Now in Alpha

Secure service graph.
AI-native workloads.

Lattice is a workload platform built on bilateral service agreements, compile-time policy enforcement, and defense-in-depth security from network to kernel. Deploy services, batch jobs, and model inference with zero-trust defaults.

Get Started View on GitHub

Built different

Lattice rethinks how clusters are provisioned, connected, and secured.

Bilateral Service Graph

Both the provider and consumer must agree before traffic flows. The compiler generates L4 network policies, L7 authorization, and kernel-level enforcement from a single declaration.

AI-Native Workloads

First-class model serving with disaggregated inference, batch jobs with gang scheduling, and GPU sharing via Volcano. From training to production.

Defense in Depth

Cilium L4, Istio ambient L7, and Tetragon kernel enforcement. Cedar policy authorization at compile time. FIPS 140-2 with rustls + aws-lc-rs.

Declare. Compile. Enforce.

Define your workloads and service relationships. The compiler generates network policies, authorization rules, and runtime enforcement.

1

Define your service

# LatticeService
kind: LatticeService
spec:
  workload:
    containers:
      - name: app
        image: api-server:latest
    resources:
      database:
        type: service
        direction: outbound
2

Declare security posture

# SecurityContext
securityContext:
  readOnlyRootFilesystem: true
  runAsNonRoot: true
  capabilities:
    drop: [ALL]
  allowedBinaries:
    - /usr/bin/api-server
3

Compiler generates policies

# Generated at compile time
+ CiliumNetworkPolicy
+ Istio AuthorizationPolicy
+ Tetragon TracingPolicy
+ Cedar security overrides
4

Enforced at every layer

L4  Cilium network policies
L7  Istio ambient mTLS + authz
LSM Tetragon eBPF kernel hooks

Platform capabilities

Everything you need to run production Kubernetes at scale.

Bilateral Agreements

Both provider and consumer declare the relationship. The compiler generates matching network and authorization policies for both sides.

Cedar Authorization

Compile-time policy enforcement using the Cedar language. Security overrides, access control, and workload authorization.

Runtime Enforcement

Tetragon eBPF programs enforce binary allowlists, rootfs protection, and capability restrictions at the kernel level.

Model Serving

Disaggregated inference with separate entry and worker roles. GPU sharing via Volcano vGPU, model-aware scheduling.

Batch & Training

Gang scheduling, multi-task jobs, and GPU allocation via Volcano. Master/worker topologies for distributed training.

Self-Managing Clusters

Clusters pivot to own their CAPI resources. Multi-provider (AWS, Proxmox, OpenStack, Docker), no single point of failure.

Ready to get started?

Read the docs, explore the APIs, or jump straight into the CLI.

Read the Docs CLI Reference