Why Kubernetes Rises High…and Why Complexity May Be Its Downfall, Edge

Kubernetes is popping up everywhere this year and should now be a very bright spot on the radar of digital service providers (DSPs). Whatever roles and alliances are forming at the bustling intersection of 5G, cloud, edge, and enterprise networks, it’s now clear that Kubernetes will likely play a huge role in how applications and the way they are used are changing. This, in turn, means that telcos aspiring to “go beyond connectivity” need to consider what appears to be the primary means of delivering these manageable and secure applications to users through platforms and devices. containers on the outskirts.

Kubernetes was originally Google’s container orchestration platform, allowing it to horizontally scale its applications to ensure availability. Google Cloud claims that Kubernetes’ mission was, and is, “to automate the operational tasks of container management, and it includes built-in commands to deploy applications, deploy changes, adapt them to changing needs, and monitor for ease of management.”

Google “open sourced” the code in 2014 and it is now developed and administered by the Cloud Native Computing Foundation (CNCF). CNCF says its research shows a sign of growing Kubernetes adoption is how quickly back-end developers have made it the most widely used orchestration platform, about a third of them l having adopted.

According to Daniel Bartholomew, founder and CTO of the specialized section “edge-as-a-service”, the discovery should not come as a surprise. Writing an article in Thenewstack – which is sponsored by the CNCF – he explains why he thinks edge developers in particular are embracing Kubernetes (or K8s as it’s called – eight letters in the name after ‘K’ and before ‘s’) after chalking up an 11% increase in adoption over the past year. For context, Bartholomew says the level of new adoption is three times the overall increase in developers.

Why so popular?

Bartholomew maintains that the key is that “containers’ lightweight portability makes them well suited for distribution, while their abstractness means they can be deployed across heterogeneous computing networks.” Kubernetes provides the essential orchestration to coordinate the “multi-regional, multi-cluster, multi-vendor distributed topology” that is increasingly the norm.

So the industry and its users seem to be embracing Kubernetes, and the developers, being a brilliant bunch, have felt the way the wind is blowing and are getting familiar with Kubernetes to be within reach as the industry scrambles to find the expertise needed.

But it’s not all unfettered growth and sunny highlands. According to Red Hat and others, Kubernetes, as currently deployed, has a supposed downside in terms of complexity and security. Red Hat says its OpenShift 4.10 application platform was actually built around containers and Kubernetes, but it says deployment is difficult and much of the problem centers around security.

Its 2022 Kubernetes Security Status Report, compiled from responses from 300 DevOps, engineering, and security professionals, found that 55% of respondents said they had to delay the launch of Kubernetes. an application in the past year due to security issues, with over 90% reporting at least one security incident in their Kubernetes environment in the last 12 months.

The report concludes that Kubernetes and containers, while powerful, were often designed for developer productivity at the expense of security. Respondents said they were much more worried about misconfigurations in their container and Kubernetes environments than cyberattacks.

Red Hat says it’s working hard to overcome these issues by giving its OpenShift platform additional functionality: at the top of the list is automation of configuration management, which it says should drastically reduce the impact of human error. And it decided to open source its Advanced Cluster Security (ACS) for Kubernetes, acquired last year through its acquisition of StackRox. Red Hat says the StackRox project aims to simplify DevSecOps (DevOps with security built in) by integrating security features into the development and deployment cycle.

Center of complexity

But the complexity issue may be deeper than this fix might imply. According to Bartholomew, security is threatened where complexity begins to spiral out of control.

What happens, he asks, when you have an evolving and growing “distributed edge” with its hundreds of endpoints, with different microservices served from different edge locations at different times, running on a heterogeneous infrastructure and a multiplicity of different suppliers?

On top of that, there is significant developer specialization which compounds the problem, as engineers tend to become extremely proficient in specific areas where they focus on higher-level languages, tools, and applications. When you add a specialization in machine learning, you end up with teams skilled in pushing models into production, but with little expertise in application, hardware, and network interactions to troubleshoot issues when they arise.

This could mean that some potential users of the distributed edge are “turning away” from the approach. But right now, interest in Kubernetes seems to have solidified, and user growth and industry support are strong and growing.

For example, Microsoft says it’s looking to enable Kubernetes for “thin Windows Edge devices,” powering containerized Linux and Windows workloads: Details of this decision – known as Project Haven – were discussed at the Microsoft’s recent “Build 2022” event. We will discuss the MS movement in our next K8 article.

Sharon D. Cole