The Kubernetes ecosystem hits its inflection point

Susan R. Jones

With the Cloud Indigenous Computing Foundation’s KubeCon CloudNativeCon Europe 2022 past week in València, Spain, the Kubernetes entire world came roaring back again to life immediately after a lackluster conference in Los Angeles final slide – in spite of a demanding meeting-extensive mask mandate.

The general emotion at the meeting was that the Kubernetes ecosystem is reaching an inflection position. Operate on the core Kubernetes platform itself is slowing, as it has attained a degree of maturity – whilst speedy innovation carries on unabated throughout the broader Kubernetes landscape.

This 12 months it’s all about acquiring down to enterprise, where the enterprise of Kubernetes is working dynamic applications at scale. Quite a few enterprises are touting significant Kubernetes deployments, even though lots of other people are somewhere on their cloud-native roadmap.

I knowledgeable a little bit of déjà vu, recalling a Linux conference I experienced attended a ten years or so ago. The keynoter trumpeted the reality that in opposition to all odds, Linux had gained over the enterprise. Kubernetes is properly on its way to a identical victory.

Cloud-native hotspots at KubeCon

I used my time at the meeting interviewing the most intriguing sellers exhibiting at the clearly show, looking for the most modern, appealing offerings. Below are my top rated nine.


CloudCasa from Catalogic Software Inc. provides Kubernetes and cloud database backup and restore as-a-provider. CloudCasa can span several clusters across EKS accounts in Amazon World wide web Companies, aggregating security info across clusters and accounts as perfectly as protecting in opposition to accidentally or maliciously deleted clusters.

What helps make Catalogic unique: CloudCasa provides cyberresilience to the blend with tamperproof backups that guard customers’ facts from ransomware attacks. CloudCasa can then confirm backups are protected with vulnerability assessments.


Fairwinds Ops Inc. manages protection, compliance, and price across the Kubernetes landscape by automating stability and compliance configurations, even when the business requires a number of unique Kubernetes configurations throughout distinct environments.

What would make Fairwinds specific: The corporation automates safety hygiene and regulatory compliance for Kubernetes so that DevOps engineers never have to serve as the support desk for builders. With Fairwinds, firms avoid both equally overprovisioning and underprovisioning and are in a position to produce automatic stability and compliance audits.


Lightlytics Ltd. offers a “digital twin” model of the Kubernetes generation atmosphere that its buyers can use to identify vulnerabilities and misconfigurations just before they deploy. This digital twin can also deliver an impression assessment of any likely change in advance of deployment.

What helps make Lightlytics particular: Lightlytics garners its info from Git repos as properly as by way of discovery of the generation atmosphere configuration. Whereas AIOps tools use device understanding to discern anomaly designs in buy to infer the triggers of problems, Lightlytics operates in the reverse way, calculating the effect of potential concerns deterministically, without having the want for AI.

Loft Labs

The Kubernetes architecture supports multiple clusters, where every single cluster supports multiple ephemeral pods that in flip have several ephemeral containers.

The clusters them selves, nonetheless, really do not have the identical ephemerality as pods and containers do. They can take several minutes to spin up, and therefore scaling the selection of clusters up and down immediately can be a tough obstacle.

Loft Labs Inc. solves this dilemma by introducing virtual clusters in just Kubernetes clusters. From the viewpoint of the pods inside of them, digital clusters function just like everyday clusters – but Kubernetes can scale them up and down in a moment or two.

What would make Loft exclusive: Organizations with multiple advancement groups performing in parallel can spin up digital clusters for any goal with their own namespaces, therefore keeping away from interference with other teams. Digital clusters come to be idle when out of use, therefore consuming small resources.


The ephemeral mother nature of containers and pods in Kubernetes favors stateless workloads. Retaining condition information appropriately in Kubernetes so needs an abstraction layer that supports stateful resources.

Officially StorageOS Inc., Ondat provides that abstraction. The enterprise delivers a application-defined storage layer that runs in Kubernetes. Ondat can give stateful providers like databases, caches, and the like that stateless Kubernetes workloads can accessibility as needed.

What makes Ondat distinctive: The firm handles availability, replication across nodes, knowledge restoration, and encryption in flight all less than the covers, so that builders never have to get worried about these kinds of complicated information.


The software security marketplace is an alphabet soup of offerings, like SAST, DAST, IAST, and SCA. These resources give some combination of uncovering safety vulnerabilities straight in source code or making an attempt to recognize vulnerabilities in jogging code by its habits.

Oxeye Security Ltd. goes one move further more: It supplies static and dynamic analysis of operating code by decompiling it, even when the supply code is unavailable.

Oxeye is hence equipped to discern software vulnerabilities in just the runtime context for those people programs – essential for catching difficulties these types of as the Log4j vulnerability and other program offer chain vulnerabilities, even for complicated, dynamic microservices apps managing on Kubernetes.

What can make Oxeye distinctive: Decompiling JVM-based languages these as Java and Scala indicates working with Java bytecode, which is scarcely human readable at best. Discerning vulnerabilities at this degree is remarkable sufficient – but Oxeye can also uncover challenges for compiled languages this kind of as Golang, where the decompilation must process raw object code.

Portainer Ltd. offers a multicluster, multicloud container management system that runs throughout all orchestrators and environments, which include on-premises, cloud and edge.

What helps make Portainer distinctive: Independent software distributors are progressively offering their wares in containers for jogging on Kubernetes. Their buyers, nonetheless, may well not nonetheless be up to speed with the system. Portainer gives a very simple, intuitive interface that these kinds of Kubernetes newbies can use to manage their app environments – so very simple, in reality, that ISVs are bundling it in with their offerings.

Portion Inc. empowers its consumers to put into practice Kubernetes throughout dispersed edge places as digital Kubernetes clusters. The Portion adaptive edge compute network is dynamic, heterogeneous and multicloud.

What makes Area unique: From the platform engineer’s viewpoint, the Kubernetes edge deployment is completely configurable, supporting configurable latency, information sovereignty and other choices. From the application developer’s perspective, nevertheless, the Segment adaptive Kubernetes edge seems and works like an normal Kubernetes deployment.

Tetrate Inc. is leveraging its experience with the Istio support mesh and Envoy proxy to produce the Envoy Gateway, an software programming interface gateway and ingress controller that works in conjunction with Istio.

The end result is effective, scalable abstraction of dynamic endpoints in Kubernetes, enabling massively scalable connectivity with cloud-native zero-believe in stability for dynamic microservices endpoints as properly as more common software endpoints.

What makes Tetrate distinctive: Conventional wisdom would have you believe that that company meshes provide secure connectivity for east-west interactions (inside Kubernetes), whilst API gateways supply the exact same gains for north-south interactions (involving Kubernetes and non-Kubernetes endpoints). Tetrate is bringing these capabilities alongside one another into a solitary administration system that extends the connectivity and zero-have confidence in rewards of its company mesh to API interactions as very well.

The prevalent thread: apps

The shift is delicate, but apparent: There is a lot less of a problem for the software program infrastructure and a better emphasis on the apps that run on that infrastructure – deploying, taking care of and securing them.

Kubernetes could not very be portion of the qualifications sound of details engineering the way Linux and TCP/IP just before it have come to be, but it’s effectively on its way. There keep on being a few lacking pieces, and other initiatives are continue to tough all around the edges, but Kubernetes – and cloud-native computing in standard – are here to stay.

Jason Bloomberg is founder and president of Intellyx, which advises business leaders and engineering sellers on their electronic transformation tactics. He wrote this article for SiliconANGLE. (* Disclosure: Tetrate is an Intellyx consumer. None of the other organizations described in this post is an Intellyx shopper. The CNCF lined the author’s travel fees to KubeCon, a normal sector apply.)

Image: ArtTower/Pixabay

Show your help for our mission by joining our Dice Club and Dice Occasion Group of professionals. Join the local community that involves Amazon World wide web Solutions and CEO Andy Jassy, Dell Systems founder and CEO Michael Dell, Intel CEO Pat Gelsinger and many far more luminaries and authorities.

Next Post

Software For Your Busy Developers

In the world of 2022, software program growth teams are a critical portion of nearly every major company—meaning that it is critical they be equipped to function speedily and effectively.LinearB Inc., which is headquartered in Santa Monica and Tel Aviv, develops software aimed precisely at developers, giving them the applications […]