At KubeCon, cloud-native starts to get real for the enterprise
Keynote speakers inadvertently signaled a tipping point for Kubernetes and the entire cloud-native computing movement this week at the Cloud-Native Computing Foundation’s KubeCon + CloudNativeCon 2019 conference in San Diego.
During the first day of keynotes, Liz Rice, chair of the CNCF technical oversight committee and vice president of open source engineering at Aqua Security, pointed out that cloud-native technologies have to run in the cloud.
The next day, however, the story from the CNCF had undergone a subtle, but significant transition. Rae Wang, group product manager at Google, laid out the cloud-native story for 2020, and it was all about multicloud and hybrid information technology.
Hybrid IT – an intentional combination of cloud and on-premises environments – is the reality for today’s enterprises. By cementing cloud-native computing as the foundation for hybrid IT, the CNCF and, by extension, the entire Kubernetes community has turned a corner.
Cloud-native isn’t just about cloud anymore. It’s time to make cloud-native for the enterprise real.
Making everything work with everything
At 12,000 attendees, this KubeCon ranks as perhaps the largest open-source conference in history. Yet, though enterprises today understand and value open-source technologies, they also depend on an ecosystem of commercial vendors to round out and support Kubernetes and its brethren.
The maturation of the commercial offerings, in fact, is a primary harbinger as well as a contributor to the operationalization of cloud-native computing. The vendors leading this charge are not simply complementing open-source projects. They are also connecting such projects to the broader hybrid IT story.
Case in point: New Relic Inc. This company cut its teeth offering SaaS-based application performance management to enterprises. Now, however, it offers a comprehensive observability solution across Kubernetes, traditional virtualization, serverless and more traditional on-premises offerings. New Relic can import data from a number of cloud-native sources, including OpenTelemetry, Envoy, Istio and Prometheus, and provides observability across multiple Kubernetes clusters. (* Disclosure below.)
Kubernetes groups containers into pods and pods into clusters, so people might think that dealing with multiple clusters is an advanced problem that is well into the future.
The reality, however, is different: As enterprises ramp up their Kubernetes deployments, they soon have a need for a pair of clusters. And once they have two, they soon realize that they want to run several pairs in different locations to improve latency and overall resilience.
Multicluster management – especially in hybrid IT environments – is therefore an essential part of operationalizing cloud-native computing. Targeting this problem is Rafay, which is able to create, deploy, operate, monitor, upgrade and retire Kubernetes clusters and Kubernetes-resident applications across regions, clouds and environments – even when those environments are on-premises.
Another hybrid IT challenge: connecting applications together with workflows or business processes or other “application pipelines.” Robin.io is leveraging its deep expertise in cloud-native persistence to automate such pipelines across each application lifecycle from deployment to scaling to updates and eventual retirement. Under the covers, Robin can coordinate each application’s state at all levels, from the underlying storage and databases to the application tier to the user interface, even as application pipelines hand off execution flow from traditional applications to containerized apps on Kubernetes.
Governance, security and compliance: every enterprise’s story
Assemble a room full of application and infrastructure developers – a very large room, as it happens – and governance, security and compliance aren’t likely to be high on their list of priorities.
In order to operationalize cloud-native technologies for widespread enterprise use at scale, however, these three core challenges suddenly become top of mind.
It’s no wonder, therefore, that this KubeCon’s stories in these areas centered not simply on how to govern and secure Kubernetes, but also on how to place Kubernetes and the rest of the broader cloud-native ecosystem squarely into this enterprise context.
Such is the strategy of Styra, the vendor behind the open-source Open Policy Agent project. The idea of OPA is to establish a lightweight, standard approach to representing and enforcing policies across the Kubernetes landscape.
Today, Styra is ramping up its efforts to commercialize OPA, offering declarative authorization for securing Kubernetes – and by extension, any piece of software that supports OPA.
OPA is in “incubation” with the CNCF, so it’s still early days, but the writing is on the wall: For any component of a hybrid IT deployment to participate in consistent policy representation and enforcement (on or off Kubernetes), that technology should support OPA.
Among the numerous security suppliers at KubeCon, the one that stood out as focusing on making cloud-native technologies operational was Scytale, whose offering centers on solving the attestation problem. Attestation essentially means that you can verify that a piece of technology is what it says it is and has the right to do what it wants to do.
Historically, attestation is an element of identity management, where the focus is on the identities of humans. Scytale, in contrast, deals with the identities of everything but humans – services, containers, infrastructure components and other bits of software (or hardware) that all want to do something in the cloud-native environment. Scytale ensures these bits of tech are what they say they are and have the right privileges to take action – even though the human intent for their behavior may be several steps removed from the component or service in question.
The big picture: fabric thinking
There’s no question that the Kubernetes ecosystem has a plethora of moving parts, as does enterprise IT. We might have hoped that the move from on-premises to cloud to cloud-native would have simplified matters somewhat, but from the perspective of the infrastructure, we’ve only added additional layers of complexity.
The primary challenge of cloud-native computing, therefore, is managing this complexity – and the most important tool in the techie’s tool belt for this purpose is abstraction.
Abstractions essentially hide complexity from the users of technology, presenting them with simplicity, usability and flexibility that belies the complexity beneath.
Nobody likes talking about abstractions, however (except maybe architects), so let’s use a friendlier term: fabric.
Cloud-native computing requires a comprehensive, end-to-end fabric that supports the dynamic needs of the business while dealing with the underlying technology in a largely automated fashion. Every cloud-native technology offering, both open-source as well as commercial, should support this fabric.
The five vendors in this article are particularly adept at such “fabric thinking.” They each in their own way deal with a multitude of elements – applications, data feeds, policies, attestations and the like – and provide a coherent abstraction that simplifies the ability of the business to leverage such technology to meet its needs and the needs of its customers.
Fabric thinking, therefore, is at the heart of making cloud-native operational. Yes, all the various properties of cloud-native computing, from scale to observability to security by design are part of the equation. The challenge for enterprises today is to stitch these properties and the technology that exhibits them together into a coherent cloud-native fabric.
(* Disclosure: New Relic and Robin are Intellyx customers. None of the other companies mentioned in this article is an Intellyx customer.)
Jason Bloomberg is founder and president of the agile digital transformation analyst firm Intellyx, which advises companies on their digital transformation initiatives and helps suppliers communicate their agility stories. Bloomberg, who can be followed on Twitter and LinkedIn, is also the author or coauthor of four books, including “The Agile Architecture Revolution.”
Photo: Phil Estes/Twitter
A message from John Furrier, co-founder of SiliconANGLE:
Your vote of support is important to us and it helps us keep the content FREE.
One click below supports our mission to provide free, deep, and relevant content.
Join our community on YouTube
Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.
THANK YOU