6 Years Later: How Kubernetes Revolutionized How We Use the Cloud
July 15, 2020

Loris Degioanni
Sysdig

Kubernetes had a birthday last month and while it's odd to wish happy birthday to software, I do feel that we need to pay homage. In its six years of "life," Kubernetes has revolutionized how we build, and deliver applications.


When organizations first began the march to the cloud, it was to save time and avoid large capital outlays, but it came at the expense of vendor lock-in. Others stayed away because scaling infrastructure and applications in the cloud was anything but effortless. The introduction of Kubernetes upended what is possible in the cloud, along with conventional roles and processes.

The Benefits of Kubernetes

Kubernetes' emergence over the last six years as the de facto operating system has given companies the gift of speed and agility. Kubernetes has made it easier to create and manage application components based on containers, link services, automate scale and failover, and tear containers once they outlive their usefulness. Developers are realizing new features and applications in days. Before it would take weeks, months, or even years. By making small improvements continually, organizations can speed innovation and reduce risk.

A recent survey from VMware found that 95% of people have seen clear benefits since adopting Kubernetes, with 56% of respondents noting utilization as a top Kubernetes benefit, along with 53% recognizing shorter software development cycles. Additional benefits recognized in the survey include containerizing monolithic applications, enabling a move to the cloud and reducing public cloud costs.

And these advantages are being realized with increased adoption. In December 2019, a survey by the Cloud Native Computing Foundation found that four out of every 10 enterprise companies (companies with 5,000+ employees) were running Kubernetes in production environments. Even more have tiger teams testing Kubernetes in development stages. Since COVID, the number is expected to grow exponentially.

How Kubernetes Adoption is Shifting with COVID

When COVID hit, organizations that use Kubernetes and a DevOps approach were able to quickly adapt customer-facing applications to meet changing requirements. Their teams were able to quickly respond to the new needs, along with the additional scalability requirements. According to a May 13 report from analysts at Gartner, Worldwide IT spending in 2020 is projected to be down 8% from 2019 in response to COVID-forced budget cuts; however, spending on public cloud services is expected to grow 19% this year. A quick Google search will result in dozens of articles outlining how COVID has accelerated adoption.

When Kubernetes is utilized for projects that need to scale, it delivers, which is why we haven't heard of a lot of issues from companies that saw sudden spikes in usage, such as gaming and large delivery services. Properly architected Kubernetes-based applications can handle massive volume, and they can immediately scale when hosted in the public cloud.

However, Kubernetes comes with its own challenges, and adoption requires new processes, tools and a shift in job roles. Operating a cloud-native environment with thousands of hosts and services requires a fundamentally different approach than running a handful of monolithic applications on virtual machines. Containers are black boxes that work well as application building blocks but obstruct visibility for traditional security and monitoring tools. As organizations deploy business-critical applications using Kubernetes, they need to ensure availability, security and compliance.

Securing Kubernetes Requires a "Shift Left" Approach

Until recently, the security team was seen as a "gate," the last stop, and implementing security checks was a manual step before deployment. This is fine when updates are pushed monthly, but when the cadence shifts to weekly or daily, manual security configuration and checks are not feasible. On top of that, if a vulnerability or configuration issue is identified, retroactively addressing it takes time.

Instead, you need to build security checks into the development pipeline, so issues are addressed before the container is deployed in production. By prioritizing security early and creating a shared approach across the security and development teams, you will be able to ship applications faster.
According to the 2019 Accelerate State of DevOps Report, elite DevOp teams, those seeing the most success, automate and integrate tools more frequently into their toolchains. This includes integrating production monitoring and security checks. According to Gartner analysts, "By 2021, DevSecOps practices will be embedded in 60% of rapid development teams, as opposed to 20% in 2019."

What a secure DevOps or DevSecOps approach includes:

1. Scanning for vulnerabilities in the build process: This will help to ensure you are not putting vulnerable code into production and increasing your security risk.

2. Runtime protection: Shifting left will help ensure the container is not deployed with vulnerabilities, but you also need to protect against unknown threats by detecting and preventing anomalous behavior.

3. Continuous compliance validation.: Meeting stringent compliance guidelines, such as GDPR, PCI-DSS and HIPAA can be complex in fast-changing container environments. By mapping regulations and policies to specific controls, you can automate checks during the build and run phases of the software development lifecycle to ensure continual compliance.

4. Security monitoring: In container environments, visibility is a major challenge. You cannot secure what you cannot see. DevOps teams can leverage a single tool for monitoring to identify potential security, performance and availability issues.

5. Incident response and forensics: Capturing a detailed activity audit is critical for responding to alerts and conducting forensics investigations. You need access to detailed container activity records for a single source of truth across DevOps and security teams in order to effectively identify what happened and quickly respond.

In six short years, Kubernetes has moved from being the brainchild of three talented developers looking to create a minimally viable orchestrator to the standard platform for deploying applications in the cloud. The next stage for Kubernetes adoption will focus on maturing DevOps workflows by increasing automation, including addressing visibility and security earlier in the application lifecycle. Now, more than ever, successful companies will be defined by their ability to use Kubernetes and cloud to accelerate innovation for competitive advantage.

Loris Degioanni is CTO and Founder of Sysdig
Share this

Industry News

September 23, 2021

Shortcut, the collaborative home for modern software teams, announced new Team-to-Workflow functionality.

September 23, 2021

Portainer announced the launch of its Portainer Business Charmed Operator, allowing for seamless integration with Canonical’s Charmed Kubernetes distribution.

September 22, 2021

Parasoft announced the launch and extension of its static application security testing (SAST) and API testing platform with penetration testing, shifting security testing into developer workflows.

September 22, 2021

Synopsys announced a new partnership with The Chertoff Group, a global advisory services firm that applies security expertise, technology insights, and policy intelligence to help clients build resilient organizations, gain competitive advantage, and accelerate growth.

September 21, 2021

ShiftLeft announced that its unified code security platform, ShiftLeft CORE, is now available on the AWS Marketplace.

September 21, 2021

JFrog announced its JFrog Artifactory and JFrog Xray solutions are now accredited in Iron Bank and available via Platform One.

September 21, 2021

GitKraken acquired BigBrassBand and its popular Git Integration for Jira.

September 20, 2021

D2iQ announced version 2.0 of the D2iQ Kubernetes Platform (DKP).

September 20, 2021

Platform9 joined Intel's Open Retail Initiative (ORI) and launched a new software-defined store solution.

September 20, 2021

FireMon has acquired DisruptOps.

September 16, 2021

SnapLogic released the latest version of its new SnapLogic Flows solution.

September 16, 2021

Postman launched a new version of its API Management platform.

September 16, 2021

Progress announced its R3 2021 release of Progress Telerik and Progress Kendo UI.

September 15, 2021

Progress announced the availability of Progress Sitefinity DX 14.0.

September 15, 2021

Launchable, the intelligence platform layer for all software testing, announced their latest addition to the platform, Flaky Tests Insights (beta).