KubeCon+CloudNativeCon sponsored this podcast.
Most DevOps teams would certainly welcome a single policy, framework and process they could rely on across their respective organizations’ entire Kubernetes stack. But while the open policy agent (OPA) was initiated with the goal of decoupling “policy from the service’s code so you can release, analyze, and review policies,” we are still far from the day when Kubernetes adoption and management will require little or no support. This means DevOps teams can thus expect to continue selecting from different toolsets and platforms to set the applicable policies and security controls for cloud native deployments for a long while ahead.
In this The New Stack Makers livestream podcast recorded ahead of KubeCon + CloudNativeCon, founder and publisher Alex Williams and managing editor Joab Jackson hosted a roundtable discussion covering the status of cloud native adoption and its near- and long-term outlook. The guests were Rachel Stephens, an analyst for RedMonk, Steven Vaughan-Nichols, a long-time journalist for ZDNet and well-recognized Linux professional and Katie Gamanji, a cloud platform engineer for American Express and member of the CNCF Technical Oversight Committee.
As IT professionals will confirm, setting policies and security management and the tool-selection process for cloud native remains a challenge. The mere selection of the right service mesh to use can be difficult, Vaughan-Nichols explained.
“We’re getting there, but I’m not counting on being able to just flip a button and ‘tadah!’ you’ve got Kubernetes clusters running everywhere securely and you don’t have to worry about it anymore,” he said. “In other words, if you’re in DevOps or are a system administrator, you don’t have to look for another job quite yet.”
Kubernetes can be a blessing and a curse, in many ways. While its advantages and capabilities are well documented, it is often easy to lose sight of the struggles organizations face when making the shift to cloud native amid the hype.
Indeed, thanks to how Kubernetes is extensible and modular by design and how it can offer “really powerful advantages to create the kind of tool space that each individual company is looking for,” the challenges often involve “cobbling together the entire platform with all of the resources that you need in the correct configuration that you need,” said Stephens.
This “is both a challenge and a by-design nature of Kubernetes issue that we are all trying to grapple with and that extends to both the operations of the platform and then the way that we have developers using the platform,” she said. “I think, in an ideal world, we’d love to get to a state where developers don’t have to care at all about the implementation of Kubernetes and can just focus on building their own applications. But that’s another area where I don’t think we’re quite there yet.”
At this point in time, the community is seeking to improve the developer experience and Kubernetes’ interoperability principles, explained Gamanji. “So I think there are definitely a lot of new projects on the horizon, especially the ones which are actually trying to move into the incubation or graduation stage at the CNCF at the moment,” she said.
Cloud native computing today also means running applications in Kubernetes environments in the cloud, one might assume. However, cloud native in practice is not only that — indeed. As organizations increasingly deploy Kubernetes across multiple environments, including on-premises as well as for edge computing, the term applies to Kubernetes but not exclusively to the cloud.
“I love thinking about cloud native as a kind of wrapper terminology for a whole bunch of different patterns and practices that people can think about,” said Stephens. “So, cloud native doesn’t necessarily mean that it has to be running in a cloud…It’s really just thinking about the kind of the patterns that emerged in the era in which cloud came into its own — but a lot of these kinds of API-driven architectures and patterns that we encapsulate with containerization are applicable across environments.”
The Cloud Native Computing Foundation is a sponsor of The New Stack.