Google Revs Container Engine for Security & Enterprise Apps
Google has introduced new security features for its Google Container Engine, a Kubernetes-based cloud service for orchestrating containers. The service is also getting scalability, extensibility and hybrid networking features to appeal to enterprises and developers.
Google Container Engine (GKE) has been designed from its launch last year to provide a secure and reliable environment for containerized workloads managed by Kubernetes, Aparna Sinha, Google group product manager for Kubernetes and Google Container Engine, tells Enterprise Cloud News. For security, GKE runs the Container-Optimized OS, based on Chromium, which is developed by Google and which is kept up-to-date to protect against vulnerabilities. Google provides uptime and service level availability guarantees to automatically manage clusters, a has a team of reliability engineers to keep the service up and running.
For enterprise users, Google is "building a roadmap to secure multitenancy," to allow teams to share clusters independently of each other, Sinha says. The previous release had role-based access controls; the new version will have container policies, as well as a node authorizer to isolate nodes from impacting other nodes.
"The combination of those features lays the groundwork for having multiple teams share a node securely without negatively impacting each other," Sinha says.
The new version supports hybrid networking, to allow Kubernetes clusters running on GKE to connect with on-premises workloads running legacy applications or Kubernetes clusters.
Enterprises will be able to add customize Kubernetes and enable third-party business logic without needing to restart the cluster, Sinha says.
For developers, Google is adding capabilities to automate infrastructure so developers don't have to think about allocating resources, Brian Grant, Google principal engineer on Kubernetes and Container Engine, tells Enterprise Cloud News. GKE automatically repairs and replace defective nodes. Automated Kubernetes upgrades will monitor workloads to make sure there's no downtime. And Google will provide improved auto-scaling.
The GKE upgrade follows the open source release of Kubernetes 1.7 last week, according to a post on the Google Cloud Platform blog scheduled to go live 5 a.m. EDT Wednesday. The blog post contains further technical details on GKE.
Kubernetes is key to Google's strategy to gain market share in the enterprise cloud. Google is a distant third in market share, behind Microsoft, which is in turn far behind Amazon. (See AWS Public Cloud Dominance Continues – Report.)
Kubernetes enables workload portability between clouds, and that benefits Google. If cloud workloads move around freely, some of them will move off Amazon and land on Google.
Workload portability was a theme during a discussion at Cloud Foundry Summit recently, when representatives of Google and Microsoft urged enterprises to use open source platforms to standardize capabilities common to all clouds, and then take advantage of proprietary capabilities only available on individual cloud platforms. (See Google & Microsoft Tout Multi-Cloud, but Where's Amazon?.)
In advance of the GKE announcement, Red Hat last week revamped its OpenShift Online as a cloud platform for developers creating containerized applications. (See Red Hat's OpenShift Online Revamped for Containers.)
- Google's Pichai: Cloud's One of Our 'Biggest Bets'
- Google Cloud Spanner Hits General Availability
- How Google Is Challenging Amazon
- Google Espresso: A Shot at Amazon Cloud
- Why Evernote Picked Google Cloud Over Amazon
— Mitch Wagner Editor, Enterprise Cloud News
CALLING ALL CLOUD, NFV AND SDN COMPANIES: Make sure your company and services are listed free of charge at Virtuapedia, the comprehensive set of searchable databases covering the companies, products, industry organizations and people that are directly involved in defining and shaping the virtualization industry.