2017 in Review: Major Developments in the Container Ecosystem
From a “humble” $762 million in 2016, containers are predicted to grow faster than any other technology this year (as well as the next) and are on the way to become a $2.7B industry by 2020.
2016 was a big year for containers with new releases, funding announcements and strides in improving container security all around. 2017 has been an even greater year, with plenty of collaborations and announcements. Before we ring in 2018, let's look back at some of the highlights.
1. Kubernetes Grows Up
Kubernetes 1.8 and the more recent release of 1.9, demonstrate the great strides the open-source project made towards becoming a more mature technology.
Kubernetes 1.8 brought with it many exciting enhancements and refinements. Several critical security-related updates that had been under development or in beta for a while were officially released. Especially notable among these are the general availability of Roles Based Access Control (RBAC), the stable release CRI-O and improvements to the Kubernetes CLI, cluster stability, and service automation.
In addition, Kubernetes now supports increasingly complex classes of applications - enabling enterprise transition to both hybrid cloud and microservices. It allows enterprise customers to manage their software supply chain with more control over production deployments. In addition to functional improvements outlined above, Kubernetes is putting overall greater emphasis on maturing processes, formalizing architecture, and strengthening the Kubernetes governance model.
For a detailed overview of the release, read this blog where we cover Kubernetes 1.8 capabilities in detail.
The Kubernetes 1.9 release brings the stability advancement of the Apps Workloads API, removing any doubts potential adopters might have had about the functional stability required to run mission-critical workloads.
Another big update is the beta release of Windows support, allowing many Windows-specific applications and workloads to run in Kubernetes, thus expanding implementation scenarios and enterprise readiness. For more on this release, check out the Kubernetes blog.
2. Microsoft launches Azure Container Instances
Microsoft unveiled Azure Container Instances (ACI), a way to run and consume containers directly in Azure, eliminating the VMs provisioning altogether. ACI is a quick and simple way to deploy Linux containers in the cloud that doesn’t require excessive oversight or management.
This natural “next step” in the development of cloud-native containers, makes the whole process more efficient and scalable, while also making it possible to leverage Azure’s RBAC directly to govern access to containers.
The Azure Container Instances tool provides access to a container within seconds. Go to the Microsoft Azure blog to learn more.
Microsoft also announced a new ACI Connector for Kubernetes, an open source tool that enables Kubernetes clusters to deploy Azure Container Instances.
This means that runtime protection of containers is as critical than ever. To see how Aqua is ready to secure those Instances, read our blog.
3. Red Hat OpenShift to Support Windows Containers in 2018
Microsoft and RedHat are expanding their integration efforts. RedHat OpenShift leverages Docker containers as well as Kubernetes cluster management technologies. The highly anticipated integration will deliver the ability to run Windows Server containers using RedHat OpenShift. Several exciting initiatives, aimed at facilitating enterprise adoption of container technology, are expected to arrive in early 2018:
- Native Windows Server Container support on Red Hat OpenShift Container Platform
- Red Hat's OpenShift Dedicated solution for Microsoft Azure
- Integrated support for Red Hat Enterprise Linux workloads on Azure Stack
- SQL Server for Linux support for Red Hat Enterprise Linux and OpenShift
Microsoft's integration with its former Linux rival RedHat might have seemed "inconceivable" not such a long time ago, but the collaboration efforts between the two companies are driven by the needs of enterprise customers, who frequently use a combination of Windows and Linux technologies in their stack. The goal of the integration is a great stride towards simplifying container technologies adoption for enterprise customers, increasing agility and driving digital transformation through the use of hybrid cloud.
4. Docker Rolls Out Native Kubernetes Support
At this years DockerCon, in Copenhagen , Docker announced that they will support the Kubernetes container orchestrator. According to Docker founder Solomon Hykes, Docker is not abandoning Swarm. The adoption is all about enabling user choice by “letting users run Swarm or Kubernetes, or both.”
The integration will make life so much easier for the end users, and a guarantee of compatibility between Docker and Kubernetes components going forward is definitely reassuring. The announcement has sent ripples across the container community, and its implications are indeed far-reaching.
Since that announcement, it’s seems that everyone has taken “Vitamin K”. Pivotal were first this year with the launch of PKS for those who want to run Kubernetes clusters on the Pivotal PaaS.
Azure came off the fence in October to announce AKS (Azure Kubernetes Service and AWS wasn’t far behind with EKS, a Kubernetes service to rival its proprietary ECS.
5. Cloud Native Foundation adds 30 new members
In the last year, the foundation attracted 30 new members, including some of the biggest names in Tech, such as AWS, Oracle, Microsoft, VMware and Pivotal and Dell who all jumped on board. Dell is joining as a Platinum member - a $370k a year commitment.
The surge in membership shows that enterprises increasingly see open source and container technology as the key to agility in today’s environment. We at Aqua also joined earlier this year as silver partners.
6. Aqua continues to contribute to open source projects
Aqua continues to dedicate resources to improving and securing the container ecosystem. To this end, we create and maintain various open-source projects.
- Automating Kubernetes security checks with Kube-Bench - Kube-Bench automates the CIS Benchmark checks for Kubernetes deployment. It makes it easy for operators to verify that every single node in their Kubernetes cluster is configured in line container security best practices.
- Leveraging image metadata for automation with Manifesto - Manifesto is a command line tool for managing arbitrary metadata for a container image. Read a step-by-step explanation on our blog.
7. Amazon introduces AWS Fargate
Earlier this month, at re:Invent, Amazon announced the release of AWS Fargate, a technology that offers a way to deploy your containers on AWS without managing infrastructure.
With AWS Fargate, you can use containers as a fundamental compute primitive without having to manage the underlying instances. After building your container image, specifying the CPU and memory requirements, and defining your networking and IAM policies, you are ready to launch. In addition, Fargate offers flexible configuration options that closely match your application needs, and you’re billed with per-second granularity.
We at Aqua received an early preview and the opportunity to get our platform to protect containers running in AWS Fargate. Aqua can also protect against unexpected behavior at run-time - thus potentially preventing zero-day exploits too. Check out our blog to see how it’s done.
2017 has been about building bridges and enabling enterprise adoption of container technologies, microservices and the hybrid cloud. Enterprise customers increasingly see value in container technology and continue to commit to making the community stronger. All in all, it has been a great year for containers. 2018 promises to be an even more exciting year!