Loft Labs has announced jsPolicy at Kubecon 2021. It is an engine to manage Kubernetes policies based on JavaScript. This should make such management and maintenance easier.

With jsPolicy, Loft Labs wants to make Kubernetes policy management easier than it is now. Currently, developers mainly use the Rego programming language to write policies based on the Open Policy Agent. However, according to Loft Labs, policies in Rego are difficult to read back later if you want to troubleshoot why, for example, a specific request is rejected. JavaScript, however, is widely used among developers. According to recent research by SlashData, more than half of the developers can work with this programming language. Making policies editable with JavaScript is, therefore, a logical step.

Maintenance in Rego was difficult

“Policies are key to securing Kubernetes operations, especially in multi-tenant clusters,” said Fabian Kramm, CTO of Loft Labs. “Until now, policy engines have used lesser known languages such as Rego, making it hard to use for writing policies at first and even harder to understand and maintain these policies a few months later. jsPolicy allows organizations to express their policies in JavaScript, one of the most popular programming languages with over 12 million developers using it worldwide.”

Better performance

Loft Labs goes on to claim that jsPolicy is faster than any other policy framework, as it is based on Google’s V8 engine. This is used by a wide range of browsers and is optimised for low memory usage and high performance. Finally, using JavaScript allows developers to take advantage of the large ecosystem surrounding the programming language, which provides a wide variety of libraries and frameworks.

vcluster

Last week, Loft Labs introduced another product to enrich the possibilities of Kubernetes, namely vcluster. This makes it possible for multiple tenants to use a single Kubernetes cluster, comparable to how hosting parties can let multiple customers make use of the same servers.