starlight

Starlight is a local-first virtualization and edge computing platform built for environments where reliable connectivity can't be guaranteed. It enables teams to run virtual machines, containers, and AI models on minimal infrastructure - as few as a single node or two for HA - without depending on a centralized control plane. Designed for defense, government, and critical infrastructure use cases, Starlight operates autonomously at the edge while maintaining security, observability, and fleet-wide coordination when connectivity is available.

Yes. Starlight provides a modern alternative to VMware's virtualization stack, purpose-built for edge and disconnected environments. It delivers VM lifecycle management, live migration, distributed storage, and networking without the licensing complexity or centralized architecture that VMware requires. For organizations affected by Broadcom's acquisition of VMware - facing rising costs, uncertain licensing, and reduced support - Starlight offers a predictable, operationally simpler path forward that doesn't sacrifice enterprise capabilities.

Starlight is architected around the principles outlined in NIST SP 800-207. Every interaction - whether between nodes, workloads, or operators - is authenticated and authorized using identity-aware access controls. There is no implicit trust granted based on network location or prior session state. Starlight enforces least-privilege access, continuous verification, and cryptographically secured communications across all platform components, supporting organizations working toward full Zero Trust Architecture adoption.

Starlight is not a Kubernetes distribution, but it supports Kubernetes-native workflows. Teams can deploy workloads defined as Helm charts and Kubernetes pod manifests directly onto Starlight infrastructure without requiring a full Kubernetes control plane. This gives operators access to familiar tooling and application packaging formats while eliminating the operational overhead and resource demands of running Kubernetes or OpenShift at the edge.

Beyond simple compatibility, Starlight empowers you to deploy Kubernetes in multiple flexible forms tailored to your operational needs:

• K3S: Lightweight Kubernetes for edge deployments or resource-constrained environments.

• RKE2: Robust Kubernetes distribution for enterprise-grade workloads.

• MicroVMs: Deploy Kubernetes on microVMs for enhanced efficiency and faster provisioning, efficient resource usage of hardware, all while maintaining isolation and security.

• Full-Blown VMs: For traditional Kubernetes environments requiring comprehensive virtualization support, Starlight delivers unmatched performance and scalability.

Starlight’s flexibility ensures that no matter how you choose to run Kubernetes, you’ll benefit from its advanced security features, hardware-level isolation, and performance optimizations.

Starlight is built on a foundation of trusted open-source technologies including Linux, KVM, libvirt, and Podman. The platform integrates these components into a hardened, enterprise-supported product with a verified software supply chain. Every component is signed, scanned, and shipped with a complete Software Bill of Materials (SBOM), giving customers full transparency into what runs on their infrastructure.

Starlight runs on standard x86_64 server hardware with no proprietary appliance requirements. It supports bare-metal deployments on commercial off-the-shelf (COTS) servers, ruggedized edge hardware, and tactical compute platforms. Starlight also takes advantage of modern hardware security features including AMD SEV-SNP and Intel TDX for confidential computing, providing workload protection even in physically contested environments.

Edge environments operate outside the protections of a traditional data center. Devices deployed in forward operating locations, remote sites, or contested areas face threats that centralized platforms aren't designed to handle - intermittent connectivity, physical tampering, supply chain compromise, and adversarial network conditions. Secure edge computing ensures that workloads continue to run, data remains protected, and operators maintain control even when disconnected from higher headquarters or cloud services.

Starlight implements Zero Trust at the platform level rather than relying on network perimeter defenses. Every node maintains its own cryptographic identity, and all communication between nodes is mutually authenticated and encrypted using post-quantum cryptographic algorithms. Access decisions are made per-request based on identity, role, and context - not network location. Combined with immutable infrastructure, signed software supply chains, and confidential computing support, Starlight ensures that trust is continuously earned and never assumed.

Starlight offers competitive subscription-based pricing, designed to be significantly more cost-effective than VMware. We provide flexible pricing models tailored to meet the specific needs of your organization. For detailed information or to discuss a customized pricing plan, please contact our sales team.