On the back of last year’s high-profile discovery of a privilege escalation flaw in Kubernetes, CIOs and CSOs are in need of solid security strategies to protect applications under the helm of Captain Kubernetes. Brian Johnson, CEO of DivvyCloud, explores the complex task of managing massive, distributed systems built on open source technologies
As Kubernetes solves a few key problems in cloud its adoption has skyrocketed. Containers are great for both lightweight and consistent compute footprint across test/dev and production environments, but managing the bundling of a set of containers for each application component is a time-consuming byproduct. Kubernetes simplifies this with manifests.
Containers also help maximise the utilisation of the underlying infrastructure, such as CPU and memory. But then the problem becomes connecting Kubernetes to IaaS layers to enable the proper scaling of the infrastructure. Kubernetes provides container-native tools for scaling automatically across an infrastructure footprint.
Lastly, there’s strength in numbers. There have been several other projects that have tried to address those points for containers, but once a project with a strong track record and corporate buy-in, coming from Google, hits the market, it gains momentum. In the open source ecosystem, momentum often begets more momentum, and that’s where all the necessary safeguards and controls get built out to make something ready for broader mass adoption.