CLOUD
CLOUD
CLOUD
Google Cloud gets rootkit-resistant Kubernetes nodes, better SAP support
Google LLC today added a set of specialized instance options to its cloud platform that will cater to enterprises with Kubernetes workloads and large installations of software from SAP SE.
The first addition is Shielded GKE Nodes, a mode that can be enabled on regular instances to make them more secure. It’s based on an existing feature called Shielded VMs. The difference between the two capabilities is that Shielded GKE Nodes is built for Google Cloud’s Kubernetes Engine service, which enables companies to run software containers without manually managing the underlying infrastructure.
The feature provides protection against rootkits and bootkits that work by hijacking a server’s operating system. A Kubernetes node with Shielded GKE Nodes enabled performs multiple security checks every time it boots up to stave off hacking attempts. The instance confirms it’s in fact running on Google Cloud, verifies that none of the operating system components have been tampered with and even checks the order in which those components launch.
GKE Nodes aims to kill two birds with one stone for Google customers. In addition to making Kubernetes nodes more secure, it can remove the need for certain supplementary security systems that companies have to use in their environments.
“Shopify’s thousands of nodes must each run a proxy to prevent metadata servers from divulging kubelet bootstrap credentials,” said Shane Lawrence, a security engineer with the e-commerce firm. Spotify hosts the bulk of its systems on Google Cloud. “The change allows us to turn off the proxies to save resources, and limiting the capabilities of the bootstrap credentials eliminates an attack vector, so our platform is even more secure.”
Google today also introduced two supersized cloud instances specifically built with SAP applications in mind. The first offers 208 virtual processing cores and 5.8 terabytes of memory, while the other packs twice as many cores with a staggering 11.7 terabytes of memory.
That’s enough hardware for companies to host SAP workloads which would normally have to be spread out over multiple servers in just a single instance. Consolidating deployments in this way makes maintenance considerably easier for administrators. The new instances will help make Google Cloud more competitive versus Microsoft Corp.’s rival Azure platform, which already provides supersized virtual machines geared toward SAP users.
Image: Google
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
