All things Kubernetes: What you’re missing at KubeCon this week
This week, throngs of cloud-native computing fans were set to descend on Amsterdam for KubeCon, the Cloud Native Computing Foundation’s conference for all things Kubernetes.
Alas, like so many other conferences, the CNCF decided to postpone KubeCon. But that doesn’t mean I can’t still write about the highlights of the show in this article. It just means that everyone involved had to participate in the briefings from home.
I winnowed down 75 or so exhibitors to a dozen highlights, and spoke with their leadership to gain insight into the innovations they’re bringing to market. What I didn’t hear: any pullback as a result of the coronavirus or impending economic downturn. All of these companies are pedal to the metal.
Here’s my take on the first half of the list:
Aiven: fully managed data cloud
Aiven addresses the challenge of implementing complex data pipelines by leveraging open-source technologies in multi-cloud environments.
Take your pick of open-source data infrastructure, including Kafka, PostgreSQL, Elasticsearch, Cassandra, Grafana and others. Then choose whatever mix of the three main public clouds you prefer.
Aiven will then provide you with a fully managed “data cloud” that ensures resilience, compliance and security – without having to set up, configure and integrate each of the packages individually.
Anchore: security for Docker images
Anchore offers DevSecOps for containers, shifting security “to the left” of the microservices development lifecycle in a Kubernetes environment.
Unlike source code scanning products that purport to shift security leftward, Anchore doesn’t deal with source code. Instead, it works directly with the declarative Docker images that cloud-native developers use to specify how to deploy microservices and containers.
Anchore scans all aspects of these images, including specifications of the file system, network, build environment and all other relevant metadata. It applies policy constraints to the images and then enforces those policies at runtime – an essential aspect of what we call intent-based computing.
Decipher Technology: hybrid service mesh platform
Decipher Technology Studios offers Grey Matter, its hybrid mesh platform. Grey Matter leverages the popular Envoy open-source proxy to create service meshes that work both with greenfield and brownfield applications.
At their core, service meshes abstract underlying network issues for Kubernetes, including ingress, egress, routing and traffic control. Grey Matter offers these abstractions for public cloud and on-premises environments, whether they be running Kubernetes or not.
Decipher also balances the need to suppress the complexity of Kubernetes integration while giving operators the ability to configure granular policies if necessary. The platform also can enforce network policies out of process in order to avoid adding any latency.
Kaloom: cloud-native data center fabric for edge computing
Kaloom covers the full gamut of edge computing from the “internet of thing” and artificial intelligence to 5G with its programmable, automated edge data center fabric. Following cloud-native principles, Kaloom abstracts endpoints across enterprise and telco core networks, edge and access networks, and device endpoints.
Kaloom essentially makes good on the promise of the failed telco Virtual Network Functions or VNFs by supporting the analogous Cloud-Native Network Functions or CNFs that leverage Kubernetes to provide a coherent, high-performance network abstraction that supports both 5G rollouts as well as AI-centric edge applications, including IoT.
Kong: API platform and service mesh for distributed interface governance
Kong bills itself as a next-generation application programming interface platform for multicloud and hybrid organizations, but in fact, that description is an oversimplification. The missing piece: Kong’s open-source service mesh offering, Kuma.
Conventional wisdom states that API platforms (aka API gateways) handle “north-south” communications (that is, between applications and endpoints external to those applications), while service meshes deal with “east-west” interactions (between microservices within the same environment).
In reality, the distinction between these two use cases is blurry. The difference between north-south and east-west should more be a matter of configurable policy than any hard-coded rules.
Kong has actually implemented its Service Control Platform with this distinction in mind. True, Kong serves as a distributed API gateway that governs the ephemerality of microservices endpoints natively. In addition, with the addition of Kuma, Kong extends this distributed interface governance to all points of the compass.
Loodse: automating kubernetes cluster provisioning and operations at scale
Loodse is the brains behind the open-source Kubermatic Kubernetes platform. Kubermatic automates the operation of hundreds or even thousands of Kubernetes clusters across multicloud, on-premises and edge environments.
Kubermatic supports different levels of automation, starting with partial automation in support of human operation, eventually leading to full, lights-out automation of multiple geographically distributed Kubernetes clusters.
Kubermatic works across all cloud environments and automates provisioning activities as well as operations in production. It also can enforce “enterprise blueprints,” which are governance constraints that align with business intent following the principles of intent-based computing.
Loodse built Kubermatic around the Kubernetes operator pattern following cloud-native computing best practices.
The common theme across these six providers is enterprise centricity leveraging open-source technology. True, many of them drive open-source projects, and they all take advantage of open source technologies, but they all have commercial enterprise offerings that build upon open-source value propositions to address enterprise-centric requirements such as compliance, security and massive scale.
The old joke about open source is that it’s like buying a car kit that comes with all the parts, but you have to assemble the car. The alternative is to purchase the finished vehicle, but then you have to pick one that the manufacturer has prebuilt.
With the increased maturity of the open-source community combined with the cloud-native world’s intentional dependence on open source, enterprises are finding they are able to choose a third option: a combination of open-source technologies with all the enterprise-class bells and whistles, without having to sacrifice the flexibility that open source has always offered. The companies here exemplify this enterprise value proposition.
Jason Bloomberg is founder and president of the analyst firm Intellyx, which advises companies on their digital transformation initiatives and helps suppliers communicate their agility stories. None of the organizations mentioned in this article is an Intellyx customer.