A SaaS-first Kubernetes Operations Platform with enterprise-class scalability, zero-trust security and interoperability for managing applications across public clouds, data centers & edge.

SaaS First¶

Realize all the benefits of the cloud including instant scalability, automatic updates and the lowest TCO for Kubernetes management with a SaaS-first Kubernetes Operations Platform (KOP). Companies requiring air-gapped deployments for compliance and regulatory reasons can deploy the KOP controller on-premises.

Multi-Tenancy¶

Every enterprise has multiple teams, business units and sometimes even multiple production environments. Single cluster, Kubernetes cluster level multi tenancy using namespaces does not work for multi cluster and complex organizations.

Organizations¶

Enterprises can optionally use completely separate Orgs (aka tenants) ensuring complete isolation. Authorized users can seamlessly switch between different Organizations with the click of a button. An Org can host multiple projects.

Projects¶

Enterprises can use Projects to implement "isolation boundaries" within their organization across "different operating environments", "different business units" etc. A project can host multiple Kubernetes clusters.

Zero Trust Architecture¶

The controller does not require inbound access to Kubernetes clusters running in your infrastructure for anything. As a result, organizations do not need to poke holes in firewalls or set up SSH access or reverse-tunnels for provisioning, ongoing operations and troubleshooting.

Mutual Authentication¶

Nothing is implictly trusted. All communication is performed over mutually authenticated, strongly encrypted communication channels.

Fine Grained RBAC¶

Support for fine grained roles providing the means for organizations to manage "who can access what"

Separation of Duties¶

Organizations can establish and implement clear separation of duties across functions.

MFA and SSO¶

Seamless integration with enterprise-class MFA and Identity Providers (IdPs) such as Okta, Ping One, AzureAD etc ensuring users are strongly authenticated before they can access the clusters

Zero-Trust Kubectl¶

Empower operations and development teams to easily access clusters via kubectl while complying with regulatory and governance requirements -- enforced via easy RBAC configuration. All access is audited, and DOES NOT require inbound firewall rules.

Audit Trail¶

An audit trail is maintained for every action performed by authenticated and authorized users. Organizations can optionally sync the audit logs with their preferred SIEM platform such as Splunk etc. to provide security teams with the visibility they require.

Fleet Management¶

Why manage clusters one by one? It is time-consuming and prone to errors that result in non-standard environments. You can now manage your fleet of Kubernetes clusters in one place. Create, deploy, operate, monitor, upgrade and retire 1 or 1,000+ clusters just as easily across any number of multiple, heterogeneous regions, clouds and environments.

Multi-Cluster Management¶

Deploy, manage and upgrade your Kubernetes clusters from a single console across all of your on-premises, bare metal, cloud, and edge environments.

Automated Lifecycle Management¶

Users can quickly provision and start using CNCF-compliant Kubernetes clusters in any environment. Cluster updates and upgrades are seamless with no downtime.

Standardization¶

Create and easily apply cluster blueprints so it’s easy to standardize your Kubernetes clusters deployed across clouds, data centers and the edge.

Integrated Monitoring¶

Use integrated dashboards for monitoring and visibility into all Kubernetes resources across the entire fleet of clusters.

All k8s Distributions¶

Do not get locked into a single Kubernetes distribution across clouds. Organizations should be able to use GKE in GCP, AKS in Azure, Upstream Kubernetes for their data centers and EKS in AWS. Avoid vendor lock-in and preserve your company’s ability to deploy, manage & move containerized workloads between cloud, data center, and the edge.

Ecosystem Integrations¶

Kubernetes deployments can’t be considered enterprise-class without integrating them with the Kubernetes, security and governance systems enterprises are standardized on. Use turnkey integrations with Okta, AzureAD, Jenkins, Hashicorp Terraform & Vault, Datadog and a number of others that are just a few clicks away.