KubeCon + CloudNativeCon 2023: Container no-brainers
It’s time to think about Kubernetes.
It’s time… because this month sees the Cloud Native Computing Foundation (CNCF) host Kubecon + CloudNativeCon Europe 2023 from April 18-21 2023 in Amsterdam.
The Computer Weekly Open Source Insider team attended the show in the Dutch capital to catch up with a full handful (Ed: five, right?) of cloud container orchestration specialists and listen to what they think are the factors now determining the state of Kubernetes (K8s) for developers and DevOps teams today.
“Kubernetes adoption has soared over recent years and it has become core to many digital transformation initiatives. But there is some concern that security strategies haven’t kept pace,” said Ajmal Kohgadai, senior principal product marketing manager, security, Red Hat.
In Red Hat’s The State of Kubernetes Security in 2023 report, which surveyed 600 DevOps, engineering and security professionals worldwide, 38% of respondents stated that security investment in containerised operations is inadequate (up 7% from 2022). Additionally, some 67% of respondents have had to slow down cloud-native adoption due to security concerns.
“To remedy this, security should be looked at as a core component of successful technology adoption, not a blocker. This means implementing security solutions earlier in the development process: security-as-code across the entire infrastructure and application stack and all through the software lifecycle,” argues Kohgadai.
The suggestion here is that integrating security into development workflows is also fundamental to supporting end-to-end, automated security, with nearly half of Red Hat’s analysis respondents saying they have a DevSecOps initiative in advanced stages.
Mainstream not daydream
Mark Boost, CEO of UK-based cloud innovators Civo agrees that Kubernetes has become a truly mainstream technology. From its early days as a tool of experimentation for solo developers, a growing list of large enterprise organisations now rely on it every day.
“Increasingly now, firms are integrating Kubernetes in their entire tech stack, using it to rapidly scale up and optimise clusters across hybrid environments, from cloud to on-premise infrastructure. Civo research found 86% of IT professionals saw the role of Kubernetes in infrastructure management growing in the future,” said Boost.
In his view, complexity and a steep learning curve remain barriers to Kubernetes adoption. He says that navigating this complexity leaves organisations at risk from misconfigured Kubernetes setups. A majority (53%) of developers told Civo they are concerned about the security of Kubernetes.
“To tackle this, important new tooling and industry-wide standards are being created at both a government and private sector level to ensure safe and sustainable adoption of the technology,” added Boost.
Proferring a monitoring offering
According to Roman Khavronenko, co-founder of monitoring specialist VictoriaMetrics, monitoring Kubernetes and Kubernetes applications is the most popular use case for most monitoring solutions. So, ah-hem, monitoring is quite important then is it?
“By default, Kubernetes exposes huge amounts of metrics, which grows over time – and only 25% of these metrics are ever used. There is also no established standard for metrics (including in Kubernetes), which means those in the community and various companies have tried to invent their own standards. Various standards used without a single platform’s architecture results in even more metrics being stored – and probably not used,” said Khavronenko.
The amount of metrics it produces is a challenge many are still trying to overcome says Khavronenko, but he says… focusing on optimising software to use less RAM and disk space for high cardinality series can give businesses the ability to scale up or down depending on user or client requirements.
“It’s a metrics mess without the proper solutions in place. But for all its potential downfalls, modern technology would not be as resilient as it is today without Kubernetes,” added Khavronenko.
According to Rahul Pradhan, VP of cloud products at Couchbase, Kubernetes is still proving successful in helping organisations overcome the age-old problem of vendor lock-in.
Traditional, old-style cloud technology
However he says, many IT leaders still aren’t ready for the differences between running containers compared to a more ‘traditional’ cloud infrastructure.
“For example, the far larger number of instances makes it even easier to lose control over infrastructure, creating container sprawl,” said Pradhan. “ There’s also the issue of interoperability, as the existing technology stack may interact very differently with a containerised infrastructure. To avoid this, always check for certification as a first step. The Cloud Native Computing Forum’s Certified Kubernetes Conformance Program guarantees portability, interoperability and confirmability for any certified products and services, and should always be at the top of any checklist.”
At the same time, he add, organisations need to maintain full control of these vast infrastructures – automating manual processes, ensuring repeatability and a uniform infrastructure and preventing creation of new instances from spiralling out of control.
“SaaS automation capabilities that can easily replicate containers and clusters while allowing for limits on creation – such as an upper-cost limit – are crucial for providing this control,” concluded Pradhan.
The themes here are apparent, Kubernetes control, costs and complexity, complexity, complexity all in the face of security, observability (okay, let’s say monitoring), interoperability and the need to develop and progress the use of this technology to state where it is more ‘baked in’ and assumed to be a functional part of the IT stack substrate from the start.