The Kubernetes ecosystem was on full display at the Cloud Native Computing Foundation’s KubeCon + CloudNativeCon in Barcelona this past week. But many of these providers weren’t simply supporting customers’ Kubernetes efforts to implement cloud-native architectures. They were also taking advantage of cloud-native approaches themselves.

Here are the highlights:

State in a stateless world

Take, for example, the challenge of maintaining state in Kubernetes’ essentially stateless environment. Given the dynamic ephemerality of containers, simply connecting them to a database or file system as though the applications running in those containers were leveraging a traditional virtual machine environment would lead to a range of performance issues and the possibility of lost data in the event of unexpected failures.

Rising to this challenge are companies such as MayaData Inc., which offers a storage and data platform for containerized and cloud-native environments. MayaData essentially offers container-attached storage that can provision, back up, monitor, and manage Kubernetes workloads, and can even migrate them across clusters and from one cloud to another.

Robin also offers cloud-native storage and data management for Kubernetes, and can manage state information at the application level, abstracting the storage tier entirely. This capability provides increased resilience for applications running on Kubernetes, including big data apps and databases running either in the cloud, on-premises or any combination.

Securing containers and microservices cloud-natively

Security is always a top enterprise concern, and the dynamic nature of containers and the concomitant explosion of microservices expands the enterprise threat surface dramatically.

Any Kubernetes-centric security product must therefore focus specifically upon the security needs of containers within the Kubernetes environment. Twistlock Ltd., for example, provides cloud-native security that can identify and prevent unexpected binaries in containers from running. It can thus block malware, including cryptojacking software, and can stop attacks as they attempt to launch a command shell.

Similar to Twistlock, Alcide.io Ltd. also offers continuous Kubernetes security. Where it diverges is how it also offers security for Istio, the open source service mesh technology that is rapidly gaining adoption in the Kubernetes world. Alcide also offers application security for developers, providing code “hygiene” that steers coders away from introducing vulnerabilities into their microservices.

Supporting DevOps with containers

Most discussions of DevOps include a focus on CI/CD, or continuous integration and continuous delivery. While people often lump these two concepts together, in reality they are distinct, with CI centering on application development and CD falling into the ops bailiwick.

Just one problem: CD is far more difficult than CI. Most DevOps shops are thus mostly focusing on CI, but not yet ready for CD. Since Kubernetes is IT infrastructure, it falls squarely into the enterprise ops camp – and thus, CD becomes the app dev team’s core challenge.

One company focusing on CD challenges is Codefresh Inc., which offers a containerized continuous delivery pipeline platform for Kubernetes. In other words, every task in the CD pipeline is a docker container image, which Codefresh implements on its platform along with all of the configuration information necessary to automate the task.

CD may perhaps be one of the greatest DevOps challenges facing Kubernetes, but visibility into running clusters is every bit as important. Kubernetes puts containers in pods and then groups pods into clusters – and enterprises may actually run dozens or hundreds of geographically distributed clusters at scale.

Keeping track of such complex, dynamic environments falls well outside the purview of traditional monitoring tools. Cloud-based application performance management provider New Relic Inc. is stepping up to the plate, filling this gap with its Kubernetes Cluster Explorer.

This product offers multidimensional monitoring for organizations that are running Kubernetes at scale – which typically means multiples of clusters. New Relic can answer questions about the health of each cluster, the relationships among the various objects within each cluster and between clusters, and the health of each one.

The Kubernetes Cluster Explorer offers developers the visibility they need to understand limitations of application latency and behavior, and gives them the ability to optimize application performance. For ops personnel, the tool enables them to manage resiliency at scale – and in many cases, predict and resolve problems before they occur.

Cloud-native data science and AI

Dealing with data-intensive tasks like big data analysis and artificial intelligence activities can be challenging in Kubernetes’ inherently stateless environment. Many existing approaches to handling state aren’t performant enough for such data intensive tasks. Furthermore, Kubeflow, Kubernetes’ open source machine learning library, lacks many features necessary for it to be useful in modern enterprise scenarios.

Iguazio Systems Ltd. is well-positioned to address these challenges with its cloud-native data science platform. Iguazio’s core tech is a data integration platform – and it also provides the technology leadership for the open-source nuclio serverless computing platform.

The company has leveraged these strengths to deliver a Kubernetes-based platform for data scientists that takes a cloud-native approach to maintaining state that leaves clients stateless, thus avoiding the limitations of stateless computing while providing the tools data scientists need to do their jobs.

Kubernetes at the edge

Edge computing is also an area that is benefitting from rapid Kubernetes adoption as enterprises realize that content delivery networks fall short of delivering on modern edge computing requirements. The challenge: there’s an increasing need for compute at the edge, while traditional CDNs focus on caching in order to speed up delivery of web pages.

Kubernetes is potentially a good fit for such requirements, and Section is helping to make Kubernetes at the edge a reality. The company offers a cloud-native edge compute platform that both optimizes Kubernetes for edge-centric tasks and can also decide the optimal locations for compute at the edge. As AI inference at the edge becomes increasingly popular, Section’s technology will be well-positioned to support such high-performance demands at the edge.

Rising tide lifts all Kubernetes boats

“Kubernetes” is Greek for “helmsman,” and many of Kubernetes’ projects have nautical terms as well – so considering the current Kubernetes ecosystem as boats on a rising tide is apropos.

To be sure, the rapid rise of this open source platform has opened up numerous opportunities for companies to complement, package and facilitate various add-ons to the core Kubernetes offering. This article only covers a representative handful – but overall, the variety of interesting offerings at KubeCon dwarfed the ecosystems on display at similar vendor-centric conferences.

The obvious conclusion: If you’re interested in enterprise IT infrastructure, Kubernetes should be your technology of choice, and KubeCon is the place to be.

I explored these trends at the conference in an interview on theCUBE, SiliconANGLE Media’s livestreaming studio:

Jason Bloomberg, a leading IT industry analyst, author, keynote speaker and globally recognized expert on multiple disruptive trends in enterprise technology and digital transformation, is founder and president of agile digital transformation analyst firm Intellyx. The firm publishes the biweekly Cortex newsletter, advises companies on their digital transformation initiatives and helps companies communicate their agility stories. (* Disclosure: Iguazio, New Relic and Robin are Intellyx customers. None of the other companies mentioned in this article is an Intellyx customer. The Cloud Native Computing Foundation partially covered Jason Bloomberg’s expenses at KubeCon + CloudNativeCon, a common industry practice.)

Photo: Kasper Nissen/Twitter