UPDATED 17:41 EST / JANUARY 19 2023

CLOUD

Kubernetes in 2023 mirrors the enterprise quest for simplification

What will the Kubernetes agenda be in 2023?

The past year saw significant discussion around security, growing use of open-source tools to run enterprise systems, and how an expanding developer ecosystem may reduce Kubernetes complexity. Within these key topics can be found another important dynamic. There is a great deal of innovation in the container space, and this will set much of the cloud-native agenda during the coming year.

“Containers have gone supernova with Kubernetes, with a complete ecosystem of opportunity to create the next operating system in software development,” John Furrier, chief executive and industry analyst for SiliconANGLE Media, said during a discussion at KubeCon + CloudNativeCon NA 2022. “To me, KubeCon is at the center of Software 2.0 or 3.0. It’s not where the old school is; it’s where the new school is.”

Software as differentiator

The “new school” impact of containers highlights the continued influence of open source as a change agent for many industries. Stu Miniman, Red Hat Inc.’s director of market insights for cloud platforms, participated in a Kubernetes-related event last year called OpenShift Commons, which featured presentations from several notable organizations.

“We had Ford, Lockheed Martin, University of Michigan, ING Bank all speaking there,” Miniman said during an interview with theCUBE, SiliconANGLE Media’s livestreaming studio. “There is not an industry that is not touched by this, and the general wave of software adoption is the reason why. The creation of new software is one of the differentiators for many companies.”

Open-source tools have provided much of the momentum behind Kubernetes growth and container adoption, and the cloud-native community is beginning to see a rise in ancillary tools for specific developer needs. One of these is Finch, an open-source macOS client for building and running container images. Another is Lima, a command line utility for running containerd on macOS. Amazon Web Services Inc. has been an active contributor to both projects, driven by customer interest in adding new functionality for the container space.

“Our customers are going to make their own business decisions,” Deepak Singh, vice president of compute services at AWS, said in an exclusive interview with SiliconANGLE during re:Invent 2022. “That’s why AWS is involved in so many open-source projects because our customers asked us to build them.”

Developer growth

Customer interest in expanding the base of open-source tools has also resulted in growth of the cloud-native developer ecosystem. The Cloud Native Computing Foundation has reported that the cloud-native developer population grew 51% over the past two years, reaching 7.1 million developers worldwide.

Accompanying this growth has been an expansion of containerized applications in production. The number of global organizations running containerized apps will rise to 90% by 2026, a jump from 40% in 2021, according to Gartner.

Another measurement of growth can be found in the number of open-source projects under the CNCF umbrella. There were 14 at the end of 2017. As the foundation starts 2023, there are 141 listed projects.

“This cloud-native ecosystem is still in that Cambrian explosion of new projects and new opportunities,” said Red Hat’s Miniman. “We’re always looking for what the next thing is. And what’s great about this ecosystem is most of it tends to be additive and plug into the pieces that span beyond what can happen in the container world.”

Push for simplification

Despite the robust growth of Kubernetes and the cloud-native world in general, there are obstacles that could slow future adoption. One of these involves complexity or, as one developer recently described it, “the brutal learning curve of a new Kubernetes cluster.”

One of the original developers of Kubernetes, Joe Beda, has freely admitted that the technology is complex. This led Beda and his co-developer, Craig McLuckie, to found Heptio Inc. in 2017 to reduce container complexity.

Container platform complexity has fostered development of new tools that automate cloud-native functions. StormForge Inc., a startup focused on building AI-powered software products, has developed capabilities for the automatic scaling of Kubernetes.

“We started out running our machine learning workloads and moving them into Kubernetes,” Patrick Bergstrom, chief technology officer of StormForge, said in an interview with theCUBE. “And then we weren’t quite sure how to correctly adjust and size our containers. So our machine learning team got together and wrote an algorithm, and then we said, ‘Well, holy cow, that’s actually really useful. I wonder if other people would like that?’ And that’s where we got started.”

There is also a move toward internal developer platforms, or IDPs, to facilitate an easier way for managing Kubernetes resources. Google LLC’s cloud business recently debuted new features designed to streamline the use of IDPs that enable self-service functions for developers.

Security threats

Another nettlesome issue surrounding the cloud-native community is security. Cyberattackers have demonstrated a growing interest in container exploits and new flaws are being uncovered.

Researchers at Armo Ltd. disclosed in a December blog post that a security vulnerability in the Kyverno admission controller for container images could result in the injection of unsigned code into a Kubernetes cluster. Kyverno is a policy engine for validating configurations in Kubernetes. In early January, Armo announced that CNCF had accepted its open-source security platform Kubescape as a sandbox project.

At the start of the year, a Microsoft researcher discovered that cryptojacking threat actors have been exploiting misconfigured PostgreSQL servers to access Kubernetes environments. These two most recent incidents highlight the need for security standards that can comprehensively address vulnerabilities in container and open-source platforms.

“Despite delivering billions of applications with advanced ease and manageability, a major concern of Kubernetes is its ability to maintain security standards across the board,” said Taylor Ellis, customer threat analyst at Horizon3 AI Inc., in an interview with SiliconANGLE. “The mantra of ‘with greater scale comes greater responsibility’ should be called upon by security professionals to ensure that the open-source software does not provide free exposure to external parties — attackers or researchers alike.”

The Kubernetes community has responded by releasing new security features, with the latest update in December. These include a keyless signing protocol that makes it more difficult to disguise malware as a Kubernetes update.

This enhancement leverages Sigstore cosign, which supports container verification and storage in an OCI registry. By strengthening the signing and verification for container applications, cloud-native users hope to limit vulnerabilities in the software supply chain.

Platform focus

Recent developments in the container space have reinforced a trend that has been building in the cloud-native community. Users are gravitating toward platform-centric operations. One example of this can be found in Carvel, a project that originated with VMware Inc. as a set of composable tools for application building, configuration and deployment to Kubernetes.

Carvel became a CNCF Sandbox project in October. VMware demonstrated Carvel’s capabilities for automating the installation and management of software on the container orchestration tool during a presentation last fall. As the new year gets rolling, 2023 could mark a significant step forward for the platform age of Kubernetes.

“I believe Kubernetes and serverless are the new runtime platform,” Ajay Patel, senior vice president and general manager of the modern apps application platform business at VMware, said during a conversation with theCUBE in November. “It’s about marrying that around the application patterns. Let me just run the application, let the infrastructure manage the operation of it. I shouldn’t worry about it.”

Image: peshkov/Getty Images

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU