Secure Multi-Tenancy for Charmed Kubernetes with Clastix’ new Charmed Operator

by Michael C. Jaeger on 19 May 2022

The new Charmed Operator covering the Capsule Kubernetes extension allows users of Canonical’s Charmed Kubernetes distribution to automatically install and integrate Clastix Capsule Multi-Tenancy as part of the Kubernetes cluster deployment process.

Capsule solves multi-tenancy for Charmed Kubernetes

Multi-tenancy is the ability to run workloads belonging to different subjects such as users, groups, and departments, in such a way that each subject’s workloads are isolated from each other. Multi-tenancy is becoming an important topic as more and more organizations adopt Kubernetes on a larger scale.

While it is possible to configure isolation through namespaces, implementing a true multi-tenancy in Kubernetes is challenging because of the flat nature of namespaces. Clastix has developed Capsule, an open-source operator to aggregate multiple namespaces in a tenant abstraction, while enforcing each tenant within a robust policies-driven boundary. Capsule’s secure multi-tenancy lets tenants create namespaces and self-serve workloads according to quota, limits, and other standard Kubernetes policies. Each tenant’s environment is isolated, with data invisible to other tenants.

Easier setup and management 

Charmed Kubernetes comes with out-of-the-box tools that support deployments and operational management and make microservice development easier. This allows users to focus more on innovation and less on configuration when deploying Charmed Kubernetes, as the Juju framework encapsulates how elements of Kubernetes need to be configured and how they need to interact with each other. Combined with Clastix Capsule Multi-Tenancy, Charmed Kubernetes allows users to further reduce the operational overhead of Kubernetes setup and management.

“Clastix Capsule provides a multi-tenant abstraction that allows multiple teams to share a cluster within the same organization. By integrating Capsule with the Charmed Kubernetes, it can now provide an essential and critical capability of a secure self-service Kubernetes,” said Adriano Pezzuto, Founder, and CEO of Clastix. “We are delighted to offer Capsule to Canonical users looking for governability and security across their organization within the integrated ecosystem of Charmed Kubernetes.”

“The combination of Clastix Capsule and Charmed Kubernetes delivers end-users with a powerful multi-tenant experience that has all the machinery required to manage complex environments easily through Juju. As we’re seeing rising interest in the multi-tenancy space, it is compelling to have the capabilities and experience so seamlessly integrated,.” commented Alex Jones, Engineering Director for Kubernetes at Canonical.

The Charm is available to Charmed Kubernetes users via

About Canonical

Canonical is the publisher of Ubuntu, the OS for most public cloud workloads as well as the emerging categories of smart gateways, self-driving cars, and advanced robots. Canonical provides enterprise security, support, and services to commercial users of Ubuntu. Established in 2004, Canonical is a privately held company.

About Clastix

Clastix is the leader in Kubernetes multi-tenancy solutions. Clastix products and services help organizations of any size to overcome Day2 challenges and confidently run infrastructures based on Kubernetes. Clastix is the author of Capsule, an open-source operator for implementing multi-tenancy in Kubernetes, currently used in production by companies  such as Fastweb, Wargaming, Dutch Railways, Bedag, and many others.

Related posts

Kubecon EU 2023: Operator Day hosted by Canonical – recordings available

The Operator Day at KubeCon EU 2023, hosted by Canonical, took place on Monday, 17 April  2023. We thank everyone for attending the event. Our thanks go out especially to those who engaged with each other during the sessions, asked questions and contributed to our  interactive event. If you missed this 6th edition of Operator […]

Kubernetes backups just got easier with the CloudCasa charm from Catalogic

For a native integration for Canonical’s Kubernetes platform, Juju was the perfect fit, and the charm makes consuming CloudCasa seamless for users. […]

Operate popular open source on Kubernetes – Attend Operator Day at KubeCon EU 2024

Operate popular open source on Kubernetes – Attend Operator Day at KubeCon EU 2024 […]