What does HackerNews think of constellation?

Constellation is the first Confidential Kubernetes. Constellation shields entire Kubernetes clusters from the (cloud) infrastructure using confidential computing.

Language: Go

#39 in Kubernetes

Germany Forces a Microsoft 365 Ban Due to Privacy Concerns | Nov 2022

Maybe they should deploy it via Constellation https://github.com/edgelesssys/constellation

Confidential Computing at Scale with Open-Source Confidential Kubernetes | Oct 2022

This is the corresponding repo: https://github.com/edgelesssys/constellation

Bring your own key was a lie | Oct 2022

Expand Context ↕

Constellation (a Kubernetes distro) [1] on Azure would give you this attestation feature. You could then run sth like HashiCorp's Vault in that cluster. You will know that all nodes of that cluster are in the state that you expect them to be through the attestation statement.

[1] https://github.com/edgelesssys/constellation

Disclaimer: I work for Edgeless Systems.