Apcera provides a platform for running and securing your business applications at a global scale.
Apcera manages access to the compute resources your applications need—not just on one machine or a few servers on the same infrastructure, but across a cluster of servers that may span both private and public clouds. Apcera simplifies and speeds hybrid cloud deployment and management by extending policy across environments and enabling applications to be easily and automatically shared, moved and governed from a single control and management plane.
The rest of this section describes Apcera. To get started using the platform, you can start exploring here.
Run Secure Apps with Ease
Apcera makes it easy to combine rapid innovation with managed, policy-controlled operations. You can deploy a variety of workloads, from small applications to complex, feature-rich operating systems. You establish policies for their behavior and connections, and the system enforces those policies as it runs your jobs, monitors their health, orchestrates their interactions, and helps you keep an eye on how this aspect of your business is performing.
Deploy Diverse Workloads
Apcera can deploy a diverse set of workloads, including:
- Applications written in Java, Ruby, PHP, Go, and many other languages.
- Docker images from the Docker Hub.
- Bare OS to enable building custom application execution environments.
You can also run applications on a variety of underlying base operating systems and create both HTTP-based and TCP-based applications.
Apcera encapsulates each of these workloads as a job, addressing but hiding the complexities of each, so it can apply the same orchestration and governance patterns to all of them.
Apcera can dynamically assemble user-created workloads, services running within Apcera, and services running outside Apcera into coherent enterprise applications. Apcera discovers, addresses, connects, and load balances between internal and external workloads.
Apcera takes the following actions to orchestrate workloads:
- Dynamically binds applications and services, so applications keep running when service endpoints move.
- Establishes secure internal app-to-app connections, so no external round trip is required.
- Ensures that both sides of any binding are authenticated and authorized to connect.
- Provides credentials specific to one binding, so exposed tokens do not provide unauthorized access.
- Provides granular semantic awareness of the connections between apps and services, enabling fine-grained dynamic monitoring and management.
The Apcera high-performance, distributed Policy Engine provides governance and trust across the system. Trusting what you deploy and what it is connecting and communicating with are the main drivers of operational policy. The policy engine is baked into all runtime components of the platform and provides scalable, low-overhead policy evaluation and enforcement for the following purposes:
- Attribute-based access control (ABAC) of all resources, including running applications, services, and runtime environments.
- Use and dependency rules for binary packages, including operating systems, language frameworks, docker files, and application libraries.
- Quotas and configuration settings for running applications and services.
- Network ingress and egress rules to enable a variety of security models.
- Semantic rules governing app-to-service communication, including granular database access policies.