All posts by ronaldsens

Why Kubernetes is helping to make cloud mainstream

There has been a lot of talk in the first half of 2018 around how cloud is being adopted for mission critical applications and becoming mainstream. Right now, the impact of cloud services, cloud technologies and practices for organisations is rapidly accelerating as we enter the next wave of cloud adoption.  To this point, analysts at Forrester predict that the public cloud market will grow by 22 percent in 2018, to $178 billion. This momentum is being driven by companies that recognise the potential benefits of a cloud-based infrastructure i.e. lower operational costs, increased speed of deployment and greater business flexibility.

Today, many companies have moved well beyond the experimental stage and view the cloud as a critical component of their IT strategy, whether they are transitioning their on-premise infrastructure and applications to the cloud or adding cloud-based services as part of a hybrid approach. This transition is being made even easier thanks to the implementation of Kubernetes. Kubernetes can allow layering and application scaling within containers in the cloud. It works in tandem with the infrastructure provided by the cloud to allow for a more portable, more productive, environment.

At the same time, the services, tools and the organisational best practices for cloud continue to evolve to support the needs of large-scale enterprises. With these trends in mind, here are a few thoughts on cloud becoming mainstream and the growing role of Kubernetes in delivering powerful improvements to your infrastructure.

Driving agility in the business

The prime motivator behind the move to cloud for every business is how it improves operational efficiency. The cloud offers many benefits to businesses, like easy and near-instantaneous provisioning of compute, storage, networking resources, elastic scaling of resources and a business model of pay as you go.  All these benefits delivered by the cloud go towards driving agility in the business by improving the flexibility of employees and assisting in future expansion.

Containers further allow portability of applications across environments, easy separation of functionality into smaller microservices for more agile development and allow development teams to move fast, deploy software efficiently, and operate at an unprecedented scale. It is the next step in enterprise hybrid cloud deployment.

Kubernetes dominates container orchestration

The fight for container orchestration dominance has been one of the cloud’s main events for the past two years. The three-way battle between Docker Swarm, Kubernetes and Mesos has been fierce. However, now Kubernetes is viewed as the clear winner.  Its rich set of contributors, rapid development of capabilities and support across many disparate platforms make it the victor.

Nevertheless, putting this into perspective, the overall number of companies using these technologies in earnest is still relatively low.  A recent report from Cloud Foundry shows that only 25% are currently using containers. But on the other hand, another research report, from Portworx, found that 69% of companies are ‘making the investment in containers’ so the key point here is that enterprise organisations are starting to take note and there are signs that the market for Kubernetes is growing very rapidly.  

Kubernetes and the cloud in unison

Kubernetes is unique in that there is no single company behind it.  It is a fully open source community-driven initiative, and this has been a large factor in its adoption to date. As an open-source service it has a lot of flexibility in how it is used: what software Kubernetes works with; whether the infrastructure is private or shared; and which provider it can work with, whether Google or AWS. Kubernetes is especially useful with hybrid or multi-cloud deployments, which are emerging as the most frequently used cloud model for businesses in 2018. However this can make containers very difficult to manage when there are so many of them across multiple clouds and infrastructures for a single business.

This is where Kubernetes is a benefit as it manages containers and automates the deployment process for them. Automation saves lots of money for businesses as it improves efficiency and allows IT teams to focus on other areas of the business. This is especially true when good container management means that software deployment through Kubernetes is almost always painless. It could also potentially reduce hardware costs by making more effective use of current hardware. All of this combined pushes Kubernetes into more mainstream deployments with continued growth in large production workloads.

Providing load balancing for Kubernetes in the cloud

With more application workloads moving to containers, Kubernetes is clearly becoming the de-facto standard. That said, Kubernetes does not provide application load balancing. It is the customer’s responsibility to build this service. In theory open source application load balancers and traditional application delivery controllers (ADC) will work in Kubernetes. Unfortunately, in practice they fail to handle the dynamic environment of containers.

So, what are the requirements for load balancing on Kubernetes?

Organisations considering applications in Kubernetes with continuous availability need to consider the following:

  • Scalable application load balancer that is built for containers and stateless with SSL termination
  • Centralised management for application load balancer
  • Application security
  • Application traffic visibility and analytics
  • Automation for monitoring container lifecycle events and keeping the application load balancer configuration in synchronisation with the environment

Here at A10 Networks our Kubernetes solution includes the Lightning ADC solution offers enterprise-grade application load balancing, the Harmony Controller  providing application and service analytics and centralized management and the  Ingress Controller for application load balancing in Kubernetes which provides tight integration with Kubernetes. This means that IT staff can focus on the application’s business value rather than being occupied with operations of application delivery.

In the cloud world, everything is moving very rapidly, and certainly many organisations are now adopting Kubernetes.  I personally believe that this adoption means that it will be mainstream in the next 12 months as organisations look to find innovative ways to consume cloud.

Making the cloud a safe space: Organisational security, identity, and more

The cloud has brought about many benefits for organisations and adoption is understandably increasing. Gartner earlier this year projected that the worldwide public cloud services market would grow 21.4 percent in 2018 whilst Forrester has found that global cloud services revenues totaled £112.5 billion in 2017, and is predicted to grow up to £137.2 billion by the end of 2018. With this huge growth in cloud adoption, effective security is paramount. Recent cyber-attacks have highlighted that organisations across all industries and of all sizes are the target of ongoing attacks.

With all the advantages that cloud brings including flexibility, efficiency and strategic organisational value, it is certainly a development many ambitious businesses are looking to utilise. It can provide the platform that enables a modern organisation to grow, expand into new markets and coordinate their strategy and plans. With many organisations now encouraging remote and home-working and operating internationally with diverse, multi-cultural teams the cloud is increasingly important to helping organisations collaborate, organise, share information (securely) and scale up.

Some of the biggest companies in the world, for example Google, Microsoft and Amazon are committing massively to the cloud, underlining the belief that the technology has huge commercial potential. These companies expect to see significant growth in the market which will fuel their future financial performance. Indeed, in Microsoft’s most recent financial result in July cloud was credited as driving a record fourth quarter result for the company.

It is another indication that the cloud is growing and adoption is increasing. Even Luddites will – perhaps slower than most – come to realise the huge benefits cloud can bring to an organisation, provided that security is kept front of mind. Ineffective and security-compromising use of the cloud is worse than not using the cloud at all. As such, proper planning is crucial.

With any new technology and system, it is vital that proper procedures are put in place to keep data safe and secure and to ensure employees use the system properly and maximise the impact it can have. Training needs to coordinate these efforts. The cloud is no different. It is IT’s job to make sure that the cloud creates the ROI and efficiency gains that senior executives will be looking for. This means taking the time to plan the implementation and then invest in training and support for employees.

Security has to be one of the main considerations when it comes to using the cloud. As with any IT system it can lead to a breach and loss of data. The cloud does not eradicate this vulnerability, it changes the dynamic, meaning CISOs and their teams need to be on the front foot when it comes to keeping the cloud secure. A successful breach will be a major setback for adoption of the technology within an organisation, especially if the context in which the breach takes place is a management that see it as a cost rather than an opportunity and a gain.

To ensure cloud has the backing of management therefore, there must be a laser focus on security. There won’t be much credit when the cloud remains secure – that is expected – but there will be a major downside if it goes wrong. With all this in mind let’s focus further on some of the key issues and questions around cloud security:

What is the impact of the cloud in terms of organisational security?

Cloud introduces new security risk to organisations because publicly exposed APIs are the underlying infrastructure that makes the cloud and cloud applications run. Unlike the http/s view of websites, which is largely choreographed for user experience and constrained on what is exposed or exploitable, APIs are built with fully exposed controls to support orchestration, management and automated access to the environment and applications. APIs provide a rich target for exploitation and introduce another dimension the challenges of expanding boundaries that were not seen in traditional enterprise on-premises perimeters.

Is security in the modern digital world like an open city, as opposed to traditional corporate computing, which is more like a castle?

Attackers will take the path of least resistance, and employees – and IT in many instances – will unwittingly help them. There will always be employees who will fall prey to phishing, surf exploited sites, or use free Wi-Fi from a coffee shop to open the door for the attacker. Also, common infrastructure weaknesses are the ‘exploit of choice’ to land a beachhead within an organisation, such as using an SQL query to find cached credentials, or finding a publicly exposed unpatched server to exploit. And then there is always the fallback to first-initial-plus-last-name with password1234.

How do we stop hackers from taking over the identities of victims in order to gain access to systems? Any real-life examples that demonstrate this?

There is no way to prevent intrusion through exploiting identity. The best that can be done is to slow attackers down by using good identity hygiene: implementing multi factor authentication, using longer pass phrases over passwords, deprecating expired employee accounts and monitoring access logs. However, the industry is making improvements in identity around trust by using multi-context analysis strategies that include time of access, country of origin, host computer in use, and other behavioural analyses to add weight to identity.

At the end of the day, organisations need to put in place robust procedures and make employees accountable for keeping networks safe and secure. The cloud introduces new security risks for organisations that will need to be managed effectively by the CISO; failure to do so could be very costly to an organisation both financially and reputationally. We have seen cyber-attacks generate headlines around the world recently – think WannaCry and Petya – to see notable examples of this.

Then you have the recently implemented GDPR, effecting any company who works within the EU. Inadequate data protection procedures under this regulation leads to increased penalties and fines for companies. This should focus the minds of executives on the challenges of implementing robust cyber defences, but too often this is not the case.

I would not want to see the adoption of cloud held back by fears over security, instead I believe cloud should be adopted by organisations that are ambitious to grow and effectively collaborate to solve problems and drive business performance. The penalties resulting from GDPR for example and from other regulations should not be a deterrent to implementing new technologies and systems. To me the focus should instead be on planning effectively and then implementing a solution that works and by this, I mean it is safe, secure and enables improved operational performance.

Five cloud computing predictions for 2018: Containers, AI, and custom clouds

Just a few years ago, not many predicted cloud computing would reach the heights we’ve seen in 2017 – 79 percent of companies now run workloads in the cloud (split almost evenly between public and private clouds). With the cloud bar constantly being raised, where do we go from here? Here are five predictions for the future of cloud computing in 2018.

True hybrid clouds emerge

Hybrid cloud is all the buzz. The ability for enterprises to have applications run in different infrastructures – public and private clouds and on-premise with common orchestration and management tools – is enticing. Multi-cloud, with different workloads running in different clouds and being managed separately, will become the dominant mode in 2018, while true hybrid clouds will start to emerge.

There are already key technology developments and partnerships forming to make this a reality. For example, Azure and Azure Stack from Microsoft provide a uniform set of infrastructure and API capabilities across public and private clouds; the partnership between VMware and AWS; and the teaming up of Cisco and Google. These mashups will create hybrid clouds that truly blend environments and further improve operational agility, efficiency and scale.

Kubernetes dominates container orchestration

The fight for container orchestration dominance has been one of the cloud’s main events for roughly the past two years. The three-way battle between Docker Swarm, Kubernetes and Mesos has been fierce.

Come 2018, however, Kubernetes is poised to take the container orchestration title belt and also become increasingly mainstream with mission critical, scalable production deployments. Its rich set of contributors, rapid development of capabilities and support across many disparate platforms make it a clear victor.

And it has the help of some very powerful friends: Microsoft Azure and Google Cloud have launched a managed Kubernetes services. IBM has announced its private cloud will support Kubernetes in its Bluemix public cloud; AWS is lining up behind it as well and has joined the Cloud Native Computing Foundation (CNCF) as a platinum member

All this combined pushes Kubernetes into more mainstream deployments with continued growth in large production workloads next year.

Analytics get an AI upgrade

AI is everywhere. It’s in our homes with Amazon Echo. And in 2018, it’ll be embedded more tightly in IT analytics systems making IT proactive versus reactive.

Through predictive analytics, IT and application owners will receive actionable information and recommendations. Add to that the ability to automate their response, and the power of AI becomes more relevant.

Analytics systems will have insight into the behaviour of the infrastructure, apps and clients. It will recognise anomalous performance or security behaviour and when an app or server is going to fail. Once that behaviour is noticed, automation can kick in to remediate the potential problem, i.e. firing up another server or load balancing the app. It’s like your infrastructure can say “Alexa, spin up another server.”

Serverless computing adoption spreads

One of the benefits of cloud is ease of use for spinning up additional resources and its pay by use consumption model. Nowhere is that more evident than in serverless computing. Previously, the unit for additional compute resource was an instance or VM. Now a “function” has become an even smaller unit of “use.” Putting the onus of managing and scaling up resources on demand on the cloud provider is cost-efficient and takes the heavy lifting off IT. And paying based on a consumption model makes it gentler on already strained budgets.

Currently available in the public cloud, next year will see serverless computing start to appear in private cloud deployments as well. While it won’t become mainstream, wider adoption will happen in the short term.

Serverless computing, coupled with the continue maturation of cloud, puts pressure on server and hardware vendors to transform their business models to maintain relevance in the new virtual, elastic and automated cloud-powered world.

Custom cloud instances proliferate

As cloud adoption grows, compute instance types will become further segmented and optimised for specific use cases; enabling improved performance and new use cases. Next year will see growth in the number of application-specific instance types within clouds – from big data and AI-optimised instances to high network performance and very large memory types. Custom optimised applications that take advantage of these capabilities will start appearing.

Bonus prediction: Kiss cloud security concerns goodbye

Security is noticeably absent from our list of cloud predictions. Why? Simple. It’s time to move on.

Yes, security is always important, and even more so in the cloud. But it’s no longer the hindrance it was when cloud was early stages. Over the years, cloud and services available on the cloud have matured. There is more security built in. More tools are available from vendors. Compliance in the cloud has caught up. As with all IT, it’s imperative to think about security capabilities, policies and governance when deploying clouds or making a major change to your infrastructure, but in 2018 cloud will no longer be considered not secure by default.

In the cloud world, things move swiftly. That’s just a snapshot of what we think will be the major trends of 2018. There will certainly be more big headlines in cloud as more people find innovative ways to consume it.