Google on Tuesday announced an expansion of its Confidential Computing portfolio, with the general availability of Confidential VMs and the addition of Confidential GKE (Google Kubernetes Engine) Nodes.
Introduced in July in beta, Confidential VMs were the first product in the Google Cloud Confidential Computing portfolio, and Google is making them available to all Google Cloud customers in the coming weeks. The product will include all of the features that were introduced during the beta stage.
Confidential GKE Nodes, the second product in Google’s Confidential Computing portfolio, will arrive in beta when GKE 1.18 is released and should provide organizations with more options for confidential workloads when looking to use Kubernetes clusters with GKE.
Built using the same technology foundation as Confidential VMs, Confidential GKE Nodes help organizations keep data encrypted in memory using a dedicated key that is node-specific. The AMD EPYC processor generates and manages the key, Google explains.
The new product will provide organizations with the ability to configure a GKE cluster so that only node pools that have Confidential VM capabilities are deployed. Thus, the use of Confidential VMs is automatically enforced for all worker nodes on clusters that use Confidential GKE Nodes.
According to Google, hardware memory encryption that uses AMD EPYC processors’ Secure Encrypted Virtualization feature is employed by Confidential GKE Nodes, so that all workloads on these nodes are encrypted when in use.
Confidential VMs too leverage memory encryption to isolate workloads and tenants, offering an easy-to-use option to ensure that the memory of workloads in Google Compute Engine is protected.
According to Google, Confidential VMs ..
Support the originator by clicking the read the rest link below.
