Capsule
Resource Plane
Cluster Management
Capsule is a simple and easy to use framework to build an Internal Developmer Platform on top of any Kubernetes cluster.
Capsule

Cluster Management

Resource Plane

Capsule is a simple and easy to use framework to build an Internal Developmer Platform on top of any Kubernetes cluster.

What is Capsule?

Capsule is an open source framework that enables Platform Engineers to build a secure multi-tenant Internal Developer Platform on top of any Kubernetes infrastructure.

Profile

Capsule is an open source tool for mid to large engineering organisations to create their own Internal DeveloperPlatform on top of Kubernetes. Capsule provides the building blocks to securely share a Kubernetes infrastructure between multiple development teams, groups, departments or tenants while giving them a high grade of autonomy and without overwhelming the platform team. Capsule seamlessly integrates with several other tools of the Cloud Native ecosystem, like Identity Providers, Observability, GitOps, and many others.

Focus

Capsule focuses on the Platform Engineers' experience of building secure Internal Developer Platforms, unlike other frameworks and platforms which focus exclusively on developer experience. Capsule encompasses the power and flexibility of raw Kubernetes and enables Platform Engineers to build platforms that meet specific Policy and Governance needs while not overwhelming them with a continuous flow of ticketing requests. 

Background

Kubernetes introduces the namespace abstraction to create logical partitions of the cluster as isolated slices. However, implementing advanced multi-tenancy scenarios soon becomes complicated because of the flat structure of namespaces and the impossibility to share resources among namespaces belonging to the same tenant. To overcome this, Platform Engineers tend to allocate a dedicated cluster for each group of users, teams, or departments. As the organisation grows, the number of clusters to manage and keep aligned becomes an operational nightmare, described as the well known phenomena of cluster sprawl.

We developed Capsule to change this with a different approach. In a single cluster, it aggregates multiple namespaces in a lightweight abstraction called Tenant, basically a grouping of Kubernetes namespaces. Within each tenant, developers are free to create their resources and share all the assigned resources without interfering with other tenants using the same platform.

Capsule main features

Self-Service

Leave developers the freedom to self-provision their resources according to the assigned boundaries.

Preventing Clusters Sprawl

Share a single cluster with multiple teams, groups of users, or departments by saving operational and management efforts.

Governance

Leverage Admission Controllers to enforce the industry security best practices and meet policy and governance requirements.