Kubernetes as-a-service, security issues and skills shortages -- container predictions for 2023
Containers have become increasingly popular in recent years, they can be spun up quickly and offer developers the opportunity to deliver projects faster as well as gains in agility, portability and improved lifecycle management.
Here are what some industry experts think we'll see happening in the container market in 2023.
Shira Shamban, CEO and co-founder of Solvo, believes securing containers will need an identity-centric approach. "Along with seeing a data-centric approach to security emerge, we will also see an identity-centric model grow. In previous years, when infrastructures were entirely on-premises, the network used to be the security perimeter. However, in today's cloud-native era and with the growth of APIs, it's necessary to have strong Identity and Access Management practices throughout the organization, creating a unique identity not only for each individual employee but also for the specific cloud components, such as containers, serverless functions and data resources. Maintaining a least-privileged state at scale will be increasingly important."
Stewart McGrath, co-founder and CEO of Section, says we'll see Kubernetes develop as a service offering. "Kubernetes has been described as an operating system for containers. As workload management continues to expand to serverless and virtual machines, and the operations ecosystem (e.g., security and observability) matures and hardens, we will see Kubernetes more abstracted from users. No developer working on building an application really needs (or probably wants) to understand and manage Kubernetes. What they really want is the benefits of Kubernetes when managing their applications in production. In the same way, no developer wants to manage Linux or even the servers on which it runs, so cloud computing gave us compute as a service. Kubernetes is one layer above that compute, and a natural fit for an ‘as a service’ offering; in 2023 we'll see that take off."
Don Boxley, CEO and Co-Founder, DH2i says high availability will be key:
…developers will demand solutions that enable highly available cloud-native SQL Server availability groups (AGs) in containers, including support for Kubernetes (K8s) clusters – across mixed environments and across any type of infrastructure or cloud.
Kubernetes alone struggles to meet SQL Server production database HA requirements due to its prolonged pod/node-level HA failover of 2-10 minutes. What is required is a solution that can solve this problem by enabling highly available AG support in Kubernetes, which is an essential component to using stateful containers in production. The solution(s) must seamlessly complement K8s' pod/node-level cluster HA, allowing Microsoft SQL Server users to confidently deploy HA SQL Server containers in production while meeting database HA requirements. Bottom-line, the ideal solution must combine with Azure Kubernetes Services and SQL Server to create a single, holistic solution for containerized SQL Server.
Experts at Oxeye believe container vulnerabilities will be increasingly targeted. "Over the next 12 months, more applications will be built using a cloud native approach than the traditional, monolithic architecture. Distributed applications that use containers will be impacted by an increasing number of vulnerabilities that span microservices and traverse the infrastructure layer. The distinction between application security and cloud security has clearly blurred as application security is now affected by the underlying cloud infrastructure, while cloud security professionals now have to take the application layer into account in their attack path analysis. For application security professionals, this means they must now learn to perform an accurate analysis of cloud native applications, which combine analysis of code, container, cluster, cloud and their connections and communications. For cloud security professionals, this means finding a way to add application layer analysis into their existing security posture."
Organizations need to focus on securing data rather than the containers themselves says Wade Barisoff, director of product -- data protection at Fortra. "As companies moved collaboration to cloud-based providers, the natural reaction was to extend what was already understood, which was attempting to control access to the containers where the data was stored rather than the data itself. As the use of cloud rapidly expanded, organizations had large volumes of customer and company data that was not well understood, in environments they may have had some access control over. Today, global organizations are starting to focus more on access to the data rather than the containers, as that is easier for business groups to understand. Tools that help secure data regardless of repository are coming into focus, as poorly maintained access control lists to repositories, that have been failing internally for decades, are now being pushed to cloud environments."
Skills shortages may hold back container developments says Haoyuan Li, founder and CEO of Alluxio. "In the cloud-native era, Kubernetes has become the de facto standard, with a variety of commercial platforms available on the market. Organizations are increasingly deploying large-scale analytics and AI workloads in containerized environments. While containers provide many benefits, the transition to containers is very complex. As a result, in 2023 the main bottleneck to container adoption will be the shortage of talent with the necessary skill set for tools like Kubernetes."