As 2018 approaches, the momentum behind containers and Kubernetes shows no signs of slowing. In less than three years since Google donated Kubernetes 1.0 to the Cloud Native Computing Foundation (CNCF), we've seen its development accelerate to where it has become one of the highest-velocity open source projects in history. Vendors and IT shops from all segments of the industry are embracing Kubernetes for their containerization efforts. (If you are still new to Kubernetes, read our Primer.)
To us at CoreOS, this comes as no surprise. We recognized early on that orchestration would be the catalyst to launch containerized infrastructure into the mainstream. It's a tribute to the entire Kubernetes community that large enterprises already have Kubernetes clusters in production, and the roster keeps growing.
So what do we see in the Kubernetes ecosystem's future as 2017 draws to a close? The CoreOS crystal ball reveals a few likely directions for the New Year.
1. No patch left behind: Enterprises get serious about operationalized security
In 2017, the alarm bells for the consequences of inadequate data security rang louder than ever. In October, former Equifax CEO Richard F. Smith testified before Congress that "technological failures and human error," including inadequately patched software, were what exposed the credit reporting agency to a record-breaking data breach this year.
The lesson is that the infrastructure practices of yesterday are too fragile and cumbersome to power the internet of today, and information security is often the first casualty. The numbers tell the tale: It's estimated there are 3,424,000,000 internet users today but only 29,000,000 IT practitioners, and more people come online for the first time every year. Meanwhile, the rise of new models such as scale-out architecture and DevOps mean the number of servers, VMs, containers, and other assets that need management is exploding. IT practitioners are simply outnumbered.
Increased automation is the only solution to this imbalance. In the New Year, expect IT organizations to increasingly demand such capabilities as automatic, zero-downtime updates; increased monitoring throughout the infrastructure; and automated vulnerability scanning for containers and processes. Given the recent increase in cyber-security incidents, including attacks by state actors, we can no longer afford to have human error be the weakest link.
2. Conversation around cloud provider lock-in intensifies
Each year the big public cloud vendors roll out more and better services on their respective platforms, and each year customers flock to them. As the cloud providers' earnings demonstrate – research firm IHS Markit has estimated the combined IaaS, PaaS, and SaaS market at $72 billion – this model is big business for them. But how about for the companies that come to depend on them?
IT spending is often a sore subject for customers who have found themselves roped into costly contracts with big vendors. Don't be surprised, however, if 2018 is the year that cloud billing – and how quickly it can balloon out of control – becomes a hot talking point across the industry. Once customers become reliant on a vendor's proprietary cloud services for their applications, it becomes nearly impossible for customers to take their business elsewhere. The vendors know this, and customers who bought in early are just now getting their billing wake-up calls.
That's why the current murmurings about hybrid and multi-cloud models will only get louder in the coming year. This industry has seen this type of lock-in many times before, but it needn't happen again. The open source software movement has shown us that open, community-driven technologies can be just as powerful as proprietary ones, without imposing restrictions designed solely to benefit a single vendor. Cloud computing isn't going away, but customers are demanding choice – which is why application portability across data centers and clouds will surely be one of 2018's hottest topics.
3. Serverless computing springs its trap
Unfortunately, putting the brakes on cloud lock-in won't be easy while the major cloud providers are busy stomping on the accelerator. So-called serverless computing is the newest cloud-native technology that's gaining interest, even as it threatens to lock customers to cloud vendors' proprietary platforms and data centers tighter than ever.
This push began with AWS Lambda and Azure Functions, which made it possible for developers to write code without provisioning or managing the compute resources needed to execute it. Based on the early success of these offerings, expect cloud providers to deliver more products along similar lines in the coming year. For example, AWS recently announced Aurora Serverless, a management-free relational database service.
The serverless model is appealing because it purports to eliminate the headaches of IT operations. Not only is there no hardware to buy, but there are also no VMs, instances, networks, or application services to manage and maintain.
The downside is that serverless represents the most egregious form of cloud lock-in, where customers rely on a single vendor to provide everything from servers and the data center they're housed in, to services and even the APIs needed to access them. When everything is proprietary, application portability is effectively reduced to zero. It's like dialing back the clock to the mainframe era, if not worse.
There is hope, however. Serverless as a development model need not be tied to proprietary clouds. Open source options built on top of Kubernetes could provide similar functionality. For now, however, this category is still emerging, and few projects are likely to reach production-grade maturity in 2018. Faced with no open alternatives, many customers will find serverless cloud offerings too attractive to pass up in the New Year.
4. Kubernetes has won. Now witness the rise of Kubernetes apps
Containerization rose to prominence in 2015 and 2016 as a more resource-efficient alternative to VMs and an enabler of new models like microservices. It wasn't long, however, before the industry recognized that an orchestration layer was necessary to successfully deploy containers in production at scale. That's where Kubernetes came in. Today Kubernetes is the leading container orchestration tool for organizations of all sizes, on its way to potentially becoming as ubiquitous as Linux.
So what's next? As early adopters begin moving business-critical workloads onto production clusters, expect to see demand for more services built on top of Kubernetes. Infrastructure services like data stores, monitoring, and secrets management are already in demand. And we expect the catalog of these "Kubernetes apps" to grow rapidly as users recognize the advantage of having logging, configuration, and security centralized through the Kubernetes APIs.
Further, more software vendors will begin to deliver their applications as containers instead of VMs, once they see how containerization opens their applications up to more cloud providers, reduces the burden of security updates, and makes high-availability versions even easier to build. This will also open up new opportunities to move software that was stuck on premises to the cloud and vice versa.
Finally, the time that organizations spend architecting and building the infrastructure around an application's deployment, scaling, and decommissioning – also known as Application Lifecycle Management – will be reduced to zero. The "analysis paralysis" that can grip an organization as it struggles to figure out what tools developers should use for dev/test, for deploying into a datacenter, and for deploying into the cloud will be eliminated by the ubiquity of the Kubernetes APIs. The portability of the Kubernetes API to all of these environments will standardize the tools these organizations will use, increase developer productivity, and reduce friction to starting new initiatives.
5. Istio becomes the category winning service mesh for Kubernetes
One project that's complementary to Kubernetes that we're definitely keeping our eye on is Istio, and we think you'll be hearing a lot more about it in 2018. Much in the same way that Prometheus provided Kubernetes cluster maintainers with invaluable monitoring capabilities, Istio is an open source project that aims to address lingering pain points around microservices architecture.
It does this by creating a "service mesh" that runs on top of Kubernetes and acts as an intermediary network between the various microservices that make up an application. Istio enables traffic management between services, enforces service identity and access policies, and offers observability into service dependencies and how traffic flows between them.
Originally created through a collaboration between Google, IBM, and Lyft, Istio is expected to soon become a project under the umbrella of the CNCF. We'd welcome that move, and once Istio's development comes under the auspices of the same organization that oversees Kubernetes development, you should expect to see a number of vendors leveraging it to build even richer solutions for managing container-based microservices applications.
In 2018, it will be full speed ahead
Of course, no one can really predict the future, especially in an industry as fast-moving as ours. But if we can be 100 percent confident in one thing, it's that 2018 will be yet another banner year for containers, Kubernetes, and the new methodologies and practices that they enable. These technologies, and the ones that will be built on top of them, are born out of real and pressing needs faced by modern enterprises of all sizes. At CoreOS, we're proud to have helped pioneer this transformative evolution in IT, and we can't wait to unveil what we have planned for the year ahead and beyond.