Open-Source Cloudify Delivers Multi-Stack Interoperability for Kubernetes & Robust
Security, Bridging the Gap Between
Application & Network Virtualization

Version 4.2 now shipping with native Kubernetes provider, better user governance, multi-tenancy, SSO, and new Insights-as-a-Service

Orchestration, a market estimated to grow to US$14 billion by 2021, is emerging as a preferred path to cloud management for service providers and enterprises looking for self-service application and network provisioning and optimal resource utilization and control. The latest version of the open-source Cloudify orchestration software makes big strides toward giving both major user groups—service providers and enterprises—the features they need to orchestrate the most demanding cloud applications and network services without compromising on robust security.

Cloudify is an open-source orchestration platform and a widely deployed, production-grade implementation of the TOSCA standard. It offers management and automation of both applications and network services in heterogeneous environments, as well as distributed management through clustered management. Cloudify delivers fine-grained role management, with tenancy and access control built in to enable full control. It includes self-service capabilities enabling historical analysis of resource usage, providing deep and intelligent insights about performance and cost.

Cloudify 4.2 launches at Kubecon/CloudNativeCon in Austin with features to serve enterprises and service providers looking to make the transition to virtualized and cloud-native infrastructure. Organizations are now able to do so without compromising on security and regulatory demands.

The new version delivers this with features such as:

• production-grade, role-based access control (RBAC)
• single sign-on (SSO)
• lightweight directory access protocol (LDAP) integration
• multi-tenancy, standard support through the pure ARIA TOSCA plugin
• interoperability and cross-cloud functionality through the new Kubernetes provider plugin
• cost and performance optimization through the new Insights-as-a-Service

New Highlights

• Integration with Kubernetes // Cloudify 4.2 makes Kubernetes, the default open-source Linux container management software, interoperable with the rest of the world through a native multi-stack and multi-cloud provider written in Go.
• Security features // The new version offers hardened multi-cloud security with RBAC and enhanced network security through advanced multi-tenancy, security assertion markup language (SAML) authentication and LDAP support, including the popular SSO platform Okta.
• Governance and control features // Cloudify 4.2 offers improved cloud governance with RBAC, which helps reduce the risks of issues like data breaches, data being written to the wrong availability zone or cost overruns. Cloudify orchestration technology sits between the application and the infrastructure. This enables control of not only who gets access to which resources but also how resources are used for specific applications.

Templates are available for different roles depending on the degree of access and control needed for the business case.

• The new Insights-as-a-service provides utilization and cost analysis allowing IT operators to gain better control and visibility over the overall utilization per user and application deployment.
• UI features // An improved user interface is now open sourced into the community edition, offering templates and custom widgets, the Composer (a drag-and-drop interface for creating YAML templates) baked in, and two-way template Composer editing.

The Importance of Cloud Native Support

The new version supports custom infrastructure for Kubernetes, offering the ability to reimplement without rewriting multiple instances on the same cluster. This makes interoperability possible with other stacks and pre-existing stacks. Now everyone—and not just developers—can manage complex Kubernetes clusters.

Some additional real-world examples of how the Cloudify Kubernetes plugin is being deployed:

• Service function chaining of virtual network functions (VNFs) such as URL filtering, UTM, vRouter and vFirewall connecting to applications running on Kubernetes
• Cloud Native Hybrid Stack use case—running a Quagga router on Kubernetes, and a VNF firewall running on a Linux virtual machine (VM) on OpenStack
• Instantiating VMs on Amazon Web Services (AWS) and Google Cloud Platform (GCP) via Cloudify Manager, and leveraging the Kubernetes plugin to run workloads on Google Container Engine (GKE)

Enterprises and service providers are transitioning into cloud and adopting common frameworks and practices to manage their cloud services. Nati Shalom, co-founder and CTO of Cloudify observes, “There are still many challenges to make those frameworks interoperable with existing environments and allow better control and governance. Cloudify 4.2 comes with Kubernetes providers that allow interoperability with multi-cloud and multi-stack environments, new security features that allow better control as to how the cloud infrastructure is used, and new insights-as-a-service that adds utilization and cost insights. It also improves network security by allowing applications to create their own private network and firewall rules as part of the application lifecycle.”

Partner Quotes

“Service providers who want to transition to NFV and fully virtualized environments are seeing challenges with adopting modern cloud practices while integrating existing network infrastructure and delivering carrier-grade solutions. Cloudify's integration with pure TOSCA and Kubernetes coupled with Tech Mahindra's end-to-end solutions, being applied in the real-world at leading telcos such as Proximus, has built a robust partnership with a unique capability to deliver a carrier-grade solution today, while maintaining future compatibility to integrate with industry standards such as ONAP tomorrow.”
—Manish Singh, Network Services, Tech Mahindra

“The relationship between Aptira and Cloudify began focused on a specific project to maximize the utilization and reduce costs of a large carrier's MPLS network. The success of this project enabled Aptira to expand upon this into additional projects including IT, involving the new Cloudify capabilities for supporting Kubernetes and hardened security on OpenStack and VMware. The new support being shipped will enable additional adoption of the open orchestration concept, bridging the networking world and IT through a common orchestration platform.”
—Roland Chan, COO, Aptira