Commercial product¶

This page lists, in alphabetical order, updates on some well-known commercial products.

A¶

• Ant Group Releases SOFAStack 5.0, a Next-Generation AI Cloud-Native PaaS Platform

  SOFAStack 5.0 introduces CodeFuse, a big model of code covering design, R&D, testing, O&M, etc. It is expected to improve the efficiency and quality of daily code R&D, testing, O&M processes through human-computer interaction assistants, and enhance the efficiency of enterprises' production and research by 30%. In addition, SOFAStack provides multi-task fine-tuning and high-performance reasoning capabilities for the Codefuse model.

• Alauda MLOps, an enterprise-class cloud native MLOps solution, and its open source version, kubeflow-chart, have been released by Alauda

  Kubeflow-chart customizes the way Kubeflow is installed using the Helm Chart approach, making it easy to run a single command to complete Kubeflow and its dependencies. Alauda MLOps builds on this foundation, supporting non-intrusive visual workflow orchestration of development environments, visual distribution, multi-tenancy and quotas, virtual GPUs, and integrated MLFlow, Alauda MLOps builds on this foundation with support for non-intrusive visual workflow orchestration development environments, visual distribution, multi-tenancy and quota, virtual GPUs, and integrated MLFlow.

• AppViewX introduces KUBE+ - a certificate lifecycle management solution built to secure Kubernetes environments

  AppViewX KUBE+ provides a unified visual interface for controlling and managing certificates. Specific features include: auto-discovery of all SSL/TLS certificates, maintenance of an up-to-date certificate inventory, visibility into certificate metadata, end-to-end certificate lifecycle automation, a powerful policy and compliance engine, extensive native integration, and more.

• ARMO Platform, Kubernetes Security Platform, introduces vulnerability analysis and assessment capabilities based on eBPF technology

  This feature analyzes and evaluates vulnerabilities on the Kubernetes platform, identifies and prioritizes vulnerabilities, and provides users with targeted remediation recommendations. Among other things, relevance and prioritization allows users to deprioritize vulnerabilities in unused packages and components to focus on addressing vulnerabilities that pose a greater threat to the cluster.

• Aqua cloud native security platform introduces Lightning Enforcer, a zero-day vulnerability detection tool based on eBPF technology

  Aqua Lightning Enforcer utilizes drift and behavior-based automated detection methods to detect unknown threats such as zero-day vulnerabilities, and provides incident management, suspicious behavior alerts, and out-of-the-box CNDR (cloud native detection and response). In addition, the application of eBPF technology avoids the impact of traditional agents on the workload and reduces the resource overhead of the system.

• Aqua launched the first end-to-end software supply chain security solution to protect the security of the cloud native application supply chain

  The solution is part of the Aqua cloud native application protection platform and provides capabilities including: code scanning, CI/CD posture management, pipeline security management, optimization of SBOM features, assessment of open source code health and reputation.

• AtomicJar releases integration testing tool Testcontainers Cloud

  Testcontainers Cloud is built on the lightweight open source testing framework Testcontainers, which creates a more realistic testing environment through Docker containers. Developers can test applications themselves before moving code to production via a continuous integration (CI) platform, allowing cloud native application developers to test dependencies without the help of a dedicated application testing team.

• AWS Fault Injection Simulator (FIS) support for chaos engineering experiments on EKS Pods

  AWS FIS is for running Chaos Engineering Experiments to test and validate application resiliency.FIS adds 7 new fault injection actions for EKS Pods. You can apply CPU, memory, or I/O stress to target Pods and containers to evaluate application performance under load. You can also inject a variety of network faults, including increasing network traffic latency and dropping all or some network packets. You can also evaluate the resiliency of an application by terminating the Pod.

• AWS Container Application Monitoring Service Amazon Managed Service for Prometheus Integrated Cost Management Tool Kubecost

  Amazon Managed Service for Prometheus with Kubecost performs cost allocation calculations, provides a unified view of Kubernetes costs across multiple EKS clusters, and provides recommendations for optimizing Kubernetes clusters.

• AWS AppConfig, an application configuration tool for AWS, launches a proxy for container runtimes to simplify configuration of feature flags and runtimes

  Users of platforms such as AKS can use the AWS AppConfig Agent to manage the retrieval and caching of container application configuration data, handle polling and caching logic, and more. The feature flag and run configuration feature allows users to release new features without deploying new code. In addition, it also has configuration security features, including validators, alert reminders, automatic rollback configurations, etc.

• AWS Launches Local Clusters for Running EKS Clusters Locally on Hybrid Cloud Service Outposts

  Local clustering reduces the risk of application downtime due to network outages in the cloud. During this time, the application remains available and cluster operations can be performed. EKS manages the availability of the K8s control plane on Outposts when connected to the cloud. The Kubernetes running on the local cluster has the same features as the EKS on the cloud, and supports automatic deployment of the latest security patches.

• Azure Kubernetes Distribution AKS September Update

  Updates: New Vertical Pod Auto Scaling (VPA) add-on, new image cleaner, new node OS patching feature, Gateway Load Balancer now supports IPv6, Kubernetes 1.28 support, support for Dapr extensions in Azure Functions, Azure Container Storage updates (support for deployments in 26 regions, support for volume resizing, cloning, and support for more disk types).

• Azure Launches Container Application Gateway Preview

  Azure Container Application Gateway is an application load balancing and dynamic traffic management product for workloads running in Kubernetes clusters. It is an enhanced version of the Azure Application Gateway Ingress Controller (AGIC), with enhancements that include: near real-time convergence times when reflecting Kubernetes YAML configuration changes; support for more than 1,400 backend Pods and 100 listens; and support for blue-green deployment policies and active/active or active/passive routing.

• Azure Releases Network Observability Add-On for AKS

  The Network Observability Add-on for AKS is a distributed monitoring solution for Linux and Windows host environments. This component provides insight into the network infrastructure by collecting real-time data, leveraging Linux's eBPF, the Virtual Filtering Platform, and host network services in Windows, and making this data available to Prometheus and Grafana.

• Azure Kubernetes Release AKS May Update

  Updates: Support for automated deployments and integration with GitHub Actions; new AKS Fleet Manager and the introduction of features such as update groups, phases, and runtimes to help developers effectively manage multiple AKS clusters; support for Windows node configuration and Gen 2 VMs; support for Azure Linux, an operating system designed for container workloads; Launched managed Prometheus and Grafana.

• Azure released public preview of Azure Container Storage

  Azure Container Storage is a volume management service built for containers that provides a consistent management experience across different storage products, including managed options (powered by Azure Elastic SAN), Azure disks, and temporary disks on container services. Users can easily create and manage block storage volumes for production-scale stateful applications running on Kubernetes.

• Azure AKS Officially Launches Network Solution Azure CNI Overlay

  Azure CNI Overlay helps simplify the management of cluster nodes and Pods in Azure Virtual Network (VNet) subnets by allowing users to place nodes directly in the VNet subnet and Pods to obtain IP addresses from a separate dedicated CIDR. With this, AKS cluster management, routing configuration, and cluster scaling will be greatly simplified.

• Azure Launches Kubernetes Application Solution for AKS

  The Azure Kubernetes Application Solution is designed to help partners create, publish and manage a "toolbox" of commercially available Kubernetes solutions in the Microsoft Azure Marketplace. Azure Kubernetes Application Solutions supports the creation of bundles for Kubernetes application solutions using existing Helm Chart packages; Create and publish solutions in just 48 hours; automate security scans; and empower incremental sales across the board.

• Azure Arc Integration with Observable Platform Datadog, an Azure Hybrid Cloud multicloud Solution

  Azure Arc's integration with Datadog provides the following capabilities: monitors connection status and agent versions to ensure Azure Arc-enabled servers, SQL servers, and Kubernetes clusters are connected and secure; integrates hybrid and multicloud servers, Kubernetes clusters, and data services into a unified dashboard for seamless cross-environment Simplifies compliance management and tracking, providing rich visualizations and actionable alerts.

• Azure Serverless container platform Azure Container Apps November update

  What's new: Build container images from source code without Dockerfile, use Azure pipeline tasks to build and deploy container applications from Azure DevOps, support building and deploying container applications from GitHub Actions workflows, and support inbound restrictions on Azure container applications by IP flow.

• Azure Kubernetes distribution AKS November update

  Updates: support for running lightweight AKS on data centers and edge nodes based on Azure Arc, integrated event routing service Event Grid, increased the maximum node limit to 5000, Support for workload identity management through Azure Active Directory, launch of Kubernetes App Marketplace, new CNI plugin Azure CNI Overlay mode, enabling AMD-based confidential virtual machine node pools.

• Azure Container Apps (a Serverless container runtime) update

  What's new: Dapr components support managed authentication backend service providers, support for Dapr secrets API, and integrated monitoring service Azure Monitor.

• Azure Kubernetes distribution AKS October update

  Updates: support for vertical pod auto-scaling (VPA), support for next-generation Azure disk storage Premium SSD v2, new image cleaning function, support for enabling IPVS load balancing, Simplified database creation and identity management, allows enabling/disabling CSI drivers based on workload requirements, added Linux distribution Mariner as a container host, Azure CNI Powered by Cilium is available, supports K8s 1.25, supports Dapr 1.9.

• Azure Kubernetes distribution AKS September update

  Updates include: Added soft-delete functionality to Azure Container Registry to restore accidentally deleted artifacts; allows aborting any operation on an AKS cluster or proxy pool; supports multi-instance GPU (MIG); extends Azure Network Policy Manager (NPM) AKS cluster to Windows server 2022; integrated API Server VNET for AKS private cluster.

• Azure Lightweight Kubernetes Release AKS Edge Essentials Officially Available

  AKS Edge Essentials is a native Kubernetes implementation of AKS that can run on resource-limited edge devices. It can be used to deploy single- and multi-node K3s and K8s clusters that can run Linux and Windows workloads on existing Windows devices.

• Azure Releases AKS Fleet Manager (Public Preview)

  Azure Kubernetes Fleet Manager treats multiple cluster sites as a single cluster to be managed. Users can manage multiple clusters by creating a Fleet resource. Users can treat existing AKS clusters as member clusters, join them to the fleet, and then orchestrate multiple cluster Cases such as Kubernetes resource propagation and multicluster load balancing using metadata from those clusters.

• AliCloud Container Service ACK Product October Update

  Updates: Support for Sidecar acceleration in service mesh scenarios, support for container monitoring observability at the OS kernel layer, new OpenAPI support for individually initiated cluster checks, and support for arm64 architecture for the backup center component migrate-controller.

• AliCloud Container Computing Service ACS officially released

  Container Computing Service ACS integrates containers with resources so that users don't need to focus on the underlying nodes and clusters. It provides a flexible Pod configuration mode, supporting 1:1~1:8 resource ratios; at the same time, it also provides second-level elasticity to cope with traffic fluctuations; it supports arithmetic provisioning resource reuse, allowing flexible resource provisioning in user loads and cloud product loads; in addition to native support for general-purpose business loads such as web servers, microservices applications, web applications, etc., it also supports task class loads such as big data computing, AI computing, and middleware, database, etc. It also provides a flexible resource provisioning mode. In addition to natively supporting general-purpose business loads such as web servers, microservice applications, and web applications, Loft Labs also supports task-based business loads such as big data computing and AI computing, as well as real-time performance-sensitive business loads such as middleware and database.

• AliCloud Microservice Engine MSE August Product Update

  Updates: Cloud Native Gateway supports configuring JT authentication for routes and authenticating specified consumers; supports replicating online traffic to specified services; MSEIngress supports route-level Sentinel fully-confined flow and concurrency control; supports gray-scale release of multiple Deployments under the same Service; application-related monitoring data supports monitoring within 1 day Application-related monitoring data supports monitoring and playback within 1 day; based on KruiseRollout, it realizes the ability of full-link grayscale release.

• AliCloud Application Real-time Monitoring Service ARMS July Product Update

  Updates: New desensitization functions for JVM system parameters, K8s Yaml and other parameter information; support for displaying ZGC garbage collector-related indicators; application alerts support the configuration of rule indicators such as p99 equidistant quartiles and the number of slow invocations; and the application alert rules support the interval detection mode.

• AliCloud Container Service Serverless Edition (ACK Serverless) 2.0 released

  Updates: Fully managed for 10+ K8s core system components; supports dynamic capacity planning; supports automated upgrade of K8s version, including customized operation and maintenance window and upgrade frequency policy as well as intelligent risk detection, etc.; supports intelligent elastic prediction of AHPA upgrades; adds new solution for big data computing, based on multi-availability polling of Spot ECI, and failure of seizure is downgraded to per-volume instances, which reduces total resource cost by more than 20%. This reduces total resource costs by more than 20%.

• AliCloud Microservice Engine MSE June Product Update

  Registration&Configuration Center provides migration of availability zones, gateway logs compatible with NginxIngressSLS format, WAF plug-in for ModSecurity protection engine based implementation, OAuth authentication plug-in, behavior management of RPC services supports customization.The gateway logs are compatible with the NginxIngressSLS format, the WAF plug-in for ModSecurity protection engine, the OAuth authentication plug-in, and the behavior management support for RPC services.

• AliCloud Container Service ACK May Update

  Updates: Kubernetes 1.26 support, Flexvolume component and CSI component coexist in a cluster, Serverless version of ACK supports cost insight, ASM supports integrated KServe, ASM gateway supports Serverless form factor, ASM supports global certificate management.

• AliCloud Serverless Container Service ASK Update

  Update: Added support for more than 10 K8s core components, providing dynamic capacity planning capability; added intelligent risk identification capability, supporting automated upgrade of K8s version; provided AI large image pulling capability based on container image cache, reducing startup time by 90%; enhanced intelligent elastic prediction AHPA capability, compared with manual configuration, elasticity accuracy rate increased by 80%; also added Support for GPU.

• AliCloud Container Service ACK April Product Update

  Updates: Cluster deletion supports synchronous deletion of log projects, ACK Lingjun Managed Cluster for hosting the standard Kubernetes cluster service with high availability control plane is officially released, ElasticResource supports Pod dispatching to Arm nodes.

• AliCloud Microservices Engine MSE April Product Update

  Updates: Nacos and Service Governance combine to non-intrusively implement Java application registration discovery, full-link grayscale, etc.; Cloud Native Gateway introduces migration tools for container service Nginx Ingress; Microservice Governance Basic Package supports lossless up and down, canary publishing, etc.; Nacos supports TLS link encryption.

• AliCloud Service Mesh ASM March 2023 Product Update

  Updates: Gateway support for docking WAF, support for configuring Ingress resources, support for managing Knative services, support for OIDC login for mesh topology, Sidecar proxy support for oversell mode, new egress traffic policy, support for configuring global default HTTP request retry policy.

• AliCloud ACK February Product Update

  Update: Node pool supports Kubelet parameter customization, AIOps supports Service diagnostics, supports changing cloud disk type, and supports using cloud-auto type cloud disk as dynamic storage volume.

• AliCloud service mesh ASM February 2023 Update

  Update: Support for defining management logs, monitoring and link tracing as Telemetry CRD; support for fine-grained configuration at the mesh global and namespace levels; improved mesh topology loading speed in clusters above 150 Pod size; support for configuring sidecar proxy environment variables, istio-proxy thread count, etc.; support for configuring in multiple clusters Support for intra-cluster traffic retention.

• AliCloud container imageing Service ACR Officially Launches Cloud Native Product Center

  Cloud Native Products Center provides free secure and trusted container base images from AliCloud and Dragon Lizard community for container developers. It includes application containerization base OS image, base language image, AI/Big Data related image categories, covering ARM, ARM 64, x64, x86-64 multiple system architectures.

• AliCloud Microservice Engine MSE December 2022 Update

  Updates: zookeeper support for exporting snapshots and transaction logs, cloud native gateway support for HTTP/3, microservice insight support for lossless log collection during up/down and key node information display.

• AliCloud service mesh ASM December 2022 Update

  Updates: support for managed on-demand push xDS configuration, support for self-built Istio community version migration to ASM, ASM gateway support for configuring custom authorization services, enable Service Level Objective SLOs.

• Alibaba Cloud distributed cloud container platform ACK One update

  Update: Integrate ArgoCD to achieve multicluster GitOps continuous delivery, optimize multicluster application distribution; unified configuration alert rules, support configuration of cluster-specific differential alert rules, support automatic synchronization of alert rules to new associated clusters.

• Alibaba Cloud Container Service ACK Yunqi Conference Update

  Update content: Provide support for eRDMA high-performance container network, better support containerization of stateful applications based on the new generation container network file system CNFS 2.0, productization support for built-in cloud native hybrid system Koordinator, release AIOps suite and FinOps suite.

• Alibaba Cloud releases CNStack 2.0 of cloud native technology platform

  CNStack 2.0 supports mixed management of different vendors, different architectures, different regions and CPU/GPU computing power. Provide one-stop management of the entire lifecycle of application development, testing, and operation and maintenance, and the use cases cover container services, distributed applications, cloud edge, and DevOps. In addition, the platform also provides a complete technology stack support, including built-in, out-of-the-box product components and middleware, as well as products and components provided by the original factory and partners.

• Alibaba Cloud Microservice Engine MSE October Update

  Updates: The registration configuration center provides migration tools and solutions, the cloud native gateway service source supports the Serverless application engine, authentication and authentication supports the coexistence of multiple rules, the routing and service details page adds QPS, error, delay and other metric monitoring, and the whole link Capabilities such as grayscale and label routing support the Consul registry.

• Alibaba Cloud service mesh ASM September Update

  Update content: application service governance supports warm-up function; supports application security policy in trial operation mode; optimizes sidecar proxy configuration; adds a variety of JWT algorithms in "request authentication"; supports access to O1DC protocol services through external authorization; supports K8s 1.24; AHPA Elastic Prediction supports prediction based on GPU metrics; Log Center supports log and large disk display of network components; when Pod mounts OSS storage volumes, it supports I/O observability.

• Alibaba Cloud Container Service ACK September update

  Updates: Add managed node pools, support configuring network-configured load balancing NLB instances for Services through Annotation, provide resource portrait features for workloads, and support lifecycle management of object storage OSS Buckets using container network file systems.

• Alibaba Cloud service mesh ASM August Update

  Updates include: compatibility with Istio 1.14 series versions, support for Kubernetes 1.21 - 1.24 versions, enhanced grid diagnostics, support for compatibility of third-party tokens in ACK clusters, support for user-defined EnvoyFilter, and priority for the same availability zone without modifying the code routing.

B¶

• Backslash Security launches cloud native code visualization tool of the same name

  Backslash has launched a visualization tool that identifies workflows in cloud native code that could lead to security vulnerabilities. Specific features include: automatic discovery and mapping of cloud native application code and its dependencies through contextual visualization dashboards; automatic prioritization of high-risk code based on the state of the application cloud in production; and simplified remediation of vulnerabilities and risks through intelligent, automated risk identification. The tool currently supports AWS environments and GitHub code repositories.

• BellSoft launches Alpaquita Cloud Native Platform for efficiently running cloud native Java applications

  Alpaquita Cloud Native Platform leverages a Linux distribution for Java, JVM optimizations, a multipurpose framework, and native mirroring technology to provide a A runtime environment optimized for Java applications running in containers. Features of the platform: Cloud costs are reduced by 20%, smaller Pods are used, and the number of required nodes is reduced; zero migration costs, no refactoring is required; efficiency is increased by 50%, achieving low latency, low cost, and fast startup.

• BoCloud BMM v2.1 update released

  Update: New RabbitMQ and lifecycle management capabilities, new middleware overview on home page, support for storage expansion visualization, support for version upgrade visualization, support for middleware operation auditing, support for event query and alerting.

• BoCloud Container Platform v3.7 released

  Support mixed management of X86 and ARM architectures, support localized database Damon, support production-grade windows containers, provide unified resource management service for ACK and TKE public cloud container clusters, support simultaneous release of multiple native yaml files, support native ingress capability, manage high-performance virtual machines independently as a new resource type, provide It also provides container resource oversharing capability, and completes the deep integration of container cloud, microservice management, service mesh, middleware and other sub-products.

• Buoyant Launches Enterprise Edition of Linkerd, a Service Mesh Project

  Linkerd Enterprise Edition builds on the open source project Linkerd by adding enterprise-only features including zero trust and FIPS 140-2 compliance, a cost-aware load balancer, lifecycle automation, and more.

C¶

• Calico Enterprise 3.16, Calico's cloud native security platform, was released

  Updates: egress gateway support for Azure and AKS, support for deploying egress gateways via Tigera operators, new Manager UI for enabling and configuring workload-based web application firewalls, extended visualization of Kubernetes workloads to over 100 namespaces, allowing pod egress from different namespaces to different pod egress from different namespaces to different external networks.

• Calico Enterprise 3.15, a cloud native application security platform, was released

  Release features: supports configuring Calico Enterprise to comply with FIPS 140-2, which specifies the security standards to be met by cryptographic modules for applications and environments; provides a workload-based IDS/IPS (Intrusion Detection/Intrusion Prevention) system that detects and blocks bad workloads based on a global threat intelligence source database to detect and block access to undesirable workloads; automates namespace-based security policy recommendations; provides namespace-based dashboards; and supports failure detection and failover of egress gateway pods.

• Canonical K8s release Charmed Kubernetes 1.26

  Release features: Add Kube-OVN BGP support to enable pod IP access from external networks; Support for configuring traffic mirroring for Kube-OVN; metallb-controller and metallb-speaker can be deployed to more architectures (AMD64, ARM, ARM64, etc.). Integrated policy engine OPA gatekeeper.

• CAST AI Kubernetes Cost Optimization & Automation Platform January Update

  Updates: Added CAST AI kVisor security agent for assessing security vulnerabilities and analyzing cluster configuration security; improved way to use AKS images when creating new nodes; provided daily CPU usage data and number of CPUs billed; improved auto-scaling feature.

• CAST AI Kubernetes Cost Optimization & Automation Platform November Update

  What's new: The minimum number of nodes can be configured after cluster rebalancing, support for autoscaling with storage-optimized nodes for EKS users, support for fallback in node templates, and support for ARM nodes for EKS and GKE clusters.

• Chainguard Cloud Native Supply Chain Security Platform Chainguard Enforce Product Update

  Updates: Support for automated SBOM generation and ingestion for container images, support for daily vulnerability scanning and reporting of cloud native workloads, new centralized console for filtering and searching for SBOMs and vulnerabilities across the entire environment, and support for keyless signing via a privately managed signing infrastructure.

• Chainguard Enforce Cloud Native Supply Chain Security Platform Update

  Updates: Provide Sigstore-based keyless signature mode, add an out-of-the-box security policy library, support users to log in through their Gitlab accounts, support CloudEvents, support policies for fine-grained Kubernetes workload objects, and enhance large-scale clusters User stability.

• Chkk Launches SaaS Platform Kubernetes Availability Platform Aimed at Reducing Availability Risks for Cloud-Native Applications

  The Kubernetes Availability Platform is designed for organizations running mission-critical applications on Kubernetes. Designed to reduce availability risks, prevent failures and outages, and enable safe and efficient running of Kubernetes, the product not only identifies and prioritizes risks, but also provides users with pre-validated escalation plans that reduce weeks of preparation to days and securely remediate those risks.

• Cisco Releases Full Stack Observation Platform FSO

  FSO brings together data from applications, networks, infrastructure, security, cloud, sustainability, and business to provide contextual and predictive observability. fso leverages OpenTelemetry to unify the collection of metrics, events, logs, and traces, with a focus on cloud native application observability. It provides cost observability, offers optimized measures of Kubernetes workload resources, supports the generation of application-based business risk scores, and more.

• CloudCasa Velero-based Enterprise Kubernetes Data Protection Solution CloudCasa for Velero

  CloudCasa for Velero provides enterprises and service providers with the ability to manage multiple clusters of Velero backups across all Kubernetes distributions as well as hybrid and public cloud environments. Developers and platform engineers can manage and monitor Velero-based backups from the console with policy-driven templates and guided recovery capabilities. Velero users can subscribe to the CloudCasa service and catalog their existing settings for centralized management in minutes.

D, E¶

• D2iQ K8s Platform D2iQ Kubernetes Platform v2.6 released

  Updates: Support for container runtime Podman, support for vehicle Kubernetes 1.26.6, support for telemetry, addition of natural language AI assistant DKP AI Navigator, support for prioritizing DKP workloads and applications, and support for observability and monitoring of network-constrained clusters in edge computing environments.

• D2iQ launches DKP AI Navigator, a natural language AI assistant to simplify Kubernetes management

  DKP AI Navigator is trained on D2iQ's internal knowledge base, which contains solutions to the toughest problems users encounter in production.D2iQ users can use the tool to instantly access this expertise and manage Kubernetes clusters from a single window.DKP AI Navigator will be available in DKP 2.6. DKP AI Navigator will be officially available in DKP 2.6.

• D2iQ Enterprise K8s Platform D2iQ Kubernetes Platform v2.5 Released

  Updates: Support for extending standalone DKP Essential clusters to DKP Enterprise Management clusters for centralized management, support for checking cluster compliance with CIS Kubernetes benchmarks via Kube-bench, alerts now include root cause information and solution recommendations, full support for Istio, support for ARM64 machines, support for external Load Balancer support.

• D2iQ Launches DKP Gov, a Kubernetes Platform Designed for the Government Sector

  DKP Gov is based on the D2iQ Kubernetes Platform (DKP), created to meet the needs of government, military, and civilian agencies for innovative technology. DKP Gov supports physically and logically isolated nodes, a centralized multicloud platform, multi-node fleet management, Federal Information Processing Standard (FIPS) 140-2 certification, and more.

• D2iQ Kubernetes Platform v2.4.0 released

  The main new features of this version: support for running GPU nodes in a local and physically isolated environment, support for Red Hat Enterprise Linux systems, Rook Ceph replaces MinIO as the platform's default storage, and integrates third-party scanning tools such as Trivy.

• D2iQ Kubernetes Platform v2.3 release

  The main new features of this version: support for Kubernetes 1.23, support for application configuration and deployment in a multicluster environment, support for Amazon EKS and GCP, support for multiple availability zones, support for configuring custom domain names and certificates for each cluster, and adding automaticAssisted troubleshooting capabilities.

• DaoCloud Enterprise 5.0 released

  DaoCloud Enterprise 5.0 is an independent, open, high-performance, scalable next-generation cloud native operating system. Focusing on the cloud native base extension capability scenario, break through cloud-side barriers, cross multicloud environments, solve the compatibility problem of Xinchuang infrastructure, improve app delivery efficiency, enable agile innovation of applications, enable business systems with rich data services, and integrate microservice governance and Global observability can meet the challenges of operation and maintenance management of huge business systems.

• Databend Releases Cloud-Native Data registry Databend Cloud

  Databend Cloud is an elastic cloud data registry based on the open source cloud native data registry project Databend, which consists of 3 layers: storage layer, compute layer and meta information service. The bottom tier is based on object storage, the upper tier compute nodes use different specifications, and the top tier is a metadata and management cluster to achieve multi-tenant isolation and ensure users' data security.

• Datadog Launches Cloud Security Management to Provide Cloud Security Management

  Cloud Security Management brings cloud security posture management, cloud workload security, alerting, event management, and reporting together in one platform, enabling development and security teams to identify misconfigurations, detect threats, and secure cloud native applications.

• Docker launches its own generative AI tool, Docker AI

  Docker AI, which has been trained on Docker's proprietary data from millions of Dockerfiles, compose files, and error logs, will be integrated directly into developer workflows to help in the event of an error. It will show potential fix options in the development environment, allowing developers to test fixes before committing changes.

• Docker releases technical preview of WebAssembly tools

  Docker now allows users to build cloud native applications using containers and Wasm artifacts, viewing Wasm as a complementary technology to Linux containers. In addition, Docker Engine continues to use the containerd container runtime that is unified with the overall ecosystem, but replaces runC, which is responsible for running the container process, with the WasmEdge runtime.

• Docker Desktop v4.12.0 released

  The main new features of this version: integrate containerd, use containerd to manage and store images; allow to run commands in running containers directly through the Docker dashboard.

• Dynatrace Managed v1.270, the all-in-one performance monitoring solution for Dynatrace, is released

  Updates: Support for viewing entry point information for code-level vulnerabilities, new security events during code iterations (including number of affected nodes), support for init containers, new OTLP log ingestion endpoints, and added conditions for triggering Kubernetes alerts.

• Dynatrace SaaS v1.250 Cloud Monitoring Platform Release

  The main new features of this version: support for detecting third-party vulnerabilities in Go applications, add a "Kubernetes services" column in the Kubernetes namespace page, and support filtering pods by service, service name or service type.

• Dynatrace Provides Root Cause Analysis in Kubernetes with Davis AI

  The Davis AI causal analysis engine provides root cause analysis of Kubernetes performance issues and their impact on business continuity. Specific features: Automated root cause analysis, support for real-time tracking of Kubernetes orchestration processes, linking performance issues to pod evictions, support for identifying the cause of performance degradation issues related to misconfigurations based on changes in workload deployment inventory.

• EMQX Enterprise 5.2, EMQX's cloud native distributed IoT access platform, is released.

  New drag-and-drop visual flow designer for quickly creating, testing, and deploying data integrations; new standalone Webhook page to simplify the configuration process; integration with Amazon Kinesis, a fully managed real-time streaming data processing service; integration with Azure Event Hubs, a fully managed real-time data introduction service; integration with HStream, an open source cloud native distributed streaming data platform HStream; integration with GreptimeDB, an open source distributed cloud native time-series database; integration with OpenTelemetry metrics.

• Ermetic Cloud Native Application Protection Platform supports Kubernetes security posture management

  The Ermetic Cloud Native Application Protection Platform's Kubernetes Security Posture Management feature supports automatic discovery and remediation of misconfigurations, compliance violations, and risky or excessive privileges in Kubernetes clusters. It provides a detailed inventory of all Kubernetes cluster internal resources, the ability to continuously perform security posture assessments and risk prioritization, and provides remediation methods and workflow integration.

F¶

• F5 released the Chinese version of the container Ingress service CIS-C

  CIS-C is a controller software that automatically releases services in a Kubernetes cluster through F5 BIG-IP. Help users connect Kubernetes clusters and external portals, and integrate BIG-IP app delivery capabilities into the cloud environment of the Kubernetes technology stack. It enables multi-team collaboration, and users can flexibly and automatically create and change application or service entry policies.

• Fairwinds Kubernetes Governance and Security Platform Insights November Update

  Update: Added workload cost allocation functionality to allow viewing historical costs for a group of workloads; optimized cost page to refine the categorization of Kubernetes cluster costs; support for viewing the dynamics of costs over time.

• Fermyon Launches Serverless AI Solution Serverless AI

  Fermyon introduces Serverless AI, a Serverless framework for invoking AI models in its platform. And by leveraging GPU compute services provided by Civo to reduce the cost of accessing the GPUs needed to build and run these AI models and reduce cold start times to 50 milliseconds.

• Finout Launches Agentless Kubernetes Cost Governance Suite

  This agentless cost governance suite automatically detects and manages cloud waste, predicts spend and stays on budget when using Kubernetes across all major cloud platforms. It provides a unified MegaBill dashboard that manages costs across multiple cloud platforms and provides contextual information on Kubernetes spending; supports setting budgets and future spending for Kubernetes deployments; supports identifying spending anomalies across Kubernetes and cloud services; and provides real-time recommendations for cost optimization.

• Fortinet releases cloud native firewall service FortiGate CNF

  FortiGate CNF is a SaaS product that supports consistent security policies in different AWS environments through deep cloud native integration with services such as AWS Gateway Load Balancer and AWS Firewall Manager, eliminating the complexity of network security. In addition, it supports the security inspection feature of the next-generation firewall, provides deep visibility into the application layer, and can protect multiple accounts, subnets, virtual private clouds, and availability zones.

G¶

• GitLab 15.7 release

  Release features: support for deploying privately deployed GitLab instances to the Jira cloud, support for SSH key signing of commits, support for displaying multiple code quality scan reports per pipeline, allowing shared CI/CD access to Kubernetes GitLab agents within individual namespaces, and support for GitOps deployments outside of the default branch. GitOps deployments outside of the default branch.

• GitLab 15.5 released

  The main new features of this version: run security scanning tools in the merge request pipeline, support Kubernetes container scanning, support importing more relationships when importing projects from GitHub, and add a predefined DORA (metric for evaluating DevOps effectiveness level) visual comparison report.

• GitLab 15.4 Released

  The main new features of this version: improve VSCode CI/CD integration function, support Gitee project import, professional version support test management, support DORA metrics for evaluating enterprise DevOps performance, and integrate Harbor container registry.

• Gloo Mesh v2.1 service mesh management platform released

  The main new features of this version are: adding resource status and debugging pages, optimizing Istio lifecycle management, supporting zero-trust access policies, fixing TLS termination problems for east-west traffic, and supporting agent installation and cluster management with the same Helm chart.

• Gloo Gateway Cloud Native API Gateway supports GraphQL

  GraphQL for Gloo Gateway seamlessly adds GraphQL APIs to Gloo Gateway. Users can use this to perform joint GraphQL queries on the API without the need to create additional servers, resolvers and resolver mode libraries for GraphQL; all policies and requests can be managed in the Envoy Proxy filter; while supporting declarative configuration, Fully compatible with CI/CD and GitOps workflows.

• Google Cloud Launches GKE Enterprise

  GKE Enterprise combines the best of GKE and Anthos into an integrated, intuitive container platform. It supports multi-clustered workloads (fleet); has manageable security features including advanced workload vulnerability monitoring, governance and policy control, and a manageable service mesh; and supports hybrid and multi-cloud. In addition, GKE Enterprise reduces software deployment time by more than 70 percent.

• Google Cloud GKE introduces Network Function Optimizer to help telcos adopt cloud native network features

  Network Function Optimizer on GKE provides three main capabilities. Modernization of cloud networks through Kubernetes-native multi-networking, defining a network catalog for Kubernetes clusters and allowing Pods to attach an interface to one or more networks based on connectivity or performance requirements. Software-based high-performance data plane acceleration, with cloud native network features (CNFs) that can be scheduled on any Pod, eliminating dependencies between network features and the underlying NIC. Traffic targeting capabilities to simplify traffic classification and support for defining a group of Pods as the next hop (nexthop).

• Google Cloud Kubernetes Release GKE December Update

  Updates: Allow GPU-based workloads to run in Autopilot clusters; support for dual-stack clusters; support for enabling the transport layer plugin NCCL Fast Socket on multi-GPU workloads to improve performance of NVIDIA Collective Communication Library (NCCL); GKE gateway controllers support global external HTTP(S) load equalizer.

• GKE November Update for Google Cloud Kubernetes Release

  What's new: K8s control plane logs are officially available; support for using deprecated insight to identify 1.23 and older clusters; Autopilot clusters support compact placement policies, and support for signaling to GKE when a node has a problem; single cluster GKE Gateway is officially available; when creating a LoadBalancer service, Google Cloud Controller will automatically create firewall rules and apply them to GKE nodes.

• Google releases Filestore Multishares for GKE, a cloud native file storage service

  Filestore is a file storage hosting service, and a Filestore instance is a Network Attached Storage (NAS) hosting system. Filestore Multishares for GKE provides file storage services for GKE instances. Its main features include: supporting regional storage to prevent regional failures; Up to 10 shares can be allocated on a Filestore Enterprise instance, and each share is mapped to a unique persistent volume in GKE; dynamic volume configuration is supported, and the capacity of shares and instances can be increased or decreased as needed.

• Google releases GKE Gateway Controller, enterprise-grade implementation of Kubernetes Gateway API

  GKE Gateway Controller GKE provides an extensible API to manage internal and external HTTP(S) load balancing. Its main features include: providing a multi-routing/tenant-sharing gateway, providing two GatewayClasses by default, namely Global external and Regional Internal load balancing, supporting large-scale end-to-end encryption, supporting custom back-end service attributes, and providing advanced traffic management Wait.

• Google Service Mesh Anthos Service Mesh Update

  Updates include support for auto-configuration of Anthos Service Mesh using the Fleet Feature API, and support for auto-upgrade of data plane proxies via managed data plane.

• Google hybrid cloud automated configuration tool Anthos Config Management update

  Updates include: Config Sync can be stored in Google Artifact Registry or Container Registry as an OCI image sync, Config Sync supports syncing from private Helm repositories, supports user-supplied CA certificates for authenticating HTTPS connections to Git servers, and adds constraint templates K8sStorageClass.

• Grafana Cloud observation platform integrates Cilium Enterprise to strengthen Kubernetes network monitoring

  Once integrated, data deployed in Cilium Enterprise can be fed to Grafana Cloud. Grafana Cloud provides four pre-made dashboards: Cilium overview, Hubble overview, Cilium operator and Cilium Agent. 17 alert rules are also provided for monitoring Cilium core components related to Cilium Agent and Kubernetes cluster status.

• Grafana Cloud launches the industry's first integration of performance testing and distributed tracing

  Grafana Cloud introduces load testing project k6 and distributed tracking backend Tempo (k6 x Tempo) integrated, Bridging the gap between black-box data for performance testing and white-box data inside the system. The integration allows correlating k6's test run data with server-side trace data for root cause analysis; aggregates the collected trace data to generate real-time metrics, helping users narrow the search space and quickly spot anomalous behavior.

• Gremlin Chaos Engineering Platform Gremlin July Update

  Updates: Support for automated detection of high-priority reliability issues in Kubernetes environments, Beta release of Failure Flags for running chaos experiments on AWS Lambda functions, serverless workloads, and containers, allows users to auto-register a Kubernetes Service to Gremlin with a simple comment, added support for simultaneous installation of GitOps-based installations. Gremlin, and adds support for web apps that manage multiple services simultaneously.

• Guance Observable Solutions Guance Product Updates

  Updates: New waterfall chart mode on Span list page, new timed report function, new service management for viewing performance and business data of different services in the current workspace and all correlation analysis, support for directly viewing context logs on log detail page, new table of upstream and downstream call relationships of the current service, new conversion of detection metrics to PromQL queries, new Kubernetes Event Component.

H, I¶

• Harness Software Delivery Platform Harness Platform July Product Update

  Updates: Support for flexible branch switching while running pipelines, support for HPA, support for Pod Interruption Budgeting for Blue-Green Deployments and Canary Release Enforcement Policies.

• Harness Launches Fully Managed Gitops-as-a-Service

  Harness GitOps-as-a-Service builds on Argo CD, integrates OPA, supports audit trails, provides fine-grained RBAC, supports unified single sign-on for different deployments, supports declarative settings, and provides a centralized GitOps control center for management and View deployments in multiple environments and support integration with existing Argo CD instances.

• Huawei Cloud Container Service CCE releases next-generation cloud-native observable platform

  The Cloud Native Observable Platform focuses on four major capabilities: it supports one-click enablement of the monitoring center capability and provides one-stop visual monitoring from the container perspective, supporting monitoring views of clusters, nodes, workloads, pods, and other dimensions; it adds the alert center capability and provides one-click template-based configuration of container alerts; it integrates the LTS logging service capability and launches the Cloud Native Logging Center; and it provides the health center capability to detect cluster failures and potential risks, and to identify cluster failures and potential risks. Docker's health center provides the ability to detect cluster failures and potential risks and provide repair recommendations.

• Huawei Cloud Container Engine CCE Turbo 2023 First-Half Product Update

  Updates: Supports Kubernetes version 1.25; adds network priority control, CPU multi-core load balancing isolation, and CPU burst capability; provides one-click in-situ non-destructive automatic upgrades; supports multi-container shared GPUs; supports mixed management of multiple series and specification instances in the same node pool; and supports batch automatic node OS updates and upgrades.

• Huawei Cloud Releases Distributed Cloud Native Products - Container CCE Turbo and Distributed Cloud Native UCS (Ubiquitous Cloud Native Service)

  CCE Turbo can accelerate all aspects of computing, network, and scheduling to achieve extreme elasticity, such as helping customers easily cope with business traffic peaks with an elasticity of 3000 pod/min; UCS provides cross-cloud and cross-region cloud native application management to achieve a consistent experience.

• Isovalent's eBPF-based cloud native networking, security and observable platform Isovalent Enterprise for Cilium 1.13 released

  Updates: New FQDN Ingress network policy, users can not hard-code CIDR in the network policy; Support SRv6 L3VPN beta, users can cross-connect Kubernetes worker nodes with other services and Kubernetes clusters via SRv6; New Phantom Service, the LoadBalancer IP address in Service The Phantom Service is added, and the LoadBalancer IP address in the Service can be accessed from all clusters in Cluster Mesh; Cluster Mesh supports overlapping PodCIDR; and supports enabling both endpoint routing and BPF host routing.

J, K¶

• JD Cloud Cloud Native Security Platform Released

  Jingdong Cloud Cloud Native Security Platform includes security services such as asset inventory, image security, runtime security, network security, cluster security, node security, etc., providing a full lifecycle cloud native security solution from image generation, storage to runtime.

• Jibudata's multi-cloud data backup and recovery products YS1000 v3.3 & v3.4 released

  Updates: Multi-user self-service based on tenant segregation for private cloud, third-party login support, migration task hooks, migration policy support, image pre-pulling to shorten disaster recovery time, support for external mysql database during installation, set taint-tolerant nodes during installation, support for adding logical database backups to backup plans, support for selecting pvc resources but not including them in backup templates, and support for selecting only pvc resources but not including pvc resources in backup templates. In the backup template, it supports selecting only the pvc resource but not the corresponding data volume.

• Jibudata multicloud data backup recovery product YS1000 v3.2 released

  Update: add etcd backup support for clusters; support for creating mirror backup repository; support for mirror backup with optional application mirror source; support for sandbox recovery without affecting the original business after recovery; support for flexible subsidiary feature configuration using hooks for backup recovery tasks; support for synchronization of data volumes based on backup recovery; support for configuring ingress mapping while configuring disaster recovery instances.

• Juicedata Cloud Native Distributed File System JuiceFS Enterprise Edition 5.0 released

  Updates: Improve cache observability, support active cache clearing, support heterogeneous cache clustering, support automatic fault awareness, provide multiple cache deprecation policies, support shared block devices for data persistence, provide accelerated access to existing data in object storage, and "dump" chunk format files into objects.

• KSOC Launches Industry's First Real-Time Kubernetes Security Posture Management Platform

  The Kubernetes Security Posture Management Platform pinpoints attack activity with real-time context and current and historical information, while also providing actionable remediation based on the current state of the cluster. Specific capabilities include: real-time posture management to discover event-based misconfigurations; aggregating and finding excessive privileges in Kubernetes RBAC; preventing the deployment of non-compliant workloads and reducing the potential blast radius; and scanning for vulnerabilities and generating SBOMs for running containers.

• Kyndryl introduces Cloud Native Services, a multicloud cloud native application migration and optimization solution

  Kyndryl Cloud Native Services provides an end-to-end lifecycle framework that includes code assets, workflows, specialized fundamentals, consulting management services, and comprehensive services related to automated backups, patching, KPI monitoring, security, alerting, and event management for cloud native application migration and optimization . The solution allows enterprises to move their on-premise applications to cloud service provider environments such as AWS, GCP and Azure.

• Kong Service Mesh product Kong Mesh v2.3 released

  Updates: support for Envoy 1.26, least privilege security default configuration in Kubernetes, support for TLS gateway listeners, allow fine-grained control over how the mesh is installed, support for sending changes in configuration updates only to the global control plane, GitOps workflow support for customizing/disabling default policy creation, support for init container sorting, support for GAMMA initiative.

• Kong Enterprise 3.2, a Kong cloud native API platform, is released

  Updates: Support for data plane extensions when the control plane fails; New Datadog tracking plugin to work with Datadog Agent without installing Otel collector; Support for latency-based bootstrapping, allowing Kong load balancers to select the "fastest" backend based on total response time when proxying upstream services. " backend when proxying upstream services.

• Kong Releases service mesh Product Kong Mesh v2.1

  Update: Completed implementation of all next-generation policies, including adding MeshHTTPRoute, MeshCircuitBreaker, MeshFaultInjection, MeshOPA and other policies; added gateway view in the UI; support for configuring ports in eBPF mode.

• Kong Gateway v3.0 Cloud Native API Gateway released

  The main new features of this version: provide federal information processing standard FIPS packages to meet security and compliance requirements, support the execution order of plug-ins, increase native support for WebSocket traffic, add OpenTelemetry plug-ins, introduce new routing engines to handle complex Routing requirements, throughput, latency, and memory consumption are significantly optimized.

L¶

• Lacework Cloud Security Platform Lacework Platform Update in August 2023

  Updates: Agentless Workload Scanning supports scanning of Container images managed by Containerd, Agentless Workload Scanning integrates with Google Cloud Platform (GCP), supports scanning of multiple or secondary storage volumes on a host, and support for scanning of stopped instances, Introduced Pub/Sub-based (GCP) audit logging integration, and a near real-time alerting solution.

• Lacework Platform Cloud Security Platform November Update

  What's new: platform scanner supports multi-architecture container images, provides attack path analysis capabilities, agentless workload scanning is generally available, vulnerabilities found on inactive host kernels are automatically marked as exceptions, CIS GCP 1.3.0 Benchmark reports and policies are generally available, and new host policies are added to detect reverse shell connections and cryptojacking artifacts.

• Lacework Platform Cloud Security Platform September Update

  Updates include: support for agentless workload scanning, support for host vulnerability assessment of Linux hosts on AWS, and support for container image vulnerability assessment.

• Loft Labs Launches vCluster.Pro, an Enterprise-Class Virtualized Large-Scale Virtual Kubernetes Cluster Management Platform

  vCluster.Pro builds on the open source project vCluster by providing an integrated CoreDNS container and vCluster synchronizer; supports separation of the control plane from the worker nodes by isolating the control plane; provides a synchronization patching feature to patch Kubernetes resources during synchronization of virtual and host clusters; and uses the Chainguard busybox image as the base image.

• Logz.io releases K8s full-stack observation platform Kubernetes360

  Kubernetes360 unifies logging, Prometheus metrics monitoring, and Jaeger-powered distributed tracing in one platform, enabling DevOps teams to monitor application SLOs in a simple, efficient, and actionable manner.

M¶

• Mirantis has released the lightweight Kubernetes distribution k0s v1.27

  Updates: Kubernetes 1.27 compatible; support for containerd plugins such as WebAssembly (WASM) and gVisor container sandbox; k0s will run all system components with self-built images; support for controlling the installation order of the Helm chart.

• Mirantis Container Runtime Container Runtime 23.0 Released

  Updates: Experimental CSI support; Enhanced OCI runtime support for Kata Containers and gVisor; Overhead required to perform health checks no longer counts towards the time threshold, and the time required for health checks does not increase even with high container loads; Image build tool BuildKit is used by default.

• Mirantis OpenStack for Kubernetes 22.5, the Mirantis private cloud infrastructure platform, was released

  Release features: full support for OpenStack Yoga, introduction of a shared file system based on OpenStack Manila, and easier integration of OpenStack clouds into L3 networks with MetalLB-enabled BGP mode.

• Mirantis Enterprise Container Platform Mirantis Kubernetes Engine v3.6 released

  The main new features of this version: support for Kubernetes 1.24, support for Google Cloud Platform GCP, support for cri-dockerd instead of Dockershim, security access control updates (OPA gatekeeper is provided as an optional alternative to PSP).

N¶

• NetApp Kubernetes Application Data Management Solution Astra Control 23.07 released

  Updates: Integration of ONTAP MetroCluster, a high-availability storage solution, support for Longhorn as a storage provider, Astra Trident scalability improvements for large-scale Kubernetes deployments, and Astra Trident support for snapshot import.

• Spot by NetApp Officially Launches Ocean CD, a Kubernetes Continuous Delivery Product

  Ocean CD provides out-of-the-box processes for DevOps and infrastructure teams, allowing developers to automate common and reliable continuous delivery using progressive deployment strategies such as Canary deployment, continuous validation, failure policies, and observability. Service owners are able to roll out service changes to production without having to write code or redevelop deployment policies.

• Spot by NetApp Introduces Ocean CD, a Kubernetes Application Continuous Delivery Product

  Ocean CD is a SaaS solution that supports multiple clusters, using Argo rollouts as the engine and overlaying many management features on top. ocean CD allows for rapid enablement of intelligent deployments such as canary, blue-green deployments or simple rolling updates using validation and failure policies; supports continuous validation, correctly executing rollbacks and automated actions based on canary policy definitions; and provides a developer-friendly UI interface.

• NetApp Kubernetes Application Data Management Solution Astra Control Update

  update content: Support setting an application data protection policy for multiple namespaces; Extended detection and protection of cluster-wide resources; Tag-based and tag selectors allow multiple applications per namespace; K8s applications can now failover between clusters hosted by different projects, subscriptions, or accounts; Integrated Lightweight Directory Access Protocol LDAP; Support for more Self-managed K8s platforms.

• Nutanix Launches Nutanix Data Services for Kubernetes (NDK), a Kubernetes Data Management Platform

  NDK provides an application-aware Kubernetes data services solution. nDK provides data protection, recovery, migration, cloning and replication data management capabilities for Kubernetes applications; supports easy reduction of recovery time objectives (RTOs) and recovery point objectives (RPOs) from days to minutes; and provides policy-driven stateful application management; Kubernetes and IT administrators can enable self-service workflows by setting a number of rules and restrictions to manage the infrastructure.

O¶

• Ocean launches Network Cost Analysis, a Kubernetes network cost analysis solution

  Network Cost Analysis (already in beta support on AWS EKS clusters) not only supports displaying network costs and bandwidth consumption used by Kubernetes applications, but also supports forecasting future spending and usage trends.

• Ondat cloud native block storage platform Ondat v2.10 released

  Updates: Support for setting container resource limits for most Ondat pods via storageoscluster resources, support for Red Hat Enterprise Linux for Real Time, operator installs CLI pods by default, allows moving volumes between nodes.

• Ondat v2.9 Cloud Native Block Storage Platform Launch

  The main new features of this version: support for resizing volumes with zero downtime, control the type of storage used by workloads through StorageClass, and allow the topology of volumes to be defined.

• Oracle Kubernetes Release Container Engine for Kubernetes Support for Virtual Node Pools and Virtual Nodes

  Virtual nodes provide a serverless Kubernetes experience, allowing users to run containerized applications at scale without having to manage, scale, upgrade, and troubleshoot node infrastructure. Virtual nodes provide granular pod-level elasticity and usage-based pricing. Users can create virtual nodes by creating virtual node pools in an enhanced cluster.

• OutSystems Releases Cloud-Native Low-Code Development Solution OutSystems Developer Cloud (ODC)

  ODC is a high-performance low-code solution for building cloud native applications. ODC combines Kubernetes, Linux containers, microservices, and AWS native cloud services with DORA's high-performance level CI/CD, enterprise-grade security, and model-based visual development. Support large-scale transaction volumes and data requirements, improve developer productivity with advanced visual programming and artificial intelligence, and enable high-performance CI/CD practices.

P¶

• PerfectScale Launches Kubernetes Cost Management SaaS Platform of the same name

  PerfectScale is the industry's first continuous optimization solution built specifically to improve the persistence and cost effectiveness of K8s environments. Using artificial intelligence algorithms to evaluate usage patterns and performance and cost metrics, the platform provides multicluster, multicloud observability, support for elasticity and performance risk detection, resource waste detection, the supports problem prioritization, provides GitOps-friendly remediation recommendations, supports predicting the impact of system changes on the environment, and more.

• Portworx Backup v2.5, the Portworx K8s data backup product, released

  Updates: Support for storing Kubernetes backup data in NFS v4 objects; support for CSI-native backup and recovery on IBM Cloud Kubernetes Cluster clusters using IBM Cloud Block Storage VPC CSI Driver 5.0.0 or later.

• Portworx Enterprise v3.0, Portworx's cloud native data management platform, released

  Updates: 50% reduction in disaster recovery migration time in asynchronous mode, new license extensions for blue-green upgrades, low and consistent I/O latency for AWS users with NVMe-based storage, ability to encrypt Oracle Cloud and cloud drives for AWS, GCP, and Azure with customer-managed keys, new CSI topology for FlashArray cloud drives. CSI topology added to FlashArray Cloud Drive.

• Portworx Enterprise 2.12 Cloud Native Data Management Platform Release

  The main new features of this version: Local users can enable the PX-Fast feature and use high-performance storage as persistent storage for Kubernetes; allow storage administrators to use custom Kubernetes objects to provide various support services for object storage buckets; automatically generate Vault commands Tokens, which store encrypted secrets and cloud credentials in Vault; allow Kubernetes resources to be modified before they are migrated to the target cluster.

• Portworx Backup v2.3 data backup product announcement

  The main new features of this version: support for sharing backups with other users and groups, support for customizing backup licenses based on specific infrastructure, and support for encryption support for different types of backups using user-supplied or default keys.

Q¶

• QingCloud Releases Distributed Multi-Tenant Cloud Native Operating System KubeSphere Enterprise Edition 3.5.0 Released

  Updates: Support for configuring multiple notification subscriptions for email notification channels, support for adding custom labels to specified alert policies, support for searching by alert content, support for categorizing tenant storage usage data by storage type, and the addition of new on-premises alerts for components such as Redis, Kafka, OpenSearch, and so on, to the DMP of the cloud-native database management module.

• QingCloud Releases KubeSphere Enterprise Edition 4.0, a Distributed Multi-Tenant Cloud Native Operating System

  KubeSphere Enterprise Edition 4.0 is based on the new cloud native scalable open architecture, KubeSphere LuBan, a distributed cloud native scalable open architecture that provides hot-swappable microkernels for extension components. 4.0 features Simple and lightweight system architecture, easy to play with 2 cores and 4G; it also supports the integration of KubeSphere functional components or any third-party business components to realize plug-and-play.

• QingCloud Kubernetes Cluster Patrol SaaS Service Officially Released

  Kubernetes Cluster Inspection SaaS service helps users discover container vulnerabilities and exposures (CVE) in cluster components, services, and ports, analyze operational risks in Kubernetes, and push reports by instantly or periodically checking whether the configuration of cluster nodes and components in Kubernetes multicloud environments comply with best practices, thus ensuring business The ACK helps users identify container vulnerabilities and exposures (CVE) in cluster components, services, and ports, analyze operational risks in Kubernetes, and push reports to ensure continuous and stable business operation and reduce enterprise risks as early as possible.

• QingCloud Releases KubeSphere Container Platform Enterprise Release 3.4.0

  Updates: Support for Prometheus internal TLS authenticated access, built-in integration with HPA extension plugin KEDA, new enterprise space-level gateway and tenant-level storage quota, improved resource alias display weight, support for Whizard observable center configuration via UI.

• QingCloud Enterprise Cloud Platform v6.1 version officially released

  Updates; New monitoring patrol function; New enterprise space function, covering organization management, user management, quota management, resource management, process approval and other space management modules; New support for third-party storage; Provides VMware vSphere nano-management tools; QKE container engine supports bare metal servers as cluster workers.

• QingCloud releases KubeSphere Enterprise Release 3.3, a distributed multi-tenant cloud native operating system

  Version features: New observable center to aggregate and synchronize data scattered across clusters; Refactored cluster monitoring page to focus on resource allocation; Optimized tenant monitoring to support displaying tenant quota settings, etc.; New support for Spring Cloud, a microservices framework; Integrated Argo CD to support GitOps.

• QingCloud Releases Cloud Native Virtualization Platform KSV 1.6

  Version features: unified management and display of all computing, storage and network resources; support for KSV and KubeSphere converged deployment to achieve coexistence and co-management of virtual machines and containers; based on KubeVirt, support for delivery of physical resources such as CPU and storage in the form of virtual resource pools, and unified management, allocation and scheduling, and support for simultaneous creation of mutually Kube-OVN integration enables Underlay & Overlay networking.

• Quali infrastructure automation solution Torque updated to simplify Kubernetes infrastructure management

  Updates include: support for detecting Helm Chart drift, support for automatic collection of Kubernetes host costs, collected data can be imported into third-party audit tools, and visibility into all subcomponents of an environment definition.

• Qualys Container Security v1.22 released

  Updates: Mirror vulnerability report supports displaying labels related to mirrors, container vulnerability report supports displaying Container registry information and Kubernetes object information, support for scanning all mirrors in all registries, software component analysis (SCA) scanning adds support for programming languages PHP, Ruby and Rust.

• Qualys Container Security v1.21 released

  Updates: Support for sensor profiles for regular and CI/CD sensors, support for defining sensor configurations in sensor profiles, allow scanning of all images during automatic registry scans.

R¶

• Rafay Kubernetes Ops Platform supports automated management of Fleet, simplifying the management of multiple Kubernetes clusters

  The Automated Management Fleet feature simplifies the management of large-scale Kubernetes clusters across datacenter, public cloud, and edge environments. This includes: automating common Fleet management operations such as upgrading clusters, updating applications, scaling nodes, etc.; building end-to-end automation and custom workflows; automating standardized policies and governance for clusters in the background to reduce management overhead; initiating Fleet-wide operations with existing tools such as Terraform and reflecting updates to Fleet configurations in GitOps repositories through system synchronization. Fleet configuration updates.

• Rafay Systems Launches Environment Manager to Optimize Kubernetes Developer Experience

  Environment Manager improves the developer experience by providing self-service capabilities for full-stack environments. Developers are able to configure modern application stacks from an environment blueprint that is planned, tested, and continuously managed by the platform team. By integrating with Rafay's Kubernetes Operations Platform, Environment Manager abstracts the complexity of the underlying infrastructure and reduces the time required to configure and access Kubernetes' environments.

• Rafay Systems Launches Cost Management Service for Kubernetes

  The cost management service is part of the Rafay Kubernetes operation and maintenance platform, which provides Kubernetes cloud cost optimization for clusters located in public clouds and internal data centers. It supports real-time viewing of cloud computing spending; is pre-integrated with RBAC to provide visibility and access to role-based cost metrics; can centrally view clusters of multiple public cloud accounts and internal data centers; and can optimize cloud budgets based on resource consumption.

• Rafay Systems launches Service Mesh Manager and Network Policy Manager, providing enterprise-level K8s traffic management and communication security

  Built on Istio, Service Mesh Manager provides microservice teams with centralized security control and traffic management policy configuration. Built on Cilium, Network Policy Manager provides centralized management and visibility into pod and namespace communication to isolate perimeters and reduce a cluster's lateral attack surface.

• Rainbond Cloud Native multicloud Application Management Platform Rainbond Enterprise Package Released

  Rainbond Enterprise Package has a global observable center for monitoring, debugging, and analyzing infrastructure and application services running in Kubernetes clusters and the rainbond platform. In addition, it also provides solutions for IT business system migration to the localized Cintron environment, supports full-link grayscale release and cluster patrol, built-in WAF firewall and operation audit features, supports private deployment of application stores, etc.

• Red Hat OpenShift 4.14 Released

  Updates: Launched Managed Control Panel for bare-metal Red Hat OpenShift and Red Hat OpenShift Virtualization, added Key Management OpenShift Shared Resource CSI Driver, support for sharing ConfigMap and Secret across namespaces, and 24-month support for deployments across all architectures.

• Red Hat OpenShift GitOps 1.10 released

  Support for Argo CD 2.8, including the introduction of the ApplicationSet plugin generator, removal of the legacy Configuration Management Plugin (CMP), ignoring resource updates, and other new features; the GitOps documentation will be moved from a sub-section of the OpenShift documentation (currently under CI/CD) to a standalone section; allows dynamic scaling of the application controllers; and automated installation of the Console Dashboard.

• Red Hat container image repository Red Hat Quay v3.9.0 released

  Updates: Increased coverage of container image vulnerability reports, audit log integration with external log management system Splunk, provides a scalable way to track storage consumption for large numbers of tenants in the registry, automated offsite backup capabilities.

• Red Hat Service Mesh OpenShift Service Mesh 2.4 Released

  Updates: Support for Istio 1.16 and Kiali 1.65, formal support for cluster-wide deployment topologies, integration with Cert-Manager, formal support for external licensing, support for single-stack IPv6, new Prometheus extension provider for OpenShift monitoring or external Prometheus.

• Red Hat Releases Service Interconnect, a Service Connectivity Product for Hybrid and MultiCloud Environments

  Red Hat Service Interconnect, created based on the open source project Skupper.io, enables application and service connectivity between Red Hat platforms, including Red Hat Enterprise Linux, Red Hat OpenShift and non-Red Hat environments, including Kubernetes clusters, public clouds, virtual machines or bare metal hosts, without the need for complex network reconfiguration or elevated security privileges.

• Red Hat OpenShift Container Platform 4.13 Released

  Updates: cert-manager operator provides application certificate lifecycle management; Kubernetes Advanced Cluster Security version 4.0; OpenShift Service on AWS adds hosting control panel; custom metrics autoscaling operator; NUMA aware scheduling and NUMA resource operator; support for compact three-node cluster deployments on AWS, Azure, Google Cloud Platform and vSphere.

• Red Hat Releases Local Container Management Tool Podman Desktop Release GA Version 1.0

  Podman Desktop allows you to install and configure Podman in your local environment and keep Podman up to date. Podman Desktop supports multiple container engines and provides the ability to connect and deploy Pods to Kubernetes environments.

• Red Hat's logging management solution Logging 5.6 was released

  Updates: Compatible with OpenShift container platform cluster-wide encryption policies; Support for custom resource declaration tenant, flow and global policy retention policies via LokiStack, sorted by priority; New log forwarding output option Splunk; Vector replaces Fluentd as default collector.

• Red Hat Advanced Cluster Management for Kubernetes 2.7 released _management_for_kubernetes/2.7/html/release_notes/red-hat-advanced-cluster-management-for-kubernetes-release-notes)

  Updates: support for policy enforcement ordering based on dependencies, policy generator support for referencing local and remote custom configurations, expansion of the number of clusters manageable at the edge to 3500, support for creating clusters on the Arm architecture, search component for large-scale environments officially available, support for simplifying cluster deployment with the new Submariner LoadBalancer mode, and support for the Submariner LoadBalancer mode. Submariner supports clusters without a network environment.

• Red Hat's cloud native CI/CD solution OpenShift Pipelines 1.9 released

  Updates: Pipelines as Code is now available, supports defining Tekton templates in the source code repository; supports concurrency limits for repository CRDs; supports authentication of URLs in pipelines; new Resolvers feature to "resolve" requests from remote tasks and pipelines; new CLI tool opc.

• Red Hat OpenShift Container Platform 4.12 Released

  Updates: Use OVN-Kubernetes network plugin as default network plugin; add topology-aware lifecycle manager for managing multiple single-node OpenShift cluster deployments and upgrades; support optimized resource allocation management via cgroup v2; support fast, low memory consumption crun container runtime; optimize agent-based support for firewall configuration at the management node level; support for dynamically scaling the default Ingress controller based on the metrics in the cluster; support for configuring multiple network policies for SR-IOV devices; support for Serverless function; new OpenShift Network Observability Operator for Support for the deployment of production-grade Kubernetes to edge devices.

• Red Hat Container Registry Quay v3.8.0 released

  New features of this version: support IPv6 single-stack and IPv4/IPv6 dual-stack, users must have a self-signed certificate to use SAN (Subject Alternative Name), Quay administrators can use storage quotas to limit the size of the cache, the new user type "subject to Restricted user", the super user can be configured to have full control over everything in the system.

• Red Hat OpenShift Service Mesh 2.3 released

  The main new features of this version: support for Istio v1.14, support for creating and managing gateways by injecting deployment instances, adding cluster-wide topology, adding an OpenShift service mesh console operator, and supporting Istio visualization tool Kiali 1.57.

• Red Hat Openshift Logging 5.5 release

  The main new features of this version: support for forwarding structured logs of different containers in the same pod to different indexes, use Kubernetes common tags to filter logs with Elasticsearch output, log aggregation Loki Operator and observation data collection Vector collector are officially available.

S¶

• Seal AppManager v0.2, a unified deployment management platform for applications, is released

  Updates: supports comparison of service configuration change history; supports batch and cross-environment cloning of services; optimizes service and resource operation interactions; supports project-level environment/connector management; supports displaying environment dependency graphs; supports cloning of environments; supports multi-tier variable configuration; Kubernetes high-availability installation and deployment, RBAC, and multi-tenant management.

• Sealos Cloud Operating System Officially Released

  Sealos is a cloud operating system distribution with Kubernetes as the kernel. It ditches traditional cloud computing architectures in a cloud native way, enabling organizations to use the cloud as simply as they would a personal computer. With Sealos, you can run any Kubernetes-compatible application; run a nginx demo on Sealos in 30 seconds that automatically scales; start a variety of databases in 30 seconds, connect directly to databases on your business system intranet; launch your business directly in any programming language you write, and more.

• ServiceNow Releases Unified Query Language Lightstep UQL, Extending the Visibility of Kubernetes Applications

  Lightstep UQL supports unified "observability as code", simplifies the process of migrating from multiple disparate tools to the unified Lightstep platform through a single query language, and also supports querying and correlating metrics, logs and track.

• SmartX HCI 5.1 for SmartX Hyperconverged Portfolio Released

  In addition to the recently released container management and service component (SMTX Kubernetes Service 1.0), SmartX HCI 5.1 adds new components such as software-defined load balancing across virtualization and container platforms, observable platforms, and comprehensively improves the capabilities of virtualization, distributed storage, distributed firewalls, system operation and maintenance, disaster recovery, migration tools, and other components.

• SmartX Partners with Spirit Sparrow Cloud to Launch Joint Full-Stack Cloud Native Solution

  In this solution, SmartX provides customers with a production-ready IaaS tier base based on the hyper-converged software SMTX OS, and helps create and manage production-grade Kubernetes clusters through the Kubernetes build and management service tool, SMTX Kubernetes Service. The ACP container cloud platform helps customers realize the full lifecycle platform management of business applications from development, testing to deployment and operation and maintenance.

• SmartX launches IOMesh, the first K8s native enterprise distributed storage in China

  IOMesh has no dependency on infrastructure and the Kubernetes platform, can fully utilize the hardware resources of Kubernetes Worker nodes for converged deployments, supports small-scale start-ups, and can provide Kubernetes native, high-performance, highly reliable, and highly scalable persistent storage capabilities for stateful applications with on-demand investments based on business development.

• SmartX Releases SMTX Kubernetes Service (SKS) 1.0, a production-grade Kubernetes build and management service product

  SKS automatically creates multiple virtual machines to build highly available Kubernetes clusters based on SmartX hyperconverged virtualization, with built-in SmartX production-grade distributed storage and CSI plug-ins to provide persistent volumes for stateful applications; SmartX network and security products and CNI plug-ins enable interconnection of virtual machines and containers and unified network security The SmartX network and security product and CNI plug-in enable interoperability of virtual machines and containers and unified network security management.

• Solo.io releases Gloo Platform v2.3, a cloud native application networking platform

  Updates: New Gloo Portal to help developers classify, share, and manage APIs; support for handling traffic of GraphQL requests in Istio service mesh, including north-south and east-west traffic; support for Kubernetes 1.25 and Istio 1.17; commercial support for Ambient Mesh.

• Solo.io Launches Gloo Fabric, a multicloud Dynamic Resource Discovery Solution

  Gloo Fabric provides multicloud discovery, connectivity, security, and observability capabilities for the Gloo Platform. gloo Fabric configures and manages all features of the platform through a unified API, manages network and security policies through a unified management control plane, supports dynamic discovery of network and cluster resources, and provides API management and cross-cluster multi-tenant isolation functionality. In addition, Gloo Fabric provides automatic zero-trust security and observable capabilities for platform integration.

• Solo.io Releases Cloud-Native Gateway Gloo Gateway 1.13

  Release features: Improved support for OpenCensus and OpenTelemetry trace extensions; Provides a built-in method to catch invalid rate-limiting configurations before errors occur; Adds support for RBAC; Enhances control plane high availability with support for continuous operation of multiple replicas and zero-downtime upgrades; Integrates cluster scheduling tool, HashiCorp Nomad.

• Solo.io Releases Service Mesh and API Platform Gloo Platform

  Gloo Platform is the culmination of Solo.io, integrating three products: Gloo Gateway, Gloo Mesh and Gloo Network. Leverage Kubernetes CR and GitOps to provide a unified operating model and extend capabilities such as zero-trust security, multi-tenancy, advanced routing, and observability to the entire layer 3-7 stack.

• Solo.io releases cloud native gateway Gloo Gateway and CNI plugin Gloo Network

  Gloo Gateway is built on Envoy and utilizes the multi-tenancy and federation features of Gloo Platform, allowing users to easily manage gateway access for multiple development teams and multicluster traffic management. Gloo Network builds on Cilium and integrates the Kubernetes CNI layer as a component of the Gloo Platform.

• Spectro Cloud Cloud Native Edge Computing Platform Palette Edge Platform v3.3 Released

  Release: Support for loading images from external OCI registry, installers can now include pre-loaded content packages (including packages and artifacts); support for creating custom Edge installer images; support for random production device UUID values.

• Spectro Cloud Kubernetes SaaS Management Platform Palette v3.1 Released

  Updates: Palette IaaS clusters support automatic scaling, provides Federal Information Processing Standards (FIPS) compliant versioning of Kubernetes, supports filtering user access by tag and viewing cluster detail views, supports versioning of application profiles, leverages Helm and OCI registries for custom package management, allows suspending and resuming unused virtual Clusters.

• Spectro Cloud released Kubernetes SaaS management platform Palette v2.8

  The main new features of this version: support the use of nested clusters to quickly create a safe and isolated environment for applications; use the web-based Kubectl to allow users to deploy applications through the terminal; support reuse and sharing of large configuration files with many add-ons and integrations.

• Spectro Cloud Palette Edge Platform Update

  Updates include: new tamper-resistant features for edge K8s clusters, support for the edge-optimized K8s distribution Palette eXtended Kubernetes Edge, and simplified edge device deployment.

• StarRocks Labs Releases Cloud-Native Lake Warehouse StarRocks 3.1

  Updates: Support for primary key table model and related functions, query and import performance is basically the same as that of the integrated storage and accounting architecture; high-speed data lake analytics performance is improved and fully compatible with commonly used Trino syntax; add read/write support for Apache Iceberg and analytics support for Apache Paimon, a streaming data lake; improve the stability of materialized view building and refreshing and provide more flexible and easy-to-create views. Provide more flexible and easy-to-use creation and refresh parameters, add more scenarios of SQL intelligent rewriting; provide random bucket, expression partitioning, FILES table function, etc..

• StormForge Releases Optimize Live v2.0, an Optimization Solution for Kubernetes Production Environments

  Updates: resizes applications with a single helm deployment; uses machine learning to analyze workload usage patterns and provide CPU and memory recommendations; can automatically detect the presence of HPAs; provides a range of resource usage reports; simplifies deployment of resource recommendations.

• StormForge K8s optimization platform integrates with Datadog's cloud application monitoring service to simplify Kubernetes observability

  The StormForge K8s optimization platform analyzes observable data based on machine learning technology and recommends resource settings (CPU, memory, replicas) to improve efficiency, scale, and application performance. The platform can now leverage Datadog as a unified observation platform to view and apply optimization recommendations and identify application parameters that should be recalibrated to reduce cluster size and reclaim and reallocate resources.

• StormForge Kubernetes cluster performance optimization solution Optimize Live uses machine learning to optimize K8 automatic scaling capabilities

  The latest version of Optimize Live provides two-dimensional auto-scaling capabilities. HPA and VPA can work together to adjust the size of pods and set utilization horizontally to maximize the efficiency of auto-scaling. Additionally, machine learning is used to analyze historical resource usage to find the optimal HPA target utilization.

• Rancher Prime 2.0, SUSE's enterprise container management platform, released

  Updates: Builds functionality from SUSE and third-party tools directly into the Rancher Prime UI through the UI Extension Framework; introduces the Rancher Prime Application Collection; generative AI assistant; provides performance benchmarking and logging based on both horizontal (number of clusters) and vertical (pods and nods) stress tests.

• SUSE Launches Rancher Prime, an Enterprise Container Management Platform

  Rancher Prime is a distribution of Rancher with core code from Rancher DCE Community, but with more emphasis on security and enhanced features and services for enterprise users. The features of Rancher Prime are: improved comprehensive security governance and a trusted Container registry. introduce UI extensions; full lifecycle support for hosting clusters on Ali Cloud, Tencent Cloud and Huawei Cloud; support openEuler Linux and support for ARM systems.

• SUSE releases SUSE Edge 2.0, a cloud native edge management platform

  The main new features of this version: Simplify the operation of adding and updating edge devices, support the management of Kubernetes and the underlying operating system through a unified operation panel, and integrate SUSE Linux Enterprise Micro 5.3, a lightweight operating system specially designed for containerized and virtualized workloads, Provide security protection for all distributed environments.

• Real-time monitoring platform observation cloud update

  Updates include: support for viewing YAML files corresponding to infrastructure containers, new log viewer DQL search mode, optimized application performance monitoring, DataKit supports synchronizing k8s label as a tag to pod metrics and logs, and supports various The yaml information is collected on the corresponding object data, and the Trace collection supports automatic extraction of some key meta information.

• TenxCloud Microservice Governance Platform TMF v5.6.0 released

  The main new features of this version: support independent deployment, decoupling from the underlying platform; decoupling the two modules of the microservice framework and performance monitoring capabilities; adding a link component topology; adding support for lossless traffic on and off the line; new Added master-standby topology capabilities, and the topology map visualizes the master-standby relationship.

• Shuche Software released SEAL 0.3: the first full-link software supply chain security management platform in China

  New features of this version: support for integrating any OCI container registry, and scan the container image in it; support for integrating any Kubernetes cluster, and scan the workload configuration and image in it; support for scanning third-party software bill of material files; support for any CI/CD pipeline Integrates the security scanning feature of SEAL; can aggregate and manage resources at all stages of the whole link to provide full link security insights; supports automatic generation of multi-policy repair suggestions, priority ranking of vulnerabilities, and timely handling of security issues.

• Sweet Security Launches Cloud-Native Runtime Protection Platform

  Sweet Security introduces the Cloud Runtime Security Suite platform for securing cloud native application runtime. The platform streams application data to its servers using a sensor that analyzes workloads for anomalous behavior by running a framework. The sensor can be deployed in less than five minutes and provides the ability to provide observability of attacks before they are launched and when they occur.

T¶

• Tencent Cloud Container Service TKE February Update

  Updates: cluster node upgrade portal supports docker/containerd component minor version updates, online CFS-Turbo CSI storage plugin, cluster log collection rules support custom configuration of metadata, registered nodes support GPU, support for creating, managing and upgrading Kubernetes clusters in user IDCs with one click through the console on the cloud.

• Tencent Cloud Native API Gateway Update

  Updates: Support for docking to cloud feature SCF and microservice platform TSF, support for regular elastic expansion and shrinkage, support for Annotation-style configuration of Kong Ingress, grayscale capability productization, support for docking to cloud WAF and cloud SSL, and support for mTLS.

• Tencent Cloud Container Service TKE Three Capabilities Upgrade

  Update content: node management, the new HouseKeeper operation and maintenance paradigm, the native nodes, super nodes, registered nodes and other on/off cloud resources nano-management; cluster management, support a cluster management any node, while supporting a variety of nodes such as native nodes, super nodes, registered nodes and edge nodes; application management, to create for In terms of application management, it creates an application management platform for multicloud and edge use cases, and realizes unified distribution, deployment and management of multiple clusters.

• Tencent Cloud Container Service TKE September update

  Updates: support for trustworthy verification of signature images in registries, fully open kubelet custom parameter features, provide descriptions of error codes for abnormal Service/Ingress event information, the ability to run Daemonset on grayscale online super nodes, and add configuration and management according to Label Capabilities of Pod Security Groups.

• Tencent Cloud K8s release version TKE August update

  The updates include: Added SecurityGroupPolicy enhancement component, which supports binding security groups for pods matching policies; supports business pods to use Service Account Token to access cloud resources such as CVM and VPC; supports modifying CPU and memory requests without restarting pods /limit value; support node/workload resource insight capabilities; add Request intelligent recommendation function; add native node-specific scheduler; optimize native node initialization process.

• Tetrate Launches TIS (Tetrate Istio Subscription), an Enterprise Service Mesh Project

  TIS is the industry's only fully upstream service mesh based on open source Istio. Based on the Tetrate Istio Distro, it provides proven builds of Istio for all major cloud platforms. It also offers CVE protection, FedRAMP compliance, and is compliant with the U.S. Federal Zero Trust Architecture standards.

• Tetrate Releases Tetrate Enterprise Envoy Gateway for Enterprise Cloud Native Services

  Built on the open source Envoy Gateway, the Tetrate Enterprise Envoy Gateway supports CVE and escalation management, FIPS-compliant builds for government environments, and support for Envoy features such as global rate limiting, application authentication processing for OIDC and OAuth2.

• Tetrate Launches TSE, a service mesh Solution Designed for Amazon EKS

  TSE is built on open source service mesh components such as Istio and Envoy, and is optimized for Amazon EKS to simplify installation, configuration and operation. TSE provides service mesh automation on top of Istio and Envoy. It is used to install and configure open source components on Amazon EKS, integrate with AWS services, and provide a management console for platform operators to quickly configure the service mesh for security, resiliency, and observability.

• Tetrate Application Connectivity Platform Tetrate Service Bridge v1.6.0 Released

  Updates: Add security rules such as security domain and service security settings; Add east-west gateway to improve service failover between clusters; User interface optimization to support visualization and monitoring of platform and service activities; New troubleshooting tool to troubleshoot without cluster access privileges; Support multiple Istio environments within clusters; Support WASM extensions across gateways and service agents; Skywalking The backend service OAP replaces Zipkin for collecting and querying traces.

• Tianyi Cloud Releases Cloud Native Security Product - Red Shield 1.0

  Red Shield integrates security capabilities into a unified security platform based on the cloud native base, and builds an integrated cloud security trusted operation system and zero-trust architecture for the four major areas of cloud native business application security, network security, data security, and cloud native security. Its core products include Web Application Firewall, Anti-DDoS High, Website Security Monitoring, Enterprise Security Access, Tianyi Cloud Data Security Management Platform, etc.

• Tigera Releases Calico Runtime Threat Defense, a Kubernetes Network and Container Threat Defense Solution

  Calico Runtime Threat Defense combines a combination of signature- and behavior-based techniques to detect known and zero-day threats, enabling detection of MITRE's most common container and network-based attacks. Unlike traditional runtime threat detection platforms, Calico Runtime Threat Defense continuously monitors and analyzes network and container behavior for metrics of attack (IOA) without writing complex rules.

• Traefik Labs Launches Traefik Hub, the Industry's First Kubernetes API Management Solution

  Traefik Hub for publishing, securing, and managing APIs supports Traefik and major third-party portal controllers, including NGINX, HAProxy, Ambassador, and more. Supports GitOps, provides strong security features such as Role-Based Access Control (RBAC), and supports authentication and authorization mechanisms such as OAuth 2.0 and JWT.

• Traefik Labs releases Traefik Enterprise 2.10, a cloud native API gateway

  Updates: allows OIDC middleware to check requests in access tokens, allows loading sensitive data from Kubernetes Secret, and supports limiting API access rates.

• Traefik Labs releases Traefik Hub 1.0, a cloud native network platform

  Traefik Hub 1.0 allows users to quickly and securely publish Kubernetes or Docker containers using Traefik or Nginx. Traefik Hub provides the centralized control plane needed to network Kubernetes clusters without deploying container sidecars to run networking software. It supports container networking through secure encrypted tunnels and direct private connections, adds access control to services through JWT or OIDC, realizes scale automation through GitOps, and is equipped with workspaces to promote cross-team collaboration.

U, V¶

• Upbound Launches Managed Control Plane Management Service (MCP) based on Crossplane

  With MCP, users can scale to thousands of CRDs and use control planes to manage all the cloud service resources they need, allowing them to run dozens or even hundreds of control planes to serve different environments, teams, businesses, and clients. In addition, MCP integrates seamlessly with Git, providing a console for managing and manipulating control planes and all resources, support for installation in any Kubernetes cluster, and support for managing infrastructure and application resources in a GitOps process.

• Veeam Releases Kubernetes Data Management Platform Kasten K10 v6.0

  Updates: provides a way to store reusable metadata transformations; supports sharing licenses across multiple clusters; supports application fingerprinting, where newly deployed stateful applications can be automatically mapped to the correct blueprint; integrates with the Veeam Data Platform, allowing centralized viewing and management in Veeam Backup & Replication V12 Kubernetes backups; support for instant recovery capabilities.

• Veeam Releases Kasten K10 v5.5, Kubernetes Data Management Platform

  The main new features of this version: the new backup window allows users to choose the time interval for policy operation, supports automatic arrangement of the order of underlying backup work, supports the definition of multiple protection policies to set parameters such as backup frequency and location, provides a visual Helm wizard program, supports IPv6, integrated GitOps pipeline, new storage types, enhanced backup security with OpenSSF and Azure Managed Identity.

• Venafi Launches TLS Protect for Kubernetes, a Cloud-Native Machine Identity Management Service

  TLS Protect for Kubernetes is part of Control Plane for Machine Identities, Venafi's platform for machine identity management. Helps security and platform teams manage cloud native machine identities such as TLS, mTLS, and SPIFFE in multicloud and multicluster Kubernetes environments, enhancing the observability, control, and automation of machine identity management.

• Volcano Engine Container Service VKE Q3 Product Update

  Updates: New cloud native batch compute suite, NetworkPolicy support for VPC-CNI clusters, new rdma-device-plugin component, new cluster inspection and troubleshooting tool, support for NUMA topology-aware scheduling, provide mirrors to lazily load the Nydus monitoring dashboard, support for outputting GPU Xid information to log files, support for Kubernetes version 1.26.

• Volcano Engine cloud native PaaS platform veStack Agile Edition Q2 product update

  Updates: New geographic management features; support for Ingress-nginx multi-instance management; support for customization of parameters for kube-APIServer, kube-controller-manager and other core components; support for control plane node failure rotation; new Upstream abstraction, IP black/white lists, and traffic-weighted routing for API gateway; new swim lane management for microservice engine; support for synchronization of tasks in the Nacos registry. The API gateway adds Upstream abstraction, IP black and white lists, and routing by traffic weight; the microservices engine adds swim lane management, and supports importing services from the Nacos registry into the microservices engine through synchronization tasks.

• Volcano Engine Container Service VKE Q2 Product Update

  Updates: Support NodeLocal DNS capability, support Kubernetes v1.24, add Prometheus monitoring module, support veLinux CentOS-compatible version of mirrors, add P2P acceleration, support mGPU multi-card sharing.

• Volcano Engine Launches Managed Prometheus Service VMP

  Volcano Engine VMP is an out-of-the-box product solution based on the open source Prometheus monitoring engine. VMP uses a single AZ multi-copy, cross-AZ high availability solution, supports access to public cloud VKE and other products, and can scan up to 300 million data samples in a single query. It supports comprehensive Kubernetes cluster monitoring scenarios, custom monitoring scenarios, and open source ecological metrics observation scenarios.

• Volcano Engine Releases Distributed Cloud Native Platform DCP

  DCP is an enterprise-level cloud native unified management platform for multicloud and multi-Kubernetes cluster use cases, providing unified management and operation and maintenance of multicloud clusters, cross-cluster distribution of applications, unified traffic control and other capabilities, DCP provides unified management and operation and maintenance of Volcano Engine container clusters, third-party clusters and self-built clusters; provides cross-cluster and cross-cloud elastic scheduling capability based on cluster federation and other technologies; provides multicluster service discovery, multicluster unified portal access and other capabilities; enables application data recovery and cross-cluster/cloud application migration based on backup data.

• VMware Tanzu Application Service 5.0, VMware's cloud native application platform, released

  Updates: Developer portal supports data persistence through an integrated platform database (beta), adds distributed tracing for all platform components, adds BOSH commands for improved disaster recovery workflows, adds OpenTelemetry support (beta), and improves automation of the certificate rotation process.

• VMware Kubernetes DevOps Platform VMware Tanzu Application Platform 1.6 released

  Updates: Introduced the Tanzu Developer Portal, an internal developer portal built on Backstage, allowed developers to create server workloads that are exposed to the public Internet via Contour Ingress, integrated a container image vulnerability scanner (beta), supported CVE filtering via the Tanzu Insight CLI (alpha), supported extraction of workload builds, and supported the extraction of workload builds from the VMware Kubernetes DevOps Platform (alpha). filtering for CVEs (alpha), support for extracting SBOMs for workload builds, the ability to automate builds based on upstream changes in the dependencies used by the workload, custom CA support for on-premise Git repositories in the supply chain, and support for GitOps-based installation.

• VMware Carbon Black XDR, VMware's threat detection and response product, adds support for cloud native applications

  VMware Carbon Black's Cloud Native Detection and Response capabilities enable users to utilize enhanced threat detection capabilities for containers and Kubernetes within a unified platform. This includes: monitoring processes running in containers and Kubernetes environments; obtaining historical data on any anomalies detected in pre-existing containers; and forensic classification of alerts to analyze which container or Kubernetes node the event originated from.

• VMware Launches Tanzu Mission Control Self-Managed Version of Kubernetes Resource Unified Management Product for Multi-Hybrid Cloud Environments

  VMware Tanzu Mission Control Self-managed (TMC Self-managed) brings TMC to market as a local deployment, enabling users who were previously unable to use the TMC SaaS service to try out the Kubernetes management platform, or legacy SaaS users in In some special cases (e.g., disconnection), it can be used as a high-availability backup to the management platform.

• VMware Releases API Gateway Spring Cloud Gateway for Kubernetes 2.0

  Updates: support for managing shared state between API gateway instances using Redis, Tracing implementation using Zipkin, support for configuring API gateway instances to perform health checks on upstream applications, support for configuring Cross-Origin Resource Sharing (CORS) on a per API route basis using metadata, support for Kubernetes 1.23+.

• VMware Tanzu Releases Kubernetes DevOps Platform VMware Tanzu Application Platform 1.5

  Updates: Completed Namespace Provisioner with GitOps mode support; Platform engineers can use private Git repositories to reference templated resources; Support for GitOps-based installation process; New panel to display details of workloads in a cluster; New External Secrets Operator; Support for Spring Cloud Gateway for Kubernetes, a distributed API gateway.

• VMware Tanzu Service Mesh 3.0.3, a Service Mesh solution, was released

  Update: Tanzu Service Mesh CLI supports GitOps, which can be used to automatically deploy Tanzu Service Mesh environments to clusters; supports selecting the namespace to inject proxy sidecar into; supports enterprise-level proxy communication between client clusters and Tanzu Service Mesh SaaS.

• VWware Tanzu multicloud Multicluster Kubernetes Management Solution Tanzu Mission Control Update

  Update: Support for Pod-safe mutation policy, support for Tanzu Kubernetes Grid 2.1 (including ClusterClass), support for continuous delivery of cluster groups, and support for installing Helm charts from Git repositories into clusters.

• VWware Tanzu K8s DevOps Platform Tanzu Application Platform v1.4 Released

  Updates: Support for shared ingress issuer, new namespace configurator for secure and automated namespace configuration, new TAP telemetry report for viewing TAP usage, new IDE extension for Visual Studio - Tanzu Developer Tools for Visual Studio, and support for External Secrets Operator.

• VMware Tanzu Kubernetes Grid 2.1 released

  The main new features of this version: introduce new Cluster API features ClusterClass and Carvel tools, use a unified, declarative API to create and manage clusters; support public cloud Oracle Cloud infrastructure.

• VMware Tanzu releases Application Service Adapter for Tanzu Application Platform v1.0, aiming to bridge the development experience gap between Cloud Foundry and Kubernetes

  Major new features in this release: support for a seamless Cloud Foundry push workflow on Kubernetes and TAP, use Contour to replicate the goRouter ingress pattern in Cloud Foundry deployments, use native Kubernetes RBAC, rebuild Cloud backed by native Kubernetes namespaces Foundry groupWeave and spatial structure, integrate Tanzu Build Service, integrate TAP's end-to-end assembly line supply chain supply chain choreographer (experimental).

• VMware Tanzu v2.0 Application Containerization Tool released

  The main new features of this version: integrated automated scanning tool Cloud Suitability Analyzer (CSA), support for Windows containerization, support for virtual machine containerization, support for more than 200 component signatures for Linux and Windows platforms, and provide a command line interface.

• VMware Tanzu Application Platform v1.3 (K8s DevOps platform) released

  Updates: support for running in a physically isolated environment, integrated supply chain threat scanning tools, a new unified threat monitoring dashboard, support for SBOM, support for dynamic registration of API specifications, integration of Jenkins CI/CD, and support for custom certificate authorities (CA) Certificates, new runtime resource monitoring plugin, added support for Java and Python feature workloads (beta), available on OpenShift.

• VMware Tanzu Kubernetes Grid v1.6 Release

  The main new features of this version: support for deploying workload clusters to hosts and edge devices that support GPUs on vSphere 7.0+, use Multus and Whereabouts to implement multiple Pod network interfaces, support the use of Amazon EBS CSI driver and Azure Disk CSI driver for Kubernetes CSI storage.

• VMware Spring Cloud Gateway for Kubernetes v1.2.0 release

  The main new features of this version: separate the TLS configuration of client entrance and upstream application service communication, expand the authority of customizing and extending cloud secret management, increase the circuit breaker status metric, add global and each API route response cache configuration, and add JSON Filters for request translation to gRPC upstream services, podOverrides added to configure K8s pod override on API Gateway instances, API Gateway can now be deployed via a standalone JAR.

W, Z¶

• Weave Gitops Update

  Updates include: optimize Trusted Delivery, add policy as code and progressive delivery features; add Team Workspaces, optimize multi-tenant working methods; add ClickOps feature in the user interface to simplify microservice deployment; add GitOps Run's technology preview feature, which provides near real-time iterative development, checks against Kubernetes as soon as the local manifest file is saved.

• Comprehensive upgrade of China Unicom's cloud native architecture

  Upgrade highlights: support a variety of domestic chips and domestic operating systems; compatible with CNM and CNI dual standards; newly added DVR distributed gateway, VPC interconnection, VPC elastic network card direct network (based on IPVLAN), VPC routed direct network (compatible with Flannel/ Calico plug-in), policy routing, VPC network multi-exit/entry, IPv4/6, layer 4/7 load separation and other features; single cluster capacity supports carrying over 10W+ containers; integrates a complete set of visual automatic operation and maintenance capabilities.

Comments