Solo.io made available a 1.0 release of the enterprise edition of an ingress controller and application programming interface (API) gateway specifically designed for Kubernetes environments.
Based on open source API Gateway software dubbed Gloo, the enterprise edition of the API Gateway adds a web application firewall (WAF), data loss prevention (DLP) capabilities to address compliance requirements, support for LDAP directories and role-based access controls.
The enterprise edition of Gloo 1.0 also provides access to a management console to manage APIs and monitor service levels between them.
Solo.io CEO Idit Levine says the fundamental difference between the core Gloo open source project and the enterprise edition sold by Solo.io will be the security capabilities the company provides on top of the core API gateway, which deploys alongside the Envoy proxy server widely employed in Kubernetes environments. Eventually, WAFs will become embedded into every API gateway, Levine notes, but currently they are being deployed only sparingly in support of monolithic applications by a relatively small number of IT organizations.
API Gateways in Kubernetes environments are a complement to service meshes that many organizations use to manage and govern API-based services within a cluster. The API gateway provides similar capabilities between a Kubernetes cluster and external APIs by integrating with the custom resource definitions (CRDs), otherwise known as APIs, that Kubernetes clusters expose with legacy applications and serverless computing frameworks.
In general, API management is more complex to manage in a Kubernetes environment because services are being added and updated more frequently than in monolithic application environments. IT organizations require a more structured approach to managing APIs independent of the code they’re designed to integrate. In fact, as API management continues to be subsumed into the world of DevOps, responsibility for managing APIs continues to shift. Developers still create APIs, but the ongoing management of those APIs tends to now be integrated within a larger set of DevOps processes.
It’s not clear how much organizations will look to replace their existing API management platforms with one that runs natively on Kubernetes clusters. However, there should be plenty of greenfield opportunities for API management among organizations that don’t have much in the way of legacy investments. Gloo is specifically designed to be deployed by DevOps teams that need a decentralized way to manage APIs within a highly dynamic Kubernetes environment that makes use of the open source Envoy proxy server.
As more Kubernetes clusters are deployed in production environments, the higher API management issues on cloud native platforms are likely to rise on the IT agenda, especially among cybersecurity teams that are concerned APIs have become a major attack vector for cybercriminals. In fact, as more cybersecurity professionals focus on APIs, it’s only a matter of time before emerging DevSecOps processes start to revolve around the API management platform being employed.