A Proven and Scalable Foundation for Virtual Machines and Containers
Software defined networking and DNS allows dynamic and easy management of container networks. Each container gets its own unique IP. Fabric networks and VLANs can be controlled programmatically.
Model on-premise network definitions in the cloud, and leverage Triton in your data center (or one we manage for you) to support private networks with gateway and multi-layer VLANs.
Full isolation per container in a multi-tenant environment. Triton has leveraged Zones, a hardened container runtime environment, to deliver containers securely in a hostile environment for nearly a decade.
Automatic, universal DNS for your containers. Triton CNS serves address records (A and AAAA) for containers by instance name & tags, and it can be used to support basic load balancing requirements.
Multi-layered VLANs (external, internal (admin), underlay-VxLAN, console - DRAC, iLO, ipmi), layer 2-3 and fabric (switch pools) networking.
Private network definitions can be modeled in Triton. Map physical NICs by NIC tags, auto-assigned IP addresses with reallocation support, leverage network pools to group VLANs.
Internet gateways on fabric networks enable private networks. Setup per account, traffic generated by one account cannot be seen by another account for system isolation.
Default access with SSH keys. Keys managed within Triton are mapped to accounts. SSL encryption for all compute and storage node access, and SSH access to the hypervisor with easy revoke.
No need to manage firewalls within instances. Global firewalls are configurable by an operator. Policies can be applied to specific or all (tagged) instances.
Granular RBAC defined through policies, groups, and roles. Accounts can delegate roles to sub-users. Access policies map to CloudAPI functions (CAN createmachine, CAN listdatacenters, CAN createfirewallrule, etc.).
Triton leverages Zones, a hardened container runtime environment that does not depend upon VM hosts for security. Patented resource protections insulate containers from noisy neighbors and ensure that each container gets its fair share of I/O.
