VMware Cloud PKS is a fully managed Kubernetes-as-a-Service offering in the growing VMware Cloud Services SaaS portfolio. PKS is cost-effective, easy to use, and is available on AWS. So of course, we made sure PKS integrates seamlessly with Aporeto.
PKS is differentiated on three core value propositions:
- The first is VMware Smart Cluster™, which eliminates the need for pre-provisioned nodes by automating the selection of compute resources, optimizing for deployed application usage, reducing customer cost, and improving capacity planning. The VMware Smart Cluster is a fully CNCF compliant Kubernetes that implements best practices for security and high-availability in the public cloud.
- PKS has a simple tree structure to ease the management of clusters by organizing resources into logical containers and applying consistent access policies on containers (nodes of the tree), inheriting those recursively through the tree and into the Kubernetes RBAC itself.
- The distributed control plane of PKS is multi-cloud ready and designed for Kubernetes application portability across public clouds, giving you the freedom to deploy on any or all supported cloud providers.
Aporeto’s Security Offering
Aporeto’s security offering is built with similar value propositions. Firstly, Aporeto works based on intent-based policies, or policies that describe the desired network security policy of your application at runtime. Secondly, Aporeto offers a namespace hierarchy, where policy can be ascribed on any level in the hierarchy and propagated downward as immutable rules. Thirdly, Aporeto decouples security from the infrastructure, allowing the customer to have uniform and portable policies in a multi-cloud environment.
You can learn how to easily enforce network and service layer access policies in your PKS cluster with Aporeto. You may extend these policies in a multi-cloud environment and extend them to legacy workloads without any network configuration or code modification. To learn more, visit the VMware Solution Exchange, or VSX, and search for “Aporeto.” You may get more information on Aporeto by reading the Aporeto blog and signing up for a trial account. Besides visualizing and securing your PKS workload, you can also connect your private cloud workload to your Aporeto account and view your distributed application’s end-to-end operations centrally.