Cloud Native / Development / Security / Sponsored

KubeCon Recap: What’s Next for Cloud Native Computing?

11 Nov 2021 8:00am, by
Alex Williams

What’s next in cloud native computing? At the recent KubeCon+CloudNativeCon in Los Angeles last month, we had a chance to talk to Chris Aniszczyk, chief technology officer at the Cloud Native Computing Foundation (CNCF), who had a little perspective of his own. Watch our recap here, which is followed by a lightly-edited transcript of the video:

There are three main themes that Aniszczyk brings up in his conversation. One is the Rust programming language and WebAssembly. Two is cloud-based integrated development environments (“Cloud IDEs“). The third is security, particularly software supply chain security.

Alex Williams (host): Now, Rustlang, a language that is getting popular, we’re been writing about it a lot. And apparently a lot of new projects at the CNCF are using Rust. What does that say about the ecosystem?

Chris Aniszczyk: I’m seeing a trend of Rust becoming a lot more commonplace in projects. Part of that is also related to WebAssembly these days and a lot of the core WebAssembly community. There’s a lot of Rust there. And so that I think just naturally brings it into to CNCF.

Williams: Let’s just take a few projects. For example, Project Akri from Microsoft Labs is a device  discovery technology that is written in Rust. parsec is also written in Rust.

It’s described as a platform abstraction for security that provides an API to hardware security and cryptographic services. Krustlet, also written in Rust, is a Kubernetes Kubelet for running WebAssembly.

WebAssembly came out of Mozilla for sandboxing tabs in the browser. Today, WebAssembly is often used with Rust. WASM, as it is well known, is popular, as there’s not been a runtime like it seen before.

Now it’s getting adopted to adapt to cloud native environments through projects such as WASI, which is a system interface to run WebAssembly outside the web.

Aniszczyk: It is a very stripped-down runtime that could support multiple languages, and it’s very lightweight and runs in very constrained environments, something that we haven’t really had before. This is the first time we have something that’s lightweight, and very secure by default.

Williams: Cloud native IDEs: There’s a general trend of shifting toward code doing the work for us, whether it’s configuration management, security. It’s shifting, it’s all getting moved closer to where developers are doing their work.

GitOps, for example, defines the configuration of an application, which then gets reconciled by services such as Flux or Argo. This move is also evident in developer environments with things like GitHub Codespaces, and Gitpod.

“The whole trend here is a lot of the stuff is just shifting closer to where a developer does their normal programming.”
—Chris Aniszczyk, CTO, Cloud Native Computing Foundation

Aniszczyk: Amazing. It’s like living the dream. You know, I spent a lot of years working on developer tools, things such as Eclipse a long time ago, but being able to have a development environment that’s already pre-built, loaded with something that you could share as a reusable artifact across other teams and other developers is just awesome.

But the whole trend here is a lot of the stuff is just shifting closer to where a developer does their normal programming.

Williams: Security! Cloud native security is arguably the hottest topic that points to what is next in the cloud native world. There were so many cloud native security startups at KubeCon.

The popularity of Rust is a testament to this new interest. And the number of projects that we’re seeing increasingly have a security focus. You only have to look at Open Policy Agent to see that. And if you looked at the pre-conference events, almost every one touched on security topics.

Aniszczyk: It’s a way of having development environment consistency. And, also, it’s potentially more secure. You don’t need to actually check everything out locally, get it all tweaked.

You actually provision a development environment live from the cloud. I think a lot of companies are going to favor that approach because it’s more secure if they could lock it down. So I think that’s the big change you’ll see.

Williams: In conclusion let’s just review those three again. We have Rust, the programming language; cloud based IDEs; and security. What comes next, GitHub Actions? Is that a sign of things to come? Is a fully programmable world upon us? Are the machines gonna do the programming for us? You can just feed all those configurations into a neural net, right?

Aniszczyk: Exactly, [GitHub] Copilot-style. You got your provisioned IDEs and you get a little robot friend to go write most of your stuff that you need to get done throughout the day. It’s great. Stay tuned.

Listen to the full interview here.