Microservices in a trusted cloud environment
Containers are changing the way applications are designed, developed, and deployed. Monolithic applications are being broken up into micro-services that can be packaged inside a container with all their dependencies and shipped to production. But, storing and shipping artifacts is only half the story. Platforms like Apcera, Kubernetes, and CloudFoundry allow developers to develop modern applications without worrying about how they are scaled, versioned, secured, and load-balanced. While Kubernetes and CloudFoundry are great for some requirements, there is no “one size fits all” solution for every organization. We believe that in order to prevent costly roadblocks down the road, a thorough use case analysis is necessary before picking a platform. In this blog post, we go over some ways in which Apcera platform is different from our competitors.
While Kubernetes is a general purpose framework which can be very powerful with the right amount of customization and tooling, the Apcera platform is fully usable right out of the box. Our Community Edition is the easiest and fastest way to create a multi-node cluster in 15 minutes. Our simple installer, apcera-setup, just needs to know a few things like what domain name you want to use for your cluster or which cloud provider you want to install on. That’s it. After answering a few questions, the apcera-setup tool installs an entire PaaS in minutes. Our installers run on OS X, Linux, and Windows and we can deploy clusters on VirtualBox, vSphere, AWS, and more. In contrast, Kubernetes has community supported tooling for these cloud providers which requires careful configuration and needs the right dependencies to be installed before use.
A lot of software is developed with security as an afterthought. At Apcera, we want developers to innovate at speed with full confidence of trust. However, deployments to production should be seamless but under the control of the devops or SRE organization. As a security-focused platform, everything inside Apcera is controlled by policy. As an example, in the Kubernetes ecosystem, pods can communicate with other pods regardless of the host they are on. In the Apcera platform, however, by default a container has no ingress or egress access. Connectivity between containers can be setup through the use of a virtual overlay network, membership in which is controlled by policy. Also, as far as we know we are the only service which has support for overlay networks across different cloud providers.
Dynamic service discovery becomes very important in a cloud environment. Developers should be able to reconfigure applications without breaking clients that are using them. Like Kubernetes, the Apcera platform uses a DNS based service discovery model. Unlike Kubernetes though, we believe that services should not be discoverable unless blessed by a trusted authority. Services in the apcera-platform are not discoverable by default unless they are part of a virtual network and assigned a discovery address.
One of the cool things about the Apcera Platform is that devs don’t have to know anything about infrastructure in order to use it. All they have to do is use the apc command to upload their code into the platform and they instantly get to see their app run. Apcera’s stagers can automatically detect what programming language your app is in, appropriately build it and download dependencies, and just put it up. If your app needs a database, you can easily issue some more apc commands to attach a database to your app. The Apcera Platform will take care of dividing up a database and giving your app only the fraction it needs, providing isolation from other apps. The dev doesn’t have to worry about securing the database or credential management. When a database gets attached to an app, the app will receive unique, ephemeral credentials, not the real credentials to the database. Apcera will make sure only apps that you’ve explicitly attached to the database can talk to it. You also get load balancing, health monitoring, and self-healing out of the box. This all happens under the hood without bothering the developer, who just wants to focus on writing an app.
At Apcera, we’re excited to see other players joining us in trying to build a platform for apps in the cloud. Ultimately, this is a huge win for small and large companies. With Apcera, all companies can get the security, efficiency, scale that was previously only reserved for big enterprises — in minutes. Download Apcera Community Edition and see the magic for yourself.