Edge computing at DoD: 3 must-haves to successfully deploy and manage containers
August 28, 202311:26 am
5 min read
It’s no secret that the United States military is shifting resources and attention to the Pacific region. With rivals like China and Russia, the Defense Department wants to ensure that it is able to keep pace with its adversaries in the world’s largest region.
To stay ahead, the U.S. military needs to take full advantage of state-of-the-art applications and technologies like artificial intelligence, running them not just back at home base or in the data center but deployed right where they’re needed — across the theater of duty. In today’s service branches, every ship, plane, truck and forward outpost has the potential to become an edge computing node and a smart digital asset.
Containerization of both software and applications, managed under Kubernetes, is becoming the go-to solution for just such needs within Defense and the military services, said Michael Wood, director of DoD and national security programs at Spectro Cloud.
The key to DoD supremacy at the edge is running containerized apps, orchestrated by Kubernetes, Wood said. But edge environments differ substantially from deploying apps in the cloud or data center. Teams will need to tackle three main considerations as they look to start running container workloads on edge devices.
Edge computing need No. 1: ease of deployment
Most service members aren’t technology experts and deploying the apps they need in Kubernetes environments — as well running and managing the clusters after setup — is always complex, added Kyle Goodwin, vice president for public sector at Spectro Cloud.
“Traditionally, DoD has had to hire experts to head into the field with service members and solve these challenges in edge environments,” Goodwin said.
But there are ways to get a Kubernetes cluster up and running at an edge location without needing a tech expert on site. Using Spectro Cloud’s Palette VerteX, for instance, service members can set up the required infrastructure with little prior knowledge of deploying containers, he said.
“It allows someone right out of basic training to be able to operate a system and also manage the swapping in and out of hardware too as time goes on,” Goodwin said. “Afterall, hardware failure is common, perhaps even more so in some DoD edge locations.” (Learn more about the logistics of managing Kubernetes clusters in challenging edge environments in this blog post by Anton Smith, head of product at Spectro Cloud.)
Palette VerteX takes much of the complexity out of building Kubernetes clusters, which means that service members don’t need subject matter experts by their sides.
“If you’re using Palette, anyone can set up that Kubernetes cluster just following simple three-step instructions,” Goodwin said.
Palette VerteX provides autoregistration to help with low-touch or no-touch use in situations where a service member may be exhausted or even under fire. For instance, someone can plug in a headless device — one without a monitor — and just press the power button. If there’s a network connection and device powers up, Palette will take over and onboard the cluster automatically.
Ease of use is only one part of the puzzle, however.
Edge computing need No. 2: security
“Security is a big challenge when running Kubernetes clusters in edge environments,” Goodwin said. “You may not be able to physically protect the edge device from theft or physical tampering. You can’t guarantee network access for authentication and authorization — or patching new vulnerabilities. And that’s just for starters.”
That’s why edge security for these clusters needs to be holistic. It must be founded on immutable, tamper-proof software stacks, use encryption and have secure software supply chains, he said.
Goodwin advised relying on systems that meet Federal Information Processing Standards for cryptography across all elements of the infrastructure and in all environments, including edge. That’s an important best practice, he added, noting that Palette VerteX is one such system.
“Edge environments don’t have four solid walls. They have no dedicated teams to monitor everything and everyone that comes in and out — physically or virtually,” Tenry Fu, CEO and co-founder of Spectro Cloud, wrote in a blog post. “Edge computing is all about unsupervised locations, intermittent or no connectivity, sizing constraints and nodes exposed to weather conditions, and hundreds or even thousands of locations to manage.”
To address those needs, Spectro Cloud collaborated with Intel on the Secure Edge-Native Architecture. The reference architecture defines key requirements for security when using things like cloud-native apps in edge environments. SENA brings together open source technologies with zero trust principles to raise the industry’s standard for securing edge environments, Goodwin said.
Edge computing need No. 3: scalability
Finally, DoD needs to make sure it can manage edge computing at scale.
Depending on the workload and use case, Goodwin said, military teams may need to deploy Kubernetes clusters to many different environments, even ones with intermittent or degraded connectivity, or where a cluster is air-gapped — having no network connections by design.
The software and applications developed and used across DoD are created on a variety of platforms and typically housed in hybrid, multicloud infrastructures.
Palette VerteX lets customers bring in applications built on multiple platforms and keep track of them from one console.
“What we’ve focused on is the management layer,” Goodwin said. “At the end of the day, we manage all this through one single pane of glass — no matter the Kubernetes distribution being used, no matter the cloud-native technologies that are used within your application stack. You manage that declaratively in that one single pane of glass, do it securely and do it at scale.”
A central management point provides secure updates to devices and applications regardless of operating system or security integration, he said.
“Ultimately, having the ability to deploy and scale Kubernetes clusters securely at the edge can change the way the military works in the Pacific region — really anywhere necessary — and bring the best technology to service members so that they can execute their missions,” Goodwin said.