Introducing Tectonic 1.8 and the first Open Cloud Services: etcd, Prometheus, and Vault

• By Rob Szumski

Today we're happy to announce that Tectonic 1.8, the forthcoming release of our world-class enterprise Kubernetes platform, will ship with a catalog of industry-first Open Cloud Services. Open Cloud Services enable enterprises to deploy key infrastructure components with the ease and efficiency they've come to expect from public cloud providers, while avoiding cloud provider lock-in.

We've worked hard to deliver this vision in response to a pressing need. Enterprises are embracing containerized infrastructure because they want their IT operations to be more agile, flexible, and scalable. DevOps, continuous integration and delivery, and other modern practices are enabling them to deploy and iterate applications faster and more efficiently, and they need their infrastructure to keep up.

Public clouds have played a huge role in this evolution by making it easy to provision and scale resources. Routine maintenance tasks such as updates, disaster recovery, and horizontal scaling are automated, leaving you free to concentrate on managing your applications, rather than your infrastructure. Yet the value-added services public cloud providers offer customers – things like data stores, monitoring and profiling, authentication, and more – are typically proprietary. Once you get roped in, it can become nearly impossible to move your applications to a different cloud, or to the hybrid environment of your choice.

Open Cloud Services

New for Tectonic 1.8, CoreOS Open Cloud Services offer the same near-effortless operations customers have come to expect from managed cloud offerings, with a difference. Unlike proprietary cloud services, Open Cloud Services are first-class, fully automated Kubernetes resources running on the CoreOS Tectonic platform, leveraging the Operator pattern we introduced in 2016.

While a site reliability engineer (SRE) who fixes a production cluster at 3 a.m. can be a hero, the reality is that humans have better things to do. What's more, the cluster actually understands what's running on it and its state better and faster than any human can. Enter Open Cloud Services, the automated heroes of your cluster. They are constantly vigilant – handling failover, making backups, and generally making sure your software runs well and securely, all automatically.

Better yet, because Tectonic can run across multiple environments – from bare metal and on-premises clouds, to public clouds including AWS and Azure – customers aren't locked in. They can deploy and consume the same services consistently wherever they choose, simply by enabling them from the Tectonic Console's Open Cloud Services Catalog.

The Tectonic Console is your portal to the new Open Cloud Services Catalog

With the upcoming Tectonic release, we are shipping our first three Open Cloud Services: etcd, Prometheus, and Vault.

etcd

Building on the work we began with the etcd Operator, the etcd Open Cloud Service provides application developers with free, fully managed etcd clusters for use in their technology stacks. The automated operations built into the etcd Open Cloud Service make it easier than ever to deploy this distributed key-value store on Tectonic, complete with:

High availability: Multiple instances of etcd are networked together and secured. Individual failures or networking issues are transparently handled to keep your cluster up and running.

Multiple instances of etcd are networked together and secured. Individual failures or networking issues are transparently handled to keep your cluster up and running. Automated updates: Rolling out a new etcd version works like all Kubernetes rolling updates. Simply declare the desired version, and the etcd service starts a safe rolling update to the new version automatically.

Rolling out a new etcd version works like all Kubernetes rolling updates. Simply declare the desired version, and the etcd service starts a safe rolling update to the new version automatically. Backups included: Schedule backups to happen on or off cluster.

Prometheus

The Prometheus Open Cloud Service provides a free, fully managed and isolated monitoring stack that can be deployed for each of your operations and applications teams. Built on the latest Prometheus Operator, when enabled from the Open Cloud Services Catalog it provides:

High availability: Multiple instances are run across failure zones and data is replicated. This keeps your monitoring available during an outage, when you need it most.

Multiple instances are run across failure zones and data is replicated. This keeps your monitoring available during an outage, when you need it most. Updates via automated operations: New Prometheus versions are deployed using a rolling update with no downtime, making it easy to stay up to date.

New Prometheus versions are deployed using a rolling update with no downtime, making it easy to stay up to date. Handles the dynamic nature of containers: Alerting rules are attached to groups of containers instead of individual instances, which is ideal for the highly dynamic nature of container deployment.

Vault

The newest entry in the Open Cloud Services Catalog, the Vault Open Cloud Service provides a one-click, fully managed Vault secrets management service on top of a Tectonic cluster. Once enabled and deployed, it is:

Secure by Default: Hands-free automated creation of TLS certificates between all components ensure all best practices are followed for secret security. Further, the API makes unseal operations easy.

Hands-free automated creation of TLS certificates between all components ensure all best practices are followed for secret security. Further, the API makes unseal operations easy. Highly available: Multiple instances of Vault are clustered together via an etcd backend and secured.

Multiple instances of Vault are clustered together via an etcd backend and secured. Safe Upgrades: Rolling out a new Vault version is as easy as updating the Vault Cluster definition. Everything is automatically handled using Vault best practices while pausing for unseal tokens.

Open Cloud Services in action

There's no better way to understand how CoreOS Open Cloud Services streamline service deployment that to watch how it's done. In the video below, we walk through enabling and instantiating the Vault Open Cloud Service on a Tectonic cluster.

What else is in Tectonic 1.8?

Of course, Open Cloud Services aren't all that Tectonic 1.8 has to offer. This release also includes a number of significant improvements to the underlying platform, including updates to monitoring and configurability, among other enhancements.

Pure, upstream Kubernetes 1.8: Tectonic 1.8 is built on a foundation of community-maintained, open source Kubernetes 1.8, not a fork, so you can deploy applications with confidence that they will behave as expected. Kubernetes 1.8 delivers important improvements in security, auditing, application management, and more.

Tectonic 1.8 is built on a foundation of community-maintained, open source Kubernetes 1.8, not a fork, so you can deploy applications with confidence that they will behave as expected. Kubernetes 1.8 delivers important improvements in security, auditing, application management, and more. Container engine management: With this release and going forward, Tectonic will manage the version of the Docker Engine that's installed on the platform and automatically update it to the most recent validated release. We ship Docker 17.03 with Tectonic 1.8 and it's been fully tested for security and stability.

With this release and going forward, Tectonic will manage the version of the Docker Engine that's installed on the platform and automatically update it to the most recent validated release. We ship Docker 17.03 with Tectonic 1.8 and it's been fully tested for security and stability. Prometheus 2.0: Tectonic's built-in Kubernetes monitoring capabilities have been enhanced with an upgrade that brings dramatic increases to monitoring performance.

And of course, this release includes Tectonic's trademark automated operations capabilities, delivering customers the most manageable, reliable, portable, and secure Kubernetes deployments in the industry.

Availability and getting started

Tectonic 1.8 with Open Cloud Services will ship in late December. Every install of Tectonic 1.8 will include bundled access to the etcd, Prometheus, and Vault Open Cloud Services.

Existing Tectonic customers will be able to perform in-place, zero-downtime upgrades from Tectonic 1.7 to Tectonic 1.8 with a single click from the Tectonic Console, thanks to the platform's unique automated operations capabilities.

If you'd like to be notified via email when Tectonic 1.8 with the Open Cloud Services Catalog becomes available later this month, sign up here:

Notify me Be first to know when Tectonic 1.8 ships

Learn more

If you'd like to learn more, CoreOS Tectonic product manager Rob Szumski will walk through Tectonic 1.8 and Open Cloud Services in a webinar on December 20 at 10:00 a.m PT. The talk will be available on demand after it concludes.