As customers scale up their Kubernetes (K8s) environments, it becomes critical to create a process that ensures only applications that are vetted and approved are deployed to clusters. Without that, it is impossible for customers to standardize clusters, implement best practices and achieve compliance. To help with this, we are introducing the new Custom Catalogs feature that makes it extremely simple for customers to maintain and control a pre-approved list of applications.
What is a Catalog?
A Catalog is primarily a collection of applications for which Rafay provides out-of-box workflows to deploy at scale along with the ability to customize those deployments. Rafay initially provided a ‘System Catalog’ that included a list of popular applications for customers to choose from within our platform. Based on feedback from customers, we are now extending it to include the ability for customers to create and manage their own ‘Custom Catalogs’ to provide internal users a curated ‘Enterprise catalog’ experience.
With Rafay, it is possible to create custom catalogs on a per project basis. A project is a logical isolation boundary that allows customers to compartmentalize infrastructure, user access and resources.
Let’s consider an example where you want to allow only certain versions of an application (Istio) to be available to teams for deployment across clusters. A typical workflow to achieve this would involve the following steps.
Centralize creation of Custom Catalogs in a project
- Create a Project, (central-custom-catalog) where you will create the standardized Custom Catalogs
- Create a Repository (team-repository) within that project that points to the private Helm repository
- Create a new Custom Catalog (central-catalog) and select the Repository from the drop-down.
4. Enabling Auto Sync Catalog automatically refreshes the Custom Catalog (central-catalog) on any updates to the repository (team-repository)
5. You can see that only two versions of Istio (1.13.3 & 1.13.4) are available in the Custom Catalog
Share Custom Catalogs with other Projects
- Custom catalogs can be shared with all or select projects in the Org/Tenant. In this specific example, we will share the Custom Catalog (central-catalog) with two Projects team1 and team2
2. Navigate to team1 (or team2) project, the shared Custom Catalog should now be available within the project
Automatic updates to Custom Catalog
- Let’s add Istio version 1.14.1 to the private repository. Based on necessary validation/testing, let’s assume that it is now approved for use across projects
- Istio version 1.14.1 is automatically synced to the Custom Catalog (central-catalog). Any changes to the repository are synced every 30 min. Alternatively, a manual sync can be initiated to reconcile the changes immediately.
In addition to enabling a central architecture team to create standardized Custom Catalogs and share them with downstream projects, Rafay’s Kubernetes Operations Platform also provides integrated workflows within the product; for example Creation of Cluster Blueprints using Catalog Applications. Following the steps outlined above along with leveraging the integrated workflows within the platform makes it extremely simple to control the software components that get installed and ensure that clusters are continually in a state of compliance. To learn more read our docs on Custom Catalogs.
Want to try this yourself? Sign up for a free trial of the Kubernetes Operations Platform today.