I’m excited that Oracle Cloud Infrastructure (OCI) is sponsoring and participating in this year’s Kubecon + CloudNativeCon EU in Valencia, Spain. There, the OCI team can answer any questions that you have about modernizing your applications and demo how customers can use cloud services to build and manage modern applications in the most cost-performant way.
Oracle is a platinum member of the Cloud Native Computing Foundation (CNCF) with commitment to the open source community and simplifying cloud native application development. OCI Cloud Native services are built on CNCF open source standards, including 100% upstream compatible Kubernetes, CloudEvents, and more.
Oracle continues to innovate and deliver other features to make it easier for customers to build and operate mission-critical modern apps at scale. We have the following recent launches:
OCI Service Mesh
OCI Service Mesh is a free, managed service that provides security, observability, and network traffic management for your microservices without requiring any changes to the applications. This fully managed service makes implementing these capabilities simple for any organization, regardless of size. OCI Service Mesh provides a highly resilient central management layer and a proxy component that enables communication between the microservices and the management layer.
The proxy is based on Envoy, the widely used open source proxy component. When you add a mesh to your application, it automatically injects the proxy in front of each microservice to manage the traffic. Customers using OCI Service Mesh benefit from improved developer productivity, operational efficiency, end-to-end visibility, secure workloads, and dynamic connection of their microservices.
Kubernetes Cluster API provider for OCI
Cluster API is a Kubernetes subproject focused on providing declarative APIs and tooling to simplify provisioning, upgrading, and operating multiple Kubernetes clusters. OCI support for Cluster API enables cluster administrators to get more control of configuration and software installed in clusters and standardize the approach to managing clusters across multiple clouds and on-premises. Cluster API is integrated with OCI services, offering broad Compute shape support and integration with networking and security services. It also offers an integration point for third-party Kubernetes management tools.
Enhanced security features for Kubernetes
OCI offers a managed Kubernetes service, Oracle Container Engine for Kubernetes (OKE). OKE is built with security, flexibility, and high performance in mind. OKE makes it easier to achieve end-to-end security for your infrastructure and applications, while remaining compliant with the security technical implementation guides (STIGs) and regulatory compliance.
Customers can use OKE with fully private clusters restricting the Kubernetes API endpoint to an on- premises network or a bastion host. They can also harden network access using network security rules and control access to the clusters using role-based access control (RBAC) integrated with OCI Identity and Access Management (IAM) service.