Key Features
KubeSlice simplifies Kubernetes at scale, enabling seamless multi-cluster, multi-tenant, multi-region, and multi-cloud application deployments. It unifies networking, application, Kubernetes, and deployment services into a single platform, ensuring consistency across clusters for distributed applications. By standardizing operations, KubeSlice accelerates development velocity and empowers both platform and product teams to deliver faster and more efficiently.
Features Summary
The following table summarizes the key features of KubeSlice.
| Main Feature | Sub Feature | Description |
|---|---|---|
| Application Management | Namespace Sameness | Ensures namespace sameness across clusters or cloud. Allows applications to be deployed with namespace parity for simplified management and portability. |
| Service Exports and Service Imports | Automatically discovers and exposes services across cluster boundaries, enabling cross-cluster service connectivity without manual configuration. | |
| Isolation | Allows isolation by association of application namespaces with a slice. | |
| Network | East-West Cluster Communication | Establishes secure, per-slice tunnels between clusters, forming an overlay Layer 3 network for seamless communication. Supports ingress and egress gateways for East–West traffic. |
| Eliminate IP Address Conflicts | Uses a non-overlapping RFC1918 address space to remove the complexity of overlapping CNI CIDRs across cloud, data center, and edge environments. | |
| QoS Profiling | Defines Quality of Service (QoS) profiles per slice, allowing granular traffic control and prioritization for inter-cluster network traffic. | |
| Security and Governance | Multi-Cluster Multi-Tenancy Security | Provides secure isolation and encrypted connectivity between tenants across clusters, enforcing slice-level security boundaries. |
| Multi-Cluster RBAC Policies | Propagates Role-Based Access Control configurations consistently across all clusters and slices in a workspace. | |
| Resource Quotas and Policy Management | Applies and enforces CPU, memory, and storage quotas along with policies across clusters for fair resource allocation. | |
| Multi-Tenancy | Multi-Cluster, Multi-Cloud, and On-Prem Support | Enables consistent multi-tenancy across clusters spanning cloud, on-premises, and edge environments, providing unified management and isolation. |
| Application and Namespace Isolation | Segregates applications and namespaces across slices for tenant isolation and resource governance. | |
| Multi-Cluster Networking | Layer 3 (L3) Pod-to-Pod Connectivity | Provides flat, cross-cluster Layer 3 connectivity between pods using a secure overlay network. |
| Multi-Cluster Service Mesh | Integrates service mesh capabilities across clusters for consistent service discovery, routing, and observability. | |
| Overlay East–West Gateways (Envoy Gateways) | Uses Envoy-based gateways to enable east–west inter-cluster traffic routing and policy enforcement. | |
| Multi-Cluster Routes and GLB Integration | Supports Global Load Balancer (GLB) with external DNS for unified ingress and intelligent traffic routing across clusters. | |
| North–South and VPC Egress Connectivity (KubeAccess) | Enables secure north–south connectivity and overlay VPC egress gateways to access external cloud services or on-prem VM workloads. | |
| Slice Overlay Network | No-Network Overlay | Provides no overlay network, enabling cluster isolation while supporting RBAC, resource quota management, and node affinity. Switching to single/multi-network overlay is allowed only if all clusters have networking enabled; switching back is unsupported. |
| Single-Network Overlay | Creates a single, flat L3 overlay network across clusters with pod-to-pod connectivity. Service discovery is handled through slice DNS. | |
| Multi-Network Overlay | Uses ingress or egress gateways managed through Gateway API for inter-cluster connectivity at L7 (HTTP/HTTPS). No flat L3 network; service discovery uses local cluster IP services. | |
| Network Types | OpenVPN and WireGuard VPN Support | Provides support for both OpenVPN and WireGuard as VPN protocols for secure inter-cluster connectivity, allowing users to choose based on their performance and security requirements. |
| Service Discovery | Auto Discovery of Services | Enables automatic service discovery across clusters participating in a slice, simplifying cross-cluster communication. |
| DNS Entry Management | When a service is exported within a slice, the Slice Operator creates and distributes DNS entries across all participating clusters, ensuring seamless and consistent service resolution. | |
| Application Replication | Replication Slice | Enables efficient replication of applications between clouds or data centers using a replication slice. Replicated namespaces can be managed in an application slice. |
| Backup and Restore Applications | Allows namespace backup and restore using a replication slice by specifying the same cluster as both source and destination during slice creation. | |
| KubeTally | Multi-Cluster Cost Tracking | Provides cost tracking and resource usage insights across multiple clusters. Enables chargeback visibility for resources such as Compute, PersistentVolume, and LoadBalancer. |
| Multi-Cluster Bursting of Microservices | Enables dynamic scaling (bursting) of microservices across clusters to handle demand surges and ensure availability. |