Spectro Cloud Palette Edge Enhancements Strengthen Security in Kubernetes Edge Environments

Spectro Cloud announced new Palette Edge features, including an “immutable” secure stack and a new hardened Kubernetes distribution.

Kubernetes at the Edge has captured the interest of enterprises around the world as they seek to improve their competitiveness and agility. To date, however, the K8s on the periphery have failed to realize their true potential. Why? A study by Dimensional Research found that 72% of Kubernetes users actually said, “It’s too difficult to deploy and manage Kubernetes on edge devices.”

The Palette Edge platform, first launched in March 2022, earned Spectro Cloud recognition as Gartner Cool Vendor in Edge Computing 2022 for solving this problem, enabling organizations to redefine the cost-effectiveness of deploying and managing large-scale Edge K8 clusters, including sites with small form factor devices, no onsite IT skills, and marginal connectivity.

Palette Edge offers remote troubleshooting, non-downtime continuous upgrades, and patch management, even in single-server edge deployments, thanks to its A/B OS partition, multi- nodes and support for ARM and x86 architectures, including Intel’s Trusted Modular Platform (TPM).

Palette Edge draws its functionality from Spectro Cloud’s core Palette platform, which enables organizations to manage K8 clusters throughout their lifecycle, in public clouds, virtualized or bare metal data centers, as well as peripheral locations.

Through an extension of the Cloud Native Computing Foundation (CNCF) Cluster API, Palette enables IT teams to model their complete Kubernetes stacks, from operating system to application, in a true declarative model, creating reusable, project-organized cluster profiles while providing a choice of operating systems, K8s distributions, and tools from the vast K8s ecosystem.

Palette is designed to scale, offering centralized and automated management combined with decentralized orchestration and policy enforcement, enabling virtually infinite scale from a few to tens of thousands of clusters.

Extending this core Palette foundation, Palette Edge adds security, visibility, and usability features, setting a new industry standard for the deployment and centralized management of K8 Edges at scale, reducing the total cost of ownership and risk for organizations of any size that stretch to the periphery.

Palette Edge is purpose-built to support key industry use cases including IoT device management and orchestration, data ingestion, streaming, analytics, and analytics. AI inference.

“For us, edge is a catalyst to help clinicians achieve better patient outcomes by deploying technology closer to the user,” said Vignesh Shetty, SVP & GM Edison AI and Platform at GE Healthcare Digital. “The need for a secure and cost-effective approach to managing Kubernetes at the edge at scale is more relevant than ever.”

The new Edge Palette addresses the top priorities of Edge K8 users with:

Security for Kubernetes at the Edge: Spectro Cloud research found that security is the #1 concern when adopting Kubernetes at the edge.

Edge Kubernetes devices deployed in unattended remote locations are particularly vulnerable to deliberate tampering and unintended configuration drift, where their operating system, distribution, and other software elements are no longer compliant through configuration changes ad hoc.

Palette Edge now enables operations teams to create highly secure configurations for edge devices, including their preferred Kubernetes distribution and underlying operating system, which when deployed become immutable, read-only, and unmodifiable by the user of the application, just like the firmware of a smartphone. The now immutable stack also enables continuous upgrades without downtime, thanks to a fail-safe deployment design.

eXtended Kubernetes Edge (PXK-E) palette: This new edge-optimized Kubernetes distribution version of the Spectro Cloud CNCF upstream Kubernetes distribution is now available to all Palette customers.

PXK-E incorporates Palette’s new immutability capability, as well as NIST-800 security hardening. It is certified for over 50 open source and commercial cloud-native integrations and offers high availability and zero-downtime upgrades, even in single-server configurations.

With Palette Edge, companies can choose the PXK-E distribution or Palette-optimized versions of any other K8s distribution, verified and supported by Spectro Cloud.

A NOC type dashboard: Now organizations growing to thousands or tens of thousands of edge devices have the power to manage their fleet more easily and with greater control than ever before.

Palette Edge’s Network Operations Center (NOC)-like dashboard provides an intuitive user experience with live status for key events, plus advanced functionality to filter, tag, and explore clusters by location, status, or other attribute . Importantly, operators can define powerful workflows for managing clusters, with nearly endless possibilities: for example, they can stagger deployments of cluster updates by location for canary testing, or schedule patches to follow the Sun.

Edge device integration: In Edge Kubernetes projects, organizations can find deploying new devices in remote locations extremely problematic; often expensive engineering truck trips to the field are required.

Palette Edge allows non-technical personnel to easily power up and onboard a new device into a managed cluster, using a variety of methods, such as Palette Edge’s user interface, using its open API, the Spectro Cloud Terraform provider or by simply scanning a QR code on the edge device itself.

The features provided in this new version of Palette Edge reflect the actual requirements of K8 edge customers. To address this and also contribute to the broader cloud-native community, Spectro Cloud is now leading an open-source project that provides fail-safe immutability at the edge: Kairos.

This is another example of Spectro Cloud’s continued commitment to fostering innovation as a member of the CNCF and the Linux Foundation, contributing to major Kubernetes ecosystem projects such as the Kubernetes API. cluster and the cluster API provider for Canonical MAAS.

These new features are available in Spectro Cloud’s Palette Edge Edition and further position Palette as a choice for organizations running Kubernetes at the edge at scale, allowing them to bring modern applications and data closer to their end users.

Palette Edge customers are already realizing benefits by avoiding otherwise required field engineering visits to edge locations, which can result in up to 90% reduction in operational costs.

“A key use case for 5G Edge Compute is critical ultra-low latency workloads. This means cybersecurity is a core tenet for Edge, not an afterthought. Spectro Cloud provides a customer solution for deployment of modern edge applications that can easily integrate into end-to-end Zero Trust architectures,” said Dr. Ken Urquhart, Global Vice President, 5G at Zscaler.

“This brand new set of features makes edge K8 locations as easy as a cloud for our customers,” said Tenry Fu, co-founder and CEO of Spectro Cloud.

“With a platform that can scale to tens of thousands of edge locations, requirements like security, resiliency, and ease of use can be game-changing, and that’s been our goal in the last At Spectro Cloud, we are committed champions of innovation from the open source community, and we couldn’t be more excited to partner with some of the most exciting projects to deliver some of these new capabilities.” , Fu continued.

About Alma Ackerman

Check Also

Tough roster decisions await LAFC as it sorts through player contracts

Tough roster decisions await LAFC as it sorts through player contracts

The eventual MLS Cup champion LAFC celebrates after their victory over Austin FC in the …