The Run Up to KubeCon: Easing the Burden of Security and Infrastructure Management
By: Chris Rosen
Enhancing enterprise deployments on Kubernetes
The number of Kubernetes workloads in production continues to rise across public, hybrid, and private cloud implementations. This is why, at IBM, mission-critical production workloads for Watson and Blockchain platforms run on the publicly managed IBM Cloud Kubernetes Service. Building upon that foundation, IBM has recently announced several services to enhance enterprise deployments on Kubernetes, easing the burden around security and infrastructure management.
These announcements strengthen IBM’s strategy to help clients rapidly drive cloud adoption across multiple cloud environments, highlighted by recent multicloud offerings and the pending acquisition of Red Hat. In the same vein, the IBM Cloud Kubernetes Service helps developers manage containerized applications with interoperable tools and portability.
In the run up to KubeCon, we announced new capabilities to ease Kubernetes operations and improve security across multiple cloud architectures.
Operations: Automated and secure
Increasing availability, reducing outages, and scaling to app demands are made possible with managed HA masters for all IBM Cloud Kubernetes Service clusters on IBM Cloud. Further scaling of storage and compute resources are extended with the new additions of IBM Cloud Databases now for Elasticsearch, etcd, and RabbitMQ. These new features are backed up by the resiliency of IBM’s data centers and multi-zone regions, which continue to expand to new locations around the world to provide the highest availability of workloads and geographical reach for developers.
With IBM Cloud DevOps Insights, software teams can now leverage advanced analytics to derive insights about their DevOps process with data mined from their toolchain, including IBM, third-party, and open-source tools. With this industry first, you can aggregate, test, build, and deploy application data into a single dashboard to automate policies, speed reviews, analyze risk, and improve how teams code together.
Keeping security at the forefront, IBM announces the IBM Cloud Security Advisor, a dashboard to enable centralized security management. Security Advisor analyzes vulnerabilities and network data plus application and system findings from IBM Services, partners, and user-defined sources. By centralizing security and enabling drill down to resolution, Security Advisor empowers an organization’s security admin to manage security on IBM Cloud, including information from cutting-edge container security partners like NeuVector.
Because workloads have a range of compliances to adhere to across highly regulated industries, the IBM Cloud Kubernetes Service implemented regulation controls for the Health Insurance Portability and Accountability Act (HIPAA), ISO, SOC1, and SOC2 requirements. Now, governed industries and sensitive workloads can stay compliant, regardless of the deployment model, with the ease of a unifying architecture.
Services to help organizations that work with sensitive data or in highly regulated industries
IBM also announced the following services to help organizations that work with sensitive data or in highly regulated industries.
Runtime Memory Encryption: IBM Data Shield enables users to run containerized applications in a secure enclave on IBM Cloud Kubernetes Service worker nodes. It can encrypt data in use anytime a user has a sensitive workload that requires runtime encryption and provide detailed visibility into the node security attributes to ensure compliance. IBM Cloud Data Shield is powered by the Fortanix Runtime Encryption platform, Intel ® SGX technology, and includes secure enclave enabled containers for MySQL, NGINX, and Vault.
Database-as-a-Service for sensitive data: IBM is announcing the beta of Hyper Protect DBaaS, which provides industry-leading data confidentiality that allows data owners to have complete control over their data by preventing cloud operator access, and is backed by unparalleled vertical scale and performance. This service allows customers to provision and manage highly secure, high-volume databases (PostgreSQL and MongoDB EE) on IBM Cloud without the need for specialized database skills through standard APIs to provision, manage, maintain, and monitor multiple database types.
Check us out at KubeCon
To learn more about how IBM Cloud Kubernetes Services is enabling enterprise deployments securely and easily across multiple cloud environments, see what we’re doing at KubeCon this week.