The announcement is being made in New York today at CoreOS’ second annual Tectonic Summit, an enterprise-focused conference.
CoreOS is best known as a container startup, a company that offers products such as Tectonic and the Quay registry. But all this work is part of a larger effort to make webscale infrastructure more available to everyday enterprises, and to make it more secure, Polvi says.
Related: How a Security Obsession Made CoreOS a Linux Container Player
One useful tool for security is to have a mechanism for automatically updating software, so that as vulnerabilities get patched, IT administrators don’t have to worry about stray installations that never updated.
Updates are a particularly important topic for containers, which have been advancing rapidly.
“The pace of innovation within Kubernetes itself is just so ridiculously high,” Polvi says. “You have to have a very aggressive update strategy regardless of whether you automate it.”
Two months ago, for example, a security hole was discovered in the Linux operating system’s copy-on-write capability. Named Dirty COW, the vulnerability potentially allowed a takeover of the Linux kernel. This was the first vulnerability to affect Kubernetes, Polvi says, and CoreOS, which didn’t have self-driving Kubernetes ready at the time, had to upgrade its systems manually.
There’s been a push lately to make Kubernetes a de facto standard for container orchestration. Mirantis, for example, has integrated Kubernetes with its OpenStack distribution.
At the same time, alternatives are emerging. Amazon Web Services (AWS) recently announced Blox, intended to be a set of open source container tools. Blox’s purview would include orchestration and scheduling, AWS officials said. Separately, startup Kontena recently released its Kubernetes alternative to general availability.
Self-driving Kubernetes is available to customers as of today. Separately, CoreOS is announcing that Tectonic installations of 10 nodes or less will be free of charge.