The announcement is being made in New York today at CoreOS’ second annual Tectonic Summit, an enterprise-focused conference.
CoreOS is best known as a container startup, a company that offers products such as Tectonic and the Quay registry. But all this work is part of a larger effort to make webscale infrastructure more available to everyday enterprises, and to make it more secure, Polvi says.
One useful tool for security is to have a mechanism for automatically updating software, so that as vulnerabilities get patched, IT administrators don’t have to worry about stray installations that never updated.
Updates are a particularly important topic for containers, which have been advancing rapidly.
“The pace of innovation within Kubernetes itself is just so ridiculously high,” Polvi says. “You have to have a very aggressive update strategy regardless of whether you automate it.”
Two months ago, for example, a security hole was discovered in the Linux operating system’s copy-on-write capability. Named Dirty COW, the vulnerability potentially allowed a takeover of the Linux kernel. This was the first vulnerability to affect Kubernetes, Polvi says, and CoreOS, which didn’t have self-driving Kubernetes ready at the time, had to upgrade its systems manually.
At the same time, alternatives are emerging. Amazon Web Services (AWS) recently announced Blox, intended to be a set of open source container tools. Blox’s purview would include orchestration and scheduling, AWS officials said. Separately, startup Kontena recently released its Kubernetes alternative to general availability.
Self-driving Kubernetes is available to customers as of today. Separately, CoreOS is announcing that Tectonic installations of 10 nodes or less will be free of charge.