Cutting edge software is often the domain of startups, unicorns, and hobbyists but when it comes to Kubernetes we’ve found that Enterprises want in on the fun too.
From our many enterprise customers, like Arm, CBS, La Figaro, HP, and more, along with hundreds of meetings, we’ve learned a lot and have been adding the kinds of features that make it easier for large teams to adopt Codefresh at scale. They asked for more options on how they run Codefresh, what it can build, and how their teams can access projects. We’ve bundled these features together and are calling it Codefresh Enterprise.
SaaS vs On Prem or a third way!
At this point, users are over the debate and they just want a better solution. SaaS is faster, sexier, and cheaper, but on prem is always the way for “real serious” engineering, right? What if there was a better way? Instead of choosing between an on prem solution that always needs to be updated and maintained or a SaaS solution that doesn’t meet the access or security requirements we can choose something better.
We call it hybrid. Instead of standing up and maintaining the entire Codefresh stack, enterprise users can deploy a Codefresh agent in their own Kubernetes cluster. With hybrid, users can:
- Run builds on their own infrastructure
- Access and keep resources like code or target environments behind the firewall
- Use Codefresh as if it were SaaS
Avoid the overhead for the maintenance or upkeep of a fully on prem solution
Hybrid is the best of on prem and cloud SaaS mixed together and it’s now in GA for enterprise users. Want to try it out? Start a POC.
The agent can run in a Kubernetes cluster or a stand alone node. It works in bare metal data centers and cloud providers alike.
We know hybrid won’t cover every use case so Codefresh on prem is also available for installation as a Helm chart.
Added Support for Windows Containers, and Arm
As much as Twitter would have you believe that Go is the only language used anymore there are tons of .NET apps out there trying to Dockerize. Up until now, their biggest limitation has been finding support to build Windows containers. With Codefresh Enterprise, users can add their own Windows nodes and build full .NET containers.
The container story on Arm has been getting a lot stronger driven primarily by IoT. Codefresh now supports Arm based 32 and 64-bit runtimes natively. Almost everyone building for Arm has been using emulation which is incredibly slow, or building racks of Raspberry Pis. As much as we love a good Pi cluster, builds on Codefresh are around 6x faster.
RBAC (Role based access control)
All the exciting features we put into Codefresh like canary deployments, Helm integrations, etc don’t mean much if your team can’t use them because proper permissions are missing. This first iteration of RBAC allows enterprise users to split up resources, pipelines, and assets to the proper permission level. An application engineer may be able to make commits that build and deploy staging instances for testing while an approver can handle the continuous delivery to production.
Codefresh uses a layered permissions model. Users can only interact with pipelines associated with repositories they have access to and then only in Codefresh accounts they are given permissions for. This model is both flexible and secure.
Look forward to more fine grained controls being added soon!
Most users log in to Codefresh using their Github, Bitbucket, or Gitlab instances for authorization. But almost every single large teams we’ve worked with needed something more robust. We now support single sign-on with a variety of standards including Okta, Active Directory, LDAP, SAML, and more.
One of the best parts of working for Codefresh is getting to announce new features all the time. We recently added mono repo support, multi-git support, and quick-starts for Amazon EKS and canary deployments with Istio/Helm.