Using containers for development has become the rule, not the exception. The Cloud Native Computing Foundation (CNCF) has been tracking the uses of containers and Kubernetes in production. In 2020, CNCF reported use of containers increased to 92 percent, up from 84 percent in 2019, and representing a 300 percent increase since its first related survey in 2016. Similarly, Kubernetes use has grown to 83 percent, up from 78 percent from the previous survey.
Although mass migration to containers and management with Kubernetes is undeniable, it’s still new to many teams and can present challenges to developers, administrators and operators. Tushar Katarki, Senior Manager, Red Hat OpenShift Product Management, shares his insights on what’s driving growth, how to overcome challenges your team may face and best practices to make a part of your processes.
What’s driving the growth of container architecture and Kubernetes?
Katarki: Enterprises seek to empower application developers, data scientists, data analysts and other stakeholders to drive new applications and services fast. To achieve this, they need a self-service, cloud-like experience on any infrastructure or cloud using tools and technologies of their choice. Furthermore, they want to do it in an open-source environment with mostly Linux.
Kubernetes and containers are the fundamental and foundational building blocks for the above.
What are some of the challenges that developers have as they build solutions that will be managed via Kubernetes?
Katarki: Challenges include:
- The technology learning curve. Containers and Kubernetes and the toolchain to build, package and distribute run applications/services are new. While all for the better, there is a learning curve.
- Kubernetes, while very powerful and at the core of any developer (and DevOps) platform, does not have all the tools and capabilities that a developer needs to build and deliver application services in a continuous (CI/CD) way. Kubernetes requires augmentation of other open-source tools and technologies, and this can be a complex and ever-changing arena to navigate.
- Security and compliance for applications (and the data that it depends on) is an ongoing concern. While Kubernetes itself is secure, it again needs to be augmented (see above). Therefore a more comprehensive approach to end-to-end security that extends beyond the traditional boundary of containers and Kubernetes is needed. Most developers do not have the expertise or access to this.
Why is using open-standards important?
Katarki: Open source is how innovation is happening today. The most modern languages (Java, Go, Python), operating systems (Linux) and tools (Git and Docker) are all based on open source. It also helps bring together and maintain passionate and enthusiastic, and self-sustaining communities that can, therefore, help with the continuous improvement and endurance of technology.
In addition, it is well established that open-source software is more secure (than proprietary types), and open standards allow interfacing with partners to deliver solutions to customers far more easily, efficiently and faster.
Open standards also protect against de facto and de jure lock-ins, and it is an insurance against all kinds of improprieties (obsolescence, leverage).
What are some of the challenges administrators and operators face with Kubernetes?
Katarki: There are several:
- Designing, planning, right-sizing, and implementing a Kubernetes environment
- Providing high availability and disaster recovery
- Securing the Kubernetes environment in compliance with industry standards
- Managing and sharing cluster resources among users (developers) and applications
- Providing networking, storage, monitoring, logging and other day-two services
- Managing the lifecycle of Kubernetes clusters and the applications running on it – as well as managing all of this across multiple Kubernetes clusters that can be on more than one infrastructure, cloud or at the edge (hybrid cloud)
Are there best practices for testing this type of solution?
Katarki: The best way is an end-to-end approach that includes how developers develop code, how they test, and how it gets integrated and deployed in an automated fashion with controls to the so-called CI/CD and GitOps approach. This allows for continuous change and continuous improvement and response to business needs is the best practice. Keeping in mind that security and business continuity have to be considered through this approach.
How can developers ensure they are developing secure solutions?
Katarki: Developers need the ability to choose from trusted and secure content (all the way from the kernel to userspace to libraries and languages and runtimes) and being able to deploy this trusted content to production with the ability to monitor and change continuously. This whole thing has been recently referred to as the DevSecOps approach to application development and deployment.
Katarki invites you to check out the Red Hat developer program and Red Hat Open Shift, an enterprise-ready Kubernetes container platform with full-stack automated operations to manage hybrid cloud, multicloud and edge environments. Red Hat OpenShift 4.6 includes updates for building out the modern open hybrid cloud with edge component updates, event-driven apps through OpenShift Serverless and integration of Quarkus, Red Hat’s Kubernetes-native Java framework. Red Hat OpenShift also has a rich ecosystem of an open-source community and ISV partners.