Meet Acorn: A Cloud Platform for Everyone
Service and Nested Acorns
Today we released Acorn 0.7, our biggest release yet, and it’s packed with features, enhancements, and bug fixes. The most exciting feature is support for nested and service acorns. Service acorns open up a world of external cloud integrations to your applications while nested acorns give you the ability to build out rich delivery pipelines for multi-tiered and micro-service based applications.
We’ve also introducing features to help secure both your software pipeline and production environments. Specifically, we’ve implemented project-level isolation enforced by Kubernetes network policies and alpha support for image signature policies backed by cosign.
Finally, we’ve introduced a suite of features to help with both developing and debugging your applications. The acorn dev command allows you to run an app in dev mode or attach a dev session to a currently running app. The acorn port-forward command allows you to quickly connect to a remote acorn app from your local computer. They acorn run and update commands have been revamped to be more intuitive and inline with each other. And finally the acorn events command can be used to get useful insights into important events happening in your cluster. Let’s explore these features in a little more detail.
Services in Acorn 0.7 offer a flexible plugin framework that simplifies the consumption of 3rd party components for developers. They allow infrastructure specialists to leverage existing tools like CloudFormation or Terraform to provision services like databases or object storage while keeping the consumption of those services simple for application developers.
Nested acorns, as the name implies, let’s you create acorns of acorns. Why is this important? Modern best practices tell us you should have a complete definition of your application deployments checked into source control so that your app can be easily versioned and audited. This feature, coupled with acorn profiles gives you that. Now you can define your applications, services and default values for deployments in dev, test, and production in a single Acornfile.
For more information on these features, check out our accompanying blog post that provides a detailed overview of how to get started using these new features.
Acorn’s mission is to provide a secure-by-default, zero-trust developer platform. In this release we’ve focused on a number of features we believe will help us along that path. First, on-by-default project network isolation help keeps your production environments secure and communication paths under control. Second, the image signature policy feature helps secure your CI and CD pipeline. This is an alpha feature and we expect it to evolve a lot, as we are still experimenting with the UX. However, if you’d like to give it a try, you can turn the feature on while installing acorn via: acorn install --features image-allow-rules=true. Once you’ve enabled this feature, deployment of all acorns will be blocked unless they have an accompanying signature. You can then create ImageAllowRules policies to control exactly what you’ll allow to be deployed. You can require specific signing keys, signature annotations, and create exemptions. Here’s a quick how-to to get you started.
Our development and debugging enhancements stem from our own internal experience developing for and on acorn, so we’re excited to use them ourselves and bring them to the broader community. acorn dev and port-forward will be useful tools in any developers toolbox. Meanwhile, acorn events will be useful both for ad hoc debugging and gaining long term insights into your operations. With this release, the following events will be recorded: AppCreate, AppDelete, AppSpecUpdate, AppImagePullSuccess, and AppImagePullFailure. These events record a lot of useful information, including a diff of changes made to an application and the git information that traces back to the source code used to build the image. We’ll continue to add more events over time and build out additional functionality to leverage these events to give you unparalleled insight into your application pipelines.
That does it for this overview of the Acorn 0.7 release. In addition to the above features, this release is packed with other enhancements and bug fixes. For the changelog, check out our release notes.
Craig Jellick is a software architect and engineering manager at Acorn Labs. He has extensive experience building and supporting teams that build and support open source infrastructure and developer tools. You can follow him on Twitter or connect on LinkedIn.