Celebrating 10 Years Of Kubernetes

Since its introduction in 2014, the Kubernetes open-source container orchestration system has gone from strength to strength. No longer a niche technology, today it has become the de-facto standard for modern application deployment and management.

Indeed, as it enters into its second decade, Kubernetes is so embedded in the cloud native landscape that it’s almost impossible to imagine life without it.

Over the past 10 years, Kubernetes has matured and evolved new capabilities. Today it offers developers hundreds of extensions, add-ons and integrations, together with an impressively comprehensive documentation base. But when Kubernetes first made its debut, the initial release was rather ‘rough’ around the edges.

Let’s take a quick look at some of the technology’s pivotal milestone moments and look ahead to where Kubernetes might be heading in the next decade.

The Early Days – from inception to teenage years

Containerisation has a long history that stretches back to the 1970s but it was the arrival of the Docker containerisation framework that finally made containers easy to work with – and by doing so created the need for container orchestration technology.

As more and more people began taking advantage of Docker to develop and run applications inside containers, they needed a way to orchestrate those containers, and Kubernetes – which originated within Google as its internal orchestration platform, aptly named “Borg” – was open-sourced to resolve this challenge.

When Kubernetes 1.0 first appeared on the scene it offered much of the functionality many of today’s Kubernetes admins will be familiar with – you could deploy sets of containers as pods, distribute them across nodes, and expose applications over the network as services. 

Thanks to the backing of the Cloud Native Computing Foundation (CNCF), Kubernetes quickly gained momentum and by 2018 had become established as a leading open-source container orchestration platform.

Coming Of Age

While Kubernetes was great for orchestrating workloads across servers, in the early days the functionality it offered was pretty basic. There was no sophisticated support for persistent data storage, network functionality was limited, and there were few built-in security controls. Over time, however, this all changed.

The arrival of a native role-based access control (RBAC) framework in 2017 reduced a number of security risks associated with inadequate access controls and made it possible to manage who can do what within Kubernetes. Meanwhile, 2018 saw the introduction of new advanced networking capabilities such as support for cluster load balancing and core DNS. This was quickly followed by the provision of support for persistent volumes in 2019. All of which helped to make Kubernetes the platform of choice for a wide array of production workload types – and put Kubernetes on the radar of cloud providers. As a result, by 2022 around 60% of organisations that used containers were orchestrating these with Kubernetes. 

New features continued to emerge. Since 2020 these advancements have included Common Expression Language (CEL) support for admission control, which enables requests to be handled in a granular way through the Kubernetes API. On the security front, the introduction of beta support for Linux-based username spacing in Pods alongside the replacement of security policies with security contexts all helped to further contain security risks. Together these enhancements allow admins to build and operate more secure clusters.

What’s Next For Kubernetes?

Unless a major disruptive technology makes it irrelevant, Kubernetes looks set to remain a cornerstone of the digital world as we know it. That said, there are numerous ways that Kubernetes could continue to grow and improve while maintaining a balance between richness of capabilities and simplicity of operation.

For example, the introduction of full support for multi-cloud clusters would be a great addition. One that would make it much easier to operate a single Kubernetes cluster whose nodes are distributed across multiple clouds or data centres.

Similarly, greater consistency between Kubernetes distributions would also resolve the challenge that of migrating from one distribution to another thanks to the diversity of distributions that can include proprietary extensions or features that only work within a given vendor ecosystem. It is also likely that we will fewer distributions in the future, since there are numerous ones available, but adoption is concentrated around a few of them. At the same time, special-purpose distribution such as K3s (lightweight implementation of Kubernetes) will justify their place.

Finally, enhancing Kubernetes security should be a primary focus for future growth and more opinionated security controls would be a welcome enhancement for admins looking to stay ahead of the game where Kubernetes security threats are concerned.

No easy task when the multitude of Kubernetes distributions and installers available today can lead to inconsistencies and vulnerabilities that can be exploited.

One thing is for sure, admins that want to keep their workloads secure over the next decade and beyond will need to keep their finger on the pulse as Kubernetes continues to evolve. Ultimately, that means covering all the bases, from secure development, to hardened configuration and compliance, through to runtime protection and network controls for Kubernetes applications. 

Rani Osnat is SVP of Strategy at Aqua Security

Image: Jaiz Anuar

You Might Also Read:

Securing Kubernetes Helm: Vulnerabilities & Defensive Strategies:


If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 


 

« Nowhere To Run
How Can Cloud Risk Management Elevate Your Cybersecurity Posture? »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

ESET

ESET

ESET provide security software for enterprises and consumers - Antivirus Software, Internet Security and Virus Protection.

Metasploit

Metasploit

Metasploit penetration testing software helps find security issues, verify vulnerabilities and manage security assessments.

Qualitèsoft Technology

Qualitèsoft Technology

Qualitèsoft Technology is a leading Software Development and Quality Assurance organization. We specialize in Custom Development, Mobile Application, Software Testing and Quality Assurance.

Competence Center for Applied Security Technology (CAST)

Competence Center for Applied Security Technology (CAST)

CAST offers a range of services in the field of secure modern information technology and a contact point for all questions regarding IT security.

Privitar

Privitar

Privitar is leading the development and adoption of privacy engineering technology enabling our customers to innovate and leverage data with an uncompromising approach to data privacy.

CyberSeek

CyberSeek

CyberSeek provides detailed, actionable data about supply and demand in the cybersecurity job market.

Digital Security

Digital Security

Digital Security is an Ecuadorian company specialized in providing comprehensive information security solutions.

Quantum Armor

Quantum Armor

Quantum Armor is a next-gen cyber security monitoring platform that allows you to continuously stay aware of your security posture, and proactively spot trends, vulnerabilities and potential attacks.

Guardey

Guardey

Guardey protects thousands of SME's environments. Whether your team works at the office, at home, at the customer or remotely. We protect your business. We do this in an accessible and affordable way.

SequelNet

SequelNet

SequelNet is an emerging MSP, providing 360° business IT solutions and consulting services.

Project Cypher

Project Cypher

Project Cypher leverages the latest cybersecurity developments, a world class team of hackers and constant R&D to provide you with unparalleled cybersecurity offerings.

PingSafe

PingSafe

PingSafe is creating the next-generation cloud security platform powered by attackers' intelligence, providing coverage for vulnerabilities that traditional security solutions would otherwise overlook

Kontra

Kontra

Kontra application security training is an interactive and intuitive learning experience that engages developers.

Infosec Ventures

Infosec Ventures

Infosec Ventures incubates and scales cyber security innovators that solve inefficiencies in cyber security.

Cyber Guru

Cyber Guru

Cyber Guru is an effective cybersecurity awareness training platform, enabling organisations to increase their resistance to cyber-attacks by changing employee behaviour.

Velaspan

Velaspan

Velaspan design, deploy, and manage enterprise wireless networks and cybersecurity solutions for leading businesses and brands.