AME Kubernetes - managed platform
Avisi Managed Environment Kubernetes is a managed Kubernetes platform across multiple cloud providers. It is the core of our Avisi Managed Environment platform. AME Kubernetes clusters are fully compatible with upstream Kubernetes.
|SLA window||Business hours||24x7||24x7|
|Scheduled maintenance||Custom maintenance windows||(week days only)|
|Workload availability||Availability requested workloads. Not applicable for BYOI.||99,9%||99,9%||99,99%|
|Cluster||Control plane availability Single Control plane instances||99,9%||99,9%||99,99%|
|Multi-zone cluster||Deploy a cluster across multiple availability zones||-||99,9%||99,99%|
|Security hardening||Clusters are hardened based on guidelines from the Cybersecurity and Infrastructure Security Agency (CISA).|
|Security monitoring||Automated security monitoring against your clusters|
|Audit trailing||Audit logging is available by default in all clusters, regardless of SLA|
|Monitoring||Integrated support for Prometheus, part of our Avisi Application Performance Stack|
|Logging||Use Loki in any cluster with long term retention. Part of Avisi Application Performance Stack|
|Scaling||Easily scale your cluster up/down. Run only what you need.|
|Compliance||Avisi Cloud has a SOC2 Type II report and is ISO27001-certified.|
|Identity management||Single Sign-on using personal accounts and full RBAC capabilities. Support for Multi-Factor Authentication (MFA).|
Upstream & Conformant Kubernetes
AME deploys an upstream Kubernetes and remains close to the behaviour of standard Kubernetes. All clusters pass the Kubernetes conformance tests by the CNCF.
Every new release by AME must pass these tests before they are published, along side various additional end-to-end tests by Avisi CLoud itself.
Automated cluster nodes
Nodes are managed in a fully automated way. We use immutible infrastructure princples to safely and reliably patch systems.
Should a node become unreachable due to hardware failure, or any other number of reasons, it will be automatically replaced by a healthy node to ensure available capacitity within your environment.
A way to dynamically route traffic from the public internet to your application. Implementations may differ between cloud providers.
Easily persist data within your cluster using external storage. We support native implementations in each public cloud we support and support Ceph for private cloud implementations.
Each cluster is fully isolated from any other cluster and/or customer. No two clusters can reach each other over the network.
We support multiple plugins for in-cluster networking. By default we deploy Calico.
Support is available for weave net and Cillum. With all implementations, we support network policies.
Feature compatibility across providers
Since AME supports multiple providers, certain implementations may be different across clouds.
Avisi Cloud will only support providers that has the following basic functionalitity supported;
- Provisioning of Load balancers - a way to dynamically route traffic from the public internet to your application.
- Provisioning of Persistent Volumes - easily persist data within your cluster using external storage.
- VPC Networking - fully isolated networking from any other cluster.
- The amount of clusters you can create is limited per organisation. The same counts for the amount of nodes within a cluster.
- The Control plane is fully managed by Avisi Cloud. You cannot modify any settings other than available through the API.
- When upgrading a cluster you can only upgrade to the next minor or patch version.
- Clusters can have up to 250 nodes per zone. Note that each organisation starts with a lower limit (5).
- Pod limit per node is 110.
- We only deploy containerd as our primary container runtime (e.g. no Docker).
- It is not possible to disable the metrics-server add-on at this time.
Available memory per machine size
While you can provision machines with 8GB of RAM, you cannot use the entirety of this for your application. A certain part of this memory is used for the operating system and other system components such as the container runtime.