Virtualization Featured Article


Kubernetes 1.4 Bolsters SDN Security In Weaveworks' Weave Net 1.7


October 06, 2016

Since software-defined networking (SDN) is in the rise, it's not surprising to see more products emerge to help companies try to make an easier foray into SDN operations, and attempt to distinguish themselves from the other products in the field. Weaveworks' Weave Net system is one fairly major entry in the SDN field, and recently, it added on a little extra of its own, bolstering the security of its operations by adding Kubernetes' recently-released version 1.4 release.

Kubernetes is known for its orchestration and container management systems, all available to users on an open-source basis. It's able to comfortably manage multiple containers, and with the version 1.4 release, adds a new slate of control options as well. With Kubernetes 1.4 added to Weave Net 1.7, users can add those security policies to normal operations by treating these the same way firewall rules would be treated in the system.

Those already using Weave Net, meanwhile, will be happy to note that the isolation involved is subnet-based, which means the containers involved in the exchange could be established in network subnets, effectively isolating these systems. While those adding Kubernetes 1.4 to the system will need to include more definition, that definition will also, reports note, offer more control over access and container networking options.

                  Image via Bigstock

Without a system like Kubernetes in place, many would have turned to directory systems like OpenLDAP to define security policy. As explained by Kubernetes' COO Mathew Lodge, Kubernetes allows users to bring “...the application and the infrastructure closer together.” Lodge also offered up further comment around the release, saying “In Weave Net 1.7, we have now provided integration with Kubernetes security policies. So you can now have fine-grained security controls with Weave Net, specifying policies in Kubernetes and having it all automatically applied by Weave Net.”

What really matters here is that companies are taking security seriously. While SDN offers some great opportunities to reduce dependence on hardware and operating costs, it can also provide new potential failure points for security. SDN actually includes the means to better protect a system from outside threat even as it opens up new potential attack vectors, thanks to a more granular approach to security, but it has to be acted upon to have any real impact. Tools like Kubernetes, meanwhile, can be even more helpful in driving better security for users, and the better the security is, the more likely users will be able to safely put SDN tools like Weave Net to work.

Weave Net was already pretty impressive, but the new connection to Kubernetes should make an already good thing even better. It's hard to pass up on that kind of improvement, and it should be taken seriously. SDN can be a valuable help to many different kinds of businesses, and developments like these make it a safer help as well.




Edited by Maurice Nagle

Article comments powered by Disqus







Click here to share your opinion - What is the "next big thing" to software define in your enterprise or data center?






Featured Blog Entries

Day 4, Cisco Live! 2017 - The Wrap

Day 4 was the final day of our first ever Cisco Live! We had a great show, with many great conversations and new connections with existing and potential end users, resellers, partners and job hunters.

Day 3, Cisco Live! 2017

Day 3 of Cisco Live is history! For Fiber Mountain, we continued to enjoy visits from decision makers and influencers who were eager to share their data center and structured cabling challenges.

Day 2, Cisco Live! 2017

Tuesday was Day 2 of Cisco Live for Fiber Mountain and we continued to experience high levels of traffic, with many high value decision makers and influencers visiting our booth. One very interesting difference from most conferences I attend is that there are no titles on anyone's show badges. This allows open conversations without people being pretentious. I think this is a very good idea.

Day 1, Cisco Live! 2017

Fiber Mountain is exhibiting at Cisco Live! In Las Vegas for the first time ever! Our first day was hugely successful from just about any perspective - from quantity and quality of booth visitors to successful meetings with customers.

Industry News