6 Years Later: How Kubernetes Revolutionized How We Use the Cloud
July 15, 2020

Loris Degioanni
Sysdig

Kubernetes had a birthday last month and while it's odd to wish happy birthday to software, I do feel that we need to pay homage. In its six years of "life," Kubernetes has revolutionized how we build, and deliver applications.


When organizations first began the march to the cloud, it was to save time and avoid large capital outlays, but it came at the expense of vendor lock-in. Others stayed away because scaling infrastructure and applications in the cloud was anything but effortless. The introduction of Kubernetes upended what is possible in the cloud, along with conventional roles and processes.

The Benefits of Kubernetes

Kubernetes' emergence over the last six years as the de facto operating system has given companies the gift of speed and agility. Kubernetes has made it easier to create and manage application components based on containers, link services, automate scale and failover, and tear containers once they outlive their usefulness. Developers are realizing new features and applications in days. Before it would take weeks, months, or even years. By making small improvements continually, organizations can speed innovation and reduce risk.

A recent survey from VMware found that 95% of people have seen clear benefits since adopting Kubernetes, with 56% of respondents noting utilization as a top Kubernetes benefit, along with 53% recognizing shorter software development cycles. Additional benefits recognized in the survey include containerizing monolithic applications, enabling a move to the cloud and reducing public cloud costs.

And these advantages are being realized with increased adoption. In December 2019, a survey by the Cloud Native Computing Foundation found that four out of every 10 enterprise companies (companies with 5,000+ employees) were running Kubernetes in production environments. Even more have tiger teams testing Kubernetes in development stages. Since COVID, the number is expected to grow exponentially.

How Kubernetes Adoption is Shifting with COVID

When COVID hit, organizations that use Kubernetes and a DevOps approach were able to quickly adapt customer-facing applications to meet changing requirements. Their teams were able to quickly respond to the new needs, along with the additional scalability requirements. According to a May 13 report from analysts at Gartner, Worldwide IT spending in 2020 is projected to be down 8% from 2019 in response to COVID-forced budget cuts; however, spending on public cloud services is expected to grow 19% this year. A quick Google search will result in dozens of articles outlining how COVID has accelerated adoption.

When Kubernetes is utilized for projects that need to scale, it delivers, which is why we haven't heard of a lot of issues from companies that saw sudden spikes in usage, such as gaming and large delivery services. Properly architected Kubernetes-based applications can handle massive volume, and they can immediately scale when hosted in the public cloud.

However, Kubernetes comes with its own challenges, and adoption requires new processes, tools and a shift in job roles. Operating a cloud-native environment with thousands of hosts and services requires a fundamentally different approach than running a handful of monolithic applications on virtual machines. Containers are black boxes that work well as application building blocks but obstruct visibility for traditional security and monitoring tools. As organizations deploy business-critical applications using Kubernetes, they need to ensure availability, security and compliance.

Securing Kubernetes Requires a "Shift Left" Approach

Until recently, the security team was seen as a "gate," the last stop, and implementing security checks was a manual step before deployment. This is fine when updates are pushed monthly, but when the cadence shifts to weekly or daily, manual security configuration and checks are not feasible. On top of that, if a vulnerability or configuration issue is identified, retroactively addressing it takes time.

Instead, you need to build security checks into the development pipeline, so issues are addressed before the container is deployed in production. By prioritizing security early and creating a shared approach across the security and development teams, you will be able to ship applications faster.
According to the 2019 Accelerate State of DevOps Report, elite DevOp teams, those seeing the most success, automate and integrate tools more frequently into their toolchains. This includes integrating production monitoring and security checks. According to Gartner analysts, "By 2021, DevSecOps practices will be embedded in 60% of rapid development teams, as opposed to 20% in 2019."

What a secure DevOps or DevSecOps approach includes:

1. Scanning for vulnerabilities in the build process: This will help to ensure you are not putting vulnerable code into production and increasing your security risk.

2. Runtime protection: Shifting left will help ensure the container is not deployed with vulnerabilities, but you also need to protect against unknown threats by detecting and preventing anomalous behavior.

3. Continuous compliance validation.: Meeting stringent compliance guidelines, such as GDPR, PCI-DSS and HIPAA can be complex in fast-changing container environments. By mapping regulations and policies to specific controls, you can automate checks during the build and run phases of the software development lifecycle to ensure continual compliance.

4. Security monitoring: In container environments, visibility is a major challenge. You cannot secure what you cannot see. DevOps teams can leverage a single tool for monitoring to identify potential security, performance and availability issues.

5. Incident response and forensics: Capturing a detailed activity audit is critical for responding to alerts and conducting forensics investigations. You need access to detailed container activity records for a single source of truth across DevOps and security teams in order to effectively identify what happened and quickly respond.

In six short years, Kubernetes has moved from being the brainchild of three talented developers looking to create a minimally viable orchestrator to the standard platform for deploying applications in the cloud. The next stage for Kubernetes adoption will focus on maturing DevOps workflows by increasing automation, including addressing visibility and security earlier in the application lifecycle. Now, more than ever, successful companies will be defined by their ability to use Kubernetes and cloud to accelerate innovation for competitive advantage.

Loris Degioanni is CTO and Founder of Sysdig
Share this

Industry News

March 28, 2024

Check Point® Software Technologies Ltd. announced a collaboration with Microsoft that utilizes the Microsoft Azure OpenAI Service to enhance Check Point Infinity AI Copilot, marking a significant advancement in cyber security AI applications.

March 28, 2024

ArmorCode announced ArmorCode Risk Prioritization, providing a 3D scoring approach for managing application security risks.

March 28, 2024

AppViewX and Fortanix announced a partnership to offer cloud-delivered secure digital identity management and code signing.

March 27, 2024

WaveMaker has updated its platform in response to customer demand for more sophisticated API and code management tools.

March 27, 2024

Vercara announced the launch of UltraAPI™, a product suite that protects APIs and web applications from malicious bots and fraudulent activity while ensuring regulatory compliance.

March 27, 2024

Legit Security announced the launch of its standalone enterprise secrets scanning product, which can detect, remediate, and prevent secrets exposure across the software development pipeline.

March 26, 2024

Progress announced a strategic partnership with Veeam® Software, the #1 leader by market share in Data Protection and Ransomware Recovery, to provide customers with an enterprise-ready cyber defense solution that strengthens the security of their business-critical data.

March 26, 2024

GitGuardian released its Software Composition Analysis (SCA) module.

March 26, 2024

DataStax announced a milestone in its journey to simplify enterprise retrieval-augmented generation (RAG) for developers by integrating with Microsoft Semantic Kernel.

March 25, 2024

Check Point® Software Technologies Ltd. is collaborating with NVIDIA to enhance the security of AI cloud infrastructure. Integrating NVIDIA BlueField DPUs, which feature a broad range of purpose-built, innovative security capabilities, the new Check Point AI Cloud Protect solution will help prevent threats at both the network and host levels.

March 25, 2024

Sentry announced the release of Autofix, an AI-powered feature to debug and fix code in minutes, saving important time and resources.

March 25, 2024

Apiiro announced a product integration and partnership with Secure Code Warrior, the agile developer security training platform, to extend its ASPM technology and processes to the people layer.

March 21, 2024

Progress announced that Progress® Semaphore™, its metadata management and semantic AI platform, was named a Champion in SoftwareReviews’ 2024 Metadata Management Emotional Footprint Awards.

March 21, 2024

The Cloud Native Computing Foundation® (CNCF®) has partnered with Udemy, an online skills marketplace and learning platform.

March 21, 2024

GitLab has acquired Oxeye, the provider of a cloud-native application security and risk management solution.