Spectro Cloud Strengthens Kubernetes Security at the Network Edge

Spectro Cloud has updated its Palette Edge platform with the option to include a distribution of Kubernetes optimized for the network edge.

The latest version also adds tamperproof security capabilities for immutable Kubernetes deployments at the edge along with other tools to ensure security. At the core of that capability is Kairos, an open source project launched by Spectro Cloud that makes it possible to build immutable, bootable images for operating systems and distributions of Kubernetes.

Spectro Cloud CEO Tenry Fu says Palette eXtended Kubernetes Edge (PXK-E) provides IT teams with a hardened distribution of Kubernetes managed via the same centralized control plane Spectro Cloud employs to manage Kubernetes instances on-premises or in the cloud. Once PXK-E is deployed, an immutable, read-only and unmodifiable instance of the platform is created, he says.

IT teams can still use any preferred distribution of Kubernetes at the edge in concert with Palette, but there is a need for PXK-E. As more Kubernetes clusters are deployed in remote unmonitored locations, there’s greater risk they could be physically accessed by a wide range of potential threat actors, notes Fu.

The Spectro Cloud dashboard makes it possible to also track the status of key events along with the ability to filter, tag and drill down to clusters by location, status or other attributes. IT teams can, for example, create workflows to phase deployments of cluster updates by location. IT teams can also onboard a cluster to a network using either the Palette Edge user interface, an open application programming interface (API), dubbed the Spectro Cloud Terraform provider, or by scanning a QR code.

It’s not clear just yet how quickly Kubernetes clusters are being deployed at the network edge. But as more data is being processed and analyzed at the point where it is being created and consumed, interest in employing Kubernetes as the foundation layer for edge computing has increased. The challenge is that managing Kubernetes is challenging in the absence of a platform designed to simplify both deployments and ongoing updates.

A recent survey commissioned by Spectro Cloud found 86% of respondents note that Kubernetes challenges are increasing exponentially. IT teams faced with remotely managing fleets of Kubernetes clusters deployed at the network edge might find themselves especially challenged.

Regardless of how many Kubernetes clusters there are deployed at the network edge, securing those platforms will be a high priority. Each of those platforms is likely to be processing sensitive data and is also a potential target through which malware can laterally move should a Kubernetes cluster be compromised. It’s only a matter of time before security and compliance teams start asking challenging questions about how to achieve and maintain the integrity of those instances of Kubernetes.

The goal, as always, is to seamlessly integrate security and IT operations in a way that not only reduces friction but also contains the total cost of deploying and managing Kubernetes clusters at the edge.

Mike Vizard

Mike Vizard is a seasoned IT journalist with over 25 years of experience. He also contributed to IT Business Edge, Channel Insider, Baseline and a variety of other IT titles. Previously, Vizard was the editorial director for Ziff-Davis Enterprise as well as Editor-in-Chief for CRN and InfoWorld.

Mike Vizard has 1605 posts and counting. See all posts by Mike Vizard