By Mesut Celik
Tech Team Lead
Mesut is Tech Lead at Hazelcast, where he is responsible for cloud-native ecosystem integrations and third party partnerships. Prior to joining Hazelcast, Mesut was the Managing Partner of Zerobuffer Innovative Solutions, an Information Technology and Services company in Turkey. Previously, he was a Consultant at Atos Origin, also an IT company. Earlier in his career, he was a Senior Software Engineer at Alcatel-Lucent, a French global telecommunications equipment company. Mesut holds a degree in Computer Engineering from Ege University in Turkey. He is a Java developer and is passionate about giving talks at public conferences.
View all blogs by the authorMay 26, 2020
Hazelcast IMDG Achieves IBM’s Kubernetes Container Software Certification
Building containerized software that runs on Kubernetes platforms like Red Hat OpenShift Cloud Platform is the hot trend in software development. Everyone is building containers, but the technology is new enough that best practices and certifications are still being developed. IBM specializes in providing software for enterprises. An example of this software is IBM Cloud Paks, which facilitates transformation—a faster, more reliable way to build, move and manage solutions on the cloud. While containerizing its software, IBM has leveraged its history of building enterprise solutions and coalesced many best practices into a certification program.
This certification program was initially created for IBM-produced software, but enterprise customers also require a rich ecosystem of software to create a complete solution. Now IBM has taken the next step and made a certification available to partners of IBM Cloud Paks. This allows IBM and partners to go to market together and provide enterprise customers with a high level of confidence in the quality of the software they are using.
Today, we’re pleased to announce that Hazelcast IMDG has met the Certified for IBM Cloud Paks criteria!
Red Hat Image and Operator Certification are prerequisites to the Certified for IBM Cloud Paks process. IBM scans the running solution in an OpenShift Cloud Platform cluster and runs ~200 linter checks for Kubernetes and container best practices. IBM also reviews aspects of the solution architecture and documentation. Here are examples of the certification requirements that were met by Hazelcast IMDG:
- Data encryption in-flight and at-rest:
- Encrypt all data in transit using TLS 1.2
- Encrypt all data at rest
- Secrets must be stored in an approved service
- Network protection and implementation:
- Only expose required ports/services from each container
- Limit traffic between pods
- Containers do not communicate with the host
- Limit Security Privilege:
- Run with a restricted security context constraint (SCC)
- Provide custom SCC with exact security context
- Provide a mechanism to track all components of a workload
- Keys and certificate implementation and management:
- Product should use a Key Management system
- Products must support key rotation
- Allow customer-provided keys
- Ability to replace customer keys
- Use an approved certificate manager
- Products must support certificate rotation
- Must follow best practices for Public Key Infrastructure
- Allow customer-provided certificates
- Ability to replace customer certificates
Want to learn more?
Here are some links to get you started:
- About Hazelcast and IBM: https://hazelcast.com/partner/ibm/
- Hazelcast IMDG: https://www.ibm.com/us-en/marketplace/hazelcast-enterprise-hd
- The “Certified for IBM Cloud Paks” partner ecosystem program: https://www.ibm.com/partnerworld/cloud/independent-software-vendors
- IBM Cloud Paks: https://www.ibm.com/cloud/paks/