Edera, a startup looking to simplify and improve securing Kubernetes containers and AI workloads by offering a new hypervisor, today announced it has raised $5 million in seed funding led by 645 Ventures and Eniac Ventures.
Kubernetes is a decade old, but Edera founders Ariadne Conill (distinguished engineer), Emily Long (CEO), and Alex Zenla (CTO) argue that securing multi-tenant workloads remains an unsolved problem.
Long previously served as COO at Chainguard and Anchore, and has extensive operational and cultural experience, while Conil is a developer at security-focused Linux distribution Wolfi and a maintainer of Alpine Linux. Conil worked at Chainguard before founding Edera, where he met Long.
Zenla, meanwhile, has worked as an engineer at companies like Radix and Google, and has been an active open source maintainer and contributor for many years. Having worked on IoT at Google for many years, and in the open source world on projects like Dart and Chromium, Zenla has seen firsthand how difficult it is to achieve hardware virtualization at the edge.
Image credit: Edera
“Hardware virtualization is often not available because the chips that run within that hardware don't have hardware virtualization at all and may be disabled,” she says. “What I realized is that there is currently no solution for this. There is no way to run isolated containers without sacrificing performance or requiring hardware virtualization. So I knew I had to look into this problem because it's frustrating when your stuff is not secure.”
Zenla ultimately returned to Xen, the open source hypervisor project that in many ways enabled the cloud computing revolution: Xen does not require hardware virtualization, in part because hardware virtualization had not yet been invented when Xen was first released in 2003.
“What I've found is that when something new comes along, the old technology gets misunderstood or pushed aside,” she says. “No one seems to look at it and think, 'Hmm, what good ideas were there? Or, what are the challenges we have today and whether those good ideas could help solve those challenges?' I think a lot of innovation comes from looking back at the past and marrying it with something new in the present. So when I realized that I could run Xen on a hardware device for the edge, I started developing the concept.”
To do that, Zenla essentially rewrote Xen in Rust, but at the time, her focus was on edge devices. Only after talking with Conill and Long did she realize that she might have been too small in scope and that she could tailor the project to protect the entire cloud-native infrastructure, not just the edge. Today, that vision has changed to also include protecting AI workloads running on GPUs.
“Kubernetes' original design goal was 'soft' multi-tenancy, with a level of trust between users of the cluster. But as Kubernetes has spread to more sectors, the need for stronger security protections has become apparent,” said Joe Beda, angel investor at Edera and co-creator of Kubernetes. “Edera fills this gap by using virtualization to reduce risk and ultimately lower costs, allowing Kubernetes to reach areas it couldn't reach before.”
There have been previous efforts to better secure containers, such as the Kata Containers project, but Edera's founders claim that these solutions were essentially tacked on to existing projects, and that Edera's low-level hypervisor was built with security in mind from the start.
“People try to solve this problem by adding a crazy number of layers,” Zenla said. “You see it in the layering of tools in general. Large enterprises seem to have like 30 different Kubernetes tools and Kubernetes security tools. We hear stories of people spending all day looking at logs, and we're like, 'What if we fixed this?'”
For AI use cases, the ability to virtualize and share GPUs alone is a win for the industry, but the team is also working to add support for confidential computing to the solution. The company has been working with a series of design partners to test this technology, but today's announcement opens up the Kubernetes project to a wider audience.
Speaking about the funding round, Long said the team, which has three female co-founders, “felt a certain amount of intimidation. Ultimately, we realized there were a lot of VCs who shared a passion for both the technology we're working with, wanting to see computing change, and having a more diverse team to make that happen.”The real struggle, she said, was getting people to understand the difference between the typical Kubernetes security solutions that exist today (which she claims are focused on observability, monitoring, and alerting) and the solution Edera is building.
In addition to 645 Ventures and Eniac Ventures, FPV Ventures, Generationship, Precursor Ventures and Rosecliff Ventures also participated in the round. Angel investors include Joe Beda, Filippo Valsorda, Mandy Andress, Jeff Behl and Kleiner Perkins scout Nikitha Suryadevara.