Introducing Cloudera Container Service: Simple, Secure, Cost Efficient
Cloudera Container Service is our enhanced Kubernetes platform (replacing Compute Cluster). Enhancements include simplified lifecycle management, built-in security, and cost-optimized workload management across multi-cloud environments.
With Cloudera Container Service, you can focus on innovation rather than infrastructure complexity, ensuring that Kubernetes deployments are secure, scalable, and cost-effective across multi-cloud environments.
Kubernetes should be an enabler, not an obstacle,” said Karthik Krishnamoorthy, Cloudera’s Vice President for Product Management. “With these enhancements, we’re giving enterprises the tools to manage Kubernetes more efficiently, reduce cloud costs, and onboard powerful AI and data-driven applications—all while ensuring built-in security.”
Figure 1: Cloudera Container Service Architecture
Simplified Kubernetes Lifecycle Management
Cloudera continues to invest in making Kubernetes and add-on services easier to operate across environments. With Cloudera Container Service, you can now use an intuitive UI to easily deploy Kubernetes clusters. Looking ahead, our roadmap includes extending unified lifecycle management across the whole Cloudera managed cluster estate, enabling enterprise admins to manage lifecycle updates consistently from a unified UI.
Built-In Security and Compliance
Cloudera Container Service provides several security features out of the box, ensuring that Kubernetes deployments are secure from day one, which helps you move faster and reduce risk. These features include:
- Istio service mesh: Ensures secure, authenticated communication between microservices, without requiring users to install or configure Istio separately.
- Knox gateway (as an Istio External Authorization Provider): Delivers enterprise-grade authentication and access control with external services while maintaining Istio's native security framework.
- Calico: Provides network policy enforcement to isolate workloads and meet compliance requirements through fine-grained traffic control for secure pod to pod communication.
- Private cluster support: Restricts access to within the customer’s cloud network, keeping workloads isolated from public internet exposure and reducing the need for complex network policy configurations.
- IMDSv2 (instance metadata service v2): Uses session-based tokens to protect access to AWS instance metadata, mitigating risks and improving cloud workload security.
- Non-transparent proxy support: Enables secure, auditable outbound traffic from Kubernetes clusters without requiring manual proxy setup for each data service configuration.
Smarter, Cost-Optimized Workload Management
By 2026, organizations performing real-time cost or performance optimization of cloud-based workloads will rise from less than 20% in 2022, to 50%.” - Gartner(™), Evolve Service Management and Cloud Operations
These insights underscore the increasing focus on cloud cost optimization as organizations seek to manage expenses while leveraging cloud technologies.
By giving enterprises control over cost-saving mechanisms, Cloudera ensures that organizations only pay for the resources they actually use while maintaining the flexibility of Kubernetes-based workloads.
Cloudera’s latest enhancements enable organizations to optimize spending while maintaining performance in several ways, including:
AWS Graviton support: Enables cost-effective compute with ARM-based instances, reducing cloud expenses and energy consumption. Further, building multi-architecture container images enables a “build once, deploy anywhere” approach.
Suspend/resume clusters: Allows enterprises to pause workloads when not in use and resume them when needed, cutting down on unnecessary infrastructure costs.
Shared data services: Optimizes resources by allowing multiple data services to leverage shared infrastructure, reducing duplication and improving efficiency.
Apache Yunikorn: Enables higher cluster density, lower operational costs, and improved performance through an intelligent resource scheduler with enhanced workload placement and scheduling techniques like bin-packing, hierarchical quota management, gang scheduling.
Leveled-Up: Cloudera AI Inference Service with NVIDIA Accelerated Compute
Cloudera AI Inference service is the first data service onboarded to Cloudera’s enhanced Kubernetes platform. By leveraging Cloudera Container Service, AI workloads can now move from development to production faster, more securely, and more cost-effectively than ever before.
Cloudera’s Container Service plays a critical role in enabling AI inference by providing:
Optimized performance: Efficient scheduling and orchestration of NVIDIA accelerated compute, ensuring AI workloads are allocating the compute power they need without over-provisioning resources.
Enterprise-grade security: AI workloads remain fully contained within Cloudera’s secure, enterprise-ready platform, ensuring data governance and compliance.
Automated infrastructure management: The platform handles cluster scaling, security policies, and workload isolation, allowing data scientists and AI engineers to focus on model optimization instead of infrastructure management.
Future-Ready Kubernetes: Built for AI, Analytics, and Beyond
As part of Cloudera’s broader vision of supporting diverse workloads—from real-time data streaming to large-scale analytics and next-generation enterprise applications—this enhancement is a boon for organizations with an AI-first approach.
With Kubernetes as the foundation, Cloudera solves today’s infrastructure challenges and prepares your organization for future innovation.
Interested in learning more and seeing what’s in store for the future?
