Edge Runner hia internet access anaa?

Ɛnyɛ wɔ dwumadie titiriw ho. On-prem deployment wɔ nhyehyɛe wɔ internet kwan a ɛkɔ mmerɛ bi mu. Mpaapaemu da wo kwan a wɔapatow so.

Data a ɛhia bu betumi tena yɛn environment mu?

Yiw. On-prem deployment wɔ nhyehyɛe ma nsakraeɛ, dwumadie, ne adanse betumi tena ɔtenefo-hwɛ nhyehyɛe mu pɛpɛɛpɛ.

Yɛbetumi de ripot yɛ wɔ ɛfam nko?

Yiw. Ɛfam nko adanse ne ripot ne adepa wɔ on-prem ne air-gapped deployment a ɛyɛ den.

Ɛkwan bɛn so na wɔapatow test capsule?

Wo on-prem nhyehyɛe tenten de署名, policy hwɛ, version, ne onipa apatow bɔ ansa capsule akɔ runner.

Zof betumi de yɛn PAM system adi dwuma?

Yiw. Dwumadie bɔ PAM ho wɔ ahyɛde brokering ho a ɛnyɛ sɛ ɛde nhunmu hyɛ ase fi wo nhyehyɛe ano.

Yɛbetumi de Zof to on-prem?

Yiw. Kratafa yi kyerɛ yɛn on-prem nhyehyɛe tenten a ɛwɔ hɔ, enterprise-nko a architecture nhwɛso ka ho.

Yɛbetumi de private cloud?

Yiw. Ɔtenefo bi de private cloud ma nhyehyɛe tenten ne on-prem runner ma dwumadie, wo architecture nhwɛso de kyekyere a ɛfata no kyerɛ.

Nsiesie betumi hia onipa apatow?

Yiw. Nsiesie a wɔhwɛ mu hia apatow a ɛyɛ dɛ ansa dwumadie a ɛda production so.

Yɛbetumi gyae screenshot anaa de nsɛm a ɛhia bu mu fa gu so?

Yiw. Redaction ne gu policy wɔ nhyehyɛe wɔ environment mu.

Yɛbetumi di desktop nsɛnkyerɛnne nsɛsɛ?

Yiw. Runner boa desktop nsɛso beae a policy taw ano.

Yɛbetumi boa air-gapped environment?

Yiw. On-prem yɛ kwan titiriw wɔ air-gapped dwumadie ho, a capsule import a wɔde nsa yɛ wɔ pilot ho ka ho.

Ɛkwan bɛn na bɔ da on-prem anaa enclave deployment ho?

On-prem bɔ yɛ custom na ɛka architecture nhwɛso, deployment nsakraeɛ, ahobammɔ nsɛso, ne enterprise boa ho. Kɔ so ne sales.

Private Kubernetes

Private Kubernetes Deployment for Autonomous Reliability Infrastructure

Run Zof execution-compatible agents in customer-managed Kubernetes clusters. Control plane and execution plane stay separable; Zof does not claim to install a full Kubernetes platform for you.

Hwɛ deployment architecture Hwɛ deployment hub

Ɔtenefo-hwɛ cluster

Nhyehyɛe tenten / dwumadie tenten kyekyere

Namespace isolation pattern

Ɛbɔ hybrid ne enclave model ho

Adɛn private nhyehyɛe

Adɛn enterprise hia private nhyehyɛe

Nnipa pii daa de Kubernetes di dwuma wɔ platform a ɛwɔ mu. Zof boa ma wɔde dwumadie to cluster no mu a nhyehyɛe investment a ɛwɔ hɔ no behu mfaso.

-Cluster nhyehyɛe ne GitOps pipeline a ɛwɔ hɔ
-Platform team wɔ node ne networking so tumi
-Hia sɛ wɔde adwuma a ɛhia bu kɔ multi-tenant SaaS dwumadie so
-Environment a wɔakyekyere a namespace-level isolation wɔ mu

Ɔtenefo cluster

De dwumadie nhyehyɛe to ɔtenefo-hwɛfo cluster mu

Wɔbetumi de dwumadie asuafo to cluster a wode hwɛ sɛ adwuma. Nsakraeɛ ne apatow betumi yɛ wɔ cloud, private cloud, anaa on-prem nhyehyɛe tenten mu a ɛda policy so.

-Asuafo a wɔhyehyɛ sɛ nsɛnkyerɛnne foforo
-Ɛbɔ ɔtenefo CNI ne policy engine ho
-Cluster no mu inbound access nnhia
-Boa multi-cluster fleet wɔ bere mu

Tenten kyekyere

Nhyehyɛe tenten ne dwumadie tenten kyekyere

Nhyehyɛe tenten de policy, graph context, apatow, ne nhyehyɛe mu. Dwumadie tenten de signed capsule gyina nsɛnkyerɛnne a ɛwɔ cluster anaa network a ɔkɔ mu.

Private Kubernetes dwumadie

Asuafo a ɛyɛ dwumadie-tumi wɔ ɔtenefo-hwɛfo cluster mu, ɛnyɛ platform install a ɛmee.

-Ahobammɔ nhwɛso ano a ɛyɛ dɛ
-Runtime data a ɛhia bu tena dwumadie namespace mu
-Nhyehyɛe tenten API di nsɛsɛ gyina nsɛnkyerɛnne a wɔahwɛ mu so tena so
-Hybrid kyekyere yɛ adeɛ a ɛba pii wɔ enterprise rollout mu

K8s asuafo

Kubernetes dwumadie asuafo

Asuafo no wɔ boa ɔtenefo Kubernetes ho, ɛnyɛ sɛ ɛde wo platform team so. Nteɛ, HA, ne mpaapaemu da wo cluster nhyehyɛe so.

-De to so via ɔtenefo-apatow manifest anaa operator
-Resource limit ne pod security policy no ahwɛ mu
-Runner identity ne dwumadie host allowlist
-Staged rollout wɔ namespace anaa cluster mu

Ano

Dwumadie ano a wɔahwɛ mu

Namespace, network policy, ne service account de dwumadie kyekyere fi adwuma a ɛnfa ho. Nhunmu hyɛ ase wɔ runtime, wɔnhyɛ wɔn ase wɔ Zof Cloud mu.

-Namespace-ano RBAC
-Kɔ so de external secrets manager a wɔboa
-Service mesh alignment a ɛba bi
-Asuafo lifecycle nsɛm audit

Mu nsɛsɛ

Nsɛnkyerɛnne a ɛwɔ mu nko ara

Sɛsɛ microservice, API a ɛwɔ mu, ne admin UI a wɔbetumi de fi cluster network mu a ɛnyɛ sɛ wɔde bɔ internet so.

-In-cluster service-to-service nsɛsɛ
-Ingress nko ara beae a policy taw ano
-Bɔ edge runner ho wɔ off-cluster legacy system
-Graph-tumi targeting de nkɔkɔbɔ a ɛba so

Kyekyere

Namespace kyekyere

Nnipa bɔ business unit anaa environment ne namespace ho a policy, kaa, ne adanse mode a wɔhyehyɛ wɔn ho.

-Dev / staging / prod kyekyere
-Nnipa ho quota ne concurrency cap
-Adanse dabɔ a ɛda namespace so
-Promotion nhyehyɛe tra namespace mu

Nhunmu

Nhunmu hwɛfo

Wɔde ahyɛde hyɛ ase wɔ dwumadie bere via PAM anaa cluster nhunmu kɔkɔbɔ. Nhunmu a ɛtena ase nkosi kwan biara nyɛ ɛkwan a wɔde kɔ SaaS a ɛwɔ aburokyiri.

-Token a etim so a wɔde sɛ adepa
-Pattern a ɛbɔ PAM ho
-Nhunmu nhyɛ ase wɔ nsakraeɛ tenten a apatow nni ho ansa
-Dane bɔ wo nhyehyɛe ho

Artifact

Artifact kwan

Nsɛsɛ artifact ne bundle tena ɔtenefo-hwɛ dabɔ mu, ɛkyɛ sɛ wode nhyehyɛe sanitized anaa metadata egress.

Hybrid dwumadie nhyehyɛe

Cloud nhyehyɛe a ɛfam dwumadie fleet ahodoɔ.

-S3-bɔ, NFS, anaa on-cluster volume
-Kaa policy wɔ namespace mu
-Checksum ne署名 wɔ bundle ho
-Promotion a ɛba bi kɔ adanse catalog a ɛwɔ ɛnnɛ

Telemetry

Telemetry ano

Metrics ne asuafo log betumi tena in-cluster observability stack mu. Dashboard a ɛwɔ ɛnnɛ betumi de metadata nko ara nyinaa bi.

-OpenTelemetry-bɔ pattern a wɔboa
-Redaction ansa export a ɛtra ano
-Correlation ID wɔ audit ho
-Log exfiltration a ɛhia a ɛmee

Nhyehyɛe

Enterprise nhyehyɛe

Capsule署名, onipa apatow, ne nsiesie ano da so bɔ pɔtɛ ma VM, bare metal, anaa Kubernetes so dwumadie.

-Policy version a wɔahyɛ ase wɔ dwumadie mu
-Apatow chain wɔ production kwan ho
-Kɔ so de ITSM change record
-Export wɔ GRC ne mu audit ho

Hybrid pattern

Hybrid architecture pattern

Kubernetes dwumadie pɛ de VPC runner, edge beae, ne endpoint asuafo bɔ ho wɔ nhyehyɛe tenten baako ase.

-Graph ne fleet nhyehyɛe baako
-Capsule model a ɛte pɔtɛ wɔ surface ahodoɔ so
-Adanse policy wɔ surface mu
-Architecture nhwɛso de rollout nhyehyɛe kyerɛ

FAQ

On-prem deployment asɛmmisa

Asɛmmisa a ɛba pii fi nhyehyɛe ne security nnipa.

Daabi. Dwumadie de runner a ɔtenefo ato so wɔ wo network mu. Zof nhia inbound access kɔ bea a wɔakyekyere.

Next step

Kasa fa banko deployment ho ne Zof

Hwɛ kyekyere, capsule nhyehyɛe, ne runner beae ne nnipa a wɔboa enterprise a wɔakyekyere wɔn.

Book banko deployment nkyerɛkyerɛ Contact sales