6 Years Later: How Kubernetes Revolutionized How We Use the Cloud
July 15, 2020

Loris Degioanni
Sysdig

Kubernetes had a birthday last month and while it's odd to wish happy birthday to software, I do feel that we need to pay homage. In its six years of "life," Kubernetes has revolutionized how we build, and deliver applications.


When organizations first began the march to the cloud, it was to save time and avoid large capital outlays, but it came at the expense of vendor lock-in. Others stayed away because scaling infrastructure and applications in the cloud was anything but effortless. The introduction of Kubernetes upended what is possible in the cloud, along with conventional roles and processes.

The Benefits of Kubernetes

Kubernetes' emergence over the last six years as the de facto operating system has given companies the gift of speed and agility. Kubernetes has made it easier to create and manage application components based on containers, link services, automate scale and failover, and tear containers once they outlive their usefulness. Developers are realizing new features and applications in days. Before it would take weeks, months, or even years. By making small improvements continually, organizations can speed innovation and reduce risk.

A recent survey from VMware found that 95% of people have seen clear benefits since adopting Kubernetes, with 56% of respondents noting utilization as a top Kubernetes benefit, along with 53% recognizing shorter software development cycles. Additional benefits recognized in the survey include containerizing monolithic applications, enabling a move to the cloud and reducing public cloud costs.

And these advantages are being realized with increased adoption. In December 2019, a survey by the Cloud Native Computing Foundation found that four out of every 10 enterprise companies (companies with 5,000+ employees) were running Kubernetes in production environments. Even more have tiger teams testing Kubernetes in development stages. Since COVID, the number is expected to grow exponentially.

How Kubernetes Adoption is Shifting with COVID

When COVID hit, organizations that use Kubernetes and a DevOps approach were able to quickly adapt customer-facing applications to meet changing requirements. Their teams were able to quickly respond to the new needs, along with the additional scalability requirements. According to a May 13 report from analysts at Gartner, Worldwide IT spending in 2020 is projected to be down 8% from 2019 in response to COVID-forced budget cuts; however, spending on public cloud services is expected to grow 19% this year. A quick Google search will result in dozens of articles outlining how COVID has accelerated adoption.

When Kubernetes is utilized for projects that need to scale, it delivers, which is why we haven't heard of a lot of issues from companies that saw sudden spikes in usage, such as gaming and large delivery services. Properly architected Kubernetes-based applications can handle massive volume, and they can immediately scale when hosted in the public cloud.

However, Kubernetes comes with its own challenges, and adoption requires new processes, tools and a shift in job roles. Operating a cloud-native environment with thousands of hosts and services requires a fundamentally different approach than running a handful of monolithic applications on virtual machines. Containers are black boxes that work well as application building blocks but obstruct visibility for traditional security and monitoring tools. As organizations deploy business-critical applications using Kubernetes, they need to ensure availability, security and compliance.

Securing Kubernetes Requires a "Shift Left" Approach

Until recently, the security team was seen as a "gate," the last stop, and implementing security checks was a manual step before deployment. This is fine when updates are pushed monthly, but when the cadence shifts to weekly or daily, manual security configuration and checks are not feasible. On top of that, if a vulnerability or configuration issue is identified, retroactively addressing it takes time.

Instead, you need to build security checks into the development pipeline, so issues are addressed before the container is deployed in production. By prioritizing security early and creating a shared approach across the security and development teams, you will be able to ship applications faster.
According to the 2019 Accelerate State of DevOps Report, elite DevOp teams, those seeing the most success, automate and integrate tools more frequently into their toolchains. This includes integrating production monitoring and security checks. According to Gartner analysts, "By 2021, DevSecOps practices will be embedded in 60% of rapid development teams, as opposed to 20% in 2019."

What a secure DevOps or DevSecOps approach includes:

1. Scanning for vulnerabilities in the build process: This will help to ensure you are not putting vulnerable code into production and increasing your security risk.

2. Runtime protection: Shifting left will help ensure the container is not deployed with vulnerabilities, but you also need to protect against unknown threats by detecting and preventing anomalous behavior.

3. Continuous compliance validation.: Meeting stringent compliance guidelines, such as GDPR, PCI-DSS and HIPAA can be complex in fast-changing container environments. By mapping regulations and policies to specific controls, you can automate checks during the build and run phases of the software development lifecycle to ensure continual compliance.

4. Security monitoring: In container environments, visibility is a major challenge. You cannot secure what you cannot see. DevOps teams can leverage a single tool for monitoring to identify potential security, performance and availability issues.

5. Incident response and forensics: Capturing a detailed activity audit is critical for responding to alerts and conducting forensics investigations. You need access to detailed container activity records for a single source of truth across DevOps and security teams in order to effectively identify what happened and quickly respond.

In six short years, Kubernetes has moved from being the brainchild of three talented developers looking to create a minimally viable orchestrator to the standard platform for deploying applications in the cloud. The next stage for Kubernetes adoption will focus on maturing DevOps workflows by increasing automation, including addressing visibility and security earlier in the application lifecycle. Now, more than ever, successful companies will be defined by their ability to use Kubernetes and cloud to accelerate innovation for competitive advantage.

Loris Degioanni is CTO and Founder of Sysdig
Share this

Industry News

August 05, 2020

Logz.io announced a partnership with HashiCorp, a provider in multi-cloud infrastructure automation software.

August 05, 2020

Digitate, a software venture of Tata Consultancy Services, announced the release of ignio™ AI.Assurance, an autonomous assurance product that enables enterprises to deliver better software faster, enhancing their business performance.

August 05, 2020

Harness acquired self-service Continuous Integration firm Drone.io, the creator of the open-source project Drone.

August 04, 2020

Aqua Security announced that its Cloud Native Security Platform is available through Red Hat® Marketplace, an open cloud marketplace that makes it easier to discover and access certified software for container-based environments across the hybrid cloud.

August 04, 2020

Threat Stack announced the availability of Threat Stack Container Security Monitoring for AWS Fargate.

August 04, 2020

OpenLogic by Perforce now provides an enterprise-class alternative to Oracle Java by offering OpenJDK distributions backed by OpenLogic support.

August 03, 2020

MuseDev launched on Github Marketplace the Early Access version of its code analysis platform, Muse, to help developers find and fix critical security, performance, and reliability bugs, efficiently, before they reach QA or production.

August 03, 2020

Styra announced Rego Policy Builder for the Styra Declarative Authorization Service (DAS).

August 03, 2020

Felicis Ventures has invested an additional $5M in Sourcegraph, bringing the total raised to over $46M, including a $23M Series B in March 2020 led by Craft Ventures.

July 30, 2020

New Relic delivered strategic updates to New Relic One.

July 30, 2020

IT Revolution announced the DevOps Enterprise Summit Las Vegas 2020 will be going virtual.

July 30, 2020

Adaptavist announced the acquisition of Go2Group, a US technology firm specializing in Agile and DevOps services and cloud solutions for the enterprise.

July 29, 2020

Panaya announced a new partnership with Worksoft providing SAP IT organizations with a best in class Change Intelligence solution that enables SAP ECC users to migrate or optimize their system risk-free.

July 29, 2020

Splice Machine launched the Splice Machine Kubernetes Ops Center, deployed with Helm Charts.

July 29, 2020

CirrusHQ, an Amazon Web Services (AWS) Advanced Consulting and Solution Provider partner, has achieved AWS DevOps Competency Status.