While reports may vary on the extent to which containers are now being used in production, the bottom line is that they are indeed being used by a lot of companies, and this has brought a lot of changes to the ecosystem that supports containerized environments and container technology. Like a new level or stage in a game brings new challenges and difficulties, the focus of container technology has shifted from shiny new trends and toward “whatever gets the job done.” This is mostly because given a choice between the devil you know and the devil you don’t, organizations are always going to choose what they’re familiar with over something that’s “cutting edge.”
The devil you know
One such example is SQL, which will still continue to be a buzzword even though better options exist. This is because no one wants to rewrite code to fix something that isn’t broken and organizations are too deeply invested in it already. Additionally, it’s a lot easier to get a project approved if you can just lift your existing relational database into a cloud database without any major changes to the code. This also makes it a better alternative to having employees learn a different query language for each database in the system.
KubeCon 2018, which recently took place in Seattle, had an unusually large number of vendors like CouchBase, YugaByte, CockroachDB, and MongoDB among others, that all announced their support for SQL. While there are a number of flavors of SQL to consider, a major factor driving the adoption of SQL in modern distributed databases is compatibility with business intelligence tools. What this means is it’s more convenient to write BI tools for multiple databases when they all use SQL as opposed to proprietary query languages. MongoDB, in particular, stated their SQL implementation was specially designed to support BI tools.
Container technology: Just call it infrastructure
Now while Kubernetes may have become the de-facto standard for orchestrating containers, organizations are finding value in abstracting away as much infrastructure as possible so that employees can focus on the tasks at hand. This means they’d much rather consume Kubernetes-as-a-service than have to teach all their employees Docker and Kubernetes and a bunch of other open source tools before they can actually get any work done. Moving forward into 2019, we are going to continue to see higher and higher levels of abstraction where the majority of people are going to take the easy route to “digital transformation” so as avoid any heavy lifting with regards to Kubernetes.
AWS and its dominant takeover of the cloud made it clear that most folks would much rather use a cloud platform than buy proprietary infrastructure. And 2018 made it clear that apart from working on their functions, most folks would rather have everything else done for them as well. That’s probably why there are now platforms within platforms that take care of practically everything including letting you leverage a ready-made pipeline in the form of a CI/CD service like Jenkins X or Weaveworks. AWS Lambda, GKE, and AWS Fargate are good examples of platforms that require little to no Kubernetes experience and are basically ready to use out of the box.
Servicing your microservices
Service mesh was another important buzzword of 2018 and is all about abstracting away work from your microservices. Yes, microservice applications need to handle a lot of infrastructure-related tasks themselves before they are free to perform your functions. Some of these tasks include finding service endpoints, figuring out where the service is currently running, understanding how to authenticate services, and deciding who has access. A service mesh abstracts away all these tasks and calls it infrastructure. This also makes the developer’s lives a lot easier as it provides an additional layer of flexibility and independence from services that may move from one server to another.
Istio has emerged as the leader of this segment and is an open source service mesh management tool that lets you connect, secure, control, and observe your services. This means that suppliers are now either switching to Istio or building on Istio as opposed to writing their own proprietary tools. A lot of startups are emerging in what is becoming an Istio ecosystem and though rival Linkerd just got a major makeover with a new UI, per-route metrics and service profiles, 2019 is going to see even more Istio adoption. Service-to-service communication, though infinitely more complex, is much more powerful and without a doubt the future.
This doesn’t mean Linkerd is irrelevant or anything like that, and the Linkerd community dug deep and practically rewrote its entire codebase with the latest update. According to William Morgan, CEO of Buoyant, this was so the control plane could be moved from JVM to the Go programming language, making it smaller and faster than previous iterations. Additionally, Linkerd 2.0 at its core is a “service sidecar,” running on a single service without requiring clusterwide installation. This means if you don’t have access to the whole Kubernetes cluster, you can still run Linkerd on your service and use loads of features.
Monopolizing the cloud
Last year saw some major acquisitions, the biggest of which was the IBM-Red Hat deal. Taking shortcuts seems to be the mission of the enterprise and the same way consumers would rather buy something-as-a-service instead of figuring it out from scratch, large organizations would much rather buy a successful startup than build one from scratch. This is why 2019 will definitely see further consolidation within the space and we can expect smaller players to be quickly snapped up by the top five to 10 players. Additionally, small players who want to survive in the segment will need to provide niche offerings for specific pain points like security, storage, etc.
With regards to security, in particular, KubeCon Seattle saw vendors by and large answer the call from the previous KubeCon in Copenhagen, which was “this year, it’s all about security.” Aqua Security, the leading platform provider for securing container-based and cloud-native applications, announced the integration of its platform with Datadog’s cloud monitoring and analytics platform. What this partnership translates to is real-time visibility into the security posture of cloud-native applications to Datadog users. This includes information on vulnerable images, untrusted running containers, and security anomalies.
Container security
Google also talked about container security improvements and Maya Kaczorowski, product manager, security & privacy, wrote an informative blog on Kubernetes security issues stating “Kubernetes has made huge security strides this year, and giant strides on Google Cloud.” Additionally, in order to address networking and security challenges in Kubernetes environments, Arista teamed with Red Hat and Tigera to demonstrate an integrated service that will be available in 2019. The service is supposed to bring a zero-trust security model to Kubernetes containers and features the ability to monitor data-flow logs for security-policy violations as well as other anomalies.
A shift in container technology focus
As we can see, 2018 saw a major shift in container technology focus from containers and their trendy promises of portability to the more boring but better idea of actually getting all the bits and pieces together that make things work. It’s also established Kubernetes as a standard for container orchestration but shown us clearly that Kubernetes needs a lot of help to achieve the end game. With abstraction of infrastructure, the new mantra of the enterprise, the end game in container technology is probably a serverless experience with options to customize if and when required.
Featured image: Wikimedia
