Continuum AI is now public. Try out the most secure GenAI service!

Blog

What’s new in Constellation v2.2.0? AWS support, minimal OS images & Terraform integration!

Fabian Kammel

Today we are excited to announce Constellation v2.2.0, our Confidential Kubernetes Engine! We want to highlight three exciting new features:

 

 

  • AWS support

 

  • Minimal OS images built with mkosi

 

  • Terraform integration completed

 

 

For the full list of changes see our changelog and documentation.

 

 

AWS Support

 

 

Constellation v2.0.0 launched with support for Azure and GCP. Now, we are proud to announce that AWS is also supported.

 

 

Constellation uses AWS Nitro-based virtual machines. This enables us to utilize AWS NitroTPMs to generate attestation statements.

 

 

Standing up an AWS-based Constellation cluster is as easy as:

 

 

$ constellation create --control-plane-nodes 3 --worker-nodes 1

 

The following Constellation cluster will be created:
3 control-planes nodes of type m6a.xlarge will be created.
1 worker nodes of type m6a.xlarge will be created.
Do you want to create this
cluster? [y/n]: y Creating Your Constellation
cluster was created
successfully. $ constellation init Using
community license. Please keep your vCPU quota in mind. Your
Constellation master secret was successfully written
to ./constellation-mastersecret.json
Initializing cluster Your Constellation
cluster was successfully initialized.
 
Constellation cluster identifier
2MpU2HszL/oQJH8rq69BgKAD5LVUj8n7Wm7AJ7Ce76g= Kubernetes
configuration constellation-admin.conf

 

 

You can now connect to your cluster by executing:

 

 

export KUBECONFIG="$PWD/constellation-admin.conf"

 

 

Minimal OS images built with mkosi

 

 

We strive to provide the most secure Kubernetes distribution with the smallest attack surface possible! To make good on that promise we have switched from CoreOS-based to Fedora-based images, built with mkosi.

 

 

This has the following benefits:

 

 

  • Reduced the image size from 3GB to 700MB.

 

  • A faster development cycle with incremental builds.

 

 

If you would like to know more, we have written a full story about our mkosi implementation.

 

 

Terraform integration

 

 

In Constellation v2.1.0 we announced support for Terraform on GCP. We now have extended this support to Azure and AWS.

 

 

Regardless of the cloud provider, you are now able to extend and maintain the infrastructure built by Constellation with the tools and processes you are already familiar with.

 

 

We already have more exciting features scheduled for the Constellation v2.3.0 milestoneLet us know which features you want to see in the next version of Constellation.

Author: Fabian Kammel

Product

Related reading

View all

Reproducible builds for confidential computing

Product

Tutorial

Continuum blog post image

Continuum: The first confidential LLM platform to revolutionize secure, privacy-preserving AI with NVIDIA H100 GPUs

Product

Terraform logo repeated multiple times

The always-encrypted Kubernetes now comes with a Terraform provider

Product