As we wrap 2022 and look to 2023, here are a round up of cloud native and Kubernetes predictions by the Fairwinds team: Bill Ledingham, Andy Suderman, Robert Brennan and Kendall Miller.
FinOps was on the rise in 2022 as more companies looked to understand cloud consumption. And while many organizations may have dabbled in FinOps, as organizations look to cut costs in 2023 to make it through economic uncertainty, we’ll see the need for FinOps rise. The continued trend towards cloud adoption and increased spending calls for organizations to get cloud costs better under control. More companies will put together a FinOps team of stakeholders on the technical and business side to drive consumption changes.
There will be an increasing amount of spend going into Kubernetes clusters as opposed to spending directly on EC2 instances, for example. That means for Kubernetes users, it will become extremely important to gain visibility into rightsizing opportunities so that cloud consumption can be optimized based on Kubernetes workloads, namespaces and labels.
The “everything moves towards developers” movement otherwise known as “shift-left” will continue to take hold in 2023. We’ve seen it as marketing-buzz over the last two years, but the reality is more developers are being asked to do everything i.e. build the application, secure it, right-size cloud usage. The only way to make this possible is to integrate shift-left tooling within the technology developers already know and love. It will enable “service ownership”, the ability for developers to “code it, ship it, own it.” Platform engineering teams will spend more time in 2023 selecting tools to help make service ownership a reality and free up time for their teams to innovate.
This may sound obvious, but security will continue to be a problem - it’s not getting any better. There is still not enough coordination between security and development teams i.e. DevSecOps to truly improve the security posture at many organizations.
Network policy has lagged behind other security considerations, like container and configuration scanning. In 2023, we think more organizations will begin adopting network policy as a way to secure their Kubernetes environments, and minimize the blast radius of an attack.
The Kubernetes adoption trend will continue in 2023 and, as such, the requirement for Kubernetes guardrails will go mainstream. With increased usage, DevOps will require the same level of policy that’s in place with other technologies across the business. Implementing Kubernetes guardrails will become essential to improve security and the reliability of applications all while optimizing cloud usage.
Unfortunately there is just not enough time in the day or resources to do everything. 2023 will see the increased adoption of automation throughout cloud native to improve security and cost. Automation will drive improvements so people can spend more time on innovative activities, and may drive tool consolidation to bring environments under control.
Additionally, automation will play an important role in bringing cloud spend under control. Companies can’t keep making time intensive, costly and highly inaccurate manual adjustments so they will turn to automation for certain pieces of the puzzle.
An open source platform itself, Kubernetes usage and associated open source technologies are now prevalent in many enterprise organizations. And while open source adoption has become normalized, security, however, has historically been provided at a higher level for proprietary software purchases. In 2023, we’ll see more companies adopt open source security tooling to secure Kubernetes.
However, with this increased usage, we may see the number of open source supply chain attacks increase as projects accidentally publish packages with vulnerabilities. This will be a double-edge sword that companies need to consider.
We’ve seen cloud providers continue to add open source integrations to their managed Kubernetes offerings. This trend will continue with more functionality on a regular basis. The challenge for end-users is lock in. In 2023, you’ll need to pay close attention and be cautious on what you adopt from the cloud provider vs. where you use from a third-party provider.