tectonic Kubernetes container management and orchestration system with new deployment options and security capabilities. The new capabilities were announced at the CoreOS Fest conference in San Francisco held on May 31 and June 1.
A core theme for CoreOS with the new updates and the overall platform is to enable flexibility and choice for users.
“Cloud services have a big secret—after using the services for a year or two, the bill will be through the roof and you’ll be completely locked in,” Alex Polvi, CEO of CoreOS, told eWEEK.
The lock-in occurs because organizations build applications against a cloud provider’s APIs and proprietary stacks. Polvi said the CoreOS Tectonic platform aims to help enable cloud services without lock-in.
“What we are showing at CoreOS Fest are a set of cloud services that are built completely in software, are completely open and will run in any environment, be it bare-metal or a cloud vendor like Amazon or Microsoft Azure,” Polvi said.
CoreOS released Tectonic 1.6.4, which is based on the latest version of the open-source Kubernetes project. Tectonic 1.6.4 provides enhanced updating and management capabilities that aim to make it easier for organizations to upgrade and deploy services. In addition, CoreOS announced the etcd-as-a-service offering, enabling organizations to benefit from the open-source etcd, a key value data store that powers Kubernetes, in a service model.
“No cloud provider today provides etcd as a service, so ours will be the leading one,” Polvi said.
Cloud lock-in can occur at several levels, including policy configuration and data storage. Polvi explained that in the cloud model there is a control plane, which is how services are provisioned and decommissioned.
“Kubernetes is an open control plane for the cloud, and it has all the policy management components built-in,” he said.
Live Migration
From a data perspective, in the server virtualization world, live migration, which was popularized by VMware’s vMotion technology, is not something that exists in the same way with Kubernetes.
“Live migration is not something we’re focused on,” Polvi said.
Polvi added that at some point every application will fail and go down. As such, the only way to build a service that can run in perpetuity is to have an application and its processes running on more than a single machine.
“Live migration is something that makes sense in a virtual machine world, but in an application-focused world, which is what containers are all about, that’s not what we want,” he said. “We want to force you to feel the pain of an application going down, so you have the automation process in place to be able to handle the situation.”
Security
On the security front, CoreOS announced version 2.0 of its open-source Clair container vulnerability scanning technology. The company first announced the Clair project in November 2015, and the technology reached its 1.0 level in March 2016.
The Clair 2.0 release improves on its predecessors, with new capabilities that provide visibility into the base images on which container applications are built. The market for container security technologies has become increasingly competitive in recent years, with technologies from Twistlock, Aqua Security and Docker Inc. among other options.
“We have been happy to see a whole ecosystem of container security emerge,” Polvi said. “It just helps to give buyers more confidence when there are more solutions out there.”
CoreOS does not sell Clair as a stand-alone commercial service; instead, it is integrated with CoreOS’ Quay container repository platform.
Funding
As a business, CoreOS has raised $48 million in venture funding to date, including a $28 million Series B round that was announced in May 2016.
“As CEO of the company, I have been really focused on bringing up our sales and things are really working well,” Polvi said. “Business is good.”
Even with the strong business growth, Polvi noted that all new enterprise technology vendors consume a lot of capital to get going.