Industry executives and experts share their predictions for 2022. Read them in this 14th annual VMblog.com series exclusive.
Service Mesh Will Solidify Positioning in Cloud-Native Market
By William Morgan, co-founder & CEO,
Buoyant
The world of cloud native computing is rapidly maturing.
What was once a wild west of competing container orchestrators, conflicting
application design patterns, and an ever-shifting landscape of small projects
is now solidifying around a few key technologies. Most prominent among these,
of course, are a set of open source offerings hosted by the Cloud Native
Computing Foundation: projects like Kubernetes, Prometheus, Linkerd, and other
"graduation-tier" projects have coalesced from the fog of confusion
to become the pillars of most modern cloud native deployments.
But evolution in the space is far from over. The service
mesh, in particular, has come a long way since its (notoriously
marketing-heavy) beginnings, but continues to push both organizational and
technology boundaries, especially when it comes to security. Having been a part
of the service mesh space since its inception, here are my predictions on how
this space will evolve over the next year:
Prediction: The service mesh will solidify its role as a
critical component of the cloud native stack.
In 2022, service mesh adoption will continue to cross the
chasm from early adopters to majority adoption within the cloud native
ecosystem. This year, we saw widespread realization that "just throw it on
Kubernetes" is not enough for a functioning cloud native application, and
that the addition of a service mesh solves fundamental concerns about security,
observability, and reliability. Next year, these realizations will come to
their logical conclusion and the service mesh will become the norm, not the exception,
for Kubernetes applications.
Prediction: the choice of service mesh will be dominated
by operational concerns.
Clunky, Envoy-based service meshes will increasingly be
seen as a thing of the past. While early service mesh adopters were neophiles
who were enthusiastic about the technology for its own sake, the complexity of
running Envoy at scale often resulted in failure to actually adopt the
technology in practice. In 2022, appetite for memory-hungry and insecure C++
systems will be at an all-time low, and projects like Linkerd-which avoids
Envoy, opting instead to use a set of ultralight, minimalist Rust proxies-will
be the focal point for adoption. In 2022, increasing performance and reducing
operational complexity of the service mesh will be paramount, and simplicity
and performance will be the watchwords of the day.
Prediction: Zero-trust network security will rise to the
forefront of organizational security concerns.
As organizations fully adopt cloud native, the security
surface area of their applications will inevitably require rethinking. Old
approaches that rely on network identity, host-based network stacks, and
firewalls simply don't measure up to this new world, even when dressed up in
the fancy clothes of eBPF. Instead, the "zero trust" model of
security will become dominant, with strong workload identity rather than
network identity becoming the critical foundation. The service mesh, with its
focus on mutual TLS and on workload identity, will provide the most
forward-thinking solution here. I predict that we'll see security teams as well
as auditors themselves will place increasingly sophisticated demands on the
network security of their applications.
##
ABOUT THE AUTHOR
William Morgan is the CEO of Buoyant and creator of Linkerd. Prior to founding Buoyant, he was an infrastructure engineer at Twitter, where he ran several teams building on product-facing backend infrastructure. He has worked at Powerset, Microsoft, adap.tv, and MITRE Corp, and has been contributing to open source for over 20 years.