FAQ
1. What do I need to do to migrate my existing microservices?
If they are containerized, the migration is trivial. Simply modify the CI/CD pipeline to push the container image to your Global Virtual Cloud on Control Plane.
If they are not containerized, Control Plane provides auto-containerization facilities in its CLI. In addition, Control Plane provides a white glove service for containerizing non-Dockerized applications, ensuring optimal migration and ongoing performance.
2. What kind of support does Control Plane provide?
Control Plane provides 24/7 expert support provided by expert DevOps engineers who are often contributors to open source projects such as Kubernetes and Istio. Every customer gets a Slack channel and typical response is sub 5 minutes with a guaranteed response within a 30 minute window.
3. Can I run workloads in my own cloud accounts on Control Plane?
Yes. You can run workloads on any number of your own cloud accounts, in addition to clusters provided in Control Plane cloud accounts. You can run workloads solely within your cloud accounts, solely in Control Plane cloud accounts, or a combination thereof. In addition, you can also run workloads on premises, using any bare metal or virtualized environment.
4. How does Control Plane integrate with third-party tools?
Control Plane seamlessly integrates with any observability tool, although best-in-class observability is provided. In addition, any CI/CD tool, security scanning tools, any external container registries, and virtually all DevOps tools one can think of like Helm, Terraform, Pulumi, Cross Plane, CDK and pretty much anything else. Control Plane is API first and thus, easily integrable with virtually anything that is programmable.
5. What is the uptime guarantee for Control Plane?
Control Plane’s SLA is 99.999%. Your workloads’ compute guarantee is 99.999% assuming you adopt at least two replicas in at least two locations. When you configure the Global Virtual Cloud (GVC™) simply choose more than one location. If a location becomes inoperable, the Control Plane system automatically routes requests to surviving healthy clusters.
6. What is the backup and disaster recovery strategy for Control Plane?
Control Plane replicates its metadata across multiple geographic location and automatically backs up the data to a different region. Each quarter, Control Plane personnel perform a “table top” exercise, simulating data loss and exercising the restore procedures. Database and object and block storage data backup are the responsibilities of customers. Control Plane often provides best practices and advice, but clearly states that its responsibility is metadata (data about workloads and workload management). Any data backup and restore procedures are the responsibility of customers.
7. How does Control Plane store and manage my data?
Customer data is stored in either cloud/hosted databases or object/block storage. In this case, Control Plane does not store and manage application data. Control Plane does store metadata which is used in managing workloads and connection to data sources. In addition, Control Plane provides stateful workload support, in which workloads can attach persistent volumes. Control Plane provides backup facilities that are controllable via API, CLI, UI in order to facilitate data backup and restore processes.
8. How does Control Plane prioritize and ensure data security and compliance with industry regulations?
Control Plane utilizes a defense in depth methodology. In addition to having industry standard certifications such as SOC2 Type II, PCI, GDPR, HITRUST, Control Plane performs comprehensive penetration testing twice per year with top tier third party vendors. Control Plane's commitment to security is further exemplified by its robust data encryption practices. All data, both at rest and in transit, is encrypted using advanced cryptographic algorithms, ensuring that sensitive information remains confidential and secure.
Additionally, Control Plane employs a zero trust architecture, meaning that no entity inside or outside the network is trusted by default. This approach minimizes the attack surface and ensures that every access request is fully authenticated and authorized based on the principle of least privilege. To safeguard against emerging threats, Control Plane has implemented real-time security monitoring and threat detection systems. These systems are designed to identify and respond to suspicious activities or potential breaches swiftly, thereby reducing the risk of significant impact.
Furthermore, in addition to penetration testing, regular security audits are conducted to assess and improve the security posture continually. Control Plane places a strong emphasis on compliance and regulatory adherence, continually achieving more rigorous certifications. By aligning with global standards and regulations, Control Plane ensures that its security measures meet the highest benchmarks, providing clients with the assurance that their data is handled in accordance with legal and industry-specific requirements.
User education and awareness are key components of Control Plane's security strategy. The company provides comprehensive training to its employees on cybersecurity best practices and the latest threat landscapes. This proactive approach to security empowers the workforce to act as the first line of defense, significantly reducing the risk of human error, which is often the weakest link in security chains.
In conclusion, Control Plane's multifaceted approach to security, which encompasses advanced technology, rigorous processes, and a culture of security awareness, positions it as a trusted partner for businesses looking to secure their critical assets. By choosing Control Plane, clients can have confidence in a solution that not only addresses current security challenges but is also poised to evolve with the changing cybersecurity landscape.
9. Does Control Plane support monolithic applications?
We have many clients that have containerized (by themselves, or with our help) their monolithic application that were previously deployed within virtual machines, or bare metal servers. In addition, we’ve helped several customers in breaking down their monolithic apps into smaller components that can be scaled and managed independently.
10. Does Control Plane support Windows?
Not yet. We can support containerized Windows applications but we’d need a customer to insist on it, with a substantial quantity of services to help our product management to prioritize this capability.
11. What if my application is not containerized?
Any application can be easily containerized. If Chat-GPT isn’t helping, we’re more than happy to containerize your application(s) at no cost or obligation.
12. How is the Control Plane serverless mode different from Lambda?
Control Plane delivers all the benefits of AWS’ Lambda, but without the drawbacks. These drawbacks include:
- Only running in a single region.
- Amount of CPU/RAM must be pre-determined before deployment. It is not dynamic.
- Scale to zero does not work well.
- Handling cached data is non-deterministic and often does not work.
- Connection pooling is nearly impossible.
- Running long running transaction is not possible.
- Utilizing GPUs is not practical.
- Application logic is too fragmented, increasing complexity and maintenance headaches.
- More expensive than it ought to be.
- Observability is not included and is cumbersome to set up and expensive to maintain.
- Only a subset of programming languages and framework/versions are available.
13. How long does it take for each deployment to propagate?
It depends on the size of the image, but there’s no delay beyond the physical speed in which images are pulled and executed, depending on the CPU. It is very fast and customers often compliment the platform for its snappiness, compared to other hosting environments.
14. What is subject to Audit Trail?
Everything is subject to the tamper proof audit trail. Whether leveraging the UI, CLI, API or Terraform/other IaC products, since everything ultimately enters the system through an API call, everything is subject to audit trail. Audit trail is kept forever. There is no purging of audit trail data and there is no charge for it.
15. How does Control Plane handle synchronized deployments? (i.e. I have a complex workload with multiple containers. What would that release look like?)
A workload is comprised of one or multiple containers. Since under the cover, Control Plane manages a fleet of Kubernetes clusters, a workload represents a pod. Inner workload/pod communication is facilitated on localhost. Cross workload communication is extremely flexible and uses mutual-TLS as the default. Service discovery is automatic and granular controls support any use case for complex workload to workload communication, within a single cluster/region, or across multiple clusters/regions/providers.
16. How does Control Plane handle blue/green deployments?
Through the path-based routing facility. A pipeline may deploy a workload named foo-blue and set an endpoint to it. It then pushes a modified version of the same service called foo-green and modifies the endpoint to point to it. If need be, the endpoint path-based routing configuration can be set back to the foo-blue and the same “blue” deployment receives the network traffic.
17. How does Control Plane compare to EKS, GKE, and AKS?
Unlike the proprietary APIs of EKS, GKE, and AKS, Control Plane’s MK8s (Managed K8s Service) provides a singular API to deploy K8s clusters anywhere (e.g., AWS, GCP, Azure, Oracle, Linode, Hetzner, on-prem, VMWare, RaspberryPi, etc.)
18. How does Control Plane compare to Heroku?
There are many significant differences. Let’s list the main ones:
- No need to provision whole servers. Applications dynamically scale horizontally and vertically while charges are calculated by millicores of compute.
- Private networking does not cost $2,000 per month. In fact, it is completely free.
- Workloads are not confined to running in a single region of AWS. Instead, workloads can work across any number of regions of any cloud. This is in order to provide high availability and low latency.
- Observability is not an expensive add-on, but rather, a basic feature of the platform.
- Workload to workload mutual TLS is built into Control Plane. A similar concept does not exist on Heroku.
- Control Plane provides Universal Cloud Identity, a capability allowing a workload running anywhere to mix-n-match ANY service of AWS, GCP and Azure. This is a unique capability of Control Plane that is not provided by Heroku, or any other hosting provider. A workload on Control Plane can simultaneously consume Big Query on GCP, S3 and Dynamo DB on AWS, and Cosmos DB and Active Directory on Azure, regardless if it is running on-prem, or any other cloud provider.
19. Is there a service level agreement (SLA) for Control Plane?
Yes. It is 99.999% availability and 30 minutes or less until support is acknowledged by real support engineers who actively work on a support case.
20. What are the specific system requirements to leverage Control Plane?
You need a Linux compatible workload. Any Linux compatible workload can run on Control Plane.
21. Is there a free trial available, and what features are included during the trial period?
Yes. There’s a 30 day trial available. All features are included without limitations.
22. How is billing managed, and are there any hidden fees associated with Control Plane?
There are zero hidden fees. All fees are clearly listed on pricing page.
23. Can Control Plane be customized to suit the specific needs of our organization?
All of Control Plane’s capabilities are provided through its API. Organizations can easily wrap the Control Plane API with interfaces that suit their requirements. Our professional services organization can work with clients to help customize capabilities as required.