
Industry executives and experts share their predictions for 2018. Read them in this 10th annual VMblog.com series exclusive.
Contributed by Fei Huang, CEO, NeuVector
2018 Predictions on Containers, Kubernetes, and Security
1. Enterprises migrate to
containers in production - at the edge, and cautiously.
Virtually
all enterprises will have a container project in production by the end of 2018.
However, most of these will be small deployments used to first explore the
technologies, and then refine the pipeline from there. Larger issues around
processes, people, and automation will prevent many enterprises from moving
into containers at a large scale. Early adopters in the usual industries such
as financial services will try to move quickly, but typical laggards like
consumer goods and retail will find that they can benefit more quickly from
containers and try to move into them aggressively.
2. Automated CI/CD pipelines will
continue to require many manual steps.
The
promise of a fully automated CI/CD pipeline will remain, well, a pipe dream for
most companies. The technology will continue to not really be mature and
widespread enough to meet the fully automated threshold, still requiring a lot
of "glue" to script or code things together. In addition, enterprises will not yet
be set up and empowered to integrate pipeline components - the restructuring of
organizational silos and processes needed to support this will still be in the
future.
3. Serverless computing
remains hype - and impractical for the enterprise.
For most
enterprises with business critical applications, not having some visibility into
(and control over) server infrastructure is scary. Given the continuing rise in
data breaches and attacks, enterprises require a greater level of
accountability, visibility, security, and control. But it will take beyond 2018
for providers to develop the tools and trust to make it happen.
4. Hackers will continue to
run free, terrorizing enterprises and consumers.
Some
things never change, even though new security tools are constantly being
developed. With the rush into containers and microservices, new threats and
attack techniques will arrive in tandem, requiring changes to applications and the
way security is deployed. Security technology will require behavioral learning capabilities
to keep up with these changes, and will also need to apply traditional deep
packet inspection (DPI) techniques to container traffic to detect zero-day
exploits. At NeuVector, we're addressing this need into 2018 by developing new learning
algorithms, and by adding traditional firewall features to create the new type
of cloud-native container firewall that these threats call for.
5. Kubernetes reigns supreme,
dominating all orchestration tools.
With the
maturing feature set demonstrated by Kubernetes 1.7 and 1.8 - as well as
support from Red Hat OpenShift, Rancher, Mesosphere, IBM, and others - there's
just no way an enterprise can ignore the huge push behind Kubernetes. Into 2018,
these enterprise features will only accelerate and mature, leaving alternatives
in the dust. The big question mark is Docker's EE, which would be the remaining
contender for tool selection. I predict there still will be a loyal Docker
customer base that will continue going with Docker all the way, including some
large and prominent enterprises. Regardless of the scorecard, at NeuVector our
2018 plan is to continue to automate security policy creation and enhance the
network visibility for each of these platform leaders.
6. The first multi-cloud
container deployments will go into production.
Trust in
services such as AWS will remain high, but enterprises will always be concerned
about vendor lock-in. The abstraction provided by containers and their
orchestration tools makes it possible - and in some cases preferable - to be
able to deploy services across multiple clouds, and this is exactly what
enterprises will do more of in the coming year.
##
About the Author
Fei Huang is CEO at NeuVector, a Docker container network
security solution that uses behavioral learning to secure containers during
run-time. Fei has over 20 years of experience in enterprise security,
virtualization, cloud and embedded software. He was part of the founding team
of Cloudvolumes (acquired by VMware) and cofounder of Provilla, a DLP security
company (acquired by TrendMicro). Fei holds several patents in security,
virtualization and software architecture.