Aviatrix is proud to announce Project Skyhook for securely connecting container groups and enforcing policies across distributed hybrid and public clouds.
Project Skyhook builds on Aviatrix’s cloud native networking software which provides centralized network connectivity, management, and security of applications running on virtual machines. The first deliverable from Project Skyhook is a Community Edition of Aviatrix that gives developers and IT operations simple, policy-based, secure user access to containers.
Containers are already proliferating, especially in the cloud, and developers’ biggest challenge right now is navigating difficult abstractions and the lack of native tools for troubleshooting their remote containers. By definition, containers don’t have tools installed like most virtual machines. By giving users VPN access directly into cloud containers, Aviatrix makes it effortless for them to use their familiar locally-installed command-line tools like curl, vi, and wget on those container resources.
The software is not a network overlay. Rather, Aviatrix sits directly in the data path, taking advantage of the richness of Docker’s native VXLAN overlay drivers and APIs, just as it harnesses the AWS, Azure and Google APIs to offer cloud native networking.
The Aviatrix release of Skyhook provides user VPN access with:
- Integrated multi-factor authentication
- Granular user profiles with policy enforcement
- Application specific access controls that are enforced across VMs and containers
This release is available as a free-to-download Amazon Machine Image (AMI). The capability is also available for current customers via software upgrade. The release enables the Aviatrix VPN gateway to join a Docker swarm cluster and provides VPN access to the containers in the cluster.
- Developers can now use their favorite software tools (e.g. curl, wget, etc.) on their laptops to run remote commands on containers without complex port mapping and having to run Docker exec commands.
- IT Operations can manage each individual container directly using private IP addresses and no security holes or production downtime during troubleshooting.
- IT Operations can manage accessing containers with multi-factor authentication and enforce security with user profile based access control.