Celebrating 10 Years Of Kubernetes

Uploaded on 2024-10-22 in TECHNOLOGY--Developments, NEWS-Cybersecurity News, FREE TO VIEW

Since its introduction in 2014, the Kubernetes open-source container orchestration system has gone from strength to strength. No longer a niche technology, today it has become the de-facto standard for modern application deployment and management.

Indeed, as it enters into its second decade, Kubernetes is so embedded in the cloud native landscape that it’s almost impossible to imagine life without it.

Over the past 10 years, Kubernetes has matured and evolved new capabilities. Today it offers developers hundreds of extensions, add-ons and integrations, together with an impressively comprehensive documentation base. But when Kubernetes first made its debut, the initial release was rather ‘rough’ around the edges.

Let’s take a quick look at some of the technology’s pivotal milestone moments and look ahead to where Kubernetes might be heading in the next decade.

The Early Days – from inception to teenage years

Containerisation has a long history that stretches back to the 1970s but it was the arrival of the Docker containerisation framework that finally made containers easy to work with – and by doing so created the need for container orchestration technology.

As more and more people began taking advantage of Docker to develop and run applications inside containers, they needed a way to orchestrate those containers, and Kubernetes – which originated within Google as its internal orchestration platform, aptly named “Borg” – was open-sourced to resolve this challenge.

When Kubernetes 1.0 first appeared on the scene it offered much of the functionality many of today’s Kubernetes admins will be familiar with – you could deploy sets of containers as pods, distribute them across nodes, and expose applications over the network as services.

Thanks to the backing of the Cloud Native Computing Foundation (CNCF), Kubernetes quickly gained momentum and by 2018 had become established as a leading open-source container orchestration platform.

Coming Of Age

While Kubernetes was great for orchestrating workloads across servers, in the early days the functionality it offered was pretty basic. There was no sophisticated support for persistent data storage, network functionality was limited, and there were few built-in security controls. Over time, however, this all changed.

The arrival of a native role-based access control (RBAC) framework in 2017 reduced a number of security risks associated with inadequate access controls and made it possible to manage who can do what within Kubernetes. Meanwhile, 2018 saw the introduction of new advanced networking capabilities such as support for cluster load balancing and core DNS. This was quickly followed by the provision of support for persistent volumes in 2019. All of which helped to make Kubernetes the platform of choice for a wide array of production workload types – and put Kubernetes on the radar of cloud providers. As a result, by 2022 around 60% of organisations that used containers were orchestrating these with Kubernetes.

New features continued to emerge. Since 2020 these advancements have included Common Expression Language (CEL) support for admission control, which enables requests to be handled in a granular way through the Kubernetes API. On the security front, the introduction of beta support for Linux-based username spacing in Pods alongside the replacement of security policies with security contexts all helped to further contain security risks. Together these enhancements allow admins to build and operate more secure clusters.

What’s Next For Kubernetes?

Unless a major disruptive technology makes it irrelevant, Kubernetes looks set to remain a cornerstone of the digital world as we know it. That said, there are numerous ways that Kubernetes could continue to grow and improve while maintaining a balance between richness of capabilities and simplicity of operation.

For example, the introduction of full support for multi-cloud clusters would be a great addition. One that would make it much easier to operate a single Kubernetes cluster whose nodes are distributed across multiple clouds or data centres.

Similarly, greater consistency between Kubernetes distributions would also resolve the challenge that of migrating from one distribution to another thanks to the diversity of distributions that can include proprietary extensions or features that only work within a given vendor ecosystem. It is also likely that we will fewer distributions in the future, since there are numerous ones available, but adoption is concentrated around a few of them. At the same time, special-purpose distribution such as K3s (lightweight implementation of Kubernetes) will justify their place.

Finally, enhancing Kubernetes security should be a primary focus for future growth and more opinionated security controls would be a welcome enhancement for admins looking to stay ahead of the game where Kubernetes security threats are concerned.

No easy task when the multitude of Kubernetes distributions and installers available today can lead to inconsistencies and vulnerabilities that can be exploited.

One thing is for sure, admins that want to keep their workloads secure over the next decade and beyond will need to keep their finger on the pulse as Kubernetes continues to evolve. Ultimately, that means covering all the bases, from secure development, to hardened configuration and compliance, through to runtime protection and network controls for Kubernetes applications.

Rani Osnat is SVP of Strategy at Aqua Security

Image: Jaiz Anuar

You Might Also Read:

Securing Kubernetes Helm: Vulnerabilities & Defensive Strategies:

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.