Secure Multi-Tenancy for Charmed Kubernetes with Clastix’ new Charmed Operator

by Michael C. Jaeger on 19 May 2022

The new Charmed Operator covering the Capsule Kubernetes extension allows users of Canonical’s Charmed Kubernetes distribution to automatically install and integrate Clastix Capsule Multi-Tenancy as part of the Kubernetes cluster deployment process.

Capsule solves multi-tenancy for Charmed Kubernetes

Multi-tenancy is the ability to run workloads belonging to different subjects such as users, groups, and departments, in such a way that each subject’s workloads are isolated from each other. Multi-tenancy is becoming an important topic as more and more organizations adopt Kubernetes on a larger scale.

While it is possible to configure isolation through namespaces, implementing a true multi-tenancy in Kubernetes is challenging because of the flat nature of namespaces. Clastix has developed Capsule, an open-source operator to aggregate multiple namespaces in a tenant abstraction, while enforcing each tenant within a robust policies-driven boundary. Capsule’s secure multi-tenancy lets tenants create namespaces and self-serve workloads according to quota, limits, and other standard Kubernetes policies. Each tenant’s environment is isolated, with data invisible to other tenants.

Easier setup and management 

Charmed Kubernetes comes with out-of-the-box tools that support deployments and operational management and make microservice development easier. This allows users to focus more on innovation and less on configuration when deploying Charmed Kubernetes, as the Juju framework encapsulates how elements of Kubernetes need to be configured and how they need to interact with each other. Combined with Clastix Capsule Multi-Tenancy, Charmed Kubernetes allows users to further reduce the operational overhead of Kubernetes setup and management.

“Clastix Capsule provides a multi-tenant abstraction that allows multiple teams to share a cluster within the same organization. By integrating Capsule with the Charmed Kubernetes, it can now provide an essential and critical capability of a secure self-service Kubernetes,” said Adriano Pezzuto, Founder, and CEO of Clastix. “We are delighted to offer Capsule to Canonical users looking for governability and security across their organization within the integrated ecosystem of Charmed Kubernetes.”

“The combination of Clastix Capsule and Charmed Kubernetes delivers end-users with a powerful multi-tenant experience that has all the machinery required to manage complex environments easily through Juju. As we’re seeing rising interest in the multi-tenancy space, it is compelling to have the capabilities and experience so seamlessly integrated,.” commented Alex Jones, Engineering Director for Kubernetes at Canonical.

The Charm is available to Charmed Kubernetes users via

About Canonical

Canonical is the publisher of Ubuntu, the OS for most public cloud workloads as well as the emerging categories of smart gateways, self-driving cars, and advanced robots. Canonical provides enterprise security, support, and services to commercial users of Ubuntu. Established in 2004, Canonical is a privately held company.

About Clastix

Clastix is the leader in Kubernetes multi-tenancy solutions. Clastix products and services help organizations of any size to overcome Day2 challenges and confidently run infrastructures based on Kubernetes. Clastix is the author of Capsule, an open-source operator for implementing multi-tenancy in Kubernetes, currently used in production by companies  such as Fastweb, Wargaming, Dutch Railways, Bedag, and many others.

Related posts

Join us at Operator Day, hosted by Canonical at KubeCon Europe 2023

Join us at the 6th edition of Operator Day at KubeCon Europe – Speakers will talk about their software operator journey, from configuration management to application management. […]

Participate in the Kubernetes and Cloud Native Operations Survey 2023

Canonical has conducted surveys about Kubernetes and Cloud Native Operations in the past two years. As a member of the Cloud Native Computing Foundation (CNCF) and an active part of the community, we contribute the anonymised results back, along with our analyses and the insights of industry experts. Everyone can submit an answer anonymou […]

Join us at Operator Day, hosted by Canonical at Kubecon NA 2022

The 5th Operator Day is coming up. It will take place at KubeCon North America 2022. This edition will center on cases where software operators have been applied successfully. Join us to hear about our experience in building software operators using Juju, an open-source operator lifecycle manager. Operators implemented for Juju are called […]