The Cloud Native Computing Foundation (CNCF) surveyed attendees at CloudNativeCon+ KubeCon in late 2016 on a range of topics related to container management and orchestration. In a previous blog, we examined the implications of survey results, in particular how Kubernetes had advanced from the test bench to real-world production deployments in the course of the preceding year.
An equally interesting data set coming out of that survey, and from earlier surveys conducted by Google, highlighted challenges respondents faced as as they increasingly used and deployed applications with containers. Respondents could include multiple topics in their responses, and in the earlier Google surveys, also insert freeform commentary.
Figure 1. Summarizes the three response sets from the CloudNativeCon + KubeCon (Nov. ’16) and previous Google surveys (June and March ’16):
Characterizing the challenges
Let’s take a moment to examine the leading concerns in the survey, and also in the earlier ones:
Networking – 50 percent of CloudNativeCon + KubeCon respondents pointed to “networking” as their greatest challenge. Those who articulated their concerns further focused on:
- Debugging network connectivity, especially across managed containers and containers deployed on geographically disparate clouds
- More configurable and secure networking with multi-tenancy
Cloud native networking certainly appeals to networking engineers as well as a growing number of developers who increasingly find it a part of their daily work. In this recent CNCF webinar, Christopher Liljenstolpe, CTO of Tigera and Founder orProject Calico, and Brian Boreham, Director of Engineering, Weaveworks, dive into networking for containers and microservices.
Security – as production deployment increases, so do security risks, in particular for containers hosting execution of Internet- and customer-facing applications. With 42 percent of CloudNativeCon + KubeCon respondents highlighting security, specific concerns included:
- Applying security patches and updates to container contents
- Network isolation and secure isolation/communication among managed containers
- Understanding the scope of potential attack surfaces
Storage & resource management
– “storage” led the responses for the earlier Google surveys, and almost half (42 percent) of respondents at CloudNativeCon + KubeCon still voiced concerns in this area:
- Lack of appropriate and accessible network storage
- Secure and standards-compliant network storage (e.g., for HIPAA)
- Persistent and performant storage
- Meeting legacy storage requirements and storage portability
- Better load management
- Standardization of / patterns for file systems and container layouts
Complexity
– 39 percent of CloudNativeCon + KubeCon respondents with the above concerns also cited “complexity” as a challenge, and certainly issues with networking, security and storage contribute to these concerns.
Logging and monitoring – also high on respondents’ list of concerns at 42 percent was logging and monitoring, in particular:
- The need for more detailed k8s manifests
- More insight into operational metrics
- More robust application logging capabilities
Meeting the challenges
The challenges posed by respondents are being addressed incrementally by CNCF project developers and the container management ecosystem. In particular, CNCF projects that address the above technical hurdles in networking, security and storage, and also logging, tooling and automation, and beyond, include:
 Linkerd | Resilient service mesh for cloud native apps, including a transparent proxy that adds service discovery, routing, failure handling, and visibility to modern software applications.Learn more at https://linkerd.io/ |
 Fluentd | A data collector for unified logging layer. Fluentd lets you unify data collection and consumption for a better use and understanding of data.Learn more at http://www.fluentd.org/ |
 Kubernetes | Kubernetes itself focuses on automating deployment, scaling, and management of containerized applications. It groups containers that make up an application into logical units for easy management and discovery.Learn more at https://kubernetes.io/ |
 Prometheus | A systems monitoring and alerting toolkit with a very active developer and user community. Prometheus works well for recording numeric time series. It fits both machine-centric monitoring as well as monitoring of highly dynamic service-oriented architectures.Learn more at https://prometheus.io/ |
The CNCF Cloud Native Landscape Project categorizes many of the most popular projects and startups in the cloud native space. This is another resource where people can find technologies that might help solve their technical challenges. It is under development by CNCF, Redpoint and Amplify.
Learn more about all CNCF projects at https://www.cncf.io/projects.