What is KubeSlice?
Managing large-scale applications and infrastructure can be a daunting task in the enterprise world. With Kubernetes, orchestrating applications became simpler, but orchestrating and scaling your microservices based applications has become more difficult as you grow from single cluster to multi-cluster deployments.
KubeSlice offers a simpler solution to the complex challenges of running multi-cluster applications at scale by creating a Kubernetes construct called Slice. The slice creates a specific overlay network across a fleet of clusters that serves as a logical application boundary, enabling pods and services to communicate with each other seamlessly. The slice transcends geographic borders, allowing applications to be deployed anywhere, whether on any cluster, cloud, edge, or Kubernetes distribution.
Moreover, KubeSlice offers NIST-compliant VPN tunnels for secure and low-latency inter-cluster networking via the east/west path. The slice serves as a single security domain across multi-cluster and multiple cloud providers.
Why KubeSlice?​
As enterprises expand application architectures to span multiple clusters located in data centers or cloud provider regions, or across cloud providers, Kubernetes clusters need the ability to fully integrate connectivity and pod-to-pod communications with namespace propagation across clusters.
KubeSlice enables creating multiple logical slices in a single cluster or group of clusters regardless of their physical location. Existing intra-cluster communication remains local to the cluster utilizing each pod's CNI interface. KubeSlice provides isolation of network traffic between clusters by creating an overlay network for inter-cluster communication.
KubeSlice accomplishes this by adding a second interface to the pod allowing local traffic to remain on the CNI interface, and traffic bound for external clusters route over the overlay network to its destination pod making KubeSlice CNI agnostic.
KubeSlice solves the complex problem of overlapping IP addressing between cloud providers, data centers, and edge locations. The overlay network is configured with a non-overlapping RFC1918 private network CIDR address space. As KubeSlice creates network isolation, KubeSlice also takes the responsibility of allocating subnets that are configurable based on the number of pods allocated to have inter-cluster reachability. In addition, the same RFC1918 address can be configured across multiple slices created on the same cluster or cluster sets further simplifying IP address management.
KubeSlice offers services that dramatically increase application velocity for platform and product teams to achieve uniformity for applications in multi-cluster environments.