> For the complete documentation index, see [llms.txt](https://docs.enclaive.cloud/enclaive-multi-cloud-platform/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.enclaive.cloud/enclaive-multi-cloud-platform/documentation/features/dyneemes.md). # Dyneemes ## Dyneemes: Confidential Kubernetes Documentation ### Introduction Welcome to Dyneemes, the business-ready Kubernetes solution tailored for tenants who require scalability with the confidence of keeping applications and business data confidential. Dyneemes clusters provide a robust, hardware-enforced boundary to address security and privacy needs without compromising performance. This documentation guides you through the challenges addressed by Dyneemes, its key features, benefits, and common questions. ### Challenges without Dyneemes As organizations embrace containerization, managing large numbers of containers becomes challenging. The challenges include: 1. **Container Orchestration:** Manually managing containers is complex and time-consuming. 2. **Scalability:** Scaling applications becomes challenging as the number of containers grows. 3. **Resource Isolation:** Securing isolated containers with shared resources is crucial. 4. **Networking Complexity:** The proliferation of containers increases networking complexity. ### The Solution: Dyneemes Dyneemes addresses these challenges by automating the deployment, scaling, and management of containerized applications. It provides a robust orchestration framework while maintaining the confidentiality of workloads on any cloud. #### Key Features **Enhanced Security** Dyneemes leverages Confidential Kubernetes (k8s) to guarantee the confidentiality of workloads through hardware-based security features, including: * **Secure Enclaves:** Isolates and safeguards code and data. * **Workload Identity and Access Management:** Implements RBAC, network policies, and cryptographically verifiable workload identities. #### Benefits * **Unlock the Power of Confidentiality:** Experience unparalleled security and confidentiality with enclaves. * **Automated Scaling:** Adjusts the number of containers based on resource usage or custom metrics. * **Self-healing:** Automatically replaces or reschedules failed containers, ensuring high availability. * **Multi-Cloud and Hybrid Cloud Support:** Designed to run across various cloud providers and on-premises data centers. ### Common Questions #### Is Confidential Kubernetes suitable for compliance-sensitive environments? Yes, Confidential Kubernetes is well-suited for compliance-sensitive environments, incorporating security features to adhere to industry-specific compliance requirements. #### How does Confidential Kubernetes handle auditing and monitoring? Confidential Kubernetes includes robust auditing and monitoring capabilities, allowing administrators comprehensive visibility into identity-related events, access patterns, and potential security threats. #### Can Confidential Kubernetes be integrated with existing identity and access management systems? Yes, Confidential Kubernetes is designed to seamlessly integrate with identity and access management systems, providing a unified approach to identity management within the Kubernetes environment. #### How does Confidential Kubernetes handle updates and rollbacks? Confidential Kubernetes supports rolling updates without downtime and allows seamless rollbacks to previous versions in case of issues, ensuring operational continuity. #### Can Confidential Kubernetes be deployed in multi-cloud environments? Yes, Confidential Kubernetes is versatile and can be deployed across various environments, including private, public, hybrid, and multi-cloud setups, ensuring consistent security measures. #### What benefits does Confidential Kubernetes offer in terms of access management? Confidential Kubernetes provides fine-grained access control, allowing administrators to define precise permissions for each workload, with unique workload identity verification through remote attestation. #### How does Confidential Kubernetes ensure the confidentiality of workloads? Confidential Kubernetes employs hardware-based security features, including secure enclaves, to isolate and protect code and data during processing, at rest, and in transit, ensuring the confidentiality of sensitive information. #### What sets Confidential Kubernetes apart from traditional Kubernetes? Confidential Kubernetes places a strong emphasis on security by leveraging confidential virtual machines and hardware-graded security, providing an additional layer of protection for sensitive workloads and applications. #### What is Confidential Kubernetes? Confidential Kubernetes is an advanced deployment of Kubernetes that runs both master and worker nodes in confidential virtual machines, utilizing hardware-based security features for enhanced protection of workloads and data. {% content-ref url="/spaces/2TGGyMVhS5NRcNQJhHpN" %} [Dyneemes](https://docs.enclaive.cloud/dyneema/) {% endcontent-ref %} --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter: ``` GET https://docs.enclaive.cloud/enclaive-multi-cloud-platform/documentation/features/dyneemes.md?ask=&goal= ``` `ask` is the immediate question: it should be specific, self-contained, and written in natural language. `goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.