fledge.io Cloud – your personal private secure multi-cloud-edge
In today’s IT world, many applications and services have the name Cloud attached to them to mean they offer a given service as a cloud offering or that they can run on the cloud.
So what is fledge.io Cloud and what is so special about it?
Let’s take a step back, the public cloud was created as an alternative to private datacenters to enable IT-as-a-service i.e. with a click of a button one could spin up IT infrastructure and consume compute, storage, network, security and applications as services. And if one uses a public cloud today, one assumes the ability to spin up/down services, easily connect to them, interact with them securely and monitor them in real-time as an obvious thought.
However, if one tries to extend applications beyond a particular cloud provider, one goes into unchartered territory as it’s not easy to get that consistent experience across cloud providers due to different capabilities, APIs and UX that look different. So it becomes a DIY proposition for most enterprises and that can be a deterrent for multicloud strategy and they tend to stick to a single cloud provider, even if it’s suboptimal or expensive.
fledge.io Cloud exactly solves that problem. With fledge.io Cloud, you could build your own personal secure cloud that spans multiple cloud providers, datacenter providers and edge environments. You get a common and consistent experience for your application infrastructure across all these environments. You will get the capabilities that you would expect to see in a public cloud.
Let’s have a look at the key capabilities in detail.
- Common Application Orchestration – With fledge.io Cloud, you could define and securely deploy an application that can span cloud, datacenter and edge environments.
fledge.io orchestrator is intent-based, resilient, stateful. It lets customers deploy applications as standalone docker containers or onto kubernetes clusters or mix of both as part of the same application that can span different clouds, datacenters and edge environments. The choice of deploying into clusters or standalone containers can be based on the location capabilities and use case needs. - Continuous Observability and Telemetry – fledge.io Cloud provides continuous monitoring of the compute node’s resources such as cpu, disk, network and the running applications too.
The monitoring is based on eBPF, a framework with which probes can be inserted into Linux kernel to gather real-time information. fledge eBPF gets auto deployed on any fledge.io managed node and provides rich, real-time and relevant information for the application.
The applications can collect any kind of data such as performance, sensor or application/node health data and securely stream the data anywhere within the application boundary i.e. across clouds, datacenters and edges. The information can be readily viewed as dashboards or consumed as APIs for decision-making and analytics purposes. - High Performance Secure App Connectivity – A per-app secure service mesh gets auto provisioned transparently the moment the app gets deployed. The microservices part of the application can discover and communicate with each other securely as though they are running on the same network domain, even if they are deployed at different locations, clouds, datacenters or edges.
Admins do not need to worry about configuring different network services across providers. One does not even need to provision a VPN across locations. A per-app VPN gets auto deployed, so all traffic on the Internet is fully encrypted.
One does not need to worry about security certificate and key management, which often tends to be very complex. Since the service mesh is integrated with the orchestrator, the key distribution happens automatically and securely.
The service mesh provides full mesh connectivity across all the locations that the application spans – so it’s always one single hop. The service mesh supports connectivity across standalone docker containers or kubernetes clusters or a mix of the two across clouds, datacenters and edges. This is something most service mesh implementations do not provide today.
Unlike some of the other service mesh implementations, fledge.io service mesh is not implemented as sidecars / proxies. This makes the service mesh not only lightweight (smaller footprint), but very high performance since the network traffic does not have to unnecessarily traverse IP stack up and down multiple times.
The service mesh is dynamic i.e. if the microservices migrate across nodes or clusters or locations, the mesh reconstitutes automatically in real time transparent to the running microservices so they have continued secure connectivity with each other.
The service mesh is integrated into fledge.io eBPF, through which it not only offers rich analytics but also security with application firewall and packet filtering. - Zero Trust Security – Consistent ‘Application Aware’ Security Framework From Cloud to Edge – fledge.io Cloud provides built-in powerful packet filtering and application firewall capabilities based on fledge.io eBPF. This enables inline high performance, just in time packet filtering that is specific to application requirements.
The applications can define security policies and these policies are implemented consistently across the cloud, datacenter and edge environments.
The security policies track and dynamically move along with the microservices, so the microservices continue to have the same security no matter where they are deployed.
Customers can continue to use the cloud security services or any on-prem implementations that they currently have. fledge.io security can either complement the current framework or supplement elements of current security infrastructure.
fledge.io application security framework helps application delivery teams to save time, effort and costs, but more importantly have a common and consistent framework across the application span.
The application microservices will have access to all the underlying resources (hardware as well as software services) in the given cloud, datacenter or edge environment as the application will be running in the customer owned cloud / datacenter instances.
In addition, fledge.io Cloud offers canary style upgrades for running applications and dynamic migration capabilities across locations.
So, with these capabilities that fledge.io Cloud offers, you could bring your own cloud, datacenter, edge and quickly build and manage your own secure, private multi-cloud-edge.
Save significant time, effort and costs in managing your application infrastructure.
Reach out to us at info@fledge.io to see fledge.io Cloud in action.
Stay tuned for future posts that will describe the service mesh and security framework in detail.
Pramodh Mallipatna
Founder and CEO
fledge.io