- The JavaScript execution in jsPolicy is based on Google’s high-performance V8 engine which is used in almost every modern browser
- JsPolicy makes policies in Kubernetes clusters easier to manage and maintain, while also making them understandable and transparent
Loft Labs, which makes Kubernetes easily accessible to developers has announced the availability of its latest open source project, jsPolicy. As a first-of-its-kind policy engine based on JavaScript, jsPolicy makes policies in Kubernetes clusters easier to manage and maintain, while also making them understandable and transparent.
Fabian Kramm, CTO of Loft Labs said, “Policies are key to securing Kubernetes operations, especially in multi-tenant clusters. Until now, policy engines have used lesser known languages such as Rego, making it hard to use for writing policies at first and even harder to understand and maintain these policies a few months later. jsPolicy allows organizations to express their policies in JavaScript, one of the most popular programming languages with over 12 million developers using it worldwide.”
Today, if someone runs a request and a policy written in Rego (the language commonly used for Kubernetes policies using Open Policy Agent) denies this operation, it is almost impossible for the user to look at the policy and understand why the request was denied. However, with policies written in JavaScript, there are almost no limitations of what engineers can do because JavaScript is easy to understand and almost every engineer can at least read it and make sense of it.
The JavaScript execution in jsPolicy is based on Google’s high-performance V8 engine which is used in almost every modern browser and optimized for low memory use and fast execution. This makes jsPolicy not just easier to understand but also much faster than any other policy framework.
Efficient development and testing workflow for their Kubernetes policies
Using JavaScript as a policy language has the advantage of the vibrant JavaScript ecosystem, which allows engineers to make use of thousands of popular libraries and frameworks allowing engineers to establish a very efficient development and testing workflow for their Kubernetes policies.
The company said, “Loft is used by platform teams in enterprises to create internal Kubernetes platforms for developing cloud-native software, executing continuous integration/continuous delivery (CI/CD) pipelines, or running artificial intelligence (AI) and machine learning (ML) experiments. It is also valuable in production use cases, where IT teams use Loft’s virtual clusters to surpass the scalability limits of regular Kubernetes clusters and where companies need to provision full-blown demo environments or securely-isolated instances of their managed software products.”