dstack
dstack is an orchestration layer designed for modern ML teams, providing a unified control plane for development, training, and inference on GPUs across cloud, Kubernetes, or on-prem environments. By simplifying cluster management and workload scheduling, it eliminates the complexity of Helm charts and Kubernetes operators. The platform supports both cloud-native and on-prem clusters, with quick connections via Kubernetes or SSH fleets. Developers can spin up containerized environments that link directly to their IDEs, streamlining the machine learning workflow from prototyping to deployment. dstack also enables seamless scaling from single-node experiments to distributed training while optimizing GPU usage and costs. With secure, auto-scaling endpoints compatible with OpenAI standards, it empowers teams to deploy models quickly and reliably.
Learn more
Google Kubernetes Engine (GKE)
Run advanced apps on a secured and managed Kubernetes service. GKE is an enterprise-grade platform for containerized applications, including stateful and stateless, AI and ML, Linux and Windows, complex and simple web apps, API, and backend services. Leverage industry-first features like four-way auto-scaling and no-stress management. Optimize GPU and TPU provisioning, use integrated developer tools, and get multi-cluster support from SREs. Start quickly with single-click clusters. Leverage a high-availability control plane including multi-zonal and regional clusters. Eliminate operational overhead with auto-repair, auto-upgrade, and release channels. Secure by default, including vulnerability scanning of container images and data encryption. Integrated Cloud Monitoring with infrastructure, application, and Kubernetes-specific views. Speed up app development without sacrificing security.
Learn more
Cilium
Cilium is open-source software for providing, securing and observing network connectivity between container workloads, cloud native, and fueled by the revolutionary Kernel technology eBPF. Kubernetes doesn't come with an implementation of Load Balancing. This is usually left as an exercise for your cloud provider or in private cloud environments an exercise for your networking team. Cilium can attract this traffic with BGP and accelerate leveraging XDP and eBPF. Together these technologies provide a very robust and secure implementation of load balancing. Cilium and eBPF operate at the kernel layer. With this level of context, we can make intelligent decisions about how to connect different workloads whether on the same node or between clusters. With eBPF and XDP Cilium enables significant improvements in latency and performance and eliminates the need for Kube-proxy entirely.
Learn more
Falco
Falco is the open source standard for runtime security for hosts, containers, Kubernetes and the cloud. Get real-time visibility into unexpected behaviors, config changes, intrusions, and data theft.
Secure containerized applications, no matter what scale, using the power of eBPF. Protect your applications in real time wherever they run, whether bare metal or VMs. Falco is Kubernetes-compatible, helping you instantly detect suspicious activity across the control plane. Detect intrusions in real time across your cloud, from AWS, GCP or Azure, to Okta, Github and beyond. Falco detects threats across containers, Kubernetes, hosts and cloud services. Falco provides streaming detection of unexpected behavior, configuration changes, and attacks. A multi-vendor and broadly supported standard that you can rely on.
Learn more
