Versions Compared

Old Version 10

changes.mady.by.user Ritu Sood

Saved on

compared with

New Version Current

changes.mady.by.user Brandon Wick

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

FINAL

EMCO

DRAFT

...

pushes the boundaries of multi-cluster application

...

orchestration

By: Igor Duarte Cardoso, Intel

EMCO

---  

   EMCO has a broad vision for end-to-end orchestration that includes not only *deployment of complex workloads* workloads in a wide range of scenarios but also * automation of the infrastructure* infrastructure needed by such workloads, ranging from networking and service mesh to application security. The focus on application infrastructure automation sets EMCO apart from most other orchestrators. The 22.06 release takes EMCO several steps forward in the supported range of deployment scenarios and in application security.

Organize/converge/defragment the following points:

The new release builds on security and flexibility:

  • Automate the distribution of intermediate CA certificates to Added feature to prepare a CA certificate that is used to generate a set of Intermediate CAs (with a common CA Root certificate), which then are distributed to set of edge clusters running the Istio service mesh. These certs enable cross-cluster mTLS communication between microservices.
  • For Istio controller added support expose a service running inside EMCO cluster for connections from outside the cluster and also added Authorization APIs to enable fine grained access of resources between the microservices based on methods and paths. 
  • This is a security enhancement for EMCO which also reduces time to deployment and facilitates the enrollment of additional (mTLS-enabled) clusters.
  • Allow for inbound outside connections to services running in EMCO clusters. An Authorization API is provided to allow an operator to define, with fine-grained control, access to resources and methods. This extends service access/routing to multi-cluster environments in a secure and configurable way.

And The 22.06 release broadens the range of deployment scenarios that EMCO can handle:

  • EMCO can now leverage Google Cloud (via Anthos GitOps) as a target for workloads, as well as the newest version of Azure Arc (using Flux v2). This increases flexibility and resilience for the user/operator by integrating with additional clouds. Also updated support from Azure Arc v1 to Azure Arc v2.
  • EMCO can now automatically trigger user-defined workflows at multiple stages of an application's lifecycle (using Temporal). This is a step towards automation and integration, allowing users/operators to do less outside of EMCO.
  • Logical cloud support with Fluxv2 and Azure Arc v2.
  • IPv6 supportIPv6 support, a hard requirement/expectation of multiple operators and deployments.

This release reinforces the position of EMCO as a leading open source orchestrator that goes beyond the basics by orchestrating the infrastructure needs of modern cloud-native applications, including security, in addition to catering to the complex deployment scenarios that they require. The EMCO community invites you to try out the latest release and join us in shaping the future of orchestration.

Learn more and get involved.