Today we’re pleased to announce the 2.4 version of Weave Kubernetes Platform (WKP). This release includes a number of significant features that makes working with Kubernetes across multiple teams even more secure, reliable and portable including: Team Workspaces, RBAC for workspace members, the ability to add GitOps to any Kubernetes cluster and support for Flux 2.0.

WKP delivers GitOps-powered Kubernetes for managing cluster environments on-premise, across clouds and the edge. WKP brings together all of the tools necessary for managing and developing on Kubernetes including: cluster components and add-ons, as well as application workloads from a single GitOps workflow. Customers such as Mettle from NatWest, Deutsche Telekom and Datascan have achieved significant improvements in key agility metrics such as time to release, mean time to recovery and many other gains.

Build flexible cloud native platforms with WKP

By now you are aware that implementing Kubernetes involves much more than simply spinning up a cluster. On top of a base Kubernetes install, there are the core add-ons you need to run it, both within its infrastructure, including a way to monitor its health as well as the tools and applications your development teams require for CD pipelines, code tracing and logging. In addition to this, you may also need to consider other tools for specialized requirements like machine learning or edge computing whose applications also need to be configured to work with Kubernetes.

wkp-componets-weave.png

Standard WKP cluster components

Kubernetes platforms made simple with GitOps

Open and standard technologies like the Cluster API allow for platform teams to manage the configuration of complete platforms as well their upgrade lifecycles. Teams can maintain multiple clusters and development platforms, and since it’s all declarative, you can use GitOps to configure and manage and deploy consistent clusters anywhere you need one: on premise, in the cloud and at the edge.

What’s new in WKP 2.4?

In this milestone 2.4 release, WKP is enhanced with the following new features and functionality:

  • Team Workspaces
  • RBAC for Workspace members
  • Add GitOps to any Kubernetes cluster

Multitenant Team Workspaces for Application Teams

As enterprises and organizations mature on their GitOps and cloud native journey, collaborating with other teams across your organization becomes increasingly important. Team workspaces enable GitOps across multiple namespaces on the same cluster aligned with multiple engineering teams. This significantly simplifies the management of applications by allowing engineers to collaborate effectively across multiple teams and repositories.

When working with workspaces, cluster administrators can organize cluster tenants into logical groups that represent the structure of your engineering organization. A workspace consists of one or more cluster namespaces that are managed through a single Git repository. Repositories can be hosted on Github and Gitlab, and/or on private on-premise instances. Each workspace is configured with resource quotas and limits, as well as network policies that define which pods, services and namespaces can communicate with one another. RBAC rules and roles can also be implemented that specify who can do what to cluster configuration and deployments.

Development teams can immediately start deploying as soon as a new workspace repository has been created without having knowledge of the internals of Kubernetes itself. Each workspace repository’s Flux reconciles Kubernetes manifests with the cluster. WKP 2.4 builds on Flux2.

team_workspaces_git.png


RBAC for workspace members

One of the key benefits of GitOps is to improve security and auditing of operations. By using git every change to a cluster is authorized, logged and auditable. As Kubernetes is deployed widely within enterprises there’s a need for Role Based Access Control and permissions. With WKP 2.4 we’ve added the ability to specify access control and enforce access policies across namespaces. WKP is the first product to implement this capability using Git-based rules through pull request.

Workspaces comes with the following built-in roles:

  1. workspace-member: This role is applicable to development teams, and it allows a member to perform all operations in the specified namespaces, but does not permit modification of resource quotas, limit ranges, and network policies. This role is also added in the cluster repository and can be modified by the cluster administrator with GitOps.
  2. namespace-admin: The role grants admin permissions to the specified namespaces. It is suitable for teams that are without resource restrictions.
  3. cluster-admin: This role grants admin permissions to the entire cluster.

Other roles can be configured through Git as needed.

Add GitOps to any Kubernetes cluster

The benefit of GitOps for management can now be added to any Kubernetes cluster - whatever you’re using. This means any Kubernetes user can benefit from GitOps management of workloads and cluster configuration as well as standard cluster components. An additional benefit is that WKP’s GitOps can be used to provide the same management experience in multi-cloud environments with support for GitOps across multiple public cloud implementations of Kubernetes.

“We would recommend WKP as it allows us to own and manage our applications with a unified workflow across all Kubernetes environments. We’ve adopted the GitOps approach for deployments and life-cycle management: this gives us the on-demand ability to scale easily and securely depending on the usage by our customers. As we expand our cloud-native deployment, WKP is helping us increase agility, build robust operations and scale our deployments. “ said Lance Allred, Infrastructure Manager, Datascan

WKP works with existing cluster provisioning and management systems and adds Team Workspaces with RBAC, WKP’s GitOps observability tooling, along with a standard and supported set of cluster add-ons including Flux, Helm Operator, Scope, Prometheus, and Grafana with full lifecycle management support.

WKP separates cluster installation and management from the cluster component and workload definition. This allows anyone who has previously deployed Kubernetes within the public cloud, private cloud or on bare-metal to enable GitOps and other advanced features.

Support for EKS Distro

WKP supports the newly released EKS Distro allowing you to deploy on-premise and in EKS in the public cloud, as an example. Learn more about how Weaveworks helped Datascan manage their hybrid deployments with WKP in the case study.

Next generation GitOps with Flux2

WKP 2.4 integrates Flux2 - the next generation of our GitOps tools. Flux2 is built from the ground up, uses the Kubernetes' API extension system, fully integrates with Prometheus for full observability and other core components of the Kubernetes ecosystem like Helm. Flux 2.0 supports multi-tenancy and can sync an arbitrary number of Git repositories allowing teams to infinitely scale deployments across fleets. 

Final thoughts

To learn more about the new features in the WKP 2.4 release, watch our on demand launch webinar from December 10th. Paul Fremantle, VP of Product Strategy and Paul Curtis, Principal Solutions Architect will step through the new WKP functionality.