Aporeto Logo
Aporeto Logo

The success and rapid development of the Kubernetes open source project is nothing short of amazing.  Initially a Google initiative to open source portions of their internal orchestration tool, Borg, Kubernetes has taken a life of its own and has become the industry de facto standard for deploying microservices and containers in the cloud.  Every major cloud service provider is clamoring to offer its own managed Kubernetes services to simplify developing and deploying k8s-orchetrated applications on their infrastructure.

But, while there is a fever-pitch interest from developers and application architects for Kubernetes, enterprises are still reluctant to adopt this application orchestration tool in production.  There is a reason for this.

Although evolving, the enterprise approach to IT is rather specific (to be clear, startups are not enterprises).  There are existing systems, processes, regulations, and skill sets.  Integrating a new tool within the enterprise IT ecosystem requires for that new solution to be integrable into those existing systems and processes, while respecting regulatory requirements and offering a shallow learning curve for the IT professionals.  The Kubernetes community is not focused on these problems yet.

It is refreshing to attend KubeCon events, including the very recent KubeCon Europe in Copenhagen.  There is a collegiate feel to the atmosphere where intellectually curious people come together to learn about the latest developments and solve the next difficult technical challenge.  While a few vendors stealthily hock their ware in talks and group discussions by touting a better this or an easier that, most (interesting) discussions center around solving architectural and tools issues.

Basically, at this point, KubeCon is a quasi-graduate-school computer science conference replete with idealist attendees with altruistic tendencies.  It is not your typical business-centric event with capitalistic traits.  Solving business problems is not a focus – or even a topic – of the k8s community.  It is an intellectual playground for engineers and developers who seek to make cloud computing better.

Be that as it may, Kubernetes is making inroads within the enterprise precisely because developers and cloud architects are injecting it into the mix (with the rest of the IT Ops and SecOps crew screaming along the way). From a developer’s perspective, the advantages of being cloud-native are clear and even seductive.  What is there not to like about having the ability to roll out new features rapidly (because the business demands them) while (if you get it right) not worrying about infrastructure complexities or crazy-complex security concerns?  Just do it!  The IT Ops and SecOps people will eventually catch on and catch up.

And there is the rub, or the friction between the “past” and the future. The developers want to go fast and not worry about the other “stuff,” while the rest of the IT team is left pulling their hair out working to de-risk the business and ensuring compliance with security and regulatory requirements.

Here is the news for the enterprise IT and SecOps teams:  Despite being idealistic, altruistic, etc., the developers have it right on more than one count: (1) There is value in faster feature velocity; (2) developers should not have to worry about “stuff” like the infrastructure or security; (3) you will eventually catch on; and (4) you will even catch up.

Enterprises are becoming cloud-native, because the developers and cloud architects are leading them that way, but it is a journey.  Because the advantages of being cloud-native are overwhelming for the business, enterprise IT shops will evolve and unshackle themselves from the past.  But, because there is vested interest and (still) value in the existing system, this evolution will take its time.  The journey will look something like:

Complete the migration to the cloud
Use containers and microservices to build new applications
Refactor existing applications and make those cloud-native too
Simplify the infrastructure and make it programmable
Automate workload security and make it part and parcel of the infrastructure (now deployed as code)
If you are enterprise IT person and are reading this blog, just keep one thing in mind:  The faster you evolve, the more competitive you will be and the higher your chances of surviving and thriving.  Nature has plenty of lessons along this front; a good one is from the Jurassic era.

Recent Posts Key Security Concerns for a Kubernetes Deployment How We Prevented the Kubernetes API-Server Vulnerability Security Groups and their Pitfalls

Subscribe to Our Blog

x