Industrializing the Kubernetes platform at Kubecon 2022
The cloud native ecosystem is currently going through its own kind of industrial revolution, so it seemed fitting that the Cloud Native Computing Foundation held its blockbuster open-source KubeCon + CloudNativeCon North America 2022 event this week in Detroit, where the world’s first auto assembly line was set in motion over a century ago.
Much like the automotive industry later refined its supply chain by allowing different models to be built atop common platforms, enterprises that are successfully delivering industrial-strength cloud native applications are doing so with a platform strategy to ease Kubernetes adoption constraints for DevSecOps teams.
If there was one big takeaway this year, it would be the re-emergence of the platform paradigm in cloud-native clothing.
By this pattern, distributed individuals, operators and dev teams who once relied on self-learning and trial-and-error approaches to roll their own microservices architectures should instead lean on an expert platform team that can readily package approved “golden state” environments of Kubernetes clusters for them – with scaling, networking and security settings optimized for the target application and infrastructure.
In the keynotes, Shatarupa Nandi, senior director of engineering for VMware Inc.’s Tanzu, demonstrated how the newly sandboxed Carvel project advances packing capabilities for platform teams that still want to maintain governance even in self-service scenarios.
Autonomous vehicle startup Cruise discussed how it stamped out some 75 multitenant k8s environments for its cross-functional design and dev teams using Crossplane and Helm, with automatic configuration changes. An additional highlight was a cartoony “Rainbows-as-a-Service” live demo featuring a heroic platform team that reduced developer buildpack provisioning to one function deploy call to an API.
“Platform engineering is really hot right now in the cloud native space because it’s a natural extension of self-service DevOps provisioning and GitOps pipelines,” said Asanka Abeysinghe, chief technology evangelist at WSO2 LLC. The open-source firm was there demonstrating new bring-your-own-container packaging and deployment portal capabilities within its Choreo development-platform-as-a-service solution.
“Even before Kubernetes, we were managing container platforms at Twitter and Airbnb similarly to how Google did it, using a platform team that provides a golden path for developers to deliver applications,” said Tobi Knaup, chief executive of D2iQ Inc. “It’s been interesting to see how distributed the adoption of Kubernetes has been so far, but if every DevOps team runs their own cluster, they are missing out on efficiencies of scale, and the benefits of having updates, shared resources and security taken care of by the platform.”
It’s still made of containers
Kubernetes is just now emerging from its “shiny new thing” phase. But many at the event were also talking about the ubiquity of the humble container that started the whole revolution.
“There’s a bit of a container renaissance going on here,” said Pieter van Noordennen of Slim.AI Inc. “A lot of people are doing interesting innovation in the container space, and developers demand more tools and expertise to secure them for production-ready use.”
Slim.ai’s Ayse Kaya presented the results of scanning 900,000 containers for flaws and dependencies in their extensive container security report in a keynote. Of particular note, more than 60% of publicly available containers were found to contain known vulnerabilities.
Attacks such as Log4Shell and ransomware are becoming particularly spooky, leading some teams either to slow down releases or to try automating more of the container security process as part of a platform such as DockerHub, which already boasts more than 18 million active accounts and billions of container images served.
“Applications are increasingly assembled from open source components that are outside the organization, which creates a fantastic opportunity for cybercriminals who can also access the source code,” said Scott Johnston, CEO of Docker Inc. “Developers hate anything that gets between them and shipping, so we want to provide trusted building blocks, and we automatically scan for vulnerabilities when they push a container up, then create a software bill of materials, and sign it for the developer, so if any aspect got tampered with they’d immediately be aware of it.”
“Teams are running into challenges running multicluster Kubernetes at scale,” said Utpal Bhatt, chief marketing officer of Tigera Inc. “They are using different distributions of Kubernetes and the control plane kind of stops at a cluster boundary. They are asking for help with cross-cluster networking, and security and encryption.”
Learning to close the skills gap
Finding and training enough technical talent is the perennial issue of cloud native development, but with 176,000 project contributors and an estimated 7 million developers in the extended community, it seems like democratization is finally within reach.
“People have Kubernetes on their mind, and just looking at the number of people searching for Kubernetes and seeking training, it’s clear that the growth curve is even sharper than for instance, when VMs were introduced,” said Tom Leyden, vice president of marketing at Kasten by Veeam.
Since an informed developer is also the best customer for many cloud-native solutions, the cloud-native backup and recovery vendor rolled out a prototype training course last year and has virtually trained thousands of developers on Kubernetes fundamentals and architectural concepts at its KubeCampus.io site.
It seems daunting to look at the gathering of now 1,169 project cards in the cloud native landscape. Where should you start? Which tools do you really need? Encapsulating cloud native expertise and recommendations can be done as part of a platform approach, but success really comes down to the willingness and ability of people to learn something new.
“I’m tired of hearing how Kubernetes is too complex – it must not be that complex because thousands of companies are already operationalizing it, and the alternatives are way worse,” said Ken Ahrens, CEO of Speedscale Inc. “Try to build scalable apps the old way on VMs – then load management, container configuration, API gateways are on you, and you have to repeat that work with each instance. With Kubernetes, you have logical namespaces, and networking, security and monitoring can be applied across clusters for you.”
The Intellyx take
There was no shortage of excitement about cloud native at this show, and even from the perspective of an analyst, the friendly, inclusive nature of this still-fast-growing community is nothing short of astounding.
If everyone is already doing something Kubernetes or planning to, then this market still hasn’t come close to being boring, because there are so many edges and use cases appearing as a result of each new release.
Ultimately, if the cloud-native platform pattern of delivering and governing software and infrastructure in one motion succeeds, we’ll see entirely new classes of applications and a democratization of choices for delivering applications that we hadn’t even thought possible.
Jason English is principal analyst and chief marketing officer at Intellyx LLC, an analyst firm that advises enterprises on their digital transformation initiatives. He wrote this article for SiliconANGLE. At the time of writing, WSO2 and Kasten by Veeam are Intellyx clients, and the author is an adviser to Speedscale. None of the other vendors or projects mentioned here is an Intellyx customer. The writer’s attendance costs were covered by the event hosts, a common industry analyst practice.
Photo: Jason English
A message from John Furrier, co-founder of SiliconANGLE:
Show your support for our mission by joining our Cube Club and Cube Event Community of experts. Join the community that includes Amazon Web Services and Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger and many more luminaries and experts.
We really want to hear from you, and we’re looking forward to seeing you at the event and in theCUBE Club.