Artificial intelligence was on the tip of everyone’s tongue, as expected, at the start of last week’s KubeCon/CloudNativeCon North America 2024 in Salt Lake City, until it wasn’t.

If anything, the latest flavors of generative AI and agentic AI are merely driving higher future scalability and stability expectations from Kubernetes-based and related cloud-native applications running almost everywhere, and the open-source projects and vendors that support them. 

With Kubernetes turning 10 years old, we looked back at the early days when “most of the wires were left hanging” for later innovation by the community. Today there are 65 graduated or incubated open-source projects within the Cloud Native Computing Foundation ecosystem, with dozens more supported by thousands of expert contributors from large enterprises and fresh startups dealing with practical concerns of interoperability and integration, data movement and storage, and cybersecurity and governance.

Enterprise-scale needs are constantly evolving, and this community is rising to the challenge of serving developers in scaling and deploying cloud native applications, with new cost efficiency, networking, orchestration methods, composition and security capabilities. 

As trillions of dollars worth of innovation work is already invested in open source projects, patent trolls are starting to rear their ugly heads and litigate license fees and fines from enterprises using the technology. To fight back, the CNCF recently joined the Open Source Zone, announcing a Prior Art bounty challenge where developers can provide proofs of work that predate such claims and crush the offending patents inside the USPTO.

Since this is my sixth KubeCon NA, I tried to visit only the most interesting vendors in the showcase, which was no small task, given the breakneck pace of innovation on display. Here are a few highlights:

Interoperability and integration

The cloud-native paradigm was never just about moving applications to a particular public cloud hyperscaler; it has always been about running and scaling workloads wherever they make the most sense for end customer and user requirements. This year, vendors were serious about supporting this “run anywhere” approach so critical workloads could run in any public cloud, on-prem or on the edge in devices and remote networks.

Also, while platform engineering is no longer as buzzworthy as it was in years past, improving developer and operator experience with well-organized, well-maintained resources has advanced well beyond the self-service portal to incorporate easy low-code workflows and AI-based curation and advice.

On this topic, Diagrid had a festive presence at Kubecon, celebrating the graduation of the Dapr distributed application runtime project with built-in workflow, task chaining, a pub/sub message broker, state and session handling, observability and secure cryptography. Platform engineers can engage further with its Conductor management and analytics platform and its Catalyst SaaS or on-premises supported deployment services.

Mirantis was there, introducing its new Mirantis Kubernetes Engine (MKE) 4 based on the CNCF-certified k0s Kubernetes, offering platform engineers an open-source management solution for declaratively composing, delivering and operating cloud native and hybrid environments including clusters, containers and virtual machines (through KubeVirt). Deployed applications are continuously checked for drift against policy, and managed workloads can keep running, even if underlying components are swapped out or updated.

The nonprofit Cloud Foundry Foundation released its Korifi Marketplace of ready-packaged cloud native reference applications, allowing operators to provision developers and spin up, for instance, a validated Postgres implementation for a medium-sized cluster with just one “CF-*” command.

“Look around – Kubernetes seems to be healthier than ever, and the ecosystem continues to grow, even when economic conditions are tightening, and it’s great to see the momentum still growing,” said William Morgan, chief executive officer of Buoyant Inc., the creator and maintainer of recently announced stable enterprise releases of the popular Linkerd service mesh project. “The question customers are asking here is: ‘If I’m building my business around infrastructure like Kubernetes and Linkerd, how do I know if these open source projects are gonna be around for the next 10 years?’”

Observability, data movement and storage

Gone are the days of purely “stateless” ephemeral microservices that could call on an object store somewhere else. Now more than ever, state, system events and storage persist within Kubernetes clusters, allowing data to scale to fit much more complex application workloads, including gen AI.

“Databases are now the world’s No. 1 workload in Kubernetes, with AI workloads also increasing, which only further multiplies database access,” said Gabriele Bartolini, vice president of cloud native at PostgreSQL contributor EnterpriseDB (EDB), referencing the latest Data on Kubernetes report. “Not only can you now run global scale databases in Kubernetes and massive LDM storage volumes, they run better in a cluster than outside.”

Percona LLC continued to climb toward new open-source data heights with its cloud-native Everest DBaaS platform. It provides self-service point-and-click or CLI provisioning that abstracts away the need for developers to understand the finer points of deploying and cost-optimizing MongoDB, PostgreSQL, Valkey and other databases and data store instances in Kubernetes.

Mezmo Inc. presented its new Flow product, which guides engineers in building telemetry pipelines with a drag-and-drop builder, connecting multiple log data sources, setting early filtering profiles and declaring data destinations such as data lakes, S3 buckets or Datadog monitors.

​​Cribl Inc. increased its footprint within large enterprises since we last covered it at KubeCon 2021 with its vendor-agnostic telemetry data collection and routing solutions. A new agent-based offering natively collects logs, metrics and traces to help engineers troubleshoot Kubernetes clusters without a sidecar, and an AI-based search function allows engineers to find critical events across active data streams and other stores, including their own data lake.

Fresh startup Control Theory was there with an OpenTelemetry-native control plane which manages observability data workflows for a distributed fleet of collectors. By monitoring and routing logs, traces and metrics as they move across different data silos and to leading observability, customers get application visibility while controlling costs and reducing data vendor lock-in.

“I think as more companies are moving into cloud native and there’s an explosion of microservices, observability data will become table stakes,” said Bill Hineline, field chief technology officer at Chronosphere. “It’s going to have to become a utility for those companies, rather than having to build their own pipelines, they will expect best in class telemetry, data sources, monitoring, and workflow, without requiring a very skilled person to write queries or build dashboards.”

I was particularly impressed by a demonstration of the MinIO Inc. AIStor release. In addition to achieving efficiencies such as faster direct-to-GPU data delivery times over RDMA, it includes a unique new prompt API which allows even nondevelopers to make natural language prompts directly into their organization’s S3-compatible object storage facilities.

“People at Kubecon are talking about innovation budgets going toward AI in 2025,” said Matthew LeRay, CTO at Speedscale Inc. “To do that, you get everything pumping in your data warehouse, you’re hyperscaling across clouds and on prem, and you’re calling it an AI project, but it’s repurposing the same spend. Everybody’s still trying to run towards hyper efficiency, and that means getting more useful software out of the IT spend they already have.” 

Cybersecurity and governance

Cloud-native security has evolved to address new levels of application composition concerns, because even when using well-managed git repositories and automated CI/CD pipelines, the real software supply chain isn’t simply reflected in a build manifest or a declared SBOM (software bill of materials), it’s hidden within the ground truth of deployed binaries that support every workload.

According to the latest​​ LF Research 2024 Cloud Native Security Report, the top challenge in securing cloud native applications is the complexity of software and infrastructure, but there’s a silver lining: Some 84% of respondents are saying their cloud-native applications are more secure than they were two years ago.

Kusari offers software supply chain monitoring built atop the open-source GUAC project they help maintain. Its new software-as-a-service offering maps software inventories into a graph database, proactively alerting engineering teams to vulnerable packages, problem dependencies and license conflicts, as well as readily available SBOMs and attestations.

KTrust takes a unique attacker-oriented security approach, attempting to manipulate and control Kubernetes clusters in operation. Fortunately, if an exploit is discovered, the solution dons a white hat, and reports the issue to supporting engineers with step-by-step remediation instructions, including code changes.

“Everyone has been very focused on the shift-left part of their cloud security posture, making sure that there are no misconfigurations and vulnerabilities, which is important, but now threat detection and response is moving into runtime containers and clusters so incidents happening in production can be resolved in real time,” said Jonathan Kaftzan, vice president of marketing of ARMO Ltd., which uses eBPF and their own Kubescape project to sniff out security incidents.

The Intellyx take

This KubeCon, I was especially impressed by the collaborative energy on display, and sessions where developers from traditionally competitive vendors shared deep insights. Though the official attendance count was just under 10,000, the buzz of activity and conversation in hallways and on the show floor might have finally surpassed pre-pandemic excitement levels.

To get in the spirit, I highly recommend watching the fascinating documentary “Inside Argo: Automating the Future,” which premiered at the conference, to get a feeling of just how much open-source collaboration can achieve.

“A lot of CNCF TAGs [technical advisory groups] are looking for new contributors to come in and take up leadership roles,” said Liz Rice, chief open source officer of Isovalent at Cisco. “So if you’re interested in security, or observability, you can get involved directly with these projects. For example, if you are excited about eBPF and Cilium, come on over to our Slack channel, find some issues and get stuck in.”

Whether you are a developer, engineer or aspiring startup vendor seeking to stay ahead of the application scalability and performance curve AI is going to drive over the next five years, I recommend attaching yourself and your company to a CNCF project at whatever level of involvement you can contribute. Who knows? Your desk might gain a few new stuffies from your own pet project contributions along the journey!

Jason English is partner and principal analyst at Intellyx. He wrote this article for SiliconANGLE. Intellyx B.V.

Photo: CNCF/Flickr