KubeCon 2022: Key Trends Include WebAssembly, FinOps, and Security

C. Dunlap Research Director

Summary Bullets:

• WebAssembly is the industry’s latest buzzword, but with some substance for its ability to disrupt coding in modern web browsers.

• Not surprisingly, important themes including security, observability, and FinOps continued to dominate the conference and digitization initiatives in general.

The rising use of Kubernetes as enterprises strive for app modernization continues to drive advancements in emerging DevOps technologies. During the 2022 Cloud Native Computing Foundation (CNCF) conference, KubeCon, key technology themes included observability, application security, and FinOps (not surprisingly). Newer technologies such as WebAssembly caused a stir among show attendees.

Following is a recap of these themes. For a deeper dive into the technologies and participants, please see: “KubeCon 2022: Rise of Kubernetes Drives New Cost Management, Monitoring, and Security Methods,” November 4, 2022.

WebAssembly is the industry’s latest buzzword associated with app development – i.e., technology that is receiving growing importance among developers. The modern web browser technology, also called Wasm, supports multiple programming languages such as C/C++/C#, Python, Rust, Go, and Swift, offering developers an entirely new realm in which to write code. It promises to support high levels of security, although that point remains debatable among industry participants (and conference attendees). It is also designed to support high-performance applications and is able to provide a more robust cloud management of apps at scale on the same cloud infrastructure. Companies are already beginning to stake a claim in this space. In fact, Figma represents a vendor using WebAssembly for its high-powered graphics (notable because Adobe recently acquired Figma for $20 billion).

  • Fermyon highlighted its WebAssembly solution during the conference, claiming improved security and application performance. The startup is particularly notable for its technology partnership with Microsoft, which supports Fermyon Spin for its Azure Kubernetes Service platform.
  • Docker announced a technical preview of WebAssembly aimed at easing app development targeting Wasm runtimes. The company noted the technology’s importance at the edge for making smaller apps run faster.

Within newly distributed application architectures, FinOps initiatives are growing in importance for helping companies rein in the complexities of managing multi-cluster Kubernetes deployments at scale. DevOps teams are looking to verify that modern applications are being deployed in the most efficient and cost-effective manner. Ensuring this level of insight and best practices into how resources are being allocated, consumed, and managed is not easily achieved, however, making it difficult to effectively economizing new digitization investments. A number of startups and providers gathered at KubeCon help to raise more awareness in this space.

  • Apptio recently released a planning and management tool to improve partner collaboration during the demand planning process.
  • Sysdig, a container security and monitoring/observability provider, is adding FinOps features into its solution to offer customers a resource planning perspective associated with CPU and memory allocations.

The observability market continues to gain attention among enterprises looking for a more modern monitoring stack. Ops teams are grappling with the move from monolithic apps to microservices where various service components within a single app must be secured and managed. A slew of vendors are emerging in this space.

  • Grafana Labs announced a telemetry OSS project called Grafana Faro for frontend app observability. It includes a web SDK to instrument web apps to capture observability signals – i.e., information that can be correlated with backend and infrastructure data for more comprehensive observability.
  • StormForge, a Kubernetes performance testing and optimization provider, recently announced Kubernetes pod autoscaling to improve the performance and efficiency of apps in production. The technique leverages StormForge’s ML advancements for automating some of the decision-making process to ensure the necessary scale to run apps properly and minimize resource usage and costs.
  • Selector leverages AI to enhance customers’ current monitoring solutions through its network and application observability offerings to help improve network/infrastructure up-time. The idea is to reduce the meantime to detect/repair issues associated with the network and applications.
  • Chronosphere is aiming to curb the overwhelming amount of data customers are being pressed to ingest via its cloud native observability platform announced during the conference. New features including Query Accelerator and Workspaces to provide remediation support and improve engineering teams’ productivity.

Application Security
Enterprises face significant transformative challenges in implementing a DevSecOps methodology. Security, unsurprisingly, remains one of the core themes of Kubernetes and digitization in general. Traditional infrastructure and platforms providers are formalizing their strategies in this space.

  • Cisco announced its addition of serverless computing support to its security strategy, branded FunctionClarity, a new framework used to sign and validate serverless functions. Additionally, API Insights aims to improve API security during the app development process by ensuring API compliance and best practices.
  • Red Hat is evolving its advanced multi-cluster container security strategy via its acquisition of StackRox, available within the company’s premier edition (released in 2021) called OpenShift Plus. It includes cluster security/management, a global registry (called Quay), and container tools as part of a mature and comprehensive Kubernetes platform.
  • VMware highlighted its new Project Narrows, a runtime container security integrated with OSS technology Harbor Registry. It helps developers improve the security posture of Kubernetes clusters through dynamic scanning of workloads during runtime to help determine vulnerabilities early on.

What do you think?

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.