DKP Government Advanced
Features and capabilities that are specific to DKP Government Advanced are marked with this badge at the top of each page. These items are NOT available to DKP Government Essential users. In general, every feature available in DKP Enterprise is also available in DKP Government Advanced.
DKP Government (Gov) Advanced is a multi-cluster Kubernetes management platform that is optimized for deployment in the government sector. With top-to-bottom declarative programming, DKP Government Advanced provides the most advanced and feature-rich Kubernetes management capability across any infrastructure, whether on-premise, in the cloud, in air-gapped environments, or at the edge.
Ease of use is the hallmark of D2iQ Kubernetes solutions. DKP Government Advanced enables you to be up and running in minutes and hours rather than weeks and months, with complete stability, reliability, military-grade security, and rapid time-to-value. Complexity is reduced through packaging, automation, integration, and elegant design.
Built on pure open-source Kubernetes, DKP Government Advanced enables you to avoid vendor lock-in, easily upgrade services, and take full advantage of open-source community innovation. DKP Government Advanced provides platform services for networking, storage, logging, monitoring, and more, all of which have been carefully selected from the Cloud Native Computing Foundation (CNCF) landscape and rigorously tested to work together.
DKP Government Advanced is a multi-cluster lifecycle management Kubernetes solution centered around a management cluster that manages multiple attached or managed Kubernetes clusters via a centralized management dashboard. The management dashboard gives you a single point of observability and control throughout all of your attached or managed clusters. The DKP Government Advanced license gives the user access to the entire Konvoy cluster environment, the DKP UI dashboard that deploys platform and catalog applications, and multi-cluster management, and comprehensive compatibility with our full range of infrastructure deployment options.
Compatible Infrastructure
DKP Government Advanced operates across D2iQ’s entire range of cloud, on-premises, edge, and air-gapped infrastructures and has support for various OSs, including immutable OSs. See Supported Operating Systems for a full list of compatible infrastructure.
For the basics on standing up a DKP Government Advanced cluster in one of the listed environments of your choice, see Additional Infrastructure Customized Configurations.
Platform Applications
Applications can be deployed in any DKP managed cluster, giving you complete flexibility to operate across cloud, on-premises, edge, and air-gapped scenarios. Customers can also use the UI with Kommander to customize which platform applications to deploy to the cluster in a given workspace.
Catalog Applications
Quickly and easily deploy applications and complex data services from a centralized service catalog to specific or multiple clusters, with governance. Fast data pipelines can be provisioned automatically from the following catalog of DKP Applications:
Kafka: Primarily used to build real-time streaming data pipelines and applications that adapt to the data streams. It combines messaging, storage, and stream processing to allow storage and analysis of both historical and real-time data.
Spark: An industry standard analytics engine for big data processing and machine learning. Spark enables you to process data for both batch and streaming workloads.
Zookeeper: A centralized service for maintaining configuration information, naming, providing distributed synchronization, and providing group services.
For instructions on how to deploy catalog applications, see Workspace Catalog Applications
Cluster Manager
Konvoy is the Kubernetes installer component of DKP Government Advanced that uses industry standard tools to produce a certified Kubernetes cluster. These industry standard tools create a cluster management system that includes:
Control Plane: Manages the worker nodes and pods in the cluster.
Worker Nodes: Used to run containerized applications and handle networking to ensure that traffic between applications across the cluster and from outside of the cluster can be properly facilitated.
Container Networking Interface (CNI): Calico’s open source networking and network security solution for containers, virtual machines, and native host-based workloads.
Container Storage Interface (CSI): A common abstraction to container orchestrators for interacting with storage subsystems of various types.
Kubernetes Cluster API (CAPI): Cluster API uses Kubernetes-style APIs and patterns to automate cluster lifecycle management for platform operators. For more on how CAPI is integrated into DKP Government Advanced, see Understanding CAPI Concepts and Terms
Cert Manager: A Kubernetes addon to automate the management and issuance of TLS certificates from various issuing sources.
Cluster Autoscaler: A component that automatically adjusts the size of a Kubernetes cluster so that all pods have a place to run and there are no unneeded nodes.
Built-in GitOps
DKP Government Advanced comes bundled with GitOps, an operating model for Kubernetes and other cloud native technologies, providing a set of best practices that unify Git deployment, management and monitoring for containerized clusters and applications. GitOps works by using Git as a single source of truth for declarative infrastructure and applications. With GitOps, the use of software agents can alert on any divergence between Git with what is running in a cluster, and if there’s a difference, Kubernetes reconcilers automatically update or rollback the cluster depending on the case.
DKP Government Advanced Multi-cluster UI
Bundled with DKP Government Advanced is a multi-cluster management view in the UI with Kommander that can be used in lieu of the bundled CLI. From the UI you can:
Connect to an infrastructure provider: DKP Government Advanced supports on-premises and cloud infrastructure providers such as AWS and Azure for your Konvoy clusters. To automate their provisioning, DKP requires authentication keys to your preferred infrastructure provider entered on the Add Infrastructure Provider form.
Setup identity providers: DKP Government Advanced supports GitHub, LDAP, SAML, and standard OIDC identity providers such as Google. These identity management providers support the login and authentication process for your Kubernetes cluster. See Identity Providers for more information.
Configure access control: Role-based authorization control (RBAC) is central to DKP Government Advanced and controls access to resources on all connected clusters. The resources are similar to Kubernetes RBAC. You add an identity provider group, and in that group add cluster roles and cluster role bindings for those roles.
Deploy applications: The DKP Government Advanced UI allows you to customize your workspace application deployments via the Applications page within the UI.
Create a project: Create projects within a workspace and deploy project-scoped applications. Projects enable teams to deploy configurations and services to their clusters consistently. After configuring roles, ConfigMaps, secrets, and applications for a project, DKP distributes this configuration to each project namespace. For more information concerning projects, see Projects.
Add a license: To add a license via the UI with Kommander, see Add a License
Kubernetes cost monitoring and management: The kubecost platform application provides real-time cost visibility and insights for external cloud services such as AWS, helping you continuously reduce your cloud costs.
For more information concerning the global and workspace-level UI with Kommander, see Workspaces
Confirmed Stateside Support (CSS)
Because many governmental applications require CSS, DKP Government Advanced includes access to D2iQ’s CSS team of U.S. citizens working at U.S. support centers.
Military-Grade Security
DKP Government Advanced can be configured to meet defined security standards. Each component is tested and certified before release. DKP also provides instant platform engineering that reduces the burden of security on DevOps and DevSecOps teams. Being based on pure upstream open-source Kubernetes enables easy and trouble-free upgrades, patches, and bug fixes.