Kubernetes has dramatically improved the way we manage our workloads. It has become the de-facto standard for deploying and managing containerized applications, and is available in all major cloud providers.

A typical setup consists of distinct Kubernetes clusters for each application stage (e.g., dev, test, prod) or a cluster per tenant, and Kubernetes clusters shared between different users and teams often utilize namespaces and roles to control access. Deploying a single application to a Kubernetes cluster usually consists of tens to hundreds of resources (e.g., deployments, services, ConfigMaps, secrets, ingresses, etc.).

Even a relatively simple setup quickly becomes tedious to manage as the resource count grows. It is difficult for a human to keep track of resources, especially with user access limited to certain clusters in select namespaces.

A cloud asset inventory is a complete representation of the resources in your cloud. The job of the inventory is to continuously discover new resources and store data about each individual resource (such as its properties, configurations, and dependencies). Examples of resources not only include compute instances, storage buckets, Kubernetes pods, but also access keys and user and org policies.

In modern cloud-native environments, developers enjoy freedom and permissions to create new resources. The resources in a company's cloud environment can easily number in the hundreds of thousands or millions, resulting in new challenges for infrastructure engineers. One such problem is "infrastructure fragmentation"—resources are distributed across regions, organizations, accounts, and/or projects, and each resource has unique properties and APIs. Coupled with constant change, this fragmentation makes it difficult to keep track of resources, which opens the door to cost problems, security threats, and compliance issues.

A cloud asset inventory solves the infrastructure fragmentation problem by providing complete visibility into all resources from a single place.

Hello everyone, here's an update for July!

In June, we released Resoto 2.3.2. The key update that we shipped is a feature that a lot of users have asked for—support for Kubernetes! 😎

Configuration UI​

Last month we introduced our new config system, with the ability to edit your Resoto configuration on the fly via Resoto Shell. Not everyone is comfortable working with the shell though, and so we added a new web-based UI.

Kubernetes Support​

So far, Resoto has worked out-of-the-box for the "native" cloud providers AWS, Google Cloud, and DigitalOcean. But our users have been telling us that they're not just running "bare metal" on these clouds. No surprise—most of them use Kubernetes for orchestration. You can now point Resoto to your kubeconfig file, with which Resoto will collect all available contexts.

We think you will be delighted to use Resoto with Kubernetes. For more details, check out Matthias' blog post.

Nested Properties​

To add Kubernetes support, we first had to build new capabilities into our data model. Nested properties is one such capability.

The first version of Resoto supported simple structures—think "a resource with a property." This simple structure unfortunately doesn't work well with the nested structures commonplace in Kubernetes. For example, one Kubernetes pod can contain multiple containers. Within each of those containers, you then have a long list of possible properties (from the 100+ mentioned above). Each of those nested properties can be accessed and used for filtering or information retrieval.

Resoto now supports arbitrary complex models with nested properties. We also made sure autocomplete in Resoto Shell works with complex models. You can (literally) navigate through nested properties as you type.

Multi-Cloud Graph Edges​

Another fundamental capability we launched with Kubernetes support is support for graph edges between different clouds.

Data collection and definition of resource dependencies within Resoto happens with cloud-specific collectors. Since collectors are cloud-specific, so far Resoto has only supported dependencies within a cloud, not between clouds.

Kubernetes resources are abstracted away from the underlying cloud provider. The Kubernetes collector knows nothing about AWS or EC2 instances, while the AWS collector only knows AWS services like EC2 and EKS. With multi-cloud edge support, Resoto can now track relationships between the two, creating the complete call graph for a view of the entire stack from ingress, via pod, deployment, k8s node, or compute instance down to the hardware.

This new feature provides insights across multi-cloud infrastructure. Since we see a lot of multi-cloud deployments in the enterprise, we will continue to extend our collectors to provide additional insights into relationships across clouds.

Read more about nested properties and multi-cloud graph edges in the release notes.

Kubernetes is the de-facto standard for orchestrating containerized applications. It is the go-to solution no matter where your infrastructure is running. Resoto can already collect resources in Amazon Web Services, Google Cloud, and DigitalOcean, all of which support Kubernetes.

I'm happy to announce that Resoto now supports collecting Kubernetes resources!

Understanding what's running in your cloud infrastructure is important for a number of reasons—for example, security, compliance, and cost.

But sometimes, the cloud feels more like a black box that you're feeding with cash, and in turn it performs the work that makes your business run.

Even those spinning up cloud resources might only be aware of their small slice of the pie. With hundreds of thousands of interconnected resources, it is really hard to know what's going on!

Cloud inventory has become a new type of technical debt, where organizations lose track of their infrastructure and how it relates to the business. Resoto helps to break open the aforementioned black box and eliminate inventory debt.