Kubernetes (K8s) solves the container orchestration, application deployment, scaling, and management problem. However, it does not solve the observability, traffic management, secure communications and connectivity related problem. Service mesh implements high performance, low latency, built-in Certificate Authorities (CAs), but these CAs operate without oversight of security teams. This creates friction, uncertainty, and doubt for security teams that are being pressured to support broad service mesh deployments.
This project addresses the many limitations of the embedded service mesh CAs by providing:
- A fast, easy, and integrated source of machine identities for developers
- Policy and oversight for security teams using Venafi