Aporeto’s Partnership with VMware Cloud PKS (formerly VKE)

By: Amir Sharif 04.15.2019
Aporeto’s Partnership with VMware Cloud PKS (formerly VKE)

VMware Cloud PKS is a fully managed Kubernetes-as-a-Service offering in the growing VMware Cloud Services SaaS portfolio. PKS is cost-effective, easy to use, and is available on AWS. So of course, we made sure PKS integrates seamlessly with Aporeto.

PKS is differentiated on three core value propositions:

  • The first is VMware Smart Cluster™, which eliminates the need for pre-provisioned nodes by automating the selection of compute resources, optimizing for deployed application usage, reducing customer cost, and improving capacity planning. The VMware Smart Cluster is a fully CNCF compliant Kubernetes that implements best practices for security and high-availability in the public cloud.
  • PKS has a simple tree structure to ease the management of clusters by organizing resources into logical containers and applying consistent access policies on containers (nodes of the tree), inheriting those recursively through the tree and into the Kubernetes RBAC itself.
  • The distributed control plane of PKS is multi-cloud ready and designed for Kubernetes application portability across public clouds, giving you the freedom to deploy on any or all supported cloud providers.  

Diagram to show Aporeto's integration with VMware Cloud PKS

Aporeto’s Security Offering

Aporeto’s security offering is built with similar value propositions. Firstly, Aporeto works based on intent-based policies, or policies that describe the desired network security policy of your application at runtime. Secondly, Aporeto offers a namespace hierarchy, where policy can be ascribed on any level in the hierarchy and propagated downward as immutable rules. Thirdly, Aporeto decouples security from the infrastructure, allowing the customer to have uniform and portable policies in a multi-cloud environment.

You can learn how to easily enforce network and service layer access policies in your PKS cluster with Aporeto. You may extend these policies in a multi-cloud environment and extend them to legacy workloads without any network configuration or code modification. To learn more, visit the VMware Solution Exchange, or VSX, and search for “Aporeto.” You may get more information on Aporeto by reading the Aporeto blog and signing up for a trial account. Besides visualizing and securing your PKS workload, you can also connect your private cloud workload to your Aporeto account and view your distributed application’s end-to-end operations centrally.

Recent Posts Simple by design; Automating per-namespace isolation with Aporeto and OpenShift Five Things to Check Out at VMworld 2019 and Visit While in San Francisco The Evolution of the Serverless Era (and redefining security to keep up)