Of course, no one really knows what will happen in the future. After two years of an unexpected global pandemic, and the subsequent great resignation, this is a reality we’ve all learned to appreciate. We know the pandemic put a lot more revenue in the pockets of leading cloud providers, while also accelerating the transformation of traditional enterprise technology. And as a result, enterprises will surely continue their move into cloud native applications to meet their competitive challenges and goals. But what else is on the horizon for technical innovations and Kubernetes adoption?Predictions are fun, so we asked some of our own experts here at Fairwinds—Kendall Miller, Andy Suderman, Joe Pelletier, Robert Brennan and Ivan Fetch—to share some of their thoughts and perspectives on how Kubernetes technology and service ownership will likely evolve over the next year—and what we can expect to see as a result.
As CEO and customer liaison, I see one big theme on the horizon, one that will surely generate action in the coming year—namely, the ongoing need for heightened cybersecurity. On the topic of CVEs, it’s interesting to see recent mandate orders by the Biden Administration for nearly all federal agencies to patch hundreds of existing security vulnerabilities. It is a move that can’t come soon enough, as evidenced by the latest vulnerability of note involving log4j, a widely used open source component.
Supply chains in general have certainly been a hot topic in 2021, with notable disruptions in physical supply chains causing shortages and inflationary price pressure. Within the software supply chain, security has been a concern at various moments throughout 2021, but we are sure to see more attention paid to it as the new year evolves. The goal will be for organizations to improve their methods for reducing risk, avoiding disruptions and finding superior enterprise adaptability, including the need for increased hardening, resilience and compliance.
Kendall Miller, President
2022 is going to be the year of all things eBPF. Think kernel level controls for observability, tracing, security and network monitoring as driving themes. With origins in the Linux kernel, eBPF (Extended Berkeley Packet Filter) can extend the capabilities of the kernel without changing source code or load kernel modules. We will likely see long-time players in the Kubernetes space making big headway as the term “eBPF” becomes more familiar—and people begin to understand the power of this technology. As Kubernetes continues to become the de facto standard for container orchestration, and the basis for all future cloud infrastructure, continuing integration will be fundamental to achieving this reality.
Andy Suderman, Director of R&D and Technology
As a way to handle Kubernetes cluster management and application delivery, GitOps is likely to become a more common standard for workflows. GitOps works by using Git as a single source of truth for infrastructure and applications. With Git at the center of delivery pipelines, developers can use familiar tools to make pull requests, thereby accelerating and simplifying both application deployments and operations tasks in Kubernetes. Furthermore, cluster life cycle—upgrades and addon management—will surely see big improvements from third-party solutions.
Joe Pelletier, VP of Strategy
After catching up with the sales team recently, it’s clear that more Platform Engineering/Operations teams running Kubernetes will be looking to enable developers with feedback and best practices. As a key tenet of full service ownership, the desire to eliminate friction and enhance collaboration among teams—which drives both innovation and business—remains top of mind. As companies move to embrace Kubernetes across multiple teams, they will likely discover the need for more effective guardrails and feedback loops for developers.
Robert Brennan, Director of Open Source Software
Because developers are expected to understand how their applications run in Kubernetes, full service ownership will remain an important theme to watch in 2022. Responsibility for things like health checks and resource sizing will continue to shift left towards development teams, following in the footsteps of the DevSecOps principles. Also, addon management will likely come to the forefront, as folks begin deploying more third-party tooling like nginx-ingress, cert-manager, Istio, Kubeflow and other tools into Kubernetes.
Ivan Fetch, Software Engineer
The increasing use of distributed systems like Kubernetes makes distilling alerts into core findings ultra-important. For example, “These 100 apps have 15 container vulnerabilities” becomes something like, “Update this base image to address these 15 container vulnerabilities impacting these 100 apps.”
Teams will end up caring more about runtime analysis of Kube-hosted apps, which help track new issues since the last deployment and bad behavior resulting from things like misconfiguration or cyberattack. When a runtime issue is detected, teams will consider using more automation to mitigate risk and wasted time.
It’s not enough to understand what’s coming. You need to tackle your most pressing priorities—and quickly—to shorten the distance between your innovative vision and superior business impact. Because one thing is for sure, 2022 is a year to be bold and disruptive.
Our Kubernetes governance and security platform, Fairwinds Insights, integrates an extensible set of trusted open source auditing tools to help your organization manage Kubernetes security, efficiency and reliability across the entire development life cycle, from CI to Admission to Production.
Enable your DevOps teams to find and prevent Kubernetes misconfigurations as applications move from development to production. Insights provides out-of-the-box integrations into CI/CD workflows, an admission controller for enforcing customer policies (using Polaris or Open Policy Agent) at pre-deployment and automation for running Kubernetes auditing tools. Findings and recommendations are stored in a single location, enabling operators to gain visibility and control over multiple clusters, track and prioritize issues and effectively monitor the security and cost of Kubernetes workloads.